Everything has to go through a json round trip to work.
HTTP Request has function members within it that means it cannot go
through a JSON round trip, so nil that for now
"go mod download" does not depend on the VERSION env var, so moving the ARG directive after the RUN will allow better use of the Docker build cache - subsequent builds on the same machine need only re-run the "go mod download" if go.mod or go.sum has changed, rather than re-running it any time the VERSION value passed from the Makefile has changed
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
* panic with GitLab project repository auth
* /api/v4/projects/:id can return nil permissions
Signed-off-by: Piers Harding <piers@ompka.net>
* Add GitLab test for group no access
Signed-off-by: Piers Harding <piers@ompka.net>
* Add example with traefik and keycloak
* Switch to dex
* Remove unneeded change in keycloak settings
* Taken into account review comments
* Add changelog entry
Co-authored-by: Frédéric Collonval <frederic.collonval@ariadnext.com>
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
* Add RequestID to the RequestScope
* Expose RequestID to auth & request loggers
* Use the RequestID in templated HTML pages
* Allow customizing the RequestID header
* Document new Request ID support
* Add more cases to scope/requestID tests
* Split Get vs Generate RequestID funtionality
* Add {{.RequestID}} to the request logger tests
* Move RequestID management to RequestScope
* Use HTML escape instead of sanitization for Request ID rendering
* extract email from id_token for azure provider
this change fixes a bug when --resource is specified with non-Graph
api and the access token destined to --resource is used to call Graph
api
* fixed typo
* refactor GetEmailAddress to EnrichSessionState
* make getting email from idtoken best effort and fall back to previous behavior when it's absent
* refactor to use jwt package to extract claims
* fix lint
* refactor unit tests to use test table
refactor the get email logic from profile api
* addressing feedback
* added oidc verifier to azure provider and extract email from id_token if present
* fix lint and codeclimate
* refactor to use oidc verifier to verify id_token if oidc is configured
* fixed UT
* addressed comments
* minor refactor
* addressed feedback
* extract email from id_token first and fallback to access token
* fallback to access token as well when id_token doesn't have email claim
* address feedbacks
* updated change log!
* Use a specialized ResponseWriter in middleware
* Track User & Upstream in RequestScope
* Wrap responses in our custom ResponseWriter
* Add tests for logging middleware
* Inject upstream metadata into request scope
* Use custom ResponseWriter only in logging middleware
* Assume RequestScope is never nil
