Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Packages Projects Releases Wiki Activity
529 commits 27 branches 73 tags 23 MiB
Commit graph

46 commits

Author SHA1 Message Date
Eric Chiang 35cab93c0a *: add --enable-automatic-registration flag to worker 
For remote connectors, allow users to skip registration.
 2016-06-17 16:29:56 -07:00
Bobby Rullo 59dc4a9400 dexctl: remove api driver 
API Driver is dead: This API turns out to not be super useful, requiring
an existing client to create other clients is weird.

Long live API Driver? Let's use Dynamic Client API and the bootstrap API
to create a better API Driver! LONG LIVE API DRIVER.
 2016-06-15 11:42:50 -07:00
Eric Chiang b7674744ee *: don't let generated comment become package comment 2016-06-10 12:40:58 -07:00
Alexandr Burdiyan 24134e18ea Add connector id to the registration error message 
Right now it is not clear what connector is failing. It will be easier to debug with more specific error message.

Related to #400.
 2016-06-09 13:19:21 +02:00
Bobby Rullo f9dbc8a3d2 db, client: add data model for trusted peers 
Trusted Peers are clients that are authorized to mint tokens
for another client.
 2016-06-07 17:16:09 -07:00
Eric Chiang 35ea3d9ae1 *: add ability to set and list connectors from admin API 
closes #360
 2016-06-01 09:31:47 -07:00
Evan Cordell 73d9742c8b client manager: accept full client when creating 2016-05-24 14:44:04 -05:00
Evan Cordell a418e1c4e7 client: add client manager 
adds a client manager to handle business logic, leaving the repo
for basic crud operations. Also adds client to the test script
 2016-05-19 16:20:12 -07:00
Evan Cordell 3da98fcb8e client: add transaction support 2016-05-19 16:17:01 -07:00
Bobby Rullo 9c403aba41 fix dexctl 2016-04-20 14:31:28 -07:00
Bobby Rullo 399b15abeb integration, *: Improve tests for admin api 
* TestCreateClient was missing test coverage on error cases
* Fixed bug where 500s were being reported for bad requests
* changed function signature of NewAdminAPI back to old way of passing
  in lots of repos: passing in a DbMap made it difficult to test
* added swappable ID and Secret generators when creating Clients
 2016-04-20 14:31:27 -07:00
Bobby Rullo e5948ab3ce *: ClientIdentityXXX -> ClientXXX 
Get rid of all outdated "ClientIdentity" terminology.
 2016-04-20 14:31:27 -07:00
Eric Chiang b10645f58d *: add client registration endpoint to admin API 2016-04-05 11:37:26 -07:00
Eric Chiang 6120f7ac05 *: add isAdmin option to client repo when creating a client 2016-04-05 11:29:58 -07:00
Eric Chiang 07af73f367 *: don't allow sqlite3 if --no-db flag not specified 2016-02-12 13:19:05 -08:00
Eric Chiang 907f536e74 Merge pull request #273 from ericchiang/version 
cmd: add version to command worker and overlord, print go version
 2016-02-05 09:30:48 -08:00
Eric Chiang 232a6103f9 Merge pull request #285 from ericchiang/api_docs 
add generated documentation for APIs
 2016-02-01 16:26:05 -08:00
Eric Chiang af790e46bb Merge pull request #267 from ericchiang/metadata 
add dynamic client registration
 2016-02-01 16:25:57 -08:00
Eric Chiang c7ed4fdd60 pkg,cmd: add document generator tool 2016-02-01 16:09:23 -08:00
Eric Chiang 04cd1851aa server: add dynamic client registration 2016-02-01 16:06:46 -08:00
Eric Chiang ec3bc7f258 *: allow dexctl set-connector-configs to read from stdin 
Closes #276
 2016-01-19 08:59:34 -08:00
Eric Chiang 0deccc7050 cmd: add version to command worker and overlord, print go version 
Closes #272
 2016-01-15 11:15:32 -08:00
Eric Chiang 5e44b6bc27 *: update all to accommodate changes to go-oidc 
Update dex to comply with the changes to fieldnames and types of
the client and provider metadata structs in coreos/go-oidc.
 2016-01-12 17:16:28 -08:00
Eric Chiang 22c20e4e32 cmd: add version subcommand to dexctl 
closes #220
 2015-12-28 15:56:43 -08:00
Eric Chiang 8e5115ce73 cmd: use spf13/cobra for dexctl cli logic 2015-12-28 15:55:11 -08:00
Eric Chiang 3776c74c15 cmd: reduce backoff max when worker is waiting for connectors 
fixes #177
 2015-12-22 10:25:27 -08:00
Eric Chiang 49389c9b90 cmd, db: verify at least one secret is passed to --key-secrets 
Passing an empty list to the overlord or worker's --key-secrets
flag currently causes an out of range panic. Always check to ensure
there's at least one element passed.

Fixes #130
Fixes #217
 2015-12-16 20:28:21 -08:00
bobbyrullo 521aeae3db Merge pull request #199 from ericchiang/validate_connector 
api: validate local connector existence before creating user
 2015-12-07 17:44:22 -08:00
Eric Chiang f43655a8c3 user/manager: connector must exists when creating remote identity 
Add ConnectorConfigRepo to UserManager. When trying to create a
RemoteIdentity, validate that the connector ID exists.

Fixes #198
 2015-12-07 17:34:08 -08:00
Eric Chiang d518447282 user: move user manager to it's own package 
This commit moves the user.Manage to its own package (user/manager)
so it can import the connector package in a later commit.

For clarity, it renames "Manager" to "UserManager" using gorname.

This commit has no functional changes.
 2015-12-07 15:34:14 -08:00
Brian Waldon b14ce73fa0 *: use example.com in place of coreos.com 
Align with RFC2606 for example email addresses, using example.com
in place of coreos.com where appropriate.
 2015-12-07 14:55:29 -08:00
George Tankersley 07a4d4441e pkg/crypto: replace old crypto with new crypto 2015-10-29 13:45:25 -07:00
Bobby Rullo 55040c55fa server, integration, cmd: Protect Admin API 
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
 2015-10-01 13:15:45 -07:00
Bobby Rullo d3d6a75b91 fixup - Code review changes. 2015-09-30 17:07:00 -07:00
Bobby Rullo bf9517fdaa server,cmd: Add flag for disabling registation 
For situations where admins add users.
 2015-09-30 16:35:58 -07:00
Bobby Rullo 510293a984 fixup 2015-09-18 17:25:06 -07:00
Bobby Rullo 3cd0d84e31 cmd/dex-worker: wait 'til connectors are available 
Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.
 2015-09-18 17:11:58 -07:00
Giulio Iotti 472e4a02a4 *: Remove unnecessary else statements 
Whenever it makes the code easier to follow, use early return to
avoid else statements.
 2015-09-04 22:45:32 +03:00
Bobby Rullo f1820cda14 cmd,server,static/html: Configurable name, logo 
fixes #47
 2015-09-02 18:00:28 -07:00
Bobby Rullo 62aa12fa6c cmd/dex-overlord: was using the wrong err 2015-09-01 17:07:10 -07:00
Bobby Rullo 9b64ecb2d7 cmd/dex-overlord: bind admin API on 127.0.0.1 
Instead of 0.0.0.0; this is safer, since the admin API is very powerful.

fixes #97
 2015-08-31 13:42:16 -07:00
Yifan Gu 3da456efa8 dex-worker: add TLS support. 
Add two new flags '--cert-file' and '--key-file'.
If scheme == 'https', then we will use the two new flags to get
the cert/key pair for TLS connection.

Also add '--ca-file' to the example app to allow TLS connection to the
dex-worker using a specified ca file.
 2015-08-29 01:42:21 -07:00
Bobby Rullo d0c199b62c cmd, server: base64 encode multiple secrets 
Two things here:

    * key secrets are now base64 encoded strings, so we get the full key
      space

    * we can pass >1 of them in so we can rotate them
 2015-08-26 10:43:24 -07:00
Alex Polvi c7d2393add bug: remote whitespace so eval works 2015-08-24 08:20:04 -07:00
Bobby Rullo 8b6a2699d9 cmd/dex-overlord, db: migrations in overlord 
Migrations happen only in the overlord, so there's no thundering herd,
and database initialziation can be more easily controlled.
 2015-08-20 11:44:43 -07:00
Bobby Rullo 66fe201c24 *: move original project to dex 2015-08-18 11:26:57 -07:00