go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-23 00:40:46 +02:00
Code Issues Releases Activity
1,787 Commits 24 Branches 38 Tags
2faa91eb74de54c4c8bbd31dbf17c88a58dfda5c
Commit Graph

1787 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ho Kim
2faa91eb74 Fix a typo in oauthproxy.go (#2021) 2023-02-20 10:21:59 +00:00
Ryuichi Watanabe
fd50a35784 update checkout actions (#1981) 2023-02-13 09:26:09 +00:00
Jeroen Landheer
a061cd52e9 Fixes CVE-2022-41721 (#1994) 
See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/
 2023-02-13 09:25:33 +00:00
Nuno Miguel Micaelo Borges
cbc973c8d9 Issue 1878: Validate URL call does not correctly honor already set UR… (#1951) 
* Issue 1878: Validate URL call does not correctly honor already set URL parameters

* Issue 1878: Validate URL call does not correctly honor already set URL parameters

* Update CHANGELOG.md

---------

Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com>
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2023-02-10 18:36:13 +00:00
Amith KK
df8df9b536 Update formatting error in overview for custom-sign-in-logo (#1886) 2023-02-10 18:35:27 +00:00
Joel Speed
13202fd5ea Merge pull request #1920 from mdreem/do-not-remove-emails-claim 
Fill empty UserIDClaim before assigning it to other values
 2023-02-06 09:16:58 +00:00
Marc Schiereck
5577cf0151 add changelog entry 2023-02-03 14:35:33 +00:00
Marc Schiereck
82bb08609f Fill empty UserIDClaim before assigning it to other values 2023-02-03 14:25:25 +00:00
Joel Speed
2d674959a2 Merge pull request #1991 from OmAximani0/patch-1 
Changes `checkout` version to `v3`
 2023-01-30 09:59:41 +00:00
Om Aximani
cefeff5561 Chnages checkout version to v3 2023-01-27 22:53:05 +05:30
Kobi Meirson
f753ec1ca5 feat: readiness check (#1839) 
* feat: readiness check

* fix: no need for query param

* docs: add a note

* chore: move the readyness check to its own endpoint

* docs(cr): add godoc

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2022-12-23 09:08:12 +00:00
Jan Larwig
8b77c97009 Fix default scope settings for none oidc providers like GitHub (#1927) 
* fix default scope settings for none oidc providers

* add changelog for bugfix

* fix scope test cases by producing and accessing correct result value
 2022-12-23 09:00:57 +00:00
Joel Speed
ddcc433a97 Merge pull request #1936 from braunsonm/pkce-code-verifier-correction 
Remove unsupported special characters from the code verifier runes
 2022-12-19 10:01:39 +00:00
Braunson M
311d210ec4 Remove unsupported special characters from the code verifier runes 
- Not all special ASCII characters are strictly supported by the spec
 2022-12-16 19:57:02 -05:00
Braunson
0832488af3 Merge pull request #1906 from braunsonm/braunsonm/issue1897 
Fix PKCE code verifier generation to never use UTF-8 characters
 2022-12-12 07:59:10 -05:00
Braunson M
f4f5b7756c Fix PKCE code verifier generation to never use UTF-8 characters 
- This could result in intermittent/random failures of PKCE enabled IdP's
 2022-11-18 20:37:14 -05:00
Damien Degois
fd2807c091 Fix uninitialized user claim (#1873) 
* Fix uninitialized user claim

Some providers doesn't initialize data with setProviderDefaults function
(keycloak-oidc for example), therefore UserClaim is never initialized
with the default value and stay as an empty string.
This result in an empty user.

* Add CHANGELOG.md entry for #1873

* Call setProviderDefaults where missing

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2022-11-07 08:42:33 +00:00
Joel Speed
e9a4654358 Merge pull request #1883 from braunsonm/issue-1593 
Set correct platform type for arm v8 docker images
 2022-11-04 10:15:47 +00:00
Braunson M
92b2231c6f Set correct platform type for arm v8 docker images 
- A previous attempt used the wrong platform value which resulted in a build without the v8 variant being
created.
- Platform formatting is defined in the containerd source code as referenced by the docker documentation:
https://github.com/containerd/containerd/blob/v1.4.3/platforms/platforms.go#L63

Fixes #1593 - again
 2022-11-03 21:28:05 -04:00
Joel Speed
9484a67afc Merge pull request #1882 from babs/atrocious-fix-for-test-race-condition-on-htpasswd 
Fix for test race condition on htpasswd file
 2022-11-03 14:46:20 +00:00
Damien Degois
86011e8ac7 Protect htpasswd user list from race condition 2022-11-03 15:38:41 +01:00
Joel Speed
aafa966550 Merge pull request #1867 from oauth2-proxy/release-v7.4.0 
Release v7.4.0
v7.4.0 		2022-10-29 13:27:20 +01:00
Joel Speed
efe9aed559 Create versioned docs for release v7.4.x 
Created with: yarn run docusaurus docs:version 7.4.x
 2022-10-29 13:19:49 +01:00
Joel Speed
2c21b2830d Update changelog for v7.4.0 release 2022-10-29 13:19:48 +01:00
Joel Speed
4993a5ac8b Merge pull request #1862 from oauth2-proxy/update-deps 
Update dependencies
 2022-10-29 12:57:15 +01:00
Joel Speed
d4e3bf4df0 Update changelog 2022-10-29 12:49:54 +01:00
Joel Speed
4a2cf153cf Fixup update session state handling 2022-10-29 12:49:53 +01:00
Joel Speed
0586a9e072 Update middleware tests 2022-10-29 12:49:52 +01:00
Joel Speed
b333ef89bc Update providers tests 2022-10-29 12:49:51 +01:00
Joel Speed
7034f0db53 Do not update viper 
This breaks our deafult structures tests
 2022-10-29 12:49:50 +01:00
Joel Speed
5dfefb6d9b Update session state handling 2022-10-29 12:49:49 +01:00
Joel Speed
f55d24bfcf Update dependencies 
Ran `go get -u` to update depdendencies automatically to newer versions.
I'm aware of a few CVEs that this should resolve
 2022-10-29 12:49:48 +01:00
dulakm
95e56e3445 updated release notes regarding azure provider issue (#1771) 2022-10-28 08:32:19 +01:00
Muhammad Arham
1e21a56f99 Update go-redis/redis to v9. (#1847) 
* Update go-redis/redis to v9.
- And updated redislock, testify, ginko and gomega have also been updated.
- Renamed the option `IdleTimeout` to `ConnMaxIdleTime` because of 517938a6b0/CHANGELOG.md

* Update CHANGELOG.md

* Dropping dot import of the types since they created aliases now

* fixing some error messages to make tests happy

* updating more error messages that were changed to make tests happy

* reverting error messages

Co-authored-by: Muhammad Arham <marham@i2cinc.com>
 2022-10-24 16:41:06 +01:00
Damien Degois
5b5894af07 Keycloak provider - Retain user and prefered_username in session (#1815) 
* Keycloak provider - Retain user and prefered_username in session

* Add CHANGELOG for PR #1815
 2022-10-24 08:47:59 +01:00
Centzilius
ece3d62d64 set providerDefaults for oidc consistently (#1828) 
* set providerDefaults for oidc consistently

* docs: document #1828 in CHANGELOG
 2022-10-23 10:48:20 +01:00
Joel Speed
cfcba1a7fc Merge pull request #1811 from mdoro-13/warn_about_potential_mistake_in_whitelist-domain 
Warn not to include URL instead of domain and port
 2022-10-23 11:47:01 +02:00
Joel Speed
d9a33df29d Merge pull request #1851 from adriananeci/bump_go 
Bump golang to 1.19 and min allowed version to 1.18
 2022-10-23 11:44:45 +02:00
Adrian Aneci
2f1fecae39 add changelog entry 2022-10-22 17:17:36 +03:00
Adrian Aneci
b3df9aecc2 Bump golang to 1.19 and min allowed version to 1.18 2022-10-21 20:40:58 +03:00
Joel Speed
19bb0d0e86 Merge pull request #1574 from adriananeci/azure_support_upstream 
Add Azure groups support and Azure OAuth v2.0
 2022-10-21 19:31:10 +02:00
Adrian Aneci
a5d918898c Add azure groups support and oauth2 v2.0 2022-10-21 20:23:21 +03:00
Andrew Hamade
7fe6384f38 Fix Linting Errors (#1835) 
* initial commit: add groups to azure

Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com>

* fix deprecations and linting errors

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

* remove groups testing from azure provider

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

* fix test error

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

* verify-generate

Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>

Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com>
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
 2022-10-21 11:57:51 +01:00
Sven Schliesing
a6c8f6f04a Change "API Manager" to "APIs & Services" (#1824) 2022-10-15 14:33:53 +01:00
Chris Bednarz
6afcae295a Updated net and text packages to address CVE-2022-27664 and CVE-2022-32149. (#1825) 
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2022-10-15 14:33:44 +01:00
NiteHawk
c395669649 20220802 fix nextcloud (#1750) 
* Avoid Nextcloud "Current user is not logged in" (Statuscode 997)

The error message results from oauth2-proxy trying to pass the
access token via URL. Instead it needs to be sent via header,
thus the Nextcloud provider requires a fix similar to what #1502
did before for the keycloak provider.

* Implement EnrichSession() for Nextcloud provider

Parse nested JSON to transform relevant information (groups, id,
email) from the OAuth2 userinfo endpoint into session.

* Update CHANGELOG.md (add link to PR #1750)
 2022-10-15 14:25:15 +01:00
mdoro-13
51d3d55a69 Warn not to include URL instead of domain and port 2022-10-04 18:39:55 +03:00
Segfault16
965fab422d Add API route config (#1760) 
* Add API route config

In addition to requests with Accept header `application/json` return 401 instead of 302 to login page on requests matching API paths regex.

* Update changelog

* Refactor

* Remove unnecessary comment

* Reorder checks

* Lint Api -> API

Co-authored-by: Sebastian Halder <sebastian.halder@boehringer-ingelheim.com>
 2022-09-11 16:09:32 +01:00
tooptoop4
b82593b9cc Update base docker image to alpine 3.16 (#1788) 
* Update Dockerfile

* Update CHANGELOG.md
 2022-09-10 11:59:54 +01:00
Joel Speed
fbe7e6f58d Merge pull request #1762 from ianldgs/negate-route 
Support negating for skip auth routes
 2022-09-03 14:02:52 +01:00