djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d2251d2ea7
ContainerImage.Pinniped/test/integration
History
Ryan Richard d2251d2ea7 Use base64 binary-encoded value as UID for LDAP 
This is to allow the use of binary LDAP entry attributes as the UID.
For example, a user might like to configure AD’s objectGUID or maybe
objectSid attributes as the UID attribute.

This negatively impacts the readability of the UID when it did not come
from a binary value, but we're considering this an okay trade-off to
keep things simple for now. In the future, we may offer more
customizable encoding options for binary attributes.

These UIDs are currently only used in the downstream OIDC `sub` claim.
They do not effect the user's identity on the Kubernetes cluster,
which is only based on their mapped username and group memberships from
the upstream identity provider. We are not currently supporting any
special encoding for those username and group name LDAP attributes, so
their values in the LDAP entry must be ASCII or UTF-8 in order for them
to be interpreted correctly.
2021-05-27 13:47:10 -07:00
..
category_test.go Ignore client-side throttling in kubectl stderr 2021-04-19 15:52:47 -04:00
cli_test.go Merge branch 'main' into initial_ldap 2021-05-11 11:09:37 -07:00
concierge_api_serving_certs_test.go Merge remote-tracking branch 'upstream/main' into impersonation-proxy 2021-03-18 10:36:28 -04:00
concierge_availability_test.go All controller unit tests should not cancel context until test is over 2021-03-04 17:26:01 -08:00
concierge_client_test.go Merge remote-tracking branch 'upstream/main' into impersonation-proxy 2021-03-18 10:36:28 -04:00
concierge_credentialissuer_test.go Create CredentialIssuer at install, not runtime. 2021-05-19 17:15:25 -05:00
concierge_credentialrequest_test.go Replace all usages of strPtr() with pointer.StringPtr() 2021-05-12 13:20:00 -07:00
concierge_impersonation_proxy_test.go Merge branch 'main' into initial_ldap 2021-05-11 11:09:37 -07:00
concierge_kubecertagent_test.go Add a new "legacy pod cleaner" controller. 2021-04-26 08:19:45 -06:00
concierge_kubectl_test.go Rename pinniped-server -> pinniped-concierge 2020-10-06 14:59:03 -04:00
e2e_test.go Initial support for upstream LDAP group membership 2021-05-17 11:10:26 -07:00
kube_api_discovery_test.go Add stub LDAP API type and integration test 2021-04-06 13:10:01 -04:00
kubeclient_test.go Merge branch 'main' of github.com:vmware-tanzu/pinniped into impersonation-proxy 2021-03-04 12:38:00 -06:00
ldap_client_test.go Use base64 binary-encoded value as UID for LDAP 2021-05-27 13:47:10 -07:00
supervisor_discovery_test.go Update TestSupervisorOIDCDiscovery for versioned IDP discovery endpoint 2021-05-13 13:07:31 -07:00
supervisor_healthz_test.go Remove library.AssertNoRestartsDuringTest and make that assertion implicit in library.IntegrationEnv. 2021-03-17 11:18:10 -05:00
supervisor_login_test.go Use base64 binary-encoded value as UID for LDAP 2021-05-27 13:47:10 -07:00
supervisor_secrets_test.go Remove library.AssertNoRestartsDuringTest and make that assertion implicit in library.IntegrationEnv. 2021-03-17 11:18:10 -05:00
supervisor_storage_garbage_collection_test.go supervisor gc: use singleton queue 2021-05-04 14:44:55 -04:00
supervisor_storage_test.go All controller unit tests should not cancel context until test is over 2021-03-04 17:26:01 -08:00
supervisor_upstream_test.go Merge branch 'main' into initial_ldap 2021-05-11 11:09:37 -07:00
whoami_test.go Merge branch 'main' of github.com:vmware-tanzu/pinniped into impersonation-proxy 2021-03-16 14:35:07 -05:00