djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • ff49647de4
         Add some missing test logs in test/library/client.go. Matt Moyer 2020-12-15 12:26:33 -0600
  • e0eba9d5a6
         Refactor library.CreateTestJWTAuthenticator() so we can also use the supervisor as an upstream. Matt Moyer 2020-12-15 12:25:31 -0600
  • 5ad3c65ae1
         Close the right pipe output in runPinnipedLoginOIDC. Matt Moyer 2020-12-15 12:24:28 -0600
  • aca9af748b
         Cleanup TestSuccessfulCredentialRequest and TestCLILoginOIDC a little. Matt Moyer 2020-12-15 12:23:52 -0600
  • 8cdcb89cef
         Add a library.PinnipedCLIPath() test helper, with caching. Matt Moyer 2020-12-15 12:19:42 -0600
  • 70fd330178
         Add library.CreateTestClusterRoleBinding test helper. Matt Moyer 2020-12-15 11:49:45 -0600
  • ad5e257600
         Add a library.RandHex() test helper. Matt Moyer 2020-12-15 11:47:04 -0600
  • 4088793cc5
         Add a .ProxyEnv() helper on the test environment. Matt Moyer 2020-12-15 11:45:40 -0600
  • b6edc3dc08
         Replace TestCLIGetKubeconfig with TestCLIGetKubeconfigStaticToken. Matt Moyer 2020-12-14 18:42:02 -0600
  • fe4e2d620d
         Update TestCLIGetKubeconfig to ignore stderr output from get-kubeconfig. Matt Moyer 2020-12-14 13:25:03 -0600
  • f9691208d5
         Add library.NewRestConfigFromKubeconfig() test helper. Matt Moyer 2020-12-14 18:41:11 -0600
  • 71850419c1
         Overhaul pinniped CLI subcommands. Matt Moyer 2020-12-14 18:38:19 -0600
  • dfbb5b60de
         Remove pinniped get-kubeconfig CLI subcommand. Matt Moyer 2020-12-14 18:37:32 -0600
  • 3b5f00439c
         Remove pinniped exchange-credential CLI subcommand. Matt Moyer 2020-12-11 15:48:50 -0600
  • 9b7fe01648
         Add a new ./pkg/conciergeclient package to replace ./internal/client. Matt Moyer 2020-12-11 15:28:19 -0600
  • 2e784e006c
         Merge remote-tracking branch 'upstream/main' into secret-generation Andrew Keesler 2020-12-15 13:24:33 -0500
  • 08cf2f7cd1
         Merge pull request #284 from ankeesler/oidcprovider-enum-values Andrew Keesler 2020-12-15 13:23:16 -0500
  • be4e34d0c0
         Retry a couple of times if we fail to get a token from the Supervisor Andrew Keesler 2020-12-15 11:30:06 -0500
  • 50f9b434e7
         SameIssuerHostMustUseSameSecret is a valid OIDCProvider status Andrew Keesler 2020-12-15 11:00:44 -0500
  • 43bb7117b7 Allow upstream group claim values to be either arrays or strings Ryan Richard 2020-12-15 08:34:24 -0800
  • 7320928235
         Get rid of TODOs in code by punting on them Andrew Keesler 2020-12-15 09:58:23 -0500
  • d2498c96e0
         Merge remote-tracking branch 'upstream/main' into secret-generation Andrew Keesler 2020-12-15 09:27:23 -0500
  • 82ae98d9d0
         Set secret names on OIDCProvider status field Andrew Keesler 2020-12-15 09:13:01 -0500
  • 60d4a7beac
         Test more filters in SupervisorSecretsController (see 6e8d564013) Andrew Keesler 2020-12-15 07:58:33 -0500
  • 9a3e60d4df
         go.mod: unnecessary dependency slipped in (c3f73ff) Andrew Keesler 2020-12-15 07:56:31 -0500
  • e03e344dcd SecretHelper depends less on OIDCProvider aram price 2020-12-14 19:35:45 -0800
  • bf86bc3383 Rename for clarity aram price 2020-12-14 18:36:56 -0800
  • 16dfab0aff token_handler_test.go: Add tests for username and groups custom claims Ryan Richard 2020-12-14 18:27:14 -0800
  • b799515f84 Pull symmetricsecrethelper package up to generator aram price 2020-12-14 17:38:01 -0800
  • 417e6b1fee
         Merge pull request #282 from vmware-tanzu/security-headers Ryan Richard 2020-12-14 17:22:09 -0800
  • afcd5e3e36 WIP: Adjust subject and username claims Margo Crawford 2020-12-14 17:05:53 -0800
  • b1ee434ddf Rename in preparation for refactor aram price 2020-12-14 16:23:17 -0800
  • 6e8d564013 Test filters in SupervisorSecretsController aram price 2020-12-14 16:08:48 -0800
  • 16907e4453 Add Cache-Control, Pragma, Expires, and X-DNS-Prefetch-Control headers Ryan Richard 2020-12-14 15:28:32 -0800
  • 9c79adcb26 Rename and move some code to perpare for refactor Andrew Keesler 2020-12-14 14:24:13 -0800
  • 5b7a86ecc1
         Integration test for Supervisor secret controllers Aram Price 2020-12-14 15:53:12 -0500
  • cae0023234
         Merge remote-tracking branch 'upstream/main' into secret-generation Andrew Keesler 2020-12-14 11:44:01 -0500
  • 2f28d2a96b
         Synchronize the OIDCProvider secrets cache Andrew Keesler 2020-12-14 11:32:11 -0500
  • e3ea141bf3
         Reuse helper filter in generic secret gen controller Andrew Keesler 2020-12-14 10:37:27 -0500
  • b043dae149
         Finish first implementation of generic secret generator controller Andrew Keesler 2020-12-14 10:36:45 -0500
  • 3ca877f1df
         WIP - preliminary OIDCProviderSecrets controller aram price 2020-12-11 20:49:10 -0800
  • 3e31668eb0
         Refactor some utilitiy methods for sharing. aram price 2020-12-11 20:48:45 -0800
  • 9e2213cbae
         Rename for clarity aram price 2020-12-11 16:05:08 -0800
  • a5c07042c1
         Merge pull request #279 from vmware-tanzu/fosite-settings Ryan Richard 2020-12-11 18:19:50 -0800
  • 7cda6628a6
         Merge branch 'main' into fosite-settings Ryan Richard 2020-12-11 18:19:37 -0800
  • 020fbcf190 Adjust some expectations about the state and nonce lengths Ryan Richard 2020-12-11 17:39:58 -0800
  • 791c50fd33
         Merge pull request #278 from vmware-tanzu/fosite-storage-gc Ryan Richard 2020-12-11 17:17:15 -0800
  • 2a19dd0d2e Pass prompt through to upstream login request Margo Crawford 2020-12-11 17:13:27 -0800
  • ded28dff15 Update the fosite settings Margo Crawford 2020-12-11 16:15:50 -0800
  • baa1a4a2fc Supervisor storage garbage collection controller enabled in production Ryan Richard 2020-12-11 15:21:34 -0800
  • 022dcd1909
         Update secretgenerator controller after synchronous review Andrew Keesler 2020-12-11 15:37:10 -0500
  • e2aad48852
         internal/oidc/dynamiccodec: loosen test to reduce flakes Andrew Keesler 2020-12-11 11:46:24 -0500
  • e17bc31b29
         Pass CSRF cookie signing key from controller to cache Andrew Keesler 2020-12-11 11:11:49 -0500
  • 22c5b102ed
         internal/downward: add support for (optional) pod name Andrew Keesler 2020-12-11 10:57:20 -0500
  • 0246e57d7f
         Set lifespans on state and CSRF cooking encoding Andrew Keesler 2020-12-11 11:11:10 -0500
  • 9460b08873
         Use just-in-time HMAC signing key fetching in our Fosite config Andrew Keesler 2020-12-11 11:01:07 -0500
  • ed9b3ffce5 Add controller for garbage collecting secrets Margo Crawford 2020-12-10 17:34:05 -0800
  • a3285fc187 Fix variable / package name collision aram price 2020-12-10 17:28:47 -0800
  • e1173eb5eb manager.Manager is initialized with secret.Cache aram price 2020-12-10 17:27:02 -0800
  • 72bc458c8e Manager uses secret.Cach with hardcoded values aram price 2020-12-10 17:18:02 -0800
  • e067892ffc Add secret.Cache to hold crypto inputs Andrew Keesler 2020-12-10 13:54:02 -0800
  • 2f87be3f94 Manager uses dynamiccodec.Codec for cookie encoding aram price 2020-12-10 11:35:32 -0800
  • 1291380611 dynamiccodec.Codec uses securecookie.JSONEncoder Andrew Keesler 2020-12-10 11:34:39 -0800
  • ccac124b7a Fix broken test aram price 2020-12-10 11:29:13 -0800
  • d8212d1337 Whitespace Andrew Keesler 2020-12-10 11:01:03 -0800
  • 030edaf72d KeyFunc no longer uses multi-value return aram price 2020-12-10 10:51:15 -0800
  • c3f73ffb57 Check in some musings on a symmetric key generator controller Andrew Keesler 2020-12-10 11:54:36 -0500
  • 3e112fb1ac internal/oidc/dynamiccodec: first draft Andrew Keesler 2020-12-10 09:37:06 -0500
  • afd216308b KubeStorage annotates every Secret with garbage-collect-after timestamp Ryan Richard 2020-12-10 14:47:58 -0800
  • b0c354637d WIP passing lifetime through to storage, unit tests are failing Margo Crawford 2020-12-10 12:15:40 -0800
  • c001bb876e
         Merge pull request #275 from vmware-tanzu/fosite-storage-gc-prefactor Ryan Richard 2020-12-10 10:50:29 -0800
  • 3c6d1a1924 Merge branch 'main' into fosite-storage-gc Ryan Richard 2020-12-10 10:45:26 -0800
  • 6f40dcb471 Increase the RefreshTokenSessionStorageLifetime Margo Crawford 2020-12-10 10:44:27 -0800
  • a561fd21d9 Consolidate the supervisor's timeout settings into a single struct Ryan Richard 2020-12-10 10:14:54 -0800
  • 40c9e8472c
         Merge pull request #272 from mattmoyer/default-cli-scopes Matt Moyer 2020-12-10 11:41:22 -0600
  • 0337771dbf
         Check in some musings on a symmetric key generator controller Andrew Keesler 2020-12-10 11:54:36 -0500
  • e7338da3dc
         Tweak default CLI --scopes parameter to match supervisor use case. Matt Moyer 2020-12-10 10:33:43 -0600
  • 0c52739997
         Merge pull request #271 from mattmoyer/fix-cli-content-type-parsing Matt Moyer 2020-12-10 10:46:10 -0600
  • 9d3c98232b
         Fix bug in handling response content-type in oidcclient. Matt Moyer 2020-12-10 10:09:42 -0600
  • 5a0918afde
         Merge pull request #270 from mattmoyer/default-cli-client-id Matt Moyer 2020-12-10 10:12:28 -0600
  • 4395d5a0ca
         Add a default --client-id in pinniped login oidc command. Matt Moyer 2020-12-10 09:46:07 -0600
  • 6475323f54
         internal/oidc/dynamiccodec: first draft Andrew Keesler 2020-12-10 09:37:06 -0500
  • d83927ae75
         Merge pull request #268 from vmware-tanzu/secret-generation-prefactor Andrew Keesler 2020-12-10 08:39:32 -0500
  • 86c75b7a80 CSRF cookie is no longer encrypted aram price 2020-12-09 17:29:44 -0800
  • f1f8ffa456 Distinct Encoder's use distinct keys aram price 2020-12-09 17:26:48 -0800
  • 4a5f8e30a8 Use distinct Encoder for state and csrf data aram price 2020-12-09 17:24:12 -0800
  • e111ca02da Use the narrowest possible interface aram price 2020-12-09 17:20:57 -0800
  • 6ec3589112 Use recorder Cookies() helper aram price 2020-12-09 16:29:25 -0800
  • 2ddba8d825
         Merge pull request #267 from vmware-tanzu/token-exchange-endpoint Margo Crawford 2020-12-09 17:13:28 -0800
  • 218f27306c Integration test for refresh grant Margo Crawford 2020-12-09 17:07:37 -0800
  • fde2e6fa97 Merge remote-tracking branch 'origin/main' into token-exchange-endpoint Margo Crawford 2020-12-09 15:22:54 -0800
  • 4d82ec1283
         Merge pull request #262 from vmware-tanzu/token-refresh Ryan Richard 2020-12-09 15:22:02 -0800
  • 5b7c510577 Fixed error handling for token exchange when openid scope missing Ryan Richard 2020-12-09 15:15:50 -0800
  • 0abadddb1a token_handler_test.go: modify a test about refresh request scopes param Ryan Richard 2020-12-09 15:03:52 -0800
  • 5f6e7de785 Merge branch 'token-refresh' into token-exchange-endpoint Margo Crawford 2020-12-09 14:56:41 -0800
  • 64631d5780 token_handler_test.go: add even more test cases for refresh grant Ryan Richard 2020-12-09 14:53:39 -0800
  • 0386658d26 token_handler_test.go: add more test cases for refresh grant Ryan Richard 2020-12-09 14:12:00 -0800
  • 167d440b65
         Remove this unneccesary go113 nolint directives. Matt Moyer 2020-12-09 14:51:27 -0600
  • 3e6ebab389
         Clean up TestTokenExchange a bit. Matt Moyer 2020-12-09 14:49:44 -0600
  • f90b5d48de
         Merge branch 'token-refresh' of github.com:vmware-tanzu/pinniped into token-exchange-endpoint Matt Moyer 2020-12-09 14:46:57 -0600