3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-02 20:06:03 +02:00
Code Issues Projects Releases Packages Wiki Activity
2584 commits 158 branches 125 tags 103 MiB
Commit graph

93 commits

Author SHA1 Message Date
Caleb Doxsey
c178819875
move directory providers (#3633) 
* remove directory providers and support for groups

* idp: remove directory providers

* better error messages

* fix errors

* restore postgres

* fix test
 2022-11-03 11:33:56 -06:00
dependabot[bot]
ec495bb682
chore(deps): bump github.com/golangci/golangci-lint from 1.48.0 to 1.50.0 (#3667) 
* chore(deps): bump github.com/golangci/golangci-lint

Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.48.0 to 1.50.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.48.0...v1.50.0)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* lint

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2022-10-19 09:36:59 -06:00
Caleb Doxsey
0ac7e45a21
atomicutil: use atomicutil.Value wherever possible (#3517) 
* atomicutil: use atomicutil.Value wherever possible

* fix test

* fix mux router
 2022-07-28 15:38:38 -06:00
Denis Mishin
db426072b0
eliminate global events manager (#3422) 2022-06-14 15:05:16 -04:00
bobby
ebbb6a7ff2
docs: update references, remove docs dir (#3420) 
* docs: update references, remove docs dir

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* Update README.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

* Update Docs Paths

* precommit

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* remove spellcheck

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* spell the check

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-06-13 16:52:52 -07:00
Caleb Doxsey
a7bd284b52
identity: batch directory updates (#3411) 
* identity: batch directory updates

* add batch details to log message
 2022-06-08 16:48:15 -06:00
Denis Mishin
9baaea5e85
do not require idp set in the bootstrap config, as it may be later configured via the databroker (#3386) 2022-05-31 11:42:19 -04:00
Caleb Doxsey
1c2aad2de6
postgres: databroker storage backend (#3370) 
* wip

* storage: add filtering to SyncLatest

* don't increment the record version, so intermediate changes are requested

* databroker: add support for query filtering

* fill server and record version

* postgres: databroker storage backend

* wip

* serialize puts

* add test

* skip tests for macos

* add test

* return error from protojson

* set data

* exclude postgres from cover tests
 2022-05-25 10:23:58 -06:00
Caleb Doxsey
f73c5c615f
databroker: add support for putting multiple records (#3291) 
* databroker: add support for putting multiple records

* add OptimumPutRequestsFromRecords function

* replace GetAll with SyncLatest

* fix stream when there are no records
 2022-04-26 16:41:38 -06:00
Caleb Doxsey
1342523cda
grpc: remove ptypes references (#3078) 2022-02-24 08:37:59 -07:00
Denis Mishin
ac9e086691
last known metric error (#2974) 2022-01-31 12:35:51 -05:00
Caleb Doxsey
64ee7eca5c
directory: save IDP errors to databroker, put event handling in dedicated package (#2957) 2022-01-28 15:15:32 -07:00
cfanbo
84dad4c612
remove deprecated ioutil usages (#2877) 
* fix: Fixed return description error

* config/options: Adjust the position of TracingJaegerAgentEndpoint option

* DOCS: Remove duplicate configuration items

Remove duplicate configuration items of route

* remove deprecated ioutil usages
 2021-12-30 10:02:12 -08:00
Denis Mishin
c19dd80fe6
more idp metrics (#2842) 2021-12-22 17:30:16 -05:00
bobby
1a7c5415e7
identity: only assign access_type uri params to google. (#2782) 
* identity: only assign `access_type` uri params to google.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* bump upgrading

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-11-28 19:01:34 -08:00
Caleb Doxsey
b0f8c055ec
authenticate: always update user record on login (#2719) 
* authenticate: always update user record on login

* identity: fix user refresh

* add test for manager update

* fix time
 2021-11-01 14:18:18 -06:00
Caleb Doxsey
79ec52d354
identity: fix user refresh (#2724) 2021-10-28 14:02:25 -06:00
Caleb Doxsey
3773a95d50
directory: implement exponential backoff for refresh (#2570) 
* directory: implement exponential backoff for refresh

* disable randomization for exponential backoff testing
 2021-09-03 15:49:56 -06:00
Alex Fornuto
db5d1593e3
Remove api from GitLab defaultScope (#2518) 
* remove api from gitlab defaultScope

* rm redundant scope
 2021-08-25 10:26:35 -05:00
Caleb Doxsey
9fa65e069c
github: support provider URL (#2490) 2021-08-18 09:20:08 -06:00
Caleb Doxsey
6af0655206
protoutil: add NewAny method for deterministic serialization (#2462) 2021-08-09 17:51:57 -06:00
Caleb Doxsey
ac8ae3ef5b
directory: add logging http client to help with debugging outbound http requests (#2385) 2021-07-22 11:58:52 -06:00
Caleb Doxsey
f9675f61cc
deps: upgrade to go-jose v3 (#2284) 2021-06-10 09:35:44 -06:00
Caleb Doxsey
94aa0b1a48
databroker: implement leases (#2172) 
* databroker: implement leases

* return error

* handle gRPC errors
 2021-05-10 13:30:25 -06:00
Caleb Doxsey
aeece76928
databroker: store issued at timestamp with session (#2173) 2021-05-04 10:09:14 -06:00
wasaga
e0c09a0998
log context (#2107) 2021-04-22 10:58:13 -04:00
wasaga
a935c1ba30
config related metrics (#2065) 2021-04-07 12:29:36 -07:00
Caleb Doxsey
d7ab817de7
authorize: add databroker server and record version to result, force sync via polling (#2024) 
* authorize: add databroker server and record version to result, force sync via polling

* wrap inmem store to take read lock when grabbing databroker versions

* address code review comments

* reset max to 0
 2021-03-31 10:09:06 -06:00
Caleb Doxsey
a5731f7d92
identity: infer email from mail claim (#1977) 2021-03-12 09:01:21 -07:00
Caleb Doxsey
fd97561ab1
ping: identity and directory providers (#1975) 
* ping: add identity provider

* ping: implement directory provider

* ping, not onelogin

* ping, not onelogin

* escape path params
 2021-03-10 16:25:49 -07:00
Caleb Doxsey
138df5ae24
identity: record metric for last refresh (#1936) 2021-02-23 10:08:01 -07:00
Caleb Doxsey
5d60cff21e
databroker: refactor databroker to sync all changes (#1879) 
* refactor backend, implement encrypted store

* refactor in-memory store

* wip

* wip

* wip

* add syncer test

* fix redis expiry

* fix linting issues

* fix test by skipping non-config records

* fix backoff import

* fix init issues

* fix query

* wait for initial sync before starting directory sync

* add type to SyncLatest

* add more log messages, fix deadlock in in-memory store, always return server version from SyncLatest

* update sync types and tests

* add redis tests

* skip macos in github actions

* add comments to proto

* split getBackend into separate methods

* handle errors in initVersion

* return different error for not found vs other errors in get

* use exponential backoff for redis transaction retry

* rename raw to result

* use context instead of close channel

* store type urls as constants in databroker

* use timestampb instead of ptypes

* fix group merging not waiting

* change locked names

* update GetAll to return latest record version

* add method to grpcutil to get the type url for a protobuf type
 2021-02-18 15:24:33 -07:00
Caleb Doxsey
64d247cfeb
onelogin: fix default scopes for v2 (#1896) 2021-02-17 08:51:13 -07:00
Caleb Doxsey
5e3aa91f23
authenticate: delay evaluation of OIDC provider (#1802) 
* authenticate: delay evaluation of OIDC provider

* add additional error message

* address comments
 2021-01-26 09:20:56 -07:00
bobby
4f78a9b301
chore(deps): update oidc to v3 (#1783) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-01-19 08:26:48 -08:00
Caleb Doxsey
3524697f6f
use incremental API for envoy xDS (#1732) 
* use incremental API

* add test

* use backoff v4

* remove panic, add comment to exponential try, add test for HashProto

* merge master

* fix missing import
 2021-01-05 12:45:55 -07:00
Caleb Doxsey
6e33067eef
don't create users when updating sessions (#1671) 2020-12-10 14:57:28 -07:00
Caleb Doxsey
3b634de550
implement new redis storage backend with go-redis package (#1649) 2020-12-10 12:21:31 -07:00
Travis Groth
fdbef33aa1
run goimports (#1651) 2020-12-04 15:04:48 -05:00
bobby
7e86ed3c60
microsoft: add support for common endpoint (#1648) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-12-04 08:42:11 -08:00
Caleb Doxsey
aad8ac2e61
replace GetAllPages with InitialSync, improve merge performance (#1624) 
* replace GetAllPages with InitialSync, improve merge performance

* fmt proto

* add test for base64 function

* add sync test

* go mod tidy

Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-11-30 12:21:44 -07:00
Caleb Doxsey
ee03d0e9f8
remove memberlist (#1615) 2020-11-23 14:56:05 -07:00
Caleb Doxsey
a41c37f9e0
add paging support to GetAll (#1601) 
* add paging support to GetAll

* fix import
 2020-11-18 17:02:57 -07:00
Caleb Doxsey
0bdcaf67a5
update user info in addition to refreshing the token (#1572) 2020-11-03 07:59:01 -07:00
Caleb Doxsey
a85b3b04c1
store raw id token so it can be passed to the logout url (#1543) 2020-10-26 10:20:23 -06:00
Caleb Doxsey
153e438eb6
authorize: implement allowed_idp_claims (#1542) 
* add arbitrary claims to session

* add support for maps

* update flattened claims

* fix eol

* fix trailing whitespace

* fix tests
 2020-10-23 14:05:37 -06:00
Caleb Doxsey
88580cf2fb
auth0: implement identity provider (#1470) 
* auth0: implement identity provider

* add auth0 guide

* fix naming
 2020-09-29 09:06:58 -06:00
Caleb Doxsey
83415ee52f
identity manager: fix directory sync timing (#1455) 2020-09-24 13:23:43 -06:00
Cuong Manh Le
eaf0dd4e67 internal/identity/manager: increase default refresh groups timeout 2020-09-04 23:17:56 +07:00
Cuong Manh Le
5895331768 internal/identity/manager: improve timeout error message 
By pointing user to configuration docs.
 2020-09-04 23:17:56 +07:00