6993eb3cac
Merge pull request #51 from morsok/patch-1
...
[DOC] Add info about additional_rabbitmq_scopes
2020-10-08 15:17:37 +03:00
fdacaf9b92
Fix md linking error
2020-10-08 09:32:44 +02:00
57716223e0
Add support for using extra scopes standalone
...
This commit makes it possible to use additional sources of scopes in a token
standalone, without the need of combining them with existing ones.
2020-09-16 16:30:24 +02:00
9b0e853799
Simplify post_process_payload_keycloak
2020-09-01 17:17:15 +02:00
d966a66856
[DOC] Add info about additional_rabbitmq_scopes
2020-08-24 11:32:40 +02:00
d398ef9a12
Update rabbitmq-components.mk
2020-08-04 08:41:46 -07:00
7aabc7d397
Update rabbitmq-components.mk
2020-07-30 12:06:51 +02:00
ca5a1a5cf0
Update rabbitmq-components.mk
2020-07-29 10:02:02 -07:00
9ffd10aa30
Update erlang.mk
2020-07-21 14:31:52 +01:00
97f6a61434
Update rabbitmq-components.mk
2020-07-21 12:07:56 +02:00
391115a570
Update rabbitmq-components.mk
2020-07-21 03:42:44 +03:00
b471122e9b
Revert drop of Exhibit B on MPL 2.0
2020-07-20 16:57:22 +01:00
2bf9d30638
Update LICENSE
2020-07-20 10:41:31 +01:00
3c8c33c438
Update MPL2 license file, drop Exhibit B
...
and add a VMware copyright notice.
We did not mean to make this code Incompatible with Secondary Licenses
as defined in [1].
1. https://www.mozilla.org/en-US/MPL/2.0/FAQ/
2020-07-17 14:53:04 +03:00
f0d39cb4e2
Switch to Mozilla Public License 2.0 (MPL 2.0)
2020-07-10 20:27:35 +01:00
bf17f5de89
Update erlang.mk
2020-06-23 17:13:24 +02:00
474c0fc1b6
Bump Recon to 2.5.1
...
for Erlang 23 compatibility of 'rabbitmq-diagnostics observer'
References zhongwencool/observer_cli#68 .
2020-06-09 08:22:12 +03:00
6ebf80174d
Update README.md
2020-05-19 21:08:43 +03:00
9776180291
Reword a confusing sentence
2020-05-19 21:03:54 +03:00
ab8df7c70c
Update README.md
2020-04-29 18:19:16 +03:00
a366fc49ec
Update README.md
2020-04-29 18:18:30 +03:00
7dcc11cdfd
Update copyright (year 2020)
2020-03-10 16:05:48 +01:00
d8b77afceb
Merge pull request #45 from rabbitmq/rsa_keys
...
Improve error messages for verification failures with RSA keys
2020-03-10 00:23:33 +03:00
28080e1e2c
Log authentication rejection messages
...
Normally when auth fails, we simply log that it failed for a given
username. Since the username is ignored with the auth mechanism,
this does not provide sufficient context for debugging config
errors.
2020-03-09 12:49:48 +01:00
37d9a2bf77
Add a docker based example of rsa_keys
...
Add a simpler way of demonstrating asymmetric keys, where only
docker is required.
2020-03-09 12:49:48 +01:00
2b2a7471f5
Bump jose to 1.10.1
...
Primarily to reduce confusion about its licensing.
jose has been MIT-licensed since Dec 2018.
2020-03-09 11:04:25 +03:00
197e077078
Update rabbitmq-components.mk
2020-03-06 09:19:13 +00:00
4f32940765
Update erlang.mk
2020-03-06 09:17:19 +00:00
65238638fc
Travis CI: Update config from rabbitmq-common
2020-03-04 14:24:27 +01:00
4cb2d24b0c
Travis CI: Update config from rabbitmq-common
2020-03-04 11:17:13 +01:00
4eb61c19f0
Travis CI: Update config from rabbitmq-common
2020-03-03 14:53:37 +01:00
8d4b3439f9
Avoid using erlang:get_stacktrace/0 for improved OTP 23/24 compat
2020-02-27 22:22:32 +03:00
0acac56586
Update rabbitmq-components.mk
2020-02-11 15:31:41 +00:00
80dfdc64df
Use {pem, <<PEM>>} style configuration for asymmetric keys sample
...
This avoids having to mention fields like "n" (modulus) and "e"
(exponent) which are difficult to extract from the public key and then
encode.
2020-01-15 15:35:04 +01:00
e4870b9c70
(c) bump
2019-12-29 05:50:24 +03:00
a58c3f5f48
Git: Ignore copied CLI
2019-12-12 13:24:26 +01:00
aef9207977
Update rabbitmq-components.mk
2019-12-12 13:14:52 +01:00
c4789ac25a
Added missing comma in configuration example
2019-12-09 11:51:12 +01:00
e936e82292
Move up aud/scope binary to array conversion
...
This way scope is always an array which makes it easier for downstream
processing.
References #41
2019-12-05 14:26:17 +01:00
cb3fe65a07
Polish extra scopes source tests
...
Set up environment in init/end test functions, change some scopes in
test to make assertion more obvious.
References #41
2019-12-05 14:10:21 +01:00
d9073fba8d
Make this code less unorthodox, take 2
...
Also improves naming a bit.
2019-12-05 10:28:37 +03:00
7d2b069cbd
Make this code less unorthodox, take 1
2019-12-05 10:12:51 +03:00
9a230b0aeb
Resolve PR comments - rename variables.
2019-12-05 05:29:12 +01:00
3a04670a45
Implement support for gathering scopes from predefined JWT section and combine them with existing ones in post_process_payload () method. Create unit_SUITE and system_SUITE test cases.
2019-12-04 19:14:08 +01:00
1e0cb18279
Revert "Update rabbitmq-components.mk"
...
This reverts commit 157e9ce515
2019-10-30 12:03:53 +03:00
157e9ce515
Update rabbitmq-components.mk
2019-10-30 12:03:07 +03:00
764725fe71
Update rabbitmq-components.mk
2019-09-13 10:24:14 +01:00
60430d7a59
Update rabbitmq-components.mk
2019-09-04 10:30:52 +01:00
6c513b4a4e
Merge pull request #38 from rabbitmq/rabbitmq-auth-backend-oauth2-37-keycloak-support
...
Support Keycloak token format in post-processing
2019-08-22 08:20:49 +07:00
d4e3706937
Add management config settings to the symmetric key demo
2019-08-22 04:03:04 +03:00
f3405e46fa
Support Keycloak token format in post-processing
...
Scopes from the "authorization" field are extracted and replace the
value of the "scope" key in the parsed and processed token.
Fixes #37
2019-08-21 10:34:20 +02:00
9ea2c69588
Update rabbitmq-components.mk
2019-08-11 01:47:48 +10:00
420e482687
Update erlang.mk
2019-08-02 09:53:31 +02:00
838618de0c
Update rabbitmq-components.mk
2019-08-01 17:13:09 +03:00
16968e8c66
Remove unnecessary console output
2019-07-24 09:04:58 +02:00
f01f0fe023
Add GitHub templates
...
And LICENSE file.
Fixes #33
2019-07-18 14:28:41 -07:00
01e05dbb77
Add Code of Conduct and Contributing files
...
Standard for tier 1 RabbitMQ plugins.
References #33 .
2019-07-18 17:05:42 +03:00
49f1b6b043
Support simple strings in aud and scope fields
...
Simple strings are supported, strings with spaces are split into arrays.
The strings are split upfront, the Erlang representation of the token
does not change, to avoid impacts in the code downstream.
Fixes #24
2019-07-12 09:45:02 +02:00
5f44635d05
uaa_jwt:get_jwk/1: return an error if there are no configured signing keys
...
Closes #30 .
2019-07-10 18:52:59 +03:00
833bb4cec9
Deal with unused parameter
2019-07-10 15:47:57 +02:00
29b9b9152c
Add early plugin dependency to compile command
...
Otherwise make xref fails.
2019-07-10 15:42:03 +02:00
cb81b0748f
Remove extra parameters from output call
2019-07-10 15:12:48 +02:00
de859d0e72
Document tag support
...
For management plugin access. Add a tag to the super user in the demo.
2019-07-09 17:44:27 +02:00
c83efe4db5
Update rabbitmq-components.mk
2019-07-09 16:05:50 +02:00
ae8b61a8aa
Check token expiration on authentication
2019-07-02 15:27:13 +02:00
fdb4693083
Integration suite: don't attempt to close channels on a closing connection
2019-07-02 13:20:36 +02:00
16f7328986
Integration suite: correctly compute expiration
...
it should be in seconds.
2019-07-02 12:15:17 +02:00
d44e4bce59
Integration tests for JWT token/secret updates; improved error reporting
2019-07-01 21:20:57 +02:00
8a8bda0369
More OAuth 2 token refresh tests (WIP)
2019-07-01 16:48:53 +02:00
961b8d0c55
Merge branch 'master' into oauth2-credential-expiration-support
2019-07-01 11:43:38 +02:00
907624372d
Update rabbitmq-components.mk
2019-07-01 11:36:34 +02:00
d9a0ddd6bd
Update erlang.mk
2019-07-01 11:36:17 +02:00
369e4158c1
Assert on operations on both new and existing channels
...
Per suggestion from @acogoluegnes.
2019-06-29 00:28:05 +02:00
4a4f81c374
Token refresh integration tests
...
Depend on recent updates in the Erlang client.
2019-06-28 18:44:33 +02:00
e80c125f0b
Implement secret (token) update
2019-06-27 22:08:18 +02:00
975e2bf177
Extract a constant
2019-06-27 16:04:58 +02:00
7e0ebb0fb1
Extract a constant
2019-06-27 16:04:34 +02:00
810b583015
Wording
2019-06-27 16:04:21 +02:00
1bc504d297
Token/state renewal stub
2019-06-27 11:19:33 +02:00
4b25eda38a
Mention arguments to change token validity for client
...
In demo.
2019-06-19 09:49:21 +02:00
4f9a4f0ac2
Add protocol-specific context
...
Just an update of check_resource_access/3 to check_resource_access/4,
the OAuth has no use of protocol-specific data for now.
References rabbitmq/rabbitmq-server#1767
2019-06-04 14:50:59 +02:00
0e81115336
Update environment variable to configure uaa
...
CLOUD_FOUNDRY_CONFIG_PATH became CLOUDFOUNDRY_CONFIG_PATH in uaa 4.31.
2019-06-04 11:41:47 +02:00
001752d4ec
Install cf-uaac gem, not uaac
2019-06-04 11:05:24 +02:00
8cb7b00642
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://blog.listincomprehension.com/search/label/procket (200) with 1 occurrences could not be migrated:
([https](https://blog.listincomprehension.com/search/label/procket ) result ClosedChannelException).
* http://dozzie.jarowit.net/trac/wiki/TOML (200) with 1 occurrences could not be migrated:
([https](https://dozzie.jarowit.net/trac/wiki/TOML ) result SSLHandshakeException).
* http://dozzie.jarowit.net/trac/wiki/subproc (200) with 1 occurrences could not be migrated:
([https](https://dozzie.jarowit.net/trac/wiki/subproc ) result SSLHandshakeException).
* http://e2project.org (200) with 1 occurrences could not be migrated:
([https](https://e2project.org ) result AnnotatedConnectException).
* http://nitrogenproject.com/ (200) with 2 occurrences could not be migrated:
([https](https://nitrogenproject.com/ ) result ConnectTimeoutException).
* http://proper.softlab.ntua.gr (200) with 1 occurrences could not be migrated:
([https](https://proper.softlab.ntua.gr ) result SSLHandshakeException).
* http://yaws.hyber.org (200) with 1 occurrences could not be migrated:
([https](https://yaws.hyber.org ) result AnnotatedConnectException).
* http://choven.ca (503) with 1 occurrences could not be migrated:
([https](https://choven.ca ) result ConnectTimeoutException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://fixprotocol.org/ (301) with 1 occurrences migrated to:
https://fixtrading.org ([https](https://fixprotocol.org/ ) result SSLHandshakeException).
* http://erldb.org (UnknownHostException) with 1 occurrences migrated to:
https://erldb.org ([https](https://erldb.org ) result UnknownHostException).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://cloudi.org/ with 27 occurrences migrated to:
https://cloudi.org/ ([https](https://cloudi.org/ ) result 200).
* http://erlware.org/ with 1 occurrences migrated to:
https://erlware.org/ ([https](https://erlware.org/ ) result 200).
* http://inaka.github.io/cowboy-trails/ with 1 occurrences migrated to:
https://inaka.github.io/cowboy-trails/ ([https](https://inaka.github.io/cowboy-trails/ ) result 200).
* http://ninenines.eu with 6 occurrences migrated to:
https://ninenines.eu ([https](https://ninenines.eu ) result 200).
* http://www.actordb.com/ with 2 occurrences migrated to:
https://www.actordb.com/ ([https](https://www.actordb.com/ ) result 200).
* http://www.cs.kent.ac.uk/projects/wrangler/Home.html with 1 occurrences migrated to:
https://www.cs.kent.ac.uk/projects/wrangler/Home.html ([https](https://www.cs.kent.ac.uk/projects/wrangler/Home.html ) result 200).
* http://www.rabbitmq.com/access-control.html with 2 occurrences migrated to:
https://www.rabbitmq.com/access-control.html ([https](https://www.rabbitmq.com/access-control.html ) result 200).
* http://www.rabbitmq.com/configure.html with 1 occurrences migrated to:
https://www.rabbitmq.com/configure.html ([https](https://www.rabbitmq.com/configure.html ) result 200).
* http://www.rebar3.org with 1 occurrences migrated to:
https://www.rebar3.org ([https](https://www.rebar3.org ) result 200).
* http://inaka.github.com/apns4erl with 1 occurrences migrated to:
https://inaka.github.com/apns4erl ([https](https://inaka.github.com/apns4erl ) result 301).
* http://inaka.github.com/edis/ with 1 occurrences migrated to:
https://inaka.github.com/edis/ ([https](https://inaka.github.com/edis/ ) result 301).
* http://lasp-lang.org/ with 1 occurrences migrated to:
https://lasp-lang.org/ ([https](https://lasp-lang.org/ ) result 301).
* http://saleyn.github.com/erlexec with 1 occurrences migrated to:
https://saleyn.github.com/erlexec ([https](https://saleyn.github.com/erlexec ) result 301).
* http://www.mozilla.org/MPL/ with 6 occurrences migrated to:
https://www.mozilla.org/MPL/ ([https](https://www.mozilla.org/MPL/ ) result 301).
* http://zhongwencool.github.io/observer_cli with 1 occurrences migrated to:
https://zhongwencool.github.io/observer_cli ([https](https://zhongwencool.github.io/observer_cli ) result 301).
# Ignored
These URLs were intentionally ignored.
* http://localhost:8080/uaa/oauth/token with 1 occurrences
2019-03-20 03:11:57 -05:00
7764533d05
Sync erlang.mk from rabbitmq-common
2019-02-12 07:44:11 +03:00
a4b2dd775b
Sync rabbitmq-components.mk from rabbitmq-common
2019-02-12 07:43:54 +03:00
40410e5c01
spelling: exactly
...
(cherry picked from commit f5af5a4cb42c90147849dcc2e2b3705248fdd801)
2019-02-12 07:42:14 +03:00
414cff848a
spelling: following
...
(cherry picked from commit 9e9d347f5b59a21fd4f0c1a1c64ffc2fcf7481c2)
2019-02-12 07:41:41 +03:00
f23aa08e31
Since we install Erlang, use generic language
2018-08-01 07:49:53 -07:00
58d489fc09
Ignore elixir error
2018-08-01 07:47:43 -07:00
560a8cb99a
Add Travis CI build status to README.md
2018-08-01 07:43:40 -07:00
677cf48fba
Update Travis CI configuration
2018-08-01 07:42:42 -07:00
dfc9313717
Merge pull request #19 from rabbitmq/lrb-rename-uaa_jwt
...
Rename uaa_jwt app env setting to key_config
2018-08-01 03:12:18 +03:00
0e19df0ce4
Rename uaa_jwt app env setting to key_config
...
See this comment for context:
https://github.com/rabbitmq/rabbitmq-auth-backend-oauth2/pull/18#issuecomment-409016622
2018-07-31 15:51:20 -07:00
499d20a421
Fix typos in readme
2018-07-26 15:57:09 +02:00
3b61d8de4f
Fix typo
2018-07-25 16:33:09 +02:00
4a27ed2fdd
Add internal backend to symmetric_keys rmq config
2018-07-20 16:46:42 -07:00
30490995d9
Add missing rabbitmq_ct_client_helpers dependency needed by system_SUITE.erl
2018-07-20 15:29:15 -07:00
4bd726b5d4
uaa_jwt is no longer a separate application
...
In order for uaa_jwt settings to be populated by config files, they have to be part of a defined and running application. This PR adds support for a uaa_jwt sub-key of the main rabbitmq_auth_backend_oauth2 env key.
2018-07-20 15:25:09 -07:00
94238369b6
Auth backend module rename
2018-07-20 13:23:05 -07:00
Michael Klishin
Simon
Robert Gustafsson
Simon Alling
Alexandre amiche
Luke Bakken
Jean-Sébastien Pédron
Luke Bakken
dcorbacho
Michael Klishin
Michael Klishin
Philip Kuryloski
Gerhard Lazu
Arnaud Cogoluègnes
Anton Dalgren
Michal Papuga
kjnilsson
Spring Operator
Josh Soref
Michael Klishin