Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/golang/protobuf from 1.3.2 to 1.5.1 #17

Closed
wants to merge 35 commits into from
Closed

build(deps): bump github.com/golang/protobuf from 1.3.2 to 1.5.1 #17

wants to merge 35 commits into from

Commits on Mar 12, 2021

  1. Add new connector for Cloudfoundry 

    - Verifies user is part of orgs and spaces for group claims

Signed-off-by: Joshua Winters <jwinters@pivotal.io>
Co-authored-by: Shash Reddy <sreddy@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    44499bc View commit details
    Browse the repository at this point in the history

  2. update cf connector to use 'authorization_endpoint' from /v2/info 

    Co-authored-by: Topher Bullock <tbullock@pivotal.io>
Signed-off-by: Josh Winters <jwinters@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    bd45301 View commit details
    Browse the repository at this point in the history

  3. Added support for CF resources pagination 

    Signed-off-by: Daniel Lavoie <dlavoie@live.ca>
    @daniellavoie
    daniellavoie authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    b5879aa View commit details
    Browse the repository at this point in the history

  4. cf: add org to groups claims 

    Signed-off-by: Joshua Winters <jwinters@pivotal.io>
Co-authored-by: Rui Yang <ryang@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    b6dd148 View commit details
    Browse the repository at this point in the history

  5. cf: add org guid to groups claims 

    Co-authored-by: Rui Yang <ryang@pivotal.io>
Signed-off-by: Joshua Winters <jwinters@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    7c7f01c View commit details
    Browse the repository at this point in the history

  6. add unit test and api call to audited_spaces and managed_spaces 

    Signed-off-by: Zoe Tian <ztian@pivotal.io>
Co-authored-by: Ciro S. Costa <cscosta@pivotal.io>
Signed-off-by: w3tian <w3tian@uwaterloo.ca>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    87a5838 View commit details
    Browse the repository at this point in the history

  7. append role to space guids 

    Signed-off-by: Rui Yang <ryang@pivotal.io>
Co-authored-by: Joshua Winters <jwinters@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    3dbed76 View commit details
    Browse the repository at this point in the history

  8. add cf org:space:role group claim to token 

    Signed-off-by: Joshua Winters <jwinters@pivotal.io>
Co-authored-by: Rui Yang <ryang@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    21bb128 View commit details
    Browse the repository at this point in the history

  9. fix lint errors 

    gofumpt-ed

Signed-off-by: Rui Yang <ryang@pivotal.io>
    Rui Yang authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    78e936f View commit details
    Browse the repository at this point in the history

  10. run golangcli-lint 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    73af7c0 View commit details
    Browse the repository at this point in the history

  11. use bcrypt when comparing client secrets 

    - this assumes that the client is already bcrytped
when passed to dex. Similar to user passwords.

Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    09330cf View commit details
    Browse the repository at this point in the history

  12. add dex config flag for enabling client secret encryption 

    * if enabled, it will make sure client secret is bcrypted correctly
* if not, it falls back to old behaviour that allowing empty client
secret and comparing plain text, though now it will do
ConstantTimeCompare to avoid a timing attack.

So in either way it should provide more secure of client secret
verification.

Co-authored-by: Alex Surraci <suraci.alex@gmail.com>
Signed-off-by: Rui Yang <ruiya@vmware.com>
    @vito
    2 people authored and CI Bot committed Mar 12, 2021
    Copy the full SHA
    cbe0a17 View commit details
    Browse the repository at this point in the history

Commits on Mar 15, 2021

  1. Add generic oauth connector 

    Co-authored-by: Shash Reddy <sreddy@pivotal.io>
Signed-off-by: Joshua Winters <jwinters@pivotal.io>
    2 people authored and Rui Yang committed Mar 15, 2021
    Copy the full SHA
    2547723 View commit details
    Browse the repository at this point in the history

  2. Make oauth user name and user id configurable 

    Signed-off-by: Josh Winters <jwinters@pivotal.io>
Co-authored-by: Mark Huang <mhuang@pivotal.io>
    @mhuangpivotal
    2 people authored and Rui Yang committed Mar 15, 2021
    Copy the full SHA
    a6be30b View commit details
    Browse the repository at this point in the history

  3. use PreferredUsername 

    Signed-off-by: Rui Yang <ryang@pivotal.io>
    Rui Yang authored and Rui Yang committed Mar 15, 2021
    Copy the full SHA
    d2c3d48 View commit details
    Browse the repository at this point in the history

  4. add docs for oauth connector 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang committed Mar 15, 2021
    Copy the full SHA
    2b5b19c View commit details
    Browse the repository at this point in the history

  5. add configurable preferred_username key 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang committed Mar 15, 2021
    Copy the full SHA
    bee3534 View commit details
    Browse the repository at this point in the history

  6. use testify in oauth tests 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang committed Mar 15, 2021
    Copy the full SHA
    84b6d5f View commit details
    Browse the repository at this point in the history

  7. use claim mappings when retrieving user identity 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang committed Mar 15, 2021
    Copy the full SHA
    889a323 View commit details
    Browse the repository at this point in the history

  8. readme minor fix for oauth connector 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang committed Mar 15, 2021
    Copy the full SHA
    1f329bf View commit details
    Browse the repository at this point in the history

Commits on Mar 16, 2021

  1. move oauth connector doc to dex website repo 

    move default key values configure to connector construct function

Signed-off-by: Rui Yang <ruiya@vmware.com>
    Rui Yang committed Mar 16, 2021
    Copy the full SHA
    ec95501 View commit details
    Browse the repository at this point in the history

  2. Add support for client_credentials grant type 

    Co-authored-by: Rui Yang <ruiya@vmware.com>
Signed-off-by: Josh Winters <jwinters@pivotal.io>
    Josh Winters and Rui Yang committed Mar 16, 2021
    Copy the full SHA
    1eeff38 View commit details
    Browse the repository at this point in the history

  3. Use http.FileSystem for web assets 

    Signed-off-by: Rui Yang <ryang@pivotal.io>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
    Rui Yang and Aidan Oldershaw committed Mar 16, 2021
    Copy the full SHA
    b1718e0 View commit details
    Browse the repository at this point in the history

  4. use web host url for asset hosting 

    Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
    2 people authored and Rui Yang committed Mar 16, 2021
    Copy the full SHA
    adad419 View commit details
    Browse the repository at this point in the history

  5. use pkger for embedding static contents 

    Co-authored-by: Vikram Yadav <vyadav@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
    2 people authored and Rui Yang committed Mar 16, 2021
    Copy the full SHA
    3ef8663 View commit details
    Browse the repository at this point in the history

  6. use go 1.16 new package io/fs 

    Unify the interface for reading web statics. Now it could read an
OS directory or get the content on live

One could use

//go:embed static
var webFiles embed.FS

anywhere and config dex server to take the file system by setting

WebConfig{WebFS: webFiles}

Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
    2 people authored and Rui Yang committed Mar 16, 2021
    Copy the full SHA
    22aaf89 View commit details
    Browse the repository at this point in the history

  7. default to ./web when Dir and WebFS are not set 

    update WebFS doc

Signed-off-by: Rui Yang <ruiya@vmware.com>
Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>
    2 people authored and Rui Yang committed Mar 16, 2021
    Copy the full SHA
    31025ee View commit details
    Browse the repository at this point in the history

  8. allow configuring CAs/skip verify for OIDC 

    Co-authored-by: Rui Yang <ruiya@vmware.com>
Signed-off-by: Alex Suraci <suraci.alex@gmail.com>
    @vito
    2 people authored and Rui Yang committed Mar 16, 2021
    Copy the full SHA
    14970ac View commit details
    Browse the repository at this point in the history

  9. Merge remote-tracking branch 'origin/pr/add-oauth-connector-sync'

    CI Bot committed Mar 16, 2021
    Copy the full SHA
    7daf792 View commit details
    Browse the repository at this point in the history

  10. Merge remote-tracking branch 'origin/pr/bcrypt-for-client-secret-sync'

    CI Bot committed Mar 16, 2021
    Copy the full SHA
    7e43bc2 View commit details
    Browse the repository at this point in the history

  11. Merge remote-tracking branch 'origin/pr/client-credentials-grant-sync'

    CI Bot committed Mar 16, 2021
    Copy the full SHA
    1d6511d View commit details
    Browse the repository at this point in the history

  12. Merge remote-tracking branch 'origin/pr/http-filesystem'

    CI Bot committed Mar 16, 2021
    Copy the full SHA
    c1e6839 View commit details
    Browse the repository at this point in the history

  13. Merge remote-tracking branch 'origin/pr/oidc-CA-configure-sync'

    CI Bot committed Mar 16, 2021
    Copy the full SHA
    69f671f View commit details
    Browse the repository at this point in the history

  14. upstream dex release: v2.28.0 

    The official docker release for this release can be pulled from

```
ghcr.io/dexidp/dex:v2.28.0
```

**Features:**

- Add c_hash to id_token, issued on /auth endpoint, when in hybrid flow (dexidp#1773, @HEllRZA)
- Allow configuration of returned auth proxy header (dexidp#1839, @seuf)
- Allow to disable os.ExpandEnv for storage + connector configs by env variable DEX_EXPAND_ENV = false (dexidp#1902, @heidemn-faro)
- Added the possibility to activate lowercase for UPN-Strings (dexidp#1888, @VF-mbrauer)
- Add "Cache-control: no-store" and "Pragma: no-cache" headers to token responses (dexidp#1948, @nabokihms)
- Add gomplate to the docker image (dexidp#1893, @nabokihms)
- Graceful shutdown (dexidp#1963, @nabokihms)
- Allow public clients created with API to have no client_secret (dexidp#1871, @spohner)

**Bugfixes:**

- Fix the etcd PKCE AuthCode deserialization (dexidp#1908, @bnu0)
- Fix garbage collection logging of device codes and device request (dexidp#1918, @nabokihms)
- Discovery endpoint contains updated claims and auth methods (dexidp#1951, @nabokihms)
- Return invalid_grant error if auth code is invalid or expired (dexidp#1952, @nabokihms)
- Return an error to auth requests with the "request" parameter (dexidp#1956, @nabokihms)

**Minor changes:**

- Change default themes to light/dark (dexidp#1858, @nabokihms)
- Various developer experience improvements
- Dependency upgrades
- Tons of small fixes and changes
    CI Bot committed Mar 16, 2021
    Copy the full SHA
    ef54461 View commit details
    Browse the repository at this point in the history

Commits on Mar 18, 2021

  1. build(deps): bump github.com/golang/protobuf from 1.3.2 to 1.5.1 

    Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.3.2 to 1.5.1.
- [Release notes](https://github.com/golang/protobuf/releases)
- [Commits](golang/protobuf@v1.3.2...v1.5.1)

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] committed Mar 18, 2021
    Copy the full SHA
    73d726a View commit details
    Browse the repository at this point in the history