gitpod

mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00

Author	SHA1	Message	Date
Robo Quat	d44af7a7e1	update index (#18047 ) Co-authored-by: roboquat <roboquat@users.noreply.github.com>	2023-07-10 18:50:27 +08:00
Manuel Alejandro de Brito Fontes	216f5a4b5d	Address registry-facade dependency issues (#18145 ) * Update IPFS libraries references * Update go modules	2023-07-07 14:26:24 +08:00
Jean Pierre	d57a39dbad	[public-api] Update getWorkspace api response implementation (#17821 ) * Update getWorkspace api response implementation * Only implement recent_folders * Add additional tests	2023-07-06 01:24:22 +08:00
Manuel Alejandro de Brito Fontes	57c605ddc4	Cleanup scrubber go module dependency (#18149 )	2023-07-04 16:37:21 +08:00
Manuel Alejandro de Brito Fontes	e2c416c442	Fix build error undefined: scrubber.TrustedValue (#18134 )	2023-07-03 16:45:20 +08:00
Anton Kosyakov	f580e6bd00	fix SID-285: hook scrubber as logrus formatter (#17781 )	2023-06-29 17:16:47 +08:00
Sven Efftinge	caf26b812d	[server] remove getUserProjects (#18093 )	2023-06-29 16:30:47 +08:00
Pudong	f74ba1cbc3	Add organization id in claims (#17954 ) * add OrganizationId in claims. * Update components/gitpod-protocol/go/gitpod-service.go * fix	2023-06-26 16:37:50 +08:00
Robo Quat	423ce2ffc9	update index (#18010 ) Co-authored-by: roboquat <roboquat@users.noreply.github.com>	2023-06-23 15:34:13 +08:00
Milan Pavlik	fcb8c5f79d	[papi] Extract JWT cookie when extracting creds (#17875 ) * [papi] Extract JWT cookie when extracting creds * fix * fix * fix * Fix * fix * Update components/public-api-server/pkg/auth/middleware.go Co-authored-by: Gero Posmyk-Leinemann <32448529+geropl@users.noreply.github.com> --------- Co-authored-by: Gero Posmyk-Leinemann <32448529+geropl@users.noreply.github.com>	2023-06-14 15:37:04 +08:00
Wouter Verlaek	a18361e5a0	Return and show error when stopping workspace in maintenance mode (#17880 ) * Show error when stopping workspace in maintenance mode * Fix import * Feedback * Fix return * Fix mutate error catch, use try/catch for stopWs	2023-06-12 21:55:03 +08:00
Pudong	4aede056ab	[IDP] set email_verified to false if user is not org-owned user (#17896 ) * set email_verified to false if user is not org-owned user * update test	2023-06-12 18:46:03 +08:00
Robo Quat	b27795e15c	update index (#17856 ) Co-authored-by: roboquat <roboquat@users.noreply.github.com>	2023-06-12 14:29:02 +08:00
Milan Pavlik	9937cd864d	[go] Remove jwtSessions feature flag (#17867 )	2023-06-08 15:29:58 +08:00
Milan Pavlik	b5a34c9b12	[jwt] OIDC Sessions are JWT only WEB-103 (#17839 ) * [jwt] OIDC Sessions are JWT only * Fix	2023-06-06 21:04:57 +08:00
Robo Quat	99e74f600e	update index (#17662 ) Co-authored-by: roboquat <roboquat@users.noreply.github.com>	2023-06-02 15:05:07 +08:00
Pudong	6c44003efa	[idp] periodically persist public key (#17759 ) * [idp] make key id stable * [idp] periodically persist public key * fix * addressed feedback * Update components/public-api-server/pkg/identityprovider/cache.go Co-authored-by: Christian Weichel <chris@gitpod.io> * use option * add test * fix --------- Co-authored-by: Christian Weichel <chris@gitpod.io>	2023-06-02 00:22:06 +08:00
Filip Troníček	624c79f9f7	Respond to `/idp/keys` with JSON (#17789 ) * Set JSON mimetype for `/idp/keys` * Fix typos * Test for header presence * Assert JSON for ` /.well-known/openid-configuration` as well	2023-05-31 14:45:05 +08:00
Jean Pierre	6652c98a1a	Add WorkspaceUpdates method (#17728 ) * Add WorkspaceUpdates method * Replace InstanceUpdates	2023-05-30 23:56:04 +08:00
Milan Pavlik	056ba722f7	[server] Issue JWT cookie in IAM Sessions for OIDC sign-in (#17762 )	2023-05-30 22:54:04 +08:00
Milan Pavlik	321da4322e	[gitpod-db] Rename Go definitions from Teams to Organizations (#17763 ) * [gitpod-db] Rename Go definitions from Teams to Organizations * fix * fix * Fix * fix * Fix	2023-05-30 19:09:04 +08:00
Alex Tugarev	a62aceeb1f	[oidc] Forward errors through /complete-auth endpoint (#17753 )	2023-05-26 22:28:00 +08:00
Alex Tugarev	ae9d418e7c	[papi] Start request should search for single Org with active SSO (#17761 )	2023-05-26 18:16:00 +08:00
Alex Tugarev	c8c4c3bda9	Root out obsolete self-hosted setup (#17729 )	2023-05-25 15:44:59 +08:00
Jean Pierre	2c8852e197	[public-api] Add startWorkspace api (#17682 ) * Add startWorkspace api * Add new scopes to vscode client * Fix * Fix * 💄 Co-authored-by: Milan Pavlik <milan@gitpod.io> --------- Co-authored-by: Milan Pavlik <milan@gitpod.io>	2023-05-25 03:43:58 +08:00
Alex Tugarev	d52ba759ae	Implement deactivation of OIDC client configs – WEB-333 (#17659 ) * [papi] implement deactivation of OIDC client configs * fix: add test for record not found * simplify db.SetClientConfigActiviation	2023-05-22 19:55:56 +08:00
Christian Weichel	36905ac004	[idp] Add email to ID token (#17678 ) * [idp] Add email to ID token * [idp] Claim that the email is verified which is a valid claim because it's verified by the original IDP, and this is not the user-editable value. * Incorporate review feedback	2023-05-19 22:07:53 +08:00
Milan Pavlik	12b2e2d116	[papi] Remove rogue print from PAT tests (#17663 )	2023-05-19 17:17:53 +08:00
Pudong	176393a0c8	Add support to forward https protocol port (#17644 ) * add support to forward https protocol port * Update components/ws-proxy/pkg/proxy/routes.go Co-authored-by: Kyle Brennan <kyle@gitpod.io> --------- Co-authored-by: Kyle Brennan <kyle@gitpod.io>	2023-05-19 15:22:53 +08:00
Alex Tugarev	7952153237	Add `verify` param to OIDC start request – WEB-333 (#17576 ) * [papi] Add `verified` flag to config and `ActivateClientConfig` to OIDC service * [papi] implement `ActivateClientConfig` * [gitpod-db/go] add `setClientConfigVerifiedFlag` * [gitpod-db/migration] add `d_b_oidc_client_config.verified` field * [papi] Don't deactive on UpdateClientConfig * [gitpod-db/go] add missing `Verified` field * On "activate" request also mark as verified. * [gitpod-db/go] fix mapping of `Verified` field * [papi] ensure only verified OIDC client configs can be activated * [papi] Skip the sign-in on verify-only requests. * [papi] fix skipped tests * [papi] fix mapping of OIDC configs * rename RPC method * fix tests after adding validation of claims * fix: activation of record should deactivate others * fix: update should unverify the entry * remove Debug() * [db-migration] fix: mark active entries as verified	2023-05-16 21:09:02 +08:00
Milan Pavlik	89e9ad0075	[sso] Validate Issuer URL + fix trailing slash WEB-345 (#17623 ) * [sso] Fix trailing slash in issuer * fix * fix * fix	2023-05-16 16:08:01 +08:00
Alex Tugarev	02ce06638c	[papi] validate ID token claims – WEB-337 (#17615 ) * [papi] validate ID token claims Some claims (e.g. email, name) are required. While it's defaults with most IdPs, some require manual configuration to make those claims appear in ID tokens. * add test cases	2023-05-16 15:56:01 +08:00
Milan Pavlik	5333826686	[sso] Improve SSO dance logs & user facing error messages WEB-300 (#17570 ) * [sso] Improve SSO dance logs & user facing error messages * Fix	2023-05-15 15:18:00 +08:00
Anton Kosyakov	0ba64e3d3e	[public-api] refine mapping of json rpc error codes (#17591 ) * [public-api] refine mapping of json rpc error codes - map 4xx and 650 codes as invalid argument (client errors) - map 401, 411 related to unauthedicated and permission denied - mapp 429 to resource exhausted * Update errors.go	2023-05-12 16:09:57 +08:00
Sven Efftinge	b7d01a7e25	Disallow deletion of teams (#17538 )	2023-05-10 22:25:55 +08:00
Alex Tugarev	9266c7617c	[papi] select active OIDC config for start request – WEB-316 (#17518 ) * [papi] select active OIDC config for start request * rename GetActiveOIDCClientConfigByOrgSlug * add CreateTeams helper * [papi] Ensure activation of SSO config deactivates previous one * applied PR review comment	2023-05-10 19:56:55 +08:00
Robo Quat	2cd57728ae	update index (#17474 ) Co-authored-by: roboquat <roboquat@users.noreply.github.com>	2023-05-08 18:46:46 +08:00
Sven Efftinge	606e74f6c7	[dashboard] invite link for SSO orgs (#17478 )	2023-05-05 17:59:43 +08:00
Milan Pavlik	c1a5e53134	[oidc] Restrict actions to team owners (#17470 )	2023-05-03 14:20:41 +08:00
Milan Pavlik	4e983b7998	[public-api] Implement UpdateOIDCClientConfig WEB-278 (#17464 ) * [public-api] Implement UpdateOIDCClientConfig * fix * fix * fix * fix * fix * fix	2023-05-02 23:48:40 +08:00
Alex Tugarev	7ef79efd91	[SSO] Use ClientConfigID & Subject as composite key for identities WEB-279 (#17463 ) * [SSO] Use ClientConfigID & Subject as composite key for identities * Add tests for CreateSession	2023-05-02 21:09:40 +08:00
Robo Quat	ae59069ecf	update index (#17443 ) Co-authored-by: roboquat <roboquat@users.noreply.github.com>	2023-05-02 14:37:40 +08:00
Christian Weichel	8ed7b7d8a2	Repersist IDP public key when lost (#17422 ) e.g. because Redis restarted.	2023-05-02 13:54:40 +08:00
Sven Efftinge	cbd56c2592	Frictionless login for dedicated (#17432 )	2023-05-02 02:12:40 +08:00
Alex Tugarev	76c61533a6	[OIDC] Enable mark client config as "active" (#17365 ) * [gitpod-db] Add `d_b_oidc_client_config.active` field * [papi] Add OIDCClientConfig.active to proto def * [gitpod-db] Add OIDCClientConfig.active * [papi] Add `activate` param to `/oidc/start` endpoint handler If provided it should mark the OIDC client config as `active` in the DB. * Fix propagation of state params and add tests. * fix import of deprecated ioutil * refactor GetStartParams * consider `activate` from create request	2023-04-27 21:35:36 +08:00
Manuel Alejandro de Brito Fontes	c407cafe2e	Add new github action to update container images digest (#17349 ) * Add new github action to update container images digest * Add latest tag to dockerfiles * Update .github/workflows/update-image-digest.yml Co-authored-by: Milan Pavlik <milan@gitpod.io> --------- Co-authored-by: Milan Pavlik <milan@gitpod.io>	2023-04-26 21:13:34 +08:00
Milan Pavlik	0dc46c5bcc	[public-api] Measure incoming JWT Sessions - WEB-102 (#17345 ) * retest * retest * [installer] Add cookie name to config * Fix * retest * [installer] Add cookie name to config * [public-api] Measure incoming JWT Sessions * fix * Fix * Fix * fix * retest	2023-04-24 21:34:45 +08:00
Milan Pavlik	d9ccc1d141	[papi] OIDC service signs state with HS256, reusing signing PK - WEB-206 (#17328 ) * [papi] OIDC service signs state with RSA256 * Fix * retest * fix * add test	2023-04-24 17:14:45 +08:00
Milan Pavlik	d069f76edc	[public-api] Refactor JWT Sign/Verify to be reusable for OIDC - WEB-206 (#17327 ) * [public-api] Refactor JWT Sign/Verify to be reusable for OIDC * fix	2023-04-24 15:14:45 +08:00
Milan Pavlik	4f55ce16da	[public-api] JWT Signer & Verifier WEB-101 (#17308 ) * [public-api] JWT Signer & Verifier * upgrade other to v5	2023-04-21 17:32:42 +08:00

1 2 3 4 5 ...

256 Commits