public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
916 Commits 29 Branches 41 Tags 50 MiB
Commit Graph

172 Commits

Author SHA1 Message Date
Kamal Nasser 5489d1624e
Merge branch 'master' into kamal/whitelist-redirects-with-ports 2020-01-08 22:24:56 +02:00
Felix Fontein 11205c7399 Allow to change provider's name (#296) 
* Allow to change provider's name.

* Add changelog entry.

* Linting.

* provider-name -> provider-display-name.

* Add flag in main.go.

* Update CHANGELOG.md
 2019-11-25 17:20:37 +00:00
Moraru Costel ca0b8375da Add redirect capability to sign_out (#314) 
* addint redirect capability to sign_out

* updating changelog
 2019-11-19 17:17:26 +00:00
Christian Groschupp 6d74a42e57
Merge branch 'master' into feat/static-upstream 2019-11-19 12:23:42 +01:00
Kamal Nasser 6d1b5fc4b0
Merge branch 'master' into kamal/whitelist-redirects-with-ports 2019-11-14 17:19:21 +02:00
Kamal Nasser 898b6b81c9 remove unnecessary if conditional 2019-11-14 17:17:12 +02:00
Konstantine fef940da9a Added userinfo endpoint (#300) 
* Added userinfo endpoint

* Added documentation for  the userinfo endpoint

* Update oauthproxy.go

Co-Authored-By: Dan Bond <pm@danbond.io>

* Suggested fixes :  Streaming json to rw , header set after error check

* Update oauthproxy.go

Co-Authored-By: Dan Bond <pm@danbond.io>

* fix session.Email

* Ported tests and updated changelog
 2019-11-07 14:38:36 -08:00
Kamal Nasser a12bae35ca update port whitelisting rules, refactor IsValidRedirect tests 2019-10-23 16:38:44 +03:00
Kamal Nasser ae4e9155d2 implicit/explicit redirect port matching 2019-10-12 23:47:23 +03:00
Kamal Nasser bfb22506ff allow redirects to whitelisted hosts with ports 2019-10-11 15:39:57 +03:00
Christian Groschupp a46ee952a6
Move responceCode out of HandleFunc. 2019-10-10 10:14:01 +02:00
Christian Groschupp dc36836800
Add tests for static upstream 2019-10-10 10:14:01 +02:00
Christian Groschupp 1295f87b33
Add static upstream 2019-10-10 10:14:00 +02:00
Kirill Motkov e64e6fa514 Some code improvements 
* Remove shadowing of predeclared identifier: new.
* strings.ReplaceAll instead of strings.Replace with -1.
* Change strings.ToLower comparison to strings.EqualFold.
* Rewrite if-else-if-else chain as a switch.
 2019-10-09 15:44:26 +03:00
Ian Hunter a209a52df1 More fully support X-Auth-Request-Redirect header 
Docs showed that the X-Auth-Request-Redirect header can specify a redirect URI, but only the rd POST parameter was being honored
This fixes that.
 2019-08-17 15:50:44 -05:00
Adam Eijdenberg d5d4878a29 Made setting of proxied headers deterministic based on configuration 
alone

Previously some headers that are normally set by the proxy (and may be
replied upstream for authorization decisiions) were not being set
depending on values in the users sesssion.

This change ensure that if a given header is sometimes set, it will
always be either set or removed.

It might be worth considerating always deleting these headers if we
didn't add them.
 2019-08-16 11:44:43 +10:00
ferhat elmas fb52bdb90c Fix some typos 2019-08-13 12:42:23 +02:00
jansinger 7134d22bcc New flag "-ssl-upstream-insecure-skip-validation" (#234) 
* New flag "-ssl-upstream-insecure-skip-validation" to skip SSL validation for upstreams with self generated / invalid SSL certificates.

* Fix tests for modified NewReverseProxy method.

* Added change to the changelog.

* Remove duplicate entries from changelog.
 2019-08-07 17:48:53 +01:00
Karl Skewes 4e10cc76e0 Add silence ping logging flag using ExcludePath 
- Add `ping-path` option to enable switching on and passing to `logger.go`
  Default remains unchanged at: `"/ping"`
- Add note in configuration.md about silence flag taking precedence

Potential tests:
- `options.go` sets `logger.SetExcludePath` based on silence flag?
- Changing `PingPath` reflected in router?
 2019-07-16 09:46:53 +12:00
Joel Speed 630db3769b
Merge branch 'master' into refactor 2019-07-15 11:30:43 +01:00
Henry Jenkins aa37564655
Merge branch 'master' into banner-flag 2019-07-02 14:03:21 +01:00
Henry Jenkins 924eab6355 Adds banner flag 
This is to override what's displayed on the main page.
 2019-06-25 16:41:51 +01:00
Henry Jenkins d24aacdb5c Fix lint errors 2019-06-23 21:39:13 +01:00
Brian Van Klaveren bd651df3c2 Ensure groups in JWT Bearer tokens are also validated 
Fix a minor auth logging bug
 2019-06-20 13:40:04 -07:00
Brian Van Klaveren 5a50f6223f Do not infer username from email 2019-06-17 12:58:40 -07:00
Brian Van Klaveren 2f6dcf3b5f Move refreshing code to block acquiring cookied session 2019-06-17 12:52:44 -07:00
Brian Van Klaveren 58b06ce761 Fall back to using sub if email is none (as in PR #57) 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 187960e9d8 Improve token pattern matching 
Unit tests for token discovery
 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 8083501da6 Support JWT Bearer Token and Pass through 2019-06-17 12:51:35 -07:00
Joel Speed 6366690927
Fix gofmt for changed files 2019-06-15 11:34:00 +02:00
Joel Speed fb9616160e
Move logger to pkg/logger 2019-06-15 11:33:58 +02:00
Joel Speed d1ef14becc
Move cookie to pkg/encryption 2019-06-15 11:33:57 +02:00
Adam Eijdenberg d69560d020 No need for case when only 2 conditions 2019-06-15 18:48:27 +10:00
Adam Eijdenberg f35c82bb0f The AuthOnly path also needs the response headers set 2019-06-07 14:25:12 +10:00
Adam Eijdenberg 9e59b4f62e Restructure so that serving data from upstream is only done when explicity allowed, rather 
than as implicit dangling else
 2019-06-07 13:50:44 +10:00
Joel Speed 093f9da881
Move cipher creation to options and away from oauth2_proxy.go 2019-05-20 11:26:13 +02:00
Joel Speed 37e31b5f09
Remove dead code 2019-05-20 11:26:11 +02:00
Joel Speed c61f3a1c65
Use SessionStore for session in proxy 2019-05-20 11:26:10 +02:00
Joel Speed fbee5eae16
Initialise SessionStore in Options 2019-05-20 11:26:04 +02:00
Joel Speed 2ab8a7d95d
Move SessionState to its own package 2019-05-18 13:09:56 +02:00
timothy-spencer 1a8bd70b46
fixing code redemption error string logging 2019-05-07 10:47:15 -07:00
Mister Wil 9eaa9fdcbf
Standardizing log messages to colons 2019-04-23 09:36:18 -07:00
MisterWil d77119be55 Merging changes 2019-04-12 09:26:44 -07:00
MisterWil c22731afa0 Fixed linting errors. 2019-04-12 08:59:46 -07:00
MisterWil 37c415b889 Self code review changes 2019-04-12 08:59:46 -07:00
MisterWil 8ec025f536 Auth and standard logging with file rolling 2019-04-12 08:59:46 -07:00
Costel Moraru 071d17b521 Expose -cookie-path as configuration parameter 2019-04-10 00:36:35 +03:00
gyson 978c0a33e4 Improve websocket support 2019-03-22 17:19:38 -04:00
Patrick Koenig 6f9eac5190
Set redirect URL path when host is present 2019-03-20 09:25:04 -07:00
einfachchr f715c9371b Fixes deletion of splitted cookies - Issue #69 (#70) 
* fixes deletion of splitted cookies

* three minor adjustments to improve the tests

* changed cookie name matching to regex

* Update oauthproxy.go

Co-Authored-By: einfachchr <einfachchr@gmail.com>

* removed unused variable

* Changelog
 2019-03-15 07:18:37 +00:00