-
-
Notifications
You must be signed in to change notification settings - Fork 358
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
mutator/id_token: Add claim templating (#246)
- Loading branch information
Showing
118 changed files
with
1,705 additions
and
1,152 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,22 +1,22 @@ | ||
| --- | ||
| name: Feature request | ||
| about: Suggest an idea for this project | ||
|
|
||
| --- | ||
|
|
||
| **Is your feature request related to a problem? Please describe.** | ||
|
|
||
| A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] | ||
| A clear and concise description of what the problem is. Ex. I'm always | ||
| frustrated when [...] | ||
|
|
||
| **Describe the solution you'd like** | ||
|
|
||
| A clear and concise description of what you want to happen. | ||
|
|
||
| **Describe alternatives you've considered** | ||
|
|
||
| A clear and concise description of any alternative solutions or features you've considered. | ||
| A clear and concise description of any alternative solutions or features you've | ||
| considered. | ||
|
|
||
| **Additional context** | ||
|
|
||
| Add any other context or screenshots about the feature request here. | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,8 +1,10 @@ | ||
| --- | ||
| name: Support request | ||
| about: Please use our forums (community.ory.sh) or the chat (ory.sh/chat) to ask for support | ||
|
|
||
| about: | ||
| Please use our forums (community.ory.sh) or the chat (ory.sh/chat) to ask for | ||
| support | ||
| --- | ||
|
|
||
| Please use issues only to file potential bugs or request features. For everything else please go to | ||
| the [ORY Community](https://community.ory.sh/) or join the [ORY Chat](https://www.ory.sh/chat). | ||
| Please use issues only to file potential bugs or request features. For | ||
| everything else please go to the [ORY Community](https://community.ory.sh/) or | ||
| join the [ORY Chat](https://www.ory.sh/chat). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -26,11 +26,15 @@ them, don't hesitate to ask. We're here to help! This is simply a reminder of wh | |
|
|
||
| - [ ] I have read the [contributing guidelines](../blob/master/CONTRIBUTING.md) | ||
| - [ ] I have read the [security policy](../security/policy) | ||
| - [ ] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security | ||
| vulnerability, I confirm that I got green light (please contact [[email protected]](mailto:[email protected])) from the maintainers to push the changes. | ||
| - [ ] I confirm that this pull request does not address a security | ||
| vulnerability. If this pull request addresses a security vulnerability, I | ||
| confirm that I got green light (please contact | ||
| [[email protected]](mailto:[email protected])) from the maintainers to push | ||
| the changes. | ||
| - [ ] I have added tests that prove my fix is effective or that my feature works | ||
| - [ ] I have added necessary documentation within the code base (if appropriate) | ||
| - [ ] I have documented my changes in the [developer guide](https://github.com/ory/docs) (if appropriate) | ||
| - [ ] I have documented my changes in the | ||
| [developer guide](https://github.com/ory/docs) (if appropriate) | ||
|
|
||
| ## Further comments | ||
|
|
||
|
|
||
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,6 +2,7 @@ | |
|
|
||
| <!-- START doctoc generated TOC please keep comment here to allow auto update --> | ||
| <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE --> | ||
|
|
||
| **Table of Contents** | ||
|
|
||
| - [Introduction](#introduction) | ||
|
|
@@ -16,78 +17,104 @@ | |
|
|
||
| ## Introduction | ||
|
|
||
| Please note: We take ORY Oathkeeper's security and our users' trust very seriously. If you believe you have found a | ||
| security issue in ORY Oathkeeper, please responsibly disclose by contacting us at [email protected]. | ||
| Please note: We take ORY Oathkeeper's security and our users' trust very | ||
| seriously. If you believe you have found a security issue in ORY Oathkeeper, | ||
| please responsibly disclose by contacting us at [email protected]. | ||
|
|
||
| First: if you're unsure or afraid of anything, just ask or submit the issue or pull request anyways. You won't be | ||
| yelled at for giving it your best effort. The worst that can happen is that you'll be politely asked to change | ||
| something. We appreciate any sort of contributions, and don't want a wall of rules to get in the way of that. | ||
| First: if you're unsure or afraid of anything, just ask or submit the issue or | ||
| pull request anyways. You won't be yelled at for giving it your best effort. The | ||
| worst that can happen is that you'll be politely asked to change something. We | ||
| appreciate any sort of contributions, and don't want a wall of rules to get in | ||
| the way of that. | ||
|
|
||
| That said, if you want to ensure that a pull request is likely to be merged, talk to us! You can find out our thoughts | ||
| and ensure that your contribution won't clash or be obviated by ORY Oathkeeper's normal direction. A great way to do this is via | ||
| the [ORY Community](https://community.ory.sh/) or join the [ORY Chat](https://www.ory.sh/chat). | ||
| That said, if you want to ensure that a pull request is likely to be merged, | ||
| talk to us! You can find out our thoughts and ensure that your contribution | ||
| won't clash or be obviated by ORY Oathkeeper's normal direction. A great way to | ||
| do this is via the [ORY Community](https://community.ory.sh/) or join the | ||
| [ORY Chat](https://www.ory.sh/chat). | ||
|
|
||
| ## Contributing Code | ||
|
|
||
| Unless you are fixing a known bug, we **strongly** recommend discussing it with the core team via a GitHub issue or | ||
| [in our chat](https://www.ory.sh/chat) before getting started to ensure your work is consistent with | ||
| ORY Oathkeeper's roadmap and architecture. | ||
| Unless you are fixing a known bug, we **strongly** recommend discussing it with | ||
| the core team via a GitHub issue or [in our chat](https://www.ory.sh/chat) | ||
| before getting started to ensure your work is consistent with ORY Oathkeeper's | ||
| roadmap and architecture. | ||
|
|
||
| All contributions are made via pull request. Note that **all patches from all contributors get reviewed**. After a pull | ||
| request is made other contributors will offer feedback, and if the patch passes review a maintainer will accept it with | ||
| a comment. When pull requests fail testing, authors are expected to update their pull requests to address the failures | ||
| until the tests pass and the pull request merges successfully. | ||
| All contributions are made via pull request. Note that **all patches from all | ||
| contributors get reviewed**. After a pull request is made other contributors | ||
| will offer feedback, and if the patch passes review a maintainer will accept it | ||
| with a comment. When pull requests fail testing, authors are expected to update | ||
| their pull requests to address the failures until the tests pass and the pull | ||
| request merges successfully. | ||
|
|
||
| At least one review from a maintainer is required for all patches (even patches from maintainers). | ||
| At least one review from a maintainer is required for all patches (even patches | ||
| from maintainers). | ||
|
|
||
| Reviewers should leave a "LGTM" comment once they are satisfied with the patch. If the patch was submitted by a | ||
| maintainer with write access, the pull request should be merged by the submitter after review. | ||
| Reviewers should leave a "LGTM" comment once they are satisfied with the patch. | ||
| If the patch was submitted by a maintainer with write access, the pull request | ||
| should be merged by the submitter after review. | ||
|
|
||
| ## Disclosing vulnerabilities | ||
|
|
||
| Please disclose vulnerabilities exclusively to [[email protected]](mailto:[email protected]). Do not use GitHub issues. | ||
| Please disclose vulnerabilities exclusively to [[email protected]](mailto:[email protected]). Do | ||
| not use GitHub issues. | ||
|
|
||
| ## Code Style | ||
|
|
||
| Please follow these guidelines when formatting source code: | ||
|
|
||
| * Go code should match the output of `gofmt -s` | ||
| - Go code should match the output of `gofmt -s` | ||
|
|
||
| ## Pull request procedure | ||
|
|
||
| To make a pull request, you will need a GitHub account; if you are unclear on this process, see GitHub's | ||
| documentation on [forking](https://help.github.com/articles/fork-a-repo) and [pull requests](https://help.github.com/articles/using-pull-requests). | ||
| Pull requests should be targeted at the `master` branch. Before creating a pull request, go through this checklist: | ||
| To make a pull request, you will need a GitHub account; if you are unclear on | ||
| this process, see GitHub's documentation on | ||
| [forking](https://help.github.com/articles/fork-a-repo) and | ||
| [pull requests](https://help.github.com/articles/using-pull-requests). Pull | ||
| requests should be targeted at the `master` branch. Before creating a pull | ||
| request, go through this checklist: | ||
|
|
||
| 1. Create a feature branch off of `master` so that changes do not get mixed up. | ||
| 1. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local changes against the `master` branch. | ||
| 1. Run the full project test suite with the `go test ./...` (or equivalent) command and confirm that it passes. | ||
| 1. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local | ||
| changes against the `master` branch. | ||
| 1. Run the full project test suite with the `go test ./...` (or equivalent) | ||
| command and confirm that it passes. | ||
| 1. Run `gofmt -s` (if the project is written in Go). | ||
| 1. Ensure that each commit has a subsystem prefix (ex: `controller: `). | ||
| 1. Ensure that each commit has a subsystem prefix (ex: `controller:`). | ||
|
|
||
| Pull requests will be treated as "review requests," and maintainers will give feedback on the style and substance of the patch. | ||
| Pull requests will be treated as "review requests," and maintainers will give | ||
| feedback on the style and substance of the patch. | ||
|
|
||
| Normally, all pull requests must include tests that test your change. Occasionally, a change will | ||
| be very difficult to test for. In those cases, please include a note in your commit message explaining why. | ||
| Normally, all pull requests must include tests that test your change. | ||
| Occasionally, a change will be very difficult to test for. In those cases, | ||
| please include a note in your commit message explaining why. | ||
|
|
||
| ## Communication | ||
|
|
||
| We use [discord](https://www.ory.sh/chat). You are welcome to drop in and ask questions, discuss bugs, etc. | ||
| We use [discord](https://www.ory.sh/chat). You are welcome to drop in and ask | ||
| questions, discuss bugs, etc. | ||
|
|
||
| ## Conduct | ||
|
|
||
| Whether you are a regular contributor or a newcomer, we care about making this community a safe place for you and | ||
| we've got your back. | ||
|
|
||
| * We are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, | ||
| sexual orientation, disability, ethnicity, religion, or similar personal characteristic. | ||
| * Please avoid using nicknames that might detract from a friendly, safe and welcoming environment for all. | ||
| * Be kind and courteous. There is no need to be mean or rude. | ||
| * We will exclude you from interaction if you insult, demean or harass anyone. In particular, we do not tolerate | ||
| behavior that excludes people in socially marginalized groups. | ||
| * Private harassment is also unacceptable. No matter who you are, if you feel you have been or are being harassed or | ||
| made uncomfortable by a community member, please contact one of the channel ops or a member of the ORY | ||
| Oathkeeper core team immediately. | ||
| * Likewise any spamming, trolling, flaming, baiting or other attention-stealing behaviour is not welcome. | ||
|
|
||
| We welcome discussion about creating a welcoming, safe, and productive environment for the community. If you have any questions, feedback, or concerns [please let us know](https://www.ory.sh/chat). | ||
| Whether you are a regular contributor or a newcomer, we care about making this | ||
| community a safe place for you and we've got your back. | ||
|
|
||
| - We are committed to providing a friendly, safe and welcoming environment for | ||
| all, regardless of gender, sexual orientation, disability, ethnicity, | ||
| religion, or similar personal characteristic. | ||
| - Please avoid using nicknames that might detract from a friendly, safe and | ||
| welcoming environment for all. | ||
| - Be kind and courteous. There is no need to be mean or rude. | ||
| - We will exclude you from interaction if you insult, demean or harass anyone. | ||
| In particular, we do not tolerate behavior that excludes people in socially | ||
| marginalized groups. | ||
| - Private harassment is also unacceptable. No matter who you are, if you feel | ||
| you have been or are being harassed or made uncomfortable by a community | ||
| member, please contact one of the channel ops or a member of the ORY | ||
| Oathkeeper core team immediately. | ||
| - Likewise any spamming, trolling, flaming, baiting or other attention-stealing | ||
| behaviour is not welcome. | ||
|
|
||
| We welcome discussion about creating a welcoming, safe, and productive | ||
| environment for the community. If you have any questions, feedback, or concerns | ||
| [please let us know](https://www.ory.sh/chat). | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -77,16 +77,22 @@ to build ORY Oathkeeper from source. | |
| ## Who's using it? | ||
|
|
||
| <!--BEGIN ADOPTERS--> | ||
| The ORY community stands on the shoulders of individuals, companies, and maintainers. We thank everyone involved - from | ||
| submitting bug reports and feature requests, to contributing patches, to sponsoring our work. Our community is | ||
| 1000+ strong and growing rapidly. The ORY stack protects 1.200.000.000+ API requests every month with over | ||
| 15.000+ active service nodes. Our small but expert team would have never been able to achieve this without each and | ||
| everyone of you. | ||
|
|
||
| The following list represents companies that have accompanied us along the way and that have made outstanding contributions | ||
| to our ecosystem. *If you think that your company deserves a spot here, reach out to <a href="mailto:[email protected]">[email protected]</a>now*! | ||
|
|
||
| **Please consider giving back by becoming a sponsor of our open source work on <a href="https://www.patreon.com/_ory">Patreon</a> or | ||
| The ORY community stands on the shoulders of individuals, companies, and | ||
| maintainers. We thank everyone involved - from submitting bug reports and | ||
| feature requests, to contributing patches, to sponsoring our work. Our community | ||
| is 1000+ strong and growing rapidly. The ORY stack protects 1.200.000.000+ API | ||
| requests every month with over 15.000+ active service nodes. Our small but | ||
| expert team would have never been able to achieve this without each and everyone | ||
| of you. | ||
|
|
||
| The following list represents companies that have accompanied us along the way | ||
| and that have made outstanding contributions to our ecosystem. _If you think | ||
| that your company deserves a spot here, reach out to | ||
| <a href="mailto:[email protected]">[email protected]</a>now_! | ||
|
|
||
| **Please consider giving back by becoming a sponsor of our open source work on | ||
| <a href="https://www.patreon.com/_ory">Patreon</a> or | ||
| <a href="https://opencollective.com/ory">Open Collective</a>.** | ||
|
|
||
| <table> | ||
|
|
@@ -164,15 +170,15 @@ as well as all of our backers | |
|
|
||
| <a href="https://opencollective.com/ory#backers" target="_blank"><img src="https://opencollective.com/ory/backers.svg?width=890"></a> | ||
|
|
||
| and past & current supporters (in alphabetical order) on [Patreon](https://www.patreon.com/_ory): Alexander Alimovs, | ||
| Billy, Chancy Kennedy, Drozzy, Edwin Trejos, Howard Edidin, Ken Adler Oz Haven, Stefan Hans, TheCrealm. | ||
| and past & current supporters (in alphabetical order) on | ||
| [Patreon](https://www.patreon.com/_ory): Alexander Alimovs, Billy, Chancy | ||
| Kennedy, Drozzy, Edwin Trejos, Howard Edidin, Ken Adler Oz Haven, Stefan Hans, | ||
| TheCrealm. | ||
|
|
||
| <em>* Uses one of ORY's major projects in production.</em> | ||
| <em>\* Uses one of ORY's major projects in production.</em> | ||
|
|
||
| <!--END ADOPTERS--> | ||
|
|
||
|
|
||
|
|
||
| ## Ecosystem | ||
|
|
||
| <a href="https://console.ory.sh/"> | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,19 +2,17 @@ | |
|
|
||
| ## Supported Versions | ||
|
|
||
| We release patches for security vulnerabilities. | ||
| Which versions are eligible receiving such patches | ||
| depend on the CVSS v3.0 Rating: | ||
| We release patches for security vulnerabilities. Which versions are eligible | ||
| receiving such patches depend on the CVSS v3.0 Rating: | ||
|
|
||
| | CVSS v3.0 | Supported Versions | | ||
| | ---------- | ----------------------------------------- | | ||
| | 9.0-10.0 | Releases within the previous three months | | ||
| | 4.0-8.9 | Most recent release | | ||
| | CVSS v3.0 | Supported Versions | | ||
| | --------- | ----------------------------------------- | | ||
| | 9.0-10.0 | Releases within the previous three months | | ||
| | 4.0-8.9 | Most recent release | | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| Please report (suspected) security vulnerabilities to | ||
| **[[email protected]](mailto:[email protected])**. You will receive | ||
| a response from us within 48 hours. If the issue is confirmed, | ||
| we will release a patch as soon as possible depending on complexity | ||
| but historically within a few days. | ||
| **[[email protected]](mailto:[email protected])**. You will receive a response from | ||
| us within 48 hours. If the issue is confirmed, we will release a patch as soon | ||
| as possible depending on complexity but historically within a few days. | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.