k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
1,242 Commits 1 Branch 0 Tags
dad8d6d687ba3ae498f68f3c0240d35cab153d97
Commit Graph

198 Commits

Author SHA1 Message Date
Márk Sági-Kazár
2ca992e9b3 Merge pull request #1721 from candlerb/fix-token-comment 
Fix comment for implicit flow
 2020-05-31 21:54:31 +02:00
techknowlogick
0a9f56527e Add Gitea connector (#1715) 
* Add Gitea connector

* Add details to readme

* resolve lint issue
 2020-05-26 13:54:40 +02:00
Brian Candler
d2c9305e0f Fix comment for implicit flow 2020-05-21 12:00:53 +01:00
Tadeusz Magura-Witkowski
7b7e2a040d Automatic consistency fixing in case of missing refresh token in db 2020-03-25 13:43:53 +01:00
Kyle Larose
ab5ea03025 handlers: do not fail login if refresh token gone 
There is a chance that offline storage could fall out of sync with the
refresh token tables. One example is if dex crashes/is stopped in the
middle of handling a login request. If the old refresh token associated
with the offline session is deleted, and then the process stops, the
offline session will still refer to the old token.

Unfortunately, if this case occurs, there is no way to recover from it,
since further logins will be halted due to dex being unable to clean up
the old tokens till referenced in the offline session: the database is
essentially corrupted.

There doesn't seem to be a good reason to fail the auth request if the
old refresh token is gone. This changes the logic in `handleAuthCode` to
not fail the entire transaction if the old refresh token could not be
deleted because it was not present. This has the effect of installing
the new refresh token, and unpdating the offline storage, thereby fixing
the issue, however it occured.
 2020-03-18 12:56:37 -04:00
Nándor István Krácser
b7cf701032 Merge pull request #1515 from flant/atlassian-crowd-connector 
new connector for Atlassian Crowd
 2020-02-24 10:09:27 +01:00
Nándor István Krácser
1160649c31 Merge pull request #1621 from concourse/pr/passowrd-grant-synced 
Rework - add support for Resource Owner Password Credentials Grant
 2020-02-20 08:27:50 +01:00
Ivan Mikheykin
7ef1179e75 feat: connector for Atlassian Crowd 2020-02-05 12:40:49 +04:00
Joshua Winters
76825fef8f Make logger and prometheus optional in server config 
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
 2020-01-13 15:28:41 -05:00
Rui Yang
0f9a74f1d0 Remove uneccesary client verification 2020-01-10 14:52:57 -05:00
Zach Brown
13be146d2a Add support for password grant #926 2020-01-10 13:18:09 -05:00
Nándor István Krácser
6318c105ec Merge pull request #1599 from sabre1041/openshift-connector 
OpenShift connector
 2020-01-01 12:55:11 +01:00
Márk Sági-Kazár
789272a0c1 Merge pull request #1576 from flant/icons-proposal 
Pick icons on login screen by connector type instead of ID
 2019-12-23 13:05:19 +01:00
m.nabokikh
058e72ef50 Pick icons on login screen by connector type instead of ID 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2019-12-23 12:38:22 +04:00
Andrew Block
92e63771ac Added OpenShift connector 2019-12-22 02:27:09 -05:00
Mark Sagi-Kazar
050d5af937 Fix ineffassign 2019-12-18 16:07:06 +01:00
Mark Sagi-Kazar
65c77e9db2 Fix bodyclose 2019-12-18 16:04:03 +01:00
Mark Sagi-Kazar
f141f2133b Fix whitespace 2019-12-18 15:56:12 +01:00
Mark Sagi-Kazar
9bd5ae5197 Fix goimports 2019-12-18 15:53:34 +01:00
Mark Sagi-Kazar
367b187cf4 Fix missspell 2019-12-18 15:51:44 +01:00
Mark Sagi-Kazar
8c3dc0ca66 Remove unused code (fixed: unused, structcheck, deadcode linters) 2019-12-18 15:46:49 +01:00
Joel Speed
97ffa21262 Create separate Google connector 2019-11-19 17:12:36 +00:00
Joel Speed
c4e96dda32 Fix migration of old connector data 2019-11-19 15:43:23 +00:00
Joel Speed
d9095073c8 Unindent session updates on finalizeLogin 2019-11-19 15:43:22 +00:00
Joel Speed
19ad7daa7f Use old ConnectorData before session.ConnectorData 2019-11-19 15:43:19 +00:00
Joel Speed
176ba709a4 Revert "Remove connectordata from other structs" 
This reverts commit 27f33516db343bd79b56a47ecef0fe514a35082d.
 2019-11-19 15:43:14 +00:00
Joel Speed
4076eed17b Build opts based on scope 2019-11-19 15:43:11 +00:00
Joel Speed
5c88713177 Remove connectordata from other structs 2019-11-19 15:43:03 +00:00
Joel Speed
0352258093 Update handleRefreshToken logic 2019-11-19 15:43:01 +00:00
Joel Speed
575c792156 Store most recent refresh token in offline sessions 2019-11-19 15:40:56 +00:00
serhiimakogon
b793afd375 preferred_username claim added on refresh token 2019-11-19 16:27:34 +02:00
Nándor István Krácser
0b55f121b4 Fix missing email in log message 
Co-Authored-By: Felix Fontein <ff@dybuster.com>
 2019-10-30 13:13:33 +01:00
Nandor Kracser
c1b421fa04 add preffered_username to idToken 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-10-30 13:06:37 +01:00
Yannis Zarkadas
27944d4f8f templates: add new relativeURL function 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas
839130f01c handlers: change all handlers to pass down http request 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Stephan Renatus
c854e760db Merge pull request #1539 from erwinvaneyk/replace-context-import 
Replace x/net/context with stdlib context
 2019-08-31 17:52:18 +02:00
erwinvaneyk
3e2217b3f4 Replace x/net/context with context of stdlib 2019-08-30 11:52:46 +02:00
Nandor Kracser
bd61535cb6 connector/ldap: display login error 2019-08-22 15:55:05 +02:00
Stephan Renatus
e1afe771cb Merge pull request #1505 from MarcDufresne/show-login-page 
Add option to always display connector selection even if there's only one
 2019-08-07 09:23:42 +02:00
Stephan Renatus
89e43c198b Merge pull request #1504 from MarcDufresne/template-custom-data 
Allow arbitrary data to be passed to templates
 2019-08-07 09:19:14 +02:00
Marc-André Dufresne
0dbb642f2c Add option to always display connector selection even if there's only one 2019-08-06 13:18:46 -04:00
Marc-André Dufresne
d458e882aa Allow arbitrary data to be passed to templates 2019-08-06 13:14:53 -04:00
Mike O
43d1a044bd Add tests for some callback handler error conditions 2019-08-05 16:02:28 -07:00
Mike O
d03a43335e Return HTTP 400 for invalid state parameter 2019-08-01 16:22:53 -07:00
Stephan Renatus
291cd9e01c regenerate protobuf code 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-31 08:16:18 +02:00
Stephan Renatus
231e571c3c server/api: fix logging in VerifyPassword 
Before:

    msg="api: password check failed : %vcrypto/bcrypt: hashedPassword is not the hash of the given password"

After:

    msg="api: password check failed : crypto/bcrypt: hashedPassword is not the hash of the given password"

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-30 14:53:33 +02:00
Stephan Renatus
d9487e553b *: fix some lint issues 
Mostly gathered these using golangci-lint's deadcode and ineffassign
linters.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-30 11:29:08 +02:00
Stephan Renatus
8561a66365 server/{handler,oauth2}: cleanup error returns 
Now, we'll return a standard error, and have the caller act upon this
being an instance of authErr.

Also changes the storage.AuthRequest return to a pointer, and returns
nil in error cases.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-25 13:40:06 +02:00
Stephan Renatus
421c26fdf5 Merge pull request #1481 from LanceH/master 
Added "connector_id" to skip straight to a connector (similar to when len(connector) is 1.
 2019-07-23 11:31:25 +02:00
LanceH
07a77e0dac Use connector_id param to skip directly to a specific connector 2019-07-22 10:47:11 -05:00