1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-12-12 11:15:02 +02:00
Commit Graph

820 Commits

Author SHA1 Message Date
Christian Groschupp
dc36836800
Add tests for static upstream 2019-10-10 10:14:01 +02:00
Christian Groschupp
1295f87b33
Add static upstream 2019-10-10 10:14:00 +02:00
Christian Franke
62bf233682 Update CONTRIBUTING.md (#277)
Commit e245ef4854 switched dependency management from dep to go module.

This should be reflected in `CONTRIBUTING.md`.
2019-10-09 09:57:59 -07:00
Joel Speed
1afaf46656
Merge pull request #276 from sosiska/patch-1
Some code improvements
2019-10-09 17:41:36 +01:00
Kirill Motkov
e64e6fa514 Some code improvements
* Remove shadowing of predeclared identifier: new.
* strings.ReplaceAll instead of strings.Replace with -1.
* Change strings.ToLower comparison to strings.EqualFold.
* Rewrite if-else-if-else chain as a switch.
2019-10-09 15:44:26 +03:00
Joel Speed
63da5c64db
Merge pull request #275 from syscll/debian-buster
docker: build from debian buster
2019-10-08 11:22:36 +01:00
Dan Bond
486521da96 fix previous CHANGELOG error 2019-10-07 17:11:38 -07:00
Dan Bond
a97710d3d2 update CHANGELOG 2019-10-07 17:11:14 -07:00
Dan Bond
e270dd0066 docker: build from debian buster 2019-10-07 17:03:15 -07:00
Dhi Aurrahman
de16df232d Support Go 1.13.x and allow to override REGISTRY (#273)
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
2019-10-07 13:53:46 -07:00
Joel Speed
ac10bc04ed
Merge pull request #272 from pusher/fix-links
Fix permalinks for configuration and sessions
2019-10-03 17:19:37 +01:00
Joel Speed
b515b90b34
Fix permalinks for configuration and sessions 2019-10-03 11:10:06 +01:00
Joel Speed
49f1320be6
Merge pull request #269 from YenTheFirst/escape-k8s-auth-signin
Escape original request URI in sample kubernetes ingress configuration
2019-10-02 09:33:54 +01:00
T S
513af9b714 Escape original request URI in sample kubernetes ingress configuration
The current sample configuration for kubernetes ingress demonstrates
using the `auth-signin` annotation to redirect a user to oauth2_proxy's
signin page. It constructs the link to do so by directly concatenating
`$request_uri` as the `rd` parameter, so the sign-in page knows where to
send the user after signin is complete.

However, this does not work correctly if the original request URI
contains multiple query parameters separated by an ampersand, as that
ampersand is interpereted as separating query parameters of the
`/oauth2/start` URI. For example:

If the user requests a URL:
  https://example.com/foo?q1=v1&q2=v2
they may be redirected to the signin url
  https://example.com/oauth2/start?rd=https://example.com/foo?q1=v1&q2=v2
and after completing signin, oauth2_proxy will redirect them to
  https://example.com/foo?q1=v1

nginx-ingress added an $escaped_request_uri variable about a year ago,
to help resolve this kind of issue
(https://github.com/kubernetes/ingress-nginx/pull/2811)
2019-10-01 12:28:00 -07:00
Joel Speed
721d28bd4f
Merge pull request #248 from VidAngel/support-x-auth-request-redirect
More fully support X-Auth-Request-Redirect header
2019-09-30 17:53:26 +01:00
Joel Speed
ac0d010371
Merge branch 'master' into support-x-auth-request-redirect 2019-09-30 17:21:05 +01:00
Joel Speed
44cdcc79c3
Merge pull request #227 from Ofinka/keycloak-provider
Add keycloak provider
2019-09-25 21:39:11 +01:00
Dan Bond
a122ac60e4
Fix CHANGELOG errors 2019-09-25 13:33:58 -07:00
Dan Bond
85a1ed5135
Merge branch 'master' into keycloak-provider 2019-09-25 13:21:46 -07:00
Ian Hunter
8098094fc2 Merge branch 'master' of github.com:pusher/oauth2_proxy into support-x-auth-request-redirect 2019-09-19 11:27:27 -05:00
Ian Hunter
18a77e6618 Reflect #248 PR in CHANGELOG.md 2019-09-19 11:26:18 -05:00
Nelson Menezes
82a3d5afdc Add clarification about plural env vars (#252) 2019-08-27 09:15:33 -07:00
Joel Speed
6683e35008
Merge pull request #250 from pusher/dependabot/bundler/docs/nokogiri-1.10.4
Bump nokogiri from 1.10.1 to 1.10.4 in /docs
2019-08-21 11:09:48 +01:00
dependabot[bot]
b83b7565f3
Bump nokogiri from 1.10.1 to 1.10.4 in /docs
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.1 to 1.10.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.1...v1.10.4)

Signed-off-by: dependabot[bot] <support@github.com>
2019-08-21 10:05:52 +00:00
Ian Hunter
a209a52df1 More fully support X-Auth-Request-Redirect header
Docs showed that the X-Auth-Request-Redirect header can specify a redirect URI, but only the rd POST parameter was being honored
This fixes that.
2019-08-17 15:50:44 -05:00
Henry Jenkins
71dfd44149
Merge branch 'master' into keycloak-provider 2019-08-17 08:10:37 +01:00
Joel Speed
d00c14a2a7
Merge pull request #247 from pusher/release-v4.0.0
Update changelog for v4.0.0 release
2019-08-16 15:19:32 +01:00
Joel Speed
44ea6920a7
Update changelog for v4.0.0 release 2019-08-16 15:06:53 +01:00
aledeganopix4d
fa6c4792a1 Add Bitbucket provider. (#201)
Add a new provider for Bitbucket,
can be configured from the options
specifying team and/or repository
that the user must be part/have access
to in order to grant login.
2019-08-16 14:53:22 +01:00
Joel Speed
a165928458
Merge pull request #226 from continusec/makeheadersettingdeterministic
Made setting of proxied headers deterministic based on configuration alone
2019-08-16 14:41:14 +01:00
Adam Eijdenberg
d5d4878a29 Made setting of proxied headers deterministic based on configuration
alone

Previously some headers that are normally set by the proxy (and may be
replied upstream for authorization decisiions) were not being set
depending on values in the users sesssion.

This change ensure that if a given header is sometimes set, it will
always be either set or removed.

It might be worth considerating always deleting these headers if we
didn't add them.
2019-08-16 11:44:43 +10:00
Joel Speed
c4559ea372
Merge pull request #241 from thought-machine/fix-docs-links
Fix links in docs
2019-08-15 12:07:37 +01:00
Henry Jenkins
a65d38d181
Merge branch 'master' into fix-docs-links 2019-08-14 12:04:23 +01:00
Henry Jenkins
57851f6850
Merge pull request #239 from bradym/docFormat
Docs only:  format Command Line Options using a table
2019-08-14 12:03:03 +01:00
Joel Speed
7e3ad6b215
Merge branch 'master' into docFormat 2019-08-14 11:12:54 +01:00
Henry Jenkins
c941f3ce0d
Merge branch 'master' into fix-docs-links 2019-08-13 21:23:45 +01:00
Henry Jenkins
9240538939
Merge pull request #244 from ferhatelmas/typo-fix
Fix some typos
2019-08-13 21:23:18 +01:00
Brady Mitchell
272fb96024 add back nginx-auth-request <a name 2019-08-13 09:12:48 -07:00
Brady Mitchell
bc5fc5a513 remove unnecessary <a> tags 2019-08-13 09:01:38 -07:00
Dan Bond
49e124eb87
Merge branch 'master' into typo-fix 2019-08-13 16:25:23 +01:00
Dan Bond
6453e78db3
Merge branch 'master' into docFormat 2019-08-13 16:22:18 +01:00
Joel Speed
b167744b0a
Merge pull request #145 from rtluckie/feature/add_oidc_userinfo_support
Add OIDC support for UserInfo Endpoint Email Verification
2019-08-13 15:35:51 +01:00
ferhat elmas
fb52bdb90c Fix some typos 2019-08-13 12:42:23 +02:00
Ryan Luckie
c457eeb711
Merge branch 'master' into feature/add_oidc_userinfo_support 2019-08-12 17:32:29 -05:00
Brady Mitchell
9938bb95d9
Merge branch 'master' into docFormat 2019-08-11 17:23:33 -07:00
Brady Mitchell
4b985992d8 add missing header border 2019-08-11 17:21:32 -07:00
Henry Jenkins
8b61559b8d Fix links in docs
- Fixed a bunch of references to the repo, which were 404ing
- Fixed a couple of things that 301/302ed
- Fixed some in page references
2019-08-11 16:07:03 +01:00
Henry Jenkins
e1b70dc9f0
Merge pull request #240 from vitaliytv/patch-1
[docs] Fix link to oauth2_proxy.cfg
2019-08-11 15:20:58 +01:00
Vitalii Tverdokhlib
9e37de53e3
docs: fix path to oauth2_proxy.cfg 2019-08-11 14:55:19 +03:00
Brady Mitchell
18156713e3 indent content in ordered list, fixes 165 2019-08-10 21:46:13 -07:00