Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity
139 commits 27 branches 73 tags 23 MiB
Commit graph

139 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bobby Rullo
2ef1b4beff user: introduce "invite" emails 
Invite emails are essentially just reset password emails with a
different template (though this can and probably will change (slightly)
in the near future)
 2015-10-30 14:41:00 -07:00
bobbyrullo
9172f54fc2 Merge pull request #167 from gtank/cryptofix 
use GCM instead of CBC
 2015-10-29 15:03:15 -07:00
George Tankersley
07a4d4441e pkg/crypto: replace old crypto with new crypto 2015-10-29 13:45:25 -07:00
George Tankersley
8d6474b5fd pkg/crypto: add AES-GCM functions 2015-10-29 13:45:25 -07:00
bobbyrullo
623c6cfe0c Merge pull request #165 from bobbyrullo/one_Dot_four 
Dockerfile: use go 1.4 to build
 2015-10-22 14:05:39 -07:00
Bobby Rullo
6197beca28 Dockerfile: use go 1.4 to build 2015-10-22 14:02:51 -07:00
bobbyrullo
315858033c Merge pull request #164 from bobbyrullo/use_the_right_env 
Dockerfile: use right env var for email templates
 2015-10-22 12:13:28 -07:00
Bobby Rullo
9b0dccd9ba Dockerfile: use right env var for email templates 2015-10-22 12:07:07 -07:00
Josh Wood
b29f76b6f7 Merge pull request #161 from philips/dex-more-docs-fixes 
Minor, non-content, formatting fixes. LGTM.
 2015-10-20 14:20:29 -07:00
Brian Waldon
9f8d15f331 Merge pull request #160 from philips/add-go-bindata-instructions 
build: add install instructions for go-bindata
 2015-10-20 09:11:39 -07:00
Brandon Philips
714710719b Documentation: getting-started md cleanups 
Markdown needs a newline between a paragraph and a code block for most
renderers. Fix this.
 2015-10-20 09:35:51 -04:00
Brandon Philips
14cf24da7f README: consistent tabbing 
some of these items were space indented, others were tabbed. Use tabs.
 2015-10-20 09:11:19 -04:00
Brandon Philips
bf294d67bb build: add install instructions for go-bindata 
Tell the user how to fix ther error! That is the best type of error
message. :)
 2015-10-20 06:30:33 -04:00
Joe Bowers
70eb87d87c Merge pull request #158 from joeatwork/share-token-code 
server: Share token code
 2015-10-19 09:59:38 -07:00
Joe Bowers
b1e4369811 fixup: remove debug logging from test 2015-10-16 17:14:51 -07:00
Joe Bowers
12342149d3 fixup: document parseAndVerifyTokenClaims behavior 2015-10-16 16:54:22 -07:00
Joe Bowers
39ee1871e4 build: fixup - comment explaining guard in front of ln 2015-10-16 16:49:27 -07:00
Joe Bowers
1e037a9a7c tests: ensure ./user/ tests are run as part of test suite 2015-10-16 16:44:09 -07:00
Joe Bowers
ce8b0a4c9e tests: fix user tests with for new behavior 2015-10-16 16:43:52 -07:00
Joe Bowers
85113748a8 server: unify password reset and email verification code and behavior 
This patch proposes behavioral changes. In particular, referring
systems will need to provide client ids under all circumstances.
 2015-10-16 14:47:58 -07:00
Joe Bowers
86a2f997d7 build: don't add nested symlinks into working directory on build 2015-10-16 14:46:37 -07:00
bobbyrullo
fd814dd671 Merge pull request #155 from bobbyrullo/check_no_secret 
integration: check when there's no secret provided
 2015-10-13 14:57:05 -07:00
Bobby Rullo
7d4f41bf04 integration: check when there's no secret provided 2015-10-13 12:34:28 -07:00
bobbyrullo
8360f18fea Merge pull request #147 from gyuho/use_stdpkg_basicauth 
server: use standard lib http.Request.BasicAuth
 2015-10-13 11:37:31 -07:00
bobbyrullo
19e66a9b63 Merge pull request #150 from woloski/patch-1 
Add auth0 on Similar Software list
 2015-10-13 09:37:20 -07:00
bobbyrullo
b8cf2276bb Merge pull request #154 from yifan-gu/in_memory_refresh 
refreshtoken: return base64 encoded token for in-memory backend.
 2015-10-13 09:35:57 -07:00
Yifan Gu
7282dd5187 refreshtoken: return base64 encoded token for in-memory backend. 
Previously if we use the in-memory backend, it will return a raw
binary token for refresh token. This fixes the case.
 2015-10-12 14:51:52 -07:00
Matias Woloski
42647a2e58 Add auth0 on Similar Software list 
great work with dex guys! I remember talking to some of you back a year ago for using Auth0 internally for your products but you had some special requirements and it didn't work out. We are using CoreOS extensibly on our product for code sandboxing (https://medium.com/aws-activate-startup-blog/sandboxing-code-in-the-era-of-containers-294edb3a674) and we love it. 

Since you are listing similar software, I thought adding Auth0 would make sense, here. Writing a post on our blog about chaining dex with Auth0 would be nice as well.
 2015-10-06 18:38:49 -03:00
Gyu-Ho Lee
f06073fbcd server: use standard lib http.Request.BasicAuth 
Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.

Thanks!

---
[1] https://codereview.appspot.com/76540043/
 2015-10-06 05:00:33 -07:00
bobbyrullo
2a1d32e6e8 Merge pull request #145 from bobbyrullo/protect_admin_api 
Protect admin api
 2015-10-01 14:23:16 -07:00
Bobby Rullo
5e859dad5c Documentation, contrib: Update docs with admin key 2015-10-01 14:22:43 -07:00
Bobby Rullo
55040c55fa server, integration, cmd: Protect Admin API 
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
 2015-10-01 13:15:45 -07:00
bobbyrullo
48b3b38c8b Merge pull request #144 from bobbyrullo/no_register 
server,cmd: Add flag for disabling registation
 2015-09-30 20:35:59 -07:00
Bobby Rullo
d3d6a75b91 fixup - Code review changes. 2015-09-30 17:07:00 -07:00
Bobby Rullo
bf9517fdaa server,cmd: Add flag for disabling registation 
For situations where admins add users.
 2015-09-30 16:35:58 -07:00
bobbyrullo
ac78c8f4ab Merge pull request #143 from joeatwork/logging-for-debugging 
db: log schema errors, distinguish them from nil results where needed
 2015-09-30 10:25:05 -07:00
Joe Bowers
c70b29f83d db: log schema errors, distinguish them from nil results where needed 2015-09-29 20:07:36 -07:00
Joe Bowers
a426943054 Merge pull request #140 from joeatwork/disable-users-api 
Expose API to enable and disable users
 2015-09-29 16:47:43 -07:00
Joe Bowers
2ed2859896 repo: functional repo tests 
includes changes to ensure uniform errors for DB and in-memory repos
 2015-09-29 16:46:48 -07:00
Joe Bowers
e5db302312 server: expose user disable API endpoint 2015-09-29 16:46:30 -07:00
Joe Bowers
b33cfbf556 schema: disable user API 2015-09-29 16:46:30 -07:00
bobbyrullo
05adce3e93 Merge pull request #141 from triddell/master 
build: add equals sign to avoid link warning when building project
 2015-09-29 14:50:49 -07:00
Tim Riddell
6472bd78cb build: add equals sign to avoid link warning when building project 2015-09-29 12:45:28 -07:00
bobbyrullo
6970b481f4 Merge pull request #126 from cpswan/fixes-125 
Documentation: clearer guidance on creating OAuth 2 client ID
 2015-09-28 22:15:48 -07:00
bobbyrullo
1563d78861 Merge pull request #139 from joeatwork/fix-build-1.4 
build: vendor quotedprintable to build on Go < 1.5
 2015-09-28 14:20:04 -07:00
Joe Bowers
49bc822fc2 build: vendor quotedprintable to build on Go < 1.5 2015-09-28 13:01:25 -07:00
Joe Bowers
b19adefde5 Merge pull request #138 from joeatwork/disable-users 
server: disable users
 2015-09-28 12:36:09 -07:00
Chris Swan
6589b2ecdd Documentation: clearer guidance on creating OAuth 2 client ID 
Provides a more accurate walk through of the screens and menus of the Google
Developers Console encountered whilst creating a client ID.

Fixes #125

Signed-off-by: Chris Swan <@cpswan>
 2015-09-28 10:51:02 +01:00
Joe Bowers
72fa4127d0 Merge pull request #137 from joeatwork/dont-create-users-with-bad-urls 
api: don't create a user if you can't send them an email
 2015-09-25 17:31:34 -07:00
Joe Bowers
fbbb3cc2df server: all authorizations fail for disabled users 2015-09-25 17:29:59 -07:00