public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
oauth2-proxy/pkg
History
frapas c2f27999bd fix: invalidate session on fatal OAuth2 refresh errors 
When a token refresh fails with a fatal OAuth2 error (invalid_grant,
invalid_client), the session is now cleared from the session store
and the cookie is removed, forcing re-authentication.

Previously, fatal refresh errors were logged but the stale session
continued to be served, leaving users logged in indefinitely after
their session was revoked at the provider level.

Transient errors (network timeouts, server errors) continue to
preserve the existing session as before.

Fixes #1945
 		2026-02-06 20:40:27 +01:00
..
apis fix: static upstreams failing validation due to `passHostHeader` and `proxyWebSockets` defaults being set incorrectly (#3302) 2026-01-17 15:15:19 +01:00
app chore(lint): fix staticcheck issues (#3061) 2025-05-26 12:29:34 +02:00
authentication fix: hmacauth dependency licensing issue (#3253) 2025-11-09 20:14:54 +01:00
cookies test: replace mock pkg/clock with narrowly targeted stub clocks. (#3238) 2025-10-28 10:05:02 +01:00
encryption fix alpha config 2025-11-16 22:38:40 +01:00
header revert: secrets as []byte instead of string 2025-11-16 22:38:42 +01:00
ip feat: add CF-Connecting-IP as supported real ip header (#2821) 2024-11-04 23:28:08 +01:00
logger Request ID Logging (#1087) 2021-03-21 18:20:57 +00:00
middleware fix: invalidate session on fatal OAuth2 refresh errors 2026-02-06 20:40:27 +01:00
providers fix: NewRemoteKeySet is not using DefaultHTTPClient (#3197) 2025-11-11 21:08:08 +01:00
proxyhttp chore(deps): update dependency golangci/golangci-lint to v2.7.2 (#3254) 2026-01-04 10:23:26 +01:00
requests use official upstream yaml library v3 2025-11-16 22:38:22 +01:00
sessions fix: use GetSecret() in ticket.go makeCookie to respect cookie-secret-file (#3228) 2025-10-28 08:37:25 +01:00
upstream docs: add todo for revamping the usage / naming of PassHostHeader 2026-01-17 11:06:24 +01:00
util refactor: ptr.Ptr to ptr.To 2025-11-16 22:38:59 +01:00
validation ci: fix linter warnings for preallocation 2026-01-17 16:01:14 +01:00
version feat: Replace default Go user-agent with oauth2-proxy and version (#2570) 2024-07-14 21:09:17 +01:00
watcher Fix Linting Errors (#1835) 2022-10-21 11:57:51 +01:00