k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
2,178 Commits 1 Branch 0 Tags
4bcdcf8e1ee07203b46ad771fca6491ef0d160ae
Commit Graph

305 Commits

Author SHA1 Message Date
poh chiat
d87cf1c924 create github oauthconfig with redirecturl (#1700) 2020-05-12 13:23:00 +02:00
Martijn
0a85a97ba9 Allow preferred_username claim to be set for Crowd connector (#1684) 
* Add atlassiancrowd connector to list in readme

* Add TestIdentityFromCrowdUser

* Set preferred_username claim when configured

* Add preferredUsernameField option to docs

* Log warning when mapping invalid crowd field
 2020-04-23 20:14:15 +02:00
Ken Perkins
f6476b62f2 Added Email of Keystone to Identity (#1681) 
* Added Email of Keystone to Identity

After the successful login to keystone, the Email of the logged in user
is fetch from keystone and provided to `identity.Email`.

This is useful for upstream software that uses the Email as the primary
identification.

* Removed unnecessary code from getUsers

* Changed creation of userResponse in keystone

* Fixing linter error

Co-authored-by: Christoph Glaubitz <christoph.glaubitz@innovo-cloud.de>
 2020-04-06 15:40:17 +02:00
Joel Speed
30ea963bb6 Merge pull request #1656 from taxibeat/oidc-prompt-type 
Make prompt configurable for oidc offline_access
 2020-02-28 10:56:13 +00:00
Nándor István Krácser
b7cf701032 Merge pull request #1515 from flant/atlassian-crowd-connector 
new connector for Atlassian Crowd
 2020-02-24 10:09:27 +01:00
Andrew Block
76bb453ff3 Setting email for OpenShift connector 2020-02-21 16:53:46 +01:00
Chris Loukas
d33a76fa19 Make prompt configurable for oidc offline_access 2020-02-19 16:10:28 +02:00
Ivan Mikheykin
7ef1179e75 feat: connector for Atlassian Crowd 2020-02-05 12:40:49 +04:00
Joel Speed
30cd592801 Merge pull request #1612 from vi7/multiple-user-to-group-mapping 
connector/ldap: add multiple user to group mapping
 2020-02-02 11:09:05 +00:00
Nándor István Krácser
aca67b0839 Merge pull request #1627 from jfrabaute/master 
google: Retrieve all the groups for a user
 2020-01-20 08:30:17 +01:00
linzhaoming
1d3851b0c5 Update gitlab.go 
fix typo
 2020-01-16 11:26:57 +08:00
Fabrice Rabaute
b85d7849ad google: Retrieve all the groups for a user 
The list of groups is paginated (default page is 200), so when a user
has more than 200 groups, only the first 200 are retrieve.

This change is retrieving all the groups for a user by querying all the
pages.
 2020-01-14 13:26:37 -08:00
Vitaliy Dmitriev
e20a795a2a connector/ldap: backward compatibility with single user to group mapping 
Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
 2020-01-14 11:00:32 +01:00
Carl Henrik Lunde
6104295d5e microsoft: Add basic tests 
Implemented similar to connector/github/github_test.go
 2020-01-13 08:51:22 +01:00
Carl Henrik Lunde
5db29eb087 microsoft: Make interface testable 
Enable testing by allowing overriding the API host name in tests
 2020-01-13 08:15:07 +01:00
Nándor István Krácser
3cbba11012 Merge pull request #1610 from flant/oidc-email-scope-check 
Adding oidc email scope check
 2020-01-06 10:20:46 +01:00
Vitaliy Dmitriev
f2e7823db9 connector/ldap: add multiple user to group mapping 
Add an ability to fetch user's membership from
  groups of a different type by specifying multiple
  group attribute to user attribute value matchers
  in the Dex config:

    userMatchers:
    - userAttr: uid
      groupAttr: memberUid
    - userAttr: DN
      groupAttr: member

  In other words the user's groups can be fetched now from
  ldap structure similar to the following:

    dn: cn=john,ou=People,dc=example,dc=org
    objectClass: person
    objectClass: inetOrgPerson
    sn: doe
    cn: john
    uid: johndoe
    mail: johndoe@example.com
    userpassword: bar

    dn: cn=qa,ou=Groups,ou=Portland,dc=example,dc=org
    objectClass: groupOfNames
    cn: qa
    member: cn=john,ou=People,dc=example,dc=org

    dn: cn=logger,ou=UnixGroups,ou=Portland,dc=example,dc=org
    objectClass: posixGroup
    gidNumber: 1000
    cn: logger
    memberUid: johndoe

Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
 2020-01-03 10:40:21 +01:00
m.nabokikh
383c2fe8b6 Adding oidc email scope check 
This helps to avoid "no email claim" error if email scope was not specified.

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2019-12-28 15:28:01 +04:00
Andrew Block
d31f6eabd4 Corrected logic in group verification 2019-12-26 20:32:12 -06:00
Andrew Block
296659cb50 Reduced OpenShift scopes and enhanced documentation 2019-12-26 03:14:20 -06:00
Andrew Block
075ab0938e Fixed formatting 2019-12-22 02:53:10 -05:00
Andrew Block
7e89d8ca24 Resolved newline issues 2019-12-22 02:27:11 -05:00
Andrew Block
02c8f85e4d Resolved newline issues 2019-12-22 02:27:11 -05:00
Andrew Block
db7711d72a Test cleanup 2019-12-22 02:27:10 -05:00
Andrew Block
5881a2cfca Test cleanup 2019-12-22 02:27:10 -05:00
Andrew Block
48954ca716 Corrected test formatting 2019-12-22 02:27:09 -05:00
Andrew Block
92e63771ac Added OpenShift connector 2019-12-22 02:27:09 -05:00
Nándor István Krácser
a901e2f204 Merge pull request #1604 from dexidp/fix-linters 
Fix linters
 2019-12-20 07:10:22 +01:00
Lars Lehtonen
8e0ae82034 connector/oidc: replace deprecated oauth2.RegisterBrokenAuthHeaderProvider with oauth2.Endpoint.AuthStyle 2019-12-18 08:27:40 -08:00
Mark Sagi-Kazar
65c77e9db2 Fix bodyclose 2019-12-18 16:04:03 +01:00
Mark Sagi-Kazar
2f8d1f8e42 Fix unconvert 2019-12-18 15:56:46 +01:00
Mark Sagi-Kazar
f141f2133b Fix whitespace 2019-12-18 15:56:12 +01:00
Mark Sagi-Kazar
9bd5ae5197 Fix goimports 2019-12-18 15:53:34 +01:00
Mark Sagi-Kazar
367b187cf4 Fix missspell 2019-12-18 15:51:44 +01:00
Mark Sagi-Kazar
142c96c210 Fix stylecheck 2019-12-18 15:50:36 +01:00
Mark Sagi-Kazar
8c3dc0ca66 Remove unused code (fixed: unused, structcheck, deadcode linters) 2019-12-18 15:46:49 +01:00
Mark Sagi-Kazar
d2095bb2d8 Rewrite LDAP tests to use Docker 2019-12-08 20:21:28 +01:00
Nandor Kracser
a38e215891 connector/google: support group whitelisting 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-12-03 16:27:07 +01:00
Nándor István Krácser
c41035732f Merge pull request #1434 from jacksontj/groups 
Add option to enable groups for oidc connectors
 2019-11-27 14:00:36 +01:00
Joel Speed
658a2cc477 Make directory service during init 2019-11-19 17:12:44 +00:00
Joel Speed
554870cea0 Add todo for configurable groups key 2019-11-19 17:12:43 +00:00
Joel Speed
6a9bc889b5 Update comments 2019-11-19 17:12:40 +00:00
Joel Speed
c03c98b951 Check config before getting groups 2019-11-19 17:12:39 +00:00
Joel Speed
3f55e2da72 Get groups from directory api 2019-11-19 17:12:38 +00:00
Joel Speed
36370f8f2a No need to configure issuer 2019-11-19 17:12:37 +00:00
Joel Speed
97ffa21262 Create separate Google connector 2019-11-19 17:12:36 +00:00
Joel Speed
3156553843 OIDC: Rename refreshToken to RefreshToken 2019-11-19 15:43:25 +00:00
Joel Speed
77fcf9ad77 Use a struct for connector data within OIDC connector 2019-11-19 15:43:22 +00:00
Joel Speed
f6077083c9 Identify error as failure to retrieve refresh token 2019-11-19 15:43:21 +00:00
Joel Speed
8b344fe4d3 Fix Refresh comment 2019-11-19 15:43:20 +00:00