Tree: debcb5c8f9

artifact-workflow

fix-google-admin-regression

helm

master

v1

v2.0.x

v2.1.x

v2.10.x

v2.13.x

v2.16.x

v2.2.x

v2.28.x

v2.3.x

v2.30.x

v2.31.x

v2.32.x

v2.33.x

v2.34.x

v2.35.x

v2.36.x

v2.37.x

v2.38.x

v2.39.x

v2.4.x

v2.40.x

v2.41.x

v2.42.x

v2.43.x

v2.45.x

v2.5.x

v2.6.x

v2.7.x

v2.8.x

v2.9.x

api/v2.0.0

api/v2.1.0

api/v2.2.0

api/v2.3.0

api/v2.4.0

v0.1.0

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.3.0

v0.4.0

v0.5.0

v0.5.1

v0.6.0

v0.6.1

v2.0.0

v2.0.0-alpha.1

v2.0.0-alpha.2

v2.0.0-alpha.3

v2.0.0-alpha.4

v2.0.0-alpha.5

v2.0.0-beta.1

v2.0.0-beta.2

v2.0.0-beta.3

v2.0.1

v2.0.2

v2.1.0

v2.10.0

v2.11.0

v2.12.0

v2.13.0

v2.14.0

v2.15.0

v2.16.0

v2.17.0

v2.18.0

v2.19.0

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.20.0

v2.21.0

v2.22.0

v2.23.0

v2.24.0

v2.25.0

v2.26.0

v2.27.0

v2.28.0

v2.28.1

v2.29.0

v2.3.0

v2.3.1

v2.30.0

v2.30.1

v2.30.2

v2.30.3

v2.31.0

v2.31.1

v2.31.2

v2.32.0

v2.32.1

v2.33.0

v2.33.1

v2.34.0

v2.35.0

v2.35.1

v2.35.2

v2.35.3

v2.36.0

v2.37.0

v2.38.0

v2.39.0

v2.39.1

v2.4.0

v2.4.1

v2.40.0

v2.41.0

v2.41.1

v2.42.0

v2.42.1

v2.43.0

v2.43.1

v2.44.0

v2.45.0

v2.45.1

v2.5.0

v2.6.0

v2.6.1

v2.7.0

v2.7.1

v2.8.0

v2.8.1

v2.9.0

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'debcb5c8f9'

${ noResults }

Commit Graph

23 Commits (debcb5c8f9112fd524995013ed04770009e6d245)

Author	SHA1	Message	Date
Ivan Zvyagintsev	debcb5c8f9	fix: hide internal server error details from users ... Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
Doug Goldstein	d6237a8a6e	fix: device code should not require scope ... As per RFC8628 section 3.1, https://datatracker.ietf.org/doc/html/rfc8628#section-3.1 the scope is optional. Since dex always requires at least 'openid', default the value to comply with the RFC. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>	9 months ago
Doug Goldstein	fbcc76f779	fix: device code pending HTTP response ... As per RFC8628 section 3.5, https://datatracker.ietf.org/doc/html/rfc8628#section-3.5 the authorization_pending response should extend RFC6749 section 5.2, https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 which specifies that the HTTP response code should be 400, Bad Request. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>	9 months ago
Bob Maertz	ad31b5d6f7	Passing context storage (#3941) ... Signed-off-by: Bob Maertz <1771054+bobmaertz@users.noreply.github.com>	1 year ago
Maksim Nabokikh	225660785c	Enrich Dex logs with real IP and request ID (#3661) ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>	2 years ago
Sean Liao	0b6a78397e	use slog for structured logging (#3502) ... Signed-off-by: Sean Liao <sean+git@liao.dev>	2 years ago
Ferenc Fabian	2377b0a0cd	Add context to storage's Create endpoints (#2935) ... * Initial commit Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Finish the syntex fixes Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Add fixes after running the tests Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Change background context to request context Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> --------- Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>	2 years ago
Bob Callaway	83e2df821e	add PKCE support to device code flow (#2575) ... Signed-off-by: Bob Callaway <bobcallaway@users.noreply.github.com>	4 years ago
Shivansh Vij	cbf158bcc0	Fixes https://github.com/dexidp/dex/issues/2537 ... Signed-off-by: Shivansh Vij <shivanshvij@outlook.com>	4 years ago
m.nabokikh	3d5a3befb4	fix: prevent cross-site scripting for the device flow ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	4 years ago
m.nabokikh	dea1d3383c	Deprecation warning log message ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
m.nabokikh	3bd0e91a68	Make /device/token deprecation warning more concise ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
m.nabokikh	9ed5cc00cf	Add deprecation warning for /device/token endpoint ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
m.nabokikh	1211a86d58	fix: use /token endpoint to get tokens with device flow ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
m.nabokikh	a7978890c7	Add Cache-control headers to token responses ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
m.nabokikh	b2e9f67edc	Enable unparam, prealloc, sqlclosecheck linters ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
m.nabokikh	1d83e4749d	Add gocritic ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	5 years ago
justin-slowik	9a7926c19b	Cleaned up Device Flow test log levels ... Signed-off-by: justin-slowik <justin.slowik@thermofisher.com> Remove extraneous "=" from conformance.go Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Additional test for TestHandleDeviceCode Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>	6 years ago
justin-slowik	9882ea453f	better support for /device/callback redirect uris with public clients. ... Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>	6 years ago
Justin Slowik	9c699b1028	Server integration test for Device Flow (#3) ... Extracted test cases from OAuth2Code flow tests to reuse in device flow deviceHandler unit tests to test specific device endpoints Include client secret as an optional parameter for standards compliance Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>	6 years ago
Justin Slowik	9bbdc721d5	Device flow token code exchange (#2) ... * Added /device/token handler with associated business logic and storage tests. Perform user code exchange, flag the device code as complete. Moved device handler code into its own file for cleanliness. Cleanup * Removed PKCE code * Rate limiting for /device/token endpoint based on ietf standards * Configurable Device expiry Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>	6 years ago