oauth2-proxy

Commit Graph

Author	SHA1	Message	Date
Alexander Block	8cbf9219bc	Pass resource parameter in login url	2020-09-28 12:15:06 +02:00
Joel Speed	e9aa7acf4e	Merge pull request #791 from grnhse/remove-provider-preferred-username-getter Remove provider GetPreferredUsername getter method	2020-09-24 18:55:33 +01:00
Nick Meves	e0d915cc03	Stop shadowing GetEmailAddress errors in redeemCode	2020-09-24 10:50:18 -07:00
Nick Meves	3371284a36	Remove GetPreferredUsername method from Provider interface It isn't used in any providers and we have future plans to remove the specialness of PreferredUsername and make it an optional field in the session. User, Email & Groups will eventually be the only first class fields on the session that are always set.	2020-09-24 10:49:50 -07:00
Joel Speed	160685abd7	Merge pull request #722 from grnhse/redis-startup-validation Redis configuration startup validation	2020-09-24 18:48:55 +01:00
Nick Meves	6db1aeb9c6	Validate Redis session store health on startup	2020-09-24 10:41:43 -07:00
Joel Speed	93870ec0ff	Merge pull request #575 from grnhse/deprecate-sha1 Stop accepting legacy SHA1 signed cookies	2020-09-24 18:36:52 +01:00
Nick Meves	56f199a24f	Stop accepting legacy SHA1 signed cookies	2020-09-24 10:31:34 -07:00
Nick Meves	55a941b76e	Merge pull request #788 from blz-ea/patch-1 docs: fix Keycloak provider documentation	2020-09-23 09:54:40 -07:00
blz-ea	4a04ff4529	docs: fix Keycloak provider documentation	2020-09-22 20:13:00 -04:00
Nick Meves	8eb9c69a9a	Merge pull request #616 from stefansedich/group-claim Add support to ensure user belongs in required groups when using the OIDC provider	2020-09-21 13:04:27 -07:00
Stefan Sedich	9d59519a96	Add support to ensure user belongs in required groups when using the OIDC provider	2020-09-21 10:43:54 -07:00
Joel Speed	a87beab1a0	Merge pull request #764 from lentzi90/patch-1 Document bcrypt encryption for htpasswd	2020-09-11 14:26:03 +01:00
Lennart Jern	e14d6ab791	Document bcrypt encryption for htpasswd Remove mention of (insecure) SHA option for encryption.	2020-09-11 13:32:00 +03:00
Joel Speed	ef08d01b98	Merge pull request #757 from ManoManoTech/doc/cookieSession Doc: cookie-secret is a mandatory field for cookie session	2020-09-04 15:30:47 +01:00
Aurélien LAJOIE	0eb0024e87	Doc: cookie-secret is a mandatory field for cookie session	2020-09-04 16:20:41 +02:00
Joel Speed	e4e5580852	Merge pull request #748 from oauth2-proxy/release-6.1.1 Prepare CHANGELOG for v6.1.1 release	2020-08-31 17:18:45 +01:00
Joel Speed	1337f56188	Prepare CHANGELOG for v6.1.1 release	2020-08-31 17:01:52 +01:00
Joel Speed	841bf77f7f	Merge pull request #746 from oauth2-proxy/fix-static Fix conversion of static responses in upstreams	2020-08-31 16:58:55 +01:00
Joel Speed	bd619ab63e	Fix conversion of file upstreams	2020-08-31 16:54:13 +01:00
Joel Speed	b40517bbe3	Fix conversion of static responses in upstreams	2020-08-31 16:54:01 +01:00
Joel Speed	73f0094486	Merge pull request #729 from grnhse/x-forwarded-host-redirect Use X-Forwarded-Host in Redirects	2020-08-31 16:48:20 +01:00
Nick Meves	29b24793e3	Use X-Forwarded-Host consistently	2020-08-31 08:31:45 -07:00
Tomoyuki KOYAMA	bd5fab478d	fix docs: command line options (#744 )	2020-08-29 09:26:24 +01:00
Joel Speed	37026b60ce	Merge pull request #741 from oauth2-proxy/release-6.1.0 Prepare changelog for v6.1.0 release	2020-08-27 15:15:24 +01:00
Joel Speed	43bf36425d	Prepare changelog for v6.1.0 release	2020-08-27 15:08:46 +01:00
Joel Speed	4134a9010e	Merge pull request #742 from oauth2-proxy/domain-log Only log no cookie match if cookie domains specified	2020-08-27 15:01:32 +01:00
Joel Speed	105d5acb7b	Only log no cookie match if cookie domains specified	2020-08-27 14:48:00 +01:00
Dan Bond	d7abd56981	dist.sh: remove go version from asset links (#733 ) * dist.sh: remove go version from asset links * update changelog	2020-08-25 08:41:14 -07:00
Joel Speed	5fa5b3186f	Merge pull request #562 from oauth2-proxy/auth-header-helper Create generic Authorization Header constructor	2020-08-17 16:44:38 +01:00
Joel Speed	d05e08cba3	Create generic Authorization Header constructor	2020-08-16 20:04:34 +01:00
Joel Speed	9a338d8a34	Merge pull request #715 from oauth2-proxy/session-nil-time Ensure session times are not nil before printing them	2020-08-16 19:57:55 +01:00
Joel Speed	16a30002df	Ensure session times are not nil before printing them	2020-08-16 19:53:52 +01:00
Joel Speed	aceb9e2762	Merge pull request #700 from grnhse/oidc-no-email-tokens Allow OIDC Bearer Tokens without emails	2020-08-16 13:03:43 +01:00
Nick Meves	0645e19c24	Cleanup internalSession params & handle profileURL Bearer case better `findClaimsFromIDToken` would always have a `nil` access token and not be able to hit the userinfo endpoint in Bearer case. If access token is nil, default to legacy `session.Email = claim.Subject` that all JWT bearers used to have, even if a valid profileURL is present.	2020-08-14 13:31:38 -07:00
Nick Meves	dcc75410a8	Handle claim finding differently in bearer vs standard IDTokens	2020-08-14 13:31:38 -07:00
Nick Meves	514db45d1a	Allow OIDC Bearer Tokens without emails This reverts to functionality before #499 where an OIDC provider could be used with `--skip-jwt-bearer-tokens` and tokens without an email or profileURL would still be valid. This logic mirrors `middleware.createSessionStateFromBearerToken` which used to be the universal logic before #499.	2020-08-14 13:31:38 -07:00
Joel Speed	8515da3e91	Merge pull request #714 from grnhse/redis-sentinel-password Support Password & SentinelPassword in Redis session store	2020-08-14 14:09:54 +01:00
Nick Meves	51a9062044	Support Password & SentinelPassword in Redis session store	2020-08-11 12:22:05 -07:00
Nick Meves	35ed7a313b	Merge pull request #719 from grnhse/gosec-x-oauth-basic-skip Add `x-oauth-basic` nosec annotation & address gosec unhandled errors	2020-08-11 11:56:07 -07:00
Nick Meves	b6e78efc1e	Add `x-oauth-basic` nosec annotation & address gosec unhandled errors	2020-08-10 15:15:16 -07:00
Phil Taprogge	d69fd6af22	Allow Logging to stdout with separate Error Log Channel (#718 ) * Add dedicated error logging writer * Document new errors to stdout flag * Update changelog * Thread-safe the log buffer * Address feedback * Remove duplication by adding log level * Clean up error formatting * Apply suggestions from code review Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>	2020-08-10 11:44:08 +01:00
Nick Meves	33e04cc52f	Merge pull request #690 from grnhse/gosec-findings-fixes Address gosec findings	2020-08-09 08:24:37 -07:00
Nick Meves	a1358d2070	Panic on any logger errors Any template errors instead of IO errors are caught in validation.	2020-08-09 07:55:41 -07:00
Nick Meves	e88d29f16a	Refactor SignInMessage out of main	2020-08-09 07:55:41 -07:00
Nick Meves	46cc21d8cf	Skip gosec linting on tests	2020-08-09 07:55:41 -07:00
Nick Meves	45222395e0	Attempt to log still on template errors	2020-08-09 07:55:40 -07:00
Nick Meves	542bf1fad1	Add gosec to .golangci.yml	2020-08-09 07:55:40 -07:00
Nick Meves	ad52587ae6	Document GoSec nosec skip comments	2020-08-09 07:55:40 -07:00
Nick Meves	2bb0160bf3	Streamline error page usage	2020-08-09 07:55:40 -07:00

... 2 3 4 5 6 ...

1390 Commits All Branches Search

1390 Commits

All Branches