Commit graph

2152 commits

Author SHA1 Message Date
Happy2C0de
45143c98b3 Add claimMapping enforcement
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Andrew Keesler
0394bf8cea
distroless: Dockerfile works with distroless base image
I can build this via:
  docker build --build-arg BASEIMAGE=gcr.io/distroless/static:latest -t andrew:distroless .

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2022-01-18 19:40:28 -05:00
Andrew Keesler
a672ff9288
distroless: fetch CA certificates in builder stage
...so that we don't rely on a package manager to bring these down into the
runner stage.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2022-01-18 19:18:43 -05:00
Andrew Keesler
764ce711b6
distroless: rewrite docker-entrypoint.sh in go
See go doc ./cmd/docker-entrypoint for why.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2022-01-18 19:18:43 -05:00
Márk Sági-Kazár
ba1bd65c10
Merge pull request #2374 from bobcallaway/patch-1
add sigstore to ADOPTERS.md
2022-01-16 16:19:01 +01:00
Bob Callaway
3e0f7c42b8 add sigstore to ADOPTERS.md
@sagikazarmark FYI

Signed-off-by: Bob Callaway <bob.callaway@gmail.com>
2022-01-16 08:43:33 -05:00
Márk Sági-Kazár
f44af5c8e9
Merge pull request #2372 from dexidp/update-examples
Update dependencies in the examples package
2022-01-16 10:31:40 +01:00
Mark Sagi-Kazar
eb26422bdc
chore(examples): update dependencies
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-01-15 11:10:51 +01:00
dependabot[bot]
716eef83bc
Merge pull request #2368 from dexidp/dependabot/go_modules/google.golang.org/api-0.65.0 2022-01-12 18:20:22 +00:00
dependabot[bot]
e8d8967a5b
build(deps): bump google.golang.org/api from 0.64.0 to 0.65.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.64.0 to 0.65.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.64.0...v0.65.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-12 04:07:04 +00:00
dependabot[bot]
adaa31c0a5
Merge pull request #2364 from dexidp/dependabot/go_modules/google.golang.org/api-0.64.0 2022-01-07 07:43:31 +00:00
dependabot[bot]
97abc800fb
Merge pull request #2363 from dexidp/dependabot/docker/golang-1.17.6-alpine3.14 2022-01-07 07:42:51 +00:00
dependabot[bot]
cb916cdf43
build(deps): bump google.golang.org/api from 0.63.0 to 0.64.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.63.0 to 0.64.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.63.0...v0.64.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-07 04:16:52 +00:00
dependabot[bot]
84802f247f
build(deps): bump golang from 1.17.5-alpine3.14 to 1.17.6-alpine3.14
Bumps golang from 1.17.5-alpine3.14 to 1.17.6-alpine3.14.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-07 04:06:48 +00:00
dependabot[bot]
3bc6a45ee1
Merge pull request #2362 from dexidp/dependabot/go_modules/github.com/mattn/go-sqlite3-1.14.10 2021-12-30 18:24:43 +00:00
Márk Sági-Kazár
d112627564
ci: remove unnecessary permissions from docker workflow 2021-12-30 18:12:08 +01:00
dependabot[bot]
7f17aae35d
build(deps): bump github.com/mattn/go-sqlite3 from 1.14.9 to 1.14.10
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.9 to 1.14.10.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.9...v1.14.10)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-30 04:23:10 +00:00
Márk Sági-Kazár
c8d55ce016
Merge pull request #2324 from dexidp/nix
Add Nix environment
2021-12-24 16:43:09 +01:00
dependabot[bot]
39ddadcd8e
Merge pull request #2356 from dexidp/dependabot/go_modules/api/v2/google.golang.org/grpc-1.43.0 2021-12-19 15:58:23 +00:00
dependabot[bot]
74dc922703
build(deps): bump google.golang.org/grpc in /api/v2
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.42.0 to 1.43.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.42.0...v1.43.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-19 16:10:14 +01:00
dependabot[bot]
25f5b47272
Merge pull request #2355 from dexidp/dependabot/go_modules/google.golang.org/grpc-1.43.0 2021-12-19 15:09:38 +00:00
Mark Sagi-Kazar
79721196a8
fix(server): wrap credentials in the correct Dial option
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-12-19 15:41:15 +01:00
Stephen Augustus
243661155e
server: grpc.WithInsecure is now insecure.NewCredentials()
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2021-12-17 19:39:03 -05:00
dependabot[bot]
3fa53bbc3d
build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.42.0 to 1.43.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.42.0...v1.43.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-18 00:14:40 +00:00
dependabot[bot]
a407b5861b
Merge pull request #2353 from dexidp/dependabot/go_modules/google.golang.org/api-0.63.0 2021-12-18 00:05:47 +00:00
dependabot[bot]
93b32c3500
build(deps): bump google.golang.org/api from 0.62.0 to 0.63.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.62.0 to 0.63.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.62.0...v0.63.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 17:07:43 +00:00
dependabot[bot]
4a42e80a7a
Merge pull request #2354 from dexidp/dependabot/go_modules/github.com/spf13/cobra-1.3.0 2021-12-15 16:58:11 +00:00
dependabot[bot]
a941593b8b
build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-15 04:18:04 +00:00
Maksim Nabokikh
9d3471e39b
Merge pull request #2026 from flant/ldap-groups-user-matcher-warning
chore: warning about deprecated LDAP groupSearch fields
2021-12-11 13:26:30 +04:00
dependabot[bot]
79233f41ef
Merge pull request #2349 from dexidp/dependabot/docker/golang-1.17.5-alpine3.14 2021-12-11 01:15:16 +00:00
dependabot[bot]
a413d9b383
build(deps): bump golang from 1.17.4-alpine3.14 to 1.17.5-alpine3.14
Bumps golang from 1.17.4-alpine3.14 to 1.17.5-alpine3.14.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-10 04:07:09 +00:00
dependabot[bot]
b14b0fd127
Merge pull request #2348 from dexidp/dependabot/go_modules/google.golang.org/api-0.62.0 2021-12-09 14:16:36 +00:00
dependabot[bot]
ae1b50c26b
build(deps): bump google.golang.org/api from 0.61.0 to 0.62.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.61.0 to 0.62.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.61.0...v0.62.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-09 04:15:53 +00:00
Maksim Nabokikh
ac02fb04cf
Merge pull request #2344 from flant/invalid_grant_claim_another_client
fix: return invalid_grant error on claiming token of another client
2021-12-08 17:30:52 +04:00
Maksim Nabokikh
ca615f7ad7 Update server/refreshhandlers.go
Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-12-08 09:13:24 +04:00
Márk Sági-Kazár
7ebc76b79e
Merge pull request #2345 from dexidp/dependabot/docker/golang-1.17.4-alpine3.14
build(deps): bump golang from 1.17.3-alpine3.14 to 1.17.4-alpine3.14
2021-12-08 03:39:30 +01:00
Daniel Haus
6256b863b0
Fix linting issues.
Signed-off-by: Daniel Haus <dhaus@redhat.com>
2021-12-06 13:28:25 +01:00
dependabot[bot]
131bf83699
build(deps): bump golang from 1.17.3-alpine3.14 to 1.17.4-alpine3.14
Bumps golang from 1.17.3-alpine3.14 to 1.17.4-alpine3.14.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-06 04:05:51 +00:00
m.nabokikh
578cb05f7b fix: return invalid_grant error on claiming token of another client
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-12-05 23:45:52 +04:00
Daniel Haus
6d55fe1c80
Add support for refresh tokens for openshift connector.
Signed-off-by: Daniel Haus <dhaus@redhat.com>
2021-12-03 16:38:56 +01:00
dependabot[bot]
40e21f14ca
Merge pull request #2341 from dexidp/dependabot/go_modules/google.golang.org/api-0.61.0 2021-12-03 09:58:46 +00:00
dependabot[bot]
1f30080e6a
build(deps): bump google.golang.org/api from 0.60.0 to 0.61.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.60.0 to 0.61.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.60.0...v0.61.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-03 04:16:54 +00:00
Márk Sági-Kazár
e7c287a00d
Merge pull request #1630 from concourse/pr/add-oauth-connector-sync
OAuth connector
2021-12-02 02:17:44 +01:00
Rui Yang
539e08ba50 small refactors and cleanup
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-12-01 12:45:25 -05:00
Márk Sági-Kazár
e00e75b773
Merge pull request #2337 from iam-veeramalla/printversion
feat: print dex version in the logs
2021-11-25 16:01:16 +01:00
iam-veeramalla
528ef18c2f feat: print dex version in the logs
Signed-off-by: iam-veeramalla <abhishek.veeramalla@gmail.com>
2021-11-25 17:58:09 +05:30
dependabot[bot]
f70015dfed
Merge pull request #2336 from dexidp/dependabot/docker/alpine-3.15.0 2021-11-25 08:50:42 +00:00
dependabot[bot]
f717c71d66
build(deps): bump alpine from 3.14.3 to 3.15.0
Bumps alpine from 3.14.3 to 3.15.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-25 04:05:42 +00:00
Rui Yang
8b865169bd fix minor compilation error for group claim
us 'os' insteak of 'io/ioutil'

Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 17:58:34 -05:00
Vlad Safronov
7c80e44caf Add a test case
Signed-off-by: Vlad Safronov <vladislav.safronov@oracle.com>
2021-11-17 15:06:54 -05:00