archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
9,876 Commits 1,231 Branches 1,883 Tags
Commit Graph

57 Commits

Author SHA1 Message Date
Milan Pavlik
0dc46c5bcc
[public-api] Measure incoming JWT Sessions - WEB-102 (#17345) 
* retest

* retest

* [installer] Add cookie name to config

* Fix

* retest

* [installer] Add cookie name to config

* [public-api] Measure incoming JWT Sessions

* fix

* Fix

* Fix

* fix

* retest
 2023-04-24 21:34:45 +08:00
Milan Pavlik
d9ccc1d141
[papi] OIDC service signs state with HS256, reusing signing PK - WEB-206 (#17328) 
* [papi] OIDC service signs state with RSA256

* Fix

* retest

* fix

* add test
 2023-04-24 17:14:45 +08:00
Milan Pavlik
d069f76edc
[public-api] Refactor JWT Sign/Verify to be reusable for OIDC - WEB-206 (#17327) 
* [public-api] Refactor JWT Sign/Verify to be reusable for OIDC

* fix
 2023-04-24 15:14:45 +08:00
Milan Pavlik
4f55ce16da
[public-api] JWT Signer & Verifier WEB-101 (#17308) 
* [public-api] JWT Signer & Verifier

* upgrade other to v5
 2023-04-21 17:32:42 +08:00
Milan Pavlik
45cf0d2319
[public-api] Explicit panic handler (#17105) 2023-03-31 10:03:40 +02:00
Christian Weichel
da4cafd5e5
Gitpod OIDC Identity Provider (#16482) 
* Prototype IDP provider

* [gp cli] Add IDP commands

* [public-api] Remove zitadel based IDP implementation

* [gitpod-cli] Add IDP support for Vault

* [idp] Remove per-org IDP

* [idp] Add key cache and random key IDs

* [idp] Defer GetIDToken authorisation to server

* [idp] Add Redis public key cache

* [gitpod-cli] Hide IDP commands

* [idp] Add key ID to JWT

* [idp] Add unit tests

* [idp] Adress review comments

* [public-api-server] Use logging middleware globally

* [public-api-server] Simplify service registration

* [idp] Add Redis outage resilience
 2023-03-03 17:11:01 +01:00
Alex Tugarev
80dc959279 [oidc] encode and validate state params 
Using JWT tokens for encoding/decoding/validation of state params carried throughout the OIDC/OAuth2 flow.

Validating of integrity is crucial, as this piece of information contains the ID of the OIDC client to continue with when Gitpod receives the callback from a 3rd party. Tests should show that expiration time is checked and signature validation is effective.
 2023-02-15 18:55:20 +01:00
Milan Pavlik
0a7ca4c08a Use context to store and populate origin 2023-02-15 15:39:20 +01:00
Alex Tugarev
3ef29bf278 [papi] Add signing secret for JWTs 
Praparation to use with `golang-jwt/jwt`
 2023-01-30 11:15:37 +01:00
Milan Pavlik
17e83b9985 [iam] Remove component 2023-01-23 17:33:31 +01:00
Milan Pavlik
27f1ba0939 [public-api] Move oidc handler package from iam 2023-01-23 15:45:31 +01:00
Milan Pavlik
0aad145ad4 [public-api] Bind OIDC HTTP service to Public API 2023-01-23 15:24:30 +01:00
Milan Pavlik
b984390bfb [oidc] Move create RPC directly to public-api 2023-01-20 15:20:28 +01:00
Milan Pavlik
7012fe2ce3 [oidc] List client configs API implementation 2023-01-19 14:30:27 +01:00
Milan Pavlik
da841d0c1b [public-api] Set proxy connection pool to size 500 2023-01-16 13:47:24 +01:00
Alex Tugarev
ba6ce0ecce [public-api] Implement CreateClientConfig 2023-01-13 17:37:21 +01:00
Milan Pavlik
0309d14721 [gitpod-db] Helper to construct db connection params from env 2022-12-21 10:07:30 -03:00
Gero Posmyk-Leinemann
8a03b3a156 [installer, gitpod-db] Introduce database.ssl.ca 2022-12-15 12:29:24 -03:00
Alex Tugarev
a51c8b662e 🧹 fix typo and copy-paste-error 2022-12-15 09:46:24 -03:00
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Milan Pavlik
114a3bd1b4 [oidc] Add stub RPCs 2022-12-07 05:05:17 -03:00
Milan Pavlik
0d759f7a66 [public-api] Implement ProjectsService.CreateProject 2022-11-23 10:58:53 -03:00
Milan Pavlik
a0a9ddddc5 [public-api] Use personal access token signing key 2022-11-22 07:11:52 -03:00
Laurie T. Malau
ee08e7863c [db] Move db models to gitpod-db/go module 2022-11-21 08:37:50 -03:00
Jean Pierre
cd144de51f Add IDEClientService 2022-11-17 07:07:46 +02:00
Milan Pavlik
728d87011f [public-api] Wire up DB connection 2022-11-16 18:17:46 +02:00
Laurie T. Malau
98e6fe730c [public api] Use tokens feature flag 2022-11-15 14:36:45 +02:00
Jean Pierre
5c8f4c1f32 User service 2022-11-12 11:34:42 +02:00
Laurie T. Malau
2fef159ce4 [public api] Wire up UnimplementedTokensService 2022-11-11 18:25:41 +02:00
Milan Pavlik
2926d142ed [public-api] Make publiic api package match path 2022-11-09 09:42:39 +01:00
Milan Pavlik
4c3007af75 [public-api] Implement experimental TeamsService.CreateTeam 2022-11-01 13:56:06 +01:00
Milan Pavlik
9d1a82446d [public-api] Implement connection pool with LRU cache 2022-10-31 13:59:05 +01:00
Milan Pavlik
2d888a5ded [public-api] Move API definitions to experimental package 2022-10-19 17:23:34 +02:00
Milan Pavlik
063be607c6 [public-api] Add logs interceptor 2022-10-19 11:59:34 +02:00
Milan Pavlik
d6242ed18a [public-api] Remove unimplemented, or no longer needed RPCs 2022-10-19 10:34:34 +02:00
Milan Pavlik
bbc39b9d33 [public-api] Add client/server metrics interceptor 2022-10-19 09:33:34 +02:00
Milan Pavlik
0a476c52e8 [public-api] U Refactor to use connect handlers, route to HTTP server 2022-10-12 12:19:27 +02:00
Milan Pavlik
46d734e482 [public-api] Authentication interceptors for connect API 2022-10-10 16:54:26 +02:00
Milan Pavlik
e836dd4fe3 [public-api] Bind unimplemented WorkspacesServiceHandler using Connect 2022-10-06 16:06:22 +02:00
Milan Pavlik
31f273205f [proxy] Route HTTP 1.x requests to public-api-server 2022-10-05 07:56:20 +02:00
Milan Pavlik
aa6a8ffb0e [public-api] Reeuse metrics registry from baseserver 2022-10-03 13:50:19 +02:00
Milan Pavlik
42224aeee9 [baseserver] Add metric with version of the server, use in public api and usage 2022-09-16 14:20:17 +02:00
Milan Pavlik
c2b7421628 Fix stripe secret parsing 2022-08-30 10:58:14 +02:00
Milan Pavlik
40ab42e18a [public-api] Validate incoming stripe webhooks 2022-08-29 13:58:14 +02:00
Andrew Farries
2d2f3e8b24 Make webhook use billingservice client 
Construct and pass a billingservice client to the Stripe webhook so that
it can invoke the `FinalizeInvoice` RPC when the webhook is triggered.
 2022-08-10 15:55:56 +02:00
Andrew Farries
a9958a0ffa Add Stripe webhook to public api server 2022-08-02 09:26:46 -03:00
Andrew Farries
c83333fc3a Add usage-api component 
Add Placeholder .proto files and script to generate Go client/server
SDKs.

Adapted from the `public-api` component.
 2022-07-08 16:25:55 +05:30
Christian Weichel
b7bf69d01e [public-api-server] Harmonise configuration structure 2022-05-25 17:35:39 +05:30
Milan Pavlik
49e3d1e82d [public-api] Do not use localhost as address, not reachable in k8s 2022-05-18 18:50:33 +05:30
Christian Weichel
d2384ea29e [baseserver] Make consuing ServerConfiguration easier 2022-05-16 13:23:31 +05:30