* Remove some unlikely to be used fields to help configurability.
* Combined "serverHost" and "serverPort" into "host"
* Remove "timeout" (just default to 30 seconds).
* Remove "maxIdleConn" will add it back if users feel the need
to control the number of cached connections.
* Remove "trustedEmailProvider" (just always trust).
* Remove "skipCertVerification" you can't make this connector
ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
Adds consistency to existing samples for users, connectors, etc., as
well as protects users from accidental changes to files under Git, which
is why there are samples after all.
Authentication is performed by binding to the configured LDAP server using
the user supplied credentials. Successfull bind equals authenticated user.
Optionally the connector can be configured to search before authentication.
The entryDN found will be used to bind to the LDAP server.
This feature must be enabled to get supplementary information from the
directory (ID, Name, Email). This feature can also be used to limit access
to the service.
Example use case: Allow your users to log in with e-mail address instead of
the identification string in your DNs (typically username).
To make re-use of HTTP form handling code from the Local connector possible:
- Implemented IdentityProvider interface
- Moved the re-used functions to login_local.go
Fixes#119
The "redirectURLs" field in the client metadata has been updated
to the correct "redirect_uris". To allow backwards compatibility
use Postgres' JSON features to update the actual JSON in the text
field.
json_build_object was introduced in Postgres 9.4. So update the
documentations to require at least this version.
- Be more explicit with exact instructions to startup
- Change some of the commands that were using local directory with "./" when
the executable was in a lower directory. These
commands (like "./bin/dex-worker") did not work on ZSH or Bash, so I
removed the leading "./"
- Add some syntax highlighting markdown to code sections
In the 'getting started' doc create a user and database for dex to
clarify that the user needs permissions to create databases, but
dex does not.
closes#127
Provides a more accurate walk through of the screens and menus of the Google
Developers Console encountered whilst creating a client ID.
Fixes#125
Signed-off-by: Chris Swan <@cpswan>