root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 2 Packages Projects Releases Wiki Activity
59,389 Commits 177 Branches 546 Tags 272 MiB
Commit Graph

185 Commits

Author SHA1 Message Date
Marcial Rosales c73fdf79ff Remove log statement 2025-05-29 09:02:29 +02:00
Marcial Rosales 1d942027a9 Add system test for variable expansion 2025-05-29 09:02:29 +02:00
Marcial Rosales 0023ba2a01 Add var expansion to vhost and resource access 2025-05-29 09:02:29 +02:00
Marcial Rosales ecacf0f19c Clean up 2025-02-11 16:12:15 +01:00
Marcial Rosales 3041d6c253 Support in code the old keycloak format 
That was not keycloak format it was an
extension to the oauth spec introuduced
a few years ago. To get a token from
keycloak using this format, a.k.a.
requesting party token, one has to specify
a different claim type called
urn:ietf:params:oauth:grant-type:uma-ticket
 2025-02-11 16:12:15 +01:00
Marcial Rosales 1179d3a3ec Support keycloak custom format via configuration 2025-02-11 16:12:15 +01:00
Michael Klishin 968eefa1bb
Bump (c) line year 
There are no functional changes to this massive diff.
 2025-01-01 17:54:10 -05:00
Michael Klishin 719b5564c9
Cosmetics 2024-11-28 15:55:13 -05:00
Michael Klishin 301b79c470
Type spec improvements in rabbit_auth_backend_oauth2 2024-11-28 15:51:47 -05:00
Marcial Rosales 3718fe3289 Prevent change of username on token refresh 2024-11-27 10:41:28 +01:00
Hathoute Hamza f1ee5b551a
Update rabbit_oauth2_schema.erl 
(cherry picked from commit ed5f29cec8)
 2024-11-18 12:46:46 -05:00
Hathoute 0d51ee9ec0
rabbitmq-auth-backend-oauth2: correctly map additional_scopes_key 
(cherry picked from commit 0d799a50eb)
 2024-11-18 12:46:40 -05:00
Michael Klishin 9893a2bd48
Merge pull request #12399 from rabbitmq/deprecate-oauth2-settings 
Deprecate two OAuth2 settings: auth_oauth2.jwks_url and management.metadata_url
 2024-10-09 11:46:58 -04:00
Marcial Rosales ee8d5f7fb0 Deprecate jwks_url but it is still supported 
jwks_uri takes precedence when both are set
 2024-10-09 11:01:09 -04:00
Marcial Rosales ebc3dea971 Minor formatting improvement 2024-10-09 10:57:38 -04:00
Marcial Rosales b966ab7b72 Configure scope_aliases also per resource_server 2024-10-09 10:57:38 -04:00
Marcial Rosales 3e81cfa89d Handle wrong scope_aliases configuration 2024-10-09 10:57:38 -04:00
Marcial Rosales 48670a0ecf Support two modes of configuring 
scope_aliases using cuttlefish
 2024-10-09 10:57:38 -04:00
Marcial Rosales a30c829ec5 Test translation function of scope_aliases 2024-10-09 10:57:38 -04:00
Marcial Rosales dcb52638ab Minor refactoring 2024-10-09 10:57:38 -04:00
Marcial Rosales 5841e37804 Fix schema translation for 
scope_aliases
 2024-10-09 10:57:38 -04:00
Marcial Rosales cd46b406df Modify schema to include scope_aliases 
WIP Add translation function
 2024-10-09 10:57:38 -04:00
Marcial Rosales d25e0f8e88 Refactoring 
- Use rabbit_oauth2 prefix for modules which do not have it
- Ensure most lines stick to 80 column
 2024-10-08 08:17:48 +02:00
Marcial Rosales f56324e72c Remove wrong file 2024-10-08 08:17:48 +02:00
Marcial Rosales 966d5d49b1 Fix fucntion signature 2024-10-08 08:17:48 +02:00
Marcial Rosales 6e74d8b60e Always use list() type for urls 2024-10-08 08:17:48 +02:00
Marcial Rosales 6d0e195957 Fix schema issues 
And fix selenium script to run
rabbitrmq locally
 2024-10-08 08:17:48 +02:00
Marcial Rosales b2532e0c1d Modify management schema 
to be able to set extra parameters
for authorize and token endpoints
 2024-10-08 08:17:48 +02:00
Marcial Rosales eb2fbc6d9b Improve format 2024-10-08 08:17:48 +02:00
Marcial Rosales b339714bf8 Test invalid token parameter config 2024-10-08 08:17:48 +02:00
Marcial Rosales 0d4fb55cda Remove unnecessary statement 2024-10-08 08:17:48 +02:00
Marcial Rosales 5044e297d4 Add token endpoint params to schema 2024-10-08 08:17:48 +02:00
Marcial Rosales 7792b70c13 Fix dialyzer errors 2024-10-08 08:17:48 +02:00
Marcial Rosales 12b8c0db58 Fix all test in unit_SUITE 2024-10-08 08:17:48 +02:00
Marcial Rosales b9217aee48 Fix test cases and refactor rar and keycloak 
functionality into their own modules
 2024-10-08 08:17:48 +02:00
Marcial Rosales 54ac148daf Fix issue and test 
WIP rename all token_validation
to normalize_token_scope
 2024-10-08 08:17:48 +02:00
Marcial Rosales 0f5f76677f More test fixes + clean up + refactor 2024-10-08 08:17:48 +02:00
Marcial Rosales 9ecca5ae7a Fix test system test cases 
And move constants to oauth2.hrl
 2024-10-08 08:17:48 +02:00
Marcial Rosales c4e852116b Fix test cases 2024-10-08 08:17:48 +02:00
Marcial Rosales 8339015f80 WIP Use resource_server() type 
check_token still needs some work
 2024-10-08 08:17:48 +02:00
Marcial Rosales 42a1a47b7d Fix test cases 2024-10-08 08:17:47 +02:00
Marcial Rosales 5c2b90bece fix some test cases 2024-10-08 08:17:47 +02:00
Marcial Rosales 66d9323148 Simplify module names 2024-10-08 08:17:47 +02:00
Marcial Rosales 34f5d107d2 WIP fix more test cases 2024-10-08 08:17:47 +02:00
Marcial Rosales 158fa3b6b1 WIP fix some test cases 
Pending to add more scenarios whch
combine +2 resources with and without
verify_aud and with and without audience
in token
 2024-10-08 08:17:47 +02:00
Marcial Rosales aecb86d56d WIP Fix test cases 2024-10-08 08:17:47 +02:00
Marcial Rosales 4576aaa32e Refactor assertion function 2024-10-08 08:17:47 +02:00
Marcial Rosales 91e46668b0 WIP Continue refactoring + clean up 2024-10-08 08:17:47 +02:00
Marcial Rosales 9984eef2d1 WIP Fix compilation errors 2024-10-08 08:17:47 +02:00
Marcial Rosales 7064969ca5 WIP More refactoring 
split rabbit_oauth2_config into
- rabbit_oauth2_resource_server
- rabbit_oauth2_oauth_provider

and their respective test modules

Signing keys is an oauth provider
concern hence it stays with the
oauth_provider module.
 2024-10-08 08:17:47 +02:00