Otherwise, if worker starts without connectors, and then connectors are
added workers have to be restarted to pick up the changes.

Get the K8s files up to date with more docs

Documentation: no need to create a new Google project

A new API key can be generated in an existing Google project

Fixes #123

Signed-off-by: Chris Swan <@cpswan>

Also, move most flags to environment variables.

Remove unnecessary else statements

Whenever it makes the code easier to follow, use early return to
avoid else statements.

README.md: "Similar Software", "who should use"

Documentation: remove outdated TLS info

Update README.md

cmd,server,static/html: Configurable name, logo

fixes #47

refresh: bcrypt raw bytes rather than base64 encoded string.

This enables us to control the length of the bytes that will be bcrypted,
by default it's 64.

Also changed the token's stored form from string('text') to []byte('bytea')
and added some test cases for different types of invalid tokens.

cmd/dex-overlord: was using the wrong err

return refresh token only when scope contains 'offline_access'

Require 'openid' in scope for all requests.
Require 'offline_access' for returning refresh token.

cmd/dex-overlord: bind admin API on 127.0.0.1

Instead of 0.0.0.0; this is safer, since the admin API is very powerful.

fixes #97

Documentation: mv security_guide.md tls-setup.md

dex-worker: add TLS support.

Also add example tls-setup configs that can be used to generate
TLS CA, server certs, key files using 'cfssl'.

Add two new flags '--cert-file' and '--key-file'.
If scheme == 'https', then we will use the two new flags to get
the cert/key pair for TLS connection.

Also add '--ca-file' to the example app to allow TLS connection to the
dex-worker using a specified ca file.

examples/static: various changes to fix examples

OIDC Compliance Notes

server: make reset password pass tests

Handler wants a password value even when its blank