Commit graph

361 commits

Author SHA1 Message Date
Gyu-Ho Lee
f06073fbcd server: use standard lib http.Request.BasicAuth
Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.

Thanks!

---
[1] https://codereview.appspot.com/76540043/
2015-10-06 05:00:33 -07:00
bobbyrullo
2a1d32e6e8 Merge pull request #145 from bobbyrullo/protect_admin_api
Protect admin api
2015-10-01 14:23:16 -07:00
Bobby Rullo
5e859dad5c Documentation, contrib: Update docs with admin key 2015-10-01 14:22:43 -07:00
Bobby Rullo
55040c55fa server, integration, cmd: Protect Admin API
Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.
2015-10-01 13:15:45 -07:00
bobbyrullo
48b3b38c8b Merge pull request #144 from bobbyrullo/no_register
server,cmd: Add flag for disabling registation
2015-09-30 20:35:59 -07:00
Bobby Rullo
d3d6a75b91 fixup - Code review changes. 2015-09-30 17:07:00 -07:00
Bobby Rullo
bf9517fdaa server,cmd: Add flag for disabling registation
For situations where admins add users.
2015-09-30 16:35:58 -07:00
bobbyrullo
ac78c8f4ab Merge pull request #143 from joeatwork/logging-for-debugging
db: log schema errors, distinguish them from nil results where needed
2015-09-30 10:25:05 -07:00
Joe Bowers
c70b29f83d db: log schema errors, distinguish them from nil results where needed 2015-09-29 20:07:36 -07:00
Joe Bowers
a426943054 Merge pull request #140 from joeatwork/disable-users-api
Expose API to enable and disable users
2015-09-29 16:47:43 -07:00
Joe Bowers
2ed2859896 repo: functional repo tests
includes changes to ensure uniform errors for DB and in-memory repos
2015-09-29 16:46:48 -07:00
Joe Bowers
e5db302312 server: expose user disable API endpoint 2015-09-29 16:46:30 -07:00
Joe Bowers
b33cfbf556 schema: disable user API 2015-09-29 16:46:30 -07:00
bobbyrullo
05adce3e93 Merge pull request #141 from triddell/master
build: add equals sign to avoid link warning when building project
2015-09-29 14:50:49 -07:00
Tim Riddell
6472bd78cb build: add equals sign to avoid link warning when building project 2015-09-29 12:45:28 -07:00
bobbyrullo
6970b481f4 Merge pull request #126 from cpswan/fixes-125
Documentation: clearer guidance on creating OAuth 2 client ID
2015-09-28 22:15:48 -07:00
bobbyrullo
1563d78861 Merge pull request #139 from joeatwork/fix-build-1.4
build: vendor quotedprintable to build on Go < 1.5
2015-09-28 14:20:04 -07:00
Joe Bowers
49bc822fc2 build: vendor quotedprintable to build on Go < 1.5 2015-09-28 13:01:25 -07:00
Joe Bowers
b19adefde5 Merge pull request #138 from joeatwork/disable-users
server: disable users
2015-09-28 12:36:09 -07:00
Chris Swan
6589b2ecdd Documentation: clearer guidance on creating OAuth 2 client ID
Provides a more accurate walk through of the screens and menus of the Google
Developers Console encountered whilst creating a client ID.

Fixes #125

Signed-off-by: Chris Swan <@cpswan>
2015-09-28 10:51:02 +01:00
Joe Bowers
72fa4127d0 Merge pull request #137 from joeatwork/dont-create-users-with-bad-urls
api: don't create a user if you can't send them an email
2015-09-25 17:31:34 -07:00
Joe Bowers
fbbb3cc2df server: all authorizations fail for disabled users 2015-09-25 17:29:59 -07:00
Joe Bowers
ffabe03bc0 server: don't allow disabled users to access the api 2015-09-25 15:47:42 -07:00
Derek Parker
944bed6d2e Merge pull request #136 from derekparker/fix-compilation-issues
email/smtp: Fix type comparison error
2015-09-25 15:36:55 -07:00
Joe Bowers
f115015a3f api: don't create a user if you can't send them an email 2015-09-25 15:11:27 -07:00
Joe Bowers
60a36e2c2e server,db: flag for disabling user login 2015-09-25 14:25:06 -07:00
Derek Parker
20857d71e7 email/smtp: Fix type comparison error
Fixes #134
2015-09-25 12:49:57 -07:00
Joe Bowers
e8f347a738 Merge pull request #133 from joeatwork/stricter-url-endpoints
server: user management endpoints strictly conform to schema
2015-09-24 17:03:00 -07:00
Joe Bowers
4c9bab0890 server: user management endpoints strictly conform to schema
This change disables the URL fixing behavior or the router associated
with the user management schema. After this commit, URLS routing
to /api/$VERSION/users must target exactly the specified paths. In
addition, `/api/$VERSION/users/` will serve a 404

This change allows users to hit the user create endpoint, which
would previously serve a redirect rather than actually making the
associated change.
2015-09-24 16:41:29 -07:00
bobbyrullo
97041dbd90 Merge pull request #129 from ecnahc515/smtp_support
Add smtp support
2015-09-24 16:34:45 -07:00
Chance Zibolski
d154cad3f6 Documentation: Add how to setup email configuration 2015-09-24 15:01:06 -07:00
Chance Zibolski
b1e146b702 email: Remove unused ID field 2015-09-24 15:01:06 -07:00
Chance Zibolski
3e08bd6619 email: Add smtp emailer 2015-09-24 15:01:04 -07:00
Chance Zibolski
95cc72c218 godeps: Add gomail 2015-09-21 13:42:12 -07:00
bobbyrullo
825c3cf21b Merge pull request #128 from bobbyrullo/wait_on_connectors
cmd/dex-worker: wait 'til connectors are available
2015-09-18 17:28:26 -07:00
Bobby Rullo
510293a984 fixup 2015-09-18 17:25:06 -07:00
Bobby Rullo
3cd0d84e31 cmd/dex-worker: wait 'til connectors are available
Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.
2015-09-18 17:11:58 -07:00
bobbyrullo
188aa27c17 Merge pull request #118 from bobbyrullo/k8s
Get the K8s files up to date with more docs
2015-09-18 15:31:01 -07:00
Bobby Rullo
25c21f0f7e contrib/k8s: docs for using k8s configs 2015-09-18 15:30:17 -07:00
bobbyrullo
f15890edb4 Merge pull request #124 from cpswan/fixes-123
Documentation: no need to create a new Google project
2015-09-17 09:23:39 -07:00
Chris Swan
b773770218 Documentation: no need to create a new Google project
A new API key can be generated in an existing Google project

Fixes #123

Signed-off-by: Chris Swan <@cpswan>
2015-09-17 15:17:03 +01:00
Bobby Rullo
edd88db932 contrib/k8s: Use secrets to store secrets.
Also, move most flags to environment variables.
2015-09-09 14:29:41 -07:00
Bobby Rullo
d9b668002c contrib/k8s: get yaml up-to-date with latest k8s 2015-09-08 14:53:53 -07:00
bobbyrullo
b340660d6d Merge pull request #111 from dullgiulio/early-returns-nazi
Remove unnecessary else statements
2015-09-04 13:02:28 -07:00
Giulio Iotti
472e4a02a4 *: Remove unnecessary else statements
Whenever it makes the code easier to follow, use early return to
avoid else statements.
2015-09-04 22:45:32 +03:00
bobbyrullo
99ed0024b0 Merge pull request #96 from bobbyrullo/who_should_
README.md: "Similar Software", "who should use"
2015-09-03 11:48:01 -07:00
bobbyrullo
7f49efd873 Merge pull request #109 from bobbyrullo/yes_we_DO_have_TLS
Documentation: remove outdated TLS info
2015-09-03 09:57:43 -07:00
Bobby Rullo
bfe6cd2817 Documentation: remove outdated TLS info 2015-09-03 09:56:48 -07:00
bobbyrullo
507649750c Merge pull request #108 from coreos/bobbyrullo-patch-1
Update README.md
2015-09-02 18:06:22 -07:00
bobbyrullo
1cde31af7d Update README.md 2015-09-02 18:04:40 -07:00