Commit graph

545 commits

Author SHA1 Message Date
Lucas Serven
0cc0c73676 backend: add absolute path to template links
fixes: #502

Add a new template function called `absPath` that converts relative
paths to absolute paths based on the issuerURL. The template function
can be used in templates like:
````html
<a href="{{ .MyRelativePath | absPath }}">
````
2016-07-22 15:41:16 -07:00
Eric Chiang
1759b9602f Merge pull request #517 from squat/change-flag-defaults-for-dev-mode
cmd: update flag defaults for dev mode
2016-07-21 13:12:41 -07:00
Lucas Serven
a9dce1c11e cmd: update flag defaults for dev mode
Updates flags in dex-worker for no-db mode to work with default static
files.
2016-07-21 11:43:16 -07:00
Eric Chiang
33010e22c4 Merge pull request #487 from ericchiang/unify-email-config
*: depricate --email-from flag and move to email config files
2016-07-19 15:12:35 -07:00
Eric Chiang
edb010caa3 Merge pull request #510 from ericchiang/add-groups-scope-and-ldap-implementation
Add groups scope and LDAP implementation
2016-07-19 11:46:11 -07:00
Eric Chiang
607d9920d8 Documentation: document "groups" scope and LDAP implementation 2016-07-19 11:23:05 -07:00
Eric Chiang
a741bb5711 examples/app: add facilities for requesting groups 2016-07-19 11:23:04 -07:00
Eric Chiang
b02a3a3163 *: add "groups" scope 2016-07-19 11:23:04 -07:00
Eric Chiang
731dadb29d connector: add a group interface and an LDAP implementation 2016-07-19 11:23:04 -07:00
Eric Chiang
af6aade6d0 Merge pull request #508 from ericchiang/remove-erroneous-logging-statement
connector: remove erroneous logging statement
2016-07-12 10:41:17 -07:00
Eric Chiang
0e6adc24d8 connector: remove erroneous logging statement 2016-07-11 10:20:41 -07:00
Eric Chiang
7378414e11 smtp: make "auth" and "port" config fields optional
Use "plain" auth if and only if username and password are provided.

Parse port from "host" field if it's provided.
2016-07-11 10:08:28 -07:00
Eric Chiang
f816cfb187 Merge pull request #499 from samueldg/fix_docs_typos
docs: fix various typos & Markdown lint issues
2016-06-30 15:48:26 -07:00
Eric Chiang
84f36b1697 Merge pull request #501 from ericchiang/clean-up-release-documentation
Documentation: clean up release documentation
2016-06-30 15:45:03 -07:00
Samuel Dion-Girardeau
e22829c922 docs: fix various typos & Markdown lint issues 2016-06-30 18:39:16 -04:00
Eric Chiang
b263976c08 Documentation: clean up release documentation 2016-06-30 15:34:06 -07:00
Eric Chiang
7bc69644ec Merge pull request #497 from alon-argus/patch-1
Documentation: minor fix
2016-06-29 08:44:59 -07:00
alon-argus
351ea2b60d Documentation: minor fix 2016-06-29 18:20:10 +03:00
Eric Chiang
123ececd10 Merge pull request #496 from ericchiang/return-409-for-duplicate-client-ids
return 409 for duplicate client ids
2016-06-28 16:29:25 -07:00
Eric Chiang
f899cbaea8 return 409 for duplicate client ids 2016-06-28 16:09:20 -07:00
Eric Chiang
b5d2b7eba5 Merge pull request #483 from ericchiang/ldap-groups
Clean up LDAP Connector
2016-06-28 16:06:14 -07:00
Eric Chiang
5a78e89807 clean up LDAP connector
* Remove some unlikely to be used fields to help configurability.
  * Combined "serverHost" and "serverPort" into "host"
  * Remove "timeout" (just default to 30 seconds).
  * Remove "maxIdleConn" will add it back if users feel the need
    to control the number of cached connections.
  * Remove "trustedEmailProvider" (just always trust).
  * Remove "skipCertVerification" you can't make this connector
    ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
  always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
2016-06-28 15:01:39 -07:00
Eric Chiang
c0eb36c14b Merge pull request #494 from ericchiang/return-409-if-resource-is-already-created
return 409 status code on duplicate email errors
2016-06-28 14:14:05 -07:00
Eric Chiang
47ce264f08 return 409 status code on duplicate email errors 2016-06-28 13:52:28 -07:00
Eric Chiang
a95a2bfa1f Merge pull request #493 from ericchiang/fix-build-docker
Fix docker-build script
2016-06-28 13:51:37 -07:00
Eric Chiang
2428e6f31a fix build-docker script 2016-06-28 13:35:41 -07:00
Eric Chiang
5bfe0a1898 Merge pull request #490 from ericchiang/reduce-key-id-length
*: update go-oidc to shorten length of key IDs
2016-06-28 10:48:32 -07:00
Eric Chiang
f5a85e9764 *: update go-oidc to shorten length of key IDs 2016-06-28 10:37:03 -07:00
Eric Chiang
bdaded57b8 Merge pull request #488 from ericchiang/fix-missing-dependencies
*: update mailgun-go to remove dependency on deleted simplehttp pkg
2016-06-28 10:28:50 -07:00
Eric Chiang
9fe70514ab revendor 2016-06-28 10:18:18 -07:00
Eric Chiang
abd36d637c *: update mailgun-go to remove dependency on deleted simplehttp pkg 2016-06-28 10:16:27 -07:00
Eric Chiang
87faa5a1f7 *: depricate --email-from flag and move to email config files 2016-06-27 23:36:07 -07:00
Eric Chiang
1cc816097a Merge pull request #486 from ericchiang/build-with-go-1-6
build with go 1.6 and actually push to quay
2016-06-27 16:41:11 -07:00
Eric Chiang
f25f882e07 build with go 1.6 and actually push to quay 2016-06-27 16:32:23 -07:00
Eric Chiang
e134d4d261 Merge pull request #484 from bobbyrullo/scope
scope: don't validate empty scopes
2016-06-24 09:58:51 -07:00
Bobby Rullo
c161c2e1c3 scope: don't validate empty scopes
If an empty scope is somehow passed along, it shouldn't be validated
when checking refresh token scope.
2016-06-24 08:31:59 -07:00
bobbyrullo
a7b860b9c2 Merge pull request #479 from bobbyrullo/specify_yer_client_creds
Allow specification of client_{id, secret} in admin api
2016-06-21 13:25:25 -07:00
Bobby Rullo
65ce2e5766 schema: update schema docs 2016-06-21 12:09:06 -07:00
Bobby Rullo
41740179af client: admin API allows user defined creds
You can specify your own client ID and secret!
2016-06-21 12:09:06 -07:00
bobbyrullo
3b8d704c9c Merge pull request #471 from bobbyrullo/native
Implement Public Clients
2016-06-20 17:03:39 -07:00
Bobby Rullo
095489d7c5 db: fix client migration test 2016-06-20 17:03:13 -07:00
Bobby Rullo
6d4336c3c8 examples: support OOB in example app. 2016-06-20 17:03:13 -07:00
Bobby Rullo
b80dbc8975 server: support out-of-band auth flow
When "urn:ietf:wg:oauth:2.0:oob" is used as a redirect URI, redirect to
an internal dex page where the user is shown the code and instructed to
paste it into their app.
2016-06-20 17:03:13 -07:00
Bobby Rullo
42cd59aef4 client: differentiate error vs. nil result
When calling manager.Authenticate, logs now show different error
messages.
2016-06-20 17:03:13 -07:00
Bobby Rullo
cdcf08066d client, server: public client restrictions
* disallow ClientCreds for public clients
* clients can only redirect to localhost or OOB
2016-06-20 17:03:12 -07:00
Bobby Rullo
4f85f3a479 server: change ClientMetadata -> Client
Metadata is not enough these days - we're going to need access to the
Public field as well.
2016-06-20 17:03:12 -07:00
Bobby Rullo
c0668997ae admin: create public clients with admin api 2016-06-20 17:03:12 -07:00
Bobby Rullo
ff933812f5 schema: add public clients to schema
and update docs
2016-06-20 17:03:12 -07:00
Bobby Rullo
61d3e5659e Documentation
* Start Documentation
2016-06-20 17:03:12 -07:00
Bobby Rullo
3ec692297b client: Manager.New deals with public clients
* validation of client moved into its own method and tested
* public clients have different validation - must have no redirect URIs
  and must have a clientName set
2016-06-20 17:03:12 -07:00