archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
12,293 Commits 1,231 Branches 1,883 Tags
Commit Graph

28 Commits

Author SHA1 Message Date
Filip Troníček
da1053e101
Make auth cookie stricter (#19973) 
* Use `__Host-` prefix for cookie

* Fix tests

* Remove domain from cookie

* Fix logout

* remove unused fn

* fix user logout properly

* [server] Make domain-only cookie work for GitHub oauth login

... by adding additional step so we can set the cookie for the base domain only

* test: fix by redirecting before callbacl/authorize

* [server] SessionHandler: Allow to login with both primary and secondary cookies

* [server] Clear 2ndary cookie on logout

* Fix filtering cookie values when primary cookie is empty

* Fix logouts

* Fix tests

---------

Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
 2024-07-01 08:53:14 +02:00
Milan Pavlik
f09c35a02d
[installer] Change cookie name (#18958) 
* [installer] Change cookie name

* fix test

* fix
 2023-10-19 17:35:28 +03:00
Laurie T. Malau
4ac15c7ae3
Change issuer identifier address for OIDC (#18693) 
* Change issuer identifier address for OIDC

* Fix test

---------

Co-authored-by: Milan Pavlik <pavlik.mil@gmail.com>
 2023-09-18 10:40:57 +02:00
Milan Pavlik
1cdb7ab142
[installer] Remove OIDC secret from public-api WEB-206 (#17331) 
* Fix

* retest

* [installer] Remove OIDC secret from public-api

* fix

* remove ci secret

* fix
 2023-04-24 20:51:45 +08:00
Milan Pavlik
233ec9457a
[installer] Add JWT cookie opts to config WEB-101 (#17332) 
* retest

* retest

* [installer] Add cookie name to config

* Fix

* fix
 2023-04-24 17:46:45 +08:00
Milan Pavlik
b57424a76f
[jwt] Installer configures expiry & issuer WEB-102 (#17314) 
* [jwt] Installer configures expiry & issuer

* Fix

* Fix

* retest

* Fix

* Fix

* Fix
 2023-04-24 17:07:45 +08:00
Milan Pavlik
0bf91e58fd
[installer] Add key id for each auth keypair - WEB-100 (#17219) 
* [installer] Add key id for each auth keypair

* retest

* fix

* fix
 2023-04-17 18:41:49 +08:00
Milan Pavlik
ac0dbf8c52
[papi] Mount Auth PKI - WEB-101 (#17218) 
* [papi] Mount Auth PKI

* Fix

* Fix test
 2023-04-14 15:39:54 +02:00
Milan Pavlik
41c14a137c
[usage] Add server address to config - WEB-94 (#17094) 
* [usage] Add server address to config

* Fix

* Fix
 2023-04-11 10:42:50 +02:00
Christian Weichel
da4cafd5e5
Gitpod OIDC Identity Provider (#16482) 
* Prototype IDP provider

* [gp cli] Add IDP commands

* [public-api] Remove zitadel based IDP implementation

* [gitpod-cli] Add IDP support for Vault

* [idp] Remove per-org IDP

* [idp] Add key cache and random key IDs

* [idp] Defer GetIDToken authorisation to server

* [idp] Add Redis public key cache

* [gitpod-cli] Hide IDP commands

* [idp] Add key ID to JWT

* [idp] Add unit tests

* [idp] Adress review comments

* [public-api-server] Use logging middleware globally

* [public-api-server] Simplify service registration

* [idp] Add Redis outage resilience
 2023-03-03 17:11:01 +01:00
Alex Tugarev
3ef29bf278 [papi] Add signing secret for JWTs 
Praparation to use with `golang-jwt/jwt`
 2023-01-30 11:15:37 +01:00
Milan Pavlik
17e83b9985 [iam] Remove component 2023-01-23 17:33:31 +01:00
Milan Pavlik
0aad145ad4 [public-api] Bind OIDC HTTP service to Public API 2023-01-23 15:24:30 +01:00
Milan Pavlik
0d5cb6c3ff [installer] Mount database secret to Public API 2023-01-19 10:03:27 +01:00
Alex Tugarev
d5e8899ce5 [intaller] add OIDCServiceAddress to papi config 2023-01-12 12:50:51 +01:00
Andrew Farries
b87f25e94f [public-api] Set GitpodServiceURL to cluster-local 
Use a cluster-local websocket URL to connect to `server`.
 2023-01-10 20:52:50 +01:00
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Milan Pavlik
bc23811665 [installer] Configure personal access token signing key 2022-11-21 17:12:51 -03:00
Milan Pavlik
cc233e41e6 [installer] Deploy Public API without experimental config 2022-11-09 15:30:39 +01:00
Milan Pavlik
2926d142ed [public-api] Make publiic api package match path 2022-11-09 09:42:39 +01:00
Milan Pavlik
f5bbb50df0 [public-api] Parametrize connection URL based on token 2022-11-04 10:14:08 +01:00
Milan Pavlik
7f3e1e4c50 [public-api] Proxy Cookies to downstream for auth 2022-11-04 08:49:08 +01:00
Simon Emms
2f03c004a7 [installer]: explicitly set all host addresses to 0.0.0.0 2022-09-13 12:38:14 +02:00
Milan Pavlik
3037016a2e }}} This is a combination of 2 commits. 
[stripe] Inject stripe-webhook-secret into public-api
 2022-08-26 13:49:11 +02:00
Andrew Farries
d4ad52596f Set BillingServiceAddress in public api configmap 2022-08-10 15:55:56 +02:00
Andrew Farries
d0b7ffcbad Add HTTP port to public api config 2022-08-04 03:36:48 -03:00
Simon Emms
8fad588e6b [installer]: add customization functions to components 2022-06-24 17:02:33 +05:30
Christian Weichel
b7bf69d01e [public-api-server] Harmonise configuration structure 2022-05-25 17:35:39 +05:30