k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
2,079 Commits 1 Branch 0 Tags
3a83b6ce3946fa6e7d85a8519c36e2db8f7a544d
Commit Graph

2079 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric Chiang
3b99e8f22a *: update vendored go-oidc 
Includes fixes for a panic when using HTTP/2[0] and some HTTPs calls
not actually using their passed context[1].

[0] https://github.com/coreos/go-oidc/pull/117
[1] https://github.com/coreos/go-oidc/pull/119
 2016-12-01 13:13:27 -08:00
Eric Chiang
4d88eabb50 Merge pull request #714 from amrutac/refactor-css 
Refactor css
 2016-12-01 13:11:19 -08:00
Amruta Chitnis
170727454d web: Updates classes in templates 2016-12-01 12:18:12 -08:00
Amruta Chitnis
fabdae8e71 web: Updates css 2016-12-01 12:17:48 -08:00
Amruta Chitnis
da872ecd35 web: Adds tectonic specific files 2016-12-01 12:16:18 -08:00
Amruta Chitnis
513525c0ab web: Adds svg files for icons 2016-12-01 12:15:47 -08:00
rithu leena john
b38d355202 Merge pull request #713 from ericchiang/example-app-state 
cmd/example-app: use a non-empty state
 2016-12-01 09:57:25 -08:00
Eric Chiang
aebb6818b7 cmd/example-app: use a non-empty state 
Use a non-empty state in the example-app to ensure dex is properly
preserving the state for the code flow.

Updates #712
 2016-12-01 09:05:56 -08:00
rithu leena john
9d9ad4a5b3 Merge pull request #711 from ericchiang/themes 
*: add theme based frontend configuration
 2016-11-30 22:56:09 -08:00
Eric Chiang
391dc51c13 *: add theme based frontend configuration 
This PR reworks the web layout so static files can be provided and
a "themes" directory to allow a certain degree of control over logos,
styles, etc.

This PR does NOT add general support for frontend customization,
only enough to allow us to start exploring theming internally.
The dex binary also must now be run from the root directory since
templates are no longer "compiled into" the binary.

The docker image has been updated with frontend assets.
 2016-11-30 17:20:21 -08:00
Eric Chiang
e267dbd236 Merge pull request #708 from ericchiang/ldap-security-docs 
Documentation: clarify difference between LDAP ports and security guarentees
 2016-11-28 17:07:24 -08:00
Eric Chiang
6202e4d912 Merge pull request #709 from evanluc/patch-1 
Updated openid-connect.md: small typo
 2016-11-24 23:13:31 -08:00
Ev
5144ef643b Updated openid-connect.md: small typo 
Protocol is written protocl.
 2016-11-24 14:01:47 -05:00
Eric Chiang
8b8c076ecf Documentation: clarify difference between LDAP ports and security guarantees 
Now that LDAP supports an `insecureSkipVerify` option, clarify that
`insecureNoTLS` is an extremely bad choice and as such we may drop
support for 389 in the future.

However, since we send plain text passwords from our frontend to our
backend, this probably gets us into a bigger conversation about dex's
TLS story. For example when terminiation is approporate. cc'ing
@dghubble for thoughts on how that might apply to our internal uses.

We probably want an overaching security doc at some point, but that
can be another PR.
 2016-11-23 12:26:44 -08:00
Eric Chiang
a607ff7a3a Merge pull request #696 from ericchiang/switch-go-oidc-client 
*: switch oidc client to github.com/coreos/go-oidc
 2016-11-22 13:42:28 -08:00
Eric Chiang
a876ab37af vendor: revendor 2016-11-22 13:29:17 -08:00
Eric Chiang
522749b5d8 *: switch oidc client to github.com/coreos/go-oidc 
This saves us from having to import two different versions of
square/go-jose.
 2016-11-22 13:29:17 -08:00
rithu leena john
5ed42be7a5 Merge pull request #702 from ericchiang/connector-interface-cleanup 
connector: add RefreshConnector interface
 2016-11-22 13:10:13 -08:00
Eric Chiang
6980920a3a *: document the GitHub connector 2016-11-22 12:53:46 -08:00
Eric Chiang
55e97d90a6 *: add tests for the RefreshConnector 2016-11-22 12:53:46 -08:00
Eric Chiang
952e0f81f5 connector: add RefreshConnector interface 2016-11-22 12:53:46 -08:00
Eric Chiang
27fb7c523e Merge pull request #704 from Calpicow/oidc_callback_fix 
Fix Google OIDC callback url
 2016-11-21 10:31:44 -08:00
Phu Kieu
ba58f3f43b Fix Google OIDC callback url 2016-11-21 10:25:16 -08:00
Eric Chiang
35f16b6639 Merge pull request #703 from ericchiang/readme-updates 
*: small README link additions
 2016-11-18 17:12:20 -08:00
Eric Chiang
baa9096b6e *: small README link additions 2016-11-18 17:07:10 -08:00
rithu leena john
8bf70ace74 Merge pull request #701 from ericchiang/ldap-escape-filter 
connector/ldap: use gopkg.in/ldap.v2's escape filter
 2016-11-18 15:28:11 -08:00
Eric Chiang
ae4c32bc3b connector/ldap: use gopkg.in/ldap.v2's escape filter 
Use the escape filter method provided by the upstream LDAP package
instead of rolling our own.
 2016-11-18 15:16:40 -08:00
rithu leena john
d862561150 Merge pull request #700 from ericchiang/fix-expiry-test-flake 
server: fix expiry test flake
 2016-11-18 14:39:46 -08:00
Eric Chiang
a7db295714 Merge pull request #698 from Calpicow/groupsearch_by_dn 
Allow getAttr to return DN
 2016-11-18 13:55:18 -08:00
Phu Kieu
d4aba443ac Allow getAttr to return DN 
Specify "DN" as attribute name to return, but will only work if not present in ldap.Entry.Attributes
Use when full DN is stored in groupSearch's userAttr
 2016-11-18 13:51:47 -08:00
Eric Chiang
5c602d36d9 server: fix expiry test flake 
Ensure compared times are within a second of one another instead of
rounding, which can flake if the two times are different enough to
do round to different values.

Tested using the golang.org/x/tools/cmd/stress tool.

The following set of commands fail without this patch:

    $ go get golang.org/x/tools/cmd/stress
    $ go test -o server.test github.com/coreos/dex/server
    $ stress ./server.test -test.run=TestOAuth2CodeFlow
    219 runs so far, 0 failures
    425 runs so far, 0 failures
    618 runs so far, 0 failures
    802 runs so far, 0 failures
    ^C

Closes #699
 2016-11-18 13:47:16 -08:00
Eric Chiang
f45a1a9375 Merge pull request #697 from Calpicow/enable_groups 
Enable groups scope
 2016-11-18 13:32:01 -08:00
Phu Kieu
35180a72f1 Enable groups scope 2016-11-18 13:13:32 -08:00
rithu leena john
04360fa354 Merge pull request #695 from rithujohn191/add-list-password 
api: add call to list passwords
 2016-11-17 17:23:32 -08:00
rithu john
ee9738d663 api: adding a gRPC call for listing passwords. 2016-11-17 16:56:54 -08:00
Eric Chiang
e6b54250db Merge pull request #684 from ericchiang/examples-k8s-fixup 
examples/k8s: update kubernetes examples
 2016-11-17 15:28:00 -08:00
Eric Chiang
3ecfaf700e examples/k8s: update kubernetes examples 2016-11-17 14:10:55 -08:00
Eric Chiang
ff748a2f52 Merge pull request #694 from ericchiang/delete-todo 
*: remove TODO.md file
 2016-11-17 10:59:56 -08:00
Eric Chiang
2b20c4565f *: remove TODO.md file 
This existed for when we were developing v2 but v1 was using the
issue tracker. We've since moved these goals to the issue tracker.
 2016-11-17 10:53:11 -08:00
rithu john
19c22807a7 api: adding ListPasswords() method to the storage interface. 2016-11-16 17:25:38 -08:00
Eric Chiang
2e74b48492 Merge pull request #690 from rithujohn191/connector-docs 
Documentation: LDAP connector documentation.
 2016-11-16 16:11:44 -08:00
rithu john
8589650605 Documentation: LDAP connector documentation. 2016-11-16 15:29:17 -08:00
Eric Chiang
57178fd5f3 Merge pull request #685 from ericchiang/add-openssl-to-docker-container 
Dockerfile: add OpenSSL to Docker container
 2016-11-16 09:47:23 -08:00
Eric Chiang
13a1ebe053 Merge pull request #689 from cjyar/master 
connector/ldap: Always set tls.Config.ServerName, to support LDAP ser…
 2016-11-15 13:44:43 -08:00
Eric Chiang
91c88c8b12 Merge pull request #688 from SEJeff/patch-1 
Fix a tyop in the storage documentation
 2016-11-15 13:38:15 -08:00
Jeff Schroeder
da6cd9687d Documentation: fix a typo in the storage documentation 2016-11-15 15:14:11 -06:00
Chris Jones
384ac87deb connector/ldap: Always set tls.Config.ServerName, to support LDAP servers with public CA certs. 2016-11-15 14:06:39 -07:00
Eric Chiang
2ec3349f5d Merge pull request #686 from cjyar/master 
Require the connector to have an ID.
 2016-11-15 11:10:22 -08:00
Chris Jones
a2b78c28fc cmd/dex: validate that connectors have an ID. 2016-11-15 11:39:45 -07:00
Eric Chiang
ff119d1556 Dockerfile: add OpenSSL to Docker container 
Add OpenSSL to the dex Docker container so wget can be used to query
HTTPS endpoint. This is a requirement for health checking when dex is
doing its own TLS termination.

This increased the image size from 20.37 MB to 20.92 MB (+550 KB).

Additionally add Ed and Rithu as maintainers.
 2016-11-14 17:25:19 -08:00