go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-08-10 22:51:31 +02:00
Code Issues Releases Activity
2,197 Commits 24 Branches 40 Tags
0d517482dd4067f30f8b5faac8286f50ea2e50be
Commit Graph

2197 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joel Speed
d29766609b Merge pull request #660 from oauth2-proxy/request-builder 
Use builder pattern to simplify requests to external endpoints
 2020-07-06 21:01:55 +01:00
Joel Speed
de9e65a63a Migrate all requests to result pattern 2020-07-06 20:38:00 +01:00
Joel Speed
d0b6c04960 Add tests for request result 2020-07-06 20:37:36 +01:00
Joel Speed
fbf4063245 Switch Builder.Do() to return a Result 2020-07-06 18:31:31 +01:00
Joel Speed
02410d3919 Update changelog to add request builder entry 2020-07-06 18:31:28 +01:00
Joel Speed
028a0ed62e Remove old requests code 2020-07-06 18:31:11 +01:00
Joel Speed
53142455b6 Migrate all requests to new builder pattern 2020-07-06 18:31:09 +01:00
Joel Speed
21ef86b594 Add tests for the request builder 2020-07-06 18:29:58 +01:00
Joel Speed
0bc0feb4bb Add request builder to simplify request handling 2020-07-06 18:29:57 +01:00
Joel Speed
9d39816709 Merge pull request #662 from johejo/issue-661 
Do not add Cache-Control header to response from auth only endpoint
 2020-07-06 14:33:36 +01:00
Joel Speed
830065a128 Merge branch 'master' into issue-661 2020-07-06 13:39:19 +01:00
Joel Speed
efa1e9b448 Merge pull request #663 from Jonher937/patch-1 
Make example args a codeblock for OIDC Provider
 2020-07-06 12:18:06 +01:00
Mitsuo Heijo
97ab3fa005 update CHANGELOG 2020-07-06 19:09:02 +09:00
Mitsuo Heijo
4c1047866b fix: do not add Cache-Control header to response from auth only endpoint 
fix #661
related #453
 2020-07-06 19:04:31 +09:00
Jonathan Herlin
416c8b0a5c Make example args a codeblock 
Making this a code block aligns with the rest of the examples and makes it easier to read
 2020-07-06 12:04:16 +02:00
Joel Speed
215aeec8b9 Merge pull request #650 from jordancrawfordnz/issue-649 
Only set healthcheck user agents when the ping-user-agent is set, and don't check blank user agents against healthcheck user agents
 2020-07-06 09:00:13 +01:00
Jordan Crawford
6346dafc1e (#649) Remove blank helthcheck user agents and paths when setting up the healthcheck middleware 
A blank user agent is considered == to an empty string. When no -ping-user-agent option is specified, this is considered to be an empty string.

This reveals two problems:
- When no ping-user-agent is specified, main.go sets up a health check user agent of ""
- When no user agent is specified, the empty string is still checked against the health check user agents.

Now the health check middleware ignores blank user agents and paths in order to sanitise it's input to avoid this issue.

Additional tests have been added to verify these situations.
 2020-07-06 14:07:38 +12:00
Joel Speed
99481b3a39 Merge pull request #591 from oauth2-proxy/upstream-proxy 
Introduce upstream package with new reverse proxy implementation
 2020-07-05 20:36:47 +01:00
Joel Speed
37c76b6376 Update changelog to add upstream proxy entry 2020-07-05 10:22:24 +01:00
Joel Speed
5b95ed3033 Add tests for upstream package 2020-07-05 10:21:05 +01:00
Joel Speed
fa8e1ee033 Allow file server to handle windows filesystems 2020-07-05 10:21:05 +01:00
Joel Speed
e1c3e938cc Add upstream package with Proxy server implementation 2020-07-05 10:21:05 +01:00
Joel Speed
b6b5194190 Add Upstreams options struct with validation 2020-07-05 10:21:05 +01:00
Joel Speed
fb1bef2757 Merge pull request #576 from oauth2-proxy/cookie-validation 
Separate Cookie validation
 2020-07-05 09:35:19 +01:00
Joel Speed
3e13f3197f Ensure that cookie names over 256 characters are rejected by validation 2020-07-05 09:18:48 +01:00
Joel Speed
eb933cc3f4 Add changelog entry for cookie validation separation 2020-07-05 09:18:45 +01:00
Joel Speed
211fd3a010 Rename CookieOptions to Cookie 2020-07-05 09:18:21 +01:00
Joel Speed
285c65a2d4 Add tests for cookie validation 
This also removes the check for the decoded from the valid secret size
check. The code was unreachable because encryption.SecretBytes will only
return the decoded secret if it was the right length after decoding.
 2020-07-05 09:17:28 +01:00
Joel Speed
900061b88a Move CookieOptions validation to it's own file 2020-07-05 09:17:28 +01:00
Joel Speed
b3ba2594c6 Create Cookie FlagSet and Defaults 2020-07-05 09:17:28 +01:00
Nick Meves
016f4aa276 Merge pull request #656 from grnhse/cookie-splitting-precision 
Split cookies more precisely at 4096 bytes
 2020-07-04 11:15:07 -07:00
Nick Meves
48a2aaadc1 Count complete cookie content in byte splitting 2020-07-03 23:41:08 -07:00
Nick Meves
c6f1daba2f Split cookies more precisely at 4096 bytes 2020-07-03 20:38:04 -07:00
Joel Speed
c4cf15f3e1 Merge pull request #619 from oauth2-proxy/https-redirect-middleware 
Improve Redirect to HTTPs behaviour
 2020-07-03 17:25:24 +01:00
Joel Speed
1c1106721e Move RedirectToHTTPS to middleware package 
Moves the logic for redirecting to HTTPs to a middleware package and adds tests for this logic.
Also makes the functionality more useful, previously it always redirected to the HTTPS address of the proxy, which may not have been intended, now it will redirect based on if a port is provided in the URL (assume public facing 80 to 443 or 4180 to 8443 for example)
 2020-07-03 17:19:09 +01:00
Joel Speed
39c01d5930 Merge pull request #654 from oauth2-proxy/redis-test-client-close 
Close client connections after each redis test
 2020-07-03 16:43:42 +01:00
Joel Speed
5c8a66bcc9 Close client connections after each redis test 2020-07-03 16:24:47 +01:00
k-wall
b0375e85fa Fix #635: Support specifying alternative provider TLS trust source(s) (#645) 
* Fix #635: Support specifying alternative provider TLS trust source(s)

* Update pkg/apis/options/options.go

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

* Update pkg/validation/options.go

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

* Address review comments

* upd CHANGELOG.md

* refactor test to assert textual subjects + add openssl gen cmd

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-07-03 16:09:17 +01:00
Joel Speed
390d479d28 Update CODEOWNERS to request review from reviewers team (#613) 
This means that we can keep the list of reviewers up to date based on team membership, rather than this file. Will make it easier to add and remove people going forward
 2020-07-02 21:09:55 +01:00
Joel Speed
4313553122 Merge pull request #542 from oauth2-proxy/refactor-session-tests 
Move SessionStore tests to independent package
 2020-07-01 23:00:23 +01:00
Joel Speed
34137f7305 Move SessionStore tests to independent package 2020-07-01 06:41:35 +01:00
Joel Speed
d9a45a3b47 Merge pull request #577 from oauth2-proxy/session-store-cipher 
Move Cipher and Session Store initialisation out of Validation
 2020-06-28 18:29:48 +01:00
Joel Speed
6e1b3b9660 Switch to in session store initialisation 2020-06-28 12:50:55 +01:00
Joel Speed
778463906a Update changelog for session storage initialisation move 2020-06-28 12:32:06 +01:00
Joel Speed
5ce9e75c21 Initialise Session Storage in NewOAuthProxy instead of validation 2020-06-28 12:32:06 +01:00
Joel Speed
c8dbf1cf60 Move Cipher intialisation to session store initialisation 2020-06-28 12:03:03 +01:00
Joel Speed
d9af3ffc5e Merge pull request #641 from oauth2-proxy/release-v6.0.0 
Update changelog ready for release v6.0.0
v6.0.0 		2020-06-27 16:09:26 +01:00
Joel Speed
6b43b41638 Fix tests broken by security advisory 2020-06-27 12:41:46 +01:00
Joel Speed
25154ede41 Update changelog ready for release v6.0.0 2020-06-27 12:10:27 +01:00
Joel Speed
ee5662e0f5 Merge pull request from GHSA-5m6c-jp6f-2vcv 
* Add more Open Redirect test cases

* Add whitelisted domain to test

* Add more test cases

* Improve invalid redirect regex
 2020-06-27 12:07:24 +01:00