Commit graph

1780 commits

Author SHA1 Message Date
Márk Sági-Kazár
2bf728c6ec
Merge pull request #1926 from dexidp/update-etcd-3.5
Update etcd to 3.5
2021-03-23 14:44:26 +01:00
Mark Sagi-Kazar
356ccecc24
chore(deps): update etcd client to 3.5
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 22:12:35 +01:00
Márk Sági-Kazár
8e7ce6353f
Merge pull request #2057 from dexidp/codec
Upgrade protobuf in internal codec
2021-03-22 20:24:07 +01:00
Mark Sagi-Kazar
d25051c867
chore(deps): upgrade protobuf in server/internal package
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 19:27:47 +01:00
Mark Sagi-Kazar
41712bcbfa
build: rename old proto download targets
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 18:28:15 +01:00
Márk Sági-Kazár
e3f8b0f2f6
Merge pull request #2036 from flant/keystone-minor-fixes
chore: add keystone connector icon and bump tests dependencies
2021-03-22 17:51:19 +01:00
Márk Sági-Kazár
8cba308b0e
Merge pull request #2056 from dexidp/updates
Update xml roundtrip validator
2021-03-22 17:40:17 +01:00
Márk Sági-Kazár
3adb4e74df
Merge pull request #2055 from salmanisd/update-ldap-to-v3
connector/ldap: use go-ldap version v3
2021-03-22 17:39:50 +01:00
Márk Sági-Kazár
1ec5cf07f2
Merge pull request #2054 from dexidp/embed-web
Embed web assets
2021-03-22 17:38:09 +01:00
Mark Sagi-Kazar
3e12618f0c
chore(deps): update xml roundtrip validator
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 16:23:01 +01:00
Salman Ahmed
bbd8b3b3cd connector/ldap: use go-ldap version v3
Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com>
2021-03-22 16:17:47 +01:00
Mark Sagi-Kazar
3ecdd57282
chore: change frontend dir default to unset
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Mark Sagi-Kazar
a050f3228a
feat: add DEX_FRONTEND_DIR env var for setting the frontend dir
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Mark Sagi-Kazar
3b80d480e5
feat!: move web assets to /srv in Dockerfile
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:05 +01:00
Mark Sagi-Kazar
d1e8b085e2
feat: use embedded assets by default
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 15:44:03 +01:00
Mark Sagi-Kazar
78fcac7568
feat: embed web assets
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-22 11:05:50 +01:00
Márk Sági-Kazár
3f0ca9b361
Merge pull request #1416 from concourse/pr/http-filesystem
Use http.FileSystem for web assets
2021-03-22 10:56:39 +01:00
Rui Yang
2f28fc7451 default to ./web when Dir and WebFS are not set
update WebFS doc

Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
4e569024fd use go 1.16 new package io/fs
Unify the interface for reading web statics. Now it could read an
OS directory or get the content on live

One could use

//go:embed static
var webFiles embed.FS

anywhere and config dex server to take the file system by setting

WebConfig{WebFS: webFiles}

Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
7b50cbf0ac use pkger for embedding static contents
Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-03-20 20:05:59 +00:00
Rui Yang
1eab25f89f use web host url for asset hosting
Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
10e9054811 Use http.FileSystem for web assets
Signed-off-by: Rui Yang <ryang@pivotal.io>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
2021-03-20 20:05:59 +00:00
Rui Yang
d658c24e8f add dex config flag for enabling client secret encryption
* if enabled, it will make sure client secret is bcrypted correctly
* if not, it falls back to old behaviour that allowing empty client
secret and comparing plain text, though now it will do
ConstantTimeCompare to avoid a timing attack.

So in either way it should provide more secure of client secret
verification.

Co-authored-by: Alex Surraci <suraci.alex@gmail.com>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-03-20 20:05:56 +00:00
Josh Winters
ec6f3a2f19 use bcrypt when comparing client secrets
- this assumes that the client is already bcrytped
when passed to dex. Similar to user passwords.

Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
2021-03-20 20:05:56 +00:00
Márk Sági-Kazár
a1adf86e53
Merge pull request #2053 from dexidp/fix-gomplate-slim
fix: stop using slim version of gomplate
2021-03-20 13:59:51 +01:00
Mark Sagi-Kazar
27dfbc0344
fix: stop using slim version of gomplate
See hairyhenderson/gomplate#1085

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-03-20 13:23:46 +01:00
dependabot[bot]
83ad7bc4e3
Merge pull request #2037 from dexidp/dependabot/docker/golang-1.16.2-alpine3.13 2021-03-12 08:49:06 +00:00
dependabot[bot]
8fee3cd212
build(deps): bump golang from 1.16.1-alpine3.13 to 1.16.2-alpine3.13
Bumps golang from 1.16.1-alpine3.13 to 1.16.2-alpine3.13.

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-12 06:42:23 +00:00
m.nabokikh
6be747142a chore: add keystone connector icon and bump tests dependencies
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-11 23:03:37 +04:00
dependabot[bot]
dab9f98a15
Merge pull request #2035 from dexidp/dependabot/docker/golang-1.16.1-alpine3.13 2021-03-11 07:13:08 +00:00
dependabot[bot]
d93a238a42
build(deps): bump golang from 1.16.0-alpine3.13 to 1.16.1-alpine3.13
Bumps golang from 1.16.0-alpine3.13 to 1.16.1-alpine3.13.

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-11 06:50:39 +00:00
Márk Sági-Kazár
3ae53f7434
Make OpenShift an alpha connector
I'm not sure why this was ever marked as stable.
2021-03-10 16:12:05 +01:00
dependabot[bot]
b9ff4dd9ae
Merge pull request #2032 from dexidp/dependabot/go_modules/github.com/sirupsen/logrus-1.8.1 2021-03-10 11:47:37 +00:00
dependabot[bot]
04b2f655e6
build(deps): bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.0...v1.8.1)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-10 07:07:37 +00:00
Maksim Nabokikh
568fc06520 Update server/refreshhandlers.go
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-09 09:41:41 +04:00
dependabot[bot]
72d11017ce
Merge pull request #2030 from dexidp/dependabot/go_modules/github.com/lib/pq-1.10.0 2021-03-08 12:01:20 +00:00
dependabot[bot]
08647537e2
Bump github.com/lib/pq from 1.9.0 to 1.10.0
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.9.0...v1.10.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-03-08 08:02:20 +00:00
Márk Sági-Kazár
f7d1405cfd
Merge pull request #2019 from dexidp/refactor-run-groups
Refactor run groups
2021-02-25 14:36:01 +01:00
Mark Sagi-Kazar
24a1103f11
refactor: rename gr to group
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-25 12:33:19 +01:00
Mark Sagi-Kazar
9cffca70f2
refactor: relocate run group initialization
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-25 12:32:28 +01:00
m.nabokikh
3bd0e91a68 Make /device/token deprecation warning more concise
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-25 11:53:25 +04:00
m.nabokikh
9ed5cc00cf Add deprecation warning for /device/token endpoint
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-24 17:14:28 +04:00
m.nabokikh
1211a86d58 fix: use /token endpoint to get tokens with device flow
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-24 16:03:25 +04:00
Márk Sági-Kazár
3c5a631ce3
Merge pull request #2009 from flant/skip-ldap-tests
fix: do not run LDAP tests locally by default
2021-02-20 23:33:31 +01:00
Márk Sági-Kazár
c73057f93d
Merge pull request #2006 from flant/update-kubernetes-section-in-readme
chore: update Kubernetes section in README
2021-02-20 23:33:20 +01:00
m.nabokikh
84a07a7805 Do not run LDAP tests if DEX_LDAP_HOST is not set
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 17:05:41 +04:00
m.nabokikh
796d4c1e6b Remove tectonic links from the README
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 16:59:37 +04:00
dependabot[bot]
c166257cf4
Merge pull request #2007 from dexidp/dependabot/docker/alpine-3.13.2 2021-02-20 12:30:25 +00:00
dependabot[bot]
ff60ac0c4f
Merge pull request #2008 from dexidp/dependabot/go_modules/github.com/sirupsen/logrus-1.8.0 2021-02-20 12:30:11 +00:00
m.nabokikh
1f2771b57e fix: do not run LDAP tests locally by default
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 12:55:52 +04:00