Kristoffer Dalby
54cc3c067f
Implement new machine register parameter
2022-02-28 16:34:50 +00:00
Kristoffer Dalby
469551bc5d
Register new machines needing callback in memory
...
This commit stores temporary registration data in cache, instead of
memory allowing us to only have actually registered machines in the
database.
2022-02-28 08:06:39 +00:00
Kristoffer Dalby
fd1e4a1dcd
Generalise registration for openid
2022-02-27 18:42:24 +01:00
Adrien Raffin-Caboisse
046116656b
chore: update formatting
2022-02-23 14:22:21 +01:00
Adrien Raffin-Caboisse
4f1f235a2e
feat: add strip_email_domain to normalization of namespace
2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse
afd4a3706e
chore: update formating
2022-02-22 21:05:39 +01:00
Adrien Raffin-Caboisse
0191ea93ff
feat(oidc): bind email to namespace
2022-02-22 19:59:15 +01:00
Csaba Sarkadi
1a6e5d8770
Add support for multiple IP prefixes
2022-01-16 14:18:22 +01:00
wakeful-cloud
1c7cb98042
Template Fixes
2021-12-22 19:43:53 -07:00
Kristoffer Dalby
59aeaa8476
Ensure we always have the key prefix when needed
2021-11-27 20:25:12 +00:00
Kristoffer Dalby
c38f00fab8
Unmarshal keys in the non-deprecated way
2021-11-26 23:50:42 +00:00
Kristoffer Dalby
cfd53bc4aa
Factor wgkey to types/key
...
This commit converts all the uses of wgkey to the new key interfaces.
It now has specific machine, node and discovery keys and we now should
use them correctly.
Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.
In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
2021-11-26 23:30:42 +00:00
Kristoffer Dalby
021c464148
Add cache for requested expiry times
...
This commit adds a sentral cache to keep track of clients whom has
requested an expiry time, but were we need to keep hold of it until the
second request comes in.
2021-11-22 19:32:52 +00:00
Kristoffer Dalby
e600ead3e9
Make sure nodes can reauthenticate
...
This commit fixes an issue where nodes were not able to reauthenticate.
2021-11-22 19:32:11 +00:00
Kristoffer Dalby
200c10e48c
Add missing return in oidc.go
2021-11-22 17:22:47 +00:00
Kristoffer Dalby
74044f62f4
Remove anouther potential error leak
2021-11-21 21:54:19 +00:00
Kristoffer Dalby
fcd4d94927
Clean up logging and error handling in oidc
...
We should never expose errors via web, it gives attackers a lot of info
(Insert OWASP guide).
Also handle error that didnt separate not found gorm issue and other
errors.
2021-11-21 21:51:39 +00:00
Kristoffer Dalby
9aac1fb255
Remove expiry logic, this needs to be redone
2021-11-19 09:02:29 +00:00
Kristoffer Dalby
106b1e7e8d
Create constants for other reg methods
2021-11-18 17:51:54 +00:00
Kristoffer Dalby
715542ac1c
Add and fix stylecheck (golint replacement)
2021-11-15 17:24:24 +00:00
Kristoffer Dalby
333be80f9c
Fix rest of var name in main code
2021-11-15 16:15:50 +00:00
Kristoffer Dalby
471c0b4993
Initial work eliminating one/two letter variables
2021-11-14 20:32:03 +01:00
Kristoffer Dalby
53ed749f45
Start work on making gocritic pass
2021-11-14 18:44:37 +01:00
Kristoffer Dalby
85f28a3f4a
Remove all instances of undefined numbers (gonmd)
2021-11-14 18:31:51 +01:00
Kristoffer Dalby
796072a5a4
Add and fix ifshort
2021-11-14 18:09:22 +01:00
Kristoffer Dalby
89eb13c6cb
Add and fix nlreturn (new line return)
2021-11-14 16:46:09 +01:00
Kristoffer Dalby
2634215f12
golangci-lint --fix
2021-11-13 08:39:04 +00:00
Kristoffer Dalby
03b7ec62ca
Go format with shorter lines
2021-11-13 08:36:45 +00:00
Kristoffer Dalby
dbe193ad17
Fix up leftovers from kradalby PR
2021-10-19 18:25:59 +01:00
Kristoffer Dalby
677bd9b657
Implement namespace matching
2021-10-18 19:27:52 +00:00
Raal Goff
74e6c1479e
updates from code review
2021-10-10 17:22:42 +08:00
Raal Goff
e407d423d4
updates from code review
2021-10-08 17:43:52 +08:00
unreality
35795c79c3
Handle trailing slash on uris
...
Co-authored-by: Kristoffer Dalby <kradalby@kradalby.no>
2021-10-08 15:26:31 +08:00
Raal Goff
c487591437
use go-oidc instead of verifying and extracting tokens ourselves, rename oidc_endpoint to oidc_issuer to be more inline with spec
2021-10-06 17:19:15 +08:00
Raal Goff
b22a9781a2
fix linter errors, error out if jwt does not contain a key id
2021-09-26 21:12:36 +08:00
Raal Goff
e7a2501fe8
initial work on OIDC (SSO) integration
2021-09-26 16:53:05 +08:00