Commit graph

2075 commits

Author SHA1 Message Date
dependabot[bot]
ddd19bf91d
build(deps): bump alpine from 3.13.5 to 3.14.0
Bumps alpine from 3.13.5 to 3.14.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-16 06:06:29 +00:00
Mark Sagi-Kazar
a207238491
chore: fix lint issues
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-06-16 00:54:18 +02:00
Mark Sagi-Kazar
7043d944cf
chore: update etcd version in test environments
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-06-16 00:40:35 +02:00
Mark Sagi-Kazar
831c0efe9c
chore(deps): update etcd
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-06-16 00:37:48 +02:00
m.nabokikh
0754c30ac2 fix: get namespace from file for Kubernetes storage client
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-10 20:01:14 +04:00
m.nabokikh
7a2472555a feat: Create CRDs as apiextensions.k8s.io/v1
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-10 20:00:49 +04:00
Márk Sági-Kazár
baec4f79ce
Merge pull request #2161 from dexidp/update-etcd
Update etcd
2021-06-07 11:24:16 +02:00
Mark Sagi-Kazar
fd2c86d36e
chore(deps): update etcd
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-06-07 10:58:51 +02:00
dependabot[bot]
6c8c336e9a
Merge pull request #2160 from dexidp/dependabot/go_modules/gopkg.in/square/go-jose.v2-2.6.0 2021-06-07 08:45:41 +00:00
dependabot[bot]
753cff1764
Merge pull request #2154 from dexidp/dependabot/docker/golang-1.16.5-alpine3.13 2021-06-07 08:00:32 +00:00
dependabot[bot]
aece0ce873
build(deps): bump gopkg.in/square/go-jose.v2 from 2.5.1 to 2.6.0
Bumps [gopkg.in/square/go-jose.v2](https://github.com/square/go-jose) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/square/go-jose/releases)
- [Commits](https://github.com/square/go-jose/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: gopkg.in/square/go-jose.v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-07 07:14:50 +00:00
dependabot[bot]
245a46e743
build(deps): bump golang from 1.16.4-alpine3.13 to 1.16.5-alpine3.13
Bumps golang from 1.16.4-alpine3.13 to 1.16.5-alpine3.13.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-04 06:42:17 +00:00
Márk Sági-Kazár
f45a89f6b3
Merge pull request #2152 from flant/web-sprig-templates
Add sprigs v3 functions to web templates
2021-06-02 13:37:13 +02:00
m.nabokikh
21a01ee811 Add sprig v3 functions to web templates
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-02 11:11:45 +04:00
Maksim Nabokikh
93ded5c406
Merge pull request #2091 from flant/kubernetes-tests-kind
chore: test Kubernetes storage with KinD
2021-06-02 11:10:34 +04:00
m.nabokikh
97591861b2 Cleanup Makefile
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-02 10:33:54 +04:00
m.nabokikh
00950eedd6 Bump kind version and change kubeconfig tmp dir
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-01 21:57:19 +04:00
m.nabokikh
bc5371e730 Add make file commands for kind
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-01 19:44:49 +04:00
m.nabokikh
5a48d8a82d chore: test Kubernetes storage with KinD
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-06-01 19:44:31 +04:00
Márk Sági-Kazár
6384af06e4
Update bug_report.md 2021-05-30 18:27:14 +02:00
Márk Sági-Kazár
cdcf7a4694
Update PULL_REQUEST_TEMPLATE.md 2021-05-30 04:00:44 +02:00
Maksim Nabokikh
5d996661ea
Merge pull request #2144 from flant/bump-linter-version
Bump golag-ci lint version to 1.40.1
2021-05-27 21:50:23 +04:00
m.nabokikh
4b54433ec2 Bump golag-ci lint version to 1.40.1
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-27 19:27:06 +04:00
Márk Sági-Kazár
95941506f5
Merge pull request #2142 from dexidp/update-etcd
chore(deps): update etcd
2021-05-26 17:59:26 +02:00
Mark Sagi-Kazar
8dbd0c6536
chore(deps): update etcd
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 17:11:04 +02:00
Márk Sági-Kazár
aef61cea8d
Merge pull request #2141 from dexidp/update-gosundheit
Update gosundheit
2021-05-26 17:05:40 +02:00
Mark Sagi-Kazar
0bef10ef80
chore(deps): update gosundheit
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 14:50:35 +02:00
Márk Sági-Kazár
5451188e29
Merge pull request #2124 from dexidp/update-etcd
Update etcd to 3.5.0-beta.3
2021-05-26 13:38:40 +02:00
Mark Sagi-Kazar
ca02fc16bd
chore(deps): update etcd
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2021-05-26 13:16:05 +02:00
m.nabokikh
dea1d3383c Deprecation warning log message
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-24 19:40:28 +04:00
m.nabokikh
13a83d9bba chore: warning about deprecated LDAP groupSearch fields
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-24 19:08:13 +04:00
Alastair Houghton
cd0c24ec4d fix: add an extra endpoint to avoid refresh generating AuthRequests.
By adding an extra endpoint and a redirect, we can avoid a situation
where it's trivially easy to generate a large number of AuthRequests
by hitting F5/refresh in the browser.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:42:52 +01:00
Alastair Houghton
030a6459d6 fix: reinstate TestHandleAuthCode.
Reinstating this test as it shouldn't have been removed.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:30 +01:00
Alastair Houghton
88025b3d7c fix: remove some additional dependencies.
Accidentally added some of these back during merge.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:30 +01:00
Alastair Houghton
0284a4c3c9 fix: back link on password page needs to be explicit.
The back link on the password page was using Javascript to tell the
browser to navigate back, which won't work if the user has entered a
set of incorrect log-in details.  Fix this by using an explicit URL
instead.

Fixes #1851

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:30 +01:00
Alastair Houghton
cdbb5dd94d fix: defer creation of auth request.
Rather than creating the auth request when the user hits /auth, pass
the arguments through to /auth/{connector} and have the auth request
created there.  This prevents a database error when using the "Select
another login method" link, and also avoids a few other error cases.

Fixes #1849, #646.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:24:23 +01:00
dependabot[bot]
4a874cce89
Merge pull request #2130 from dexidp/dependabot/go_modules/google.golang.org/grpc-1.38.0 2021-05-20 12:35:09 +00:00
dependabot[bot]
461c5f687d
build(deps): bump google.golang.org/grpc from 1.37.0 to 1.38.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.0...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-20 12:14:11 +00:00
dependabot[bot]
4e4dad023c
Merge pull request #2131 from dexidp/dependabot/go_modules/google.golang.org/api-0.47.0 2021-05-20 12:08:43 +00:00
dependabot[bot]
1220017f6c
build(deps): bump google.golang.org/api from 0.46.0 to 0.47.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.46.0 to 0.47.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.46.0...v0.47.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-20 06:20:51 +00:00
Maksim Nabokikh
20875c972e
Discard package "version" (#2107)
* Discard package "version"

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Inject api version

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

* Pass version arg to the dex API

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-18 00:55:24 +02:00
dependabot[bot]
47d029a51b
Merge pull request #2110 from dexidp/dependabot/docker/golang-1.16.4-alpine3.13 2021-05-17 15:47:59 +00:00
Márk Sági-Kazár
18d1f70cee
Merge pull request #1861 from concourse/pr/bcrypt-for-client-secret-sync
Use constant time comparison for client secret verification
2021-05-17 17:27:42 +02:00
Rui Yang
fe8085b886 remove client secret encryption option
constant time compare for client secret verification will be kept

Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-05-17 10:16:50 -04:00
dependabot[bot]
283dd89f4d
Merge pull request #2123 from dexidp/dependabot/go_modules/github.com/lib/pq-1.10.2 2021-05-17 07:41:26 +00:00
dependabot[bot]
c65652ed8f
build(deps): bump github.com/lib/pq from 1.10.1 to 1.10.2
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.2)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-17 07:11:13 +00:00
m.nabokikh
49adc4e5bb Fix ent-based postgres storage tests
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-15 09:06:44 +04:00
m.nabokikh
19884d92ac feat: Add ent-based postgres storage
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
2021-05-14 23:19:59 +04:00
Rui Yang
ecea593ddd fix a bug in hash comparison function
the client secret coming in should be hashed and the one in storage
is the one in plaintext

Signed-off-by: Rui Yang <ruiya@vmware.com>
2021-05-14 13:32:27 -04:00
dependabot[bot]
47bdbdb1a2
build(deps): bump golang from 1.16.3-alpine3.13 to 1.16.4-alpine3.13
Bumps golang from 1.16.3-alpine3.13 to 1.16.4-alpine3.13.

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-07 06:46:19 +00:00