archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
9,325 Commits 1,231 Branches 1,883 Tags
Commit Graph

185 Commits

Author SHA1 Message Date
Alex Tugarev
80dc959279 [oidc] encode and validate state params 
Using JWT tokens for encoding/decoding/validation of state params carried throughout the OIDC/OAuth2 flow.

Validating of integrity is crucial, as this piece of information contains the ID of the OIDC client to continue with when Gitpod receives the callback from a 3rd party. Tests should show that expiration time is checked and signature validation is effective.
 2023-02-15 18:55:20 +01:00
Milan Pavlik
0a7ca4c08a Use context to store and populate origin 2023-02-15 15:39:20 +01:00
Gero Posmyk-Leinemann
1a9094756a [public-api-server] Forward Origin header where provided 2023-02-15 15:39:20 +01:00
Alex Tugarev
f4889ad5e0 [oidc] assertIssuerIsReachable 2023-02-10 08:58:15 +01:00
Milan Pavlik
1dc48fbc23 [teams] Remove slug usage 2023-02-07 07:51:44 +01:00
Gero Posmyk-Leinemann
d2464f6ee8 [server, iam] Attach user to an Organization on OIDC login 2023-02-06 15:10:44 +01:00
Manuel Alejandro de Brito Fontes
bcdde44633 Switch from alpine to wolfi 2023-02-05 12:10:43 +01:00
Alex Tugarev
3ef29bf278 [papi] Add signing secret for JWTs 
Praparation to use with `golang-jwt/jwt`
 2023-01-30 11:15:37 +01:00
Milan Pavlik
17e83b9985 [iam] Remove component 2023-01-23 17:33:31 +01:00
Milan Pavlik
27f1ba0939 [public-api] Move oidc handler package from iam 2023-01-23 15:45:31 +01:00
Milan Pavlik
0aad145ad4 [public-api] Bind OIDC HTTP service to Public API 2023-01-23 15:24:30 +01:00
Milan Pavlik
e5c8da1491 [oidc] Implement Get OIDC Client Config API 2023-01-20 15:53:28 +01:00
Milan Pavlik
b984390bfb [oidc] Move create RPC directly to public-api 2023-01-20 15:20:28 +01:00
Milan Pavlik
72a31730f7 [oidc] Delete OIDC Client Config API 2023-01-20 15:00:28 +01:00
Alex Tugarev
487b7edfde [public-api] re-generate and adjust callsites 2023-01-20 12:11:27 +01:00
Milan Pavlik
7012fe2ce3 [oidc] List client configs API implementation 2023-01-19 14:30:27 +01:00
Milan Pavlik
371de3f842 [public-api] Reduce duplication in validation functions 2023-01-19 09:18:26 +01:00
Milan Pavlik
e3fb86f950 [oidc] Propagate OrganisationID to IAM component 2023-01-19 09:05:26 +01:00
Milan Pavlik
58a06943f6 [papi] Refactor valdiation functions to a file 2023-01-17 11:26:25 +01:00
Milan Pavlik
da841d0c1b [public-api] Set proxy connection pool to size 500 2023-01-16 13:47:24 +01:00
Alex Tugarev
ba6ce0ecce [public-api] Implement CreateClientConfig 2023-01-13 17:37:21 +01:00
Alex Tugarev
1f31c2111d [papi] add iam-api dependency 
go mod tidy
 2023-01-13 17:37:21 +01:00
Jean Pierre
d5e03f248f Handle send error 2023-01-12 08:50:51 +01:00
Andrew Farries
f4bfe9f1a4 [public-api] Strip /api prefix 
When making a ws connection to `server` we no longer need the `/api`
prefix in the URL as that is only valid for requests from outside the
cluster - the `/api` is stripped by proxy in that case.
 2023-01-10 20:52:50 +01:00
Andrew Farries
d92cf9a08c [public-api] Set NoOrigin on connect to server 
Don't set an Origin header on the websocket connection request when
connecting to `server` as the connection is now made from the public api
to server using a cluster-local connection.
 2023-01-10 20:52:50 +01:00
mustard
e82fe80af9 [public-api] add workspaceStatus stream rpc 2023-01-09 10:59:48 +01:00
Milan Pavlik
d04fd19960 [public-api] Implement & Use Delete Workspace RPC 2023-01-04 10:15:43 +01:00
Milan Pavlik
f8fd16eea9 [public-api] Implement StopWorkspace 2023-01-03 09:58:43 +01:00
Milan Pavlik
0309d14721 [gitpod-db] Helper to construct db connection params from env 2022-12-21 10:07:30 -03:00
Milan Pavlik
874a6b5511 [public-api] Validate Workspace ID is a UUID 2022-12-20 13:34:29 -03:00
Gero Posmyk-Leinemann
8a03b3a156 [installer, gitpod-db] Introduce database.ssl.ca 2022-12-15 12:29:24 -03:00
Alex Tugarev
a51c8b662e 🧹 fix typo and copy-paste-error 2022-12-15 09:46:24 -03:00
Milan Pavlik
e47f2d5718 [public-api] Handle context cancelled as deadline exceeded error 2022-12-13 05:32:22 -03:00
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Jean Pierre
3c4b6676ee [public-api] implement public api methods for supervisor 
Co-authored-by: mustard <mhqnwt@gmail.com>
Co-authored-by: Anton Kosyakov <anton@gitpod.io>
Co-authored-by: Jean Pierre <jeanp413@hotmail.com>
Co-authored-by: iQQBot <tianshi8650@gmail.com>
 2022-12-08 12:45:18 -03:00
Milan Pavlik
4fe78b14b5 [public-api] Implement ProjectsService.DeleteProject 2022-12-08 12:01:19 -03:00
Milan Pavlik
114a3bd1b4 [oidc] Add stub RPCs 2022-12-07 05:05:17 -03:00
Milan Pavlik
e5dd0238e9 [pat] API allows update which does not change any data 2022-12-01 13:42:00 -03:00
Milan Pavlik
99db58e2a4 [pat] Fix NotFound error handling 2022-11-30 12:53:59 -03:00
Milan Pavlik
7b7bb5fb1f [pat] Remove handling log message 2022-11-30 11:15:59 -03:00
Milan Pavlik
1bcdf0ebd5 [pat] Store hash as sha256 instead of bcrypt 2022-11-28 14:51:57 -03:00
Milan Pavlik
4ebb30d4d9 [pat] Store hash as sha256 instead of bcrypt 2022-11-28 14:51:57 -03:00
Milan Pavlik
5642845022 [pat] Update Personal Access Token 2022-11-25 05:47:54 -03:00
Milan Pavlik
fbe70ea109 [public-api] Implement ProjectsService.ListProjects 2022-11-24 07:12:53 -03:00
Milan Pavlik
7ef62ba4a2 [pat] Validate and enforce scopes for PATs 2022-11-24 06:22:53 -03:00
Milan Pavlik
2ce9d02743 [pat] Validate PAT name 2022-11-24 05:57:53 -03:00
Milan Pavlik
64ed64a428 [pat] Remove description field 2022-11-24 05:19:53 -03:00
Milan Pavlik
10ede9c983 [pat] Check personal access tokens enabled fafeature flag against teams 2022-11-24 04:56:53 -03:00
Jean Pierre
d70072131d [public-api] delete personal access token 
Co-authored-by: Milan Pavlik <milan@gitpod.io>
Co-authored-by: mustard <huiwen@gitpod.io>
 2022-11-23 12:11:53 -03:00
Milan Pavlik
0d759f7a66 [public-api] Implement ProjectsService.CreateProject 2022-11-23 10:58:53 -03:00