Márk Sági-Kazár
551229a986
Merge pull request #1846 from flant/refresh-token-expiration-policy
...
feat: Add refresh token expiration and rotation settings
2021-04-24 11:03:40 +02:00
Mark Sagi-Kazar
a050f3228a
feat: add DEX_FRONTEND_DIR env var for setting the frontend dir
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Maksim Nabokikh
568fc06520
Update server/refreshhandlers.go
...
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-09 09:41:41 +04:00
Mark Sagi-Kazar
24a1103f11
refactor: rename gr to group
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-25 12:33:19 +01:00
Mark Sagi-Kazar
9cffca70f2
refactor: relocate run group initialization
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-25 12:32:28 +01:00
m.nabokikh
87ebbaf834
fix: close storage on shutdown
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-12 22:31:13 +04:00
Mark Sagi-Kazar
316da70545
refactor: use new health checker
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-11 01:29:25 +01:00
Mark Sagi-Kazar
d77147f7cf
refactor: fix router variable name
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-11 00:13:47 +01:00
Mark Sagi-Kazar
024f69b2c7
feat: add health check to telemetry server
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-11 00:13:07 +01:00
m.nabokikh
06c8ab5aa7
Fixes of naming and code style
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-10 23:37:57 +04:00
m.nabokikh
91de99d57e
feat: Add refresh token expiration and rotation settings
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-10 23:37:57 +04:00
Maksim Nabokikh
6664b5702d
Apply suggestions from code review
...
Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-05 13:16:41 +04:00
Maksim Nabokikh
65a8bf2af3
feat: graceful shutdown fixes
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-26 16:45:10 +04:00
m.nabokikh
f82c217e12
feat: graceful shutdown
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-26 12:16:30 +04:00
Mark Sagi-Kazar
6742008fc2
refactor: version command
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-14 15:55:07 +01:00
Mark Sagi-Kazar
c55d84b5d2
feat: add flags for bind address config options
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-14 15:50:19 +01:00
Mark Sagi-Kazar
cdefd1f788
refactor: serve command
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-14 15:30:03 +01:00
Martin Heide
4cb5577e11
Allow to disable os.ExpandEnv for storage + connector configs by env variable DEX_EXPAND_ENV = false
...
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-12-30 20:11:18 +00:00
Mark Sagi-Kazar
349832b380
Run fixer
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-11-03 20:52:14 +01:00
m.nabokikh
1d83e4749d
Add gocritic
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 01:54:27 +04:00
justin-slowik
1ea2892b79
fix merge error in config.go
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:31:44 -04:00
Justin Slowik
9bbdc721d5
Device flow token code exchange ( #2 )
...
* Added /device/token handler with associated business logic and storage tests.
Perform user code exchange, flag the device code as complete.
Moved device handler code into its own file for cleanliness. Cleanup
* Removed PKCE code
* Rate limiting for /device/token endpoint based on ietf standards
* Configurable Device expiry
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
krishnadurai
6698f1f80a
Corrects imports after merge
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:24:25 -04:00
krishnadurai
776aa9dd53
Option to add staticPasswords from environment variables
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:24:25 -04:00
Mark Sagi-Kazar
e84682d7b9
Add v2 api module
2020-07-01 14:20:57 +02:00
Tomasz Kleczek
c830d49884
allow no secret for static public clients
...
For statically-configured public clients it should be allowed for both
Secret and SecretEnv fields to be empty.
2020-05-05 17:09:09 +02:00
Yann Soubeyrand
99c3ec6820
Add ability to set ID and Secret from environment variables for static clients
...
Having ID and Secret in clear inside configuration files for static
clients is not ideal. This commit allows setting these from environment
variables.
Signed-off-by: Yann Soubeyrand <yann.soubeyrand@gmx.fr>
2020-03-03 08:27:13 +01:00
Nándor István Krácser
1160649c31
Merge pull request #1621 from concourse/pr/passowrd-grant-synced
...
Rework - add support for Resource Owner Password Credentials Grant
2020-02-20 08:27:50 +01:00
Zach Brown
13be146d2a
Add support for password grant #926
2020-01-10 13:18:09 -05:00
krishnadurai
321790870f
Fixes lint
2020-01-07 16:34:32 -08:00
krishnadurai
2d5619e4e8
Corrects imports after merge
2020-01-07 11:48:35 -08:00
Krishna Durai
9560899496
Merge branch 'master' into feature/static_password_env
2020-01-06 23:21:20 -08:00
Mark Sagi-Kazar
f141f2133b
Fix whitespace
2019-12-18 15:56:12 +01:00
Mark Sagi-Kazar
9bd5ae5197
Fix goimports
2019-12-18 15:53:34 +01:00
krishnadurai
1fd5dd7b0e
Change env var prefix to DEX and add to ci.yaml
2019-12-13 17:03:56 -08:00
krishnadurai
af9c2880a6
Corrects validation logic for static password check
2019-12-13 16:52:10 -08:00
krishnadurai
91cbd466a5
Option to add staticPasswords from environment variables
2019-12-13 16:33:21 -08:00
Steven Danna
46f48b33a1
Use a more conservative set of CipherSuites
...
The default cipher suites used by Go include a number of ciphers that
have known weaknesses. In addition to leaving users open to these
weaknesses, the inclusion of these weaker ciphers causes problems with
various automated scanning tools.
This PR disables the CBC-mode, RC4, and 3DES ciphers included in the
Go standard library by passing an explicit cipher suite list.
The ciphers included here are more line with those recommended by
Mozilla for "Intermediate" compatibility. [0]
*Performance Implications*
The Go standard library does capability-based cipher ordering,
preferring AES ciphers if the underlying hardware has AES specific
instructions. [1] Since all of the relevant code is internal modules,
to do the same thing ourselves would require duplicating that
code. Here, I've placed AES based ciphers first.
*Compatibility Implications*
This does reduce the number of clients who will be able to communicate
with dex.
[0] https://ssl-config.mozilla.org/#server=nginx&server-version=1.17.0&config=intermediate&hsts=false&ocsp=false
[1] a8c2e5c6ad/src/crypto/tls/common.go (L1091)
Signed-off-by: Steven Danna <steve@chef.io>
2019-08-31 17:34:55 +01:00
Stephan Renatus
d9f6ab4a68
Merge pull request #1512 from venezia/add_reflection
...
Add reflection to gRPC API (configurable)
2019-08-07 13:56:33 +02:00
Michael Venezia
b65966d744
cmd/dex: adding reflection to grpc api, enabled through configuration
2019-08-07 07:37:39 -04:00
Stephan Renatus
e1afe771cb
Merge pull request #1505 from MarcDufresne/show-login-page
...
Add option to always display connector selection even if there's only one
2019-08-07 09:23:42 +02:00
Marc-André Dufresne
0dbb642f2c
Add option to always display connector selection even if there's only one
2019-08-06 13:18:46 -04:00
Marc-André Dufresne
d458e882aa
Allow arbitrary data to be passed to templates
2019-08-06 13:14:53 -04:00
Stephan Renatus
ea7fd6d470
cmd/dex: adapt to prometheus API change
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-31 08:09:58 +02:00
Stephan Renatus
128d5da89e
Merge pull request #1500 from dexidp/sr/fix-some-lint-issues
...
*: fix some lint issues
2019-07-30 11:41:27 +02:00
Stephan Renatus
d9487e553b
*: fix some lint issues
...
Mostly gathered these using golangci-lint's deadcode and ineffassign
linters.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-30 11:29:08 +02:00
Joel Speed
e2ddefff31
Merge pull request #1439 from sks/feature/fail_on_invalid_config
...
Return config validation errors in one go
2019-07-30 11:00:17 +02:00
Sabith K Soopy
6769a3b18e
Errors should not start with caps
...
- https://github.com/dexidp/dex/pull/1264#discussion_r253264017
Signed-off-by: Sabith <sabithksme@gmail.com>
2019-07-23 08:17:06 -07:00
Sabith K Soopy
6ccb96ff74
Add some test to validate the configuration
2019-07-23 08:16:16 -07:00
Nandor Kracser
a572ad8fec
storage/sql: rework of the original MySQL PR
2019-07-23 14:27:10 +02:00