go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-12-12 11:15:02 +02:00
Code Issues Releases Activity
1,110 Commits 33 Branches 34 Tags 79 MiB
b0375e85fa
Commit Graph

1110 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Evgeni Gordeev
363eaf1fac changelog entry 2020-06-12 13:55:38 -05:00
Evgeni Gordeev
dbf1b451d9 polish 2020-06-12 13:15:43 -05:00
Evgeni Gordeev
a73d0ec268
Merge branch 'master' into helm-example 2020-06-12 13:14:15 -05:00
Evgeni Gordeev
0f343cf0ad helm kubernetes example based on kind cluster 2020-06-12 13:12:59 -05:00
Joel Speed
1683aa5978
Merge pull request #601 from oauth2-proxy/fix-fallback 
Ensure decrypted user/email are valid UTF8
 2020-06-12 15:47:33 +01:00
Joel Speed
808084b744
Ensure decrypted user/email are valid UTF8 2020-06-12 15:36:55 +01:00
Christopher Kohnert
2c851fcd4f
Allow a health/ping request to be identified by User-Agent (#567) 
* Add an option to allow health checks based on User-Agent.

* Formatting fix

* Rename field and avoid unnecessary interface.

* Skip the redirect fix so it can be put into a different PR.

* Add CHANGELOG entry

* Adding a couple tests for the PingUserAgent option.
 2020-06-12 14:56:31 +01:00
Joel Speed
160bbaf98e
Fallback to UserInfo is User ID claim not present (#560) 
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-06-04 17:41:29 +01:00
Scott Guymer
3aeca4368c
ACR values should not be automatically added when blank (#598) 
* ACR values should not be automatically added when blank

* Added changelog
 2020-06-02 18:17:27 +01:00
Yoshiki Nakagawa
d8d43bb51b
Support new option "github-user" (#421) 
* feat(github): support new option "github-user"

* feat(github): rename github-user to github-users

* feat(github): update docs for github-users option

* feat(github): remove unneeded code

* feat(github): remove logging

* feat(github-user): use github-user as flagset options

* feat(github-user): remove optionns.go

* feat(github-user): add github-user flagset

* feat(github): improve readability in the docs

* feat(github-user): refactored SetUsers method

* Update flag description

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-06-01 20:02:07 +01:00
Joel Speed
a17c48810f
Merge pull request #548 from oauth2-proxy/move-logging-options 
Separate logging options out of main options structure
 2020-05-31 14:15:18 +01:00
Joel Speed
94e31f8b65
Ensure exclude-logging-paths is consistent with other options 2020-05-31 14:09:28 +01:00
Joel Speed
f7c88f53d1
Update changelog for logging options move 2020-05-31 14:09:24 +01:00
Joel Speed
bbc4eee17e
Create Logging FlagSet and Default 2020-05-31 14:08:00 +01:00
Joel Speed
3cbac6122d
Move configuration of logger to separate file 2020-05-31 14:08:00 +01:00
Joel Speed
3afcadae76
Move logging options to a struct 2020-05-31 14:08:00 +01:00
Joel Speed
f7b28cb1d3
Improvements to Session State code (#536) 
* Drop SessionStateJSON wrapper
* Use EncrpytInto/DecryptInto to reduce sessionstate

Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-30 08:53:38 +01:00
Amnay
6a88da7f7a
Parse Redis cluster and sentinel urls (#573) 
* Parse Redis cluster and sentinel urls

* Add changelog entry for #573

* Add unit tests for redis session store

* Use %v for error fmt

Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com>
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-05-27 18:40:50 +01:00
Joel Speed
11c8a983c8
Merge pull request #582 from oauth2-proxy/dependabot/bundler/docs/activesupport-6.0.3.1 
Bump activesupport from 6.0.2.1 to 6.0.3.1 in /docs
 2020-05-27 10:03:56 +01:00
dependabot[bot]
d1bab0e22e
Bump activesupport from 6.0.2.1 to 6.0.3.1 in /docs 
Bumps [activesupport](https://github.com/rails/rails) from 6.0.2.1 to 6.0.3.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Changelog](https://github.com/rails/rails/blob/v6.0.3.1/activesupport/CHANGELOG.md)
- [Commits](https://github.com/rails/rails/compare/v6.0.2.1...v6.0.3.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-05-27 08:55:47 +00:00
Joel Speed
03a0e1a0e3
Merge pull request #414 from ti-mo/cookie-secret-cipher-xauthrequest 
Always encrypt sessions regardless of configuration
 2020-05-24 21:27:22 +01:00
Timo Beckers
276d1c6f19
Always encrypt sessions regardless of configuration 2020-05-24 21:23:04 +01:00
Amnay
0c9795a964
render error page on 502 proxy status (#574) 
Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com>
 2020-05-24 21:09:00 +01:00
Joel Speed
810a9e9967
Rename cookie-domain config to cookie-domains (#559) 
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-24 20:19:56 +01:00
Isabelle COWAN-BERGMAN
fc11d8d508
Updated autocompletion for -- long options. (#569) 
* Updated autocompletion for `--` long options.

* Added CHANGELOG.md entry.
 2020-05-24 17:12:28 +01:00
Joel Speed
a0085e9015
Add changelog entry for 489 (#572) 2020-05-23 18:49:09 +01:00
Joel Speed
236c7fa60e
Merge pull request #489 from oauth2-proxy/move-options 
Move Options and Validation to packages
 2020-05-23 15:59:29 +01:00
Joel Speed
cce2c680d8
Move RealClientIP code to IP packages 2020-05-23 15:17:41 +01:00
Joel Speed
c3f9cbeb3d
Remove Env tags from Cookie and Session Options 2020-05-21 22:43:42 +01:00
Joel Speed
189ed4de8f
Move FlagSet to Options package 2020-05-21 22:43:42 +01:00
Joel Speed
1fd4ebe546
Remove Env tags from Options 2020-05-21 22:43:42 +01:00
Joel Speed
44b27e0208
Move Options and Validation to package 2020-05-21 22:43:42 +01:00
Amnay
de0c92af06
fix small typo in docs (#570) 
Co-authored-by: Amnay Mokhtari <amnay.mokhtari@adevinta.com>
 2020-05-21 21:24:25 +01:00
Nick Meves
7e5c8bb579
Fix secretBytes adding unintended padding (#556) 
* Fix secretBytes adding unintended padding

* Add more SecretBytes test scenarios

* Add CHANGELOG entry about breaking secret padding change

* Add SecretBytes tests explanation comments
 2020-05-21 19:29:45 +01:00
Nick Meves
d228d5a928
Refactor the utils package to other areas (#538) 
* Refactor the utils package to other areas

Move cookieSession functions to cookie session store
& align the double implementation of SecretBytes to be
united and housed under encryption

* Remove unused Provider SessionFromCookie/CookieForSession

These implementations aren't used, these are handled in the cookie store.

* Add changelog entry for session/utils refactor
 2020-05-14 10:16:35 +01:00
Isabelle COWAN-BERGMAN
111d17efde
Implements --real-client-ip-header option. (#503) 
* Implements -real-client-ip-header option.

* The -real-client-ip-header determines what HTTP header is used for
  determining the "real client IP" of the remote client.
* The -real-client-ip-header option supports the following headers:
  X-Forwarded-For X-ProxyUser-IP and X-Real-IP (default).
* Introduces new realClientIPParser interface to allow for multiple
  polymorphic classes to decide how to determine the real client IP.
* TODO: implement the more standard, but more complex `Forwarded` HTTP
  header.

* Corrected order of expected/actual in test cases

* Improved error message in getRemoteIP

* Add tests for getRemoteIP and getClientString

* Add comment explaining splitting of header

* Update documentation on -real-client-ip-header w/o -reverse-proxy

* Add PR number in changelog.

* Fix typo repeated word: "it"

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* Update extended configuration language

* Simplify the language around dependance on -reverse-proxy

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* Added completions

* Reorder real client IP header options

* Update CHANGELOG.md

* Apply suggestions from code review

Co-authored-by: Isabelle COWAN-BERGMAN <Izzette@users.noreply.github.com>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-12 18:41:25 +01:00
Joel Speed
d0cfca4b73
Merge pull request #529 from oauth2-proxy/test-environment 
Add local test environments for testing changes and new features
 2020-05-12 16:19:27 +01:00
Joel Speed
2e37da4dc4
Update changelog for test environment addition 2020-05-12 16:07:17 +01:00
Joel Speed
afef9c7588
Add nginx test environment to demonstrate protecting multiple subdomains 2020-05-12 16:06:17 +01:00
Joel Speed
0ccfc73ab2
Add test environment docker-compose files 2020-05-12 16:06:16 +01:00
Joel Speed
4e3dd09cf2
Drop fallback to email when user is empty (#537) 2020-05-12 16:04:51 +01:00
John Clayton
7cf685140b
Restrict access using Github collaborators (#497) 
* Allow access based on Github repository
 2020-05-11 18:02:40 +01:00
Mitsuo Heijo
e642daef4e Support context in providers (#519) 
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-10 13:34:59 +01:00
Joel Speed
53d8e99f05
Remove Syscll as a maintainer (#540) 2020-05-10 11:51:15 +01:00
Joel Speed
de280824de
Drop support for pre v3.1 cookies (#535) 
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-10 10:09:53 +01:00
Joel Speed
24cdfa68b6
Set up code coverage within Travis for Code Climate (#533) 
* Set up code coverage within Travis for Code Climate
* Include CodeClimate badges on ReadMe
 2020-05-10 07:29:37 +01:00
n-i-x
be9eaaeb48
Add basic string functions to templates (#514) 
* Add basic string functions to templates

Co-authored-by: Oliver <oliver006@users.noreply.github.com>
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-09 21:05:51 +01:00
Nick Meves
9d626265e8 Migrate cookie signing to SHA256 from SHA1 (#524) 
Also, cleanup the code & make the specific
hashing algorithm chosen a function variable.

Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-09 16:14:19 +01:00
Joel Speed
07df29db37
Drop configure script in favour of native Makefile env and checks (#515) 
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-09 16:07:46 +01:00
Henry Jenkins
9ed5a43516
Use double dashes in docs (#530) 
We only supports double dash (`--`) now, so update docs to reflect this.
 2020-05-09 15:39:47 +01:00