aeff8dfb5a
Merge pull request #3090 from dexidp/dependabot/github_actions/aquasecurity/trivy-action-0.12.0
...
build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0
3 years ago
3b8e972eb8
build(deps): bump alpine from 3.18.3 to 3.18.4
...
Bumps alpine from 3.18.3 to 3.18.4.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
cf93875fb4
build(deps): bump github/codeql-action from 2.21.4 to 2.21.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.4 to 2.21.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a09933a12a...ddccb87388
3 years ago
130a06346a
build(deps): bump google.golang.org/api from 0.138.0 to 0.143.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.138.0 to 0.143.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.138.0...v0.143.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
72723fbe1a
build(deps): bump actions/checkout from 3.5.3 to 4.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...8ade135a41
3 years ago
2516d6bf7f
build(deps): bump docker/setup-buildx-action from 2.9.1 to 3.0.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.9.1 to 3.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4c0219f9ac...f95db51fdd
3 years ago
fc8004cecc
build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b7f8abb15...a8a3f3ad30
3 years ago
bbdff7072b
build(deps): bump aquasecurity/trivy-action from 0.11.2 to 0.12.0
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.11.2 to 0.12.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](41f05d9ecf...fbd16365eb
3 years ago
7f0056cf13
Fix lint issue
...
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
b1f4bd0195
Address issues raised in review:
...
- Add missing json tag.
- Control delimiter cleaning with a configuration key.
- Use better variable names
- concatenate string using slice and join
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
70d7a2c7c1
Merge pull request #3069 from dexidp/dependabot/docker/alpine-3.18.3
...
build(deps): bump alpine from 3.18.2 to 3.18.3
3 years ago
c2747bdaf4
Merge pull request #3071 from dexidp/dependabot/github_actions/actions/setup-go-4.1.0
...
build(deps): bump actions/setup-go from 4.0.1 to 4.1.0
3 years ago
948439c1bc
Merge pull request #3076 from dexidp/dependabot/github_actions/github/codeql-action-2.21.4
...
build(deps): bump github/codeql-action from 2.21.2 to 2.21.4
3 years ago
baea62ca97
Merge pull request #3078 from dexidp/dependabot/github_actions/actions/dependency-review-action-3.0.8
...
build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8
3 years ago
c4a29a62da
Merge pull request #3079 from dexidp/dependabot/go_modules/google.golang.org/api-0.138.0
...
build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0
3 years ago
2f63b094d7
build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.134.0 to 0.138.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.134.0...v0.138.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
1a78743d21
build(deps): bump actions/dependency-review-action from 3.0.6 to 3.0.8
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.6 to 3.0.8.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](1360a344cc...f6fff72a32
3 years ago
48e2d4e22c
build(deps): bump github/codeql-action from 2.21.2 to 2.21.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.2 to 2.21.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0ba4244466...a09933a12a
3 years ago
96d6e0a402
build(deps): bump actions/setup-go from 4.0.1 to 4.1.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11
3 years ago
fbbac8cc1f
build(deps): bump alpine from 3.18.2 to 3.18.3
...
Bumps alpine from 3.18.2 to 3.18.3.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
a52848418a
Rename configuration option to include a reference to groups
...
and structure for future claim modification additions
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
088c380dc2
Merge branch 'dexidp:master' into master
3 years ago
316296b0d3
Document each test case
...
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
6d143f16c1
Composite claims in OIDC connector ( #3 )
...
* Add the ability to composite new claims in the OIDC connector, based on upstream claims
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
139845c0a5
fix: linting with gofmt
...
Signed-off-by: Cedric-Magnan <cedric.magnan@artefact.com>
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
a72413dd47
Update server.go
...
Signed-off-by: Cedric-Magnan <cedric.magnan@artefact.com>
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
6c00fe0580
Update oauth2.go
...
Signed-off-by: Cedric-Magnan <cedric.magnan@artefact.com>
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
7b29cfaeb1
build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 ( #3041 )
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](https://github.com/helm/kind-action/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: helm/kind-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
91cd939287
build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 ( #3035 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.10.0 to 0.11.0.
- [Commits](https://github.com/golang/crypto/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>
3 years ago
a9d1fd31c3
Merge pull request #3060 from dexidp/dependabot/go_modules/golang.org/x/net-0.13.0
...
build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0
3 years ago
9a23dce727
build(deps): bump golang.org/x/net from 0.12.0 to 0.13.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/net/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
b78bf1ff6d
build(deps): bump google.golang.org/grpc in /api/v2 ( #3053 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.55.0 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.55.0...v1.57.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
90afec1b37
build(deps): bump google.golang.org/protobuf in /api/v2 ( #3021 )
...
Bumps google.golang.org/protobuf from 1.30.0 to 1.31.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
9890559a3b
build(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 ( #3055 )
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.56.1 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.1...v1.57.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
affd4d4e49
verify access tokens by checking getuserinfo during a token exchange ( #3031 )
...
The provider.Verifier.Verify endpoint we were using only works with ID
tokens. This isn't an issue with systems which use ID tokens as access
tokens (e.g. dex), but for systems with opaque access tokens (e.g.
Google / GCP), those access tokens could not be verified.
Instead, check the access token against the getUserInfo endpoint.
Signed-off-by: Sean Liao <sean+git@liao.dev>
Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>
3 years ago
f2358ef26d
build(deps): bump github/codeql-action from 2.20.1 to 2.21.2 ( #3057 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6e388ebf0...0ba4244466
3 years ago
664c3b7421
build(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 ( #3043 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.8.0 to 2.9.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](16c0bc4a6e...4c0219f9ac
3 years ago
0a21c575ba
build(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 ( #3054 )
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.130.0 to 0.134.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.130.0...v0.134.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
295b0acd61
Merge pull request #2521 from Cedric-Magnan/master
...
feat: Update response_types_supported to allow multiple-valued response type combinations
3 years ago
bfa6d61214
build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 ( #3041 )
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](https://github.com/helm/kind-action/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: helm/kind-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
769a26eb47
build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 ( #3035 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.10.0 to 0.11.0.
- [Commits](https://github.com/golang/crypto/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
ea26e6592e
build(deps): bump google.golang.org/api from 0.129.0 to 0.130.0 ( #3034 )
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.129.0 to 0.130.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.129.0...v0.130.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
e768dc5b27
build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 ( #3036 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.11.0 to 0.12.0.
- [Commits](https://github.com/golang/net/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
895b166681
Implement GetClient gRPC endpoint ( #2972 )
...
Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
3 years ago
8ac8dca9f4
include granttypes in example config ( #3027 )
...
Signed-off-by: Sean Liao <sean+git@liao.dev>
3 years ago
dcf7b18510
OAuth 2.0 Token Exchange ( #2806 )
...
Signed-off-by: Sean Liao <sean+git@liao.dev>
Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>
3 years ago
08bb7fb98b
build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 ( #3023 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](ecf95283f0...16c0bc4a6e
3 years ago
b01283e98b
build(deps): bump google.golang.org/api from 0.127.0 to 0.129.0 ( #3022 )
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.127.0 to 0.129.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.127.0...v0.129.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
76d5274933
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 ( #3019 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
3 years ago
a1f14da3c5
build(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 ( #3014 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.2 to 0.14.3.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](4d571ad103...78fc58e266
3 years ago
Márk Sági-Kazár
dependabot[bot]
Oded Ben-Ozer
Oded Ben Ozer
Cedric-Magnan
Cedric-Magnan
Sean Liao
Marco Franssen