k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
2,051 Commits 1 Branch 0 Tags
7c60f79f10fb298eba360ffb174528cf8804e7c2
Commit Graph

291 Commits

Author SHA1 Message Date
Maik Brauer
eb9ef3b0ec Added the possibility to acticate lowercase for UPN-Strings 
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
 2021-01-04 15:07:14 +01:00
Josh Soref
84e9cb6947 spelling: verified 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-12-19 22:53:29 -05:00
Josh Soref
97d3e8fa7f spelling: signature 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-12-19 22:53:29 -05:00
Josh Soref
801fd64a11 spelling: serviceaccount 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-12-19 22:53:29 -05:00
Josh Soref
791ad900cb spelling: reuse 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-12-19 22:53:29 -05:00
Josh Soref
d3d447fcf1 spelling: readable 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-12-19 22:53:26 -05:00
Josh Soref
a996c4ba54 spelling: guaranteeing 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-12-19 22:53:26 -05:00
Thierry Sallé
e164bb381e Apply suggestions from code review 
Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>
Signed-off-by: seuf <seuf76@gmail.com>
 2020-12-17 16:50:00 +01:00
seuf
a1c7198738 Rename config header to userHeader 
Signed-off-by: seuf <seuf76@gmail.com>
 2020-12-17 16:50:00 +01:00
seuf
f19bccfc92 Allow configuration of groups for authproxy 
Signed-off-by: seuf <seuf76@gmail.com>
 2020-12-17 16:50:00 +01:00
seuf
a12a919d3e Allow configuration of returned auth proxy header 
Signed-off-by: seuf <seuf76@gmail.com>
 2020-12-17 16:50:00 +01:00
Stephen Augustus
57640cc7a9 connector/saml: Validate XML roundtrip data before processing request 
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-12-08 07:26:48 -05:00
Mark Sagi-Kazar
349832b380 Run fixer 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2020-11-03 20:52:14 +01:00
m.nabokikh
a5ad5eaf08 fix: Minor style fixes after merging PKCE implementation 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-10-26 23:20:33 +04:00
m.nabokikh
1d83e4749d Add gocritic 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-10-18 01:54:27 +04:00
m.nabokikh
4d63e9cd68 fix: Bump golangci-lint version and fix some linter's problems 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-10-18 01:02:29 +04:00
m.nabokikh
ec66cedfcc feat: Add team groups support to bitbucket connector 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-10-04 20:50:59 +03:00
m.nabokikh
4b94469547 fix: Replace teams endpoint for bitbucket connector 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-10-03 20:30:23 +03:00
Márk Sági-Kazár
a64e7c2986 Merge pull request #1769 from batara666/master 
ldap.go: drop else on returned if block
 2020-09-16 17:47:52 +02:00
Rui Yang
058202d007 revert changes for user id and user name 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-09-08 13:12:59 -04:00
Rui Yang
0494993326 update oidc documentation and email claim err msg 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-09-08 10:03:57 -04:00
Rui Yang
41207ba265 Combine #1691 and #1776 to unify OIDC provider claim mapping 
add tests for groups key mapping

Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
Scott Lemmon
a783667c57 Add groupsClaimMapping to the OIDC connector 
The groupsClaimMapping setting allows one to specify which claim to pull
group information from the OIDC provider.  Previously it assumed group
information was always in the "groups" claim, but that isn't the case
for many OIDC providers (such as AWS Cognito using the "cognito:groups"
claim instead)

Signed-off-by: Scott Lemmon <slemmon@aurora.tech>
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
Cyrille Nofficial
61312e726e Add parameter configuration to override email claim key 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
Rui Yang
52c39fb130 check if upstream contains preferrend username claim first 
Signed-off-by: Rui Yang <ryang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
Rui Yang
4812079647 add tests when preferred username key is not set 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
Rui Yang
d9afb7e59c default to preferred_username claim 
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
Josh Winters
9a4e0fcd00 Make OIDC username key configurable 
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
 2020-08-11 16:26:55 -04:00
batara666
6499f5bfd3 ldap.go: drop else on returned if block 2020-07-27 22:27:55 +07:00
Nándor István Krácser
62efe7bf07 Merge pull request #1441 from jimmythedog/1440-fix-msoft-refresh-token 
dexidp#1440 Add offline_access scope, if required
 2020-07-08 16:13:26 +02:00
Joel Speed
9d7e472c63 Merge pull request #1720 from candlerb/fix-google 
Allow the "google" connector to work without a service account
 2020-06-19 17:10:23 +01:00
techknowlogick
0a9f56527e Add Gitea connector (#1715) 
* Add Gitea connector

* Add details to readme

* resolve lint issue
 2020-05-26 13:54:40 +02:00
Brian Candler
442d3de11d Allow the "google" connector to work without a service account 
Fixes #1718
 2020-05-22 09:24:26 +00:00
Márk Sági-Kazár
709d4169d6 Merge pull request #1694 from flant/fix-openshift-root-ca 
Fix OpenShift connector rootCA option
 2020-05-12 13:55:45 +02:00
m.nabokikh
521aa0802f Fix OpenShift connector rootCA option 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-05-12 15:31:27 +04:00
Stephan Renatus
4a0feaf589 connector/saml: add 'FilterGroups' setting 
This should make AllowedGroups equivalent to an LDAP group filter:

When set to true, only the groups from AllowedGroups will be included in the
user's identity.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2020-05-12 13:29:05 +02:00
poh chiat
d87cf1c924 create github oauthconfig with redirecturl (#1700) 2020-05-12 13:23:00 +02:00
Martijn
0a85a97ba9 Allow preferred_username claim to be set for Crowd connector (#1684) 
* Add atlassiancrowd connector to list in readme

* Add TestIdentityFromCrowdUser

* Set preferred_username claim when configured

* Add preferredUsernameField option to docs

* Log warning when mapping invalid crowd field
 2020-04-23 20:14:15 +02:00
Ken Perkins
f6476b62f2 Added Email of Keystone to Identity (#1681) 
* Added Email of Keystone to Identity

After the successful login to keystone, the Email of the logged in user
is fetch from keystone and provided to `identity.Email`.

This is useful for upstream software that uses the Email as the primary
identification.

* Removed unnecessary code from getUsers

* Changed creation of userResponse in keystone

* Fixing linter error

Co-authored-by: Christoph Glaubitz <christoph.glaubitz@innovo-cloud.de>
 2020-04-06 15:40:17 +02:00
Joel Speed
30ea963bb6 Merge pull request #1656 from taxibeat/oidc-prompt-type 
Make prompt configurable for oidc offline_access
 2020-02-28 10:56:13 +00:00
Nándor István Krácser
b7cf701032 Merge pull request #1515 from flant/atlassian-crowd-connector 
new connector for Atlassian Crowd
 2020-02-24 10:09:27 +01:00
Andrew Block
76bb453ff3 Setting email for OpenShift connector 2020-02-21 16:53:46 +01:00
Chris Loukas
d33a76fa19 Make prompt configurable for oidc offline_access 2020-02-19 16:10:28 +02:00
Ivan Mikheykin
7ef1179e75 feat: connector for Atlassian Crowd 2020-02-05 12:40:49 +04:00
Joel Speed
30cd592801 Merge pull request #1612 from vi7/multiple-user-to-group-mapping 
connector/ldap: add multiple user to group mapping
 2020-02-02 11:09:05 +00:00
Nándor István Krácser
aca67b0839 Merge pull request #1627 from jfrabaute/master 
google: Retrieve all the groups for a user
 2020-01-20 08:30:17 +01:00
linzhaoming
1d3851b0c5 Update gitlab.go 
fix typo
 2020-01-16 11:26:57 +08:00
Fabrice Rabaute
b85d7849ad google: Retrieve all the groups for a user 
The list of groups is paginated (default page is 200), so when a user
has more than 200 groups, only the first 200 are retrieve.

This change is retrieving all the groups for a user by querying all the
pages.
 2020-01-14 13:26:37 -08:00
Vitaliy Dmitriev
e20a795a2a connector/ldap: backward compatibility with single user to group mapping 
Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
 2020-01-14 11:00:32 +01:00
Carl Henrik Lunde
6104295d5e microsoft: Add basic tests 
Implemented similar to connector/github/github_test.go
 2020-01-13 08:51:22 +01:00