* chore: bump go to version 1.21
update all depedencies as well
* fix linting issues based on golang 1.20 deprecations
* cleanup go depedencies
* add custom gomega matcher for option intefaces
* revert and upgrade golangci-lint to 1.55.2
* fix lint issues for v1.55.2 of golangci-lint
* fix toml loading test
* remove second runspecs call
* update go.sum
* revert testutil package
* feature: add release automation workflows
* deactivate provenancee because of behaviour change with buildx v0.10.0
* add changelog section extraction for github release notes
* fix registry path; fix EOF
* use correct version of golangci-lint; add additional workflow step for fetching all dependencies
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Fixes CVE-2022-41721 (#1994)
See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/
* update checkout actions (#1981)
* Fix a typo in oauthproxy.go (#2021)
* fix typo (#2001)
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs
---------
Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com>
Co-authored-by: Jeroen Landheer <jlandheer@bintelligence.nl>
Co-authored-by: Ryuichi Watanabe <ryucrosskey@gmail.com>
Co-authored-by: Ho Kim <ho.kim@ulagbulag.io>
Co-authored-by: Terrell Russell <terrellrussell@gmail.com>
* extract email from id_token for azure provider (#914)
* extract email from id_token for azure provider
this change fixes a bug when --resource is specified with non-Graph
api and the access token destined to --resource is used to call Graph
api
* fixed typo
* refactor GetEmailAddress to EnrichSessionState
* make getting email from idtoken best effort and fall back to previous behavior when it's absent
* refactor to use jwt package to extract claims
* fix lint
* refactor unit tests to use test table
refactor the get email logic from profile api
* addressing feedback
* added oidc verifier to azure provider and extract email from id_token if present
* fix lint and codeclimate
* refactor to use oidc verifier to verify id_token if oidc is configured
* fixed UT
* addressed comments
* minor refactor
* addressed feedback
* extract email from id_token first and fallback to access token
* fallback to access token as well when id_token doesn't have email claim
* address feedbacks
* updated change log!
* switch to docker buildx for multiarch builds
* add setup docker buildx action
* update docker push to push the multiarch image
* make multiarch image have parity with currently produced images by adding linux/armv6
* triaging issue with arm v6
* incorporating feedback
* fixing rebase disaster
* reset Makefile to blessed state
Co-authored-by: Weinong Wang <weinong@outlook.com>
This includes a fix for our samesite cookie parsing. The behaviour
changed in 1.16 so that the default value now leaves it empty, so it's
equivalent to not setting it (as per spec)
Jan Larwig
renovate[bot]
kvanzuijlen
Ian Roberts
Mark Iannucci
Joel Speed
Nuno Miguel Micaelo Borges
Om Aximani
Adrian Aneci
polarctos
Ryan Hartje