-
Notifications
You must be signed in to change notification settings - Fork 334
OAuth #2989
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
battermann
merged 293 commits into
develop
from
SQSERVICES-1825-be-oauth-refresh-token-generation
Mar 14, 2023
Merged
OAuth #2989
Changes from all commits
Commits
Show all changes
293 commits
Select commit
Hold shift + click to select a range
6322e11
fix makefile
battermann 3f00152
fix haskell-pins.nix file
battermann f527639
config flag
battermann 99b4f82
check status, integration tests
battermann a4de2b8
changelog
battermann b01727d
make expiration test faster
battermann c4f121b
uncomment code
battermann 0dbed7e
moved oauth types to wire-api
battermann 21c2728
de-/encode jwt inside toschema instance
battermann 8282ef9
servant combinator
battermann 246d1f3
better
battermann d45105f
check scope in hasserver
battermann 1b3ea4b
clean up
battermann 94631c4
test vs nginz
battermann 91adbbf
crude change in nginz
battermann a76d5fa
use Z-OAuth header for oauth
battermann a4d8e84
refactoring
battermann 043008f
renaming
battermann 6d8cf57
small refactoring of nginx module
battermann 3765b8d
more failure tests
battermann 84d6bbe
changelog
battermann 50afa1b
enable oauth in nginz config
battermann 243423e
set zauth_user in nginz only if authorized and allowed
battermann ba0833b
trailing whitespaces
battermann 31ee8f6
additional checks in nginz to reduce load on brig
battermann 4f8d114
oauth test script
battermann 72468bb
show instance for OAuthAuthCode
battermann 0622441
tagged token, refresh token basic impl
battermann 45cd5a1
improve script
battermann 2954953
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx a595c04
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1825-be-…
fisx 8477681
fixed some merge errors
battermann 504ab63
refresh token id and info, db table, and insert logic
battermann 7a0a844
fixed comment
battermann 8a3bf5a
config for refresh token expiration
battermann a286ec4
options and integration tests
battermann 1570eda
Merge branch 'develop' into SQSERVICES-1825-be-oauth-refresh-token-ge…
battermann 5450d08
Update docs/src/developer/reference/config-options.md
battermann ea97ed1
Update docs/src/developer/reference/config-options.md
battermann 8418020
Update docs/src/developer/reference/config-options.md
battermann 3951c9b
Update docs/src/how-to/install/oauth.md
battermann 50a654c
Update services/brig/brig.integration.yaml
battermann 2dfa725
Update libs/wire-api/src/Wire/API/Routes/Public.hs
battermann e3aa83e
moved ToHttpApiData instance to test
battermann c8e943f
jwks
battermann 43e6a81
inlined bad key for test again
battermann 7923d27
refresh access token
battermann d79433f
swagger ui
battermann 03374a4
more refresh token tests
battermann 8ddb509
linter
battermann e1cbc96
API docs
battermann 51c49e7
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann 12ab6d8
revoke token
battermann 9ac9428
test
battermann fd2add5
clean up API types
battermann 59b6327
wip
battermann 4c803ba
error handling
battermann bc20aaf
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann b688ef6
clean up
battermann cbefee8
get apps with account access, revoke access
battermann 71cdf9b
clean up
battermann 174a3ab
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann ed8193e
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx 40babdd
Cleanup changelog.
fisx 7643974
Update services/brig/test/integration/API/OAuth.hs
battermann 8160d3f
Discriminate against performAction tags for CallsFed constraints (#3030)
isovector b68766a
Upgrade to GHC 9.2.4 (#2810)
smatting 751ad93
check syntactic properties of auth code
battermann 2b53bc6
clean up according to review comments
battermann ebcbda7
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx e643fb0
do not redirect if url is wrong
battermann c9c2c49
Update charts/nginz/values.yaml
battermann d21d351
improve nginz module code according to PR review
battermann 9e10441
comment
battermann a54578a
play with hasserver instance
battermann 70aa9a7
...
fisx afdbe5c
...
fisx d58d78a
...
fisx 5087280
...
fisx a721f44
...
fisx 6ac782b
WIP: attempt to use checkType in OAuth logic
pcapriotti 58b2955
...
fisx e7724d7
wip
battermann 3d7d9b2
clean up
battermann 95dde99
more clear comments
battermann e4b69e8
clean up
battermann f37c319
another cleanup
battermann a0549ee
conn id optional
battermann ed226cd
Allow single scopes and lists of scopes in routes.
fisx 7d735c6
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1885-be-…
fisx a7e4cbf
instance HasSwagger (ZAuthServant ...)
fisx 70d1f47
Fixup
fisx e0c9c91
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1885-be…
fisx d93bb7d
Tweak HasSwagger docs.
fisx 1a6e02a
Merge branch 'SQSERVICES-1885-be-oauth-scopes-with-regard-to-calendar…
battermann 3407a2f
support lenient, optional zoauth combinators.
fisx d7be8cc
Merge branch 'SQSERVICES-1885-be-oauth-scopes-with-regard-to-calendar…
battermann fea0a27
Fixup
fisx 8ad2b3f
make oauth work with swagger
battermann 15015d0
show scope(s) for each endpoint in swagger
battermann 4eece1d
Merge branch 'SQSERVICES-1885-be-oauth-scopes-with-regard-to-calendar…
battermann 8192d7e
fix
battermann 0003255
fix 2
battermann a9f4d3e
grammar
battermann 389fa39
make JWK available in galley
battermann fa47d21
oauth access to conversation create works
battermann 26e75c5
jwk effect shared
battermann 54a7cb2
generated local nix packages
battermann 501a96f
setup config for secret for staging
battermann 62da199
fix tests
battermann c52784c
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann 87e6dd8
enable oauth for post conversations
battermann 9d5f5e3
renaming
battermann 737ba2b
fix
battermann 8d61c29
oauth scope for feature-configs
battermann 5047395
wip
battermann fdff6a6
clean up
battermann 0c14cca
update comment
battermann a58362e
Merge branch 'SQSERVICES-1885-be-oauth-scopes-with-regard-to-calendar…
battermann b2bcf97
sort ctors
battermann 6abe0bc
make conn param optional for create code endpoint
battermann 8d5b908
tests for write:conversation_code
battermann 2731cce
rename jwk keypair file
battermann cee1b15
renamed pub jwk key file
battermann 129fa30
rename jwk file in brig tests
battermann fc22595
rename jwk file in galley tests
battermann b960296
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx 24903c1
haddocks.
fisx e00c6ad
Nit-picks.
fisx 748d7ec
Fix a lie.
fisx ce2b068
Give up on consolidating the two HasServer instances for now.
fisx f287f7a
Tweak swagger docs.
fisx 04db869
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann 3e5066e
nix fix after develop merge
battermann 3f9410d
rust stuff
battermann a216a47
rust compiles
battermann 93083b8
rust compiles
battermann 4e0f572
wip
battermann ba70964
wip
battermann 4c292bc
wip
battermann 47ef9f2
works
battermann 7997155
scope access
battermann 673003f
oauth integration tests only using nginz
battermann 7e2a584
return a tuple
battermann d94918f
free oauth key mem
battermann 37f4cf3
naming convenetions
battermann 7de3a20
get rid of rust warnings
battermann 341e642
formatting
battermann 80f8409
error propagation
battermann 0b5bcec
oauth nginz pass locally
battermann befeca0
nginx config for CI
battermann 223b0fb
oauth public key for nginz CI
battermann 8ba3108
better rust
battermann 45418cd
remove pub keys from brig and galley, fix stuff
battermann 4961fef
clean up
battermann ec955fb
commt
battermann 367e905
set oauth_scope in template correctly
battermann 4bc1976
script
battermann 90cd5f1
Update services/nginz/third_party/nginx-zauth-module/zauth_module.c
battermann e26a03e
WIP
pcapriotti 1b3c2ca
Merge branch 'SQSERVICES-1913-oauth-move-o-auth-authentication-to-ngi…
battermann bcf6715
Merge branch 'SQSERVICES-1913-oauth-move-o-auth-authentication-to-ngi…
battermann fc92f75
clean up
battermann 296b30a
zauth module clean up
battermann 924dba4
clean up
battermann 49d1fd9
remove spaces
battermann 626ddb1
typo in nginx.conf
battermann 5b07b11
check for oom error
battermann 2af8cf7
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann 3485c37
wip
battermann 3c38d29
wip
battermann c6c3649
wip
battermann 88273e4
linter
battermann b34a586
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann cc23e84
nginx configs
battermann cfd96d6
clean up scopres, snake case to comply with standard
battermann 71c2f62
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx 852e5b8
Update charts/galley/templates/configmap.yaml
fisx bf5d939
Update charts/nginz/templates/conf/_nginx.conf.tpl
fisx 406a40f
Fixup
fisx 413981f
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1825-be-…
fisx 202e950
Fixup
fisx a40bf9d
Fixup
fisx 6713680
Merge branch 'SQSERVICES-1922-oauth-documentation' into SQSERVICES-18…
battermann fad2b92
Explicit exports and other nit-picks.
fisx 587d854
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx 57f1b50
Update docs/src/developer/reference/oauth.md
fisx 4915ad3
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1825-be-…
fisx 4464ced
docs wip
battermann a103101
Merge branch 'SQSERVICES-1825-be-oauth-refresh-token-generation' of g…
battermann 0dc39c7
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1825-be-…
fisx 29c7541
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx eab4120
wip
battermann 5a57f02
change libzauth-c target back to release
battermann 22b6628
Member instead of Members
battermann 47e4526
application name length, clean up
battermann 7b6aac3
merge db migrations
battermann 2a1afb2
typo
battermann 39500e3
better test descriptions
battermann cb35e9b
style
battermann 76fa2e4
rename auth to authorization
battermann 593d041
fix up
battermann 7d11def
fixes in docs
battermann 4b14aad
wip
battermann 4062594
fix diagram
battermann 69a8501
clean-up
battermann 14832d4
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx 8f90344
fixes
battermann 2c96c2d
arbitrary instances and roundtrip tests
battermann 02e2dbf
revert making conn id optional
battermann 4d428e4
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann 72f8beb
Revert "revert making conn id optional"
battermann d36d704
more roundtrip tests
battermann 8ba528e
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
battermann 6280c6b
another roundtrip test
battermann 7008767
removed unused tag
battermann cf1df77
manually update docs
battermann 0317e56
nit-pick
fisx 0fbdcf8
nit-pick
fisx 9bc21c2
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1825-be-…
fisx 72bc3b9
Update services/brig/src/Brig/API/OAuth.hs
fisx e72351b
Typo
fisx 22e6f1b
Merge remote-tracking branch 'refs/remotes/origin/SQSERVICES-1825-be-…
fisx 902eddc
clean up and fix
battermann 2f3c860
docs
battermann 52d75a3
fix
battermann eb98279
renaming
battermann 0ea9812
servant combinator for oauth scope description
battermann 191e2e7
renaming
battermann 0230633
compare responses
battermann bb11eb1
clean up, fixes
battermann 98b13f3
users can only see thier own apps
battermann 4d76569
clean-up
battermann 615abdb
docs last parts
battermann eaf51cf
hi ci
battermann 2048c78
release notes
battermann 13c6052
updated docs
battermann 69888bb
Merge remote-tracking branch 'origin/develop' into SQSERVICES-1825-be…
fisx bc33201
tweak changelog
fisx 3f5ccaf
Remove unused dependency in cabal file.
fisx 49619c1
generate nix defaults.
fisx f424872
do not crash if oauth key is not present
battermann 0b656c8
rename oauth keys
battermann 49d030b
Update services/brig/brig.integration.yaml
battermann e85c7e5
added comment
battermann 81eda91
added comment on jwt-simple fork
battermann 6dd43a3
rusty_jwt_tools_ffi: assume Cargo.lock is in the repo
flokli 6e8a1c5
libzauth[-c]: explicitly point to rust-jwt-simple git rev
flokli 6dcff6c
Merge remote-tracking branch 'origin/develop' into develop
flokli 3adf309
fix rust ffi test
battermann File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| If you are using OAuth (`optSettings.setOAuthEnabled: true` in brig config): before the deployment of wire-server the private and public keys for OAuth have to be provided for `brig` and `nginz` (see `docs/src/developer/reference/oauth.md` for more information) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| OAuth support for authorization of a curated list of 3rd party applications (see <https://docs.wire.com/developer/reference/oauth.html> for details) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
charts/galley/templates/mls-secret.yaml → charts/galley/templates/secret.yaml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.