dea47f601d
more info on exception
2023-02-22 16:13:05 -08:00
0ae09577f6
Client & Central Controller updates to support additonal OIDC features ( #1848 )
...
Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different
Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.
2023-01-19 15:39:15 -08:00
98e0bf22d3
fix actual typo in config key code
2022-12-07 10:23:11 -05:00
1e2ff042b4
fix typos in docs, comments, and strings
2022-12-07 10:17:53 -05:00
4e57abb159
Revert "modify sso queries for schema change"
...
This reverts commit 8b67d06272
2022-09-28 13:26:41 -07:00
2b1ba60f24
Optimize member load query for Central controllers
2022-09-28 13:10:34 -07:00
638c868a07
Revert "query update for sso"
...
This reverts commit 3c343eb775
2022-09-28 13:04:08 -07:00
b909330518
Revert "bump min db version"
...
This reverts commit 802072ec17
2022-09-28 13:03:41 -07:00
802072ec17
bump min db version
2022-09-27 14:21:20 -07:00
3c343eb775
query update for sso
2022-09-27 13:41:52 -07:00
8b67d06272
modify sso queries for schema change
2022-09-21 14:29:47 -07:00
9cf8dacfbb
don't crash out of the controller heartbeat loop here
2022-06-30 11:40:04 -07:00
b5d7d71e1e
use connection pool instead of new connection for member status writes
...
redis plus plus has an annoying feature where it will open a new
connection for each tx or pipeline by default, rather than just fetching
an existing connection from the pool. Let's change that
2022-06-30 09:59:47 -07:00
6fdc7be502
redis connection pool tuning
2022-06-29 09:39:51 -07:00
0d7197381a
exit here on error
2022-06-28 09:28:35 -07:00
ff8da9d246
Play with online notification timing again
2022-06-24 10:03:30 -07:00
c1384422c3
just sleep 1 second
2022-06-22 10:58:23 -07:00
ccc0ebd0f9
don't spam the logs quite as much on first startup
...
sleep the thread 1 second every round until we're actually updating
members
2022-06-22 10:42:51 -07:00
9d4336d296
redis connection tuning
2022-06-22 10:30:58 -07:00
17bc9d3085
redis thread now uses this_thread::yield()
2022-06-22 10:07:55 -07:00
436f481a34
fix log line
2022-06-22 10:01:07 -07:00
9e8215b213
adjust sleep between onlineNotification runs. Added timer to output
2022-06-22 09:43:09 -07:00
caf8b15f6d
Merge pull request #1701 from tossp/sql2
...
fix sql
2022-06-19 18:09:28 -07:00
bc7f18064f
fix sql
...
bind message supplies 17 parameters, but prepared statement "" requires 16
2022-06-20 05:59:13 +08:00
355d3f44fb
logging & redis standalone fix
2022-06-16 11:52:35 -07:00
9de863e68b
update controller db record
2022-06-16 10:50:07 -07:00
64b7f8e445
quiet down logs more
2022-06-15 16:58:11 -07:00
626f488cb4
quiet down the controller logs a smidge
2022-06-15 16:58:07 -07:00
10212e376a
more redis in the controller
2022-06-15 16:58:04 -07:00
0ed339f19d
make sure value here is true, not just that the env var is set
2022-06-13 15:44:35 -07:00
c6fc3560f2
Merge branch 'dev' into redisrection
2022-06-13 13:09:36 -07:00
b65c1ed3a0
Add inja
...
Requries update to C++17 standard
2022-05-13 09:34:15 -07:00
9ddc0327d4
enable redis member status again
2022-05-10 08:36:39 -07:00
59151fbf86
remove max count for xread
2022-04-28 13:10:07 -07:00
1c700b7b41
Fix redis cluster usage
2022-04-28 13:05:02 -07:00
ff18bacd94
fix XREAD commands for redis message queue
2022-04-28 11:16:45 -07:00
ef08346a74
Fix a possible excessive memory use issue in controller and clean up a bunch of COM handling and other code in the normal node.
2022-04-19 19:59:54 -04:00
912036b260
Push credentials always if updated (client-side) and some controller-side cleanup that should be logically irrelevant but will prevent unnecessary DB lookups.
2022-04-19 12:41:38 -04:00
a4e8847664
Restore sending of rejections but move it exclusively to a thread, widen netconf window to 30 minutes.
2022-04-19 10:37:58 -04:00
c492bf7eea
Forgot to send error on v0 auth expiry.
2022-04-18 16:36:09 -04:00
cb086ff97f
Simplify SSO logic. SSO should just normally expire when it expires. No full deauth needed. Deauth is for really giving someone the boot.
2022-04-18 16:32:05 -04:00
55a99f34d0
Tighten certificate window and deprecate sending of revocations for ordinary SSO timeouts. Revocations should only be for deliberate deauth to kick people off networks. Cert window should now stay within refresh window for SSO so normal cert expiration should handle it just fine.
2022-04-15 14:23:26 -04:00
58119598ae
comment out some new deauth code
2022-04-13 23:10:11 -04:00
42a2afaef9
This may improve controller behavior with SSO and mixed SSO, needs testing!
2022-04-13 21:39:56 -04:00
f8e24f4629
Fix issue where restarting a controller causes a DB write for each network member
2022-02-28 12:26:32 -08:00
c09010c25a
handle nonce rotation in controller better
...
Won't generate new nonces until there are no active ones.
2022-01-20 15:14:29 -08:00
b3fbbd3124
refresh tokens now working
...
Still investigating the best way to do a couple things, but we have something working
2021-12-07 16:29:50 -08:00
730482e62f
encode network ID into sso state param
2021-12-01 15:02:21 -08:00
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL
2021-12-01 13:01:32 -08:00
7cce23ae79
wip
2021-12-01 10:44:29 -08:00
