pinniped

mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-02-12 07:41:43 +00:00

Author	SHA1	Message	Date
Matt Moyer	8c3be3ffb2	Refactor UpstreamOIDCIdentityProviderI claim handling. This refactors the `UpstreamOIDCIdentityProviderI` interface and its implementations to pass ID token claims through a `*oidctypes.Token` return parameter rather than as a third return parameter. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-12-04 15:35:35 -06:00
Matt Moyer	fde56164cd	Add a `redirectURI` parameter to ExchangeAuthcodeAndValidateTokens() method. We missed this in the original interface specification, but the `grant_type=authorization_code` requires it, per RFC6749 (https://tools.ietf.org/html/rfc6749#section-4.1.3). Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-12-02 15:55:33 -06:00
Matt Moyer	4fe691de92	Save an http.Client with each upstreamoidc.ProviderConfig object. This allows the token exchange request to be performed with the correct TLS configuration. We go to a bit of extra work to make sure the `http.Client` object is cached between reconcile operations so that connection pooling works as expected. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-12-02 15:55:33 -06:00
Matt Moyer	b272b3f331	Refactor oidcclient.Login to use new upstreamoidc package. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-30 17:37:14 -06:00
Matt Moyer	25ee99f93a	Add ValidateToken method to UpstreamOIDCIdentityProviderI interface. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-30 17:37:14 -06:00
Matt Moyer	d32583dd7f	Move OIDC Token structs into a new `oidctypes` package. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-30 17:02:03 -06:00
Matt Moyer	d64acbb5a9	Add upstreamoidc.ProviderConfig type implementing provider.UpstreamOIDCIdentityProviderI. Signed-off-by: Matt Moyer <moyerm@vmware.com>	2020-11-30 15:22:56 -06:00

7 Commits