djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
34509e7430
ContainerImage.Pinniped/internal/oidc
History
Ryan Richard 34509e7430 Add more unit tests for dynamic clients and enhance token exchange 
- Enhance the token exchange to check that the same client is used
  compared to the client used during the original authorization and
  token requests, and also check that the client has the token-exchange
  grant type allowed in its configuration.
- Reduce the minimum required bcrypt cost for OIDCClient secrets
  because 15 is too slow for real-life use, especially considering
  that every login and every refresh flow will require two client auths.
- In unit tests, use bcrypt hashes with a cost of 4, because bcrypt
  slows down by 13x when run with the race detector, and we run our
  tests with the race detector enabled, causing the tests to be
  unacceptably slow. The production code uses a higher minimum cost.
- Centralize all pre-computed bcrypt hashes used by unit tests to a
  single place. Also extract some other useful test helpers for
  unit tests related to OIDCClients.
- Add tons of unit tests for the token endpoint related to dynamic
  clients for authcode exchanges, token exchanges, and refreshes.
2022-07-20 13:55:56 -07:00
..
auth Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
callback Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
clientregistry Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
csrftoken Add some trivial unit tests to internal/oidc/csrftoken. 2021-02-02 09:38:17 -06:00
discovery add a code comment 2022-04-19 11:35:46 -07:00
downstreamsession Handle refresh requests without groups scope 2022-06-22 08:21:16 -07:00
dynamiccodec internal/oidc/dynamiccodec: loosen test to reduce flakes 2020-12-11 11:49:27 -05:00
idpdiscovery Advertise browser_authcode flow in ldap idp discovery 2022-04-25 14:54:21 -07:00
jwks WIP: start to wire signing key into token handler 2020-12-03 15:37:25 -05:00
login Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
oidcclientvalidator Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
provider Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
token Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
dynamic_oauth2_hmac_strategy_test.go Add custom prefix to downstream access and refresh tokens and authcodes 2022-04-13 10:13:27 -07:00
dynamic_oauth2_hmac_strategy.go Add custom prefix to downstream access and refresh tokens and authcodes 2022-04-13 10:13:27 -07:00
dynamic_open_id_connect_ecdsa_strategy_test.go Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
dynamic_open_id_connect_ecdsa_strategy.go Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
kube_storage.go Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
nullstorage.go Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
oidc.go Merge branch 'dynamic_clients' into require-groups-scope 2022-06-22 14:27:06 -07:00
token_exchange.go Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00