Nandor Kracser
c1b421fa04
add preffered_username to idToken
...
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
2019-10-30 13:06:37 +01:00
Stephan Renatus
d9487e553b
*: fix some lint issues
...
Mostly gathered these using golangci-lint's deadcode and ineffassign
linters.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-30 11:29:08 +02:00
Nandor Kracser
ff34e570b4
connector/gitlab: implement useLoginAsID as in GitHub connector
2019-07-28 19:49:49 +02:00
Stephan Renatus
51f50fcad8
connectors: refactor filter code into a helper package
...
I hope I didn't miss any :D
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-03 13:09:40 +02:00
Mark Sagi-Kazar
be581fa7ff
Add logger interface and stop relying on Logrus directly
2019-02-22 13:38:57 +01:00
James Nord
fe247b106b
remove blank line that tripped up make verify-proto
2019-02-04 14:06:06 +00:00
James Nord
9840fccdbb
rename useLoginAsId -> useLoginAsID
2019-02-04 14:05:57 +00:00
James Nord
03ffd0798c
Allow an option to use the github user handle rather than an id.
...
For downstream apps using a github handle is much simpler than working
with numbers.
WHilst the number is stable and the handle is not - GitHUb does give you
a big scary wanring if you try and change it that bad things may happen
to you, and generally few users ever change it.
This can be enabled with a configuration option `useLoginAsId`
2019-02-01 11:37:40 +00:00
Josh Winters
bb11a1ebee
github: add 'both' team name field option
...
this will result in both the team name *and* the team slug being
returned for each team, allowing a bit more flexibility in auth
validation.
Signed-off-by: Topher Bullock <tbullock@pivotal.io>
Signed-off-by: Alex Suraci <suraci.alex@gmail.com>
2018-11-20 10:12:44 -05:00
Alexander Matyushentsev
7bd084bc07
Issue #1102 - Add config to explicitly enable loading all github groups
2018-11-19 10:14:38 -08:00
Alexander Matyushentsev
20bc6cd353
Full list of groups should include group names as well as group_name:team_name
2018-11-15 14:12:50 -08:00
Alexander Matyushentsev
ce3cd53a11
Bug fix: take into account 'teamNameField' settings while fetching all user groups
2018-11-15 09:23:57 -08:00
Alexander Matyushentsev
e876353128
Rename variables to stop shadowing package name
2018-11-15 09:00:37 -08:00
Alexander Matyushentsev
a9f71e378f
Update getPagination method comment
2018-11-15 08:57:31 -08:00
Alexander Matyushentsev
e10b8232d1
Apply reviewer notes: style changes, make sure unit test verifies pagination
2018-11-15 08:12:28 -08:00
Alexander Matyushentsev
51d9b3d3ca
Issue #1184 - Github connector now returns a full group list when no org is specified
2018-11-14 15:31:31 -08:00
Taras Burko
bf39130bab
Configurable team name field for GitHub connector
2018-09-14 01:09:48 +03:00
Stephan Renatus
b9f6594bf0
*: github.com/coreos/dex -> github.com/dexidp/dex
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
silenceshell
468b5e3f0a
fix typo
...
Should `pulic` be `public`?
2018-05-10 11:55:11 +08:00
Michael Stapelberg
a41d93db4a
Implement the “authproxy” connector (for Apache2 mod_auth etc.)
2017-10-25 21:53:51 +02:00
Eric Chiang
980400db0b
Makefile: error out if go files aren't correctly formatted
...
Noticed in #1058 that our gofmt make target isn't actually erroring
if someone commits misformatted code.
2017-09-14 09:44:15 -07:00
Eric Stroczynski
763e174a7f
Merge pull request #1039 from estroz/move-group-scope-check
...
connector/github: fix groups scope check when 'orgs' is populated
2017-08-21 14:36:44 -07:00
Eric Stroczynski
ce9ac761a6
connector/github: abstract scope check and group getter
2017-08-21 14:30:00 -07:00
rithu leena john
e59d67f466
Merge pull request #1038 from xogroup/github-enterprise
...
When connecting to GitHub Enterprise, force email verified field to true
2017-08-18 13:58:50 -07:00
Chien Huey
99370b5880
Updated comment to include reference to GitHub Enterprise not supporting verified emails
2017-08-18 11:46:05 -04:00
Eric Stroczynski
e92f38f38f
connector/github: error if no groups scope without orgs
...
We should always check if a user is in any orgs or teams specified
in config, and whether the groups scope is also included in client
requests. If not, return an error, because dex wouldn't have required
permissions to do the request anyway (need read:org).
2017-08-17 17:15:45 -07:00
Chien Huey
98f6a217d3
When connecting to GitHub Enterprise, force email verified field to true
2017-08-17 17:26:10 -04:00
Eric Stroczynski
5894d017d5
connector/github: debug->info logging, more informative userInOrg msg
2017-08-17 11:56:35 -07:00
Eric Stroczynski
484327fd5f
connector/github: only user users' login name in API reqs
2017-08-17 10:32:18 -07:00
Eric Stroczynski
26527011ab
connector/github: enable private, primary emails; refactor API calls
...
Documentation: removed private emails caveats section
2017-08-08 18:04:34 -07:00
Eric Stroczynski
9d154802a2
connector/github: multiple orgs, query by teams
...
Documentation: examples of GitHub `orgs` field with multiple orgs
and org with teams; note legacy behavior
2017-08-08 10:57:42 -07:00
Eric Stroczynski
4a88d0641a
: update {S->s}irupsen/logrus
2017-07-25 13:46:44 -07:00
rithu john
682d78f527
connector: improve error message for callback URL mismatch
2017-06-13 15:52:33 -07:00
rithu john
76b9eb1db9
connector/github: add support for github enterprise.
2017-04-11 10:04:59 -07:00
Eric Chiang
777eeafabc
*: update go-oidc and use standard library's context package
2017-03-08 10:33:19 -08:00
Ali Javadi
98bfa4fbb1
Fixes #706
2017-01-27 05:12:58 +03:30
rithu john
2e22a948cf
cmd/dex: add logging config and serve logger for different modules.
2016-12-12 15:56:50 -08:00
Eric Chiang
952e0f81f5
connector: add RefreshConnector interface
2016-11-22 12:53:46 -08:00
Eric Chiang
aa7f304bc1
*: switch to github.com/ghodss/yaml for more consistent YAML parsing
...
ghodss/yaml converts from YAML to JSON before attempting to unmarshal.
This allows us to:
* Get the correct behavor when decoding base64'd []byte slices.
* Use *json.RawMessage.
* Not have to support extravagant YAML features.
* Let our structs use `json:` tags
2016-11-03 14:39:32 -07:00
Eric Chiang
d7912a3a97
Merge pull request #638 from ericchiang/dev-share-a-single-callback
...
*: allow call connectors to share a single a single callback
2016-10-27 16:59:04 -07:00
Eric Chiang
a3235d022a
*: verify "state" field before passing request to callback connectors
...
Let the server handle the state token instead of the connector. As a
result it can throw out bad requests earlier. It can also use that
token to determine which connector was used to generate the request
allowing all connectors to share the same callback URL.
Callbacks now all look like:
https://dex.example.com/callback
Instead of:
https://dex.example.com/callback/ (connector id)
Even when multiple connectors are being used.
2016-10-27 10:23:09 -07:00
Eric Chiang
a11db557b4
*: expand environment variables in config
...
Allow users to define config values which are read form environemnt
variables. Helpful for sensitive variables such as OAuth2 client IDs
or LDAP credentials.
2016-10-22 13:49:40 -07:00
Eric Chiang
bfe560ee21
rename
2016-08-10 22:31:42 -07:00
Eric Chiang
f4c5722e42
*: connectors use a different identity object than storage
2016-08-02 21:20:18 -07:00
Eric Chiang
cab271f304
initial commit
2016-07-26 15:51:24 -07:00