Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump google.golang.org/grpc from 1.49.0 to 1.53.0 #140

Open
wants to merge 34 commits into
base: master
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
19b3aab
Revert "fix: check for no serviceAccountFilePath and no email (#2679)"
sagikazarmark Oct 4, 2022
261adee
fix(connector/google): make admin email optional for default creds
sagikazarmark Oct 4, 2022
2027413
Merge pull request #2696 from dexidp/backport-2694
sagikazarmark Oct 4, 2022
24401fd
build(deps): bump golang from 1.19.1-alpine3.16 to 1.19.2-alpine3.16
dependabot[bot] Oct 5, 2022
8e2bce3
Merge pull request #2698 from dexidp/backport-go-update
sagikazarmark Oct 5, 2022
829444d
fix(connector/google): only initialize admin service if necessary
sagikazarmark Oct 5, 2022
9063c79
Merge pull request #2702 from dexidp/backport-2700
sagikazarmark Oct 6, 2022
ccbc86e
fix: Update gomplate version to 3.11.3 fix CVE-2022-27665
nabokihms Oct 10, 2022
54c9e82
Merge pull request #2706 from flant/backport-cve-2022-27665
sagikazarmark Oct 11, 2022
01a4c7e
build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 (#2708)
dependabot[bot] Oct 12, 2022
0666cbd
Add new connector for Cloudfoundry
Apr 10, 2018
61b0445
update cf connector to use 'authorization_endpoint' from /v2/info
Oct 4, 2018
faa9f4a
Added support for CF resources pagination
daniellavoie Apr 4, 2019
d31ae3f
cf: add org to groups claims
Nov 7, 2019
8bce756
cf: add org guid to groups claims
Nov 18, 2019
e5780cd
add unit test and api call to `audited_spaces` and `managed_spaces`
Oct 7, 2019
6d6c640
append role to space guids
Nov 4, 2019
fad2e8d
add cf org:space:role group claim to token
Nov 25, 2019
addb884
fix lint errors
Jan 13, 2020
c0fea31
run golangcli-lint
Mar 5, 2021
3cef9dc
fix sanity check errors
Dec 1, 2021
9ffe6d7
rename connector;make types private;
Oct 5, 2022
e81d9df
add cloudfoundry to connector list in readme
Oct 5, 2022
faa102c
add client crendential grant type
Nov 10, 2021
570c27e
Fix issues in existing client credentials change
kellyma2 Dec 3, 2021
895f3b2
Fix tests in TestServerSupportedGrants for client credentials
Aug 2, 2022
ac3d07f
allow configuring CAs/skip verify for OIDC
vito Aug 14, 2018
eb3dbfc
Fix io/ioutil deprecation error
Aug 2, 2022
3eff26c
refactor newHTTPClient func
Oct 8, 2022
67d9142
remove unused HostedDomains
Oct 8, 2022
d3054c5
Merge remote-tracking branch 'origin/pr/client-credentials-grant-sync'
Oct 31, 2022
ecc759d
Merge remote-tracking branch 'origin/pr/oidc-CA-configure-sync'
Oct 31, 2022
d40dc20
upstream dex release: v2.35.3
Oct 31, 2022
def63cb
build(deps): bump google.golang.org/grpc from 1.49.0 to 1.53.0
dependabot[bot] Feb 8, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 48 additions & 33 deletions connector/cf/cf.go
Original file line number Diff line number Diff line change
@@ -44,6 +44,7 @@ type Config struct {
}

type CCResponse struct {
NextUrl string `json:"next_url"`
Resources []Resource `json:"resources"`
TotalResults int `json:"total_results"`
}
@@ -227,54 +228,68 @@ func (c *cfConnector) HandleCallback(s connector.Scopes, r *http.Request) (ident
identity.Email, _ = userInfoResult["email"].(string)
identity.EmailVerified, _ = userInfoResult["email_verified"].(bool)

var orgMap = make(map[string]string)
var orgSpaces = make(map[string][]string)
var groupsClaims []string

if s.Groups {
// fetch orgs
orgsResp, err := client.Get(fmt.Sprintf("%s/v2/users/%s/organizations", c.apiURL, identity.UserID))
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to execute request for orgs: %v", err)
}
if orgsResp.StatusCode != http.StatusOK {
return identity, fmt.Errorf("CF Connector: failed to execute request for orgs: status %d", orgsResp.StatusCode)
}

var orgs CCResponse
var nextUrl = fmt.Sprintf("%s/v2/users/%s/organizations", c.apiURL, identity.UserID)
for moreResults := true; moreResults; moreResults = orgs.NextUrl != "" {
orgsResp, err := client.Get(nextUrl)
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to execute request for orgs: %v", err)
}
if orgsResp.StatusCode != http.StatusOK {
return identity, fmt.Errorf("CF Connector: failed to execute request for orgs: status %d", orgsResp.StatusCode)
}

err = json.NewDecoder(orgsResp.Body).Decode(&orgs)
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to parse orgs: %v", err)
}
orgs = CCResponse{}
err = json.NewDecoder(orgsResp.Body).Decode(&orgs)
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to parse orgs: %v", err)
}

var orgMap = make(map[string]string)
var orgSpaces = make(map[string][]string)
for _, resource := range orgs.Resources {
orgMap[resource.Metadata.Guid] = resource.Entity.Name
orgSpaces[resource.Entity.Name] = []string{}
}

for _, resource := range orgs.Resources {
orgMap[resource.Metadata.Guid] = resource.Entity.Name
orgSpaces[resource.Entity.Name] = []string{}
if orgs.NextUrl != "" {
nextUrl = fmt.Sprintf("%s%s", c.apiURL, orgs.NextUrl)
}
}

// fetch spaces
spacesResp, err := client.Get(fmt.Sprintf("%s/v2/users/%s/spaces", c.apiURL, identity.UserID))
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to execute request for spaces: %v", err)
}
if spacesResp.StatusCode != http.StatusOK {
return identity, fmt.Errorf("CF Connector: failed to execute request for spaces: status %d", spacesResp.StatusCode)
}

var spaces CCResponse
nextUrl = fmt.Sprintf("%s/v2/users/%s/spaces", c.apiURL, identity.UserID)
for moreResults := true; moreResults; moreResults = spaces.NextUrl != "" {
spacesResp, err := client.Get(nextUrl)
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to execute request for spaces: %v", err)
}
if spacesResp.StatusCode != http.StatusOK {
return identity, fmt.Errorf("CF Connector: failed to execute request for spaces: status %d", spacesResp.StatusCode)
}

err = json.NewDecoder(spacesResp.Body).Decode(&spaces)
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to parse spaces: %v", err)
}
spaces = CCResponse{}
err = json.NewDecoder(spacesResp.Body).Decode(&spaces)
if err != nil {
return identity, fmt.Errorf("CF Connector: failed to parse spaces: %v", err)
}

var groupsClaims []string
for _, resource := range spaces.Resources {
orgName := orgMap[resource.Entity.OrganizationGuid]
orgSpaces[orgName] = append(orgSpaces[orgName], resource.Entity.Name)

for _, resource := range spaces.Resources {
orgName := orgMap[resource.Entity.OrganizationGuid]
orgSpaces[orgName] = append(orgSpaces[orgName], resource.Entity.Name)
groupsClaims = append(groupsClaims, resource.Metadata.Guid)
}

groupsClaims = append(groupsClaims, resource.Metadata.Guid)
if spaces.NextUrl != "" {
nextUrl = fmt.Sprintf("%s%s", c.apiURL, spaces.NextUrl)
}
}

for orgName, spaceNames := range orgSpaces {
70 changes: 51 additions & 19 deletions connector/cf/cf_test.go
Original file line number Diff line number Diff line change
@@ -50,10 +50,13 @@ func TestHandleCallback(t *testing.T) {
expectEqual(t, err, nil)

sort.Strings(identity.Groups)
expectEqual(t, len(identity.Groups), 3)
expectEqual(t, identity.Groups[0], "some-org-name-1:some-space-name")
expectEqual(t, identity.Groups[1], "some-org-name-2")
expectEqual(t, identity.Groups[2], "some-space-guid")
expectEqual(t, len(identity.Groups), 6)
expectEqual(t, identity.Groups[0], "some-org-name-1:some-space-name-1")
expectEqual(t, identity.Groups[1], "some-org-name-2:some-space-name-2")
expectEqual(t, identity.Groups[2], "some-org-name-3")
expectEqual(t, identity.Groups[3], "some-org-name-4")
expectEqual(t, identity.Groups[4], "some-space-guid-1")
expectEqual(t, identity.Groups[5], "some-space-guid-2")
})

t.Run("CallbackWithoutGroupsScope", func(t *testing.T) {
@@ -121,30 +124,59 @@ func testSetup() *httptest.Server {
var result map[string]interface{}

if strings.Contains(r.URL.String(), "spaces") {
result = map[string]interface{}{
"resources": []map[string]interface{}{
{
"metadata": map[string]string{"guid": "some-space-guid"},
"entity": map[string]string{"name": "some-space-name", "organization_guid": "some-org-guid-1"},
if strings.Contains(r.URL.String(), "spaces?order-direction=asc&page=2&results-per-page=50") {
result = map[string]interface{}{
"resources": []map[string]interface{}{
{
"metadata": map[string]string{"guid": "some-space-guid-2"},
"entity": map[string]string{"name": "some-space-name-2", "organization_guid": "some-org-guid-2"},
},
},
},
}
} else {
result = map[string]interface{}{
"next_url": "/v2/users/12345/spaces?order-direction=asc&page=2&results-per-page=50",
"resources": []map[string]interface{}{
{
"metadata": map[string]string{"guid": "some-space-guid-1"},
"entity": map[string]string{"name": "some-space-name-1", "organization_guid": "some-org-guid-1"},
},
},
}
}
}

if strings.Contains(r.URL.String(), "organizations") {
result = map[string]interface{}{
"resources": []map[string]interface{}{
{
"metadata": map[string]string{"guid": "some-org-guid-1"},
"entity": map[string]string{"name": "some-org-name-1"},
if strings.Contains(r.URL.String(), "organizations?order-direction=asc&page=2&results-per-page=50") {
result = map[string]interface{}{
"resources": []map[string]interface{}{
{
"metadata": map[string]string{"guid": "some-org-guid-3"},
"entity": map[string]string{"name": "some-org-name-3"},
},
{
"metadata": map[string]string{"guid": "some-org-guid-4"},
"entity": map[string]string{"name": "some-org-name-4"},
},
},
{
"metadata": map[string]string{"guid": "some-org-guid-2"},
"entity": map[string]string{"name": "some-org-name-2"},
}
} else {
result = map[string]interface{}{
"next_url": "/v2/users/12345/organizations?order-direction=asc&page=2&results-per-page=50",
"resources": []map[string]interface{}{
{
"metadata": map[string]string{"guid": "some-org-guid-1"},
"entity": map[string]string{"name": "some-org-name-1"},
},
{
"metadata": map[string]string{"guid": "some-org-guid-2"},
"entity": map[string]string{"name": "some-org-name-2"},
},
},
},
}
}
}

json.NewEncoder(w).Encode(result)
})