Commit graph

642 commits

Author SHA1 Message Date
Eric Chiang
50f2905cac *: add standup script for LDAP 2017-08-22 10:37:29 -07:00
Eric Stroczynski
9b46267659 Merge pull request #1040 from estroz/change-bcrypt-default
server: set sane bcrypt cost upper bound
2017-08-21 14:37:04 -07:00
Eric Stroczynski
763e174a7f Merge pull request #1039 from estroz/move-group-scope-check
connector/github: fix groups scope check when 'orgs' is populated
2017-08-21 14:36:44 -07:00
Eric Stroczynski
ce9ac761a6 connector/github: abstract scope check and group getter 2017-08-21 14:30:00 -07:00
Eric Stroczynski
2b354c8fdb server: set sane bcrypt cost upper bound 2017-08-21 11:53:46 -07:00
rithu leena john
e59d67f466 Merge pull request #1038 from xogroup/github-enterprise
When connecting to GitHub Enterprise, force email verified field to true
2017-08-18 13:58:50 -07:00
Chien Huey
99370b5880 Updated comment to include reference to GitHub Enterprise not supporting verified emails 2017-08-18 11:46:05 -04:00
Eric Stroczynski
e92f38f38f connector/github: error if no groups scope without orgs
We should always check if a user is in any orgs or teams specified
in config, and whether the groups scope is also included in client
requests. If not, return an error, because dex wouldn't have required
permissions to do the request anyway (need read:org).
2017-08-17 17:15:45 -07:00
Chien Huey
98f6a217d3 When connecting to GitHub Enterprise, force email verified field to true 2017-08-17 17:26:10 -04:00
Eric Stroczynski
20fd3163d9 Merge pull request #1036 from estroz/debug-to-info-github
connector/github: debug->info logging, informative userInOrg msg
2017-08-17 12:11:10 -07:00
Eric Stroczynski
5894d017d5 connector/github: debug->info logging, more informative userInOrg msg 2017-08-17 11:56:35 -07:00
Eric Stroczynski
b84721cbda Merge pull request #1035 from estroz/user-login-github-patch
connector/github: fix username used when making API requests
2017-08-17 11:39:39 -07:00
Eric Stroczynski
484327fd5f connector/github: only user users' login name in API reqs 2017-08-17 10:32:18 -07:00
Eric Stroczynski
7e580ec2b2 Merge pull request #1029 from estroz/doc-link-fix
Documentation: fixed GitHub link syntax
2017-08-16 14:14:22 -07:00
Eric Stroczynski
bb36c96674 Documentation: fixed GitHub link syntax 2017-08-16 14:10:23 -07:00
Eric Stroczynski
48bb61cfe0 Merge pull request #1028 from estroz/gitlab-scopes
connector/gitlab: correct scope strings, better default
2017-08-15 14:57:05 -07:00
Eric Stroczynski
ca75470ae3 connector/gitlab: correct scope strings, better default 2017-08-15 14:49:00 -07:00
rithu leena john
e361bc6c38 Merge pull request #1019 from estroz/doc-updates
Documentation: github org redirect caveat
2017-08-11 16:44:01 -07:00
Eric Stroczynski
71de7e8414 Documentation: github org redirect caveat 2017-08-11 16:42:33 -07:00
Eric Chiang
5582232a03 Merge pull request #1021 from ericchiang/debug-logs
*: add log events for login, LDAP queries, and SAML responses
2017-08-11 13:33:45 -07:00
Eric Chiang
aad328bb35 *: add log events for login, LDAP queries, and SAML responses 2017-08-11 12:00:06 -07:00
Eric Stroczynski
c45185f601 Merge pull request #1018 from estroz/github-private-emails
connector/github: enable private, primary emails
2017-08-09 09:36:18 -07:00
Eric Stroczynski
26527011ab connector/github: enable private, primary emails; refactor API calls
Documentation: removed private emails caveats section
2017-08-08 18:04:34 -07:00
rithu leena john
b66b61fe8a Merge pull request #1003 from estroz/log-bcrypt-cost
Log large bcrypt costs, error if password-hash comparison takes > 10s
2017-08-08 17:20:25 -07:00
Eric Stroczynski
45bf061236 Merge pull request #1013 from estroz/multi-org-team-filters
connector/github: multiple orgs, query by teams
2017-08-08 11:37:21 -07:00
Eric Stroczynski
9d154802a2 connector/github: multiple orgs, query by teams
Documentation: examples of GitHub `orgs` field with multiple orgs
and org with teams; note legacy behavior
2017-08-08 10:57:42 -07:00
Eric Stroczynski
f493896030 Merge pull request #1016 from realfake/patch-2
Fix documentation link
2017-08-07 13:50:47 -07:00
Luk Burchard
4365d97162 Update api.md 2017-08-07 18:10:56 +02:00
rithu leena john
05e8d50eca Merge pull request #1000 from rithujohn191/fix-hosted-domain
connector/oidc: fix hosted domain support.
2017-07-31 13:29:26 -07:00
Eric Stroczynski
4bcb0aaae9 server: log bcrypt cost if > 12, error on runtime > 10s
The bcrypt hashing algorithm runtime grows exponentially with cost,
and might cause a timeout if the cost is too high. Notifying the user
of high cost and of long running calculations will help with tuning
and debugging.
2017-07-25 17:09:43 -07:00
Eric Stroczynski
a0010d0f22 Merge pull request #1005 from estroz/update-deps
Update deps
2017-07-25 15:48:08 -07:00
Eric Stroczynski
d9778fda4a vendor: revendor 2017-07-25 13:49:34 -07:00
Eric Stroczynski
4a88d0641a : update {S->s}irupsen/logrus 2017-07-25 13:46:44 -07:00
rithu john
5e0bf8b65f connector/oidc: fix hosted domain support. 2017-07-25 13:46:12 -07:00
rithu leena john
0e0b4c53ef Merge pull request #998 from rithujohn191/fix-key-rotation
server/rotation.go: Fix key rotation with multiple dex instances.
2017-07-19 11:07:48 -07:00
rithu john
753526a506 server/rotation.go: Fix key rotation with multiple dex instances. 2017-07-19 10:37:37 -07:00
Lucas Servén
2f0ac68d8f Merge pull request #995 from squat/bump_travis_golang
.travis.yml: bump golang version to 1.8.3
2017-07-17 13:40:42 -07:00
Lucas Serven
53835cabf9
.travis.yml: bump golang version to 1.8.3 2017-07-17 13:28:00 -07:00
rithu leena john
714fea7f48 Merge pull request #994 from squat/bump_go_183
scripts: bump builder to Go 1.8.3
2017-07-17 13:01:04 -07:00
Lucas Serven
6f8968b66b
scripts: bump builder to Go 1.8.3 2017-07-17 11:44:02 -07:00
rithu leena john
b70f4c4f39 Merge pull request #989 from rithujohn191/ldap-docs
Documentation: add a group query example for the ldap connector.
2017-07-17 11:27:55 -07:00
rithu john
6f9127b4ae Documentation: add a group query example for the ldap connector. 2017-07-13 12:41:40 -07:00
rithu leena john
377d9b44b7 Merge pull request #985 from zlabjp/avoid-id-beginning-with-number
bugfix: avoid generating an invalid ID attribute in SAML's AuthenRequest element
2017-07-10 09:42:37 -07:00
rithu leena john
a5d218fd08 Merge pull request #974 from roguePanda/google-hosted-domain
Google hosted domain support
2017-07-07 10:26:28 -07:00
Kazumasa Kohtaka
cc314690f4 Avoid generating an identifer which starts with a number because it may be used as a SAML's ID attribute 2017-07-06 21:28:48 +09:00
rithu leena john
6f2af269a1 Merge pull request #980 from ericchiang/implicit-flow-config-example
examples: document explicit flow in example config
2017-06-23 14:11:23 -07:00
Eric Chiang
c1a7285711 examples: document explicit flow in example config 2017-06-23 11:27:49 -07:00
rithu leena john
92a988e4cc Merge pull request #977 from Zakjholt/patch-1
Update using-dex.md
2017-06-22 17:36:34 -07:00
rithu leena john
842bd0ef00 Merge pull request #978 from Zakjholt/patch-2
Update using-dex.md
2017-06-22 16:19:13 -07:00
Zak Holt
43f0e8530b Update using-dex.md 2017-06-22 10:53:57 -04:00