ae17e38403
Ensure config flags get parsed correctly when other flags preceed them
2021-02-06 15:25:08 +00:00
9df3a752a6
Merge pull request #1020 from grnhse/flatten-response-headers
...
Flatten array-based response headers
2021-02-04 08:10:59 +00:00
c3f31b4dd5
Flatten array-based response headers
2021-02-03 16:48:26 -08:00
06985879e1
Merge pull request #1007 from oauth2-proxy/release-v7.0.0
...
Prepare for Release v7.0.0
2021-02-01 18:16:08 +00:00
1ccaea7710
Add advisory note to changelog
2021-02-01 18:12:34 +00:00
d1a249262f
Create v7.0.x versioned docs
...
Created within: yarn run docusaurus docs:version 7.0.x
2021-02-01 18:05:47 +00:00
a909d33355
Update CHANGELOG for release v7.0.0
2021-02-01 18:05:44 +00:00
780ae4f3c9
Merge pull request from GHSA-4mf2-f3wh-gvf2
2021-02-01 18:04:33 +00:00
48b1658e5d
Update alpine version to 3.13 ( #1013 )
...
* Update alpine version to 3.13
alpine 3.12 has a CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928 which got fixed in recent version
* address review comments
2021-01-30 15:33:28 +00:00
b541805dc1
Use comma separated multiple values for header ( #799 )
...
* Use comma separated value for multiple claims
* Fix lint error
* Fix more tests
* Fix one more test
* Always flatten the headers
* Ensure we test the real multi-groups
* Only update map when necessary
* Update CHANGELOG
* Move to the right location of change log
* Fix blank line
2021-01-22 08:48:34 +00:00
8087de7a03
Add Gitlab version warning/constaint in documentation ( #1004 )
2021-01-20 19:57:22 +00:00
57640764c0
Use logger for sensitive data logging to be able to disable it ( #1002 )
...
* Add sensible logging flag to default setup for logger
* Use logger instead of fmt for info logging with sensible data
* Remove sensible logging flag
* Update CHANGELOG.md
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2021-01-20 19:56:13 +00:00
56075e3776
Merge pull request #903 from oauth2-proxy/reference-generator
...
Add docs and generated reference for Alpha configuration
2021-01-19 19:27:38 +00:00
fbfc0959cb
Add changelog entry for new alpha configuration docs
2021-01-18 09:57:51 +00:00
5c64e236fb
Generate reference page in configuration
2021-01-18 09:57:44 +00:00
eb129a342c
Ensure code is generated during CI
2021-01-18 09:56:07 +00:00
9c126f5740
Merge pull request #964 from grnhse/reverse-proxy-context
...
Track the ReverseProxy config setting in the request Scope
2021-01-17 18:32:32 +00:00
da02914a9c
Log IsValidRedirect violations and do a final safety call
2021-01-16 13:56:38 -08:00
fa6a785eaf
Improve handler vs helper organization in oauthproxy.go
...
Additionally, convert a lot of helper methods to be private
2021-01-16 13:55:49 -08:00
73fc7706bc
Figure out final app redirect URL with proxy aware request utils
2021-01-16 13:55:49 -08:00
f054682fb7
Make HTTPS Redirect middleware Reverse Proxy aware
2021-01-16 13:55:48 -08:00
6fb3274ca3
Refactor organization of scope aware request utils
...
Reorganized the structure of the Request Utils due to their widespread use
resulting in circular imports issues (mostly because of middleware & logger).
2021-01-16 13:55:48 -08:00
b625de9490
Track the ReverseProxy option in the request Scope
...
This allows for proper handling of reverse proxy based headers throughout
the lifecycle of a request.
2021-01-16 13:55:48 -08:00
8e02fac2cc
Merge pull request #995 from oauth2-proxy/security
...
Add Security Policy
2021-01-16 13:54:07 -08:00
e50e6ed373
Add Security Policy
2021-01-16 19:47:47 +00:00
a0d37518e0
Merge pull request #989 from rassie/master
...
Adapt isAjax to support mimetype lists
2021-01-12 15:28:07 -08:00
81bf1ef8ce
Adapt isAjax to support mimetype lists
...
Fixes #988
2021-01-12 19:37:30 +01:00
dd60fe4fef
Merge pull request #982 from grnhse/maintainer-update
...
Add NickMeves to MAINTAINERS
2021-01-11 09:03:00 +00:00
d08b9b7cc4
Add NickMeves to MAINTAINERS
2021-01-10 10:56:01 -08:00
597ffeb121
Fix joined cookie name for those containing underline in the suffix ( #970 )
...
* properly handle splitted cookies with names ending with _
* test update
* provide cookieName into joinCookies instead of processing the suffix
* changelog update
* test update
2021-01-04 17:21:17 -08:00
1d74a51cd7
Use X-Forwarded-{Proto,Host,Uri} on redirect as last resort ( #957 )
2021-01-01 15:23:11 -08:00
91b3f5973e
Merge pull request #953 from grnhse/keycloak-refactor-provider-methods
...
Refactor Keycloak Provider Methods
2021-01-01 10:40:55 +00:00
4b28e6886c
Handle ValidateURL fallback for nil & empty struct cases
2020-12-24 14:04:20 -08:00
816d9a4566
Use a generic http.HandlerFunc in Keycloak tests
2020-12-24 14:04:19 -08:00
f07a5630f1
Update Keycloak documentation
2020-12-24 14:04:19 -08:00
138a6b128a
Use ProfileURL for userinfo EnrichSession calls in Keycloak
2020-12-24 14:04:19 -08:00
0886f8035c
Move all Keycloak unit tests to Ginkgo
2020-12-24 14:04:19 -08:00
3369799853
Migrate Keycloak to EnrichSession & support multiple groups
2020-12-24 14:04:19 -08:00
89e0a77a8f
Merge pull request #849 from grnhse/is-831-auth-querystring-groups
...
Group/Role Access Restriction support in `/oauth2/auth` endpoint
2020-12-24 12:21:40 -08:00
753f6c548a
Add a detailed allowed_groups example to Important Notes
2020-12-24 12:05:12 -08:00
65e15f24c1
Support only allowed_groups querystring
2020-12-24 12:05:12 -08:00
025056cba0
Move AuthOnly authorize logic to a dedicated method
2020-12-24 12:05:11 -08:00
44d83e5f95
Use StatusForbidden to prevent infinite redirects
2020-12-24 12:04:01 -08:00
23b2355f85
Allow group authZ in AuthOnly endpoint via Querystring
2020-12-24 12:04:01 -08:00
8bd2409342
Merge pull request #936 from grnhse/oidc-provider-refactor
...
OIDC Provider Refactor
2020-12-23 19:04:51 +00:00
d2ffef2c7e
Use global OIDC fields for Gitlab
2020-12-21 16:54:12 -08:00
42f6cef7d6
Improve OIDC error handling
2020-12-21 16:53:05 -08:00
ea5b8cc21f
Support non-list and complex groups
2020-12-21 16:52:18 -08:00
eb56f24d6d
Deprecate UserIDClaim in config and docs
2020-12-21 16:52:17 -08:00
74ac4274c6
Move generic OIDC functionality to be available to all providers
2020-12-21 16:52:04 -08:00
Joel Speed
Nick Meves
Nishanth Reddy
Lida Li
Wilfried OLLIVIER
Kevin Kreitner
Nikolai Prokoschenko
Ilia Pertsev
İlteriş Eroğlu