mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
Vishwa Kumar patha	2396c96214	fix(github): prevent redundant team fetches across multiple orgs Fetch user teams once instead of per-org to prevent OAuth timeout. Current implementation calls teamsForOrg() inside the org loop, fetching ALL user teams repeatedly for each configured org. This causes redundant API calls and OAuth code expiration for users in many teams. Example: 10 orgs, user in 150 teams - Before: 10 × 5 pages = 50 API calls, 50s - After: 1 × 5 pages = 5 API calls, 5s Changed to call userOrgTeams() once before the loop, then use cached results. The function already returns teams organized by org, making this a simple and obvious optimization.	3 weeks ago
Giovanni Vella	25591eeaf4	Add support to PKCE in OIDC connector (#3777 ) Signed-off-by: johnvan7 <giovanni.vella98@gmail.com> Signed-off-by: Giovanni Vella <giovanni.vella98@gmail.com>	1 month ago
Mathew Wicks	fb20f3fa32	fix: always retrieve github emails when `preferredEmailDomain` is set (#3584 ) Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>	2 years ago
Sean Liao	0b6a78397e	use slog for structured logging (#3502 ) Signed-off-by: Sean Liao <sean+git@liao.dev>	2 years ago
Nobuo Takizawa	c91b87faf1	Add preferredEmailDomain config option for GitHub connector (#2740 ) Signed-off-by: nobuyo <longzechangsheng@gmail.com> Signed-off-by: Nobuo Takizawa <nobuyo@users.noreply.github.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	3 years ago
Rui Yang	54345b6331	TLS configure for OIDC connector (#1632 ) Signed-off-by: Rui Yang <ruiya@vmware.com>	3 years ago
Eng Zer Jun	f0186ff265	refactor: move from io/ioutil to io and os package The io/ioutil package has been deprecated as of Go 1.16, see https://golang.org/doc/go1.16#ioutil. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	5 years ago
Mark Sagi-Kazar	349832b380	Run fixer Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	5 years ago
m.nabokikh	1d83e4749d	Add gocritic Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	6 years ago
poh chiat	d87cf1c924	create github oauthconfig with redirecturl (#1700 )	6 years ago
Mark Sagi-Kazar	f141f2133b	Fix whitespace	6 years ago
Mark Sagi-Kazar	367b187cf4	Fix missspell	6 years ago
Nandor Kracser	c1b421fa04	add preffered_username to idToken Signed-off-by: Nandor Kracser <bonifaido@gmail.com>	7 years ago
Stephan Renatus	d9487e553b	*: fix some lint issues Mostly gathered these using golangci-lint's deadcode and ineffassign linters. Signed-off-by: Stephan Renatus <srenatus@chef.io>	7 years ago
Nandor Kracser	ff34e570b4	connector/gitlab: implement useLoginAsID as in GitHub connector	7 years ago
Stephan Renatus	51f50fcad8	connectors: refactor filter code into a helper package I hope I didn't miss any :D Signed-off-by: Stephan Renatus <srenatus@chef.io>	7 years ago
Mark Sagi-Kazar	be581fa7ff	Add logger interface and stop relying on Logrus directly	7 years ago
James Nord	fe247b106b	remove blank line that tripped up `make verify-proto`	7 years ago
James Nord	9840fccdbb	rename useLoginAsId -> useLoginAsID	7 years ago
James Nord	03ffd0798c	Allow an option to use the github user handle rather than an id. For downstream apps using a github handle is much simpler than working with numbers. WHilst the number is stable and the handle is not - GitHUb does give you a big scary wanring if you try and change it that bad things may happen to you, and generally few users ever change it. This can be enabled with a configuration option `useLoginAsId`	7 years ago
Josh Winters	bb11a1ebee	github: add 'both' team name field option this will result in both the team name and the team slug being returned for each team, allowing a bit more flexibility in auth validation. Signed-off-by: Topher Bullock <tbullock@pivotal.io> Signed-off-by: Alex Suraci <suraci.alex@gmail.com>	7 years ago
Alexander Matyushentsev	7bd084bc07	Issue #1102 - Add config to explicitly enable loading all github groups	7 years ago
Alexander Matyushentsev	20bc6cd353	Full list of groups should include group names as well as group_name:team_name	7 years ago
Alexander Matyushentsev	ce3cd53a11	Bug fix: take into account 'teamNameField' settings while fetching all user groups	7 years ago
Alexander Matyushentsev	e876353128	Rename variables to stop shadowing package name	7 years ago
Alexander Matyushentsev	a9f71e378f	Update getPagination method comment	7 years ago
Alexander Matyushentsev	e10b8232d1	Apply reviewer notes: style changes, make sure unit test verifies pagination	7 years ago
Alexander Matyushentsev	51d9b3d3ca	Issue #1184 - Github connector now returns a full group list when no org is specified	7 years ago
Taras Burko	bf39130bab	Configurable team name field for GitHub connector	8 years ago
Stephan Renatus	b9f6594bf0	*: github.com/coreos/dex -> github.com/dexidp/dex Signed-off-by: Stephan Renatus <srenatus@chef.io>	8 years ago
silenceshell	468b5e3f0a	fix typo Should `pulic` be `public`?	8 years ago
Michael Stapelberg	a41d93db4a	Implement the “authproxy” connector (for Apache2 mod_auth etc.)	9 years ago
Eric Chiang	980400db0b	Makefile: error out if go files aren't correctly formatted Noticed in #1058 that our gofmt make target isn't actually erroring if someone commits misformatted code.	9 years ago
Eric Stroczynski	ce9ac761a6	connector/github: abstract scope check and group getter	9 years ago
Chien Huey	99370b5880	Updated comment to include reference to GitHub Enterprise not supporting verified emails	9 years ago
Eric Stroczynski	e92f38f38f	connector/github: error if no groups scope without orgs We should always check if a user is in any orgs or teams specified in config, and whether the groups scope is also included in client requests. If not, return an error, because dex wouldn't have required permissions to do the request anyway (need read:org).	9 years ago
Chien Huey	98f6a217d3	When connecting to GitHub Enterprise, force email verified field to true	9 years ago
Eric Stroczynski	5894d017d5	connector/github: debug->info logging, more informative userInOrg msg	9 years ago
Eric Stroczynski	484327fd5f	connector/github: only user users' login name in API reqs	9 years ago
Eric Stroczynski	26527011ab	connector/github: enable private, primary emails; refactor API calls Documentation: removed private emails caveats section	9 years ago
Eric Stroczynski	9d154802a2	connector/github: multiple orgs, query by teams Documentation: examples of GitHub `orgs` field with multiple orgs and org with teams; note legacy behavior	9 years ago
Eric Stroczynski	4a88d0641a	: update {S->s}irupsen/logrus	9 years ago
rithu john	682d78f527	connector: improve error message for callback URL mismatch	9 years ago
rithu john	76b9eb1db9	connector/github: add support for github enterprise.	9 years ago
Eric Chiang	777eeafabc	*: update go-oidc and use standard library's context package	9 years ago
Ali Javadi	98bfa4fbb1	Fixes #706	9 years ago
rithu john	2e22a948cf	cmd/dex: add logging config and serve logger for different modules.	9 years ago
Eric Chiang	952e0f81f5	connector: add RefreshConnector interface	9 years ago
Eric Chiang	aa7f304bc1	: switch to github.com/ghodss/yaml for more consistent YAML parsing ghodss/yaml converts from YAML to JSON before attempting to unmarshal. This allows us to: Get the correct behavor when decoding base64'd []byte slices. * Use json.RawMessage. Not have to support extravagant YAML features. * Let our structs use `json:` tags	10 years ago
Eric Chiang	a3235d022a	*: verify "state" field before passing request to callback connectors Let the server handle the state token instead of the connector. As a result it can throw out bad requests earlier. It can also use that token to determine which connector was used to generate the request allowing all connectors to share the same callback URL. Callbacks now all look like: https://dex.example.com/callback Instead of: https://dex.example.com/callback/(connector id) Even when multiple connectors are being used.	10 years ago

1 2

57 Commits (e5fa997c5cfaa90db4b48b123f83685540c932be)