mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Packages Projects Releases Wiki Activity
1031 commits 27 branches 73 tags 23 MiB
Commit graph

1031 commits

This branch
This branch
All branches
Author SHA1 Message Date
Nandor Kracser c1b421fa04 add preffered_username to idToken 
Signed-off-by: Nandor Kracser <bonifaido@gmail.com>
 2019-10-30 13:06:37 +01:00
Joel Speed 4bede5eb80
Merge pull request #1554 from yanniszark/feature-web-templates-use-relative-urls 
server: templates: use relative URLs to refer to assets
 2019-10-03 10:49:18 +01:00
Yannis Zarkadas 69d13b766d gitignore: add .idea folder 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas 59beb7425f web: change header template to use new url function 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas 27944d4f8f templates: add new relativeURL function 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Yannis Zarkadas 839130f01c handlers: change all handlers to pass down http request 
Signed-off-by: Yannis Zarkadas <yanniszark@arrikto.com>
 2019-10-02 17:08:06 +03:00
Stephan Renatus 8427f0f15c
Merge pull request #1543 from wassan128/fix-typo 
Fix typo
 2019-09-06 08:14:29 +02:00
wassan128 42e8619830 Fix typo 2019-09-06 09:55:09 +09:00
Stephan Renatus 3b7292a08f
Merge pull request #1520 from dexidp/gitlab-groups-scope 
gitlab: add groups scope by default when filtering is requested
 2019-09-04 12:21:57 +02:00
Joel Speed 179cce36ef
Merge pull request #1540 from stevendanna/ssd/cipher-suites 
Use a more conservative set of CipherSuites
 2019-09-02 11:36:43 +01:00
Steven Danna 46f48b33a1
Use a more conservative set of CipherSuites 
The default cipher suites used by Go include a number of ciphers that
have known weaknesses. In addition to leaving users open to these
weaknesses, the inclusion of these weaker ciphers causes problems with
various automated scanning tools.

This PR disables the CBC-mode, RC4, and 3DES ciphers included in the
Go standard library by passing an explicit cipher suite list.

The ciphers included here are more line with those recommended by
Mozilla for "Intermediate" compatibility. [0]

*Performance Implications*

The Go standard library does capability-based cipher ordering,
preferring AES ciphers if the underlying hardware has AES specific
instructions. [1] Since all of the relevant code is internal modules,
to do the same thing ourselves would require duplicating that
code. Here, I've placed AES based ciphers first.

*Compatibility Implications*

This does reduce the number of clients who will be able to communicate
with dex.

[0] https://ssl-config.mozilla.org/#server=nginx&server-version=1.17.0&config=intermediate&hsts=false&ocsp=false
[1] a8c2e5c6ad/src/crypto/tls/common.go (L1091)

Signed-off-by: Steven Danna <steve@chef.io>
 2019-08-31 17:34:55 +01:00
Stephan Renatus c854e760db
Merge pull request #1539 from erwinvaneyk/replace-context-import 
Replace x/net/context with stdlib context
 2019-08-31 17:52:18 +02:00
erwinvaneyk 3e2217b3f4 Replace x/net/context with context of stdlib 2019-08-30 11:52:46 +02:00
Stephan Renatus 4f3ab1efb7
Merge pull request #1534 from jthabet/master 
Pydio Cells adopters list
 2019-08-29 16:25:45 +02:00
Stephan Renatus 15ec95bca9
Merge pull request #1521 from erwinvaneyk/patch-1 
Clarify the origin of the ca file in the Kubernetes guide
 2019-08-29 16:24:48 +02:00
Erwin van Eyk 5c99525ed3 Clarify the origin of openid-ca 2019-08-29 16:15:00 +02:00
j a48f73f14a Pydio Cells adopters list 2019-08-28 16:20:37 +02:00
Stephan Renatus 133c2565be
Merge pull request #1530 from dexidp/ldap-error 
connector/ldap: display login error
 2019-08-23 12:32:23 +02:00
Stephan Renatus 1f31d1889a
Merge pull request #1529 from dkuerner/golang-update 
Dockerfile: build with golang 1.12.9
 2019-08-22 16:31:47 +02:00
Nandor Kracser bd61535cb6 connector/ldap: display login error 2019-08-22 15:55:05 +02:00
Daniel Kürner 2dccdc2a1a Dockerfile: build with golang 1.12.9 2019-08-22 08:40:31 +02:00
Joel Speed ab08d7b3a4
Merge pull request #1517 from venezia/iss-1513 
storage/kubernetes: Removing Kubernetes TPR support
 2019-08-14 14:45:12 +01:00
Michael Venezia 395febf808
storage/kubernetes: Removing Kubernetes TPR support 
Third Party Resources (TPR) have been removed from Kubernetes for
roughly 2 years.  This commit removes the support dex had for them.

Documentation has been updated to reflect this and to instruct users
on how to migrate from TPR-powered dex environment to a Custom Resource
Defintion (CRD) based one that dex > v2.17 will support
 2019-08-14 09:28:18 -04:00
Nandor Kracser ef08ad8317 gitlab: add groups scope by default when filtering is requested 2019-08-14 13:33:46 +02:00
Stephan Renatus aeb2861a40
Merge pull request #1519 from dexidp/sr/bump-deps-for-http2-issues 
bump deps for http2 issues

https://github.com/grpc/grpc-go/releases/tag/v1.23.0

https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA
 2019-08-14 11:33:54 +02:00
Stephan Renatus 6e5a2b5ea1
deps: bump go-grpc (1.22.1 -> 1.23.0) 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-08-14 10:27:17 +02:00
Stephan Renatus 27b8426704
Dockerfile: build with golang 1.12.8 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-08-14 10:24:17 +02:00
Stephan Renatus d328a5ebaa
Merge pull request #1516 from tpdownes/doc/oauth2_config 
Add examples for recent additions to oauth2 configuration options
 2019-08-13 10:24:10 +02:00
Tom Downes 963b8e992d
Add examples for recent additions to oauth2 configuration options 2019-08-09 11:58:37 -05:00
Stephan Renatus d9f6ab4a68
Merge pull request #1512 from venezia/add_reflection 
Add reflection to gRPC API (configurable)
 2019-08-07 13:56:33 +02:00
Michael Venezia 430357b14e
vendor: revendor 2019-08-07 07:38:09 -04:00
Michael Venezia b65966d744
cmd/dex: adding reflection to grpc api, enabled through configuration 2019-08-07 07:37:39 -04:00
Stephan Renatus e1afe771cb
Merge pull request #1505 from MarcDufresne/show-login-page 
Add option to always display connector selection even if there's only one
 2019-08-07 09:23:42 +02:00
Stephan Renatus 89e43c198b
Merge pull request #1504 from MarcDufresne/template-custom-data 
Allow arbitrary data to be passed to templates
 2019-08-07 09:19:14 +02:00
Marc-André Dufresne 0dbb642f2c
Add option to always display connector selection even if there's only one 2019-08-06 13:18:46 -04:00
Marc-André Dufresne d458e882aa
Allow arbitrary data to be passed to templates 2019-08-06 13:14:53 -04:00
Stephan Renatus bc02006b45
Merge pull request #1510 from momokatte/test-invalid-callbacks 
Add tests for some callback handler error conditions
 2019-08-06 09:58:40 +02:00
Mike O 43d1a044bd Add tests for some callback handler error conditions 2019-08-05 16:02:28 -07:00
Nándor István Krácser 526e078366
Merge pull request #1509 from venezia/fix-go-lint-v2 
Adjusting Makefile so that `golint` will compile
 2019-08-03 13:56:20 +02:00
Michael Venezia c54ddc460d
Adjusting Makefile so that golint will compile 2019-08-02 17:34:25 -04:00
Stephan Renatus d36e6c26ee
Merge pull request #1490 from momokatte/master 
Return HTTP 400 for invalid state parameter
 2019-08-02 09:12:40 +02:00
Mike O d03a43335e Return HTTP 400 for invalid state parameter 2019-08-01 16:22:53 -07:00
Stephan Renatus 6ae11a1cfe
Merge pull request #1501 from dexidp/sr/bump-all-deps 
update all deps
 2019-07-31 09:01:39 +02:00
Stephan Renatus 291cd9e01c
regenerate protobuf code 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-31 08:16:18 +02:00
Stephan Renatus ea7fd6d470
cmd/dex: adapt to prometheus API change 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-31 08:09:58 +02:00
Stephan Renatus 076cd77469
run 'go get -u; make revendor' 
Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-31 08:09:38 +02:00
Stephan Renatus 7c1b4b3005
Merge pull request #1502 from dexidp/sr/fix-log-formatting-in-VerifyPassword-grpc 
server/api: fix logging in VerifyPassword
 2019-07-30 15:06:48 +02:00
Stephan Renatus 231e571c3c
server/api: fix logging in VerifyPassword 
Before:

    msg="api: password check failed : %vcrypto/bcrypt: hashedPassword is not the hash of the given password"

After:

    msg="api: password check failed : crypto/bcrypt: hashedPassword is not the hash of the given password"

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-30 14:53:33 +02:00
Stephan Renatus 128d5da89e
Merge pull request #1500 from dexidp/sr/fix-some-lint-issues 
*: fix some lint issues
 2019-07-30 11:41:27 +02:00
Stephan Renatus d9487e553b
*: fix some lint issues 
Mostly gathered these using golangci-lint's deadcode and ineffassign
linters.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2019-07-30 11:29:08 +02:00