Justin Slowik
6d343e059b
Generates/Stores the device request and returns the device and user codes.
...
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Nándor István Krácser
371df97cbf
Merge pull request #1743 from dexidp/docker-compose
...
add docker-compose.yaml for local testing
2020-06-30 14:12:49 +02:00
Nandor Kracser
5b7a664e9d
add docker-compose for local testing
2020-06-30 13:46:05 +02:00
Mark Sagi-Kazar
af9dfd4a29
Remove copypasta dependency
2020-06-30 13:12:36 +02:00
Kyle Travis
cfae2eb720
storage/kubernetes: remove shadowed ResourceVersion from Connector ( #1673 )
2020-04-07 11:02:44 +02:00
Nándor István Krácser
ec57e31103
Merge pull request #1645 from JerrySunWRS/master
...
Wrap Kubernetes host address in square brackets
2020-03-27 08:35:30 +01:00
Yann Soubeyrand
99c3ec6820
Add ability to set ID and Secret from environment variables for static clients
...
Having ID and Secret in clear inside configuration files for static
clients is not ideal. This commit allows setting these from environment
variables.
Signed-off-by: Yann Soubeyrand <yann.soubeyrand@gmx.fr>
2020-03-03 08:27:13 +01:00
Nandor Kracser
c7e9960c7e
storage/mysql: increase auth_request.state length to 4096
...
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
2020-02-21 12:53:18 +01:00
Nandor Kracser
80749ffd3f
storage/sql: allow specifying sql flavor specific migrations
...
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
2020-02-21 12:53:18 +01:00
Jerry Sun
3a3a2bcc86
Wrap Kubernetes host address in square brackets
...
When constructing the host address string, the address is
not wrapped in square brackets. This does not work in IPv6
Kubernetes deployments. This commit adds square brackets
around the address. IPv4 was also tested to ensure it works
with wrapped address.
Signed-off-by: Jerry Sun <jerry.sun@windriver.com>
2020-02-06 14:52:54 -05:00
Mark Sagi-Kazar
55b49063f8
Update etcd
2020-01-30 17:50:22 +01:00
Krishna Durai
9560899496
Merge branch 'master' into feature/static_password_env
2020-01-06 23:21:20 -08:00
Aiden Andrews-McDermott
98f78db915
Updated config.go to remove the defaulting idle connection limit of 5 which is an issue for upstream https://github.com/go-sql-driver/mysql/issues/674
2019-12-27 18:08:17 +00:00
Márk Sági-Kazár
664fdf76ca
Merge pull request #1605 from dexidp/kubernetes-tests
...
Rewrite kubernetes tests
2019-12-20 11:41:57 +01:00
Nándor István Krácser
f98332595e
Merge branch 'master' into conformance_tests_improvements
2019-12-20 09:56:59 +01:00
Mark Sagi-Kazar
309b33d05a
Rewrite kubernetes storage test
2019-12-18 17:23:51 +01:00
Mark Sagi-Kazar
2f8d1f8e42
Fix unconvert
2019-12-18 15:56:46 +01:00
Mark Sagi-Kazar
f141f2133b
Fix whitespace
2019-12-18 15:56:12 +01:00
Mark Sagi-Kazar
367b187cf4
Fix missspell
2019-12-18 15:51:44 +01:00
Mark Sagi-Kazar
142c96c210
Fix stylecheck
2019-12-18 15:50:36 +01:00
krishnadurai
91cbd466a5
Option to add staticPasswords from environment variables
2019-12-13 16:33:21 -08:00
Mark Sagi-Kazar
0773c6e9f3
Add github actions CI flow
2019-12-07 11:14:30 +01:00
Joel Speed
c782ac809c
Remove defaulting from connector_data column
2019-11-19 15:43:24 +00:00
Joel Speed
45a40a13a3
Revert "Update Kubernetes storage backend"
...
This reverts commit 228bdc324877bf67ecdd434503b9c1b25d8e7d28.
2019-11-19 15:43:18 +00:00
Joel Speed
236b25b68e
Revert "Fix ETCD storage backend"
2019-11-19 15:43:17 +00:00
Joel Speed
41b7c855d0
Revert "Update conformance"
...
This reverts commit 9c7ceabe8aebf6c740c237c5e76c21397179f901.
2019-11-19 15:43:16 +00:00
Joel Speed
9ce4393156
Revert "Update SQL storage backend"
2019-11-19 15:43:15 +00:00
Joel Speed
176ba709a4
Revert "Remove connectordata from other structs"
...
This reverts commit 27f33516db343bd79b56a47ecef0fe514a35082d.
2019-11-19 15:43:14 +00:00
Joel Speed
fea048b3e8
Fix SQL updater func
2019-11-19 15:43:13 +00:00
Joel Speed
d38909831c
Fix migration in SQL connector
...
I didn't realise quite what the migration mechanism was. Have understood
it now.
2019-11-19 15:43:13 +00:00
Joel Speed
80995dff9b
Fix SQL storage
2019-11-19 15:43:10 +00:00
Joel Speed
b9b315dd64
Fix conformance tests
2019-11-19 15:43:09 +00:00
Joel Speed
7a76c767fe
Update Kubernetes storage backend
2019-11-19 15:43:08 +00:00
Joel Speed
c54f1656c7
Fix ETCD storage backend
2019-11-19 15:43:07 +00:00
Joel Speed
c789c5808e
Update conformance
2019-11-19 15:43:06 +00:00
Joel Speed
7fc3f230df
Update SQL storage backend
2019-11-19 15:43:05 +00:00
Joel Speed
5c88713177
Remove connectordata from other structs
2019-11-19 15:43:03 +00:00
Joel Speed
575c792156
Store most recent refresh token in offline sessions
2019-11-19 15:40:56 +00:00
Nándor István Krácser
d5d3abca6a
Merge pull request #1566 from dexidp/preferred_username
...
add preffered_username to idToken
2019-10-30 13:25:23 +01:00
Nandor Kracser
c1b421fa04
add preffered_username to idToken
...
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
2019-10-30 13:06:37 +01:00
Tomasz Kleczek
42d61191c4
storage: conformance tests improvements
2019-09-27 13:54:54 +02:00
Nandor Kracser
d2c33db8a8
storage/mysql: support pre-5.7.20 instances with tx_isolation only
2019-09-23 09:36:01 +02:00
Michael Venezia
395febf808
storage/kubernetes: Removing Kubernetes TPR support
...
Third Party Resources (TPR) have been removed from Kubernetes for
roughly 2 years. This commit removes the support dex had for them.
Documentation has been updated to reflect this and to instruct users
on how to migrate from TPR-powered dex environment to a Custom Resource
Defintion (CRD) based one that dex > v2.17 will support
2019-08-14 09:28:18 -04:00
Stephan Renatus
d9487e553b
*: fix some lint issues
...
Mostly gathered these using golangci-lint's deadcode and ineffassign
linters.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-07-30 11:29:08 +02:00
Nandor Kracser
a572ad8fec
storage/sql: rework of the original MySQL PR
2019-07-23 14:27:10 +02:00
Pavel Borzenkov
e53bdfabb9
storage/sql: initial MySQL storage implementation
...
It will be shared by both Postgres and MySQL configs.
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2019-07-23 14:26:21 +02:00
Mark Sagi-Kazar
d877fca092
Fix coding style
2019-02-22 21:43:55 +01:00
Mark Sagi-Kazar
06521ffa49
Remove the logrus logger wrapper
2019-02-22 21:31:46 +01:00
Mark Sagi-Kazar
be581fa7ff
Add logger interface and stop relying on Logrus directly
2019-02-22 13:38:57 +01:00
Haines Chan
b78b8aeee0
Replace "GET", "POST" to http.MethodGet and http.MethodPost
2018-12-27 16:27:36 +08:00
Stephan Renatus
73fdf4f75b
storage/sql/postgres: expose stdlib tunables, set them for tests
...
- adapted TestUnmarshalConfig to ensure the fields are read in
- added a test to see that at least MaxOpenConns works:
- this is only exposed through (*db).Stats() in go 1.11, so this test
has a build tag
- the other two configurables can't be read back, so we've got to
trust that the mechanism works given the one instance that's tested..
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-11-30 09:55:01 +01:00
Stephan Renatus
8f3cca7ba4
Revert "retry on serialization errors"
2018-11-29 08:24:13 +01:00
Stephan Renatus
5f054fcf2e
Merge pull request #1342 from concourse/pr/retry-on-pg-serialization-error
...
retry on serialization errors
2018-11-21 10:29:46 +01:00
Alex Suraci
85dd0684ba
extract and document serialization failure check
2018-11-20 10:50:55 -05:00
Alex Suraci
587081a643
postgres: refactor error handling to fix retrying
...
prior to this change, many of the functions in the ExecTx callback would
wrap the error before returning it. this made it impossible to check
for the error code.
instead, the error wrapping has been moved to be external to the
`ExecTx` callback, so that the error code can be checked and
serialization failures can be retried.
2018-11-20 10:50:55 -05:00
Alex Suraci
aa068b667a
postgres: improve readability of error check
2018-11-20 10:50:55 -05:00
Alex Suraci
9b9013a560
postgres: use stdlib to set serializable tx level
...
also use a context for the rollback, which is a bit cleaner since it
only results in one 'defer', rather than N from the loop
2018-11-20 10:50:55 -05:00
Alex Suraci
7e96021428
retry on serialization errors
2018-11-20 10:50:55 -05:00
Stephan Renatus
6182f213ef
storage/conformance: remove old build tags
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-11-20 16:41:13 +01:00
Stephan Renatus
0740c2370d
storage/etcd: remove standup.sh
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-11-20 16:41:12 +01:00
Stephan Renatus
1d0568efe9
storage/sql: remove standup.sh
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-11-20 16:41:12 +01:00
Alex Suraci
0b856d1a75
pg: support host:port for backwards-compatibility
2018-11-20 10:22:39 -05:00
Stephan Renatus
b1fd2fa8b1
Merge pull request #1346 from concourse/pr/postgres-unix-sockets
...
Use pq connection parameters instead of URLs for postgres connections
This enables the use of socket paths like /var/run/postgresql for the 'host' instead of requiring TCP. Also, we know allow using a non-default port.
2018-11-20 15:52:40 +01:00
Divya Dadlani
f82b904d05
postgres: use connection string instead of url
...
otherwise it's impossible to use a Unix socket, as the path gets escaped
awkwardly.
Signed-off-by: Ciro S. Costa <cscosta@pivotal.io>
Signed-off-by: Alex Suraci <suraci.alex@gmail.com>
2018-11-20 09:32:44 -05:00
Alex Suraci
7c63be4104
remove incomplete mysql and cockroachdb support
2018-11-16 18:07:20 +00:00
Alex Suraci
dcca427592
fix bogus conformance failure due to time zones
...
this failed on my machine due to the unexported 'loc' field of the time
structure - it was nil in one and set to a ton of tiemzone data in the
other. instead let's just compare the unix timestamp value and zero it
out for the struct comparison.
2018-11-15 13:51:07 -05:00
Song.Jin
5f0a03a06b
modify log msg as per suggested
2018-11-06 11:18:55 +11:00
Song.Jin
9b5bec1ddf
check if crd exist before try creating them
2018-11-04 11:43:28 +11:00
Song.Jin
d2daa4e2ac
allow it to disable CRD creation
2018-11-02 21:13:37 +11:00
Stephan Renatus
666356d22d
Merge pull request #1266 from byxorna/gabe/fix-etcd-timeout-bug
...
fix timeout bug for etcd3 client connect
2018-09-10 10:36:38 +02:00
Stephan Renatus
b9f6594bf0
*: github.com/coreos/dex -> github.com/dexidp/dex
...
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
Gabe Conradi
94bd948aac
fix timeout bug for etcd3 client connect
2018-08-02 17:41:38 -04:00
Eric Chiang
ccf85a7269
Merge pull request #1108 from dqminh/etcd-storage
...
Add etcd backed storage
2017-11-06 08:36:43 -08:00
Daniel Dao
e617197871
storage/etcd: document struct tag in code
...
This explicitly adds struct tags for etcd storage instead of implicitly
depends on yaml/json config serialization.
2017-11-06 14:46:18 +00:00
rithu leena john
42ef8fd802
Merge pull request #1072 from ericchiang/k8s-test
...
*: run kubernetes tests in travis
2017-10-31 10:34:26 -07:00
Eric Chiang
3d2d92b31b
*: run kubernetes tests in travis
2017-10-31 10:29:52 -07:00
Daniel Dao
ca114f7812
storage: add etcd storage
...
This patch adds etcd storage implementation. This should be useful in
environments where
- we dont want to depends on a separate, hard to maintain SQL cluster
- we dont want to incur the overhead of talking to kubernetes apiservers
- kubernetes is not available yet, or if kubernetes depends on dex
to perform authentication and the operator would like to remove any
circular dependency if possible.
2017-10-31 14:43:13 +00:00
Daniel Dao
2b13bdd12d
storage: fix list connector test
...
The previous test doesnt actually testing ListConnectors code. For
example the following pseudocode will pass the test:
```
ListConnectors() { return nil, nil }
```
Instead change to actually fetch and compare list of connectors,
ordering by name
2017-10-27 15:26:05 +01:00
Eric Chiang
0aabf2d1ea
Merge pull request #1085 from rphillips/fixes/http_client_timeout
...
add client request timeout
2017-09-27 13:28:13 -07:00
Ryan Phillips
0318cd99b0
add client request timeout and dialer deadline
2017-09-26 18:52:11 -05:00
Chance Zibolski
9d7b0b59bd
storage/kubernetes: Log before registering custom resources
...
Logging before attempting to make any connection to Kubernetes is useful when the connection hangs and dex is killed before it can log any errors.
2017-09-26 16:23:49 -07:00
rithu john
d2706fcab8
storage/kubernetes: Correct the OfflineSession object CRD definition
2017-09-19 14:58:42 -07:00
rithu john
1311caf864
storage/kubernetes: add CRD support
2017-09-14 11:48:17 -07:00
rithu john
146481375e
[WIP]: add CRD support
2017-09-13 10:57:54 -07:00
rithu john
fd4f57b5f3
storage/static.go: storage backend should not explicitly lower-case email ids.
2017-08-24 15:50:32 -07:00
Eric Stroczynski
4a88d0641a
: update {S->s}irupsen/logrus
2017-07-25 13:46:44 -07:00
Kazumasa Kohtaka
cc314690f4
Avoid generating an identifer which starts with a number because it may be used as a SAML's ID attribute
2017-07-06 21:28:48 +09:00
rithu john
8c9c2518f5
server: account for dynamically changing connector object in storage.
2017-04-25 09:19:02 -07:00
rithu john
5abb4b3df6
storage/static.go: correct the error message that gets displayed.
2017-03-29 11:32:02 -07:00
rithu john
bc55b86d0d
storage: add connector object to backend storage.
2017-03-28 14:12:38 -07:00
Eric Chiang
95d237003a
Merge pull request #855 from ericchiang/static-storage-fallthrough
...
storage: make static storages query real storages for some actions
2017-03-20 10:42:34 -07:00
Eric Chiang
4c39bc20ae
storage: make static storages query real storages for some actions
...
If dex is configured with static passwords or clients, let the API
still add or modify objects in the backing storage, so long as
their IDs don't conflict with the static ones. List options now
aggregate resources from the static list and backing storage.
2017-03-20 09:39:38 -07:00
rithu john
9e88924577
storage/conformance: update conformance tests with multiple entries per resource
2017-03-16 16:35:51 -07:00
Eric Chiang
6cb38604d9
storage/kubernetes: log INFO level if TPR already exists, not ERROR
2017-03-15 10:30:10 -07:00
Eric Chiang
0481fccd76
storage/sql: add missing WHERE statement to refresh token update
2017-03-13 15:53:28 -07:00
Eric Chiang
777eeafabc
*: update go-oidc and use standard library's context package
2017-03-08 10:33:19 -08:00
Eric Chiang
38c77e0f33
storage/kubernetes: enable HTTP/2 support
2017-02-28 12:42:06 -08:00
Eric Chiang
a7b8e52b92
storage/kubernetes: fix conflict error detection in TRP creation
...
PR #815 fixed the Kubernetes storage implementation by correctly
returning storage.ErrAlreadyExists on POST conflicts. This caused a
regression in TPR creation (#822 ) when some, but not all, of the
resources already existed. E.g. for users upgrading from old
versions of dex.
Fixes #822
2017-02-27 11:01:47 -08:00
Eric Chiang
1da2ae279c
storage/kubernetes: fix hash initialization bug
2017-02-24 12:55:04 -08:00
Eric Chiang
4be029c6c1
storage/kubernetes: fix kubernetes storage conformance test failures
2017-02-23 19:23:19 -08:00