k-space
/
dex
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
970 Commits 1 Branch 0 Tags 18 MiB
Commit Graph

150 Commits

Author SHA1 Message Date
Stephan Renatus 421c26fdf5
Merge pull request #1481 from LanceH/master 
Added "connector_id" to skip straight to a connector (similar to when len(connector) is 1.
 2019-07-23 11:31:25 +02:00
LanceH 07a77e0dac Use connector_id param to skip directly to a specific connector 2019-07-22 10:47:11 -05:00
Tyler Cloke dd84e73c0e Add VerifyPassword to API 
It takes in an email and plain text password to verify. If it fails to find a password stored for email, it returns not_found. If it finds the password hash stored but that hash doesn't match the password passed via the API, it returns verified = false, else it returns verified = true.

Co-authored-by: Alban Seurat <alban.seurat@me.com>
 2019-07-22 10:23:07 +02:00
Andy Lindeman 5b66bf05c8 Fixed shadowed variable declaration 2019-06-27 19:12:18 -04:00
Andy Lindeman 59b6595c37 userinfo_endpoint is required 2019-06-25 12:17:03 -04:00
Andy Lindeman 8959dc4275 ctx is not used 2019-06-24 09:43:12 -04:00
Andy Lindeman 21174c06a1 Remove comment 
We have a story around user info now
 2019-06-24 09:42:46 -04:00
Andy Lindeman 840065faaf Assert something about the returned userinfo 2019-06-24 09:39:54 -04:00
Andy Lindeman 46f5726d11 Use oidc.Verifier to verify tokens 2019-06-22 13:18:35 -04:00
Andy Lindeman 157c359f3e Bump go-oidc to latest v2 2019-06-20 12:27:47 -04:00
mdbraber 3dd1bac821 Fix comments 2019-06-05 22:14:31 +02:00
Maarten den Braber 74f4e749b9 Formatting 2019-06-05 22:14:31 +02:00
Maarten den Braber d7750b1e26 Fix changes 2019-06-05 22:14:31 +02:00
Maarten den Braber a8d059a237 Add userinfo endpoint 
Co-authored-by: Yuxing Li <360983+jackielii@users.noreply.github.com>
Co-authored-by: Francisco Santiago <1737357+fjbsantiago@users.noreply.github.com>
 2019-06-05 22:11:21 +02:00
Eric Chiang cd3c6983da
Merge pull request #1429 from tsuna/master 
server: add metrics for CORS handlers.
 2019-05-12 10:40:23 -07:00
Tomas Barton 55cebd58a8
print appropriate error 2019-05-03 14:19:54 +02:00
Benoit Sigoure d6ad67a6de server: add metrics for CORS handlers. 2019-04-19 14:32:52 -07:00
Mark Sagi-Kazar 06521ffa49
Remove the logrus logger wrapper 2019-02-22 21:31:46 +01:00
Mark Sagi-Kazar d1c8f8d095
Remove structured logging from the logger interface 2019-02-22 21:26:30 +01:00
Mark Sagi-Kazar be581fa7ff
Add logger interface and stop relying on Logrus directly 2019-02-22 13:38:57 +01:00
Eric Chiang 8935a1479c server: update health check endpoint to query storage periodically 
Instead of querying the storage every time a health check is performed
query it periodically and save the result.
 2019-02-04 19:02:41 +00:00
joannano 88d1e2b041 keystone: test cases, refactoring and cleanup 2019-01-11 15:14:56 +01:00
Krzysztof Balka a965365a2b keystone: refresh token and groups 2019-01-11 15:14:11 +01:00
knangia 0774a89066 keystone: squashed changes from knangia/dex 2019-01-11 15:12:59 +01:00
Haines Chan b78b8aeee0 Replace "GET", "POST" to http.MethodGet and http.MethodPost 2018-12-27 16:27:36 +08:00
Maximilian Gaß 468c74d1d2 Make expiry of auth requests configurable 2018-12-13 11:50:34 +01:00
Stephan Renatus f3acec0b1b
Merge pull request #1275 from ccojocar/client-update-api 
Extend the API with a function which updates the client configuration
 2018-11-27 11:47:16 +01:00
Cosmin Cojocar 01c6b9dd91 Remove the 'public' field from UpdateClientReq proto message 2018-11-26 19:07:59 +01:00
Alexander Matyushentsev ff8b44558e Issue #1263 - Render error message provided by connector if user authentication failed 2018-11-13 15:44:28 -08:00
Cosmin Cojocar 281ec27118 Update also to a list of empty redirect URIs and Peers 2018-11-13 09:59:45 +01:00
Cosmin Cojocar 9d1ec6c36b Revert "Avoid overwriting exiting redirect URI and trusted peers when updating the client" 
This reverts commit 49fa5ee6e8.
 2018-11-13 09:58:17 +01:00
Cosmin Cojocar 49fa5ee6e8 Avoid overwriting exiting redirect URI and trusted peers when updating the client 
Also skip configure the Public field.
 2018-11-12 21:48:14 +01:00
Cosmin Cojocar c9b18b2785 Add tests for UpateClient API 2018-11-12 18:43:48 +01:00
Cosmin Cojocar 9926a0dced Extend the API with a function which updates the client configuration 2018-11-12 17:33:06 +01:00
Stephan Renatus e1acb6d577
Merge pull request #1307 from edtan/upstream-add-bitbucket-connector 
Add Bitbucket connector
 2018-10-12 09:02:21 +02:00
Danny Sauer 74bfbcefbc
minor spelling correction 2018-10-09 15:57:37 -05:00
Ed Tan d26e23c16f Make suggested code changes 2018-10-05 10:43:49 -04:00
Ed Tan 8c75d85b60 Add Bitbucket connector 2018-09-30 15:08:07 -04:00
Stephan Renatus b9f6594bf0 *: github.com/coreos/dex -> github.com/dexidp/dex 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2018-09-05 17:57:08 +02:00
Eric Chiang 01d63b086f
Merge pull request #1176 from vyshane/master 
New id_provider scope that adds the connector ID and user ID to the ID token claims
 2018-02-03 11:47:42 -08:00
Vy-Shane Xie b03c85e56e Add new federated:id scope that causes Dex to add a federated_claims claim containing the connector_id and user_id to the ID token 2018-02-03 18:40:03 +08:00
Eric Chiang ce686390a5
Merge pull request #1144 from srenatus/sr/support-direct-post-without-get-first 
handlers/connector_login: update AuthRequest irregardless of method
 2018-02-01 11:26:57 -08:00
Frederic Branczyk 5f03479d29
*: Add go runtime, process, HTTP and gRPC metrics 2017-12-21 21:24:09 +01:00
Eric Buth da45adcb6e email scope only allows access to a user's email address 2017-12-17 12:08:19 -05:00
Stephan Renatus f013a44581 handlers/connector_login: check before update (optimization) 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2017-12-11 08:32:22 +01:00
Stephan Renatus f18d7afc6f handlers/connector_login: update AuthRequest irregardless of method 
Before, you could not POST your credentials to a password-connector's
endpoint without GETing that endpoint first. While this makes sense for
browser clients; automated interactions with Dex don't need to look at
the password form to fill it in.

A symptom of that missing GET was that the POST succeeded (!) with

    login successful: connector "", username="admin", email="admin@example.com", groups=[]

Note the connector "". A subsequent call to finalizeLogin would then
fail with

    connector with ID "" not found: failed to get connector object from storage: not found

Now, the connector ID of an auth request will be updated for both GETs
and POSTs.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2017-12-08 11:49:52 +01:00
Eric Chiang 18da628842
Merge pull request #1142 from zlabjp/status-code 
Bugfix: Set a proper status code before sending an error status page
 2017-12-04 00:04:28 -05:00
Eric Chiang c5de6fa733 *: regenerate proto 2017-12-01 11:29:33 -08:00
Kazumasa Kohtaka 9948228e5b Set a proper status code before sending an error status page 2017-12-01 14:23:45 +09:00
Pavel Borzenkov 6193bf5566 connector: implement Microsoft connector 
connector/microsoft implements authorization strategy via Microsoft's
OAuth2 endpoint + Graph API. It allows to choose what kind of tenants
are allowed to authenticate in Dex via Microsoft:
  * common - both personal and business/school accounts
  * organizations - only business/school accounts
  * consumers - only personal accounts
  * <tenant uuid> - only account of specific tenant

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
 2017-11-23 17:01:34 +03:00