Closed saley89 closed 2 years ago
❯ cat /etc/fedora-release
Fedora release 35 (Thirty Five)
❯ uname -a
Linux zephyr.localdomain 5.15.12-200.fc35.x86_64 #1 SMP Wed Dec 29 15:03:38 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
❯ make install
== install
Installing binary for linux
GOOS=linux GOARCH=amd64 go install -ldflags '-X "github.com/sky-uk/osprey/cmd.version=dev-e24aa2d" -X "github.com/sky-uk/osprey/cmd.buildTime=Tue 4 Jan 18:21:55 UTC 2022"' -v
❯ which osprey
/var/home/howard/go/bin/osprey
❯ osprey --version
osprey version dev-e24aa2d (Tue 4 Jan 18:21:55 UTC 2022)
❯ osprey user login
INFO[0000] Active group (default): dev
Opening browser window to authenticate:
https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize?client_id=REDACTED&redirect_uri=http%3A%2F%2Flocalhost%3A65525%2Fauth%2Fcallback&response_type=code&scope=api%3A%2F%2F9bd903fd-f8df-4390-9a45-ab2fa28673b4%2FKubernetes.API.All&state=as78%2Asadf%24212
INFO[0003] Logged in to: ...
❯ osprey user login --use-device-code
INFO[0000] Active group (default): dev
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code CC8UGUYEH to authenticate.
INFO[0025] Logged in to: ...
# macOS Monterey
❯ sw_vers -productversion
12.1
❯ uname -a
Darwin lumen.local 21.2.0 Darwin Kernel Version 21.2.0: Sun Nov 28 20:29:10 PST 2021; root:xnu-8019.61.5~1/RELEASE_ARM64_T8101 arm64
❯ make install
== install
Installing binary for darwin
GOOS=darwin GOARCH=amd64 go install -ldflags '-X "github.com/sky-uk/osprey/cmd.version=dev-e24aa2d" -X "github.com/sky-uk/osprey/cmd.buildTime=Tue 4 Jan 2022 18:28:18 UTC"' -v
❯ which osprey
/Users/howard/go/bin/darwin_amd64/osprey
❯ osprey --version
osprey version dev-e24aa2d (Tue 4 Jan 2022 18:28:18 UTC)
❯ osprey user login
INFO[0000] Active group (default): dev
Opening browser window to authenticate:
https://login.microsoftonline.com/REDACTED/oauth2/v2.0/authorize?client_id=REDACTED&redirect_uri=http%3A%2F%2Flocalhost%3A65525%2Fauth%2Fcallback&response_type=code&scope=api%3A%2F%2F9bd903fd-f8df-4390-9a45-ab2fa28673b4%2FKubernetes.API.All&state=as78%2Asadf%24212
INFO[0005] Logged in to: ...
❯ osprey user login --use-device-code
INFO[0000] Active group (default): dev
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code CDRYSNEBN to authenticate.
INFO[0035] Logged in to: ...
For sky-uk/core-aws#2448
Updates Osprey to use V2.0 of the
/.well-known/openid-configuration
API. This in turn make's Osprey use/oauth2/v2.0/authorize
endpoint returned from the open-id config.Version 2.0 handles situations where users have large numbers of groups in Azure. The authorisation then starts to return "distributed claims" instead of just the groups directly due to the number of them. Instead of the groups list, a URL is provided, from where the list can be fetched (see Groups overage claim).
Once updated to v2.0 the kubernetes API servers are already setup to handle this.