go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-15 00:15:00 +02:00
Code Issues Releases Activity
1,628 Commits 24 Branches 38 Tags
dede6fd531659007410c0c316b51a4dcc42d0f6d
Commit Graph

18 Commits

Author SHA1 Message Date
Nick Meves
f21b3b8b20 Authorize in Redeem callback flow 2020-11-12 11:18:59 -08:00
Nick Meves
b92fd4b0bb Streamline Google to use default Authorize 2020-11-12 11:18:58 -08:00
Nick Meves
e7ac793044 Replace ValidateGroup with Authorize for Provider 2020-11-12 11:17:06 -08:00
Joel Speed
d4dd34a65a Move provider URLs to package level vars 2020-07-19 18:34:55 +01:00
Mitsuo Heijo
e642daef4e Support context in providers (#519) 
Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
 2020-05-10 13:34:59 +01:00
Pavel Kirichenko
f2661c47ba Support for client secret file. (#355) 
* added ClientSecretFile in ProviderData

* add documentation notes on client secret file

* added Changelog entry for Client Secret File PR

* fixing configuration.md

* addressing PR issue of ClientSecret property naming

* Update providers/provider_data.go

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* corrected changelog entry

* fixed typo in GetClientSecret

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-02-15 13:44:39 +00:00
Justin Palpant
7d910c0ae8 Check Google group membership with hasMember and get. (#224) 
* Check Google group membership with hasMember and get.

This PR is an enhancement built on
https://github.com/pusher/oauth2_proxy/pull/160. That PR reduces the
number of calls to the Google Admin API and simplifies the code by
using the hasMember method. It also supports checking membership in
nested groups.

However, the above message doesn't handle members who are not a part
of the domain. The hasMember API returns a 400 for that case. As a
fallback, when the API returns a 400, this change will try using the
`get` API which works as expected for members who aren't a part of the
domain. Supporting members who belong to the Google group but aren't
part of the domain is a requested feature from
https://github.com/pusher/oauth2_proxy/issues/95.

https://developers.google.com/admin-sdk/directory/v1/reference/members/get

Note that nested members who are not a part of the domain will not be
correctly detected with this change.

* Update CHANGELOG.

* Fix incorrect JSON and stop escaping strings.

* Add comments for each scenario.
 2019-08-06 10:38:24 +01:00
Benjamin Chess
3f2fab10e6 check google group based on email address 2019-05-02 17:11:25 -07:00
Joel Speed
8ee802d4e5 Lint for non-comment linter errors 2018-11-29 14:26:41 +00:00
Tanvir Alam
8a77cfcac3 Swap out bmizerany/assert package that is deprecated in favor of stretchr/testify/assert 2017-10-23 12:24:17 -04:00
Brandon Philips
51a2e4e48c *: rename Url to URL everywhere 
Go coding style says that acronyms should be all lower or all upper. Fix
Url to URL.
 2015-11-09 00:47:44 +01:00
Justin Burnham
3fd8f911c2 google: Support restricting access to a specific group(s) 2015-09-09 02:10:32 -07:00
Jehiah Czebotar
d49c3e167f SessionState refactoring; improve token renewal and cookie refresh 
* New SessionState to consolidate email, access token and refresh token
* split ServeHttp into individual methods
* log on session renewal
* log on access token refresh
* refactor cookie encription/decription and session state serialization
 2015-07-02 23:09:11 -04:00
Jehiah Czebotar
8d50b372e4 immediately redeem refresh token for provider==Google 2015-06-23 13:56:14 -04:00
Jehiah Czebotar
37b38dd2f4 Github provider 2015-05-21 02:21:19 -04:00
Mike Bland
72857018ee Introduce validate-url flag/config 2015-05-08 17:13:35 -04:00
Mike Bland
666e6ad436 Add ProviderName field; use in sign_in template 2015-03-31 12:59:07 -04:00
Mike Bland
e2931da853 Create providers package with Google default 2015-03-31 09:34:50 -04:00