11 Commits

Author	SHA1	Message	Date
Jan Larwig	fc6e7fdbd1	bugfix: OIDCConfig based providers are not respecting flags and configs (#2299) ... * add full support for all oidc config based providers to use and respect all configs set via OIDCConfig * add changelog entry --------- Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>	2023-11-25 11:32:31 +00:00
kvanzuijlen	e13a5048eb	Updated linters	2023-10-24 16:37:57 +02:00
tuunit	7683902a42	bugfix: default scopes for OIDCProvider based providers	2023-09-10 20:10:14 +00:00
Ian Roberts	63727103db	Support for passing through URL query parameters from /oauth2/start to the ID provider's login URL. ... You must explicitly configure oauth2-proxy (alpha config only) with which parameters are allowed to pass through, and optionally provide an allow-list of valid values and/or regular expressions for each one. Note that this mechanism subsumes the functionality of the "prompt", "approval_prompt" and "acr_values" legacy configuration options, which must be converted to the equivalent YAML when running in alpha config mode.	2022-02-19 16:11:09 +00:00
Joel Speed	d162b018a8	Move provider initialisation into providers package	2022-02-16 10:38:05 +00:00
Joel Speed	967051314e	Integrate claim extractor into providers	2022-02-16 10:28:33 +00:00
Nick Meves	bdfca925a3	Handle UPN fallback when profileURL isn't set	2021-12-01 19:08:15 -08:00
Nick Meves	1621ea3bba	ADFS supports IDToken nonce, use it	2021-12-01 19:08:15 -08:00
Nick Meves	4980f6af7d	Use upn claim as a fallback in Enrich & Refresh ... Only when `email` claim is missing, fallback to `upn` claim which may have it.	2021-12-01 19:08:10 -08:00
Nick Meves	a53198725e	Use upn as EmailClaim throughout ADFSProvider ... By only overriding in the EnrichSession, any Refresh calls would've overriden it with the `email` claim.	2021-12-01 19:06:02 -08:00
Sami Racho	a14c0c2121	Added ADFS Provider	2021-06-13 10:19:56 +02:00