vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
8405 commits 2 branches 62 tags 205 MiB
Commit graph

13 commits

Author SHA1 Message Date
Joseph Schorr
22a39c3007 Fix bug with missing & in authorization URL for OIDC 
Also adds testing to ensure we don't break this again
 2018-05-15 14:52:00 -04:00
Joseph Schorr
3cd314874f Add support for defining custom query parameters for OIDC endpoints 
Fixes https://jira.coreos.com/browse/QUAY-886
 2018-04-06 12:48:03 -04:00
Joseph Schorr
c55ad59f1f Allow admins to configure the login scopes for OIDC login 
Some OIDC implementations return a larger set of scopes than is necessary, so we allow admins to override.
 2017-12-06 15:54:26 -05:00
Joseph Schorr
bc82edb2d1 Add ability to configure OIDC internal auth engine via superuser panel 2017-09-12 12:23:52 -04:00
Joseph Schorr
e724125459 Add support for using OIDC tokens via the Docker CLI 2017-09-12 12:23:22 -04:00
Joseph Schorr
751598056e Enable support in OIDC for endpoints without user info support 
The user info endpoint is apparently optional.
 2017-08-01 13:24:27 -04:00
Joseph Schorr
0c7bac26b7 Add additional debug logs to OIDC auth to make debugging easier 2017-04-07 11:48:53 -04:00
Joseph Schorr
002972fc2f Read OIDC issuer from the OIDC discovery document, if present 2017-04-07 11:39:34 -04:00
Joseph Schorr
157640e696 Add config validator for OIDC logins 2017-02-28 16:18:19 -05:00
Joseph Schorr
90b6a534c1 Change verify param in OIDC to read better 2017-01-26 12:00:43 -05:00
Joseph Schorr
a9791ea419 Have external login always make an API request to get the authorization URL 
This makes the OIDC lookup lazy, ensuring that the rest of the registry and app continues working even if one OIDC provider goes down.
 2017-01-23 19:06:19 -05:00
Joseph Schorr
fda203e4d7 Add proper and tested OIDC support on the server 
Note that this will still not work on the client side; the followup CL for the client side is right after this one.
 2017-01-23 17:53:34 -05:00
Joseph Schorr
19f7acf575 Lay foundation for truly dynamic external logins 
Moves all the external login services into a set of classes that share as much code as possible. These services are then registered on both the client and server, allowing us in the followup change to dynamically register new handlers
 2017-01-20 15:21:08 -05:00