Added "connector_id" to skip straight to a connector (similar to when len(connector) is 1.

Add VerifyPassword to API

It takes in an email and plain text password to verify. If it fails to find a password stored for email, it returns not_found. If it finds the password hash stored but that hash doesn't match the password passed via the API, it returns verified = false, else it returns verified = true.
Co-authored-by: Alban Seurat <alban.seurat@me.com>

connectors: refactor filter code into a helper package

Signed-off-by: Stephan Renatus <srenatus@chef.io>

I hope I didn't miss any :D
Signed-off-by: Stephan Renatus <srenatus@chef.io>

MAINTAINERS: remove ericchiang@

I haven't had time to contribute to dex recently and it's been over a
year since I've worked on Kubernetes. Going to make this official and
remove myself from the MAINTAINERS list. I'll still be around if you
need to know why any of the code is so crazy :)

Add UserInfo endpoint

We have a story around user info now

Co-authored-by: Yuxing Li <360983+jackielii@users.noreply.github.com>
Co-authored-by: Francisco Santiago <1737357+fjbsantiago@users.noreply.github.com>

make userName configurable

Update LinkedIn connector to use v2 APIs

This updates LinkedIn connector to use the more recent v2 APIs. Necessary because v1 APIs are not able to retrieve email ids any more with the default permissions.

The API URLs are now different. Fetching the email address is now a separate call, made after fetching the profile details. The r_basicprofile permission is not needed any more, and r_liteprofile (which seems to be the one assigned by default) is sufficient.

The relevant API specifications are at:

    https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
    https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/primary-contact-api
    https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq#how-do-i-retrieve-the-members-email-address

This updates LinkedIn connector to use the more recent v2 APIs. Necessary because v1 APIs are not able to retrieve email ids any more with the default permissions.

The API URLs are now different. Fetching the email address is now a separate call, made after fetching the profile details. The `r_basicprofile` permission is not needed any more, and `r_liteprofile` (which seems to be the one assigned by default) is sufficient.

The relevant API specifications are at:
- https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/profile-api
- https://docs.microsoft.com/en-us/linkedin/shared/integrations/people/primary-contact-api
- https://docs.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq#how-do-i-retrieve-the-members-email-address

connectors/oidc: truely ignore "email_verified" claim if configured that way

Fixes #1455, I hope.
Signed-off-by: Stephan Renatus <srenatus@chef.io>

travis: replace golang 1.10 and 1.11 with 1.12

This is because I suspect the gofmt rules change between these versions to
make half the travis CI tests fail sometimes?
Signed-off-by: Stephan Renatus <srenatus@chef.io>

oidc: Make userID configurable

Add option in oidc to hit the optional userinfo endpoint

Some oauth providers return "thin tokens" which won't include all of the
claims requested. This simply adds an option which will make the oidc
connector use the userinfo endpoint to fetch all the claims.

server: add metrics for CORS handlers.

fix typo

Round out logging interface with functions for all levels

docs: update bitbucket permission requirements

Print appropriate error

gitlab: support for group whitelist, add tests