go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-01-10 04:18:14 +02:00
Code Issues Releases Activity
818938add2
oauth2-proxy/providers
History
Nick Meves 7eeaea0b3f
Support nonce checks in OIDC Provider (#967) 
* Set and verify a nonce with OIDC

* Create a CSRF object to manage nonces & cookies

* Add missing generic cookie unit tests

* Add config flag to control OIDC SkipNonce

* Send hashed nonces in authentication requests

* Encrypt the CSRF cookie

* Add clarity to naming & add more helper methods

* Make CSRF an interface and keep underlying nonces private

* Add ReverseProxy scope to cookie tests

* Align to new 1.16 SameSite cookie default

* Perform SecretBytes conversion on CSRF cookie crypto

* Make state encoding signatures consistent

* Mock time in CSRF struct via Clock

* Improve InsecureSkipNonce docstring
2021-04-21 10:33:27 +01:00
..
auth_test.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
azure_test.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
azure.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
bitbucket_test.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
bitbucket.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
digitalocean_test.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
digitalocean.go Cleanup method name refactors missed in comments 2020-11-29 14:18:14 -08:00
facebook_test.go Move provider URLs to package level vars 2020-07-19 18:34:55 +01:00
facebook.go Standardize provider interface method names 2020-11-28 10:25:11 -08:00
github_test.go Refactor GitHub to EnrichSessionState 2020-10-19 14:09:45 -07:00
github.go Cleanup method name refactors missed in comments 2020-11-29 14:18:14 -08:00
gitlab_test.go Fix GitLab CVE test case 2021-03-25 10:29:17 -07:00
gitlab.go Merge pull request from GHSA-652x-m2gr-hppm 2021-03-25 17:20:45 +00:00
google_test.go Authorize in Redeem callback flow 2020-11-12 11:18:59 -08:00
google.go Cleanup method name refactors missed in comments 2020-11-29 14:18:14 -08:00
internal_util_test.go Cleanup method name refactors missed in comments 2020-11-29 14:18:14 -08:00
internal_util.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
keycloak_test.go Use a generic http.HandlerFunc in Keycloak tests 2020-12-24 14:04:19 -08:00
keycloak.go Handle ValidateURL fallback for nil & empty struct cases 2020-12-24 14:04:20 -08:00
linkedin_test.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
linkedin.go Standardize provider interface method names 2020-11-28 10:25:11 -08:00
logingov_test.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
logingov.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
nextcloud_test.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
nextcloud.go Fix import path for v7 (#800) 2020-09-29 17:44:42 +01:00
oidc_test.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
oidc.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
provider_data_test.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
provider_data.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
provider_default_test.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
provider_default.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
providers_suite_test.go Ensure errors in tests are logged to the GinkgoWriter 2021-02-10 19:50:04 +00:00
providers.go Support nonce checks in OIDC Provider (#967) 2021-04-21 10:33:27 +01:00
util_test.go Refactor OIDC to EnrichSession 2020-12-21 16:51:52 -08:00
util.go Use global OIDC fields for Gitlab 2020-12-21 16:54:12 -08:00