archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
9,862 Commits 1,231 Branches 1,883 Tags
Commit Graph

208 Commits

Author SHA1 Message Date
Milan Pavlik
d069f76edc
[public-api] Refactor JWT Sign/Verify to be reusable for OIDC - WEB-206 (#17327) 
* [public-api] Refactor JWT Sign/Verify to be reusable for OIDC

* fix
 2023-04-24 15:14:45 +08:00
Milan Pavlik
4f55ce16da
[public-api] JWT Signer & Verifier WEB-101 (#17308) 
* [public-api] JWT Signer & Verifier

* upgrade other to v5
 2023-04-21 17:32:42 +08:00
Alex Tugarev
d7480d1cd4
[papi] check for OIDC Discovery support (#17268) 2023-04-20 13:51:52 +08:00
Manuel Alejandro de Brito Fontes
891cd5417d
Update k8s dependencies to v0.26.2 (#17211) 
* Update k8s dependencies to v0.26.2

* Update controller-runtime to v0.14.6

* Update cloud storage
 https://github.com/googleapis/google-cloud-go/issues/6857

* Update copy options

* Update wolfi image

* Remove controller-runtime replace directives

* Fix integration tests
 2023-04-18 03:59:49 +08:00
Manuel Alejandro de Brito Fontes
27979c9395
Update go dependencies (#17101) 
* Update go dependencies

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

* Update runc to v1.1.5

* Update docker cli to v23.0.2+incompatible

---------

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
 2023-04-12 10:03:52 +02:00
Milan Pavlik
51d1f65a47
[stripe] Actually call the billing service 🤦 (#17175) 2023-04-12 09:57:51 +02:00
Milan Pavlik
fc1ca336f7
[stripe] Re-use constants for event types (#17161) 2023-04-12 09:20:52 +02:00
Milan Pavlik
e001690ad1
[public-api] Fix panic due to incorrect err ref (#17113) 2023-03-31 13:47:40 +02:00
Milan Pavlik
27083dfab1
Upgrade to connect-go 1.5.2 (#17108) 
* Upgrade to connect-go 1.5.2

* fix
 2023-03-31 13:09:40 +02:00
Milan Pavlik
45cf0d2319
[public-api] Explicit panic handler (#17105) 2023-03-31 10:03:40 +02:00
Alex Tugarev
7ecc196baa
Sign in with SSO (#17055) 
* [experiment] Add "Sign in with SSO" to Login

Reusing existing parts:
 * `/complete-auth` page of Dashbaord to forward results of authN flows running in a modal
 * Adding preliminary UI to the Login view: Org-slug and simple button.

* [gitpod-db] get team/org by slug

* [gitpod-db] fix OIDCClientConfig.OrganizationID field's type

* [oidc] consider returnTo URL

* [oidc] consider orgSlug param from start request

* [oidc] fix oauth2 clientId propagation

* [oidc] fix a flaky test

* [onboarding] skip for organizational accounts

* Move SSO Login UI into it's own component

* adjust validation a bit, add useCallbacks

* adding GetOIDCClientConfigByOrgSlug

* add table name

* removing commented out code

---------

Co-authored-by: Brad Harris <bmharris@gmail.com>
 2023-03-29 15:49:39 +02:00
Milan Pavlik
c0cd571e78
[usage] Add OnChargeDispute rpc definition (#17036) 
* [usage] Add OnChargeDispute rpc definition

* [public-api] Setup handler for charge.dispute.created (#17034)

* [public-api] Setup handler for charge.dispute.created

* fix

* fix

* fix
 2023-03-27 15:59:25 +02:00
Alex Tugarev
275e782341
[Orgs] Persist slug (#16923) 
* [orgs] Persist `slug`

* [Orgs] Make `slug` changeable on Settings page

* update to use input/button components and mutation

* [papi] Re-add Team.slug

---------

Co-authored-by: Brad Harris <bmharris@gmail.com>
 2023-03-24 10:51:16 +01:00
Milan Pavlik
b1ab625626
[public-api] Cleanup logging middleware (#16928) 2023-03-21 10:17:13 +01:00
Brad Harris
ff079b96fa
Org SSO Page updates (#16868) 
* Breaking SSO page into components & react-query

* wrapper component not needed anymore

* position off of bottom instead

* add a heading/subheading for consistency

* add clientside validation

* adding oidcConfig.issuer to api response

* updating test

* minor cleanup
 2023-03-16 21:59:08 +01:00
Milan Pavlik
59e58f96c1
[common-go] Composable log fields (#16860) 
* [common-go] Composable log fields

* add test for compose

* use in public api

* fix

* fix
 2023-03-16 20:57:08 +01:00
Milan Pavlik
59ff034d6f
[public-api] Use context logger (#16686) 
* Fix

* Fix

* Fix

* Fix

* Fix

* [public-api] Use context logger

* fix

* Fix

* fix

* Fix

* fix

* fix

* fix

* fix

* fix

* Fix

* fmt

* fix

* retest
 2023-03-15 13:52:07 +01:00
Milan Pavlik
6291b6ce90
[public-api] List teams concurrently (#16848) 
* [public-api] List teams concurrently

* Fix
 2023-03-15 09:00:07 +01:00
Milan Pavlik
7d8180aae9
[db] Setup go db tracing (#16706) 
* [installer] Do not pull blobserve implementation into installer

* fix

* Fix

* [db] Setup go db tracing

* fix

* Fix

* fix

* Fix
 2023-03-10 09:23:46 +01:00
Milan Pavlik
7b095abbbe
[public-api] Fix GetIDToken test (#16714) 2023-03-07 20:55:05 +01:00
Milan Pavlik
16b4b1e284
[public-api] Correctly map 401 to Unathenticated (#16711) 2023-03-07 17:31:04 +01:00
Christian Weichel
da4cafd5e5
Gitpod OIDC Identity Provider (#16482) 
* Prototype IDP provider

* [gp cli] Add IDP commands

* [public-api] Remove zitadel based IDP implementation

* [gitpod-cli] Add IDP support for Vault

* [idp] Remove per-org IDP

* [idp] Add key cache and random key IDs

* [idp] Defer GetIDToken authorisation to server

* [idp] Add Redis public key cache

* [gitpod-cli] Hide IDP commands

* [idp] Add key ID to JWT

* [idp] Add unit tests

* [idp] Adress review comments

* [public-api-server] Use logging middleware globally

* [public-api-server] Simplify service registration

* [idp] Add Redis outage resilience
 2023-03-03 17:11:01 +01:00
Milan Pavlik
e4e05143e2
[baseserver] Initialize tracer with server (#16586) 
* [baseserver] Initialize tracer with server

* fix

* Fix

* fix
 2023-03-03 14:57:01 +01:00
Alex Tugarev
80dc959279 [oidc] encode and validate state params 
Using JWT tokens for encoding/decoding/validation of state params carried throughout the OIDC/OAuth2 flow.

Validating of integrity is crucial, as this piece of information contains the ID of the OIDC client to continue with when Gitpod receives the callback from a 3rd party. Tests should show that expiration time is checked and signature validation is effective.
 2023-02-15 18:55:20 +01:00
Milan Pavlik
0a7ca4c08a Use context to store and populate origin 2023-02-15 15:39:20 +01:00
Gero Posmyk-Leinemann
1a9094756a [public-api-server] Forward Origin header where provided 2023-02-15 15:39:20 +01:00
Alex Tugarev
f4889ad5e0 [oidc] assertIssuerIsReachable 2023-02-10 08:58:15 +01:00
Milan Pavlik
1dc48fbc23 [teams] Remove slug usage 2023-02-07 07:51:44 +01:00
Gero Posmyk-Leinemann
d2464f6ee8 [server, iam] Attach user to an Organization on OIDC login 2023-02-06 15:10:44 +01:00
Manuel Alejandro de Brito Fontes
bcdde44633 Switch from alpine to wolfi 2023-02-05 12:10:43 +01:00
Alex Tugarev
3ef29bf278 [papi] Add signing secret for JWTs 
Praparation to use with `golang-jwt/jwt`
 2023-01-30 11:15:37 +01:00
Milan Pavlik
17e83b9985 [iam] Remove component 2023-01-23 17:33:31 +01:00
Milan Pavlik
27f1ba0939 [public-api] Move oidc handler package from iam 2023-01-23 15:45:31 +01:00
Milan Pavlik
0aad145ad4 [public-api] Bind OIDC HTTP service to Public API 2023-01-23 15:24:30 +01:00
Milan Pavlik
e5c8da1491 [oidc] Implement Get OIDC Client Config API 2023-01-20 15:53:28 +01:00
Milan Pavlik
b984390bfb [oidc] Move create RPC directly to public-api 2023-01-20 15:20:28 +01:00
Milan Pavlik
72a31730f7 [oidc] Delete OIDC Client Config API 2023-01-20 15:00:28 +01:00
Alex Tugarev
487b7edfde [public-api] re-generate and adjust callsites 2023-01-20 12:11:27 +01:00
Milan Pavlik
7012fe2ce3 [oidc] List client configs API implementation 2023-01-19 14:30:27 +01:00
Milan Pavlik
371de3f842 [public-api] Reduce duplication in validation functions 2023-01-19 09:18:26 +01:00
Milan Pavlik
e3fb86f950 [oidc] Propagate OrganisationID to IAM component 2023-01-19 09:05:26 +01:00
Milan Pavlik
58a06943f6 [papi] Refactor valdiation functions to a file 2023-01-17 11:26:25 +01:00
Milan Pavlik
da841d0c1b [public-api] Set proxy connection pool to size 500 2023-01-16 13:47:24 +01:00
Alex Tugarev
ba6ce0ecce [public-api] Implement CreateClientConfig 2023-01-13 17:37:21 +01:00
Alex Tugarev
1f31c2111d [papi] add iam-api dependency 
go mod tidy
 2023-01-13 17:37:21 +01:00
Jean Pierre
d5e03f248f Handle send error 2023-01-12 08:50:51 +01:00
Andrew Farries
f4bfe9f1a4 [public-api] Strip /api prefix 
When making a ws connection to `server` we no longer need the `/api`
prefix in the URL as that is only valid for requests from outside the
cluster - the `/api` is stripped by proxy in that case.
 2023-01-10 20:52:50 +01:00
Andrew Farries
d92cf9a08c [public-api] Set NoOrigin on connect to server 
Don't set an Origin header on the websocket connection request when
connecting to `server` as the connection is now made from the public api
to server using a cluster-local connection.
 2023-01-10 20:52:50 +01:00
mustard
e82fe80af9 [public-api] add workspaceStatus stream rpc 2023-01-09 10:59:48 +01:00
Milan Pavlik
d04fd19960 [public-api] Implement & Use Delete Workspace RPC 2023-01-04 10:15:43 +01:00