- 04 Dec, 2017 1 commit
-
-
Eric Chiang authored
Bugfix: Set a proper status code before sending an error status page
-
- 01 Dec, 2017 5 commits
-
-
rithu leena john authored
*: fix proto build
-
Eric Chiang authored
-
Eric Chiang authored
-
Eric Chiang authored
-
Kazumasa Kohtaka authored
-
- 28 Nov, 2017 3 commits
-
-
Eric Chiang authored
Implement Microsoft (Azure AD) connector
-
Eric Chiang authored
Specify Java package for dex Protobuf API
-
Vy-Shane Xie authored
-
- 23 Nov, 2017 2 commits
-
-
Pavel Borzenkov authored
Microsoft connector now provides support for 'groups' claim in case 'tenant' is configured in Dex config for the connector. It's possible to deny user authentication if the user is not a member of at least one configured groups. Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
-
Pavel Borzenkov authored
connector/microsoft implements authorization strategy via Microsoft's OAuth2 endpoint + Graph API. It allows to choose what kind of tenants are allowed to authenticate in Dex via Microsoft: * common - both personal and business/school accounts * organizations - only business/school accounts * consumers - only personal accounts * <tenant uuid> - only account of specific tenant Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
-
- 13 Nov, 2017 3 commits
-
-
Eric Chiang authored
show "back" link for password connectors
-
rithu leena john authored
README.md: remove milestones link
-
Stephan Renatus authored
This way, the user who has selected, say, "Log in with Email" can make up their mind, and select a different connector instead. However, if there's only one connector set up, none of this makes sense -- and the link will thus not be displayed. Signed-off-by: Stephan Renatus <srenatus@chef.io>
-
- 10 Nov, 2017 2 commits
-
-
Eric Chiang authored
-
Eric Chiang authored
password connectors: make prompt configurable
-
- 09 Nov, 2017 1 commit
-
-
Stephan Renatus authored
This allows users of the LDAP connector to give users of Dex' login prompt an idea of what they should enter for a username. Before, irregardless of how the LDAP connector was set up, the prompt was Username [_________________] Password [_________________] Now, this is configurable, and can be used to say "MyCorp SSO Login" if that's what it is. If it's not configured, it will default to "Username". For the passwordDB connector (local users), it is set to "Email Address", since this is what it uses. Signed-off-by: Stephan Renatus <srenatus@chef.io>
-
- 08 Nov, 2017 4 commits
-
-
Eric Chiang authored
*: update maintainers
-
Eric Chiang authored
-
Eric Chiang authored
*: Go 1.7 no longer supported and updated build image to 1.9
-
Eric Chiang authored
-
- 06 Nov, 2017 4 commits
-
-
Eric Chiang authored
Add etcd backed storage
-
Daniel Dao authored
This explicitly adds struct tags for etcd storage instead of implicitly depends on yaml/json config serialization.
-
Daniel Dao authored
This adds references to etcd storage, including: - only supports etcd v3 - list of options and their meanings when connecting to etcd cluster
-
Daniel Dao authored
This patch uses docker to run an etcd container in travis CI so we can run storage/etcd conformance tests.
-
- 03 Nov, 2017 1 commit
-
-
Eric Chiang authored
Add tectonic-ldap matching rule to ldap icon.
-
- 02 Nov, 2017 1 commit
-
-
Geoff Greer authored
Add tectonic-ldap matching rule to ldap icon. Fixes an issue where the ldap icon was missing in the tectonic console.
-
- 31 Oct, 2017 4 commits
-
-
rithu leena john authored
*: run kubernetes tests in travis
-
Eric Chiang authored
-
Daniel Dao authored
This change vendors github.com/coreos/etcd related packages to support etcd storage implementation.
-
Daniel Dao authored
This patch adds etcd storage implementation. This should be useful in environments where - we dont want to depends on a separate, hard to maintain SQL cluster - we dont want to incur the overhead of talking to kubernetes apiservers - kubernetes is not available yet, or if kubernetes depends on dex to perform authentication and the operator would like to remove any circular dependency if possible.
-
- 30 Oct, 2017 1 commit
-
-
rithu leena john authored
connector/oidc: remove test that talks to the internet
-
- 27 Oct, 2017 6 commits
-
-
Eric Chiang authored
-
Eric Chiang authored
connector: implement LinkedIn connector
-
Daniel Dao authored
The previous test doesnt actually testing ListConnectors code. For example the following pseudocode will pass the test: ``` ListConnectors() { return nil, nil } ``` Instead change to actually fetch and compare list of connectors, ordering by name
-
Pavel Borzenkov authored
Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
-
Pavel Borzenkov authored
Do Refresh() by querying user's profile data. Since LinkedIn doesn't provide refresh tokens at all, and the access tokens have 60 days expiration, refresh tokens issued by Dex will fail to update after 60 days. Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
-
Pavel Borzenkov authored
connector/linkedin implements authorization strategy via LinkedIn's OAuth2 endpoint + profile API. It doesn't implement RefreshConnector as LinkedIn doesn't provide any refresh token at all (https://developer.linkedin.com/docs/oauth2, Step 5 — Refresh your Access Tokens) and recommends ordinary AuthCode exchange flow when token refresh is required. Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
-
- 26 Oct, 2017 2 commits
-
-
Eric Chiang authored
authproxy.md: strip X-Remote-User
-
rithu leena john authored
authproxy: update docs and set a userID
-