From ec1c2d939c7cd1ecdac98d232607f52c96de10c3 Mon Sep 17 00:00:00 2001
From: RBrownSUSE <>
Date: May 17 2021 16:55:56 +0000
Subject: Update dex-oidc to version 2.28.1 / rev 3 via SR 893669


https://build.opensuse.org/request/show/893669
by user RBrownSUSE + dimstar_suse

---

diff --git a/.files b/.files
index 56d8956..a9f930b 100644
Binary files a/.files and b/.files differ
diff --git a/.rev b/.rev
index 031fd4f..4b93392 100644
--- a/.rev
+++ b/.rev
@@ -15,4 +15,12 @@
     <comment></comment>
     <requestid>791196</requestid>
   </revision>
+  <revision rev="3" vrev="1">
+    <srcmd5>6b87981086aa4f8752ec21f2a26c9082</srcmd5>
+    <version>2.28.1</version>
+    <time>1621269912</time>
+    <user>dimstar_suse</user>
+    <comment></comment>
+    <requestid>893669</requestid>
+  </revision>
 </revisionlist>
diff --git a/.servicemark b/.servicemark
index e2c4da7..6b454df 100644
--- a/.servicemark
+++ b/.servicemark
@@ -1 +1 @@
-937f91e0071f52ad0f9c6acd1151e964
+ec2bbfb2690ce4511888d768b185dbd8
diff --git a/_service b/_service
index 8aadef3..2a9c733 100644
--- a/_service
+++ b/_service
@@ -4,8 +4,9 @@
     <param name="scm">git</param>
     <param name="filename">dex</param>
     <param name="exclude">.git</param>
-    <param name="versionformat">2.23.0</param>
-    <param name="revision">v2.23.0</param>
+    <param name="revision">v2.28.1</param>
+    <param name="versionformat">@PARENT_TAG@</param>
+    <param name="versionrewrite-pattern">v(.+)</param>
     <param name="changesgenerate">enable</param>
   </service>
   <service name="recompress" mode="disabled">
@@ -15,4 +16,7 @@
   <service name="set_version" mode="disabled">
     <param name="basename">dex</param>
   </service>
+  <service name="go_modules" mode="disabled">
+    <param name="compression">xz</param>
+  </service>
 </services>
diff --git a/_servicedata b/_servicedata
index daa50db..764f10c 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/dexidp/dex.git</param>
-              <param name="changesrevision">99c3ec68203c0b2764a49724ecb9ecc26b520482</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">27dfbc0344450b257d297306d563354dfcea8643</param></service></servicedata>
\ No newline at end of file
diff --git a/dex-2.23.0.tar.xz b/dex-2.23.0.tar.xz
deleted file mode 120000
index c3b25b0..0000000
--- a/dex-2.23.0.tar.xz
+++ /dev/null
@@ -1 +0,0 @@
-/ipfs/bafybeifyx2zjnqis6a4sjc2zngxlscwjjqxuts2z2fvnhhq7fhxjrhtnlu
\ No newline at end of file
diff --git a/dex-2.28.1.tar.xz b/dex-2.28.1.tar.xz
new file mode 120000
index 0000000..77d463d
--- /dev/null
+++ b/dex-2.28.1.tar.xz
@@ -0,0 +1 @@
+/ipfs/bafybeicjia3pp3vhkwl2jhw74fav2w3v2g3x3x5bpri6bmvvzijiusp53y
\ No newline at end of file
diff --git a/dex-oidc.changes b/dex-oidc.changes
index 95efc80..6ef3c22 100644
--- a/dex-oidc.changes
+++ b/dex-oidc.changes
@@ -1,4 +1,70 @@
 -------------------------------------------------------------------
+Fri May 14 11:28:18 UTC 2021 - rpm@fthiessen.de
+
+- Update to version 2.28.1:
+  * Features:
+    * Add c_hash to id_token, issued on /auth endpoint, when in
+      hybrid flow
+    * Allow configuration of returned auth proxy header
+    * Allow to disable os.ExpandEnv for storage + connector configs
+      by env variable DEX_EXPAND_ENV = false
+    * Added the possibility to activate lowercase for UPN-Strings
+    * Add "Cache-control: no-store" and "Pragma: no-cache" headers
+      to token responses
+    * Graceful shutdown
+    * Allow public clients created with API to have no client_secret
+  * Bugfixes:
+    * Fix the etcd PKCE AuthCode deserialization
+    * Fix garbage collection logging of device codes and device request
+    * Discovery endpoint contains updated claims and auth methods
+    * Return invalid_grant error if auth code is invalid or expired
+    * Return an error to auth requests with the "request" parameter
+- Update to version 2.27.0:
+  * Security release, fixing: CVE-2020-26290
+  * connector/saml: Validate XML roundtrip data before processing
+    request
+- Update to version 2.26.0:
+  * Require go 1.15
+  * Features:
+    * Add constructor for static key strategy
+    * Add team groups support to bitbucket connector
+    * Allow Authorization header when doing CORS
+    * Retry Kubernetes update requests
+    * PKCE support
+    * Allow public clients to have redirect URLs other than localhost
+  * Bugfixes:
+    * Abort connector login if connector was already set
+    * Replace deprecated teams endpoint in bitbucket connector
+    * Log errors from login during password grant
+    * Handle Kubernetes API conflicts properly for signing keys
+- Update to version 2.25.0:
+  * Features:
+    * Move the API package to a separate module
+    * OAuth2 Device Authorization Grant
+    * Support username, email and groups claim in OIDC connector
+  * Bugfixes:
+    * Add offline_access scope in microsoft connector, if required
+    * Allow the google connector to work without a service account
+- Update to version 2.24.0:
+  * Features:
+    * Keystone connector: Added Email to Identity
+    * Atlassian Crowd connector: allow preferred_username claim
+      to be set
+    * Github connector: pass redirect_uri
+    * server: allow having no secret for static public clients
+    * SAML connector: add flag for filtering groups
+  * Bug fixes, misc changes:
+    * storage/kubernetes: wrap Kubernetes host address in square
+      brackets for IPv6
+    * storage/kubernetes: remove shadowed ResourceVersion from
+      connector
+    * server/handlers: do not fail login if refresh token gone
+    * server/handlers: automatic consistency fixing in case of
+      missing refresh token in db
+    * OIDC connector: add Icon
+    * OpenShift connector: rootCA option
+
+-------------------------------------------------------------------
 Fri Apr 03 10:44:54 UTC 2020 - fcastelli@suse.com
 
 - Remove example programs from the final package. They are not needed and
diff --git a/dex-oidc.spec b/dex-oidc.spec
index 5aad0b4..69b4f40 100644
--- a/dex-oidc.spec
+++ b/dex-oidc.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package dex-oidc
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,16 +17,17 @@
 
 
 # Project name when using go tooling.
-%define go_version 1.13
+%define go_version 1.15
 
 Name:           dex-oidc
-Version:        2.23.0
+Version:        2.28.1
 Release:        0
 Summary:        OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors
 License:        Apache-2.0
 Group:          System/Management
 URL:            https://github.com/dexidp/dex
-Source:         dex-%{version}.tar.xz
+Source0:        dex-%{version}.tar.xz
+Source1:        vendor.tar.gz
 BuildRequires:  fdupes
 BuildRequires:  git
 BuildRequires:  golang-packaging
@@ -50,7 +51,7 @@ GitHub, Google, and Active Directory. Clients write their authentication logic o
 dex handles the protocols for a given backend.
 
 %prep
-%setup -q -n dex-%{version}
+%setup -q -n dex-%{version} -a 1
 
 %build
 %define ldflags "-w -X github.com/dexidp/dex/version.Version=%{version}"
@@ -66,6 +67,7 @@ dex handles the protocols for a given backend.
 for file in $(find web -type f); do
   install -D -m 0644 $file %{buildroot}/%{_datadir}/%{name}/$file
 done
+%fdupes %{buildroot}%{_datadir}/%{name}
 
 %files -f file.lst
 %license LICENSE
@@ -76,8 +78,6 @@ done
 %dir %{_datadir}/%{name}/web/static/img
 %dir %{_datadir}/%{name}/web/templates
 %dir %{_datadir}/%{name}/web/themes
-%dir %{_datadir}/%{name}/web/themes/coreos
-%dir %{_datadir}/%{name}/web/themes/tectonic
 %{_datadir}/%{name}/web/*
 %{_bindir}/dex
 
diff --git a/vendor.tar.gz b/vendor.tar.gz
new file mode 120000
index 0000000..4d03fe1
--- /dev/null
+++ b/vendor.tar.gz
@@ -0,0 +1 @@
+/ipfs/bafybeig4ascun2gmmz3lzdyrefpvohnwmksa5njkyk72i4oebyfmuneeqy
\ No newline at end of file