Skip to content

Import secrets-oauthapp plugin #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
JanMa wants to merge 182 commits into
base: main
Choose a base branch
from
Open

Import secrets-oauthapp plugin #49

JanMa wants to merge 182 commits into from
+1,252,460 −560,190

Conversation

@JanMa
Copy link
Member

@JanMa JanMa commented Dec 7, 2025

From it's dedicated repository

impl and others added 30 commits September 17, 2019 14:23
@impl
Initial commit
bcbfd97
@impl
Initial implementation
1d93e7c
@impl
Add expiration time to access token response
07eff71
@impl
Add tests
c24abf7
@impl
New: Initial release
f9741c7
@semantic-release-bot
Chore: Release 1.0.0
40a884d 
# 1.0.0 (2019-09-18)

### Build

* Remove unneeded image release ([ec02a426ffc5b900e48c07a91ffa0e1cb594a1f5](puppetlabs/vault-plugin-secrets-oauthapp@ec02a42))

### New

* Initial release ([f9741c7](puppetlabs/vault-plugin-secrets-oauthapp@f9741c7))
@impl
Update: Expose token type in credential response
0079193
@semantic-release-bot
Chore: Release 1.1.0
c21d3a5 
# [1.1.0](puppetlabs/vault-plugin-secrets-oauthapp@v1.0.0...v1.1.0) (2019-09-19)

### Update

* Expose token type in credential response ([0079193](puppetlabs/vault-plugin-secrets-oauthapp@0079193))
@impl
Fix: Do not propagate API errors from providers when token refresh fails
506c6a3
@impl
Merge pull request #1 from puppetlabs/bugs/token-refresh-failure-prop…
95708bc 
…agation

Fix: Do not propagate API errors from providers when token refresh fails
@semantic-release-bot
Chore: Release 1.1.1
936623d 
## [1.1.1](puppetlabs/vault-plugin-secrets-oauthapp@v1.1.0...v1.1.1) (2019-10-07)

### Fix

* Do not propagate API errors from providers when token refresh fails ([506c6a3](puppetlabs/vault-plugin-secrets-oauthapp@506c6a3))
@DrDaveD
New: Add refresh_token option to creds write
e21370d
@impl
Merge pull request #6 from DrDaveD/add-refresh-token-opt
a4f788f 
Add refresh_token option to creds write
@semantic-release-bot
Chore: Release 1.2.0
24d64f6 
# [1.2.0](puppetlabs/vault-plugin-secrets-oauthapp@v1.1.1...v1.2.0) (2020-04-06)

### New

* Add refresh_token option to creds write ([e21370d](puppetlabs/vault-plugin-secrets-oauthapp@e21370d))

### Upgrade

* Bump handlebars from 4.2.0 to 4.5.3 ([188593baa9c83f4ec16f69d4f211b7c78c19def3](puppetlabs/vault-plugin-secrets-oauthapp@188593b))
* Bump npm from 6.11.3 to 6.13.4 ([e3aaa079b4fee4934f40f542fbff4ca554e544e4](puppetlabs/vault-plugin-secrets-oauthapp@e3aaa07))
@itdaniher
New: add Google OAuth support
8ff7f19
@impl
Merge pull request #11 from itdaniher/master
e7b8fad 
Add Google as an OAuth provider
@semantic-release-bot
Chore: Release 1.3.0
fed0930 
# [1.3.0](puppetlabs/vault-plugin-secrets-oauthapp@v1.2.0...v1.3.0) (2020-07-13)

### New

* add Google OAuth support ([8ff7f19](puppetlabs/vault-plugin-secrets-oauthapp@8ff7f19))

### Upgrade

* Bump https-proxy-agent from 2.2.2 to 2.2.4 ([80ab6a27aa520f952632e91f6f26fa58b691e224](puppetlabs/vault-plugin-secrets-oauthapp@80ab6a2))
* Bump npm from 6.13.4 to 6.14.6 ([0a30d2a99804db00b6b580dbce34ad72bcf04d4c](puppetlabs/vault-plugin-secrets-oauthapp@0a30d2a))
@DrDaveD
New: Add discovery_url
82f04ab
@DrDaveD
Fix: Use OptionError when discovery_url fails
1500ea3
@DrDaveD
Update: expand characters allowed for creds path
8e81257
@DrDaveD
Update: Give more complete oauth2 error messages
2ad954c
@DrDaveD
New: Add minimum_seconds credential read option
db06893
@semantic-release-bot
Chore: Release 1.4.0
a490845 
# [1.4.0](puppetlabs/vault-plugin-secrets-oauthapp@v1.3.0...v1.4.0) (2020-09-28)

### Chore

* Update CODEOWNERS ([92be6a42e595f54bc2d9b001f8a80d2325a61ff0](puppetlabs/vault-plugin-secrets-oauthapp@92be6a4))

### Fix

* Use OptionError when discovery_url fails ([1500ea3](puppetlabs/vault-plugin-secrets-oauthapp@1500ea3))

### New

* Add discovery_url ([82f04ab](puppetlabs/vault-plugin-secrets-oauthapp@82f04ab))

### Upgrade

* Bump lodash from 4.17.15 to 4.17.19 ([4c55418da05974170f67d274d01e4d003b1fc063](puppetlabs/vault-plugin-secrets-oauthapp@4c55418))
* Bump node-fetch from 2.6.0 to 2.6.1 ([e62e8942fb02204f9427fd9bf2a0112c7e003173](puppetlabs/vault-plugin-secrets-oauthapp@e62e894))
@DrDaveD
Update: move oauth2 error messages to log
69bbdc5
@DrDaveD
Fix: add keys to logger function calls
29321dd
@DrDaveD
Update: use local Regex function instead of expanding framework function
5a5ee4e
@impl
Merge pull request #14 from DrDaveD/include-oauth-errors
33b26f5 
Give more complete oauth2 error messages
@semantic-release-bot
Chore: Release 1.5.0
e20393f 
# [1.5.0](puppetlabs/vault-plugin-secrets-oauthapp@v1.4.0...v1.5.0) (2020-09-28)

### Fix

* add keys to logger function calls ([29321dd](puppetlabs/vault-plugin-secrets-oauthapp@29321dd))

### Update

* Give more complete oauth2 error messages ([2ad954c](puppetlabs/vault-plugin-secrets-oauthapp@2ad954c))
* move oauth2 error messages to log ([69bbdc5](puppetlabs/vault-plugin-secrets-oauthapp@69bbdc5))
@impl
Merge pull request #13 from DrDaveD/expand-creds-characters
2e39c7f 
Expand characters allowed for creds path
@semantic-release-bot
Chore: Release 1.6.0
8667063 
# [1.6.0](puppetlabs/vault-plugin-secrets-oauthapp@v1.5.0...v1.6.0) (2020-09-28)

### Update

* expand characters allowed for creds path ([8e81257](puppetlabs/vault-plugin-secrets-oauthapp@8e81257))
* use local Regex function instead of expanding framework function ([5a5ee4e](puppetlabs/vault-plugin-secrets-oauthapp@5a5ee4e))
impl and others added 28 commits January 11, 2023 12:13
@impl
Merge pull request #75 from RehmatGul0/features/tokenrefresh-support-…
4b32d96 
…for-apps-that-dont-return-expiry-time

Add support for custom expiry time in refresh token flow, for apps th…
@impl
Update package versions for linting and testing
4cdcdf1
@impl
Make maximum token expiry a top-level endpoint option, add tests
f10ba06
@impl
Update to Go 1.18
a24006e
@impl
Move upgrade to initialization callback
2fa62cc 
Addresses hashicorp/vault#17878 for
compatiblity with Vault 1.12.
@impl
Merge pull request #77 from puppetlabs/stage-token-custom-expiry
271df37 
Add support for specifying the maximum lifetime of an access token
@impl
Merge pull request #41 from DrDaveD/merge-exchange-with-main
51e3c95 
Implement RFC 8693 (STS/token exchange)
@impl
Move STS operations to a separate sts/ endpoint
76ae9c4
@impl
Merge pull request #78 from puppetlabs/stage-sts
5313a08 
Implement basic support for token exchange flow
@impl
Release v3.1.0
aff5fae
@DrDaveD
add STSPathPrefix to pathsSpecial
dd0bde8
@impl
Merge pull request #79 from DrDaveD/fix-sts-path
4dade1d 
Add STSPathPrefix to pathsSpecial
@impl
Release v3.1.1
b5c2d7b
@impl
Update dependencies
e2f5311
@lucymhdavies
Support for Apple Silicon
5f513c1
@impl
Merge pull request #88 from lucymhdavies/apple-silicon
0a05056 
Support for Apple Silicon
@DrDaveD
add caching of STS-exchanged access tokens
b1e7c53 
Signed-off-by: Dave Dykstra <[email protected]>
@DrDaveD
Merge pull request #1 from DrDaveD/cache-sts-tokens
c0ff92d 
Add caching of STS-exchanged access tokens
@DrDaveD @cipherboy
updates for move to openbao
4fad35c 
Signed-off-by: Dave Dykstra <[email protected]>
@DrDaveD @cipherboy
change from hashicorp/vault apis to openbao/openbao v2
0fadf71 
Signed-off-by: Dave Dykstra <[email protected]>
@DrDaveD @cipherboy
update to latest golangci-lint v1.64.6
b58013c 
Signed-off-by: Dave Dykstra <[email protected]>
@DrDaveD
update for 3.2.0 (#11)
aee1989 
Signed-off-by: Dave Dykstra <[email protected]>
@dependabot @DrDaveD
Bump github.com/openbao/openbao/sdk/v2 from 2.3.1 to 2.4.0 (#27)
d2cfcd2 
* Bump github.com/openbao/openbao/sdk/v2 from 2.3.1 to 2.4.0

Bumps [github.com/openbao/openbao/sdk/v2](https://github.com/openbao/openbao) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/openbao/openbao/releases)
- [Changelog](https://github.com/openbao/openbao/blob/main/CHANGELOG.md)
- [Commits](openbao/openbao@v2.3.1...v2.4.0)

---
updated-dependencies:
- dependency-name: github.com/openbao/openbao/sdk/v2
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* switch to use hashicorp/go-secure-stdlib for deprecated strutil and parseutil

Signed-off-by: Dave Dykstra <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Dave Dykstra <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dave Dykstra <[email protected]>
@JanMa
Merge secrets/oauthapp plugin
fb10778
@JanMa
secrets-oauthapp: fix imports
d4f4444 
Signed-off-by: Jan Martens <[email protected]>
@JanMa
secrets-consul: fix broken import
df695f3 
Signed-off-by: Jan Martens <[email protected]>
@JanMa
update internal/http
9842129 
Signed-off-by: Jan Martens <[email protected]>
@JanMa
vendor dependencies
4d35426 
Signed-off-by: Jan Martens <[email protected]>
@JanMa JanMa requested review from a team as code owners December 7, 2025 21:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@JanMa @impl @semantic-release-bot @DrDaveD @itdaniher @hunner @vavsab @RGulSecuritiAI @lucymhdavies