Bobby Rullo
7d4f41bf04
integration: check when there's no secret provided
2015-10-13 12:34:28 -07:00
bobbyrullo
8360f18fea
Merge pull request #147 from gyuho/use_stdpkg_basicauth
...
server: use standard lib http.Request.BasicAuth
2015-10-13 11:37:31 -07:00
bobbyrullo
19e66a9b63
Merge pull request #150 from woloski/patch-1
...
Add auth0 on Similar Software list
2015-10-13 09:37:20 -07:00
bobbyrullo
b8cf2276bb
Merge pull request #154 from yifan-gu/in_memory_refresh
...
refreshtoken: return base64 encoded token for in-memory backend.
2015-10-13 09:35:57 -07:00
Yifan Gu
7282dd5187
refreshtoken: return base64 encoded token for in-memory backend.
...
Previously if we use the in-memory backend, it will return a raw
binary token for refresh token. This fixes the case.
2015-10-12 14:51:52 -07:00
Matias Woloski
42647a2e58
Add auth0 on Similar Software list
...
great work with dex guys! I remember talking to some of you back a year ago for using Auth0 internally for your products but you had some special requirements and it didn't work out. We are using CoreOS extensibly on our product for code sandboxing (https://medium.com/aws-activate-startup-blog/sandboxing-code-in-the-era-of-containers-294edb3a674 ) and we love it.
Since you are listing similar software, I thought adding Auth0 would make sense, here. Writing a post on our blog about chaining dex with Auth0 would be nice as well.
2015-10-06 18:38:49 -03:00
Gyu-Ho Lee
f06073fbcd
server: use standard lib http.Request.BasicAuth
...
Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.
Thanks!
---
[1] https://codereview.appspot.com/76540043/
2015-10-06 05:00:33 -07:00
bobbyrullo
2a1d32e6e8
Merge pull request #145 from bobbyrullo/protect_admin_api
...
Protect admin api
2015-10-01 14:23:16 -07:00
Bobby Rullo
5e859dad5c
Documentation, contrib: Update docs with admin key
2015-10-01 14:22:43 -07:00
Bobby Rullo
55040c55fa
server, integration, cmd: Protect Admin API
...
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
2015-10-01 13:15:45 -07:00
bobbyrullo
48b3b38c8b
Merge pull request #144 from bobbyrullo/no_register
...
server,cmd: Add flag for disabling registation
2015-09-30 20:35:59 -07:00
Bobby Rullo
d3d6a75b91
fixup - Code review changes.
2015-09-30 17:07:00 -07:00
Bobby Rullo
bf9517fdaa
server,cmd: Add flag for disabling registation
...
For situations where admins add users.
2015-09-30 16:35:58 -07:00
bobbyrullo
ac78c8f4ab
Merge pull request #143 from joeatwork/logging-for-debugging
...
db: log schema errors, distinguish them from nil results where needed
2015-09-30 10:25:05 -07:00
Joe Bowers
c70b29f83d
db: log schema errors, distinguish them from nil results where needed
2015-09-29 20:07:36 -07:00
Joe Bowers
a426943054
Merge pull request #140 from joeatwork/disable-users-api
...
Expose API to enable and disable users
2015-09-29 16:47:43 -07:00
Joe Bowers
2ed2859896
repo: functional repo tests
...
includes changes to ensure uniform errors for DB and in-memory repos
2015-09-29 16:46:48 -07:00
Joe Bowers
e5db302312
server: expose user disable API endpoint
2015-09-29 16:46:30 -07:00
Joe Bowers
b33cfbf556
schema: disable user API
2015-09-29 16:46:30 -07:00
bobbyrullo
05adce3e93
Merge pull request #141 from triddell/master
...
build: add equals sign to avoid link warning when building project
2015-09-29 14:50:49 -07:00
Tim Riddell
6472bd78cb
build: add equals sign to avoid link warning when building project
2015-09-29 12:45:28 -07:00
bobbyrullo
6970b481f4
Merge pull request #126 from cpswan/fixes-125
...
Documentation: clearer guidance on creating OAuth 2 client ID
2015-09-28 22:15:48 -07:00
bobbyrullo
1563d78861
Merge pull request #139 from joeatwork/fix-build-1.4
...
build: vendor quotedprintable to build on Go < 1.5
2015-09-28 14:20:04 -07:00
Joe Bowers
49bc822fc2
build: vendor quotedprintable to build on Go < 1.5
2015-09-28 13:01:25 -07:00
Joe Bowers
b19adefde5
Merge pull request #138 from joeatwork/disable-users
...
server: disable users
2015-09-28 12:36:09 -07:00
Chris Swan
6589b2ecdd
Documentation: clearer guidance on creating OAuth 2 client ID
...
Provides a more accurate walk through of the screens and menus of the Google
Developers Console encountered whilst creating a client ID.
Fixes #125
Signed-off-by: Chris Swan <@cpswan>
2015-09-28 10:51:02 +01:00
Joe Bowers
72fa4127d0
Merge pull request #137 from joeatwork/dont-create-users-with-bad-urls
...
api: don't create a user if you can't send them an email
2015-09-25 17:31:34 -07:00
Joe Bowers
fbbb3cc2df
server: all authorizations fail for disabled users
2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0
server: don't allow disabled users to access the api
2015-09-25 15:47:42 -07:00
Derek Parker
944bed6d2e
Merge pull request #136 from derekparker/fix-compilation-issues
...
email/smtp: Fix type comparison error
2015-09-25 15:36:55 -07:00
Joe Bowers
f115015a3f
api: don't create a user if you can't send them an email
2015-09-25 15:11:27 -07:00
Joe Bowers
60a36e2c2e
server,db: flag for disabling user login
2015-09-25 14:25:06 -07:00
Derek Parker
20857d71e7
email/smtp: Fix type comparison error
...
Fixes #134
2015-09-25 12:49:57 -07:00
Joe Bowers
e8f347a738
Merge pull request #133 from joeatwork/stricter-url-endpoints
...
server: user management endpoints strictly conform to schema
2015-09-24 17:03:00 -07:00
Joe Bowers
4c9bab0890
server: user management endpoints strictly conform to schema
...
This change disables the URL fixing behavior or the router associated
with the user management schema. After this commit, URLS routing
to /api/$VERSION/users must target exactly the specified paths. In
addition, `/api/$VERSION/users/` will serve a 404
This change allows users to hit the user create endpoint, which
would previously serve a redirect rather than actually making the
associated change.
2015-09-24 16:41:29 -07:00
bobbyrullo
97041dbd90
Merge pull request #129 from ecnahc515/smtp_support
...
Add smtp support
2015-09-24 16:34:45 -07:00
Chance Zibolski
d154cad3f6
Documentation: Add how to setup email configuration
2015-09-24 15:01:06 -07:00
Chance Zibolski
b1e146b702
email: Remove unused ID field
2015-09-24 15:01:06 -07:00
Chance Zibolski
3e08bd6619
email: Add smtp emailer
2015-09-24 15:01:04 -07:00
Chance Zibolski
95cc72c218
godeps: Add gomail
2015-09-21 13:42:12 -07:00
bobbyrullo
825c3cf21b
Merge pull request #128 from bobbyrullo/wait_on_connectors
...
cmd/dex-worker: wait 'til connectors are available
2015-09-18 17:28:26 -07:00
Bobby Rullo
510293a984
fixup
2015-09-18 17:25:06 -07:00
Bobby Rullo
3cd0d84e31
cmd/dex-worker: wait 'til connectors are available
...
Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.
2015-09-18 17:11:58 -07:00
bobbyrullo
188aa27c17
Merge pull request #118 from bobbyrullo/k8s
...
Get the K8s files up to date with more docs
2015-09-18 15:31:01 -07:00
Bobby Rullo
25c21f0f7e
contrib/k8s: docs for using k8s configs
2015-09-18 15:30:17 -07:00
bobbyrullo
f15890edb4
Merge pull request #124 from cpswan/fixes-123
...
Documentation: no need to create a new Google project
2015-09-17 09:23:39 -07:00
Chris Swan
b773770218
Documentation: no need to create a new Google project
...
A new API key can be generated in an existing Google project
Fixes #123
Signed-off-by: Chris Swan <@cpswan>
2015-09-17 15:17:03 +01:00
Bobby Rullo
edd88db932
contrib/k8s: Use secrets to store secrets.
...
Also, move most flags to environment variables.
2015-09-09 14:29:41 -07:00
Bobby Rullo
d9b668002c
contrib/k8s: get yaml up-to-date with latest k8s
2015-09-08 14:53:53 -07:00
bobbyrullo
b340660d6d
Merge pull request #111 from dullgiulio/early-returns-nazi
...
Remove unnecessary else statements
2015-09-04 13:02:28 -07:00