From 8ce762ce35f07dc2204b7988ce1f9dcf8c72d2f5 Mon Sep 17 00:00:00 2001 From: Rui Yang Date: Mon, 15 Mar 2021 14:31:16 -0400 Subject: [PATCH 1/3] add docs for generic oauth 2.0 connector Signed-off-by: Rui Yang --- content/docs/connectors/_index.md | 1 + content/docs/connectors/oauth.md | 72 +++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 content/docs/connectors/oauth.md diff --git a/content/docs/connectors/_index.md b/content/docs/connectors/_index.md index ffe6968..322a4cc 100644 --- a/content/docs/connectors/_index.md +++ b/content/docs/connectors/_index.md @@ -32,6 +32,7 @@ Dex implements the following connectors: | [OpenShift](/docs/connectors/openshift/) | no | yes | no | stable | | | [Atlassian Crowd](/docs/connectors/atlassian-crowd/) | yes | yes | yes * | beta | preferred_username claim must be configured through config | | [Gitea](/docs/connectors/gitea/) | yes | no | yes | alpha | | +| [Generic OAuth 2.0](/docs/connectors/oauth/) | no | yes | yes | alpha | Stable, beta, and alpha are defined as: diff --git a/content/docs/connectors/oauth.md b/content/docs/connectors/oauth.md new file mode 100644 index 0000000..e609d10 --- /dev/null +++ b/content/docs/connectors/oauth.md @@ -0,0 +1,72 @@ +--- +title: "Authentication Through an Generic OAuth 2.0 Provider" +linkTitle: "Generic OAuth 2.0" +description: "" +date: 2021-03-15 +draft: false +toc: true +weight: 2050 +--- + +## Overview + +Dex users can make use of this connector to work with standards-compliant [OAuth 2.0](https://oauth.net/2/) authorization provider, in case of that authorization provider is not in the Dex connectors list. + +## Configuration + +The following is an example of a configuration for using OAuth connector with Reddit. + +```yaml +connectors: +- type: oauth + # ID of OAuth 2.0 provider + id: reddit + # Name of OAuth 2.0 provider + name: reddit + config: + # Connector config values starting with a "$" will read from the environment. + clientID: $REDDIT_CLIENT_ID + clientSecret: $REDDIT_CLIENT_SECRET + redirectURI: http://127.0.0.1:5556/callback + + tokenURL: https://www.reddit.com/api/v1/access_token + authorizationURL: https://www.reddit.com/api/v1/authorize + userInfoURL: https: https://www.reddit.com/api/v1/me + + # Optional: Specify whether to communicate to Auth provider without validating SSL certificates + # insecureSkipVerify: false + + # Optional: The location of file containing SSL certificates to commmunicate to Auth provider + # rootCAs: /etc/ssl/reddit.pem + + # Optional: List of scopes to request Auth provider for access user account + # scopes: + # - identity + + # Optional: Configurable keys for user ID look up + # Default: id + # userIDKey: + + # Auth roviders return non-standard user identity profile + # Use claimMapping to map those user infomations to standard claims: + claimMapping: + # Optional: Configurable keys for user name look up + # Default: user_name + # userNameKey: + + # Optional: Configurable keys for preferred username look up + # Default: preferred_username + # preferredUsernameKey: + + # Optional: Configurable keys for user groups look up + # Default: groups + # groupsKey: + + # Optional: Configurable keys for email look up + # Default: email + # emailKey: + + # Optional: Configurable keys for email verified look up + # Default: email_verified + # emailVerifiedKey: +``` From 6ce54ea3867a8bb7a2b84d95563d678bcdd7057c Mon Sep 17 00:00:00 2001 From: Rui Yang Date: Mon, 15 Mar 2021 18:01:32 -0400 Subject: [PATCH 2/3] grammar and format corrections Signed-off-by: Rui Yang --- content/docs/connectors/oauth.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/content/docs/connectors/oauth.md b/content/docs/connectors/oauth.md index e609d10..2516a93 100644 --- a/content/docs/connectors/oauth.md +++ b/content/docs/connectors/oauth.md @@ -10,7 +10,7 @@ weight: 2050 ## Overview -Dex users can make use of this connector to work with standards-compliant [OAuth 2.0](https://oauth.net/2/) authorization provider, in case of that authorization provider is not in the Dex connectors list. +Dex users can make use of this connector to work with standards-compliant [OAuth 2.0](https://oauth.net/2/) authorization providers, in case those authorization providers are not already in the Dex connectors list. ## Configuration @@ -33,10 +33,12 @@ connectors: authorizationURL: https://www.reddit.com/api/v1/authorize userInfoURL: https: https://www.reddit.com/api/v1/me - # Optional: Specify whether to communicate to Auth provider without validating SSL certificates + # Optional: Specify whether to communicate to Auth provider without + # validating SSL certificates # insecureSkipVerify: false - # Optional: The location of file containing SSL certificates to commmunicate to Auth provider + # Optional: The location of file containing SSL certificates to commmunicate + # to Auth provider # rootCAs: /etc/ssl/reddit.pem # Optional: List of scopes to request Auth provider for access user account From 4537dad82f8c474108dee2811af94c2dc2d8e04a Mon Sep 17 00:00:00 2001 From: Rui Yang Date: Tue, 16 Mar 2021 10:11:02 -0400 Subject: [PATCH 3/3] update weight, connector name and switch to draft Signed-off-by: Rui Yang --- content/docs/connectors/_index.md | 2 +- content/docs/connectors/oauth.md | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/content/docs/connectors/_index.md b/content/docs/connectors/_index.md index 322a4cc..1c5f991 100644 --- a/content/docs/connectors/_index.md +++ b/content/docs/connectors/_index.md @@ -24,6 +24,7 @@ Dex implements the following connectors: | [SAML 2.0](/docs/connectors/saml/) | no | yes | no | stable | | [GitLab](/docs/connectors/gitlab/) | yes | yes | yes | beta | | | [OpenID Connect](/docs/connectors/oidc/) | yes | yes | yes | beta | Includes Salesforce, Azure, etc. | +| [OAuth 2.0](/docs/connectors/oauth/) | no | yes | yes | alpha | | [Google](/docs/connectors/google/) | yes | yes | yes | alpha | | | [LinkedIn](/docs/connectors/linkedin/) | yes | no | no | beta | | | [Microsoft](/docs/connectors/microsoft/) | yes | yes | no | beta | | @@ -32,7 +33,6 @@ Dex implements the following connectors: | [OpenShift](/docs/connectors/openshift/) | no | yes | no | stable | | | [Atlassian Crowd](/docs/connectors/atlassian-crowd/) | yes | yes | yes * | beta | preferred_username claim must be configured through config | | [Gitea](/docs/connectors/gitea/) | yes | no | yes | alpha | | -| [Generic OAuth 2.0](/docs/connectors/oauth/) | no | yes | yes | alpha | Stable, beta, and alpha are defined as: diff --git a/content/docs/connectors/oauth.md b/content/docs/connectors/oauth.md index 2516a93..87f3cf4 100644 --- a/content/docs/connectors/oauth.md +++ b/content/docs/connectors/oauth.md @@ -1,11 +1,11 @@ --- -title: "Authentication Through an Generic OAuth 2.0 Provider" -linkTitle: "Generic OAuth 2.0" +title: "Authentication Through an OAuth 2.0 Provider" +linkTitle: "OAuth 2.0" description: "" date: 2021-03-15 -draft: false +draft: true toc: true -weight: 2050 +weight: 2055 --- ## Overview