ContainerImage.Pinniped/internal/testutil
Ryan Richard e0ecdc004b Allow dynamic clients to be used in downstream OIDC flows
This is only a first commit towards making this feature work.
- Hook dynamic clients into fosite by returning them from the storage
  interface (after finding and validating them)
- In the auth endpoint, prevent the use of the username and password
  headers for dynamic clients to force them to use the browser-based
  login flows for all the upstream types
- Add happy path integration tests in supervisor_login_test.go
- Add lots of comments (and some small refactors) in
  supervisor_login_test.go to make it much easier to understand
- Add lots of unit tests for the auth endpoint regarding dynamic clients
  (more unit tests to be added for other endpoints in follow-up commits)
- Enhance crud.go to make lifetime=0 mean never garbage collect,
  since we want client secret storage Secrets to last forever
- Move the OIDCClient validation code to a package where it can be
  shared between the controller and the fosite storage interface
- Make shared test helpers for tests that need to create OIDC client
  secret storage Secrets
- Create a public const for "pinniped-cli" now that we are using that
  string in several places in the production code
2022-07-14 09:51:11 -07:00
..
fakekubeapi Update to github.com/golangci/golangci-lint/cmd/golangci-lint@v1.44.2 2022-03-08 12:28:09 -08:00
oidctestutil Don't do ldap group search when group scope not specified 2022-06-22 10:58:08 -07:00
testlogger Switch to go.uber.org/zap for JSON formatted logging 2022-05-24 11:17:42 -04:00
tlsserver Remove duplication in secure TLS tests 2022-04-01 10:56:38 -04:00
assertions.go Login page styling/structure for users, screen readers, passwd managers 2022-05-05 13:13:25 -07:00
certs.go certauthority.go: Refactor issuing client versus server certs 2021-03-12 16:09:37 -08:00
crypto.go Cleanup code via TODOs accumulated during token endpoint work 2020-12-04 10:09:42 -05:00
delete.go Merge branch 'main' into upstream_access_revocation_during_gc 2022-01-14 10:49:22 -08:00
doc.go Allow multiple Pinnipeds to work on same cluster 2021-02-02 15:18:41 -08:00
ioutil.go WIP: add supervisor upstream flags to pinniped get kubeconfig 2021-04-30 14:28:03 -07:00
kube_server_compatibility.go Fix TestOIDCClientStaticValidation on old servers 2022-06-17 09:04:03 -04:00
loginhtml.go Add LDAP browser flow login failure tests to supervisor_login_test.go 2022-05-10 16:28:08 -07:00
observable_with_informer_option.go Add Go vanity import paths. 2020-09-18 14:56:24 -05:00
observable_with_initial_event_option.go kubecertagent: use initial event for when key can't be found 2020-09-24 16:54:20 -04:00
oidcclientsecretstorage.go Allow dynamic clients to be used in downstream OIDC flows 2022-07-14 09:51:11 -07:00
psession.go Addressing PR feedback 2022-01-10 11:03:37 -08:00
roundtrip.go internal/groupsuffix: mutate TokenCredentialRequest's Authenticator 2021-02-10 15:53:44 -05:00
tempdir_go1.14.go Update to github.com/golangci/golangci-lint/cmd/golangci-lint@v1.44.2 2022-03-08 12:28:09 -08:00
tempdir.go Tweak some stdlib usage so we compile under Go 1.14. 2020-11-30 10:11:41 -06:00
tlsserver.go Force the use of secure TLS config 2021-11-17 16:55:35 -05:00
transcript_logger.go Switch to go.uber.org/zap for JSON formatted logging 2022-05-24 11:17:42 -04:00
x509_error.go Error format of untrusted certificate errors should depend on OS 2022-04-14 17:37:36 -07:00