synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,259 Commits 363 Branches 234 Tags
3120c94c22ce4c74ebe76c09d55ae496d7bfdbb8
Commit Graph

15 Commits

Author SHA1 Message Date
Mathias Fredriksson
adcf8838d2 fix: Ensure GitHub OAuth2 users are active in organization (#4416) 2022-10-07 19:53:58 +03:00
Steven Masley
9b5ee8f267 feat: Implement (but not enforce) CSRF for FE requests (#3786) 
Future work is to enforce CSRF

Co-authored-by: Presley Pizzo <presley@coder.com>
 2022-09-13 15:26:46 -04:00
Kyle Carberry
e1afec6db4 fix: Optionally consume email_verified if it's provided (#3957) 
This reduces our OIDC requirement claims to only `email`. If `email_verified`
is provided and is `false`, we will block authentication.

Fixes #3954.
 2022-09-08 14:06:00 +00:00
Kyle Carberry
05e2806ff3 feat: Add profile pictures to OAuth users (#3855) 
This supports GitHub and OIDC login for profile pictures!
 2022-09-04 11:44:27 -05:00
Jon Ayers
a7b49788f5 chore: deduplicate OAuth login code (#3575) 2022-08-22 18:13:46 -05:00
Kyle Carberry
b0fe9bcdd1 chore: Upgrade to Go 1.19 (#3617) 
This is required as part of #3505.
 2022-08-21 22:32:53 +00:00
Jon Ayers
c3eea98db0 fix: use unique ID for linked accounts (#3441) 
- move OAuth-related fields off of api_keys into a new user_links table
- restrict users to single form of login
- process updates to user email/usernames for OIDC
- added a login_type column to users
 2022-08-17 18:00:53 -05:00
Kyle Carberry
c3f946737c fix: Strip session_token cookie from app proxy requests (#3528) 
Fixes coder/security#1.
 2022-08-17 17:09:45 +00:00
Mathias Fredriksson
ccf6f4e7ed chore: Use contexts with timeout in coderd tests (#3381) 2022-08-09 20:17:00 +03:00
Kyle Carberry
3d0febdd90 feat: Add OIDC authentication (#3314) 
* feat: Add OIDC authentication

* Extract username into a separate package and add OIDC tests

* Add test case for invalid tokens

* Add test case for username as email

* Add OIDC to the frontend

* Improve comments from self-review

* Add authentication docs

* Add telemetry

* Update docs/install/auth.md

Co-authored-by: Ammar Bandukwala <ammar@ammar.io>

* Update docs/install/auth.md

Co-authored-by: Ammar Bandukwala <ammar@ammar.io>

* Remove username package

Co-authored-by: Ammar Bandukwala <ammar@ammar.io>
 2022-07-31 23:05:35 -05:00
Kyle Carberry
fd4954b4e5 fix: Use membership endpoint to ensure user exists in team (#3129) 
This was using the incorrect GitHub endpoint prior, which fetched a team
by slug. Any user in a GitHub organization can view all teams, so this
didn't block signups like intended.

I've verified this API returns an error when the calling user is not a
member  of the team requested.

Fixes #3105.
 2022-07-22 13:54:08 -05:00
Kyle Carberry
8b76e40629 fix: Fetch GitHub teams by name for performance (#2955) 
In large organizations with thousands of teams, looping took >5s.
This fetches organizations by team name, which should be very fast!
 2022-07-13 00:45:43 +00:00
Kyle Carberry
dff6e97f83 feat: Add allowlist of GitHub teams for OAuth (#2849) 
Fixes #2848.
 2022-07-08 21:37:18 -05:00
Kyle Carberry
23e5636dd0 fix: Use verified and primary email for GitHub signup (#1230) 
This was causing a panic due to nil pointer dereference.
It required all users signing up had a public email,
which is an unreasonable requirement!
 2022-04-29 15:13:35 -05:00
Kyle Carberry
7496c3da81 feat: Add GitHub OAuth (#1050) 
* Initial oauth

* Add Github authentication

* Add AuthMethods endpoint

* Add frontend

* Rename basic authentication to password

* Add flags for configuring GitHub auth

* Remove name from API keys

* Fix authmethods in test

* Add stories and display auth methods error
 2022-04-23 22:58:57 +00:00