djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f6ded84f07
ContainerImage.Pinniped/internal
History
Ryan Richard f6ded84f07 Implement upstream LDAP support in auth_handler.go 
- When the upstream IDP is an LDAP IDP and the user's LDAP username and
  password are received as new custom headers, then authenticate the
  user and, if authentication was successful, return a redirect with
  an authcode. Handle errors according to the OAuth/OIDC specs.
- Still does not support having multiple upstream IDPs defined at the
  same time, which was an existing limitation of this endpoint.
- Does not yet include the actual LDAP authentication, which is
  hidden behind an interface from the point of view of auth_handler.go
- Move the oidctestutil package to the testutil directory.
- Add an interface for Fosite storage to avoid a cyclical test
  dependency.
- Add GetURL() to the UpstreamLDAPIdentityProviderI interface.
- Extract test helpers to be shared between callback_handler_test.go
  and auth_handler_test.go because the authcode and fosite storage
  assertions should be identical.
- Backfill Content-Type assertions in callback_handler_test.go.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2021-04-08 17:28:01 -07:00
..
apiserviceref Use API service as owner ref for cluster scoped resources 2021-02-10 21:52:08 -05:00
certauthority dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
clusterhost Introduce clusterhost package to determine whether a cluster has control plane nodes 2021-02-09 11:16:01 -08:00
concierge impersonator: disallow clients from setting the X-Forwarded-For header 2021-03-19 15:35:06 -04:00
config Use TokenCredentialRequest instead of base64 token with impersonator 2021-03-10 10:30:06 -08:00
constable Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
controller Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
controllerlib Allow multiple Pinnipeds to work on same cluster 2021-02-02 15:18:41 -08:00
controllermanager dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
crud Supervisor storage garbage collection controller enabled in production 2020-12-11 15:21:34 -08:00
deploymentref Use API service as owner ref for cluster scoped resources 2021-02-10 21:52:08 -05:00
downward internal/downward: add support for (optional) pod name 2020-12-11 11:49:27 -05:00
dynamiccert dynamiccert: unit test with DynamicServingCertificateController 2021-03-15 17:23:37 -04:00
fositestorage Update ExpectedAuthorizeCodeSessionJSONFromFuzzing. 2020-12-17 16:31:08 -06:00
fositestoragei Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
groupsuffix Add WhoAmIRequest Aggregated Virtual REST API 2021-02-22 20:02:41 -05:00
here Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
httputil impersonator: test UID impersonation and header canonicalization 2021-03-16 13:00:51 -04:00
issuer dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
kubeclient Add WhoAmIRequest Aggregated Virtual REST API 2021-02-22 20:02:41 -05:00
ldap Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
mocks dynamiccert: split into serving cert and CA providers 2021-03-15 12:24:07 -04:00
oidc Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
ownerref internal/groupsuffix: mutate TokenCredentialRequest's Authenticator 2021-02-10 15:53:44 -05:00
plog internal/plog: add KObj() and KRef() 2021-02-10 14:25:39 -05:00
registry certauthority.go: Refactor issuing client versus server certs 2021-03-12 16:09:37 -08:00
secret All controller unit tests should not cancel context until test is over 2021-03-04 17:26:01 -08:00
testutil Implement upstream LDAP support in auth_handler.go 2021-04-08 17:28:01 -07:00
upstreamoidc Upgrade to github.com/coreos/go-oidc v3.0.0. 2021-01-21 12:08:14 -06:00