Commit graph

730 commits

Author SHA1 Message Date
Stephan Renatus
6a2d4ab6b4 connectors/ldap: treat 'constraint violation' on bind as bad credentials
Some directory servers (I think it's Oracle) return

    Constraint Violation: Exceed password retry limit. Account locked.

when attempting to login too many times. While constraint violation can
mean many things, we're checking this as an error on BIND, so it's
more likely that something like this has happened than any other thing.

Hence, we should treat it as an "incorrect password" situation, not an
internal error.

It would of course be preferrable to surface more information about this
precise error (and similar ones), but I think this is beyond this small
change.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 10:03:17 +02:00
rithu leena john
3bbc2c0bde
Merge pull request #1280 from rithujohn191/maintainer-list
*: update the maintainers list
2018-09-04 10:36:57 -07:00
Eric Chiang
4dc3347106
Merge pull request #1279 from AnianZ/master
fix default baseURL for GitLab connector
2018-09-04 08:09:37 -07:00
Stephan Renatus
4caf82c1e9
Merge pull request #1258 from montaro/fix-odic-doc-broken-link
Fix a broken link in the oidc readme
2018-09-03 09:16:19 +02:00
Stephan Renatus
cabdcb1eb0
Merge pull request #1259 from montaro/fix-typo-in-README
fix typo in README
2018-09-03 09:15:18 +02:00
Stephan Renatus
e3e37504ca
Merge pull request #1269 from tw3rp/patch-1
[version_update] Update the version to the latest
2018-09-03 09:09:05 +02:00
rithu john
9de19cb899 *: update the maintainers list 2018-08-31 17:26:49 -07:00
Anian Z
5454a4729f fix default baseURL for gitlab connector 2018-08-28 19:05:30 +02:00
tw3rp
49bbcd343f
[version_update] Update the version to the latest
Version mentioned in this example is very old and was causing issues
2018-08-05 15:48:11 -07:00
Ahmed ElRefaey
b71bec2ba1
fix typo in README 2018-07-04 15:11:52 +02:00
Ahmed ElRefaey
32e9570116
Fix a breoken link in the oidc readme
Fixed a broken link to An overview of OpenID Connect
2018-07-04 14:56:29 +02:00
Eric Chiang
036e5d050d
Merge pull request #1226 from joedborg/examples-cleanup
Removing whitespace
2018-05-14 16:11:00 -07:00
Eric Chiang
384db1f33e
Merge pull request #1231 from mklan/patch-1
Update using-dex.md
2018-05-14 16:10:41 -07:00
Eric Chiang
0822f1d4d3
Merge pull request #1232 from silenceshell/patch-1
fix typo
2018-05-14 16:10:19 -07:00
Eric Chiang
bf3ffb53a0
Merge pull request #1233 from kpschuck/master
Updates go to 1.10.2 to support SHA-512 for ldaps
2018-05-14 09:23:00 -07:00
Kevin Schuck
ca3d73c36d Updates go to 1.10.2 to support SHA-512 for ldaps 2018-05-10 11:23:50 -05:00
silenceshell
468b5e3f0a
fix typo
Should `pulic`  be `public`?
2018-05-10 11:55:11 +08:00
Matthias Klan
481f1276a8
Update using-dex.md
fix wrong port from example
2018-05-04 16:14:16 +02:00
Joe Borg
fc8b20ba35 Removing whitespace 2018-04-27 09:28:52 +01:00
Eric Chiang
0d3edf2456
Merge pull request #1208 from ericchiang/go10
*: update build to Go 1.10
2018-03-20 15:08:43 -07:00
Eric Chiang
264484075a
*: update build to Go 1.10 2018-03-20 14:50:33 -07:00
Eric Chiang
f2eac0e723
Merge pull request #1200 from carbin-gun/master
Update check go major version way
2018-03-07 10:38:48 -07:00
charles.deng
d92c21b9f9
Update check go major version way
the previous one just keep one prefix number as the major number, it should be the whole number after the dot.
2018-03-07 23:34:08 +08:00
Eric Chiang
218d671a96
Merge pull request #1198 from srenatus/sr/add-test-case-for-tampered-nameid-field-with-comment
saml: add tests case covering tampered NameID field (comment)
2018-03-01 15:17:32 -08:00
Stephan Renatus
608260d0f1 saml: add tests case covering tampered NameID field (comment)
As sketched here:

https://developer.okta.com/blog/2018/02/27/a-breakdown-of-the-new-saml-authentication-bypass-vulnerability

Thought it was interesting to see how our SAML connector behaved. And
it seems to be behaving well. :)

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-02-28 08:42:17 +01:00
Eric Chiang
39a66d1496
Merge pull request #1195 from Skn0tt/patch-1
Add missing word
2018-02-27 10:37:31 -08:00
Simon Knott
822a10cede
Add missing word 2018-02-24 11:31:51 +01:00
Eric Chiang
01d63b086f
Merge pull request #1176 from vyshane/master
New id_provider scope that adds the connector ID and user ID to the ID token claims
2018-02-03 11:47:42 -08:00
Vy-Shane Xie
b03c85e56e Add new federated:id scope that causes Dex to add a federated_claims claim containing the connector_id and user_id to the ID token 2018-02-03 18:40:03 +08:00
Eric Chiang
ce686390a5
Merge pull request #1144 from srenatus/sr/support-direct-post-without-get-first
handlers/connector_login: update AuthRequest irregardless of method
2018-02-01 11:26:57 -08:00
Eric Chiang
c0bcc81997
Merge pull request #1171 from pmcgrath/1170-fix-typos
1170 - Fix comment typos
2018-02-01 11:19:56 -08:00
pmcgrath
4aec353aec 1170 - Fix comment typos
BsaeDN should be BaseDN
2018-01-14 12:34:45 +00:00
Eric Chiang
1dbecefadf
Merge pull request #1166 from ericchiang/coc
automated PR: update CoC and legalese
2018-01-08 15:41:30 -08:00
Eric Chiang
f83c86cead
Merge pull request #1168 from ericchiang/connector-docs
README: expand connector docs and assign each a level of support
2018-01-05 09:27:19 -08:00
Eric Chiang
ea2c63d7b0 README: expand connector docs and assign each a level of support 2018-01-05 09:06:18 -08:00
Eric Chiang
2851b3c7a6
Merge pull request #1167 from ericchiang/restructure-connector-docs
Documentation: restructure connector docs to a single folder
2018-01-04 13:59:52 -08:00
Eric Chiang
460f48320e Documentation: restructure connector docs to a single folder 2018-01-04 13:50:14 -08:00
Eric Chiang
2215158b2a update CoC and legalese 2018-01-04 12:14:31 -08:00
Eric Chiang
6ef8cd512f
Merge pull request #1155 from brancz/prometheus
Add Prometheus metrics
2017-12-21 12:32:44 -08:00
Frederic Branczyk
0930b09e4e
vendor: Add metrics packages 2017-12-21 21:24:14 +01:00
Frederic Branczyk
5f03479d29
*: Add go runtime, process, HTTP and gRPC metrics 2017-12-21 21:24:09 +01:00
Eric Chiang
053c476c4f
Merge pull request #1157 from ericchiang/conn-oidc-doc-groups
document limitations in the OpenID Connect connector
2017-12-20 17:20:21 -08:00
Eric Chiang
0811d1a07a document limitations in the OpenID Connect connector 2017-12-20 17:12:00 -08:00
Eric Chiang
b5baf6b1ca
Merge pull request #1152 from diegs/bom
license: add bill of materials.
2017-12-19 10:31:43 -08:00
Diego Pontoriero
6d4fef4b9a
license: add bill of materials. 2017-12-19 10:23:27 -08:00
Eric Chiang
9d4b1041bd
Merge pull request #1151 from topos-ai/email-address
Clarify email scope description
2017-12-17 10:36:58 -08:00
Eric Buth
da45adcb6e email scope only allows access to a user's email address 2017-12-17 12:08:19 -05:00
Stephan Renatus
f013a44581 handlers/connector_login: check before update (optimization)
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-12-11 08:32:22 +01:00
Eric Chiang
ec5e2cc3c6
Merge pull request #1135 from mpashka/master
Update slapd.sh
2017-12-08 15:26:14 -06:00
Pavel Moukhataev
5ef1312b38 Add note for OpenLDAP installation 2017-12-08 23:53:36 +03:00