Commit graph

77 commits

Author SHA1 Message Date
m.nabokikh
6822ad950f feat: enable profiling endpoints
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2022-04-12 12:12:37 +04:00
Mark Sagi-Kazar
eb26422bdc
chore(examples): update dependencies
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-01-15 11:10:51 +01:00
Eng Zer Jun
f0186ff265
refactor: move from io/ioutil to io and os package
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2021-09-17 14:12:39 +08:00
Radoslav Dimitrov
6865d84ae4 Bump Dex image to v2.30.0 for Kubernetes deployment example
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2021-08-10 19:13:04 +03:00
Jesse Glick
65edeff231
Include explanation in comment: https://github.com/dexidp/dex/pull/2218#discussion_r679873279
Signed-off-by: Jesse Glick <jglick@cloudbees.com>
2021-07-30 12:52:43 -04:00
Jesse Glick
f1d4fec45e
Demonstrate use of htpasswd for bCrypt in staticPasswords
Signed-off-by: Jesse Glick <jglick@cloudbees.com>
2021-07-27 11:40:02 -04:00
noesberger
e51704e41a
set readinessProbe to https
Fix the error
Readiness probe failed: Get "http://100.105.5.5:5556/healthz": dial tcp 100.105.5.5:5556: connect: connection refused
Client sent an HTTP request to an HTTPS server.
2021-06-17 15:55:15 +02:00
m.nabokikh
beb8911cf7 chore: add note about units to expire config
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-02 16:12:43 +04:00
m.nabokikh
91de99d57e feat: Add refresh token expiration and rotation settings
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-10 23:37:57 +04:00
Márk Sági-Kazár
a7a92b0513
Merge pull request #1899 from lcc3108/master
update example/k8s/dex.yaml
2021-02-10 13:44:13 +01:00
Márk Sági-Kazár
1c9fb499b4
Merge pull request #1947 from faro-oss/feature/ldaps-example
Extend OpenLDAP example for LDAPS
2021-02-10 13:39:29 +01:00
Márk Sági-Kazár
728ae7b348
Merge pull request #1961 from flant/make-example-app-form-prettier
chore: make example-app form prettier
2021-02-10 00:16:56 +01:00
Mark Sagi-Kazar
27a43669a7
chore: add new development configuration
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-28 18:54:38 +01:00
Martin Heide
c12c340e3c Extend OpenLDAP example for LDAPS
Signed-off-by: Martin Heide <martin.heide@faro.com>
2021-01-15 17:05:39 +00:00
Mark Sagi-Kazar
0a88483409
chore: rename the docs directory
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-14 17:30:04 +01:00
Mark Sagi-Kazar
7775a7e27a
Update oidc library in example app
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-13 19:56:23 +01:00
Maksim Nabokikh
35da73de38
chore: add frontend section to dev config (#1913)
* chore: add frontend section to dev config

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-12 19:20:38 +01:00
m.nabokikh
f2f19fa0d7 chore: make example-app form prettier
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-07 23:10:16 +04:00
IM CHAECHEOL
f2fcb2c989 update example/k8s/dex.yaml
Signed-off-by: IM CHAECHEOL <dlacocjf32@gmail.com>
2020-12-28 21:57:27 +09:00
Isaac Parker
0af41fb4ca docs: Correct tlsClientCA example reference
Signed-off-by: Isaac Parker <parrotmac@gmail.com>
2020-12-28 01:58:02 -07:00
Joel Speed
336c73c0a2
Merge pull request #1706 from justin-slowik/device_flow
Implementing the OAuth2 Device Authorization Grant
2020-08-28 11:35:46 +01:00
Mark Sagi-Kazar
6dadc26ca2
Move the example app to th examples folder
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-07-16 09:48:35 +02:00
Martin Heide
521954a3b9 Improve formatting
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-15 09:49:41 +00:00
Martin Heide
705cf8bb6a Rework to use docker-compose
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-15 09:49:23 +00:00
Martin Heide
ce337661b9 Add missing slapd.sh script from LDAP docs, and convert it to using Docker
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-13 15:55:23 +00:00
justin-slowik
9882ea453f better support for /device/callback redirect uris with public clients.
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:06 -04:00
justin-slowik
f6d8427f32 Added device flow static client to config-dev.yaml
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Justin Slowik
9bbdc721d5 Device flow token code exchange (#2)
* Added /device/token handler with associated business logic and storage tests.

Perform user code exchange, flag the device code as complete.

Moved device handler code into its own file for cleanliness.  Cleanup

* Removed PKCE code

* Rate limiting for /device/token endpoint based on ietf standards

* Configurable Device expiry

Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Mark Sagi-Kazar
e84682d7b9
Add v2 api module 2020-07-01 14:20:57 +02:00
Nandor Kracser
5b7a664e9d
add docker-compose for local testing 2020-06-30 13:46:05 +02:00
Brian Candler
442d3de11d Allow the "google" connector to work without a service account
Fixes #1718
2020-05-22 09:24:26 +00:00
Nándor István Krácser
1160649c31
Merge pull request #1621 from concourse/pr/passowrd-grant-synced
Rework - add support for Resource Owner Password Credentials Grant
2020-02-20 08:27:50 +01:00
Zach Brown
13be146d2a Add support for password grant #926 2020-01-10 13:18:09 -05:00
Vitaliy Dmitriev
f2e7823db9 connector/ldap: add multiple user to group mapping
Add an ability to fetch user's membership from
  groups of a different type by specifying multiple
  group attribute to user attribute value matchers
  in the Dex config:

    userMatchers:
    - userAttr: uid
      groupAttr: memberUid
    - userAttr: DN
      groupAttr: member

  In other words the user's groups can be fetched now from
  ldap structure similar to the following:

    dn: cn=john,ou=People,dc=example,dc=org
    objectClass: person
    objectClass: inetOrgPerson
    sn: doe
    cn: john
    uid: johndoe
    mail: johndoe@example.com
    userpassword: bar

    dn: cn=qa,ou=Groups,ou=Portland,dc=example,dc=org
    objectClass: groupOfNames
    cn: qa
    member: cn=john,ou=People,dc=example,dc=org

    dn: cn=logger,ou=UnixGroups,ou=Portland,dc=example,dc=org
    objectClass: posixGroup
    gidNumber: 1000
    cn: logger
    memberUid: johndoe

Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
2020-01-03 10:40:21 +01:00
Tom Downes
963b8e992d
Add examples for recent additions to oauth2 configuration options 2019-08-09 11:58:37 -05:00
Tyler Cloke
dd84e73c0e Add VerifyPassword to API
It takes in an email and plain text password to verify. If it fails to find a password stored for email, it returns not_found. If it finds the password hash stored but that hash doesn't match the password passed via the API, it returns verified = false, else it returns verified = true.

Co-authored-by: Alban Seurat <alban.seurat@me.com>
2019-07-22 10:23:07 +02:00
Mark Sagi-Kazar
c48cb36e8f
Fix typo 2019-02-22 20:54:19 +01:00
Takashi Okamoto
2d7de4ec70 Add Active Directory and kubeloing integration sample. 2019-01-26 04:15:50 +00:00
Owen Tuz
58093dbb29 Kubernetes example: Add RBAC resources and serviceAccount to YAML manifest, remove some references to deprecated TPR approach 2018-11-23 10:48:00 +00:00
Stephan Renatus
9cc85c447c examples/k8s: reference quay.io/dexidp
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-06 09:10:01 +02:00
Stephan Renatus
b9f6594bf0 *: github.com/coreos/dex -> github.com/dexidp/dex
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
tw3rp
49bbcd343f
[version_update] Update the version to the latest
Version mentioned in this example is very old and was causing issues
2018-08-05 15:48:11 -07:00
Joe Borg
fc8b20ba35 Removing whitespace 2018-04-27 09:28:52 +01:00
Frederic Branczyk
5f03479d29
*: Add go runtime, process, HTTP and gRPC metrics 2017-12-21 21:24:09 +01:00
Stephan Renatus
b09a13458f password connectors: allow overriding the username attribute (password prompt)
This allows users of the LDAP connector to give users of Dex' login
prompt an idea of what they should enter for a username.

Before, irregardless of how the LDAP connector was set up, the prompt
was

    Username
    [_________________]

    Password
    [_________________]

Now, this is configurable, and can be used to say "MyCorp SSO Login" if
that's what it is.

If it's not configured, it will default to "Username".

For the passwordDB connector (local users), it is set to "Email
Address", since this is what it uses.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-11-09 09:30:03 +01:00
Eric Chiang
50f2905cac *: add standup script for LDAP 2017-08-22 10:37:29 -07:00
rithu john
5e0bf8b65f connector/oidc: fix hosted domain support. 2017-07-25 13:46:12 -07:00
rithu leena john
a5d218fd08 Merge pull request #974 from roguePanda/google-hosted-domain
Google hosted domain support
2017-07-07 10:26:28 -07:00
Eric Chiang
c1a7285711 examples: document explicit flow in example config 2017-06-23 11:27:49 -07:00
Ben Navetta
687bc9ca5c add hosted domain to example config 2017-06-20 23:01:35 -07:00