Stephan Renatus
d9487e553b
*: fix some lint issues
...
Mostly gathered these using golangci-lint's deadcode and ineffassign
linters.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-30 11:29:08 +02:00
flarno11
8c1716d356
make userName configurable
2019-06-03 14:09:07 +02:00
Stephan Renatus
4e8cbf0f61
connectors/oidc: truely ignore "email_verified" claim if configured that way
...
Fixes #1455 , I hope.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-05-28 16:15:06 +02:00
cappyzawa
9650836851
make userID configurable
2019-05-24 19:52:33 +09:00
Thomas Jackson
52d09a2dfa
Add option in oidc to hit the optional userinfo endpoint
...
Some oauth providers return "thin tokens" which won't include all of the
claims requested. This simply adds an option which will make the oidc
connector use the userinfo endpoint to fetch all the claims.
2019-05-23 09:20:48 -07:00
Gerald Barker
fc723af0fe
Add option to OIDC connecter to override email_verified to true
2019-03-05 21:24:02 +00:00
Mark Sagi-Kazar
be581fa7ff
Add logger interface and stop relying on Logrus directly
2019-02-22 13:38:57 +01:00
Stephan Renatus
b9f6594bf0
*: github.com/coreos/dex -> github.com/dexidp/dex
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
Eric Chiang
6475ce1f62
connector/oidc: remove test that talks to the internet
2017-10-27 13:40:50 -07:00
Michael Stapelberg
a41d93db4a
Implement the “authproxy” connector (for Apache2 mod_auth etc.)
2017-10-25 21:53:51 +02:00
rithu leena john
05e8d50eca
Merge pull request #1000 from rithujohn191/fix-hosted-domain
...
connector/oidc: fix hosted domain support.
2017-07-31 13:29:26 -07:00
Eric Stroczynski
4a88d0641a
: update {S->s}irupsen/logrus
2017-07-25 13:46:44 -07:00
rithu john
5e0bf8b65f
connector/oidc: fix hosted domain support.
2017-07-25 13:46:12 -07:00
Ben Navetta
cbb007663f
add documentation and tests
2017-06-21 22:56:02 -07:00
Ben Navetta
4194530cf3
initial hostedDomain support
2017-06-20 22:47:28 -07:00
rithu john
682d78f527
connector: improve error message for callback URL mismatch
2017-06-13 15:52:33 -07:00
rithu john
59502850f0
connector: Connectors without a RefreshConnector should not return a refresh token instead of erroring
2017-03-23 14:56:34 -07:00
Eric Chiang
ac032e99f0
connector/oidc: expose oauth2.RegisterBrokenAuthHeaderProvider
2017-03-20 08:47:02 -07:00
Eric Chiang
777eeafabc
*: update go-oidc and use standard library's context package
2017-03-08 10:33:19 -08:00
rithu john
2e22a948cf
cmd/dex: add logging config and serve logger for different modules.
2016-12-12 15:56:50 -08:00
Eric Chiang
522749b5d8
*: switch oidc client to github.com/coreos/go-oidc
...
This saves us from having to import two different versions of
square/go-jose.
2016-11-22 13:29:17 -08:00
Eric Chiang
952e0f81f5
connector: add RefreshConnector interface
2016-11-22 12:53:46 -08:00
Eric Chiang
aa7f304bc1
*: switch to github.com/ghodss/yaml for more consistent YAML parsing
...
ghodss/yaml converts from YAML to JSON before attempting to unmarshal.
This allows us to:
* Get the correct behavor when decoding base64'd []byte slices.
* Use *json.RawMessage.
* Not have to support extravagant YAML features.
* Let our structs use `json:` tags
2016-11-03 14:39:32 -07:00
Eric Chiang
d7912a3a97
Merge pull request #638 from ericchiang/dev-share-a-single-callback
...
*: allow call connectors to share a single a single callback
2016-10-27 16:59:04 -07:00
Eric Chiang
a3235d022a
*: verify "state" field before passing request to callback connectors
...
Let the server handle the state token instead of the connector. As a
result it can throw out bad requests earlier. It can also use that
token to determine which connector was used to generate the request
allowing all connectors to share the same callback URL.
Callbacks now all look like:
https://dex.example.com/callback
Instead of:
https://dex.example.com/callback/ (connector id)
Even when multiple connectors are being used.
2016-10-27 10:23:09 -07:00
Eric Chiang
a11db557b4
*: expand environment variables in config
...
Allow users to define config values which are read form environemnt
variables. Helpful for sensitive variables such as OAuth2 client IDs
or LDAP credentials.
2016-10-22 13:49:40 -07:00
Eric Chiang
bfe560ee21
rename
2016-08-10 22:31:42 -07:00
Eric Chiang
fd5e508f1c
*: implement the OpenID Connect connector
2016-08-08 11:49:47 -07:00
Eric Chiang
cab271f304
initial commit
2016-07-26 15:51:24 -07:00