mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Packages Projects Releases Wiki Activity
1176 commits 27 branches 73 tags 23 MiB
Commit graph

1176 commits

This branch
This branch
All branches
Author SHA1 Message Date
Joel Speed c4e96dda32
Fix migration of old connector data 2019-11-19 15:43:23 +00:00
Joel Speed d9095073c8
Unindent session updates on finalizeLogin 2019-11-19 15:43:22 +00:00
Joel Speed 77fcf9ad77
Use a struct for connector data within OIDC connector 2019-11-19 15:43:22 +00:00
Joel Speed f6077083c9
Identify error as failure to retrieve refresh token 2019-11-19 15:43:21 +00:00
Joel Speed 8b344fe4d3
Fix Refresh comment 2019-11-19 15:43:20 +00:00
Joel Speed 19ad7daa7f
Use old ConnectorData before session.ConnectorData 2019-11-19 15:43:19 +00:00
Joel Speed 45a40a13a3
Revert "Update Kubernetes storage backend" 
This reverts commit 228bdc324877bf67ecdd434503b9c1b25d8e7d28.
 2019-11-19 15:43:18 +00:00
Joel Speed 236b25b68e
Revert "Fix ETCD storage backend" 2019-11-19 15:43:17 +00:00
Joel Speed 41b7c855d0
Revert "Update conformance" 
This reverts commit 9c7ceabe8aebf6c740c237c5e76c21397179f901.
 2019-11-19 15:43:16 +00:00
Joel Speed 9ce4393156
Revert "Update SQL storage backend" 2019-11-19 15:43:15 +00:00
Joel Speed 176ba709a4
Revert "Remove connectordata from other structs" 
This reverts commit 27f33516db343bd79b56a47ecef0fe514a35082d.
 2019-11-19 15:43:14 +00:00
Joel Speed fea048b3e8
Fix SQL updater func 2019-11-19 15:43:13 +00:00
Joel Speed d38909831c
Fix migration in SQL connector 
I didn't realise quite what the migration mechanism was. Have understood
it now.
 2019-11-19 15:43:13 +00:00
Joel Speed 433bb2afec
Remove duplicate code 2019-11-19 15:43:12 +00:00
Joel Speed 4076eed17b
Build opts based on scope 2019-11-19 15:43:11 +00:00
Joel Speed 80995dff9b
Fix SQL storage 2019-11-19 15:43:10 +00:00
Joel Speed b9b315dd64
Fix conformance tests 2019-11-19 15:43:09 +00:00
Joel Speed 7a76c767fe
Update Kubernetes storage backend 2019-11-19 15:43:08 +00:00
Joel Speed c54f1656c7
Fix ETCD storage backend 2019-11-19 15:43:07 +00:00
Joel Speed c789c5808e
Update conformance 2019-11-19 15:43:06 +00:00
Joel Speed 7fc3f230df
Update SQL storage backend 2019-11-19 15:43:05 +00:00
Joel Speed 0857a0fe09
Implement refresh in OIDC connector 
This has added the access=offline parameter and prompt=consent parameter
to the initial request, this works with google, assuming other providers
will ignore the prompt parameter
 2019-11-19 15:43:04 +00:00
Joel Speed 5c88713177
Remove connectordata from other structs 2019-11-19 15:43:03 +00:00
Joel Speed 0352258093
Update handleRefreshToken logic 2019-11-19 15:43:01 +00:00
Joel Speed 575c792156
Store most recent refresh token in offline sessions 2019-11-19 15:40:56 +00:00
Nándor István Krácser c392236f4f
Merge pull request #1586 from serhiimakogon/fix/refresh-handler 
preferred_username claim added on refresh token
 2019-11-19 15:39:17 +01:00
serhiimakogon b793afd375 preferred_username claim added on refresh token 2019-11-19 16:27:34 +02:00
Nándor István Krácser b7184be3dd
Merge pull request #1569 from bhageena/master 
Fix spelling errors in docs
 2019-11-05 10:34:40 +01:00
Nándor István Krácser 6d41541964
Merge pull request #1544 from kenperkins/saml-groups 
Adding support for allowed groups in SAML Connector
 2019-10-30 13:28:34 +01:00
Nándor István Krácser f2590ee07d
Merge pull request #1545 from jacksontj/getUserInfo 
Run getUserInfo prior to claim enforcement
 2019-10-30 13:26:18 +01:00
Nándor István Krácser d5d3abca6a
Merge pull request #1566 from dexidp/preferred_username 
add preffered_username to idToken
 2019-10-30 13:25:23 +01:00
Nándor István Krácser 0b56a47571
Merge pull request #1558 from aijingyc/fix_readme_branch 
Fix URLs in curl cmd as stated in the overview doc.
 2019-10-30 13:20:28 +01:00
Nándor István Krácser 799f29fdb5
Merge pull request #1571 from gosharplite/patch-1 
Fix typo
 2019-10-30 13:20:04 +01:00
Nándor István Krácser a58d77a499
Merge pull request #1550 from dexidp/mysql-tx-isolation 
storage/mysql: support pre-5.7.20 instances with tx_isolation only
 2019-10-30 13:14:43 +01:00
Nándor István Krácser 0b55f121b4
Fix missing email in log message 
Co-Authored-By: Felix Fontein <ff@dybuster.com>
 2019-10-30 13:13:33 +01:00
Nándor István Krácser 3f8fd74185
Merge pull request #1568 from life1347/patch-1 
Add note for redirect uri
 2019-10-30 13:12:46 +01:00
Nandor Kracser c1b421fa04 add preffered_username to idToken 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-10-30 13:06:37 +01:00
Tony Hsu 6e35f24399
Fix typo 2019-10-22 11:27:12 +08:00
Chandan Rai efdb5de6d8 Fix spelling errors in docs 2019-10-14 18:52:40 +05:30
Ta-Ching Chen 76c76a0b39
Add note for redirect uri 2019-10-13 15:24:22 +08:00
Joel Speed 4bede5eb80
Merge pull request #1554 from yanniszark/feature-web-templates-use-relative-urls 
server: templates: use relative URLs to refer to assets
 2019-10-03 10:49:18 +01:00
Yannis Zarkadas 69d13b766d gitignore: add .idea folder 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas 59beb7425f web: change header template to use new url function 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas 27944d4f8f templates: add new relativeURL function 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas 839130f01c handlers: change all handlers to pass down http request 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
j.ai 2c52c52686 Fix URLs in curl cmd as stated in the overview doc. 2019-09-27 17:45:52 -07:00
Tomasz Kleczek 42d61191c4 storage: conformance tests improvements 2019-09-27 13:54:54 +02:00
Nandor Kracser d2c33db8a8 storage/mysql: support pre-5.7.20 instances with tx_isolation only 2019-09-23 09:36:01 +02:00
Thomas Jackson 21ab30d207 Add option to enable groups for oidc connectors 
There's been some discussion in #1065 regarding what to do about
refreshing groups. As it stands today dex doesn't update any of the
claims on refresh (groups would just be another one). The main concern
with enabling it is that group claims may change more frequently. While
we continue to wait on the upstream refresh flows, this adds an option
to enable the group claim. This is disabled by default (so no behavioral
change) but enables those that are willing to have the delay in group
claim change to use oidc IDPs.

Workaround to #1065
 2019-09-13 15:50:33 -07:00
Thomas Jackson 512cb3169e Run getUserInfo prior to claim enforcement 
If you have an oidc connector configured *and* that IDP provides thin
tokens (e.g. okta) then the majority of the requested claims come in the
getUserInfo call (such as email_verified). So if getUserInfo is
configured it should be run before claims are validated.
 2019-09-13 11:10:44 -07:00