Eric Chiang
ede6300a84
*: by default, have dex listen at a non-root url
2016-07-25 16:03:25 -07:00
Eric Chiang
854b767273
*: update handlers to include issuer url in path
2016-07-25 16:03:25 -07:00
Eric Chiang
1e0ee1e435
Merge pull request #522 from ericchiang/fix-connector-handlers
...
connector: fix path that connectors listen on
2016-07-25 15:08:50 -07:00
Eric Chiang
8216a3d992
connector: fix path that connectors listen on
...
When Dex uses a non-root issuer URL, it current assumes that all
path prefixes will be trimmed by an upstream proxy (e.g. nginx).
This means that all paths rendered in HTML will be absolute to the
prefix, but the handlers still listen at the root.
Connectors are currently the only component that registers at a
non-root URL. Make this conform with the rest of Dex by having the
server determine the path the connector listens as rather than the
connector itself.
2016-07-25 14:32:24 -07:00
Eric Chiang
216d26913f
Merge pull request #520 from squat/add-absolute-path-to-templates
...
backend: add absolute path to template links
2016-07-22 15:51:25 -07:00
Lucas Serven
0cc0c73676
backend: add absolute path to template links
...
fixes : #502
Add a new template function called `absPath` that converts relative
paths to absolute paths based on the issuerURL. The template function
can be used in templates like:
````html
<a href="{{ .MyRelativePath | absPath }}">
````
2016-07-22 15:41:16 -07:00
Eric Chiang
1759b9602f
Merge pull request #517 from squat/change-flag-defaults-for-dev-mode
...
cmd: update flag defaults for dev mode
2016-07-21 13:12:41 -07:00
Lucas Serven
a9dce1c11e
cmd: update flag defaults for dev mode
...
Updates flags in dex-worker for no-db mode to work with default static
files.
2016-07-21 11:43:16 -07:00
Eric Chiang
33010e22c4
Merge pull request #487 from ericchiang/unify-email-config
...
*: depricate --email-from flag and move to email config files
2016-07-19 15:12:35 -07:00
Eric Chiang
edb010caa3
Merge pull request #510 from ericchiang/add-groups-scope-and-ldap-implementation
...
Add groups scope and LDAP implementation
2016-07-19 11:46:11 -07:00
Eric Chiang
607d9920d8
Documentation: document "groups" scope and LDAP implementation
2016-07-19 11:23:05 -07:00
Eric Chiang
a741bb5711
examples/app: add facilities for requesting groups
2016-07-19 11:23:04 -07:00
Eric Chiang
b02a3a3163
*: add "groups" scope
2016-07-19 11:23:04 -07:00
Eric Chiang
731dadb29d
connector: add a group interface and an LDAP implementation
2016-07-19 11:23:04 -07:00
Eric Chiang
af6aade6d0
Merge pull request #508 from ericchiang/remove-erroneous-logging-statement
...
connector: remove erroneous logging statement
2016-07-12 10:41:17 -07:00
Eric Chiang
0e6adc24d8
connector: remove erroneous logging statement
2016-07-11 10:20:41 -07:00
Eric Chiang
7378414e11
smtp: make "auth" and "port" config fields optional
...
Use "plain" auth if and only if username and password are provided.
Parse port from "host" field if it's provided.
2016-07-11 10:08:28 -07:00
Eric Chiang
f816cfb187
Merge pull request #499 from samueldg/fix_docs_typos
...
docs: fix various typos & Markdown lint issues
2016-06-30 15:48:26 -07:00
Eric Chiang
84f36b1697
Merge pull request #501 from ericchiang/clean-up-release-documentation
...
Documentation: clean up release documentation
2016-06-30 15:45:03 -07:00
Samuel Dion-Girardeau
e22829c922
docs: fix various typos & Markdown lint issues
2016-06-30 18:39:16 -04:00
Eric Chiang
b263976c08
Documentation: clean up release documentation
2016-06-30 15:34:06 -07:00
Eric Chiang
7bc69644ec
Merge pull request #497 from alon-argus/patch-1
...
Documentation: minor fix
2016-06-29 08:44:59 -07:00
alon-argus
351ea2b60d
Documentation: minor fix
2016-06-29 18:20:10 +03:00
Eric Chiang
123ececd10
Merge pull request #496 from ericchiang/return-409-for-duplicate-client-ids
...
return 409 for duplicate client ids
2016-06-28 16:29:25 -07:00
Eric Chiang
f899cbaea8
return 409 for duplicate client ids
2016-06-28 16:09:20 -07:00
Eric Chiang
b5d2b7eba5
Merge pull request #483 from ericchiang/ldap-groups
...
Clean up LDAP Connector
2016-06-28 16:06:14 -07:00
Eric Chiang
5a78e89807
clean up LDAP connector
...
* Remove some unlikely to be used fields to help configurability.
* Combined "serverHost" and "serverPort" into "host"
* Remove "timeout" (just default to 30 seconds).
* Remove "maxIdleConn" will add it back if users feel the need
to control the number of cached connections.
* Remove "trustedEmailProvider" (just always trust).
* Remove "skipCertVerification" you can't make this connector
ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
2016-06-28 15:01:39 -07:00
Eric Chiang
c0eb36c14b
Merge pull request #494 from ericchiang/return-409-if-resource-is-already-created
...
return 409 status code on duplicate email errors
2016-06-28 14:14:05 -07:00
Eric Chiang
47ce264f08
return 409 status code on duplicate email errors
2016-06-28 13:52:28 -07:00
Eric Chiang
a95a2bfa1f
Merge pull request #493 from ericchiang/fix-build-docker
...
Fix docker-build script
2016-06-28 13:51:37 -07:00
Eric Chiang
2428e6f31a
fix build-docker script
2016-06-28 13:35:41 -07:00
Eric Chiang
5bfe0a1898
Merge pull request #490 from ericchiang/reduce-key-id-length
...
*: update go-oidc to shorten length of key IDs
2016-06-28 10:48:32 -07:00
Eric Chiang
f5a85e9764
*: update go-oidc to shorten length of key IDs
2016-06-28 10:37:03 -07:00
Eric Chiang
bdaded57b8
Merge pull request #488 from ericchiang/fix-missing-dependencies
...
*: update mailgun-go to remove dependency on deleted simplehttp pkg
2016-06-28 10:28:50 -07:00
Eric Chiang
9fe70514ab
revendor
2016-06-28 10:18:18 -07:00
Eric Chiang
abd36d637c
*: update mailgun-go to remove dependency on deleted simplehttp pkg
2016-06-28 10:16:27 -07:00
Eric Chiang
87faa5a1f7
*: depricate --email-from flag and move to email config files
2016-06-27 23:36:07 -07:00
Eric Chiang
1cc816097a
Merge pull request #486 from ericchiang/build-with-go-1-6
...
build with go 1.6 and actually push to quay
2016-06-27 16:41:11 -07:00
Eric Chiang
f25f882e07
build with go 1.6 and actually push to quay
2016-06-27 16:32:23 -07:00
Eric Chiang
e134d4d261
Merge pull request #484 from bobbyrullo/scope
...
scope: don't validate empty scopes
2016-06-24 09:58:51 -07:00
Bobby Rullo
c161c2e1c3
scope: don't validate empty scopes
...
If an empty scope is somehow passed along, it shouldn't be validated
when checking refresh token scope.
2016-06-24 08:31:59 -07:00
bobbyrullo
a7b860b9c2
Merge pull request #479 from bobbyrullo/specify_yer_client_creds
...
Allow specification of client_{id, secret} in admin api
2016-06-21 13:25:25 -07:00
Bobby Rullo
65ce2e5766
schema: update schema docs
2016-06-21 12:09:06 -07:00
Bobby Rullo
41740179af
client: admin API allows user defined creds
...
You can specify your own client ID and secret!
2016-06-21 12:09:06 -07:00
bobbyrullo
3b8d704c9c
Merge pull request #471 from bobbyrullo/native
...
Implement Public Clients
2016-06-20 17:03:39 -07:00
Bobby Rullo
095489d7c5
db: fix client migration test
2016-06-20 17:03:13 -07:00
Bobby Rullo
6d4336c3c8
examples: support OOB in example app.
2016-06-20 17:03:13 -07:00
Bobby Rullo
b80dbc8975
server: support out-of-band auth flow
...
When "urn:ietf:wg:oauth:2.0:oob" is used as a redirect URI, redirect to
an internal dex page where the user is shown the code and instructed to
paste it into their app.
2016-06-20 17:03:13 -07:00
Bobby Rullo
42cd59aef4
client: differentiate error vs. nil result
...
When calling manager.Authenticate, logs now show different error
messages.
2016-06-20 17:03:13 -07:00
Bobby Rullo
cdcf08066d
client, server: public client restrictions
...
* disallow ClientCreds for public clients
* clients can only redirect to localhost or OOB
2016-06-20 17:03:12 -07:00