Commit graph

571 commits

Author SHA1 Message Date
Eric Chiang
2e57dde3c4 *: revendor 2016-08-16 12:33:16 -07:00
Eric Chiang
9f095c559f *: update go-oidc to remove dependency on capnslog
This change updates the vendored go-oidc package to remove the
dependency on capnslog. It also pulls in a few other minor changes
as part of that package's development.
2016-08-16 12:31:46 -07:00
Eric Chiang
bef9f3c221 Merge pull request #542 from whitlockjc/uaa-connector
connector: add uaa connector
2016-08-11 12:56:46 -07:00
Eric Chiang
ac518139d3 Merge pull request #537 from wyattanderson/register-display-name
server: when registering a user, set user name if OIDC identity contains one
2016-08-10 23:06:58 -07:00
Jeremy Whitlock
27b80cbca8 connector: add uaa connector
This commit adds support for dex to authenticate users from a
CloudFoundry User Account and Authentication (UAA) Server.

Fixes: #538
2016-08-10 16:04:39 -06:00
Eric Chiang
5dec7194d2 Merge pull request #541 from kanor1306/patch-1
Fix typo in dexctl parameter
2016-08-10 09:29:56 -07:00
Nicanor Gutierrez
dace4b2d25 Fix typo in dexctl parameter 2016-08-10 12:37:55 +02:00
Wyatt Anderson
26508c6bab server: when registering a user, set display name
When automatically registering a user from an IP that provides
a `DisplayName`, set it on the created user so that JWT we create
contain a meaningful `name` field.
2016-08-04 11:45:05 -04:00
Eric Chiang
0e94e76255 Merge pull request #531 from ericchiang/user-api-accept-bearer-tokens-with-multiple-audiences
user api: accept bearer tokens with multiple audiences
2016-08-02 12:34:05 -07:00
Eric Chiang
8669167b42 user api: accept bearer tokens with multiple audiences 2016-08-02 11:52:19 -07:00
Eric Chiang
92920fa05d Merge pull request #535 from ericchiang/cleanup-docker-containers-after-travis-tests
*: cleanup containers generated during tests to avoid deploy conflicts
2016-08-01 16:14:09 -07:00
Eric Chiang
1210fb5d8f *: cleanup containers generated during tests to avoid deploy conflicts 2016-08-01 16:03:18 -07:00
Eric Chiang
263b933a34 Merge pull request #534 from ericchiang/fix-dockerfile
*: fix path to email config in dockerfile
2016-08-01 15:44:07 -07:00
Eric Chiang
dcc8908316 *: fix path to email config in dockerfile 2016-08-01 15:27:46 -07:00
Eric Chiang
d5744ab6e3 Merge pull request #532 from ericchiang/fix-travis-deployments
*: try to fix travis deployments by adding script with no arguments
2016-08-01 14:48:40 -07:00
Eric Chiang
ca4002a9c6 *: try to fix travis deployments by adding script with no arguments 2016-08-01 14:34:36 -07:00
Eric Chiang
ea55bee5fa Merge pull request #526 from l0n3r4n83r/master
Fix standup-db.sh
2016-07-28 16:09:59 -07:00
Harsh Chauhan
b42398d3ab Fix standup-db.sh 2016-07-28 15:47:32 -07:00
Eric Chiang
d1bb106f94 Merge pull request #521 from ericchiang/allow-dex-to-work-at-non-base-url
Allow dex to work at non base url
2016-07-26 15:40:25 -07:00
Eric Chiang
40c1ade816 Documentation: update connector callback documentation to use issuer URL 2016-07-26 11:21:54 -07:00
Eric Chiang
435cadfc19 *: more updates to prepend the correct API path 2016-07-25 17:06:20 -07:00
Eric Chiang
ede6300a84 *: by default, have dex listen at a non-root url 2016-07-25 16:03:25 -07:00
Eric Chiang
854b767273 *: update handlers to include issuer url in path 2016-07-25 16:03:25 -07:00
Eric Chiang
1e0ee1e435 Merge pull request #522 from ericchiang/fix-connector-handlers
connector: fix path that connectors listen on
2016-07-25 15:08:50 -07:00
Eric Chiang
8216a3d992 connector: fix path that connectors listen on
When Dex uses a non-root issuer URL, it current assumes that all
path prefixes will be trimmed by an upstream proxy (e.g. nginx).
This means that all paths rendered in HTML will be absolute to the
prefix, but the handlers still listen at the root.

Connectors are currently the only component that registers at a
non-root URL. Make this conform with the rest of Dex by having the
server determine the path the connector listens as rather than the
connector itself.
2016-07-25 14:32:24 -07:00
Eric Chiang
216d26913f Merge pull request #520 from squat/add-absolute-path-to-templates
backend: add absolute path to template links
2016-07-22 15:51:25 -07:00
Lucas Serven
0cc0c73676 backend: add absolute path to template links
fixes: #502

Add a new template function called `absPath` that converts relative
paths to absolute paths based on the issuerURL. The template function
can be used in templates like:
````html
<a href="{{ .MyRelativePath | absPath }}">
````
2016-07-22 15:41:16 -07:00
Eric Chiang
1759b9602f Merge pull request #517 from squat/change-flag-defaults-for-dev-mode
cmd: update flag defaults for dev mode
2016-07-21 13:12:41 -07:00
Lucas Serven
a9dce1c11e cmd: update flag defaults for dev mode
Updates flags in dex-worker for no-db mode to work with default static
files.
2016-07-21 11:43:16 -07:00
Eric Chiang
33010e22c4 Merge pull request #487 from ericchiang/unify-email-config
*: depricate --email-from flag and move to email config files
2016-07-19 15:12:35 -07:00
Eric Chiang
edb010caa3 Merge pull request #510 from ericchiang/add-groups-scope-and-ldap-implementation
Add groups scope and LDAP implementation
2016-07-19 11:46:11 -07:00
Eric Chiang
607d9920d8 Documentation: document "groups" scope and LDAP implementation 2016-07-19 11:23:05 -07:00
Eric Chiang
a741bb5711 examples/app: add facilities for requesting groups 2016-07-19 11:23:04 -07:00
Eric Chiang
b02a3a3163 *: add "groups" scope 2016-07-19 11:23:04 -07:00
Eric Chiang
731dadb29d connector: add a group interface and an LDAP implementation 2016-07-19 11:23:04 -07:00
Eric Chiang
af6aade6d0 Merge pull request #508 from ericchiang/remove-erroneous-logging-statement
connector: remove erroneous logging statement
2016-07-12 10:41:17 -07:00
Eric Chiang
0e6adc24d8 connector: remove erroneous logging statement 2016-07-11 10:20:41 -07:00
Eric Chiang
7378414e11 smtp: make "auth" and "port" config fields optional
Use "plain" auth if and only if username and password are provided.

Parse port from "host" field if it's provided.
2016-07-11 10:08:28 -07:00
Eric Chiang
f816cfb187 Merge pull request #499 from samueldg/fix_docs_typos
docs: fix various typos & Markdown lint issues
2016-06-30 15:48:26 -07:00
Eric Chiang
84f36b1697 Merge pull request #501 from ericchiang/clean-up-release-documentation
Documentation: clean up release documentation
2016-06-30 15:45:03 -07:00
Samuel Dion-Girardeau
e22829c922 docs: fix various typos & Markdown lint issues 2016-06-30 18:39:16 -04:00
Eric Chiang
b263976c08 Documentation: clean up release documentation 2016-06-30 15:34:06 -07:00
Eric Chiang
7bc69644ec Merge pull request #497 from alon-argus/patch-1
Documentation: minor fix
2016-06-29 08:44:59 -07:00
alon-argus
351ea2b60d Documentation: minor fix 2016-06-29 18:20:10 +03:00
Eric Chiang
123ececd10 Merge pull request #496 from ericchiang/return-409-for-duplicate-client-ids
return 409 for duplicate client ids
2016-06-28 16:29:25 -07:00
Eric Chiang
f899cbaea8 return 409 for duplicate client ids 2016-06-28 16:09:20 -07:00
Eric Chiang
b5d2b7eba5 Merge pull request #483 from ericchiang/ldap-groups
Clean up LDAP Connector
2016-06-28 16:06:14 -07:00
Eric Chiang
5a78e89807 clean up LDAP connector
* Remove some unlikely to be used fields to help configurability.
  * Combined "serverHost" and "serverPort" into "host"
  * Remove "timeout" (just default to 30 seconds).
  * Remove "maxIdleConn" will add it back if users feel the need
    to control the number of cached connections.
  * Remove "trustedEmailProvider" (just always trust).
  * Remove "skipCertVerification" you can't make this connector
    ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
  always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
2016-06-28 15:01:39 -07:00
Eric Chiang
c0eb36c14b Merge pull request #494 from ericchiang/return-409-if-resource-is-already-created
return 409 status code on duplicate email errors
2016-06-28 14:14:05 -07:00
Eric Chiang
47ce264f08 return 409 status code on duplicate email errors 2016-06-28 13:52:28 -07:00