64a5e0d93f
sso error handling
4 years ago
ff8da9d246
Play with online notification timing again
4 years ago
5a8d2c3cb4
Set running flag to false if falling out of oidc run loop
4 years ago
b329fb68a9
Cleanup rust-analyzer warnings
4 years ago
da179d9930
Clean up error flow for sso
...
error messages can now propagate to the user's browser
4 years ago
e7fee4c6ce
code cleanup
4 years ago
4151749dc9
Handle sso token exchange errors in zerotier client
4 years ago
aee9521c91
Add error handling for over sso seat limits
4 years ago
dac32f863e
fix deadlock on sso network leave
4 years ago
1c464c2da1
fix potential cstring leaks
4 years ago
5fcaed086d
another at->idt for exp
4 years ago
130689d82b
remove extraneous debug log line
4 years ago
1efceb86fc
get exp time out of correct token
4 years ago
1d92974447
auth0 compatibility
4 years ago
3670b8cefd
another at->idt for exp
4 years ago
425f5201a2
remove extraneous debug log line
4 years ago
df3b29e6ff
get exp time out of correct token
4 years ago
96a49bf476
auth0 compatibility
4 years ago
73ec8cddd7
Show sso errors on the last step of the oidc process
4 years ago
3f19e7d73c
Show sso errors on the last step of the oidc process
4 years ago
aa97aabb4e
for now, only enable sso on certain platforms
...
mac, windows, linux x86/x86_64/aarch64
4 years ago
b7952d7f39
no longer need direct import of serde here either
4 years ago
c380a4e4bd
cleanup
4 years ago
9c487cbfb8
Remove jsonwebtoken package dependency
...
Replaced with rust-jwt. `jsonwebtoken` relies on the ring package which explodes on non-x86/x64 architectures
4 years ago
d719137565
temp workaround for oidc auth dropping issue
...
Add a method to "kick" the refresh thread and re-post the tokens in the case where the thread is somehow still running & controller pushes out an AUTH_REQUIRED. This situation happens in a corner case still under investigation where the controller pushes out many copies of the network config repeatedly
4 years ago
3d4d087f07
make some impl functions pub
4 years ago
953e62f103
Clean up some extraneous output in release mode
4 years ago
50b866c5cf
clean up & pass along errors from ZeroIDC::new() method
4 years ago
cf411efd1d
a little cleanup
4 years ago
057356a725
Just some comments
4 years ago
a69e91c541
Fix hash verification on refresh
4 years ago
8fccf3136c
Enable validation of token hashes as part of the oidc process
4 years ago
2435ab70ab
remove some extra verbose logging
...
... and baby you got a full flow goin on
4 years ago
2293b0703f
Can get Central JSON bundle back to zerotier-one window
4 years ago
0ab5cce878
TIL: Its not as hard as I thought to make Rust deadlock
4 years ago
df9a7497b1
refactor out the separate AuthInfo struct
...
consolidated everything into the single IDC struct. Should help keep from rotating the pkce token as often & causing issues with the login window flapping
4 years ago
b3fbbd3124
refresh tokens now working
...
Still investigating the best way to do a couple things, but we have something working
4 years ago
5095d73de3
moar better error handling
4 years ago
1192b1b422
refresh token run loop
...
Need central-side work to complete
4 years ago
43c528fdb6
Get expiry time out of access token & propagate
4 years ago
7a8c89be9d
Post ID token to Central
4 years ago
4ce810b421
On our way to processing tokens
4 years ago
730482e62f
encode network ID into sso state param
4 years ago
663a09b38d
oidc stuff coming across the wire properly and generating a working login URL
4 years ago
73c186b111
add network_id extra param to auth flow
4 years ago
6393a4beec
progress
4 years ago
5f548705dd
lots more refactoring
4 years ago
f8bf91426b
.
4 years ago
4cadfd736f
move ffi code into its own file
4 years ago
1c7a5439d5
expose AuthInfo struct to external code
...
also get the auth URL
4 years ago
Grant Limberg