mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Packages Projects Releases Wiki Activity
866 commits 27 branches 73 tags 23 MiB
Commit graph

866 commits

This branch
This branch
All branches
Author SHA1 Message Date
Eric Chiang f4b6bf2ac3
Merge pull request #1123 from srenatus/sr/back-button-for-password-template 
show "back" link for password connectors
 2017-11-13 10:58:25 -08:00
rithu leena john bc01767212
Merge pull request #1124 from ericchiang/remove-milestones-link 
README.md: remove milestones link
 2017-11-13 09:48:42 -08:00
Stephan Renatus 41f663f70c show "back" link for password connectors 
This way, the user who has selected, say, "Log in with Email" can make up
their mind, and select a different connector instead.

However, if there's only one connector set up, none of this makes sense -- and
the link will thus not be displayed.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2017-11-13 08:39:59 +01:00
Eric Chiang b746ab4975 README.md: remove milestones link 2017-11-10 11:28:03 -08:00
Eric Chiang 75a07f2bfa
Merge pull request #1116 from srenatus/sr/local-users/say-email-in-login 
password connectors: make prompt configurable
 2017-11-10 11:25:02 -08:00
Stephan Renatus b09a13458f password connectors: allow overriding the username attribute (password prompt) 
This allows users of the LDAP connector to give users of Dex' login
prompt an idea of what they should enter for a username.

Before, irregardless of how the LDAP connector was set up, the prompt
was

    Username
    [_________________]

    Password
    [_________________]

Now, this is configurable, and can be used to say "MyCorp SSO Login" if
that's what it is.

If it's not configured, it will default to "Username".

For the passwordDB connector (local users), it is set to "Email
Address", since this is what it uses.

Signed-off-by: Stephan Renatus <srenatus@chef.io>
 2017-11-09 09:30:03 +01:00
Eric Chiang 04e276f2df
Merge pull request #1120 from ericchiang/update-maintainers 
*: update maintainers
 2017-11-08 15:46:31 -08:00
Eric Chiang df075d8bda *: update maintainers 2017-11-08 14:19:07 -08:00
Eric Chiang 97d395e351
Merge pull request #1119 from ericchiang/update-go-requirements 
*: Go 1.7 no longer supported and updated build image to 1.9
 2017-11-08 13:49:08 -08:00
Eric Chiang b58fba6753 *: Go 1.7 no longer supported and updated build image to 1.9 2017-11-08 13:33:01 -08:00
Eric Chiang ccf85a7269
Merge pull request #1108 from dqminh/etcd-storage 
Add etcd backed storage
 2017-11-06 08:36:43 -08:00
Daniel Dao e617197871 storage/etcd: document struct tag in code 
This explicitly adds struct tags for etcd storage instead of implicitly
depends on yaml/json config serialization.
 2017-11-06 14:46:18 +00:00
Daniel Dao a2188bebf1 add documentation for etcd storage 
This adds references to etcd storage, including:
- only supports etcd v3
- list of options and their meanings when connecting to etcd cluster
 2017-11-06 14:40:25 +00:00
Daniel Dao fc1c60ed8f add etcd to travis CI 
This patch uses docker to run an etcd container in travis CI so we can
run storage/etcd conformance tests.
 2017-11-06 14:23:25 +00:00
Eric Chiang e623bd626e
Merge pull request #1112 from ggreer/ldap-css 
Add tectonic-ldap matching rule to ldap icon.
 2017-11-03 11:27:27 -07:00
Geoff Greer 3dfc4b430e Add tectonic-ldap matching rule to ldap icon. Fixes an issue where the ldap icon was missing in the tectonic console. 2017-11-02 15:33:30 -07:00
rithu leena john 42ef8fd802
Merge pull request #1072 from ericchiang/k8s-test 
*: run kubernetes tests in travis
 2017-10-31 10:34:26 -07:00
Eric Chiang 3d2d92b31b *: run kubernetes tests in travis 2017-10-31 10:29:52 -07:00
Daniel Dao b410622885 vendor etcd dependencies for etcd storage 
This change vendors github.com/coreos/etcd related packages to support
etcd storage implementation.
 2017-10-31 14:43:13 +00:00
Daniel Dao ca114f7812 storage: add etcd storage 
This patch adds etcd storage implementation. This should be useful in
environments where
- we dont want to depends on a separate, hard to maintain SQL cluster
- we dont want to incur the overhead of talking to kubernetes apiservers
- kubernetes is not available yet, or if kubernetes depends on dex
to perform authentication and the operator would like to remove any
circular dependency if possible.
 2017-10-31 14:43:13 +00:00
rithu leena john 943e23cd54
Merge pull request #1109 from ericchiang/oidc-test 
connector/oidc: remove test that talks to the internet
 2017-10-30 11:18:18 -07:00
Eric Chiang 6475ce1f62 connector/oidc: remove test that talks to the internet 2017-10-27 13:40:50 -07:00
Eric Chiang e3b96243b5 Merge pull request #1101 from pborzenkov/linkedin 
connector: implement LinkedIn connector
 2017-10-27 08:56:58 -07:00
Daniel Dao 2b13bdd12d
storage: fix list connector test 
The previous test doesnt actually testing ListConnectors code. For
example the following pseudocode will pass the test:

```
ListConnectors() { return nil, nil }
```

Instead change to actually fetch and compare list of connectors,
ordering by name
 2017-10-27 15:26:05 +01:00
Pavel Borzenkov d5a9712aae Documentation: add LinkedIn connector documentation 
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
 2017-10-27 12:54:28 +03:00
Pavel Borzenkov 3b5df52c0f connector/linkedin: implement RefreshConnector interface 
Do Refresh() by querying user's profile data.

Since LinkedIn doesn't provide refresh tokens at all, and the access
tokens have 60 days expiration, refresh tokens issued by Dex will fail
to update after 60 days.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
 2017-10-27 12:54:28 +03:00
Pavel Borzenkov ab06119431 connector: implement LinkedIn connector 
connector/linkedin implements authorization strategy via LinkedIn's
OAuth2 endpoint + profile API.

It doesn't implement RefreshConnector as LinkedIn doesn't provide any
refresh token at all (https://developer.linkedin.com/docs/oauth2, Step 5
— Refresh your Access Tokens) and recommends ordinary AuthCode exchange
flow when token refresh is required.

Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
 2017-10-27 12:54:28 +03:00
Eric Chiang 3d65b774d6 Merge pull request #1103 from stapelberg/authproxy 
authproxy.md: strip X-Remote-User
 2017-10-26 14:29:43 -07:00
rithu leena john 13b4f84f79 Merge pull request #1104 from ericchiang/authproxy-tweaks 
authproxy: update docs and set a userID
 2017-10-26 13:19:13 -07:00
Michael Stapelberg 4931f30a80 authproxy.md: strip X-Remote-User 
follow-up for https://github.com/coreos/dex/pull/1100
 2017-10-26 20:13:37 +02:00
Eric Chiang d099145921 authproxy: update docs and set a userID 2017-10-26 10:47:16 -07:00
Eric Chiang 751c565e9d Merge pull request #1100 from stapelberg/external 
Implement the “external” connector (for Apache2 mod_auth etc.)
 2017-10-26 09:25:40 -07:00
Michael Stapelberg a41d93db4a Implement the “authproxy” connector (for Apache2 mod_auth etc.) 2017-10-25 21:53:51 +02:00
rithu leena john f3c85e6936 Merge pull request #1096 from ericchiang/ldap-insecure-skip-verify-test 
connector/ldap: add test for InsecureSkipVerify option
 2017-10-10 11:34:46 -07:00
Eric Chiang 3849abb18a Merge pull request #1097 from cpanato/add_ids_test_automation 
tests: add ids to elements for testing automation
 2017-10-10 09:39:21 -07:00
cpanato 620695ed2b
tests: add ids to elements for testing automation 2017-10-10 11:38:14 +02:00
Eric Chiang fcf00019de connector/ldap: add test for InsecureSkipVerify option 2017-10-09 14:27:22 -07:00
rithu leena john 10c0ec0d48 Merge pull request #1092 from rithujohn191/bump-go 
travis.yml: bump golang version
 2017-10-09 11:32:41 -07:00
Eric Chiang 9c176dd1bd Merge pull request #1090 from lsjostro/fix-link-regexp 
connector/gitlab: Fix regexp in Link parser
 2017-10-09 11:15:49 -07:00
Eric Chiang 5ea886473c Merge pull request #1094 from devonbarrett/supplied-typo 
fixes typo: s/suppied/supplied/
 2017-10-09 11:08:32 -07:00
Devon Barrett eb14a8245c
fixes typo: s/suppied/supplied/ 2017-10-08 11:29:27 +01:00
rithu john 82879b3b3e travis.yml: bump golang version 2017-10-04 21:15:03 -07:00
Lars Sjöström 4605fdd551 connector/gitlab: Fix regexp in Link parser 2017-09-29 21:35:47 +02:00
rithu leena john fe1516332c Merge pull request #1088 from dpacierpnik/cross-clients-audience-claim-fix 
Cross clients improvement - requesting client ID always added to the audience claim
 2017-09-29 10:49:46 -07:00
Damian Pacierpnik e3c9b49299 Cross clients improvement - requesting client ID always added to the audience claim 2017-09-28 18:30:15 +02:00
Eric Chiang 0aabf2d1ea Merge pull request #1085 from rphillips/fixes/http_client_timeout 
add client request timeout
 2017-09-27 13:28:13 -07:00
Ryan Phillips 0318cd99b0 add client request timeout and dialer deadline 2017-09-26 18:52:11 -05:00
Eric Chiang fe2aee364c Merge pull request #1086 from coreos/chancez-patch-1 
storage/kubernetes: Log before registering custom resources
 2017-09-26 16:49:10 -07:00
Chance Zibolski 9d7b0b59bd storage/kubernetes: Log before registering custom resources 
Logging before attempting to make any connection to Kubernetes is useful when the connection hangs and dex is killed before it can log any errors.
 2017-09-26 16:23:49 -07:00
rithu leena john 904c3facd9 Merge pull request #1081 from lrolaz/crd_rbac_doc 
Add Documentation about customresourcedefinitions creation role
 2017-09-26 11:53:46 -07:00