Commit graph

20 commits

Author SHA1 Message Date
Eric Chiang
33f0199077 *: fix spelling using github.com/client9/misspell 2017-03-20 09:16:56 -07:00
Eric Chiang
777eeafabc *: update go-oidc and use standard library's context package 2017-03-08 10:33:19 -08:00
Holger Koser
e46f2ebe40 Improve SAML Signature and Response Validation
* Improve Order of Namespace Declarations and Attributes in Canonical XML. This is related to an issue in goxmldsig for which I created an [pull request](https://github.com/russellhaering/goxmldsig/pull/17).
* Do not compress the AuthnRequest if `HTTP-POST` binding is used.
* SAML Response is valid if the Message and/or the Assertion is signed.
* Add `AssertionConsumerServiceURL` to `AuthnRequest`
* Validate Status on the Response
* Validate Conditions on the Assertion
* Validation SubjectConfirmation on the Subject
2017-01-26 19:05:40 +01:00
Eric Chiang
31dfb54b6f connector: add a SAML connector 2017-01-09 18:30:58 -08:00
Simon HEGE
b4c47910e4 Allow CORS on discovery endpoint 2017-01-08 19:22:39 +01:00
rithu john
984b2934fe *: update vendored go-oidc 2017-01-06 15:36:56 -08:00
rithu john
5c4cc9f5fe *: add logrus package. 2016-12-12 15:56:50 -08:00
Eric Chiang
a500de802b glide.yaml: update inline comments 2016-12-07 13:23:19 -08:00
Eric Chiang
3b99e8f22a *: update vendored go-oidc
Includes fixes for a panic when using HTTP/2[0] and some HTTPs calls
not actually using their passed context[1].

[0] https://github.com/coreos/go-oidc/pull/117
[1] https://github.com/coreos/go-oidc/pull/119
2016-12-01 13:13:27 -08:00
Eric Chiang
522749b5d8 *: switch oidc client to github.com/coreos/go-oidc
This saves us from having to import two different versions of
square/go-jose.
2016-11-22 13:29:17 -08:00
Eric Chiang
df50308713 glide.yaml: add new yaml package 2016-11-03 15:24:35 -07:00
Eric Chiang
bc16de0b58 storage/kubernetes: don't guess the kubeconfig location and change test env
Using the default KUBECONFIG environment variable to indicate that
the Kubernetes tests should be run lead to cases where developers
accidentally ran the tests. This has now been changed to
"DEX_KUBECONFIG" and documentation hsa been added detailing how to
run these tests.

Additionally, no other storage reads environment variables for its
normal configuration (outside of tests) so the Kubernetes storage
no longer does.

Overall, be less surprising.
2016-10-23 20:53:29 -07:00
Eric Chiang
2cc197b8a4 glide.yaml: add gRPC dependencies 2016-10-04 00:30:30 -07:00
Eric Chiang
b4dab455f8 glide.yaml: add SQL drivers 2016-10-03 12:48:25 -07:00
Eric Chiang
bfe560ee21 rename 2016-08-10 22:31:42 -07:00
Eric Chiang
dd5c257c9e *: bump oidc client package to latest 2016-08-08 11:49:47 -07:00
Eric Chiang
31082eed27 *: remove api and clt
It's not clear that the best way to manage clients is through a
gRPC based command line tool. For example we may explore an admin
dashboard and enable bootstrapping through static clients.

For now use static clients while we hold off on a more concrete
proposal.
2016-08-05 10:00:04 -07:00
Eric Chiang
df258306dc *: add github.com/kylelemons/godebug to dependencies 2016-08-05 09:54:03 -07:00
Eric Chiang
a28d22ff0c *: add gRPC to build system 2016-07-31 23:26:05 -07:00
Eric Chiang
cab271f304 initial commit 2016-07-26 15:51:24 -07:00