* upgrade go-jose library to v3
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
* chore: fix unnecessary import alias
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
* upgrade go-jose library to v2 in vault
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
---------
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
* Regexp metacharacter `.` should be escaped when used literally
The paths including `/.well-known/` in the Vault API could currently
technically be invoked with any random character in place of the dot.
* Replace implementation of OpenAPI path translator with regexp AST-based one
* Add changelog
* Typo fix from PR review - thanks!
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Add comment based on review feedback
* Change style of error handling as suggested in code review
* Make a further tweak to the handling of the error case
* Add more tests, testing cases which fail with the previous implementation
* Resolve issue with a test, and improve comment
---------
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* identity/oidc: allow filtering the list providers response by an allowed_client_id
* adds changelog
* adds api documentation
* use identity store view in list provider test
* Add check for OIDC provider to permit a non-exact redirect URI from OIDC client if it is the IPv4 or IPv6 loopback address.
* Update changelog/13871.txt
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
* Update redirectURI check to match that for the OIDC auth method.
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
* add keys path and initial handler
* read provider public keys
* add test cases
* remove some debug logs
* update tests after merging main
* refactor list all clients
* refactor logic to collect Key IDs
* OIDC Provider: implement discovery endpoint
* handle case when provider does not exist
* refactor providerDiscover struct and add scopes_supported
* fix authz endpoint
* initial commit
* add read and delete operations
* fix bug in delete and add list unit test
* func doc typo fix
* add existence check for assignment
* remove locking on the assignment resource
It is not needed at this time.
* convert Callbacks to Operations
- convert Callbacks to Operations
- add test case for update operations
* add CRUD operations and test cases
* add client api and tests
* remove use of oidcCache
* remove use of oidcCache
* add template validation and update tests
* remove usage of oidcCache
* refactor struct and var names
* harmonize test name conventions
* refactor struct and var names
* add changelog and refactor
- add changelog
- be more explicit in the case where we do not recieve a path field
* refactor
be more explicit in the case where a field is not provided
* remove extra period from changelog
* update scope path to be OIDC provider specific
* refactor naming conventions
* update assignment path
* update scope path
* enforce key existence on client creation
* removed unused name field
* removed unused name field
* removed unused name field
* prevent assignment deletion when ref'ed by a client
* enfoce assignment existence on client create/update
* update scope template description
* error when attempting to created scope with openid reserved name
* fix UT failures after requiring assignment existence
* disallow key deletion when ref'ed by existing client
* generate client_id and client_secret on CreateOp
* do not allow key modification on client update
* return client_id and client_secret on read ops
* small refactor
* fix bug in delete assignment op
* remove client secret get call
* initial commit
* add read and delete operations
* fix bug in delete and add list unit test
* func doc typo fix
* add existence check for assignment
* remove locking on the assignment resource
It is not needed at this time.
* convert Callbacks to Operations
- convert Callbacks to Operations
- add test case for update operations
* add CRUD operations and test cases
* remove use of oidcCache
* remove use of oidcCache
* add template validation and update tests
* refactor struct and var names
* harmonize test name conventions
* refactor struct and var names
* add changelog and refactor
- add changelog
- be more explicit in the case where we do not recieve a path field
* refactor
be more explicit in the case where a field is not provided
* remove extra period from changelog
* update scope path to be OIDC provider specific
* update assignment path
* update scope path
* removed unused name field
* removed unused name field
* update scope template description
* error when attempting to created scope with openid reserved name
* initial commit
* add read and delete operations
* fix bug in delete and add list unit test
* func doc typo fix
* add existence check for assignment
* remove locking on the assignment resource
It is not needed at this time.
* convert Callbacks to Operations
- convert Callbacks to Operations
- add test case for update operations
* remove use of oidcCache
* refactor struct and var names
* harmonize test name conventions
* add changelog and refactor
- add changelog
- be more explicit in the case where we do not recieve a path field
* remove extra period from changelog
* update assignment path
* removed unused name field