1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-15 00:15:00 +02:00
Commit Graph

319 Commits

Author SHA1 Message Date
8d2fc409d8 Integrate new server implementation into main OAuth2 Proxy 2021-03-07 11:49:11 +00:00
602dac7852 Move Logging to Middleware Package (#1070)
* Use a specialized ResponseWriter in middleware

* Track User & Upstream in RequestScope

* Wrap responses in our custom ResponseWriter

* Add tests for logging middleware

* Inject upstream metadata into request scope

* Use custom ResponseWriter only in logging middleware

* Assume RequestScope is never nil
2021-03-06 17:27:16 +00:00
220b3708fc Add support for setting groups on session when using basic auth (#1064)
* Add support for setting groups on session when using basic auth

* Refactoring based on feedback

* Attribution
2021-02-25 13:02:23 -08:00
23e545a639 Add option for custom logos on the sign in page 2021-02-19 13:23:55 +00:00
9cea4ea89b Update golangci-lint version in CI workflow 2021-02-17 20:25:37 +00:00
a7c8a233ba Add Prometheus metrics endpoint
Add the Prometheus http.Handler to serve metrics at MetricsPath ("/metrics"
by default). This allows Prometheus to scrape metrics from OAuth2 Proxy.

Add a new middleware NewRequestMetrics and attach it to the preAuth
chain. This will collect metrics on all requests made to OAuth2 Proxy

Collapse some calls to Prinf() and os.Exit(1) to Fatalf as they are
equivalent. main() has a strict 50 lines limit so brevity in these
calls appreciated
2021-02-15 13:45:26 +00:00
225ff478a1 Move all pagewriter related code to dedicated pagewriter package 2021-02-14 10:21:13 +00:00
e8e2af73df Wrap templates and page rendering in PageWriter interface 2021-02-14 10:20:26 +00:00
dba6989054 Move SignIn page rendering to app pkg 2021-02-13 11:35:38 +00:00
6ecbc7bc4e Allow users to choose detailed error messages on error pages 2021-02-12 21:12:28 +00:00
a63ed0225c Use ErrorPage to render proxy error page 2021-02-12 21:12:27 +00:00
ef457b1765 Move Error page rendering to app package 2021-02-12 21:12:05 +00:00
0151ca11f6 Move template loading to app package 2021-02-12 16:55:52 +00:00
84f76c6060 Move template options to their own struct 2021-02-12 16:55:51 +00:00
801edeba23 Update templates to bulma framework 2021-02-12 16:55:45 +00:00
780ae4f3c9 Merge pull request from GHSA-4mf2-f3wh-gvf2 2021-02-01 18:04:33 +00:00
da02914a9c Log IsValidRedirect violations and do a final safety call 2021-01-16 13:56:38 -08:00
fa6a785eaf Improve handler vs helper organization in oauthproxy.go
Additionally, convert a lot of helper methods to be private
2021-01-16 13:55:49 -08:00
73fc7706bc Figure out final app redirect URL with proxy aware request utils 2021-01-16 13:55:49 -08:00
b625de9490 Track the ReverseProxy option in the request Scope
This allows for proper handling of reverse proxy based headers throughout
the lifecycle of a request.
2021-01-16 13:55:48 -08:00
81bf1ef8ce Adapt isAjax to support mimetype lists
Fixes #988
2021-01-12 19:37:30 +01:00
1d74a51cd7 Use X-Forwarded-{Proto,Host,Uri} on redirect as last resort (#957) 2021-01-01 15:23:11 -08:00
753f6c548a Add a detailed allowed_groups example to Important Notes 2020-12-24 12:05:12 -08:00
65e15f24c1 Support only allowed_groups querystring 2020-12-24 12:05:12 -08:00
025056cba0 Move AuthOnly authorize logic to a dedicated method 2020-12-24 12:05:11 -08:00
44d83e5f95 Use StatusForbidden to prevent infinite redirects 2020-12-24 12:04:01 -08:00
23b2355f85 Allow group authZ in AuthOnly endpoint via Querystring 2020-12-24 12:04:01 -08:00
22f60e9b63 Generalize and extend default CreateSessionFromToken 2020-11-28 10:25:12 -08:00
3e9717d489 Decouple TokenToSession from OIDC & add a generic VerifyFunc 2020-11-28 10:25:11 -08:00
e9f787957e Standardize provider interface method names 2020-11-28 10:25:11 -08:00
2549b722d3 Add User & Groups to Userinfo 2020-11-25 18:19:48 -08:00
b9661cb6fe Return 401 Unauthorized if Authorize fails 2020-11-12 11:18:59 -08:00
f21b3b8b20 Authorize in Redeem callback flow 2020-11-12 11:18:59 -08:00
1b3b00443a Streamline ErrMissingCode in provider Redeem methods 2020-11-12 11:18:59 -08:00
eb58ea2ed9 Move AllowedGroups to DefaultProvider for default Authorize usage 2020-11-12 11:18:15 -08:00
e7ac793044 Replace ValidateGroup with Authorize for Provider 2020-11-12 11:17:06 -08:00
cc6532a282 Use display-htpasswd-form flag (#778)
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-11-08 18:48:01 +00:00
8059a812cd Integrate new header injectors with OAuth2 Proxy 2020-11-07 17:16:58 +00:00
d9c141ae7c Remove GetUserName method from Provider 2020-10-19 14:09:46 -07:00
2b9e1bbba0 Add EnrichSessionState as main post-Redeem session updater 2020-10-19 14:09:45 -07:00
0bd8eb3191 Setup provider.ErrNotImplemented sentinel error 2020-10-19 14:09:02 -07:00
add45c360c Split session enrichment from code redemption 2020-10-19 14:09:02 -07:00
b7b7ade7c4 Improve AllowedRoute test table formatting 2020-10-07 10:13:41 -07:00
89a8ac8c1f Add startup logging for skipped auth routes 2020-10-07 10:13:41 -07:00
cfd3de807c Add tests for skip auth functionality 2020-10-07 10:13:41 -07:00
183cb124a4 Support HTTP method based allowlists 2020-10-07 10:13:40 -07:00
3fa42edb73 Fix import path for v7 (#800)
* fix import path for v7

find ./ -name "*.go" | xargs sed -i -e 's|"github.com/oauth2-proxy/oauth2-proxy|"github.com/oauth2-proxy/oauth2-proxy/v7|'

* fix module path

* go mod tidy

* fix installation docs

* update CHANGELOG

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-09-29 17:44:42 +01:00
e0d915cc03 Stop shadowing GetEmailAddress errors in redeemCode 2020-09-24 10:50:18 -07:00
3371284a36 Remove GetPreferredUsername method from Provider interface
It isn't used in any providers and we have future plans
to remove the specialness of PreferredUsername and make it
an optional field in the session.

User, Email & Groups will eventually be the only first class
fields on the session that are always set.
2020-09-24 10:49:50 -07:00
9d59519a96 Add support to ensure user belongs in required groups when using the OIDC provider 2020-09-21 10:43:54 -07:00