Eric Chiang
35cab93c0a
*: add --enable-automatic-registration flag to worker
...
For remote connectors, allow users to skip registration.
2016-06-17 16:29:56 -07:00
Bobby Rullo
59dc4a9400
dexctl: remove api driver
...
API Driver is dead: This API turns out to not be super useful, requiring
an existing client to create other clients is weird.
Long live API Driver? Let's use Dynamic Client API and the bootstrap API
to create a better API Driver! LONG LIVE API DRIVER.
2016-06-15 11:42:50 -07:00
Eric Chiang
b7674744ee
*: don't let generated comment become package comment
2016-06-10 12:40:58 -07:00
Alexandr Burdiyan
24134e18ea
Add connector id to the registration error message
...
Right now it is not clear what connector is failing. It will be easier to debug with more specific error message.
Related to #400 .
2016-06-09 13:19:21 +02:00
Bobby Rullo
f9dbc8a3d2
db, client: add data model for trusted peers
...
Trusted Peers are clients that are authorized to mint tokens
for another client.
2016-06-07 17:16:09 -07:00
Eric Chiang
35ea3d9ae1
*: add ability to set and list connectors from admin API
...
closes #360
2016-06-01 09:31:47 -07:00
Evan Cordell
73d9742c8b
client manager: accept full client when creating
2016-05-24 14:44:04 -05:00
Evan Cordell
a418e1c4e7
client: add client manager
...
adds a client manager to handle business logic, leaving the repo
for basic crud operations. Also adds client to the test script
2016-05-19 16:20:12 -07:00
Evan Cordell
3da98fcb8e
client: add transaction support
2016-05-19 16:17:01 -07:00
Bobby Rullo
9c403aba41
fix dexctl
2016-04-20 14:31:28 -07:00
Bobby Rullo
399b15abeb
integration, *: Improve tests for admin api
...
* TestCreateClient was missing test coverage on error cases
* Fixed bug where 500s were being reported for bad requests
* changed function signature of NewAdminAPI back to old way of passing
in lots of repos: passing in a DbMap made it difficult to test
* added swappable ID and Secret generators when creating Clients
2016-04-20 14:31:27 -07:00
Bobby Rullo
e5948ab3ce
*: ClientIdentityXXX -> ClientXXX
...
Get rid of all outdated "ClientIdentity" terminology.
2016-04-20 14:31:27 -07:00
Eric Chiang
b10645f58d
*: add client registration endpoint to admin API
2016-04-05 11:37:26 -07:00
Eric Chiang
6120f7ac05
*: add isAdmin option to client repo when creating a client
2016-04-05 11:29:58 -07:00
Eric Chiang
07af73f367
*: don't allow sqlite3 if --no-db flag not specified
2016-02-12 13:19:05 -08:00
Eric Chiang
907f536e74
Merge pull request #273 from ericchiang/version
...
cmd: add version to command worker and overlord, print go version
2016-02-05 09:30:48 -08:00
Eric Chiang
232a6103f9
Merge pull request #285 from ericchiang/api_docs
...
add generated documentation for APIs
2016-02-01 16:26:05 -08:00
Eric Chiang
af790e46bb
Merge pull request #267 from ericchiang/metadata
...
add dynamic client registration
2016-02-01 16:25:57 -08:00
Eric Chiang
c7ed4fdd60
pkg,cmd: add document generator tool
2016-02-01 16:09:23 -08:00
Eric Chiang
04cd1851aa
server: add dynamic client registration
2016-02-01 16:06:46 -08:00
Eric Chiang
ec3bc7f258
*: allow dexctl set-connector-configs to read from stdin
...
Closes #276
2016-01-19 08:59:34 -08:00
Eric Chiang
0deccc7050
cmd: add version to command worker and overlord, print go version
...
Closes #272
2016-01-15 11:15:32 -08:00
Eric Chiang
5e44b6bc27
*: update all to accommodate changes to go-oidc
...
Update dex to comply with the changes to fieldnames and types of
the client and provider metadata structs in coreos/go-oidc.
2016-01-12 17:16:28 -08:00
Eric Chiang
22c20e4e32
cmd: add version subcommand to dexctl
...
closes #220
2015-12-28 15:56:43 -08:00
Eric Chiang
8e5115ce73
cmd: use spf13/cobra for dexctl cli logic
2015-12-28 15:55:11 -08:00
Eric Chiang
3776c74c15
cmd: reduce backoff max when worker is waiting for connectors
...
fixes #177
2015-12-22 10:25:27 -08:00
Eric Chiang
49389c9b90
cmd, db: verify at least one secret is passed to --key-secrets
...
Passing an empty list to the overlord or worker's --key-secrets
flag currently causes an out of range panic. Always check to ensure
there's at least one element passed.
Fixes #130
Fixes #217
2015-12-16 20:28:21 -08:00
bobbyrullo
521aeae3db
Merge pull request #199 from ericchiang/validate_connector
...
api: validate local connector existence before creating user
2015-12-07 17:44:22 -08:00
Eric Chiang
f43655a8c3
user/manager: connector must exists when creating remote identity
...
Add ConnectorConfigRepo to UserManager. When trying to create a
RemoteIdentity, validate that the connector ID exists.
Fixes #198
2015-12-07 17:34:08 -08:00
Eric Chiang
d518447282
user: move user manager to it's own package
...
This commit moves the user.Manage to its own package (user/manager)
so it can import the connector package in a later commit.
For clarity, it renames "Manager" to "UserManager" using gorname.
This commit has no functional changes.
2015-12-07 15:34:14 -08:00
Brian Waldon
b14ce73fa0
*: use example.com in place of coreos.com
...
Align with RFC2606 for example email addresses, using example.com
in place of coreos.com where appropriate.
2015-12-07 14:55:29 -08:00
George Tankersley
07a4d4441e
pkg/crypto: replace old crypto with new crypto
2015-10-29 13:45:25 -07:00
Bobby Rullo
55040c55fa
server, integration, cmd: Protect Admin API
...
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
2015-10-01 13:15:45 -07:00
Bobby Rullo
d3d6a75b91
fixup - Code review changes.
2015-09-30 17:07:00 -07:00
Bobby Rullo
bf9517fdaa
server,cmd: Add flag for disabling registation
...
For situations where admins add users.
2015-09-30 16:35:58 -07:00
Bobby Rullo
510293a984
fixup
2015-09-18 17:25:06 -07:00
Bobby Rullo
3cd0d84e31
cmd/dex-worker: wait 'til connectors are available
...
Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.
2015-09-18 17:11:58 -07:00
Giulio Iotti
472e4a02a4
*: Remove unnecessary else statements
...
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
Bobby Rullo
f1820cda14
cmd,server,static/html: Configurable name, logo
...
fixes #47
2015-09-02 18:00:28 -07:00
Bobby Rullo
62aa12fa6c
cmd/dex-overlord: was using the wrong err
2015-09-01 17:07:10 -07:00
Bobby Rullo
9b64ecb2d7
cmd/dex-overlord: bind admin API on 127.0.0.1
...
Instead of 0.0.0.0; this is safer, since the admin API is very powerful.
fixes #97
2015-08-31 13:42:16 -07:00
Yifan Gu
3da456efa8
dex-worker: add TLS support.
...
Add two new flags '--cert-file' and '--key-file'.
If scheme == 'https', then we will use the two new flags to get
the cert/key pair for TLS connection.
Also add '--ca-file' to the example app to allow TLS connection to the
dex-worker using a specified ca file.
2015-08-29 01:42:21 -07:00
Bobby Rullo
d0c199b62c
cmd, server: base64 encode multiple secrets
...
Two things here:
* key secrets are now base64 encoded strings, so we get the full key
space
* we can pass >1 of them in so we can rotate them
2015-08-26 10:43:24 -07:00
Alex Polvi
c7d2393add
bug: remote whitespace so eval works
2015-08-24 08:20:04 -07:00
Bobby Rullo
8b6a2699d9
cmd/dex-overlord, db: migrations in overlord
...
Migrations happen only in the overlord, so there's no thundering herd,
and database initialziation can be more easily controlled.
2015-08-20 11:44:43 -07:00
Bobby Rullo
66fe201c24
*: move original project to dex
2015-08-18 11:26:57 -07:00