go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-15 00:15:00 +02:00
Code Issues Releases Activity
1,767 Commits 24 Branches 38 Tags
fix-auth-only-skip-routes
Commit Graph

1767 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Fabian Stelzer
733b3fe642 Determine line count for yaml load test dynamically 
Adding a new option to the yaml alpha config will result in failed tests
unless you manually increment the line count. This commit computes this
dynamically.
 2021-09-17 12:31:18 +00:00
Fabian Stelzer
12ab4ef529 Make the Upstreams mux configurable 
This commit changes Upstreams from []Upstream to a struct{}
moving the previous []Upstream into .Configs and adjusts all uses of it.
 2021-09-17 12:31:18 +00:00
Fabian Stelzer
ae72beb24e Enable UseEncodedPath() for frontend mux 
This allows urls with encoded characters (e.g.: /%2F/) to pass to the
upstream mux instead of triggering a HTTP 301 from the frontend.
Otherwise a /%2F/test/ will result in a HTTP 301 -> /test/
 2021-09-17 12:31:18 +00:00
Hedi Harzallah
ccbb98acd9 fix(1356): test if session variable is null (#1357) 
* fix(1356): test if session variable is null

* fix(1356): adding changelog

Co-authored-by: Hedi Harzallah <hharzalla@talend.com>
 2021-09-09 12:12:29 +01:00
Miks Kalnins
54d44ccb8f Allow specifying URL as input for custom sign in logo (#1330) 
* Allow specifying URL as input for custom logos

* Fix typo

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

* Update changelog

* Only allow HTTPS URLs

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Co-authored-by: Nick Meves <nicholas.meves@gmail.com>
 2021-09-05 09:23:22 -07:00
Philippe
7cf3065111 Changing user field type to text (#1337) 
* Changing user field type to text

* Updated changelog

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-08-29 12:39:02 +01:00
Joel Speed
5928fe5485 Merge pull request #1345 from pburgisser/add_skip_route_exemple 
Adding example for auth skipping
 2021-08-27 11:25:57 +02:00
Philippe Bürgisser
45e45303ad Adding example for auth skiping 2021-08-27 10:53:57 +02:00
Stéphan Kochen
31f7c5bb59 Fix go get instructions (#1271) 
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-08-18 17:11:18 +01:00
Jordie
42c16efa38 Fixed .CustomLogin </form> tag placement for login page (#1317) 
* Fixed .CustomLogin </form> tag placement for login page

* Update changelog (gh-1317)
 2021-08-11 15:57:40 +01:00
Nick Meves
526aff8c84 Merge pull request #1210 from pb82/keycloak-oidc-provider 
Keycloak oidc provider
 2021-08-07 09:57:03 -07:00
Peter Braun
e6223383e5 update keycloak oidc provider and add unit tests 2021-08-02 11:39:50 +02:00
Nick Meves
ab54de38cc Extract roles from Keycloak Access Tokens 2021-07-30 09:46:13 +02:00
Nick Meves
4c0beb373f Add keycloak-oidc provider based on OIDCProvider 2021-07-30 09:46:13 +02:00
JVecsei
8967873659 Updated dependency versions which include CVE fixes (#1276) 
* switched to github.com/golang-jwt/jwt and updated golang.org/x/crypto to include CVE fixes

* added #1276 to changelog

Co-authored-by: Joshua Vécsei <git@vecsei.me>
 2021-07-29 17:45:41 +01:00
wyewata
a35db2ae8a Fix expected error messages (#1269) 
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-07-28 19:56:23 +01:00
Nick Meves
0b4bc36554 Upgrade go-oidc to v3 (#1264) 2021-07-17 09:55:05 -07:00
Joel Speed
ef697afc6d Merge pull request #1265 from wassan128/fix/doc-typo 
Fix small typo
 2021-07-10 13:01:44 +01:00
wassan128
777556c97e Fix typo s/commmon/common/ 2021-07-08 21:29:43 +09:00
Joel Speed
98f8195902 Merge pull request #1262 from oauth2-proxy/fix-encryption-finicky-tests 
Remove finicky encryption test
 2021-07-02 17:22:57 +01:00
Nick Meves
1faa5c47ce Remove finicky encryption test 
AES-CFB is unauthenticated, in rare circumstances it won't error on
AES-GCM encrypted payloads
 2021-07-01 19:03:01 -07:00
Moraru Costel
7a83d18f23 Extend email-domain validation with sub-domain capability (#1233) 
* Extend email-domain validation with sub-domain capability

* Adding the CHANGELOG entry

* Fixing lint erros

* Fixing lint erros

* Renamed the emailDomains to allowedDomains, plus tests

* Bringing together all basic test-cases

* Fixing unit tests

* Add unit tests to validate additional vulnerability concerns
 2021-06-29 19:37:03 +01:00
Joel Speed
d359ab75e1 Merge pull request #1253 from netgusto/patch-1 
Update README.md
 2021-06-24 12:03:52 +01:00
Jérôme Schneider
5063b31b62 Update README.md 
Fixing typo.
 2021-06-24 09:34:10 +02:00
Joel Speed
ac188b129f Merge pull request #1060 from oauth2-proxy/upstream-rewrite 
Implement RewriteTarget to allow requests to be rewritten before proxying to upstream servers
 2021-06-23 13:36:03 +01:00
Joel Speed
9ce962be08 Add changelog entry for new rewrite target feature 2021-06-23 12:21:40 +01:00
Joel Speed
075cb9c3a0 Ensure upstreams are sorted by longest first 2021-06-23 12:20:48 +01:00
Joel Speed
8a06779d41 Redirect request if it would match with an appended trailing slash 2021-06-23 12:20:47 +01:00
Joel Speed
6c62b25bf1 Allow request paths to be rewritten before proxying to upstream server 2021-06-23 12:20:46 +01:00
Joel Speed
d2d62bb452 Replace standard serve mux with gorilla mux 2021-06-23 12:20:21 +01:00
Nick Meves
16a9893a19 Merge pull request #1086 from oauth2-proxy/early-refresh 
Convert RefreshSessionIfNeeded into RefreshSession
 2021-06-22 17:13:14 -07:00
Nick Meves
ff914d7e17 Use ErrNotImplemented in default refresh implementation 2021-06-22 17:04:42 -07:00
Nick Meves
baf6cf3816 Remove mutex from local Clock instances 
They will only be used in tests, but it doesn't play
nice with copy operations many tests use. The linter was
not happy. While the global clock needs mutexes for parallelism,
local Clocks only used it for Set/Add and didn't even use the
mutex for actual time functions.
 2021-06-22 17:04:42 -07:00
Nick Meves
d91c3f867d Remove validation for invalid legacy v6.0.0 sessions 
The reflect.DeepCopy doesn't play nice with the new Lock and Clock
fields in sessions. And it added unneeded session deserialization
logic to every request.
 2021-06-22 17:04:42 -07:00
Nick Meves
593125152d Standarize provider refresh implemention & logging 2021-06-22 17:04:30 -07:00
Nick Meves
7fa6d2d024 Manage session time fields centrally 2021-06-21 21:54:52 -07:00
Nick Meves
7e80e5596b RefreshSessions immediately when called 2021-06-21 21:54:52 -07:00
Joel Speed
5f4ac25b1e Merge pull request #1249 from webnard/patch-1 
Simplify sha256sum checking example
 2021-06-21 19:43:35 +01:00
Ian Hunter
1c151b4b27 Simplify sha256sum checking example 
The previous code didn't consider other languages and hid the output of failures. For example

```
$ LANG=es_ES.UTF-8 sha256sum -c sha256sum.txt
oauth2-proxy-v7.1.3.linux-amd64/oauth2-proxy: La suma coincide
```
 2021-06-21 10:44:27 -04:00
Nick Meves
c2325ecbd5 Merge pull request #1226 from oauth2-proxy/app-redirect 
Move app redirection logic to its own package
 2021-06-19 10:54:00 -07:00
Joel Speed
d8b91efcc7 Add changelog for app redirection split 2021-06-19 11:26:04 +01:00
Joel Speed
bd2fa9d7d8 Add tests for split host port 2021-06-19 11:24:29 +01:00
Joel Speed
273ab1f591 Integrate redirect package with OAuth2 Proxy 2021-06-19 11:24:27 +01:00
Joel Speed
e1764d4221 Create AppDirector for getting the application redirect URL 2021-06-19 11:23:32 +01:00
Joel Speed
e7f304fc96 Create redirect validator 2021-06-19 11:23:31 +01:00
Joel Speed
62436dbc02 Merge pull request #1128 from oauth2-proxy/proxy-router 
Use gorilla mux for OAuth Proxy routing
 2021-06-19 11:22:37 +01:00
Joel Speed
a8c9b2903d Use gorilla mux for OAuth Proxy routing 2021-06-19 11:17:16 +01:00
Anders Kiel Hovgaard
c00d36159e Update Alpine image version to 3.14 (#1244) 
* Update Alpine image version to 3.14.

* Update changelog.
 2021-06-18 13:12:11 +01:00
Nick Meves
a296936a0f Merge pull request #1238 from samirachoadi/feature/add_adfs_provider 
Added ADFS Provider
 2021-06-13 11:13:21 -07:00
Sami Racho
a14c0c2121 Added ADFS Provider 2021-06-13 10:19:56 +02:00