c2dfd5557f
chore: Bump to 7.83.1-SNAPSHOT in 7.83.x
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2024-03-15 17:28:10 +00:00
6cdf6f655a
Do not pass oauth2 as a username to Git credentials for Bitbucket ( #662 )
...
Set bitbucket-***** as a token name annotation for bitbucket token secret. This is needed to pass username instead of oauth2 for bitbucket credentials
2024-03-07 11:08:33 +02:00
60262e3a72
chore: Bump to 7.83.0-SNAPSHOT in main ( #658 )
2024-02-28 09:18:10 +02:00
f9f4c8e5d5
Encode redirect URL if needed on oauth callback request ( #654 )
...
Some SCM providers like BItBucket Server decode the callback url so that cause IllegalArgumentException error. Catch the error and decode the redirect url.
2024-02-19 19:07:07 +02:00
4f8a84cb1d
Fetch oauth tokens from kubernetes secrets ( #652 )
...
Move AuthorisationRequestManager interface towsmaster/che-core-api-factory module in order to avoid circular dependency.
Rework the get oauth token method to return an oauth token from kubernetes secrets if token is not found in the system memory of the che-server pod. If provider name value is not configured in the kubernetes secret oauth token, get the token by mapping it by provider url from the secret and oauth provider name from the aouth config secret.
2024-02-08 10:22:51 +02:00
62f301c42d
chore: Bump to 7.82.0-SNAPSHOT in main ( #651 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2024-02-02 19:53:07 +02:00
978f2cdd21
chore: Bump to 7.81.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2024-01-11 15:35:09 +01:00
e3ccf70b64
chore: Bump to 7.80.0-SNAPSHOT in main ( #628 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-12-28 02:23:26 +02:00
151ef89772
Return oauth1 providers on registered oauth providers list request ( #624 )
...
Add the list of oauth1 providers to the list of registered oauth2 providers on get registered oauth providers API request.
2023-12-21 14:03:42 +02:00
7acf4cc2d9
chore: Bump to 7.79.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-11-30 12:24:39 +01:00
92b37d2b6e
chore: Bump to 7.78.0-SNAPSHOT in main ( #605 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-11-13 13:38:23 +02:00
26cf509ea7
chore: Bump to 7.77.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-11-06 09:39:16 +01:00
148415c691
Respect authorisation request opt-out on workspace start ( #576 )
...
If user rejects an scm provider authorisation request while creating or starting existed workspace store the name of the scm provider in the workspace-preferences config-map. The workspace create/start step must proceed without token fetch step. If user creates another workspace or starts existed workspace from an scm provider which name is stored in the config-map, do not ask the authorisation as it was already rejected once.
2023-10-12 15:59:42 +03:00
f27f8b1589
Update minor maven dependencies ( #577 )
2023-10-12 14:38:05 +03:00
2f2a939823
chore: Bump to 7.76.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-09-28 10:13:22 +02:00
b2ff110da5
Encode the authentication reject error to build a proper callback url ( #568 )
...
Encode the &error_code=access_denied query param for the callback url in order to fix the bug when the authentication request appears again if it was rejected.
2023-09-27 14:20:27 +03:00
033d310b0d
chore: Bump to 7.75.0-SNAPSHOT in main ( #554 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-09-11 19:17:12 -03:00
8d19ea8046
chore: Bump to 7.74.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-08-23 15:09:29 +02:00
f5a70d0f9a
Do not return secret token in the Oauth API ( #538 )
...
Remove the personalAccessTokenManager.get() call from the OAuth API getToken() method. The OAuth API must not know anything about PAT secrets. It should get tokens only by requesting an SCM provider OAuth API.
Fix validating the Bitbucket-Server PAT method by requesting user instead of requesting.
This prevents the code execution going to a recursive loop: bitbucketServerApiClient.getPersonalAccessToken() calls oauthApi.getToken() which referred to personalAccessTokenManager.getToken() which validated the token by calling scmPersonalAccessTokenFetcher.getScmUsername() -> bitbucketServerApiClient.getPersonalAccessToken().
2023-08-17 16:29:24 +03:00
29ff3f3e75
chore: Bump to 7.73.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-07-31 10:50:12 +02:00
2cd1bb2b46
chore: Bump to 7.72.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-07-24 12:10:57 +02:00
454bc7304f
chore: Bump to 7.71.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-06-30 09:45:41 +02:00
c23792c7b1
chore: Bump to 7.70.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-06-15 10:18:24 +02:00
fdb2dbf163
chore: Bump to 7.69.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-06-02 16:13:59 +02:00
559de5a7f1
chore: Bump to 7.68.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-05-18 10:44:15 +02:00
1fb16e5b63
chore: Bump to 7.67.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-05-10 10:27:11 +02:00
b333b7bdb9
chore: Bump to 7.66.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-04-21 13:06:43 +02:00
d0402f0b8e
chore: Bump to 7.65.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-04-19 11:11:56 +02:00
b24e3c7d95
feat: support retrieving Git user data when PAT is configured ( #489 )
...
* feat: support retrieving Git user data when PAT is configured
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-04-04 10:14:40 +03:00
45e9d18d22
Fix vuOAlnerable dependencies
...
Signed-off-by: Igor Vinokur <ivinokur@redhat.com>
2023-03-29 19:04:50 +02:00
63c72d2628
chore: Bump to 7.64.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-03-27 15:40:05 +02:00
709d872d24
chore: Bump to 7.63.0-SNAPSHOT in main ( #459 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-03-08 18:05:13 -04:00
49773464e3
Fix remarks
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-02-27 16:32:29 +02:00
19d13edc7f
feat: Azure DevOps Service OAuth2
...
Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2023-02-23 15:20:20 +02:00
fbf318c0d6
chore: Bump to 7.62.0-SNAPSHOT in main ( #447 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-02-16 13:28:52 -04:00
cb3565dbf8
Support Bitbucket-server oAuth2 factory ( #440 )
...
Apply Bitbucket Server oAuth-2 configuration for the factory flow.
2023-02-15 16:43:27 +02:00
7323f4776f
Apply Bitbucket server url validation by testing an API request ( #428 )
...
Support factory from public Bitbucket-server repository without any oAuth configuration in the Che side. Add a new check that detects a Bitbucket-server url by testing it by a Bitbucket-server Api request.
2023-01-26 15:25:09 +02:00
9a003e2351
chore: Bump to 7.61.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-01-26 11:30:33 +01:00
13a84d2943
chore: Bump to 7.60.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2023-01-09 14:10:06 +01:00
a97e6eec90
chore: update license headers to 2023 because we still use that annoying license header checker for some reason ( #412 )
...
To update next year:
find . -name "*" -exec sed -i -r -e "s@-2023 Red Hat@-2024 Red Hat@g" {} \;
Change-Id: I2167da69ac584e743e61f4bbe699f06296911857
Signed-off-by: Nick Boldt <nboldt@redhat.com>
Signed-off-by: Nick Boldt <nboldt@redhat.com>
2023-01-04 10:33:06 -04:00
ef626cd6ee
Fix Delete oauth token API method ( #408 )
...
Rework the invalidate token oauth API method to send revoke token request to the git provider. After this request Che authorisation is unsynchronised so user is asked to re apply the authentication on new factory create step.
2023-01-04 10:06:25 +02:00
23e5b5f891
chore: Bump to 7.59.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-12-15 15:50:16 +01:00
5e90d07987
chore: Bump to 7.58.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-11-24 15:30:55 +01:00
fb0bdd249f
chore: Bump to 7.57.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-11-04 15:32:21 +01:00
bc4ec10c23
chore: Bump to 7.56.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-10-12 16:11:49 +02:00
6350fa9ab4
chore: Bump to 7.55.0-SNAPSHOT in main ( #358 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-09-29 17:06:33 +03:00
9f72001242
chore: Bump to 7.54.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-08-31 15:11:43 +02:00
bd9cd9db44
chore: Apply authentication status in the callback url ( #338 )
...
When processing an authentication callback request set additional error query patameter to the callback url.
How it works:
1. User creates a factory form dashboard.
2. Dasboard requests che-server factory API with no error param in the request url. See https://github.com/eclipse-che/che-dashboard/pull/599
3. Che-server create factory API parses the url for the error param. No error query param means `skipAuthentication=false`. Authentication in progress.
74eb0a333d/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java (L104-L106)74eb0a333d/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java (L85-L93)e2849d9d21/packages/dashboard-frontend/src/containers/Loader/Factory/Steps/FetchDevfile/index.tsx (L208-L213)74eb0a333d/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java (L70-L81)
2022-08-11 17:14:30 +03:00
c57d3b04a9
chore: Bump to 7.53.0-SNAPSHOT in main
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-08-11 15:58:39 +02:00
922b48eaad
chore: Bump to 7.52.0-SNAPSHOT in main ( #331 )
...
Signed-off-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
Co-authored-by: Mykhailo Kuznietsov <mkuznets@redhat.com>
2022-07-27 15:06:12 +03:00
Mykhailo Kuznietsov