github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-05-08 17:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
491 Commits 39 Branches 21 Tags
cfa532c321b7062eb5ca8dfd22b0fe211de6fa4d
Commit Graph

50 Commits

Author SHA1 Message Date
Akshay Gaikwad
f3a02470bd Add DSN env variable to Initialize script 
This include:
- Added DSN variable in initialize script.
- Fixes a dbDSN mistake in main.go file. And set default value to
dbDSN variable.

Signed-off-by: Akshay Gaikwad <akgaikwad001@gmail.com>
 2022-08-09 10:04:22 +05:30
Vivek Hiwarkar
06ec05ce42 Allow DSN env variable for database connection (#52) 2022-08-08 16:42:14 +05:30
Akshay Gaikwad
7d4001589a Fix default Kratos public and admin urls 
This resolved forbidden issue on userinfo endpoint.
 2022-06-16 15:15:40 +05:30
Nirav Parikh
7d04220d3a fixes for cli config download 2022-06-15 12:37:50 +05:30
Akshay Gaikwad
f8f20535d1 Update images to dockerhub registry 2022-06-13 10:56:09 +05:30
Nirav Parikh
da6f02bbbc Merge pull request #164 from paralus/rename-to-paralus 
Rename code to paralus
 2022-06-10 13:36:06 +05:30
Abin Simon
5274a5861c Add audit log for kubeconfig revoke 2022-06-10 09:04:26 +05:30
Abin Simon
4a38e1ee9a Drop unecessary logging now that dev flag is remvoved for auth 2022-06-10 09:04:26 +05:30
Akshay Gaikwad
664beb4383 Replace rafay with paralus 2022-06-09 13:42:27 +05:30
Akshay Gaikwad
0ee494cc97 Rename rcloud, Rafay references 2022-06-08 18:41:32 +05:30
Akshay Gaikwad
b67fcacf87 Rename go module name and its usage 2022-06-08 17:21:22 +05:30
Akshay Gaikwad
5206ce8d27 Set dev to false by default 
- Set dev to false by default.
- Add auth even when dev is true.
 2022-06-08 12:05:53 +05:30
niravparikh05
8ab85e57c9 changes to support namespaces 2022-05-23 12:42:51 +05:30
Abin Simon
6e2d7bb7b1 Update audit default prefix 2022-05-20 10:29:34 +05:30
Abin Simon
ed93614e97 Enable grpc reflection if using dev 2022-05-20 10:29:34 +05:30
Abin Simon
0d6269bf4e Add groups to audit logs 2022-05-20 10:29:34 +05:30
Akshay Gaikwad
5e7fc110b2 Add IdP groups in Identities table 
The idp_groups is list of groups IdP user belongs to that is returning
in the OIdC providers token response. The flow of Idp Group mapping is
as follows:
    OIdC Provider (OP) return custom claim with groups in a token when
    authentication event
        |
    The value of custom claim is mapped to `idp_groups` of identity
    traint using JsonNet mapper.
        |
    On inserting/updating/deleting `identities` table, Postgresql
    sends a pg_notification with
    `PG_OPERATION,IDENTITY_ID,IDENTITY_TRAIN` as a payload.
       |
    The `pkg/service/user.UserService.UpdateIdpUserGroupPolicy` update
    the casbin policies for each notification based on payload received.
 2022-05-12 12:32:30 +05:30
Abin Simon
34ff1f6e32 Add auth service 2022-05-09 10:13:05 +05:30
niravparikh05
13e78d6b07 fixes for cli auth 2022-04-28 21:35:42 +05:30
niravparikh05
e9b9b2b7f4 fixes for oidc config and groups list 2022-04-27 21:39:24 +05:30
Abin Simon
426368014b Enable audit info server for use in relay-tail 2022-04-26 15:29:26 +05:30
Abin Simon
686955a4b4 Fix audit log format 2022-04-26 10:26:15 +05:30
niravparikh05
db7be6e26e changes to support prompt 2022-04-25 17:24:08 +05:30
Nirav Parikh
a9cd4e842e multiple kratos clients for session validation and identity creation (#114) 
* multiple kratos clients for session validation and identity creation

* fixed review comments

* switching few logs to debug
 2022-04-21 11:52:20 +05:30
niravparikh05
e7d436a232 issue fixes for cluster delete and adding bootstrap addr to agent config 2022-04-14 13:10:38 +05:30
Nirav Parikh
a6268da716 Merge pull request #101 from RafayLabs/authz-next 
Tiny tweaks to authz
 2022-04-13 12:13:18 +05:30
Abin Simon
9190ac81f2 Make UserInfo not require authz 2022-04-13 12:07:51 +05:30
niravparikh05
2be1a80d92 removing leader election 2022-04-12 15:44:43 +05:30
niravparikh05
e45547a453 changes to support dev mode testing 2022-04-12 12:37:34 +05:30
nirav-rafay
2ea4e264e5 Merge branch 'main' into system-audit 2022-04-11 17:29:55 +05:30
niravparikh05
ea79bbb13d retrying for kratos to be up during init and possible fix for leaderelection issue 2022-04-11 17:18:45 +05:30
Abin Simon
0ebb1a1339 Add audit log write 
https://blog.sandipb.net/2018/05/03/using-zap-creating-custom-loggers/
 2022-04-08 17:42:26 +05:30
niravparikh05
d626f402bb default dev mode 2022-04-06 15:30:33 +05:30
niravparikh05
aac445114d excluding bootstrap registration from authn 2022-04-06 15:27:51 +05:30
nirav-rafay
639ff1da30 addressed review comments, changes for custom roles and sso users 2022-04-04 11:41:58 +05:30
nirav-rafay
ce9063e990 rebasing with fixes for ui 2022-04-01 12:03:42 +05:30
Akshay Gaikwad
5de4ba9765 Add two constructors for authContext 
This includes:
- SetupAuthContext:  Setups authContext with new authContext fields.
- NewAuthContext: Create AuthContext with using authContext fields
from caller function.
 2022-03-30 13:00:35 +05:30
Akshay Gaikwad
c972e26d93 Update Auth constructor function and middleware 
Auth constructor should handle creation of Kratos, database,
ApiKeyService itself for benefit to other dependent modules/repos. The
Prompt module does not need db instance hence it should not pass db
parameter when initializing Auth context and middleware.

Signed-off-by: Akshay Gaikwad <akshay.gaikwad@rafay.co>
 2022-03-30 12:16:42 +05:30
Abin Simon
fb4fa3781c Rename RafaySystems to RafayLabs 2022-03-24 12:42:59 +05:30
Abin Simon
78a0b0c625 Rearrage some files to cleanup file structure 2022-03-24 12:40:45 +05:30
nirav-rafay
dbfc2b3928 Merge pull request #39 from RafaySystems/casbin-url-mappings 
Add support for mapping permission names to urls when creating the roles
 2022-03-21 12:09:13 +05:30
Abin Simon
df810ab45a Convert from dao interface to funcs 
This was done inorder to support transactions which will be done in
the next PR. This is the first step towards that.
 2022-03-16 17:10:32 +05:30
Akshay Gaikwad
9f260950af Drop KRATOS_SCHEME env var 2022-03-15 10:22:09 +05:30
Akshay Gaikwad
b0d2df72f4 Clean up env variables 
- Removed unnecessary env vars.
- Add all env vars to env.example file.
 2022-03-14 15:13:28 +05:30
nirav-rafay
d469315bad changes for cli config download, apikey services and cli auth verify (#55) 2022-03-11 20:06:55 +05:30
akshay196-rafay
5429bf4493 Add Docker compose file (#49) 
* Add DB_ADDR to env vars list
* Add Dockerfile and docker-compose
* Remove go.mod from _kratos dir and clean go.mod of root dir
* Run Kratos docker-compose quickstart from root dir
* Add gomigrate to docker-compose
* Bump docker-composen version to 3.7
* Add Kratos services in the single docker compose file
Removed Kratos quickstart files and merge all setup required for
rcloud-base in the kratos-compose.yml file located in the root of the
repo.
* Add elasticsearch in docker-compose
* Allow es to not be available in when in dev mode
* Change default ES endpoint

Co-authored-by: Abin Simon <abin.simon@rafay.co>
 2022-03-11 17:28:16 +05:30
abin-rafay
0e9be5e589 Audit engine query endpoints (#43) 2022-03-08 16:44:41 +05:30
akshay196-rafay
7938f30668 Update IdP and OIDC Provider (#40) 
* Update creating oidc provider

* Validate partner and organization by checking in db tables.

* Validate empty scopes

* Fix oidc provider update

* Fix application Host url in ACS URL of Idp
 2022-03-07 19:06:57 +05:30
shrey-rafay
bfaeb4831d Add support for mapping permission names to urls when creating the roles 2022-03-04 16:24:06 +05:30
nirav-rafay
c66bdc25cd restructure rcloud-base as a single base controller (#37) 
* restructure rcloud-base as a single base controller
* updated master.rest
* moved sentry from internal to pkg as it is used by relay
* removing unused rpc and it's dependencies
* Fix usermgmt tests
* Don't redefine variables in rest file
Co-authored-by: Abin Simon <abin.simon@rafay.co>
 2022-03-03 17:59:06 +05:30