David Taylor e0a6d12c55 Use service account credentials for fetching google hd groups (#18329) ... The previous implementation would attempt to fetch groups using the end-user's Google auth token. This only worked for admin accounts, or users with 'delegated' access to the `admin.directory.group.readonly` API. This commit changes the approach to use a single 'service account' for fetching the groups. This removes the need to add permissions to all regular user accounts. I'll be updating the [meta docs](https://meta.discourse.org/t/226850) with instructions on setting up the service account. This is technically a breaking change in behavior, but the existing implementation was marked experimental, and is currently unusable in production google workspace environments.		2022-10-13 16:04:42 +01:00
..
auth_provider.rb	DEV: Let's always give a drop_from param to deprecate (#14901)	2021-11-12 08:52:59 -06:00
authenticator.rb	FEATURE: Experimental support for group membership via google auth (#14835)	2021-12-09 12:30:27 +00:00
current_user_provider.rb	FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)	2021-11-17 23:27:30 +03:00
default_current_user_provider.rb	FIX: Make sure first admin users are added to auto groups (#18494)	2022-10-06 15:16:38 +10:00
discord_authenticator.rb	DEV: Update Discord API domain (#15953)	2022-02-15 10:25:42 +00:00
facebook_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00
github_authenticator.rb	DEV: Upgrade to Rails 7	2022-04-28 11:51:03 +02:00
google_oauth2_authenticator.rb	Use service account credentials for fetching google hd groups (#18329)	2022-10-13 16:04:42 +01:00
managed_authenticator.rb	DEV: Allow ManagedAuthenticator classes to match by username (#18517)	2022-10-11 11:25:13 +01:00
result.rb	FEATURE: Add fallback to suggested value when auth_overrides_username (#16612)	2022-05-04 11:22:09 +01:00
twitter_authenticator.rb	DEV: enable frozen string literal on all files	2019-05-13 09:31:32 +08:00