Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
D
dex
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
go
dex
Commits
88d1e2b0
Commit
88d1e2b0
authored
Dec 13, 2018
by
joannano
Committed by
Krzysztof Balka
Jan 11, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
keystone: test cases, refactoring and cleanup
parent
a965365a
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
199 additions
and
278 deletions
+199
-278
.travis.yml
.travis.yml
+3
-2
Dockerfile
Dockerfile
+6
-3
connector.go
connector/connector.go
+0
-1
keystone.go
connector/keystone/keystone.go
+140
-117
keystone_test.go
connector/keystone/keystone_test.go
+0
-0
types.go
connector/keystone/types.go
+45
-94
config-keystone.yaml
examples/config-keystone.yaml
+0
-55
handlers.go
server/handlers.go
+2
-4
server.go
server/server.go
+2
-2
static.go
storage/static.go
+1
-0
No files found.
.travis.yml
View file @
88d1e2b0
...
...
@@ -13,13 +13,14 @@ services:
-
docker
env
:
-
DEX_POSTGRES_DATABASE=postgres DEX_POSTGRES_USER=postgres DEX_POSTGRES_HOST="localhost" DEX_ETCD_ENDPOINTS=http://localhost:2379 DEX_LDAP_TESTS=1 DEBIAN_FRONTEND=noninteractive
-
DEX_POSTGRES_DATABASE=postgres DEX_POSTGRES_USER=postgres DEX_POSTGRES_HOST="localhost" DEX_ETCD_ENDPOINTS=http://localhost:2379 DEX_LDAP_TESTS=1 DEBIAN_FRONTEND=noninteractive
DEX_KEYSTONE_URL=http://localhost:5000 DEX_KEYSTONE_ADMIN_URL=http://localhost:35357
install
:
-
sudo -E apt-get install -y --force-yes slapd time ldap-utils
-
sudo /etc/init.d/slapd stop
-
docker run -d --net=host gcr.io/etcd-development/etcd:v3.2.9
-
docker run -d -p 0.0.0.0:5000:5000 -p 0.0.0.0:35357:35357 openio/openstack-keystone
-
sleep 60s
script
:
-
make testall
...
...
Dockerfile
View file @
88d1e2b0
...
...
@@ -11,12 +11,15 @@ FROM alpine:3.8
# experience when this doesn't work out of the box.
#
# OpenSSL is required so wget can query HTTPS endpoints for health checking.
RUN
apk add
--update
ca-certificates openssl bash
RUN
apk add
--update
ca-certificates openssl
COPY
--from=0 /go/bin/dex /usr/local/bin/dex
# Import frontend assets and set the correct CWD directory so the assets
# are in the default path.
COPY
web /web
WORKDIR
/
EXPOSE
5500-5600
CMD
["bash"]
ENTRYPOINT
["dex"]
CMD
["version"]
connector/connector.go
View file @
88d1e2b0
...
...
@@ -35,7 +35,6 @@ type Identity struct {
//
// This data is never shared with end users, OAuth clients, or through the API.
ConnectorData
[]
byte
Password
string
}
// PasswordConnector is an interface implemented by connectors which take a
...
...
connector/keystone/keystone.go
View file @
88d1e2b0
...
...
@@ -2,163 +2,186 @@
package
keystone
import
(
"bytes"
"context"
"fmt"
"github.com/dexidp/dex/connector"
"github.com/sirupsen/logrus"
"encoding/json"
"net/http"
"bytes"
"fmt"
"io/ioutil"
"net/http"
"github.com/sirupsen/logrus"
"github.com/dexidp/dex/connector"
)
var
(
_
connector
.
PasswordConnector
=
&
Connector
{}
_
connector
.
RefreshConnector
=
&
Connector
{}
_
connector
.
PasswordConnector
=
&
keystone
Connector
{}
_
connector
.
RefreshConnector
=
&
keystone
Connector
{}
)
// Open returns an authentication strategy using Keystone.
func
(
c
*
Config
)
Open
(
id
string
,
logger
logrus
.
FieldLogger
)
(
connector
.
Connector
,
error
)
{
return
&
Connector
{
c
.
Domain
,
c
.
KeystoneHost
,
c
.
KeystoneUsername
,
c
.
KeystonePassword
,
logger
},
nil
return
&
keystone
Connector
{
c
.
Domain
,
c
.
KeystoneHost
,
c
.
KeystoneUsername
,
c
.
KeystonePassword
,
logger
},
nil
}
func
(
p
Connector
)
Close
()
error
{
return
nil
}
func
(
p
*
keystone
Connector
)
Close
()
error
{
return
nil
}
func
(
p
Connector
)
Login
(
ctx
context
.
Context
,
s
connector
.
Scopes
,
username
,
password
string
)
(
identity
connector
.
Identity
,
validPassword
bool
,
err
error
)
{
response
,
err
:=
p
.
getTokenResponse
(
username
,
password
)
func
(
p
*
keystoneConnector
)
Login
(
ctx
context
.
Context
,
s
connector
.
Scopes
,
username
,
password
string
)
(
identity
connector
.
Identity
,
validPassword
bool
,
err
error
)
{
resp
,
err
:=
p
.
getTokenResponse
(
ctx
,
username
,
password
)
if
err
!=
nil
{
return
identity
,
false
,
fmt
.
Errorf
(
"keystone: error %v"
,
err
)
}
// Providing wrong password or wrong keystone URI throws error
if
err
==
nil
&&
response
.
StatusCode
==
201
{
token
:=
response
.
Header
[
"X-Subject-Token"
][
0
]
data
,
_
:=
ioutil
.
ReadAll
(
response
.
Body
)
var
tokenResponse
=
new
(
TokenResponse
)
err
:=
json
.
Unmarshal
(
data
,
&
tokenResponse
)
if
err
!=
nil
{
fmt
.
Printf
(
"keystone: invalid token response: %v"
,
err
)
return
identity
,
false
,
err
}
groups
,
err
:=
p
.
getUserGroups
(
tokenResponse
.
Token
.
User
.
ID
,
token
)
if
err
!=
nil
{
return
identity
,
false
,
err
}
identity
.
Username
=
username
identity
.
UserID
=
tokenResponse
.
Token
.
User
.
ID
identity
.
Groups
=
groups
if
resp
.
StatusCode
==
201
{
token
:=
resp
.
Header
.
Get
(
"X-Subject-Token"
)
data
,
err
:=
ioutil
.
ReadAll
(
resp
.
Body
)
if
err
!=
nil
{
return
identity
,
false
,
err
}
defer
resp
.
Body
.
Close
()
var
tokenResp
=
new
(
tokenResponse
)
err
=
json
.
Unmarshal
(
data
,
&
tokenResp
)
if
err
!=
nil
{
return
identity
,
false
,
fmt
.
Errorf
(
"keystone: invalid token response: %v"
,
err
)
}
groups
,
err
:=
p
.
getUserGroups
(
ctx
,
tokenResp
.
Token
.
User
.
ID
,
token
)
if
err
!=
nil
{
return
identity
,
false
,
err
}
identity
.
Username
=
username
identity
.
UserID
=
tokenResp
.
Token
.
User
.
ID
identity
.
Groups
=
groups
return
identity
,
true
,
nil
}
else
if
err
!=
nil
{
fmt
.
Printf
(
"keystone: error %v"
,
err
)
return
identity
,
false
,
err
}
else
{
data
,
_
:=
ioutil
.
ReadAll
(
response
.
Body
)
fmt
.
Println
(
string
(
data
))
return
identity
,
false
,
err
}
return
identity
,
false
,
nil
}
func
(
p
Connector
)
Prompt
()
string
{
return
"username"
}
func
(
p
*
keystone
Connector
)
Prompt
()
string
{
return
"username"
}
func
(
p
Connector
)
Refresh
(
func
(
p
*
keystone
Connector
)
Refresh
(
ctx
context
.
Context
,
s
connector
.
Scopes
,
identity
connector
.
Identity
)
(
connector
.
Identity
,
error
)
{
if
len
(
identity
.
ConnectorData
)
==
0
{
return
identity
,
nil
token
,
err
:=
p
.
getAdminToken
(
ctx
)
if
err
!=
nil
{
return
identity
,
fmt
.
Errorf
(
"keystone: failed to obtain admin token: %v"
,
err
)
}
token
,
err
:=
p
.
getAdminToken
()
if
err
!=
nil
{
fmt
.
Printf
(
"keystone: failed to obtain admin token"
)
return
identity
,
err
}
ok
:=
p
.
checkIfUserExists
(
identity
.
UserID
,
token
)
if
!
ok
{
fmt
.
Printf
(
"keystone: user %q does not exist
\n
"
,
identity
.
UserID
)
return
identity
,
fmt
.
Errorf
(
"keystone: user %q does not exist"
,
identity
.
UserID
)
}
ok
,
err
:=
p
.
checkIfUserExists
(
ctx
,
identity
.
UserID
,
token
)
if
err
!=
nil
{
return
identity
,
err
}
if
!
ok
{
return
identity
,
fmt
.
Errorf
(
"keystone: user %q does not exist"
,
identity
.
UserID
)
}
groups
,
err
:=
p
.
getUserGroups
(
identity
.
UserID
,
token
)
if
err
!=
nil
{
fmt
.
Printf
(
"keystone: Failed to fetch user %q groups"
,
identity
.
UserID
)
return
identity
,
fmt
.
Errorf
(
"keystone: failed to fetch user %q groups"
,
identity
.
UserID
)
}
groups
,
err
:=
p
.
getUserGroups
(
ctx
,
identity
.
UserID
,
token
)
if
err
!=
nil
{
return
identity
,
err
}
identity
.
Groups
=
groups
fmt
.
Printf
(
"Identity data after use of refresh token: %v"
,
identity
)
identity
.
Groups
=
groups
return
identity
,
nil
}
func
(
p
Connector
)
getTokenResponse
(
username
,
password
string
)
(
response
*
http
.
Response
,
err
error
)
{
jsonData
:=
L
oginRequestData
{
Auth
:
A
uth
{
Identity
:
I
dentity
{
Methods
:
[]
string
{
"password"
},
Password
:
P
assword
{
User
:
U
ser
{
Name
:
username
,
Domain
:
Domain
{
ID
:
p
.
Domain
},
Password
:
pass
word
,
func
(
p
*
keystoneConnector
)
getTokenResponse
(
ctx
context
.
Context
,
username
,
pass
string
)
(
response
*
http
.
Response
,
err
error
)
{
client
:=
&
http
.
Client
{}
jsonData
:=
l
oginRequestData
{
auth
:
a
uth
{
Identity
:
i
dentity
{
Methods
:
[]
string
{
"password"
},
Password
:
p
assword
{
User
:
u
ser
{
Name
:
username
,
Domain
:
domain
{
ID
:
p
.
Domain
},
Password
:
pass
,
},
},
},
},
}
jsonValue
,
_
:=
json
.
Marshal
(
jsonData
)
loginURI
:=
p
.
KeystoneHost
+
"/v3/auth/tokens"
return
http
.
Post
(
loginURI
,
"application/json"
,
bytes
.
NewBuffer
(
jsonValue
))
jsonValue
,
err
:=
json
.
Marshal
(
jsonData
)
if
err
!=
nil
{
return
nil
,
err
}
authTokenURL
:=
p
.
KeystoneHost
+
"/v3/auth/tokens/"
req
,
err
:=
http
.
NewRequest
(
"POST"
,
authTokenURL
,
bytes
.
NewBuffer
(
jsonValue
))
if
err
!=
nil
{
return
nil
,
err
}
req
.
Header
.
Set
(
"Content-Type"
,
"application/json"
)
req
=
req
.
WithContext
(
ctx
)
return
client
.
Do
(
req
)
}
func
(
p
Connector
)
getAdminToken
()
(
string
,
error
)
{
response
,
err
:=
p
.
getTokenResponse
(
p
.
KeystoneUsername
,
p
.
KeystonePassword
)
if
err
!=
nil
{
return
""
,
err
}
token
:=
response
.
Header
[
"X-Subject-Token"
][
0
]
return
token
,
nil
func
(
p
*
keystoneConnector
)
getAdminToken
(
ctx
context
.
Context
)
(
string
,
error
)
{
resp
,
err
:=
p
.
getTokenResponse
(
ctx
,
p
.
KeystoneUsername
,
p
.
KeystonePassword
)
if
err
!=
nil
{
return
""
,
err
}
token
:=
resp
.
Header
.
Get
(
"X-Subject-Token"
)
return
token
,
nil
}
func
(
p
Connector
)
checkIfUserExists
(
userID
string
,
token
string
)
(
bool
)
{
groupsURI
:=
p
.
KeystoneHost
+
"/v3/users/"
+
userID
client
:=
&
http
.
Client
{}
req
,
_
:=
http
.
NewRequest
(
"GET"
,
groupsURI
,
nil
)
req
.
Header
.
Set
(
"X-Auth-Token"
,
token
)
response
,
err
:=
client
.
Do
(
req
)
if
err
==
nil
&&
response
.
StatusCode
==
200
{
return
true
}
return
false
func
(
p
*
keystoneConnector
)
checkIfUserExists
(
ctx
context
.
Context
,
userID
string
,
token
string
)
(
bool
,
error
)
{
userURL
:=
p
.
KeystoneHost
+
"/v3/users/"
+
userID
client
:=
&
http
.
Client
{}
req
,
err
:=
http
.
NewRequest
(
"GET"
,
userURL
,
nil
)
if
err
!=
nil
{
return
false
,
err
}
req
.
Header
.
Set
(
"X-Auth-Token"
,
token
)
req
=
req
.
WithContext
(
ctx
)
resp
,
err
:=
client
.
Do
(
req
)
if
err
!=
nil
{
return
false
,
err
}
if
resp
.
StatusCode
==
200
{
return
true
,
nil
}
return
false
,
err
}
func
(
p
Connector
)
getUserGroups
(
userID
string
,
token
string
)
([]
string
,
error
)
{
groupsURI
:=
p
.
KeystoneHost
+
"/v3/users/"
+
userID
+
"/groups"
client
:=
&
http
.
Client
{}
req
,
_
:=
http
.
NewRequest
(
"GET"
,
groupsURI
,
nil
)
req
.
Header
.
Set
(
"X-Auth-Token"
,
token
)
response
,
err
:=
client
.
Do
(
req
)
if
err
!=
nil
{
fmt
.
Printf
(
"keystone: error while fetching user %q groups
\n
"
,
userID
)
return
nil
,
err
}
data
,
_
:=
ioutil
.
ReadAll
(
response
.
Body
)
var
groupsResponse
=
new
(
GroupsResponse
)
err
=
json
.
Unmarshal
(
data
,
&
groupsResponse
)
if
err
!=
nil
{
return
nil
,
err
}
groups
:=
[]
string
{}
for
_
,
group
:=
range
groupsResponse
.
Groups
{
groups
=
append
(
groups
,
group
.
Name
)
}
return
groups
,
nil
func
(
p
*
keystoneConnector
)
getUserGroups
(
ctx
context
.
Context
,
userID
string
,
token
string
)
([]
string
,
error
)
{
client
:=
&
http
.
Client
{}
groupsURL
:=
p
.
KeystoneHost
+
"/v3/users/"
+
userID
+
"/groups"
req
,
err
:=
http
.
NewRequest
(
"GET"
,
groupsURL
,
nil
)
req
.
Header
.
Set
(
"X-Auth-Token"
,
token
)
req
=
req
.
WithContext
(
ctx
)
resp
,
err
:=
client
.
Do
(
req
)
if
err
!=
nil
{
p
.
Logger
.
Errorf
(
"keystone: error while fetching user %q groups
\n
"
,
userID
)
return
nil
,
err
}
data
,
err
:=
ioutil
.
ReadAll
(
resp
.
Body
)
if
err
!=
nil
{
return
nil
,
err
}
defer
resp
.
Body
.
Close
()
var
groupsResp
=
new
(
groupsResponse
)
err
=
json
.
Unmarshal
(
data
,
&
groupsResp
)
if
err
!=
nil
{
return
nil
,
err
}
groups
:=
make
([]
string
,
len
(
groupsResp
.
Groups
))
for
i
,
group
:=
range
groupsResp
.
Groups
{
groups
[
i
]
=
group
.
Name
}
return
groups
,
nil
}
connector/keystone/keystone_test.go
View file @
88d1e2b0
This diff is collapsed.
Click to expand it.
connector/keystone/types.go
View file @
88d1e2b0
...
...
@@ -4,133 +4,84 @@ import (
"github.com/sirupsen/logrus"
)
type
Connector
struct
{
Domain
string
KeystoneHost
string
type
keystone
Connector
struct
{
Domain
string
KeystoneHost
string
KeystoneUsername
string
KeystonePassword
string
Logger
logrus
.
FieldLogger
Logger
logrus
.
FieldLogger
}
type
ConnectorData
struct
{
AccessToken
string
`json:"accessToken"`
type
userKeystone
struct
{
Domain
domainKeystone
`json:"domain"`
ID
string
`json:"id"`
Name
string
`json:"name"`
}
type
KeystoneUser
struct
{
Domain
KeystoneDomain
`json:"domain"`
ID
string
`json:"id"`
Name
string
`json:"name"`
}
type
KeystoneDomain
struct
{
ID
string
`json:"id"`
type
domainKeystone
struct
{
ID
string
`json:"id"`
Name
string
`json:"name"`
}
// Config holds the configuration parameters for Keystone connector.
// Keystone should expose API v3
// An example config:
// connectors:
// type: keystone
// id: keystone
// name: Keystone
// config:
// keystoneHost: http://example:5000
// domain: default
// keystoneUsername: demo
// keystonePassword: DEMO_PASS
type
Config
struct
{
Domain
string
`json:"domain"`
KeystoneHost
string
`json:"keystoneHost"`
Domain
string
`json:"domain"`
KeystoneHost
string
`json:"keystoneHost"`
KeystoneUsername
string
`json:"keystoneUsername"`
KeystonePassword
string
`json:"keystonePassword"`
}
type
L
oginRequestData
struct
{
A
uth
`json:"auth"`
type
l
oginRequestData
struct
{
a
uth
`json:"auth"`
}
type
A
uth
struct
{
Identity
`json:"identity"`
type
a
uth
struct
{
Identity
identity
`json:"identity"`
}
type
I
dentity
struct
{
type
i
dentity
struct
{
Methods
[]
string
`json:"methods"`
Password
`json:"password"`
Password
password
`json:"password"`
}
type
P
assword
struct
{
User
`json:"user"`
type
p
assword
struct
{
User
user
`json:"user"`
}
type
User
struct
{
Name
string
`json:"name"`
Domain
`json:"domain"`
Password
string
`json:"password"`
}
type
Domain
struct
{
ID
string
`json:"id"`
}
type
Token
struct
{
IssuedAt
string
`json:"issued_at"`
Extras
map
[
string
]
interface
{}
`json:"extras"`
Methods
[]
string
`json:"methods"`
ExpiresAt
string
`json:"expires_at"`
User
KeystoneUser
`json:"user"`
}
type
TokenResponse
struct
{
Token
Token
`json:"token"`
}
type
CreateUserRequest
struct
{
CreateUser
CreateUserForm
`json:"user"`
}
type
CreateUserForm
struct
{
type
user
struct
{
Name
string
`json:"name"`
Email
string
`json:"email"`
Enabled
bool
`json:"enabled"`
Domain
domain
`json:"domain"`
Password
string
`json:"password"`
Roles
[]
string
`json:"roles"`
}
type
UserResponse
struct
{
User
CreateUserResponse
`json:"user"`
}
type
CreateUserResponse
struct
{
Username
string
`json:"username"`
Name
string
`json:"name"`
Roles
[]
string
`json:"roles"`
Enabled
bool
`json:"enabled"`
Options
string
`json:"options"`
ID
string
`json:"id"`
Email
string
`json:"email"`
}
type
CreateGroup
struct
{
Group
CreateGroupForm
`json:"group"`
}
type
CreateGroupForm
struct
{
Description
string
`json:"description"`
Name
string
`json:"name"`
}
type
GroupID
struct
{
Group
GroupIDForm
`json:"group
"`
type
domain
struct
{
ID
string
`json:"id
"`
}
type
GroupIDForm
struct
{
ID
string
`json:"id
"`
type
token
struct
{
User
userKeystone
`json:"user
"`
}
type
Links
struct
{
Self
string
`json:"self"`
Previous
string
`json:"previous"`
Next
string
`json:"next"`
type
tokenResponse
struct
{
Token
token
`json:"token"`
}
type
Group
struct
{
DomainID
string
`json:"domain_id`
Description
string
`json:"description"`
ID
string
`json:"id"`
Links
Links
`json:"links"`
Name
string
`json:"name"`
type
group
struct
{
ID
string
`json:"id"`
Name
string
`json:"name"`
}
type
GroupsResponse
struct
{
Links
Links
`json:"links"`
Groups
[]
Group
`json:"groups"`
type
groupsResponse
struct
{
Groups
[]
group
`json:"groups"`
}
examples/config-keystone.yaml
deleted
100644 → 0
View file @
a965365a
# The base path of dex and the external name of the OpenID Connect service.
# This is the canonical URL that all clients MUST use to refer to dex. If a
# path is provided, dex's HTTP service will listen at a non-root URL.
issuer
:
http://0.0.0.0:5556/dex
# The storage configuration determines where dex stores its state. Supported
# options include SQL flavors and Kubernetes third party resources.
#
# See the storage document at Documentation/storage.md for further information.
storage
:
type
:
sqlite3
config
:
file
:
examples/dex.db
#be in the dex directory, else change path here
# Configuration for the HTTP endpoints.
web
:
https
:
0.0.0.0:5556
# Uncomment for HTTPS options.
# https: 127.0.0.1:5554
tlsCert
:
./ssl/dex.crt
tlsKey
:
./ssl/dex.key
# Configuration for telemetry
telemetry
:
http
:
0.0.0.0:5558
oauth2
:
responseTypes
:
[
"
id_token"
]
# Instead of reading from an external storage, use this list of clients.
staticClients
:
-
id
:
example-app
redirectURIs
:
-
'
http://127.0.0.1:5555/callback'
name
:
'
Example
App'
secret
:
ZXhhbXBsZS1hcHAtc2VjcmV0
#Provide Keystone connector and its config here
# /v3/auth/tokens
connectors
:
-
type
:
keystone
id
:
keystone
name
:
Keystone
config
:
keystoneHost
:
http://localhost:5000
domain
:
default
keystoneUsername
:
demo
keystonePassword
:
DEMO_PASS
# Let dex keep a list of passwords which can be used to login to dex.
enablePasswordDB
:
true
oauth2
:
skipApprovalScreen
:
true
server/handlers.go
View file @
88d1e2b0
...
...
@@ -211,7 +211,6 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
}
authReqID
:=
r
.
FormValue
(
"req"
)
s
.
logger
.
Errorf
(
"Auth req id %v"
,
authReqID
)
authReq
,
err
:=
s
.
storage
.
GetAuthRequest
(
authReqID
)
if
err
!=
nil
{
...
...
@@ -346,7 +345,7 @@ func (s *Server) handleConnectorCallback(w http.ResponseWriter, r *http.Request)
s
.
renderError
(
w
,
http
.
StatusInternalServerError
,
"Requested resource does not exist."
)
return
}
s
.
logger
.
Errorf
(
"
2
Failed to get auth request: %v"
,
err
)
s
.
logger
.
Errorf
(
"Failed to get auth request: %v"
,
err
)
s
.
renderError
(
w
,
http
.
StatusInternalServerError
,
"Database error."
)
return
}
...
...
@@ -358,7 +357,6 @@ func (s *Server) handleConnectorCallback(w http.ResponseWriter, r *http.Request)
}
conn
,
err
:=
s
.
getConnector
(
authReq
.
ConnectorID
)
s
.
logger
.
Errorf
(
"X Connector %v"
,
conn
)
if
err
!=
nil
{
s
.
logger
.
Errorf
(
"Failed to get connector with id %q : %v"
,
authReq
.
ConnectorID
,
err
)
s
.
renderError
(
w
,
http
.
StatusInternalServerError
,
"Requested resource does not exist."
)
...
...
@@ -437,7 +435,7 @@ func (s *Server) finalizeLogin(identity connector.Identity, authReq storage.Auth
func
(
s
*
Server
)
handleApproval
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
authReq
,
err
:=
s
.
storage
.
GetAuthRequest
(
r
.
FormValue
(
"req"
))
if
err
!=
nil
{
s
.
logger
.
Errorf
(
"
3
Failed to get auth request: %v"
,
err
)
s
.
logger
.
Errorf
(
"Failed to get auth request: %v"
,
err
)
s
.
renderError
(
w
,
http
.
StatusInternalServerError
,
"Database error."
)
return
}
...
...
server/server.go
View file @
88d1e2b0
...
...
@@ -27,6 +27,7 @@ import (
"github.com/dexidp/dex/connector/bitbucketcloud"
"github.com/dexidp/dex/connector/github"
"github.com/dexidp/dex/connector/gitlab"
"github.com/dexidp/dex/connector/keystone"
"github.com/dexidp/dex/connector/ldap"
"github.com/dexidp/dex/connector/linkedin"
"github.com/dexidp/dex/connector/microsoft"
...
...
@@ -34,7 +35,6 @@ import (
"github.com/dexidp/dex/connector/oidc"
"github.com/dexidp/dex/connector/saml"
"github.com/dexidp/dex/storage"
"github.com/dexidp/dex/connector/keystone"
)
// LocalConnector is the local passwordDB connector which is an internal
...
...
@@ -456,7 +456,7 @@ func openConnector(logger logrus.FieldLogger, conn storage.Connector) (connector
f
,
ok
:=
ConnectorsConfig
[
conn
.
Type
]
if
!
ok
{
return
c
,
fmt
.
Errorf
(
"
x
unknown connector type %q"
,
conn
.
Type
)
return
c
,
fmt
.
Errorf
(
"unknown connector type %q"
,
conn
.
Type
)
}
connConfig
:=
f
()
...
...
storage/static.go
View file @
88d1e2b0
...
...
@@ -3,6 +3,7 @@ package storage
import
(
"errors"
"strings"
"github.com/sirupsen/logrus"
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment