go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-21 00:29:44 +02:00
Code Issues Releases Activity
1,589 Commits 24 Branches 38 Tags
95464ca58faecf96670ee044c5ca8f355b076a07
Commit Graph

28 Commits

Author SHA1 Message Date
Nick Meves
11c2177f18 Use nickname claim as User for GitLab 
Previously this was only done in the `EnrichSession` stage
which would've missed Bearer usages & `RefreshSession`
would've overriden the User to the Subject.
 2021-09-25 16:49:25 -07:00
Nick Meves
0b4bc36554 Upgrade go-oidc to v3 (#1264) 2021-07-17 09:55:05 -07:00
Nick Meves
7eeaea0b3f Support nonce checks in OIDC Provider (#967) 
* Set and verify a nonce with OIDC

* Create a CSRF object to manage nonces & cookies

* Add missing generic cookie unit tests

* Add config flag to control OIDC SkipNonce

* Send hashed nonces in authentication requests

* Encrypt the CSRF cookie

* Add clarity to naming & add more helper methods

* Make CSRF an interface and keep underlying nonces private

* Add ReverseProxy scope to cookie tests

* Align to new 1.16 SameSite cookie default

* Perform SecretBytes conversion on CSRF cookie crypto

* Make state encoding signatures consistent

* Mock time in CSRF struct via Clock

* Improve InsecureSkipNonce docstring
 2021-04-21 10:33:27 +01:00
Nick Meves
d2ffef2c7e Use global OIDC fields for Gitlab 2020-12-21 16:54:12 -08:00
Nick Meves
42f6cef7d6 Improve OIDC error handling 2020-12-21 16:53:05 -08:00
Nick Meves
ea5b8cc21f Support non-list and complex groups 2020-12-21 16:52:18 -08:00
Nick Meves
eb56f24d6d Deprecate UserIDClaim in config and docs 2020-12-21 16:52:17 -08:00
Nick Meves
74ac4274c6 Move generic OIDC functionality to be available to all providers 2020-12-21 16:52:04 -08:00
Nick Meves
22f60e9b63 Generalize and extend default CreateSessionFromToken 2020-11-28 10:25:12 -08:00
Nick Meves
b92fd4b0bb Streamline Google to use default Authorize 2020-11-12 11:18:58 -08:00
Nick Meves
eb58ea2ed9 Move AllowedGroups to DefaultProvider for default Authorize usage 2020-11-12 11:18:15 -08:00
Mitsuo Heijo
3fa42edb73 Fix import path for v7 (#800) 
* fix import path for v7

find ./ -name "*.go" | xargs sed -i -e 's|"github.com/oauth2-proxy/oauth2-proxy|"github.com/oauth2-proxy/oauth2-proxy/v7|'

* fix module path

* go mod tidy

* fix installation docs

* update CHANGELOG

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-09-29 17:44:42 +01:00
Phil Taprogge
d69fd6af22 Allow Logging to stdout with separate Error Log Channel (#718) 
* Add dedicated error logging writer

* Document new errors to stdout flag

* Update changelog

* Thread-safe the log buffer

* Address feedback

* Remove duplication by adding log level

* Clean up error formatting

* Apply suggestions from code review

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-08-10 11:44:08 +01:00
Joel Speed
d4dd34a65a Move provider URLs to package level vars 2020-07-19 18:34:55 +01:00
Mitsuo Heijo
dd05e7ff0b Add new linters (#486) 
* add new linters and fix issues

* fix deprecated warnings

* simplify return

* update CHANGELOG

* fix staticcheck issues

* remove a deprecated linter, minor fixes of variable initialization
 2020-04-14 09:36:44 +01:00
Joel Speed
802754caad Migrate to oauth2-proxy/oauth2-proxy 2020-03-29 15:40:10 +01:00
Jakub Holy
3108f765a5 Fix #381, expose acr_values to all providers (#445) 2020-03-17 17:57:33 +00:00
Wolfgang Richter
fad6fff16d Cleaned up source to make golangci-lint pass (#418) 
* cleaned up source to make golangci-lint pass

* providers/azure_test.go: use build in POST constant

* options_test.go: do not export unnecessary variables

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-03-14 09:58:29 +00:00
Jakub Holy
b1c81e2abe Support prompt in addition to auth-prompt (#444) 
Fix #380
 2020-03-14 09:53:43 +00:00
Pavel Kirichenko
f2661c47ba Support for client secret file. (#355) 
* added ClientSecretFile in ProviderData

* add documentation notes on client secret file

* added Changelog entry for Client Secret File PR

* fixing configuration.md

* addressing PR issue of ClientSecret property naming

* Update providers/provider_data.go

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* corrected changelog entry

* fixed typo in GetClientSecret

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-02-15 13:44:39 +00:00
Joel Speed
e200bd5c20 Add comments to exported methods for providers package 2018-12-20 10:37:59 +00:00
Eelco Cramer
10f47e325b Add Azure Provider 2016-01-20 03:57:17 -05:00
Brandon Philips
51a2e4e48c *: rename Url to URL everywhere 
Go coding style says that acronyms should be all lower or all upper. Fix
Url to URL.
 2015-11-09 00:47:44 +01:00
Ed Bardsley
33045a792b Add a flag to set the value of "approval_prompt". 
By setting this to "force", certain providers, like Google,
will interject an additional prompt on every new session. With other values,
like "auto", this prompt is not forced upon the user.
 2015-07-31 00:43:47 -07:00
Jehiah Czebotar
37b38dd2f4 Github provider 2015-05-21 02:21:19 -04:00
Mike Bland
72857018ee Introduce validate-url flag/config 2015-05-08 17:13:35 -04:00
Mike Bland
666e6ad436 Add ProviderName field; use in sign_in template 2015-03-31 12:59:07 -04:00
Mike Bland
e2931da853 Create providers package with Google default 2015-03-31 09:34:50 -04:00