Commit graph

320 commits

Author SHA1 Message Date
Joe Bowers
85113748a8 server: unify password reset and email verification code and behavior
This patch proposes behavioral changes. In particular, referring
systems will need to provide client ids under all circumstances.
2015-10-16 14:47:58 -07:00
Joe Bowers
86a2f997d7 build: don't add nested symlinks into working directory on build 2015-10-16 14:46:37 -07:00
bobbyrullo
fd814dd671 Merge pull request #155 from bobbyrullo/check_no_secret
integration: check when there's no secret provided
2015-10-13 14:57:05 -07:00
Bobby Rullo
7d4f41bf04 integration: check when there's no secret provided 2015-10-13 12:34:28 -07:00
bobbyrullo
8360f18fea Merge pull request #147 from gyuho/use_stdpkg_basicauth
server: use standard lib http.Request.BasicAuth
2015-10-13 11:37:31 -07:00
bobbyrullo
19e66a9b63 Merge pull request #150 from woloski/patch-1
Add auth0 on Similar Software list
2015-10-13 09:37:20 -07:00
bobbyrullo
b8cf2276bb Merge pull request #154 from yifan-gu/in_memory_refresh
refreshtoken: return base64 encoded token for in-memory backend.
2015-10-13 09:35:57 -07:00
Yifan Gu
7282dd5187 refreshtoken: return base64 encoded token for in-memory backend.
Previously if we use the in-memory backend, it will return a raw
binary token for refresh token. This fixes the case.
2015-10-12 14:51:52 -07:00
Matias Woloski
42647a2e58 Add auth0 on Similar Software list
great work with dex guys! I remember talking to some of you back a year ago for using Auth0 internally for your products but you had some special requirements and it didn't work out. We are using CoreOS extensibly on our product for code sandboxing (https://medium.com/aws-activate-startup-blog/sandboxing-code-in-the-era-of-containers-294edb3a674) and we love it. 

Since you are listing similar software, I thought adding Auth0 would make sense, here. Writing a post on our blog about chaining dex with Auth0 would be nice as well.
2015-10-06 18:38:49 -03:00
Gyu-Ho Lee
f06073fbcd server: use standard lib http.Request.BasicAuth
Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.

Thanks!

---
[1] https://codereview.appspot.com/76540043/
2015-10-06 05:00:33 -07:00
bobbyrullo
2a1d32e6e8 Merge pull request #145 from bobbyrullo/protect_admin_api
Protect admin api
2015-10-01 14:23:16 -07:00
Bobby Rullo
5e859dad5c Documentation, contrib: Update docs with admin key 2015-10-01 14:22:43 -07:00
Bobby Rullo
55040c55fa server, integration, cmd: Protect Admin API
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
2015-10-01 13:15:45 -07:00
bobbyrullo
48b3b38c8b Merge pull request #144 from bobbyrullo/no_register
server,cmd: Add flag for disabling registation
2015-09-30 20:35:59 -07:00
Bobby Rullo
d3d6a75b91 fixup - Code review changes. 2015-09-30 17:07:00 -07:00
Bobby Rullo
bf9517fdaa server,cmd: Add flag for disabling registation
For situations where admins add users.
2015-09-30 16:35:58 -07:00
bobbyrullo
ac78c8f4ab Merge pull request #143 from joeatwork/logging-for-debugging
db: log schema errors, distinguish them from nil results where needed
2015-09-30 10:25:05 -07:00
Joe Bowers
c70b29f83d db: log schema errors, distinguish them from nil results where needed 2015-09-29 20:07:36 -07:00
Joe Bowers
a426943054 Merge pull request #140 from joeatwork/disable-users-api
Expose API to enable and disable users
2015-09-29 16:47:43 -07:00
Joe Bowers
2ed2859896 repo: functional repo tests
includes changes to ensure uniform errors for DB and in-memory repos
2015-09-29 16:46:48 -07:00
Joe Bowers
e5db302312 server: expose user disable API endpoint 2015-09-29 16:46:30 -07:00
Joe Bowers
b33cfbf556 schema: disable user API 2015-09-29 16:46:30 -07:00
bobbyrullo
05adce3e93 Merge pull request #141 from triddell/master
build: add equals sign to avoid link warning when building project
2015-09-29 14:50:49 -07:00
Tim Riddell
6472bd78cb build: add equals sign to avoid link warning when building project 2015-09-29 12:45:28 -07:00
bobbyrullo
6970b481f4 Merge pull request #126 from cpswan/fixes-125
Documentation: clearer guidance on creating OAuth 2 client ID
2015-09-28 22:15:48 -07:00
bobbyrullo
1563d78861 Merge pull request #139 from joeatwork/fix-build-1.4
build: vendor quotedprintable to build on Go < 1.5
2015-09-28 14:20:04 -07:00
Joe Bowers
49bc822fc2 build: vendor quotedprintable to build on Go < 1.5 2015-09-28 13:01:25 -07:00
Joe Bowers
b19adefde5 Merge pull request #138 from joeatwork/disable-users
server: disable users
2015-09-28 12:36:09 -07:00
Chris Swan
6589b2ecdd Documentation: clearer guidance on creating OAuth 2 client ID
Provides a more accurate walk through of the screens and menus of the Google
Developers Console encountered whilst creating a client ID.

Fixes #125

Signed-off-by: Chris Swan <@cpswan>
2015-09-28 10:51:02 +01:00
Joe Bowers
72fa4127d0 Merge pull request #137 from joeatwork/dont-create-users-with-bad-urls
api: don't create a user if you can't send them an email
2015-09-25 17:31:34 -07:00
Joe Bowers
fbbb3cc2df server: all authorizations fail for disabled users 2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0 server: don't allow disabled users to access the api 2015-09-25 15:47:42 -07:00
Derek Parker
944bed6d2e Merge pull request #136 from derekparker/fix-compilation-issues
email/smtp: Fix type comparison error
2015-09-25 15:36:55 -07:00
Joe Bowers
f115015a3f api: don't create a user if you can't send them an email 2015-09-25 15:11:27 -07:00
Joe Bowers
60a36e2c2e server,db: flag for disabling user login 2015-09-25 14:25:06 -07:00
Derek Parker
20857d71e7 email/smtp: Fix type comparison error
Fixes #134
2015-09-25 12:49:57 -07:00
Joe Bowers
e8f347a738 Merge pull request #133 from joeatwork/stricter-url-endpoints
server: user management endpoints strictly conform to schema
2015-09-24 17:03:00 -07:00
Joe Bowers
4c9bab0890 server: user management endpoints strictly conform to schema
This change disables the URL fixing behavior or the router associated
with the user management schema. After this commit, URLS routing
to /api/$VERSION/users must target exactly the specified paths. In
addition, `/api/$VERSION/users/` will serve a 404

This change allows users to hit the user create endpoint, which
would previously serve a redirect rather than actually making the
associated change.
2015-09-24 16:41:29 -07:00
bobbyrullo
97041dbd90 Merge pull request #129 from ecnahc515/smtp_support
Add smtp support
2015-09-24 16:34:45 -07:00
Chance Zibolski
d154cad3f6 Documentation: Add how to setup email configuration 2015-09-24 15:01:06 -07:00
Chance Zibolski
b1e146b702 email: Remove unused ID field 2015-09-24 15:01:06 -07:00
Chance Zibolski
3e08bd6619 email: Add smtp emailer 2015-09-24 15:01:04 -07:00
Chance Zibolski
95cc72c218 godeps: Add gomail 2015-09-21 13:42:12 -07:00
bobbyrullo
825c3cf21b Merge pull request #128 from bobbyrullo/wait_on_connectors
cmd/dex-worker: wait 'til connectors are available
2015-09-18 17:28:26 -07:00
Bobby Rullo
510293a984 fixup 2015-09-18 17:25:06 -07:00
Bobby Rullo
3cd0d84e31 cmd/dex-worker: wait 'til connectors are available
Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.
2015-09-18 17:11:58 -07:00
bobbyrullo
188aa27c17 Merge pull request #118 from bobbyrullo/k8s
Get the K8s files up to date with more docs
2015-09-18 15:31:01 -07:00
Bobby Rullo
25c21f0f7e contrib/k8s: docs for using k8s configs 2015-09-18 15:30:17 -07:00
bobbyrullo
f15890edb4 Merge pull request #124 from cpswan/fixes-123
Documentation: no need to create a new Google project
2015-09-17 09:23:39 -07:00
Chris Swan
b773770218 Documentation: no need to create a new Google project
A new API key can be generated in an existing Google project

Fixes #123

Signed-off-by: Chris Swan <@cpswan>
2015-09-17 15:17:03 +01:00