feat: Implementation of ExtendedPayload for attribute remapping #1

jknight-liatrio · 2023-09-05T19:02:25Z

Overview

What this PR does / why we need it

Special notes for your reviewer

Does this PR introduce a user-facing change?

Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](helm/kind-action@v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Oded Ben-Ozer <[email protected]>

Signed-off-by: Cedric-Magnan <[email protected]> Signed-off-by: Oded Ben-Ozer <[email protected]>

* Add the ability to composite new claims in the OIDC connector, based on upstream claims Signed-off-by: Oded Ben-Ozer <[email protected]>

Signed-off-by: Oded Ben-Ozer <[email protected]>

and structure for future claim modification additions Signed-off-by: Oded Ben-Ozer <[email protected]>

Signed-off-by: Andy Lo-A-Foe <[email protected]>

- Add missing json tag. - Control delimiter cleaning with a configuration key. - Use better variable names - concatenate string using slice and join Signed-off-by: Oded Ben-Ozer <[email protected]>

Signed-off-by: Oded Ben-Ozer <[email protected]>

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@41f05d9...fbd1636) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

blairdrummond

Looks good to me!

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b7f8ab...a8a3f3a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.9.1 to 3.0.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@4c0219f...f95db51) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@c85c95e...8ade135) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.138.0 to 0.143.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.138.0...v0.143.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.4 to 2.21.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@a09933a...ddccb87) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps alpine from 3.18.3 to 3.18.4. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…aquasecurity/trivy-action-0.12.0 build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0

…actions/upload-artifact-3.1.3 build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3

Update ent

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.62.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.61.0...v1.62.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

…v2/google.golang.org/grpc-1.62.0 build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2

…exidp#3405) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.18.0 to 1.19.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/v1.19.0/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.18.0...v1.19.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…exidp#3398) Bumps golang from 1.22.0-alpine3.18 to 1.22.1-alpine3.18. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…3406) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…dp#3407) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.167.0 to 0.169.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.167.0...v0.169.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Matthias Loibl <[email protected]> Signed-off-by: Maksim Nabokikh <[email protected]> Signed-off-by: m.nabokikh <[email protected]> Co-authored-by: Matthias Loibl <[email protected]>

…dp#3381) Bumps distroless/static from `072d78b` to `9235ad9`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…idp#3382) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@f95db51...0d103c3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…xidp#3384) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@84384bd...062f259) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…3386) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@47b3d88...8a470fd) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.15.8 to 0.15.9. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@b6a39da...9fece9e) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0. - [Commits](golang/oauth2@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…les (dexidp#3394) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0. - [Commits](golang/oauth2@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: hsinhoyeh <[email protected]>

Customization of headers in the authentication server is crucial for enforcing stringent security measures by allowing the inclusion of specific headers required for authentication protocols and compliance standards. This customization ensures that authentication requests are processed securely, mitigating potential vulnerabilities and ensuring adherence to security policies. Signed-off-by: m.nabokikh <[email protected]>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Enhanced the OIDC connector to allow specifying an empty promptType parameter. Previously, the default behavior always appended 'consent' if promptType was not specified. This adjustment was necessary due to variations in default behaviors across certain Identity Providers (IDPs). Signed-off-by: m.nabokikh <[email protected]> Signed-off-by: Maksim Nabokikh <[email protected]>

…exidp#3414) Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.7.1 to 1.8.0. - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.7.1...v1.8.0) --- updated-dependencies: - dependency-name: github.com/go-sql-driver/mysql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…exidp#3413) Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: m.nabokikh <[email protected]>

…dp#3410) Bumps distroless/static from `9235ad9` to `7e5c6a2`. --- updated-dependencies: - dependency-name: distroless/static dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…p#3411) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@4a13e50...af5a7ed) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…p#3412) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.0 to 1.62.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…xidp#3389) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot and others added 15 commits August 6, 2023 13:21

Update oauth2.go

6c00fe0

Signed-off-by: Cedric-Magnan <[email protected]> Signed-off-by: Oded Ben-Ozer <[email protected]>

Update server.go

a72413d

Signed-off-by: Cedric-Magnan <[email protected]> Signed-off-by: Oded Ben-Ozer <[email protected]>

fix: linting with gofmt

139845c

Signed-off-by: Cedric-Magnan <[email protected]> Signed-off-by: Oded Ben-Ozer <[email protected]>

Composite claims in OIDC connector (#3)

6d143f1

* Add the ability to composite new claims in the OIDC connector, based on upstream claims Signed-off-by: Oded Ben-Ozer <[email protected]>

Document each test case

316296b

Signed-off-by: Oded Ben-Ozer <[email protected]>

Merge branch 'dexidp:master' into master

088c380

Rename configuration option to include a reference to groups

a528484

and structure for future claim modification additions Signed-off-by: Oded Ben-Ozer <[email protected]>

Optional ExtendPayload interface support

a416ee5

Signed-off-by: Andy Lo-A-Foe <[email protected]>

Address issues raised in review:

b1f4bd0

- Add missing json tag. - Control delimiter cleaning with a configuration key. - Use better variable names - concatenate string using slice and join Signed-off-by: Oded Ben-Ozer <[email protected]>

Fix lint issue

7f0056c

Signed-off-by: Oded Ben-Ozer <[email protected]>

Merge remote-tracking branch 'philips-forks/feature/extend-payload'

e5307e7

hack: add crazy lua functionality

46a0b39

fix: rename file

1d80f11

jknight-liatrio changed the title ~~Blair master~~ feat: Implementation of ExtendedPayload for attribute remapping Sep 5, 2023

fix: revert debugging comment

d8fe13c

jknight-liatrio force-pushed the blair-master branch from 10b79ea to d8fe13c Compare September 5, 2023 19:35

jknight-liatrio added the kind/enhancement label Sep 5, 2023

blairdrummond approved these changes Sep 5, 2023

View reviewed changes

blairdrummond and others added 10 commits September 5, 2023 17:19

fix: appease the linter

f8594c7

run linters

50b73d2

build(deps): bump alpine from 3.18.3 to 3.18.4

3b8e972

Bumps alpine from 3.18.3 to 3.18.4. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Merge pull request dexidp#3090 from dexidp/dependabot/github_actions/…

aeff8df

…aquasecurity/trivy-action-0.12.0 build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0

Merge pull request dexidp#3099 from dexidp/dependabot/github_actions/…

ac144e3

…actions/upload-artifact-3.1.3 build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3

sagikazarmark and others added 30 commits February 27, 2024 14:17

Merge pull request dexidp#3379 from dexidp/update-ent

d59145b

Update ent

Merge pull request dexidp#3365 from dexidp/dependabot/go_modules/api/…

8652a7c

…v2/google.golang.org/grpc-1.62.0 build(deps): bump google.golang.org/grpc from 1.61.0 to 1.62.0 in /api/v2

Update go-jose to v4.0.1 (dexidp#3409)

60ddd18

Signed-off-by: Matthias Loibl <[email protected]> Signed-off-by: Maksim Nabokikh <[email protected]> Signed-off-by: m.nabokikh <[email protected]> Co-authored-by: Matthias Loibl <[email protected]>

fix: add sanitizer to ldap account and password (dexidp#3372)

77333d6

Signed-off-by: hsinhoyeh <[email protected]>

Set read only permissions to the check job (dexidp#3415)

1d973dd

Signed-off-by: m.nabokikh <[email protected]>

Merge remote-tracking branch 'upstream/master' into blair-master

564de07

feat: lua -> rego

0957553

fix: formatting int issue

6c038a5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Implementation of ExtendedPayload for attribute remapping #1

feat: Implementation of ExtendedPayload for attribute remapping #1

jknight-liatrio commented Sep 5, 2023

blairdrummond left a comment

feat: Implementation of ExtendedPayload for attribute remapping #1

Are you sure you want to change the base?

feat: Implementation of ExtendedPayload for attribute remapping #1

Conversation

jknight-liatrio commented Sep 5, 2023

Overview

What this PR does / why we need it

Special notes for your reviewer

Does this PR introduce a user-facing change?

blairdrummond left a comment

Choose a reason for hiding this comment