Commit graph

594 commits

Author SHA1 Message Date
Reza Mohammadi
7d9a98f96e documentation: multiple fixes in examples README
* In a9dce1c, the defaults are set to the `.example` paths, except for `emailer.json` which is instead committed into the git repository. So there's no need to duplicate those file in order to start dex-worker.
* The default value for discovery is moved from `/` to `/dex` in #521
* Typo in `client-secret` value.
2016-09-04 18:50:57 +04:30
Eric Chiang
d758e38cd4 Merge pull request #529 from Tecsisa/Clients_create_users
ClientCredentials flow in basic User operations (createUser, getUser, resendInvitationMail)
2016-09-01 09:15:28 -07:00
Adrián López Gómez
9b8ab3bdc6 ClientCredentials flow in UserAPI
Fixes #528
2016-09-01 08:34:36 +02:00
Eric Chiang
0086a1c1bb Merge pull request #570 from ericchiang/update-go-oidc-for-hmac-changes
Update go-oidc for hmac changes
2016-08-29 09:22:34 -07:00
Eric Chiang
4ea7cebd7f *: revendor 2016-08-27 08:50:30 -07:00
Eric Chiang
d218f5251e *: update go-oidc 2016-08-27 08:50:18 -07:00
Eric Chiang
7caaca9a2c Merge pull request #558 from ericchiang/fix-local-registration-for-non-root-url
server: fix registration redirect for non-root URLs
2016-08-19 16:48:51 -07:00
Eric Chiang
fa8f98acac server: fix registration redirect for servers listenin at non-base URLs 2016-08-19 16:25:32 -07:00
Eric Chiang
7525e5623c Merge pull request #560 from ericchiang/fix-user-api
server: fix the path registration for user APIs at non-root URLs
2016-08-18 17:03:20 -07:00
Eric Chiang
b466ae7a70 server: fix the path registration for user APIs at non-root URLs 2016-08-18 16:15:13 -07:00
Eric Chiang
b33227bcd4 Merge pull request #556 from ericchiang/bump-go-oidc-to-remove-capnslog-dependency
*: update go-oidc to remove dependency on capnslog
2016-08-16 12:54:23 -07:00
Eric Chiang
2e57dde3c4 *: revendor 2016-08-16 12:33:16 -07:00
Eric Chiang
9f095c559f *: update go-oidc to remove dependency on capnslog
This change updates the vendored go-oidc package to remove the
dependency on capnslog. It also pulls in a few other minor changes
as part of that package's development.
2016-08-16 12:31:46 -07:00
Eric Chiang
630bf86f32 Merge pull request #540 from Tecsisa/519-refresh-token-only-work-once
refresh token rotation
2016-08-16 08:22:21 -07:00
Rubén Soleto Buenvarón
c91b37aa9e refresh token rotation
Update refresh token flow to revoke old refresh token and generates a new one.

Fixes #519
2016-08-16 08:05:01 +02:00
Eric Chiang
44295706ea Merge pull request #555 from ericchiang/travis-testing
*: pin version of openldap container
2016-08-15 13:24:06 -07:00
Eric Chiang
852cc3872e *: pin version of openldap container for Travis tests
Upstream changes to the osixia/openldap broke our LDAP intergraiton
tests. For now pin the version of oxisia/openldap. Long term rewrite
the tests do they don't depend on the container's file system,
possibly when addressing #477.

Closes #554
2016-08-15 13:07:41 -07:00
Eric Chiang
043fcdadfa Merge pull request #545 from roidelapluie/quickstart
documentation: fix getting-started
2016-08-15 09:39:04 -07:00
Eric Chiang
1d3f7f38ad Merge pull request #546 from roidelapluie/typo
documentation: fix typos in getting-started
2016-08-15 09:38:53 -07:00
Julien Pivotto
1595a1affd
documentation: fix typos in getting-started
| Typo           | Fix            |
| -------------- | -------------- |
| a an api       | an api         |
| adminsitrative | administrative |
| attemping      | attempting     |

[skip ci]

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2016-08-15 09:22:42 +02:00
Julien Pivotto
256f2431f9
documentation: fix getting-started
The discovery URL has changed and now ends with /dex. As the scripts
were updated in #525, the documentation was not.

Broken since #521.

[skip ci]

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
2016-08-15 09:22:20 +02:00
Eric Chiang
e6ef25bb74 Merge pull request #527 from zlabjp/azure-connector
connector: add azure connector
2016-08-12 10:39:53 -07:00
Moto Ishizawa
eb0c312734 connector: add emailClaim setting to OIDC Connector
Add emailCiam setting to OIDC Connector for supporting an ID token
that does not contain the email claim.
2016-08-12 10:45:47 +09:00
Eric Chiang
882ced4213 Merge pull request #544 from ericchiang/fix-client-secrets-in-examples
*: update examples to hold valid client secrets for no-db mode
2016-08-11 13:04:38 -07:00
Eric Chiang
bef9f3c221 Merge pull request #542 from whitlockjc/uaa-connector
connector: add uaa connector
2016-08-11 12:56:46 -07:00
Eric Chiang
cced75f138 *: update examples to hold valid client secrets for no-db mode 2016-08-11 12:53:48 -07:00
Eric Chiang
ac518139d3 Merge pull request #537 from wyattanderson/register-display-name
server: when registering a user, set user name if OIDC identity contains one
2016-08-10 23:06:58 -07:00
Jeremy Whitlock
27b80cbca8 connector: add uaa connector
This commit adds support for dex to authenticate users from a
CloudFoundry User Account and Authentication (UAA) Server.

Fixes: #538
2016-08-10 16:04:39 -06:00
Eric Chiang
5dec7194d2 Merge pull request #541 from kanor1306/patch-1
Fix typo in dexctl parameter
2016-08-10 09:29:56 -07:00
Nicanor Gutierrez
dace4b2d25 Fix typo in dexctl parameter 2016-08-10 12:37:55 +02:00
Wyatt Anderson
26508c6bab server: when registering a user, set display name
When automatically registering a user from an IP that provides
a `DisplayName`, set it on the created user so that JWT we create
contain a meaningful `name` field.
2016-08-04 11:45:05 -04:00
Eric Chiang
0e94e76255 Merge pull request #531 from ericchiang/user-api-accept-bearer-tokens-with-multiple-audiences
user api: accept bearer tokens with multiple audiences
2016-08-02 12:34:05 -07:00
Eric Chiang
8669167b42 user api: accept bearer tokens with multiple audiences 2016-08-02 11:52:19 -07:00
Eric Chiang
92920fa05d Merge pull request #535 from ericchiang/cleanup-docker-containers-after-travis-tests
*: cleanup containers generated during tests to avoid deploy conflicts
2016-08-01 16:14:09 -07:00
Eric Chiang
1210fb5d8f *: cleanup containers generated during tests to avoid deploy conflicts 2016-08-01 16:03:18 -07:00
Eric Chiang
263b933a34 Merge pull request #534 from ericchiang/fix-dockerfile
*: fix path to email config in dockerfile
2016-08-01 15:44:07 -07:00
Eric Chiang
dcc8908316 *: fix path to email config in dockerfile 2016-08-01 15:27:46 -07:00
Eric Chiang
d5744ab6e3 Merge pull request #532 from ericchiang/fix-travis-deployments
*: try to fix travis deployments by adding script with no arguments
2016-08-01 14:48:40 -07:00
Eric Chiang
ca4002a9c6 *: try to fix travis deployments by adding script with no arguments 2016-08-01 14:34:36 -07:00
Eric Chiang
ea55bee5fa Merge pull request #526 from l0n3r4n83r/master
Fix standup-db.sh
2016-07-28 16:09:59 -07:00
Harsh Chauhan
b42398d3ab Fix standup-db.sh 2016-07-28 15:47:32 -07:00
Eric Chiang
d1bb106f94 Merge pull request #521 from ericchiang/allow-dex-to-work-at-non-base-url
Allow dex to work at non base url
2016-07-26 15:40:25 -07:00
Eric Chiang
40c1ade816 Documentation: update connector callback documentation to use issuer URL 2016-07-26 11:21:54 -07:00
Eric Chiang
435cadfc19 *: more updates to prepend the correct API path 2016-07-25 17:06:20 -07:00
Eric Chiang
ede6300a84 *: by default, have dex listen at a non-root url 2016-07-25 16:03:25 -07:00
Eric Chiang
854b767273 *: update handlers to include issuer url in path 2016-07-25 16:03:25 -07:00
Eric Chiang
1e0ee1e435 Merge pull request #522 from ericchiang/fix-connector-handlers
connector: fix path that connectors listen on
2016-07-25 15:08:50 -07:00
Eric Chiang
8216a3d992 connector: fix path that connectors listen on
When Dex uses a non-root issuer URL, it current assumes that all
path prefixes will be trimmed by an upstream proxy (e.g. nginx).
This means that all paths rendered in HTML will be absolute to the
prefix, but the handlers still listen at the root.

Connectors are currently the only component that registers at a
non-root URL. Make this conform with the rest of Dex by having the
server determine the path the connector listens as rather than the
connector itself.
2016-07-25 14:32:24 -07:00
Eric Chiang
216d26913f Merge pull request #520 from squat/add-absolute-path-to-templates
backend: add absolute path to template links
2016-07-22 15:51:25 -07:00
Lucas Serven
0cc0c73676 backend: add absolute path to template links
fixes: #502

Add a new template function called `absPath` that converts relative
paths to absolute paths based on the issuerURL. The template function
can be used in templates like:
````html
<a href="{{ .MyRelativePath | absPath }}">
````
2016-07-22 15:41:16 -07:00