go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-15 00:15:00 +02:00
Code Issues Releases Activity
1,428 Commits 24 Branches 38 Tags
ef457b17653c3d5d390c7856f3953f3e6bd2b96c
Commit Graph

1428 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joel Speed
a87beab1a0 Merge pull request #764 from lentzi90/patch-1 
Document bcrypt encryption for htpasswd
 2020-09-11 14:26:03 +01:00
Lennart Jern
e14d6ab791 Document bcrypt encryption for htpasswd 
Remove mention of (insecure) SHA option for encryption.
 2020-09-11 13:32:00 +03:00
Joel Speed
ef08d01b98 Merge pull request #757 from ManoManoTech/doc/cookieSession 
Doc: cookie-secret is a mandatory field for cookie session
 2020-09-04 15:30:47 +01:00
Aurélien LAJOIE
0eb0024e87 Doc: cookie-secret is a mandatory field for cookie session 2020-09-04 16:20:41 +02:00
Joel Speed
e4e5580852 Merge pull request #748 from oauth2-proxy/release-6.1.1 
Prepare CHANGELOG for v6.1.1 release
v6.1.1 		2020-08-31 17:18:45 +01:00
Joel Speed
1337f56188 Prepare CHANGELOG for v6.1.1 release 2020-08-31 17:01:52 +01:00
Joel Speed
841bf77f7f Merge pull request #746 from oauth2-proxy/fix-static 
Fix conversion of static responses in upstreams
 2020-08-31 16:58:55 +01:00
Joel Speed
bd619ab63e Fix conversion of file upstreams 2020-08-31 16:54:13 +01:00
Joel Speed
b40517bbe3 Fix conversion of static responses in upstreams 2020-08-31 16:54:01 +01:00
Joel Speed
73f0094486 Merge pull request #729 from grnhse/x-forwarded-host-redirect 
Use X-Forwarded-Host in Redirects
 2020-08-31 16:48:20 +01:00
Nick Meves
29b24793e3 Use X-Forwarded-Host consistently 2020-08-31 08:31:45 -07:00
Tomoyuki KOYAMA
bd5fab478d fix docs: command line options (#744) 2020-08-29 09:26:24 +01:00
Joel Speed
37026b60ce Merge pull request #741 from oauth2-proxy/release-6.1.0 
Prepare changelog for v6.1.0 release
v6.1.0 		2020-08-27 15:15:24 +01:00
Joel Speed
43bf36425d Prepare changelog for v6.1.0 release 2020-08-27 15:08:46 +01:00
Joel Speed
4134a9010e Merge pull request #742 from oauth2-proxy/domain-log 
Only log no cookie match if cookie domains specified
 2020-08-27 15:01:32 +01:00
Joel Speed
105d5acb7b Only log no cookie match if cookie domains specified 2020-08-27 14:48:00 +01:00
Dan Bond
d7abd56981 dist.sh: remove go version from asset links (#733) 
* dist.sh: remove go version from asset links

* update changelog
 2020-08-25 08:41:14 -07:00
Joel Speed
5fa5b3186f Merge pull request #562 from oauth2-proxy/auth-header-helper 
Create generic Authorization Header constructor
 2020-08-17 16:44:38 +01:00
Joel Speed
d05e08cba3 Create generic Authorization Header constructor 2020-08-16 20:04:34 +01:00
Joel Speed
9a338d8a34 Merge pull request #715 from oauth2-proxy/session-nil-time 
Ensure session times are not nil before printing them
 2020-08-16 19:57:55 +01:00
Joel Speed
16a30002df Ensure session times are not nil before printing them 2020-08-16 19:53:52 +01:00
Joel Speed
aceb9e2762 Merge pull request #700 from grnhse/oidc-no-email-tokens 
Allow OIDC Bearer Tokens without emails
 2020-08-16 13:03:43 +01:00
Nick Meves
0645e19c24 Cleanup internalSession params & handle profileURL Bearer case better 
`findClaimsFromIDToken` would always have a `nil` access token and not be
able to hit the userinfo endpoint in Bearer case. If access token is nil,
default to legacy `session.Email = claim.Subject` that all JWT bearers used
to have, even if a valid profileURL is present.
 2020-08-14 13:31:38 -07:00
Nick Meves
dcc75410a8 Handle claim finding differently in bearer vs standard IDTokens 2020-08-14 13:31:38 -07:00
Nick Meves
514db45d1a Allow OIDC Bearer Tokens without emails 
This reverts to functionality before #499 where an OIDC
provider could be used with `--skip-jwt-bearer-tokens` and
tokens without an email or profileURL would still be valid.
This logic mirrors `middleware.createSessionStateFromBearerToken`
which used to be the universal logic before #499.
 2020-08-14 13:31:38 -07:00
Joel Speed
8515da3e91 Merge pull request #714 from grnhse/redis-sentinel-password 
Support Password & SentinelPassword in Redis session store
 2020-08-14 14:09:54 +01:00
Nick Meves
51a9062044 Support Password & SentinelPassword in Redis session store 2020-08-11 12:22:05 -07:00
Nick Meves
35ed7a313b Merge pull request #719 from grnhse/gosec-x-oauth-basic-skip 
Add `x-oauth-basic` nosec annotation & address gosec unhandled errors
 2020-08-11 11:56:07 -07:00
Nick Meves
b6e78efc1e Add x-oauth-basic nosec annotation & address gosec unhandled errors 2020-08-10 15:15:16 -07:00
Phil Taprogge
d69fd6af22 Allow Logging to stdout with separate Error Log Channel (#718) 
* Add dedicated error logging writer

* Document new errors to stdout flag

* Update changelog

* Thread-safe the log buffer

* Address feedback

* Remove duplication by adding log level

* Clean up error formatting

* Apply suggestions from code review

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-08-10 11:44:08 +01:00
Nick Meves
33e04cc52f Merge pull request #690 from grnhse/gosec-findings-fixes 
Address gosec findings
 2020-08-09 08:24:37 -07:00
Nick Meves
a1358d2070 Panic on any logger errors 
Any template errors instead of IO
errors are caught in validation.
 2020-08-09 07:55:41 -07:00
Nick Meves
e88d29f16a Refactor SignInMessage out of main 2020-08-09 07:55:41 -07:00
Nick Meves
46cc21d8cf Skip gosec linting on tests 2020-08-09 07:55:41 -07:00
Nick Meves
45222395e0 Attempt to log still on template errors 2020-08-09 07:55:40 -07:00
Nick Meves
542bf1fad1 Add gosec to .golangci.yml 2020-08-09 07:55:40 -07:00
Nick Meves
ad52587ae6 Document GoSec nosec skip comments 2020-08-09 07:55:40 -07:00
Nick Meves
2bb0160bf3 Streamline error page usage 2020-08-09 07:55:40 -07:00
Nick Meves
1c8c5b08d7 Handle cookie signing errors 2020-08-09 07:55:40 -07:00
Nick Meves
65c228394f Address gosec findings 
Mostly handling unhandled errors appropriately.
If logging to STDERR fails, we panic. Added #nosec
comments to findings we are OK with.
 2020-08-09 07:55:39 -07:00
Joel Speed
7b21f53aad Merge pull request #689 from grnhse/finicky-logging-time-test 
Fix time issue causing finicky failures in logging tests
 2020-08-07 08:32:17 +01:00
Nick Meves
81ec9edf53 Fix time issue causing finicky failures in logging tests 2020-08-06 15:44:05 -07:00
Nick Meves
0cf0fd88e8 Merge pull request #710 from ryandesign/patch-1 
Fix typos and other minor edits
 2020-08-04 07:58:53 -07:00
Ryan Schmidt
6e31eb28d5 Fix typos and other minor edits 2020-08-04 01:29:00 -05:00
Joel Speed
bbf00bc92b Merge pull request #701 from jhutchings1/patch-1 
Add pull request events to CodeQL action
 2020-07-29 12:23:08 +01:00
Justin Hutchings
43189a7854 Add pull request events to CodeQL action 
This will validate pull requests from forks to ensure that changes don't end up impacting you negatively.
 2020-07-28 21:42:21 -07:00
Joel Speed
2318716a89 Merge pull request #699 from grnhse/refactor-persistence-tests 
Align persistence ginkgo tests to conventions
 2020-07-22 11:23:49 +01:00
Nick Meves
19836f85ac Align persistence ginkgo tests to conventions 2020-07-21 22:13:17 -07:00
Andy Voltz
88ef888752 Preserve query when building redirect (fix for #695) (#696) 
* Add test for GetRedirect to check query and fragments.

* Preserve query and fragment when building redirect.

* Add changelog entry for redirect fix
 2020-07-21 16:38:13 +01:00
Joel Speed
c5da3dff9c Merge pull request #561 from oauth2-proxy/provider-urls-refactor 
Move provider URLs to package level vars
 2020-07-20 11:50:47 +01:00