Commit ade27b3d authored by Eric Chiang's avatar Eric Chiang Committed by GitHub

Merge pull request #612 from ericchiang/dev-make-example-config-more-readable

*: add more comments to the example config
parents 6a9df8ab dc13f09f
...@@ -58,10 +58,8 @@ Then to interact with dex, like any other OAuth2 provider, you must first visit ...@@ -58,10 +58,8 @@ Then to interact with dex, like any other OAuth2 provider, you must first visit
a client app, then be prompted to login through dex. This can be achieved using a client app, then be prompted to login through dex. This can be achieved using
the following steps: the following steps:
NOTE: The UIs are extremely bare bones at the moment.
1. Navigate to http://localhost:5555/ in your browser. 1. Navigate to http://localhost:5555/ in your browser.
2. Hit "login" on the example app to be redirected to dex. 2. Hit "login" on the example app to be redirected to dex.
3. Choose the "mock" option to login as a predefined user. 3. Choose the "Login with Email" and enter "admin@example.com" and "password"
4. Approve the example app's request. 4. Approve the example app's request.
5. See the resulting token the example app claims from dex. 5. See the resulting token the example app claims from dex.
...@@ -156,7 +156,7 @@ func cmd() *cobra.Command { ...@@ -156,7 +156,7 @@ func cmd() *cobra.Command {
c.Flags().StringVar(&a.clientID, "client-id", "example-app", "OAuth2 client ID of this application.") c.Flags().StringVar(&a.clientID, "client-id", "example-app", "OAuth2 client ID of this application.")
c.Flags().StringVar(&a.clientSecret, "client-secret", "ZXhhbXBsZS1hcHAtc2VjcmV0", "OAuth2 client secret of this application.") c.Flags().StringVar(&a.clientSecret, "client-secret", "ZXhhbXBsZS1hcHAtc2VjcmV0", "OAuth2 client secret of this application.")
c.Flags().StringVar(&a.redirectURI, "redirect-uri", "http://127.0.0.1:5555/callback", "Callback URL for OAuth2 responses.") c.Flags().StringVar(&a.redirectURI, "redirect-uri", "http://127.0.0.1:5555/callback", "Callback URL for OAuth2 responses.")
c.Flags().StringVar(&issuerURL, "issuer", "http://127.0.0.1:5556", "URL of the OpenID Connect issuer.") c.Flags().StringVar(&issuerURL, "issuer", "http://127.0.0.1:5556/dex", "URL of the OpenID Connect issuer.")
c.Flags().StringVar(&listen, "listen", "http://127.0.0.1:5555", "HTTP(S) address to listen at.") c.Flags().StringVar(&listen, "listen", "http://127.0.0.1:5555", "HTTP(S) address to listen at.")
c.Flags().StringVar(&tlsCert, "tls-cert", "", "X509 cert file to present when serving HTTPS.") c.Flags().StringVar(&tlsCert, "tls-cert", "", "X509 cert file to present when serving HTTPS.")
c.Flags().StringVar(&tlsKey, "tls-key", "", "Private key for the HTTPS cert.") c.Flags().StringVar(&tlsKey, "tls-key", "", "Private key for the HTTPS cert.")
......
issuer: http://127.0.0.1:5556 # The base path of dex and the external name of the OpenID Connect service.
# Clients use this value to do discovery.
issuer: http://127.0.0.1:5556/dex
# The storage configuration determines where dex stores its state. Supported
# options include SQL flavors and Kubernetes third party resources.
storage: storage:
type: sqlite3 type: sqlite3
config: config:
file: examples/dex.db file: examples/dex.db
# Configuration for the
web: web:
http: 127.0.0.1:5556 http: 127.0.0.1:5556
# HTTPS options are also supported:
# https: 127.0.0.1:5554
# tlsCert: /etc/dex/tls.crt
# tlsKey: /etc/dex/tls.key
connectors: # Uncomment this block to enable the gRPC API.
- type: mockCallback # grpc:
id: mock-callback # addr: 127.0.0.1:5557
name: Mock # tlsCert: /etc/dex/grpc.crt
# tlsKey: /etc/dex/grpc.key
# Instead of reading from an external storage, use this list of clients. # Instead of reading from an external storage, use this list of clients.
#
# If this option isn't choosen clients may be added through the gRPC API.
staticClients: staticClients:
- id: example-app - id: example-app
redirectURIs: redirectURIs:
...@@ -20,14 +33,22 @@ staticClients: ...@@ -20,14 +33,22 @@ staticClients:
name: 'Example App' name: 'Example App'
secret: ZXhhbXBsZS1hcHAtc2VjcmV0 secret: ZXhhbXBsZS1hcHAtc2VjcmV0
# Let dex keep a list of passwords which can be used to login the user. connectors:
- type: mockCallback
id: mock
name: Example
# Let dex keep a list of passwords which can be used to login the user
enablePasswordDB: true enablePasswordDB: true
# A static list of passwords to login the end user. By identifying here, dex # A static list of passwords to login the end user. By identifying here, dex
# won't look in its undlying storage for passwords. # won't look in its underlying storage for passwords.
#
# If this option isn't choosen users may be added through the gRPC API.
staticPasswords: staticPasswords:
- email: "admin@example.com" - email: "admin@example.com"
# bcrypt hash of the string "password" # bcrypt hash of the string "password"
hash: "JDJhJDE0JDh4TnlVZ3pzSmVuQm4ySlRPT2QvbmVGcUlnQzF4TEFVRFA3VlpTVzhDNWlkLnFPcmNlYUJX" hash: "JDJhJDE0JDh4TnlVZ3pzSmVuQm4ySlRPT2QvbmVGcUlnQzF4TEFVRFA3VlpTVzhDNWlkLnFPcmNlYUJX"
username: "admin" username: "admin"
userID: "08a8684b-db88-4b73-90a9-3cd1661f5466" userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"
issuer: http://127.0.0.1:5556
storage:
type: sqlite3
config:
file: examples/dex.db
web:
http: 127.0.0.1:5556
grpc:
addr: 127.0.0.1:5557
connectors:
- type: mockCallback
id: mock-callback
name: Mock
- type: mockPassword
id: mock-password
name: Password
config:
username: "admin"
password: "PASSWORD"
staticClients:
- id: example-app
redirectURIs:
- 'http://127.0.0.1:5555/callback'
name: 'Example App'
secret: ZXhhbXBsZS1hcHAtc2VjcmV0
issuer: http://127.0.0.1:5556
storage:
type: kubernetes
web:
http: 127.0.0.1:5556
connectors:
- type: mock
id: mock
name: Mock
- type: github
id: github
name: GitHub
config:
clientID: "$GITHUB_CLIENT_ID"
clientSecret: "$GITHUB_CLIENT_SECRET"
redirectURI: http://127.0.0.1:5556/callback/github
org: kubernetes
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment