Skip to content

feat: add azure oidc PKI auth instead of client secret #9054

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Aug 14, 2023
Merged

feat: add azure oidc PKI auth instead of client secret #9054

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
8ba23b1
feat: add azure oidc PKI auth instead of client secret
Emyrk Aug 11, 2023
c62e548
add client cert and key as deployment options
Emyrk Aug 11, 2023
664895f
add unit test
Emyrk Aug 11, 2023
74f9245
fixup! add unit test
Emyrk Aug 11, 2023
ce39f2d
Refactor code into a method
Emyrk Aug 11, 2023
7346fbf
Custom token refresher to handle pki auth
Emyrk Aug 11, 2023
9c73346
Add unit test for mock e2e
Emyrk Aug 11, 2023
15db163
Add comments
Emyrk Aug 14, 2023
801799f
add little comment about constant 5min
Emyrk Aug 14, 2023
6914619
Fix typo
Emyrk Aug 14, 2023
e6c0a57
Merge remote-tracking branch 'origin/main' into stevenmasley/pki_auth…
Emyrk Aug 14, 2023
cb98e18
update golden files
Emyrk Aug 14, 2023
1479644
Test linting
Emyrk Aug 14, 2023
0f508f5
Add yaml config options
Emyrk Aug 14, 2023
189007f
make gen again...
Emyrk Aug 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
make gen again...
  • Loading branch information
@Emyrk
Emyrk committed Aug 14, 2023
commit 189007f4f02b1f850e5d90b226639f06df56f301
9 changes: 9 additions & 0 deletions cli/testdata/server-config.yaml.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -244,6 +244,15 @@ oidc:
# Client ID to use for Login with OIDC.
# (default: <unset>, type: string)
clientID: ""
# Pem encoded RSA private key to use for oauth2 PKI/JWT authorization. This can be
# used instead of oidc-client-secret if your IDP supports it.
# (default: <unset>, type: string)
oidcClientKeyFile: ""
# Pem encoded certificate file to use for oauth2 PKI/JWT authorization. The public
# certificate that accompanies oidc-client-key-file. A standard x509 certificate
# is expected.
# (default: <unset>, type: string)
oidcClientCertFile: ""
# Email domains that clients logging in with OIDC must match.
# (default: <unset>, type: string-array)
emailDomain: []
Expand Down
2 changes: 2 additions & 0 deletions docs/cli/server.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.