From 1ea97e92fc656287debddc59943c9724e9066242 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Mon, 10 May 2021 09:04:18 +0200 Subject: [PATCH 1/2] remove insecure --- .../config/ocis/identifier-registration.dist.yaml | 3 --- docs/ocis/deployment/bridge.md | 3 --- idp/assets/identifier-registration.yaml | 2 -- tests/config/drone/identifier-registration.yml | 1 - 4 files changed, 9 deletions(-) diff --git a/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml b/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml index 94483ae611..09f94fc7ba 100644 --- a/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml +++ b/deployments/examples/owncloud10_with_oc_web/config/ocis/identifier-registration.dist.yaml @@ -4,7 +4,6 @@ clients: - id: web name: OCIS application_type: web - insecure: yes trusted: yes redirect_uris: - https://ocis.owncloud.test/ @@ -17,7 +16,6 @@ clients: name: OC10 application_type: web secret: super - insecure: yes trusted: yes redirect_uris: - https://oc10.owncloud.test/ @@ -29,7 +27,6 @@ clients: name: OCIS Graph Explorer trusted: yes application_type: web - insecure: yes - id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69 secret: UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh diff --git a/docs/ocis/deployment/bridge.md b/docs/ocis/deployment/bridge.md index cdc9f8657b..04e4cf9baa 100644 --- a/docs/ocis/deployment/bridge.md +++ b/docs/ocis/deployment/bridge.md @@ -168,7 +168,6 @@ Now we need to configure a client we can later use to configure the ownCloud 10 clients: - id: ocis name: ownCloud Infinite Scale - insecure: yes application_type: web redirect_uris: - https://cloud.example.com/apps/openidconnect/redirect @@ -176,8 +175,6 @@ clients: - http://localhost:9100 - http://localhost:9100/ ``` -You will need the `insecure: yes` if you are using self signed certificates. - Replace `cloud.example.com` in the redirect URI with your ownCloud 10 host and port. Replace `localhost:9100` in the redirect URIs with your `ocis-web` host and port. diff --git a/idp/assets/identifier-registration.yaml b/idp/assets/identifier-registration.yaml index 82deaa0441..0d957284fe 100644 --- a/idp/assets/identifier-registration.yaml +++ b/idp/assets/identifier-registration.yaml @@ -4,7 +4,6 @@ clients: - id: web name: ownCloud web app trusted: yes - insecure: yes redirect_uris: - {{OCIS_URL}}/ - {{OCIS_URL}}/oidc-callback.html @@ -15,7 +14,6 @@ clients: - id: ocis-explorer.js name: oCIS Graph Explorer trusted: yes - insecure: yes - id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69 secret: UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh diff --git a/tests/config/drone/identifier-registration.yml b/tests/config/drone/identifier-registration.yml index 82a0c747d9..a7f51f858b 100644 --- a/tests/config/drone/identifier-registration.yml +++ b/tests/config/drone/identifier-registration.yml @@ -5,7 +5,6 @@ clients: - id: web name: OCIS application_type: web - insecure: yes trusted: yes redirect_uris: - https://ocis-server:9200/oidc-callback.html From da9989f172312a9dc2bc7e66a3439c59db0f5d39 Mon Sep 17 00:00:00 2001 From: Willy Kloucek Date: Mon, 10 May 2021 09:11:19 +0200 Subject: [PATCH 2/2] generate embed.go --- idp/pkg/assets/embed.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/idp/pkg/assets/embed.go b/idp/pkg/assets/embed.go index 11a230b0c9..982c3bcfd1 100644 --- a/idp/pkg/assets/embed.go +++ b/idp/pkg/assets/embed.go @@ -1,5 +1,5 @@ -// Code generated by fileb0x at "2021-05-18 08:13:57.21230603 +0200 CEST m=+0.309257799" from config file "embed.yml" DO NOT EDIT. -// modification hash(6276624edf3aa8b76854bb102336f4cc.0aa2d0b1f716f88218c5e95a9b958fea) +// Code generated by fileb0x at "2021-05-19 08:14:34.879749476 +0200 CEST m=+0.334601893" from config file "embed.yml" DO NOT EDIT. +// modification hash(1c1932afc17a3d41eb3911e17a91539b.0aa2d0b1f716f88218c5e95a9b958fea) package assets @@ -36,7 +36,7 @@ type HTTPFS struct { } // FileIdentifierRegistrationYaml is "identifier-registration.yaml" -var FileIdentifierRegistrationYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xa4\x91\x41\x6f\xe2\x38\x1c\xc5\xef\x7c\x0a\x4b\x7b\x26\x10\x98\x96\x86\x1b\x04\x02\x09\x29\xa1\x24\xa1\xd0\x4b\x95\xd8\xff\x34\x86\xc4\x76\x6d\x43\x12\x46\xf3\xdd\x57\x65\x76\xcb\x76\xc5\x8e\x56\x1a\x1f\xdf\xff\xe9\x59\xef\xf7\xda\xed\x76\xeb\x0f\x14\x08\x60\xee\x04\xd9\x9c\x31\xc0\x1a\xe1\x82\x02\xd3\x48\xc2\x1b\x55\x5a\x36\x46\xeb\xa7\xa0\x86\x2d\x84\xda\x88\x92\x21\xaa\x20\x6d\x21\x84\x10\x4b\x4a\x18\x22\x5e\x31\xbb\xe0\x47\xf2\x21\xa3\x44\x88\xcb\x49\xcb\xa3\xd2\x40\x86\xa8\x01\x75\x11\x28\x53\x80\x8f\x12\xae\x8a\x04\x42\x25\x60\xfd\x7a\x94\xf4\x12\xfe\xf1\xda\xe8\xfb\xf7\xc0\x76\xc3\xd7\x78\xed\xff\xf8\xd1\xb9\xad\x72\x4a\x70\x1b\x27\x45\x91\x26\xf8\x60\xe4\xba\x2c\x7e\xe1\x53\xb4\x00\xa6\xdb\x7f\xff\x76\xb5\x73\x49\xdf\x28\xfb\x8f\x9f\x5b\x9f\x65\x39\xa6\xaa\x0d\xb5\x28\xb8\x04\x69\xec\xd5\x3f\x9b\xdb\x6e\x88\x66\x32\x11\x39\x9a\xfe\x65\xf8\x3f\xe5\x3f\xa3\x6b\xb2\x0d\xb4\xd9\xf7\x16\x75\x53\x9a\x63\xf3\x09\x4f\x19\xce\x7a\xdb\xc9\xc1\x1f\x41\xfd\x38\x76\x2a\x1a\x59\xfb\xfb\x69\x96\xe7\x73\xc7\xcb\x55\x6f\xf1\x68\xed\xd3\x7d\x54\x66\x0f\xde\x78\x3b\xbd\xb7\x2e\xd9\x0a\xb0\x04\x3d\x44\xf1\x98\xe9\xd2\xdf\xdb\xbd\x66\x67\xc3\xbc\x52\xcd\x7e\xd0\x8f\x2b\x6e\x45\xa3\x04\xf0\x08\xf4\xba\x7a\xac\xba\xf5\x0e\x9f\x96\xbe\xd5\xac\x89\x1f\xc6\xb4\x9b\xc7\xa3\x79\x76\xb2\xe7\x0e\x38\xf9\xad\x45\x09\xa8\x83\xe6\xe2\x73\xd5\x44\x88\x82\xe2\x44\x53\xce\x5e\x75\x23\x60\x88\x58\xa2\xe9\x09\x7e\xb5\x67\xae\xb5\x18\x76\x3a\x66\x6f\x60\x74\x8d\xae\x61\xfe\xfb\x50\x70\x9c\x14\x39\x57\xfa\xca\x05\xbe\xc9\x91\x5a\xc6\xa1\x1b\xab\x6e\xe1\x7c\x63\xe9\xc9\x72\x4a\x1b\xe2\x43\x54\x6c\xac\x19\x79\x8b\xfc\xc9\xdc\x4c\xef\x8e\x14\x06\xaa\x49\xad\x6e\x78\x9e\x6e\x64\xba\x1c\xcc\x5d\x51\x3e\x7b\x30\xf9\xc2\x85\xb8\xcc\xd9\xcd\x36\xfd\x7e\xbd\x38\xe7\xe9\xba\x14\xef\x4f\x85\xde\x2d\x49\xe6\x13\xcf\xcd\x3c\xcb\xbf\x73\x43\xbe\xc8\x97\x3c\xb2\xde\x5f\x32\x2d\xc8\x73\xb8\x1a\x98\x1b\x29\x66\x6b\x4b\x94\x7c\x72\x8b\xcb\x88\x11\xc9\x29\xf9\x2d\x2e\x1c\x0f\x3b\x9d\xe4\x67\x90\xc1\x2b\x86\x3f\x92\x0d\xcc\xcb\x2b\x87\xb2\x26\x77\xc1\xd3\xe4\x70\x0f\xea\xce\x3f\x07\xe7\xf5\x89\x12\x6f\x99\x6d\xfd\xf8\x25\xec\xf1\x65\x9f\xc7\x0e\x6c\x57\xab\x07\x5f\xac\x64\x5e\xf7\x63\xc9\x3d\x87\x1c\x67\xd3\x9d\x3b\x0e\xea\xc3\xce\xfc\xc2\x61\xe1\x80\xf3\xfc\x3c\x7d\x09\xac\xe8\x40\x95\xfb\x74\x5e\xf7\x33\x3e\xc8\x33\xfa\xb8\x2d\x02\x91\xbc\xaf\x1e\x6c\xe7\x18\xa5\xe1\xfc\xbc\x31\xa3\xf8\x38\x9b\xda\x6f\xc5\xaa\x16\x74\xb3\xf0\xb2\x60\xeb\xd6\xb7\x38\xd0\x20\xfc\x7d\x06\x94\xab\xaf\xfd\xaf\x57\x83\x72\x75\xcb\xf1\x67\x00\x00\x00\xff\xff\xfb\xd9\x45\xb9\xb8\x04\x00\x00") +var FileIdentifierRegistrationYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xa4\x91\xcf\x93\xa2\x38\x1c\xc5\xef\xfe\x15\xa9\xda\x33\x28\x3a\xdd\x36\xdc\x14\x41\x41\x5a\x6c\x01\x7f\xf4\xa5\x0b\x92\x20\x51\x48\xd2\x49\x14\x70\x6a\xfe\xf7\xad\x76\x76\xdb\xed\x5d\x77\x2e\x93\xe3\xfb\xbe\x7a\xa9\xf7\x79\x9a\xa6\x75\xfe\x00\x21\xc7\xd4\x9b\x00\x9b\x51\x8a\xa1\x02\xb0\x24\x98\x2a\x20\xf0\x9e\x48\x25\x5a\xbd\xf3\x53\x90\x56\x07\x00\x0d\x10\x64\x81\x1a\x67\x1d\x00\x00\xa0\x69\x85\x2d\xc0\x6a\x6a\x97\xec\x84\x3e\x64\x90\x72\x7e\x3d\x29\x71\x92\x0a\x23\x0b\xb4\x58\x5e\x05\x81\x11\x11\x18\xaa\xb7\x93\x20\xd7\xa8\x8f\xa7\x81\xef\xdf\x43\xdb\x8b\xde\x92\x55\xf0\xe3\x47\xf7\xbe\xca\x08\x82\x1a\x4c\xcb\x32\x4b\xe1\x51\x2f\x54\x55\xfe\xc2\x27\x49\x89\xa9\xd2\xfe\xfe\xed\x66\x67\x82\xec\x09\xfd\x9f\x9f\x3b\x9f\xd5\x18\x24\x52\xc3\x0d\x2f\x99\xc0\x42\x3f\xc8\x7f\xf6\xb4\xbd\x08\x4c\x45\xca\x0b\xe0\xfc\x65\xf8\x6f\xd5\xcf\xa0\x06\x6d\x43\x65\x0c\xfc\x79\xd3\x56\xc6\xd8\x78\x81\x0e\x85\x79\x7f\x3b\x39\x06\x23\xdc\x3c\x8f\xdd\x9a\xc4\xe6\xe1\xd1\xc9\x8b\x62\xe6\xfa\x85\xec\xcf\x9f\xcd\x43\x76\x88\xab\xfc\xc9\x1f\x6f\x9d\x47\xf3\x1a\x2d\x31\x14\x58\x59\x20\x19\x53\x55\x05\x07\xbb\xdf\xee\x6c\x3c\xab\x65\x7b\x18\x0e\x92\x9a\x99\xf1\x28\xc5\x70\x84\xd5\xaa\x7e\xae\x7b\xcd\x0e\x9e\x17\x81\xd9\xae\x50\x10\x25\xa4\x57\x24\xa3\x59\x7e\xb6\x67\x2e\x76\x8b\x7b\x6b\x21\x2c\x8f\x8a\xf1\xcf\xc5\x52\xce\x4b\x02\x53\x45\x18\x7d\x53\x2d\xc7\x16\xa0\xa9\x22\x67\xfc\xab\xf5\x0a\xa5\xb8\xd5\xed\x1a\xfd\xa1\xde\xd3\x7b\xba\xf1\xef\x43\xc9\x60\x5a\x16\x4c\xaa\x1b\x17\xfc\x4d\x8c\xe4\x22\x89\xbc\x44\xf6\x4a\xf7\x1b\xcd\xce\xa6\x5b\xd9\x38\x39\xc6\xe5\xda\x9c\xa2\x7d\x1c\x4c\x66\x46\xf6\x70\x22\x78\x28\xdb\xcc\xec\x45\x17\x67\x2d\xb2\xc5\x70\xe6\xf1\x6a\xe3\xe3\xc9\x17\x2e\xc8\xa3\xee\x6e\xba\x1e\x0c\x9a\xf9\xa5\xc8\x56\x15\x7f\x7f\x29\xd5\x6e\x81\xf2\x00\xf9\x5e\xee\x9b\xc1\x83\x17\xb1\x79\xb1\x60\xb1\xf9\xfe\x9a\x2b\x8e\x36\xd1\x72\x68\xac\x05\x9f\xae\x4c\x5e\xb1\xc9\x3d\x2e\x23\x8a\x04\x23\xe8\xb7\xb8\x30\x68\x75\xbb\xe9\xcf\x20\x9d\xd5\x14\x7e\x24\xeb\x90\x55\x37\x0e\x55\x83\x1e\xc2\x97\xc9\xf1\x11\xcb\x87\xe0\x12\x5e\x56\x67\x82\xfc\x45\xbe\x0d\x92\xd7\xa8\xcf\x16\x03\x96\xb8\x78\xbb\x5c\x3e\x05\x7c\x29\x8a\x66\x90\x08\xe6\xbb\xe8\x34\x75\x76\xde\x38\x6c\x8e\x3b\xe3\x0b\x87\xb9\x8b\xdd\xcd\xc6\x79\x0d\xcd\xf8\x48\xa4\xf7\x72\x59\x0d\x72\x36\x2c\x72\xf2\xbc\x2d\x43\x9e\xbe\x2f\x9f\x6c\xf7\x14\x67\xd1\xec\xb2\x36\xe2\xe4\x34\x75\xec\x7d\xb9\x6c\x38\x59\xcf\xfd\x3c\xdc\x7a\xcd\x3d\x0e\x24\x8c\x7e\x9f\x01\x61\xf2\x6b\xff\xdb\x55\x27\x4c\xde\x73\xfc\x19\x00\x00\xff\xff\x44\x4d\x8d\xe1\x94\x04\x00\x00") // FileIdentifierAssetManifestJSON is "identifier/asset-manifest.json" var FileIdentifierAssetManifestJSON = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x8c\x95\x41\x93\x9b\x20\x18\x40\xef\xf9\x15\x4e\xce\x0d\x51\x51\x88\xbd\x76\xf6\xd0\x99\x4e\x2f\x3d\x76\x7a\x40\xf8\x48\x48\x22\x3a\x4a\xba\xbb\xd3\xd9\xff\xde\x31\x9b\xdd\x68\x00\xe1\x18\x7d\x3c\x1f\x18\xf0\xdf\x2a\x49\xd6\x52\x9d\x61\x58\x7f\x4d\xc6\x1f\x49\xb2\x1e\x0c\x33\x8a\x6f\x8f\xc3\x36\x45\x25\x86\x8c\xd2\x9c\x23\x7e\xb8\xe8\x13\x3a\x8e\xd8\x1a\x6d\x97\x91\x2f\x11\x1e\xd4\xb0\x2e\xc2\x75\xc5\x6e\x3e\xde\x6a\xc3\x94\x86\x7e\xd8\xec\xdb\x56\xd4\xaf\xe0\xe8\x71\x40\x39\xa9\x69\xcd\xa0\xb6\x02\x9d\x42\x57\x58\x8c\xd4\x53\x7a\x6e\xf7\x4a\x2f\x77\xbe\x23\x9c\x66\x24\x07\x61\x2f\xa3\x43\x16\x68\xf4\x08\x3d\x85\xcf\x70\xe6\x6d\x13\x58\xcb\x0f\xa8\xac\xa8\x64\x65\xb5\xb8\x96\x77\x61\xa0\xd3\x2b\x9d\x96\x2a\x01\xda\x28\xa9\xa0\xdf\xb0\xae\x73\x54\x3e\x00\x98\x4b\xc0\xd8\x51\x68\x89\x5c\x75\x21\x99\xa7\xac\x61\xce\x97\xfc\x48\xe4\x82\x60\x90\xcb\x6d\x37\x55\x20\xce\xad\x9b\xd6\x5d\x09\x3e\xcc\x9b\xf8\x30\x6c\xaf\x37\x24\xdb\x49\x42\xc4\xee\x36\x74\xe4\xa6\xe3\xec\xa9\x5c\x2f\x8b\xa2\xae\x25\xcd\x52\xab\x7f\x21\xda\x3d\x70\x5a\xda\x5f\xb4\x51\x0d\xf8\x16\x71\x76\x9b\xa4\x18\x33\x22\xd3\xc9\xb3\x1f\x86\xbb\x1a\x7c\x8a\x69\xc5\x9d\xde\x21\x99\x52\x8c\x8b\x1c\x7b\x4f\x3d\x17\x12\xe3\x71\xc5\xf9\x30\xcb\x57\xa1\xbc\x00\x92\x12\x5c\x7a\xbb\x5c\x48\x8c\xc7\xd5\xe5\xc3\x2c\x5f\x96\xa2\x52\x16\xac\x80\x34\xf3\x86\x39\x99\x28\x93\x2b\xcd\xcb\x7d\x6c\x27\x2d\xe0\x05\x1d\x4c\x73\x7e\x1f\x39\xf9\x7d\x23\xba\x1e\x38\xe3\x87\xf1\x2f\xa1\x95\x84\xc1\x7c\x36\xdb\x77\x30\x2b\x76\x40\xcb\xaa\xc8\x18\xcb\x28\xab\x64\x91\x65\x90\x42\x26\x80\x63\x29\x25\x4c\xa7\x02\xfd\x5f\xc5\x61\xf3\xdc\xf6\x27\xe8\xef\xeb\x60\x5d\x9e\x4f\x7d\x61\x5b\x5a\xd3\x0f\xb1\x51\x1f\xdf\x1f\xdf\xbf\x3d\xfd\xfc\xf5\x84\xcc\x8b\x89\xf9\x08\x4f\xf1\xb8\x97\xb6\xf0\x80\x20\x1f\xb5\x91\x16\x1e\x10\xc2\xe7\xfe\x06\x84\x62\xdb\x9a\xf1\xd3\xbe\x6f\x2f\x5a\xa0\x63\xb7\x9f\x19\x2d\x80\xe6\x15\xa9\x2b\x56\x5f\xc9\x55\x92\xbc\x8d\xc2\x35\x68\xd3\xbf\x76\xad\xd2\x66\x7c\xe9\xbf\x1f\xe7\x10\x3a\xc5\xe2\x0f\xe8\xe0\x99\xbc\x4a\x92\x3f\xab\xb7\xff\x01\x00\x00\xff\xff\xd0\x83\x65\x35\xda\x09\x00\x00")