123 Commits

Author SHA1 Message Date
ben-toogood
09ec20fded
runtime: provide credentials to services (#1817)
* runtime: inject credentials into service

* util/auth: self generate accounts (needed for jwt)

* runtime/kubernetes: add logging for creds

* runtime/kubernetes: serialize secret name

* runtime/kubernetes: remove unused code

* runtime/kubernetes: base64 encode secret

* runtime/kubernetes: remove metadata from secret

* util/kubernetes/client: omit empty secret metadata

* util/kubernetes/client: fix secret template

* util/kubernetes/client: fix secrets

* web: update auth util

* util/auth: fix missing arg

* extend token expiry

* extend token expiry
2020-07-10 16:25:46 +01:00
ben-toogood
0a937745cd
auth: pass namespace options in auth service requests (#1800)
* auth: pass namespace options in auth service requests

* auth/service/proto: update field index

Co-authored-by: Asim Aslam <asim@aslam.me>
2020-07-07 08:30:25 +01:00
ben-toogood
2b506b1a2a
auth/service: use address option since router may not be configured (#1734) 2020-06-24 13:47:43 +01:00
ben-toogood
9d3365c4be
auth: rename auth.Namespace to auth.Issuer (#1710) 2020-06-17 12:26:27 +01:00
huanghuan.27@bytedance.com
219d29f664 fix jwt revoke 2020-06-02 10:26:33 +08:00
Ben Toogood
cd283654eb Cache Rules 2020-05-26 15:53:28 +01:00
Ben Toogood
5712cc9c62 Merge master 2020-05-26 15:52:21 +01:00
Ben Toogood
198e942889 Remove redundant test 2020-05-24 20:32:22 +01:00
Ben Toogood
95703e4565 Fixes and improved test coverage 2020-05-24 20:26:37 +01:00
Ben Toogood
7d7f4046e8 Client Cache 2020-05-22 16:52:24 +01:00
Ben Toogood
c800070477 Check for error before loading rules 2020-05-22 14:03:12 +01:00
Ben Toogood
877fe5fb0a Update web wildcard to enable /foo/bar/baz/* to verify /foo/bar/baz 2020-05-22 14:02:02 +01:00
Ben Toogood
dad011cab4 Fix noop issuer bug 2020-05-22 12:40:34 +01:00
Ben Toogood
f939200b34 Improve service auth log 2020-05-22 12:24:37 +01:00
Ben Toogood
9c072a372c Add auth scope constants 2020-05-22 11:37:12 +01:00
Ben Toogood
b2cf501952 Auth Rules tests & bug fixes 2020-05-22 09:31:15 +01:00
Ben Toogood
1fce0f02b6 Verify Namespace 2020-05-21 18:11:35 +01:00
Ben Toogood
12061bd006 Add account issuers 2020-05-21 16:41:55 +01:00
Ben Toogood
856c73b341 Remove roles (replaced with scope) 2020-05-21 14:56:17 +01:00
Ben Toogood
4de19805ba Remove redundant test 2020-05-21 12:33:58 +01:00
Ben Toogood
e876cb917d auth/service support for micro clients (rules from mutltiple namespaces 2020-05-21 12:25:47 +01:00
Ben Toogood
8f5ef012ff Update Rules.Delete proto 2020-05-21 12:07:22 +01:00
Ben Toogood
287992cef3 Fix service => service namespace bug 2020-05-21 11:35:07 +01:00
Ben Toogood
344ce061ce Verify Options 2020-05-20 16:49:52 +01:00
Ben Toogood
5d14970a55 Fix nil account bug 2020-05-20 16:11:34 +01:00
Ben Toogood
f6d9416a9e Add Rule to Auth interface 2020-05-20 11:59:01 +01:00
Ben Toogood
dc10f88c12 Replace auth account.Namespace with account.Scopes 2020-05-19 18:17:17 +01:00
Ben Toogood
4d2de923cd Auth: setup a public rule 2020-05-15 10:24:30 +01:00
Ben Toogood
16af265e8b Seperate JWT refresh / access tokens 2020-05-14 13:56:51 +01:00
Ben Toogood
c220686c29 Fix token bug 2020-05-14 13:30:21 +01:00
Ben Toogood
1b18730d54 Custom micro client 2020-05-14 11:25:19 +01:00
Ben Toogood
5764519f5b Refactor auth to load token outside wrappers 2020-05-14 11:06:22 +01:00
Ben Toogood
57b060bac5 Disable Addresses 2020-05-13 18:49:36 +01:00
Ben Toogood
8ab20f501c Fix merge conflicts 2020-05-13 17:58:03 +01:00
Ben Toogood
366fb228e5 Auth: Set address 2020-05-13 17:54:47 +01:00
Asim Aslam
bba8c254d7
fix auth initialisation (#1630) 2020-05-13 17:35:57 +01:00
Ben Toogood
2299244332 Auth: Load rules if not present 2020-05-13 17:07:46 +01:00
Ben Toogood
efb64b7dbb Pass client to more of the runtime 2020-05-11 17:57:39 +01:00
Ben Toogood
5a8f19589b Auth account.HasRole 2020-05-11 11:34:22 +01:00
Ben Toogood
99f8be5b3d Auth Client Wrapper 2020-04-29 15:11:06 +01:00
Ben Toogood
70736e24c0 Set RefreshToken 2020-04-29 13:33:22 +01:00
ben-toogood
e57b20c1f8
Merge branch 'master' into jwt-auth 2020-04-29 13:22:09 +01:00
Ben Toogood
94971aee77 Complete JWT implementation 2020-04-29 13:21:51 +01:00
Ben Toogood
0ed66d0664 Fix Typo 2020-04-29 09:38:39 +01:00
Ben Toogood
7e27c97c6c Remove Comment 2020-04-29 09:22:15 +01:00
Ben Toogood
669364985e JWT auth implementation 2020-04-29 09:21:17 +01:00
Asim Aslam
8ccbf53dfc secret cookie unused 2020-04-28 18:12:07 +01:00
Asim Aslam
f908110fb6
swap out context access for account (#1589) 2020-04-28 17:35:18 +01:00
Ben Toogood
19f0836e70 Add oauth login hint param 2020-04-21 13:37:26 +01:00
Ben Toogood
fe31a71557 Fix formatting 2020-04-15 11:50:52 +01:00