k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
1,160 Commits 1 Branch 0 Tags
a6b5405c2efb1934e3a14e757fa9e08ba31d6c1f
Commit Graph

193 Commits

Author SHA1 Message Date
Nándor István Krácser
aca67b0839 Merge pull request #1627 from jfrabaute/master 
google: Retrieve all the groups for a user
 2020-01-20 08:30:17 +01:00
linzhaoming
1d3851b0c5 Update gitlab.go 
fix typo
 2020-01-16 11:26:57 +08:00
Fabrice Rabaute
b85d7849ad google: Retrieve all the groups for a user 
The list of groups is paginated (default page is 200), so when a user
has more than 200 groups, only the first 200 are retrieve.

This change is retrieving all the groups for a user by querying all the
pages.
 2020-01-14 13:26:37 -08:00
Carl Henrik Lunde
6104295d5e microsoft: Add basic tests 
Implemented similar to connector/github/github_test.go
 2020-01-13 08:51:22 +01:00
Carl Henrik Lunde
5db29eb087 microsoft: Make interface testable 
Enable testing by allowing overriding the API host name in tests
 2020-01-13 08:15:07 +01:00
Nándor István Krácser
3cbba11012 Merge pull request #1610 from flant/oidc-email-scope-check 
Adding oidc email scope check
 2020-01-06 10:20:46 +01:00
m.nabokikh
383c2fe8b6 Adding oidc email scope check 
This helps to avoid "no email claim" error if email scope was not specified.

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2019-12-28 15:28:01 +04:00
Andrew Block
d31f6eabd4 Corrected logic in group verification 2019-12-26 20:32:12 -06:00
Andrew Block
296659cb50 Reduced OpenShift scopes and enhanced documentation 2019-12-26 03:14:20 -06:00
Andrew Block
075ab0938e Fixed formatting 2019-12-22 02:53:10 -05:00
Andrew Block
7e89d8ca24 Resolved newline issues 2019-12-22 02:27:11 -05:00
Andrew Block
02c8f85e4d Resolved newline issues 2019-12-22 02:27:11 -05:00
Andrew Block
db7711d72a Test cleanup 2019-12-22 02:27:10 -05:00
Andrew Block
5881a2cfca Test cleanup 2019-12-22 02:27:10 -05:00
Andrew Block
48954ca716 Corrected test formatting 2019-12-22 02:27:09 -05:00
Andrew Block
92e63771ac Added OpenShift connector 2019-12-22 02:27:09 -05:00
Nándor István Krácser
a901e2f204 Merge pull request #1604 from dexidp/fix-linters 
Fix linters
 2019-12-20 07:10:22 +01:00
Lars Lehtonen
8e0ae82034 connector/oidc: replace deprecated oauth2.RegisterBrokenAuthHeaderProvider with oauth2.Endpoint.AuthStyle 2019-12-18 08:27:40 -08:00
Mark Sagi-Kazar
65c77e9db2 Fix bodyclose 2019-12-18 16:04:03 +01:00
Mark Sagi-Kazar
2f8d1f8e42 Fix unconvert 2019-12-18 15:56:46 +01:00
Mark Sagi-Kazar
f141f2133b Fix whitespace 2019-12-18 15:56:12 +01:00
Mark Sagi-Kazar
9bd5ae5197 Fix goimports 2019-12-18 15:53:34 +01:00
Mark Sagi-Kazar
367b187cf4 Fix missspell 2019-12-18 15:51:44 +01:00
Mark Sagi-Kazar
142c96c210 Fix stylecheck 2019-12-18 15:50:36 +01:00
Mark Sagi-Kazar
8c3dc0ca66 Remove unused code (fixed: unused, structcheck, deadcode linters) 2019-12-18 15:46:49 +01:00
Mark Sagi-Kazar
d2095bb2d8 Rewrite LDAP tests to use Docker 2019-12-08 20:21:28 +01:00
Nandor Kracser
a38e215891 connector/google: support group whitelisting 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-12-03 16:27:07 +01:00
Nándor István Krácser
c41035732f Merge pull request #1434 from jacksontj/groups 
Add option to enable groups for oidc connectors
 2019-11-27 14:00:36 +01:00
Joel Speed
658a2cc477 Make directory service during init 2019-11-19 17:12:44 +00:00
Joel Speed
554870cea0 Add todo for configurable groups key 2019-11-19 17:12:43 +00:00
Joel Speed
6a9bc889b5 Update comments 2019-11-19 17:12:40 +00:00
Joel Speed
c03c98b951 Check config before getting groups 2019-11-19 17:12:39 +00:00
Joel Speed
3f55e2da72 Get groups from directory api 2019-11-19 17:12:38 +00:00
Joel Speed
36370f8f2a No need to configure issuer 2019-11-19 17:12:37 +00:00
Joel Speed
97ffa21262 Create separate Google connector 2019-11-19 17:12:36 +00:00
Joel Speed
3156553843 OIDC: Rename refreshToken to RefreshToken 2019-11-19 15:43:25 +00:00
Joel Speed
77fcf9ad77 Use a struct for connector data within OIDC connector 2019-11-19 15:43:22 +00:00
Joel Speed
f6077083c9 Identify error as failure to retrieve refresh token 2019-11-19 15:43:21 +00:00
Joel Speed
8b344fe4d3 Fix Refresh comment 2019-11-19 15:43:20 +00:00
Joel Speed
433bb2afec Remove duplicate code 2019-11-19 15:43:12 +00:00
Joel Speed
4076eed17b Build opts based on scope 2019-11-19 15:43:11 +00:00
Joel Speed
0857a0fe09 Implement refresh in OIDC connector 
This has added the access=offline parameter and prompt=consent parameter
to the initial request, this works with google, assuming other providers
will ignore the prompt parameter
 2019-11-19 15:43:04 +00:00
Nándor István Krácser
6d41541964 Merge pull request #1544 from kenperkins/saml-groups 
Adding support for allowed groups in SAML Connector
 2019-10-30 13:28:34 +01:00
Nándor István Krácser
f2590ee07d Merge pull request #1545 from jacksontj/getUserInfo 
Run getUserInfo prior to claim enforcement
 2019-10-30 13:26:18 +01:00
Nandor Kracser
c1b421fa04 add preffered_username to idToken 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-10-30 13:06:37 +01:00
Thomas Jackson
21ab30d207 Add option to enable groups for oidc connectors 
There's been some discussion in #1065 regarding what to do about
refreshing groups. As it stands today dex doesn't update any of the
claims on refresh (groups would just be another one). The main concern
with enabling it is that group claims may change more frequently. While
we continue to wait on the upstream refresh flows, this adds an option
to enable the group claim. This is disabled by default (so no behavioral
change) but enables those that are willing to have the delay in group
claim change to use oidc IDPs.

Workaround to #1065
 2019-09-13 15:50:33 -07:00
Thomas Jackson
512cb3169e Run getUserInfo prior to claim enforcement 
If you have an oidc connector configured *and* that IDP provides thin
tokens (e.g. okta) then the majority of the requested claims come in the
getUserInfo call (such as email_verified). So if getUserInfo is
configured it should be run before claims are validated.
 2019-09-13 11:10:44 -07:00
Ken Perkins
285c1f162e connector/saml: Adding group filtering 
- 4 new tests
- Doc changes to use the group filtering
 2019-09-10 10:53:19 -07:00
wassan128
42e8619830 Fix typo 2019-09-06 09:55:09 +09:00
Nandor Kracser
ef08ad8317 gitlab: add groups scope by default when filtering is requested 2019-08-14 13:33:46 +02:00