public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
813 Commits 29 Branches 41 Tags 50 MiB
Commit Graph

813 Commits

Author SHA1 Message Date
Adam Eijdenberg d69560d020 No need for case when only 2 conditions 2019-06-15 18:48:27 +10:00
Jonas Fonseca 7a8fb58ad1
Only validate tokens if ValidateURL resolves to a non-empty string 
Fix an unsupported protocol scheme error when validating tokens by
ensuring that the ValidateURL generates a non-empty string. The Azure
provider doesn't define any ValidateURL and therefore uses the default
value of `url.Parse("")` which is not `nil`.

The following log summary shows the issue:

    2019/06/14 12:26:04 oauthproxy.go:799: 10.244.1.3:34112 ("10.244.1.1") refreshing 16h26m29s old session cookie for Session{email:jonas.fonseca@example.com user:jonas.fonseca token:true} (refresh after 1h0m0s)
    2019/06/14 12:26:04 internal_util.go:60: GET ?access_token=eyJ0...
    2019/06/14 12:26:04 internal_util.go:61: token validation request failed: Get ?access_token=eyJ0...: unsupported protocol scheme ""
    2019/06/14 12:26:04 oauthproxy.go:822: 10.244.1.3:34112 ("10.244.1.1") removing session. error validating Session{email:jonas.fonseca@example.com user:jonas.fonseca token:true}
 2019-06-14 12:52:22 -04:00
Joel Speed 8027cc454e
Move api to pkg/requests 2019-06-08 07:40:43 +01:00
Adam Eijdenberg f35c82bb0f The AuthOnly path also needs the response headers set 2019-06-07 14:25:12 +10:00
Adam Eijdenberg 9e59b4f62e Restructure so that serving data from upstream is only done when explicity allowed, rather 
than as implicit dangling else
 2019-06-07 13:50:44 +10:00
Joel Speed 572646e0d5
Merge pull request #175 from govau/bumpoidc 
Bump go-oidc
 2019-06-06 17:54:25 +01:00
Joel Speed 78feaec6fa
Merge branch 'master' into bumpoidc 2019-06-06 17:38:19 +01:00
Joel Speed 55a853cf51
Merge pull request #155 from lsst/redis-session-store 
Redis session store
 2019-06-05 11:39:47 +01:00
Brian Van Klaveren 405f9b3bb0 Update CHANGELOG with descriptions about redis support 
Add updates from master
 2019-06-05 00:12:11 -07:00
Joel Speed 4721da02f2 Ensure SessionStores can handle recieving cookies for the wrong implementation 
(cherry picked from commit 131206cf41697543583751ac2714287898c19ad0)
 2019-06-05 00:11:42 -07:00
Joel Speed c1ae0ca807 Make sure the cookie exists before we clear the session in redis 
(cherry picked from commit 6d7f0ab57d554706425f76aed4df60717dd63ece)
 2019-06-05 00:11:42 -07:00
Joel Speed 22199fa417 Fix ticket retrieval with an invalid ticket 
(cherry picked from commit 66bbf146ec45d127bdd374120743aeef936894a7)
 2019-06-05 00:11:42 -07:00
Joel Speed 3155ada287 Ensure sessions are refreshable in redis session store 
(cherry picked from commit 48edce3003d187a3eadc4ea96236845271dd9360)
 2019-06-05 00:11:42 -07:00
Joel Speed 2e2327af6c Check SaveSession works when an existing session is present 
(cherry picked from commit 9dc1a96d817741632cb476456755a645b732db7d)
 2019-06-05 00:11:42 -07:00
Brian Van Klaveren ae0258a203 Documentation updates around Redis and Redis Sentinel use 2019-06-05 00:11:42 -07:00
Joel Speed 518c1d3e8e Add Redis sentinel compatibility 
(cherry picked from commit ff36b61f8cee4ecf0b91a90b5e1b651b526bb6b6)
 2019-06-05 00:11:42 -07:00
Brian Van Klaveren fc06e2dbef Update documentation and changelog for redis store 2019-06-05 00:11:42 -07:00
Joel Speed 5095c3647d Add redis-connection-url flag 2019-06-05 00:10:51 -07:00
Joel Speed 4f5dbace9f Refactor persistent tests with more Context 2019-06-05 00:10:51 -07:00
Joel Speed 7e7bfb5daf Stop miniredis after each test 2019-06-05 00:10:51 -07:00
Joel Speed bc3d75a2ed Run persistent tests with multiple option groups 2019-06-05 00:10:51 -07:00
Joel Speed 42f14a41d9 Clean up persistent SessionStore tests 2019-06-05 00:10:51 -07:00
Joel Speed a7693cc72a Tranfser all cookies in tests 2019-06-05 00:10:51 -07:00
Joel Speed 93df7d9132 Remove spurious comment 2019-06-05 00:10:51 -07:00
Joel Speed a6b8f7bde2 Rename expire -> expiration 2019-06-05 00:10:51 -07:00
Joel Speed 2f61e42c37 More obvious comment on CFB 2019-06-05 00:10:51 -07:00
Joel Speed f435fa68ab Make loadSessionFromString private 2019-06-05 00:10:51 -07:00
Joel Speed 130d03758d Fix comments on Redis options 2019-06-05 00:10:51 -07:00
Joel Speed 7a1fc52e33 Fix go-redis version pin 2019-06-05 00:10:51 -07:00
Joel Speed b255ed56ef Sign cookies in the Redis Session store 2019-06-05 00:10:51 -07:00
Joel Speed 2c566a5f5b Use session CreatedAt for cookie timings 2019-06-05 00:10:51 -07:00
Joel Speed 296d989e58 Simplify redis store options 2019-06-05 00:10:51 -07:00
Brian Van Klaveren f2562e8973 Pin version of go-redis 2019-06-05 00:10:51 -07:00
Brian Van Klaveren 42731f0617 Check cookie error and doc on cookie handling 2019-06-05 00:10:51 -07:00
Brian Van Klaveren b1bd3280db Add support for a redis session store 2019-06-05 00:10:51 -07:00
Brian Van Klaveren e881612ea6 Fix session_state type 2019-06-05 00:10:51 -07:00
Adam Eijdenberg b6c60f52ee Bump go-oidc 2019-06-04 10:58:35 +10:00
Joel Speed 1355c1ce30
Merge pull request #170 from zeha/release-tarballs-as-before 
Make release tarballs look like bitly's
 2019-06-03 16:23:30 +01:00
Joel Speed df6b6b7ce0
Merge pull request #176 from govau/fixnogopath 
Stop assuming that GOPATH is always set, and is a single directory
 2019-06-03 16:21:39 +01:00
Joel Speed 40cf6b2626
Merge pull request #168 from pusher/drop-1.11 
Drop Go 1.11 from Travis CI
 2019-06-03 15:22:35 +01:00
Joel Speed 006322562d
Bump go version in configure to check for go 1.12 2019-06-03 14:59:58 +01:00
Joel Speed f0b6f1525b
Update changelog 2019-06-03 14:59:56 +01:00
Joel Speed 29fb71fac5
Drop Go 1.11 from Travis CI 2019-06-03 14:59:16 +01:00
Adam Eijdenberg 37475637cd Install gometalinter in travis instead 2019-06-03 17:53:47 +10:00
Adam Eijdenberg e7d29590cd Fix travis so that if "configure" fails, it doesn't try to run make 2019-06-03 17:47:51 +10:00
Adam Eijdenberg b05eb71adf Stop assuming that GOPATH is always set, and is a single directory 
As of I think go1.8 GOPATH is by default $HOME/go so it is incorrect to
assume that it is set.

If not set, then the Makefile assumes gometalinter will be in
/bin/gometalinter, which it likely is not, and thus fails.

We could change configure to set GOPATH in the .env, however then we
would be assuming that GOPATH is a single entry - whereas like other
paths, it can contain more than one value.

So instead this commit stops trying to install gometalinter, and like
dep, it assumes that it is installed prior.

(and since the current behaviour of the Makefile is affecting state
external to the project, that seems more logical)
 2019-06-03 17:25:48 +10:00
Joel Speed 0d56a4c570
Merge pull request #171 from benbro/master 
Fix repo link
 2019-06-01 10:06:05 +01:00
benbro 60bb8fc7ea
Fix repo link 2019-06-01 05:36:28 +03:00
Chris Hofstaedtler 076484297e Make release tarballs look like bitly's 
Fixes #162
 2019-05-31 14:46:54 +02:00
Joel Speed e374805f8e
Merge pull request #169 from kskewes/alpine3.9 
Update Docker base Alpine image to 3.9
 2019-05-31 09:10:02 +01:00