a162ee809e
bump travis Go versions
2015-03-17 16:02:21 -04:00
263e16eeea
add --proxy-host-header option
2015-03-17 15:53:01 -04:00
24ef555547
Requests are proxied to the Host specified by the target.
2015-03-17 15:04:27 -04:00
20a152261c
Adds failing test for using upstream Host header.
2015-03-17 15:04:27 -04:00
ade9502dd2
Merge pull request #66 from 18F/enforce-cookie-secret
...
Catch more options errors at once; add test
2015-03-16 23:03:11 -04:00
d751bbea4c
Catch more options errors at once; add test
2015-03-16 14:45:20 -04:00
30e5b636bf
Merge pull request #63 from freelancer/http-address-scheme
...
Added scheme parsing to http-address param
2015-02-10 23:15:31 -05:00
975c7173c2
Added scheme parsing to http-address param
...
Can now listen for HTTP clients on unix sockets (and any other Go-supported stream oriented network - see golang.org/pkg/net/#Listen). Default behaviour is unchanged, any http-address without a scheme is given the default of tcp.
Amended the README so that the usage output is up to date.
2015-02-11 14:51:57 +11:00
601ae6f4ec
Merge pull request #60 from tomtaylor/gofmt-fixes
...
Run gofmt over source
2015-01-19 12:48:57 -05:00
1f8797e468
Merge pull request #58 from tomtaylor/httponly-cookie
...
Add flag to enable/disable cookie's HttpOnly flag.
2015-01-19 12:48:16 -05:00
5201f26ffc
Run gofmt over source.
2015-01-19 16:10:37 +00:00
132e3d91d6
Add flag to enable/disable cookie's HttpOnly flag.
2015-01-19 16:00:49 +00:00
9d264f304f
Merge pull request #50 from vishnuchilamakuru/master
...
Support for multi white listed urls with regex url match.
2015-01-12 08:51:05 -05:00
c4d25d271f
Adding Support for multi white listed urls with regex url match.
2015-01-12 14:48:41 +05:30
73953259da
Merge pull request #54 from rhoml/rhoml/documentation
...
Fix typo
2014-12-29 07:52:43 -05:00
942245f93d
Fix typo
2014-12-29 11:24:46 +01:00
a80b93130c
Merge pull request #46 from drewolson/hide_custom_login_ui
...
Allow hiding custom login UI even if an htpasswd file is provided.
2014-12-09 16:14:04 -05:00
71a7347e89
bump to alpha
2014-12-09 15:47:28 -05:00
69804e588a
Allow hiding custom login UI even if an htpasswd file is provided.
2014-12-09 14:38:57 -06:00
5199e0028b
Merge pull request #40 from jehiah/env_parsing_40
...
When loading client-id/client-secret/cookie-secret from env variables, google_auth_proxy blows up.
2014-11-14 23:18:08 -05:00
1c5a01cb7b
test/fix environment var parsing
2014-11-14 23:15:27 -05:00
d552effc1e
Merge pull request #38 from jehiah/release_38
...
1.0 release
2014-11-10 08:51:33 -05:00
1fa1494e0e
fix default in config to match
2014-11-09 23:45:59 -05:00
1f515eba3c
options bug fixes; set https cookies on by default
2014-11-09 22:21:46 -05:00
ba7aee91d6
update install steps; show login img
2014-11-09 22:06:40 -05:00
a49eadadeb
template updates to display version
2014-11-09 22:01:50 -05:00
a5f96b1754
release scripts
2014-11-09 21:48:09 -05:00
3a1db8f457
Merge pull request #37 from jehiah/env_parsing_37
...
Better environment variable parsing
2014-11-10 03:24:42 +01:00
9060feb436
better environment parsing
2014-11-09 21:12:36 -05:00
01969eebdc
Merge pull request #20 from jehiah/config_support_20
...
add option/flag to specify config file in place of commandline options
2014-11-10 02:34:37 +01:00
d4fe9a4f57
Add config file support
2014-11-09 20:33:12 -05:00
899749a08d
Merge pull request #36 from jehiah/better_templates_36
...
Better (mobile) sign in template
2014-11-09 20:28:15 +01:00
b8ef5107de
pretty styling of sign in page
2014-11-09 00:42:49 -05:00
7fae45a7b6
Merge pull request #34 from jehiah/secure_cookies_34
...
Use of secure attribute in cookies
2014-11-08 20:35:35 +01:00
bc26835076
always set httponly (there is no good reason not to); simplify httponly and expire flags
2014-11-08 14:32:35 -05:00
6cdf05e7f2
Added cookie settings
2014-11-08 13:35:45 -05:00
23a89b06de
Merge pull request #22 from dbrgn/empty_upstream_path
...
Handle upstreams without a trailing slash
2014-11-08 19:17:44 +01:00
ad57a9391f
Fixed timing attack in cookie validation.
...
- Changed from using string == to hmac.Equal
- See more details here: http://verboselogging.com/2012/08/20/a-timing-attack-in-action
2014-11-08 13:16:39 -05:00
2f165345a8
Merge pull request #35 from rogerhu/email
...
Pass in the original email address too as X-Forwarded-Email.
2014-11-08 19:11:51 +01:00
ec9c11ed28
Pass in the original email address too as X-Forwarded-Email.
2014-11-08 07:33:14 -08:00
cfad6acf8f
Merge pull request #30 from sonatype/master
...
Add /ping endpoint
2014-10-17 04:00:37 +02:00
1e29aa1c12
Make /ping endpoint respond with "OK"
2014-10-14 17:05:59 -04:00
8702ad2e52
Add /ping endpoint
2014-10-14 16:22:38 -04:00
1c0989ff58
Merge pull request #25 from jehiah/google_oauth_migration_25
...
/v2/userinfo going away, switch to new scopes and id token payload
2014-08-07 17:21:27 -04:00
590e0b527c
bump to 0.1.0
2014-08-07 20:50:16 +00:00
98fb800de4
update to new scopes
2014-08-07 20:49:28 +00:00
715656de2a
Merge pull request #23 from zhangcheng/master
...
Make it looks a little better in mobile browsers
2014-07-22 06:12:00 +02:00
78ad2f4106
Make it looks a little better in mobile browsers
2014-07-22 11:59:13 +08:00
5205e9ad68
Merge pull request #21 from dbrgn/errmsg_typo
...
Fixed wrong error message
2014-07-08 20:45:35 -04:00
b3bbc3ca20
Handle upstreams without a trailing slash
2014-07-08 15:06:41 +02:00
