Commit graph

71 commits

Author SHA1 Message Date
noesberger
e51704e41a
set readinessProbe to https
Fix the error
Readiness probe failed: Get "http://100.105.5.5:5556/healthz": dial tcp 100.105.5.5:5556: connect: connection refused
Client sent an HTTP request to an HTTPS server.
2021-06-17 15:55:15 +02:00
m.nabokikh
beb8911cf7 chore: add note about units to expire config
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-04-02 16:12:43 +04:00
m.nabokikh
91de99d57e feat: Add refresh token expiration and rotation settings
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-10 23:37:57 +04:00
Márk Sági-Kazár
a7a92b0513
Merge pull request #1899 from lcc3108/master
update example/k8s/dex.yaml
2021-02-10 13:44:13 +01:00
Márk Sági-Kazár
1c9fb499b4
Merge pull request #1947 from faro-oss/feature/ldaps-example
Extend OpenLDAP example for LDAPS
2021-02-10 13:39:29 +01:00
Márk Sági-Kazár
728ae7b348
Merge pull request #1961 from flant/make-example-app-form-prettier
chore: make example-app form prettier
2021-02-10 00:16:56 +01:00
Mark Sagi-Kazar
27a43669a7
chore: add new development configuration
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-28 18:54:38 +01:00
Martin Heide
c12c340e3c Extend OpenLDAP example for LDAPS
Signed-off-by: Martin Heide <martin.heide@faro.com>
2021-01-15 17:05:39 +00:00
Mark Sagi-Kazar
0a88483409
chore: rename the docs directory
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-14 17:30:04 +01:00
Mark Sagi-Kazar
7775a7e27a
Update oidc library in example app
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-13 19:56:23 +01:00
Maksim Nabokikh
35da73de38
chore: add frontend section to dev config (#1913)
* chore: add frontend section to dev config

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-12 19:20:38 +01:00
m.nabokikh
f2f19fa0d7 chore: make example-app form prettier
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-07 23:10:16 +04:00
IM CHAECHEOL
f2fcb2c989 update example/k8s/dex.yaml
Signed-off-by: IM CHAECHEOL <dlacocjf32@gmail.com>
2020-12-28 21:57:27 +09:00
Isaac Parker
0af41fb4ca docs: Correct tlsClientCA example reference
Signed-off-by: Isaac Parker <parrotmac@gmail.com>
2020-12-28 01:58:02 -07:00
Joel Speed
336c73c0a2
Merge pull request #1706 from justin-slowik/device_flow
Implementing the OAuth2 Device Authorization Grant
2020-08-28 11:35:46 +01:00
Mark Sagi-Kazar
6dadc26ca2
Move the example app to th examples folder
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-07-16 09:48:35 +02:00
Martin Heide
521954a3b9 Improve formatting
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-15 09:49:41 +00:00
Martin Heide
705cf8bb6a Rework to use docker-compose
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-15 09:49:23 +00:00
Martin Heide
ce337661b9 Add missing slapd.sh script from LDAP docs, and convert it to using Docker
Signed-off-by: Martin Heide <martin.heide@faro.com>
2020-07-13 15:55:23 +00:00
justin-slowik
9882ea453f better support for /device/callback redirect uris with public clients.
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:06 -04:00
justin-slowik
f6d8427f32 Added device flow static client to config-dev.yaml
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Justin Slowik
9bbdc721d5 Device flow token code exchange (#2)
* Added /device/token handler with associated business logic and storage tests.

Perform user code exchange, flag the device code as complete.

Moved device handler code into its own file for cleanliness.  Cleanup

* Removed PKCE code

* Rate limiting for /device/token endpoint based on ietf standards

* Configurable Device expiry

Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
2020-07-08 16:25:05 -04:00
Mark Sagi-Kazar
e84682d7b9
Add v2 api module 2020-07-01 14:20:57 +02:00
Nandor Kracser
5b7a664e9d
add docker-compose for local testing 2020-06-30 13:46:05 +02:00
Brian Candler
442d3de11d Allow the "google" connector to work without a service account
Fixes #1718
2020-05-22 09:24:26 +00:00
Nándor István Krácser
1160649c31
Merge pull request #1621 from concourse/pr/passowrd-grant-synced
Rework - add support for Resource Owner Password Credentials Grant
2020-02-20 08:27:50 +01:00
Zach Brown
13be146d2a Add support for password grant #926 2020-01-10 13:18:09 -05:00
Vitaliy Dmitriev
f2e7823db9 connector/ldap: add multiple user to group mapping
Add an ability to fetch user's membership from
  groups of a different type by specifying multiple
  group attribute to user attribute value matchers
  in the Dex config:

    userMatchers:
    - userAttr: uid
      groupAttr: memberUid
    - userAttr: DN
      groupAttr: member

  In other words the user's groups can be fetched now from
  ldap structure similar to the following:

    dn: cn=john,ou=People,dc=example,dc=org
    objectClass: person
    objectClass: inetOrgPerson
    sn: doe
    cn: john
    uid: johndoe
    mail: johndoe@example.com
    userpassword: bar

    dn: cn=qa,ou=Groups,ou=Portland,dc=example,dc=org
    objectClass: groupOfNames
    cn: qa
    member: cn=john,ou=People,dc=example,dc=org

    dn: cn=logger,ou=UnixGroups,ou=Portland,dc=example,dc=org
    objectClass: posixGroup
    gidNumber: 1000
    cn: logger
    memberUid: johndoe

Signed-off-by: Vitaliy Dmitriev <vi7alya@gmail.com>
2020-01-03 10:40:21 +01:00
Tom Downes
963b8e992d
Add examples for recent additions to oauth2 configuration options 2019-08-09 11:58:37 -05:00
Tyler Cloke
dd84e73c0e Add VerifyPassword to API
It takes in an email and plain text password to verify. If it fails to find a password stored for email, it returns not_found. If it finds the password hash stored but that hash doesn't match the password passed via the API, it returns verified = false, else it returns verified = true.

Co-authored-by: Alban Seurat <alban.seurat@me.com>
2019-07-22 10:23:07 +02:00
Mark Sagi-Kazar
c48cb36e8f
Fix typo 2019-02-22 20:54:19 +01:00
Takashi Okamoto
2d7de4ec70 Add Active Directory and kubeloing integration sample. 2019-01-26 04:15:50 +00:00
Owen Tuz
58093dbb29 Kubernetes example: Add RBAC resources and serviceAccount to YAML manifest, remove some references to deprecated TPR approach 2018-11-23 10:48:00 +00:00
Stephan Renatus
9cc85c447c examples/k8s: reference quay.io/dexidp
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-06 09:10:01 +02:00
Stephan Renatus
b9f6594bf0 *: github.com/coreos/dex -> github.com/dexidp/dex
Signed-off-by: Stephan Renatus <srenatus@chef.io>
2018-09-05 17:57:08 +02:00
tw3rp
49bbcd343f
[version_update] Update the version to the latest
Version mentioned in this example is very old and was causing issues
2018-08-05 15:48:11 -07:00
Joe Borg
fc8b20ba35 Removing whitespace 2018-04-27 09:28:52 +01:00
Frederic Branczyk
5f03479d29
*: Add go runtime, process, HTTP and gRPC metrics 2017-12-21 21:24:09 +01:00
Stephan Renatus
b09a13458f password connectors: allow overriding the username attribute (password prompt)
This allows users of the LDAP connector to give users of Dex' login
prompt an idea of what they should enter for a username.

Before, irregardless of how the LDAP connector was set up, the prompt
was

    Username
    [_________________]

    Password
    [_________________]

Now, this is configurable, and can be used to say "MyCorp SSO Login" if
that's what it is.

If it's not configured, it will default to "Username".

For the passwordDB connector (local users), it is set to "Email
Address", since this is what it uses.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
2017-11-09 09:30:03 +01:00
Eric Chiang
50f2905cac *: add standup script for LDAP 2017-08-22 10:37:29 -07:00
rithu john
5e0bf8b65f connector/oidc: fix hosted domain support. 2017-07-25 13:46:12 -07:00
rithu leena john
a5d218fd08 Merge pull request #974 from roguePanda/google-hosted-domain
Google hosted domain support
2017-07-07 10:26:28 -07:00
Eric Chiang
c1a7285711 examples: document explicit flow in example config 2017-06-23 11:27:49 -07:00
Ben Navetta
687bc9ca5c add hosted domain to example config 2017-06-20 23:01:35 -07:00
rithu john
562eae3fc7 examples/grpc-client: clean up the example and add tlsClientCA to ConfigMap. 2017-03-23 16:57:23 -07:00
Eric Chiang
33f0199077 *: fix spelling using github.com/client9/misspell 2017-03-20 09:16:56 -07:00
rithu john
08db0eb5ce examples/grpc-client: minor corrections in the dex client example. 2017-03-03 15:58:30 -08:00
rithu john
fa2f76bcdb examples: adding a gRPC client example. 2017-02-28 12:06:44 -08:00
h0me
9bf491befc replace bcrypt hash with a working one
replace bcrypt hash with an appropriate value for the string "password"
2016-12-20 15:21:05 +01:00
Eric Chiang
4d54038256 examples: add logger fields 2016-12-15 13:47:37 -08:00