Eric Chiang
b263976c08
Documentation: clean up release documentation
2016-06-30 15:34:06 -07:00
Eric Chiang
7bc69644ec
Merge pull request #497 from alon-argus/patch-1
...
Documentation: minor fix
2016-06-29 08:44:59 -07:00
alon-argus
351ea2b60d
Documentation: minor fix
2016-06-29 18:20:10 +03:00
Eric Chiang
123ececd10
Merge pull request #496 from ericchiang/return-409-for-duplicate-client-ids
...
return 409 for duplicate client ids
2016-06-28 16:29:25 -07:00
Eric Chiang
f899cbaea8
return 409 for duplicate client ids
2016-06-28 16:09:20 -07:00
Eric Chiang
b5d2b7eba5
Merge pull request #483 from ericchiang/ldap-groups
...
Clean up LDAP Connector
2016-06-28 16:06:14 -07:00
Eric Chiang
5a78e89807
clean up LDAP connector
...
* Remove some unlikely to be used fields to help configurability.
* Combined "serverHost" and "serverPort" into "host"
* Remove "timeout" (just default to 30 seconds).
* Remove "maxIdleConn" will add it back if users feel the need
to control the number of cached connections.
* Remove "trustedEmailProvider" (just always trust).
* Remove "skipCertVerification" you can't make this connector
ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
2016-06-28 15:01:39 -07:00
Eric Chiang
c0eb36c14b
Merge pull request #494 from ericchiang/return-409-if-resource-is-already-created
...
return 409 status code on duplicate email errors
2016-06-28 14:14:05 -07:00
Eric Chiang
47ce264f08
return 409 status code on duplicate email errors
2016-06-28 13:52:28 -07:00
Eric Chiang
a95a2bfa1f
Merge pull request #493 from ericchiang/fix-build-docker
...
Fix docker-build script
2016-06-28 13:51:37 -07:00
Eric Chiang
2428e6f31a
fix build-docker script
2016-06-28 13:35:41 -07:00
Eric Chiang
5bfe0a1898
Merge pull request #490 from ericchiang/reduce-key-id-length
...
*: update go-oidc to shorten length of key IDs
2016-06-28 10:48:32 -07:00
Eric Chiang
f5a85e9764
*: update go-oidc to shorten length of key IDs
2016-06-28 10:37:03 -07:00
Eric Chiang
bdaded57b8
Merge pull request #488 from ericchiang/fix-missing-dependencies
...
*: update mailgun-go to remove dependency on deleted simplehttp pkg
2016-06-28 10:28:50 -07:00
Eric Chiang
9fe70514ab
revendor
2016-06-28 10:18:18 -07:00
Eric Chiang
abd36d637c
*: update mailgun-go to remove dependency on deleted simplehttp pkg
2016-06-28 10:16:27 -07:00
Eric Chiang
87faa5a1f7
*: depricate --email-from flag and move to email config files
2016-06-27 23:36:07 -07:00
Eric Chiang
1cc816097a
Merge pull request #486 from ericchiang/build-with-go-1-6
...
build with go 1.6 and actually push to quay
2016-06-27 16:41:11 -07:00
Eric Chiang
f25f882e07
build with go 1.6 and actually push to quay
2016-06-27 16:32:23 -07:00
Eric Chiang
e134d4d261
Merge pull request #484 from bobbyrullo/scope
...
scope: don't validate empty scopes
2016-06-24 09:58:51 -07:00
Bobby Rullo
c161c2e1c3
scope: don't validate empty scopes
...
If an empty scope is somehow passed along, it shouldn't be validated
when checking refresh token scope.
2016-06-24 08:31:59 -07:00
bobbyrullo
a7b860b9c2
Merge pull request #479 from bobbyrullo/specify_yer_client_creds
...
Allow specification of client_{id, secret} in admin api
2016-06-21 13:25:25 -07:00
Bobby Rullo
65ce2e5766
schema: update schema docs
2016-06-21 12:09:06 -07:00
Bobby Rullo
41740179af
client: admin API allows user defined creds
...
You can specify your own client ID and secret!
2016-06-21 12:09:06 -07:00
bobbyrullo
3b8d704c9c
Merge pull request #471 from bobbyrullo/native
...
Implement Public Clients
2016-06-20 17:03:39 -07:00
Bobby Rullo
095489d7c5
db: fix client migration test
2016-06-20 17:03:13 -07:00
Bobby Rullo
6d4336c3c8
examples: support OOB in example app.
2016-06-20 17:03:13 -07:00
Bobby Rullo
b80dbc8975
server: support out-of-band auth flow
...
When "urn:ietf:wg:oauth:2.0:oob" is used as a redirect URI, redirect to
an internal dex page where the user is shown the code and instructed to
paste it into their app.
2016-06-20 17:03:13 -07:00
Bobby Rullo
42cd59aef4
client: differentiate error vs. nil result
...
When calling manager.Authenticate, logs now show different error
messages.
2016-06-20 17:03:13 -07:00
Bobby Rullo
cdcf08066d
client, server: public client restrictions
...
* disallow ClientCreds for public clients
* clients can only redirect to localhost or OOB
2016-06-20 17:03:12 -07:00
Bobby Rullo
4f85f3a479
server: change ClientMetadata -> Client
...
Metadata is not enough these days - we're going to need access to the
Public field as well.
2016-06-20 17:03:12 -07:00
Bobby Rullo
c0668997ae
admin: create public clients with admin api
2016-06-20 17:03:12 -07:00
Bobby Rullo
ff933812f5
schema: add public clients to schema
...
and update docs
2016-06-20 17:03:12 -07:00
Bobby Rullo
61d3e5659e
Documentation
...
* Start Documentation
2016-06-20 17:03:12 -07:00
Bobby Rullo
3ec692297b
client: Manager.New deals with public clients
...
* validation of client moved into its own method and tested
* public clients have different validation - must have no redirect URIs
and must have a clientName set
2016-06-20 17:03:12 -07:00
Bobby Rullo
09e889e7bc
client: add public client to data model
2016-06-20 11:27:47 -07:00
Eric Chiang
a530cc8d7c
Merge pull request #472 from ericchiang/revert-github-issue-templates
...
Revert "Use Github templates for issues/proposals"
2016-06-20 09:51:00 -07:00
Eric Chiang
494be28325
Revert "Use Github templates for issues/proposals"
...
The proposal templates was not intended to be show for every issue,
only for proposal. Revert that issue template and add more general
one in a follow up commit.
This reverts commit 09cb38577f
.
2016-06-20 09:40:01 -07:00
Eric Chiang
e92b6a5908
Merge pull request #463 from ericchiang/register-on-first-login
...
*: add --enable-automatic-registration flag to worker
2016-06-17 16:41:21 -07:00
Eric Chiang
35cab93c0a
*: add --enable-automatic-registration flag to worker
...
For remote connectors, allow users to skip registration.
2016-06-17 16:29:56 -07:00
bobbyrullo
ce7214657c
Merge pull request #468 from bobbyrullo/remove_apis
...
Remove old client_resource api
2016-06-15 15:28:30 -07:00
Bobby Rullo
c9c33befb5
adminschema: fix test
...
go 1.5.4 accepts just about anything as a URL, so instead just trigger
with blank URL
2016-06-15 14:31:02 -07:00
Bobby Rullo
ce421a4dab
schema: gofmt the generated code.
2016-06-15 11:42:50 -07:00
Bobby Rullo
82c5c27048
schema: generator now gofmts everything.
2016-06-15 11:42:50 -07:00
Bobby Rullo
59dc4a9400
dexctl: remove api driver
...
API Driver is dead: This API turns out to not be super useful, requiring
an existing client to create other clients is weird.
Long live API Driver? Let's use Dynamic Client API and the bootstrap API
to create a better API Driver! LONG LIVE API DRIVER.
2016-06-15 11:42:50 -07:00
Bobby Rullo
8942a49702
server: remove client_resource api
...
...and dependent code.
2016-06-15 11:42:50 -07:00
Bobby Rullo
adb2ccf872
test: add schema/adminschema to tests
2016-06-15 11:42:50 -07:00
Bobby Rullo
104c9761c6
schema: remove clients API
...
The only thing using this AFAIK is dexctl in api_driver mode, which
no-one uses - it's a sort of weird API which requires a client to create
other clients, and gives all clients the ability to list all other
clients. So we are removing it.
2016-06-15 11:42:50 -07:00
bobbyrullo
b7e19b6e84
Merge pull request #465 from bobbyrullo/cross_client_refresh_tokens
...
Cross client refresh tokens
2016-06-14 14:15:04 -07:00
Bobby Rullo
75473b4cba
refresh tokens: grant claims based on scopes
...
Before, this logic was only in the OIDCServer.CodeToken() method; now it has been
pulled out so that other paths, like OIDCServer.RefreshToken() can use
it.
The net affect, is that now refresh tokens can be used to get
cross-client authenticated ID Tokens.
2016-06-14 14:14:36 -07:00