Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft: OIDC native login #660

Open
wants to merge 58 commits into
base: master
Choose a base branch
from
+1,501 −36
Open

Draft: OIDC native login #660

Changes from 1 commit
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
a59e4bd
Multi-arch capable Dockerfile
sandhose Feb 2, 2022
5379b83
Build and push multi-arch Docker images in CI
sandhose Feb 2, 2022
24c5879
Make the Docker image configurable at runtime
sandhose Feb 2, 2022
2604e6a
Native OIDC login
sandhose Mar 3, 2022
b9bca9d
Only generate the auth URL and start the login flow on click
sandhose Mar 3, 2022
83684c8
Generate the OIDC redirect URI from the URLRouter
sandhose Mar 3, 2022
2ba8bc3
Simplify OIDC callback navigation handling
sandhose Mar 3, 2022
68daf51
Use platform APIs for text encoding and hashing
sandhose Mar 3, 2022
dd8cd31
Stop the token refresher when disposing the client
sandhose Mar 3, 2022
21cf845
Typo.
sandhose Mar 3, 2022
46e884b
OIDC dynamic client registration
sandhose Apr 25, 2022
4644004
Add client_uri, tos_uri and policy_uri client metadata
sandhose Apr 29, 2022
8da49df
Make hydrogen generate the device scope
sandhose Jul 4, 2022
f976430
Use unstable prefix for MSC2965 issuer discovery
hughns Jul 8, 2022
0a4822c
Rename OIDC login button to Continue
hughns Jul 8, 2022
06a2068
Request urn:matrix:api:* scope for OIDC
hughns Jul 25, 2022
f31f57e
Try to improve error message on no login method available
hughns Jul 25, 2022
786a082
fix: hide OIDC button when not in use
hughns Jul 25, 2022
7463145
Use primary styling for OIDC login button
hughns Jul 25, 2022
a44f13e
Handle case of OIDC Provider not returning supported_grant_types
hughns Jul 25, 2022
36050b1
Handle case of issuer field not ending with /
hughns Jul 25, 2022
f8dca77
Improve error handling for OIDC discovery and registration
hughns Jul 25, 2022
485e8a2
Ask OP to revoke tokens on logout
hughns Jul 25, 2022
1ea9eda
Support statically configured OIDC clients
hughns Jul 29, 2022
35bb265
Use valid length of code_verifier
hughns Jul 29, 2022
462b8b6
Link out to OIDC account management URL if available
hughns Jul 31, 2022
7dc30c4
Use unstable OIDC scope names
hughns Aug 3, 2022
6de66f7
Multi-arch capable Dockerfile
sandhose Feb 2, 2022
9b159a7
Use non-root nginx base in Docker image
sandhose Feb 2, 2022
9fd7f25
Build and push multi-arch Docker images in CI
sandhose Feb 2, 2022
c8bff10
Update the documentation to reference the published docker image
sandhose Feb 2, 2022
49d1547
Make the Docker image configurable at runtime
sandhose Feb 2, 2022
17875e4
Native OIDC login
sandhose Mar 3, 2022
37e9727
Only generate the auth URL and start the login flow on click
sandhose Mar 3, 2022
1ead9bc
Improve error handling for OIDC discovery and registration
hughns Jul 25, 2022
f177a94
Actually make SessionLoadViewModel.logout do something
hughns Jul 31, 2022
a4c16e5
Fix typing and tests
sandhose Aug 1, 2022
896f2b7
Fix the runtime config template to include the default theme
sandhose Aug 1, 2022
9ce9e2d
Add static client for thirdroom
hughns Aug 11, 2022
a2370da
Also build Docker images for the OIDC-login branch
sandhose Aug 22, 2022
7c40c7c
Also publish sha-* tags to GHCR
sandhose Aug 22, 2022
b4ff736
Manual revert of docker related changes
hughns Jan 11, 2023
13a4299
Fix up merge
hughns Jan 18, 2023
9c52fb9
Never attempt to encode OIDC segments
hughns Jan 18, 2023
317d97c
FIx regression bug
hughns Jan 18, 2023
1716a30
Put static OIDC client config into config file
hughns Jan 20, 2023
94352da
Remove some debug logging
hughns Jan 20, 2023
f4b1d99
Reinstate building of OIDC branch docker images
hughns Jan 20, 2023
59b06a0
Fix incorrect reference to OIDC segment type
hughns Jan 20, 2023
2739572
Offer guest mode login if advertised by OIDC Provider
hughns Jan 20, 2023
da86db3
Show OIDC sign in errors more sensibly
hughns Jan 20, 2023
0aafd55
Support sync without filters for guest access
hughns Jan 20, 2023
6580fcf
Fix test cases
hughns Jan 23, 2023
7b7557a
Store id_token and fix up logout implementation
hughns Feb 16, 2023
97b8861
Account management section design changes
hughns Feb 17, 2023
d6dff1d
Add missing param
hughns Feb 17, 2023
6acc0ea
Revert docker changes to those in master
hughns Feb 17, 2023
bde85c9
Remove unused code from rebase
hughns Feb 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Multi-arch capable Dockerfile
@sandhose @hughns
sandhose authored and hughns committed Feb 17, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
commit 6de66f722610dd995c3709a45835f2ac401fde61
15 changes: 10 additions & 5 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
FROM docker.io/node:alpine as builder
FROM --platform=${BUILDPLATFORM} docker.io/library/node:16.13-alpine3.15 as builder
RUN apk add --no-cache git python3 build-base
COPY . /app
WORKDIR /app
RUN yarn install \
&& yarn build

# Copy the built app from the first build stage
# Install the dependencies first
COPY yarn.lock package.json ./
RUN yarn install

# Copy the rest and build the app
COPY . .
RUN yarn build

FROM --platform=${TARGETPLATFORM} docker.io/library/nginx:alpine
COPY --from=builder /app/target /usr/share/nginx/html

# Values from the default config that can be overridden at runtime