dependabot[bot]
de6d1bea56
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.6 to 1.14.7
...
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3 ) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/mattn/go-sqlite3/releases )
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.6...v1.14.7 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-15 06:57:54 +00:00
dependabot[bot]
8fbbd4cec9
build(deps): bump alpine from 3.13.4 to 3.13.5
...
Bumps alpine from 3.13.4 to 3.13.5.
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-15 06:53:00 +00:00
Márk Sági-Kazár
b79d9a84bc
Merge pull request #2072 from dexidp/dependency-updates
...
Update dependencies
2021-04-08 17:50:52 +02:00
Mark Sagi-Kazar
03db309337
chore(deps): update dependencies
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-04-07 14:45:53 +02:00
Márk Sági-Kazár
c7549cce5b
Merge pull request #2071 from dexidp/dependabot/go_modules/github.com/go-ldap/ldap/v3-3.3.0
...
build(deps): bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.3.0
2021-04-06 10:15:37 +02:00
dependabot[bot]
656798c8bd
build(deps): bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.3.0
...
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap ) from 3.2.4 to 3.3.0.
- [Release notes](https://github.com/go-ldap/ldap/releases )
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.4...v3.3.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-06 07:01:29 +00:00
m.nabokikh
beb8911cf7
chore: add note about units to expire config
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-02 16:12:43 +04:00
dependabot[bot]
b73c406d21
Merge pull request #2069 from dexidp/dependabot/docker/golang-1.16.3-alpine3.13
2021-04-02 07:14:55 +00:00
dependabot[bot]
4b924f1d86
build(deps): bump golang from 1.16.2-alpine3.13 to 1.16.3-alpine3.13
...
Bumps golang from 1.16.2-alpine3.13 to 1.16.3-alpine3.13.
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-02 06:54:24 +00:00
dependabot[bot]
55352575b8
Merge pull request #2066 from dexidp/dependabot/docker/alpine-3.13.4
2021-04-01 11:20:38 +00:00
Márk Sági-Kazár
d2eb1b04dc
Merge pull request #2067 from dexidp/dependabot/go_modules/github.com/go-sql-driver/mysql-1.6.0
...
build(deps): bump github.com/go-sql-driver/mysql from 1.5.0 to 1.6.0
2021-04-01 13:18:21 +02:00
dependabot[bot]
0f4ad150ce
build(deps): bump github.com/go-sql-driver/mysql from 1.5.0 to 1.6.0
...
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases )
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.5.0...v1.6.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-01 07:23:52 +00:00
dependabot[bot]
b57c8fa75b
build(deps): bump alpine from 3.13.3 to 3.13.4
...
Bumps alpine from 3.13.3 to 3.13.4.
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-01 07:16:05 +00:00
dependabot[bot]
1076081f79
Merge pull request #2064 from dexidp/dependabot/docker/alpine-3.13.3
2021-03-26 10:41:31 +00:00
dependabot[bot]
f5a29bcdbb
build(deps): bump alpine from 3.13.2 to 3.13.3
...
Bumps alpine from 3.13.2 to 3.13.3.
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-26 06:48:52 +00:00
Márk Sági-Kazár
e18510b16e
Merge pull request #2058 from dexidp/proto
...
Upgrade protobuf and grpc
2021-03-24 20:18:08 +01:00
Mark Sagi-Kazar
95796b04a3
chore(deps): upgrade protobuf and grpc
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-24 19:17:26 +01:00
Márk Sági-Kazár
2bf728c6ec
Merge pull request #1926 from dexidp/update-etcd-3.5
...
Update etcd to 3.5
2021-03-23 14:44:26 +01:00
Mark Sagi-Kazar
356ccecc24
chore(deps): update etcd client to 3.5
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 22:12:35 +01:00
Márk Sági-Kazár
8e7ce6353f
Merge pull request #2057 from dexidp/codec
...
Upgrade protobuf in internal codec
2021-03-22 20:24:07 +01:00
Mark Sagi-Kazar
d25051c867
chore(deps): upgrade protobuf in server/internal package
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 19:27:47 +01:00
Mark Sagi-Kazar
41712bcbfa
build: rename old proto download targets
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 18:28:15 +01:00
Márk Sági-Kazár
e3f8b0f2f6
Merge pull request #2036 from flant/keystone-minor-fixes
...
chore: add keystone connector icon and bump tests dependencies
2021-03-22 17:51:19 +01:00
Márk Sági-Kazár
8cba308b0e
Merge pull request #2056 from dexidp/updates
...
Update xml roundtrip validator
2021-03-22 17:40:17 +01:00
Márk Sági-Kazár
3adb4e74df
Merge pull request #2055 from salmanisd/update-ldap-to-v3
...
connector/ldap: use go-ldap version v3
2021-03-22 17:39:50 +01:00
Márk Sági-Kazár
1ec5cf07f2
Merge pull request #2054 from dexidp/embed-web
...
Embed web assets
2021-03-22 17:38:09 +01:00
Mark Sagi-Kazar
3e12618f0c
chore(deps): update xml roundtrip validator
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 16:23:01 +01:00
Salman Ahmed
bbd8b3b3cd
connector/ldap: use go-ldap version v3
...
Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com>
2021-03-22 16:17:47 +01:00
Mark Sagi-Kazar
3ecdd57282
chore: change frontend dir default to unset
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Mark Sagi-Kazar
a050f3228a
feat: add DEX_FRONTEND_DIR env var for setting the frontend dir
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Mark Sagi-Kazar
3b80d480e5
feat!: move web assets to /srv in Dockerfile
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Mark Sagi-Kazar
d1e8b085e2
feat: use embedded assets by default
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:03 +01:00
Mark Sagi-Kazar
78fcac7568
feat: embed web assets
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 11:05:50 +01:00
Márk Sági-Kazár
3f0ca9b361
Merge pull request #1416 from concourse/pr/http-filesystem
...
Use http.FileSystem for web assets
2021-03-22 10:56:39 +01:00
Rui Yang
2f28fc7451
default to ./web when Dir and WebFS are not set
...
update WebFS doc
Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
4e569024fd
use go 1.16 new package io/fs
...
Unify the interface for reading web statics. Now it could read an
OS directory or get the content on live
One could use
//go:embed static
var webFiles embed.FS
anywhere and config dex server to take the file system by setting
WebConfig{WebFS: webFiles}
Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
7b50cbf0ac
use pkger for embedding static contents
...
Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-03-20 20:05:59 +00:00
Rui Yang
1eab25f89f
use web host url for asset hosting
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
10e9054811
Use http.FileSystem for web assets
...
Signed-off-by: Rui Yang <ryang@pivotal.io>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
d658c24e8f
add dex config flag for enabling client secret encryption
...
* if enabled, it will make sure client secret is bcrypted correctly
* if not, it falls back to old behaviour that allowing empty client
secret and comparing plain text, though now it will do
ConstantTimeCompare to avoid a timing attack.
So in either way it should provide more secure of client secret
verification.
Co-authored-by: Alex Surraci <suraci.alex@gmail.com>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-03-20 20:05:56 +00:00
Josh Winters
ec6f3a2f19
use bcrypt when comparing client secrets
...
- this assumes that the client is already bcrytped
when passed to dex. Similar to user passwords.
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
2021-03-20 20:05:56 +00:00
Márk Sági-Kazár
a1adf86e53
Merge pull request #2053 from dexidp/fix-gomplate-slim
...
fix: stop using slim version of gomplate
2021-03-20 13:59:51 +01:00
Mark Sagi-Kazar
27dfbc0344
fix: stop using slim version of gomplate
...
See hairyhenderson/gomplate#1085
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-20 13:23:46 +01:00
dependabot[bot]
83ad7bc4e3
Merge pull request #2037 from dexidp/dependabot/docker/golang-1.16.2-alpine3.13
2021-03-12 08:49:06 +00:00
dependabot[bot]
8fee3cd212
build(deps): bump golang from 1.16.1-alpine3.13 to 1.16.2-alpine3.13
...
Bumps golang from 1.16.1-alpine3.13 to 1.16.2-alpine3.13.
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-12 06:42:23 +00:00
m.nabokikh
6be747142a
chore: add keystone connector icon and bump tests dependencies
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-11 23:03:37 +04:00
dependabot[bot]
dab9f98a15
Merge pull request #2035 from dexidp/dependabot/docker/golang-1.16.1-alpine3.13
2021-03-11 07:13:08 +00:00
dependabot[bot]
d93a238a42
build(deps): bump golang from 1.16.0-alpine3.13 to 1.16.1-alpine3.13
...
Bumps golang from 1.16.0-alpine3.13 to 1.16.1-alpine3.13.
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-11 06:50:39 +00:00
Márk Sági-Kazár
3ae53f7434
Make OpenShift an alpha connector
...
I'm not sure why this was ever marked as stable.
2021-03-10 16:12:05 +01:00
dependabot[bot]
b9ff4dd9ae
Merge pull request #2032 from dexidp/dependabot/go_modules/github.com/sirupsen/logrus-1.8.1
2021-03-10 11:47:37 +00:00