Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] OpenID Connect #1230

Closed
wants to merge 52 commits into from
Closed

[WIP] OpenID Connect #1230

wants to merge 52 commits into from

Conversation

hangy
Copy link
Member

@hangy hangy commented Jun 5, 2018

Add an OpenID Connect server, based on OIDC::Lite.

Can be used to add token based authorization to the API, see #1204

@hangy
WIP Open ID Connect Server based on OIDC::Lite.
36d188d
@hangy
Expose new MongoDB connection via the OIDC Server class.
90af3c6
@hangy
Use params method (Apache/CGI mod_perl?).
f7a0cec
@hangy
Implement AuthInfo using MongoDB.
8078a6e
@hangy
View claims form
1f861d3
@hangy
WIP authorize
eb07258
@hangy
Added WWW::CSRF to user related methods.
b43b279 
Cherry-pick c589869

Conflicts:
	cgi/Users.pm
	cgi/reset_password.pl
@hangy
Mocked Request class
1b6081a
@hangy
WIPFIXES
1c24b71
@hangy
Use CGI::Plus as a built-in CSRF protection.
2d39e7d
@hangy
Use the correct url_param sub instead of param.
bb2b731
@hangy
Removed CGI::Plus. Does not seem to set the cookie correctly in our e…
722ca4c 
…nvirmonment setup.
@hangy
Fix MongoDB insert/id.
8653943
@hangy
Add redirect to client application.
61789c6
@hangy
Use Foundation 6 style for the buttons.
a0dbc92
@hangy
Use MongoDB for OpenID Connect clients, too.
5f4fa47
@hangy
WIP client editing
f372531
@hangy
WIP OpenID Connect Discovery
0f0dacd
@hangy
WIP OpenID Connect userinfo endpoint
d811417
@hangy
Preload OIDC packages on startup.
13264fa 
Fixed userinfo (missing use statement).
Implemented jwks.pl.
Don't redirect from 'accounts' subdomain (to be used as the OpenID Connect Issuer URL).
@hangy
[OIDC] Fix some perl errors.
2378ba4
@hangy
Support OIDC form_post method.
9d5cf25
@hangy
Use content negotiation for the UI language for the 'accounts' subdom…
1e67e70 
…ain.
@hangy
Support OIDC 'ui_locales'?
fd43f40
@hangy
Merge branch 'csrf' into oidc
a74d5ef
@hangy
Check CSRF in OIDC authorize form.
c8ea63d
@hangy
Merge branch 'csrf' into oidc
30d1dbf
@hangy
Merge branch 'master' into oidc
2fa0708
@hangy
Merge branch 'master' into oidc
dfabc18
@hangy
Merge branch 'issue/580-fix-perlcritic-issues' into oidc
083b5f0
@hangy
Merge branch 'fix-some-perl-warnings' into oidc
1a469c2
@hangy
Merge branch 'ssl-subdomains' into oidc
fb98e3f
@hangy
Enable Modern::Perl for OIDC stuff.
08ccb83
@hangy
Fix Perl::Critic::Policy::TestingAndDebugging::RequireUseStrict
d8a7660
@hangy
Merge branch 'issue/580-fix-perlcritic-issues' into oidc
ec5655b
@hangy
Merge remote-tracking branch 'github/master' into oidc
54be17b
@hangy
Merge branch 'master' into oidc
9288507
@hangy
Merge branch 'master' into oidc
7d0c8f3
@hangy
Upgrade some OIDC crypto dependencies.
d383fdb
@hangy
Use alpine based images for some Docker images.
468b721
@hangy
Remove *-git Dockerfiles, unify *base* Dockefiles into -dev.
3adfcad
@hangy
Merge branch 'alpine' into oidc-alpine
b3e75ef
@hangy
Remove HTML::Defang.
8a073e3
@hangy
Merge branch 'no-defang' into alpine
3de4506
@hangy
Dereference scalars for some operations
e931e04 
- http://www.perlmonks.org/?node_id=1190789
- https://stackoverflow.com/a/41192741/11963
@hangy
Merge branch 'dereference-scalars' into alpine
ed78a7e
@hangy
Merge branch 'alpine' into oidc-alpine
fdef941
@hangy
Add OIDC to docker configs.
5ab601d
@hangy
Update copyrights.
6e0c140
@hangy
Add OIDC to docker configs.
af8966f
@hangy
Update copyrights.
eddf3a4
@hangy
Merge branch 'oidc-alpine' into oidc
8ea1bd2
@hangy hangy added the security label Jun 5, 2018
@hangy hangy self-assigned this Jun 5, 2018
@TravisBuddy
Copy link

Hey @hangy,
Your changes look good to me!

@hangy
Copy link
Member Author

hangy commented Jun 19, 2018

I'm ambandoning this approach and the oidc branch. It still segfaults on me (even on several different Linux VMs, Docker images, ...), and the OIDC::Lite module is meant to be integrated as a PSGI middleware, and thus cannot be integrated into the current ProductOpener structure easily.

@hangy hangy closed this Jun 19, 2018
@hangy hangy deleted the oidc branch January 25, 2020 19:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@hangy hangy

Labels
security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hangy @TravisBuddy