Anthony Brandelli
f07a58a7f1
Remove google specific hd / hosted domain claim config
...
Signed-off-by: Anthony Brandelli <abrandel@cisco.com>
2022-05-06 13:54:19 -06:00
Maksim Nabokikh
453504c450
Merge pull request #2430 from dhaus67/openshift-connector-system-root-cas
...
Create setting to allow to trust the system root CAs
2022-05-05 11:37:25 +04:00
techknowlogick
1067641e53
Feature: groups in Gitea
...
Signed-off-by: techknowlogick <techknowlogick@gitea.io>
2022-04-19 16:58:05 -04:00
Daniel Haus
4088d4f897
Remove external setting, enable injection of HTTP client to config.
...
Signed-off-by: Daniel Haus <dhaus@redhat.com>
2022-04-12 17:38:59 +02:00
Daniel Haus
2b262ff5d6
Create setting to allow to trust the system root CAs
...
Previously, when rootCA was set, the trusted system root CAs were ignored. Now, allow for both being able to be configured and used
Signed-off-by: Daniel Haus <dhaus@redhat.com>
2022-04-12 17:38:58 +02:00
Engin Diri
5d9d68106a
feat: Add acr_values support for OIDC
...
Signed-off-by: Engin Diri <engin.diri@mail.schwarz>
2022-03-05 09:25:27 +01:00
Maksim Nabokikh
5f9abc5be8
Merge pull request #2371 from seuf/authproxy-groups-configuration
...
Allow configuration of returned groups via authproxy connector
2022-03-04 00:44:56 +04:00
Maksim Nabokikh
5b0cb0704a
Merge pull request #2342 from dhaus67/refresh-token-openshift-connector
...
Add support for RefreshConnector for openshift connector.
2022-03-02 11:46:21 +04:00
seuf
4ee9658dfe
[authproxy] Allow configuration of returned groups
...
Via HTTP Header if present and with manually configured staticGroups in authproxy connector
Signed-off-by: seuf <seuf76@gmail.com>
2022-01-31 10:36:54 +01:00
Rahul M Chheda
2bc4ad6b56
[fix] Replace /teams API w/ /workspaces endpoints
...
Signed-off-by: Rahul M Chheda <rahul.chheda@accurics.com>
2022-01-27 14:08:48 +05:30
Happy2C0de
419db81c67
Remove overrideWithMissingCustomEmailClaim
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Happy2C0de
55605751f5
Add overrideWithMissingCustomEmailClaim test
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Happy2C0de
b28098dde8
Revert querying preferrredUsernameKey
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Happy2C0de
1608b473eb
Remove false failed errors.
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Happy2C0de
2b6bb1997c
Revert ClaimMapping struct
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Happy2C0de
14a0aecc81
Move claimMapping.enforce to overrideClaimMapping
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Happy2C0de
45143c98b3
Add claimMapping enforcement
...
Signed-off-by: Happy2C0de <46957159+Happy2C0de@users.noreply.github.com>
2022-01-19 13:38:09 +01:00
Maksim Nabokikh
9d3471e39b
Merge pull request #2026 from flant/ldap-groups-user-matcher-warning
...
chore: warning about deprecated LDAP groupSearch fields
2021-12-11 13:26:30 +04:00
Daniel Haus
6256b863b0
Fix linting issues.
...
Signed-off-by: Daniel Haus <dhaus@redhat.com>
2021-12-06 13:28:25 +01:00
Daniel Haus
6d55fe1c80
Add support for refresh tokens for openshift connector.
...
Signed-off-by: Daniel Haus <dhaus@redhat.com>
2021-12-03 16:38:56 +01:00
Rui Yang
539e08ba50
small refactors and cleanup
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-12-01 12:45:25 -05:00
Rui Yang
8b865169bd
fix minor compilation error for group claim
...
us 'os' insteak of 'io/ioutil'
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 17:58:34 -05:00
Vlad Safronov
7c80e44caf
Add a test case
...
Signed-off-by: Vlad Safronov <vladislav.safronov@oracle.com>
2021-11-17 15:06:54 -05:00
Vlad Safronov
45932bd38a
skymarshal: behaviour: Handle groups as maps
...
There are cases when groups are represented as a list
of maps, not strings e.g. "groups":[{"id":"1",
"name":"gr1"},{"id": "2", "name":"gr2"}]. Handle groups
represented as a list of maps.
concourse/dex#23
Signed-off-by: Vlad Safronov <vladislav.safronov@oracle.com>
2021-11-17 15:06:54 -05:00
Rui Yang
f980d3e0a7
cleanup and optimization
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 15:06:54 -05:00
Rui Yang
8ea121b45a
move oauth connector doc to dex website repo
...
move default key values configure to connector construct function
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 15:06:54 -05:00
Rui Yang
02860da8b6
use claim mappings when retrieving user identity
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 15:06:54 -05:00
Rui Yang
60b8875780
use testify in oauth tests
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 15:06:54 -05:00
Rui Yang
9952851cc4
add configurable preferred_username key
...
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-11-17 15:06:54 -05:00
Rui Yang
930b331a5b
use PreferredUsername
...
Signed-off-by: Rui Yang <ryang@pivotal.io>
2021-11-17 15:06:53 -05:00
Josh Winters
a087c05ebf
Make oauth user name and user id configurable
...
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
2021-11-17 15:06:53 -05:00
Joshua Winters
9284ffb8c0
Add generic oauth connector
...
Co-authored-by: Shash Reddy <sreddy@pivotal.io>
Signed-off-by: Joshua Winters <jwinters@pivotal.io>
2021-11-17 15:06:53 -05:00
Matt Hoey
ee5b5b25bd
Resolves #2111 Option to fetch transitive group membership
...
Signed-off-by: Matt Hoey <matt.hoey@missionlane.com>
2021-10-17 12:48:22 -07:00
Eng Zer Jun
f0186ff265
refactor: move from io/ioutil to io and os package
...
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil . This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2021-09-17 14:12:39 +08:00
Henning
138364ceeb
handlePasswordGrant: insert connectorData into OfflineSession ( #2199 )
...
* handlePasswordGrant: insert connectorData into OfflineSession
This change will insert the ConnectorData from the initial Login
into the OfflineSession, as already done in handlePasswordLogin.
Signed-off-by: Henning Surmeier <h.surmeier@mittwald.de>
2021-07-21 00:05:35 +04:00
Mark Sagi-Kazar
215c3160f8
fix(connector/ldap): explicit anonymus ldap bind
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-06-28 17:49:47 +02:00
m.nabokikh
dea1d3383c
Deprecation warning log message
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-24 19:40:28 +04:00
m.nabokikh
13a83d9bba
chore: warning about deprecated LDAP groupSearch fields
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-24 19:08:13 +04:00
Márk Sági-Kazár
b1ac799073
Merge pull request #1912 from wellplayedgames/microsoft-prompt-type
...
Support setting the prompt type for the Microsoft connector
2021-04-24 10:58:43 +02:00
Márk Sági-Kazár
e3f8b0f2f6
Merge pull request #2036 from flant/keystone-minor-fixes
...
chore: add keystone connector icon and bump tests dependencies
2021-03-22 17:51:19 +01:00
Salman Ahmed
bbd8b3b3cd
connector/ldap: use go-ldap version v3
...
Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com>
2021-03-22 16:17:47 +01:00
m.nabokikh
6be747142a
chore: add keystone connector icon and bump tests dependencies
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-11 23:03:37 +04:00
m.nabokikh
84a07a7805
Do not run LDAP tests if DEX_LDAP_HOST is not set
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 17:05:41 +04:00
m.nabokikh
1f2771b57e
fix: do not run LDAP tests locally by default
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 12:55:52 +04:00
Mark Sagi-Kazar
6f70272bc3
test(connector/ldap): remove ldap test gate
...
Now that the ldap tests don't create containers on the fly
they can run the same way as other integration tests.
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-15 16:46:43 +01:00
Mark Sagi-Kazar
f11db50369
test(connector/ldap): rewrite tests to use a single server instance
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-15 16:37:03 +01:00
m.nabokikh
b2e9f67edc
Enable unparam, prealloc, sqlclosecheck linters
...
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-15 19:29:13 +04:00
Mark Sagi-Kazar
b8ac640c4f
Update oidc library
...
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-13 19:56:09 +01:00
Erica Taylor
ba47aaba86
microsoft: Support setting the prompt type
...
Signed-off-by: Erica Taylor <ricky@wellplayed.games>
2021-01-11 11:48:58 +00:00
Márk Sági-Kazár
4f326390aa
Merge pull request #1839 from seuf/authproxy-header-configuration
...
Allow configuration of returned auth proxy header
2021-01-07 10:40:57 +01:00