Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convert CLI handling to use Kong #113

Open
wants to merge 46 commits into
base: main
Choose a base branch
from
Open

Convert CLI handling to use Kong #113

wants to merge 46 commits into from

Conversation

punmechanic
Copy link
Member

Kong requires fewer tricks (except for that weird reflection it uses) and is a lot easier to scan with less global setup required in init blocks.

@punmechanic
Use oauth2 package for the token exchange call
6c15e6b 
This should also fix a bug where non-HTTP 200 responses are not caught
and result in a cryptic error later in the exchange process
@punmechanic
Use OAuth2 package more heavily to simplify code
f3ec1be 
* Pass client through context. This would normally be frowned upon but
  we know we will only be using OAuth2's APIs to interact with Okta
  anyway.
* Implement oauth2.TokenSource on TokenSet, which removes the need to
  manually construct *oauth2.Token.
@punmechanic
Parse the ID token in LoginCommand, not in the Config
62d20b6 
The config shouldn't "know" anything about the minutae of the token it
is receiving.
@punmechanic
Move socket creation into LoginCommand
5521578 
Takes the HandlePendingSession function much simpler
@punmechanic
Move port handling out of the oauth2 file
a0d1470
@punmechanic
Use ClientContext() instead of the context key directly
7e86ece
@punmechanic
Use slices.Contains() instead of our own custom function
ff3e035
@punmechanic
Refactor Get to have a struct, like Login
bb55790
@punmechanic
Use a writer pattern for exporting environment variables
c693c4b
@punmechanic
Move things around to reduce symbols in main package
27f8b2a
@punmechanic
Remove unused package go-rootcerts
7cc87bd 
This was necessary due a bug in Go
(golang/go#14514) that was resolved in Go 1.8.
@punmechanic
Move oauth2 things of the command package
b812fcd
@punmechanic
Remove partial Tencent Cloud support
1037f45 
This will be reimplemented at some point in the future, but this has not
been working since 85f224a and attempting to use it results in a
run-time panic.
@punmechanic
Use OIDC library for fetching UserInfo
7c56a6f 
The UserInfo endpoint for Okta is standards-compliant, so we should use
a standards-compliant library to access it
@punmechanic
Use newer versions of Go & aws-lambda-go
b8ebf58
@punmechanic
Use the v2 AWS SDK
edbdddb
@punmechanic
Use official Hashicorp SDK for Vault
d9824f5
@punmechanic
Do not use AWS auth for Vault
64fbd0b 
Instead of using AWS authentication for Vault, users should be
instructed to use the Hashicorp Vault extension for AWS Lambda;
KeyConjurer's Lambda functions are not made aware of any authentication
details.

https://developer.hashicorp.com/vault/docs/platform/aws/lambda-extension
@punmechanic
Rename the environment variables
0a57be4 
VAULT_SECRET_PATH conflicts with the Lambda extension.
@punmechanic
Correct key-value
1277d79
@punmechanic
Put binaries in bin/
bfa112f
@punmechanic
Remove unused packages
21e9853
@punmechanic
Disable CGO
12476b7
@punmechanic
Fix secret decoding
ada05bf
@punmechanic
Remove the Lambdaify handler to simplify code
40b1f72
@punmechanic
Convert Switch command to be struct-based
5abd257
@punmechanic
Update LoginCommand to match SwitchCommand
e4f02d8
@punmechanic
Remove flags and command from GetCommand
bac97ae
@punmechanic
Hide OIDC flags
2bc30fa
@punmechanic
Get Kong
72b44c3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@punmechanic