Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Packages Projects Releases Wiki Activity
127 commits 27 branches 73 tags 23 MiB
Commit graph

21 commits

Author SHA1 Message Date
Joe Bowers 85113748a8 server: unify password reset and email verification code and behavior 
This patch proposes behavioral changes. In particular, referring
systems will need to provide client ids under all circumstances.
 2015-10-16 14:47:58 -07:00
bobbyrullo 8360f18fea Merge pull request #147 from gyuho/use_stdpkg_basicauth 
server: use standard lib http.Request.BasicAuth
 2015-10-13 11:37:31 -07:00
Yifan Gu 7282dd5187 refreshtoken: return base64 encoded token for in-memory backend. 
Previously if we use the in-memory backend, it will return a raw
binary token for refresh token. This fixes the case.
 2015-10-12 14:51:52 -07:00
Gyu-Ho Lee f06073fbcd server: use standard lib http.Request.BasicAuth 
Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.

Thanks!

---
[1] https://codereview.appspot.com/76540043/
 2015-10-06 05:00:33 -07:00
Bobby Rullo 55040c55fa server, integration, cmd: Protect Admin API 
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
 2015-10-01 13:15:45 -07:00
Bobby Rullo d3d6a75b91 fixup - Code review changes. 2015-09-30 17:07:00 -07:00
Bobby Rullo bf9517fdaa server,cmd: Add flag for disabling registation 
For situations where admins add users.
 2015-09-30 16:35:58 -07:00
Joe Bowers e5db302312 server: expose user disable API endpoint 2015-09-29 16:46:30 -07:00
Joe Bowers b19adefde5 Merge pull request #138 from joeatwork/disable-users 
server: disable users
 2015-09-28 12:36:09 -07:00
Joe Bowers fbbb3cc2df server: all authorizations fail for disabled users 2015-09-25 17:29:59 -07:00
Joe Bowers ffabe03bc0 server: don't allow disabled users to access the api 2015-09-25 15:47:42 -07:00
Joe Bowers 60a36e2c2e server,db: flag for disabling user login 2015-09-25 14:25:06 -07:00
Joe Bowers 4c9bab0890 server: user management endpoints strictly conform to schema 
This change disables the URL fixing behavior or the router associated
with the user management schema. After this commit, URLS routing
to /api/$VERSION/users must target exactly the specified paths. In
addition, `/api/$VERSION/users/` will serve a 404

This change allows users to hit the user create endpoint, which
would previously serve a redirect rather than actually making the
associated change.
 2015-09-24 16:41:29 -07:00
Giulio Iotti 472e4a02a4 *: Remove unnecessary else statements 
Whenever it makes the code easier to follow, use early return to
avoid else statements.
 2015-09-04 22:45:32 +03:00
bobbyrullo 0ec24a17bd Merge pull request #104 from bobbyrullo/flags_are_good 
cmd,server,static/html: Configurable name, logo
 2015-09-02 18:00:58 -07:00
Bobby Rullo f1820cda14 cmd,server,static/html: Configurable name, logo 
fixes #47
 2015-09-02 18:00:28 -07:00
Yifan Gu 44c6cb44f5 refresh: bcrypt raw bytes rather than base64 encoded string. 
This enables us to control the length of the bytes that will be bcrypted,
by default it's 64.

Also changed the token's stored form from string('text') to []byte('bytea')
and added some test cases for different types of invalid tokens.
 2015-09-02 14:23:20 -07:00
Yifan Gu 93a0830ae0 server: check scope in requests. 
Require 'openid' in scope for all requests.
Require 'offline_access' for returning refresh token.
 2015-08-31 13:51:59 -07:00
Yifan Gu 066fd859ec session: add 'scope' field in session. 2015-08-31 13:51:59 -07:00
Bobby Rullo d0c199b62c cmd, server: base64 encode multiple secrets 
Two things here:

    * key secrets are now base64 encoded strings, so we get the full key
      space

    * we can pass >1 of them in so we can rotate them
 2015-08-26 10:43:24 -07:00
Bobby Rullo 66fe201c24 *: move original project to dex 2015-08-18 11:26:57 -07:00