public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
945 Commits 29 Branches 41 Tags 50 MiB
Commit Graph

81 Commits

Author SHA1 Message Date
Pavel Kirichenko f2661c47ba
Support for client secret file. (#355) 
* added ClientSecretFile in ProviderData

* add documentation notes on client secret file

* added Changelog entry for Client Secret File PR

* fixing configuration.md

* addressing PR issue of ClientSecret property naming

* Update providers/provider_data.go

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* corrected changelog entry

* fixed typo in GetClientSecret

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-02-15 13:44:39 +00:00
Yan Yao 18d20364a8
Extension of Redis Session Store to Support Redis Cluster (#363) 
* Extend the redis session store to support redis cluster

* rename function newRedisClient to newRedisCmdable

* update docs about redis cluster as session store

* update autocomplete script with redis cluster options

* add check about conflict between option redis-use-sentinel and redis-use-cluster

* update change log

* Update docs/configuration/sessions.md

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* Update pkg/sessions/redis/redis_store.go

Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>

* add the dropped option back

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
 2020-02-06 17:59:12 +00:00
Nick Watts 3ae261031e
Add sign_out endpoint to endpoint documentation page (#383) 2020-02-05 16:28:51 +00:00
Martin Campbell d9362d3bb9 Add reverse proxy setting (#331) 
* Add reverse proxy setting (#321)
 2020-01-24 17:54:13 +00:00
dependabot[bot] a7672c82bc
Bump rubyzip from 1.2.2 to 2.0.0 in /docs 
Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 1.2.2 to 2.0.0.
- [Release notes](https://github.com/rubyzip/rubyzip/releases)
- [Changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md)
- [Commits](https://github.com/rubyzip/rubyzip/compare/v1.2.2...v2.0.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-01-20 19:28:58 +00:00
Joel Speed 17d9961cb9
Merge branch 'master' into pgroudas/add-samesite-cookie-options 2020-01-20 19:21:51 +00:00
Dan Bond 11cc396059
Merge branch 'master' into kamal/whitelist-redirects-with-ports 2020-01-15 14:03:17 +00:00
Kamal Nasser eee4b55e0f DigitalOcean Auth Provider (#351) 
* DigitalOcean provider

* documentation: digitalocean provider

* changelog: digitalocean provider

* codeowners: digitalocean provider
 2020-01-15 11:09:34 +00:00
Dan Bond 625909e445
Merge branch 'master' into kamal/whitelist-redirects-with-ports 2020-01-10 09:48:25 +00:00
sushiMix f94dee6f0d Update keycloak provider configuration doc (#347) 
* update keycloak provider configuration doc

* Add changelog entry
 2020-01-10 09:41:08 +00:00
Kamal Nasser 5489d1624e
Merge branch 'master' into kamal/whitelist-redirects-with-ports 2020-01-08 22:24:56 +02:00
Paul Groudas 5d0827a028 Add configuration for cookie 'SameSite' value. 
Values of 'lax' and 'strict' can improve and mitigate
some categories of cross-site traffic tampering.

Given that the nature of this proxy is often to proxy
private tools, this is useful to take advantage of.

See: https://www.owasp.org/index.php/SameSite
 2020-01-06 12:21:52 -05:00
Casey Link 227ea5da44 Add Nextcloud provider (#179) 2019-11-25 18:47:21 +01:00
Felix Fontein 11205c7399 Allow to change provider's name (#296) 
* Allow to change provider's name.

* Add changelog entry.

* Linting.

* provider-name -> provider-display-name.

* Add flag in main.go.

* Update CHANGELOG.md
 2019-11-25 17:20:37 +00:00
Christian Groschupp 6d74a42e57
Merge branch 'master' into feat/static-upstream 2019-11-19 12:23:42 +01:00
Kamal Nasser 6d1b5fc4b0
Merge branch 'master' into kamal/whitelist-redirects-with-ports 2019-11-14 17:19:21 +02:00
Konstantine fef940da9a Added userinfo endpoint (#300) 
* Added userinfo endpoint

* Added documentation for  the userinfo endpoint

* Update oauthproxy.go

Co-Authored-By: Dan Bond <pm@danbond.io>

* Suggested fixes :  Streaming json to rw , header set after error check

* Update oauthproxy.go

Co-Authored-By: Dan Bond <pm@danbond.io>

* fix session.Email

* Ported tests and updated changelog
 2019-11-07 14:38:36 -08:00
Christian Groschupp 9e4a7ee84e
Merge branch 'master' into feat/static-upstream 2019-11-01 17:34:27 +01:00
Joel Speed acb0d3ab79
Add logo to docs site 2019-10-30 10:04:29 +00:00
Joel Speed 14601093c4
Add logos to docs folder 2019-10-30 09:57:24 +00:00
Dan Bond f40dab8748 Rewrite dist script (#302) 
* Rewrite dist scripts

* add changelog entry

* remove multiple loops in dist

* styling
 2019-10-29 17:27:08 +00:00
Dan Bond 90a6915ab1 fix bad grammar in upstreams configuration docs 2019-10-25 13:47:28 -07:00
Kamal Nasser 1af7c208ee Update documentation and changelog 2019-10-23 16:48:16 +03:00
Josh Michielsen 052451edef Merge branch 'Issue#259-RedirectToHTTPS' of github.com:jmickey/oauth2_proxy into Issue#259-RedirectToHTTPS 2019-10-17 22:20:21 +01:00
Josh Michielsen 56d195a433 Docs and changelog 
Signed-off-by: Josh Michielsen <github@mickey.dev>
 2019-10-17 22:20:15 +01:00
Christian Groschupp 1295f87b33
Add static upstream 2019-10-10 10:14:00 +02:00
leyshon ef22a0f4b6
Merge branch 'master' into feature/azure-idtoken 2019-10-04 13:32:29 +01:00
leyshon 0b2eb91fa4
Update docs/2_auth.md 
Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>
 2019-10-03 11:46:04 +01:00
Joel Speed b515b90b34
Fix permalinks for configuration and sessions 2019-10-03 11:10:06 +01:00
leyshon d8d4c687df
Merge branch 'master' into feature/azure-idtoken 2019-10-02 10:33:08 +01:00
T S 513af9b714 Escape original request URI in sample kubernetes ingress configuration 
The current sample configuration for kubernetes ingress demonstrates
using the `auth-signin` annotation to redirect a user to oauth2_proxy's
signin page. It constructs the link to do so by directly concatenating
`$request_uri` as the `rd` parameter, so the sign-in page knows where to
send the user after signin is complete.

However, this does not work correctly if the original request URI
contains multiple query parameters separated by an ampersand, as that
ampersand is interpereted as separating query parameters of the
`/oauth2/start` URI. For example:

If the user requests a URL:
  https://example.com/foo?q1=v1&q2=v2
they may be redirected to the signin url
  https://example.com/oauth2/start?rd=https://example.com/foo?q1=v1&q2=v2
and after completing signin, oauth2_proxy will redirect them to
  https://example.com/foo?q1=v1

nginx-ingress added an $escaped_request_uri variable about a year ago,
to help resolve this kind of issue
(https://github.com/kubernetes/ingress-nginx/pull/2811)
 2019-10-01 12:28:00 -07:00
Joel Speed ac0d010371
Merge branch 'master' into support-x-auth-request-redirect 2019-09-30 17:21:05 +01:00
Dan Bond 85a1ed5135
Merge branch 'master' into keycloak-provider 2019-09-25 13:21:46 -07:00
Ian Hunter 8098094fc2 Merge branch 'master' of github.com:pusher/oauth2_proxy into support-x-auth-request-redirect 2019-09-19 11:27:27 -05:00
leyshon 1aad87d7ca Fixing a small typo in the docs 2019-09-02 16:03:48 +01:00
leyshon 21aba50ea5 Adding a note to the Azure provider documentation to mention issues with the size of the cookie session storage 2019-09-02 16:00:28 +01:00
Nelson Menezes 82a3d5afdc Add clarification about plural env vars (#252) 2019-08-27 09:15:33 -07:00
dependabot[bot] b83b7565f3
Bump nokogiri from 1.10.1 to 1.10.4 in /docs 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.1 to 1.10.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.1...v1.10.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-08-21 10:05:52 +00:00
Ian Hunter a209a52df1 More fully support X-Auth-Request-Redirect header 
Docs showed that the X-Auth-Request-Redirect header can specify a redirect URI, but only the rd POST parameter was being honored
This fixes that.
 2019-08-17 15:50:44 -05:00
Henry Jenkins 71dfd44149
Merge branch 'master' into keycloak-provider 2019-08-17 08:10:37 +01:00
Henry Jenkins a65d38d181
Merge branch 'master' into fix-docs-links 2019-08-14 12:04:23 +01:00
Henry Jenkins c941f3ce0d
Merge branch 'master' into fix-docs-links 2019-08-13 21:23:45 +01:00
Brady Mitchell 272fb96024 add back nginx-auth-request <a name 2019-08-13 09:12:48 -07:00
Brady Mitchell bc5fc5a513 remove unnecessary <a> tags 2019-08-13 09:01:38 -07:00
ferhat elmas fb52bdb90c Fix some typos 2019-08-13 12:42:23 +02:00
Brady Mitchell 9938bb95d9
Merge branch 'master' into docFormat 2019-08-11 17:23:33 -07:00
Brady Mitchell 4b985992d8 add missing header border 2019-08-11 17:21:32 -07:00
Henry Jenkins 8b61559b8d Fix links in docs 
- Fixed a bunch of references to the repo, which were 404ing
- Fixed a couple of things that 301/302ed
- Fixed some in page references
 2019-08-11 16:07:03 +01:00
Vitalii Tverdokhlib 9e37de53e3
docs: fix path to oauth2_proxy.cfg 2019-08-11 14:55:19 +03:00
Brady Mitchell 18156713e3 indent content in ordered list, fixes 165 2019-08-10 21:46:13 -07:00