github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-05-06 08:26:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
313 Commits 39 Branches 21 Tags
51db33f8b9447a02e68e7fc7b7af71a2a868f0bb
Commit Graph

106 Commits

Author SHA1 Message Date
Abin Simon
51db33f8b9 Merge pull request #133 from RafayLabs/fix-prompt-access 
Ignore unnecessary error checks
 2022-05-12 18:01:48 +05:30
akshay196-rafay
da1d8c9331 Merge pull request #131 from RafayLabs/oidc-improvements 
OIDC Provider improvements
 2022-05-12 11:29:13 +05:30
Akshay Gaikwad
243c7645b5 Remove file:// from OIDC urls validation 2022-05-12 11:10:56 +05:30
Abin Simon
7e025813d9 Drop unnecessary error checks 2022-05-11 17:17:36 +05:30
Abin Simon
5b5d099abd Improve auth service 2022-05-10 09:28:42 +05:30
Abin Simon
34ff1f6e32 Add auth service 2022-05-09 10:13:05 +05:30
Akshay Gaikwad
a308b59b07 OIdC Provider: Replace new client secret on Update provider request 2022-05-06 13:00:46 +05:30
Akshay Gaikwad
1f1d04ac29 OIdC Provider: Validate Urls 
The mapperUrl, issuerUrl, authUrl and tokenUrl supports file://,
http(s):// and base64:// urls.
 2022-05-06 12:31:19 +05:30
Akshay Gaikwad
38a2dd50cd OIdC Provider: Deny duplicate Issuer Url 
Duplicate email from different provider applications with same issuer
url cause problems.
 2022-05-06 12:09:59 +05:30
Akshay Gaikwad
eb0b7d3ef2 Provision to create new oidc provider with same name that of deleted 
When we soft delete oidc provider entry which we are doing for delete
provider API endpoint, we cannot create new oidc provider entry with a
same name due to unique constraint violation on name. Applying unique
constraint to name,trash will allow to create new oidc provider entry
with a same name, but fail on deleting that entry because it violates
unique constraint. Hence this commit adds unique constraint
to (id,name) combined.
 2022-05-06 11:31:48 +05:30
niravparikh05
cb485e426e removing references to sensitive hash information 2022-05-03 17:19:10 +05:30
niravparikh05
27b2b2f8d9 fixes to callback url and associate default org admin group to role 2022-05-03 13:08:23 +05:30
Abin Simon
7ba4f9e518 Drop broken tests from unused modules 
Dropping broken tests releated to namespaces, gitops and relay peering.
 2022-05-02 15:16:10 +05:30
Abin Simon
e92394080b Fix string formatting in tests 2022-05-02 15:10:37 +05:30
Nirav Parikh
31a89543b0 Merge pull request #125 from RafayLabs/no-restart 
Fix casbin caching issues
 2022-04-29 18:35:46 +05:30
Abin Simon
f9ec22a0ba Invalidate casbin cache after every update 2022-04-29 15:10:36 +05:30
Abin Simon
5c7776b12e Set sentry scheme to http if no scheme available 2022-04-29 15:10:19 +05:30
niravparikh05
13e78d6b07 fixes for cli auth 2022-04-28 21:35:42 +05:30
niravparikh05
e9b9b2b7f4 fixes for oidc config and groups list 2022-04-27 21:39:24 +05:30
niravparikh05
101c005312 fixes for permissions and user group assoc 2022-04-26 19:56:36 +05:30
Abin Simon
2dfbc42717 Drop org and partner restriction in relay audit lookup 2022-04-26 15:29:37 +05:30
Abin Simon
9b7dc9a9a0 Use kratos public url in prompt 2022-04-26 13:29:07 +05:30
Abin Simon
686955a4b4 Fix audit log format 2022-04-26 10:26:15 +05:30
Abin Simon
5c2d211100 Don't add id for actor 
We are dropping all ids from audit log.
 2022-04-26 10:26:15 +05:30
niravparikh05
6cc5864082 fix for get user kubeconfig 2022-04-25 17:59:31 +05:30
niravparikh05
db7be6e26e changes to support prompt 2022-04-25 17:24:08 +05:30
niravparikh05
9e8d767a9e fixes in middleware to set db and few other fixes 2022-04-22 12:13:23 +05:30
Nirav Parikh
a9cd4e842e multiple kratos clients for session validation and identity creation (#114) 
* multiple kratos clients for session validation and identity creation

* fixed review comments

* switching few logs to debug
 2022-04-21 11:52:20 +05:30
Akshay Gaikwad
9d15c3aa15 Remove Kratos scheme variable from auth 
kratos Address var includes scheme, so no need to of separate variable
for a scheme.
 2022-04-19 15:20:35 +05:30
niravparikh05
8883703328 changes to expose system and user grpc clients for prompt 2022-04-15 15:05:17 +05:30
niravparikh05
c99c1c5a7e reverting changes for isGlobal in role resource 2022-04-14 18:36:55 +05:30
Nirav Parikh
a9e72810a5 Merge pull request #104 from RafayLabs/issue_fixes 
issue fixes for cluster delete and adding bootstrap addr to agent config
 2022-04-14 17:08:22 +05:30
niravparikh05
4b6cc8f8fe changes to support cluster proxy config 2022-04-14 17:01:05 +05:30
Abin Simon
309b1a4bda Add warning about DEV mode when calling userinfo 2022-04-14 16:55:48 +05:30
Abin Simon
5d5b097770 Remove is_global column from resourcerole table 2022-04-14 16:55:48 +05:30
Abin Simon
3f43536ad0 Don't panic if user is not available 2022-04-14 16:25:14 +05:30
Abin Simon
5537cf0608 Don't allow users to delete builtin roles 2022-04-14 16:24:44 +05:30
Abin Simon
d89136de65 Don't allow users to update builtin roles 2022-04-14 15:26:18 +05:30
Nirav Parikh
a6268da716 Merge pull request #101 from RafayLabs/authz-next 
Tiny tweaks to authz
 2022-04-13 12:13:18 +05:30
Abin Simon
9190ac81f2 Make UserInfo not require authz 2022-04-13 12:07:51 +05:30
Abin Simon
610a7da953 Fix returning ordering in authenticate 2022-04-12 19:25:05 +05:30
niravparikh05
2be1a80d92 removing leader election 2022-04-12 15:44:43 +05:30
Abin Simon
cf501a2dd8 Tiny little tidy up post authz fixes 2022-04-12 13:51:43 +05:30
niravparikh05
e45547a453 changes to support dev mode testing 2022-04-12 12:37:34 +05:30
sigmabaryon
fbae03741d Fix casbin permissions, add kratos changes 2022-04-12 11:26:52 +05:30
Abin Simon
8768b77698 Take care of a missing TODO 2022-04-11 13:25:34 +05:30
Abin Simon
2b03267d01 Do not print out ids in audit_logs 2022-04-11 13:25:34 +05:30
Abin Simon
853e7debae No need to support org or partner ids in audit logs 
We will add this back in once we have multi-org support in the system.
 2022-04-11 13:25:34 +05:30
Abin Simon
08db221239 Create audit logs for partner and oidc provider 2022-04-08 17:42:26 +05:30
Abin Simon
34c48c5892 Skip org and partner in audit query 2022-04-08 17:42:26 +05:30