Tag: v2.45.1

artifact-workflow

fix-google-admin-regression

helm

master

v1

v2.0.x

v2.1.x

v2.10.x

v2.13.x

v2.16.x

v2.2.x

v2.28.x

v2.3.x

v2.30.x

v2.31.x

v2.32.x

v2.33.x

v2.34.x

v2.35.x

v2.36.x

v2.37.x

v2.38.x

v2.39.x

v2.4.x

v2.40.x

v2.41.x

v2.42.x

v2.43.x

v2.45.x

v2.5.x

v2.6.x

v2.7.x

v2.8.x

v2.9.x

api/v2.0.0

api/v2.1.0

api/v2.2.0

api/v2.3.0

api/v2.4.0

v0.1.0

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.3.0

v0.4.0

v0.5.0

v0.5.1

v0.6.0

v0.6.1

v2.0.0

v2.0.0-alpha.1

v2.0.0-alpha.2

v2.0.0-alpha.3

v2.0.0-alpha.4

v2.0.0-alpha.5

v2.0.0-beta.1

v2.0.0-beta.2

v2.0.0-beta.3

v2.0.1

v2.0.2

v2.1.0

v2.10.0

v2.11.0

v2.12.0

v2.13.0

v2.14.0

v2.15.0

v2.16.0

v2.17.0

v2.18.0

v2.19.0

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.20.0

v2.21.0

v2.22.0

v2.23.0

v2.24.0

v2.25.0

v2.26.0

v2.27.0

v2.28.0

v2.28.1

v2.29.0

v2.3.0

v2.3.1

v2.30.0

v2.30.1

v2.30.2

v2.30.3

v2.31.0

v2.31.1

v2.31.2

v2.32.0

v2.32.1

v2.33.0

v2.33.1

v2.34.0

v2.35.0

v2.35.1

v2.35.2

v2.35.3

v2.36.0

v2.37.0

v2.38.0

v2.39.0

v2.39.1

v2.4.0

v2.4.1

v2.40.0

v2.41.0

v2.41.1

v2.42.0

v2.42.1

v2.43.0

v2.43.1

v2.44.0

v2.45.0

v2.45.1

v2.5.0

v2.6.0

v2.6.1

v2.7.0

v2.7.1

v2.8.0

v2.8.1

v2.9.0

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'v2.45.1'

${ noResults }

Commit Graph

400 Commits (v2.45.1)

Author	SHA1	Message	Date
Aljoscha Bollmann	83697b06a6	fix(server): respond with forbidden if failed to authenticate (#4200) ... Signed-off-by: Aljoscha Bollmann <aljoscha.bollmann@proton.me>	3 weeks ago
Giovanni Vella	25591eeaf4	Add support to PKCE in OIDC connector (#3777) ... Signed-off-by: johnvan7 <giovanni.vella98@gmail.com> Signed-off-by: Giovanni Vella <giovanni.vella98@gmail.com>	3 weeks ago
Maksim Nabokikh	29c7b6f4e3	feat: validate redirect URIs and safely append parameters (#4559) ... Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	4 weeks ago
Maksim Nabokikh	785033767c	feat: refactor signer configuration with local and vault options (#4532) ... Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	4 weeks ago
Ivan Zviagintsev	9e377718dc	feat: add name and emailVerified fields for static passwords (#4526) ... Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	1 month ago
Maksim Nabokikh	2f6a185711	test: Add conformance tests for Vault signer integration (#4520) ... Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Alwx <alwxsin@gmail.com>	1 month ago
Maksim Nabokikh	56958b1ad2	feat: Add Vault signer for JWT (#4512) ... Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com>	1 month ago
Mark Sagi-Kazar	bce74e7171	fix: failing go-oidc test after 3.15 ... Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	2 months ago
Ivan Zvyagintsev	b0a6ee9045	fix: hide internal server error details from users ... Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
Ivan Zvyagintsev	debcb5c8f9	fix: hide internal server error details from users ... Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
Ivan Zviagintsev	d1b2722e39	feat: support groups and preferred_username for staticPasswords (#4456) ... Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>	2 months ago
Doug Goldstein	dcbb7bbe58	fix: device callback URL needs to handle a / (#4448) ... If the issuer path ends with a / the URL will be built wrong so we should instead use the helper function to ensure the path is built correctly. fixes #4242. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>	2 months ago
Mark Sagi-Kazar	e230d9426d	test: use new Go features in tests ... Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	7 months ago
Wenxuan Zhao	be868b9f7c	fix: join issuer URL with discovery path without extra slash after issuer URL ... Signed-off-by: Wenxuan Zhao <viz@linux.com>	7 months ago
Julius Foitzik	e7ea9d769c	fix: fork was outdated for some reason ... Signed-off-by: Julius Foitzik <info@accountr.eu>	8 months ago
Julius Foitzik	9791d86e9a	chore: add minor comment ... Signed-off-by: Julius Foitzik <info@accountr.eu>	8 months ago
Julius Foitzik	e7b151c386	feat: grpc api list clients ... refers to https://github.com/dexidp/dex/issues/3496 Signed-off-by: Julius Foitzik <info@accountr.eu>	8 months ago
Doug Goldstein	d6237a8a6e	fix: device code should not require scope ... As per RFC8628 section 3.1, https://datatracker.ietf.org/doc/html/rfc8628#section-3.1 the scope is optional. Since dex always requires at least 'openid', default the value to comply with the RFC. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>	9 months ago
Doug Goldstein	fbcc76f779	fix: device code pending HTTP response ... As per RFC8628 section 3.5, https://datatracker.ietf.org/doc/html/rfc8628#section-3.5 the authorization_pending response should extend RFC6749 section 5.2, https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 which specifies that the HTTP response code should be 400, Bad Request. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>	9 months ago
Manoj Vivek	87ec9e077e	Allow server startup with partial connector failures (#4159) ... Signed-off-by: Manoj Vivek <p.manoj.vivek@gmail.com>	9 months ago
Oleksandr Redko	9891daa585	refactor: simplify tests by using slog.DiscardHandler (#4058) ... Signed-off-by: Oleksandr Redko <oleksandr.red+github@gmail.com>	12 months ago
Massimiliano Filacchioni	6e0cbdf972	Generate access tokens for implicit & hybrid flows only when needed (#3857) ... Avoid access token generation when response_type is either "id_token" (for implicit flow) or "code id_token" (for hybrid flow). Signed-off-by: Massimiliano Filacchioni <m.filacchioni@gmail.com>	1 year ago
Mark Sagi-Kazar	76de7b3920	build: update Go to 1.24 ... Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	1 year ago
Bob Maertz	ad31b5d6f7	Passing context storage (#3941) ... Signed-off-by: Bob Maertz <1771054+bobmaertz@users.noreply.github.com>	1 year ago
Mark Sagi-Kazar	c7fd9620aa	chore: fix linter config and violations ... Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	1 year ago
Nicholas Wiersma	d521051e33	feat: set resource revision for connectors (#3868) ... Signed-off-by: Nicholas Wiersma <nick@wiersma.co.za>	1 year ago
Maksim Nabokikh	bb985ca0ea	Create offline sessions if approval is skipped (#3828) ... Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	1 year ago
Maksim Nabokikh	4bb97c73a9	Handle root path better (than nothing) (#3747) ... Signed-off-by: maksim.nabokikh <max.nabokih@gmail,com> Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>	1 year ago
Daniël Sonck	e7c0682e45	feat: also allow localhost equivalent IP addresses (#3778) ... Instead of only checking for "localhost", also validate through net.ParseIP + IsLoopback whether the host is numerically localhost Signed-off-by: Daniel Sonck <daniel@sonck.nl>	1 year ago
IvoGoman	1a16aa4889	feat(metrics): add response_size, request_duration histograms (#3748) ... replaces felixge/httpsnoop with prometheus/client_golang instrumentation adds histograms for response_size_bytes & request_duration_seconds Signed-off-by: Ivo Gosemann <ivo.gosemann@sap.com>	2 years ago
Koen de Laat	d0f1777c41	Added Discovery to grpc (#3598) ... Signed-off-by: Koen de Laat <koen.de.laat@philips.com>	2 years ago
Maksim Nabokikh	81af48862b	Remove additional features and add a feature flag instead (#3663) ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	2 years ago
Maksim Nabokikh	225660785c	Enrich Dex logs with real IP and request ID (#3661) ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com> Co-authored-by: Márk Sági-Kazár <sagikazarmark@users.noreply.github.com>	2 years ago
Giovanni Campeol	b07e1bc9f1	gRPC Connectors API (#3245) ... Signed-off-by: Giovanni Campeol <giovanni.campeol.95@gmail.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Maksim Nabokikh <maksim.nabokikh@flant.com>	2 years ago
Sean Liao	0b6a78397e	use slog for structured logging (#3502) ... Signed-off-by: Sean Liao <sean+git@liao.dev>	2 years ago
Maksim Nabokikh	caae8a8f82	Bump google.golang.org/grpc to v1.64.0 (#3553) ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	2 years ago
Romain Caire	86e92aaf1a	fix: wrong error code returned in case of inactive token (#3441) ... Signed-off-by: Romain Caire <super.cairos@gmail.com>	2 years ago
Romain Caire	8755308759	[RFC7662] Add introspect endpoint to introspect access & refresh token (#3404) ... Signed-off-by: Romain Caire <super.cairos@gmail.com>	2 years ago
Maksim Nabokikh	088339fc28	Add headers control to dex web server (#3339) ... Customization of headers in the authentication server is crucial for enforcing stringent security measures by allowing the inclusion of specific headers required for authentication protocols and compliance standards. This customization ensures that authentication requests are processed securely, mitigating potential vulnerabilities and ensuring adherence to security policies. Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	2 years ago
Maksim Nabokikh	60ddd188c0	Update go-jose to v4.0.1 (#3409) ... Signed-off-by: Matthias Loibl <mail@matthiasloibl.com> Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com> Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com> Co-authored-by: Matthias Loibl <mail@matthiasloibl.com>	2 years ago
Mark Sagi-Kazar	70b32eeccc	chore: regenerate proto ... Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>	2 years ago
i-amelia	457e133d39	Log failed login attempt (#2454) ... Signed-off-by: i312042 <viktoria.lyomcheva@sap.com> Co-authored-by: i312042 <viktoria.lyomcheva@sap.com>	2 years ago
MM53	a0cf8b2dc2	fix: Do not evaluate skipApproval on approval page (#3086) ... Signed-off-by: MM53 <28218664+MM53@users.noreply.github.com>	2 years ago
Ferenc Fabian	2377b0a0cd	Add context to storage's Create endpoints (#2935) ... * Initial commit Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Finish the syntex fixes Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Add fixes after running the tests Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> * Change background context to request context Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com> --------- Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>	2 years ago
Maksim Nabokikh	4f307d70c6	Fix lint errors after merging AllowedHeaders feature (#3247) ... Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>	2 years ago
Josiah Evans	dce31d82ea	feat: Add configurable CORS Headers (#3114) ... Signed-off-by: Josiah Evans <josiah.evans@lunit.io>	2 years ago
MM53	efc2fdb102	Store offline sessions only if they were requested by the user (#3125) ... Signed-off-by: MM53 <2821Signed-off-by: MM53 <28218664+MM53@users.noreply.github.com>	2 years ago
Cedric-Magnan	139845c0a5	fix: linting with gofmt ... Signed-off-by: Cedric-Magnan <cedric.magnan@artefact.com> Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Cedric-Magnan	a72413dd47	Update server.go ... Signed-off-by: Cedric-Magnan <cedric.magnan@artefact.com> Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago
Cedric-Magnan	6c00fe0580	Update oauth2.go ... Signed-off-by: Cedric-Magnan <cedric.magnan@artefact.com> Signed-off-by: Oded Ben-Ozer <obenozer@wayfair.com>	3 years ago