1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-08-08 22:46:33 +02:00
Commit Graph

102 Commits

Author SHA1 Message Date
83c3c602ab chore(deps): update actions/setup-node action to v4 (#2435)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-23 09:49:55 +00:00
508df756e4 chore(deps): update actions/stale action to v9 (#2436)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-23 09:49:39 +00:00
5e68dad636 upgrading to go 1.21 (#2235)
* chore: bump go to version 1.21

update all depedencies as well

* fix linting issues based on golang 1.20 deprecations

* cleanup go depedencies

* add custom gomega matcher for option intefaces

* revert and upgrade golangci-lint to 1.55.2

* fix lint issues for v1.55.2 of golangci-lint

* fix toml loading test

* remove second runspecs call

* update go.sum

* revert testutil package
2024-01-22 13:39:53 +00:00
2df301cc21 feature: add release automation workflows (#2224)
* feature: add release automation workflows

* deactivate provenancee because of behaviour change with buildx v0.10.0

* add changelog section extraction for github release notes

* fix registry path; fix EOF

* use correct version of golangci-lint; add additional workflow step for fetching all dependencies
2024-01-20 20:14:09 +00:00
184c5820af feat: Added renovate configuration (#2377) 2024-01-20 19:51:34 +00:00
c7185e7005 Introduce GitHub issue forms feature (#2382)
* use latest github issue forms feature

* change link description for slack

* add line to end of each file
2024-01-11 16:44:16 +00:00
0ddb5e7b61 Don't run the nightly build and push job in forked repositories (#2330) 2023-11-21 11:54:12 +00:00
bee7879cb2 add nightly build and push (#2297)
* add nightly build and push

* add date based nightly build tags

* only keep single multiarch image build and push

* add changelog

* add images to internal docs static files

* add docu for nightly builds

* remove unnecessary spaces

* update nightly repository
2023-11-18 13:56:29 +00:00
8142c9eeec Added a checkbox for tested changes to PR template (#2285)
* Added a checkbox for tested changes to PR template

* Update PULL_REQUEST_TEMPLATE.md

* Update .github/PULL_REQUEST_TEMPLATE.md

Co-authored-by: Jan Larwig <jan@larwig.com>

---------

Co-authored-by: Jan Larwig <jan@larwig.com>
2023-10-31 19:49:22 +00:00
a53da415c9 Additional labels (#2293)
* Added docker and dependencies labels

* Updated docs label to include all MarkDown related changes
2023-10-26 10:57:34 +01:00
4816e87316 Actually rolled back labeler (#2291) 2023-10-25 19:14:52 +01:00
0061bbeaee Rolled back labeler to v4 (#2290) 2023-10-25 15:12:49 +01:00
d41141f23b Update labeler.yaml (#2289) 2023-10-25 12:26:30 +01:00
7f6109f469 Added an automatic PR labeler (#2286)
* Added an automatic PR labeler

* Update .github/workflows/labeler.yaml

Co-authored-by: Jan Larwig <jan@larwig.com>

---------

Co-authored-by: Jan Larwig <jan@larwig.com>
2023-10-25 11:37:32 +01:00
225dc92adf Docs: Add Search (#2228)
* add search and update depedencies

* refactor documentation workflow to follow best github action best practices
2023-09-13 12:00:14 +01:00
cbe9dccbc0 Update setup-buildx-action to supported version 2023-08-23 00:36:41 -06:00
cae9690067 Update stale bot to v8 2023-04-22 15:42:35 +02:00
e079c60dfe Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri… (#2013)
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Fixes CVE-2022-41721 (#1994)

See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/

* update checkout actions (#1981)

* Fix a typo in oauthproxy.go (#2021)

* fix typo (#2001)

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

---------

Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com>
Co-authored-by: Jeroen Landheer <jlandheer@bintelligence.nl>
Co-authored-by: Ryuichi Watanabe <ryucrosskey@gmail.com>
Co-authored-by: Ho Kim <ho.kim@ulagbulag.io>
Co-authored-by: Terrell Russell <terrellrussell@gmail.com>
2023-03-05 17:12:55 +00:00
cefeff5561 Chnages checkout version to v3 2023-01-27 22:53:05 +05:30
b3df9aecc2 Bump golang to 1.19 and min allowed version to 1.18 2022-10-21 20:40:58 +03:00
a5d918898c Add azure groups support and oauth2 v2.0 2022-10-21 20:23:21 +03:00
eb43b17750 Ensure docs release action has correct env 2022-02-20 14:07:56 +00:00
c232136196 Update docs github actions to Node 17 2022-02-19 18:45:07 +00:00
7eaf98b5fe Update go version to 1.17
This includes the change to the pruned module graph with the converted go.mod for Go 1.17
https://go.dev/doc/go1.17#go-command
2021-12-17 16:51:13 +01:00
05a4e77c4c Multiarch builds (#1147)
* extract email from id_token for azure provider (#914)

* extract email from id_token for azure provider

this change fixes a bug when --resource is specified with non-Graph
api and the access token destined to --resource is used to call Graph
api

* fixed typo

* refactor GetEmailAddress to EnrichSessionState

* make getting email from idtoken best effort and fall back to previous behavior when it's absent

* refactor to use jwt package to extract claims

* fix lint

* refactor unit tests to use test table
refactor the get email logic from profile api

* addressing feedback

* added oidc verifier to azure provider and extract email from id_token if present

* fix lint and codeclimate

* refactor to use oidc verifier to verify id_token if oidc is configured

* fixed UT

* addressed comments

* minor refactor

* addressed feedback

* extract email from id_token first and fallback to access token

* fallback to access token as well when id_token doesn't have email claim

* address feedbacks

* updated change log!

* switch to docker buildx for multiarch builds

* add setup docker buildx action

* update docker push to push the multiarch image

* make multiarch image have parity with currently produced images by adding linux/armv6

* triaging issue with arm v6

* incorporating feedback

* fixing rebase disaster

* reset Makefile to blessed state

Co-authored-by: Weinong Wang <weinong@outlook.com>
2021-09-21 14:17:59 +01:00
d1e7ae6f11 Don't download dependencies using go mod 2021-02-19 11:31:00 +00:00
5fe947eb07 Update go version to 1.16
This includes a fix for our samesite cookie parsing. The behaviour
changed in 1.16 so that the default value now leaves it empty, so it's
equivalent to not setting it (as per spec)
2021-02-19 11:30:58 +00:00
9cea4ea89b Update golangci-lint version in CI workflow 2021-02-17 20:25:37 +00:00
eb129a342c Ensure code is generated during CI 2021-01-18 09:56:07 +00:00
ef2628d5b2 Add github action to deploy docusaurus 2020-11-05 15:36:30 +00:00
3ccf74746e Remove basename from test coverage prefix (#892)
Co-authored-by: Nick Meves <nick.meves@greenhouse.io>
2020-11-04 19:40:40 +00:00
70c585812e Fix coverage file path recognition 2020-10-07 18:48:14 +01:00
b848663a3d Move test script to workflows folder 2020-10-07 18:48:11 +01:00
f705d2b5d3 Improve CI (#819)
* simplify github actions workflow

no more GOPATH, update Go to 1.15.x

* add script to install golangci-lint

* drop support for Go 1.14

* check docker build in ci

* update alpine linux to 3.12

* update CHANGELOG

* fix golangci-lint installation

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-07 18:46:41 +01:00
dc7dbc5d28 ci: migrate to Github Actions, close #546 (#750)
* ci: migrate to Github Actions

* ci: optimize on feedback

* ci: run gocov in correct dir

* ci: running after-build script always

* ci: giving test script execute permission

* ci: correct error handling on test script

* ci: more verbose test script

* ci: configure CC_TEST_REPORTER_ID env

* ci: check existence of CC_TEST_REPORT_ID variable, skip if unset

* ci: check existence of CC_TEST_REPORT_ID variable, skip if unset

* update changelog

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-05 10:29:47 +01:00
43189a7854 Add pull request events to CodeQL action
This will validate pull requests from forks to ensure that changes don't end up impacting you negatively.
2020-07-28 21:42:21 -07:00
390d479d28 Update CODEOWNERS to request review from reviewers team (#613)
This means that we can keep the list of reviewers up to date based on team membership, rather than this file. Will make it easier to add and remove people going forward
2020-07-02 21:09:55 +01:00
53d8e99f05 Remove Syscll as a maintainer (#540) 2020-05-10 11:51:15 +01:00
842d764a5f Add code scanning workflow (#507) 2020-04-29 16:29:30 +01:00
802754caad Migrate to oauth2-proxy/oauth2-proxy 2020-03-29 15:40:10 +01:00
d94cf45ea8 Update .github/workflows/stale.yml
Co-Authored-By: Theo Barber-Bany <theo.barberbany@pusher.com>
2020-03-02 10:09:58 +00:00
8ee8bd8bc2 Update .github/workflows/stale.yml
Co-Authored-By: Theo Barber-Bany <theo.barberbany@pusher.com>
2020-03-02 10:09:52 +00:00
85891a2261 Add GitHub Action to tidy stale issues 2020-03-01 15:59:52 +00:00
14db073807 Add JoelSpeed to CODEOWNERS 2020-01-20 19:39:31 +00:00
eee4b55e0f DigitalOcean Auth Provider (#351)
* DigitalOcean provider

* documentation: digitalocean provider

* changelog: digitalocean provider

* codeowners: digitalocean provider
2020-01-15 11:09:34 +00:00
227ea5da44 Add Nextcloud provider (#179) 2019-11-25 18:47:21 +01:00
fa6c4792a1 Add Bitbucket provider. (#201)
Add a new provider for Bitbucket,
can be configured from the options
specifying team and/or repository
that the user must be part/have access
to in order to grant login.
2019-08-16 14:53:22 +01:00
23309adc7c Fix CODEOWNERS file 2019-07-24 09:21:08 +01:00
e48d28d1b9 Add MAINTAINERS and update CODEOWNERS 2019-07-23 16:20:45 +01:00
8cc5fbf859 add login.gov provider (#55)
* first stab at login.gov provider

* fixing bugs now that I think I understand things better

* fixing up dependencies

* remove some debug stuff

* Fixing all dependencies to point at my fork

* forgot to hit save on the github rehome here

* adding options for setting keys and so on, use JWT workflow instead of PKCE

* forgot comma

* was too aggressive with search/replace

* need JWTKey to be byte array

* removed custom refresh stuff

* do our own custom jwt claim and store it in the normal session store

* golang json types are strange

* I have much to learn about golang

* fix time and signing key

* add http lib

* fixed claims up since we don't need custom claims

* add libs

* forgot ioutil

* forgot ioutil

* moved back to pusher location

* changed proxy github location back so that it builds externally, fixed up []byte stuff, removed client_secret if we are using login.gov

* update dependencies

* do JWTs properly

* finished oidc flow, fixed up tests to work better

* updated comments, added test that we set expiresOn properly

* got confused with header and post vs get

* clean up debug and test dir

* add login.gov to README, remove references to my repo

* forgot to remove un-needed code

* can use sample_key* instead of generating your own

* updated changelog

* apparently golint wants comments like this

* linter wants non-standard libs in a separate grouping

* Update options.go

Co-Authored-By: timothy-spencer <timothy.spencer@gsa.gov>

* Update options.go

Co-Authored-By: timothy-spencer <timothy.spencer@gsa.gov>

* remove sample_key, improve comments related to client-secret, fix changelog related to PR feedback

* github doesn't seem to do gofmt when merging.  :-)

* update CODEOWNERS

* check the nonce

* validate the JWT fully

* forgot to add pubjwk-url to README

* unexport the struct

* fix up the err masking that travis found

* update nonce comment by request of @JoelSpeed

* argh.  Thought I'd formatted the merge properly, but apparently not.

* fixed test to not fail if the query time was greater than zero
2019-03-20 13:44:51 +00:00