- May 07, 2023
-
-
avila-m-6 authored
* update: use go install in build step go get was deprecated since https://go.dev/doc/go-get-install-deprecation * Update installation.md
-
- Apr 22, 2023
-
-
Joel Speed authored
Update stale bot to v8
-
Joel Speed authored
-
- Apr 07, 2023
-
-
Nuno Miguel Micaelo Borges authored
* Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS * Issue 2016: CVE-2022-41717: DoS in Go net/http may lead to DoS --------- Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com>
-
- Mar 07, 2023
-
-
Amr Hanafi authored
* Update golang.org/x/net to v0.7.0 ato address GHSA-vvpx-j8f3-3w6h Addresses https://github.com/advisories/GHSA-vvpx-j8f3-3w6h Signed-off-by: Amr Hanafi (MAHDI)) <amrh@microsoft.com> * Update CHANGELOG --------- Signed-off-by: Amr Hanafi (MAHDI)) <amrh@microsoft.com>
-
- Mar 06, 2023
-
-
Reeta Singh authored
-
Ole-Martin Bratteng authored
* Log the difference between invalid email and not authorized session * Add changelog entry * Remove superfluous argument --------- Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
gitgabz authored
* Added documentation for the keycloak-oidc provider in regard to the new Keycloak admin console "Admin2". As of v19.0.0 it is the default web console and OAuth2 proxy documentation has been updated to show end-users how to create a sample test Keycloak OIDC client to integrate with Oauth2 Proxy. * Issue #1931 Added documentation for the keycloak-oidc provider in regard to the new Keycloak admin console "Admin2". As of v19.0.0 it is the default web console and OAuth2 proxy documentation has been updated to show end-users how to create a sample test Keycloak OIDC client to integrate with Oauth2 Proxy. Added a link in the documentation to older keycloak-oidc pull request, as the provider currently evaluates aud from the access token and not the id token. --------- Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Cory Bolar authored
* Ensure sign-in page background is uniform throughout the page Configured banners that take up large amounts of space leave a gap of blank background between where the body ends and the footer starts. Fix this by setting the style for the section containing the banner to match the body and footer * Add changelog entry --------- Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Nuno Miguel Micaelo Borges authored
* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Fixes CVE-2022-41721 (#1994) See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/ * update checkout actions (#1981) * Fix a typo in oauthproxy.go (#2021) * fix typo (#2001) * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs * Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs --------- Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com> Co-authored-by: Jeroen Landheer <jlandheer@bintelligence.nl> Co-authored-by: Ryuichi Watanabe <ryucrosskey@gmail.com> Co-authored-by: Ho Kim <ho.kim@ulagbulag.io> Co-authored-by: Terrell Russell <terrellrussell@gmail.com>
-
- Feb 20, 2023
-
-
Terrell Russell authored
-
Ho Kim authored
-
- Feb 13, 2023
-
-
Ryuichi Watanabe authored
-
Jeroen Landheer authored
See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/
-
- Feb 11, 2023
-
-
Nuno Miguel Micaelo Borges authored
* Issue 1878: Validate URL call does not correctly honor already set URL parameters * Issue 1878: Validate URL call does not correctly honor already set URL parameters * Update CHANGELOG.md --------- Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Amith KK authored
-
- Feb 06, 2023
-
-
Joel Speed authored
Fill empty UserIDClaim before assigning it to other values
-
- Feb 03, 2023
-
-
Marc Schiereck authored
-
Marc Schiereck authored
-
- Jan 30, 2023
-
-
Joel Speed authored
Changes `checkout` version to `v3`
-
- Jan 28, 2023
-
-
Om Aximani authored
-
- Dec 23, 2022
-
-
Kobi Meirson authored
* feat: readiness check * fix: no need for query param * docs: add a note * chore: move the readyness check to its own endpoint * docs(cr): add godoc Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Jan Larwig authored
* fix default scope settings for none oidc providers * add changelog for bugfix * fix scope test cases by producing and accessing correct result value
-
- Dec 19, 2022
-
-
Joel Speed authored
Remove unsupported special characters from the code verifier runes
-
- Dec 17, 2022
-
-
Braunson M authored
- Not all special ASCII characters are strictly supported by the spec
-
- Dec 12, 2022
-
-
Braunson authored
Fix PKCE code verifier generation to never use UTF-8 characters
-
- Nov 19, 2022
-
-
Braunson M authored
- This could result in intermittent/random failures of PKCE enabled IdP's
-
- Nov 07, 2022
-
-
Damien Degois authored
* Fix uninitialized user claim Some providers doesn't initialize data with setProviderDefaults function (keycloak-oidc for example), therefore UserClaim is never initialized with the default value and stay as an empty string. This result in an empty user. * Add CHANGELOG.md entry for #1873 * Call setProviderDefaults where missing Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- Nov 04, 2022
-
-
Joel Speed authored
Set correct platform type for arm v8 docker images
-
Braunson M authored
- A previous attempt used the wrong platform value which resulted in a build without the v8 variant being created. - Platform formatting is defined in the containerd source code as referenced by the docker documentation: https://github.com/containerd/containerd/blob/v1.4.3/platforms/platforms.go#L63 Fixes #1593 - again
-
- Nov 03, 2022
-
-
Joel Speed authored
Fix for test race condition on htpasswd file
-
Damien Degois authored
-
- Oct 29, 2022
-
-
Joel Speed authored
Release v7.4.0
-
Joel Speed authored
Created with: yarn run docusaurus docs:version 7.4.x
-
Joel Speed authored
-
Joel Speed authored
Update dependencies
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-