mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-07 14:05:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,678 Commits 23 Branches 50 Tags
c600cf79498fa340480a34720cf8d2d0a8840bdc
Commit Graph

1069 Commits

Author SHA1 Message Date
Joshua Casey
4ab2ed10f5 Add integration test for allowed ciphers 2024-06-14 10:42:17 -07:00
Joshua Casey
53031ad8d4 User can now configured allowed ciphers, to restrict the ciphers used by the Default profile 2024-06-14 10:42:17 -07:00
Joshua Casey
678be9902a Lint new files from the GitHub branch 2024-06-11 10:16:18 -05:00
Joshua Casey
bafd578866 Merge branch 'main' into jtc/add-importas-linter 2024-06-11 09:39:48 -05:00
Ryan Richard
07f8c327e4 handle another githug login interstitial page 2024-06-06 14:00:22 -04:00
Joshua Casey
58b4ecc0aa user sees error msg when GitHub login is denied due to allowed orgs 
Also renamed an interface function from GetName to GetResourceName.

Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-06-03 10:56:28 -07:00
Ryan Richard
e3d8c71f97 sleep longer before generating any GitHib OTP codes 2024-05-31 12:03:36 -07:00
Ryan Richard
6364ac9ac7 change status condition type name to be "ClientCredentialsSecretValid" 
For both GitHubIdentityProvider and OIDCIdentityProvider to make them
consistent with each other.
 2024-05-31 09:59:30 -07:00
Ryan Richard
e89daadfcf dump debugging info when a browser-based test fails 2024-05-31 09:09:24 -07:00
Ryan Richard
c5b54ec27e resolve a todo in supervisor_discovery_test.go 2024-05-30 14:48:35 -07:00
Ryan Richard
6327f51f5b repeat same github int tests using OAuth client in supervisor_login_test 2024-05-30 09:58:10 -07:00
Ryan Richard
2bf11ffde1 update error message assertion for github in supervisor_login_test.go 2024-05-29 09:45:43 -07:00
Ryan Richard
bb1737daec slow down github integration tests to avoid OTP reuse errors from github 2024-05-22 21:21:45 -05:00
Ryan Richard
fef494949f implement upstream refresh for github 2024-05-22 21:21:45 -05:00
Ryan Richard
e69eb46911 Add github integration tests to supervisor_login_test.go 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-22 21:21:45 -05:00
Ryan Richard
8923704f3c Finish initial github login flow 
Also:
- fix github teams query: fix bug and sort/unique the results
- add IDP display name to github downstream subject
- fix error types returned by LoginFromCallback
- add trace logs to github API results
- update e2e test
- implement placeholder version of refresh for github
 2024-05-22 21:21:45 -05:00
Joshua Casey
fe911a7b7a Prefer slices package and slices.Concat where possible 2024-05-21 09:31:16 -05:00
Joshua Casey
513f43f465 Enforce more imports 
- go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1
- go.pinniped.dev/generated/latest/client/concierge/clientset/versioned
- go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/scheme
- go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned
- go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/scheme
 2024-05-21 09:31:15 -05:00
Joshua Casey
f5116cddb4 Enable 'makezero' and 'prealloc' linters, and require 'any' instead of 'interface{}' 
Enforce importas:

- go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1
- go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1
 2024-05-21 09:31:15 -05:00
Joshua Casey
bbe10004b4 Enforce more imports 
- go.pinniped.dev/generated/latest/apis/supervisor/clientsecret/v1alpha1
- go.pinniped.dev/internal/concierge/scheme
 2024-05-21 09:31:15 -05:00
Joshua Casey
e9252a9ee3 Enforce more imports 
- k8s.io/apimachinery/pkg/apis/meta/v1
- k8s.io/api/core/v1
- github.com/coreos/go-oidc/v3/oidc
- github.com/ory/fosite/handler/oauth2
- go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1
 2024-05-21 09:31:15 -05:00
Joshua Casey
875b0739aa Enforce aliases for 'k8s.io/apimachinery/pkg/util/errors' and 'k8s.io/apimachinery/pkg/api/errors' 2024-05-21 09:31:15 -05:00
Joshua Casey
e4daa5a924 Merge branch 'main' into jtc/merge-main-at-3fe3cf71-into-github 2024-05-16 16:05:34 -05:00
Joshua Casey
7787885463 Add federation domain cleanup in E2E integration test 
Co-authored-by: Ryan Richard <richardry@vmware.com>
 2024-05-16 14:18:43 -05:00
Ryan Richard
f320980006 Add integration test to prove that 'pinniped login oidc' will infer the flowtype from the Supervisor's IDP discovery 
Co-authored-by: Joshua T Casey <caseyj@vmware.com>
 2024-05-16 12:57:33 -05:00
Ryan Richard
7e0a3c114d Pinniped CLI and the oidc-client package are now enhanced by pinniped_supported_identity_provider_types 
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
 2024-05-16 12:57:12 -05:00
Joshua Casey
69364b2183 Merge branch 'main' into jtc/merge-main-at-6b3f175-into-github 2024-05-16 09:22:28 -05:00
Ryan Richard
e13f4a7f29 refactor ptls to clarify the difference between FIPS and non-FIPS modes 
and backfill some basic tests
 2024-05-13 16:52:15 -07:00
Joshua Casey
f43b6f04dc Fix lint issues from golangci-lint 1.58.1 2024-05-10 15:15:59 -05:00
Joshua Casey
791b785dea Merge branch 'main' into jtc/merge-main-at-d7849c79-to-github 2024-05-10 14:22:09 -05:00
Joshua Casey
81f3acfa38 Update some build tags since go1.22+ is now required 2024-05-10 12:51:03 -05:00
Joshua Casey
e9d0ac5110 Enable 'intrange' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
7b36c8ab54 Enable 'copyloopvar' linter 2024-05-10 12:51:02 -05:00
Joshua Casey
e04e5e0185 Fix revive linter issues for all production code, and exclude revive linter issues for test code 2024-05-10 12:51:02 -05:00
Ryan Richard
7c85a511a2 first draft of an e2e integration test for GitHub login (skip while WIP) 2024-05-09 15:35:37 -07:00
Ryan Richard
6be92f92fb bump Supervisor session storage versions 2024-05-09 15:35:37 -07:00
Joshua Casey
96e4442181 Add docs to configure the Supervisor with a GitHub IDP. 
- Does not include docs for configuring GitHub Apps or GitHub OAuth Apps
 2024-05-08 15:57:21 -05:00
Benjamin A. Petersen
c43193a0c8 Merge branch 'main' into github_identity_provider 2024-05-01 12:15:08 -04:00
Benjamin A. Petersen
00567645d0 Add conditional AD to IDP discovery test 2024-04-30 15:43:32 -04:00
Benjamin A. Petersen
92b9d68863 Add OIDC, LDAP to supervisor discovery test 2024-04-30 14:19:54 -04:00
Ryan Richard
1ac2215724 update an assertion in integration test leaderelection_test.go 2024-04-29 13:22:14 -07:00
Benjamin A. Petersen
6424f45c19 Add IDP Discovery integration test for GitHub 2024-04-29 14:57:14 -04:00
Joshua Casey
9c2df74e54 Adjust to new K8s 1.30 API 2024-04-26 11:54:53 -07:00
Benjamin A. Petersen
2753b468fd Update TestSupervisorFederationDomainStatus test 2024-04-25 17:02:07 -04:00
Ryan Richard
57a07a498f Refactors for custom ID token lifetime based on PR feedback 2024-04-24 15:05:00 -07:00
Ryan Richard
136bc7ac09 Mild refactor of integration test for custom ID token lifetimes 2024-04-24 14:13:41 -07:00
Ryan Richard
5dbf05c31d Update the session storage versions due to new ID token lifetime field 2024-04-24 14:13:41 -07:00
Joshua Casey
b31a893caf Add integration test and fix totalExpectedAPIFields 2024-04-24 14:13:40 -07:00
Ryan Richard
def2b35e6e Make ID token lifetimes configurable on OIDCClient resources 2024-04-24 14:13:40 -07:00
Joshua Casey
14b1b7c862 Polish up the github_upstream_watcher: default and verify spec.claims correctly 2024-04-24 13:37:40 -05:00