77e1fff753
Merge pull request #185 from jonas/check-against-validate-url-string
...
Only validate tokens if ValidateURL resolves to a non-empty string
2019-06-15 12:30:03 +02:00
0d6fa6216d
Merge pull request #180 from govau/littletidyups
...
Minor restructure for greater confidence that only authenticated requests are proxied
2019-06-15 12:21:54 +02:00
6366690927
Fix gofmt for changed files
2019-06-15 11:34:00 +02:00
417fde190c
Update changelog
2019-06-15 11:33:59 +02:00
fb9616160e
Move logger to pkg/logger
2019-06-15 11:33:58 +02:00
d1ef14becc
Move cookie to pkg/encryption
2019-06-15 11:33:57 +02:00
d69560d020
No need for case when only 2 conditions
2019-06-15 18:48:27 +10:00
7a8fb58ad1
Only validate tokens if ValidateURL resolves to a non-empty string
...
Fix an unsupported protocol scheme error when validating tokens by
ensuring that the ValidateURL generates a non-empty string. The Azure
provider doesn't define any ValidateURL and therefore uses the default
value of `url.Parse("")` which is not `nil`.
The following log summary shows the issue:
2019/06/14 12:26:04 oauthproxy.go:799: 10.244.1.3:34112 ("10.244.1.1") refreshing 16h26m29s old session cookie for Session{email:jonas.fonseca@example.com user:jonas.fonseca token:true} (refresh after 1h0m0s)
2019/06/14 12:26:04 internal_util.go:60: GET ?access_token=eyJ0...
2019/06/14 12:26:04 internal_util.go:61: token validation request failed: Get ?access_token=eyJ0...: unsupported protocol scheme ""
2019/06/14 12:26:04 oauthproxy.go:822: 10.244.1.3:34112 ("10.244.1.1") removing session. error validating Session{email:jonas.fonseca@example.com user:jonas.fonseca token:true}
2019-06-14 12:52:22 -04:00
8027cc454e
Move api to pkg/requests
2019-06-08 07:40:43 +01:00
f35c82bb0f
The AuthOnly path also needs the response headers set
2019-06-07 14:25:12 +10:00
9e59b4f62e
Restructure so that serving data from upstream is only done when explicity allowed, rather
...
than as implicit dangling else
2019-06-07 13:50:44 +10:00
572646e0d5
Merge pull request #175 from govau/bumpoidc
...
Bump go-oidc
2019-06-06 17:54:25 +01:00
78feaec6fa
Merge branch 'master' into bumpoidc
2019-06-06 17:38:19 +01:00
55a853cf51
Merge pull request #155 from lsst/redis-session-store
...
Redis session store
2019-06-05 11:39:47 +01:00
405f9b3bb0
Update CHANGELOG with descriptions about redis support
...
Add updates from master
2019-06-05 00:12:11 -07:00
4721da02f2
Ensure SessionStores can handle recieving cookies for the wrong implementation
...
(cherry picked from commit 131206cf41697543583751ac2714287898c19ad0)
2019-06-05 00:11:42 -07:00
c1ae0ca807
Make sure the cookie exists before we clear the session in redis
...
(cherry picked from commit 6d7f0ab57d554706425f76aed4df60717dd63ece)
2019-06-05 00:11:42 -07:00
22199fa417
Fix ticket retrieval with an invalid ticket
...
(cherry picked from commit 66bbf146ec45d127bdd374120743aeef936894a7)
2019-06-05 00:11:42 -07:00
3155ada287
Ensure sessions are refreshable in redis session store
...
(cherry picked from commit 48edce3003d187a3eadc4ea96236845271dd9360)
2019-06-05 00:11:42 -07:00
2e2327af6c
Check SaveSession works when an existing session is present
...
(cherry picked from commit 9dc1a96d817741632cb476456755a645b732db7d)
2019-06-05 00:11:42 -07:00
ae0258a203
Documentation updates around Redis and Redis Sentinel use
2019-06-05 00:11:42 -07:00
518c1d3e8e
Add Redis sentinel compatibility
...
(cherry picked from commit ff36b61f8cee4ecf0b91a90b5e1b651b526bb6b6)
2019-06-05 00:11:42 -07:00
fc06e2dbef
Update documentation and changelog for redis store
2019-06-05 00:11:42 -07:00
5095c3647d
Add redis-connection-url flag
2019-06-05 00:10:51 -07:00
4f5dbace9f
Refactor persistent tests with more Context
2019-06-05 00:10:51 -07:00
7e7bfb5daf
Stop miniredis after each test
2019-06-05 00:10:51 -07:00
bc3d75a2ed
Run persistent tests with multiple option groups
2019-06-05 00:10:51 -07:00
42f14a41d9
Clean up persistent SessionStore tests
2019-06-05 00:10:51 -07:00
a7693cc72a
Tranfser all cookies in tests
2019-06-05 00:10:51 -07:00
93df7d9132
Remove spurious comment
2019-06-05 00:10:51 -07:00
a6b8f7bde2
Rename expire -> expiration
2019-06-05 00:10:51 -07:00
2f61e42c37
More obvious comment on CFB
2019-06-05 00:10:51 -07:00
f435fa68ab
Make loadSessionFromString private
2019-06-05 00:10:51 -07:00
130d03758d
Fix comments on Redis options
2019-06-05 00:10:51 -07:00
7a1fc52e33
Fix go-redis version pin
2019-06-05 00:10:51 -07:00
b255ed56ef
Sign cookies in the Redis Session store
2019-06-05 00:10:51 -07:00
2c566a5f5b
Use session CreatedAt for cookie timings
2019-06-05 00:10:51 -07:00
296d989e58
Simplify redis store options
2019-06-05 00:10:51 -07:00
f2562e8973
Pin version of go-redis
2019-06-05 00:10:51 -07:00
42731f0617
Check cookie error and doc on cookie handling
2019-06-05 00:10:51 -07:00
b1bd3280db
Add support for a redis session store
2019-06-05 00:10:51 -07:00
e881612ea6
Fix session_state type
2019-06-05 00:10:51 -07:00
b6c60f52ee
Bump go-oidc
2019-06-04 10:58:35 +10:00
1355c1ce30
Merge pull request #170 from zeha/release-tarballs-as-before
...
Make release tarballs look like bitly's
2019-06-03 16:23:30 +01:00
df6b6b7ce0
Merge pull request #176 from govau/fixnogopath
...
Stop assuming that GOPATH is always set, and is a single directory
2019-06-03 16:21:39 +01:00
40cf6b2626
Merge pull request #168 from pusher/drop-1.11
...
Drop Go 1.11 from Travis CI
2019-06-03 15:22:35 +01:00
006322562d
Bump go version in configure to check for go 1.12
2019-06-03 14:59:58 +01:00
f0b6f1525b
Update changelog
2019-06-03 14:59:56 +01:00
29fb71fac5
Drop Go 1.11 from Travis CI
2019-06-03 14:59:16 +01:00
37475637cd
Install gometalinter in travis instead
2019-06-03 17:53:47 +10:00
