Commit graph

2047 commits

Author SHA1 Message Date
Daniel Dao
ca114f7812 storage: add etcd storage
This patch adds etcd storage implementation. This should be useful in
environments where
- we dont want to depends on a separate, hard to maintain SQL cluster
- we dont want to incur the overhead of talking to kubernetes apiservers
- kubernetes is not available yet, or if kubernetes depends on dex
to perform authentication and the operator would like to remove any
circular dependency if possible.
2017-10-31 14:43:13 +00:00
rithu leena john
943e23cd54
Merge pull request #1109 from ericchiang/oidc-test
connector/oidc: remove test that talks to the internet
2017-10-30 11:18:18 -07:00
Eric Chiang
6475ce1f62 connector/oidc: remove test that talks to the internet 2017-10-27 13:40:50 -07:00
Eric Chiang
e3b96243b5 Merge pull request #1101 from pborzenkov/linkedin
connector: implement LinkedIn connector
2017-10-27 08:56:58 -07:00
Daniel Dao
2b13bdd12d
storage: fix list connector test
The previous test doesnt actually testing ListConnectors code. For
example the following pseudocode will pass the test:

```
ListConnectors() { return nil, nil }
```

Instead change to actually fetch and compare list of connectors,
ordering by name
2017-10-27 15:26:05 +01:00
Pavel Borzenkov
d5a9712aae Documentation: add LinkedIn connector documentation
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2017-10-27 12:54:28 +03:00
Pavel Borzenkov
3b5df52c0f connector/linkedin: implement RefreshConnector interface
Do Refresh() by querying user's profile data.

Since LinkedIn doesn't provide refresh tokens at all, and the access
tokens have 60 days expiration, refresh tokens issued by Dex will fail
to update after 60 days.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2017-10-27 12:54:28 +03:00
Pavel Borzenkov
ab06119431 connector: implement LinkedIn connector
connector/linkedin implements authorization strategy via LinkedIn's
OAuth2 endpoint + profile API.

It doesn't implement RefreshConnector as LinkedIn doesn't provide any
refresh token at all (https://developer.linkedin.com/docs/oauth2, Step 5
— Refresh your Access Tokens) and recommends ordinary AuthCode exchange
flow when token refresh is required.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2017-10-27 12:54:28 +03:00
Eric Chiang
3d65b774d6 Merge pull request #1103 from stapelberg/authproxy
authproxy.md: strip X-Remote-User
2017-10-26 14:29:43 -07:00
rithu leena john
13b4f84f79 Merge pull request #1104 from ericchiang/authproxy-tweaks
authproxy: update docs and set a userID
2017-10-26 13:19:13 -07:00
Michael Stapelberg
4931f30a80 authproxy.md: strip X-Remote-User
follow-up for https://github.com/coreos/dex/pull/1100
2017-10-26 20:13:37 +02:00
Eric Chiang
d099145921 authproxy: update docs and set a userID 2017-10-26 10:47:16 -07:00
Eric Chiang
751c565e9d Merge pull request #1100 from stapelberg/external
Implement the “external” connector (for Apache2 mod_auth etc.)
2017-10-26 09:25:40 -07:00
Michael Stapelberg
a41d93db4a Implement the “authproxy” connector (for Apache2 mod_auth etc.) 2017-10-25 21:53:51 +02:00
rithu leena john
f3c85e6936 Merge pull request #1096 from ericchiang/ldap-insecure-skip-verify-test
connector/ldap: add test for InsecureSkipVerify option
2017-10-10 11:34:46 -07:00
Eric Chiang
3849abb18a Merge pull request #1097 from cpanato/add_ids_test_automation
tests: add ids to elements for testing automation
2017-10-10 09:39:21 -07:00
cpanato
620695ed2b
tests: add ids to elements for testing automation 2017-10-10 11:38:14 +02:00
Eric Chiang
fcf00019de connector/ldap: add test for InsecureSkipVerify option 2017-10-09 14:27:22 -07:00
rithu leena john
10c0ec0d48 Merge pull request #1092 from rithujohn191/bump-go
travis.yml: bump golang version
2017-10-09 11:32:41 -07:00
Eric Chiang
9c176dd1bd Merge pull request #1090 from lsjostro/fix-link-regexp
connector/gitlab: Fix regexp in Link parser
2017-10-09 11:15:49 -07:00
Eric Chiang
5ea886473c Merge pull request #1094 from devonbarrett/supplied-typo
fixes typo: s/suppied/supplied/
2017-10-09 11:08:32 -07:00
Devon Barrett
eb14a8245c
fixes typo: s/suppied/supplied/ 2017-10-08 11:29:27 +01:00
rithu john
82879b3b3e travis.yml: bump golang version 2017-10-04 21:15:03 -07:00
Lars Sjöström
4605fdd551 connector/gitlab: Fix regexp in Link parser 2017-09-29 21:35:47 +02:00
rithu leena john
fe1516332c Merge pull request #1088 from dpacierpnik/cross-clients-audience-claim-fix
Cross clients improvement - requesting client ID always added to the audience claim
2017-09-29 10:49:46 -07:00
Damian Pacierpnik
e3c9b49299 Cross clients improvement - requesting client ID always added to the audience claim 2017-09-28 18:30:15 +02:00
Eric Chiang
0aabf2d1ea Merge pull request #1085 from rphillips/fixes/http_client_timeout
add client request timeout
2017-09-27 13:28:13 -07:00
Ryan Phillips
0318cd99b0 add client request timeout and dialer deadline 2017-09-26 18:52:11 -05:00
Eric Chiang
fe2aee364c Merge pull request #1086 from coreos/chancez-patch-1
storage/kubernetes: Log before registering custom resources
2017-09-26 16:49:10 -07:00
Chance Zibolski
9d7b0b59bd storage/kubernetes: Log before registering custom resources
Logging before attempting to make any connection to Kubernetes is useful when the connection hangs and dex is killed before it can log any errors.
2017-09-26 16:23:49 -07:00
rithu leena john
904c3facd9 Merge pull request #1081 from lrolaz/crd_rbac_doc
Add Documentation about customresourcedefinitions creation role
2017-09-26 11:53:46 -07:00
Laurent Rolaz
cca0275b0b Add Documentation about customresourcedefinitions creation role 2017-09-26 20:20:05 +02:00
Eric Chiang
2c468ea8a0 Merge pull request #1068 from furuholm/multi-stage-docker-build
Replace docker-build script with multi-stage build
2017-09-21 13:22:05 -07:00
Tobias Furuholm
b6c3074ba0 Replace docker-build script with multi-stage build 2017-09-21 22:08:11 +02:00
rithu leena john
64c97c7308 Merge pull request #1071 from rithujohn191/crd-fix
storage/kubernetes: Correct the OfflineSession object CRD definition
2017-09-19 15:22:56 -07:00
rithu john
d2706fcab8 storage/kubernetes: Correct the OfflineSession object CRD definition 2017-09-19 14:58:42 -07:00
rithu leena john
4c435db52e Merge pull request #1067 from rithujohn191/migrate-tprs
Documentation: add docs for TPR to CRD migration
2017-09-18 14:41:18 -07:00
rithu john
34dcf6c9a0 Documentation: add docs for TPR to CRD migration 2017-09-18 14:24:50 -07:00
rithu leena john
03de0ecbeb Merge pull request #1062 from rithujohn191/crd-migration
storage/kubernetes: add CRD support
2017-09-14 13:02:51 -07:00
rithu john
1311caf864 storage/kubernetes: add CRD support 2017-09-14 11:48:17 -07:00
Eric Chiang
4d9f5dbaa1 Merge pull request #1063 from amrutac/update-styles
Updates coreos themes and icons for various providers
2017-09-14 11:47:52 -07:00
Eric Chiang
4c0cac64eb Merge pull request #1064 from ericchiang/gofmt-fix
Makefile: error out if go files aren't correctly formatted
2017-09-14 10:34:41 -07:00
Eric Chiang
980400db0b Makefile: error out if go files aren't correctly formatted
Noticed in #1058 that our gofmt make target isn't actually erroring
if someone commits misformatted code.
2017-09-14 09:44:15 -07:00
Amruta Chitnis
df8fc84851 Updates coreos themes and icons for various providers 2017-09-14 09:37:07 -07:00
rithu john
146481375e [WIP]: add CRD support 2017-09-13 10:57:54 -07:00
Eric Chiang
38d0de20e3 Merge pull request #1056 from ericchiang/fix-api-panic
server: fix panic caused by deleting refresh token twice through api
2017-09-06 09:56:06 -07:00
Eric Chiang
f234e3707e server: fix panic caused by deleting refresh token twice through api 2017-09-05 23:56:34 -07:00
rithu leena john
e10fddee2e Merge pull request #1031 from estroz/docs-update
Documentation: fix redirect caveat description
2017-08-25 14:58:40 -07:00
Eric Stroczynski
7079bb5316 Documentation: add org info req, remove redirect caveat
The redirect caveat is being removed to avoid user confusion and is
not important outside of testing.
2017-08-25 14:51:10 -07:00
Eric Stroczynski
9517d17ed2 Merge pull request #1050 from estroz/oidc-certification-docs
Documentation: OIDC conformance test setup
2017-08-25 14:40:53 -07:00