mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
devodev	efcb0d1f4e	google: fix TestGCEWorkloadIdentity fail on windows with existing creds The google oauth2 package uses different heuristics to try and find credentials. To avoid detecting user credentials, we already cover comon locaction for unix-based systems such as HOME. On the other hand, on windows it is possible tok find existing credentials under $APPDATA, therefore to mitigate, set the env var to /tmp like we do for HOME. Signed-off-by: Alexandre Barone <abalexandrebarone@gmail.com>	2 months ago
devodev	233fd4547d	google: add support for groups access without service account The Google connector has support for retrieving groups the user email is a member of using the Admin SDK API. This API requires using an authenticated client sourced from a service account granted domain-wide delegation. This account would be highly-privileged and give access to all Workspace users, which is less than ideal. This change adds an alternative method to retrieve group membership using the Cloud Identity API. When using the SearchDirectGroups API endpoint, we can provide an access token that has been authorized with the appropriate Cloud Identity API scope and search for transitive membership. In contrast to the existing method where the user is expected to specify the "groups" scope, this one relies on ther user setting one of the required Cloud Identity scope explicitly: - https://www.googleapis.com/auth/cloud-platform - https://www.googleapis.com/auth/cloud-identity.groups - https://www.googleapis.com/auth/cloud-identity.groups.readonly Signed-off-by: Alexandre Barone <abalexandrebarone@gmail.com>	2 months ago
devodev	6c7e26f396	google: make getGroups context-aware Set the upstream context when making API call to the admin service. Signed-off-by: Alexandre Barone <abalexandrebarone@gmail.com>	2 months ago
Márk Sági-Kazár	e6740971b1	Merge pull request #4436 from dexidp/dependabot/go_modules/etcd-4fbb466fd8 build(deps): bump the etcd group with 2 updates	2 months ago
dependabot[bot]	c44f771bf4	build(deps): bump the etcd group with 2 updates Bumps the etcd group with 2 updates: [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) and [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd). Updates `go.etcd.io/etcd/client/pkg/v3` from 3.6.5 to 3.6.6 - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](https://github.com/etcd-io/etcd/compare/v3.6.5...v3.6.6) Updates `go.etcd.io/etcd/client/v3` from 3.6.5 to 3.6.6 - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](https://github.com/etcd-io/etcd/compare/v3.6.5...v3.6.6) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/pkg/v3 dependency-version: 3.6.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: etcd - dependency-name: go.etcd.io/etcd/client/v3 dependency-version: 3.6.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: etcd ... Signed-off-by: dependabot[bot] <support@github.com>	2 months ago
Márk Sági-Kazár	adf3c8272f	Merge pull request #4420 from dexidp/dependabot/go_modules/examples/github.com/coreos/go-oidc/v3-3.17.0 build(deps): bump github.com/coreos/go-oidc/v3 from 3.16.0 to 3.17.0 in /examples	2 months ago
Márk Sági-Kazár	4ffb7a2ac0	Merge pull request #4450 from dexidp/dependabot/go_modules/api/v2/google.golang.org/protobuf-1.36.11 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 in /api/v2	2 months ago
Márk Sági-Kazár	8fc1f971c0	Merge pull request #4441 from dexidp/dependabot/go_modules/github.com/coreos/go-oidc/v3-3.17.0 build(deps): bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.17.0	2 months ago
Mark Sagi-Kazar	bce74e7171	fix: failing go-oidc test after 3.15 Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	2 months ago
dependabot[bot]	4bd5919d91	build(deps): bump google.golang.org/protobuf in /api/v2 Bumps google.golang.org/protobuf from 1.36.10 to 1.36.11. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-version: 1.36.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2 months ago
Márk Sági-Kazár	0257f55940	Merge pull request #4433 from dexidp/dependabot/github_actions/actions/setup-go-6.1.0 build(deps): bump actions/setup-go from 6.0.0 to 6.1.0	2 months ago
Márk Sági-Kazár	4646f9f5ea	Merge pull request #4434 from dexidp/dependabot/github_actions/docker/metadata-action-5.10.0 build(deps): bump docker/metadata-action from 5.9.0 to 5.10.0	2 months ago
Márk Sági-Kazár	a03588ad2d	Merge pull request #4435 from dexidp/dependabot/github_actions/anchore/sbom-action-0.20.11 build(deps): bump anchore/sbom-action from 0.20.9 to 0.20.11	2 months ago
Márk Sági-Kazár	1c0c0b0a7a	Merge pull request #4437 from dexidp/dependabot/github_actions/actions/checkout-6.0.1 build(deps): bump actions/checkout from 5.0.0 to 6.0.1	2 months ago
Márk Sági-Kazár	2b151084c6	Merge pull request #4438 from dexidp/dependabot/go_modules/golang.org/x/net-0.48.0 build(deps): bump golang.org/x/net from 0.47.0 to 0.48.0	2 months ago
Márk Sági-Kazár	3b06f75c06	Merge pull request #4439 from dexidp/dependabot/go_modules/github.com/spf13/cobra-1.10.2 build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2	2 months ago
Márk Sági-Kazár	30d89fdf5b	Merge pull request #4440 from dexidp/dependabot/github_actions/github/codeql-action-4.31.7 build(deps): bump github/codeql-action from 4.31.3 to 4.31.7	2 months ago
Márk Sági-Kazár	e8f5eeb3a0	Merge pull request #4449 from dexidp/dependabot/go_modules/google.golang.org/protobuf-1.36.11 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11	2 months ago
Márk Sági-Kazár	6a6518945b	Merge pull request #4460 from dexidp/dependabot/go_modules/examples/google.golang.org/grpc-1.78.0 build(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0 in /examples	2 months ago
Márk Sági-Kazár	701c83a5aa	Merge pull request #4457 from Jabejixo/fix/hide-internal-500-error-details fix: hide internal server error details from users	2 months ago
Ivan Zvyagintsev	b0a6ee9045	fix: hide internal server error details from users Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
Ivan Zvyagintsev	debcb5c8f9	fix: hide internal server error details from users Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
Ivan Zviagintsev	d1b2722e39	feat: support groups and preferred_username for staticPasswords (#4456 ) Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
dependabot[bot]	2d7ecd30a2	build(deps): bump alpine from 3.23.0 to 3.23.2 (#4455 ) Bumps alpine from 3.23.0 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 months ago
Doug Goldstein	dcbb7bbe58	fix: device callback URL needs to handle a / (#4448 ) If the issuer path ends with a / the URL will be built wrong so we should instead use the helper function to ensure the path is built correctly. fixes #4242. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>	2 months ago
Appu	895a74879b	Update distroless base image to debian13 (#4453 ) Signed-off-by: Appu Goundan <appu@google.com>	2 months ago
dependabot[bot]	2c5f06e9d1	build(deps): bump google.golang.org/grpc in /examples Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.77.0 to 1.78.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.77.0...v1.78.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.78.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	3 months ago
dependabot[bot]	a023784701	build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 Bumps google.golang.org/protobuf from 1.36.10 to 1.36.11. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-version: 1.36.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	3 months ago
dependabot[bot]	8be9fc37ff	build(deps): bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.17.0 Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.14.1 to 3.17.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.14.1...v3.17.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-version: 3.17.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	78363ecb56	build(deps): bump github/codeql-action from 4.31.3 to 4.31.7 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.3 to 4.31.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`014f16e7ab...cf1bb45a27`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	ab8306c071	build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.10.1 to 1.10.2. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	95bf3d0981	build(deps): bump golang.org/x/net from 0.47.0 to 0.48.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.47.0 to 0.48.0. - [Commits](https://github.com/golang/net/compare/v0.47.0...v0.48.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.48.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	71b893e58a	build(deps): bump actions/checkout from 5.0.0 to 6.0.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`08c6903cd8...8e8c483db8`) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	3dea4ba5d9	build(deps): bump anchore/sbom-action from 0.20.9 to 0.20.11 Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.9 to 0.20.11. - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](`8e94d75ddd...43a17d6e7a`) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-version: 0.20.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	4d1d54cbe7	build(deps): bump docker/metadata-action from 5.9.0 to 5.10.0 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.9.0 to 5.10.0. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](`318604b99e...c299e40c65`) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	2da2a227d5	build(deps): bump actions/setup-go from 6.0.0 to 6.1.0 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](`4469467582...4dc6199c7b`) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	c13246cf47	build(deps): bump github.com/coreos/go-oidc/v3 in /examples Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.16.0 to 3.17.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.16.0...v3.17.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-version: 3.17.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
Márk Sági-Kazár	8ab38ebb79	Merge pull request #4426 from dexidp/dependabot/go_modules/examples/github.com/spf13/cobra-1.10.2 build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 in /examples	4 months ago
dependabot[bot]	cfdf8d4b2a	build(deps): bump github.com/spf13/cobra in /examples Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.10.1 to 1.10.2. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
Márk Sági-Kazár	31cfdd764e	Merge pull request #4416 from dexidp/dependabot/go_modules/api/v2/google.golang.org/grpc-1.77.0 build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0 in /api/v2	4 months ago
Márk Sági-Kazár	8b10369fd1	Merge pull request #4417 from dexidp/dependabot/go_modules/examples/google.golang.org/grpc-1.77.0 build(deps): bump google.golang.org/grpc from 1.76.0 to 1.77.0 in /examples	4 months ago
dependabot[bot]	c71068f312	build(deps): bump google.golang.org/grpc in /api/v2 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.76.0 to 1.77.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.76.0...v1.77.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.77.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	c0c440876a	build(deps): bump google.golang.org/grpc in /examples Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.76.0 to 1.77.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.76.0...v1.77.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.77.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
Márk Sági-Kazár	7953b07a6e	Merge pull request #4431 from dexidp/dependabot/go_modules/examples/golang.org/x/oauth2-0.34.0 build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 in /examples	4 months ago
Márk Sági-Kazár	99df0404b0	Merge pull request #4401 from dexidp/dependabot/go_modules/github.com/go-ldap/ldap/v3-3.4.12 build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.11 to 3.4.12	4 months ago
Márk Sági-Kazár	be38c2111c	Merge pull request #4412 from dexidp/dependabot/go_modules/golang.org/x/crypto-0.44.0 build(deps): bump golang.org/x/crypto from 0.43.0 to 0.44.0	4 months ago
Márk Sági-Kazár	93a3732e24	Merge pull request #4409 from dexidp/dependabot/go_modules/golang.org/x/oauth2-0.33.0 build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0	4 months ago
dependabot[bot]	9a93f64685	build(deps): bump golang.org/x/crypto from 0.43.0 to 0.44.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.44.0. - [Commits](https://github.com/golang/crypto/compare/v0.43.0...v0.44.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.44.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
dependabot[bot]	06c5a3dab4	build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.32.0 to 0.33.0. - [Commits](https://github.com/golang/oauth2/compare/v0.32.0...v0.33.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	4 months ago
Márk Sági-Kazár	a6b3152a47	Merge pull request #4413 from dexidp/dependabot/go_modules/google.golang.org/api-0.256.0 build(deps): bump google.golang.org/api from 0.252.0 to 0.256.0	4 months ago

1 2 3 4 5 ...

3623 Commits (efcb0d1f4e0b22b4567eb08a9bcbdb9145ddcd4b) All Branches Search

3623 Commits (efcb0d1f4e0b22b4567eb08a9bcbdb9145ddcd4b)

All Branches