k-space/dex
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
1,222 Commits 1 Branch 0 Tags 18 MiB
83d8853fd9
Commit Graph

202 Commits

Author SHA1 Message Date
Ken Perkins
f6476b62f2
Added Email of Keystone to Identity (#1681) 
* Added Email of Keystone to Identity

After the successful login to keystone, the Email of the logged in user
is fetch from keystone and provided to `identity.Email`.

This is useful for upstream software that uses the Email as the primary
identification.

* Removed unnecessary code from getUsers

* Changed creation of userResponse in keystone

* Fixing linter error

Co-authored-by: Christoph Glaubitz <christoph.glaubitz@innovo-cloud.de>
 2020-04-06 15:40:17 +02:00
Joel Speed
30ea963bb6
Merge pull request #1656 from taxibeat/oidc-prompt-type 
Make prompt configurable for oidc offline_access
 2020-02-28 10:56:13 +00:00
Nándor István Krácser
b7cf701032
Merge pull request #1515 from flant/atlassian-crowd-connector 
new connector for Atlassian Crowd
 2020-02-24 10:09:27 +01:00
Andrew Block
76bb453ff3
Setting email for OpenShift connector 2020-02-21 16:53:46 +01:00
Chris Loukas
d33a76fa19 Make prompt configurable for oidc offline_access 2020-02-19 16:10:28 +02:00
Ivan Mikheykin
7ef1179e75 feat: connector for Atlassian Crowd 2020-02-05 12:40:49 +04:00
Joel Speed
30cd592801
Merge pull request #1612 from vi7/multiple-user-to-group-mapping 
connector/ldap: add multiple user to group mapping
 2020-02-02 11:09:05 +00:00
Nándor István Krácser
aca67b0839
Merge pull request #1627 from jfrabaute/master 
google: Retrieve all the groups for a user
 2020-01-20 08:30:17 +01:00
linzhaoming
1d3851b0c5
Update gitlab.go 
fix typo
 2020-01-16 11:26:57 +08:00
Fabrice Rabaute
b85d7849ad
google: Retrieve all the groups for a user 
The list of groups is paginated (default page is 200), so when a user
has more than 200 groups, only the first 200 are retrieve.

This change is retrieving all the groups for a user by querying all the
pages.
 2020-01-14 13:26:37 -08:00
Vitaliy Dmitriev
e20a795a2a connector/ldap: backward compatibility with single user to group mapping 
Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
 2020-01-14 11:00:32 +01:00
Carl Henrik Lunde
6104295d5e microsoft: Add basic tests 
Implemented similar to connector/github/github_test.go
 2020-01-13 08:51:22 +01:00
Carl Henrik Lunde
5db29eb087 microsoft: Make interface testable 
Enable testing by allowing overriding the API host name in tests
 2020-01-13 08:15:07 +01:00
Nándor István Krácser
3cbba11012
Merge pull request #1610 from flant/oidc-email-scope-check 
Adding oidc email scope check
 2020-01-06 10:20:46 +01:00
Vitaliy Dmitriev
f2e7823db9 connector/ldap: add multiple user to group mapping 
Add an ability to fetch user's membership from
  groups of a different type by specifying multiple
  group attribute to user attribute value matchers
  in the Dex config:

    userMatchers:
    - userAttr: uid
      groupAttr: memberUid
    - userAttr: DN
      groupAttr: member

  In other words the user's groups can be fetched now from
  ldap structure similar to the following:

    dn: cn=john,ou=People,dc=example,dc=org
    objectClass: person
    objectClass: inetOrgPerson
    sn: doe
    cn: john
    uid: johndoe
    mail: johndoe@example.com
    userpassword: bar

    dn: cn=qa,ou=Groups,ou=Portland,dc=example,dc=org
    objectClass: groupOfNames
    cn: qa
    member: cn=john,ou=People,dc=example,dc=org

    dn: cn=logger,ou=UnixGroups,ou=Portland,dc=example,dc=org
    objectClass: posixGroup
    gidNumber: 1000
    cn: logger
    memberUid: johndoe

Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
 2020-01-03 10:40:21 +01:00
m.nabokikh
383c2fe8b6 Adding oidc email scope check 
This helps to avoid "no email claim" error if email scope was not specified.

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2019-12-28 15:28:01 +04:00
Andrew Block
d31f6eabd4
Corrected logic in group verification 2019-12-26 20:32:12 -06:00
Andrew Block
296659cb50
Reduced OpenShift scopes and enhanced documentation 2019-12-26 03:14:20 -06:00
Andrew Block
075ab0938e
Fixed formatting 2019-12-22 02:53:10 -05:00
Andrew Block
7e89d8ca24
Resolved newline issues 2019-12-22 02:27:11 -05:00
Andrew Block
02c8f85e4d
Resolved newline issues 2019-12-22 02:27:11 -05:00
Andrew Block
db7711d72a
Test cleanup 2019-12-22 02:27:10 -05:00
Andrew Block
5881a2cfca
Test cleanup 2019-12-22 02:27:10 -05:00
Andrew Block
48954ca716
Corrected test formatting 2019-12-22 02:27:09 -05:00
Andrew Block
92e63771ac
Added OpenShift connector 2019-12-22 02:27:09 -05:00
Nándor István Krácser
a901e2f204
Merge pull request #1604 from dexidp/fix-linters 
Fix linters
 2019-12-20 07:10:22 +01:00
Lars Lehtonen
8e0ae82034
connector/oidc: replace deprecated oauth2.RegisterBrokenAuthHeaderProvider with oauth2.Endpoint.AuthStyle 2019-12-18 08:27:40 -08:00
Mark Sagi-Kazar
65c77e9db2
Fix bodyclose 2019-12-18 16:04:03 +01:00
Mark Sagi-Kazar
2f8d1f8e42
Fix unconvert 2019-12-18 15:56:46 +01:00
Mark Sagi-Kazar
f141f2133b
Fix whitespace 2019-12-18 15:56:12 +01:00
Mark Sagi-Kazar
9bd5ae5197
Fix goimports 2019-12-18 15:53:34 +01:00
Mark Sagi-Kazar
367b187cf4
Fix missspell 2019-12-18 15:51:44 +01:00
Mark Sagi-Kazar
142c96c210
Fix stylecheck 2019-12-18 15:50:36 +01:00
Mark Sagi-Kazar
8c3dc0ca66
Remove unused code (fixed: unused, structcheck, deadcode linters) 2019-12-18 15:46:49 +01:00
Mark Sagi-Kazar
d2095bb2d8
Rewrite LDAP tests to use Docker 2019-12-08 20:21:28 +01:00
Nandor Kracser
a38e215891
connector/google: support group whitelisting 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-12-03 16:27:07 +01:00
Nándor István Krácser
c41035732f
Merge pull request #1434 from jacksontj/groups 
Add option to enable groups for oidc connectors
 2019-11-27 14:00:36 +01:00
Joel Speed
658a2cc477
Make directory service during init 2019-11-19 17:12:44 +00:00
Joel Speed
554870cea0
Add todo for configurable groups key 2019-11-19 17:12:43 +00:00
Joel Speed
6a9bc889b5
Update comments 2019-11-19 17:12:40 +00:00
Joel Speed
c03c98b951
Check config before getting groups 2019-11-19 17:12:39 +00:00
Joel Speed
3f55e2da72
Get groups from directory api 2019-11-19 17:12:38 +00:00
Joel Speed
36370f8f2a
No need to configure issuer 2019-11-19 17:12:37 +00:00
Joel Speed
97ffa21262
Create separate Google connector 2019-11-19 17:12:36 +00:00
Joel Speed
3156553843
OIDC: Rename refreshToken to RefreshToken 2019-11-19 15:43:25 +00:00
Joel Speed
77fcf9ad77
Use a struct for connector data within OIDC connector 2019-11-19 15:43:22 +00:00
Joel Speed
f6077083c9
Identify error as failure to retrieve refresh token 2019-11-19 15:43:21 +00:00
Joel Speed
8b344fe4d3
Fix Refresh comment 2019-11-19 15:43:20 +00:00
Joel Speed
433bb2afec
Remove duplicate code 2019-11-19 15:43:12 +00:00
Joel Speed
4076eed17b
Build opts based on scope 2019-11-19 15:43:11 +00:00