02f8c2683a
Update jwx to v2
2022-05-10 09:43:19 +09:00
28eda688d9
feat(ui): store original UI path to restore it after authentication
2022-04-21 22:41:00 +02:00
85edd432d5
fix(security): upgrade jwt to resolve CVE-2020-26160
2021-09-03 13:35:33 +02:00
40f7d398ff
feat(oauth/github): allow to specify URL for github enterprise
2021-03-29 21:02:34 +02:00
52df82e07d
chore: improve tests
2021-03-27 10:11:02 +01:00
f688170932
feat(oauth): add tests for Code Exchange implementations
2021-03-27 10:11:02 +01:00
2d6b97235d
feat(oauth): add and propagate GenericPKCE option
2021-03-27 10:11:02 +01:00
e6e6b78c91
feat(oauth): add stateless PKCE CodeExchange impl
2021-03-27 10:11:02 +01:00
0e8a36b669
chore: move randomString fn out of github oauth2 provider
2021-03-27 10:11:02 +01:00
148c5fcd9d
chore: rename file
2021-03-27 10:11:02 +01:00
2a1c6cda7b
feat(oauth): isolate code exchange to allow also PKCE implementation
2021-03-27 10:11:02 +01:00
c0cf96d344
chore: repair error message
2021-03-27 10:11:02 +01:00
efaacb8b79
feat(oauth): test bitbucket group retrieval
2020-12-17 07:40:24 +01:00
c038596f8b
feat(oauth): test bitbucket primary email retrieval
2020-12-14 18:43:40 +01:00
c88a4d915d
feat(oauth): support bitbucket primary email retrieval
2020-12-14 18:12:24 +01:00
60bc07ee71
feat(session): make session inactivity duration configurable
2020-09-28 18:50:50 +02:00
7350962204
chore: revert oauth inactivity change
2020-04-24 14:16:59 -07:00
3652328954
feat: add ability to ignore or verify self signed oauth certs ( #5461 )
2020-04-22 18:04:04 -06:00
6576b61d9f
fix: extend jwt expiration time to match cookie
...
also updates google oauth to use non-deprecated calls
2020-04-21 15:31:58 -06:00
1806d6c298
chore: tidy prior to kv refactor ( #5342 )
...
* Start cleaning up/reviewing for kv refactor
* Remove dependency on graceful http layer
* Remove deprecated cli option --new-sources
* Run gofmt and remove dep related files
* Update non-influx deps
* Update kapacitor dep
* Compile regexp's once
* Remove un-needed struct members
* Remove unused integrations code
2020-01-09 08:49:42 -07:00
571731cec5
fix github org pagination when user has > 10 orgs ( #5265 )
...
* fix github org pagination when user has > 10 orgs
* rm duplicate 1.7.13 CHANGELOG
* add #5265 to CHANGELOG
2019-09-20 15:53:13 -07:00
95201e9268
Add LOGIN_HINT OAuth config option
2019-07-09 15:02:44 -07:00
fdd52446d5
Fix JWK signing key check
2019-07-09 11:06:26 -07:00
944402e1a3
Use go modules, update flux
2019-04-11 16:14:36 -07:00
b462d4b8f5
-Less restrictive key equalness check in OAuth due to providers like Microsoft Azure who do not provide "alg" claim
2018-07-09 19:37:17 +02:00
3ad9ea1a33
partial revert( 43c5afe7) to fix GitHub Enterprise via Generic Oauth
...
The above commit was over-applied in #3168 to Generic Oauth in
addition to GitHub Oauth based on an assumption. It should only
have been applied to GitHub-specific OAuth. This over-application
introduced a bug where GitHub Enterprise did not work anymore.
2018-05-07 11:27:04 -07:00
43c5afe70e
Fix the github oauth2 implementation with multiple emails
...
If an account had multiple emails, the current implementation would
always select the first one regardless of any other settings. This fixes
it so it only chooses the primary email address that is verified.
This also fixes the generic oauth2 to require verified and primary to be
true if they are present. If they are not present, they are not
required.
2018-04-11 13:27:15 -05:00
9913a615b0
Fix tests for 0a98d1c7b
2018-03-28 15:27:11 -07:00
2aeb0f7c8a
added USE_ID_TOKEN option, defaulting off
2018-03-28 15:51:10 +02:00
68f8e95034
gofmt
2018-03-28 13:34:30 +02:00
0a98d1c7b7
Merge branch 'master' of https://github.com/influxdata/chronograf
2018-03-28 13:30:05 +02:00
5004b51dd4
Fix oauth callback test, broken by 2fe13e
...
Co-authored-by: Brandon Farmer <bthesorceror@gmail.com>
Co-authored-by: Jared Scheib <jared.scheib@gmail.com>
2018-03-08 14:59:50 -08:00
03e966a44a
Log error if Heroku API req responds with non-200-range code
2018-03-02 17:16:03 -06:00
32632f5790
Fix Heroku OAuth by adding required HTTP req header to API GET
2018-03-02 17:07:03 -06:00
f4c3e66d52
Use Generic APIKey for Oauth2 group lookup
2018-02-22 12:54:20 -05:00
ea16b12e5b
Merge branch 'master' into master
2018-02-20 09:52:34 +01:00
47dac13cae
merged upstream, updated comments, added GroupFromClaims()
2018-02-20 09:47:42 +01:00
39f7819877
fixed handling of empty id_tokens
2018-01-12 08:46:25 +01:00
8dfc71a6c9
added test case for mux/oauth2 id_token processing
2018-01-12 08:45:18 +01:00
2e694aee4c
Use github group login for mapping
2018-01-10 16:38:55 -05:00
8dc60c21ff
Add group to oauth2.Principal
2018-01-10 15:56:13 -05:00
6c9fef1afd
added test cases for ValidClaims()
2017-12-13 16:00:21 +01:00
5f6a67583c
updated existing test cases to interface changes
2017-12-13 15:55:21 +01:00
fbb71b6721
fixed initialization, added expressive error message
2017-12-13 15:51:20 +01:00
7d4b8317e1
go fmt + got vet
2017-12-13 09:13:11 +01:00
691f1710a2
handle extra id_token in callback
2017-12-10 18:33:50 +01:00
645923a168
add support for RS256 signatures using JWKS
2017-12-10 18:26:27 +01:00
93f11e1325
Merge remote-tracking branch 'origin/master' into multitenancy
2017-12-05 11:43:23 -08:00
c87bfe1678
Add GENERIC_API_KEY to override of oauth2 responses to support azure
2017-11-21 16:55:03 -06:00
06fa9d0e2a
Add comment of how to generate JWT tokens
2017-11-01 16:05:56 -04:00
Daisuke Maki
Pavel Zavora
Gregory Eremin
Bucky Schwarz
Greg
greg linton
Joshua Hoblitt
Christopher Henn
Brandon Farmer
Theo Diefenthal
Jared Scheib
Jonathan A. Sternberg
Benjamin Schweizer
Michael Desa
Benjamin Schweizer
Benjamin Schweizer
Chris Goller