- May 07, 2020
-
-
Joel Speed authored
-
- May 06, 2020
-
-
Joel Speed authored
-
- May 05, 2020
-
-
Oliver authored
* add gitea to auth config docs * PR feedback Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- May 03, 2020
-
-
Joel Speed authored
-
Joel Speed authored
Replace configuration loading with Viper
-
- Apr 30, 2020
-
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
- Apr 29, 2020
-
-
Grey Baker authored
-
- Apr 28, 2020
-
-
Christian Schyma authored
-
Jakub Holy authored
* Add -user-id-claim to support other claims than email Fix #431 - This is a minimal change to allow the user to configure which claim is the source of the "user ID". - Add the option `user-id-claim` (defaults to email) - OIDC extracts this claim into session.Email (to be renamed later) - providers: add `CreateSessionStateFromBearerToken` with a default impl taken from `GetJwtSession` and overridden by oidc to respect `user-id-claim` Once #466 is merged, I can continue to rename SessionState.Email to .UserID and add HTTP headers with a corresponding name. * Apply suggestions from code review Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * Review feedback: Don't extract claims manually Instead, parse them twice - it might be sligtly slower but less bug-prone as the code evolves. * Fix indentation Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- Apr 20, 2020
-
-
yaroslavros authored
* Make sure websockets respect ssl-upstream-insecure-skip-verify setting. Signed-off-by: Yaroslav Rosomakho <yaroslavros@gmail.com> * Updated changelog for websockets taking into account ssl-upstream-insecure-skip-verify Signed-off-by: Yaroslav Rosomakho <yaroslavros@gmail.com> Co-authored-by: Henry Jenkins <henry@henryjenkins.name>
-
- Apr 19, 2020
-
-
Christopher Kohnert authored
* Allow the OIDC issuer verification to be skipped if desired. * Remove stale warning * Add CHANGELOG entry Co-authored-by: Henry Jenkins <henry@henryjenkins.name> Co-authored-by: Dan Bond <pm@danbond.io>
-
- Apr 16, 2020
-
-
Henry Jenkins authored
Set-Basic-Auth should default to false
-
- Apr 14, 2020
-
-
Dan Bond authored
-
Mitsuo Heijo authored
* add new linters and fix issues * fix deprecated warnings * simplify return * update CHANGELOG * fix staticcheck issues * remove a deprecated linter, minor fixes of variable initialization
-
- Apr 13, 2020
-
-
Joel Speed authored
-
- Apr 12, 2020
-
-
Henry Jenkins authored
Warn users when session cookies are split
-
Joel Speed authored
-
Eric Dahlseng authored
* Allow multiple cookie domains to be specified * Use X-Forwarded-Host, if it exists, when selecting cookie domain * Perform cookie domain sorting in config validation phase * Extract get domain cookies to a single function * Update pkg/cookies/cookies.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * Update changelog Co-authored-by: Marcos Lilljedahl <marcosnils@gmail.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Mitsuo Heijo authored
* feature: switch Azure AD graph API to Microsoft Graph API * Update CHANGELOG * Expand Breaking Changes notice * Update CHANGELOG.md Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * fix: use constant http method Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- Apr 10, 2020
-
-
Moraru Costel authored
* addint redirect capability to sign_out * updating changelog * Add a new param to set the Authorization header to up-stream systems as Basic user:password * Resolving code review * mutual exclusiv changes for Basic and Bearer Authorization header * Fixed the merge mixup and comment error * Updated changelog and fixed typo * Adding the new entry in changelog Co-authored-by: Costel Moraru <costel.moraru-germany@ibm.com>
-
- Apr 09, 2020
-
-
Mitsuo Heijo authored
* Prevent browser caching during auth flow * simplify no-cache logic, add tests and update changelog * checking noCacheHeaders does not exists in response headers from upstream * remove unnecessary codes * add no-cache headers in SignInPage and OAuthStart for proxy mode https://github.com/oauth2-proxy/oauth2-proxy/pull/453#discussion_r405072222
-
Trevor Box authored
* updated Okta docs and added localhost example * add changelog entry * added pull request # to changelog Co-authored-by: tbox <tbox@redhat.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- Apr 06, 2020
-
-
Josh Bielick authored
when type asserting fails here, err is reassigned with nil and the default block of the switch prints out <nil> in the error message. This makes debugging a configuration or access token issue difficult The particular error this surfaces is: Response: { "error": "unauthorized_client", "error_description": "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested." } Signed-off-by: Josh Bielick <jbielick@gmail.com>
-
- Apr 04, 2020
-
-
Mitsuo Heijo authored
* feature: Implement graceful shutdown Propagate the request context to the Redis client. It is possible to propagate a context cancel to Redis client if the connection is closed by the HTTP client. The redis.Cmdable cannot use WithContext, so added the Client interface to handle redis.Client and redis.ClusterClient transparently. Added handling of Unix signals to http server. Upgrade go-redis/redis to v7. * Update dependencies - Upgrade golang/x/* and google-api-go - Migrate fsnotify import from gopkg.in to github.com - Replace bmizerany/assert with stretchr/testify/assert * add doc for wrapper interface * Update CHANGELOG.md * fix: upgrade fsnotify to v1.4.9 * fix: remove unnessary logging * fix: wait until all connections have been closed * refactor: move chan to main for testing * add assert to check if stop chan is empty * add an idiomatic for sync.WaitGroup with timeout
-
Siim Tiilen authored
* allow html in banner message * Fix changelog (move under new version)
-
- Apr 02, 2020
-
-
Phil Taprogge authored
* Add logging in case of invalid redirects * update changelog Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Christopher J. Ruwe authored
* clarify the nginx auth_request_set/set problem with proxy_pass * reworded/extended as result of review
-
- Mar 30, 2020
-
-
Joel Speed authored
Update ruby dependencies for documentation
-
Theo authored
-
- Mar 29, 2020
-
-
Joel Speed authored
Migrate to oauth2-proxy/oauth2-proxy
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
Update Changelog for Release 5.1.0
-
Joel Speed authored
-
Joel Speed authored
-
- Mar 18, 2020
-
-
Mitsuo Heijo authored
* fix: http.Cookie SameSite is not copied. * Update CHANGELOG.md
-