Ev 
							
						 
					 
					
						
						
							
						
						5144ef643b 
					 
					
						
						
							
							Updated openid-connect.md: small typo  
						
						... 
						
						
						
						Protocol is written protocl. 
						
						
					 
					
						2016-11-24 14:01:47 -05:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						8b8c076ecf 
					 
					
						
						
							
							Documentation: clarify difference between LDAP ports and security guarantees  
						
						... 
						
						
						
						Now that LDAP supports an `insecureSkipVerify` option, clarify that
`insecureNoTLS` is an extremely bad choice and as such we may drop
support for 389 in the future.
However, since we send plain text passwords from our frontend to our
backend, this probably gets us into a bigger conversation about dex's
TLS story. For example when terminiation is approporate. cc'ing
@dghubble for thoughts on how that might apply to our internal uses.
We probably want an overaching security doc at some point, but that
can be another PR. 
						
						
					 
					
						2016-11-23 12:26:44 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						a607ff7a3a 
					 
					
						
						
							
							Merge pull request  #696  from ericchiang/switch-go-oidc-client  
						
						... 
						
						
						
						*: switch oidc client to github.com/coreos/go-oidc 
						
						
					 
					
						2016-11-22 13:42:28 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						a876ab37af 
					 
					
						
						
							
							vendor: revendor  
						
						
						
						
					 
					
						2016-11-22 13:29:17 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						522749b5d8 
					 
					
						
						
							
							*: switch oidc client to github.com/coreos/go-oidc  
						
						... 
						
						
						
						This saves us from having to import two different versions of
square/go-jose. 
						
						
					 
					
						2016-11-22 13:29:17 -08:00 
						 
				 
			
				
					
						
							
							
								rithu leena john 
							
						 
					 
					
						
						
							
						
						5ed42be7a5 
					 
					
						
						
							
							Merge pull request  #702  from ericchiang/connector-interface-cleanup  
						
						... 
						
						
						
						connector: add RefreshConnector interface 
						
						
					 
					
						2016-11-22 13:10:13 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						6980920a3a 
					 
					
						
						
							
							*: document the GitHub connector  
						
						
						
						
					 
					
						2016-11-22 12:53:46 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						55e97d90a6 
					 
					
						
						
							
							*: add tests for the RefreshConnector  
						
						
						
						
					 
					
						2016-11-22 12:53:46 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						952e0f81f5 
					 
					
						
						
							
							connector: add RefreshConnector interface  
						
						
						
						
					 
					
						2016-11-22 12:53:46 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						27fb7c523e 
					 
					
						
						
							
							Merge pull request  #704  from Calpicow/oidc_callback_fix  
						
						... 
						
						
						
						Fix Google OIDC callback url 
						
						
					 
					
						2016-11-21 10:31:44 -08:00 
						 
				 
			
				
					
						
							
							
								Phu Kieu 
							
						 
					 
					
						
						
							
						
						ba58f3f43b 
					 
					
						
						
							
							Fix Google OIDC callback url  
						
						
						
						
					 
					
						2016-11-21 10:25:16 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						35f16b6639 
					 
					
						
						
							
							Merge pull request  #703  from ericchiang/readme-updates  
						
						... 
						
						
						
						*: small README link additions 
						
						
					 
					
						2016-11-18 17:12:20 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						baa9096b6e 
					 
					
						
						
							
							*: small README link additions  
						
						
						
						
					 
					
						2016-11-18 17:07:10 -08:00 
						 
				 
			
				
					
						
							
							
								rithu leena john 
							
						 
					 
					
						
						
							
						
						8bf70ace74 
					 
					
						
						
							
							Merge pull request  #701  from ericchiang/ldap-escape-filter  
						
						... 
						
						
						
						connector/ldap: use gopkg.in/ldap.v2's escape filter 
						
						
					 
					
						2016-11-18 15:28:11 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						ae4c32bc3b 
					 
					
						
						
							
							connector/ldap: use gopkg.in/ldap.v2's escape filter  
						
						... 
						
						
						
						Use the escape filter method provided by the upstream LDAP package
instead of rolling our own. 
						
						
					 
					
						2016-11-18 15:16:40 -08:00 
						 
				 
			
				
					
						
							
							
								rithu leena john 
							
						 
					 
					
						
						
							
						
						d862561150 
					 
					
						
						
							
							Merge pull request  #700  from ericchiang/fix-expiry-test-flake  
						
						... 
						
						
						
						server: fix expiry test flake 
						
						
					 
					
						2016-11-18 14:39:46 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						a7db295714 
					 
					
						
						
							
							Merge pull request  #698  from Calpicow/groupsearch_by_dn  
						
						... 
						
						
						
						Allow getAttr to return DN 
						
						
					 
					
						2016-11-18 13:55:18 -08:00 
						 
				 
			
				
					
						
							
							
								Phu Kieu 
							
						 
					 
					
						
						
							
						
						d4aba443ac 
					 
					
						
						
							
							Allow getAttr to return DN  
						
						... 
						
						
						
						Specify "DN" as attribute name to return, but will only work if not present in ldap.Entry.Attributes
Use when full DN is stored in groupSearch's userAttr 
						
						
					 
					
						2016-11-18 13:51:47 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						5c602d36d9 
					 
					
						
						
							
							server: fix expiry test flake  
						
						... 
						
						
						
						Ensure compared times are within a second of one another instead of
rounding, which can flake if the two times are different enough to
do round to different values.
Tested using the golang.org/x/tools/cmd/stress tool.
The following set of commands fail without this patch:
    $ go get golang.org/x/tools/cmd/stress
    $ go test -o server.test github.com/coreos/dex/server
    $ stress ./server.test -test.run=TestOAuth2CodeFlow
    219 runs so far, 0 failures
    425 runs so far, 0 failures
    618 runs so far, 0 failures
    802 runs so far, 0 failures
    ^C
Closes  #699  
						
						
					 
					
						2016-11-18 13:47:16 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						f45a1a9375 
					 
					
						
						
							
							Merge pull request  #697  from Calpicow/enable_groups  
						
						... 
						
						
						
						Enable groups scope 
						
						
					 
					
						2016-11-18 13:32:01 -08:00 
						 
				 
			
				
					
						
							
							
								Phu Kieu 
							
						 
					 
					
						
						
							
						
						35180a72f1 
					 
					
						
						
							
							Enable groups scope  
						
						
						
						
					 
					
						2016-11-18 13:13:32 -08:00 
						 
				 
			
				
					
						
							
							
								rithu leena john 
							
						 
					 
					
						
						
							
						
						04360fa354 
					 
					
						
						
							
							Merge pull request  #695  from rithujohn191/add-list-password  
						
						... 
						
						
						
						api: add call to list passwords 
						
						
					 
					
						2016-11-17 17:23:32 -08:00 
						 
				 
			
				
					
						
							
							
								rithu john 
							
						 
					 
					
						
						
							
						
						ee9738d663 
					 
					
						
						
							
							api: adding a gRPC call for listing passwords.  
						
						
						
						
					 
					
						2016-11-17 16:56:54 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						e6b54250db 
					 
					
						
						
							
							Merge pull request  #684  from ericchiang/examples-k8s-fixup  
						
						... 
						
						
						
						examples/k8s: update kubernetes examples 
						
						
					 
					
						2016-11-17 15:28:00 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						3ecfaf700e 
					 
					
						
						
							
							examples/k8s: update kubernetes examples  
						
						
						
						
					 
					
						2016-11-17 14:10:55 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						ff748a2f52 
					 
					
						
						
							
							Merge pull request  #694  from ericchiang/delete-todo  
						
						... 
						
						
						
						*: remove TODO.md file 
						
						
					 
					
						2016-11-17 10:59:56 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						2b20c4565f 
					 
					
						
						
							
							*: remove TODO.md file  
						
						... 
						
						
						
						This existed for when we were developing v2 but v1 was using the
issue tracker. We've since moved these goals to the issue tracker. 
						
						
					 
					
						2016-11-17 10:53:11 -08:00 
						 
				 
			
				
					
						
							
							
								rithu john 
							
						 
					 
					
						
						
							
						
						19c22807a7 
					 
					
						
						
							
							api: adding ListPasswords() method to the storage interface.  
						
						
						
						
					 
					
						2016-11-16 17:25:38 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						2e74b48492 
					 
					
						
						
							
							Merge pull request  #690  from rithujohn191/connector-docs  
						
						... 
						
						
						
						Documentation: LDAP connector documentation. 
						
						
					 
					
						2016-11-16 16:11:44 -08:00 
						 
				 
			
				
					
						
							
							
								rithu john 
							
						 
					 
					
						
						
							
						
						8589650605 
					 
					
						
						
							
							Documentation: LDAP connector documentation.  
						
						
						
						
					 
					
						2016-11-16 15:29:17 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						57178fd5f3 
					 
					
						
						
							
							Merge pull request  #685  from ericchiang/add-openssl-to-docker-container  
						
						... 
						
						
						
						Dockerfile: add OpenSSL to Docker container 
						
						
					 
					
						2016-11-16 09:47:23 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						13a1ebe053 
					 
					
						
						
							
							Merge pull request  #689  from cjyar/master  
						
						... 
						
						
						
						connector/ldap: Always set tls.Config.ServerName, to support LDAP ser… 
						
						
					 
					
						2016-11-15 13:44:43 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						91c88c8b12 
					 
					
						
						
							
							Merge pull request  #688  from SEJeff/patch-1  
						
						... 
						
						
						
						Fix a tyop in the storage documentation 
						
						
					 
					
						2016-11-15 13:38:15 -08:00 
						 
				 
			
				
					
						
							
							
								Jeff Schroeder 
							
						 
					 
					
						
						
							
						
						da6cd9687d 
					 
					
						
						
							
							Documentation: fix a typo in the storage documentation  
						
						
						
						
					 
					
						2016-11-15 15:14:11 -06:00 
						 
				 
			
				
					
						
							
							
								Chris Jones 
							
						 
					 
					
						
						
							
						
						384ac87deb 
					 
					
						
						
							
							connector/ldap: Always set tls.Config.ServerName, to support LDAP servers with public CA certs.  
						
						
						
						
					 
					
						2016-11-15 14:06:39 -07:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						2ec3349f5d 
					 
					
						
						
							
							Merge pull request  #686  from cjyar/master  
						
						... 
						
						
						
						Require the connector to have an ID. 
						
						
					 
					
						2016-11-15 11:10:22 -08:00 
						 
				 
			
				
					
						
							
							
								Chris Jones 
							
						 
					 
					
						
						
							
						
						a2b78c28fc 
					 
					
						
						
							
							cmd/dex: validate that connectors have an ID.  
						
						
						
						
					 
					
						2016-11-15 11:39:45 -07:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						ff119d1556 
					 
					
						
						
							
							Dockerfile: add OpenSSL to Docker container  
						
						... 
						
						
						
						Add OpenSSL to the dex Docker container so wget can be used to query
HTTPS endpoint. This is a requirement for health checking when dex is
doing its own TLS termination.
This increased the image size from 20.37 MB to 20.92 MB (+550 KB).
Additionally add Ed and Rithu as maintainers. 
						
						
					 
					
						2016-11-14 17:25:19 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						e1f6679107 
					 
					
						
						
							
							Merge pull request  #683  from rithujohn191/add-version-endpoint  
						
						... 
						
						
						
						api: add gRPC definition for version endpoint. 
						
						
					 
					
						2016-11-14 12:33:09 -08:00 
						 
				 
			
				
					
						
							
							
								rithu john 
							
						 
					 
					
						
						
							
						
						de4e23a27b 
					 
					
						
						
							
							api: add gRPC definition for version endpoint.  
						
						
						
						
					 
					
						2016-11-14 11:37:48 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						36ade89e54 
					 
					
						
						
							
							Merge pull request  #680  from jvanderhoof/patch-1  
						
						... 
						
						
						
						Small spelling fix. 
						
						
					 
					
						2016-11-11 13:42:46 -08:00 
						 
				 
			
				
					
						
							
							
								Jason Vanderhoof 
							
						 
					 
					
						
						
							
						
						80770df520 
					 
					
						
						
							
							Small spelling fix.  
						
						
						
						
					 
					
						2016-11-11 14:24:17 -07:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						48449e718c 
					 
					
						
						
							
							Merge pull request  #676  from srenatus/patch-1  
						
						... 
						
						
						
						README: fix links 
						
						
					 
					
						2016-11-09 00:06:15 -08:00 
						 
				 
			
				
					
						
							
							
								Stephan Renatus 
							
						 
					 
					
						
						
							
						
						18d53e7a28 
					 
					
						
						
							
							README: fix links  
						
						
						
						
					 
					
						2016-11-09 09:03:14 +01:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						16d5e02cbb 
					 
					
						
						
							
							Merge pull request  #675  from ericchiang/readme-tweeks  
						
						... 
						
						
						
						README: add link on v2 and section on getting help 
						
						
					 
					
						2016-11-08 15:30:00 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						447253c8de 
					 
					
						
						
							
							README: add link on v2 and section on getting help  
						
						
						
						
					 
					
						2016-11-08 15:29:13 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						674bec0468 
					 
					
						
						
							
							Merge pull request  #674  from ericchiang/readme-docs-v2  
						
						... 
						
						
						
						*: readme updates for v2 
						
						
					 
					
						2016-11-08 15:20:51 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						a52e324f68 
					 
					
						
						
							
							*: readme updates for v2  
						
						
						
						
					 
					
						2016-11-08 14:36:29 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						2417fc9154 
					 
					
						
						
							
							Documentation/logos: add logos  
						
						
						
						
					 
					
						2016-11-08 11:51:47 -08:00 
						 
				 
			
				
					
						
							
							
								Eric Chiang 
							
						 
					 
					
						
						
							
						
						96fb0733fe 
					 
					
						
						
							
							Merge pull request  #669  from ericchiang/config-env  
						
						... 
						
						
						
						cmd/dex: only expand from env for storages and connectors 
						
						
					 
					
						2016-11-05 17:56:11 -07:00