Commit graph

263 commits

Author SHA1 Message Date
Josh Winters
a087c05ebf Make oauth user name and user id configurable
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
2021-11-17 15:06:53 -05:00
Joshua Winters
9284ffb8c0 Add generic oauth connector
Co-authored-by: Shash Reddy <sreddy@pivotal.io>
Signed-off-by: Joshua Winters <jwinters@pivotal.io>
2021-11-17 15:06:53 -05:00
Matt Hoey
ee5b5b25bd Resolves #2111 Option to fetch transitive group membership
Signed-off-by: Matt Hoey <matt.hoey@missionlane.com>
2021-10-17 12:48:22 -07:00
Eng Zer Jun
f0186ff265
refactor: move from io/ioutil to io and os package
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2021-09-17 14:12:39 +08:00
Henning
138364ceeb
handlePasswordGrant: insert connectorData into OfflineSession (#2199)
* handlePasswordGrant: insert connectorData into OfflineSession

This change will insert the ConnectorData from the initial Login
into the OfflineSession, as already done in handlePasswordLogin.

Signed-off-by: Henning Surmeier <h.surmeier@mittwald.de>
2021-07-21 00:05:35 +04:00
Mark Sagi-Kazar
215c3160f8
fix(connector/ldap): explicit anonymus ldap bind
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-06-28 17:49:47 +02:00
Márk Sági-Kazár
b1ac799073
Merge pull request #1912 from wellplayedgames/microsoft-prompt-type
Support setting the prompt type for the Microsoft connector
2021-04-24 10:58:43 +02:00
Márk Sági-Kazár
e3f8b0f2f6
Merge pull request #2036 from flant/keystone-minor-fixes
chore: add keystone connector icon and bump tests dependencies
2021-03-22 17:51:19 +01:00
Salman Ahmed
bbd8b3b3cd connector/ldap: use go-ldap version v3
Signed-off-by: Salman Ahmed <salman.ahmed@weidmueller.com>
2021-03-22 16:17:47 +01:00
m.nabokikh
6be747142a chore: add keystone connector icon and bump tests dependencies
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-03-11 23:03:37 +04:00
m.nabokikh
84a07a7805 Do not run LDAP tests if DEX_LDAP_HOST is not set
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 17:05:41 +04:00
m.nabokikh
1f2771b57e fix: do not run LDAP tests locally by default
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-02-20 12:55:52 +04:00
Mark Sagi-Kazar
6f70272bc3
test(connector/ldap): remove ldap test gate
Now that the ldap tests don't create containers on the fly
they can run the same way as other integration tests.

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-15 16:46:43 +01:00
Mark Sagi-Kazar
f11db50369
test(connector/ldap): rewrite tests to use a single server instance
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-02-15 16:37:03 +01:00
m.nabokikh
b2e9f67edc Enable unparam, prealloc, sqlclosecheck linters
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-01-15 19:29:13 +04:00
Mark Sagi-Kazar
b8ac640c4f
Update oidc library
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-01-13 19:56:09 +01:00
Erica Taylor
ba47aaba86 microsoft: Support setting the prompt type
Signed-off-by: Erica Taylor <ricky@wellplayed.games>
2021-01-11 11:48:58 +00:00
Márk Sági-Kazár
4f326390aa
Merge pull request #1839 from seuf/authproxy-header-configuration
Allow configuration of returned auth proxy header
2021-01-07 10:40:57 +01:00
Márk Sági-Kazár
ee50c09313
Merge pull request #1888 from VF-mbrauer/UPN-Lowercase
Added the possibility to activate lowercase for UPN-Strings
2021-01-06 20:36:43 +01:00
Maik Brauer
0d53fa2f42 Merge branch 'UPN-Lowercase' of https://github.com/VF-mbrauer/dex into UPN-Lowercase
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
2021-01-05 21:48:02 +01:00
Maik Brauer
c55f17ea64 Adapted recommendation from Maintainer for PR #1888
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
2021-01-05 21:36:41 +01:00
Maik Brauer
4d246bc9dc Adapted recommendation from Maintainer for PR #1888
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
2021-01-05 17:12:45 +01:00
Maik Brauer
eb9ef3b0ec Added the possibility to acticate lowercase for UPN-Strings
Signed-off-by: Maik Brauer <maik.brauer@vodafone.com>
2021-01-04 15:07:14 +01:00
Josh Soref
84e9cb6947 spelling: verified
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:29 -05:00
Josh Soref
97d3e8fa7f spelling: signature
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:29 -05:00
Josh Soref
801fd64a11 spelling: serviceaccount
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:29 -05:00
Josh Soref
791ad900cb spelling: reuse
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:29 -05:00
Josh Soref
d3d447fcf1 spelling: readable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:26 -05:00
Josh Soref
a996c4ba54 spelling: guaranteeing
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
2020-12-19 22:53:26 -05:00
Thierry Sallé
e164bb381e Apply suggestions from code review
Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>
Signed-off-by: seuf <seuf76@gmail.com>
2020-12-17 16:50:00 +01:00
seuf
a1c7198738 Rename config header to userHeader
Signed-off-by: seuf <seuf76@gmail.com>
2020-12-17 16:50:00 +01:00
seuf
f19bccfc92 Allow configuration of groups for authproxy
Signed-off-by: seuf <seuf76@gmail.com>
2020-12-17 16:50:00 +01:00
seuf
a12a919d3e Allow configuration of returned auth proxy header
Signed-off-by: seuf <seuf76@gmail.com>
2020-12-17 16:50:00 +01:00
Stephen Augustus
57640cc7a9 connector/saml: Validate XML roundtrip data before processing request
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2020-12-08 07:26:48 -05:00
Mark Sagi-Kazar
349832b380
Run fixer
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2020-11-03 20:52:14 +01:00
m.nabokikh
a5ad5eaf08 fix: Minor style fixes after merging PKCE implementation
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-26 23:20:33 +04:00
m.nabokikh
1d83e4749d Add gocritic
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 01:54:27 +04:00
m.nabokikh
4d63e9cd68 fix: Bump golangci-lint version and fix some linter's problems
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-18 01:02:29 +04:00
m.nabokikh
ec66cedfcc feat: Add team groups support to bitbucket connector
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-04 20:50:59 +03:00
m.nabokikh
4b94469547 fix: Replace teams endpoint for bitbucket connector
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2020-10-03 20:30:23 +03:00
Márk Sági-Kazár
a64e7c2986
Merge pull request #1769 from batara666/master
ldap.go: drop else on returned if block
2020-09-16 17:47:52 +02:00
Rui Yang
058202d007 revert changes for user id and user name
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-09-08 13:12:59 -04:00
Rui Yang
0494993326 update oidc documentation and email claim err msg
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-09-08 10:03:57 -04:00
Rui Yang
41207ba265 Combine #1691 and #1776 to unify OIDC provider claim mapping
add tests for groups key mapping

Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Scott Lemmon
a783667c57 Add groupsClaimMapping to the OIDC connector
The groupsClaimMapping setting allows one to specify which claim to pull
group information from the OIDC provider.  Previously it assumed group
information was always in the "groups" claim, but that isn't the case
for many OIDC providers (such as AWS Cognito using the "cognito:groups"
claim instead)

Signed-off-by: Scott Lemmon <slemmon@aurora.tech>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Cyrille Nofficial
61312e726e Add parameter configuration to override email claim key
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
52c39fb130 check if upstream contains preferrend username claim first
Signed-off-by: Rui Yang <ryang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
4812079647 add tests when preferred username key is not set
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Rui Yang
d9afb7e59c default to preferred_username claim
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00
Josh Winters
9a4e0fcd00 Make OIDC username key configurable
Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
2020-08-11 16:26:55 -04:00