- Dec 05, 2017
-
-
Heather Hendy authored
Iterate through pages returned by List Your Organizations endpoint
-
Mark Maglana authored
For some GHE instances where a user can have more than 100 organizations, traversing the other pages is important otherwise oauth2_proxy will consider the user unauthorized. This change traverses the list returned by the API to avoid that. Update github provider tests to include this case.
-
Tanvir Alam authored
Make Request Logging Format Configurable
-
Paul Seiffert authored
-
Paul Seiffert authored
-
Paul Seiffert authored
-
- Dec 04, 2017
-
-
Jehiah Czebotar authored
distribution: create sha256sum.txt file when creating version releases
-
Tanvir Alam authored
-
- Nov 22, 2017
-
-
Tanvir Alam authored
* update README.md to include instructions on how to verify prebuilt binaries for new releases.
-
- Nov 21, 2017
-
-
Heather Hendy authored
GitHub use login as user
-
Carlo Lobrano authored
- Save both user and email in session state: Encoding/decoding methods save both email and user field in session state, for use cases when User is not derived from email's local-parth, like for GitHub provider. For retrocompatibility, if no user is obtained by the provider, (e.g. User is an empty string) the encoding/decoding methods fall back to the previous behavior and use the email's local-part Updated also related tests and added two more tests to show behavior when session contains a non-empty user value. - Added first basic GitHub provider tests - Added GetUserName method to Provider interface The new GetUserName method is intended to return the User value when this is not the email's local-part. Added also the default implementation to provider_default.go - Added call to GetUserName in redeemCode the new GetUserName method is used in redeemCode to get SessionState User value. For backward compatibility, if GetUserName error is "not implemented", the error is ignored. - Added GetUserName method and tests to github provider.
-
Heather Hendy authored
options: update options parsing for better handling of incorrect values
-
Dave Nicponski authored
* don't add in failed compiled regexes for skip auth regex option * improve test coverage for skip auth regex option to handle partial success case * add tests for incorrect upstream options parsing errors
-
- Nov 20, 2017
-
-
Tanvir Alam authored
raw url encoding
-
- Nov 18, 2017
-
-
Tanvir Alam authored
Switch from gpm -> dep for dependency management
-
- Nov 17, 2017
-
-
Jehiah Czebotar authored
-
- Nov 07, 2017
-
-
Tanvir Alam authored
Switch from 18F/hmacauth to mbland/hmacauth
-
Mike Bland authored
Since I'm no longer with 18F, I've re-released hmacauth under the ISC license as opposed to the previous CC0 license. There have been no changes to the hmacauth code itself, and all tests still pass.
-
Jehiah Czebotar authored
providers: update gitlab api endpoint to use latest version, v4
-
Tanvir Alam authored
-
- Oct 24, 2017
-
-
Jehiah Czebotar authored
Don't set the cookie domain to the host by default, as it breaks Cookie Prefixes
-
Jehiah Czebotar authored
Swap out bmizerany/assert package in favor of stretchr/testify/assert
-
Tanvir Alam authored
-
- Oct 23, 2017
-
-
Jehiah Czebotar authored
Clarify that GitHub team option in README
-
- Oct 13, 2017
-
-
Jehiah Czebotar authored
Add OpenID Connect provider name.
-
- Oct 09, 2017
-
-
Jehiah Czebotar authored
Drop deprecated MyUSA provider.
-
- Oct 08, 2017
-
-
Joshua Carp authored
[Resolves #390]
-
Joshua Carp authored
-
- Sep 13, 2017
-
-
Jehiah Czebotar authored
Use read_user as default scope for GitLab
-
Miouge1 authored
-
Miouge1 authored
-
- Sep 10, 2017
-
-
Jehiah Czebotar authored
*: add an OpenID Connect provider
-
- Sep 09, 2017
-
-
Eric Chiang authored
See the README for usage with Dex or any other OIDC provider. To test run a backend: python3 -m http.server Run dex and modify the example config with the proxy callback: go get github.com/coreos/dex/cmd/dex cd $GOPATH/src/github.com/coreos/dex sed -i.bak \ 's|http://127.0.0.1:5555/callback|http://127.0.0.1:5555/oauth2/callback|g' \ examples/config-dev.yaml make ./bin/dex serve examples/config-dev.yaml Then run the oauth2_proxy oauth2_proxy \ --oidc-issuer-url http://127.0.0.1:5556/dex \ --upstream http://localhost:8000 \ --client-id example-app \ --client-secret ZXhhbXBsZS1hcHAtc2VjcmV0 \ --cookie-secret foo \ --email-domain '*' \ --http-address http://127.0.0.1:5555 \ --redirect-url http://127.0.0.1:5555/oauth2/callback \ --cookie-secure=false Login with the username/password "admin@example.com:password"
-
- Sep 06, 2017
-
-
Hans Kristian Flaatten authored
-
- Aug 29, 2017
-
-
Jehiah Czebotar authored
nginx auth_request: fix -skip-provider-button
-
Jehiah Czebotar authored
Updates README.md with svg badge
-
Jehiah Czebotar authored
strip all tokens
-
Jehiah Czebotar authored
gracefully report un-parsed upstream URL
-
Jehiah Czebotar authored
Remove check for >0 upstreams
-
Jehiah Czebotar authored
Update cookie generation to match base64 encoding
-