go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-23 00:40:46 +02:00
Code Issues Releases Activity
1,722 Commits 24 Branches 38 Tags
7a784a460dbccad2fff4837cdad5a9fb414f971c
Commit Graph

1722 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joel Speed
465789b044 Merge pull request #1039 from oauth2-proxy/fix-test-logging 
Ensure errors in tests are logged to the GinkgoWriter
 2021-02-11 09:48:24 +00:00
Joel Speed
b6cca79cb9 Ensure errors in tests are logged to the GinkgoWriter 2021-02-10 19:50:04 +00:00
Joel Speed
4fa607f173 Merge pull request #1038 from oauth2-proxy/prep-7.0.1 
Prepare for release v7.0.1
v7.0.1 		2021-02-10 19:34:51 +00:00
Joel Speed
e87a51f0e5 Prepare for release v7.0.1 2021-02-10 18:25:39 +00:00
Aleksander Stelmaczonek
7def4bf360 [DOC] Fix broken link to cookie secret generation (#1024) 
* [DOC] Fix broken link

* Update auth.md

* Update auth.md

* Update auth.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-02-10 17:55:42 +00:00
Aleksander Stelmaczonek
0f859215f0 [DOC] Add header to cookie secret paragraph (#1025) 
* [DOC] Add header to cookie secret paragraph

* Update overview.md

* Update overview.md

* Update overview.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-02-08 12:58:38 +00:00
Joel Speed
b97c83297e Update release process to use makefile go version check (#1027) 
Co-authored-by: Nick Meves <nick.meves@greenhouse.io>
 2021-02-06 15:19:33 -08:00
Nick Meves
c9d9769f6f Merge pull request #1026 from oauth2-proxy/fix-flag-loading 
Ensure config flags get parsed correctly when other flags preceed them
 2021-02-06 14:49:45 -08:00
Joel Speed
ae17e38403 Ensure config flags get parsed correctly when other flags preceed them 2021-02-06 15:25:08 +00:00
Joel Speed
9df3a752a6 Merge pull request #1020 from grnhse/flatten-response-headers 
Flatten array-based response headers
 2021-02-04 08:10:59 +00:00
Nick Meves
c3f31b4dd5 Flatten array-based response headers 2021-02-03 16:48:26 -08:00
Joel Speed
06985879e1 Merge pull request #1007 from oauth2-proxy/release-v7.0.0 
Prepare for Release v7.0.0
v7.0.0 		2021-02-01 18:16:08 +00:00
Joel Speed
1ccaea7710 Add advisory note to changelog 2021-02-01 18:12:34 +00:00
Joel Speed
d1a249262f Create v7.0.x versioned docs 
Created within: yarn run docusaurus docs:version 7.0.x
 2021-02-01 18:05:47 +00:00
Joel Speed
a909d33355 Update CHANGELOG for release v7.0.0 2021-02-01 18:05:44 +00:00
Nick Meves
780ae4f3c9 Merge pull request from GHSA-4mf2-f3wh-gvf2 2021-02-01 18:04:33 +00:00
Nishanth Reddy
48b1658e5d Update alpine version to 3.13 (#1013) 
* Update alpine version to 3.13 

alpine 3.12 has a CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928 which got fixed in recent version

* address review comments
 2021-01-30 15:33:28 +00:00
Lida Li
b541805dc1 Use comma separated multiple values for header (#799) 
* Use comma separated value for multiple claims

* Fix lint error

* Fix more tests

* Fix one more test

* Always flatten the headers

* Ensure we test the real multi-groups

* Only update map when necessary

* Update CHANGELOG

* Move to the right location of change log

* Fix blank line
 2021-01-22 08:48:34 +00:00
Wilfried OLLIVIER
8087de7a03 Add Gitlab version warning/constaint in documentation (#1004) 2021-01-20 19:57:22 +00:00
Kevin Kreitner
57640764c0 Use logger for sensitive data logging to be able to disable it (#1002) 
* Add sensible logging flag to default setup for logger

* Use logger instead of fmt for info logging with sensible data

* Remove sensible logging flag

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-01-20 19:56:13 +00:00
Joel Speed
56075e3776 Merge pull request #903 from oauth2-proxy/reference-generator 
Add docs and generated reference for Alpha configuration
 2021-01-19 19:27:38 +00:00
Joel Speed
fbfc0959cb Add changelog entry for new alpha configuration docs 2021-01-18 09:57:51 +00:00
Joel Speed
5c64e236fb Generate reference page in configuration 2021-01-18 09:57:44 +00:00
Joel Speed
eb129a342c Ensure code is generated during CI 2021-01-18 09:56:07 +00:00
Joel Speed
9c126f5740 Merge pull request #964 from grnhse/reverse-proxy-context 
Track the ReverseProxy config setting in the request Scope
 2021-01-17 18:32:32 +00:00
Nick Meves
da02914a9c Log IsValidRedirect violations and do a final safety call 2021-01-16 13:56:38 -08:00
Nick Meves
fa6a785eaf Improve handler vs helper organization in oauthproxy.go 
Additionally, convert a lot of helper methods to be private
 2021-01-16 13:55:49 -08:00
Nick Meves
73fc7706bc Figure out final app redirect URL with proxy aware request utils 2021-01-16 13:55:49 -08:00
Nick Meves
f054682fb7 Make HTTPS Redirect middleware Reverse Proxy aware 2021-01-16 13:55:48 -08:00
Nick Meves
6fb3274ca3 Refactor organization of scope aware request utils 
Reorganized the structure of the Request Utils due to their widespread use
resulting in circular imports issues (mostly because of middleware & logger).
 2021-01-16 13:55:48 -08:00
Nick Meves
b625de9490 Track the ReverseProxy option in the request Scope 
This allows for proper handling of reverse proxy based headers throughout
the lifecycle of a request.
 2021-01-16 13:55:48 -08:00
Nick Meves
8e02fac2cc Merge pull request #995 from oauth2-proxy/security 
Add Security Policy
 2021-01-16 13:54:07 -08:00
Joel Speed
e50e6ed373 Add Security Policy 2021-01-16 19:47:47 +00:00
Nick Meves
a0d37518e0 Merge pull request #989 from rassie/master 
Adapt isAjax to support mimetype lists
 2021-01-12 15:28:07 -08:00
Nikolai Prokoschenko
81bf1ef8ce Adapt isAjax to support mimetype lists 
Fixes #988
 2021-01-12 19:37:30 +01:00
Joel Speed
dd60fe4fef Merge pull request #982 from grnhse/maintainer-update 
Add NickMeves to MAINTAINERS
 2021-01-11 09:03:00 +00:00
Nick Meves
d08b9b7cc4 Add NickMeves to MAINTAINERS 2021-01-10 10:56:01 -08:00
Ilia Pertsev
597ffeb121 Fix joined cookie name for those containing underline in the suffix (#970) 
* properly handle splitted cookies with names ending with _

* test update

* provide cookieName into joinCookies instead of processing the suffix

* changelog update

* test update
 2021-01-04 17:21:17 -08:00
İlteriş Eroğlu
1d74a51cd7 Use X-Forwarded-{Proto,Host,Uri} on redirect as last resort (#957) 2021-01-01 15:23:11 -08:00
Joel Speed
91b3f5973e Merge pull request #953 from grnhse/keycloak-refactor-provider-methods 
Refactor Keycloak Provider Methods
 2021-01-01 10:40:55 +00:00
Nick Meves
4b28e6886c Handle ValidateURL fallback for nil & empty struct cases 2020-12-24 14:04:20 -08:00
Nick Meves
816d9a4566 Use a generic http.HandlerFunc in Keycloak tests 2020-12-24 14:04:19 -08:00
Nick Meves
f07a5630f1 Update Keycloak documentation 2020-12-24 14:04:19 -08:00
Nick Meves
138a6b128a Use ProfileURL for userinfo EnrichSession calls in Keycloak 2020-12-24 14:04:19 -08:00
Nick Meves
0886f8035c Move all Keycloak unit tests to Ginkgo 2020-12-24 14:04:19 -08:00
Nick Meves
3369799853 Migrate Keycloak to EnrichSession & support multiple groups 2020-12-24 14:04:19 -08:00
Nick Meves
89e0a77a8f Merge pull request #849 from grnhse/is-831-auth-querystring-groups 
Group/Role Access Restriction support in `/oauth2/auth` endpoint
 2020-12-24 12:21:40 -08:00
Nick Meves
753f6c548a Add a detailed allowed_groups example to Important Notes 2020-12-24 12:05:12 -08:00
Nick Meves
65e15f24c1 Support only allowed_groups querystring 2020-12-24 12:05:12 -08:00
Nick Meves
025056cba0 Move AuthOnly authorize logic to a dedicated method 2020-12-24 12:05:11 -08:00