Changes from `RedirectToRoute` to `LocalRedirect` for the
authorization endpoint to improve security and ensure the
redirect stays within the application's domain.
Adds an endpoint to interact with the Tesla API via a command proxy.
This includes fetching vehicle information and configuring telemetry settings. It introduces new models to represent the Tesla API responses and request structures.
Replaces the default document retriever with a custom implementation.
This change simplifies the configuration by embedding the HTTP document retriever directly within the custom retriever, and centralizes the URL replacement logic for Tesla's OIDC configuration. This avoids injecting the HttpDocumentRetriever into the TeslaDocumentRetriever constructor and makes the code more maintainable.
Updates the Tesla OIDC address to use the production environment.
This ensures that the application uses the correct endpoint for authentication
and avoids issues related to using the development environment in production.
Removes the unnecessary instantiation of the OpenIdConnectConfigurationRetriever. The object is instantiated directly in the ConfigurationManager constructor, making the explicit instantiation redundant.
Configures the Tesla OIDC endpoints using the base URL
to dynamically set authorization, token, JWKS URI, end
session, and user info endpoints. This eliminates the need
for a URL override function and centralizes the endpoint
configuration logic.
Configures the OpenID Connect (OIDC) authentication flow by
explicitly setting the authorization, token, JWKS, end session, and
user info endpoints.
This change removes the custom OIDC configuration manager and
directly sets the configuration within the OIDC options. This approach
simplifies the configuration and ensures that the application uses
the correct endpoints for authentication and authorization with the
third-party provider.
Updates the authentication configuration to utilize Fleet-Auth's third-party OIDC configuration.
This change streamlines the authentication process by directly pointing to the third-party metadata and adds the Fleet API audience to the token request, ensuring proper authorization for accessing Tesla's Fleet API. It also configures Tesla specific parameters.
Improves authentication by adding a signing key resolver and overriding the token endpoint.
This change ensures proper validation of Tesla's OIDC tokens by fetching the signing keys from the issuer's `certs` endpoint and caching them. It also configures the token endpoint required for Tesla authentication.
Disables issuer validation during token authentication.
The token validation parameters are adjusted to bypass
issuer validation, since the issuer is already validated via the `ValidIssuers` parameter.
Adds multiple valid issuers to the authentication configuration.
This ensures compatibility with different Tesla authentication endpoints,
including fleet and regional variations.
Adds detailed logging of request headers for debugging purposes.
Clears known networks and proxies in forwarded headers options.
This change improves the ability to diagnose issues related to
request handling and forwarding in different environments.
Ensures the application correctly handles forwarded headers
by explicitly setting the `ForwardedHeaders` option to `ForwardedHeaders.All`.
This allows the application to properly determine the client's
IP address and other request information when behind a proxy
or load balancer.
Adds ForwardedHeaders to handle reverse proxy scenarios.
Adds a debug endpoint to display the correct scheme and host
when running behind a reverse proxy, aiding in debugging
authentication issues.
Updates the callback path for authentication to a relative path.
This change removes the hardcoded domain from the callback URL,
making the application more flexible and easier to deploy in
different environments.
Removes a redundant host config in the docker file.
Adds HttpContextAccessor to the service collection. This
component is used to provide access to the current request context.
Implements authentication against the Tesla Fleet API using OpenID Connect.
Uses a custom OIDC configuration manager to override the token endpoint.
Configures authentication services and adds required scopes and parameters.
Adds endpoints for application registration and token retrieval during development.
Implements the /Authorize endpoint to redirect users to the Tesla
authentication page. This allows users to grant the application
permission to access their Tesla account data.
Updates the public key resource to be copied on build, ensuring
it is always available at runtime.
Adds logic to validate the application registration by comparing the
public key retrieved from the Tesla API with the public key stored
locally.
Implements a workflow that builds, pushes, and runs a Docker container on push to the main branch.
This automates the process of building and deploying the application, ensuring that the latest changes are always reflected in the running container. It also handles stopping and removing existing containers before running the new one.
Adds initial files for a proof-of-concept project, including Dockerfile, .gitignore, project files, and MQTT-related services.
This commit sets up the basic structure and configuration for exploring and validating the core concepts of the project.
