Add support for Dex to Quay

Fixes #306

- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool

app.py

@@ -26,7 +26,9 @@ from util import get_app_url
 from util.saas.analytics import Analytics
 from util.saas.exceptionlog import Sentry
 from util.names import urn_generator
-from util.config.oauth import GoogleOAuthConfig, GithubOAuthConfig, GitLabOAuthConfig
+from util.config.oauth import (GoogleOAuthConfig, GithubOAuthConfig, GitLabOAuthConfig,
+                               DexOAuthConfig)
+
 from util.security.signing import Signer
 from util.saas.cloudwatch import start_cloudwatch_sender
 from util.saas.metricqueue import MetricQueue
@@ -135,7 +137,9 @@ github_login = GithubOAuthConfig(app.config, 'GITHUB_LOGIN_CONFIG')
 github_trigger = GithubOAuthConfig(app.config, 'GITHUB_TRIGGER_CONFIG')
 gitlab_trigger = GitLabOAuthConfig(app.config, 'GITLAB_TRIGGER_CONFIG')
 google_login = GoogleOAuthConfig(app.config, 'GOOGLE_LOGIN_CONFIG')
-oauth_apps = [github_login, github_trigger, gitlab_trigger, google_login]
+dex_login = DexOAuthConfig(app.config, 'DEX_LOGIN_CONFIG')
+
+oauth_apps = [github_login, github_trigger, gitlab_trigger, google_login, dex_login]
 
 image_diff_queue = WorkQueue(app.config['DIFFS_QUEUE_NAME'], tf)
 image_replication_queue = WorkQueue(app.config['REPLICATION_QUEUE_NAME'], tf)