Commit Graph

31 Commits

Author SHA1 Message Date
Eric Stroczynski
4a88d0641a : update {S->s}irupsen/logrus 2017-07-25 13:46:44 -07:00
rithu john
8c9c2518f5 server: account for dynamically changing connector object in storage. 2017-04-25 09:19:02 -07:00
Eric Chiang
33f0199077 *: fix spelling using github.com/client9/misspell 2017-03-20 09:16:56 -07:00
Eric Chiang
777eeafabc *: update go-oidc and use standard library's context package 2017-03-08 10:33:19 -08:00
rithu john
d928ac0677 storage: Add OfflineSession object to backend storage. 2017-02-09 19:01:28 -08:00
Eric Chiang
80038847de server: clean up test comments and code flow 2017-02-07 10:31:51 -08:00
Eric Chiang
1eda382789 server: add at_hash claim support
The "at_hash" claim, which provides hash verification for the
"access_token," is a required claim for implicit and hybrid flow
requests. Previously we did not include it (against spec). This
PR implements the "at_hash" logic and adds the claim to all
responses.

As a cleanup, it also moves some JOSE signing logic out of the
storage package and into the server package.

For details see:

https://openid.net/specs/openid-connect-core-1_0.html#ImplicitIDToken
2017-01-13 10:05:24 -08:00
Eric Chiang
f778b2d33b server: update refresh tokens instead of deleting and creating another
The server implements a strategy called "Refresh Token Rotation" to
ensure refresh tokens can only be claimed once.

ref: https://tools.ietf.org/html/rfc6819#section-5.2.2.3

Previously "refresh_token" values in token responses where just the
ID of the internal refresh object. To implement rotation, when a
client redeemed a refresh token, the object would be deleted, a new
one created, and the new ID returned as the new "refresh_token".

However, this means there was no consistent ID for refresh tokens
internally, making things like foreign keys very hard to implement.
This is problematic for revocation features like showing all the
refresh tokens a user or client has out.

This PR updates the "refresh_token" to be an encoded protobuf
message, which holds the internal ID and a nonce. When a refresh
token is used, the nonce is updated to prevent reuse, but the ID
remains the same. Additionally it adds the timestamp of each
token's last use.
2017-01-11 12:07:48 -08:00
Eric Chiang
f926d74157 server: fixes for the implicit and hybrid flow
Accept the following response_type for the implicit flow:

    id_token
    token id_token

And the following for hybrid flow

    code id_token
    code token
    code token id_token

This corrects the previous behavior of the implicit flow, which
only accepted "token" (now correctly rejected).
2017-01-10 16:20:17 -08:00
rithu john
9949a1313c server: modify error messages to use logrus. 2016-12-13 11:52:44 -08:00
rithu john
2e22a948cf cmd/dex: add logging config and serve logger for different modules. 2016-12-12 15:56:50 -08:00
Eric Chiang
391dc51c13 *: add theme based frontend configuration
This PR reworks the web layout so static files can be provided and
a "themes" directory to allow a certain degree of control over logos,
styles, etc.

This PR does NOT add general support for frontend customization,
only enough to allow us to start exploring theming internally.
The dex binary also must now be run from the root directory since
templates are no longer "compiled into" the binary.

The docker image has been updated with frontend assets.
2016-11-30 17:20:21 -08:00
Eric Chiang
522749b5d8 *: switch oidc client to github.com/coreos/go-oidc
This saves us from having to import two different versions of
square/go-jose.
2016-11-22 13:29:17 -08:00
Eric Chiang
55e97d90a6 *: add tests for the RefreshConnector 2016-11-22 12:53:46 -08:00
Eric Chiang
952e0f81f5 connector: add RefreshConnector interface 2016-11-22 12:53:46 -08:00
Eric Chiang
5c602d36d9 server: fix expiry test flake
Ensure compared times are within a second of one another instead of
rounding, which can flake if the two times are different enough to
do round to different values.

Tested using the golang.org/x/tools/cmd/stress tool.

The following set of commands fail without this patch:

    $ go get golang.org/x/tools/cmd/stress
    $ go test -o server.test github.com/coreos/dex/server
    $ stress ./server.test -test.run=TestOAuth2CodeFlow
    219 runs so far, 0 failures
    425 runs so far, 0 failures
    618 runs so far, 0 failures
    802 runs so far, 0 failures
    ^C

Closes #699
2016-11-18 13:47:16 -08:00
Eric Chiang
12a5c0ada3 server: use seconds instead of nano seconds for expires_in and expiry 2016-11-04 17:00:10 -07:00
Eric Chiang
57a59d4631 *: don't error out if a username doesn't exist in the backing connector
Instead of throwing a 500 error if a user enters an invalid name,
display the same text box as if the user had entered the wrong
password.

NOTE: An invalid username now returns much quicker than an invalid
password. Consider adding an arbitrary sleep in the future if we
care about masking which was invalid.
2016-11-01 14:10:55 -07:00
Eric Chiang
96440e4cc5 *: fix linting 2016-10-13 18:15:20 -07:00
Eric Chiang
5bec61d73f Merge pull request #602 from ericchiang/dev-add-garbage-collect-method-to-storage
dev branch: add garbage collect method to storage
2016-10-12 22:08:53 -07:00
Eric Chiang
4296604f11 {cmd,server}: move garbage collection logic to server 2016-10-12 21:50:20 -07:00
Eric Chiang
2834da443f server: allow extra spaces in scopes
go-oidc sends an extra space before the list of scopes. This is bad
but we have to support it, so we'll be more lenient and ignore
duplicated whitespace.
2016-10-12 15:37:12 -07:00
Eric Chiang
ac6e419d48 server: add tests for refreshing with explicit scopes 2016-10-10 11:02:27 -07:00
Eric Chiang
6dbb5c4de6 server: fix cross client scope prefix 2016-10-07 11:40:41 -07:00
Eric Chiang
cdf0b91690 server: add an option to enable emails and passwords from the database 2016-10-05 17:26:41 -07:00
Eric Chiang
608d8ba984 *: switch dex to the ported templates 2016-09-05 17:25:39 -07:00
Eric Chiang
02dd18483d server: add integration test for the implicit flow 2016-08-24 11:21:39 -07:00
Eric Chiang
4fe7260bb3 server: run server tests at a non-root URL
As we've seen on master it's very easy mistakenly make changes that
assume root URL paths. Run server integration tests at a non-root
issuer URL to prevent this.
2016-08-19 16:00:19 -07:00
Eric Chiang
bfe560ee21 rename 2016-08-10 22:31:42 -07:00
Eric Chiang
4cbe9bbc82 server: cache signing keys 2016-08-10 20:51:58 -07:00
Eric Chiang
cab271f304 initial commit 2016-07-26 15:51:24 -07:00