Commit graph

1685 commits

Author SHA1 Message Date
Eric Chiang
91c88c8b12 Merge pull request #688 from SEJeff/patch-1
Fix a tyop in the storage documentation
2016-11-15 13:38:15 -08:00
Jeff Schroeder
da6cd9687d Documentation: fix a typo in the storage documentation 2016-11-15 15:14:11 -06:00
Chris Jones
384ac87deb connector/ldap: Always set tls.Config.ServerName, to support LDAP servers with public CA certs. 2016-11-15 14:06:39 -07:00
Eric Chiang
2ec3349f5d Merge pull request #686 from cjyar/master
Require the connector to have an ID.
2016-11-15 11:10:22 -08:00
Chris Jones
a2b78c28fc cmd/dex: validate that connectors have an ID. 2016-11-15 11:39:45 -07:00
Eric Chiang
ff119d1556 Dockerfile: add OpenSSL to Docker container
Add OpenSSL to the dex Docker container so wget can be used to query
HTTPS endpoint. This is a requirement for health checking when dex is
doing its own TLS termination.

This increased the image size from 20.37 MB to 20.92 MB (+550 KB).

Additionally add Ed and Rithu as maintainers.
2016-11-14 17:25:19 -08:00
Eric Chiang
e1f6679107 Merge pull request #683 from rithujohn191/add-version-endpoint
api: add gRPC definition for version endpoint.
2016-11-14 12:33:09 -08:00
rithu john
de4e23a27b api: add gRPC definition for version endpoint. 2016-11-14 11:37:48 -08:00
Eric Chiang
36ade89e54 Merge pull request #680 from jvanderhoof/patch-1
Small spelling fix.
2016-11-11 13:42:46 -08:00
Jason Vanderhoof
80770df520 Small spelling fix. 2016-11-11 14:24:17 -07:00
Eric Chiang
48449e718c Merge pull request #676 from srenatus/patch-1
README: fix links
2016-11-09 00:06:15 -08:00
Stephan Renatus
18d53e7a28 README: fix links 2016-11-09 09:03:14 +01:00
Eric Chiang
16d5e02cbb Merge pull request #675 from ericchiang/readme-tweeks
README: add link on v2 and section on getting help
2016-11-08 15:30:00 -08:00
Eric Chiang
447253c8de README: add link on v2 and section on getting help 2016-11-08 15:29:13 -08:00
Eric Chiang
674bec0468 Merge pull request #674 from ericchiang/readme-docs-v2
*: readme updates for v2
2016-11-08 15:20:51 -08:00
Eric Chiang
a52e324f68 *: readme updates for v2 2016-11-08 14:36:29 -08:00
Eric Chiang
2417fc9154 Documentation/logos: add logos 2016-11-08 11:51:47 -08:00
Eric Chiang
96fb0733fe Merge pull request #669 from ericchiang/config-env
cmd/dex: only expand from env for storages and connectors
2016-11-05 17:56:11 -07:00
Eric Chiang
5302fefdfb Merge pull request #671 from ericchiang/fix-server-time-bug
server: use seconds instead of nano seconds for expires_in and expiry
2016-11-05 07:56:06 -07:00
Eric Chiang
7f24ebb051 Merge pull request #664 from ericchiang/dev-docs-v2
Documentation: add doc describing v2 changes
2016-11-05 07:55:16 -07:00
Eric Chiang
12a5c0ada3 server: use seconds instead of nano seconds for expires_in and expiry 2016-11-04 17:00:10 -07:00
Eric Chiang
c9889683b4 Documentation: add doc describing v2 changes 2016-11-04 16:56:21 -07:00
Eric Chiang
d86a774a29 Merge pull request #670 from ericchiang/example-app-debug
cmd/example-app: add a --debug flag
2016-11-04 14:29:39 -07:00
Eric Chiang
015e7cf606 cmd/dex: only expand from env for storages and connectors
Bcrypt'd hashes have "$" characters in them. This means that #667
(accepting actually bcrypted values) combined with #627 (expanding
config with environment variables) broke the example config.

For now, allow storages and connectors to expand their configs from
the environment, but don't do this anywhere else.
2016-11-03 21:38:32 -07:00
Eric Chiang
35d6423ac2 cmd/example-app: add a --debug flag 2016-11-03 21:36:15 -07:00
Eric Chiang
ce703a7fe1 Merge pull request #665 from rithujohn191/expose-serv-opts
cmd/dex: expose IDTokensValidFor and RotateKeysAfter server options in config
2016-11-03 18:25:44 -07:00
rithu leena john
600e761266 cmd/dex: expose IDTokensValidFor and RotateKeysAfter server options in config. 2016-11-03 17:25:36 -07:00
Eric Chiang
d11224f2bb Merge pull request #668 from ericchiang/dev-ldap-conn
connector: accept base64 encoded CA and add convience open method
2016-11-03 16:39:22 -07:00
Eric Chiang
0f31566b27 connector: accept base64 encoded CA and add convience open method 2016-11-03 16:28:23 -07:00
Eric Chiang
53852d4e42 Merge pull request #667 from ericchiang/dev-switch-yaml-package
*: switch to github.com/ghodss/yaml for more consistent YAML parsing
2016-11-03 15:29:18 -07:00
Eric Chiang
59240f93b1 vendor: revendor 2016-11-03 15:24:47 -07:00
Eric Chiang
df50308713 glide.yaml: add new yaml package 2016-11-03 15:24:35 -07:00
Eric Chiang
ebe51e736d cmd/dex: accept raw bcrypt'd hash as well as base64'd version of hash 2016-11-03 15:23:56 -07:00
Eric Chiang
aa7f304bc1 *: switch to github.com/ghodss/yaml for more consistent YAML parsing
ghodss/yaml converts from YAML to JSON before attempting to unmarshal.
This allows us to:

* Get the correct behavor when decoding base64'd []byte slices.
* Use *json.RawMessage.
* Not have to support extravagant YAML features.
* Let our structs use `json:` tags
2016-11-03 14:39:32 -07:00
Eric Chiang
a78adb0272 Merge pull request #666 from rithujohn191/update-go-version
*: travis tests and build scripts should use Go 1.7.3.
2016-11-03 12:37:54 -07:00
rithu leena john
75abce2b19 *: travis tests and build scripts should use Go 1.7.3. 2016-11-03 12:28:53 -07:00
Eric Chiang
74eaec60cb Merge pull request #661 from rithujohn191/gRPC-client-auth
cmd/dex: add option for gRPC client auth CA.
2016-11-02 15:05:15 -07:00
rithu leena john
42dfd3ecec cmd/dex: add option for gRPC client auth CA. 2016-11-02 14:51:22 -07:00
Eric Chiang
799b3f3ef5 Merge pull request #658 from ericchiang/dev-dont-error-on-invalid-username
*: don't error out if a username doesn't exist in the backing connector
2016-11-01 16:06:40 -07:00
Eric Chiang
90e613b328 Merge pull request #649 from rithujohn191/gRPC-endpoints
api: add gRPC endpoints for creating, updating and deleting passwords
2016-11-01 14:20:31 -07:00
Eric Chiang
57a59d4631 *: don't error out if a username doesn't exist in the backing connector
Instead of throwing a 500 error if a user enters an invalid name,
display the same text box as if the user had entered the wrong
password.

NOTE: An invalid username now returns much quicker than an invalid
password. Consider adding an arbitrary sleep in the future if we
care about masking which was invalid.
2016-11-01 14:10:55 -07:00
rithu leena john
ed7e943406 api: add gRPC endpoints for creating, updating and deleting passwords 2016-11-01 14:10:35 -07:00
Eric Chiang
2a9051c864 Merge pull request #654 from ericchiang/dev-sql-optimistic-concurrency
storage/sql: use isolation level "serializable" for transactions
2016-11-01 10:16:23 -07:00
Eric Chiang
8debe68314 Documentation: remove caveat about running multiple instances 2016-10-31 23:18:40 -07:00
Eric Chiang
786e12b15e storage/conformance: expand transaction test suite 2016-10-31 23:01:31 -07:00
Eric Chiang
52e2a1668c storage/sql: use isolation level "serializable" for transactions 2016-10-31 23:00:55 -07:00
Eric Chiang
1c51c50b23 Merge pull request #652 from ericchiang/dev-docs-api
Documentation: add document on the dex API
2016-10-31 18:16:08 -07:00
Eric Chiang
fe1d27586e Documentation: add document on the dex API 2016-10-31 15:25:52 -07:00
Eric Chiang
651b406cfd Merge pull request #651 from ericchiang/dev-remove-openldap-container
contrib/openldap: remove OpenLDAP container
2016-10-31 15:19:05 -07:00
Eric Chiang
f672e75a3a contrib/openldap: remove OpenLDAP container
Based on #640 we're going to osixia/openldap instead of rolling our
own container. Removing this work for now. If we want it back we can
revert easily enough.
2016-10-28 16:08:26 -07:00