- Dec 20, 2018
-
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
- Nov 27, 2018
-
-
Joel Speed authored
-
Joel Speed authored
-
- Mar 02, 2018
-
-
Jérôme Lecorvaisier authored
-
- Dec 19, 2017
-
-
Pierce Lopez authored
Nginx never sends the body with the auth_request sub-request, but keeps the original Content-Length header by default. Without some config tweaks, this results in the request to /oauth2/auth hanging.
-
- Dec 05, 2017
-
-
Paul Seiffert authored
-
- Nov 22, 2017
-
-
Tanvir Alam authored
* update README.md to include instructions on how to verify prebuilt binaries for new releases.
-
- Nov 07, 2017
-
-
Tanvir Alam authored
-
- Oct 08, 2017
-
-
Joshua Carp authored
[Resolves #390]
-
- Sep 09, 2017
-
-
Eric Chiang authored
See the README for usage with Dex or any other OIDC provider. To test run a backend: python3 -m http.server Run dex and modify the example config with the proxy callback: go get github.com/coreos/dex/cmd/dex cd $GOPATH/src/github.com/coreos/dex sed -i.bak \ 's|http://127.0.0.1:5555/callback|http://127.0.0.1:5555/oauth2/callback|g' \ examples/config-dev.yaml make ./bin/dex serve examples/config-dev.yaml Then run the oauth2_proxy oauth2_proxy \ --oidc-issuer-url http://127.0.0.1:5556/dex \ --upstream http://localhost:8000 \ --client-id example-app \ --client-secret ZXhhbXBsZS1hcHAtc2VjcmV0 \ --cookie-secret foo \ --email-domain '*' \ --http-address http://127.0.0.1:5555 \ --redirect-url http://127.0.0.1:5555/oauth2/callback \ --cookie-secure=false Login with the username/password "admin@example.com:password"
-
- Sep 06, 2017
-
-
Hans Kristian Flaatten authored
-
- Jul 20, 2017
-
-
Christian Svensson authored
Current code is using URLEncoding but example was using the standard RFC 4648 encoding. Switch to using the URL encoding in the example as well.
-
- Jun 29, 2017
-
-
Nikita Sobolev authored
-
- Jun 21, 2017
-
-
Bart Spaans authored
-
- Jun 10, 2017
-
-
Shivansh Dhar authored
-
- Apr 25, 2017
-
-
Pierce Lopez authored
how to pass back the refreshed oauth2_proxy cookie from an nginx auth_request
-
Pierce Lopez authored
/oauth2/auth is not more sensitive than other /oauth2/ paths, does not need "internal" protection "spdy" protocol is obsolete, http2 is the thing to enable now. But it's orthogonal anyway. No need for two separate content/upstream location blocks in this example, reduce to just one, with a comment that it could be serving files instead of proxying.
-
Reed Loden authored
The Cookie Prefixes spec disallows the use of the `domain` attribute in cookies if the `__Host-` prefix is used (https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2). There's no need to set it to the host by default, so make it optional. If it is set to a non-empty value, still output a warning if it is not a suffix of the host, as that's likely not wanted. Fixes #352.
-
Jehiah Czebotar authored
-
Jehiah Czebotar authored
-
- Apr 07, 2017
-
-
idntfy authored
-
- Mar 29, 2017
-
-
Ashish Kulkarni authored
-
Jehiah Czebotar authored
-
- Jan 24, 2017
-
-
Omar Elazhary authored
* This fixes https://github.com/bitly/oauth2_proxy/issues/205 * Add new boolean option -pass-user-headers to control whether X-Forwarded-User and X-Forwarded-Email headers will be set (as opposed to HTTP BASIC auth) * This is required e.g. for grafana [1] where X-Forwarded-User is needed but HTTP BASIC auth fails (password is not known and must not be known in this scenario) * Keep behaviour of PassBasicAuth unchanged for compatibility [1] http://docs.grafana.org/installation/configuration/#authproxy
-
- Nov 19, 2016
-
-
ReadmeCritic authored
-
- Jul 31, 2016
-
-
Mark Herhold authored
-
- Jul 05, 2016
-
-
Nick Semenkovich authored
-
- Jun 28, 2016
-
-
Nick Semenkovich authored
The correct endpoint is /oauth2/auth
-
- Jun 23, 2016
-
-
Jehiah Czebotar authored
-
Jehiah Czebotar authored
-
Jehiah Czebotar authored
* will not re-prompt if the email permission is denied, or if you previously authorized the same FB app without the email scope.
-
- Jun 20, 2016
-
-
Jehiah Czebotar authored
-
- Apr 12, 2016
-
-
Joakim Gustin authored
-
- Feb 24, 2016
-
-
Mike Bland authored
-
- Feb 18, 2016
-
-
Raphaël Pinson authored
-
- Feb 17, 2016
-
-
pmosbach authored
-
Robert Hencke authored
-
- Feb 13, 2016
-
-
Alex authored
-