k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
2,006 Commits 1 Branch 0 Tags
2b262ff5d6005b479864c52a36bb56b49dd98a24
Commit Graph

290 Commits

Author SHA1 Message Date
Daniel Haus
2b262ff5d6 Create setting to allow to trust the system root CAs 
Previously, when rootCA was set, the trusted system root CAs were ignored. Now, allow for both being able to be configured and used

Signed-off-by: Daniel Haus <dhaus@redhat.com>
 2022-04-12 17:38:58 +02:00
Maksim Nabokikh
5f9abc5be8 Merge pull request #2371 from seuf/authproxy-groups-configuration 
Allow configuration of returned groups via authproxy connector
 2022-03-04 00:44:56 +04:00
Maksim Nabokikh
5b0cb0704a Merge pull request #2342 from dhaus67/refresh-token-openshift-connector 
Add support for RefreshConnector for openshift connector.
 2022-03-02 11:46:21 +04:00
seuf
4ee9658dfe [authproxy] Allow configuration of returned groups 
Via HTTP Header if present and with manually configured staticGroups in authproxy connector

Signed-off-by: seuf <seuf76@gmail.com>
 2022-01-31 10:36:54 +01:00
Rahul M Chheda
2bc4ad6b56 [fix] Replace /teams API w/ /workspaces endpoints 
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
 2022-01-27 14:08:48 +05:30
Happy2C0de
419db81c67 Remove overrideWithMissingCustomEmailClaim 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Happy2C0de
55605751f5 Add overrideWithMissingCustomEmailClaim test 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Happy2C0de
b28098dde8 Revert querying preferrredUsernameKey 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Happy2C0de
1608b473eb Remove false failed errors. 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Happy2C0de
2b6bb1997c Revert ClaimMapping struct 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Happy2C0de
14a0aecc81 Move claimMapping.enforce to overrideClaimMapping 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Happy2C0de
45143c98b3 Add claimMapping enforcement 
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
 2022-01-19 13:38:09 +01:00
Maksim Nabokikh
9d3471e39b Merge pull request #2026 from flant/ldap-groups-user-matcher-warning 
chore: warning about deprecated LDAP groupSearch fields
 2021-12-11 13:26:30 +04:00
Daniel Haus
6256b863b0 Fix linting issues. 
Signed-off-by: Daniel Haus <dhaus@redhat.com>
 2021-12-06 13:28:25 +01:00
Daniel Haus
6d55fe1c80 Add support for refresh tokens for openshift connector. 
Signed-off-by: Daniel Haus <dhaus@redhat.com>
 2021-12-03 16:38:56 +01:00
Rui Yang
539e08ba50 small refactors and cleanup 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-12-01 12:45:25 -05:00
Rui Yang
8b865169bd fix minor compilation error for group claim 
us 'os' insteak of 'io/ioutil'

Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-11-17 17:58:34 -05:00
Vlad Safronov
7c80e44caf Add a test case 
Signed-off-by: Vlad Safronov <vladislav.safronov@oracle.com>
 2021-11-17 15:06:54 -05:00
Vlad Safronov
45932bd38a skymarshal: behaviour: Handle groups as maps 
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.

concourse/dex#23

Signed-off-by: Vlad Safronov <vladislav.safronov@oracle.com>
 2021-11-17 15:06:54 -05:00
Rui Yang
f980d3e0a7 cleanup and optimization 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-11-17 15:06:54 -05:00
Rui Yang
8ea121b45a move oauth connector doc to dex website repo 
move default key values configure to connector construct function

Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-11-17 15:06:54 -05:00
Rui Yang
02860da8b6 use claim mappings when retrieving user identity 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-11-17 15:06:54 -05:00
Rui Yang
60b8875780 use testify in oauth tests 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-11-17 15:06:54 -05:00
Rui Yang
9952851cc4 add configurable preferred_username key 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2021-11-17 15:06:54 -05:00
Rui Yang
930b331a5b use PreferredUsername 
Signed-off-by: Rui Yang <ryang@pivotal.io>
 2021-11-17 15:06:53 -05:00
Josh Winters
a087c05ebf Make oauth user name and user id configurable 
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
 2021-11-17 15:06:53 -05:00
Joshua Winters
9284ffb8c0 Add generic oauth connector 
Co-authored-by: Shash Reddy <sreddy@pivotal.io>
Signed-off-by: Joshua Winters <jwinters@pivotal.io>
 2021-11-17 15:06:53 -05:00
Matt Hoey
ee5b5b25bd Resolves #2111 Option to fetch transitive group membership 
Signed-off-by: Matt Hoey <matt.hoey@missionlane.com>
 2021-10-17 12:48:22 -07:00
Eng Zer Jun
f0186ff265 refactor: move from io/ioutil to io and os package 
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-09-17 14:12:39 +08:00
Henning
138364ceeb handlePasswordGrant: insert connectorData into OfflineSession (#2199) 
* handlePasswordGrant: insert connectorData into OfflineSession

This change will insert the ConnectorData from the initial Login
into the OfflineSession, as already done in handlePasswordLogin.

Signed-off-by: Henning Surmeier <h.surmeier@mittwald.de>
 2021-07-21 00:05:35 +04:00
Mark Sagi-Kazar
215c3160f8 fix(connector/ldap): explicit anonymus ldap bind 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2021-06-28 17:49:47 +02:00
m.nabokikh
dea1d3383c Deprecation warning log message 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-05-24 19:40:28 +04:00
m.nabokikh
13a83d9bba chore: warning about deprecated LDAP groupSearch fields 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-05-24 19:08:13 +04:00
Márk Sági-Kazár
b1ac799073 Merge pull request #1912 from wellplayedgames/microsoft-prompt-type 
Support setting the prompt type for the Microsoft connector
 2021-04-24 10:58:43 +02:00
Márk Sági-Kazár
e3f8b0f2f6 Merge pull request #2036 from flant/keystone-minor-fixes 
chore: add keystone connector icon and bump tests dependencies
 2021-03-22 17:51:19 +01:00
Salman Ahmed
bbd8b3b3cd connector/ldap: use go-ldap version v3 
Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com>
 2021-03-22 16:17:47 +01:00
m.nabokikh
6be747142a chore: add keystone connector icon and bump tests dependencies 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-03-11 23:03:37 +04:00
m.nabokikh
84a07a7805 Do not run LDAP tests if DEX_LDAP_HOST is not set 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-02-20 17:05:41 +04:00
m.nabokikh
1f2771b57e fix: do not run LDAP tests locally by default 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-02-20 12:55:52 +04:00
Mark Sagi-Kazar
6f70272bc3 test(connector/ldap): remove ldap test gate 
Now that the ldap tests don't create containers on the fly
they can run the same way as other integration tests.

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2021-02-15 16:46:43 +01:00
Mark Sagi-Kazar
f11db50369 test(connector/ldap): rewrite tests to use a single server instance 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2021-02-15 16:37:03 +01:00
m.nabokikh
b2e9f67edc Enable unparam, prealloc, sqlclosecheck linters 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-01-15 19:29:13 +04:00
Mark Sagi-Kazar
b8ac640c4f Update oidc library 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2021-01-13 19:56:09 +01:00
Erica Taylor
ba47aaba86 microsoft: Support setting the prompt type 
Signed-off-by: Erica Taylor <ricky@wellplayed.games>
 2021-01-11 11:48:58 +00:00
Márk Sági-Kazár
4f326390aa Merge pull request #1839 from seuf/authproxy-header-configuration 
Allow configuration of returned auth proxy header
 2021-01-07 10:40:57 +01:00
Márk Sági-Kazár
ee50c09313 Merge pull request #1888 from VF-mbrauer/UPN-Lowercase 
Added the possibility to activate lowercase for UPN-Strings
 2021-01-06 20:36:43 +01:00
Maik Brauer
0d53fa2f42 Merge branch 'UPN-Lowercase' of https://github.com/VF-mbrauer/dex into UPN-Lowercase 
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
 2021-01-05 21:48:02 +01:00
Maik Brauer
c55f17ea64 Adapted recommendation from Maintainer for PR #1888 
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
 2021-01-05 21:36:41 +01:00
Maik Brauer
4d246bc9dc Adapted recommendation from Maintainer for PR #1888 
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
 2021-01-05 17:12:45 +01:00
Maik Brauer
eb9ef3b0ec Added the possibility to acticate lowercase for UPN-Strings 
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
 2021-01-04 15:07:14 +01:00