mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
Moto Ishizawa	dc979c1d6d	server: use time.Time instead of int64 for token expiration time	10 years ago
Moto Ishizawa	25e4228e35	server: add expires_in field to the response of token endpoint	10 years ago
Rubén Soleto Buenvarón	c91b37aa9e	refresh token rotation Update refresh token flow to revoke old refresh token and generates a new one. Fixes #519	10 years ago
Wyatt Anderson	26508c6bab	server: when registering a user, set display name When automatically registering a user from an IP that provides a `DisplayName`, set it on the created user so that JWT we create contain a meaningful `name` field.	10 years ago
Eric Chiang	b02a3a3163	*: add "groups" scope	10 years ago
Eric Chiang	35cab93c0a	*: add --enable-automatic-registration flag to worker For remote connectors, allow users to skip registration.	10 years ago
Bobby Rullo	75473b4cba	refresh tokens: grant claims based on scopes Before, this logic was only in the OIDCServer.CodeToken() method; now it has been pulled out so that other paths, like OIDCServer.RefreshToken() can use it. The net affect, is that now refresh tokens can be used to get cross-client authenticated ID Tokens.	10 years ago
Bobby Rullo	32a1994a5e	refresh tokens: store and validate scopes. A refresh request must fail if it asks for scopes that were not originally granted when the refresh token was obtained. This Commit: * changes repo to store scopes with tokens * changes repo interface signatures so that scopes can be stored and verified * updates dependent code to pass along scopes	10 years ago
Bobby Rullo	e71c5086ba	server: CodeToken now does Cross-Client auth	10 years ago
Bobby Rullo	ad1d5ab253	server: remove boilerplate setup code Use the test fixture setup stuff in testutil instead.	10 years ago
Evan Cordell	a418e1c4e7	client: add client manager adds a client manager to handle business logic, leaving the repo for basic crud operations. Also adds client to the test script	10 years ago
Bobby Rullo	e5948ab3ce	*: ClientIdentityXXX -> ClientXXX Get rid of all outdated "ClientIdentity" terminology.	10 years ago
Bobby Rullo	95757e8779	*: Client Repo now deals with custom Client object This is instead of oidc.ClientIdentity. This makes it easier to add new fields custom to dex to the client.	10 years ago
Eric Chiang	b572b8dd6c	*: remove in memory client repo The DB implementation expects secrets to be base64 encoded blobs. Because of this a bunch of tests broke moving to sqlite. A lot of this commit is fixing those tests.	10 years ago
Eric Chiang	2726f4dcdf	*: remove in memory user repo	10 years ago
Eric Chiang	95560404a3	*: remove in memory refresh repo	10 years ago
Eric Chiang	7bac93aa20	*: remove in memory session repos Move manager to it's own package so it can import db. Move all references to the in memory session repos to use sqlite3.	10 years ago
Eric Chiang	5e44b6bc27	*: update all to accommodate changes to go-oidc Update dex to comply with the changes to fieldnames and types of the client and provider metadata structs in coreos/go-oidc.	10 years ago
Yifan Gu	7282dd5187	refreshtoken: return base64 encoded token for in-memory backend. Previously if we use the in-memory backend, it will return a raw binary token for refresh token. This fixes the case.	11 years ago
Joe Bowers	60a36e2c2e	server,db: flag for disabling user login	11 years ago
Yifan Gu	44c6cb44f5	refresh: bcrypt raw bytes rather than base64 encoded string. This enables us to control the length of the bytes that will be bcrypted, by default it's 64. Also changed the token's stored form from string('text') to []byte('bytea') and added some test cases for different types of invalid tokens.	11 years ago
Yifan Gu	93a0830ae0	server: check scope in requests. Require 'openid' in scope for all requests. Require 'offline_access' for returning refresh token.	11 years ago
Yifan Gu	066fd859ec	session: add 'scope' field in session.	11 years ago
Bobby Rullo	66fe201c24	*: move original project to dex	11 years ago

24 Commits (v1)