mirror
/
dex
mirror of https://github.com/dexidp/dex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2992 Commits
34 Branches
98 Tags
73 MiB
 
 
 
 
 
 
Tag: v2.41.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'v2.41.1'
${ noResults }
dex/examples/grpc-client
Björn Busse 4a0218e87c
grpc-client: Do not crash on empty response (#2584) 		4 years ago
..
.gitignore examples: adding a gRPC client example. 9 years ago
README.md chore: rename the docs directory 5 years ago
cert-destroy examples: adding a gRPC client example. 9 years ago
cert-gen examples: adding a gRPC client example. 9 years ago
client.go grpc-client: Do not crash on empty response (#2584) 4 years ago
config.yaml examples/grpc-client: clean up the example and add tlsClientCA to ConfigMap. 9 years ago
openssl.conf examples: adding a gRPC client example. 9 years ago

README.md

Running a Dex gRPC client

Using gRPC, a client application can directly call methods on a server application as if it was a local object. The schema for Dex's gRPC API calls is defined in api/api.proto. client.go is an example client program that makes a bunch of API calls to the dex server. For further details on the Dex API refer the [documentation][https://dexidp.io/docs/api/].

Generating Credentials

Before running the client or the server, TLS credentials have to be setup for secure communication. Run the cred-gen script to create TLS credentials for running this example. This script generates a ca.crt, server.crt, server.key, client.crt, and client.key.

# Used to set certificate subject alt names.
export SAN=IP.1:127.0.0.1

# Run the script
./examples/grpc-client/cert-gen

To verify that the server and client certificates were signed by the CA, run the following commands:

openssl verify -CAfile ca.crt server.crt
openssl verify -CAfile ca.crt client.crt

Running the Dex server

To expose the gRPC service, the gRPC option must be enabled via the dex config file as shown below.

# Enables the gRPC API.
grpc:
  addr: 127.0.0.1:5557
  tlsCert: server.crt
  tlsKey: server.key

Start an instance of the dex server with an in-memory data store:

./bin/dex serve examples/grpc-client/config.yaml

Running the Dex client

Finally run the Dex client providing the CA certificate, client certificate and client key as arguments.

./bin/grpc-client -ca-crt=ca.crt -client-crt=client.crt -client-key=client.key

Running the gRPC client will cause the following API calls to be made to the server

  1. CreatePassword
  2. ListPasswords
  3. VerifyPassword
  4. DeletePassword

Cleaning up

Run the following command to destroy all the credentials files that were created by the cert-gen script:

./examples/grpc-client/cert-destroy