root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 10 Packages Projects Releases Wiki Activity
58,467 Commits 177 Branches 546 Tags 272 MiB
Commit Graph

39 Commits

Author SHA1 Message Date
Marcial Rosales b5be85ffab Support explicit foward proxy from oauth2 plugin 2024-12-20 10:05:31 +01:00
Michael Klishin 9893a2bd48
Merge pull request #12399 from rabbitmq/deprecate-oauth2-settings 
Deprecate two OAuth2 settings: auth_oauth2.jwks_url and management.metadata_url
 2024-10-09 11:46:58 -04:00
Marcial Rosales ee8d5f7fb0 Deprecate jwks_url but it is still supported 
jwks_uri takes precedence when both are set
 2024-10-09 11:01:09 -04:00
Marcial Rosales b21a222abd Remove management.oauth_metadata_url 2024-10-09 11:01:09 -04:00
Marcial Rosales b966ab7b72 Configure scope_aliases also per resource_server 2024-10-09 10:57:38 -04:00
Marcial Rosales 48670a0ecf Support two modes of configuring 
scope_aliases using cuttlefish
 2024-10-09 10:57:38 -04:00
Marcial Rosales 5841e37804 Fix schema translation for 
scope_aliases
 2024-10-09 10:57:38 -04:00
Marcial Rosales cd46b406df Modify schema to include scope_aliases 
WIP Add translation function
 2024-10-09 10:57:38 -04:00
Marcial Rosales d25e0f8e88 Refactoring 
- Use rabbit_oauth2 prefix for modules which do not have it
- Ensure most lines stick to 80 column
 2024-10-08 08:17:48 +02:00
Marcial Rosales b2532e0c1d Modify management schema 
to be able to set extra parameters
for authorize and token endpoints
 2024-10-08 08:17:48 +02:00
Marcial Rosales 5044e297d4 Add token endpoint params to schema 2024-10-08 08:17:48 +02:00
Marcial Rosales 12b8c0db58 Fix all test in unit_SUITE 2024-10-08 08:17:48 +02:00
Marcial Rosales b5230f7afd Fix some test cases 2024-10-08 08:17:47 +02:00
Marcial Rosales 2a3dcb3679 WIP Refactor code 
before implementing oidc endpoints parameters
 2024-10-08 08:17:47 +02:00
Marcial Rosales 4da45996ca Minor refactor 
Improve logging
Fix an issue running selenium tests locally
WIP modify schema to configure queryParameters for
oauth2 endpoints
 2024-10-08 08:17:47 +02:00
Marcial Rosales 77e8172009 Support tokens without kid when using multiple resources 2024-08-29 12:44:49 +01:00
Marcial Rosales 72ab1944bf Make end_session_endpoint configurable 2024-05-27 11:19:09 +02:00
Marcial Rosales 7c544ea0a1 Add configuration alias to schema 
It was added to the code but not to
the schema
 2024-04-15 10:16:53 +02:00
Michael Klishin 7b955f154c OAuth 2 plugin: cosmetics 
(cherry picked from commit 7989bfc88e)
 2024-02-10 20:12:16 +01:00
Marcial Rosales d827b72ce1 Create Oauth2 client 2024-02-10 20:12:04 +01:00
Marcial Rosales faffd6fa98 Configure Oauth scope prefix 
separate from resource_server_id
 2023-05-16 08:40:28 +02:00
Marcial Rosales 1c1e4515f7 Deprecate uaa settings from management plugin 2023-04-13 11:22:05 +02:00
Marcial Rosales efb1b5bd10 Fix 2549 
Allow list of preferred_username_claims in cuttlefish
config style.
Use new config style on two selenium test suites
Test oauth2 backend's config schema and oauth2 management
config schema
 2023-02-28 10:38:28 +01:00
brunomedeirosdedalus bf2b11d7ba
Fixing the rabbitmq_auth_backend_oauth2 schema 
Fixing reference to the old key 'additional_rabbitmq_scopes'. Removing redundant mapping
 2023-02-04 11:41:26 +01:00
Marcial Rosales 9354397cbf
Support Idp initiated logon in mgt ui with Oauth 
Configure preferred username from a token
Make client_secret optional
 2023-01-03 07:09:00 -05:00
Michael Klishin 083abe52b7
OAuth 2 Cuttlefish schema: cosmetics 2022-08-22 16:16:15 +04:00
Marcial Rosales d69781a7ef
Support rich authorization request spec 2022-08-22 16:16:11 +04:00
Lajos Gerecs 608d11a3f8 convert additional_scopes_param to the correct equivalent 2022-02-03 18:13:08 +01:00
Anh Thi Lan Nguyen 093a04323b Add configurable crl_check and fail_if_no_peer_cert 
- Add configuration: crl_check, fail_if_no_peer_cert
- Correct configuration: hostname_verification
 2021-12-14 11:28:33 +07:00
Anh Thi Lan Nguyen 118e44c10e Add wildcard configuration 
A "wildcard" configuration is added to enable key server verification with wildcard certificate
 2021-12-14 11:28:33 +07:00
Anh Thi Lan Nguyen a9bc1c0ce9 Update README.md 
- Update new configuration document
- Add configurable "depth" for key server verification
 2021-12-14 11:28:33 +07:00
Anh Thi Lan Nguyen 1615cbfb8b Update better configuration names 
- "strict" changes to "https.peer_verification"
- "cacertfile" changes to "https.cacertfile"
 2021-12-14 11:28:33 +07:00
Anh Thi Lan Nguyen dd685f1179 Oauth2 plugin improvements 
- Validate JWKS server when getting keys
- Restrict usable algorithms
 2021-12-14 11:28:33 +07:00
Michal Kuratczyk acf474e056 Fix cuttlefish config for oauth2 
The structure of the signing_keys map should be `<<"id">> => {pem, <<"key">>}`.
Previously it was mapped directly as `<<"id">> => <<"key">>`.
 2021-11-18 12:58:57 +01:00
Michael Klishin 2a5ee5b407
Destructure in the function head 2021-02-22 17:14:04 +03:00
Michael Klishin 0d615080f2
Remove a clause that would never match 2021-02-22 17:12:44 +03:00
Michael Klishin 2273797d36
Bindings in Erlang use CamelCase 2021-02-22 17:07:47 +03:00
Michael Klishin 7a4b0783c8
cuttlefish:unvalid/1 expects a string 2021-02-22 17:01:43 +03:00
Michal Kuratczyk c729e15112 WIP: cuttlefish support for oauth2 plugin 
No support for symmetric key key options as this would make the
implementation much more complex and shouldn't really be used anyway.

WIP becasue while the code seems to work but tests fail.
 2021-02-22 10:33:35 +01:00