netbird/dex
0
0
Fork 0
mirror of https://github.com/netbirdio/dex.git synced 2026-05-22 18:43:53 -07:00
Code Issues Packages Projects Releases Wiki Activity
3,860 Commits 3 Branches 2 Tags
master
Commit Graph

87 Commits

Author SHA1 Message Date
Mathias Gebbe fec4f53203 feat(oauth2): add client credentials flow with opt-in config flag (#4583) 
Implement the OAuth2 client_credentials grant type for
machine-to-machine authentication. The grant is gated behind a new
clientCredentialsEnabled config flag (defaults to false), following
the same pattern as passwordConnector for the password grant.

---------

Signed-off-by: Mathias Gebbe <mathias.gebbe@gmail.com>
Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>
Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com>
Co-authored-by: Maksim Nabokikh <maksim.nabokikh@flant.com>
Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>
 2026-03-03 12:29:04 +01:00
Maksim Nabokikh a70f592589 fix(deviceflow): update redirect URIs to use absolute paths for non-root URLs (#4597) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-02 08:53:13 +01:00
Maksim Nabokikh 785033767c feat: refactor signer configuration with local and vault options (#4532) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-02-15 16:08:21 +01:00
Ivan Zviagintsev 9e377718dc feat: add name and emailVerified fields for static passwords (#4526) 
Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>
 2026-02-12 12:13:54 +01:00
Ivan Zviagintsev d1b2722e39 feat: support groups and preferred_username for staticPasswords (#4456) 
Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>
 2026-01-13 10:07:21 +01:00
Mark Sagi-Kazar e230d9426d test: use new Go features in tests 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2025-08-18 14:09:26 +02:00
Manoj Vivek 87ec9e077e Allow server startup with partial connector failures (#4159) 
Signed-off-by: Manoj Vivek <p.manoj.vivek@gmail.com>
 2025-06-16 15:53:20 +02:00
Oleksandr Redko 9891daa585 refactor: simplify tests by using slog.DiscardHandler (#4058) 
Signed-off-by: Oleksandr Redko <oleksandr.red+github@gmail.com>
 2025-04-03 09:56:18 +02:00
Bob Maertz ad31b5d6f7 Passing context storage (#3941) 
Signed-off-by: Bob Maertz <1771054+bobmaertz@users.noreply.github.com>
 2025-02-04 10:11:44 +01:00
Sean Liao 0b6a78397e use slog for structured logging (#3502) 
Signed-off-by: Sean Liao <sean+git@liao.dev>
 2024-06-01 20:15:58 +04:00
Maksim Nabokikh 088339fc28 Add headers control to dex web server (#3339) 
Customization of headers in the authentication server is crucial for enforcing stringent security measures by allowing the inclusion of specific headers required for authentication protocols and compliance standards. This customization ensures that authentication requests are processed securely, mitigating potential vulnerabilities and ensuring adherence to security policies.

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2024-03-11 22:48:20 +01:00
Maksim Nabokikh 60ddd188c0 Update go-jose to v4.0.1 (#3409) 
Signed-off-by: Matthias Loibl <mail@matthiasloibl.com>
Signed-off-by: Maksim Nabokikh <maksim.nabokikh@flant.com>
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
Co-authored-by: Matthias Loibl <mail@matthiasloibl.com>
 2024-03-11 22:23:54 +01:00
Ferenc Fabian 2377b0a0cd Add context to storage's Create endpoints (#2935) 
* Initial commit

Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>

* Finish the syntex fixes

Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>

* Add fixes after running the tests

Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>

* Change background context to request context

Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>

---------

Signed-off-by: PumpkinSeed <qwer.kocka@gmail.com>
 2024-01-25 12:51:25 +01:00
Sean Liao dcf7b18510 OAuth 2.0 Token Exchange (#2806) 
Signed-off-by: Sean Liao <sean+git@liao.dev>
Co-authored-by: Maksim Nabokikh <max.nabokih@gmail.com>
 2023-07-01 09:03:08 +02:00
Josh Soref 542cb4cb65 spelling: data with 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2023-04-27 09:02:32 -04:00
nobuyo 9f70c7da43 Add test for skipping approval 
Signed-off-by: nobuyo <longzechangsheng@gmail.com>
 2023-01-30 23:08:59 +09:00
Maksim Nabokikh 6d9ca8de49 fix: Do not use connector data from the refresh token field (#2729) 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-12-20 00:32:58 +04:00
m.nabokikh 57e9611ff6 fix: Implicit Grant discovery 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-03-08 16:16:25 +04:00
m.nabokikh 578cb05f7b fix: return invalid_grant error on claiming token of another client 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-12-05 23:45:52 +04:00
Eng Zer Jun f0186ff265 refactor: move from io/ioutil to io and os package 
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2021-09-17 14:12:39 +08:00
Tomasz Kleczek 4ffaa60d21 Improve auth flow error handling 
Signed-off-by: Tomasz Kleczek <tomasz.kleczek@gmail.com>
 2021-07-21 09:33:39 +02:00
Mark Sagi-Kazar ceb4324c18 test: quick fix flaky test 
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
 2021-06-28 23:30:14 +02:00
Márk Sági-Kazár 94a2b3ed87 Merge pull request #2010 from flant/switch-device-token-endpoint-to-token 
fix: use /token endpoint to get tokens with device flow
 2021-05-01 13:24:55 +02:00
Márk Sági-Kazár 551229a986 Merge pull request #1846 from flant/refresh-token-expiration-policy 
feat: Add refresh token expiration and rotation settings
 2021-04-24 11:03:40 +02:00
m.nabokikh 3bd0e91a68 Make /device/token deprecation warning more concise 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-02-25 11:53:25 +04:00