Juan Font 
							
						 
					 
					
						
						
						
						
							
						
						
							8909f801bb 
							
						 
					 
					
						
						
							
							Added more debug messages in OIDC registration  
						
						
						
					 
					
						2022-11-15 21:28:26 +01:00 
						 
				 
			
				
					
						
							
							
								Juan Font 
							
						 
					 
					
						
						
						
						
							
						
						
							ef68f17a96 
							
						 
					 
					
						
						
							
							Return the correct error on cache miss  
						
						
						
					 
					
						2022-11-14 18:34:27 +01:00 
						 
				 
			
				
					
						
							
							
								Juan Font 
							
						 
					 
					
						
						
						
						
							
						
						
							f74266f8f8 
							
						 
					 
					
						
						
							
							OIDC code cleanup and harmonize with regular web auth  
						
						
						
					 
					
						2022-11-14 18:34:27 +01:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							18c0009a51 
							
						 
					 
					
						
						
							
							Fix oidc.go linting issues  
						
						... 
						
						
						
						Signed-off-by: Juan Font Alonso <juanfontalonso@gmail.com> 
						
					 
					
						2022-11-13 15:42:54 +01:00 
						 
				 
			
				
					
						
							
							
								LiuHanCheng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							07f92e647c 
							
						 
					 
					
						
						
							
							fix bug in  #912  ( #914 )  
						
						
						
					 
					
						2022-11-05 09:07:22 +01:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							52073ce7c9 
							
						 
					 
					
						
						
							
							Pass context in OIDC helpers  
						
						
						
					 
					
						2022-09-04 15:02:18 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font 
							
						 
					 
					
						
						
						
						
							
						
						
							cc3de7e723 
							
						 
					 
					
						
						
							
							Fix error decoding claims ( #744 )  
						
						
						
					 
					
						2022-08-17 15:03:10 +00:00 
						 
				 
			
				
					
						
							
							
								Juan Font 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8e56d8b425 
							
						 
					 
					
						
						
							
							Merge branch 'main' into switch-to-db-d  
						
						
						
					 
					
						2022-08-11 13:11:38 +02:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
						
						
							
						
						
							110b01befa 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/main' into fix-bug-in-excludecorrectlytaggednodes  
						
						
						
					 
					
						2022-08-11 12:49:26 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							804d70386d 
							
						 
					 
					
						
						
							
							Switch to nodekey in urls  
						
						
						
					 
					
						2022-08-11 12:15:16 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							e91c378bd4 
							
						 
					 
					
						
						
							
							Replace machine key with node key in preparation for Noise in auth related stuff  
						
						
						
					 
					
						2022-08-10 15:35:26 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8a9fe1da4b 
							
						 
					 
					
						
						
							
							Merge branch 'main' into oidc-refactoring  
						
						
						
					 
					
						2022-08-09 20:29:02 +02:00 
						 
				 
			
				
					
						
							
							
								Grigoriy Mikhalkin 
							
						 
					 
					
						
						
						
						
							
						
						
							a1e7e771ce 
							
						 
					 
					
						
						
							
							refactor OIDC callback aux functions  
						
						
						
					 
					
						2022-08-07 13:57:07 +02:00 
						 
				 
			
				
					
						
							
							
								Grigoriy Mikhalkin 
							
						 
					 
					
						
						
						
						
							
						
						
							00d2a447f4 
							
						 
					 
					
						
						
							
							decompose OIDCCallback method  
						
						
						
					 
					
						2022-08-07 13:27:29 +02:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							79688e6187 
							
						 
					 
					
						
						
							
							chore(all): apply formater  
						
						
						
					 
					
						2022-08-04 10:47:00 +02:00 
						 
				 
			
				
					
						
							
							
								Grigoriy Mikhalkin 
							
						 
					 
					
						
						
						
						
							
						
						
							911e6ba6de 
							
						 
					 
					
						
						
							
							exported API errors  
						
						
						
					 
					
						2022-07-29 17:35:21 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							ffcc72876c 
							
						 
					 
					
						
						
							
							Lint fixes 7/n  
						
						
						
					 
					
						2022-06-26 12:30:52 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							c810b24eb9 
							
						 
					 
					
						
						
							
							Lint fixes 5/n  
						
						
						
					 
					
						2022-06-26 12:21:35 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							c859bea0cf 
							
						 
					 
					
						
						
							
							Lint fixes 3/n  
						
						
						
					 
					
						2022-06-26 12:01:04 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							a913d1b521 
							
						 
					 
					
						
						
							
							Lint fixes 2/n  
						
						
						
					 
					
						2022-06-26 11:55:37 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							396c3ecdf7 
							
						 
					 
					
						
						
							
							Remove Gin from the OIDC handlers  
						
						
						
					 
					
						2022-06-20 12:31:19 +02:00 
						 
				 
			
				
					
						
							
							
								Juan Font Alonso 
							
						 
					 
					
						
						
						
						
							
						
						
							d5e331a2fb 
							
						 
					 
					
						
						
							
							Remove Gin from OIDC callback  
						
						
						
					 
					
						2022-06-17 17:42:17 +02:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							e631c6f7e0 
							
						 
					 
					
						
						
							
							Merge master  
						
						
						
					 
					
						2022-05-16 21:41:46 +02:00 
						 
				 
			
				
					
						
							
							
								Antoine POPINEAU 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7cc58af932 
							
						 
					 
					
						
						
							
							Allow more configuration over the OIDC flow.  
						
						... 
						
						
						
						Adds knobs to configure three aspects of the OpenID Connect flow:
 * Custom scopes to override the default "openid profile email".
 * Custom parameters to be added to the Authorize Endpoint request.
 * Domain allowlisting for authenticated principals.
 * User allowlisting for authenticated principals. 
						
					 
					
						2022-05-02 17:11:07 +02:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							14994cb6cc 
							
						 
					 
					
						
						
							
							Use new logic and fields for dns  
						
						
						
					 
					
						2022-04-24 20:55:54 +01:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							739653fa71 
							
						 
					 
					
						
						
							
							Merge branch 'main' into feat-add-debug-log  
						
						
						
					 
					
						2022-03-18 20:44:21 +00:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2e04abf4bb 
							
						 
					 
					
						
						
							
							feat(oidc): add debug log  
						
						
						
					 
					
						2022-03-18 09:40:12 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							61ebb713f2 
							
						 
					 
					
						
						
							
							fix(oidc): Reset expiry for reauthentication  
						
						... 
						
						
						
						The previous code resetted the expiry time to be expired.  So the machine was never reauthenticated 
						
					 
					
						2022-03-18 09:32:07 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f19c048569 
							
						 
					 
					
						
						
							
							fix: change normalization function name  
						
						
						
					 
					
						2022-03-07 22:55:54 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1114449601 
							
						 
					 
					
						
						
							
							change: update name of method to check and normalize Domain name  
						
						
						
					 
					
						2022-03-06 20:46:17 +01:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							1f8c7f427b 
							
						 
					 
					
						
						
							
							Add comment  
						
						
						
					 
					
						2022-03-02 07:29:56 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							ec4dc68524 
							
						 
					 
					
						
						
							
							Use correct machinekey format for oidc reg  
						
						
						
					 
					
						2022-03-02 07:29:56 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							86ade72c19 
							
						 
					 
					
						
						
							
							Remove err check  
						
						
						
					 
					
						2022-03-02 07:29:56 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							82cb6b9ddc 
							
						 
					 
					
						
						
							
							Cleanup some unreachable code  
						
						
						
					 
					
						2022-02-28 23:00:41 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							8bef04d8df 
							
						 
					 
					
						
						
							
							Remove sorted todo  
						
						
						
					 
					
						2022-02-28 22:45:42 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							5e92ddad43 
							
						 
					 
					
						
						
							
							Remove redundant caches  
						
						... 
						
						
						
						This commit removes the two extra caches (oidc, requested time) and uses
the new central registration cache instead. The requested time is
unified into the main machine object and the oidc key is just added to
the same cache, as a string with the state as a key instead of machine
key. 
						
					 
					
						2022-02-28 22:42:30 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							16b21e8158 
							
						 
					 
					
						
						
							
							Remove all references to Machine.Registered  
						
						
						
					 
					
						2022-02-28 16:55:57 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							35616eb861 
							
						 
					 
					
						
						
							
							Fix oidc error were namespace isnt created  #365  
						
						
						
					 
					
						2022-02-28 16:41:28 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							54cc3c067f 
							
						 
					 
					
						
						
							
							Implement new machine register parameter  
						
						
						
					 
					
						2022-02-28 16:34:50 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							469551bc5d 
							
						 
					 
					
						
						
							
							Register new machines needing callback in memory  
						
						... 
						
						
						
						This commit stores temporary registration data in cache, instead of
memory allowing us to only have actually registered machines in the
database. 
						
					 
					
						2022-02-28 08:06:39 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							fd1e4a1dcd 
							
						 
					 
					
						
						
							
							Generalise registration for openid  
						
						
						
					 
					
						2022-02-27 18:42:24 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
						
						
							
						
						
							046116656b 
							
						 
					 
					
						
						
							
							chore: update formatting  
						
						
						
					 
					
						2022-02-23 14:22:21 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
						
						
							
						
						
							4f1f235a2e 
							
						 
					 
					
						
						
							
							feat: add strip_email_domain to normalization of namespace  
						
						
						
					 
					
						2022-02-23 14:03:07 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
						
						
							
						
						
							afd4a3706e 
							
						 
					 
					
						
						
							
							chore: update formating  
						
						
						
					 
					
						2022-02-22 21:05:39 +01:00 
						 
				 
			
				
					
						
							
							
								Adrien Raffin-Caboisse 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0191ea93ff 
							
						 
					 
					
						
						
							
							feat(oidc): bind email to namespace  
						
						
						
					 
					
						2022-02-22 19:59:15 +01:00 
						 
				 
			
				
					
						
							
							
								Csaba Sarkadi 
							
						 
					 
					
						
						
						
						
							
						
						
							1a6e5d8770 
							
						 
					 
					
						
						
							
							Add support for multiple IP prefixes  
						
						
						
					 
					
						2022-01-16 14:18:22 +01:00 
						 
				 
			
				
					
						
							
							
								wakeful-cloud 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1c7cb98042 
							
						 
					 
					
						
						
							
							Template Fixes  
						
						
						
					 
					
						2021-12-22 19:43:53 -07:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							59aeaa8476 
							
						 
					 
					
						
						
							
							Ensure we always have the key prefix when needed  
						
						
						
					 
					
						2021-11-27 20:25:12 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							c38f00fab8 
							
						 
					 
					
						
						
							
							Unmarshal keys in the non-deprecated way  
						
						
						
					 
					
						2021-11-26 23:50:42 +00:00 
						 
				 
			
				
					
						
							
							
								Kristoffer Dalby 
							
						 
					 
					
						
						
						
						
							
						
						
							cfd53bc4aa 
							
						 
					 
					
						
						
							
							Factor wgkey to types/key  
						
						... 
						
						
						
						This commit converts all the uses of wgkey to the new key interfaces.
It now has specific  machine, node and discovery keys and we now should
use them correctly.
Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.
In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them. 
						
					 
					
						2021-11-26 23:30:42 +00:00