public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
721 Commits 29 Branches 41 Tags 50 MiB
Commit Graph

92 Commits

Author SHA1 Message Date
Jehiah Czebotar c5fc7baa86 gofmt 2017-03-29 09:36:38 -04:00
Omar Elazhary 24f91a0b60 Allow to pass user headers only (issue #205) 
* This fixes https://github.com/bitly/oauth2_proxy/issues/205
* Add new boolean option -pass-user-headers
  to control whether X-Forwarded-User and X-Forwarded-Email
  headers will be set (as opposed to HTTP BASIC auth)
* This is required e.g. for grafana [1] where
  X-Forwarded-User is needed but HTTP BASIC auth fails
  (password is not known and must not be known in this scenario)
* Keep behaviour of PassBasicAuth unchanged for compatibility

[1] http://docs.grafana.org/installation/configuration/#authproxy
 2017-01-24 11:11:58 +01:00
tanuck c015075996 Validate cookie name (#278) 
Validate cookie name passes go's isCookieNameValid check
 2016-07-19 15:51:25 -04:00
Jehiah Czebotar cdebfd6436
base64 cookie support 2016-06-20 07:45:43 -04:00
Jehiah Czebotar 57f82ed71e
Custom footer text (optional) 
Closes #256 and #166
 2016-06-18 23:54:32 -04:00
Jehiah Czebotar 168cff9d4b Merge pull request #161 from rahdjoudj/master 
adding option to skip provider button sign_in page
 2016-06-18 23:31:39 -04:00
Mike Bland 87d80d6d22 OAUTH2_PROXY_SIGNATURE_KEY env var, README update 2016-02-24 08:23:31 -05:00
Eelco Cramer 10f47e325b Add Azure Provider 2016-01-20 03:57:17 -05:00
Mike Bland e4626c1360 Sign Upstream requests with HMAC. closes #147 2015-11-15 22:09:30 -05:00
Reda Ahdjoudj 35547a40cb adding option to skip provider button sign_in page 2015-11-11 11:42:35 +11:00
Brandon Philips 51a2e4e48c *: rename Url to URL everywhere 
Go coding style says that acronyms should be all lower or all upper. Fix
Url to URL.
 2015-11-09 00:47:44 +01:00
Justin Burnham 3fd8f911c2 google: Support restricting access to a specific group(s) 2015-09-09 02:10:32 -07:00
Ed Bardsley 33045a792b Add a flag to set the value of "approval_prompt". 
By setting this to "force", certain providers, like Google,
will interject an additional prompt on every new session. With other values,
like "auto", this prompt is not forced upon the user.
 2015-07-31 00:43:47 -07:00
Jehiah Czebotar 1e48d89e00 clarify required email validation settings 2015-07-24 16:09:33 -04:00
Justin Burnham 7dd5d299e1 Add support for setting the basic auth password. 
For tools that don't like empty passwords, this change allows
one to set a shared secret password for all users.
 2015-07-24 09:17:43 +00:00
Jehiah Czebotar d78aa13464 v2.0 & cleanup changes 
* bump version to 2.0
* remove --cookie-https-only option
* add windows build to dist.sh
* rename --cookie-key to --cookie-name
 2015-06-12 13:07:26 -04:00
Jehiah Czebotar f5b2b20f67 support TLS directly 2015-06-07 23:14:48 -04:00
Jehiah Czebotar 56d19b1c84 disable email validation; rename email-domain argument 
This adds a "*" option to --email-domain to disable email validation, and this renames `--google-apps-domain` to `--email-domain` for clarity across providers
 2015-06-06 14:37:54 -04:00
tonymeng c5ccd43767 Enable specific oauth2proxy path; change cookie name to _oauth2proxy 2015-06-06 14:21:42 -04:00
Jehiah Czebotar b96a078839 Project Rename -> oauth2_proxy 2015-05-21 02:55:04 -04:00
Jehiah Czebotar 37b38dd2f4 Github provider 2015-05-21 02:21:19 -04:00
Mike Bland 41b21dd0b1 Enforce that cookie_refresh < cookie_expire 2015-05-09 17:37:33 -04:00
Mike Bland 8ec967ac32 Check cookie_secret size when cookie_refresh set 2015-05-09 17:37:33 -04:00
Mike Bland 72857018ee Introduce `validate-url` flag/config 2015-05-08 17:13:35 -04:00
Mike Bland 8e2d83600c Implement cookie auto-refresh 
The intention is to refresh the cookie whenever the user accesses an
authenticated service with less than `cookie-refresh` time to go before the
cookie expires.
 2015-05-08 14:05:09 -04:00
Mike Bland cf79fd9e4c Refactor pass_access_token+cookie_secret check 
Moves the check from NewOauthProxy() to Options.Validate() and adds a test.
 2015-04-07 05:53:40 -04:00
Mike Bland ad3c9a886f Pass the access token to the upstream client 
This is accomplished by encoding the access_token in the auth cookie and
unpacking it as the X-Forwarded-Access-Token header for upstream requests.
 2015-04-03 15:32:01 -04:00
Mike Bland d9a945ebc3 Integrate Provider into Options and OauthProxy 2015-03-31 09:34:50 -04:00
Jehiah Czebotar b9b5e817fc improve request logging (closer to Apache Common Log) 2015-03-19 22:34:01 -04:00
Jehiah Czebotar de04e0c519 rename cookie secure flag 2015-03-19 14:08:17 -04:00
Jehiah Czebotar ebae065b11 make redirect_uri optional 2015-03-19 14:03:05 -04:00
Jehiah Czebotar 2b2324e410 support (optional) custom templates 2015-03-17 18:11:58 -04:00
Jehiah Czebotar 263e16eeea add --proxy-host-header option 2015-03-17 15:53:01 -04:00
Mike Bland d751bbea4c Catch more options errors at once; add test 2015-03-16 14:45:20 -04:00
Jehiah Czebotar 601ae6f4ec Merge pull request #60 from tomtaylor/gofmt-fixes 
Run gofmt over source
 2015-01-19 12:48:57 -05:00
Tom Taylor 5201f26ffc Run gofmt over source. 2015-01-19 16:10:37 +00:00
Tom Taylor 132e3d91d6 Add flag to enable/disable cookie's HttpOnly flag. 2015-01-19 16:00:49 +00:00
vishnu chilamakuru c4d25d271f Adding Support for multi white listed urls with regex url match. 2015-01-12 14:48:41 +05:30
drew 69804e588a Allow hiding custom login UI even if an htpasswd file is provided. 2014-12-09 14:38:57 -06:00
Jehiah Czebotar 1f515eba3c options bug fixes; set https cookies on by default 2014-11-09 22:21:46 -05:00
Jehiah Czebotar 9060feb436 better environment parsing 2014-11-09 21:12:36 -05:00
Jehiah Czebotar d4fe9a4f57 Add config file support 2014-11-09 20:33:12 -05:00