k-space/dex - dex - Gitea: Git with a cup of tea

Archived

Author	SHA1	Message	Date
Eric Chiang	25b902b0c2	Merge pull request #815 from ericchiang/fix-k8s-storage storage/kubernetes: fix kubernetes storage conformance test failures	2017-02-23 19:31:45 -08:00
Eric Chiang	4be029c6c1	storage/kubernetes: fix kubernetes storage conformance test failures	2017-02-23 19:23:19 -08:00
Eric Chiang	58eb25aa60	Merge pull request #813 from SEJeff/patch-1 [Makefile] Allow specifying VERSION as an env var	2017-02-23 10:44:25 -08:00
Jeff Schroeder	4630f69f17	[Makefile] Allow specifying VERSION as an env var This makes specifying the VERSION when building native operating system packages require less hacks. Refs: #811	2017-02-23 12:23:33 -06:00
Eric Chiang	af0d9cebd1	Merge pull request #810 from caarlos0/patch-1 simplified clone: using go get	2017-02-22 08:38:13 -08:00
Carlos Alexandro Becker	f57e19e6ab	simplified clone: using go get	2017-02-22 09:33:01 -03:00
rithu leena john	c76832eaea	Merge pull request #809 from rithujohn191/set-error-flag storage: Surface "already exists" errors.	2017-02-21 16:09:48 -08:00
rithu john	3df1db1864	storage: Surface "already exists" errors.	2017-02-21 15:00:22 -08:00
rithu leena john	90c80e700a	Merge pull request #807 from rithujohn191/fix-typo web/static/main.css: fix typo.	2017-02-21 13:30:07 -08:00
rithu john	0ee40865a2	web/static/main.css: fix typo.	2017-02-20 08:48:36 -08:00
rithu leena john	7e9dc836eb	Merge pull request #802 from rithujohn191/token-revocation api: adding a gRPC call for revoking refresh tokens.	2017-02-15 08:43:58 -08:00
rithu john	1ec19d4fbf	api: adding a gRPC call for revoking refresh tokens.	2017-02-15 07:48:20 -08:00
rithu leena john	b119ffddcb	Merge pull request #801 from rithujohn191/token-revocation api: adding a gRPC call for listing refresh tokens.	2017-02-13 18:36:56 -08:00
rithu john	d201e49248	api: adding a gRPC call for listing refresh tokens.	2017-02-13 16:12:16 -08:00
rithu leena john	53e383670a	Merge pull request #793 from rithujohn191/token-revocation storage: Add OfflineSession object to backend storage.	2017-02-09 19:46:00 -08:00
rithu john	d928ac0677	storage: Add OfflineSession object to backend storage.	2017-02-09 19:01:28 -08:00
rithu leena john	49f446c1a7	Merge pull request #800 from ericchiang/server-test-comments server: clean up test comments and code flow	2017-02-07 10:37:32 -08:00
Eric Chiang	80038847de	server: clean up test comments and code flow	2017-02-07 10:31:51 -08:00
Eric Chiang	dd415f5e2f	Merge pull request #799 from ericchiang/thirdpartyresources Documentation: warn admins not to edit dex ThirdPartyResources manually	2017-02-06 15:04:40 -08:00
rithu leena john	167d7be281	Merge pull request #790 from givia/github-teams-pagination Fixes #706	2017-02-06 11:13:03 -08:00
Eric Chiang	adf3703962	Documentation: warn admins not to edit dex ThirdPartyResources manually	2017-02-06 10:35:27 -08:00
Eric Chiang	7f860e09b5	Merge pull request #796 from ericchiang/html-template {web,server}: use html/template and reduce use of auth request ID	2017-02-02 17:33:06 -08:00
Eric Chiang	72a431dd4b	{web,server}: use html/template and reduce use of auth request ID Switch from using "text/template" to "html/template", which provides basic XSS preventions. We haven't identified any particular place where unsanitized user data is rendered to the frontend. This is just a preventative step. At the same time, make more templates take pure URL instead of forming an URL themselves using an "authReqID" argument. This will help us stop using the auth req ID in certain places, preventing garbage collection from killing login flows that wait too long at the login screen. Also increase the login session window (time between initial redirect and the user logging in) from 30 minutes to 24 hours, and display a more helpful error message when the session expires. How to test: 1. Spin up dex and example with examples/config-dev.yaml. 2. Login through both the password prompt and the direct redirect. 3. Edit examples/config-dev.yaml removing the "connectors" section. 4. Ensure you can still login with a password. (email/password is "admin@example.com" and "password")	2017-02-02 11:11:00 -08:00
rithu leena john	12f969364e	Merge pull request #794 from rithujohn191/saml-doc Documentation: Minor changes to SAML connector doc.	2017-02-02 09:49:00 -08:00
rithu john	fecd596ae2	Documentation: Minor changes to SAML connector doc.	2017-02-01 11:28:46 -08:00
rithu leena john	42d0728048	Merge pull request #785 from holgerkoser/master Improve SAML Signature and Response Validation	2017-02-01 11:14:13 -08:00
rithu leena john	27224cdc98	Merge pull request #788 from givia/gitlab-connector connector: add GitLab connecor	2017-02-01 09:39:37 -08:00
Ali Javadi	e623ad4d35	connector: add GitLab connector	2017-01-28 01:36:02 +03:30
Eric Chiang	0dcf1bcf79	Merge pull request #792 from ericchiang/auth-endpoint-post server: support POSTing to authorization endpoint	2017-01-27 13:36:02 -08:00
Eric Chiang	8541184afb	server: support POSTing to authorization endpoint Fixes #791	2017-01-27 11:42:46 -08:00
rithu leena john	36883d0bbf	Merge pull request #789 from rithujohn191/token-revocation-proposal Documentation/proposals: Add a proposal for refresh token revocation.	2017-01-27 09:39:13 -08:00
rithu john	d114b8ffc7	Documentation/proposals: Add a proposal for refresh token revocation.	2017-01-27 09:37:01 -08:00
Ali Javadi	98bfa4fbb1	Fixes #706	2017-01-27 05:12:58 +03:30
Holger Koser	27a1e9f1bd	vendor: revendor	2017-01-26 19:06:54 +01:00
Holger Koser	e46f2ebe40	Improve SAML Signature and Response Validation * Improve Order of Namespace Declarations and Attributes in Canonical XML. This is related to an issue in goxmldsig for which I created an [pull request](https://github.com/russellhaering/goxmldsig/pull/17). * Do not compress the AuthnRequest if `HTTP-POST` binding is used. * SAML Response is valid if the Message and/or the Assertion is signed. * Add `AssertionConsumerServiceURL` to `AuthnRequest` * Validate Status on the Response * Validate Conditions on the Assertion * Validation SubjectConfirmation on the Subject	2017-01-26 19:05:40 +01:00
rithu leena john	48fcf66a35	Merge pull request #783 from rithujohn191/config-validation cmd/dex: make connector name field mandatory in dex configuration.	2017-01-23 17:03:50 -08:00
rithu john	31e8009441	cmd/dex: make connector name field mandatory in dex configuration.	2017-01-23 15:14:41 -08:00
Eric Chiang	613d160ad9	Merge pull request #782 from marians/patch-1 Docs: Added a name to the LDAP connector	2017-01-23 09:07:24 -08:00
Eric Chiang	d3f4ae2ab7	Merge pull request #781 from ajohnstone/patch-1 Update kubernetes.md - correct typo	2017-01-23 08:52:37 -08:00
Marian Steinbach	38a2e41e0a	Added a name to the connector Without a name, the example app's login form will only show `Log in with` as a button label.	2017-01-23 10:46:29 +01:00
Andrew Johnstone	b10c0a1c87	Update kubernetes.md	2017-01-23 06:28:21 +00:00
rithu leena john	a3ef8d26bc	Merge pull request #777 from rithujohn191/update-release-doc Documentation: add docs on patch release process.	2017-01-17 14:50:37 -08:00
rithu john	265cfacd17	Documentation: add docs on patch release process.	2017-01-17 11:49:09 -08:00
rithu leena john	fe93f60af4	Merge pull request #775 from xeonx/master Allow CORS on keys and token endpoints	2017-01-17 10:48:06 -08:00
Simon HEGE	415a68f977	Allow CORS on keys and token endpoints	2017-01-14 21:15:51 +01:00
Eric Chiang	ca7d2b8f9e	Merge pull request #772 from ericchiang/at_hash-support server: add at_hash claim support	2017-01-13 10:15:21 -08:00
Eric Chiang	1eda382789	server: add at_hash claim support The "at_hash" claim, which provides hash verification for the "access_token," is a required claim for implicit and hybrid flow requests. Previously we did not include it (against spec). This PR implements the "at_hash" logic and adds the claim to all responses. As a cleanup, it also moves some JOSE signing logic out of the storage package and into the server package. For details see: https://openid.net/specs/openid-connect-core-1_0.html#ImplicitIDToken	2017-01-13 10:05:24 -08:00
Eric Chiang	79c21f9b0c	Merge pull request #773 from y2kenny/patch-1 Removed extra o typo	2017-01-11 13:10:57 -08:00
y2kenny	4d4cb99459	Removed extra o typo	2017-01-11 15:47:55 -05:00
Eric Chiang	3c247db00a	Merge pull request #757 from ericchiang/constant-refresh-tokens *: update refresh tokens instead of deleting and creating another	2017-01-11 12:09:39 -08:00

... 35 36 37 38 39 ...

2206 Commits