modules/fm-orchestrator
1
0
Fork 0
mirror of https://pagure.io/fm-orchestrator.git synced 2026-04-14 03:49:46 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
957 Commits 4 Branches 137 Tags
6ff2c19b60cef6a5a91605e56c908c5a5f06a54d
Commit Graph

18 Commits

Author SHA1 Message Date
Jan Kaluza
0dbc1f8205 Handle None returned by _get_token_info 2017-02-21 09:24:36 +01:00
Ralph Bean
43ebe6d943 Merge #343 Use an authorization header instead of cookie for OIDC authn. 2017-02-21 02:13:30 +00:00
Ralph Bean
64fb5e9a1d Be nice. Kill whitespace. 2017-02-20 21:12:30 -05:00
Ralph Bean
1bd421e9c2 Merge #340 allow to explicitly disable client authentication 2017-02-21 02:09:48 +00:00
Matt Jia
143effcd15 Error out if OIDC_CLIENT_SECRETS is not set in server config 2017-02-21 11:08:42 +10:00
Matt Jia
be65a0ff81 allow to explicitly disable client authentication 2017-02-21 11:08:37 +10:00
Ralph Bean
61b7b6f47d Use an authorization header instead of cookie for oidc token. 
Fixes #330.
 2017-02-20 13:12:00 -05:00
Ralph Bean
0dec5f2d3c Remove unused import. 2017-02-20 13:07:27 -05:00
Ralph Bean
ef14008927 Split this string, at @puiterwijk's suggestion. 2017-02-20 08:41:36 -05:00
Ralph Bean
54770cdc23 Check that our required OIDC scopes are present. 2017-02-17 10:55:37 -05:00
Matt Prahl
b30a6a8e05 Merge #322 Use requests instead of httplib2 in auth.py 2017-02-17 00:27:42 +00:00
Jakub Kadlčík
47924a2688 Use requests instead of httplib2 2017-02-16 21:52:24 +01:00
Ralph Bean
30daab024e Handle odd response from OIDC UserInfo. 
By surprise, ipsilon handed me back a response with no groups one time.
Not sure why.  But logging here can hopefully help us catch it next
time.
 2017-02-16 14:28:43 -05:00
Ralph Bean
2887e71b29 Mark these functions as "private". 2017-02-10 15:53:36 -05:00
Ralph Bean
88aca055ce Replace query to FAS with OIDC groups scope check. 
This removes our query to FAS and fixes #304.

It is more flexible too, where we can now configure production to only
allow in members of the `modularity-wg` group, and then later open it up
to all packagers after F26 is out (as was agreed with FESCo).

In the process of working on this, I discovered that #305 is not
necessary.  We don't need our own scope; we can just use the `groups`
scope as done here.
 2017-02-10 15:50:41 -05:00
Jan Kaluza
8b3244405f Make the OIDC error messages more verbose and include non-secret client-secrets.json 2016-12-05 11:40:00 +01:00
Jan Kaluza
8cb4e0de5d Use OIDC to auth the users, replace submit-build.sh by submit-build.py which does hackish way of OIDC just to test things. 2016-12-02 14:52:04 +01:00
Matt Prahl
b4082dc551 Rename module from rida to module_build_service 
Rename routes from /rida/1/module-builds/ to /module-build-service/1/module-builds/
 2016-10-24 10:30:23 -04:00