Damian Pacierpnik
e3c9b49299
Cross clients improvement - requesting client ID always added to the audience claim
2017-09-28 18:30:15 +02:00
Eric Chiang
38d0de20e3
Merge pull request #1056 from ericchiang/fix-api-panic
...
server: fix panic caused by deleting refresh token twice through api
2017-09-06 09:56:06 -07:00
Eric Chiang
f234e3707e
server: fix panic caused by deleting refresh token twice through api
2017-09-05 23:56:34 -07:00
rithu leena john
e10fddee2e
Merge pull request #1031 from estroz/docs-update
...
Documentation: fix redirect caveat description
2017-08-25 14:58:40 -07:00
Eric Stroczynski
7079bb5316
Documentation: add org info req, remove redirect caveat
...
The redirect caveat is being removed to avoid user confusion and is
not important outside of testing.
2017-08-25 14:51:10 -07:00
Eric Stroczynski
9517d17ed2
Merge pull request #1050 from estroz/oidc-certification-docs
...
Documentation: OIDC conformance test setup
2017-08-25 14:40:53 -07:00
Eric Stroczynski
9c6b6d565e
Documentation: oidc conformance test case and issue tables
2017-08-25 13:43:21 -07:00
Eric Stroczynski
a065533256
Documentation: OIDC conformance test setup
2017-08-25 01:05:53 -07:00
rithu leena john
3445895647
Merge pull request #1046 from rithujohn191/static-password-fix
...
storage/static.go: storage backend should not explicitly lower-case email ids.
2017-08-24 17:42:29 -07:00
rithu john
fd4f57b5f3
storage/static.go: storage backend should not explicitly lower-case email ids.
2017-08-24 15:50:32 -07:00
rithu leena john
e40c01ec39
Merge pull request #1022 from ericchiang/ldap-example
...
*: add "getting started" example for LDAP
2017-08-22 10:46:55 -07:00
Eric Chiang
50f2905cac
*: add standup script for LDAP
2017-08-22 10:37:29 -07:00
Eric Stroczynski
9b46267659
Merge pull request #1040 from estroz/change-bcrypt-default
...
server: set sane bcrypt cost upper bound
2017-08-21 14:37:04 -07:00
Eric Stroczynski
763e174a7f
Merge pull request #1039 from estroz/move-group-scope-check
...
connector/github: fix groups scope check when 'orgs' is populated
2017-08-21 14:36:44 -07:00
Eric Stroczynski
ce9ac761a6
connector/github: abstract scope check and group getter
2017-08-21 14:30:00 -07:00
Eric Stroczynski
2b354c8fdb
server: set sane bcrypt cost upper bound
2017-08-21 11:53:46 -07:00
rithu leena john
e59d67f466
Merge pull request #1038 from xogroup/github-enterprise
...
When connecting to GitHub Enterprise, force email verified field to true
2017-08-18 13:58:50 -07:00
Chien Huey
99370b5880
Updated comment to include reference to GitHub Enterprise not supporting verified emails
2017-08-18 11:46:05 -04:00
Eric Stroczynski
e92f38f38f
connector/github: error if no groups scope without orgs
...
We should always check if a user is in any orgs or teams specified
in config, and whether the groups scope is also included in client
requests. If not, return an error, because dex wouldn't have required
permissions to do the request anyway (need read:org).
2017-08-17 17:15:45 -07:00
Chien Huey
98f6a217d3
When connecting to GitHub Enterprise, force email verified field to true
2017-08-17 17:26:10 -04:00
Eric Stroczynski
20fd3163d9
Merge pull request #1036 from estroz/debug-to-info-github
...
connector/github: debug->info logging, informative userInOrg msg
2017-08-17 12:11:10 -07:00
Eric Stroczynski
5894d017d5
connector/github: debug->info logging, more informative userInOrg msg
2017-08-17 11:56:35 -07:00
Eric Stroczynski
b84721cbda
Merge pull request #1035 from estroz/user-login-github-patch
...
connector/github: fix username used when making API requests
2017-08-17 11:39:39 -07:00
Eric Stroczynski
484327fd5f
connector/github: only user users' login name in API reqs
2017-08-17 10:32:18 -07:00
Eric Stroczynski
7e580ec2b2
Merge pull request #1029 from estroz/doc-link-fix
...
Documentation: fixed GitHub link syntax
2017-08-16 14:14:22 -07:00
Eric Stroczynski
bb36c96674
Documentation: fixed GitHub link syntax
2017-08-16 14:10:23 -07:00
Eric Stroczynski
48bb61cfe0
Merge pull request #1028 from estroz/gitlab-scopes
...
connector/gitlab: correct scope strings, better default
2017-08-15 14:57:05 -07:00
Eric Stroczynski
ca75470ae3
connector/gitlab: correct scope strings, better default
2017-08-15 14:49:00 -07:00
rithu leena john
e361bc6c38
Merge pull request #1019 from estroz/doc-updates
...
Documentation: github org redirect caveat
2017-08-11 16:44:01 -07:00
Eric Stroczynski
71de7e8414
Documentation: github org redirect caveat
2017-08-11 16:42:33 -07:00
Eric Chiang
5582232a03
Merge pull request #1021 from ericchiang/debug-logs
...
*: add log events for login, LDAP queries, and SAML responses
2017-08-11 13:33:45 -07:00
Eric Chiang
aad328bb35
*: add log events for login, LDAP queries, and SAML responses
2017-08-11 12:00:06 -07:00
Eric Stroczynski
c45185f601
Merge pull request #1018 from estroz/github-private-emails
...
connector/github: enable private, primary emails
2017-08-09 09:36:18 -07:00
Eric Stroczynski
26527011ab
connector/github: enable private, primary emails; refactor API calls
...
Documentation: removed private emails caveats section
2017-08-08 18:04:34 -07:00
rithu leena john
b66b61fe8a
Merge pull request #1003 from estroz/log-bcrypt-cost
...
Log large bcrypt costs, error if password-hash comparison takes > 10s
2017-08-08 17:20:25 -07:00
Eric Stroczynski
45bf061236
Merge pull request #1013 from estroz/multi-org-team-filters
...
connector/github: multiple orgs, query by teams
2017-08-08 11:37:21 -07:00
Eric Stroczynski
9d154802a2
connector/github: multiple orgs, query by teams
...
Documentation: examples of GitHub `orgs` field with multiple orgs
and org with teams; note legacy behavior
2017-08-08 10:57:42 -07:00
Eric Stroczynski
f493896030
Merge pull request #1016 from realfake/patch-2
...
Fix documentation link
2017-08-07 13:50:47 -07:00
Luk Burchard
4365d97162
Update api.md
2017-08-07 18:10:56 +02:00
rithu leena john
05e8d50eca
Merge pull request #1000 from rithujohn191/fix-hosted-domain
...
connector/oidc: fix hosted domain support.
2017-07-31 13:29:26 -07:00
Eric Stroczynski
4bcb0aaae9
server: log bcrypt cost if > 12, error on runtime > 10s
...
The bcrypt hashing algorithm runtime grows exponentially with cost,
and might cause a timeout if the cost is too high. Notifying the user
of high cost and of long running calculations will help with tuning
and debugging.
2017-07-25 17:09:43 -07:00
Eric Stroczynski
a0010d0f22
Merge pull request #1005 from estroz/update-deps
...
Update deps
2017-07-25 15:48:08 -07:00
Eric Stroczynski
d9778fda4a
vendor: revendor
2017-07-25 13:49:34 -07:00
Eric Stroczynski
4a88d0641a
: update {S->s}irupsen/logrus
2017-07-25 13:46:44 -07:00
rithu john
5e0bf8b65f
connector/oidc: fix hosted domain support.
2017-07-25 13:46:12 -07:00
rithu leena john
0e0b4c53ef
Merge pull request #998 from rithujohn191/fix-key-rotation
...
server/rotation.go: Fix key rotation with multiple dex instances.
2017-07-19 11:07:48 -07:00
rithu john
753526a506
server/rotation.go: Fix key rotation with multiple dex instances.
2017-07-19 10:37:37 -07:00
Lucas Servén
2f0ac68d8f
Merge pull request #995 from squat/bump_travis_golang
...
.travis.yml: bump golang version to 1.8.3
2017-07-17 13:40:42 -07:00
Lucas Serven
53835cabf9
.travis.yml: bump golang version to 1.8.3
2017-07-17 13:28:00 -07:00
rithu leena john
714fea7f48
Merge pull request #994 from squat/bump_go_183
...
scripts: bump builder to Go 1.8.3
2017-07-17 13:01:04 -07:00