Add bitbucket support #3
Conversation
Signed-off-by: Joris Melchior <[email protected]>
Signed-off-by: Joris Melchior <[email protected]>
Signed-off-by: Rui Yang <[email protected]>
Signed-off-by: Ciro S. Costa <[email protected]>
Signed-off-by: Nader Ziada <[email protected]>
- Verifies user is part of orgs and spaces for group claims Signed-off-by: Shash Reddy <[email protected]>
Signed-off-by: Shash Reddy <[email protected]>
Signed-off-by: Shash Reddy <[email protected]>
Signed-off-by: Bishoy Youssef <[email protected]>
…pr/add-oauth-connector', 'origin/pr/add-web-host-url', 'origin/pr/github-teams-no-org-and-slugs', 'origin/pr/gitlab-broken-auth-headers', 'origin/pr/gitlab-include-user-scope-for-groups-inspection', 'origin/pr/oidc-groups-and-tls', 'origin/pr/optional-prometheus-logger', 'origin/pr/postgres-unix-sockets' and 'origin/pr/unset-pg-serializable-transaction-level'
edtan
force-pushed
the
add-bitbucket-support
branch
from
b48f803 to
f6c8545
Compare
|
Thank you so much for this PR. It's going to be super-useful for my team! |
|
@pivotal-jwinters would you have time to have a look at this PR ? This is the last thing holding us from switching to 4.x. Thanks! |
|
@edtan thanks for adding this! Do you mind adding a few tests before we merge this in? |
|
@edtan This is missing only the tests :-) |
|
@marco-m Yup, I'll try to finish off the tests some time this weekend. :) |
|
A quick note for anyone reviewing this: we shouldn't merge this in to Maybe this should just be PR'd to upstream Dex? |
|
Ah I see. Sure, I'll submit this to upstream Dex this weekend. |
|
I've now submitted dexidp#1307 for this, as well as added a few tests to this PR. |
|
Thanks @edtan, deeply appreciated! |
|
@vito once dex upstream accepts the PR, how will it reach concourse/dex ? |
edtan
force-pushed
the
add-bitbucket-support
branch
from
2cf1aa4 to
aeb15e1
Compare
|
@edtan Thanks for submitting it there (and thanks for doing this in the first place)! @marco-m Hmm we should update the README.md in our fork to document this process. How about let's just leave this PR open for now and close it once upstream Dex has merged it and we've pulled it in? Mechanically, the steps are: git checkout maintenance
./update-merged-branch...but this currently has to be run by someone with push access. I guess if you want to try it yourself you could just run it and let it fail at the very end when it tries to push. Your local |
|
@vito this PR has just been merged in dex upstream. Who could we ask in the Concourse team to update concourse/dex ? |
|
updated our Dex fork; the upstream changes are now in this tag: https://github.com/concourse/dex/releases/tag/merged-20181017103659 thanks again! |
Extracted test cases from OAuth2Code flow tests to reuse in device flow deviceHandler unit tests to test specific device endpoints Include client secret as an optional parameter for standards compliance Signed-off-by: justin-slowik <[email protected]>
* Add the ability to composite new claims in the OIDC connector, based on upstream claims Signed-off-by: Oded Ben-Ozer <[email protected]>
This adds a Dex connector for Bitbucket Cloud. It supports mapping a Bitbucket user's teams to the
groupsclaim. Most of the code was based off of the existing Github and Microsoft connectors.One thing that I'm unsure about is revoked tokens. First, I can successfully log into Concourse using the Bitbucket connector. If I then revoke access to Concourse in Bitbucket, I seem to still have access to Concourse as long as I stay logged in.
Should go along with concourse/concourse#2631
ref. concourse/concourse#2567