commit
70e6cc2205
21 changed files with 39 additions and 35 deletions
2
.github/workflows/ci.yaml
vendored
2
.github/workflows/ci.yaml
vendored
|
@ -64,7 +64,7 @@ jobs:
|
||||||
- name: Set up Go
|
- name: Set up Go
|
||||||
uses: actions/setup-go@v3
|
uses: actions/setup-go@v3
|
||||||
with:
|
with:
|
||||||
go-version: 1.17
|
go-version: 1.18
|
||||||
|
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|
|
@ -45,13 +45,15 @@ linters:
|
||||||
- structcheck
|
- structcheck
|
||||||
- stylecheck
|
- stylecheck
|
||||||
- tparallel
|
- tparallel
|
||||||
- typecheck
|
|
||||||
- unconvert
|
- unconvert
|
||||||
- unparam
|
- unparam
|
||||||
- unused
|
- unused
|
||||||
- varcheck
|
- varcheck
|
||||||
- whitespace
|
- whitespace
|
||||||
|
|
||||||
|
# Disable temporarily until everything works with Go 1.18
|
||||||
|
# - typecheck
|
||||||
|
|
||||||
# TODO: fix linter errors before enabling
|
# TODO: fix linter errors before enabling
|
||||||
# - exhaustivestruct
|
# - exhaustivestruct
|
||||||
# - gochecknoglobals
|
# - gochecknoglobals
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
ARG BASE_IMAGE=alpine
|
ARG BASE_IMAGE=alpine
|
||||||
|
|
||||||
FROM golang:1.17.8-alpine3.14 AS builder
|
FROM golang:1.18.0-alpine3.15 AS builder
|
||||||
|
|
||||||
WORKDIR /usr/local/src/dex
|
WORKDIR /usr/local/src/dex
|
||||||
|
|
||||||
|
|
2
Makefile
2
Makefile
|
@ -117,7 +117,7 @@ proto-internal:
|
||||||
@protoc --go_out=paths=source_relative:. server/internal/*.proto
|
@protoc --go_out=paths=source_relative:. server/internal/*.proto
|
||||||
|
|
||||||
# Dependency versions
|
# Dependency versions
|
||||||
GOLANGCI_VERSION = 1.42.0
|
GOLANGCI_VERSION = 1.46.0
|
||||||
GOTESTSUM_VERSION ?= 1.7.0
|
GOTESTSUM_VERSION ?= 1.7.0
|
||||||
PROTOC_VERSION = 3.15.6
|
PROTOC_VERSION = 3.15.6
|
||||||
PROTOC_GEN_GO_VERSION = 1.26.0
|
PROTOC_GEN_GO_VERSION = 1.26.0
|
||||||
|
|
|
@ -168,7 +168,8 @@ func (p *conn) Login(ctx context.Context, scopes connector.Scopes, username, pas
|
||||||
func (p *conn) Prompt() string { return "username" }
|
func (p *conn) Prompt() string { return "username" }
|
||||||
|
|
||||||
func (p *conn) Refresh(
|
func (p *conn) Refresh(
|
||||||
ctx context.Context, scopes connector.Scopes, identity connector.Identity) (connector.Identity, error) {
|
ctx context.Context, scopes connector.Scopes, identity connector.Identity,
|
||||||
|
) (connector.Identity, error) {
|
||||||
token, err := p.getAdminToken(ctx)
|
token, err := p.getAdminToken(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return identity, fmt.Errorf("keystone: failed to obtain admin token: %v", err)
|
return identity, fmt.Errorf("keystone: failed to obtain admin token: %v", err)
|
||||||
|
|
|
@ -4,7 +4,6 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
|
||||||
"io"
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
|
@ -454,22 +453,22 @@ func setupVariables(t *testing.T) {
|
||||||
keystoneAdminPassEnv := "DEX_KEYSTONE_ADMIN_PASS"
|
keystoneAdminPassEnv := "DEX_KEYSTONE_ADMIN_PASS"
|
||||||
keystoneURL = os.Getenv(keystoneURLEnv)
|
keystoneURL = os.Getenv(keystoneURLEnv)
|
||||||
if keystoneURL == "" {
|
if keystoneURL == "" {
|
||||||
t.Skip(fmt.Sprintf("variable %q not set, skipping keystone connector tests\n", keystoneURLEnv))
|
t.Skipf("variable %q not set, skipping keystone connector tests\n", keystoneURLEnv)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
keystoneAdminURL = os.Getenv(keystoneAdminURLEnv)
|
keystoneAdminURL = os.Getenv(keystoneAdminURLEnv)
|
||||||
if keystoneAdminURL == "" {
|
if keystoneAdminURL == "" {
|
||||||
t.Skip(fmt.Sprintf("variable %q not set, skipping keystone connector tests\n", keystoneAdminURLEnv))
|
t.Skipf("variable %q not set, skipping keystone connector tests\n", keystoneAdminURLEnv)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
adminUser = os.Getenv(keystoneAdminUserEnv)
|
adminUser = os.Getenv(keystoneAdminUserEnv)
|
||||||
if adminUser == "" {
|
if adminUser == "" {
|
||||||
t.Skip(fmt.Sprintf("variable %q not set, skipping keystone connector tests\n", keystoneAdminUserEnv))
|
t.Skipf("variable %q not set, skipping keystone connector tests\n", keystoneAdminUserEnv)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
adminPass = os.Getenv(keystoneAdminPassEnv)
|
adminPass = os.Getenv(keystoneAdminPassEnv)
|
||||||
if adminPass == "" {
|
if adminPass == "" {
|
||||||
t.Skip(fmt.Sprintf("variable %q not set, skipping keystone connector tests\n", keystoneAdminPassEnv))
|
t.Skipf("variable %q not set, skipping keystone connector tests\n", keystoneAdminPassEnv)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
authTokenURL = keystoneURL + "/v3/auth/tokens/"
|
authTokenURL = keystoneURL + "/v3/auth/tokens/"
|
||||||
|
|
|
@ -220,7 +220,8 @@ func (c *Config) OpenConnector(logger log.Logger) (interface {
|
||||||
connector.Connector
|
connector.Connector
|
||||||
connector.PasswordConnector
|
connector.PasswordConnector
|
||||||
connector.RefreshConnector
|
connector.RefreshConnector
|
||||||
}, error) {
|
}, error,
|
||||||
|
) {
|
||||||
return c.openConnector(logger)
|
return c.openConnector(logger)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -78,7 +78,8 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
|
||||||
// OpenWithHTTPClient returns a connector which can be used to login users through an upstream
|
// OpenWithHTTPClient returns a connector which can be used to login users through an upstream
|
||||||
// OpenShift OAuth2 provider. It provides the ability to inject a http.Client.
|
// OpenShift OAuth2 provider. It provides the ability to inject a http.Client.
|
||||||
func (c *Config) OpenWithHTTPClient(id string, logger log.Logger,
|
func (c *Config) OpenWithHTTPClient(id string, logger log.Logger,
|
||||||
httpClient *http.Client) (conn connector.Connector, err error) {
|
httpClient *http.Client,
|
||||||
|
) (conn connector.Connector, err error) {
|
||||||
ctx, cancel := context.WithCancel(context.Background())
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
|
|
||||||
wellKnownURL := strings.TrimSuffix(c.Issuer, "/") + wellKnownURLPath
|
wellKnownURL := strings.TrimSuffix(c.Issuer, "/") + wellKnownURLPath
|
||||||
|
@ -156,7 +157,8 @@ func (e *oauth2Error) Error() string {
|
||||||
|
|
||||||
// HandleCallback parses the request and returns the user's identity
|
// HandleCallback parses the request and returns the user's identity
|
||||||
func (c *openshiftConnector) HandleCallback(s connector.Scopes,
|
func (c *openshiftConnector) HandleCallback(s connector.Scopes,
|
||||||
r *http.Request) (identity connector.Identity, err error) {
|
r *http.Request,
|
||||||
|
) (identity connector.Identity, err error) {
|
||||||
q := r.URL.Query()
|
q := r.URL.Query()
|
||||||
if errType := q.Get("error"); errType != "" {
|
if errType := q.Get("error"); errType != "" {
|
||||||
return identity, &oauth2Error{errType, q.Get("error_description")}
|
return identity, &oauth2Error{errType, q.Get("error_description")}
|
||||||
|
@ -176,7 +178,8 @@ func (c *openshiftConnector) HandleCallback(s connector.Scopes,
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *openshiftConnector) Refresh(ctx context.Context, s connector.Scopes,
|
func (c *openshiftConnector) Refresh(ctx context.Context, s connector.Scopes,
|
||||||
oldID connector.Identity) (connector.Identity, error) {
|
oldID connector.Identity,
|
||||||
|
) (connector.Identity, error) {
|
||||||
var token oauth2.Token
|
var token oauth2.Token
|
||||||
err := json.Unmarshal(oldID.ConnectorData, &token)
|
err := json.Unmarshal(oldID.ConnectorData, &token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -189,7 +192,8 @@ func (c *openshiftConnector) Refresh(ctx context.Context, s connector.Scopes,
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *openshiftConnector) identity(ctx context.Context, s connector.Scopes,
|
func (c *openshiftConnector) identity(ctx context.Context, s connector.Scopes,
|
||||||
token *oauth2.Token) (identity connector.Identity, err error) {
|
token *oauth2.Token,
|
||||||
|
) (identity connector.Identity, err error) {
|
||||||
client := c.oauth2Config.Client(ctx, token)
|
client := c.oauth2Config.Client(ctx, token)
|
||||||
user, err := c.user(ctx, client)
|
user, err := c.user(ctx, client)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
12
flake.lock
12
flake.lock
|
@ -2,11 +2,11 @@
|
||||||
"nodes": {
|
"nodes": {
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1634851050,
|
"lastModified": 1648297722,
|
||||||
"narHash": "sha256-N83GlSGPJJdcqhUxSCS/WwW5pksYf3VP1M13cDRTSVA=",
|
"narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "c91f3de5adaf1de973b797ef7485e441a65b8935",
|
"rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -17,11 +17,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1636800699,
|
"lastModified": 1649225869,
|
||||||
"narHash": "sha256-SwbyVxXffu3G2ulJIbTf0iQfqhbGbdml4Dyv5j9BiAI=",
|
"narHash": "sha256-u1zLtPmQzhT9mNXyM8Ey9pk7orDrIKdwooeGDEXm5xM=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2fa862644fc15ecb525eb8cd0a60276f1c340c7c",
|
"rev": "b6966d911da89e5a7301aaef8b4f0a44c77e103c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
flake-utils.lib.eachDefaultSystem (system:
|
flake-utils.lib.eachDefaultSystem (system:
|
||||||
let
|
let
|
||||||
pkgs = nixpkgs.legacyPackages.${system};
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
buildDeps = with pkgs; [ git go_1_17 gnumake ];
|
buildDeps = with pkgs; [ git go_1_18 gnumake ];
|
||||||
devDeps = with pkgs;
|
devDeps = with pkgs;
|
||||||
buildDeps ++ [
|
buildDeps ++ [
|
||||||
golangci-lint
|
golangci-lint
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -1,6 +1,6 @@
|
||||||
module github.com/dexidp/dex
|
module github.com/dexidp/dex
|
||||||
|
|
||||||
go 1.17
|
go 1.18
|
||||||
|
|
||||||
require (
|
require (
|
||||||
entgo.io/ent v0.10.1
|
entgo.io/ent v0.10.1
|
||||||
|
|
|
@ -11,7 +11,6 @@ type keyPair struct {
|
||||||
|
|
||||||
// keys are generated beforehand so we don't have to generate RSA keys for every test.
|
// keys are generated beforehand so we don't have to generate RSA keys for every test.
|
||||||
var jsonWebKeys = []keyPair{
|
var jsonWebKeys = []keyPair{
|
||||||
|
|
||||||
{
|
{
|
||||||
Public: mustLoadJWK(`{
|
Public: mustLoadJWK(`{
|
||||||
"use": "sig",
|
"use": "sig",
|
||||||
|
|
|
@ -14,10 +14,7 @@ import (
|
||||||
|
|
||||||
entSQL "entgo.io/ent/dialect/sql"
|
entSQL "entgo.io/ent/dialect/sql"
|
||||||
"entgo.io/ent/dialect/sql/schema"
|
"entgo.io/ent/dialect/sql/schema"
|
||||||
"github.com/go-sql-driver/mysql"
|
"github.com/go-sql-driver/mysql" // Register mysql driver.
|
||||||
|
|
||||||
// Register postgres driver.
|
|
||||||
_ "github.com/lib/pq"
|
|
||||||
|
|
||||||
"github.com/dexidp/dex/pkg/log"
|
"github.com/dexidp/dex/pkg/log"
|
||||||
"github.com/dexidp/dex/storage"
|
"github.com/dexidp/dex/storage"
|
||||||
|
|
|
@ -13,9 +13,7 @@ import (
|
||||||
|
|
||||||
entSQL "entgo.io/ent/dialect/sql"
|
entSQL "entgo.io/ent/dialect/sql"
|
||||||
"entgo.io/ent/dialect/sql/schema"
|
"entgo.io/ent/dialect/sql/schema"
|
||||||
|
_ "github.com/lib/pq" // Register postgres driver.
|
||||||
// Register postgres driver.
|
|
||||||
_ "github.com/lib/pq"
|
|
||||||
|
|
||||||
"github.com/dexidp/dex/pkg/log"
|
"github.com/dexidp/dex/pkg/log"
|
||||||
"github.com/dexidp/dex/storage"
|
"github.com/dexidp/dex/storage"
|
||||||
|
|
|
@ -7,9 +7,7 @@ import (
|
||||||
|
|
||||||
"entgo.io/ent/dialect/sql"
|
"entgo.io/ent/dialect/sql"
|
||||||
"entgo.io/ent/dialect/sql/schema"
|
"entgo.io/ent/dialect/sql/schema"
|
||||||
|
_ "github.com/mattn/go-sqlite3" // Register sqlite driver.
|
||||||
// Register sqlite driver.
|
|
||||||
_ "github.com/mattn/go-sqlite3"
|
|
||||||
|
|
||||||
"github.com/dexidp/dex/pkg/log"
|
"github.com/dexidp/dex/pkg/log"
|
||||||
"github.com/dexidp/dex/storage"
|
"github.com/dexidp/dex/storage"
|
||||||
|
|
|
@ -24,7 +24,7 @@ const kubeconfigPathVariableName = "DEX_KUBERNETES_CONFIG_PATH"
|
||||||
|
|
||||||
func TestStorage(t *testing.T) {
|
func TestStorage(t *testing.T) {
|
||||||
if os.Getenv(kubeconfigPathVariableName) == "" {
|
if os.Getenv(kubeconfigPathVariableName) == "" {
|
||||||
t.Skip(fmt.Sprintf("variable %q not set, skipping kubernetes storage tests\n", kubeconfigPathVariableName))
|
t.Skipf("variable %q not set, skipping kubernetes storage tests\n", kubeconfigPathVariableName)
|
||||||
}
|
}
|
||||||
|
|
||||||
suite.Run(t, new(StorageTestSuite))
|
suite.Run(t, new(StorageTestSuite))
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
//go:build cgo
|
||||||
// +build cgo
|
// +build cgo
|
||||||
|
|
||||||
package sql
|
package sql
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
//go:build cgo
|
||||||
// +build cgo
|
// +build cgo
|
||||||
|
|
||||||
package sql
|
package sql
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
//go:build go1.11
|
||||||
// +build go1.11
|
// +build go1.11
|
||||||
|
|
||||||
package sql
|
package sql
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
//go:build cgo
|
||||||
// +build cgo
|
// +build cgo
|
||||||
|
|
||||||
package sql
|
package sql
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
//go:build cgo
|
||||||
// +build cgo
|
// +build cgo
|
||||||
|
|
||||||
package sql
|
package sql
|
||||||
|
|
Reference in a new issue