Joseph Schorr
3cd314874f
Add support for defining custom query parameters for OIDC endpoints
...
Fixes https://jira.coreos.com/browse/QUAY-886
2018-04-06 12:48:03 -04:00
Joseph Schorr
c55ad59f1f
Allow admins to configure the login scopes for OIDC login
...
Some OIDC implementations return a larger set of scopes than is necessary, so we allow admins to override.
2017-12-06 15:54:26 -05:00
Joseph Schorr
bc82edb2d1
Add ability to configure OIDC internal auth engine via superuser panel
2017-09-12 12:23:52 -04:00
Joseph Schorr
e724125459
Add support for using OIDC tokens via the Docker CLI
2017-09-12 12:23:22 -04:00
Joseph Schorr
751598056e
Enable support in OIDC for endpoints without user info support
...
The user info endpoint is apparently optional.
2017-08-01 13:24:27 -04:00
Joseph Schorr
0c7bac26b7
Add additional debug logs to OIDC auth to make debugging easier
2017-04-07 11:48:53 -04:00
Joseph Schorr
002972fc2f
Read OIDC issuer from the OIDC discovery document, if present
2017-04-07 11:39:34 -04:00
Joseph Schorr
157640e696
Add config validator for OIDC logins
2017-02-28 16:18:19 -05:00
Joseph Schorr
90b6a534c1
Change verify param in OIDC to read better
2017-01-26 12:00:43 -05:00
Joseph Schorr
a9791ea419
Have external login always make an API request to get the authorization URL
...
This makes the OIDC lookup lazy, ensuring that the rest of the registry and app continues working even if one OIDC provider goes down.
2017-01-23 19:06:19 -05:00
Joseph Schorr
fda203e4d7
Add proper and tested OIDC support on the server
...
Note that this will still not work on the client side; the followup CL for the client side is right after this one.
2017-01-23 17:53:34 -05:00
Joseph Schorr
19f7acf575
Lay foundation for truly dynamic external logins
...
Moves all the external login services into a set of classes that share as much code as possible. These services are then registered on both the client and server, allowing us in the followup change to dynamically register new handlers
2017-01-20 15:21:08 -05:00
