go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-30 09:16:52 +02:00
Code Issues Releases Activity
1,614 Commits 27 Branches 34 Tags 79 MiB
a53198725e
Commit Graph

1614 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joel Speed
ae17e38403
Ensure config flags get parsed correctly when other flags preceed them 2021-02-06 15:25:08 +00:00
Joel Speed
9df3a752a6
Merge pull request #1020 from grnhse/flatten-response-headers 
Flatten array-based response headers
 2021-02-04 08:10:59 +00:00
Nick Meves
c3f31b4dd5
Flatten array-based response headers 2021-02-03 16:48:26 -08:00
Joel Speed
06985879e1
Merge pull request #1007 from oauth2-proxy/release-v7.0.0 
Prepare for Release v7.0.0
 2021-02-01 18:16:08 +00:00
Joel Speed
1ccaea7710
Add advisory note to changelog 2021-02-01 18:12:34 +00:00
Joel Speed
d1a249262f
Create v7.0.x versioned docs 
Created within: yarn run docusaurus docs:version 7.0.x
 2021-02-01 18:05:47 +00:00
Joel Speed
a909d33355
Update CHANGELOG for release v7.0.0 2021-02-01 18:05:44 +00:00
Nick Meves
780ae4f3c9
Merge pull request from GHSA-4mf2-f3wh-gvf2 2021-02-01 18:04:33 +00:00
Nishanth Reddy
48b1658e5d
Update alpine version to 3.13 (#1013) 
* Update alpine version to 3.13 

alpine 3.12 has a CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928 which got fixed in recent version

* address review comments
 2021-01-30 15:33:28 +00:00
Lida Li
b541805dc1
Use comma separated multiple values for header (#799) 
* Use comma separated value for multiple claims

* Fix lint error

* Fix more tests

* Fix one more test

* Always flatten the headers

* Ensure we test the real multi-groups

* Only update map when necessary

* Update CHANGELOG

* Move to the right location of change log

* Fix blank line
 2021-01-22 08:48:34 +00:00
Wilfried OLLIVIER
8087de7a03
Add Gitlab version warning/constaint in documentation (#1004) 2021-01-20 19:57:22 +00:00
Kevin Kreitner
57640764c0
Use logger for sensitive data logging to be able to disable it (#1002) 
* Add sensible logging flag to default setup for logger

* Use logger instead of fmt for info logging with sensible data

* Remove sensible logging flag

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2021-01-20 19:56:13 +00:00
Joel Speed
56075e3776
Merge pull request #903 from oauth2-proxy/reference-generator 
Add docs and generated reference for Alpha configuration
 2021-01-19 19:27:38 +00:00
Joel Speed
fbfc0959cb
Add changelog entry for new alpha configuration docs 2021-01-18 09:57:51 +00:00
Joel Speed
5c64e236fb
Generate reference page in configuration 2021-01-18 09:57:44 +00:00
Joel Speed
eb129a342c
Ensure code is generated during CI 2021-01-18 09:56:07 +00:00
Joel Speed
9c126f5740
Merge pull request #964 from grnhse/reverse-proxy-context 
Track the ReverseProxy config setting in the request Scope
 2021-01-17 18:32:32 +00:00
Nick Meves
da02914a9c
Log IsValidRedirect violations and do a final safety call 2021-01-16 13:56:38 -08:00
Nick Meves
fa6a785eaf
Improve handler vs helper organization in oauthproxy.go 
Additionally, convert a lot of helper methods to be private
 2021-01-16 13:55:49 -08:00
Nick Meves
73fc7706bc
Figure out final app redirect URL with proxy aware request utils 2021-01-16 13:55:49 -08:00
Nick Meves
f054682fb7
Make HTTPS Redirect middleware Reverse Proxy aware 2021-01-16 13:55:48 -08:00
Nick Meves
6fb3274ca3
Refactor organization of scope aware request utils 
Reorganized the structure of the Request Utils due to their widespread use
resulting in circular imports issues (mostly because of middleware & logger).
 2021-01-16 13:55:48 -08:00
Nick Meves
b625de9490
Track the ReverseProxy option in the request Scope 
This allows for proper handling of reverse proxy based headers throughout
the lifecycle of a request.
 2021-01-16 13:55:48 -08:00
Nick Meves
8e02fac2cc
Merge pull request #995 from oauth2-proxy/security 
Add Security Policy
 2021-01-16 13:54:07 -08:00
Joel Speed
e50e6ed373
Add Security Policy 2021-01-16 19:47:47 +00:00
Nick Meves
a0d37518e0
Merge pull request #989 from rassie/master 
Adapt isAjax to support mimetype lists
 2021-01-12 15:28:07 -08:00
Nikolai Prokoschenko
81bf1ef8ce Adapt isAjax to support mimetype lists 
Fixes #988
 2021-01-12 19:37:30 +01:00
Joel Speed
dd60fe4fef
Merge pull request #982 from grnhse/maintainer-update 
Add NickMeves to MAINTAINERS
 2021-01-11 09:03:00 +00:00
Nick Meves
d08b9b7cc4
Add NickMeves to MAINTAINERS 2021-01-10 10:56:01 -08:00
Ilia Pertsev
597ffeb121
Fix joined cookie name for those containing underline in the suffix (#970) 
* properly handle splitted cookies with names ending with _

* test update

* provide cookieName into joinCookies instead of processing the suffix

* changelog update

* test update
 2021-01-04 17:21:17 -08:00
İlteriş Eroğlu
1d74a51cd7
Use X-Forwarded-{Proto,Host,Uri} on redirect as last resort (#957) 2021-01-01 15:23:11 -08:00
Joel Speed
91b3f5973e
Merge pull request #953 from grnhse/keycloak-refactor-provider-methods 
Refactor Keycloak Provider Methods
 2021-01-01 10:40:55 +00:00
Nick Meves
4b28e6886c
Handle ValidateURL fallback for nil & empty struct cases 2020-12-24 14:04:20 -08:00
Nick Meves
816d9a4566
Use a generic http.HandlerFunc in Keycloak tests 2020-12-24 14:04:19 -08:00
Nick Meves
f07a5630f1
Update Keycloak documentation 2020-12-24 14:04:19 -08:00
Nick Meves
138a6b128a
Use ProfileURL for userinfo EnrichSession calls in Keycloak 2020-12-24 14:04:19 -08:00
Nick Meves
0886f8035c
Move all Keycloak unit tests to Ginkgo 2020-12-24 14:04:19 -08:00
Nick Meves
3369799853
Migrate Keycloak to EnrichSession & support multiple groups 2020-12-24 14:04:19 -08:00
Nick Meves
89e0a77a8f
Merge pull request #849 from grnhse/is-831-auth-querystring-groups 
Group/Role Access Restriction support in `/oauth2/auth` endpoint
 2020-12-24 12:21:40 -08:00
Nick Meves
753f6c548a
Add a detailed allowed_groups example to Important Notes 2020-12-24 12:05:12 -08:00
Nick Meves
65e15f24c1
Support only allowed_groups querystring 2020-12-24 12:05:12 -08:00
Nick Meves
025056cba0
Move AuthOnly authorize logic to a dedicated method 2020-12-24 12:05:11 -08:00
Nick Meves
44d83e5f95
Use StatusForbidden to prevent infinite redirects 2020-12-24 12:04:01 -08:00
Nick Meves
23b2355f85
Allow group authZ in AuthOnly endpoint via Querystring 2020-12-24 12:04:01 -08:00
Joel Speed
8bd2409342
Merge pull request #936 from grnhse/oidc-provider-refactor 
OIDC Provider Refactor
 2020-12-23 19:04:51 +00:00
Nick Meves
d2ffef2c7e
Use global OIDC fields for Gitlab 2020-12-21 16:54:12 -08:00
Nick Meves
42f6cef7d6
Improve OIDC error handling 2020-12-21 16:53:05 -08:00
Nick Meves
ea5b8cc21f
Support non-list and complex groups 2020-12-21 16:52:18 -08:00
Nick Meves
eb56f24d6d
Deprecate UserIDClaim in config and docs 2020-12-21 16:52:17 -08:00
Nick Meves
74ac4274c6
Move generic OIDC functionality to be available to all providers 2020-12-21 16:52:04 -08:00