mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Packages Projects Releases Wiki Activity
1081 commits 27 branches 73 tags 23 MiB
Commit graph

1081 commits

This branch
This branch
All branches
Author SHA1 Message Date
Joel Speed e2ddefff31
Merge pull request #1439 from sks/feature/fail_on_invalid_config 
Return config validation errors in one go
 2019-07-30 11:00:17 +02:00
Nándor István Krácser 72f5596671
Merge pull request #1498 from mkontani/fix/mysql-query-sample 
Doc/storage.md: fix mysql sample query
 2019-07-29 21:19:41 +02:00
mkontani c067761df6 fix mysql sample query 2019-07-30 03:49:53 +09:00
Nándor István Krácser 0aee5be625
Merge pull request #1497 from dexidp/gitlab-username-as-id 
connector/gitlab: implement useLoginAsID as in GitHub connector
 2019-07-28 19:56:16 +02:00
Nandor Kracser ff34e570b4 connector/gitlab: implement useLoginAsID as in GitHub connector 2019-07-28 19:49:49 +02:00
Stephan Renatus 6e98c04f9b
Merge pull request #1446 from maksd/microsoft-groups-uuid-whitelist 
microsoft: option for group UUIDs instead of name and group whitelist
 2019-07-25 16:21:48 +02:00
Stephan Renatus fd53c0a3bb
Merge pull request #1496 from srenatus/sr/add-connector-id-to-example-app 
add connector_id to example app
 2019-07-25 16:21:28 +02:00
Maxime Desrosiers 458585008b
microsoft: option for group UUIDs instead of name and group whitelist 2019-07-25 09:14:33 -04:00
Stephan Renatus 8561a66365
server/{handler,oauth2}: cleanup error returns 
Now, we'll return a standard error, and have the caller act upon this
being an instance of authErr.

Also changes the storage.AuthRequest return to a pointer, and returns
nil in error cases.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-25 13:40:06 +02:00
Stephan Renatus d7c7d42466
cmd/example-app: check all errors, pass claims as string to renderToken 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-24 12:26:51 +02:00
Stephan Renatus c4e0587df1
cmd/example-app: expose connector_id 
As a piece of "living documentation" for #1481.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-24 12:17:14 +02:00
Joel Speed 20a858da3b
Merge pull request #1495 from pbochynski/patch-1 
Update ADOPTERS.md
 2019-07-24 08:51:10 +01:00
Piotr 74023ba9ad
Update ADOPTERS.md 
Add Kyma project as an adopter.
 2019-07-24 08:50:49 +02:00
Stephan Renatus 9c211132b2
Merge pull request #1494 from tanmaykm/patch-1 
Update Adopters.md
 2019-07-24 08:27:51 +02:00
Tanmay Mohapatra 56f8e60545 Update Adopters.md 
Adding JuliaBox to the list of production adopters of Dex.
 2019-07-23 22:48:29 -04:00
Sabith K Soopy 6769a3b18e Errors should not start with caps 
- https://github.com/dexidp/dex/pull/1264#discussion_r253264017

Signed-off-by: Sabith <sabithksme@gmail.com>
 2019-07-23 08:17:06 -07:00
Sabith K Soopy 6ccb96ff74 Add some test to validate the configuration 2019-07-23 08:16:16 -07:00
Stephan Renatus e3203382fc
Merge pull request #1493 from srenatus/sr/adopters 
ADOPTERS: replace Documentation/production-users.md, add Chef
 2019-07-23 17:08:11 +02:00
Stephan Renatus 7409d16541
ADOPTERS: add pusher 
Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>
 2019-07-23 16:58:26 +02:00
Stephan Renatus bc27a617c5
Merge pull request #1485 from bonifaido/mysql-storage 
MySQL storage - Take 2
 2019-07-23 15:25:15 +02:00
Stephan Renatus b8cdc88803
Merge pull request #1492 from srenatus/sr/add-bonifaido-to-maintainers 
MAINTAINERS: add @bonifaido
 2019-07-23 15:03:43 +02:00
Nandor Kracser a572ad8fec storage/sql: rework of the original MySQL PR 2019-07-23 14:27:10 +02:00
Pavel Borzenkov e53bdfabb9 storage/sql: initial MySQL storage implementation 
It will be shared by both Postgres and MySQL configs.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
 2019-07-23 14:26:21 +02:00
Stephan Renatus 447f24a81b
ADOPTERS: replace Documentation/production-users.md, add Chef 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-23 14:01:17 +02:00
Stephan Renatus af81297d4e
MAINTAINERS: add @bonifaido 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-23 13:03:18 +02:00
Stephan Renatus 421c26fdf5
Merge pull request #1481 from LanceH/master 
Added "connector_id" to skip straight to a connector (similar to when len(connector) is 1.
 2019-07-23 11:31:25 +02:00
LanceH 07a77e0dac Use connector_id param to skip directly to a specific connector 2019-07-22 10:47:11 -05:00
Stephan Renatus 6379403a68
Merge pull request #1486 from AlbanSeurat/tc/add-verify-password-api 
Add VerifyPassword to API
 2019-07-22 10:29:43 +02:00
Tyler Cloke dd84e73c0e Add VerifyPassword to API 
It takes in an email and plain text password to verify. If it fails to find a password stored for email, it returns not_found. If it finds the password hash stored but that hash doesn't match the password passed via the API, it returns verified = false, else it returns verified = true.

Co-authored-by: Alban Seurat <alban.seurat@me.com>
 2019-07-22 10:23:07 +02:00
Stephan Renatus 92920c86ea
Merge pull request #1480 from srenatus/sr/deduplicate-filter-groups 
connectors: refactor filter code into a helper package
 2019-07-08 10:29:01 +02:00
Stephan Renatus 10611f3156
deps: revendor (github.com/stretchr/testify) 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-03 13:30:59 +02:00
Stephan Renatus 51f50fcad8
connectors: refactor filter code into a helper package 
I hope I didn't miss any :D

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-03 13:09:40 +02:00
Eric Chiang 39dc5dcfb7
Merge pull request #1478 from ericchiang/maintainers 
MAINTAINERS: remove ericchiang@
 2019-07-02 09:10:50 -07:00
Eric Chiang 645a441527 MAINTAINERS: remove ericchiang@ 
I haven't had time to contribute to dex recently and it's been over a
year since I've worked on Kubernetes. Going to make this official and
remove myself from the MAINTAINERS list. I'll still be around if you
need to know why any of the code is so crazy :)
 2019-07-02 07:32:05 -07:00
Stephan Renatus 8b4dbb9fe7
Merge pull request #1473 from alindeman/add-user-endpoint 
Add UserInfo endpoint
 2019-07-02 09:26:26 +02:00
Andy Lindeman 5b66bf05c8 Fixed shadowed variable declaration 2019-06-27 19:12:18 -04:00
Andy Lindeman 59b6595c37 userinfo_endpoint is required 2019-06-25 12:17:03 -04:00
Andy Lindeman 8959dc4275 ctx is not used 2019-06-24 09:43:12 -04:00
Andy Lindeman 21174c06a1 Remove comment 
We have a story around user info now
 2019-06-24 09:42:46 -04:00
Andy Lindeman 840065faaf Assert something about the returned userinfo 2019-06-24 09:39:54 -04:00
Andy Lindeman 46f5726d11 Use oidc.Verifier to verify tokens 2019-06-22 13:18:35 -04:00
Andy Lindeman 157c359f3e Bump go-oidc to latest v2 2019-06-20 12:27:47 -04:00
mdbraber 3dd1bac821 Fix comments 2019-06-05 22:14:31 +02:00
Maarten den Braber 74f4e749b9 Formatting 2019-06-05 22:14:31 +02:00
Maarten den Braber d7750b1e26 Fix changes 2019-06-05 22:14:31 +02:00
Maarten den Braber a8d059a237 Add userinfo endpoint 
Co-authored-by: Yuxing Li <360983+jackielii@users.noreply.github.com>
Co-authored-by: Francisco Santiago <1737357+fjbsantiago@users.noreply.github.com>
 2019-06-05 22:11:21 +02:00
Stephan Renatus d6fad19d95
Merge pull request #1459 from flarno11/master 
make userName configurable
 2019-06-04 09:47:19 +02:00
Stephan Renatus c19ada3236
Merge pull request #1460 from tanmaykm/tan/linkedin 
Update LinkedIn connector to use v2 APIs

This updates LinkedIn connector to use the more recent v2 APIs. Necessary because v1 APIs are not able to retrieve email ids any more with the default permissions.

The API URLs are now different. Fetching the email address is now a separate call, made after fetching the profile details. The r_basicprofile permission is not needed any more, and r_liteprofile (which seems to be the one assigned by default) is sufficient.

The relevant API specifications are at:

    https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
    https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/primary-contact-api
    https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq#how-do-i-retrieve-the-members-email-address
 2019-06-03 19:35:55 +02:00
tan 8613c78863 update LinkedIn connector to use v2 APIs 
This updates LinkedIn connector to use the more recent v2 APIs. Necessary because v1 APIs are not able to retrieve email ids any more with the default permissions.

The API URLs are now different. Fetching the email address is now a separate call, made after fetching the profile details. The `r_basicprofile` permission is not needed any more, and `r_liteprofile` (which seems to be the one assigned by default) is sufficient.

The relevant API specifications are at:
- https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
- https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/primary-contact-api
- https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq#how-do-i-retrieve-the-members-email-address
 2019-06-03 22:59:37 +05:30
flarno11 8c1716d356 make userName configurable 2019-06-03 14:09:07 +02:00