dex/server/config.go

package server

import (
	"encoding/json"
	"errors"
	"fmt"
	"html/template"
	"net/url"
	"os"
	"path/filepath"
	texttemplate "text/template"
	"time"

	"github.com/coreos/go-oidc/key"
	"github.com/coreos/go-oidc/oidc"
	"github.com/coreos/pkg/health"
	"github.com/go-gorp/gorp"

	"github.com/coreos/dex/connector"
	"github.com/coreos/dex/db"
	"github.com/coreos/dex/email"
	sessionmanager "github.com/coreos/dex/session/manager"
	"github.com/coreos/dex/user"
	useremail "github.com/coreos/dex/user/email"
	usermanager "github.com/coreos/dex/user/manager"
)

type ServerConfig struct {
	IssuerURL                string
	IssuerName               string
	IssuerLogoURL            string
	TemplateDir              string
	EmailTemplateDirs        []string
	EmailFromAddress         string
	EmailerConfigFile        string
	StateConfig              StateConfigurer
	EnableRegistration       bool
	EnableClientRegistration bool
}

type StateConfigurer interface {
	Configure(*Server) error
}

type SingleServerConfig struct {
	ClientsFile    string
	ConnectorsFile string
	UsersFile      string
}

type MultiServerConfig struct {
	KeySecrets     [][]byte
	DatabaseConfig db.Config
	UseOldFormat   bool
}

func (cfg *ServerConfig) Server() (*Server, error) {
	iu, err := url.Parse(cfg.IssuerURL)
	if err != nil {
		return nil, err
	}

	tpl, err := getTemplates(cfg.IssuerName, cfg.IssuerLogoURL, cfg.EnableRegistration, cfg.TemplateDir)
	if err != nil {
		return nil, err
	}

	km := key.NewPrivateKeyManager()
	srv := Server{
		IssuerURL:  *iu,
		KeyManager: km,
		Templates:  tpl,

		HealthChecks: []health.Checkable{km},
		Connectors:   []connector.Connector{},

		EnableRegistration:       cfg.EnableRegistration,
		EnableClientRegistration: cfg.EnableClientRegistration,
	}

	err = cfg.StateConfig.Configure(&srv)
	if err != nil {
		return nil, err
	}

	err = setTemplates(&srv, tpl)
	if err != nil {
		return nil, err
	}

	err = setEmailer(&srv, cfg.IssuerName, cfg.EmailFromAddress, cfg.EmailerConfigFile, cfg.EmailTemplateDirs)
	if err != nil {
		return nil, err
	}
	return &srv, nil
}

func (cfg *SingleServerConfig) Configure(srv *Server) error {
	k, err := key.GeneratePrivateKey()
	if err != nil {
		return err
	}

	dbMap := db.NewMemDB()

	ks := key.NewPrivateKeySet([]*key.PrivateKey{k}, time.Now().Add(24*time.Hour))
	kRepo := key.NewPrivateKeySetRepo()
	if err = kRepo.Set(ks); err != nil {
		return err
	}

	clients, err := loadClients(cfg.ClientsFile)
	if err != nil {
		return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err)
	}
	ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients)
	if err != nil {
		return fmt.Errorf("failed to create client identity repo: %v", err)
	}

	f, err := os.Open(cfg.ConnectorsFile)
	if err != nil {
		return fmt.Errorf("opening connectors file: %v", err)
	}
	defer f.Close()
	cfgs, err := connector.ReadConfigs(f)
	if err != nil {
		return fmt.Errorf("decoding connector configs: %v", err)
	}
	cfgRepo := db.NewConnectorConfigRepo(dbMap)
	if err := cfgRepo.Set(cfgs); err != nil {
		return fmt.Errorf("failed to set connectors: %v", err)
	}

	sRepo := db.NewSessionRepo(dbMap)
	skRepo := db.NewSessionKeyRepo(dbMap)
	sm := sessionmanager.NewSessionManager(sRepo, skRepo)

	users, err := loadUsers(cfg.UsersFile)
	if err != nil {
		return fmt.Errorf("unable to read users from file: %v", err)
	}
	userRepo, err := db.NewUserRepoFromUsers(dbMap, users)
	if err != nil {
		return err
	}

	pwiRepo := db.NewPasswordInfoRepo(dbMap)

	refTokRepo := db.NewRefreshTokenRepo(dbMap)

	txnFactory := db.TransactionFactory(dbMap)
	userManager := usermanager.NewUserManager(userRepo, pwiRepo, cfgRepo, txnFactory, usermanager.ManagerOptions{})
	srv.ClientIdentityRepo = ciRepo
	srv.KeySetRepo = kRepo
	srv.ConnectorConfigRepo = cfgRepo
	srv.UserRepo = userRepo
	srv.UserManager = userManager
	srv.PasswordInfoRepo = pwiRepo
	srv.SessionManager = sm
	srv.RefreshTokenRepo = refTokRepo
	return nil
}

func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err error) {
	f, err := os.Open(filepath)
	if err != nil {
		return
	}
	defer f.Close()
	err = json.NewDecoder(f).Decode(&users)
	return
}

func loadClients(filepath string) ([]oidc.ClientIdentity, error) {
	f, err := os.Open(filepath)
	if err != nil {
		return nil, err
	}
	defer f.Close()
	var c []struct {
		ID           string   `json:"id"`
		Secret       string   `json:"secret"`
		RedirectURLs []string `json:"redirectURLs"`
	}
	if err := json.NewDecoder(f).Decode(&c); err != nil {
		return nil, err
	}
	clients := make([]oidc.ClientIdentity, len(c))
	for i, client := range c {
		redirectURIs := make([]url.URL, len(client.RedirectURLs))
		for j, u := range client.RedirectURLs {
			uri, err := url.Parse(u)
			if err != nil {
				return nil, err
			}
			redirectURIs[j] = *uri
		}

		clients[i] = oidc.ClientIdentity{
			Credentials: oidc.ClientCredentials{
				ID:     client.ID,
				Secret: client.Secret,
			},
			Metadata: oidc.ClientMetadata{
				RedirectURIs: redirectURIs,
			},
		}
	}
	return clients, nil
}

func (cfg *MultiServerConfig) Configure(srv *Server) error {
	if len(cfg.KeySecrets) == 0 {
		return errors.New("missing key secret")
	}

	if cfg.DatabaseConfig.DSN == "" {
		return errors.New("missing database connection string")
	}

	dbc, err := db.NewConnection(cfg.DatabaseConfig)
	if err != nil {
		return fmt.Errorf("unable to initialize database connection: %v", err)
	}
	if _, ok := dbc.Dialect.(gorp.PostgresDialect); !ok {
		return errors.New("only postgres backend supported for multi server configurations")
	}

	kRepo, err := db.NewPrivateKeySetRepo(dbc, cfg.UseOldFormat, cfg.KeySecrets...)
	if err != nil {
		return fmt.Errorf("unable to create PrivateKeySetRepo: %v", err)
	}

	ciRepo := db.NewClientIdentityRepo(dbc)
	sRepo := db.NewSessionRepo(dbc)
	skRepo := db.NewSessionKeyRepo(dbc)
	cfgRepo := db.NewConnectorConfigRepo(dbc)
	userRepo := db.NewUserRepo(dbc)
	pwiRepo := db.NewPasswordInfoRepo(dbc)
	userManager := usermanager.NewUserManager(userRepo, pwiRepo, cfgRepo, db.TransactionFactory(dbc), usermanager.ManagerOptions{})
	refreshTokenRepo := db.NewRefreshTokenRepo(dbc)

	sm := sessionmanager.NewSessionManager(sRepo, skRepo)

	srv.ClientIdentityRepo = ciRepo
	srv.KeySetRepo = kRepo
	srv.ConnectorConfigRepo = cfgRepo
	srv.UserRepo = userRepo
	srv.UserManager = userManager
	srv.PasswordInfoRepo = pwiRepo
	srv.SessionManager = sm
	srv.RefreshTokenRepo = refreshTokenRepo
	return nil
}

func getTemplates(issuerName, issuerLogoURL string,
	enableRegister bool, dir string) (*template.Template, error) {
	tpl := template.New("").Funcs(map[string]interface{}{
		"issuerName": func() string {
			return issuerName
		},
		"issuerLogoURL": func() string {
			return issuerLogoURL
		},
		"enableRegister": func() bool {
			return enableRegister
		},
	})

	return tpl.ParseGlob(dir + "/*.html")
}

func setTemplates(srv *Server, tpls *template.Template) error {
	ltpl, err := findTemplate(LoginPageTemplateName, tpls)
	if err != nil {
		return err
	}
	srv.LoginTemplate = ltpl

	rtpl, err := findTemplate(RegisterTemplateName, tpls)
	if err != nil {
		return err
	}
	srv.RegisterTemplate = rtpl

	vtpl, err := findTemplate(VerifyEmailTemplateName, tpls)
	if err != nil {
		return err
	}
	srv.VerifyEmailTemplate = vtpl

	srtpl, err := findTemplate(SendResetPasswordEmailTemplateName, tpls)
	if err != nil {
		return err
	}
	srv.SendResetPasswordEmailTemplate = srtpl

	rpwtpl, err := findTemplate(ResetPasswordTemplateName, tpls)
	if err != nil {
		return err
	}
	srv.ResetPasswordTemplate = rpwtpl

	return nil
}

func setEmailer(srv *Server, issuerName, fromAddress, emailerConfigFile string, emailTemplateDirs []string) error {

	cfg, err := email.NewEmailerConfigFromFile(emailerConfigFile)
	if err != nil {
		return err
	}

	emailer, err := cfg.Emailer()
	if err != nil {
		return err
	}

	getFileNames := func(dir, ext string) ([]string, error) {
		fns, err := filepath.Glob(dir + "/*." + ext)
		if err != nil {
			return nil, err
		}
		return fns, nil
	}
	getTextFiles := func(dir string) ([]string, error) {
		return getFileNames(dir, "txt")
	}
	getHTMLFiles := func(dir string) ([]string, error) {
		return getFileNames(dir, "html")
	}

	textTemplates := texttemplate.New("textTemplates")
	htmlTemplates := template.New("htmlTemplates")
	for _, dir := range emailTemplateDirs {
		textFileNames, err := getTextFiles(dir)
		if err != nil {
			return err
		}
		if len(textFileNames) != 0 {
			textTemplates, err = textTemplates.ParseFiles(textFileNames...)
		}
		if err != nil {
			return err
		}

		htmlFileNames, err := getHTMLFiles(dir)
		if err != nil {
			return err
		}
		if len(htmlFileNames) != 0 {
			htmlTemplates, err = htmlTemplates.ParseFiles(htmlFileNames...)
		}
		if err != nil {
			return err
		}
	}
	tMailer := email.NewTemplatizedEmailerFromTemplates(textTemplates, htmlTemplates, emailer)
	tMailer.SetGlobalContext(map[string]interface{}{
		"issuer_name": issuerName,
	})

	ue := useremail.NewUserEmailer(srv.UserRepo,
		srv.PasswordInfoRepo,
		srv.KeyManager.Signer,
		srv.SessionManager.ValidityWindow,
		srv.IssuerURL,
		tMailer,
		fromAddress,
		srv.absURL(httpPathResetPassword),
		srv.absURL(httpPathEmailVerify),
		srv.absURL(httpPathAcceptInvitation),
	)

	srv.UserEmailer = ue
	return nil
}

func findTemplate(name string, tpls *template.Template) (*template.Template, error) {
	tpl := tpls.Lookup(name)
	if tpl == nil {
		return nil, fmt.Errorf("unable to find template: %q", name)
	}
	return tpl, nil
}
*: move original project to dex 2015-08-18 05:57:27 +05:30			`package server`

			`import (`
*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`"encoding/json"`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`"errors"`
			`"fmt"`
			`"html/template"`
			`"net/url"`
			`"os"`
			`"path/filepath"`
			`texttemplate "text/template"`
			`"time"`

			`"github.com/coreos/go-oidc/key"`
*: remove in memory client repo The DB implementation expects secrets to be base64 encoded blobs. Because of this a bunch of tests broke moving to sqlite. A lot of this commit is fixing those tests. 2016-02-10 04:36:07 +05:30			`"github.com/coreos/go-oidc/oidc"`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`"github.com/coreos/pkg/health"`
*: don't allow sqlite3 if --no-db flag not specified 2016-02-10 06:01:32 +05:30			`"github.com/go-gorp/gorp"`
*: move original project to dex 2015-08-18 05:57:27 +05:30
			`"github.com/coreos/dex/connector"`
			`"github.com/coreos/dex/db"`
			`"github.com/coreos/dex/email"`
*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3. 2016-02-10 00:40:28 +05:30			`sessionmanager "github.com/coreos/dex/session/manager"`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`"github.com/coreos/dex/user"`
			`useremail "github.com/coreos/dex/user/email"`
*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3. 2016-02-10 00:40:28 +05:30			`usermanager "github.com/coreos/dex/user/manager"`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`)`

			`type ServerConfig struct {`
server: add dynamic client registration 2016-01-22 05:37:41 +05:30			`IssuerURL string`
			`IssuerName string`
			`IssuerLogoURL string`
			`TemplateDir string`
			`EmailTemplateDirs []string`
			`EmailFromAddress string`
			`EmailerConfigFile string`
			`StateConfig StateConfigurer`
			`EnableRegistration bool`
			`EnableClientRegistration bool`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`}`

			`type StateConfigurer interface {`
			`Configure(*Server) error`
			`}`

			`type SingleServerConfig struct {`
			`ClientsFile string`
			`ConnectorsFile string`
			`UsersFile string`
			`}`

			`type MultiServerConfig struct {`
cmd, server: base64 encode multiple secrets Two things here: * key secrets are now base64 encoded strings, so we get the full key space * we can pass >1 of them in so we can rotate them 2015-08-26 05:14:38 +05:30			`KeySecrets [][]byte`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`DatabaseConfig db.Config`
pkg/crypto: replace old crypto with new crypto 2015-10-29 05:19:25 +05:30			`UseOldFormat bool`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`}`

			`func (cfg ServerConfig) Server() (Server, error) {`
			`iu, err := url.Parse(cfg.IssuerURL)`
			`if err != nil {`
			`return nil, err`
			`}`

server,cmd: Add flag for disabling registation For situations where admins add users. 2015-10-01 05:05:58 +05:30			`tpl, err := getTemplates(cfg.IssuerName, cfg.IssuerLogoURL, cfg.EnableRegistration, cfg.TemplateDir)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`if err != nil {`
			`return nil, err`
			`}`

			`km := key.NewPrivateKeyManager()`
			`srv := Server{`
			`IssuerURL: *iu,`
			`KeyManager: km,`
			`Templates: tpl,`

			`HealthChecks: []health.Checkable{km},`
			`Connectors: []connector.Connector{},`
server,cmd: Add flag for disabling registation For situations where admins add users. 2015-10-01 05:05:58 +05:30
server: add dynamic client registration 2016-01-22 05:37:41 +05:30			`EnableRegistration: cfg.EnableRegistration,`
			`EnableClientRegistration: cfg.EnableClientRegistration,`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`}`

			`err = cfg.StateConfig.Configure(&srv)`
			`if err != nil {`
			`return nil, err`
			`}`

			`err = setTemplates(&srv, tpl)`
			`if err != nil {`
			`return nil, err`
			`}`

server: pass issuer name to emailer Issuer name can be used in Emailer 2015-10-31 03:30:40 +05:30			`err = setEmailer(&srv, cfg.IssuerName, cfg.EmailFromAddress, cfg.EmailerConfigFile, cfg.EmailTemplateDirs)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`if err != nil {`
			`return nil, err`
			`}`
			`return &srv, nil`
			`}`

			`func (cfg SingleServerConfig) Configure(srv Server) error {`
			`k, err := key.GeneratePrivateKey()`
			`if err != nil {`
			`return err`
			`}`

*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`dbMap := db.NewMemDB()`

*: move original project to dex 2015-08-18 05:57:27 +05:30			`ks := key.NewPrivateKeySet([]key.PrivateKey{k}, time.Now().Add(24time.Hour))`
			`kRepo := key.NewPrivateKeySetRepo()`
			`if err = kRepo.Set(ks); err != nil {`
			`return err`
			`}`

*: fix --no-db client decoding 2016-02-10 05:48:05 +05:30			`clients, err := loadClients(cfg.ClientsFile)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`if err != nil {`
			`return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err)`
			`}`
*: remove in memory client repo The DB implementation expects secrets to be base64 encoded blobs. Because of this a bunch of tests broke moving to sqlite. A lot of this commit is fixing those tests. 2016-02-10 04:36:07 +05:30			`ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients)`
			`if err != nil {`
			`return fmt.Errorf("failed to create client identity repo: %v", err)`
			`}`
*: move original project to dex 2015-08-18 05:57:27 +05:30
*: allow dexctl set-connector-configs to read from stdin Closes #276 2016-01-19 22:29:34 +05:30			`f, err := os.Open(cfg.ConnectorsFile)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`if err != nil {`
*: allow dexctl set-connector-configs to read from stdin Closes #276 2016-01-19 22:29:34 +05:30			`return fmt.Errorf("opening connectors file: %v", err)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`}`
*: allow dexctl set-connector-configs to read from stdin Closes #276 2016-01-19 22:29:34 +05:30			`defer f.Close()`
			`cfgs, err := connector.ReadConfigs(f)`
			`if err != nil {`
			`return fmt.Errorf("decoding connector configs: %v", err)`
			`}`
*: remove in memory connector config repo 2016-02-10 05:14:38 +05:30			`cfgRepo := db.NewConnectorConfigRepo(dbMap)`
			`if err := cfgRepo.Set(cfgs); err != nil {`
			`return fmt.Errorf("failed to set connectors: %v", err)`
			`}`
*: move original project to dex 2015-08-18 05:57:27 +05:30
*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`sRepo := db.NewSessionRepo(dbMap)`
			`skRepo := db.NewSessionKeyRepo(dbMap)`
*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3. 2016-02-10 00:40:28 +05:30			`sm := sessionmanager.NewSessionManager(sRepo, skRepo)`
*: move original project to dex 2015-08-18 05:57:27 +05:30
*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`users, err := loadUsers(cfg.UsersFile)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`if err != nil {`
			`return fmt.Errorf("unable to read users from file: %v", err)`
			`}`
*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`userRepo, err := db.NewUserRepoFromUsers(dbMap, users)`
			`if err != nil {`
			`return err`
			`}`
*: move original project to dex 2015-08-18 05:57:27 +05:30
*: remove in memory password info repo 2016-02-10 02:27:42 +05:30			`pwiRepo := db.NewPasswordInfoRepo(dbMap)`
*: move original project to dex 2015-08-18 05:57:27 +05:30
*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`refTokRepo := db.NewRefreshTokenRepo(dbMap)`
*: move original project to dex 2015-08-18 05:57:27 +05:30
*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`txnFactory := db.TransactionFactory(dbMap)`
*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3. 2016-02-10 00:40:28 +05:30			`userManager := usermanager.NewUserManager(userRepo, pwiRepo, cfgRepo, txnFactory, usermanager.ManagerOptions{})`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`srv.ClientIdentityRepo = ciRepo`
			`srv.KeySetRepo = kRepo`
			`srv.ConnectorConfigRepo = cfgRepo`
			`srv.UserRepo = userRepo`
			`srv.UserManager = userManager`
			`srv.PasswordInfoRepo = pwiRepo`
			`srv.SessionManager = sm`
			`srv.RefreshTokenRepo = refTokRepo`
			`return nil`
			`}`

*: remove in memory user repo 2016-02-10 01:52:40 +05:30			`func loadUsers(filepath string) (users []user.UserWithRemoteIdentities, err error) {`
			`f, err := os.Open(filepath)`
			`if err != nil {`
			`return`
			`}`
			`defer f.Close()`
			`err = json.NewDecoder(f).Decode(&users)`
			`return`
			`}`

*: fix --no-db client decoding 2016-02-10 05:48:05 +05:30			`func loadClients(filepath string) ([]oidc.ClientIdentity, error) {`
			`f, err := os.Open(filepath)`
			`if err != nil {`
			`return nil, err`
			`}`
			`defer f.Close()`
			`var c []struct {`
			ID string `json:"id"`
			Secret string `json:"secret"`
			RedirectURLs []string `json:"redirectURLs"`
			`}`
			`if err := json.NewDecoder(f).Decode(&c); err != nil {`
			`return nil, err`
			`}`
			`clients := make([]oidc.ClientIdentity, len(c))`
			`for i, client := range c {`
			`redirectURIs := make([]url.URL, len(client.RedirectURLs))`
			`for j, u := range client.RedirectURLs {`
			`uri, err := url.Parse(u)`
			`if err != nil {`
			`return nil, err`
			`}`
			`redirectURIs[j] = *uri`
			`}`

			`clients[i] = oidc.ClientIdentity{`
			`Credentials: oidc.ClientCredentials{`
			`ID: client.ID,`
			`Secret: client.Secret,`
			`},`
			`Metadata: oidc.ClientMetadata{`
			`RedirectURIs: redirectURIs,`
			`},`
			`}`
			`}`
			`return clients, nil`
			`}`

*: move original project to dex 2015-08-18 05:57:27 +05:30			`func (cfg MultiServerConfig) Configure(srv Server) error {`
cmd, server: base64 encode multiple secrets Two things here: * key secrets are now base64 encoded strings, so we get the full key space * we can pass >1 of them in so we can rotate them 2015-08-26 05:14:38 +05:30			`if len(cfg.KeySecrets) == 0 {`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`return errors.New("missing key secret")`
			`}`

			`if cfg.DatabaseConfig.DSN == "" {`
			`return errors.New("missing database connection string")`
			`}`

			`dbc, err := db.NewConnection(cfg.DatabaseConfig)`
			`if err != nil {`
			`return fmt.Errorf("unable to initialize database connection: %v", err)`
			`}`
*: don't allow sqlite3 if --no-db flag not specified 2016-02-10 06:01:32 +05:30			`if _, ok := dbc.Dialect.(gorp.PostgresDialect); !ok {`
			`return errors.New("only postgres backend supported for multi server configurations")`
			`}`
*: move original project to dex 2015-08-18 05:57:27 +05:30
pkg/crypto: replace old crypto with new crypto 2015-10-29 05:19:25 +05:30			`kRepo, err := db.NewPrivateKeySetRepo(dbc, cfg.UseOldFormat, cfg.KeySecrets...)`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`if err != nil {`
			`return fmt.Errorf("unable to create PrivateKeySetRepo: %v", err)`
			`}`

			`ciRepo := db.NewClientIdentityRepo(dbc)`
			`sRepo := db.NewSessionRepo(dbc)`
			`skRepo := db.NewSessionKeyRepo(dbc)`
			`cfgRepo := db.NewConnectorConfigRepo(dbc)`
			`userRepo := db.NewUserRepo(dbc)`
			`pwiRepo := db.NewPasswordInfoRepo(dbc)`
*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3. 2016-02-10 00:40:28 +05:30			`userManager := usermanager.NewUserManager(userRepo, pwiRepo, cfgRepo, db.TransactionFactory(dbc), usermanager.ManagerOptions{})`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`refreshTokenRepo := db.NewRefreshTokenRepo(dbc)`

*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3. 2016-02-10 00:40:28 +05:30			`sm := sessionmanager.NewSessionManager(sRepo, skRepo)`
*: move original project to dex 2015-08-18 05:57:27 +05:30
			`srv.ClientIdentityRepo = ciRepo`
			`srv.KeySetRepo = kRepo`
			`srv.ConnectorConfigRepo = cfgRepo`
			`srv.UserRepo = userRepo`
			`srv.UserManager = userManager`
			`srv.PasswordInfoRepo = pwiRepo`
			`srv.SessionManager = sm`
			`srv.RefreshTokenRepo = refreshTokenRepo`
			`return nil`
			`}`

fixup - Code review changes. 2015-10-01 05:37:00 +05:30			`func getTemplates(issuerName, issuerLogoURL string,`
			`enableRegister bool, dir string) (*template.Template, error) {`
cmd,server,static/html: Configurable name, logo fixes #47 2015-09-01 04:32:47 +05:30			`tpl := template.New("").Funcs(map[string]interface{}{`
			`"issuerName": func() string {`
			`return issuerName`
			`},`
			`"issuerLogoURL": func() string {`
			`return issuerLogoURL`
			`},`
server,cmd: Add flag for disabling registation For situations where admins add users. 2015-10-01 05:05:58 +05:30			`"enableRegister": func() bool {`
			`return enableRegister`
			`},`
cmd,server,static/html: Configurable name, logo fixes #47 2015-09-01 04:32:47 +05:30			`})`

			`return tpl.ParseGlob(dir + "/*.html")`
*: move original project to dex 2015-08-18 05:57:27 +05:30			`}`

			`func setTemplates(srv Server, tpls template.Template) error {`
			`ltpl, err := findTemplate(LoginPageTemplateName, tpls)`
			`if err != nil {`
			`return err`
			`}`
			`srv.LoginTemplate = ltpl`

			`rtpl, err := findTemplate(RegisterTemplateName, tpls)`
			`if err != nil {`
			`return err`
			`}`
			`srv.RegisterTemplate = rtpl`

			`vtpl, err := findTemplate(VerifyEmailTemplateName, tpls)`
			`if err != nil {`
			`return err`
			`}`
			`srv.VerifyEmailTemplate = vtpl`

			`srtpl, err := findTemplate(SendResetPasswordEmailTemplateName, tpls)`
			`if err != nil {`
			`return err`
			`}`
			`srv.SendResetPasswordEmailTemplate = srtpl`

			`rpwtpl, err := findTemplate(ResetPasswordTemplateName, tpls)`
			`if err != nil {`
			`return err`
			`}`
			`srv.ResetPasswordTemplate = rpwtpl`

			`return nil`
			`}`

server: pass issuer name to emailer Issuer name can be used in Emailer 2015-10-31 03:30:40 +05:30			`func setEmailer(srv *Server, issuerName, fromAddress, emailerConfigFile string, emailTemplateDirs []string) error {`
*: move original project to dex 2015-08-18 05:57:27 +05:30
			`cfg, err := email.NewEmailerConfigFromFile(emailerConfigFile)`
			`if err != nil {`
			`return err`
			`}`

			`emailer, err := cfg.Emailer()`
			`if err != nil {`
			`return err`
			`}`

			`getFileNames := func(dir, ext string) ([]string, error) {`
			`fns, err := filepath.Glob(dir + "/*." + ext)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return fns, nil`
			`}`
			`getTextFiles := func(dir string) ([]string, error) {`
			`return getFileNames(dir, "txt")`
			`}`
			`getHTMLFiles := func(dir string) ([]string, error) {`
			`return getFileNames(dir, "html")`
			`}`

			`textTemplates := texttemplate.New("textTemplates")`
			`htmlTemplates := template.New("htmlTemplates")`
			`for _, dir := range emailTemplateDirs {`
			`textFileNames, err := getTextFiles(dir)`
			`if err != nil {`
			`return err`
			`}`
			`if len(textFileNames) != 0 {`
			`textTemplates, err = textTemplates.ParseFiles(textFileNames...)`
			`}`
			`if err != nil {`
			`return err`
			`}`

			`htmlFileNames, err := getHTMLFiles(dir)`
			`if err != nil {`
			`return err`
			`}`
			`if len(htmlFileNames) != 0 {`
			`htmlTemplates, err = htmlTemplates.ParseFiles(htmlFileNames...)`
			`}`
			`if err != nil {`
			`return err`
			`}`
			`}`
			`tMailer := email.NewTemplatizedEmailerFromTemplates(textTemplates, htmlTemplates, emailer)`
server: pass issuer name to emailer Issuer name can be used in Emailer 2015-10-31 03:30:40 +05:30			`tMailer.SetGlobalContext(map[string]interface{}{`
			`"issuer_name": issuerName,`
			`})`
*: move original project to dex 2015-08-18 05:57:27 +05:30
			`ue := useremail.NewUserEmailer(srv.UserRepo,`
			`srv.PasswordInfoRepo,`
			`srv.KeyManager.Signer,`
			`srv.SessionManager.ValidityWindow,`
			`srv.IssuerURL,`
			`tMailer,`
			`fromAddress,`
			`srv.absURL(httpPathResetPassword),`
server: endpoint and system for sending invitations to dex An invitation allows users to both verify their email address and set a new password. 2015-11-10 04:05:11 +05:30			`srv.absURL(httpPathEmailVerify),`
			`srv.absURL(httpPathAcceptInvitation),`
			`)`
*: move original project to dex 2015-08-18 05:57:27 +05:30
			`srv.UserEmailer = ue`
			`return nil`
			`}`

			`func findTemplate(name string, tpls template.Template) (template.Template, error) {`
			`tpl := tpls.Lookup(name)`
			`if tpl == nil {`
			`return nil, fmt.Errorf("unable to find template: %q", name)`
			`}`
			`return tpl, nil`
			`}`