ContainerImage.Pinniped/apis/config/v1alpha1
Ryan Richard 25a91019c2 Add spec.secretName to OPC and handle case-insensitive hostnames
- When two different Issuers have the same host (i.e. they differ
  only by path) then they must have the same secretName. This is because
  it wouldn't make sense for there to be two different TLS certificates
  for one host. Find any that do not have the same secret name to
  put an error status on them and to avoid serving OIDC endpoints for
  them. The host comparison is case-insensitive.
- Issuer hostnames should be treated as case-insensitive, because
  DNS hostnames are case-insensitive. So https://me.com and
  https://mE.cOm are duplicate issuers. However, paths are
  case-sensitive, so https://me.com/A and https://me.com/a are
  different issuers. Fixed this in the issuer validations and in the
  OIDC Manager's request router logic.
2020-10-23 16:25:44 -07:00
..
conversion.go.tmpl Move CredentialIssuerConfig into new "config.pinniped.dev" API group. 2020-09-18 16:38:45 -05:00
defaults.go.tmpl Move CredentialIssuerConfig into new "config.pinniped.dev" API group. 2020-09-18 16:38:45 -05:00
doc.go.tmpl Move CredentialIssuerConfig into new "config.pinniped.dev" API group. 2020-09-18 16:38:45 -05:00
register.go.tmpl supervisor-oidc: forgot OIDCProviderConfig type registration in 14f1d86 2020-10-07 10:50:55 -04:00
types_credentialissuerconfig.go.tmpl supervisor-oidc: add OIDCProviderConfig CRD 2020-10-06 15:20:29 -04:00
types_oidcproviderconfig.go.tmpl Add spec.secretName to OPC and handle case-insensitive hostnames 2020-10-23 16:25:44 -07:00