Commit graph

1641 commits

Author SHA1 Message Date
m.nabokikh
4d63e9cd68 fix: Bump golangci-lint version and fix some linter's problems
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 01:02:29 +04:00
Liviu Costea
83673fb320 feat: reduce image size without apk cache
Signed-off-by: Liviu Costea <email.lcostea@gmail.com>
2020-10-16 19:52:21 +03:00
Nándor István Krácser
28b2350cd2
Merge pull request #1835 from flant/kubernetes-client-keys-conflicts-fix
fix: Handle Kubernetes API conflicts properly for signing keys
2020-10-13 15:16:19 +02:00
Márk Sági-Kazár
9c026107e6
Merge pull request #1830 from WorldProgrammingLtd/fix-1813
fix: log errors from login during password grant
2020-10-13 09:21:44 +02:00
m.nabokikh
4801b2c975 fix: Handle kubernetes API conflicts properly for signing keys
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-12 09:15:00 +03:00
Tom Quarendon
4da93e75fc fix: log errors from login during password grant
Issues: #1813
Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2020-10-07 13:36:42 +01:00
Nate W
3f41b26fb9
[WIP] Removing .md files as a part of the Dex IdP Documentation migration. (#1810)
* Removing .md files as a part of the Dex IdP Documentation migration.

https://github.com/dexidp/dex/issues/1761
https://github.com/dexidp/website/issues/2
Signed-off-by: Nate Waddington <nwaddington@cncf.io>

* Updating README.md links after .md files removal.

Signed-off-by: Nate Waddington <nwaddington@cncf.io>

* Updating URL as per PR feedback. dexidp.org -> dexidp.io

Signed-off-by: Nate Waddington <nwaddington@cncf.io>

* removing errant ")"

Signed-off-by: Nate Waddington <nwaddington@cncf.io>
2020-10-06 18:02:40 +02:00
Márk Sági-Kazár
d1f599dd32
Merge pull request #1819 from al45tair/cors-auth
fix: allow Authorization header when doing CORS
2020-10-06 14:35:21 +02:00
Márk Sági-Kazár
a28f5bb218
Merge pull request #1821 from al45tair/fix-1820
fix: copy the "web" directory.
2020-10-05 17:24:51 +02:00
Alastair Houghton
3288450b3e fix: copy the "web" directory.
The Dockerfile was changed to do

    COPY web .

which is unfortunate because that means copy the *contents* of the directory
"web", rather than copying the directory itself which is what the author
intended.

Issues: #1820
Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2020-10-05 15:52:30 +01:00
Alastair Houghton
9187aa669d fix: allow Authorization header when doing CORS
The Authorization header needs to be allowed when doing CORS because
otherwise /userinfo can't work.  It isn't one of the headers
explicitly allowed by default by Gorilla, so we have to call
handlers.AllowedHeaders() to specify it.

Issues: #1532
Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2020-10-05 15:01:54 +01:00
Márk Sági-Kazár
828a1c6ec2
Merge pull request #1688 from flant/bitbucket-groups
feat: Add team groups support to bitbucket connector
2020-10-04 20:08:49 +02:00
m.nabokikh
ec66cedfcc feat: Add team groups support to bitbucket connector
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-04 20:50:59 +03:00
Márk Sági-Kazár
3e5ff2f853
Merge pull request #1815 from dexidp/fix-docker-login
ci: do not login to docker registry in PRs
2020-10-04 15:18:44 +02:00
Mark Sagi-Kazar
4a1fd77166
ci: do not login to docker registry in PRs
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-10-04 15:01:45 +02:00
Márk Sági-Kazár
3b385ecf4a
Merge pull request #1812 from flant/bitbucket-replace-teams-endpoint
fix: Replace deprecated teams endpoint in bitbucket connector
2020-10-04 14:27:14 +02:00
m.nabokikh
4b94469547 fix: Replace teams endpoint for bitbucket connector
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-03 20:30:23 +03:00
Márk Sági-Kazár
d4c3a3505d
Merge pull request #1802 from concourse/pr/static-public-key-sync
Add constructor for static key strategy
2020-10-01 22:19:15 +02:00
Rui Yang
bd2234cd12 Add constructor for static key strategy
Co-authored-by: Josh Winters <jwinter@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-10-01 15:32:23 -04:00
Márk Sági-Kazár
9781e56ba5
Merge pull request #1690 from flant/fix-relative-url
Fix templates which asset path points to external URL
2020-09-29 19:47:38 +02:00
Márk Sági-Kazár
641615ff58
Merge pull request #1806 from dexidp/go115
chore: update Go to 1.15
2020-09-28 00:45:39 +02:00
Mark Sagi-Kazar
f3fc0c5395
chore: update Go to 1.15
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-09-28 00:22:47 +02:00
Márk Sági-Kazár
5807011b6a
Merge pull request #1805 from dexidp/fix-dockerhub-typo
fix: typo in environment variables introduced in #1781
2020-09-28 00:22:17 +02:00
Mark Sagi-Kazar
8a1a1b8b5d
fix: typo in environment variables introduced in #1781
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-09-27 23:56:02 +02:00
MIℂHΛΞL FѲRИΛRѲ
549b67bccd
Adding architecture support for arm/arm64/amd64 docker images (#1781)
add multi-arch image support for armv7/arm64/amd64 architectures
2020-09-27 23:47:39 +02:00
Johan Tordsson
c64ff34d11
Add Elastisys to Adopters (#1803)
Added description Elastisys use of Dex in Compliant Kubernetes.
2020-09-18 16:40:59 +02:00
Márk Sági-Kazár
458059cc89
Merge pull request #1708 from tkleczek/fix-overwriting-connector-in-authreq
abort connector login if connector was already set #1707
2020-09-16 17:49:04 +02:00
Márk Sági-Kazár
a64e7c2986
Merge pull request #1769 from batara666/master
ldap.go: drop else on returned if block
2020-09-16 17:47:52 +02:00
Márk Sági-Kazár
e837475ca6
Merge pull request #1795 from lzeng27/master
update documentation
2020-09-09 17:47:18 +02:00
Linda Zeng
6745af7747 updated docs
Signed-off-by: Linda Zeng <linda.zeng@blackrock.com>
2020-09-09 11:01:14 -04:00
Márk Sági-Kazár
d4a67e43fa
Merge pull request #1794 from dexidp/fix-example-app
Fix building the example app
2020-09-09 14:00:27 +02:00
Mark Sagi-Kazar
63098fe9fe
Fix building the example app
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-09-09 13:50:19 +02:00
Márk Sági-Kazár
ca0a9e821e
Merge pull request #1634 from concourse/pr/oidc-username-key-sync
Support username, email and groups claim in OIDC connector
2020-09-08 19:19:44 +02:00
Rui Yang
058202d007 revert changes for user id and user name
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-09-08 13:12:59 -04:00
Rui Yang
0494993326 update oidc documentation and email claim err msg
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-09-08 10:03:57 -04:00
Márk Sági-Kazár
07dddc7b0e
Merge pull request #1791 from onkarbhat/adopters_kasten
Add Kasten as an adopter of Dex.
2020-09-08 09:18:05 +02:00
Onkar Bhat
c489a074c1 Add Kasten as an adopter of Dex. 2020-09-07 16:39:21 -07:00
Tomasz Kleczek
b1311baa3c abort connector login if connector was already set #1707
Signed-off-by: Tomasz Kleczek <tomasz.kleczek@gmail.com>
2020-08-29 17:19:14 +02:00
Joel Speed
336c73c0a2
Merge pull request #1706 from justin-slowik/device_flow
Implementing the OAuth2 Device Authorization Grant
2020-08-28 11:35:46 +01:00
Joel Speed
a24f73c19f
Merge pull request #1780 from tom-haines/master
Minor documentation tweaks re storage.md
2020-08-14 11:04:53 +01:00
Thomas Haines
d39b77bda3 Minor documentation tweaks re storage.md
Signed-off-by: Thomas Haines <thomas.haines@gmail.com>
2020-08-14 16:51:00 +08:00
Rui Yang
41207ba265 Combine #1691 and #1776 to unify OIDC provider claim mapping
add tests for groups key mapping

Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Scott Lemmon
a783667c57 Add groupsClaimMapping to the OIDC connector
The groupsClaimMapping setting allows one to specify which claim to pull
group information from the OIDC provider.  Previously it assumed group
information was always in the "groups" claim, but that isn't the case
for many OIDC providers (such as AWS Cognito using the "cognito:groups"
claim instead)

Signed-off-by: Scott Lemmon <slemmon@aurora.tech>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Cyrille Nofficial
61312e726e Add parameter configuration to override email claim key
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
52c39fb130 check if upstream contains preferrend username claim first
Signed-off-by: Rui Yang <ryang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
4812079647 add tests when preferred username key is not set
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
d9afb7e59c default to preferred_username claim
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Josh Winters
9a4e0fcd00 Make OIDC username key configurable
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Bernd Eckstein
f6cd778b60 Add c_hash to id_token, issued on /auth endpoint, when in hybrid flow
* fixed name collision (renamed hash->hashFunc)

Signed-off-by: Bernd Eckstein <Bernd.Eckstein@faro.com>
2020-07-31 12:06:19 +02:00
batara666
6499f5bfd3
ldap.go: drop else on returned if block 2020-07-27 22:27:55 +07:00