Commits · 468b5e3f0a9f30e3c256368788f9a56208465775 · go / dex

10 May, 2018 1 commit
- fix typo · 468b5e3f
  silenceshell authored May 10, 2018
```
Should `pulic`  be `public`?
```
  468b5e3f
20 Mar, 2018 2 commits
- Merge pull request #1208 from ericchiang/go10 · 0d3edf24
  Eric Chiang authored Mar 20, 2018
```
*: update build to Go 1.10
```
  0d3edf24
- *: update build to Go 1.10 · 26448407
  Eric Chiang authored Mar 20, 2018
  
  26448407
07 Mar, 2018 2 commits
- Merge pull request #1200 from carbin-gun/master · f2eac0e7
  Eric Chiang authored Mar 07, 2018
```
Update check go major version way
```
  f2eac0e7
- Update check go major version way · d92c21b9
  charles.deng authored Mar 07, 2018
```
the previous one just keep one prefix number as the major number, it should be the whole number after the dot.
```
  d92c21b9
01 Mar, 2018 1 commit
- Merge pull request #1198 from srenatus/sr/add-test-case-for-tampered-nameid-field-with-comment · 218d671a
  Eric Chiang authored Mar 01, 2018
```
saml: add tests case covering tampered NameID field (comment)
```
  218d671a
28 Feb, 2018 1 commit

saml: add tests case covering tampered NameID field (comment) · 608260d0

Stephan Renatus authored Feb 28, 2018

As sketched here:

https://developer.okta.com/blog/2018/02/27/a-breakdown-of-the-new-saml-authentication-bypass-vulnerability

Thought it was interesting to see how our SAML connector behaved. And
it seems to be behaving well. :)
Signed-off-by: Stephan Renatus <srenatus@chef.io>

608260d0

27 Feb, 2018 1 commit
- Merge pull request #1195 from Skn0tt/patch-1 · 39a66d14
  Eric Chiang authored Feb 27, 2018
```
Add missing word
```
  39a66d14
24 Feb, 2018 1 commit
- Add missing word · 822a10ce
  Simon Knott authored Feb 24, 2018
  
  822a10ce
03 Feb, 2018 2 commits
- Merge pull request #1176 from vyshane/master · 01d63b08
  Eric Chiang authored Feb 03, 2018
```
New id_provider scope that adds the connector ID and user ID to the ID token claims
```
  01d63b08
- Add new federated:id scope that causes Dex to add a federated_claims claim… · b03c85e5
  Vy-Shane Xie authored Jan 23, 2018
```
Add new federated:id scope that causes Dex to add a federated_claims claim containing the connector_id and user_id to the ID token
```
  b03c85e5
01 Feb, 2018 2 commits
- Merge pull request #1144 from srenatus/sr/support-direct-post-without-get-first · ce686390
  Eric Chiang authored Feb 01, 2018
```
handlers/connector_login: update AuthRequest irregardless of method
```
  ce686390
- Merge pull request #1171 from pmcgrath/1170-fix-typos · c0bcc819
  Eric Chiang authored Feb 01, 2018
```
1170 - Fix comment typos
```
  c0bcc819
14 Jan, 2018 1 commit
- 1170 - Fix comment typos · 4aec353a
  pmcgrath authored Jan 14, 2018
```
  BsaeDN should be BaseDN
```
  4aec353a
08 Jan, 2018 1 commit
- Merge pull request #1166 from ericchiang/coc · 1dbecefa
  Eric Chiang authored Jan 08, 2018
```
automated PR: update CoC and legalese
```
  1dbecefa
05 Jan, 2018 2 commits
- Merge pull request #1168 from ericchiang/connector-docs · f83c86ce
  Eric Chiang authored Jan 05, 2018
```
README: expand connector docs and assign each a level of support
```
  f83c86ce
- README: expand connector docs and assign each a level of support · ea2c63d7
  Eric Chiang authored Jan 04, 2018
  
  ea2c63d7
04 Jan, 2018 3 commits
- Merge pull request #1167 from ericchiang/restructure-connector-docs · 2851b3c7
  Eric Chiang authored Jan 04, 2018
```
Documentation: restructure connector docs to a single folder
```
  2851b3c7
- Documentation: restructure connector docs to a single folder · 460f4832
  Eric Chiang authored Jan 04, 2018
  
  460f4832
- update CoC and legalese · 2215158b
  Eric Chiang authored Jan 04, 2018
  
  2215158b
21 Dec, 2017 5 commits
- Merge pull request #1155 from brancz/prometheus · 6ef8cd51
  Eric Chiang authored Dec 21, 2017
```
Add Prometheus metrics
```
  6ef8cd51
- vendor: Add metrics packages · 0930b09e
  Frederic Branczyk authored Dec 21, 2017
  
  0930b09e
- *: Add go runtime, process, HTTP and gRPC metrics · 5f03479d
  Frederic Branczyk authored Dec 20, 2017
  
  5f03479d
- Merge pull request #1157 from ericchiang/conn-oidc-doc-groups · 053c476c
  Eric Chiang authored Dec 21, 2017
```
document limitations in the OpenID Connect connector
```
  053c476c
- document limitations in the OpenID Connect connector · 0811d1a0
  Eric Chiang authored Dec 21, 2017
  
  0811d1a0
19 Dec, 2017 2 commits
- Merge pull request #1152 from diegs/bom · b5baf6b1
  Eric Chiang authored Dec 19, 2017
```
license: add bill of materials.
```
  b5baf6b1
- license: add bill of materials. · 6d4fef4b
  Diego Pontoriero authored Dec 19, 2017
  
  6d4fef4b
17 Dec, 2017 2 commits
- Merge pull request #1151 from topos-ai/email-address · 9d4b1041
  Eric Chiang authored Dec 17, 2017
```
Clarify email scope description
```
  9d4b1041
- email scope only allows access to a user's email address · da45adcb
  Eric Buth authored Dec 17, 2017
  
  da45adcb
11 Dec, 2017 1 commit
- handlers/connector_login: check before update (optimization) · f013a445
  Stephan Renatus authored Dec 11, 2017
```
Signed-off-by: Stephan Renatus <srenatus@chef.io>
```
  f013a445
08 Dec, 2017 3 commits

Merge pull request #1135 from mpashka/master · ec5e2cc3
Eric Chiang authored Dec 08, 2017
```
Update slapd.sh
```
ec5e2cc3
Add note for OpenLDAP installation · 5ef1312b
Pavel Moukhataev authored Nov 27, 2017

5ef1312b

handlers/connector_login: update AuthRequest irregardless of method · f18d7afc

Stephan Renatus authored Dec 08, 2017

Before, you could not POST your credentials to a password-connector's
endpoint without GETing that endpoint first. While this makes sense for
browser clients; automated interactions with Dex don't need to look at
the password form to fill it in.

A symptom of that missing GET was that the POST succeeded (!) with

    login successful: connector "", username="admin", email="admin@example.com", groups=[]

Note the connector "". A subsequent call to finalizeLogin would then
fail with

    connector with ID "" not found: failed to get connector object from storage: not found

Now, the connector ID of an auth request will be updated for both GETs
and POSTs.
Signed-off-by: Stephan Renatus <srenatus@chef.io>

f18d7afc

05 Dec, 2017 2 commits
- Merge pull request #1143 from wkalt/fix-verifier-creation-typo · 5172a461
  Eric Chiang authored Dec 05, 2017
```
Correct "Verifier" method name in using-dex doc
```
  5172a461
- Correct "Verifier" method name in using-dex doc · e7d57bb3
  Wyatt Alt authored Dec 05, 2017
```
Change provider.NewVerifier to provider.Verifier per the godocs:
https://godoc.org/github.com/coreos/go-oidc#Provider.Verifier
```
  e7d57bb3
04 Dec, 2017 1 commit
- Merge pull request #1142 from zlabjp/status-code · 18da6288
  Eric Chiang authored Dec 04, 2017
```
Bugfix: Set a proper status code before sending an error status page
```
  18da6288
01 Dec, 2017 4 commits
- Merge pull request #1140 from ericchiang/fix-proto-build · 32257bcf
  rithu leena john authored Dec 01, 2017
```
*: fix proto build
```
  32257bcf
- *: regenerate proto · c5de6fa7
  Eric Chiang authored Dec 01, 2017
  
  c5de6fa7
- *: revendor · ab102b81
  Eric Chiang authored Dec 01, 2017
  
  ab102b81
- *: pin protoc-gen-go dependencies · 35063da4
  Eric Chiang authored Dec 01, 2017
  
  35063da4