Eric Chiang
f672e75a3a
contrib/openldap: remove OpenLDAP container
...
Based on #640 we're going to osixia/openldap instead of rolling our
own container. Removing this work for now. If we want it back we can
revert easily enough.
2016-10-28 16:08:26 -07:00
Eric Chiang
a7c2fca039
Merge pull request #645 from ericchiang/dev-ldap-fix-switch
...
connector/ldap: fix bug in switch statement
2016-10-28 11:19:40 -07:00
Eric Chiang
4329406158
connector/ldap: fix bug in switch statement
2016-10-28 10:11:18 -07:00
Eric Chiang
d7912a3a97
Merge pull request #638 from ericchiang/dev-share-a-single-callback
...
*: allow call connectors to share a single a single callback
2016-10-27 16:59:04 -07:00
Eric Chiang
44fec87ce1
Merge pull request #642 from ericchiang/k8s-client-id
...
storage/kubernetes: allow arbitrary client IDs
2016-10-27 16:58:57 -07:00
Eric Chiang
d7a75c5b5d
storage/kubernetes: allow arbitrary client IDs
...
Use a hash algorithm to match client IDs to Kubernetes object names.
Because cryptographic hash algorithms produce sums larger than a
Kubernetes name can fit, a non-cryptographic hash is used instead.
Hash collisions are checked and result in errors.
2016-10-27 16:37:58 -07:00
Eric Chiang
99717cb56d
Merge pull request #635 from ericchiang/dev-transaction-tests
...
storage/conformance: add tests for transactional guarantees
2016-10-27 15:54:53 -07:00
Eric Chiang
acf3d6385e
Merge pull request #641 from ericchiang/dev-scripts-fix-get-protoc
...
scripts: fix get-protoc script to work directly after a clean
2016-10-27 14:42:40 -07:00
Eric Chiang
84c3ba0fe3
scripts: fix get-protoc script to work directly after a clean
...
Right now `make grpc` only works if a user hasn't run a `make clean`.
Fix this.
2016-10-27 14:35:38 -07:00
Eric Chiang
c1f18802c9
Merge pull request #624 from ericchiang/dev-ldap-connector
...
connector/ldap: expand LDAP connector to include searches
2016-10-27 13:44:18 -07:00
Eric Chiang
f5a378a4e5
Merge pull request #640 from rithujohn191/openldap-docs
...
Documentation: adding documentation for running ldap tests locally
2016-10-27 13:22:37 -07:00
rithu leena john
27880dba59
Documentation: adding documentation for running ldap tests locally
2016-10-27 13:20:32 -07:00
Eric Chiang
13f7dfaef0
connector/ldap: expand LDAP connector to include searches
2016-10-27 13:11:30 -07:00
Eric Chiang
7c2289e0de
*: rename internally used "state" form value to "req"
...
"state" means something specific to OAuth2 and SAML so we don't
want to confuse developers who are working on this.
Also don't use "session" which could easily be confused with HTTP
cookies.
2016-10-27 10:26:01 -07:00
Eric Chiang
a3235d022a
*: verify "state" field before passing request to callback connectors
...
Let the server handle the state token instead of the connector. As a
result it can throw out bad requests earlier. It can also use that
token to determine which connector was used to generate the request
allowing all connectors to share the same callback URL.
Callbacks now all look like:
https://dex.example.com/callback
Instead of:
https://dex.example.com/callback/ (connector id)
Even when multiple connectors are being used.
2016-10-27 10:23:09 -07:00
Eric Chiang
88896eb949
Merge pull request #637 from squat/fix_cache_control
...
server/handlers: fix Cache-Control header
2016-10-26 15:07:18 -07:00
Lucas Serven
5c498ae4df
server/handlers: fix Cache-Control header
...
fixes : #636
This commit addresses a problem where the `max-age` value is being set
in nanoseconds as opposed to seconds, as required by the specification.
2016-10-26 14:58:18 -07:00
Eric Chiang
4ab78d0ded
storage/kubernetes: run transactional conformance tests
2016-10-26 13:30:45 -07:00
Eric Chiang
5720ecf412
storage/conformance: add tests for transactional guarantees
2016-10-26 13:30:45 -07:00
Eric Chiang
99e312eadd
Merge pull request #632 from ericchiang/dev-docs-storage-options
...
Documentation: add a document on storage options
2016-10-26 12:33:37 -07:00
Eric Chiang
6c4839860e
Documentation: add a document on storage options
2016-10-26 12:32:45 -07:00
Eric Chiang
d350938fb0
Merge pull request #626 from ericchiang/storage-kubernetes-guess-namespace-from-service-account-token
...
storage/kubernetes: guess namespace from the service account token
2016-10-25 16:54:58 -07:00
Eric Chiang
ff9816464e
Merge pull request #627 from ericchiang/dev-expand-envs-in-config
...
*: expand environment variables in config
2016-10-25 15:02:54 -07:00
Eric Chiang
101a2bc22a
Merge pull request #634 from rithujohn191/kubeconfig_context
...
storage/kubernetes: set CurrentContext when the Kubeconfig file contains only one context
2016-10-25 14:57:57 -07:00
Eric Chiang
e0b83af981
Merge pull request #629 from ericchiang/dev-storage-kubernetes-dont-print-error
...
storage/kubernetes: don't automatically print errors on bad HTTP status codes
2016-10-25 14:16:32 -07:00
rithu leena john
9de16f2c45
storage/kubernetes: set CurrentContext when the Kubeconfig file contains only one context
2016-10-25 11:59:34 -07:00
Eric Chiang
6c4ad8c04d
Merge pull request #630 from ericchiang/dev-storage-kubernetes-kubeconfig-guessing
...
storage/kubernetes: don't guess the kubeconfig location and change test env
2016-10-24 16:14:54 -07:00
Eric Chiang
191c84813f
vendor: revendor
2016-10-23 20:53:35 -07:00
Eric Chiang
bc16de0b58
storage/kubernetes: don't guess the kubeconfig location and change test env
...
Using the default KUBECONFIG environment variable to indicate that
the Kubernetes tests should be run lead to cases where developers
accidentally ran the tests. This has now been changed to
"DEX_KUBECONFIG" and documentation hsa been added detailing how to
run these tests.
Additionally, no other storage reads environment variables for its
normal configuration (outside of tests) so the Kubernetes storage
no longer does.
Overall, be less surprising.
2016-10-23 20:53:29 -07:00
Eric Chiang
138ff96c00
storage/kubernetes: don't automatically print errors on bad HTTP status codes
...
These status codes spam the error logs for events like key rotation
and third party resource creation. In these cases "bad" status codes
are expected and shouldn't be automatically printed.
2016-10-23 07:42:42 -07:00
Eric Chiang
a11db557b4
*: expand environment variables in config
...
Allow users to define config values which are read form environemnt
variables. Helpful for sensitive variables such as OAuth2 client IDs
or LDAP credentials.
2016-10-22 13:49:40 -07:00
Eric Chiang
8c9c5160b6
storage/kubernetes: guess namespace from the service account token
...
The in cluster kubernetes client currently requires using the
downward API to determine its namespace. However this value can be
determine by inspecting the service account token mounted into the
pod. As a fallback, use this to guess the current namespace.
2016-10-21 23:35:17 -07:00
Eric Chiang
ba9f6c6cd6
Merge pull request #618 from ericchiang/dev-contrib-ldap-container
...
contrib/openldap: add an OpenLDAP Docker image for testing
2016-10-20 13:14:17 -07:00
Eric Chiang
373ac050f7
contrib/openldap: add a OpenLDAP container for testing
2016-10-20 09:43:06 -07:00
Eric Chiang
ea52bf263b
Merge pull request #623 from ericchiang/dev-port-oob-template
...
*: port oob template
2016-10-19 13:53:02 -07:00
Eric Chiang
7084a801d7
*: port oob template
2016-10-19 12:45:17 -07:00
Eric Chiang
86b2d93966
Merge pull request #594 from ericchiang/dev-proposal-upstream-refreshing
...
Documentation/proposals: add a proposal for keeping data in-sync during refreshes
2016-10-17 11:58:20 -07:00
Eric Chiang
774242f750
Documentation/proposals: added a caveats section to upstream refreshing proposal
2016-10-17 11:54:10 -07:00
Eric Chiang
688d798ff4
Merge pull request #620 from ericchiang/dev-fix-rotation-polling
...
server: fix key rotation polling
2016-10-17 11:13:00 -07:00
Eric Chiang
892fa3fe35
server: rename "rotationStrategy.period" to "rotationFrequency"
...
gorename command run:
gorename \
-from '"github.com/coreos/dex/server".rotationStrategy.period' \
-to rotationFrequency
2016-10-17 10:57:14 -07:00
Eric Chiang
d8033999d5
server: fix key rotation polling
2016-10-17 10:47:47 -07:00
Eric Chiang
3e94e65b68
Merge pull request #617 from ericchiang/dev-aci-path
...
*: build aci at the correct path including version, OS, and arch
2016-10-14 14:40:14 -07:00
Eric Chiang
26b43e19c8
*: build aci at the correct path including version, OS, and arch
2016-10-14 14:29:22 -07:00
Eric Chiang
8b909140fd
Merge pull request #615 from ericchiang/dev-fix-sql-keys-query
...
dev branch: fix sql keys query
2016-10-14 12:30:59 -07:00
Eric Chiang
fe320c1928
storage/sql: fix typo in keys query
2016-10-14 12:28:49 -07:00
Eric Chiang
0a3aabc8ff
storage/conformace: add conformance tests for keys
2016-10-14 12:28:49 -07:00
Eric Chiang
ade27b3d5e
Merge pull request #612 from ericchiang/dev-make-example-config-more-readable
...
*: add more comments to the example config
2016-10-14 09:01:53 -07:00
Eric Chiang
6a9df8ab1c
Merge pull request #606 from ericchiang/dev-self-managed-third-party-resources
...
dev branch: self managed third party resources
2016-10-14 09:00:05 -07:00
Eric Chiang
dc13f09fb7
*: add more comments to the example config
2016-10-14 08:58:57 -07:00
Eric Chiang
e25a364dbe
Merge pull request #611 from ericchiang/dev-gc-reduce-verbosity
...
server: only print gc stats if something has been removed
2016-10-13 22:01:16 -07:00