Commit Graph

1024 Commits

Author SHA1 Message Date
Thomas Jackson
52d09a2dfa Add option in oidc to hit the optional userinfo endpoint
Some oauth providers return "thin tokens" which won't include all of the
claims requested. This simply adds an option which will make the oidc
connector use the userinfo endpoint to fetch all the claims.
2019-05-23 09:20:48 -07:00
Eric Chiang
cd3c6983da
Merge pull request #1429 from tsuna/master
server: add metrics for CORS handlers.
2019-05-12 10:40:23 -07:00
Eric Chiang
35f51957c0
Merge pull request #1430 from mkontani/fix/typo
fix typo
2019-05-12 10:39:18 -07:00
Eric Chiang
06ec381082
Merge pull request #1432 from alindeman/warnf
Round out logging interface with functions for all levels
2019-05-12 10:38:55 -07:00
Eric Chiang
0babb2df18
Merge pull request #1435 from bonifaido/bitbucket-docs
docs: update bitbucket permission requirements
2019-05-12 10:33:01 -07:00
Stephan Renatus
429bb9303f
Merge pull request #1443 from deric/err
Print appropriate error
2019-05-12 07:58:12 +02:00
Stephan Renatus
d8f9634afc
Merge pull request #1436 from bonifaido/gitlab-groups
gitlab: support for group whitelist, add tests
2019-05-08 09:57:51 +02:00
Tomas Barton
55cebd58a8
print appropriate error 2019-05-03 14:19:54 +02:00
Nandor Kracser
7b416b5a8e gitlab: add tests 2019-05-02 08:06:56 +02:00
Nandor Kracser
a08a5811d4 gitlab: support for group whitelist 2019-04-25 12:50:29 +02:00
Nandor Kracser
b1931fc9bd docs: update bitbucket permission requirements 2019-04-25 10:45:00 +02:00
Andy Lindeman
34c7cfaf82
Round out logging interface with functions for all levels 2019-04-24 09:35:35 -04:00
mkontani
6ae76662de
fix ssoURL 2019-04-20 21:12:01 +09:00
Benoit Sigoure
d6ad67a6de server: add metrics for CORS handlers. 2019-04-19 14:32:52 -07:00
Eric Chiang
60f47c4228
Merge pull request #1427 from yann-soubeyrand/static-client-log-name
cmd/dex/serve.go: log static client name instead of ID
2019-04-18 15:21:23 -07:00
Yann Soubeyrand
c5f2871ab5 cmd/dex/serve.go: log static client name instead of ID
Signed-off-by: Yann Soubeyrand <yann.soubeyrand@gmx.fr>
2019-04-18 13:56:11 +02:00
Eric Chiang
29d8428387
Merge pull request #1426 from justaugustus/image
Update Docker build/image
2019-04-16 14:47:08 -07:00
Stephen Augustus
56f02b95c6 Update Docker build/image
- Update build container to golang:1.12.4-alpine
- Update dex image to alpine:3.9
- Run dex as non-root user

Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2019-04-16 17:00:05 -04:00
Eric Chiang
f6741d1837
Merge pull request #1417 from gezb/feature/odic_add_email_verfied_override
Add option to OIDC connecter to override email_verified to true
2019-03-05 14:49:02 -08:00
Gerald Barker
fc723af0fe Add option to OIDC connecter to override email_verified to true 2019-03-05 21:24:02 +00:00
Eric Chiang
83a0326b88
Merge pull request #1412 from okamototk/typo
Fix typo.
2019-02-23 08:51:07 -08:00
Takashi Okamoto
ac290f77aa Fix typo. 2019-02-23 16:34:10 +00:00
Eric Chiang
c113df2730
Merge pull request #1408 from sagikazarmark/logger-interface
Add logger interface and stop relying on Logrus directly
2019-02-22 12:51:31 -08:00
Mark Sagi-Kazar
d877fca092
Fix coding style 2019-02-22 21:43:55 +01:00
Mark Sagi-Kazar
06521ffa49
Remove the logrus logger wrapper 2019-02-22 21:31:46 +01:00
Mark Sagi-Kazar
aec2edb441
Match the interface to logrus implementation 2019-02-22 21:27:54 +01:00
Mark Sagi-Kazar
d1c8f8d095
Remove structured logging from the logger interface 2019-02-22 21:26:30 +01:00
Eric Chiang
e913a252cd
Merge pull request #1410 from sagikazarmark/fix-typo
Fix typo
2019-02-22 12:02:27 -08:00
Mark Sagi-Kazar
c48cb36e8f
Fix typo 2019-02-22 20:54:19 +01:00
Eric Chiang
8b4a9bf5ee
Merge pull request #1409 from bonifaido/production-users-banzaicloud
production users: add Banzai Cloud
2019-02-22 11:05:02 -08:00
Nandor Kracser
6c71b330a8 production users: add Banzai Cloud 2019-02-22 16:40:34 +01:00
Mark Sagi-Kazar
be581fa7ff
Add logger interface and stop relying on Logrus directly 2019-02-22 13:38:57 +01:00
Stephan Renatus
ca66289077
Merge pull request #1402 from lstoll/lstoll-mod-fix
Update modules for go 1.11.4+
2019-02-11 09:40:22 +01:00
Lincoln Stoll
b96b02e506
Update modules for go 1.11.4+
Go 1.11.3 changed how checksums are created in some cases, which caused
failures building via modules. (ref golang/go#29278)

Update the checksums for the failing modules.

To catch this is the future, a modules build was added to the build matrix. I
also noted that we were pinning the `.0` patchlevel of each go version which
wouldn't have picked this up, updated it to build with the latest patch
release.
2019-02-09 14:59:30 +02:00
Stephan Renatus
7bd4071b4c
Merge pull request #1396 from jtnord/useLoginId-dexidp
Use github login as the id
2019-02-05 13:54:49 +01:00
Stephan Renatus
815311fa19
Merge pull request #1397 from ericchiang/health-check-endpoint
server: update health check endpoint to query storage periodically
2019-02-04 21:38:58 +01:00
Eric Chiang
8935a1479c server: update health check endpoint to query storage periodically
Instead of querying the storage every time a health check is performed
query it periodically and save the result.
2019-02-04 19:02:41 +00:00
James Nord
fe247b106b remove blank line that tripped up make verify-proto 2019-02-04 14:06:06 +00:00
James Nord
9840fccdbb rename useLoginAsId -> useLoginAsID 2019-02-04 14:05:57 +00:00
Stephan Renatus
be171a2a53
Merge pull request #1395 from hainesc/master
Display access token in example app
2019-02-04 14:24:01 +01:00
Joel Speed
8f113548a5
Merge pull request #1249 from srenatus/sr/add-ldap-filter-test
ldap_test: add filter tests
2019-02-03 15:58:54 +00:00
Stephan Renatus
b6f4740a15
Merge pull request #1390 from okamototk/activedirectory
Add Active Directory and kubelogin integration sample.
2019-02-03 11:09:33 +01:00
Stephan Renatus
df18cb0c22
ldap_test: add filter tests
The filters for user and group searches hadn't been included in our LDAP
tests. Now they are.

The concrete test cases are somewhat contrived, but that shouldn't
matter too much. Also note that the example queries I've used are not
supported in AD: https://stackoverflow.com/a/10043452

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-02-03 11:06:11 +01:00
James Nord
5822a5ce9e fix formatting of connector/github/github_test.go 2019-02-01 11:47:45 +00:00
James Nord
1911b52c6b Add documentation for the new GitHub useLoginAsId option 2019-02-01 11:37:40 +00:00
James Nord
03ffd0798c Allow an option to use the github user handle rather than an id.
For downstream apps using a github handle is much simpler than working
with numbers.

WHilst the number is stable and the handle is not - GitHUb does give you
a big scary wanring if you try and change it that bad things may happen
to you, and generally few users ever change it.

This can be enabled with a configuration option `useLoginAsId`
2019-02-01 11:37:40 +00:00
Haines Chan
18b6b34b67 Display access token in example app 2019-02-01 15:39:35 +08:00
Stephan Renatus
b5826e66f0
Merge pull request #1394 from srenatus/sr/docs/maintainers
update MAINTAINERS, mirror guidelines into dev doc
2019-01-31 17:25:27 +01:00
Stephan Renatus
81f155882a
Merge pull request #1392 from stevendanna/tls-configuration
Bump minimum TLS protocol to TLSv1.2
2019-01-29 12:48:57 +01:00
Steven Danna
59f8b02d47
Set minimum TLS protocol version to TLSv1.2, set PreferServerCipherSuites
Some environments are subject to strict rules about the permitted TLS
protocol verion and available ciphers. Setting TLSv1.2 as the minimum
version ensures we do not use weaker protocols. We've opted against
making this configurable given the age of TLSv1.2 and the increasing
push to deprecate TLSv1.1 and older.

The PreferServerCipherSuites setting is also commonly flagged by SSL
quality scanning tools. Since Go provides a relatively modern set of
default ciphers by default, defaulting this to true is unlikely to
make much practical difference.

Signed-off-by: Steven Danna <steve@chef.io>
2019-01-29 11:18:55 +00:00