Commit graph

1029 commits

Author SHA1 Message Date
Stephan Renatus
4caf82c1e9
Merge pull request #1258 from montaro/fix-odic-doc-broken-link
Fix a broken link in the oidc readme
2018-09-03 09:16:19 +02:00
Stephan Renatus
cabdcb1eb0
Merge pull request #1259 from montaro/fix-typo-in-README
fix typo in README
2018-09-03 09:15:18 +02:00
Stephan Renatus
e3e37504ca
Merge pull request #1269 from tw3rp/patch-1
[version_update] Update the version to the latest
2018-09-03 09:09:05 +02:00
rithu john
9de19cb899 *: update the maintainers list 2018-08-31 17:26:49 -07:00
Anian Z
5454a4729f fix default baseURL for gitlab connector 2018-08-28 19:05:30 +02:00
tw3rp
49bbcd343f
[version_update] Update the version to the latest
Version mentioned in this example is very old and was causing issues
2018-08-05 15:48:11 -07:00
Gabe Conradi
94bd948aac fix timeout bug for etcd3 client connect 2018-08-02 17:41:38 -04:00
Ahmed ElRefaey
b71bec2ba1
fix typo in README 2018-07-04 15:11:52 +02:00
Ahmed ElRefaey
32e9570116
Fix a breoken link in the oidc readme
Fixed a broken link to An overview of OpenID Connect
2018-07-04 14:56:29 +02:00
Victor Sartori
780a359f8e Fix #1252 2018-06-19 10:45:20 -03:00
Eric Chiang
036e5d050d
Merge pull request #1226 from joedborg/examples-cleanup
Removing whitespace
2018-05-14 16:11:00 -07:00
Eric Chiang
384db1f33e
Merge pull request #1231 from mklan/patch-1
Update using-dex.md
2018-05-14 16:10:41 -07:00
Eric Chiang
0822f1d4d3
Merge pull request #1232 from silenceshell/patch-1
fix typo
2018-05-14 16:10:19 -07:00
Eric Chiang
bf3ffb53a0
Merge pull request #1233 from kpschuck/master
Updates go to 1.10.2 to support SHA-512 for ldaps
2018-05-14 09:23:00 -07:00
Kevin Schuck
ca3d73c36d Updates go to 1.10.2 to support SHA-512 for ldaps 2018-05-10 11:23:50 -05:00
silenceshell
468b5e3f0a
fix typo
Should `pulic`  be `public`?
2018-05-10 11:55:11 +08:00
Matthias Klan
481f1276a8
Update using-dex.md
fix wrong port from example
2018-05-04 16:14:16 +02:00
Joe Borg
fc8b20ba35 Removing whitespace 2018-04-27 09:28:52 +01:00
Eric Chiang
0d3edf2456
Merge pull request #1208 from ericchiang/go10
*: update build to Go 1.10
2018-03-20 15:08:43 -07:00
Eric Chiang
264484075a
*: update build to Go 1.10 2018-03-20 14:50:33 -07:00
Eric Chiang
f2eac0e723
Merge pull request #1200 from carbin-gun/master
Update check go major version way
2018-03-07 10:38:48 -07:00
charles.deng
d92c21b9f9
Update check go major version way
the previous one just keep one prefix number as the major number, it should be the whole number after the dot.
2018-03-07 23:34:08 +08:00
Eric Chiang
218d671a96
Merge pull request #1198 from srenatus/sr/add-test-case-for-tampered-nameid-field-with-comment
saml: add tests case covering tampered NameID field (comment)
2018-03-01 15:17:32 -08:00
Stephan Renatus
608260d0f1 saml: add tests case covering tampered NameID field (comment)
As sketched here:

https://developer.okta.com/blog/2018/02/27/a-breakdown-of-the-new-saml-authentication-bypass-vulnerability

Thought it was interesting to see how our SAML connector behaved. And
it seems to be behaving well. :)

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-02-28 08:42:17 +01:00
Eric Chiang
39a66d1496
Merge pull request #1195 from Skn0tt/patch-1
Add missing word
2018-02-27 10:37:31 -08:00
Simon Knott
822a10cede
Add missing word 2018-02-24 11:31:51 +01:00
Eric Chiang
01d63b086f
Merge pull request #1176 from vyshane/master
New id_provider scope that adds the connector ID and user ID to the ID token claims
2018-02-03 11:47:42 -08:00
Vy-Shane Xie
b03c85e56e Add new federated:id scope that causes Dex to add a federated_claims claim containing the connector_id and user_id to the ID token 2018-02-03 18:40:03 +08:00
Eric Chiang
ce686390a5
Merge pull request #1144 from srenatus/sr/support-direct-post-without-get-first
handlers/connector_login: update AuthRequest irregardless of method
2018-02-01 11:26:57 -08:00
Eric Chiang
c0bcc81997
Merge pull request #1171 from pmcgrath/1170-fix-typos
1170 - Fix comment typos
2018-02-01 11:19:56 -08:00
pmcgrath
4aec353aec 1170 - Fix comment typos
BsaeDN should be BaseDN
2018-01-14 12:34:45 +00:00
Eric Chiang
1dbecefadf
Merge pull request #1166 from ericchiang/coc
automated PR: update CoC and legalese
2018-01-08 15:41:30 -08:00
Eric Chiang
f83c86cead
Merge pull request #1168 from ericchiang/connector-docs
README: expand connector docs and assign each a level of support
2018-01-05 09:27:19 -08:00
Eric Chiang
ea2c63d7b0 README: expand connector docs and assign each a level of support 2018-01-05 09:06:18 -08:00
Eric Chiang
2851b3c7a6
Merge pull request #1167 from ericchiang/restructure-connector-docs
Documentation: restructure connector docs to a single folder
2018-01-04 13:59:52 -08:00
Eric Chiang
460f48320e Documentation: restructure connector docs to a single folder 2018-01-04 13:50:14 -08:00
Eric Chiang
2215158b2a update CoC and legalese 2018-01-04 12:14:31 -08:00
Eric Chiang
6ef8cd512f
Merge pull request #1155 from brancz/prometheus
Add Prometheus metrics
2017-12-21 12:32:44 -08:00
Frederic Branczyk
0930b09e4e
vendor: Add metrics packages 2017-12-21 21:24:14 +01:00
Frederic Branczyk
5f03479d29
*: Add go runtime, process, HTTP and gRPC metrics 2017-12-21 21:24:09 +01:00
Eric Chiang
053c476c4f
Merge pull request #1157 from ericchiang/conn-oidc-doc-groups
document limitations in the OpenID Connect connector
2017-12-20 17:20:21 -08:00
Eric Chiang
0811d1a07a document limitations in the OpenID Connect connector 2017-12-20 17:12:00 -08:00
Eric Chiang
b5baf6b1ca
Merge pull request #1152 from diegs/bom
license: add bill of materials.
2017-12-19 10:31:43 -08:00
Diego Pontoriero
6d4fef4b9a
license: add bill of materials. 2017-12-19 10:23:27 -08:00
Eric Chiang
9d4b1041bd
Merge pull request #1151 from topos-ai/email-address
Clarify email scope description
2017-12-17 10:36:58 -08:00
Eric Buth
da45adcb6e email scope only allows access to a user's email address 2017-12-17 12:08:19 -05:00
Stephan Renatus
f013a44581 handlers/connector_login: check before update (optimization)
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-12-11 08:32:22 +01:00
Eric Chiang
ec5e2cc3c6
Merge pull request #1135 from mpashka/master
Update slapd.sh
2017-12-08 15:26:14 -06:00
Pavel Moukhataev
5ef1312b38 Add note for OpenLDAP installation 2017-12-08 23:53:36 +03:00
Stephan Renatus
f18d7afc6f handlers/connector_login: update AuthRequest irregardless of method
Before, you could not POST your credentials to a password-connector's
endpoint without GETing that endpoint first. While this makes sense for
browser clients; automated interactions with Dex don't need to look at
the password form to fill it in.

A symptom of that missing GET was that the POST succeeded (!) with

    login successful: connector "", username="admin", email="admin@example.com", groups=[]

Note the connector "". A subsequent call to finalizeLogin would then
fail with

    connector with ID "" not found: failed to get connector object from storage: not found

Now, the connector ID of an auth request will be updated for both GETs
and POSTs.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-12-08 11:49:52 +01:00