Eric Chiang
04cd1851aa
server: add dynamic client registration
2016-02-01 16:06:46 -08:00
Eric Chiang
5e44b6bc27
*: update all to accommodate changes to go-oidc
...
Update dex to comply with the changes to fieldnames and types of
the client and provider metadata structs in coreos/go-oidc.
2016-01-12 17:16:28 -08:00
Eric Chiang
22c20e4e32
cmd: add version subcommand to dexctl
...
closes #220
2015-12-28 15:56:43 -08:00
Eric Chiang
8e5115ce73
cmd: use spf13/cobra for dexctl cli logic
2015-12-28 15:55:11 -08:00
Eric Chiang
3776c74c15
cmd: reduce backoff max when worker is waiting for connectors
...
fixes #177
2015-12-22 10:25:27 -08:00
Eric Chiang
49389c9b90
cmd, db: verify at least one secret is passed to --key-secrets
...
Passing an empty list to the overlord or worker's --key-secrets
flag currently causes an out of range panic. Always check to ensure
there's at least one element passed.
Fixes #130
Fixes #217
2015-12-16 20:28:21 -08:00
bobbyrullo
521aeae3db
Merge pull request #199 from ericchiang/validate_connector
...
api: validate local connector existence before creating user
2015-12-07 17:44:22 -08:00
Eric Chiang
f43655a8c3
user/manager: connector must exists when creating remote identity
...
Add ConnectorConfigRepo to UserManager. When trying to create a
RemoteIdentity, validate that the connector ID exists.
Fixes #198
2015-12-07 17:34:08 -08:00
Eric Chiang
d518447282
user: move user manager to it's own package
...
This commit moves the user.Manage to its own package (user/manager)
so it can import the connector package in a later commit.
For clarity, it renames "Manager" to "UserManager" using gorname.
This commit has no functional changes.
2015-12-07 15:34:14 -08:00
Brian Waldon
b14ce73fa0
*: use example.com in place of coreos.com
...
Align with RFC2606 for example email addresses, using example.com
in place of coreos.com where appropriate.
2015-12-07 14:55:29 -08:00
George Tankersley
07a4d4441e
pkg/crypto: replace old crypto with new crypto
2015-10-29 13:45:25 -07:00
Bobby Rullo
55040c55fa
server, integration, cmd: Protect Admin API
...
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
2015-10-01 13:15:45 -07:00
Bobby Rullo
d3d6a75b91
fixup - Code review changes.
2015-09-30 17:07:00 -07:00
Bobby Rullo
bf9517fdaa
server,cmd: Add flag for disabling registation
...
For situations where admins add users.
2015-09-30 16:35:58 -07:00
Bobby Rullo
510293a984
fixup
2015-09-18 17:25:06 -07:00
Bobby Rullo
3cd0d84e31
cmd/dex-worker: wait 'til connectors are available
...
Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.
2015-09-18 17:11:58 -07:00
Giulio Iotti
472e4a02a4
*: Remove unnecessary else statements
...
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
Bobby Rullo
f1820cda14
cmd,server,static/html: Configurable name, logo
...
fixes #47
2015-09-02 18:00:28 -07:00
Bobby Rullo
62aa12fa6c
cmd/dex-overlord: was using the wrong err
2015-09-01 17:07:10 -07:00
Bobby Rullo
9b64ecb2d7
cmd/dex-overlord: bind admin API on 127.0.0.1
...
Instead of 0.0.0.0; this is safer, since the admin API is very powerful.
fixes #97
2015-08-31 13:42:16 -07:00
Yifan Gu
3da456efa8
dex-worker: add TLS support.
...
Add two new flags '--cert-file' and '--key-file'.
If scheme == 'https', then we will use the two new flags to get
the cert/key pair for TLS connection.
Also add '--ca-file' to the example app to allow TLS connection to the
dex-worker using a specified ca file.
2015-08-29 01:42:21 -07:00
Bobby Rullo
d0c199b62c
cmd, server: base64 encode multiple secrets
...
Two things here:
* key secrets are now base64 encoded strings, so we get the full key
space
* we can pass >1 of them in so we can rotate them
2015-08-26 10:43:24 -07:00
Alex Polvi
c7d2393add
bug: remote whitespace so eval works
2015-08-24 08:20:04 -07:00
Bobby Rullo
8b6a2699d9
cmd/dex-overlord, db: migrations in overlord
...
Migrations happen only in the overlord, so there's no thundering herd,
and database initialziation can be more easily controlled.
2015-08-20 11:44:43 -07:00
Bobby Rullo
66fe201c24
*: move original project to dex
2015-08-18 11:26:57 -07:00