Commit Graph

50 Commits

Author SHA1 Message Date
m.nabokikh
eae3219e4d feat: Add MySQL ent-based storage driver
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-09-13 14:25:17 +04:00
m.nabokikh
19884d92ac feat: Add ent-based postgres storage
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-14 23:19:59 +04:00
m.nabokikh
11859166d0 feat: Add ent-based sqlite3 storage
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-30 17:47:54 +04:00
Maksim Nabokikh
568fc06520 Update server/refreshhandlers.go
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-09 09:41:41 +04:00
m.nabokikh
06c8ab5aa7 Fixes of naming and code style
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-10 23:37:57 +04:00
m.nabokikh
91de99d57e feat: Add refresh token expiration and rotation settings
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-10 23:37:57 +04:00
Martin Heide
4cb5577e11 Allow to disable os.ExpandEnv for storage + connector configs by env variable DEX_EXPAND_ENV = false
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-12-30 20:11:18 +00:00
m.nabokikh
1d83e4749d Add gocritic
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 01:54:27 +04:00
justin-slowik
1ea2892b79 fix merge error in config.go
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:31:44 -04:00
Justin Slowik
9bbdc721d5 Device flow token code exchange (#2)
* Added /device/token handler with associated business logic and storage tests.

Perform user code exchange, flag the device code as complete.

Moved device handler code into its own file for cleanliness.  Cleanup

* Removed PKCE code

* Rate limiting for /device/token endpoint based on ietf standards

* Configurable Device expiry

Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
krishnadurai
776aa9dd53 Option to add staticPasswords from environment variables
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:24:25 -04:00
Nándor István Krácser
1160649c31
Merge pull request #1621 from concourse/pr/passowrd-grant-synced
Rework - add support for Resource Owner Password Credentials Grant
2020-02-20 08:27:50 +01:00
Zach Brown
13be146d2a Add support for password grant #926 2020-01-10 13:18:09 -05:00
krishnadurai
af9c2880a6 Corrects validation logic for static password check 2019-12-13 16:52:10 -08:00
krishnadurai
91cbd466a5 Option to add staticPasswords from environment variables 2019-12-13 16:33:21 -08:00
Stephan Renatus
d9f6ab4a68
Merge pull request #1512 from venezia/add_reflection
Add reflection to gRPC API (configurable)
2019-08-07 13:56:33 +02:00
Michael Venezia
b65966d744
cmd/dex: adding reflection to grpc api, enabled through configuration 2019-08-07 07:37:39 -04:00
Marc-André Dufresne
0dbb642f2c
Add option to always display connector selection even if there's only one 2019-08-06 13:18:46 -04:00
Joel Speed
e2ddefff31
Merge pull request #1439 from sks/feature/fail_on_invalid_config
Return config validation errors in one go
2019-07-30 11:00:17 +02:00
Sabith K Soopy
6769a3b18e Errors should not start with caps
- https://github.com/dexidp/dex/pull/1264#discussion_r253264017

Signed-off-by: Sabith <sabithksme@gmail.com>
2019-07-23 08:17:06 -07:00
Sabith K Soopy
6ccb96ff74 Add some test to validate the configuration 2019-07-23 08:16:16 -07:00
Pavel Borzenkov
e53bdfabb9 storage/sql: initial MySQL storage implementation
It will be shared by both Postgres and MySQL configs.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2019-07-23 14:26:21 +02:00
Mark Sagi-Kazar
be581fa7ff
Add logger interface and stop relying on Logrus directly 2019-02-22 13:38:57 +01:00
Maximilian Gaß
468c74d1d2 Make expiry of auth requests configurable 2018-12-13 11:50:34 +01:00
Stephan Renatus
b9f6594bf0 *: github.com/coreos/dex -> github.com/dexidp/dex
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
Frederic Branczyk
5f03479d29
*: Add go runtime, process, HTTP and gRPC metrics 2017-12-21 21:24:09 +01:00
Daniel Dao
ca114f7812 storage: add etcd storage
This patch adds etcd storage implementation. This should be useful in
environments where
- we dont want to depends on a separate, hard to maintain SQL cluster
- we dont want to incur the overhead of talking to kubernetes apiservers
- kubernetes is not available yet, or if kubernetes depends on dex
to perform authentication and the operator would like to remove any
circular dependency if possible.
2017-10-31 14:43:13 +00:00
Eric Stroczynski
4a88d0641a : update {S->s}irupsen/logrus 2017-07-25 13:46:44 -07:00
rithu john
8c9c2518f5 server: account for dynamically changing connector object in storage. 2017-04-25 09:19:02 -07:00
zhuguihua
4e99ec3eeb Fix two typos
Signed-off-by: zhuguihua <zhuguihua@cmss.chinamobile.com>

Change storace to storage in cmd/dex/config.go,
change userSearch to groupSearch in connector/ldap/ldap.go
2017-04-14 03:30:12 +00:00
Eric Chiang
5f377f07d4 *: promote SAML to stable
This means we no longer refer to it as "experimental" and wont make
breaking changes.
2017-04-11 10:09:48 -07:00
Ali Javadi
e623ad4d35 connector: add GitLab connector 2017-01-28 01:36:02 +03:30
Simon HEGE
415a68f977 Allow CORS on keys and token endpoints 2017-01-14 21:15:51 +01:00
Eric Chiang
0f4a1f69c5 *: wire up SAML POST binding 2017-01-09 18:30:58 -08:00
Simon HEGE
b4c47910e4 Allow CORS on discovery endpoint 2017-01-08 19:22:39 +01:00
rithu john
2e22a948cf cmd/dex: add logging config and serve logger for different modules. 2016-12-12 15:56:50 -08:00
Eric Chiang
391dc51c13 *: add theme based frontend configuration
This PR reworks the web layout so static files can be provided and
a "themes" directory to allow a certain degree of control over logos,
styles, etc.

This PR does NOT add general support for frontend customization,
only enough to allow us to start exploring theming internally.
The dex binary also must now be run from the root directory since
templates are no longer "compiled into" the binary.

The docker image has been updated with frontend assets.
2016-11-30 17:20:21 -08:00
Eric Chiang
015e7cf606 cmd/dex: only expand from env for storages and connectors
Bcrypt'd hashes have "$" characters in them. This means that #667
(accepting actually bcrypted values) combined with #627 (expanding
config with environment variables) broke the example config.

For now, allow storages and connectors to expand their configs from
the environment, but don't do this anywhere else.
2016-11-03 21:38:32 -07:00
rithu leena john
600e761266 cmd/dex: expose IDTokensValidFor and RotateKeysAfter server options in config. 2016-11-03 17:25:36 -07:00
Eric Chiang
ebe51e736d cmd/dex: accept raw bcrypt'd hash as well as base64'd version of hash 2016-11-03 15:23:56 -07:00
Eric Chiang
aa7f304bc1 *: switch to github.com/ghodss/yaml for more consistent YAML parsing
ghodss/yaml converts from YAML to JSON before attempting to unmarshal.
This allows us to:

* Get the correct behavor when decoding base64'd []byte slices.
* Use *json.RawMessage.
* Not have to support extravagant YAML features.
* Let our structs use `json:` tags
2016-11-03 14:39:32 -07:00
rithu leena john
42dfd3ecec cmd/dex: add option for gRPC client auth CA. 2016-11-02 14:51:22 -07:00
Eric Chiang
dcbe67d89c {cmd/dex,server}: expose skip approval screen option 2016-10-07 11:53:01 -07:00
Eric Chiang
2909929b17 *: add the ability to define passwords statically 2016-10-06 10:35:54 -07:00
Eric Chiang
4550b95dfd cmd/dex: add config options for gRPC 2016-10-04 00:30:30 -07:00
Eric Chiang
3e8907b818 *: add sql storage options to dex application 2016-10-03 12:48:26 -07:00
Eric Chiang
608d8ba984 *: switch dex to the ported templates 2016-09-05 17:25:39 -07:00
Eric Chiang
68746fd795 *: add a mock connector which takes a username and password for testing
Since we don't have a good strategy which takes a username and password
add a mock connector which implementes PasswordConnector so we can
develop the frontend screens.
2016-09-05 17:25:12 -07:00
Eric Chiang
c113df961a *: support the implicit flow 2016-08-24 11:21:39 -07:00
Eric Chiang
bfe560ee21 rename 2016-08-10 22:31:42 -07:00