mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
Eric Chiang	afe2e47e3d	Merge pull request #834 from pgburt/paulb-prod-users-integrations Added produciton-users and integrations pages	9 years ago
Paul Burt	a660e7cd7a	Added produciton-users and integrations pages	9 years ago
Eric Chiang	3e5480a859	Merge pull request #829 from ericchiang/fix-keys-expiry server: fix expiry detection for verification keys	9 years ago
Eric Chiang	920f6fb5cd	Merge pull request #825 from ericchiang/http2 storage/kubernetes: enable HTTP/2 support	9 years ago
Eric Chiang	2c4752d5d4	server: fix expiry detection for verification keys	9 years ago
rithu leena john	3797a71ec9	Merge pull request #812 from rithujohn191/example-client examples: adding a gRPC client example.	9 years ago
Eric Chiang	38c77e0f33	storage/kubernetes: enable HTTP/2 support	9 years ago
rithu john	fa2f76bcdb	examples: adding a gRPC client example.	9 years ago
rithu leena john	bb896a8222	Merge pull request #823 from ericchiang/tpr-already-exists storage/kubernetes: fix conflict error detection in TRP creation	9 years ago
Eric Chiang	a7b8e52b92	storage/kubernetes: fix conflict error detection in TRP creation PR #815 fixed the Kubernetes storage implementation by correctly returning storage.ErrAlreadyExists on POST conflicts. This caused a regression in TPR creation (#822) when some, but not all, of the resources already existed. E.g. for users upgrading from old versions of dex. Fixes #822	9 years ago
rithu leena john	8e562dac2d	Merge pull request #819 from SEJeff/patch-1 [storage.md] Fix the ThirdPartyResource syntax	9 years ago
Jeff Schroeder	58d80547ef	[storage.md] Fix the ThirdPartyResource syntax This makes manually creating the `o-auth2-client.oidc.coreos.com` actually work.	9 years ago
Eric Chiang	cd93930934	Merge pull request #817 from ericchiang/fix-hash-bug storage/kubernetes: fix hash initialization bug	9 years ago
Eric Chiang	1da2ae279c	storage/kubernetes: fix hash initialization bug	9 years ago
Eric Chiang	25b902b0c2	Merge pull request #815 from ericchiang/fix-k8s-storage storage/kubernetes: fix kubernetes storage conformance test failures	9 years ago
Eric Chiang	4be029c6c1	storage/kubernetes: fix kubernetes storage conformance test failures	9 years ago
Eric Chiang	58eb25aa60	Merge pull request #813 from SEJeff/patch-1 [Makefile] Allow specifying VERSION as an env var	9 years ago
Jeff Schroeder	4630f69f17	[Makefile] Allow specifying VERSION as an env var This makes specifying the VERSION when building native operating system packages require less hacks. Refs: #811	9 years ago
Eric Chiang	af0d9cebd1	Merge pull request #810 from caarlos0/patch-1 simplified clone: using go get	9 years ago
Carlos Alexandro Becker	f57e19e6ab	simplified clone: using go get	9 years ago
rithu leena john	c76832eaea	Merge pull request #809 from rithujohn191/set-error-flag storage: Surface "already exists" errors.	9 years ago
rithu john	3df1db1864	storage: Surface "already exists" errors.	9 years ago
rithu leena john	90c80e700a	Merge pull request #807 from rithujohn191/fix-typo web/static/main.css: fix typo.	9 years ago
rithu john	0ee40865a2	web/static/main.css: fix typo.	9 years ago
rithu leena john	7e9dc836eb	Merge pull request #802 from rithujohn191/token-revocation api: adding a gRPC call for revoking refresh tokens.	9 years ago
rithu john	1ec19d4fbf	api: adding a gRPC call for revoking refresh tokens.	9 years ago
rithu leena john	b119ffddcb	Merge pull request #801 from rithujohn191/token-revocation api: adding a gRPC call for listing refresh tokens.	9 years ago
rithu john	d201e49248	api: adding a gRPC call for listing refresh tokens.	9 years ago
rithu leena john	53e383670a	Merge pull request #793 from rithujohn191/token-revocation storage: Add OfflineSession object to backend storage.	9 years ago
rithu john	d928ac0677	storage: Add OfflineSession object to backend storage.	9 years ago
rithu leena john	49f446c1a7	Merge pull request #800 from ericchiang/server-test-comments server: clean up test comments and code flow	9 years ago
Eric Chiang	80038847de	server: clean up test comments and code flow	9 years ago
Eric Chiang	dd415f5e2f	Merge pull request #799 from ericchiang/thirdpartyresources Documentation: warn admins not to edit dex ThirdPartyResources manually	9 years ago
rithu leena john	167d7be281	Merge pull request #790 from givia/github-teams-pagination Fixes #706	9 years ago
Eric Chiang	adf3703962	Documentation: warn admins not to edit dex ThirdPartyResources manually	9 years ago
Eric Chiang	7f860e09b5	Merge pull request #796 from ericchiang/html-template {web,server}: use html/template and reduce use of auth request ID	9 years ago
Eric Chiang	72a431dd4b	{web,server}: use html/template and reduce use of auth request ID Switch from using "text/template" to "html/template", which provides basic XSS preventions. We haven't identified any particular place where unsanitized user data is rendered to the frontend. This is just a preventative step. At the same time, make more templates take pure URL instead of forming an URL themselves using an "authReqID" argument. This will help us stop using the auth req ID in certain places, preventing garbage collection from killing login flows that wait too long at the login screen. Also increase the login session window (time between initial redirect and the user logging in) from 30 minutes to 24 hours, and display a more helpful error message when the session expires. How to test: 1. Spin up dex and example with examples/config-dev.yaml. 2. Login through both the password prompt and the direct redirect. 3. Edit examples/config-dev.yaml removing the "connectors" section. 4. Ensure you can still login with a password. (email/password is "admin@example.com" and "password")	9 years ago
rithu leena john	12f969364e	Merge pull request #794 from rithujohn191/saml-doc Documentation: Minor changes to SAML connector doc.	9 years ago
rithu john	fecd596ae2	Documentation: Minor changes to SAML connector doc.	9 years ago
rithu leena john	42d0728048	Merge pull request #785 from holgerkoser/master Improve SAML Signature and Response Validation	9 years ago
rithu leena john	27224cdc98	Merge pull request #788 from givia/gitlab-connector connector: add GitLab connecor	9 years ago
Ali Javadi	e623ad4d35	connector: add GitLab connector	9 years ago
Eric Chiang	0dcf1bcf79	Merge pull request #792 from ericchiang/auth-endpoint-post server: support POSTing to authorization endpoint	9 years ago
Eric Chiang	8541184afb	server: support POSTing to authorization endpoint Fixes #791	9 years ago
rithu leena john	36883d0bbf	Merge pull request #789 from rithujohn191/token-revocation-proposal Documentation/proposals: Add a proposal for refresh token revocation.	9 years ago
rithu john	d114b8ffc7	Documentation/proposals: Add a proposal for refresh token revocation.	9 years ago
Ali Javadi	98bfa4fbb1	Fixes #706	9 years ago
Holger Koser	27a1e9f1bd	vendor: revendor	9 years ago
Holger Koser	e46f2ebe40	Improve SAML Signature and Response Validation * Improve Order of Namespace Declarations and Attributes in Canonical XML. This is related to an issue in goxmldsig for which I created an [pull request](https://github.com/russellhaering/goxmldsig/pull/17). * Do not compress the AuthnRequest if `HTTP-POST` binding is used. * SAML Response is valid if the Message and/or the Assertion is signed. * Add `AssertionConsumerServiceURL` to `AuthnRequest` * Validate Status on the Response * Validate Conditions on the Assertion * Validation SubjectConfirmation on the Subject	9 years ago
rithu leena john	48fcf66a35	Merge pull request #783 from rithujohn191/config-validation cmd/dex: make connector name field mandatory in dex configuration.	9 years ago

1 2 3 4 5 ...

420 Commits (afe2e47e3d196a20720e4bce50b58f4c06e99dfd) All Branches Search

420 Commits (afe2e47e3d196a20720e4bce50b58f4c06e99dfd)

All Branches