Márk Sági-Kazár
5807011b6a
Merge pull request #1805 from dexidp/fix-dockerhub-typo
...
fix: typo in environment variables introduced in #1781
2020-09-28 00:22:17 +02:00
Mark Sagi-Kazar
8a1a1b8b5d
fix: typo in environment variables introduced in #1781
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-09-27 23:56:02 +02:00
MIℂHΛΞL FѲRИΛRѲ
549b67bccd
Adding architecture support for arm/arm64/amd64 docker images ( #1781 )
...
add multi-arch image support for armv7/arm64/amd64 architectures
2020-09-27 23:47:39 +02:00
Johan Tordsson
c64ff34d11
Add Elastisys to Adopters ( #1803 )
...
Added description Elastisys use of Dex in Compliant Kubernetes.
2020-09-18 16:40:59 +02:00
Márk Sági-Kazár
458059cc89
Merge pull request #1708 from tkleczek/fix-overwriting-connector-in-authreq
...
abort connector login if connector was already set #1707
2020-09-16 17:49:04 +02:00
Márk Sági-Kazár
a64e7c2986
Merge pull request #1769 from batara666/master
...
ldap.go: drop else on returned if block
2020-09-16 17:47:52 +02:00
Márk Sági-Kazár
e837475ca6
Merge pull request #1795 from lzeng27/master
...
update documentation
2020-09-09 17:47:18 +02:00
Linda Zeng
6745af7747
updated docs
...
Signed-off-by: Linda Zeng <linda.zeng@blackrock.com>
2020-09-09 11:01:14 -04:00
Márk Sági-Kazár
d4a67e43fa
Merge pull request #1794 from dexidp/fix-example-app
...
Fix building the example app
2020-09-09 14:00:27 +02:00
Mark Sagi-Kazar
63098fe9fe
Fix building the example app
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-09-09 13:50:19 +02:00
Márk Sági-Kazár
ca0a9e821e
Merge pull request #1634 from concourse/pr/oidc-username-key-sync
...
Support username, email and groups claim in OIDC connector
2020-09-08 19:19:44 +02:00
Rui Yang
058202d007
revert changes for user id and user name
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-09-08 13:12:59 -04:00
Rui Yang
0494993326
update oidc documentation and email claim err msg
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-09-08 10:03:57 -04:00
Márk Sági-Kazár
07dddc7b0e
Merge pull request #1791 from onkarbhat/adopters_kasten
...
Add Kasten as an adopter of Dex.
2020-09-08 09:18:05 +02:00
Onkar Bhat
c489a074c1
Add Kasten as an adopter of Dex.
2020-09-07 16:39:21 -07:00
Tomasz Kleczek
b1311baa3c
abort connector login if connector was already set #1707
...
Signed-off-by: Tomasz Kleczek <tomasz.kleczek@gmail.com>
2020-08-29 17:19:14 +02:00
Joel Speed
336c73c0a2
Merge pull request #1706 from justin-slowik/device_flow
...
Implementing the OAuth2 Device Authorization Grant
2020-08-28 11:35:46 +01:00
Joel Speed
a24f73c19f
Merge pull request #1780 from tom-haines/master
...
Minor documentation tweaks re storage.md
2020-08-14 11:04:53 +01:00
Thomas Haines
d39b77bda3
Minor documentation tweaks re storage.md
...
Signed-off-by: Thomas Haines <thomas.haines@gmail.com>
2020-08-14 16:51:00 +08:00
Rui Yang
41207ba265
Combine #1691 and #1776 to unify OIDC provider claim mapping
...
add tests for groups key mapping
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Scott Lemmon
a783667c57
Add groupsClaimMapping to the OIDC connector
...
The groupsClaimMapping setting allows one to specify which claim to pull
group information from the OIDC provider. Previously it assumed group
information was always in the "groups" claim, but that isn't the case
for many OIDC providers (such as AWS Cognito using the "cognito:groups"
claim instead)
Signed-off-by: Scott Lemmon <slemmon@aurora.tech>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Cyrille Nofficial
61312e726e
Add parameter configuration to override email claim key
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
52c39fb130
check if upstream contains preferrend username claim first
...
Signed-off-by: Rui Yang <ryang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
4812079647
add tests when preferred username key is not set
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
d9afb7e59c
default to preferred_username claim
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Josh Winters
9a4e0fcd00
Make OIDC username key configurable
...
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Bernd Eckstein
f6cd778b60
Add c_hash to id_token, issued on /auth endpoint, when in hybrid flow
...
* fixed name collision (renamed hash->hashFunc)
Signed-off-by: Bernd Eckstein <Bernd.Eckstein@faro.com>
2020-07-31 12:06:19 +02:00
batara666
6499f5bfd3
ldap.go: drop else on returned if block
2020-07-27 22:27:55 +07:00
Márk Sági-Kazár
19cd9cc65c
Merge pull request #1768 from Bryji/bsolan/add-aspect-adopter
...
Add Aspect as adopter
2020-07-23 19:46:16 +02:00
Solan, Bryan
89c6ebafa2
Add Aspect as adopter
2020-07-23 12:36:15 -05:00
Márk Sági-Kazár
ff1ed7afaa
Merge pull request #1767 from dexidp/update-api
...
Update API package
2020-07-23 10:44:13 +02:00
Mark Sagi-Kazar
2fa5e33ae0
Update API package
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-07-23 10:25:52 +02:00
justin-slowik
9a7926c19b
Cleaned up Device Flow test log levels
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
Remove extraneous "=" from conformance.go
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Additional test for TestHandleDeviceCode
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-21 16:01:08 -04:00
Márk Sági-Kazár
a8cedc8bc3
Merge pull request #1764 from dexidp/examples
...
Move the example app to the examples folder
2020-07-16 09:54:43 +02:00
Mark Sagi-Kazar
6dadc26ca2
Move the example app to th examples folder
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-07-16 09:48:35 +02:00
Márk Sági-Kazár
cb46a28c3c
Merge pull request #1762 from heidemn-faro/doc/ldap-example
...
[doc/example] Make LDAP example functional again by running OpenLDAP with docker-compose
2020-07-15 15:51:17 +02:00
Martin Heide
521954a3b9
Improve formatting
...
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-15 09:49:41 +00:00
Martin Heide
705cf8bb6a
Rework to use docker-compose
...
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-15 09:49:23 +00:00
justin-slowik
334ecf0482
Fixes based on PR comments.
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-14 10:13:37 -04:00
Martin Heide
b4d22bf1b2
Improve script logging
...
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-13 15:55:23 +00:00
Martin Heide
ce337661b9
Add missing slapd.sh script from LDAP docs, and convert it to using Docker
...
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-13 15:55:23 +00:00
justin-slowik
1ea2892b79
fix merge error in config.go
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:31:44 -04:00
justin-slowik
1404477326
Updates based on dexidp pr
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:06 -04:00
justin-slowik
f91f294385
gofmt
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:06 -04:00
justin-slowik
9882ea453f
better support for /device/callback redirect uris with public clients.
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:06 -04:00
justin-slowik
f6d8427f32
Added device flow static client to config-dev.yaml
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Justin Slowik
9c699b1028
Server integration test for Device Flow ( #3 )
...
Extracted test cases from OAuth2Code flow tests to reuse in device flow
deviceHandler unit tests to test specific device endpoints
Include client secret as an optional parameter for standards compliance
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Justin Slowik
9bbdc721d5
Device flow token code exchange ( #2 )
...
* Added /device/token handler with associated business logic and storage tests.
Perform user code exchange, flag the device code as complete.
Moved device handler code into its own file for cleanliness. Cleanup
* Removed PKCE code
* Rate limiting for /device/token endpoint based on ietf standards
* Configurable Device expiry
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Justin Slowik
0d1a0e4129
Device token api endpoint ( #1 )
...
* Added /device/token handler with associated business logic and storage tests.
* Use crypto rand for user code
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Justin Slowik
6d343e059b
Generates/Stores the device request and returns the device and user codes.
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00