netbird/dex
0
0
Fork 0
mirror of https://github.com/netbirdio/dex.git synced 2026-05-22 18:43:53 -07:00
Code Issues Packages Projects Releases Wiki Activity
3,860 Commits 3 Branches 2 Tags
master
Commit Graph

300 Commits

Author SHA1 Message Date
jnfrati a1d4a044de fix(sql): handle SQLite text password groups 2026-05-12 11:02:14 +02:00
jnfrati d493d44cbb fix: implement id token hint on rp initiated logout 
Signed-off-by: jnfrati <nicofrati@gmail.com>
 2026-04-13 19:25:51 +02:00
Maksim Nabokikh 3bf25fd6e0 feat: add SSO sharing policy (#4705) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-04-02 14:18:53 +02:00
Maksim Nabokikh 546e66cb5d feat: add WebAuthn support (#4704) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com>
Co-authored-by: Alwx <alwxsin@gmail.com>
 2026-04-02 11:48:46 +02:00
Maksim Nabokikh 58f148dd28 feat: implement OIDC RP-Initiated logout (#4674) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com>
 2026-04-01 08:58:44 +02:00
iliaandreevde 098ab6036e feat: support ES256 local signer (#4682) 
Signed-off-by: Ilia Andreev <ilia.andreev@palark.com>
Co-authored-by: Ilia Andreev <ilia.andreev@palark.com>
 2026-03-25 09:46:45 +01:00
Maksim Nabokikh cf2c017038 build(deps): update entgo.io/ent to v0.14.6 and ariga.io/atlas to v0.36.2 (#4684) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-24 20:04:38 +01:00
Maksim Nabokikh 449f66477c feat: Add AuthSession GC (#4667) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-20 20:06:43 +01:00
Maksim Nabokikh c3bc1d7466 feat: add auth_time, prompt, and max_age fields (#4662) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-19 15:53:15 +01:00
Maksim Nabokikh 86abd336f8 Two-Factor authentication (TOTP) (#3712) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-18 18:20:20 +01:00
Maksim Nabokikh cbd7dd7f5a feat: Create AuthSessions and set cookies (#4650) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-18 11:58:18 +01:00
Maksim Nabokikh 6b9ce00e11 feat: implement AuthSession CRUD operations (#4646) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-16 17:06:53 +01:00
Maksim Nabokikh 93985dedff fix: increase lock acquisition attempts from 60 to 200 for better reliability (#4644) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-16 08:45:39 +01:00
Maksim Nabokikh 5a4395fd12 feat: add UserIdentity entity and CRUD operations (#4643) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
Signed-off-by: Maksim Nabokikh <max.nabokih@gmail.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
 2026-03-14 12:58:18 +01:00
Maksim Nabokikh f80a89dd5d feat(client): add allowed connectors field to client configuration (#4610) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-11 23:00:38 +01:00
Maksim Nabokikh 7777773067 feat(connector): connectors for grants (#4619) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-11 07:21:14 +01:00
Maksim Nabokikh 3d97c59032 test: add concurrency tests for storage implementations (#4631) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-10 15:55:10 +01:00
Maksim Nabokikh 591a201c88 feat(tests): add MySQL 8 support in CI and tests (#4617) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-03-06 08:48:50 +01:00
Maksim Nabokikh d78d744468 feat: Disallow unknown config fields (#4531) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-02-26 13:35:50 +01:00
Michiel De Backker a6962a8ba4 fix(mysql): quote groups reserved word in query replacer (#4580) 
`groups` is a reserved word in MySQL >= 8.0.2, causing migration 13
to fail with a syntax error on `ALTER TABLE password ADD COLUMN groups`.

Fixes #4579

Signed-off-by: Michiel De Backker <mail@backkem.me>
 2026-02-24 13:56:32 +01:00
Maksim Nabokikh 9bee809252 feat(crd): add CRD handling behavior and configuration options (#4543) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-02-15 21:56:29 +01:00
Maksim Nabokikh 785033767c feat: refactor signer configuration with local and vault options (#4532) 
Signed-off-by: maksim.nabokikh <max.nabokih@gmail.com>
 2026-02-15 16:08:21 +01:00
Ivan Zviagintsev 9e377718dc feat: add name and emailVerified fields for static passwords (#4526) 
Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>
 2026-02-12 12:13:54 +01:00
Ivan Zviagintsev d1b2722e39 feat: support groups and preferred_username for staticPasswords (#4456) 
Signed-off-by: Ivan Zvyagintsev <ivan.zvyagintsev@flant.com>
 2026-01-13 10:07:21 +01:00
Rene Dekker 9355759813 fix(storage/kubernetes): Only wrap IPv6 addresses in brackets (#4388) 
The Kubernetes client code was wrapping all IP addresses (both IPv4 and
IPv6) in square brackets when constructing the API server URL. This was
based on an incorrect assumption that IPv4 addresses in brackets are valid
in a URL.

Recent versions of Go (1.25.2 and later) have stricter URL parsing
that conforms to RFC 3986. This causes a failure when running Dex in a
Kubernetes environment where the KUBERNETES_SERVICE_HOST is an IPv4
address, leading to the error "invalid IPv6 host".

This commit changes the logic to only wrap IPv6 addresses in square
brackets. It uses `ip.To4() == nil` to reliably detect if an IP address
is IPv6 before wrapping it. This ensures that URLs are correctly
formatted for both IPv4 and IPv6 addresses, fixing the incompatibility
with newer Go versions.

Signed-off-by: Rene Dekker <rene@tigera.io>
 2025-11-03 10:50:25 +01:00