oauth2-proxy

mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-07-15 01:44:22 +02:00

Author	SHA1	Message	Date
Kevin Kreitner	9861d00558	Remove sensible logging	2021-02-23 07:52:14 +01:00
Kevin Kreitner	45123d248d	Small adjustments to doc and code	2021-02-22 09:48:12 +01:00
Kevin Kreitner	69d6fc8a08	Split RefreshSessionIfNeeded in two methods and use Redis lock	2021-02-22 08:33:53 +01:00
Kevin Kreitner	b942eb1582	Add Redis lock	2021-02-08 08:31:05 +01:00
Kevin Kreitner	45c14bca10	Merge remote-tracking branch 'origin2/master'	2021-02-02 20:56:57 +01:00
Joel Speed	06985879e1	Merge pull request #1007 from oauth2-proxy/release-v7.0.0 Prepare for Release v7.0.0 v7.0.0	2021-02-01 18:16:08 +00:00
Joel Speed	1ccaea7710	Add advisory note to changelog	2021-02-01 18:12:34 +00:00
Joel Speed	d1a249262f	Create v7.0.x versioned docs Created within: yarn run docusaurus docs:version 7.0.x	2021-02-01 18:05:47 +00:00
Joel Speed	a909d33355	Update CHANGELOG for release v7.0.0	2021-02-01 18:05:44 +00:00
Nick Meves	780ae4f3c9	Merge pull request from GHSA-4mf2-f3wh-gvf2	2021-02-01 18:04:33 +00:00
Nishanth Reddy	48b1658e5d	Update alpine version to 3.13 (#1013 ) * Update alpine version to 3.13 alpine 3.12 has a CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928 which got fixed in recent version * address review comments	2021-01-30 15:33:28 +00:00
Lida Li	b541805dc1	Use comma separated multiple values for header (#799 ) * Use comma separated value for multiple claims * Fix lint error * Fix more tests * Fix one more test * Always flatten the headers * Ensure we test the real multi-groups * Only update map when necessary * Update CHANGELOG * Move to the right location of change log * Fix blank line	2021-01-22 08:48:34 +00:00
Wilfried OLLIVIER	8087de7a03	Add Gitlab version warning/constaint in documentation (#1004 )	2021-01-20 19:57:22 +00:00
Kevin Kreitner	57640764c0	Use logger for sensitive data logging to be able to disable it (#1002 ) * Add sensible logging flag to default setup for logger * Use logger instead of fmt for info logging with sensible data * Remove sensible logging flag * Update CHANGELOG.md Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>	2021-01-20 19:56:13 +00:00
Joel Speed	56075e3776	Merge pull request #903 from oauth2-proxy/reference-generator Add docs and generated reference for Alpha configuration	2021-01-19 19:27:38 +00:00
Kevin Kreitner	e39f12f740	Add sensible logging flag to default setup for logger	2021-01-19 17:28:58 +01:00
Kevin Kreitner	e7919f0535	Merge remote-tracking branch 'origin2/master'	2021-01-19 16:23:46 +01:00
Joel Speed	fbfc0959cb	Add changelog entry for new alpha configuration docs	2021-01-18 09:57:51 +00:00
Joel Speed	5c64e236fb	Generate reference page in configuration	2021-01-18 09:57:44 +00:00
Joel Speed	eb129a342c	Ensure code is generated during CI	2021-01-18 09:56:07 +00:00
Joel Speed	9c126f5740	Merge pull request #964 from grnhse/reverse-proxy-context Track the ReverseProxy config setting in the request Scope	2021-01-17 18:32:32 +00:00
Nick Meves	da02914a9c	Log IsValidRedirect violations and do a final safety call	2021-01-16 13:56:38 -08:00
Nick Meves	fa6a785eaf	Improve handler vs helper organization in oauthproxy.go Additionally, convert a lot of helper methods to be private	2021-01-16 13:55:49 -08:00
Nick Meves	73fc7706bc	Figure out final app redirect URL with proxy aware request utils	2021-01-16 13:55:49 -08:00
Nick Meves	f054682fb7	Make HTTPS Redirect middleware Reverse Proxy aware	2021-01-16 13:55:48 -08:00
Nick Meves	6fb3274ca3	Refactor organization of scope aware request utils Reorganized the structure of the Request Utils due to their widespread use resulting in circular imports issues (mostly because of middleware & logger).	2021-01-16 13:55:48 -08:00
Nick Meves	b625de9490	Track the ReverseProxy option in the request Scope This allows for proper handling of reverse proxy based headers throughout the lifecycle of a request.	2021-01-16 13:55:48 -08:00
Nick Meves	8e02fac2cc	Merge pull request #995 from oauth2-proxy/security Add Security Policy	2021-01-16 13:54:07 -08:00
Joel Speed	e50e6ed373	Add Security Policy	2021-01-16 19:47:47 +00:00
Nick Meves	a0d37518e0	Merge pull request #989 from rassie/master Adapt isAjax to support mimetype lists	2021-01-12 15:28:07 -08:00
Nikolai Prokoschenko	81bf1ef8ce	Adapt isAjax to support mimetype lists Fixes #988	2021-01-12 19:37:30 +01:00
Joel Speed	dd60fe4fef	Merge pull request #982 from grnhse/maintainer-update Add NickMeves to MAINTAINERS	2021-01-11 09:03:00 +00:00
Nick Meves	d08b9b7cc4	Add NickMeves to MAINTAINERS	2021-01-10 10:56:01 -08:00
Ilia Pertsev	597ffeb121	Fix joined cookie name for those containing underline in the suffix (#970 ) * properly handle splitted cookies with names ending with _ * test update * provide cookieName into joinCookies instead of processing the suffix * changelog update * test update	2021-01-04 17:21:17 -08:00
İlteriş Eroğlu	1d74a51cd7	Use X-Forwarded-{Proto,Host,Uri} on redirect as last resort (#957 )	2021-01-01 15:23:11 -08:00
Joel Speed	91b3f5973e	Merge pull request #953 from grnhse/keycloak-refactor-provider-methods Refactor Keycloak Provider Methods	2021-01-01 10:40:55 +00:00
Nick Meves	4b28e6886c	Handle ValidateURL fallback for nil & empty struct cases	2020-12-24 14:04:20 -08:00
Nick Meves	816d9a4566	Use a generic http.HandlerFunc in Keycloak tests	2020-12-24 14:04:19 -08:00
Nick Meves	f07a5630f1	Update Keycloak documentation	2020-12-24 14:04:19 -08:00
Nick Meves	138a6b128a	Use ProfileURL for userinfo EnrichSession calls in Keycloak	2020-12-24 14:04:19 -08:00
Nick Meves	0886f8035c	Move all Keycloak unit tests to Ginkgo	2020-12-24 14:04:19 -08:00
Nick Meves	3369799853	Migrate Keycloak to EnrichSession & support multiple groups	2020-12-24 14:04:19 -08:00
Nick Meves	89e0a77a8f	Merge pull request #849 from grnhse/is-831-auth-querystring-groups Group/Role Access Restriction support in `/oauth2/auth` endpoint	2020-12-24 12:21:40 -08:00
Nick Meves	753f6c548a	Add a detailed allowed_groups example to Important Notes	2020-12-24 12:05:12 -08:00
Nick Meves	65e15f24c1	Support only allowed_groups querystring	2020-12-24 12:05:12 -08:00
Nick Meves	025056cba0	Move AuthOnly authorize logic to a dedicated method	2020-12-24 12:05:11 -08:00
Nick Meves	44d83e5f95	Use StatusForbidden to prevent infinite redirects	2020-12-24 12:04:01 -08:00
Nick Meves	23b2355f85	Allow group authZ in AuthOnly endpoint via Querystring	2020-12-24 12:04:01 -08:00
Joel Speed	8bd2409342	Merge pull request #936 from grnhse/oidc-provider-refactor OIDC Provider Refactor	2020-12-23 19:04:51 +00:00
Nick Meves	d2ffef2c7e	Use global OIDC fields for Gitlab	2020-12-21 16:54:12 -08:00

1 2 3 4 5 ...

1424 Commits