archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
12,390 Commits 1,231 Branches 1,883 Tags
Commit Graph

65 Commits

Author SHA1 Message Date
Huiwen
9719e619be
[IdP] add user_id claim and allow to customize OIDC subject via FF (#19455) 
* [papi] add user_id field to idp token

* [idp] allow to customize claim keys

* fixup update FF

* Update splitor and add more unit tests
 2024-02-22 19:03:03 +02:00
Filip Troníček
112eefcc56
[papi] List editor options (#18530) 
* options.init

* Respond with options

* Move to editor service

* Unused imports

* Mount ot the correct service

* Sort by orderkey

* Simplify enum name

* Add tests

* Options -> `result` for consistency

* fix result field
 2023-08-18 11:19:44 +02:00
Filip Troníček
614007dde5
[papi]: Add GetSuggestedRepoURLs (#18514) 
* [papi]: Add `GetSuggestedRepos`

* Rename method

* req to be consistent

* Move to SCMService

* Remove usr impl

* Add tests

* Revert billing test change

* Revert user changes

* --
 2023-08-15 13:55:41 +02:00
Anton Kosyakov
b3ae12f956
git real time (#18323) 2023-08-03 20:51:28 +08:00
Milan Pavlik
ff4876856c
[server, papi] Track login completed metrics by outcome, type (#18254) 
Co-authored-by: geropl <gero@gitpod.io>
 2023-07-27 20:29:28 +08:00
Milan Pavlik
fcb8c5f79d
[papi] Extract JWT cookie when extracting creds (#17875) 
* [papi] Extract JWT cookie when extracting creds

* fix

* fix

* fix

* Fix

* fix

* Update components/public-api-server/pkg/auth/middleware.go

Co-authored-by: Gero Posmyk-Leinemann <32448529+geropl@users.noreply.github.com>

---------

Co-authored-by: Gero Posmyk-Leinemann <32448529+geropl@users.noreply.github.com>
 2023-06-14 15:37:04 +08:00
Milan Pavlik
9937cd864d
[go] Remove jwtSessions feature flag (#17867) 2023-06-08 15:29:58 +08:00
Pudong
6c44003efa
[idp] periodically persist public key (#17759) 
* [idp] make key id stable

* [idp] periodically persist public key

* fix

* addressed feedback

* Update components/public-api-server/pkg/identityprovider/cache.go

Co-authored-by: Christian Weichel <chris@gitpod.io>

* use option

* add test

* fix

---------

Co-authored-by: Christian Weichel <chris@gitpod.io>
 2023-06-02 00:22:06 +08:00
Milan Pavlik
0dc46c5bcc
[public-api] Measure incoming JWT Sessions - WEB-102 (#17345) 
* retest

* retest

* [installer] Add cookie name to config

* Fix

* retest

* [installer] Add cookie name to config

* [public-api] Measure incoming JWT Sessions

* fix

* Fix

* Fix

* fix

* retest
 2023-04-24 21:34:45 +08:00
Milan Pavlik
d9ccc1d141
[papi] OIDC service signs state with HS256, reusing signing PK - WEB-206 (#17328) 
* [papi] OIDC service signs state with RSA256

* Fix

* retest

* fix

* add test
 2023-04-24 17:14:45 +08:00
Milan Pavlik
d069f76edc
[public-api] Refactor JWT Sign/Verify to be reusable for OIDC - WEB-206 (#17327) 
* [public-api] Refactor JWT Sign/Verify to be reusable for OIDC

* fix
 2023-04-24 15:14:45 +08:00
Milan Pavlik
4f55ce16da
[public-api] JWT Signer & Verifier WEB-101 (#17308) 
* [public-api] JWT Signer & Verifier

* upgrade other to v5
 2023-04-21 17:32:42 +08:00
Milan Pavlik
45cf0d2319
[public-api] Explicit panic handler (#17105) 2023-03-31 10:03:40 +02:00
Christian Weichel
da4cafd5e5
Gitpod OIDC Identity Provider (#16482) 
* Prototype IDP provider

* [gp cli] Add IDP commands

* [public-api] Remove zitadel based IDP implementation

* [gitpod-cli] Add IDP support for Vault

* [idp] Remove per-org IDP

* [idp] Add key cache and random key IDs

* [idp] Defer GetIDToken authorisation to server

* [idp] Add Redis public key cache

* [gitpod-cli] Hide IDP commands

* [idp] Add key ID to JWT

* [idp] Add unit tests

* [idp] Adress review comments

* [public-api-server] Use logging middleware globally

* [public-api-server] Simplify service registration

* [idp] Add Redis outage resilience
 2023-03-03 17:11:01 +01:00
Alex Tugarev
80dc959279 [oidc] encode and validate state params 
Using JWT tokens for encoding/decoding/validation of state params carried throughout the OIDC/OAuth2 flow.

Validating of integrity is crucial, as this piece of information contains the ID of the OIDC client to continue with when Gitpod receives the callback from a 3rd party. Tests should show that expiration time is checked and signature validation is effective.
 2023-02-15 18:55:20 +01:00
Milan Pavlik
0a7ca4c08a Use context to store and populate origin 2023-02-15 15:39:20 +01:00
Alex Tugarev
3ef29bf278 [papi] Add signing secret for JWTs 
Praparation to use with `golang-jwt/jwt`
 2023-01-30 11:15:37 +01:00
Milan Pavlik
17e83b9985 [iam] Remove component 2023-01-23 17:33:31 +01:00
Milan Pavlik
27f1ba0939 [public-api] Move oidc handler package from iam 2023-01-23 15:45:31 +01:00
Milan Pavlik
0aad145ad4 [public-api] Bind OIDC HTTP service to Public API 2023-01-23 15:24:30 +01:00
Milan Pavlik
b984390bfb [oidc] Move create RPC directly to public-api 2023-01-20 15:20:28 +01:00
Milan Pavlik
7012fe2ce3 [oidc] List client configs API implementation 2023-01-19 14:30:27 +01:00
Milan Pavlik
da841d0c1b [public-api] Set proxy connection pool to size 500 2023-01-16 13:47:24 +01:00
Alex Tugarev
ba6ce0ecce [public-api] Implement CreateClientConfig 2023-01-13 17:37:21 +01:00
Milan Pavlik
0309d14721 [gitpod-db] Helper to construct db connection params from env 2022-12-21 10:07:30 -03:00
Gero Posmyk-Leinemann
8a03b3a156 [installer, gitpod-db] Introduce database.ssl.ca 2022-12-15 12:29:24 -03:00
Alex Tugarev
a51c8b662e 🧹 fix typo and copy-paste-error 2022-12-15 09:46:24 -03:00
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Milan Pavlik
114a3bd1b4 [oidc] Add stub RPCs 2022-12-07 05:05:17 -03:00
Milan Pavlik
0d759f7a66 [public-api] Implement ProjectsService.CreateProject 2022-11-23 10:58:53 -03:00
Milan Pavlik
a0a9ddddc5 [public-api] Use personal access token signing key 2022-11-22 07:11:52 -03:00
Laurie T. Malau
ee08e7863c [db] Move db models to gitpod-db/go module 2022-11-21 08:37:50 -03:00
Jean Pierre
cd144de51f Add IDEClientService 2022-11-17 07:07:46 +02:00
Milan Pavlik
728d87011f [public-api] Wire up DB connection 2022-11-16 18:17:46 +02:00
Laurie T. Malau
98e6fe730c [public api] Use tokens feature flag 2022-11-15 14:36:45 +02:00
Jean Pierre
5c8f4c1f32 User service 2022-11-12 11:34:42 +02:00
Laurie T. Malau
2fef159ce4 [public api] Wire up UnimplementedTokensService 2022-11-11 18:25:41 +02:00
Milan Pavlik
2926d142ed [public-api] Make publiic api package match path 2022-11-09 09:42:39 +01:00
Milan Pavlik
4c3007af75 [public-api] Implement experimental TeamsService.CreateTeam 2022-11-01 13:56:06 +01:00
Milan Pavlik
9d1a82446d [public-api] Implement connection pool with LRU cache 2022-10-31 13:59:05 +01:00
Milan Pavlik
2d888a5ded [public-api] Move API definitions to experimental package 2022-10-19 17:23:34 +02:00
Milan Pavlik
063be607c6 [public-api] Add logs interceptor 2022-10-19 11:59:34 +02:00
Milan Pavlik
d6242ed18a [public-api] Remove unimplemented, or no longer needed RPCs 2022-10-19 10:34:34 +02:00
Milan Pavlik
bbc39b9d33 [public-api] Add client/server metrics interceptor 2022-10-19 09:33:34 +02:00
Milan Pavlik
0a476c52e8 [public-api] U Refactor to use connect handlers, route to HTTP server 2022-10-12 12:19:27 +02:00
Milan Pavlik
46d734e482 [public-api] Authentication interceptors for connect API 2022-10-10 16:54:26 +02:00
Milan Pavlik
e836dd4fe3 [public-api] Bind unimplemented WorkspacesServiceHandler using Connect 2022-10-06 16:06:22 +02:00
Milan Pavlik
31f273205f [proxy] Route HTTP 1.x requests to public-api-server 2022-10-05 07:56:20 +02:00
Milan Pavlik
aa6a8ffb0e [public-api] Reeuse metrics registry from baseserver 2022-10-03 13:50:19 +02:00
Milan Pavlik
42224aeee9 [baseserver] Add metric with version of the server, use in public api and usage 2022-09-16 14:20:17 +02:00