Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authn jwt refactor v5 #2990

Draft
wants to merge 112 commits into
base: master
Choose a base branch
from
Draft

Authn jwt refactor v5 #2990

wants to merge 112 commits into from

Conversation

jvanderhoof
Copy link
Contributor

Desired Outcome

Please describe the desired outcome for this PR. Said another way, what was
the original request that resulted in these code changes? Feel free to copy
this information from the connected issue.

Implemented Changes

Describe how the desired outcome above has been achieved with this PR. In
particular, consider:

  • What's changed? Why were these changes made?
  • How should the reviewer approach this PR, especially if manual tests are required?
  • Are there relevant screenshots you can add to the PR description?

Connected Issue/Story

Resolves #[relevant GitHub issue(s), e.g. 76]

CyberArk internal issue ID: [insert issue ID]

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be
merged.

Changelog

  • The CHANGELOG has been updated, or
  • This PR does not include user-facing changes and doesn't require a
    CHANGELOG update

Test coverage

  • This PR includes new unit and integration tests to go with the code
    changes, or
  • The changes in this PR do not require tests

Documentation

  • Docs (e.g. READMEs) were updated in this PR
  • A follow-up issue to update official docs has been filed here: [insert issue ID]
  • This PR does not require updating any documentation

Behavior

  • This PR changes product behavior and has been reviewed by a PO, or
  • These changes are part of a larger initiative that will be reviewed later, or
  • No behavior was changed with this PR

Security

  • Security architect has reviewed the changes in this PR,
  • These changes are part of a larger initiative with a separate security review, or
  • There are no security aspects to these changes

jvanderhoof and others added 30 commits June 13, 2023 10:40
@jvanderhoof
Authn-JWT refactor
5fcbf0e 
This commit migrates the existing authn-jwt functionality to the new Strategy/ResolveIdentity architecture.
@jvanderhoof
Interface updates to Authn-OIDC code redirect authentication flow
d035e93 
This commit updates the previously implemented authn-oidc workflow to adhere to the small changes in interface
defined in the authn-jwt refactor
@jvanderhoof
Removes previous authn-jwt code
f6f35d8 
This commit removes the previous authn-jwt implementation and unit tests.
@telday @jvanderhoof
Update test env to use postgres 15
a4354c0
@jvanderhoof
Change from docker-compose to docker compose in scripts
0e7b00d
@gl-johnson @jvanderhoof
Fix changelog for 1.19.5 release
50cbd20
@hdabrowski @jvanderhoof
Moved stash operation after tests to post statement
7e20e26
@gl-johnson @jvanderhoof
Support extracting STS host region from authorization header
9dd839b
@gl-johnson @jvanderhoof
Separate call and retry logic
c11bd8b
@john-odonnell @jvanderhoof
Update CONJ00013E error message to apply to AuthnOIDC V1 and V2
cceea17
@john-odonnell @jvanderhoof
Parallel cukes: support socket connections to parallel Conjur services
6fa60ad
@john-odonnell @jvanderhoof
Dev env fixes
a49e921 
- Fix invalid escape key in CLI script
- Specify single process in start script
@jvanderhoof
Apply a check to run different compose versions
f690530
@andytinkham @jvanderhoof
Remove httpclient private certs
6e3dfa6 
Signed-off-by: Andy Tinkham <[email protected]>
@andytinkham @jvanderhoof
Upgrade rails and webrick to latest versions
42daab3 
Signed-off-by: Andy Tinkham <[email protected]>
@codihuston @jvanderhoof
Add trivyignore for CONJSE-1795
8ee6564
@gl-johnson @jvanderhoof
Add Prometheus scrape target (/metrics) and client store
4776e0f
@john-odonnell @jvanderhoof
Add injectable lib for Pub/Sub mechanics
4d62818 
Pub/Sub lib is injected into the Prometheus controller as the basis
for metric updates and their triggers.
@john-odonnell @jvanderhoof
Reorganize RSpec tests for Monitoring library and update requirements
fa1a45c
@doodlesbykumbi @jvanderhoof
Clean up spec/lib/monitoring imports
42e6c4b 
Remove the 'include Rack::Test::Methods' where it is not needed. Remove importing 'rack/test' since rack seems to be already loaded
@gl-johnson @jvanderhoof
Load telemetry_enabled value in ConjurConfig, add Prometheus initializer
8aa5f9c
@gl-johnson @jvanderhoof
Cleanup exporter tests
3fcdc82
@gl-johnson @jvanderhoof
Add HTTP request collector middleware and metrics helper
562aefb
@gl-johnson @jvanderhoof
Define request metrics, operations, and tests
b22797d
@gl-johnson @jvanderhoof
Update Prometheus initializer and cleanup
e99f782
@gl-johnson @jvanderhoof
Add policy resource metric and pub/sub events
95cdde3
@gl-johnson @jvanderhoof
Add stubs for future throttling of metric updates
3ce082b
@gl-johnson @jvanderhoof
Policy metric tests
5d31202
@gl-johnson @jvanderhoof
Add policy role metric and tests
2fa3d93
@gl-johnson @jvanderhoof
Add authenticator metric and tests
d377685
jvanderhoof and others added 30 commits October 19, 2023 08:57
@jvanderhoof
Allows Policy Factory to detect the correct port
ae885e0 
This fix allows the Policy Factory to work on Open Source as well as Enterprise (Conjur runs on port 5000 in the appliance).
@tarnowsc @jvanderhoof
Use new FIPS base images
c0120ff
@tarnowsc @jvanderhoof
Display fips mode status in the UI, temporary fix for openssl gem
c37b235
@rjurekca @jvanderhoof
Update documentation
fa597fa
@micahlee @jvanderhoof
Update Authn-JWT test for openssl updates
2fb80a0
@tarnowsc @jvanderhoof
Fix codeclimate issue
ca8b22d
@tarnowsc @jvanderhoof
!tmp: pin appliance version
863949b
@marek-jakubowski @jvanderhoof
Revert "!tmp: pin appliance version"
e9c104b 
This reverts commit 8feb9b9.
@tarnowsc @jvanderhoof
clean .trivyignore from issues that are no longer applicable for conjur
12bb5b0
@tarnowsc @jvanderhoof
fix unwanted certs removal
f9eacd0
@jvanderhoof
Allows optional values to optionally be present
ad667e5 
This commit fixes an issue where an error was raised if an optional factory value was not present
in the request body.
@jvanderhoof
Update syntax to remove deprecated behavior
2be4710
@jvanderhoof
Stop Syslog-NG with a Down file
bdaa9a4 
The previous implementation was causing errors to fill up the logs because
Runit couldn't find a key file (which had been deleted).
@jvanderhoof
Adds better logging to enable troubleshooting policy factory loading
8ab23c9
@gl-johnson @jvanderhoof
Update notices.txt and API_VERSION
cdd2422
@gl-johnson @jvanderhoof
Avoid flattening conjur-ubi image
a4ac4a0
@andytinkham @jvanderhoof
Bump google/cloud-sdk to 448.0.0 in tests
adbcb60 
Signed-off-by: Andy Tinkham <[email protected]>
@hughsaunders @jvanderhoof
Install build tools in policy-parser test dockerfile
dd466c2
@telday @jvanderhoof
K8s authenticator now supports no_proxy env var
1cf80ac
@jvanderhoof
Force no_proxy in non-proxy authn_k8s cucumber tests
2b87c5f
@john-odonnell @jvanderhoof
AuthnOIDC V2: write custom certs to non-default directory
e5d76dc
@john-odonnell @jvanderhoof
Fix OpenSSL X509 hash commands
1dbf3b2
@john-odonnell @jvanderhoof
Cukes: remove Keycloak cert from Conjur container
d6bbabc
@john-odonnell @jvanderhoof
Fix CHANGELOG entries for 1.20.1
662b297
@jvanderhoof
Authn-JWT refactor
96bddd0 
This commit migrates the existing authn-jwt functionality to the new Strategy/ResolveIdentity architecture.
@jvanderhoof
Interface updates to Authn-OIDC code redirect authentication flow
433de10 
This commit updates the previously implemented authn-oidc workflow to adhere to the small changes in interface
defined in the authn-jwt refactor
@jvanderhoof
Removes previous authn-jwt code
c458c75 
This commit removes the previous authn-jwt implementation and unit tests.
@jvanderhoof
Initial implementation of Policy Factories
7fdf97e 
This commit includes the functional code and tests for the Policy
Factory feature.
@jvanderhoof
Authn-JWT refactor
db53dc8 
This commit migrates the existing authn-jwt functionality to the new Strategy/ResolveIdentity architecture.
@jvanderhoof
WIP related to authenticator refactor
0be2668
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.