Commit graph

26 commits

Author SHA1 Message Date
Bob Callaway
8fd69c16f5 correctly handle path escaping for connector IDs
Signed-off-by: Bob Callaway <bob.callaway@gmail.com>
2021-10-01 16:04:34 -04:00
Henning
138364ceeb
handlePasswordGrant: insert connectorData into OfflineSession (#2199)
* handlePasswordGrant: insert connectorData into OfflineSession

This change will insert the ConnectorData from the initial Login
into the OfflineSession, as already done in handlePasswordLogin.

Signed-off-by: Henning Surmeier <h.surmeier@mittwald.de>
2021-07-21 00:05:35 +04:00
Márk Sági-Kazár
f6904c38ef
Merge pull request #1865 from WorldProgrammingLtd/fix-1849
fix: defer creation of auth request.
2021-06-25 19:05:41 +02:00
Mark Sagi-Kazar
0bef10ef80
chore(deps): update gosundheit
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 14:50:35 +02:00
Alastair Houghton
cd0c24ec4d fix: add an extra endpoint to avoid refresh generating AuthRequests.
By adding an extra endpoint and a redirect, we can avoid a situation
where it's trivially easy to generate a large number of AuthRequests
by hitting F5/refresh in the browser.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:42:52 +01:00
Alastair Houghton
030a6459d6 fix: reinstate TestHandleAuthCode.
Reinstating this test as it shouldn't have been removed.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:30 +01:00
Alastair Houghton
88025b3d7c fix: remove some additional dependencies.
Accidentally added some of these back during merge.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:30 +01:00
Alastair Houghton
cdbb5dd94d fix: defer creation of auth request.
Rather than creating the auth request when the user hits /auth, pass
the arguments through to /auth/{connector} and have the auth request
created there.  This prevents a database error when using the "Select
another login method" link, and also avoids a few other error cases.

Fixes #1849, #646.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:23 +01:00
Rui Yang
4e569024fd use go 1.16 new package io/fs
Unify the interface for reading web statics. Now it could read an
OS directory or get the content on live

One could use

//go:embed static
var webFiles embed.FS

anywhere and config dex server to take the file system by setting

WebConfig{WebFS: webFiles}

Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
7b50cbf0ac use pkger for embedding static contents
Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-03-20 20:05:59 +00:00
Rui Yang
10e9054811 Use http.FileSystem for web assets
Signed-off-by: Rui Yang <ryang@pivotal.io>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Mark Sagi-Kazar
316da70545
refactor: use new health checker
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-11 01:29:25 +01:00
m.nabokikh
d6b5105d9b fix: check code presence
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-25 18:50:36 +04:00
m.nabokikh
123185c456 fix: return invalid_grant error for invalid or expired auth codes
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-21 01:31:38 +04:00
Josh Soref
5d659a108c spelling: templates
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:29 -05:00
Tomasz Kleczek
b1311baa3c abort connector login if connector was already set #1707
Signed-off-by: Tomasz Kleczek <tomasz.kleczek@gmail.com>
2020-08-29 17:19:14 +02:00
Mark Sagi-Kazar
f141f2133b
Fix whitespace 2019-12-18 15:56:12 +01:00
Mike O
43d1a044bd Add tests for some callback handler error conditions 2019-08-05 16:02:28 -07:00
Eric Chiang
8935a1479c server: update health check endpoint to query storage periodically
Instead of querying the storage every time a health check is performed
query it periodically and save the result.
2019-02-04 19:02:41 +00:00
Eric Chiang
777eeafabc *: update go-oidc and use standard library's context package 2017-03-08 10:33:19 -08:00
Simon HEGE
415a68f977 Allow CORS on keys and token endpoints 2017-01-14 21:15:51 +01:00
Simon HEGE
b4c47910e4 Allow CORS on discovery endpoint 2017-01-08 19:22:39 +01:00
Eric Chiang
96440e4cc5 *: fix linting 2016-10-13 18:15:20 -07:00
Eric Chiang
4296604f11 {cmd,server}: move garbage collection logic to server 2016-10-12 21:50:20 -07:00
Eric Chiang
9243a092cf server: add a test for the health check handler 2016-10-05 08:02:02 -07:00
Eric Chiang
cab271f304 initial commit 2016-07-26 15:51:24 -07:00