2faa91eb74
Fix a typo in oauthproxy.go ( #2021 )
2023-02-20 10:21:59 +00:00
fd50a35784
update checkout actions ( #1981 )
2023-02-13 09:26:09 +00:00
a061cd52e9
Fixes CVE-2022-41721 ( #1994 )
...
See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/
2023-02-13 09:25:33 +00:00
cbc973c8d9
Issue 1878: Validate URL call does not correctly honor already set UR… ( #1951 )
...
* Issue 1878: Validate URL call does not correctly honor already set URL parameters
* Issue 1878: Validate URL call does not correctly honor already set URL parameters
* Update CHANGELOG.md
---------
Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com >
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk >
2023-02-10 18:36:13 +00:00
df8df9b536
Update formatting error in overview for custom-sign-in-logo ( #1886 )
2023-02-10 18:35:27 +00:00
13202fd5ea
Merge pull request #1920 from mdreem/do-not-remove-emails-claim
...
Fill empty UserIDClaim before assigning it to other values
2023-02-06 09:16:58 +00:00
5577cf0151
add changelog entry
2023-02-03 14:35:33 +00:00
82bb08609f
Fill empty UserIDClaim before assigning it to other values
2023-02-03 14:25:25 +00:00
2d674959a2
Merge pull request #1991 from OmAximani0/patch-1
...
Changes `checkout` version to `v3`
2023-01-30 09:59:41 +00:00
cefeff5561
Chnages checkout
version to v3
2023-01-27 22:53:05 +05:30
f753ec1ca5
feat: readiness check ( #1839 )
...
* feat: readiness check
* fix: no need for query param
* docs: add a note
* chore: move the readyness check to its own endpoint
* docs(cr): add godoc
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk >
2022-12-23 09:08:12 +00:00
8b77c97009
Fix default scope settings for none oidc providers like GitHub ( #1927 )
...
* fix default scope settings for none oidc providers
* add changelog for bugfix
* fix scope test cases by producing and accessing correct result value
2022-12-23 09:00:57 +00:00
ddcc433a97
Merge pull request #1936 from braunsonm/pkce-code-verifier-correction
...
Remove unsupported special characters from the code verifier runes
2022-12-19 10:01:39 +00:00
311d210ec4
Remove unsupported special characters from the code verifier runes
...
- Not all special ASCII characters are strictly supported by the spec
2022-12-16 19:57:02 -05:00
0832488af3
Merge pull request #1906 from braunsonm/braunsonm/issue1897
...
Fix PKCE code verifier generation to never use UTF-8 characters
2022-12-12 07:59:10 -05:00
f4f5b7756c
Fix PKCE code verifier generation to never use UTF-8 characters
...
- This could result in intermittent/random failures of PKCE enabled IdP's
2022-11-18 20:37:14 -05:00
fd2807c091
Fix uninitialized user claim ( #1873 )
...
* Fix uninitialized user claim
Some providers doesn't initialize data with setProviderDefaults function
(keycloak-oidc for example), therefore UserClaim is never initialized
with the default value and stay as an empty string.
This result in an empty user.
* Add CHANGELOG.md entry for #1873
* Call setProviderDefaults where missing
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk >
2022-11-07 08:42:33 +00:00
e9a4654358
Merge pull request #1883 from braunsonm/issue-1593
...
Set correct platform type for arm v8 docker images
2022-11-04 10:15:47 +00:00
92b2231c6f
Set correct platform type for arm v8 docker images
...
- A previous attempt used the wrong platform value which resulted in a build without the v8 variant being
created.
- Platform formatting is defined in the containerd source code as referenced by the docker documentation:
https://github.com/containerd/containerd/blob/v1.4.3/platforms/platforms.go#L63
Fixes #1593 - again
2022-11-03 21:28:05 -04:00
9484a67afc
Merge pull request #1882 from babs/atrocious-fix-for-test-race-condition-on-htpasswd
...
Fix for test race condition on htpasswd file
2022-11-03 14:46:20 +00:00
86011e8ac7
Protect htpasswd user list from race condition
2022-11-03 15:38:41 +01:00
aafa966550
Merge pull request #1867 from oauth2-proxy/release-v7.4.0
...
Release v7.4.0
v7.4.0
2022-10-29 13:27:20 +01:00
efe9aed559
Create versioned docs for release v7.4.x
...
Created with: yarn run docusaurus docs:version 7.4.x
2022-10-29 13:19:49 +01:00
2c21b2830d
Update changelog for v7.4.0 release
2022-10-29 13:19:48 +01:00
4993a5ac8b
Merge pull request #1862 from oauth2-proxy/update-deps
...
Update dependencies
2022-10-29 12:57:15 +01:00
d4e3bf4df0
Update changelog
2022-10-29 12:49:54 +01:00
4a2cf153cf
Fixup update session state handling
2022-10-29 12:49:53 +01:00
0586a9e072
Update middleware tests
2022-10-29 12:49:52 +01:00
b333ef89bc
Update providers tests
2022-10-29 12:49:51 +01:00
7034f0db53
Do not update viper
...
This breaks our deafult structures tests
2022-10-29 12:49:50 +01:00
5dfefb6d9b
Update session state handling
2022-10-29 12:49:49 +01:00
f55d24bfcf
Update dependencies
...
Ran `go get -u` to update depdendencies automatically to newer versions.
I'm aware of a few CVEs that this should resolve
2022-10-29 12:49:48 +01:00
95e56e3445
updated release notes regarding azure provider issue ( #1771 )
2022-10-28 08:32:19 +01:00
1e21a56f99
Update go-redis/redis to v9. ( #1847 )
...
* Update go-redis/redis to v9.
- And updated redislock, testify, ginko and gomega have also been updated.
- Renamed the option `IdleTimeout` to `ConnMaxIdleTime` because of 517938a6b0/CHANGELOG.md
* Update CHANGELOG.md
* Dropping dot import of the types since they created aliases now
* fixing some error messages to make tests happy
* updating more error messages that were changed to make tests happy
* reverting error messages
Co-authored-by: Muhammad Arham <marham@i2cinc.com >
2022-10-24 16:41:06 +01:00
5b5894af07
Keycloak provider - Retain user and prefered_username in session ( #1815 )
...
* Keycloak provider - Retain user and prefered_username in session
* Add CHANGELOG for PR #1815
2022-10-24 08:47:59 +01:00
ece3d62d64
set providerDefaults for oidc consistently ( #1828 )
...
* set providerDefaults for oidc consistently
* docs: document #1828 in CHANGELOG
2022-10-23 10:48:20 +01:00
cfcba1a7fc
Merge pull request #1811 from mdoro-13/warn_about_potential_mistake_in_whitelist-domain
...
Warn not to include URL instead of domain and port
2022-10-23 11:47:01 +02:00
d9a33df29d
Merge pull request #1851 from adriananeci/bump_go
...
Bump golang to 1.19 and min allowed version to 1.18
2022-10-23 11:44:45 +02:00
2f1fecae39
add changelog entry
2022-10-22 17:17:36 +03:00
b3df9aecc2
Bump golang to 1.19 and min allowed version to 1.18
2022-10-21 20:40:58 +03:00
19bb0d0e86
Merge pull request #1574 from adriananeci/azure_support_upstream
...
Add Azure groups support and Azure OAuth v2.0
2022-10-21 19:31:10 +02:00
a5d918898c
Add azure groups support and oauth2 v2.0
2022-10-21 20:23:21 +03:00
7fe6384f38
Fix Linting Errors ( #1835 )
...
* initial commit: add groups to azure
Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com >
* fix deprecations and linting errors
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com >
* remove groups testing from azure provider
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com >
* fix test error
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com >
* verify-generate
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com >
Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com >
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com >
2022-10-21 11:57:51 +01:00
a6c8f6f04a
Change "API Manager" to "APIs & Services" ( #1824 )
2022-10-15 14:33:53 +01:00
6afcae295a
Updated net and text packages to address CVE-2022-27664 and CVE-2022-32149. ( #1825 )
...
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk >
2022-10-15 14:33:44 +01:00
c395669649
20220802 fix nextcloud ( #1750 )
...
* Avoid Nextcloud "Current user is not logged in" (Statuscode 997)
The error message results from oauth2-proxy trying to pass the
access token via URL. Instead it needs to be sent via header,
thus the Nextcloud provider requires a fix similar to what #1502
did before for the keycloak provider.
* Implement EnrichSession() for Nextcloud provider
Parse nested JSON to transform relevant information (groups, id,
email) from the OAuth2 userinfo endpoint into session.
* Update CHANGELOG.md (add link to PR #1750 )
2022-10-15 14:25:15 +01:00
51d3d55a69
Warn not to include URL instead of domain and port
2022-10-04 18:39:55 +03:00
965fab422d
Add API route config ( #1760 )
...
* Add API route config
In addition to requests with Accept header `application/json` return 401 instead of 302 to login page on requests matching API paths regex.
* Update changelog
* Refactor
* Remove unnecessary comment
* Reorder checks
* Lint Api -> API
Co-authored-by: Sebastian Halder <sebastian.halder@boehringer-ingelheim.com >
2022-09-11 16:09:32 +01:00
b82593b9cc
Update base docker image to alpine 3.16 ( #1788 )
...
* Update Dockerfile
* Update CHANGELOG.md
2022-09-10 11:59:54 +01:00
fbe7e6f58d
Merge pull request #1762 from ianldgs/negate-route
...
Support negating for skip auth routes
2022-09-03 14:02:52 +01:00