synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,128 Commits 363 Branches 234 Tags
d3a56ae3eff91dae166857844bbedf736266585f
Commit Graph

126 Commits

Author SHA1 Message Date
Kyle Carberry
618c6dcaa4 fix: Allow OIDC with the username as email (#4594) 
Fixes #4472.
 2022-10-17 14:14:49 -05:00
Kyle Carberry
574e5d37c7 fix: Remove case sensitivity check in OIDC email domain (#4534) 
Fixes #4533.
 2022-10-13 15:51:54 +00:00
Mathias Fredriksson
adcf8838d2 fix: Ensure GitHub OAuth2 users are active in organization (#4416) 2022-10-07 19:53:58 +03:00
Dean Sheather
6deef06ad2 feat: secure and cross-domain subdomain-based proxying (#4136) 
Co-authored-by: Kyle Carberry <kyle@carberry.com>
 2022-09-22 22:30:32 +00:00
Colin Adler
5de6f86959 feat: trace httpapi.{Read,Write} (#4134) 2022-09-21 17:07:00 -05:00
Colin Adler
5e2efb68f1 feat: add SCIM provisioning via Okta (#4132) 
Co-authored-by: Ben Potter <ben@coder.com>
 2022-09-20 15:16:26 -05:00
Steven Masley
9ab437d6e2 feat: Add serving applications on subdomains and port-based proxying (#3753) 
Co-authored-by: Dean Sheather <dean@deansheather.com>
 2022-09-14 03:31:33 +10:00
Kyle Carberry
57c7fcf27f fix: Ignore deleted users when signing up with OAuth (#4036) 
This prevented a deleted user from signing up again when they
were already linked with a previous account.
 2022-09-13 07:33:35 -05:00
Kyle Carberry
e1afec6db4 fix: Optionally consume email_verified if it's provided (#3957) 
This reduces our OIDC requirement claims to only `email`. If `email_verified`
is provided and is `false`, we will block authentication.

Fixes #3954.
 2022-09-08 14:06:00 +00:00
Jon Ayers
ad24404018 fix: fix creating users with wrong login type (#3929) 2022-09-07 10:37:15 -05:00
Kyle Carberry
05e2806ff3 feat: Add profile pictures to OAuth users (#3855) 
This supports GitHub and OIDC login for profile pictures!
 2022-09-04 11:44:27 -05:00
Jon Ayers
a7b49788f5 chore: deduplicate OAuth login code (#3575) 2022-08-22 18:13:46 -05:00
Jon Ayers
f6b0835982 fix: avoid processing updates to usernames (#3571) 
- With the support of OIDC we began processing updates to a user's
  email and username to stay in sync with the upstream provider. This
  can cause issues in templates that use the user's username as a stable
  identifier, potentially causing the deletion of user's home volumes.
- Fix some faulty error wrapping.
 2022-08-18 17:56:17 -05:00
Jon Ayers
380022fe63 fix: update oauth token on each login (#3542) 2022-08-17 23:06:03 -05:00
Jon Ayers
c3eea98db0 fix: use unique ID for linked accounts (#3441) 
- move OAuth-related fields off of api_keys into a new user_links table
- restrict users to single form of login
- process updates to user email/usernames for OIDC
- added a login_type column to users
 2022-08-17 18:00:53 -05:00
Kyle Carberry
3d0febdd90 feat: Add OIDC authentication (#3314) 
* feat: Add OIDC authentication

* Extract username into a separate package and add OIDC tests

* Add test case for invalid tokens

* Add test case for username as email

* Add OIDC to the frontend

* Improve comments from self-review

* Add authentication docs

* Add telemetry

* Update docs/install/auth.md

Co-authored-by: Ammar Bandukwala <ammar@ammar.io>

* Update docs/install/auth.md

Co-authored-by: Ammar Bandukwala <ammar@ammar.io>

* Remove username package

Co-authored-by: Ammar Bandukwala <ammar@ammar.io>
 2022-07-31 23:05:35 -05:00
Kyle Carberry
fd4954b4e5 fix: Use membership endpoint to ensure user exists in team (#3129) 
This was using the incorrect GitHub endpoint prior, which fetched a team
by slug. Any user in a GitHub organization can view all teams, so this
didn't block signups like intended.

I've verified this API returns an error when the calling user is not a
member  of the team requested.

Fixes #3105.
 2022-07-22 13:54:08 -05:00
Kyle Carberry
8b76e40629 fix: Fetch GitHub teams by name for performance (#2955) 
In large organizations with thousands of teams, looping took >5s.
This fetches organizations by team name, which should be very fast!
 2022-07-13 00:45:43 +00:00
Jon Ayers
7e9819f2a8 ref: move httpapi.Reponse into codersdk (#2954) 2022-07-12 19:15:02 -05:00
Kyle Carberry
dff6e97f83 feat: Add allowlist of GitHub teams for OAuth (#2849) 
Fixes #2848.
 2022-07-08 21:37:18 -05:00
Steven Masley
af401e3fe1 chore: Linter rule for properly formatted api errors (#2123) 
* chore: Linter rule for properly formatted api errors
* Add omitempty to 'Detail' field
 2022-06-07 14:33:06 +00:00
Steven Masley
c9a4642a12 chore: Update BE http errors to be ui friendly (#1994) 
* chore: More UI friendly errors

Mainly capitlization + messages prefix error
 2022-06-03 21:48:09 +00:00
Kyle Carberry
31b819e83f chore: Remove interface from coderd and lift API surface (#1772) 
Abstracting coderd into an interface added misdirection because
the interface was never intended to be fulfilled outside of a single
implementation.

This lifts the abstraction, and attaches all handlers to a root struct
named `*coderd.API`.
 2022-05-26 03:14:08 +00:00
Colin Adler
97a95f1377 chore: upgrade golangci-lint to v1.46.0 (#1373) 2022-05-10 16:04:23 -05:00
Kyle Carberry
23e5636dd0 fix: Use verified and primary email for GitHub signup (#1230) 
This was causing a panic due to nil pointer dereference.
It required all users signing up had a public email,
which is an unreasonable requirement!
 2022-04-29 15:13:35 -05:00
Kyle Carberry
7496c3da81 feat: Add GitHub OAuth (#1050) 
* Initial oauth

* Add Github authentication

* Add AuthMethods endpoint

* Add frontend

* Rename basic authentication to password

* Add flags for configuring GitHub auth

* Remove name from API keys

* Fix authmethods in test

* Add stories and display auth methods error
 2022-04-23 22:58:57 +00:00