Rubén Soleto Buenvarón
821b242c83
Fix response_type missing param
...
This commit fix problem with response_type param, which is required according to OIDC spec, when it is missing.
At now, when connector_id url query param is not set, connector view use response_type that client request instead of default "code".
Fixes #370
2016-03-17 08:00:49 +01:00
Eric Chiang
c3aa6a1ee3
server: correctly decode oauth2 basic auth credentials
...
Fixes #336
2016-03-02 21:31:54 -08:00
Eric Chiang
af790e46bb
Merge pull request #267 from ericchiang/metadata
...
add dynamic client registration
2016-02-01 16:25:57 -08:00
Eric Chiang
04cd1851aa
server: add dynamic client registration
2016-02-01 16:06:46 -08:00
Frode Nordahl
5d284e08ae
Change status code used for redirects from StatusTemporaryRedirect (307) to StatusFound (302)
...
HTTP code 307 aka. StatusTemporaryRedirect is used throughout the
project. However, the endpoints redirected to explicitly expects
the client to make a GET request.
If a HTTP client issues a POST request to a server and receives a
HTTP 307 redirect, it forwards the POST request to the new URL.
When using 302 the HTTP client will issue a GET request.
Fixes #287
2016-01-23 22:33:53 +01:00
Eric Chiang
5e44b6bc27
*: update all to accommodate changes to go-oidc
...
Update dex to comply with the changes to fieldnames and types of
the client and provider metadata structs in coreos/go-oidc.
2016-01-12 17:16:28 -08:00
Bobby Rullo
dc828825e6
server: better UX when remote ID already exists
...
Instead of cryptic message with nowhere to, give them the choice to
login with that account or register.
2015-12-23 17:11:03 -08:00
Eric Chiang
f2c3dbc5e6
static, server: add styles for github and bitbucket connectors
...
Add icons and styles for github and bitbucket buttons.
2015-12-08 10:20:13 -08:00
Joe Bowers
0c854a21d6
server: endpoint and system for sending invitations to dex
...
An invitation allows users to both verify their email address and set
a new password.
2015-11-18 14:24:19 -08:00
Gyu-Ho Lee
f06073fbcd
server: use standard lib http.Request.BasicAuth
...
Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.
Thanks!
---
[1] https://codereview.appspot.com/76540043/
2015-10-06 05:00:33 -07:00
Bobby Rullo
bf9517fdaa
server,cmd: Add flag for disabling registation
...
For situations where admins add users.
2015-09-30 16:35:58 -07:00
Giulio Iotti
472e4a02a4
*: Remove unnecessary else statements
...
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
Yifan Gu
93a0830ae0
server: check scope in requests.
...
Require 'openid' in scope for all requests.
Require 'offline_access' for returning refresh token.
2015-08-31 13:51:59 -07:00
Yifan Gu
066fd859ec
session: add 'scope' field in session.
2015-08-31 13:51:59 -07:00
Bobby Rullo
66fe201c24
*: move original project to dex
2015-08-18 11:26:57 -07:00