-
-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support OpenID tokens for getting using information #122
Open
alek-sys
wants to merge
13
commits into
go-pkgz:master
Choose a base branch
from
alek-sys:master
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Commits on Jun 21, 2022
-
Add support of OpenID providers
With OpenID flow, instead of using /userinfo endpoint, an ID token issued by the authorisation server is used. Information in this token ususally includes extra params and options, not available in userinfo response.
Configuration menu - View commit details
-
Copy full SHA for a528a70 - Browse repository at this point
Copy the full SHA a528a70View commit details -
Configuration menu - View commit details
-
Copy full SHA for 242fcfc - Browse repository at this point
Copy the full SHA 242fcfcView commit details -
Configuration menu - View commit details
-
Copy full SHA for e3fd054 - Browse repository at this point
Copy the full SHA e3fd054View commit details -
Configuration menu - View commit details
-
Copy full SHA for 89969d4 - Browse repository at this point
Copy the full SHA 89969d4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7411bff - Browse repository at this point
Copy the full SHA 7411bffView commit details -
makeRedirURL should work from a request, but it's not part of this PR
Configuration menu - View commit details
-
Copy full SHA for 8026918 - Browse repository at this point
Copy the full SHA 8026918View commit details
Commits on Jun 22, 2022
-
Only generate private key if OpenID is enabled
Key generation is slow(-ish) so usual sleeps of 50ms sometimes not enough, that makes tests flaky.
Configuration menu - View commit details
-
Copy full SHA for e5a20c7 - Browse repository at this point
Copy the full SHA e5a20c7View commit details -
Configuration menu - View commit details
-
Copy full SHA for ab93f7d - Browse repository at this point
Copy the full SHA ab93f7dView commit details -
Make sure AddDevOpenIDProvider is called in auth_test.go
Weirdly coveralls thinks this method is not covered, because it is tested in another package. However there isn't much to test really, so at best I can check jwks URL is correctly served.
Configuration menu - View commit details
-
Copy full SHA for 41a0ffe - Browse repository at this point
Copy the full SHA 41a0ffeView commit details -
Actual login flow is tested already, and these two new methods are called in provider/openid_test.go. However the coverage tool is not detecting these calls, and instead seems to be requiring the methods to be called in the matching test file. So this test is a weird artifact to make coverage tool happy.
Configuration menu - View commit details
-
Copy full SHA for 9de085f - Browse repository at this point
Copy the full SHA 9de085fView commit details
Commits on Jun 24, 2022
-
Fix token validation and update README
golang-jwt library is trying to validate iat claim of the ID token and due to not accounting for clock skew, validation pretty randomly fails. There is an open issue golang-jwt/jwt#98 and seems like that is fixed in v4. However it is still unclear why iat is validation in the first place, that's not required by RFC and doesn't seem like the right thing to do. Only nbf and exp claims should be used for token lifetime validity check. Also, update README to show how to configure OpenID providers.
Configuration menu - View commit details
-
Copy full SHA for 28a499c - Browse repository at this point
Copy the full SHA 28a499cView commit details -
Configuration menu - View commit details
-
Copy full SHA for d6b8f26 - Browse repository at this point
Copy the full SHA d6b8f26View commit details
Commits on Jun 27, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 3bf3b62 - Browse repository at this point
Copy the full SHA 3bf3b62View commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.