mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
Joe Bowers	85113748a8	server: unify password reset and email verification code and behavior This patch proposes behavioral changes. In particular, referring systems will need to provide client ids under all circumstances.	11 years ago
Yifan Gu	7282dd5187	refreshtoken: return base64 encoded token for in-memory backend. Previously if we use the in-memory backend, it will return a raw binary token for refresh token. This fixes the case.	11 years ago
Gyu-Ho Lee	f06073fbcd	server: use standard lib http.Request.BasicAuth Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth method for http.Request and it was requested by CoreOS(kelsey) [1] with the same functionalities. If dex's Go development is being done in Go 1.4 or later, we should use the standard library. Thanks! --- [1] https://codereview.appspot.com/76540043/	11 years ago
Bobby Rullo	55040c55fa	server, integration, cmd: Protect Admin API Admin API now requires a 128 byte base64 encoded secret to be passed in Authorization header, closing up a potential security hole for those who expose this service.	11 years ago
Bobby Rullo	d3d6a75b91	fixup - Code review changes.	11 years ago
Bobby Rullo	bf9517fdaa	server,cmd: Add flag for disabling registation For situations where admins add users.	11 years ago
Joe Bowers	e5db302312	server: expose user disable API endpoint	11 years ago
Joe Bowers	fbbb3cc2df	server: all authorizations fail for disabled users	11 years ago
Joe Bowers	ffabe03bc0	server: don't allow disabled users to access the api	11 years ago
Joe Bowers	60a36e2c2e	server,db: flag for disabling user login	11 years ago
Joe Bowers	4c9bab0890	server: user management endpoints strictly conform to schema This change disables the URL fixing behavior or the router associated with the user management schema. After this commit, URLS routing to /api/$VERSION/users must target exactly the specified paths. In addition, `/api/$VERSION/users/` will serve a 404 This change allows users to hit the user create endpoint, which would previously serve a redirect rather than actually making the associated change.	11 years ago
Giulio Iotti	472e4a02a4	*: Remove unnecessary else statements Whenever it makes the code easier to follow, use early return to avoid else statements.	11 years ago
Bobby Rullo	f1820cda14	cmd,server,static/html: Configurable name, logo fixes #47	11 years ago
Yifan Gu	44c6cb44f5	refresh: bcrypt raw bytes rather than base64 encoded string. This enables us to control the length of the bytes that will be bcrypted, by default it's 64. Also changed the token's stored form from string('text') to []byte('bytea') and added some test cases for different types of invalid tokens.	11 years ago
Yifan Gu	93a0830ae0	server: check scope in requests. Require 'openid' in scope for all requests. Require 'offline_access' for returning refresh token.	11 years ago
Yifan Gu	066fd859ec	session: add 'scope' field in session.	11 years ago
Bobby Rullo	d0c199b62c	cmd, server: base64 encode multiple secrets Two things here: * key secrets are now base64 encoded strings, so we get the full key space * we can pass >1 of them in so we can rotate them	11 years ago
Bobby Rullo	66fe201c24	*: move original project to dex	11 years ago

21 Commits (9b0dccd9ba4e2c41c8a6c91fc8c8bac5d12e6dc3)