public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,068 Commits 29 Branches 41 Tags 50 MiB
Commit Graph

1068 Commits

Author SHA1 Message Date
Joel Speed bdcdfb74f9
Update docs and changelog 2019-07-15 12:01:43 +01:00
Joel Speed f0d006259e
Ensure all options use a consistent format for flag vs cfg vs env 2019-07-15 11:59:46 +01:00
Joel Speed 6311fa2950
Merge pull request #187 from pusher/refactor 
Move root packages to pkg folder
 2019-07-15 11:43:50 +01:00
Joel Speed 630db3769b
Merge branch 'master' into refactor 2019-07-15 11:30:43 +01:00
Joel Speed 4bc0a91e2e
Merge pull request #210 from steakunderscore/alpine-3-10 
Update to Alpine 3.10
 2019-07-15 11:25:12 +01:00
Henry Jenkins 179ee6c2db Update CHANGELOG 2019-07-14 13:51:46 +01:00
Henry Jenkins e92e2f0cb4 Update CHANGELOG 2019-07-14 13:32:37 +01:00
Henry Jenkins 27bdb194b1 Update to Alpine 3.10 2019-07-13 22:14:05 +01:00
Henry Jenkins c98ff79aba Update other docker files 2019-07-13 22:12:20 +01:00
Henry Jenkins e245ef4854 Switch from dep to go mod 
Update modules to avoid issues with golangci-lint
 2019-07-13 21:54:45 +01:00
Joel Speed a83c5eabb6
Merge pull request #159 from djfinlay/wip/allow-unverified-email 
Create option to skip verified email check in OIDC provider
 2019-07-11 16:38:17 +01:00
Daryl Finlay 9823971b7d Make insecure-oidc-allow-unverified-email configuration usage consistent 2019-07-11 15:58:31 +01:00
Daryl Finlay 776d063b98 Update changelog to include --insecure-oidc-allow-unverified-email 2019-07-11 15:30:57 +01:00
Daryl Finlay 39b6a42d43 Mark option to skip verified email check as insecure 2019-07-11 15:29:48 +01:00
Daryl Finlay 018a25be04 Create option to skip verified email check in OIDC provider 2019-07-11 15:29:48 +01:00
Joel Speed ecd0f89c84
Merge pull request #206 from nniikkoollaaii/feature/update_docs_nginx_auth_request 
update configuration.md auth_request section
 2019-07-10 09:38:21 +01:00
Seip, Nikolai 387a7267e1 update configuration.md auth_request section 2019-07-10 10:26:31 +02:00
Joel Speed 4eefc01600
Merge pull request #195 from steakunderscore/banner-flag 
Adds banner flag
 2019-07-04 11:24:16 +01:00
Henry Jenkins aa37564655
Merge branch 'master' into banner-flag 2019-07-02 14:03:21 +01:00
Joel Speed 85c5cef783
Merge pull request #198 from steakunderscore/switch_to_golangci-lint 
Switch linter to golangci-lint
 2019-07-01 16:37:26 +01:00
hjenkins ce7e384095 Remove TODO vetshadow as it's part of govet 2019-07-01 16:27:19 +01:00
Henry Jenkins b9cfa8f49f Add changelog entry 2019-06-25 16:42:24 +01:00
Henry Jenkins 924eab6355 Adds banner flag 
This is to override what's displayed on the main page.
 2019-06-25 16:41:51 +01:00
Henry Jenkins 5bcb998e6b Update changelog 2019-06-23 21:39:13 +01:00
Henry Jenkins d24aacdb5c Fix lint errors 2019-06-23 21:39:13 +01:00
Henry Jenkins 411adf6f21 Switch linter to golangci-lint 2019-06-23 20:44:16 +01:00
Joel Speed 317f09f41e
Merge pull request #65 from lsst/jwt_bearer_passthrough 
JWT bearer passthrough
 2019-06-21 15:40:34 +01:00
Brian Van Klaveren 3881955605 Update unit tests for ValidateGroup 2019-06-20 16:57:20 -07:00
Brian Van Klaveren bd651df3c2 Ensure groups in JWT Bearer tokens are also validated 
Fix a minor auth logging bug
 2019-06-20 13:40:04 -07:00
Brian Van Klaveren 058ffd1047 Update unit tests for username 2019-06-17 13:11:49 -07:00
Brian Van Klaveren 5a50f6223f Do not infer username from email 2019-06-17 12:58:40 -07:00
Brian Van Klaveren 100f126405 Make JwtIssuer struct private 2019-06-17 12:52:44 -07:00
Brian Van Klaveren 2f6dcf3b5f Move refreshing code to block acquiring cookied session 2019-06-17 12:52:44 -07:00
Brian Van Klaveren 48dbb391bc Move around CHANGELOG.md update 2019-06-17 12:52:44 -07:00
Brian Van Klaveren 54d91c69cc Use logger instead of log 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 350c1cd127 Use JwtIssuer struct when parsing 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 58b06ce761 Fall back to using sub if email is none (as in PR #57) 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 79acef9036 Clarify skip-jwt-bearer-tokens default and add env tags 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 10f65e0381 Add a more realistic test for JWT passthrough 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 1ff74d322a Fix imports 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 69cb34a04e Add unit tests for JWT -> session translation 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 187960e9d8 Improve token pattern matching 
Unit tests for token discovery
 2019-06-17 12:52:13 -07:00
Brian Van Klaveren 8413c30c26 Update changelog with info about -skip-jwt-bearer-tokens 2019-06-17 12:52:13 -07:00
Brian Van Klaveren b895f49c52 Use idToken expiry because that's the time checked for refresh 
RefreshSessionIfNeeded checks the token expiry, we want to use
the ID token's expiry
 2019-06-17 12:51:35 -07:00
Brian Van Klaveren 8083501da6 Support JWT Bearer Token and Pass through 2019-06-17 12:51:35 -07:00
Joel Speed 0af18d6d7c
Merge pull request #141 from openai/googleGroupEmail 
Check google group membership based on email address
 2019-06-15 14:05:56 +02:00
Joel Speed 77e1fff753
Merge pull request #185 from jonas/check-against-validate-url-string 
Only validate tokens if ValidateURL resolves to a non-empty string
 2019-06-15 12:30:03 +02:00
Joel Speed 0d6fa6216d
Merge pull request #180 from govau/littletidyups 
Minor restructure for greater confidence that only authenticated requests are proxied
 2019-06-15 12:21:54 +02:00
Joel Speed 6366690927
Fix gofmt for changed files 2019-06-15 11:34:00 +02:00
Joel Speed 417fde190c
Update changelog 2019-06-15 11:33:59 +02:00