commit
01f7bf73a0
@ -281,7 +281,7 @@ func (m *DeleteClientResp) GetNotFound() bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientReq is a request to update an exisitng client.
|
// UpdateClientReq is a request to update an existing client.
|
||||||
type UpdateClientReq struct {
|
type UpdateClientReq struct {
|
||||||
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
|
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
|
||||||
RedirectUris []string `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
|
RedirectUris []string `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
|
||||||
@ -353,7 +353,7 @@ func (m *UpdateClientReq) GetLogoUrl() string {
|
|||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientResp returns the reponse form updating a client.
|
// UpdateClientResp returns the response from updating a client.
|
||||||
type UpdateClientResp struct {
|
type UpdateClientResp struct {
|
||||||
NotFound bool `protobuf:"varint,1,opt,name=not_found,json=notFound,proto3" json:"not_found,omitempty"`
|
NotFound bool `protobuf:"varint,1,opt,name=not_found,json=notFound,proto3" json:"not_found,omitempty"`
|
||||||
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
||||||
|
@ -36,7 +36,7 @@ message DeleteClientResp {
|
|||||||
bool not_found = 1;
|
bool not_found = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientReq is a request to update an exisitng client.
|
// UpdateClientReq is a request to update an existing client.
|
||||||
message UpdateClientReq {
|
message UpdateClientReq {
|
||||||
string id = 1;
|
string id = 1;
|
||||||
repeated string redirect_uris = 2;
|
repeated string redirect_uris = 2;
|
||||||
@ -45,7 +45,7 @@ message UpdateClientReq {
|
|||||||
string logo_url = 5;
|
string logo_url = 5;
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientResp returns the reponse form updating a client.
|
// UpdateClientResp returns the response from updating a client.
|
||||||
message UpdateClientResp {
|
message UpdateClientResp {
|
||||||
bool not_found = 1;
|
bool not_found = 1;
|
||||||
}
|
}
|
||||||
|
@ -281,7 +281,7 @@ func (m *DeleteClientResp) GetNotFound() bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientReq is a request to update an exisitng client.
|
// UpdateClientReq is a request to update an existing client.
|
||||||
type UpdateClientReq struct {
|
type UpdateClientReq struct {
|
||||||
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
|
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
|
||||||
RedirectUris []string `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
|
RedirectUris []string `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
|
||||||
@ -353,7 +353,7 @@ func (m *UpdateClientReq) GetLogoUrl() string {
|
|||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientResp returns the reponse form updating a client.
|
// UpdateClientResp returns the response from updating a client.
|
||||||
type UpdateClientResp struct {
|
type UpdateClientResp struct {
|
||||||
NotFound bool `protobuf:"varint,1,opt,name=not_found,json=notFound,proto3" json:"not_found,omitempty"`
|
NotFound bool `protobuf:"varint,1,opt,name=not_found,json=notFound,proto3" json:"not_found,omitempty"`
|
||||||
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
XXX_NoUnkeyedLiteral struct{} `json:"-"`
|
||||||
|
@ -36,7 +36,7 @@ message DeleteClientResp {
|
|||||||
bool not_found = 1;
|
bool not_found = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientReq is a request to update an exisitng client.
|
// UpdateClientReq is a request to update an existing client.
|
||||||
message UpdateClientReq {
|
message UpdateClientReq {
|
||||||
string id = 1;
|
string id = 1;
|
||||||
repeated string redirect_uris = 2;
|
repeated string redirect_uris = 2;
|
||||||
@ -45,7 +45,7 @@ message UpdateClientReq {
|
|||||||
string logo_url = 5;
|
string logo_url = 5;
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdateClientResp returns the reponse form updating a client.
|
// UpdateClientResp returns the response from updating a client.
|
||||||
message UpdateClientResp {
|
message UpdateClientResp {
|
||||||
bool not_found = 1;
|
bool not_found = 1;
|
||||||
}
|
}
|
||||||
|
@ -29,7 +29,7 @@ import (
|
|||||||
// # The following field is required if using port 389.
|
// # The following field is required if using port 389.
|
||||||
// # insecureNoSSL: true
|
// # insecureNoSSL: true
|
||||||
// rootCA: /etc/dex/ldap.ca
|
// rootCA: /etc/dex/ldap.ca
|
||||||
// bindDN: uid=seviceaccount,cn=users,dc=example,dc=com
|
// bindDN: uid=serviceaccount,cn=users,dc=example,dc=com
|
||||||
// bindPW: password
|
// bindPW: password
|
||||||
// userSearch:
|
// userSearch:
|
||||||
// # Would translate to the query "(&(objectClass=person)(uid=<username>))"
|
// # Would translate to the query "(&(objectClass=person)(uid=<username>))"
|
||||||
|
@ -204,7 +204,7 @@ func (c *microsoftConnector) HandleCallback(s connector.Scopes, r *http.Request)
|
|||||||
|
|
||||||
type tokenNotifyFunc func(*oauth2.Token) error
|
type tokenNotifyFunc func(*oauth2.Token) error
|
||||||
|
|
||||||
// notifyRefreshTokenSource is essentially `oauth2.ResuseTokenSource` with `TokenNotifyFunc` added.
|
// notifyRefreshTokenSource is essentially `oauth2.ReuseTokenSource` with `TokenNotifyFunc` added.
|
||||||
type notifyRefreshTokenSource struct {
|
type notifyRefreshTokenSource struct {
|
||||||
new oauth2.TokenSource
|
new oauth2.TokenSource
|
||||||
mu sync.Mutex // guards t
|
mu sync.Mutex // guards t
|
||||||
|
@ -38,7 +38,7 @@ type Config struct {
|
|||||||
// If this field is nonempty, only users from a listed domain will be allowed to log in
|
// If this field is nonempty, only users from a listed domain will be allowed to log in
|
||||||
HostedDomains []string `json:"hostedDomains"`
|
HostedDomains []string `json:"hostedDomains"`
|
||||||
|
|
||||||
// Override the value of email_verifed to true in the returned claims
|
// Override the value of email_verified to true in the returned claims
|
||||||
InsecureSkipEmailVerified bool `json:"insecureSkipEmailVerified"`
|
InsecureSkipEmailVerified bool `json:"insecureSkipEmailVerified"`
|
||||||
|
|
||||||
// InsecureEnableGroups enables groups claims. This is disabled by default until https://github.com/dexidp/dex/issues/1065 is resolved
|
// InsecureEnableGroups enables groups claims. This is disabled by default until https://github.com/dexidp/dex/issues/1065 is resolved
|
||||||
|
@ -452,7 +452,7 @@ func (p *provider) HandlePOST(s connector.Scopes, samlResponse, inResponseTo str
|
|||||||
}
|
}
|
||||||
|
|
||||||
// validateStatus verifies that the response has a good status code or
|
// validateStatus verifies that the response has a good status code or
|
||||||
// formats a human readble error based on the bad status.
|
// formats a human readable error based on the bad status.
|
||||||
func (p *provider) validateStatus(status *status) error {
|
func (p *provider) validateStatus(status *status) error {
|
||||||
// StatusCode is mandatory in the Status type
|
// StatusCode is mandatory in the Status type
|
||||||
statusCode := status.StatusCode
|
statusCode := status.StatusCode
|
||||||
@ -480,7 +480,7 @@ func (p *provider) validateStatus(status *status) error {
|
|||||||
// see https://www.oasis-open.org/committees/download.php/35389/sstc-saml-profiles-errata-2.0-wd-06-diff.pdf
|
// see https://www.oasis-open.org/committees/download.php/35389/sstc-saml-profiles-errata-2.0-wd-06-diff.pdf
|
||||||
//
|
//
|
||||||
// Some of these fields are optional, but we're going to be strict here since
|
// Some of these fields are optional, but we're going to be strict here since
|
||||||
// we have no other way of guarenteeing that this is actually the response to
|
// we have no other way of guaranteeing that this is actually the response to
|
||||||
// the request we expect.
|
// the request we expect.
|
||||||
func (p *provider) validateSubject(subject *subject, inResponseTo string) error {
|
func (p *provider) validateSubject(subject *subject, inResponseTo string) error {
|
||||||
// Optional according to the spec, but again, we're going to be strict here.
|
// Optional according to the spec, but again, we're going to be strict here.
|
||||||
|
@ -562,7 +562,7 @@ func runVerify(t *testing.T, ca string, resp string, shouldSucceed bool) {
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if !shouldSucceed {
|
if !shouldSucceed {
|
||||||
t.Fatalf("expected an invalid signatrue but verification has been successful")
|
t.Fatalf("expected an invalid signature but verification has been successful")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -23,7 +23,7 @@ import (
|
|||||||
type apiClient struct {
|
type apiClient struct {
|
||||||
// Embedded gRPC client to talk to the server.
|
// Embedded gRPC client to talk to the server.
|
||||||
api.DexClient
|
api.DexClient
|
||||||
// Close releases resources associated with this client, includuing shutting
|
// Close releases resources associated with this client, including shutting
|
||||||
// down the background server.
|
// down the background server.
|
||||||
Close func()
|
Close func()
|
||||||
}
|
}
|
||||||
@ -226,7 +226,7 @@ func TestCheckCost(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Attempts to list and revoke an exisiting refresh token.
|
// Attempts to list and revoke an existing refresh token.
|
||||||
func TestRefreshToken(t *testing.T) {
|
func TestRefreshToken(t *testing.T) {
|
||||||
logger := &logrus.Logger{
|
logger := &logrus.Logger{
|
||||||
Out: os.Stderr,
|
Out: os.Stderr,
|
||||||
|
@ -855,7 +855,7 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
|
|||||||
s.writeAccessToken(w, tokenResponse)
|
s.writeAccessToken(w, tokenResponse)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) exchangeAuthCode(w http.ResponseWriter, authCode storage.AuthCode, client storage.Client) (*accessTokenReponse, error) {
|
func (s *Server) exchangeAuthCode(w http.ResponseWriter, authCode storage.AuthCode, client storage.Client) (*accessTokenResponse, error) {
|
||||||
accessToken, err := s.newAccessToken(client.ID, authCode.Claims, authCode.Scopes, authCode.Nonce, authCode.ConnectorID)
|
accessToken, err := s.newAccessToken(client.ID, authCode.Claims, authCode.Scopes, authCode.Nonce, authCode.ConnectorID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Errorf("failed to create new access token: %v", err)
|
s.logger.Errorf("failed to create new access token: %v", err)
|
||||||
@ -1449,7 +1449,7 @@ func (s *Server) handlePasswordGrant(w http.ResponseWriter, r *http.Request, cli
|
|||||||
s.writeAccessToken(w, resp)
|
s.writeAccessToken(w, resp)
|
||||||
}
|
}
|
||||||
|
|
||||||
type accessTokenReponse struct {
|
type accessTokenResponse struct {
|
||||||
AccessToken string `json:"access_token"`
|
AccessToken string `json:"access_token"`
|
||||||
TokenType string `json:"token_type"`
|
TokenType string `json:"token_type"`
|
||||||
ExpiresIn int `json:"expires_in"`
|
ExpiresIn int `json:"expires_in"`
|
||||||
@ -1457,8 +1457,8 @@ type accessTokenReponse struct {
|
|||||||
IDToken string `json:"id_token"`
|
IDToken string `json:"id_token"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) toAccessTokenResponse(idToken, accessToken, refreshToken string, expiry time.Time) *accessTokenReponse {
|
func (s *Server) toAccessTokenResponse(idToken, accessToken, refreshToken string, expiry time.Time) *accessTokenResponse {
|
||||||
return &accessTokenReponse{
|
return &accessTokenResponse{
|
||||||
accessToken,
|
accessToken,
|
||||||
"bearer",
|
"bearer",
|
||||||
int(expiry.Sub(s.now()).Seconds()),
|
int(expiry.Sub(s.now()).Seconds()),
|
||||||
@ -1467,7 +1467,7 @@ func (s *Server) toAccessTokenResponse(idToken, accessToken, refreshToken string
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) writeAccessToken(w http.ResponseWriter, resp *accessTokenReponse) {
|
func (s *Server) writeAccessToken(w http.ResponseWriter, resp *accessTokenResponse) {
|
||||||
data, err := json.Marshal(resp)
|
data, err := json.Marshal(resp)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Errorf("failed to marshal access token response: %v", err)
|
s.logger.Errorf("failed to marshal access token response: %v", err)
|
||||||
|
@ -129,7 +129,7 @@ func TestConnectorLoginDoesNotAllowToChangeConnectorForAuthRequest(t *testing.T)
|
|||||||
|
|
||||||
templates, err := loadTemplates(webConfig{}, "../web/templates")
|
templates, err := loadTemplates(webConfig{}, "../web/templates")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal("failed to load tempalates")
|
t.Fatal("failed to load templates")
|
||||||
}
|
}
|
||||||
|
|
||||||
s := &Server{
|
s := &Server{
|
||||||
|
@ -194,7 +194,7 @@ func signPayload(key *jose.JSONWebKey, alg jose.SignatureAlgorithm, payload []by
|
|||||||
|
|
||||||
signer, err := jose.NewSigner(signingKey, &jose.SignerOptions{})
|
signer, err := jose.NewSigner(signingKey, &jose.SignerOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", fmt.Errorf("new signier: %v", err)
|
return "", fmt.Errorf("new signer: %v", err)
|
||||||
}
|
}
|
||||||
signature, err := signer.Sign(payload)
|
signature, err := signer.Sign(payload)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -25,7 +25,7 @@ type rotationStrategy struct {
|
|||||||
rotationFrequency time.Duration
|
rotationFrequency time.Duration
|
||||||
|
|
||||||
// After being rotated how long should the key be kept around for validating
|
// After being rotated how long should the key be kept around for validating
|
||||||
// signatues?
|
// signatures?
|
||||||
idTokenValidFor time.Duration
|
idTokenValidFor time.Duration
|
||||||
|
|
||||||
// Keys are always RSA keys. Though cryptopasta recommends ECDSA keys, not every
|
// Keys are always RSA keys. Though cryptopasta recommends ECDSA keys, not every
|
||||||
@ -55,7 +55,7 @@ func defaultRotationStrategy(rotationFrequency, idTokenValidFor time.Duration) r
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
type keyRotater struct {
|
type keyRotator struct {
|
||||||
storage.Storage
|
storage.Storage
|
||||||
|
|
||||||
strategy rotationStrategy
|
strategy rotationStrategy
|
||||||
@ -69,10 +69,10 @@ type keyRotater struct {
|
|||||||
// The method blocks until after the first attempt to rotate keys has completed. That way
|
// The method blocks until after the first attempt to rotate keys has completed. That way
|
||||||
// healthy storages will return from this call with valid keys.
|
// healthy storages will return from this call with valid keys.
|
||||||
func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy, now func() time.Time) {
|
func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy, now func() time.Time) {
|
||||||
rotater := keyRotater{s.storage, strategy, now, s.logger}
|
rotator := keyRotator{s.storage, strategy, now, s.logger}
|
||||||
|
|
||||||
// Try to rotate immediately so properly configured storages will have keys.
|
// Try to rotate immediately so properly configured storages will have keys.
|
||||||
if err := rotater.rotate(); err != nil {
|
if err := rotator.rotate(); err != nil {
|
||||||
if err == errAlreadyRotated {
|
if err == errAlreadyRotated {
|
||||||
s.logger.Infof("Key rotation not needed: %v", err)
|
s.logger.Infof("Key rotation not needed: %v", err)
|
||||||
} else {
|
} else {
|
||||||
@ -86,7 +86,7 @@ func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy
|
|||||||
case <-ctx.Done():
|
case <-ctx.Done():
|
||||||
return
|
return
|
||||||
case <-time.After(time.Second * 30):
|
case <-time.After(time.Second * 30):
|
||||||
if err := rotater.rotate(); err != nil {
|
if err := rotator.rotate(); err != nil {
|
||||||
s.logger.Errorf("failed to rotate keys: %v", err)
|
s.logger.Errorf("failed to rotate keys: %v", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -94,7 +94,7 @@ func (s *Server) startKeyRotation(ctx context.Context, strategy rotationStrategy
|
|||||||
}()
|
}()
|
||||||
}
|
}
|
||||||
|
|
||||||
func (k keyRotater) rotate() error {
|
func (k keyRotator) rotate() error {
|
||||||
keys, err := k.GetKeys()
|
keys, err := k.GetKeys()
|
||||||
if err != nil && err != storage.ErrNotFound {
|
if err != nil && err != storage.ErrNotFound {
|
||||||
return fmt.Errorf("get keys: %v", err)
|
return fmt.Errorf("get keys: %v", err)
|
||||||
|
@ -57,7 +57,7 @@ func slicesEq(s1, s2 []string) bool {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestKeyRotater(t *testing.T) {
|
func TestKeyRotator(t *testing.T) {
|
||||||
now := time.Now()
|
now := time.Now()
|
||||||
|
|
||||||
delta := time.Millisecond
|
delta := time.Millisecond
|
||||||
@ -73,7 +73,7 @@ func TestKeyRotater(t *testing.T) {
|
|||||||
Level: logrus.DebugLevel,
|
Level: logrus.DebugLevel,
|
||||||
}
|
}
|
||||||
|
|
||||||
r := &keyRotater{
|
r := &keyRotator{
|
||||||
Storage: memory.New(l),
|
Storage: memory.New(l),
|
||||||
strategy: defaultRotationStrategy(rotationFrequency, validFor),
|
strategy: defaultRotationStrategy(rotationFrequency, validFor),
|
||||||
now: func() time.Time { return now },
|
now: func() time.Time { return now },
|
||||||
|
@ -435,7 +435,7 @@ func makeOAuth2Tests(clientID string, clientSecret string, now func() time.Time)
|
|||||||
v.Add("client_secret", clientSecret)
|
v.Add("client_secret", clientSecret)
|
||||||
v.Add("grant_type", "refresh_token")
|
v.Add("grant_type", "refresh_token")
|
||||||
v.Add("refresh_token", token.RefreshToken)
|
v.Add("refresh_token", token.RefreshToken)
|
||||||
// Request a scope that wasn't requestd initially.
|
// Request a scope that wasn't requested initially.
|
||||||
v.Add("scope", "oidc email profile")
|
v.Add("scope", "oidc email profile")
|
||||||
resp, err := http.PostForm(p.Endpoint().TokenURL, v)
|
resp, err := http.PostForm(p.Endpoint().TokenURL, v)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -721,7 +721,7 @@ func TestOAuth2CodeFlow(t *testing.T) {
|
|||||||
|
|
||||||
defer oauth2Client.Close()
|
defer oauth2Client.Close()
|
||||||
|
|
||||||
// Regester the client above with dex.
|
// Register the client above with dex.
|
||||||
redirectURL := oauth2Client.URL + "/callback"
|
redirectURL := oauth2Client.URL + "/callback"
|
||||||
client := storage.Client{
|
client := storage.Client{
|
||||||
ID: clientID,
|
ID: clientID,
|
||||||
@ -1560,7 +1560,7 @@ func TestOAuth2DeviceFlow(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Parse the response
|
// Parse the response
|
||||||
var tokenRes accessTokenReponse
|
var tokenRes accessTokenResponse
|
||||||
if err := json.Unmarshal(responseBody, &tokenRes); err != nil {
|
if err := json.Unmarshal(responseBody, &tokenRes); err != nil {
|
||||||
t.Errorf("Unexpected Device Access Token Response Format %v", string(responseBody))
|
t.Errorf("Unexpected Device Access Token Response Format %v", string(responseBody))
|
||||||
}
|
}
|
||||||
|
@ -406,7 +406,7 @@ func testRefreshTokenCRUD(t *testing.T, s storage.Storage) {
|
|||||||
return r, nil
|
return r, nil
|
||||||
}
|
}
|
||||||
if err := s.UpdateRefreshToken(id, updater); err != nil {
|
if err := s.UpdateRefreshToken(id, updater); err != nil {
|
||||||
t.Errorf("failed to udpate refresh token: %v", err)
|
t.Errorf("failed to update refresh token: %v", err)
|
||||||
}
|
}
|
||||||
refresh.Token = "spam"
|
refresh.Token = "spam"
|
||||||
refresh.LastUsed = updatedAt
|
refresh.LastUsed = updatedAt
|
||||||
@ -616,7 +616,7 @@ func testConnectorCRUD(t *testing.T, s storage.Storage) {
|
|||||||
mustBeErrAlreadyExists(t, "connector", err)
|
mustBeErrAlreadyExists(t, "connector", err)
|
||||||
|
|
||||||
id2 := storage.NewID()
|
id2 := storage.NewID()
|
||||||
config2 := []byte(`{"redirectURIi": "http://127.0.0.1:5556/dex/callback"}`)
|
config2 := []byte(`{"redirectURI": "http://127.0.0.1:5556/dex/callback"}`)
|
||||||
c2 := storage.Connector{
|
c2 := storage.Connector{
|
||||||
ID: id2,
|
ID: id2,
|
||||||
Type: "Mock",
|
Type: "Mock",
|
||||||
|
@ -32,7 +32,7 @@ func newUUID() string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var tmpl = template.Must(template.New("jwks.go").Parse(`
|
var tmpl = template.Must(template.New("jwks.go").Parse(`
|
||||||
// This file was generaged by gen_jwks.go
|
// This file was generated by gen_jwks.go
|
||||||
|
|
||||||
package conformance
|
package conformance
|
||||||
|
|
||||||
|
@ -32,11 +32,11 @@ type Config struct {
|
|||||||
APIVersion string `json:"apiVersion,omitempty"`
|
APIVersion string `json:"apiVersion,omitempty"`
|
||||||
// Preferences holds general information to be use for cli interactions
|
// Preferences holds general information to be use for cli interactions
|
||||||
Preferences Preferences `json:"preferences"`
|
Preferences Preferences `json:"preferences"`
|
||||||
// Clusters is a map of referencable names to cluster configs
|
// Clusters is a map of referenceable names to cluster configs
|
||||||
Clusters []NamedCluster `json:"clusters"`
|
Clusters []NamedCluster `json:"clusters"`
|
||||||
// AuthInfos is a map of referencable names to user configs
|
// AuthInfos is a map of referenceable names to user configs
|
||||||
AuthInfos []NamedAuthInfo `json:"users"`
|
AuthInfos []NamedAuthInfo `json:"users"`
|
||||||
// Contexts is a map of referencable names to context configs
|
// Contexts is a map of referenceable names to context configs
|
||||||
Contexts []NamedContext `json:"contexts"`
|
Contexts []NamedContext `json:"contexts"`
|
||||||
// CurrentContext is the name of the context that you would like to use by default
|
// CurrentContext is the name of the context that you would like to use by default
|
||||||
CurrentContext string `json:"current-context"`
|
CurrentContext string `json:"current-context"`
|
||||||
@ -85,7 +85,7 @@ type AuthInfo struct {
|
|||||||
ClientKeyData string `json:"client-key-data,omitempty"`
|
ClientKeyData string `json:"client-key-data,omitempty"`
|
||||||
// Token is the bearer token for authentication to the kubernetes cluster.
|
// Token is the bearer token for authentication to the kubernetes cluster.
|
||||||
Token string `json:"token,omitempty"`
|
Token string `json:"token,omitempty"`
|
||||||
// Impersonate is the username to imperonate. The name matches the flag.
|
// Impersonate is the username to impersonate. The name matches the flag.
|
||||||
Impersonate string `json:"as,omitempty"`
|
Impersonate string `json:"as,omitempty"`
|
||||||
// Username is the username for basic authentication to the kubernetes cluster.
|
// Username is the username for basic authentication to the kubernetes cluster.
|
||||||
Username string `json:"username,omitempty"`
|
Username string `json:"username,omitempty"`
|
||||||
|
@ -405,7 +405,7 @@ func (cli *client) DeleteAuthCode(code string) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (cli *client) DeleteClient(id string) error {
|
func (cli *client) DeleteClient(id string) error {
|
||||||
// Check for hash collition.
|
// Check for hash collision.
|
||||||
c, err := cli.getClient(id)
|
c, err := cli.getClient(id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -362,7 +362,7 @@ func (cli *client) fromStorageAuthRequest(a storage.AuthRequest) AuthRequest {
|
|||||||
return req
|
return req
|
||||||
}
|
}
|
||||||
|
|
||||||
// Password is a mirrored struct from the stroage with JSON struct tags and
|
// Password is a mirrored struct from the storage with JSON struct tags and
|
||||||
// Kubernetes type metadata.
|
// Kubernetes type metadata.
|
||||||
type Password struct {
|
type Password struct {
|
||||||
k8sapi.TypeMeta `json:",inline"`
|
k8sapi.TypeMeta `json:",inline"`
|
||||||
|
@ -59,7 +59,7 @@ type opener interface {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func testDB(t *testing.T, o opener, withTransactions bool) {
|
func testDB(t *testing.T, o opener, withTransactions bool) {
|
||||||
// t.Fatal has a bad habbit of not actually printing the error
|
// t.Fatal has a bad habit of not actually printing the error
|
||||||
fatal := func(i interface{}) {
|
fatal := func(i interface{}) {
|
||||||
fmt.Fprintln(os.Stdout, i)
|
fmt.Fprintln(os.Stdout, i)
|
||||||
t.Fatal(i)
|
t.Fatal(i)
|
||||||
|
@ -90,7 +90,7 @@ var (
|
|||||||
// Translate types.
|
// Translate types.
|
||||||
{matchLiteral("bytea"), "blob"},
|
{matchLiteral("bytea"), "blob"},
|
||||||
{matchLiteral("timestamptz"), "datetime(3)"},
|
{matchLiteral("timestamptz"), "datetime(3)"},
|
||||||
// MySQL doesn't support indicies on text fields w/o
|
// MySQL doesn't support indices on text fields w/o
|
||||||
// specifying key length. Use varchar instead (767 byte
|
// specifying key length. Use varchar instead (767 byte
|
||||||
// is the max key length for InnoDB with 4k pages).
|
// is the max key length for InnoDB with 4k pages).
|
||||||
// For compound indexes (with two keys) even less.
|
// For compound indexes (with two keys) even less.
|
||||||
|
Reference in New Issue
Block a user