djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Commit Graph

  • 9419b7392d
         WIP: start to validate ID token returned from token endpoint Margo Crawford 2020-12-02 16:26:47 -0500
  • 09e6c86c46
         token_handler.go: complete some TODOs and strengthen double auth code test Andrew Keesler 2020-12-02 15:14:01 -0500
  • 7e78c9322c Remove duplicate documentation images from the repo and change all links to point to the Hugo site Rajat Goyal 2020-12-02 23:57:34 +0530
  • 31810a97e1 Remove duplicate docs from the repo and change all links to point to the Hugo site Rajat Goyal 2020-11-22 20:14:02 +0530
  • 8e4c85d816
         WIP: get linting and unit tests passing after token endpoint first draft Andrew Keesler 2020-12-02 11:16:02 -0500
  • 970be58847
         token_handler.go: first draft of token handler, with a bunch of TODOs Andrew Keesler 2020-12-01 16:25:12 -0500
  • d60c184424 Add pkce and openidconnect storage Margo Crawford 2020-12-01 17:18:32 -0800
  • f38c150f6a Finished tests for pkce storage and added it to kubestorage Ryan Richard 2020-12-01 14:53:22 -0800
  • c8eaa3f383 WIP towards using k8s fosite storage in the supervisor's callback endpoint Margo Crawford 2020-12-01 11:01:23 -0800
  • be8f11fe5a
         Merge pull request #246 from mattmoyer/build-on-go-1.14 Matt Moyer 2020-11-30 17:38:19 -0600
  • b272b3f331
         Refactor oidcclient.Login to use new upstreamoidc package. Matt Moyer 2020-11-30 17:14:57 -0600
  • 4b60c922ef
         Add generated mock of UpstreamOIDCIdentityProviderI. Matt Moyer 2020-11-30 17:09:01 -0600
  • 25ee99f93a
         Add ValidateToken method to UpstreamOIDCIdentityProviderI interface. Matt Moyer 2020-11-30 17:08:27 -0600
  • d32583dd7f
         Move OIDC Token structs into a new oidctypes package. Matt Moyer 2020-11-30 17:02:03 -0600
  • d64acbb5a9
         Add upstreamoidc.ProviderConfig type implementing provider.UpstreamOIDCIdentityProviderI. Matt Moyer 2020-11-30 14:54:11 -0600
  • 24c4bc0dd4
         Tweak some stdlib usage so we compile under Go 1.14. Matt Moyer 2020-11-24 13:38:28 -0600
  • 58a3e35c51
         Revert "test/integration: skip TestSupervisorLogin until new callback logic is on main" Andrew Keesler 2020-11-30 11:07:25 -0500
  • 25bbd28527
         Merge remote-tracking branch 'upstream/main' into callback-endpoint Andrew Keesler 2020-11-30 11:06:20 -0500
  • 385d2db445
         Merge pull request #245 from ankeesler/fix-supervisor-login-test Andrew Keesler 2020-11-30 11:05:43 -0500
  • eae6d355f8
         test/integration: skip TestSupervisorLogin until new callback logic is on main Andrew Keesler 2020-11-30 10:01:31 -0500
  • 5be46d0bb7
         test/integration: get downstream issuer path from upstream redirect Andrew Keesler 2020-11-30 09:58:08 -0500
  • 5b04192945
         Run TestSupervisorLogin only on valid HTTP/HTTPS supervisor addresses Andrew Keesler 2020-11-30 09:23:12 -0500
  • e6b6c0e3ab Merge branch 'main' into callback-endpoint Ryan Richard 2020-11-20 15:50:26 -0800
  • dfb6544171
         Merge pull request #238 from jknostman3/patch-1 Matt Moyer 2020-11-20 17:15:26 -0600
  • 3596610f40
         Merge pull request #239 from enj/enj/f/fosite_defaults Matt Moyer 2020-11-20 17:14:05 -0600
  • ccddeb4cda Merge branch 'main' into callback-endpoint Ryan Richard 2020-11-20 15:13:25 -0800
  • d39cc08b66
         Set defaults for fosite config Monis Khan 2020-11-20 15:45:29 -0500
  • c4ff1ca304 auth_handler.go: Ignore invalid CSRF cookies rather than return error Ryan Richard 2020-11-20 13:56:35 -0800
  • b21f0035d7 callback_handler.go: Get upstream name from state instead of path Andrew Keesler 2020-11-20 13:33:08 -0800
  • ad9439eef2
         Merge pull request #207 from vmware-tanzu/dependabot/docker/golang-1.15.5 Matt Moyer 2020-11-20 15:18:23 -0600
  • 72321fc106
         Use /callback (without IDP name) path for callback endpoint (part 1) Ryan Richard 2020-11-20 16:14:45 -0500
  • 541019eb98
         callback_handler.go: simplify stored ID token claims Andrew Keesler 2020-11-20 15:36:51 -0500
  • 15bffc6b16
         Update site demo to use pinniped-concierge namespace Jake Knostman 2020-11-20 12:31:23 -0800
  • 901242c1e1
         Bump golang from 1.15.3 to 1.15.5 dependabot[bot] 2020-11-20 20:19:51 +0000
  • d9d80535e3
         Step 8 update: namespace for webauthenticator to be pinniped-concierge Jake Knostman 2020-11-20 12:13:28 -0800
  • fd0e0bb4c9
         Merge pull request #234 from rajat404/main Matt Moyer 2020-11-20 13:29:35 -0600
  • 53bece2186 Avoid printing the error message twice from client Rajat Goyal 2020-11-20 23:49:52 +0530
  • 1a881e4f2b
         Merge pull request #232 from mattmoyer/adjust-test-environment-upstream-clients Matt Moyer 2020-11-20 09:46:04 -0600
  • 488d1b663a
         internal/oidc/provider/manager: route to callback endpoint Andrew Keesler 2020-11-20 10:42:43 -0500
  • 8f5d1709a1
         callback_handler.go: assert behavior about PKCE and IDSession storage Andrew Keesler 2020-11-20 09:41:49 -0500
  • bc700d58ae
         Split test environment variables so there's a specific supervisor upstream client. Matt Moyer 2020-11-19 15:05:31 -0600
  • f8d76066c5
         callback_handler.go: assert nonce is stored correctly Andrew Keesler 2020-11-20 08:38:23 -0500
  • b8fb37b9f6
         Merge pull request #233 from enj/enj/i/tmp_disable_max_flight Mo Khan 2020-11-19 22:51:03 -0500
  • 4a28d1f800
         Temporarily disable max inflight checks for mutating requests Monis Khan 2020-11-19 21:21:10 -0500
  • b25696a1fb callback_handler.go: Prepend iss to sub when making default username Andrew Keesler 2020-11-19 17:57:07 -0800
  • b49d37ca54
         callback_handler.go: test invalid upstream ID token username/groups Andrew Keesler 2020-11-19 15:53:21 -0500
  • 20b62b8841
         Merge pull request #231 from enj/enj/f/fosite_kube_storage Mo Khan 2020-11-19 15:34:55 -0500
  • 83101eefce
         callback_handler.go: start to test upstream token corner cases Ryan Richard 2020-11-19 14:19:01 -0500
  • 86865d155a
         Switch fuzzing test to UTC Monis Khan 2020-11-19 14:04:25 -0500
  • 3575be7742
         Add authorization code storage Monis Khan 2020-11-18 23:30:05 -0500
  • b7d823a077
         Add generic Kube API based CRUD storage Monis Khan 2020-11-17 11:42:11 -0500
  • a47617cad0 callback_handler.go: Add JWT Audience claim to storage Ryan Richard 2020-11-19 08:53:53 -0800
  • ee84f31f42 callback_handler.go: Add JWT Issuer claim to storage Ryan Richard 2020-11-19 08:35:23 -0800
  • ace861f722
         callback_handler.go: get some thoughts down about default upstream claims Andrew Keesler 2020-11-19 11:08:21 -0500
  • 2e62be3ebb
         callback_handler.go: assert correct args are passed to token exchange Andrew Keesler 2020-11-19 10:20:46 -0500
  • 48e0250649
         callback_handler.go: test that we request openid scope correctly Andrew Keesler 2020-11-19 09:28:56 -0500
  • 6c72507bca
         callback_handler.go: add test for failed upstream exchange/validation Andrew Keesler 2020-11-19 09:00:41 -0500
  • 63b8c6e4b2
         callback_handler.go: test when state missing a needed param Andrew Keesler 2020-11-19 08:51:23 -0500
  • ffdb7fa795
         callback_handler.go: add a test for invalid state auth params Andrew Keesler 2020-11-19 08:41:44 -0500
  • 652ea6bd2a Start using fosite in the Supervisor's callback handler Ryan Richard 2020-11-18 17:15:01 -0800
  • 3bc5952f7e
         Merge pull request #227 from mattmoyer/add-authorizationconfig-omitempty Mo Khan 2020-11-18 20:10:55 -0500
  • 7520dadbdd
         Use omitempty on UpstreamOIDCProvider spec.authorizationConfig field. Matt Moyer 2020-11-18 14:29:13 -0600
  • 8a4be431f6
         Merge pull request #230 from vmware-tanzu/scc Mo Khan 2020-11-18 17:46:01 -0500
  • c32e452db8
         Add nonroot SCC to work on OpenShift clusters Mo Khan 2020-11-18 17:08:45 -0500
  • 24bd8b2e42
         Merge pull request #226 from absoludity/fix-getting-started4 Ryan Richard 2020-11-18 13:39:04 -0800
  • 227fbd63aa Use an interface instead of a concrete type for UpstreamOIDCIdentityProvider Ryan Richard 2020-11-18 13:38:13 -0800
  • c83cec341b
         Merge branch 'main' into fix-getting-started4 Ryan Richard 2020-11-17 15:02:36 -0800
  • 7404ee4531
         Merge pull request #224 from mattmoyer/make-oidcclient-public Matt Moyer 2020-11-17 15:13:50 -0600
  • e0a9bef6ce
         Move ./internal/oidcclient to ./pkg/oidcclient. Matt Moyer 2020-11-17 12:46:54 -0600
  • 428b9f2758
         Merge pull request #223 from mattmoyer/refactor-cert-gen Matt Moyer 2020-11-17 12:45:20 -0600
  • 0d1ad6e1df
         Fix some broken resource grouping/ordering in Tiltfile. Matt Moyer 2020-11-17 12:21:15 -0600
  • 6ce2f109bf
         Refactor certificate generation for integration test Dex. Matt Moyer 2020-11-17 11:24:38 -0600
  • 3b9fb71dd1
         Merge pull request #222 from mattmoyer/readd-supervisor-login-tests Matt Moyer 2020-11-17 11:16:01 -0600
  • 97552aec5f Merge branch 'main' into callback-endpoint Ryan Richard 2020-11-17 09:06:54 -0800
  • d6d808d185
         Re-add the TestSupervisorLogin integration test. Matt Moyer 2020-11-17 09:21:17 -0600
  • b75a6cdb76
         Merge pull request #221 from mattmoyer/use-https-dex Matt Moyer 2020-11-16 20:47:16 -0600
  • b31deff0fb
         Update integration tests to use HTTPS Dex for UpstreamOIDCProvider testing. Matt Moyer 2020-11-16 18:16:16 -0600
  • ee978fdde8
         Add controller support for spec.tls field. Matt Moyer 2020-11-16 18:15:58 -0600
  • e867fb82b9
         Add spec.tls field to UpstreamOIDCProvider API. Matt Moyer 2020-11-16 14:42:43 -0600
  • b17ac6ec0b
         Update integration tests to run Dex over HTTPS. Matt Moyer 2020-11-16 14:04:08 -0600
  • dd2133458e
         Add --ca-bundle flag to "pinniped login oidc" command. Matt Moyer 2020-11-16 11:54:13 -0600
  • e7ecfd3954
         Merge pull request #219 from mattmoyer/add-test-proxy Matt Moyer 2020-11-16 17:48:16 -0600
  • c8b17978a9
         Convert CLI tests to work through an HTTP forward proxy. Matt Moyer 2020-11-16 10:40:18 -0600
  • a4733025ce
         Merge pull request #220 from jonasrosland/fix-landing-text Matt Moyer 2020-11-16 16:36:44 -0600
  • 1c7601a2b5
         callback_handler.go: start happy path test with redirect Andrew Keesler 2020-11-16 17:07:34 -0500
  • 052cdc40dc
         callback_handler.go: add CSRF and version state validations Ryan Richard 2020-11-16 14:41:00 -0500
  • 332ed8e50b Fix landing page use cases jonasrosland 2020-11-16 12:00:06 -0500
  • 4138c9244f
         callback_handler.go: write 2 invalid cookie tests Andrew Keesler 2020-11-16 11:47:49 -0500
  • 74add35237
         Empty commit to trigger CI Andrew Keesler 2020-11-16 09:46:55 -0500
  • 57a2dc9fc1 Update default namespace for pinniped-concierge to match install-pinniped-concierge.yaml Michael Nelson 2020-11-05 17:29:43 +1100
  • 9bb9402e89 Updated doc/demo.md with required namespace Michael Nelson 2020-11-05 17:27:34 +1100
  • 3ef1171667 Tiny bit more code for Supervisor's callback_handler.go Andrew Keesler 2020-11-13 15:59:51 -0800
  • 84b61fac88
         Merge pull request #215 from mattmoyer/fix-upstream-oidc-provider Matt Moyer 2020-11-13 17:23:10 -0600
  • c10393b495
         Mask the raw error messages from go-oidc, since they are dangerous. Matt Moyer 2020-11-13 15:29:32 -0600
  • 0cf0fa2201
         Empty commit to trigger CI Andrew Keesler 2020-11-11 13:02:56 -0500
  • d3d8ef44a0
         Make more fields in UpstreamOIDCProvider optional. Matt Moyer 2020-11-13 15:28:37 -0600
  • d5ee925e62
         Merge pull request #213 from mattmoyer/more-categories Mo Khan 2020-11-13 15:51:42 -0500
  • 47d216caae
         Merge pull request #209 from alexbrand/doc-fixes Mo Khan 2020-11-13 15:51:13 -0500
  • 406d6b5544
         docs/scope.md: Fix link to contrib guide Alexander Brand 2020-11-13 09:18:48 -0500
  • ab87977c08
         Put our TokenCredentialRequest API into the "pinniped" category. Matt Moyer 2020-11-13 12:09:22 -0600