Fabian Stelzer
12ab4ef529
Make the Upstreams mux configurable
...
This commit changes Upstreams from []Upstream to a struct{}
moving the previous []Upstream into .Configs and adjusts all uses of it.
2021-09-17 12:31:18 +00:00
Fabian Stelzer
ae72beb24e
Enable UseEncodedPath() for frontend mux
...
This allows urls with encoded characters (e.g.: /%2F/) to pass to the
upstream mux instead of triggering a HTTP 301 from the frontend.
Otherwise a /%2F/test/ will result in a HTTP 301 -> /test/
2021-09-17 12:31:18 +00:00
Hedi Harzallah
ccbb98acd9
fix(1356): test if session variable is null ( #1357 )
...
* fix(1356): test if session variable is null
* fix(1356): adding changelog
Co-authored-by: Hedi Harzallah <hharzalla@talend.com>
2021-09-09 12:12:29 +01:00
Miks Kalnins
54d44ccb8f
Allow specifying URL as input for custom sign in logo ( #1330 )
...
* Allow specifying URL as input for custom logos
* Fix typo
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
* Update changelog
* Only allow HTTPS URLs
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Co-authored-by: Nick Meves <nicholas.meves@gmail.com>
2021-09-05 09:23:22 -07:00
Philippe
7cf3065111
Changing user field type to text ( #1337 )
...
* Changing user field type to text
* Updated changelog
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-08-29 12:39:02 +01:00
Joel Speed
5928fe5485
Merge pull request #1345 from pburgisser/add_skip_route_exemple
...
Adding example for auth skipping
2021-08-27 11:25:57 +02:00
Philippe Bürgisser
45e45303ad
Adding example for auth skiping
2021-08-27 10:53:57 +02:00
Stéphan Kochen
31f7c5bb59
Fix go get
instructions ( #1271 )
...
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-08-18 17:11:18 +01:00
Jordie
42c16efa38
Fixed .CustomLogin </form> tag placement for login page ( #1317 )
...
* Fixed .CustomLogin </form> tag placement for login page
* Update changelog (gh-1317)
2021-08-11 15:57:40 +01:00
Nick Meves
526aff8c84
Merge pull request #1210 from pb82/keycloak-oidc-provider
...
Keycloak oidc provider
2021-08-07 09:57:03 -07:00
Peter Braun
e6223383e5
update keycloak oidc provider and add unit tests
2021-08-02 11:39:50 +02:00
Nick Meves
ab54de38cc
Extract roles from Keycloak Access Tokens
2021-07-30 09:46:13 +02:00
Nick Meves
4c0beb373f
Add keycloak-oidc provider based on OIDCProvider
2021-07-30 09:46:13 +02:00
JVecsei
8967873659
Updated dependency versions which include CVE fixes ( #1276 )
...
* switched to github.com/golang-jwt/jwt and updated golang.org/x/crypto to include CVE fixes
* added #1276 to changelog
Co-authored-by: Joshua Vécsei <git@vecsei.me>
2021-07-29 17:45:41 +01:00
wyewata
a35db2ae8a
Fix expected error messages ( #1269 )
...
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-07-28 19:56:23 +01:00
Nick Meves
0b4bc36554
Upgrade go-oidc to v3 ( #1264 )
2021-07-17 09:55:05 -07:00
Joel Speed
ef697afc6d
Merge pull request #1265 from wassan128/fix/doc-typo
...
Fix small typo
2021-07-10 13:01:44 +01:00
wassan128
777556c97e
Fix typo s/commmon/common/
2021-07-08 21:29:43 +09:00
Joel Speed
98f8195902
Merge pull request #1262 from oauth2-proxy/fix-encryption-finicky-tests
...
Remove finicky encryption test
2021-07-02 17:22:57 +01:00
Nick Meves
1faa5c47ce
Remove finicky encryption test
...
AES-CFB is unauthenticated, in rare circumstances it won't error on
AES-GCM encrypted payloads
2021-07-01 19:03:01 -07:00
Moraru Costel
7a83d18f23
Extend email-domain validation with sub-domain capability ( #1233 )
...
* Extend email-domain validation with sub-domain capability
* Adding the CHANGELOG entry
* Fixing lint erros
* Fixing lint erros
* Renamed the emailDomains to allowedDomains, plus tests
* Bringing together all basic test-cases
* Fixing unit tests
* Add unit tests to validate additional vulnerability concerns
2021-06-29 19:37:03 +01:00
Joel Speed
d359ab75e1
Merge pull request #1253 from netgusto/patch-1
...
Update README.md
2021-06-24 12:03:52 +01:00
Jérôme Schneider
5063b31b62
Update README.md
...
Fixing typo.
2021-06-24 09:34:10 +02:00
Joel Speed
ac188b129f
Merge pull request #1060 from oauth2-proxy/upstream-rewrite
...
Implement RewriteTarget to allow requests to be rewritten before proxying to upstream servers
2021-06-23 13:36:03 +01:00
Joel Speed
9ce962be08
Add changelog entry for new rewrite target feature
2021-06-23 12:21:40 +01:00
Joel Speed
075cb9c3a0
Ensure upstreams are sorted by longest first
2021-06-23 12:20:48 +01:00
Joel Speed
8a06779d41
Redirect request if it would match with an appended trailing slash
2021-06-23 12:20:47 +01:00
Joel Speed
6c62b25bf1
Allow request paths to be rewritten before proxying to upstream server
2021-06-23 12:20:46 +01:00
Joel Speed
d2d62bb452
Replace standard serve mux with gorilla mux
2021-06-23 12:20:21 +01:00
Nick Meves
16a9893a19
Merge pull request #1086 from oauth2-proxy/early-refresh
...
Convert RefreshSessionIfNeeded into RefreshSession
2021-06-22 17:13:14 -07:00
Nick Meves
ff914d7e17
Use ErrNotImplemented
in default refresh implementation
2021-06-22 17:04:42 -07:00
Nick Meves
baf6cf3816
Remove mutex from local Clock instances
...
They will only be used in tests, but it doesn't play
nice with copy operations many tests use. The linter was
not happy. While the global clock needs mutexes for parallelism,
local Clocks only used it for Set/Add and didn't even use the
mutex for actual time functions.
2021-06-22 17:04:42 -07:00
Nick Meves
d91c3f867d
Remove validation for invalid legacy v6.0.0 sessions
...
The reflect.DeepCopy doesn't play nice with the new Lock and Clock
fields in sessions. And it added unneeded session deserialization
logic to every request.
2021-06-22 17:04:42 -07:00
Nick Meves
593125152d
Standarize provider refresh implemention & logging
2021-06-22 17:04:30 -07:00
Nick Meves
7fa6d2d024
Manage session time fields centrally
2021-06-21 21:54:52 -07:00
Nick Meves
7e80e5596b
RefreshSessions immediately when called
2021-06-21 21:54:52 -07:00
Joel Speed
5f4ac25b1e
Merge pull request #1249 from webnard/patch-1
...
Simplify sha256sum checking example
2021-06-21 19:43:35 +01:00
Ian Hunter
1c151b4b27
Simplify sha256sum checking example
...
The previous code didn't consider other languages and hid the output of failures. For example
```
$ LANG=es_ES.UTF-8 sha256sum -c sha256sum.txt
oauth2-proxy-v7.1.3.linux-amd64/oauth2-proxy: La suma coincide
```
2021-06-21 10:44:27 -04:00
Nick Meves
c2325ecbd5
Merge pull request #1226 from oauth2-proxy/app-redirect
...
Move app redirection logic to its own package
2021-06-19 10:54:00 -07:00
Joel Speed
d8b91efcc7
Add changelog for app redirection split
2021-06-19 11:26:04 +01:00
Joel Speed
bd2fa9d7d8
Add tests for split host port
2021-06-19 11:24:29 +01:00
Joel Speed
273ab1f591
Integrate redirect package with OAuth2 Proxy
2021-06-19 11:24:27 +01:00
Joel Speed
e1764d4221
Create AppDirector for getting the application redirect URL
2021-06-19 11:23:32 +01:00
Joel Speed
e7f304fc96
Create redirect validator
2021-06-19 11:23:31 +01:00
Joel Speed
62436dbc02
Merge pull request #1128 from oauth2-proxy/proxy-router
...
Use gorilla mux for OAuth Proxy routing
2021-06-19 11:22:37 +01:00
Joel Speed
a8c9b2903d
Use gorilla mux for OAuth Proxy routing
2021-06-19 11:17:16 +01:00
Anders Kiel Hovgaard
c00d36159e
Update Alpine image version to 3.14 ( #1244 )
...
* Update Alpine image version to 3.14.
* Update changelog.
2021-06-18 13:12:11 +01:00
Nick Meves
a296936a0f
Merge pull request #1238 from samirachoadi/feature/add_adfs_provider
...
Added ADFS Provider
2021-06-13 11:13:21 -07:00
Sami Racho
a14c0c2121
Added ADFS Provider
2021-06-13 10:19:56 +02:00
Robin Tweedie
381ac91752
Provide a link to the Helm chart for oauth2-proxy ( #1217 )
...
* Update installation.md
Provide a link to the Helm chart for oauth2-proxy
* also document in latest versioned docs
2021-06-09 15:03:51 +01:00