bobbyrullo
ce7214657c
Merge pull request #468 from bobbyrullo/remove_apis
...
Remove old client_resource api
2016-06-15 15:28:30 -07:00
Bobby Rullo
c9c33befb5
adminschema: fix test
...
go 1.5.4 accepts just about anything as a URL, so instead just trigger
with blank URL
2016-06-15 14:31:02 -07:00
Bobby Rullo
ce421a4dab
schema: gofmt the generated code.
2016-06-15 11:42:50 -07:00
Bobby Rullo
82c5c27048
schema: generator now gofmts everything.
2016-06-15 11:42:50 -07:00
Bobby Rullo
59dc4a9400
dexctl: remove api driver
...
API Driver is dead: This API turns out to not be super useful, requiring
an existing client to create other clients is weird.
Long live API Driver? Let's use Dynamic Client API and the bootstrap API
to create a better API Driver! LONG LIVE API DRIVER.
2016-06-15 11:42:50 -07:00
Bobby Rullo
8942a49702
server: remove client_resource api
...
...and dependent code.
2016-06-15 11:42:50 -07:00
Bobby Rullo
adb2ccf872
test: add schema/adminschema to tests
2016-06-15 11:42:50 -07:00
Bobby Rullo
104c9761c6
schema: remove clients API
...
The only thing using this AFAIK is dexctl in api_driver mode, which
no-one uses - it's a sort of weird API which requires a client to create
other clients, and gives all clients the ability to list all other
clients. So we are removing it.
2016-06-15 11:42:50 -07:00
bobbyrullo
b7e19b6e84
Merge pull request #465 from bobbyrullo/cross_client_refresh_tokens
...
Cross client refresh tokens
2016-06-14 14:15:04 -07:00
Bobby Rullo
75473b4cba
refresh tokens: grant claims based on scopes
...
Before, this logic was only in the OIDCServer.CodeToken() method; now it has been
pulled out so that other paths, like OIDCServer.RefreshToken() can use
it.
The net affect, is that now refresh tokens can be used to get
cross-client authenticated ID Tokens.
2016-06-14 14:14:36 -07:00
Bobby Rullo
32a1994a5e
refresh tokens: store and validate scopes.
...
A refresh request must fail if it asks for scopes that were not
originally granted when the refresh token was obtained.
This Commit:
* changes repo to store scopes with tokens
* changes repo interface signatures so that scopes can be stored and
verified
* updates dependent code to pass along scopes
2016-06-14 14:14:36 -07:00
Eric Chiang
ea2f0a3264
Merge pull request #466 from zlabjp/update-go-oidc
...
vendor: update go-oidc to add support for Azure AD
2016-06-13 09:28:29 -07:00
Takashi Kusumi
316953d33f
vendor: update go-oidc to add support for Azure AD
...
Update github.com/coreos/go-oidc/ to include coreos/go-oidc#87
which adds support for Azure AD
2016-06-13 11:03:59 +09:00
Eric Chiang
868f53228c
Merge pull request #459 from burdiyan/github-templates
...
Use Github templates for issues/proposals
2016-06-10 17:00:39 -07:00
Eric Chiang
ad8d5e161f
Merge pull request #464 from ericchiang/genconfig-dont-hijack-package-comment
...
*: don't let generated comment become package comment
2016-06-10 17:00:02 -07:00
Eric Chiang
b7674744ee
*: don't let generated comment become package comment
2016-06-10 12:40:58 -07:00
bobbyrullo
ae56f6de85
Merge pull request #458 from bobbyrullo/load_static_cross_clients
...
Load trustedPeers in no DB mode, add x-client to example app
2016-06-09 16:29:36 -07:00
Bobby Rullo
ce14dc4368
examples, static: Add cross-client auth to example
...
* add trustedPeers to a client in client.json.sample
* add optional cross client auth to example web app
* login page is now templated
2016-06-09 16:16:10 -07:00
Eric Chiang
9739b6e966
Merge pull request #461 from burdiyan/400-better-errors-connectors
...
#400 Add connector id to the registration error message
2016-06-09 09:56:03 -07:00
Alexandr Burdiyan
24134e18ea
Add connector id to the registration error message
...
Right now it is not clear what connector is failing. It will be easier to debug with more specific error message.
Related to #400 .
2016-06-09 13:19:21 +02:00
Alexandr Burdiyan
09cb38577f
Use Github templates for issues/proposals
...
Github launched the ability to automatically populate issues and pull requests with custom templates automatically
(https://github.com/blog/2111-issue-and-pull-request-templates ). This eliminates the need to have custom scripts
for populating github issues with custom templates. It should be easier for contributors to just open an issue
and not worrying about copy the template.
2016-06-09 10:56:10 +02:00
Bobby Rullo
88142764e9
db: Don't check that trusted peers clients exist
...
Checking that trusted peers exist means that you have to create clients
in a certain order, or else create all the clients, then update trusted
peers. Either way, not a great experience during setup.
The downside, of course, is that you lose validation of peer
IDs.
2016-06-08 11:54:15 -07:00
Bobby Rullo
ca18efb1fe
client: load full clients w/ LoadableClient
...
The Client object on its own doesn't fully express everything about a
single client, and so when loading clients from a static configuration
it's not enough to just (de)serialize clients.
To that end, LoadableClient contains the full representation of a client
and associated entities.
2016-06-08 11:31:50 -07:00
bobbyrullo
a9d854e144
Merge pull request #426 from bobbyrullo/cross_client_2
...
Cross client work
2016-06-07 17:36:06 -07:00
Bobby Rullo
5939a15d10
remove DexServer
2016-06-07 17:27:06 -07:00
Bobby Rullo
e71c5086ba
server: CodeToken now does Cross-Client auth
2016-06-07 17:22:41 -07:00
Bobby Rullo
9b4740862c
server: /auth accepts, validates X-client scopes
2016-06-07 17:16:11 -07:00
Bobby Rullo
e6e04be297
integration: changes based on codegen
2016-06-07 17:16:11 -07:00
Bobby Rullo
2406c09598
workerschema: move Client.Revoke to RefreshClient
...
also, RevokeClient -> RevokeClient for consistency.
2016-06-07 17:16:11 -07:00
Bobby Rullo
e1c070d84e
admin: add trustedPeers bootstrap api
2016-06-07 17:16:11 -07:00
Bobby Rullo
5e9dd9f4b0
adminschema: add trustedPeers to client creation
2016-06-07 17:16:11 -07:00
Bobby Rullo
f9dbc8a3d2
db, client: add data model for trusted peers
...
Trusted Peers are clients that are authorized to mint tokens
for another client.
2016-06-07 17:16:09 -07:00
bobbyrullo
546463adcc
Merge pull request #457 from bobbyrullo/client_manager_tweaks
...
Various client api tweaks
2016-06-07 17:01:28 -07:00
Bobby Rullo
182e8af420
test: alphabetize tests
2016-06-07 16:47:30 -07:00
Bobby Rullo
1b4dca80d7
client: remove ClientManagerFromClients
...
Replaced by ClientRepoFromClients, which makes more sense IMO. Also, it
was doing the wrong thing: it was ignoring the client_id and client_secret
passed into it as far as I can tell.
2016-06-07 16:47:30 -07:00
Bobby Rullo
a33d61c8e2
server: remove boilerplate setup code part deux
...
Use the test fixture setup stuff in testutil instead.
2016-06-07 16:47:30 -07:00
Bobby Rullo
ad1d5ab253
server: remove boilerplate setup code
...
Use the test fixture setup stuff in testutil instead.
2016-06-07 16:47:29 -07:00
Bobby Rullo
8d1a6f2324
functional: test sample clients file is valid
...
Also tests that it's being loaded properly (which is not the case in
NewClientManagerFromClients, which will be removed in subsequent commit)
2016-06-07 16:47:29 -07:00
Eric Chiang
9c260c7698
Merge pull request #455 from ericchiang/update-go-versions-for-travis
...
*: Update Go versions used for Travis tests and test tip
2016-06-06 10:29:20 -07:00
Eric Chiang
ca0655cbba
Merge pull request #453 from kismatic/tls-example-app
...
Added TLS support to the example application
2016-06-05 09:54:37 -07:00
abrand
51659716e0
Improved error message when TLS config is specified, but listen/redirect URL are using wrong scheme
2016-06-03 20:04:13 -04:00
Eric Chiang
2362154d99
*: allow builds with development versions of Go
2016-06-03 11:19:19 -07:00
Eric Chiang
1ffb243e9a
*: Update Go versions used for Travis tests and test tip
2016-06-03 10:56:03 -07:00
Eric Chiang
2d5fb0b47a
Merge pull request #316 from fnordahl/issue/309-implement-connection-pooling
...
connector_ldap: Implement connection pooling for LDAP connections
2016-06-03 08:30:12 -07:00
abrand
6f98dfeb96
Added TLS support to the example application
2016-06-03 07:51:00 -04:00
Frode Nordahl
3077979a3b
Functional tests for LDAP Connection Pool
2016-06-03 11:04:58 +02:00
Frode Nordahl
e531dd6be5
Implement connection pooling for LDAP connections
...
Fixes #309
2016-06-03 11:04:58 +02:00
Frode Nordahl
f976fa1d3b
vendor: Add golang.org/x/net/context
2016-06-03 11:00:29 +02:00
Bobby Rullo
86ef34d8e2
client: generateClientCreds -> addClientCreds
...
a little easier to read this way IMO.
2016-06-02 18:39:58 -07:00
Eric Chiang
4440b3a085
Merge pull request #449 from ericchiang/add-connectors-to-api
...
Set and list connectors from admin API
2016-06-01 10:51:30 -07:00