Compare commits

..

16 Commits

Author SHA1 Message Date
5292606ad1 Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 14:59:09 +00:00
ce92965408 Update 'Dockerfile'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 14:45:58 +00:00
fa3143cc76 Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 14:34:52 +00:00
25468e31ed Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 14:31:54 +00:00
a1bc7ddf2d Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 14:28:41 +00:00
6f040ff03b Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 14:09:07 +00:00
92a9f8093f Update 'Dockerfile'
Some checks reported errors
continuous-integration/drone/push Build encountered an error
2023-10-31 14:08:09 +00:00
2265388f6c Update '.drone.yml'
Some checks reported errors
continuous-integration/drone/push Build encountered an error
2023-10-31 14:07:50 +00:00
089c872190 Update 'Dockerfile'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 13:57:38 +00:00
0a2f6e4e7a Update 'Dockerfile'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 13:56:11 +00:00
85e3359831 Update 'Dockerfile'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 13:50:59 +00:00
e165d3b2cd Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 13:48:32 +00:00
a37832dafc Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 13:43:08 +00:00
9ae93d1da9 Update '.drone.yml'
Some checks failed
continuous-integration/drone/push Build is failing
2023-10-31 13:37:22 +00:00
b0050312a8 Add '.drone.yml'
Some checks reported errors
continuous-integration/drone Build encountered an error
2023-10-31 13:30:21 +00:00
cb932adbb2 Update 'internal/federationdomain/oidc/oidc.go' 2023-10-31 13:18:01 +00:00
5 changed files with 30 additions and 8 deletions

19
.drone.yml Normal file
View File

@ -0,0 +1,19 @@
kind: pipeline
type: kubernetes
name: Container
steps:
- name: build & publish
image: spritsail/docker-build
context: .
settings:
repo: bv11-cr01.bessems.eu/library/pinniped-server
registry: bv11-cr01.bessems.eu
tags: latest
build_args:
- BUILDPLATFORM=linux/amd64
mtu: 1450
username:
from_secret: harbor_username
password:
from_secret: harbor_password

View File

@ -4,7 +4,7 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# Prepare to cross-compile by always running the build stage in the build platform, not the target platform. # Prepare to cross-compile by always running the build stage in the build platform, not the target platform.
FROM --platform=$BUILDPLATFORM golang:1.21.3 as build-env FROM --platform=linux/amd64 golang:1.21.3 as build-env
WORKDIR /work WORKDIR /work

4
go.mod
View File

@ -38,7 +38,7 @@ require (
github.com/spf13/cobra v1.7.0 github.com/spf13/cobra v1.7.0
github.com/spf13/pflag v1.0.5 github.com/spf13/pflag v1.0.5
github.com/stretchr/testify v1.8.4 github.com/stretchr/testify v1.8.4
github.com/tdewolff/minify/v2 v2.20.4 github.com/tdewolff/minify/v2 v2.20.1
go.uber.org/zap v1.26.0 go.uber.org/zap v1.26.0
golang.org/x/crypto v0.14.0 golang.org/x/crypto v0.14.0
golang.org/x/net v0.17.0 golang.org/x/net v0.17.0
@ -132,7 +132,7 @@ require (
github.com/spf13/jwalterweatherman v1.1.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/stoewer/go-strcase v1.2.0 // indirect github.com/stoewer/go-strcase v1.2.0 // indirect
github.com/subosito/gotenv v1.4.0 // indirect github.com/subosito/gotenv v1.4.0 // indirect
github.com/tdewolff/parse/v2 v2.7.2 // indirect github.com/tdewolff/parse/v2 v2.7.1 // indirect
go.etcd.io/etcd/api/v3 v3.5.9 // indirect go.etcd.io/etcd/api/v3 v3.5.9 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.9 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.9 // indirect
go.etcd.io/etcd/client/v3 v3.5.9 // indirect go.etcd.io/etcd/client/v3 v3.5.9 // indirect

8
go.sum
View File

@ -482,10 +482,10 @@ github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXl
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
github.com/subosito/gotenv v1.4.0 h1:yAzM1+SmVcz5R4tXGsNMu1jUl2aOJXoiWUCEwwnGrvs= github.com/subosito/gotenv v1.4.0 h1:yAzM1+SmVcz5R4tXGsNMu1jUl2aOJXoiWUCEwwnGrvs=
github.com/subosito/gotenv v1.4.0/go.mod h1:mZd6rFysKEcUhUHXJk0C/08wAgyDBFuwEYL7vWWGaGo= github.com/subosito/gotenv v1.4.0/go.mod h1:mZd6rFysKEcUhUHXJk0C/08wAgyDBFuwEYL7vWWGaGo=
github.com/tdewolff/minify/v2 v2.20.4 h1:rN2rooMxvJKDXdwpNsdHrCduSyBG+vMBs7wbAVpF/SM= github.com/tdewolff/minify/v2 v2.20.1 h1:ARmlyj4gJYXNrPtdatTR9gMusp3AciwZA5o/qYtFbow=
github.com/tdewolff/minify/v2 v2.20.4/go.mod h1:AMF0J/eNujZLDbfMZvWweg5TSG/KuK+/UGKc+k1N8/w= github.com/tdewolff/minify/v2 v2.20.1/go.mod h1:spLa6hfzR2CXXPV92kcHpziPsOobxB7IFov+8k5l5NY=
github.com/tdewolff/parse/v2 v2.7.2 h1:9NdxF0nk/+lPI0YADDonSlpiY15hGcVUhXRj9hnK8sM= github.com/tdewolff/parse/v2 v2.7.1 h1:gdImkv0sIupYr/cXAu5s+CxfVpxMdYZX2Qr+5Q+RdF8=
github.com/tdewolff/parse/v2 v2.7.2/go.mod h1:9p2qMIHpjRSTr1qnFxQr+igogyTUTlwvf9awHSm84h8= github.com/tdewolff/parse/v2 v2.7.1/go.mod h1:9p2qMIHpjRSTr1qnFxQr+igogyTUTlwvf9awHSm84h8=
github.com/tdewolff/test v1.0.10 h1:uWiheaLgLcNFqHcdWveum7PQfMnIUTf9Kl3bFxrIoew= github.com/tdewolff/test v1.0.10 h1:uWiheaLgLcNFqHcdWveum7PQfMnIUTf9Kl3bFxrIoew=
github.com/tdewolff/test v1.0.10/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE= github.com/tdewolff/test v1.0.10/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE=
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=

View File

@ -144,7 +144,10 @@ func FositeOauth2Helper(
RefreshTokenLifespan: timeoutsConfiguration.RefreshTokenLifespan, RefreshTokenLifespan: timeoutsConfiguration.RefreshTokenLifespan,
ScopeStrategy: fosite.ExactScopeStrategy, ScopeStrategy: fosite.ExactScopeStrategy,
EnforcePKCE: true, // The only public client is pinniped-cli, so this combination of PKCE settings requires PKCE for the
// pinniped-cli client and does not require PKCE for any dynamically configured OIDCClients.
EnforcePKCE: false,
EnforcePKCEForPublicClients: true,
// "offline_access" as per https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess // "offline_access" as per https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess
RefreshTokenScopes: []string{oidcapi.ScopeOfflineAccess}, RefreshTokenScopes: []string{oidcapi.ScopeOfflineAccess},