public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
123 Commits 29 Branches 41 Tags 50 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Mike Bland 9887ac3be5 Refactor cookie building and parsing 
Extracts buildCookieValue() and parseCookieValue() from OauthProxy.ServeHTTP()
and adds tests for both.
 2015-04-07 05:53:41 -04:00
Mike Bland ad3c9a886f Pass the access token to the upstream client 
This is accomplished by encoding the access_token in the auth cookie and
unpacking it as the X-Forwarded-Access-Token header for upstream requests.
 2015-04-03 15:32:01 -04:00
Vikrum Nijjar ad57a9391f Fixed timing attack in cookie validation. 
- Changed from using string == to hmac.Equal
- See more details here: http://verboselogging.com/2012/08/20/a-timing-attack-in-action
 2014-11-08 13:16:39 -05:00
Jehiah Czebotar fb636396a3 initial code import 2012-12-10 20:59:23 -05:00