Commit graph

35 commits

Author SHA1 Message Date
Joseph Schorr
07439328a4 Remove user_exists endpoint from all auth systems 2015-06-23 17:33:51 -04:00
Joseph Schorr
de2a64e066 Fix documentation link for JWT auth 2015-06-05 15:21:57 -04:00
Jake Moshenko
2a2414d6af Merge pull request #60 from coreos-inc/jwtauthentication
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Joseph Schorr
c0e995c1d4 Merge branch 'master' into nolurk 2015-06-02 13:55:16 -04:00
Jimmy Zelinskie
5db790bb30 setup-tool: add HSTS info box 2015-05-26 16:05:37 -04:00
Joseph Schorr
5845e37e32 Add Swift storage library 2015-05-26 16:05:21 -04:00
Joseph Schorr
54992c23b7 Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 17:52:44 -04:00
Joseph Schorr
efab02ae47 LDAP improvements:
- Better logging
  - Better error messages
  - Add unit tests
  - Clean up the setup tool for LDAP
2015-05-11 21:23:18 -04:00
Joseph Schorr
65bce31d96 Enable new layout everywhere and fix SCM icons 2015-05-03 16:54:27 -07:00
Joseph Schorr
abe43e758a Make instructions on gitlab setup a bit easier 2015-05-03 12:02:07 -07:00
Joseph Schorr
4f2a1b3734 Add setup UI for the new trigger types (bitbucket and gitlab) and add validation 2015-05-03 11:50:26 -07:00
Joseph Schorr
02bafb1613 Fix language in the config setup tool 2015-03-26 16:31:19 -04:00
Joseph Schorr
aaf1b23e98 Address CL concerns and switch to a real encryption system 2015-03-26 15:10:58 -04:00
Joseph Schorr
e4b659f107 Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords 2015-03-25 18:43:12 -04:00
Joseph Schorr
85d6500daa Merge resistanceisfutile into master 2015-03-23 15:39:08 -04:00
Joseph Schorr
360aa69d92 Fix LDAP error and url handling to be more clear for the end user 2015-03-16 14:33:53 -04:00
Joseph Schorr
4ca5d9b04b Add support for filtering github login by org 2015-03-03 19:58:42 -05:00
Joseph Schorr
258e879d11 Fix default mail sender field in the setup tool 2015-02-25 18:30:38 -05:00
Joseph Schorr
524705b88c Get dashboard working and upgrade bootstrap. Note: the bootstrap fixes will be coming in the followup CL 2015-02-17 19:15:54 -05:00
Joseph Schorr
c8229b9c8a Implement new step-by-step setup 2015-01-23 17:19:15 -05:00
Joseph Schorr
3a3945779d Add checking for localhost in hostname fields. 2015-01-15 14:36:05 -05:00
Joseph Schorr
cc453e7d10 Fix some issues around validation in the config forms 2015-01-14 17:04:02 -05:00
Joseph Schorr
c0c27648ea Clarify where the configuration is saved 2015-01-08 16:16:22 -05:00
Joseph Schorr
65989ac1fb Fix bug where deleting the server hostname removed the entire form 2015-01-08 16:06:20 -05:00
Joseph Schorr
0a82f669ae Require that all form fields marked 'required' are filled out before we allow config validation 2015-01-08 15:58:35 -05:00
Joseph Schorr
bfd273d16f - Make validation a bit nicer:
- Add timeout to the DB validation
  - Make DB validation exception handling a bit nicer
  - Move the DB validation error message

- Fix bug around RADOS config default for Is Secure
- Allow hiding of the validation box
2015-01-08 15:27:49 -05:00
Joseph Schorr
5e0ce4eea9 Add validation of github to the config tool 2015-01-08 13:26:24 -05:00
Joseph Schorr
63504c87fb Get end-to-end configuration setup working, including verification (except for Github, which is in progress) 2015-01-07 16:20:51 -05:00
Joseph Schorr
825455ea6c Get the contacts field partially working 2015-01-05 17:10:01 -05:00
Joseph Schorr
32c0a14d96 Get mapped fields (Github and Redis) working 2015-01-05 15:18:01 -05:00
Joseph Schorr
219730c341 Better config defaults and remove some unneeded code 2015-01-05 13:01:32 -05:00
Joseph Schorr
1bf25f25c1 WIP 2015-01-04 14:38:41 -05:00
Joseph Schorr
77278f0391 Some UI improvements 2014-12-26 19:18:00 -05:00
Joseph Schorr
1142b1bc18 Start on config setup tool. This tool is not yet functional. 2014-12-26 16:54:36 -05:00