ad4f7bcb0e
Merge pull request #1545 from andytson/feature/qs-allowed-groups-bypass
...
Fix issue with query string allowed group panic on skip methods
2022-02-10 14:08:45 +00:00
05ebaf5158
Update changelog
2022-02-10 12:40:42 +00:00
c1b01b5bc0
Fix issue with query string allowed group panic on skip methods
2022-02-10 12:39:32 +00:00
433b93d08a
Merge pull request #1474 from polarctos/feature/tls-min-version-options
...
Add option to specify the tls.Config.MinVersion for the server to be able to restrict it to TLS 1.3
2022-02-09 19:29:53 +00:00
cbbecb81bd
Add changelog entry for tls-min-version
2022-02-09 20:20:03 +01:00
e03cf87dd8
Add option to specify the tls-min-version for the server
2022-02-09 20:19:01 +01:00
11699a822a
Add ValidateSession function to LoginGovProvder to include Auth Header ( #1509 )
...
* Add ValidateSession function to LoginGovProvder to include Auth Header
* Update CHANGELOG for PR 1509
* Update logingov_test to include ValidationURL
2022-02-04 09:22:33 +00:00
88709d8b69
Merge pull request #1489 from oauth2-proxy/fix-docker-push
...
Fix Docker Buildx push to include build version
2022-02-03 21:56:43 +00:00
bd0c4a3296
Fix Docker Buildx push to include build version
2022-02-03 19:23:22 +00:00
4f5efd4074
Update auth.md ( #1518 )
2022-01-18 13:54:52 +00:00
92c4ca9c58
Update auth.md ( #1519 )
2022-01-18 13:54:35 +00:00
dede6fd531
Fixing a typo, pointing to correct compose file ( #1493 )
...
Fixing a typo for the docker-compose-alpha-config.yaml
2021-12-29 19:50:36 +00:00
0e10fb8967
Remove the information about `Microsoft Azure AD` in the provider documentation ( #1477 )
...
* Remove the information about `Microsoft Azure AD`
* Put `proxy_buffer_size` in a code tag
* Update `CHANGELOG.md`
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-12-23 17:24:31 +00:00
576184924d
Merge pull request #1481 from oauth2-proxy/release-v7.2.1
...
Prepare changelog for release v7.2.1
2021-12-22 17:09:59 +00:00
5515918436
Prepare changelog for release v7.2.1
2021-12-18 12:59:55 +00:00
95839a2896
Merge pull request #1479 from polarctos/feature/go-1.17
...
Update go version to 1.17
2021-12-18 12:34:40 +00:00
7eaf98b5fe
Update go version to 1.17
...
This includes the change to the pruned module graph with the converted go.mod for Go 1.17
https://go.dev/doc/go1.17#go-command
2021-12-17 16:51:13 +01:00
c278e0aa4e
Merge pull request #1471 from AlexanderBabel/feature/update-aline
...
[Security] Update alpine to 3.15
2021-12-14 19:19:09 +00:00
8a951b2b4a
doc: update changelog
2021-12-14 02:21:28 +01:00
a654c9ec24
fix(Dockerfile): bump alpine to 3.15
2021-12-14 02:09:59 +01:00
5933000b86
Merge pull request #1247 from oauth2-proxy/adfs-default-claims
...
Use `upn` as EmailClaim throughout ADFSProvider
2021-12-06 14:24:41 +00:00
0fa8fca276
Update ADFS to new jwt lib
2021-12-01 19:16:42 -08:00
bdfca925a3
Handle UPN fallback when profileURL isn't set
2021-12-01 19:08:15 -08:00
1621ea3bba
ADFS supports IDToken nonce, use it
2021-12-01 19:08:15 -08:00
4980f6af7d
Use upn claim as a fallback in Enrich & Refresh
...
Only when `email` claim is missing, fallback to `upn` claim which may have it.
2021-12-01 19:08:10 -08:00
a53198725e
Use `upn` as EmailClaim throughout ADFSProvider
...
By only overriding in the EnrichSession, any Refresh calls
would've overriden it with the `email` claim.
2021-12-01 19:06:02 -08:00
1b335a056d
Merge pull request #1447 from oauth2-proxy/docker-fixes
...
Fix docker build/push issues found during last release
2021-11-24 17:31:20 +00:00
ceb015ee22
Update changelog for docker fixes
2021-11-24 17:20:25 +00:00
8dea8134eb
Drop old makefiles in favour of buildx
2021-11-24 17:20:23 +00:00
60b6dd850a
Fix docker build and push for all platforms
2021-11-24 17:20:22 +00:00
6e54ac2745
Update LinkedIn provider validate URL ( #1444 )
...
* update LinkedIn validate URL
Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>
* update changelog
Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>
* update failed unit test
Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>
2021-11-19 21:36:33 +00:00
0693856bc3
Explicitly state precedence of config sources in docs ( #1439 )
...
I was recently looking into the order in which oauth2-proxy evaluates it configuration options from the various sources.
I think this will also be helpful for other users.
Since oauth2-proxy is using viper, the order of configuration sources is as follows [1]:
> Viper uses the following precedence order. Each item takes precedence over the item below it:
>
> explicit call to Set
> flag
> env
> config
> key/value store
> default
[1] https://github.com/spf13/viper/blob/master/README.md#why-viper
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-11-15 09:24:04 +00:00
7ed4e3c830
Fix docker container multi arch build issue by passing GOARCH details to make build ( #1445 )
...
* pass GOARCH details to make process
Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>
* update changelog
Signed-off-by: Jeeva Kandasamy <jkandasa@gmail.com>
2021-11-12 21:42:46 +00:00
2c668a52d4
Let authentication fail when session validation fails ( fixes #1396 ) ( #1433 )
...
* Error page for session validation failure
* Fix existing tests
* Add test-case for session validation failure
* Simplify test
* Add changelog entry for PR
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-11-12 18:36:29 +00:00
9caf8c7040
Merge pull request #1419 from jangaraj/patch-1
...
Keycloak OIDC config improvement
2021-11-12 18:25:04 +00:00
1e761bf8fd
Keycloak OIDC config improvement
2021-10-25 10:01:35 +01:00
6c379f74db
Merge pull request #1412 from oauth2-proxy/release-7.2.0
...
Release 7.2.0
2021-10-22 18:19:35 +01:00
4ee3f13c46
Create versioned docs for release v7.2.x
...
Created with: yarn run docusaurus docs:version 7.2.x
2021-10-22 18:11:28 +01:00
976dc35805
Update CHANGELOG for v7.2.0 release
2021-10-22 18:11:26 +01:00
d82c268696
Merge pull request #1403 from openstandia/fix-redis-tls
...
Improve TLS handling for Redis to support non-standalone mode with TLS
2021-10-19 13:30:53 +01:00
7eb3a4fbd5
Improve TLS handling for Redis to support non-standalone mode with TLS
2021-10-19 20:04:49 +09:00
b49e62f9b2
Initalize TLS.Config when connecting to Redis with TLS ( #1296 )
...
* init TLS.Config when connecting to Redis with TLS
* don't overwrite TLS config if it exists
* add tests for Redis with TLS
* remove hardcoded certs
* add GenerateCert func
* use GenerateCert util func
* fix issue reported by go fmt
* limit return statements in GenerateCert
2021-10-19 09:17:42 +01:00
ea261ca014
fix arg typo in traefik example ( #1410 )
...
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-10-18 19:01:40 +01:00
543a71efad
Merge pull request #1411 from oauth2-proxy/fix-exclude-logging-doc
...
Fix exclude-logging-path documentation
2021-10-18 18:42:18 +01:00
bdab6feb0c
Fix exclude-logging-path documentation
2021-10-18 18:36:56 +01:00
85c02821bf
Merge pull request #1391 from oauth2-proxy/docker-buildx-selection
...
Improve build times by sharing cache and allowing platform selection
2021-10-18 18:36:19 +01:00
2ce93b6b31
Improve build times by sharing cache and allowing platform selection
2021-10-18 18:19:40 +01:00
9d8093f470
Merge pull request #1404 from oauth2-proxy/improve-no-auth-error
...
Improve error message when no cookie is found
2021-10-18 18:16:40 +01:00
d8deaa124b
Improve error message when no cookie is found
2021-10-13 19:08:11 +01:00
6cc7da8993
Merge pull request #1375 from bancek/feature-force-json-errors
...
Add --force-json-errors flag
2021-10-13 17:09:08 +01:00
Joel Speed
Andy Thompson
polarctos
Preston Sheldon
ThomasKalten
Magnus Lübeck
Ole-Martin Bratteng
Alex Babel
Nick Meves
Jeeva Kandasamy
Jack Henschel
Stephan Aßmus
Jan Garaj
Hiroyuki Wada
Maciej Strzelecki
Adam Stephens