- Mar 26, 2021
-
-
Joel Speed authored
-
Nick Meves authored
* Populate session Groups from userinfo response * Fix: gitlab tests Co-authored-by: Wilfried OLLIVIER <wollivier@bearstech.com>
-
- Mar 25, 2021
-
-
Piers Harding authored
* panic with GitLab project repository auth * /api/v4/projects/:id can return nil permissions Signed-off-by: Piers Harding <piers@ompka.net> * Add GitLab test for group no access Signed-off-by: Piers Harding <piers@ompka.net>
-
- Mar 22, 2021
-
-
Frédéric Collonval authored
* Add example with traefik and keycloak * Switch to dex * Remove unneeded change in keycloak settings * Taken into account review comments * Add changelog entry Co-authored-by: Frédéric Collonval <frederic.collonval@ariadnext.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
-
Joel Speed authored
Reinstate preferEmailToUser behaviour for basic auth sessions
-
Joel Speed authored
-
Joel Speed authored
Fix upstream proxy appending `?` to requests
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
Deprecate GCP HealthCheck option
-
Joel Speed authored
-
Joel Speed authored
Allow custom robots text pages
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Nick Meves authored
* Add RequestID to the RequestScope * Expose RequestID to auth & request loggers * Use the RequestID in templated HTML pages * Allow customizing the RequestID header * Document new Request ID support * Add more cases to scope/requestID tests * Split Get vs Generate RequestID funtionality * Add {{.RequestID}} to the request logger tests * Move RequestID management to RequestScope * Use HTML escape instead of sanitization for Request ID rendering
-
- Mar 15, 2021
-
-
Nick Meves authored
-
Joel Speed authored
Ensure redirect URI always has a scheme
-
- Mar 14, 2021
-
-
Joel Speed authored
-
- Mar 10, 2021
-
-
Weinong Wang authored
* extract email from id_token for azure provider this change fixes a bug when --resource is specified with non-Graph api and the access token destined to --resource is used to call Graph api * fixed typo * refactor GetEmailAddress to EnrichSessionState * make getting email from idtoken best effort and fall back to previous behavior when it's absent * refactor to use jwt package to extract claims * fix lint * refactor unit tests to use test table refactor the get email logic from profile api * addressing feedback * added oidc verifier to azure provider and extract email from id_token if present * fix lint and codeclimate * refactor to use oidc verifier to verify id_token if oidc is configured * fixed UT * addressed comments * minor refactor * addressed feedback * extract email from id_token first and fallback to access token * fallback to access token as well when id_token doesn't have email claim * address feedbacks * updated change log!
-
- Mar 08, 2021
-
-
Joel Speed authored
Refactor HTTP Server and add ServerGroup to handle graceful shutdown of multiple servers
-
- Mar 07, 2021
-
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Joel Speed authored
-
Nick Meves authored
* Use a specialized ResponseWriter in middleware * Track User & Upstream in RequestScope * Wrap responses in our custom ResponseWriter * Add tests for logging middleware * Inject upstream metadata into request scope * Use custom ResponseWriter only in logging middleware * Assume RequestScope is never nil
-
- Feb 26, 2021
-
-
Stefan Sedich authored
* Add support for setting groups on session when using basic auth * Refactoring based on feedback * Attribution
-
- Feb 22, 2021
-
-
Joel Speed authored
Add option for custom logos on the sign in page
-
- Feb 19, 2021
-
-
Joel Speed authored
-
Joel Speed authored
Update to Go 1.16
-
Joel Speed authored
-
Joel Speed authored
This allows our users to easily copy the base templates should they wish to make changes to them
-
Joel Speed authored
This includes a fix for our samesite cookie parsing. The behaviour changed in 1.16 so that the default value now leaves it empty, so it's equivalent to not setting it (as per spec)
-
- Feb 18, 2021
-
-
Joel Speed authored
Update golangci-lint to latest version (v1.36.0)
-
Joel Speed authored
-
- Feb 16, 2021
-
-
Praveen Chinthala authored
* GH-1015 Adds support for Traefik to OauthStart on '/oauth2/auth' endpoint * Fix incorrect reference to signout path and point to signin path - remove commented out alternative solutions and debug log statements * Remove skip provider button check as SignIn method already does this * Updated traefik example to match existing file configuration reference, updated tests * Update doc and refactor nested conditional statements * Revert code changes as static upstream provides the same functionality - Add doc on using static upstream with Traefik ForwardAuth middleware * update changelog * Move the doc changes to 7.0.x versioned docs * Re-add traefik docs update in the main docs overview.md * add missing oauth2-proxy routing Co-authored-by: Praveen Chinthala <PraveenChinthala@hollandandbarrett.com>
-