- 01 Dec, 2016 12 commits
-
-
Amruta Chitnis authored
-
Eric Chiang authored
revert "Merge pull request #714 from amrutac/refactor-css"
-
Eric Chiang authored
This reverts commit 4d88eabb, reversing changes made to b38d3552.
-
Eric Chiang authored
Refactor css
-
Amruta Chitnis authored
-
Amruta Chitnis authored
-
Amruta Chitnis authored
-
Amruta Chitnis authored
-
rithu leena john authored
cmd/example-app: use a non-empty state
-
Eric Chiang authored
Use a non-empty state in the example-app to ensure dex is properly preserving the state for the code flow. Updates #712
-
rithu leena john authored
*: add theme based frontend configuration
-
Eric Chiang authored
This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
-
- 29 Nov, 2016 1 commit
-
-
Eric Chiang authored
Documentation: clarify difference between LDAP ports and security guarentees
-
- 25 Nov, 2016 1 commit
-
-
Eric Chiang authored
Updated openid-connect.md: small typo
-
- 24 Nov, 2016 1 commit
-
-
Ev authored
Protocol is written protocl.
-
- 23 Nov, 2016 1 commit
-
-
Eric Chiang authored
Now that LDAP supports an `insecureSkipVerify` option, clarify that `insecureNoTLS` is an extremely bad choice and as such we may drop support for 389 in the future. However, since we send plain text passwords from our frontend to our backend, this probably gets us into a bigger conversation about dex's TLS story. For example when terminiation is approporate. cc'ing @dghubble for thoughts on how that might apply to our internal uses. We probably want an overaching security doc at some point, but that can be another PR.
-
- 22 Nov, 2016 7 commits
-
-
Eric Chiang authored
*: switch oidc client to github.com/coreos/go-oidc
-
Eric Chiang authored
-
Eric Chiang authored
This saves us from having to import two different versions of square/go-jose.
-
rithu leena john authored
connector: add RefreshConnector interface
-
Eric Chiang authored
-
Eric Chiang authored
-
Eric Chiang authored
-
- 21 Nov, 2016 2 commits
-
-
Eric Chiang authored
Fix Google OIDC callback url
-
Phu Kieu authored
-
- 19 Nov, 2016 2 commits
-
-
Eric Chiang authored
*: small README link additions
-
Eric Chiang authored
-
- 18 Nov, 2016 10 commits
-
-
rithu leena john authored
connector/ldap: use gopkg.in/ldap.v2's escape filter
-
Eric Chiang authored
Use the escape filter method provided by the upstream LDAP package instead of rolling our own.
-
rithu leena john authored
server: fix expiry test flake
-
Eric Chiang authored
Allow getAttr to return DN
-
Phu Kieu authored
Specify "DN" as attribute name to return, but will only work if not present in ldap.Entry.Attributes Use when full DN is stored in groupSearch's userAttr
-
Eric Chiang authored
Ensure compared times are within a second of one another instead of rounding, which can flake if the two times are different enough to do round to different values. Tested using the golang.org/x/tools/cmd/stress tool. The following set of commands fail without this patch: $ go get golang.org/x/tools/cmd/stress $ go test -o server.test github.com/coreos/dex/server $ stress ./server.test -test.run=TestOAuth2CodeFlow 219 runs so far, 0 failures 425 runs so far, 0 failures 618 runs so far, 0 failures 802 runs so far, 0 failures ^C Closes #699
-
Eric Chiang authored
Enable groups scope
-
Phu Kieu authored
-
rithu leena john authored
api: add call to list passwords
-
rithu john authored
-
- 17 Nov, 2016 3 commits
-
-
Eric Chiang authored
examples/k8s: update kubernetes examples
-
Eric Chiang authored
-
Eric Chiang authored
*: remove TODO.md file
-