- Aug 31, 2020
-
-
Joel Speed authored
Fix conversion of static responses in upstreams
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
Use X-Forwarded-Host in Redirects
-
Nick Meves authored
-
- Aug 29, 2020
-
-
Tomoyuki KOYAMA authored
-
- Aug 27, 2020
-
-
Joel Speed authored
Prepare changelog for v6.1.0 release
-
Joel Speed authored
-
Joel Speed authored
Only log no cookie match if cookie domains specified
-
Joel Speed authored
-
- Aug 25, 2020
-
-
Dan Bond authored
* dist.sh: remove go version from asset links * update changelog
-
- Aug 17, 2020
-
-
Joel Speed authored
Create generic Authorization Header constructor
-
Joel Speed authored
-
Joel Speed authored
Ensure session times are not nil before printing them
-
Joel Speed authored
-
- Aug 16, 2020
-
-
Joel Speed authored
Allow OIDC Bearer Tokens without emails
-
- Aug 15, 2020
-
-
Nick Meves authored
`findClaimsFromIDToken` would always have a `nil` access token and not be able to hit the userinfo endpoint in Bearer case. If access token is nil, default to legacy `session.Email = claim.Subject` that all JWT bearers used to have, even if a valid profileURL is present.
-
Nick Meves authored
-
Nick Meves authored
This reverts to functionality before #499 where an OIDC provider could be used with `--skip-jwt-bearer-tokens` and tokens without an email or profileURL would still be valid. This logic mirrors `middleware.createSessionStateFromBearerToken` which used to be the universal logic before #499.
-
- Aug 14, 2020
-
-
Joel Speed authored
Support Password & SentinelPassword in Redis session store
-
- Aug 12, 2020
-
-
Nick Meves authored
-
Nick Meves authored
Add `x-oauth-basic` nosec annotation & address gosec unhandled errors
-
- Aug 11, 2020
-
-
Nick Meves authored
-
- Aug 10, 2020
-
-
Phil Taprogge authored
* Add dedicated error logging writer * Document new errors to stdout flag * Update changelog * Thread-safe the log buffer * Address feedback * Remove duplication by adding log level * Clean up error formatting * Apply suggestions from code review Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- Aug 09, 2020
-
-
Nick Meves authored
Address gosec findings
-
Nick Meves authored
Any template errors instead of IO errors are caught in validation.
-
Nick Meves authored
-
Nick Meves authored
-
Nick Meves authored
-
Nick Meves authored
-
Nick Meves authored
-
Nick Meves authored
-
Nick Meves authored
-
Nick Meves authored
Mostly handling unhandled errors appropriately. If logging to STDERR fails, we panic. Added #nosec comments to findings we are OK with.
-
- Aug 07, 2020
-
-
Joel Speed authored
Fix time issue causing finicky failures in logging tests
-
Nick Meves authored
-
- Aug 04, 2020
-
-
Nick Meves authored
Fix typos and other minor edits
-
Ryan Schmidt authored
-
- Jul 29, 2020
-
-
Joel Speed authored
Add pull request events to CodeQL action
-
Justin Hutchings authored
This will validate pull requests from forks to ensure that changes don't end up impacting you negatively.
-