aboutsummaryrefslogtreecommitdiff
path: root/server/auth
AgeCommit message (Collapse)Author
2018-10-21Gitlab auth issue (#79)Kevin Lyda
* Fix the gitlab oauth issue. * Update for gitlab 11.1+ Versions beyond 11.1 (and possibly a few releases before) use a different method for delivering tokens. They also have disabled version 3 of the api. These changes address that and add a debugging mode for the server that make it easier to debug issues like this in the future. * Cleanup of PR. Updated README. Removed code duplication.
2018-08-20Remove authprovider.SessionNiall Sheridan
2018-08-10Add Microsoft auth providerKevin Lyda
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces. Closes #70
2017-04-10update dependenciesNiall Sheridan
2017-02-12Initial pass at prometheus support. (#56)Kevin Lyda
2017-02-11Revert "Remove the oauth_callback_url config option"Niall Sheridan
2017-02-09Remove the oauth_callback_url config optionNiall Sheridan
Infer the redirect url from the request instead
2017-01-25Return a concrete typeNiall Sheridan
2017-01-25Remove newClient function (and calls).Kevin Lyda
2017-01-25Code cleanup.Kevin Lyda
Use ParseBool instead of writing it on own. Use c.newClient(token) to get an http client.
2017-01-25Create a gitlab auth source.Kevin Lyda
Defaults to public gitlab.com, but easily redirected to self-hosted installation.
2017-01-16Update authprovider testsNiall Sheridan
2017-01-15Add more context to errorsNiall Sheridan
2016-07-17Add some handlers testsNiall Sheridan
2016-06-14Update whitelistingNiall Sheridan
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured.
2016-06-14Merge pull request #21 from nsheridan/whitelist_supportMarco Bonetti
Add support for a users whitelist
2016-06-14Add support for a users whitelistMarco Bonetti
2016-06-13Run the linter as part of tests.Niall Sheridan
Fix lint warnings.
2016-06-06Save oauth 'state' identifier in the clientNiall Sheridan
2016-06-02Validate tokens correctlyNiall Sheridan
This switch statement doesn't do what I thought it does
2016-05-28Set expiry time in the github auth packageNiall Sheridan
2016-05-24Don't allow wide-open Google or Github configsPatrick O'Doherty
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set.
2016-04-23Fix commentsNiall Sheridan
2016-04-22Add github oauth provider.Niall Sheridan
2016-04-21Fix testNiall Sheridan
2016-04-21Just make ProviderOpts a map[string]string.Niall Sheridan
I have no idea why I made it a map[string]interface{} and it's a pain to deal with.
2016-04-21Some small fixes.Niall Sheridan
Rename 'GoogleOpts' to 'ProviderOpts'. Rename Principals to AdditionalPrincipals to match the config option.
2016-04-20Add comments.Niall Sheridan
2016-04-20dumb tests for the google auth providerNiall Sheridan
2016-04-20dumb tests for the google auth providerNiall Sheridan
2016-04-18Initial commitNiall Sheridan