go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-05-19 22:23:30 +02:00
Code Issues Releases Activity
2,160 Commits 23 Branches 38 Tags
Commit Graph

2160 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jan Larwig
14d5355655
docs: add note about version obfuscation to footer option (#3051) 
Signed-off-by: Jan Larwig <jan@larwig.com>
 2025-05-03 21:44:30 +02:00
Evan Carroll
bae509d2ec
docs: clear up multiple-providers is unimplemented (#3046) 
* docs: clear up multiple-providers is unimplemented

Currently this configuration option is held up by #926. So users don't
assume this solution will work for them, and later find the feature is
not yet implemented -- own the shortcoming clearly.

* doc: add note about missing multi provider implementation to versioned docs

---------

Signed-off-by: Jan Larwig <jan@larwig.com>
Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-04-28 23:52:27 +02:00
github-actions[bot]
2ecb2c64aa
release: v7.9.0 (#3047) 
* add new docs version 7.9.x

* update to release version v7.9.0

* doc: add changelog summary

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jan Larwig <jan@larwig.com>
v7.9.0 		2025-04-28 18:22:58 +02:00
ikarius
b7ff804506
feat: ability to parse JWT encoded profile claims (#3014) 
* fix: parse JWT profile claims

* Comment with OIDC specs reference

* fix: formatting

* Updated changelog

---------

Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-04-28 16:39:09 +02:00
Guillaume "Elektordi" Genty
7b41c8e987
fix: role extraction from access token in keycloak oidc (#1916) 
* Fix wrong token used in Keycloak OIDC provider

* Update CHANGELOG for PR #1916

* Update tests

* fix: keycloak oidc role extraction

---------

Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-04-28 10:23:19 +01:00
Jan Larwig
367183d7b8
chore(build): refactoring makefile for better usability and introducing a default help target (#2930) 2025-04-27 20:09:52 +02:00
Michael Niksa
4237358ac3
doc(entra-id): correct toml field in sample (#2946) 
---------

Signed-off-by: Jan Larwig <jan@larwig.com>
Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-04-27 19:36:16 +02:00
renovate[bot]
fc6ca1dde6
chore(deps): update ghcr.io/dexidp/dex docker tag to v2.42.1 (#3044) 2025-04-27 19:08:33 +02:00
Richard Hagen
7d85c99d8e
fix(entra-id): use federated credentials for refresh token (#3031) 
* fix: use federated credentials to refresh token in entra id

* fix: add some error handling

* chore: update changelog

* chore: update comments

* chore: update comments

* doc: reference entra id docs and clearer phrasing of comments

Signed-off-by: Jan Larwig <jan@larwig.com>

---------

Signed-off-by: Jan Larwig <jan@larwig.com>
Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-04-25 09:59:09 +02:00
renovate[bot]
3afae76103
chore(deps): update docker-compose (#3038) 2025-04-24 14:01:29 +02:00
Enrico
07b60b1553
chore(deps): upgrade to latest golang v1.23.x release (#3041) 2025-04-24 13:47:48 +02:00
renovate[bot]
16e453e9f6
chore(deps): update module golang.org/x/net to v0.38.0 [security] (#3035) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-21 15:59:57 +02:00
Justin Ryan
8abdbb5a18
Add --bearer-token-login-fallback option (#2924) 
* add --deny-invalid-bearer-tokens

* update changelog

* PR feedback, update api-routes description

* update --api-routes description

* revert load_test fix that I needed locally

---------

Co-authored-by: Justin Ryan <j.ryan@mwam.com>
 2025-04-21 13:40:39 +01:00
renovate[bot]
bb6ff4ed14
chore(deps): update gitea/gitea docker tag to v1.23.7 (#3030) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-13 19:53:12 +02:00
Joel Speed
7cee02cac3
Merge pull request #3015 from oauth2-proxy/renovate/docker-compose 
chore(deps): update docker-compose
 2025-04-03 15:39:45 +07:00
renovate[bot]
3325dcb2bd
chore(deps): update docker-compose 2025-03-31 22:19:36 +00:00
Michael Cornel
f6b95c0df8
feat: allow to set non-default authorization request response mode (#3001) 
* Update Go version in devcontainer

* Add option to change response mode in authorization request

* Fix option name

* Update docs and changelog

* Rename config value to underscore

* Add unit tests for added parameter

* Move change to upcoming release

* Generate alpha config

---------

Co-authored-by: Michael Cornel <michael@stieler.it>
 2025-03-31 10:04:19 +02:00
Copolycube
b34b617aad
docs: fix gitlab docs url for oauth2 integration (#3002) 
* Update gitlab.md with correct url for creating an application

* docs: fix gitlab docs url for oauth2 integration

---------

Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-03-29 10:47:54 +01:00
renovate[bot]
99c4c654d9
chore(deps): update docker-compose (#3005) 2025-03-25 21:14:00 +01:00
Evan Gibler
b2c69e25eb
feat: update HashNonce to use crypto/sha256 (#2967) 
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
 2025-03-25 21:12:37 +01:00
renovate[bot]
44d035c32c
chore(deps): update dependency golangci/golangci-lint to v1.64.8 (#3004) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-25 21:03:35 +01:00
github-actions[bot]
2ab22bd9f1
release v7.8.2 (#3012) 
* update to release version v7.8.2

* docs: release letter

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Jan Larwig <jan@larwig.com>
v7.8.2 		2025-03-25 20:45:16 +01:00
Jan Larwig
46554b5bff
chore(deps): update golang dependencies and pin to latest golang v1.23.x release (#3011) 
Signed-off-by: Jan Larwig <jan@larwig.com>
 2025-03-25 20:22:56 +01:00
renovate[bot]
669acb9811
chore(deps): update module github.com/golang-jwt/jwt/v5 to v5.2.2 [security] (#3003) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-25 19:57:40 +01:00
renovate[bot]
4e2100a287
chore(deps): update gomod (#2952) 
* chore(deps): update gomod

Co-authored-by: Jan Larwig <jan@larwig.com>
 2025-03-19 22:19:40 +01:00
renovate[bot]
ef51685491 chore(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.49.0 2025-03-19 00:48:38 +01:00
Olivier Mengué
8a8fcab580 deps: remove tools/reference-gen from go.mod 
Remove github.com/oauth2-proxy/tools/reference-gen from dependencies.
Instead we are now running it with "go run" with a version suffix.

Long version:
- github.com/oauth2-proxy/tools/reference-gen is removed from
  tools/tool/go
- in pkg/apis/options/doc.go we now run reference-run with a version
  suffix (go run package@version) with the version comming from go.mod.
- the "//go:generate" line is split in 2 lines (using the -command
  flag) for readability
- "go mod tidy" for cleaning dependencies from go.mod, go.sum

Note: we are not upgrading reference-gen here. That will be a further
separate change.
 2025-03-19 00:37:11 +01:00
renovate[bot]
9ac8f4b5de chore(deps): update docker-compose 2025-03-12 09:17:13 +01:00
Jan Larwig
a01abbd9b2
Merge pull request #2957 from oauth2-proxy/renovate/golangci-golangci-lint-1.x 
chore(deps): update dependency golangci/golangci-lint to v1.64.7
 2025-03-12 08:55:55 +01:00
renovate[bot]
67c1cd6ee7
chore(deps): update dependency golangci/golangci-lint to v1.64.7 2025-03-12 07:52:38 +00:00
Jan Larwig
089c0eaae1
Merge pull request #2956 from oauth2-proxy/renovate/alpine-3.x 
chore(deps): update alpine docker tag to v3.21.3
 2025-03-12 08:51:45 +01:00
renovate[bot]
33e7c052dc
chore(deps): update alpine docker tag to v3.21.3 2025-03-12 07:46:30 +00:00
renovate[bot]
ee7d79c5d9 chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.4 [security] 2025-03-12 08:46:00 +01:00
Joel Speed
b05be4b1af
Merge pull request #2977 from dsymonds/master 
Update golang.org/x/net to v0.36.0.
 2025-03-05 16:30:32 +07:00
David Symonds
8a36a6622d Update golang.org/x/net to v0.36.0. 
This addresses CVE-2025-22870 (https://go.dev/issue/71984).
 2025-03-05 08:13:48 +11:00
Joel Speed
5f4fdbba24
Merge pull request #2969 from dsymonds/master 
Update golang.org/x/oauth2 to v0.27.0.
 2025-02-25 16:47:14 +07:00
David Symonds
cc87465e9b Update golang.org/x/oauth2 to v0.27.0. 
This addresses CVE-2025-22868 (https://go.dev/issue/71490).
 2025-02-25 20:42:09 +11:00
Joel Speed
a25fef7cbf
Merge pull request #2697 from matpen-wi/feat/max-age-instead-of-expires 
pkg/cookies: use 'Max-Age' instead of 'Expires' for cookie expiration
 2025-02-24 18:27:22 +07:00
Matthias Penner
a393ea3ca0 pkg/cookies: use 'Max-Age' instead of 'Expires' for cookie expiration 2025-02-24 11:14:51 +01:00
Joel Speed
80189a9973
Merge pull request #2960 from v0tti/fix_trusted_ip_docs 
fix: wrong documentation for --trusted-ip (#2959)
 2025-02-19 00:31:47 +07:00
Alexander Votteler
876feeeb3f fix: wrong documentation for --trusted-ip in v7.6, v7.7, v7.8 2025-02-18 17:44:33 +01:00
Alexander Votteler
38bb15300e fix: wrong documentation for --trusted-ip (#2959) 2025-02-17 19:51:37 +01:00
renovate[bot]
2d29cee51e
chore(deps): update helm release dex to v0.20.0 (#2936) 2025-02-01 10:02:41 +01:00
renovate[bot]
b72a9f41ea
chore(deps): update gomod (#2937) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-30 12:31:14 +01:00
Joel Speed
8b6e845f27
Merge pull request #2941 from tuunit/doc/add-entra-id-to-issue-template 
doc: add entra id to issue templates
 2025-01-29 23:32:26 +07:00
Jan Larwig
0364f1b32f
doc: add entra id to issue templates 2025-01-29 14:58:53 +01:00
Joel Speed
39bae25aa2
Merge pull request #2927 from tuunit/chore/bump-golang-1.23 
chore(deps/build): bump golang to 1.23 and use go.mod as single point of truth for all build files
 2025-01-21 10:12:53 +00:00
Jan Larwig
67f3da232a fix(test): syntax violation of json with one too many closing curly brackets 2025-01-20 20:45:45 +01:00
Jan Larwig
3cf74c21f8 doc: update changelog 2025-01-20 20:45:45 +01:00
Jan Larwig
9b32699c26 chore(deps): update all go depedencies 2025-01-20 20:45:45 +01:00