Commits · b90a23473f10c7bb2d84acd033f7d7ed81b95dd3 · Mirrors / github.com / pusher_oauth2_proxy

Apr 25, 2017
- Merge pull request #380 from jehiah/release_380 · b90a2347
  Jehiah Czebotar authored Apr 24, 2017
```
Release v2.2
```
  v2.2
  
  b90a2347
- Readme: update --help usage · f457a904
  Jehiah Czebotar authored Apr 24, 2017
  
  f457a904
- Release 2.2.0 · 3fa5635d
  Jehiah Czebotar authored Apr 24, 2017
  
  3fa5635d
Apr 21, 2017
- Merge pull request #365 from travisofthenorth/fix/default-http-address · f511cac6
  Jehiah Czebotar authored Apr 20, 2017
```
Fix url parse error
```
  f511cac6
Apr 07, 2017
- Merge pull request #370 from idntfy/master · 120a47a5
  Jehiah Czebotar authored Apr 07, 2017
```
#369: Optionally allow skipping authentication for preflight requests
```
  120a47a5
- #369: Optionally allow skipping authentication for preflight requests · 1e7d2a08
  idntfy authored Apr 07, 2017
  
  1e7d2a08
Apr 03, 2017
- Parse http address without url · f983933d
  Travis Hunter authored Apr 01, 2017
  
  f983933d
Mar 30, 2017
- Merge pull request #319 from advarisk/auth-request · af7be2d6
  Jehiah Czebotar authored Mar 29, 2017
```
various fixes for getting Nginx auth_request mode working
```
  af7be2d6
Mar 29, 2017
- update documentation for Nginx auth_request mode · fe44b89f
  Ashish Kulkarni authored Nov 16, 2016
  
  fe44b89f
- Use X-Auth-Request-Redirect request header in sign-in page · 90a22b2f
  Sjoerd Mulder authored Nov 16, 2016
```
This is useful in Nginx auth_request mode, if a 401 handler is
configured to redirect to the sign-in page. As the request URL
does not reflect the actual URL, the value is taken from the
header "X-Auth-Request-Redirect" instead. Based on #247
```
  90a22b2f
- add --set-xauthrequest flag for use in Nginx auth_request mode · 829b4423
  Lukasz Siudut authored Oct 20, 2016
```
This is enhancement of #173 to use "Auth Request" consistently in
the command-line option, configuration file and response headers.
It always sets the X-Auth-Request-User response header and if the
email is available, sets X-Auth-Request-Email as well.
```
  829b4423
- Merge pull request #362 from jehiah/ssl_insecure_skip_verify_362 · 93852a24
  Jehiah Czebotar authored Mar 29, 2017
```
Option to skip SSL verification
```
  93852a24
- option for skipping OAuth provider SSL verification · dcf62d06
  Jehiah Czebotar authored Mar 29, 2017
  
  dcf62d06
- Merge pull request #361 from jehiah/gofmt_361 · bb9b6074
  Jehiah Czebotar authored Mar 29, 2017
```
travis: run gofmt and go vet
```
  bb9b6074
- gofmt · c5fc7baa
  Jehiah Czebotar authored Mar 29, 2017
  
  c5fc7baa
- travis: run gofmt and go vet · c1116ea5
  Jehiah Czebotar authored Mar 28, 2017
  
  c1116ea5
- Merge pull request #360 from jehiah/csrf_validation_360 · 44646552
  Jehiah Czebotar authored Mar 29, 2017
```
CSRF protection for OAuth flow.
```
  44646552
- csrf protection; always set state · 55085d96
  Colin Arnott authored Mar 27, 2017
  
  55085d96
- Merge pull request #339 from omazhary/issue-205 · 6c690b69
  Jehiah Czebotar authored Mar 28, 2017
```
Allow to pass user headers only
```
  6c690b69
- Merge pull request #346 from bdwyertech/patch-1 · 107b4811
  Jehiah Czebotar authored Mar 28, 2017
```
Oversize Cookie Alert
```
  107b4811
- Merge pull request #357 from wrapp/skip-group-lookup-404 · cd0d13e3
  Jehiah Czebotar authored Mar 28, 2017
```
Skip 404 errors when looking up Google groups
```
  cd0d13e3
- Merge pull request #359 from jehiah/redirect_check_359 · 86d08326
  Jehiah Czebotar authored Mar 28, 2017
```
Improve redirect checks
```
  86d08326
- add check for //.* to prevent open redirect during oauth · 289a6ccf
  Colin Arnott authored Mar 27, 2017
  
  289a6ccf
Mar 28, 2017
- Skip 404 errors when looking up Google groups · 652f43ed
  Eskil Andreen authored Mar 28, 2017
```
When checking user membership against Google groups the groups are checked one
at a time and in the order that they were supplied. If one of the groups does
not exist then the checking is halted with the following error.

google.go:201: googleapi: Error 404: Resource Not Found: groupKey, notFound

None of the groups following the missing group are checked either. This means
that something as trivial as a typo in the first group will make it impossible
for anybody to login.

This change catches the 404, logs a message, and then carries on as usual. In
this way a typo will cause a particular group to stop working but will not
affect any other groups.
```
  652f43ed
- Merge pull request #356 from jehiah/bump_dependencies_356 · 712739f7
  Jehiah Czebotar authored Mar 27, 2017
```
Update vendored dependencies.
```
  712739f7
- bump golang.org/x/... and google.golang.org dependencies · 2ebab604
  Jehiah Czebotar authored Mar 27, 2017
  
  2ebab604
- bump easy pkg upgrades; drop Go 1.6 (no httptest.NewRequest) · b884b36f
  Jehiah Czebotar authored Mar 22, 2017
```
This fixes a test w request signing due to a content-length:0 header from Go 1.8
```
  b884b36f
- Merge pull request #355 from ploxiln/dist_updates · 951b5f32
  Jehiah Czebotar authored Mar 27, 2017
```
dist.sh and Godeps updates
```
  951b5f32
- travis: update go versions, gpm version · 9167c8ac
  Pierce Lopez authored Mar 27, 2017
  
  9167c8ac
- Godeps: remove redundant dep, add missing · a2eeec2b
  Pierce Lopez authored Mar 27, 2017
```
golang.org/x/oauth2/google is same repo as golang.org/x/oauth2
  - this sometimes confused gpm/git

cloud.google.com/go/compute/metadata is a missing dependency
of golang.org/x/oauth2
```
  a2eeec2b
- dist.sh: run gpm with GOPATH=$DIR/.godeps · 2024dc34
  Pierce Lopez authored Mar 27, 2017
```
so gpm is not affected if module exists in user's GOPATH already
```
  2024dc34
- dist.sh: already uses set "-e", remove "|| exit 1" · 86c96385
  Pierce Lopez authored Mar 27, 2017
  
  86c96385
- Merge pull request #354 from ploxiln/dist_win_exe · 7d920c98
  Jehiah Czebotar authored Mar 27, 2017
```
dist.sh: add .exe for windows build
```
  7d920c98
- dist.sh: add .exe for windows build · bc3fe00b
  Pierce Lopez authored Mar 27, 2017
  
  bc3fe00b
Mar 23, 2017
- Merge pull request #349 from braincube-io/signout · 87847316
  Jehiah Czebotar authored Mar 22, 2017
```
[signout] Implement logout endpoint
```
  87847316
Mar 22, 2017
- [signout] Implement logout endpoint · 562cc2e4
  Guillaume Bienkowski authored Mar 21, 2017
  
  562cc2e4
Feb 24, 2017
- Oversize Cookie Alert · 3379e05f
  Brian Dwyer authored Feb 23, 2017
```
Cookies cannot be larger than 4kb
```
  3379e05f
Jan 24, 2017

Allow to pass user headers only (issue #205) · 24f91a0b

Omar Elazhary authored Feb 08, 2016

* This fixes https://github.com/bitly/oauth2_proxy/issues/205
* Add new boolean option -pass-user-headers
  to control whether X-Forwarded-User and X-Forwarded-Email
  headers will be set (as opposed to HTTP BASIC auth)
* This is required e.g. for grafana [1] where
  X-Forwarded-User is needed but HTTP BASIC auth fails
  (password is not known and must not be known in this scenario)
* Keep behaviour of PassBasicAuth unchanged for compatibility

[1] http://docs.grafana.org/installation/configuration/#authproxy

24f91a0b

Nov 19, 2016
- Merge pull request #322 from ReadmeCritic/master · 89ba1d81
  Jehiah Czebotar authored Nov 18, 2016
```
Correct the spelling of GitHub in README
```
  89ba1d81
- Correct the spelling of GitHub in README · 4203c26d
  ReadmeCritic authored Nov 18, 2016
  
  4203c26d