Merge pull request #1795 from lzeng27/master

update documentation
This commit is contained in:
Márk Sági-Kazár 2020-09-09 17:47:18 +02:00 committed by GitHub
commit e837475ca6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 1 deletions

View File

@ -122,6 +122,28 @@ connectors:
rootCA: /etc/dex/ca.crt rootCA: /etc/dex/ca.crt
``` ```
### Generate TLS assets
Running Dex with HTTPS enabled requires a valid SSL certificate, and the API server needs to trust the certificate of the signing CA using the `--oidc-ca-file` flag.
For our example use case, the TLS assets can be created using the following command:
```
$ ./examples/k8s/gencert.sh
```
This will generate several files under the `ssl` directory, the important ones being `cert.pem` ,`key.pem` and `ca.pem`. The generated SSL certificate is for 'dex.example.com', although you could change this by editing `gencert.sh` if required.
### Run example client app with Github config
```
./bin/example-app --issuer-root-ca examples/k8s/ssl/ca.pem
```
1. Open browser to http://127.0.0.1:5555
2. Click Login
3. Select Log in with GitHub and grant access to dex to view your profile
[github-oauth2]: https://github.com/settings/applications/new [github-oauth2]: https://github.com/settings/applications/new
[github-orgs]: https://developer.github.com/v3/orgs/ [github-orgs]: https://developer.github.com/v3/orgs/
[github-request-org-access]: https://help.github.com/articles/requesting-organization-approval-for-oauth-apps/ [github-request-org-access]: https://help.github.com/articles/requesting-organization-approval-for-oauth-apps/

View File

@ -22,7 +22,7 @@ The [example config][example-config] file documents many of the configuration op
## Running a client ## Running a client
Dex operates like most other OAuth2 providers. Users are redirected from a client app to dex to login. Dex ships with an example client app (also built with the `make` command), for testing and demos. Dex operates like most other OAuth2 providers. Users are redirected from a client app to dex to login. Dex ships with an example client app (built with the `make examples` command), for testing and demos.
By default, the example client is configured with the same OAuth2 credentials defined in `examples/config-dev.yaml` to talk to dex. Running the example app will cause it to query dex's [discovery endpoint][oidc-discovery] and determine the OAuth2 endpoints. By default, the example client is configured with the same OAuth2 credentials defined in `examples/config-dev.yaml` to talk to dex. Running the example app will cause it to query dex's [discovery endpoint][oidc-discovery] and determine the OAuth2 endpoints.