Stephan Renatus
231e571c3c
server/api: fix logging in VerifyPassword
...
Before:
msg="api: password check failed : %vcrypto/bcrypt: hashedPassword is not the hash of the given password"
After:
msg="api: password check failed : crypto/bcrypt: hashedPassword is not the hash of the given password"
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-30 14:53:33 +02:00
Tyler Cloke
dd84e73c0e
Add VerifyPassword to API
...
It takes in an email and plain text password to verify. If it fails to find a password stored for email, it returns not_found. If it finds the password hash stored but that hash doesn't match the password passed via the API, it returns verified = false, else it returns verified = true.
Co-authored-by: Alban Seurat <alban.seurat@me.com>
2019-07-22 10:23:07 +02:00
Mark Sagi-Kazar
be581fa7ff
Add logger interface and stop relying on Logrus directly
2019-02-22 13:38:57 +01:00
Cosmin Cojocar
281ec27118
Update also to a list of empty redirect URIs and Peers
2018-11-13 09:59:45 +01:00
Cosmin Cojocar
9d1ec6c36b
Revert "Avoid overwriting exiting redirect URI and trusted peers when updating the client"
...
This reverts commit 49fa5ee6e8
.
2018-11-13 09:58:17 +01:00
Cosmin Cojocar
49fa5ee6e8
Avoid overwriting exiting redirect URI and trusted peers when updating the client
...
Also skip configure the Public field.
2018-11-12 21:48:14 +01:00
Cosmin Cojocar
9926a0dced
Extend the API with a function which updates the client configuration
2018-11-12 17:33:06 +01:00
Stephan Renatus
b9f6594bf0
*: github.com/coreos/dex -> github.com/dexidp/dex
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
Eric Chiang
f234e3707e
server: fix panic caused by deleting refresh token twice through api
2017-09-05 23:56:34 -07:00
Eric Stroczynski
2b354c8fdb
server: set sane bcrypt cost upper bound
2017-08-21 11:53:46 -07:00
Eric Stroczynski
4bcb0aaae9
server: log bcrypt cost if > 12, error on runtime > 10s
...
The bcrypt hashing algorithm runtime grows exponentially with cost,
and might cause a timeout if the cost is too high. Notifying the user
of high cost and of long running calculations will help with tuning
and debugging.
2017-07-25 17:09:43 -07:00
Eric Stroczynski
4a88d0641a
: update {S->s}irupsen/logrus
2017-07-25 13:46:44 -07:00
rithu john
aefdd6e004
server/api: return empty list of refresh tokens if user does not have any
2017-04-28 15:35:52 -07:00
rithu john
921090f05f
api: Update timestamp type for RefreshTokenRef to int64.
2017-03-17 15:46:39 -07:00
Eric Chiang
777eeafabc
*: update go-oidc and use standard library's context package
2017-03-08 10:33:19 -08:00
rithu john
3df1db1864
storage: Surface "already exists" errors.
2017-02-21 15:00:22 -08:00
rithu john
1ec19d4fbf
api: adding a gRPC call for revoking refresh tokens.
2017-02-15 07:48:20 -08:00
rithu john
d201e49248
api: adding a gRPC call for listing refresh tokens.
2017-02-13 16:12:16 -08:00
Eric Chiang
91cc94dd8f
Merge pull request #740 from ericchiang/fix-comment-typos
...
*: fix comment typos and add go report card icon
2016-12-13 13:17:50 -08:00
Eric Chiang
fe196864c0
*: fix comment typos found with github.com/client9/misspell
2016-12-13 12:23:16 -08:00
rithu john
9949a1313c
server: modify error messages to use logrus.
2016-12-13 11:52:44 -08:00
rithu john
ee9738d663
api: adding a gRPC call for listing passwords.
2016-11-17 16:56:54 -08:00
rithu john
de4e23a27b
api: add gRPC definition for version endpoint.
2016-11-14 11:37:48 -08:00
rithu leena john
ed7e943406
api: add gRPC endpoints for creating, updating and deleting passwords
2016-11-01 14:10:35 -07:00
Eric Chiang
8b079168be
server: add gRPC service implementation
2016-10-04 00:30:30 -07:00