go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-01-10 04:18:14 +02:00
Code Issues Releases Activity
1,516 Commits 25 Branches 34 Tags 82 MiB
41cd418a5d
Commit Graph

26 Commits

Author SHA1 Message Date
Nick Meves
7eeaea0b3f
Support nonce checks in OIDC Provider (#967) 
* Set and verify a nonce with OIDC

* Create a CSRF object to manage nonces & cookies

* Add missing generic cookie unit tests

* Add config flag to control OIDC SkipNonce

* Send hashed nonces in authentication requests

* Encrypt the CSRF cookie

* Add clarity to naming & add more helper methods

* Make CSRF an interface and keep underlying nonces private

* Add ReverseProxy scope to cookie tests

* Align to new 1.16 SameSite cookie default

* Perform SecretBytes conversion on CSRF cookie crypto

* Make state encoding signatures consistent

* Mock time in CSRF struct via Clock

* Improve InsecureSkipNonce docstring
 2021-04-21 10:33:27 +01:00
Nick Meves
d2ffef2c7e
Use global OIDC fields for Gitlab 2020-12-21 16:54:12 -08:00
Nick Meves
42f6cef7d6
Improve OIDC error handling 2020-12-21 16:53:05 -08:00
Nick Meves
ea5b8cc21f
Support non-list and complex groups 2020-12-21 16:52:18 -08:00
Nick Meves
eb56f24d6d
Deprecate UserIDClaim in config and docs 2020-12-21 16:52:17 -08:00
Nick Meves
74ac4274c6
Move generic OIDC functionality to be available to all providers 2020-12-21 16:52:04 -08:00
Nick Meves
22f60e9b63
Generalize and extend default CreateSessionFromToken 2020-11-28 10:25:12 -08:00
Nick Meves
b92fd4b0bb
Streamline Google to use default Authorize 2020-11-12 11:18:58 -08:00
Nick Meves
eb58ea2ed9
Move AllowedGroups to DefaultProvider for default Authorize usage 2020-11-12 11:18:15 -08:00
Mitsuo Heijo
3fa42edb73
Fix import path for v7 (#800) 
* fix import path for v7

find ./ -name "*.go" | xargs sed -i -e 's|"github.com/oauth2-proxy/oauth2-proxy|"github.com/oauth2-proxy/oauth2-proxy/v7|'

* fix module path

* go mod tidy

* fix installation docs

* update CHANGELOG

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-09-29 17:44:42 +01:00
Phil Taprogge
d69fd6af22
Allow Logging to stdout with separate Error Log Channel (#718) 
* Add dedicated error logging writer

* Document new errors to stdout flag

* Update changelog

* Thread-safe the log buffer

* Address feedback

* Remove duplication by adding log level

* Clean up error formatting

* Apply suggestions from code review

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-08-10 11:44:08 +01:00
Joel Speed
d4dd34a65a
Move provider URLs to package level vars 2020-07-19 18:34:55 +01:00
Mitsuo Heijo
dd05e7ff0b
Add new linters (#486) 
* add new linters and fix issues

* fix deprecated warnings

* simplify return

* update CHANGELOG

* fix staticcheck issues

* remove a deprecated linter, minor fixes of variable initialization
 2020-04-14 09:36:44 +01:00
Joel Speed
802754caad
Migrate to oauth2-proxy/oauth2-proxy 2020-03-29 15:40:10 +01:00
Jakub Holy
3108f765a5
Fix #381, expose acr_values to all providers (#445) 2020-03-17 17:57:33 +00:00
Wolfgang Richter
fad6fff16d
Cleaned up source to make golangci-lint pass (#418) 
* cleaned up source to make golangci-lint pass

* providers/azure_test.go: use build in POST constant

* options_test.go: do not export unnecessary variables

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-03-14 09:58:29 +00:00
Jakub Holy
b1c81e2abe
Support prompt in addition to auth-prompt (#444) 
Fix #380
 2020-03-14 09:53:43 +00:00
Pavel Kirichenko
f2661c47ba
Support for client secret file. (#355) 
* added ClientSecretFile in ProviderData

* add documentation notes on client secret file

* added Changelog entry for Client Secret File PR

* fixing configuration.md

* addressing PR issue of ClientSecret property naming

* Update providers/provider_data.go

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* corrected changelog entry

* fixed typo in GetClientSecret

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-02-15 13:44:39 +00:00
Joel Speed
e200bd5c20
Add comments to exported methods for providers package 2018-12-20 10:37:59 +00:00
Eelco Cramer
10f47e325b Add Azure Provider 2016-01-20 03:57:17 -05:00
Brandon Philips
51a2e4e48c *: rename Url to URL everywhere 
Go coding style says that acronyms should be all lower or all upper. Fix
Url to URL.
 2015-11-09 00:47:44 +01:00
Ed Bardsley
33045a792b Add a flag to set the value of "approval_prompt". 
By setting this to "force", certain providers, like Google,
will interject an additional prompt on every new session. With other values,
like "auto", this prompt is not forced upon the user.
 2015-07-31 00:43:47 -07:00
Jehiah Czebotar
37b38dd2f4 Github provider 2015-05-21 02:21:19 -04:00
Mike Bland
72857018ee Introduce validate-url flag/config 2015-05-08 17:13:35 -04:00
Mike Bland
666e6ad436 Add ProviderName field; use in sign_in template 2015-03-31 12:59:07 -04:00
Mike Bland
e2931da853 Create providers package with Google default 2015-03-31 09:34:50 -04:00