Commit graph

149 commits

Author SHA1 Message Date
Mark Sagi-Kazar
c48cb36e8f
Fix typo 2019-02-22 20:54:19 +01:00
Stephan Renatus
7bd4071b4c
Merge pull request #1396 from jtnord/useLoginId-dexidp
Use github login as the id
2019-02-05 13:54:49 +01:00
James Nord
9840fccdbb rename useLoginAsId -> useLoginAsID 2019-02-04 14:05:57 +00:00
Stephan Renatus
b6f4740a15
Merge pull request #1390 from okamototk/activedirectory
Add Active Directory and kubelogin integration sample.
2019-02-03 11:09:33 +01:00
James Nord
1911b52c6b Add documentation for the new GitHub useLoginAsId option 2019-02-01 11:37:40 +00:00
Stephan Renatus
4abf3b2102
docs: mirror resolution of #1281 in dev doc
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2019-01-29 10:29:12 +01:00
Takashi Okamoto
337bbe5f09 fix typos. 2019-01-26 10:44:50 +00:00
Takashi Okamoto
1b7b3515d7 Add Active Directory instruction. 2019-01-26 04:26:01 +00:00
Takashi Okamoto
fbdb55aba9 Add doc for kubelogin and Active Directory ingtegration sample. 2019-01-26 04:16:55 +00:00
Joshua M. Dotson
46296ab9d0 Documentation/dev-dependencies.md: Update for Go modules 2018-12-04 20:06:22 +00:00
Stephan Renatus
007e4dae3c
Merge pull request #1358 from OwenTuz/issue-1132-initial-kubernetes-documentation-improvements
Kubernetes docs: clarify steps around use/creation of TLS assets.
2018-11-26 13:54:44 +01:00
Owen Tuz
9ea2ade208 LDAP docs - remove extra wording re DN 2018-11-26 11:50:44 +00:00
Owen Tuz
e603a5e631 LDAP connector - Document that 'DN' must be in capitals 2018-11-26 10:02:41 +00:00
Owen Tuz
9b5122568a Kubernetes docs: replace absolute link with relative 2018-11-23 13:54:49 +00:00
Owen Tuz
72c9cf43a9 Fix comment in LDAP query documentation 2018-11-23 11:00:18 +00:00
Owen Tuz
45eb9b279b Kubernetes docs: wording nitpicks 2018-11-23 10:53:37 +00:00
Owen Tuz
58093dbb29 Kubernetes example: Add RBAC resources and serviceAccount to YAML manifest, remove some references to deprecated TPR approach 2018-11-23 10:48:00 +00:00
Owen Tuz
e028b79c97 Kubernetes docs: clarify steps around use/creation of TLS assets. 2018-11-22 13:37:50 +00:00
Stephan Renatus
58b546a5be
dev-integration-test: add etcd notes
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-11-20 16:41:12 +01:00
Stephan Renatus
cbcb1f61f3
dev-integration-tests: update database steps (just use docker)
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-11-20 16:41:12 +01:00
Josh Winters
bb11a1ebee github: add 'both' team name field option
this will result in both the team name *and* the team slug being
returned for each team, allowing a bit more flexibility in auth
validation.

Signed-off-by: Topher Bullock <tbullock@pivotal.io>
Signed-off-by: Alex Suraci <suraci.alex@gmail.com>
2018-11-20 10:12:44 -05:00
Stephan Renatus
7c8a22443a
Merge pull request #1349 from alexmt/1102-config-to-load-all-groups
Add config to explicitly enable loading all github groups

Follow-up for #1102.
2018-11-20 15:15:25 +01:00
Stephan Renatus
84ea412ca6
Merge pull request #1351 from CognotektGmbH/gypsydiver/1347-pr-gitlab-groups
Gitlab connector should not require the api scope.

Fixes #1347.
2018-11-20 14:49:11 +01:00
gypsydiver
f21e6a0f00 gypsydiver/1347-pr-gitlab-groups 2018-11-20 11:18:50 +01:00
Alexander Matyushentsev
7bd084bc07 Issue #1102 - Add config to explicitly enable loading all github groups 2018-11-19 10:14:38 -08:00
Alex Suraci
7c63be4104 remove incomplete mysql and cockroachdb support 2018-11-16 18:07:20 +00:00
Alexander Matyushentsev
e5ebcf518a Update github connector documentation 2018-11-15 09:24:21 -08:00
Tiago Matias
44e988fb41
point users to storage/RBAC docs 2018-11-05 17:43:23 -02:00
Danny Sauer
b9b21260bc
Add mention of scopes parameter in OIDC doc 2018-10-17 10:48:39 -05:00
Ed Tan
6ffc8fcd8d Rename bitbucket to bitbucketcloud 2018-10-06 11:45:56 -04:00
Ed Tan
d26e23c16f Make suggested code changes 2018-10-05 10:43:49 -04:00
Ed Tan
8c75d85b60 Add Bitbucket connector 2018-09-30 15:08:07 -04:00
Eric Chiang
06241eae9f
Merge pull request #1297 from tburko/use-github-team-slug-instead-of-name
Allow using GitHub Team slug instead of name via connector config option
2018-09-14 10:26:11 -07:00
Taras Burko
bf39130bab Configurable team name field for GitHub connector 2018-09-14 01:09:48 +03:00
Stephan Renatus
1309c1f037 dev-releases.md, Makefile: update release process
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-06 09:09:46 +02:00
Stephan Renatus
b9f6594bf0 *: github.com/coreos/dex -> github.com/dexidp/dex
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
Eric Chiang
4dc3347106
Merge pull request #1279 from AnianZ/master
fix default baseURL for GitLab connector
2018-09-04 08:09:37 -07:00
Anian Z
5454a4729f fix default baseURL for gitlab connector 2018-08-28 19:05:30 +02:00
Ahmed ElRefaey
32e9570116
Fix a breoken link in the oidc readme
Fixed a broken link to An overview of OpenID Connect
2018-07-04 14:56:29 +02:00
Matthias Klan
481f1276a8
Update using-dex.md
fix wrong port from example
2018-05-04 16:14:16 +02:00
Simon Knott
822a10cede
Add missing word 2018-02-24 11:31:51 +01:00
Vy-Shane Xie
b03c85e56e Add new federated:id scope that causes Dex to add a federated_claims claim containing the connector_id and user_id to the ID token 2018-02-03 18:40:03 +08:00
Eric Chiang
460f48320e Documentation: restructure connector docs to a single folder 2018-01-04 13:50:14 -08:00
Eric Chiang
0811d1a07a document limitations in the OpenID Connect connector 2017-12-20 17:12:00 -08:00
Wyatt Alt
e7d57bb31b Correct "Verifier" method name in using-dex doc
Change provider.NewVerifier to provider.Verifier per the godocs:
https://godoc.org/github.com/coreos/go-oidc#Provider.Verifier
2017-12-05 13:38:11 -08:00
Pavel Borzenkov
47df6ea2ff connector/microsoft: add support for groups
Microsoft connector now provides support for 'groups' claim in case
'tenant' is configured in Dex config for the connector. It's possible to
deny user authentication if the user is not a member of at least one
configured groups.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2017-11-23 17:01:34 +03:00
Pavel Borzenkov
6193bf5566 connector: implement Microsoft connector
connector/microsoft implements authorization strategy via Microsoft's
OAuth2 endpoint + Graph API. It allows to choose what kind of tenants
are allowed to authenticate in Dex via Microsoft:
  * common - both personal and business/school accounts
  * organizations - only business/school accounts
  * consumers - only personal accounts
  * <tenant uuid> - only account of specific tenant

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2017-11-23 17:01:34 +03:00
Stephan Renatus
b09a13458f password connectors: allow overriding the username attribute (password prompt)
This allows users of the LDAP connector to give users of Dex' login
prompt an idea of what they should enter for a username.

Before, irregardless of how the LDAP connector was set up, the prompt
was

    Username
    [_________________]

    Password
    [_________________]

Now, this is configurable, and can be used to say "MyCorp SSO Login" if
that's what it is.

If it's not configured, it will default to "Username".

For the passwordDB connector (local users), it is set to "Email
Address", since this is what it uses.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-11-09 09:30:03 +01:00
Eric Chiang
ccf85a7269
Merge pull request #1108 from dqminh/etcd-storage
Add etcd backed storage
2017-11-06 08:36:43 -08:00
Daniel Dao
a2188bebf1 add documentation for etcd storage
This adds references to etcd storage, including:
- only supports etcd v3
- list of options and their meanings when connecting to etcd cluster
2017-11-06 14:40:25 +00:00