mirror/dex - dex - xhrpb gitea

Commit Graph

Author	SHA1	Message	Date
mountcount	c6fa45568b	chore: fix function names in comment (#3464 ) Signed-off-by: mountcount <cuimoman@outlook.com>	2 years ago
Abhisek Datta	677ab36020	feat: Add support for configurable prompt type for Google connector (#3475 ) Signed-off-by: abhisek <abhisek.datta@gmail.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	2 years ago
Maksim Nabokikh	3705207f01	Do not escape password for LDAP connectors (#3470 ) With the change introduced in https://github.com/dexidp/dex/pull/3372 Dex declines passwords that contain special characters. Since password is not passed to any kind of filters, it is safe to pass a password as is. No LDAP query injections are possible. This commit is a revert of password escaping. Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	2 years ago
Maksim Nabokikh	e5dce3d3b7	OIDC connector: Allow specifying empty prompt type (#3373 ) Enhanced the OIDC connector to allow specifying an empty promptType parameter. Previously, the default behavior always appended 'consent' if promptType was not specified. This adjustment was necessary due to variations in default behaviors across certain Identity Providers (IDPs). Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>	2 years ago
hsinhoyeh	77333d619c	fix: add sanitizer to ldap account and password (#3372 ) Signed-off-by: hsinhoyeh <yhh92u@gmail.com>	2 years ago
Maksim Nabokikh	60ddd188c0	Update go-jose to v4.0.1 (#3409 ) Signed-off-by: Matthias Loibl <mail@matthiasloibl.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Matthias Loibl <mail@matthiasloibl.com>	2 years ago
Chris	79d5874b35	fix(tokenExchange): use correct token type for userInfo requests (#3336 ) Signed-off-by: Chris H <33393789+MrDeerly@users.noreply.github.com>	2 years ago
Patrick Pacher	8e07edc188	Also set the username in authproxy connector (#3307 ) Signed-off-by: Patrick Pacher <patrick.pacher@gmail.com>	2 years ago
Maksim Nabokikh	665a5b627c	Override OIDC provider discovered claims (#3267 ) Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	2 years ago
Matt Pryor	366e53c1b6	Add support for extra claims to authproxy connector (#2851 ) Signed-off-by: Matt Pryor <matt@stackhpc.com>	2 years ago
Oded Ben-Ozer	a6a72453b5	fix some small formatting issue Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben-Ozer	115425960c	Address issues raised in review: Improve naming Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben Ozer	033717a07e	Apply suggestions from code review Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com> Signed-off-by: Oded Ben Ozer <oded.benozer@gmail.com>	3 years ago
Márk Sági-Kazár	b772ed55ba	feat(connector/microsoft): support custom api and graph URLs (#3084 ) Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	3 years ago
Pradeep Mudlapur	415ddaa3da	Minimalistic support for group filtering in oidc connector (#3074 ) Signed-off-by: Pradeep Mudlapur <pradeep@juliacomputing.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>	3 years ago
Oded Ben-Ozer	6875b64caf	Address issues raised in review: - Rename some vars - Cleanup some comments - Tiny refactor to improve readability Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben-Ozer	7f0056cf13	Fix lint issue Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben-Ozer	b1f4bd0195	Address issues raised in review: - Add missing json tag. - Control delimiter cleaning with a configuration key. - Use better variable names - concatenate string using slice and join Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben-Ozer	a52848418a	Rename configuration option to include a reference to groups and structure for future claim modification additions Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben-Ozer	316296b0d3	Document each test case Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Oded Ben Ozer	6d143f16c1	Composite claims in OIDC connector (#3 ) * Add the ability to composite new claims in the OIDC connector, based on upstream claims Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Sean Liao	affd4d4e49	verify access tokens by checking getuserinfo during a token exchange (#3031 ) The provider.Verifier.Verify endpoint we were using only works with ID tokens. This isn't an issue with systems which use ID tokens as access tokens (e.g. dex), but for systems with opaque access tokens (e.g. Google / GCP), those access tokens could not be verified. Instead, check the access token against the getUserInfo endpoint. Signed-off-by: Sean Liao <sean+git@liao.dev> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	3 years ago
Sean Liao	dcf7b18510	OAuth 2.0 Token Exchange (#2806 ) Signed-off-by: Sean Liao <sean+git@liao.dev> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	3 years ago
MichaelKo	6cd5c8b867	#2895 : Add Support for Multiple Admin Emails to Retrieve Group Lists (#2911 ) Signed-off-by: Viacheslav Sychov <viacheslav.sychov@gmail.com>	3 years ago
Maksim Nabokikh	bc8c2276e3	Fail if OIDC config contains hosted domains (#2937 ) Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	3 years ago
Josh Soref	d8a9756df7	spelling: verified Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	3 years ago
Josh Soref	ad1fc3b7c1	spelling: upon Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	3 years ago
Josh Soref	acc568be4b	spelling: running Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	3 years ago
Josh Soref	8fdc29da34	spelling: missing Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	3 years ago
Josh Soref	b0803fbc77	spelling: gitlab Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	3 years ago
m.nabokikh	7208e28192	Fix openshift context and add a comment Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	3 years ago
m.nabokikh	96637cf0f7	feat: Bump dependencies and Makefile refactoring Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	3 years ago
m.nabokikh	777e162c0c	feat: LDAP case-insensitive DN attribute Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	3 years ago
Maksim Nabokikh	2ea1a80c86	fix: propagate http client to userInfo requests for OIDC connector (#2781 ) Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	3 years ago
Daniel Lipovetsky	07d7913049	chore: Upgrade golangci-lint to v1.50.1 from v1.46.0 (#2790 )	3 years ago
Matt H	c167276b07	Move unique functionality into getGroups to reduce calls to google (#2628 ) Signed-off-by: Matt Hoey <matt.hoey@missionlane.com>	3 years ago
Nobuo Takizawa	c91b87faf1	Add preferredEmailDomain config option for GitHub connector (#2740 ) Signed-off-by: nobuyo <longzechangsheng@gmail.com> Signed-off-by: Nobuo Takizawa <nobuyo@users.noreply.github.com> Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>	3 years ago
Rui Yang	54345b6331	TLS configure for OIDC connector (#1632 ) Signed-off-by: Rui Yang <ruiya@vmware.com>	3 years ago
Mark Sagi-Kazar	cadce3cc35	fix(connector/google): only initialize admin service if necessary Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	4 years ago
Mark Sagi-Kazar	9bcce63352	fix(connector/google): make admin email optional for default creds Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	4 years ago
Mark Sagi-Kazar	6a59f08e4e	Revert "fix: check for no serviceAccountFilePath and no email (#2679 )" This reverts commit `49477729ce`. Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	4 years ago
Bob Callaway	49477729ce	fix: check for no serviceAccountFilePath and no email (#2679 ) Signed-off-by: Bob Callaway <bcallaway@google.com>	4 years ago
Erwin van Eyk	d96f384f2a	Reduce HTTP client creations in the Keystone connector (#2659 ) Signed-off-by: erwinvaneyk <erwinvaneyk@gmail.com>	4 years ago
Hoang Quoc Trung	a1a3ed5b25	Implement Application Default Credentials for the google connector (#2530 ) Signed-off-by: Trung <trung.hoang@pricehubble.com>	4 years ago
Marcelo Clavel	29b3523e07	feat(connector/authproxy): support multiple groups (#2643 ) Signed-off-by: Marcelo Clavel <mclavel00@gmail.com>	4 years ago
Joost Buskermolen	72dd3c60c0	fix: Fallback when group claim is a string instead of an array of strings (#2639 ) Signed-off-by: Joost Buskermolen <joost@buskervezel.nl> Co-authored-by: Michiel van Pouderoijen <michiel@pouderoijen.nl>	4 years ago
Bob Callaway	e1a407830d	add config to explicitly set scopes for microsoft connector (#2582 ) Signed-off-by: Bob Callaway <bcallaway@google.com>	4 years ago
Joe Knight	27c25d00be	Add domainHint parameter to Microsoft Connector (#2586 ) Signed-off-by: Joe Knight <josephtknight@users.noreply.github.com>	4 years ago
dhaus67	100246328b	Use GitLab's refresh_token during Refresh. (#2352 ) Signed-off-by: Daniel Haus <dhaus@redhat.com>	4 years ago
Mark Sagi-Kazar	a02f2e8fac	chore: fix lint violations Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	4 years ago

1 2 3 4 5 ...

354 Commits (fca857122310cbcd027e5cee8e2f4207ecbecd2e)