- Nov 27, 2018
-
-
Joel Speed authored
-
- Mar 25, 2018
-
-
Jehiah Czebotar authored
Support bcrypt passwords in htpasswd
-
Jehiah Czebotar authored
Strip JWT base64 padding before parsing. #560
-
Jehiah Czebotar authored
typo(README): Terminiation » Termination
-
- Mar 09, 2018
-
-
Daniel Lamando authored
-
- Mar 02, 2018
-
-
Jérôme Lecorvaisier authored
-
- Feb 16, 2018
-
-
Barret Rennie authored
-
- Jan 23, 2018
-
-
Jehiah Czebotar authored
Fix typo in css for the sign in page template
-
Florent Segouin authored
-
- Jan 16, 2018
-
-
Tanvir Alam authored
more robust ClearSessionCookie()
-
Tanvir Alam authored
README: fix nginx auth_request example for requests with body
-
- Dec 19, 2017
-
-
Pierce Lopez authored
default domain changed from request Host to blank, recently try to clear cookies for both
-
Pierce Lopez authored
Nginx never sends the body with the auth_request sub-request, but keeps the original Content-Length header by default. Without some config tweaks, this results in the request to /oauth2/auth hanging.
-
- Dec 05, 2017
-
-
Heather Hendy authored
Iterate through pages returned by List Your Organizations endpoint
-
Mark Maglana authored
For some GHE instances where a user can have more than 100 organizations, traversing the other pages is important otherwise oauth2_proxy will consider the user unauthorized. This change traverses the list returned by the API to avoid that. Update github provider tests to include this case.
-
Tanvir Alam authored
Make Request Logging Format Configurable
-
Paul Seiffert authored
-
Paul Seiffert authored
-
Paul Seiffert authored
-
- Dec 04, 2017
-
-
Jehiah Czebotar authored
distribution: create sha256sum.txt file when creating version releases
-
Tanvir Alam authored
-
- Nov 22, 2017
-
-
Tanvir Alam authored
* update README.md to include instructions on how to verify prebuilt binaries for new releases.
-
- Nov 21, 2017
-
-
Heather Hendy authored
GitHub use login as user
-
Carlo Lobrano authored
- Save both user and email in session state: Encoding/decoding methods save both email and user field in session state, for use cases when User is not derived from email's local-parth, like for GitHub provider. For retrocompatibility, if no user is obtained by the provider, (e.g. User is an empty string) the encoding/decoding methods fall back to the previous behavior and use the email's local-part Updated also related tests and added two more tests to show behavior when session contains a non-empty user value. - Added first basic GitHub provider tests - Added GetUserName method to Provider interface The new GetUserName method is intended to return the User value when this is not the email's local-part. Added also the default implementation to provider_default.go - Added call to GetUserName in redeemCode the new GetUserName method is used in redeemCode to get SessionState User value. For backward compatibility, if GetUserName error is "not implemented", the error is ignored. - Added GetUserName method and tests to github provider.
-
Heather Hendy authored
options: update options parsing for better handling of incorrect values
-
Dave Nicponski authored
* don't add in failed compiled regexes for skip auth regex option * improve test coverage for skip auth regex option to handle partial success case * add tests for incorrect upstream options parsing errors
-
- Nov 20, 2017
-
-
Tanvir Alam authored
raw url encoding
-
- Nov 18, 2017
-
-
Tanvir Alam authored
Switch from gpm -> dep for dependency management
-
- Nov 17, 2017
-
-
Jehiah Czebotar authored
-
- Nov 07, 2017
-
-
Tanvir Alam authored
Switch from 18F/hmacauth to mbland/hmacauth
-
Mike Bland authored
Since I'm no longer with 18F, I've re-released hmacauth under the ISC license as opposed to the previous CC0 license. There have been no changes to the hmacauth code itself, and all tests still pass.
-
Jehiah Czebotar authored
providers: update gitlab api endpoint to use latest version, v4
-
Tanvir Alam authored
-
- Oct 24, 2017
-
-
Jehiah Czebotar authored
Don't set the cookie domain to the host by default, as it breaks Cookie Prefixes
-
Jehiah Czebotar authored
Swap out bmizerany/assert package in favor of stretchr/testify/assert
-
Tanvir Alam authored
-
- Oct 23, 2017
-
-
Jehiah Czebotar authored
Clarify that GitHub team option in README
-
- Oct 13, 2017
-
-
Jehiah Czebotar authored
Add OpenID Connect provider name.
-
- Oct 09, 2017
-
-
Jehiah Czebotar authored
Drop deprecated MyUSA provider.
-
- Oct 08, 2017
-
-
Joshua Carp authored
[Resolves #390]
-