- Oct 23, 2021
-
-
Joel Speed authored
-
- Oct 19, 2021
-
-
Joel Speed authored
Improve TLS handling for Redis to support non-standalone mode with TLS
-
Hiroyuki Wada authored
-
Maciej Strzelecki authored
* init TLS.Config when connecting to Redis with TLS * don't overwrite TLS config if it exists * add tests for Redis with TLS * remove hardcoded certs * add GenerateCert func * use GenerateCert util func * fix issue reported by go fmt * limit return statements in GenerateCert
-
Adam Stephens authored
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Joel Speed authored
Fix exclude-logging-path documentation
-
Joel Speed authored
-
Joel Speed authored
Improve build times by sharing cache and allowing platform selection
-
Joel Speed authored
-
Joel Speed authored
Improve error message when no cookie is found
-
- Oct 14, 2021
-
-
Joel Speed authored
-
Joel Speed authored
Add --force-json-errors flag
-
- Oct 05, 2021
-
-
Luka Zakrajšek authored
-
- Oct 04, 2021
-
-
David Emanuel Buchmann authored
* linkedin: Update provider to v2 * changelog: Add change
-
- Oct 03, 2021
-
-
Matt Lilley authored
* Use the httputil.NewSingleHostReverseProxy instad of yhat/wsutil for websocket proxying. This correctly handles 404 responses with keep-alive by terminating the tunnel rather than keeping it alive * Tidy up dependencies - yhat/wsutil is no longer required * Update changelog to include reference to 1348 Co-authored-by: Matt Lilley <matt.lilley@securitease.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
- Sep 28, 2021
-
-
Joel Speed authored
Store groups from the htpasswd-user-group in the session during the manual sign in process
-
Joel Speed authored
-
Joel Speed authored
Fix formatting of Keycloak provider documentation
-
Matt Cote authored
-
- Sep 27, 2021
-
-
Jan Rotter authored
-
Jan Rotter authored
This change puts the groups from the htpasswd-user-group in the session during the manual sign in process. This fixes the issue with being unable to properly authenticate using the manual sign in form when certain group membership is required (e.g. when the --gitlab-group option is used).
-
Jan Rotter authored
The groups configured in the `htpasswd-user-group` are not stored in the session, resulting in unauthorized errors when group membership is required. Please see: https://gist.github.com/janrotter/b3d806a59292f07fe83bc52c061226e0 for instructions on reproducing the issue.
-
- Sep 26, 2021
-
-
Nick Meves authored
Make GitLab Provider based on OIDC Provider
-
Nick Meves authored
-
Nick Meves authored
RefreshSession will override session.Groups with the new `groups` claims. We need to preserve all `project:` prefixed groups and reattach them post refresh.
-
Nick Meves authored
Previously this was only done in the `EnrichSession` stage which would've missed Bearer usages & `RefreshSession` would've overriden the User to the Subject.
-
Nick Meves authored
-
Nick Meves authored
-
- Sep 21, 2021
-
-
Ryan Hartje authored
* extract email from id_token for azure provider (#914) * extract email from id_token for azure provider this change fixes a bug when --resource is specified with non-Graph api and the access token destined to --resource is used to call Graph api * fixed typo * refactor GetEmailAddress to EnrichSessionState * make getting email from idtoken best effort and fall back to previous behavior when it's absent * refactor to use jwt package to extract claims * fix lint * refactor unit tests to use test table refactor the get email logic from profile api * addressing feedback * added oidc verifier to azure provider and extract email from id_token if present * fix lint and codeclimate * refactor to use oidc verifier to verify id_token if oidc is configured * fixed UT * addressed comments * minor refactor * addressed feedback * extract email from id_token first and fallback to access token * fallback to access token as well when id_token doesn't have email claim * address feedbacks * updated change log! * switch to docker buildx for multiarch builds * add setup docker buildx action * update docker push to push the multiarch image * make multiarch image have parity with currently produced images by adding linux/armv6 * triaging issue with arm v6 * incorporating feedback * fixing rebase disaster * reset Makefile to blessed state Co-authored-by: Weinong Wang <weinong@outlook.com>
-
- Sep 17, 2021
-
-
Joel Speed authored
Use the raw url path when proxying upstream requests
-
Fabian Stelzer authored
-
Fabian Stelzer authored
-
Fabian Stelzer authored
Refactor proxy_test to set mux/upstream options for each test individually and add tests for encoded urls with ProxyRawPath set and unset.
-
Fabian Stelzer authored
Setting this flag will configure the upstream proxy to pass encoded urls as-is.
-
Fabian Stelzer authored
Adding a new option to the yaml alpha config will result in failed tests unless you manually increment the line count. This commit computes this dynamically.
-
Fabian Stelzer authored
This commit changes Upstreams from []Upstream to a struct{} moving the previous []Upstream into .Configs and adjusts all uses of it.
-
Fabian Stelzer authored
This allows urls with encoded characters (e.g.: /%2F/) to pass to the upstream mux instead of triggering a HTTP 301 from the frontend. Otherwise a /%2F/test/ will result in a HTTP 301 -> /test/
-
- Sep 09, 2021
-
-
Hedi Harzallah authored
* fix(1356): test if session variable is null * fix(1356): adding changelog Co-authored-by: Hedi Harzallah <hharzalla@talend.com>
-
- Sep 06, 2021
-
-
Miks Kalnins authored
* Allow specifying URL as input for custom logos * Fix typo Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> * Update changelog * Only allow HTTPS URLs Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Nick Meves <nicholas.meves@gmail.com>
-
- Aug 29, 2021
-
-
Philippe authored
* Changing user field type to text * Updated changelog Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-