- Nov 22, 2017
-
-
Tanvir Alam authored
* update README.md to include instructions on how to verify prebuilt binaries for new releases.
-
- Nov 07, 2017
-
-
Tanvir Alam authored
-
- Oct 08, 2017
-
-
Joshua Carp authored
[Resolves #390]
-
- Sep 09, 2017
-
-
Eric Chiang authored
See the README for usage with Dex or any other OIDC provider. To test run a backend: python3 -m http.server Run dex and modify the example config with the proxy callback: go get github.com/coreos/dex/cmd/dex cd $GOPATH/src/github.com/coreos/dex sed -i.bak \ 's|http://127.0.0.1:5555/callback|http://127.0.0.1:5555/oauth2/callback|g' \ examples/config-dev.yaml make ./bin/dex serve examples/config-dev.yaml Then run the oauth2_proxy oauth2_proxy \ --oidc-issuer-url http://127.0.0.1:5556/dex \ --upstream http://localhost:8000 \ --client-id example-app \ --client-secret ZXhhbXBsZS1hcHAtc2VjcmV0 \ --cookie-secret foo \ --email-domain '*' \ --http-address http://127.0.0.1:5555 \ --redirect-url http://127.0.0.1:5555/oauth2/callback \ --cookie-secure=false Login with the username/password "admin@example.com:password"
-
- Sep 06, 2017
-
-
Hans Kristian Flaatten authored
-
- Jul 20, 2017
-
-
Christian Svensson authored
Current code is using URLEncoding but example was using the standard RFC 4648 encoding. Switch to using the URL encoding in the example as well.
-
- Jun 29, 2017
-
-
Nikita Sobolev authored
-
- Jun 21, 2017
-
-
Bart Spaans authored
-
- Jun 10, 2017
-
-
Shivansh Dhar authored
-
- Apr 25, 2017
-
-
Pierce Lopez authored
how to pass back the refreshed oauth2_proxy cookie from an nginx auth_request
-
Pierce Lopez authored
/oauth2/auth is not more sensitive than other /oauth2/ paths, does not need "internal" protection "spdy" protocol is obsolete, http2 is the thing to enable now. But it's orthogonal anyway. No need for two separate content/upstream location blocks in this example, reduce to just one, with a comment that it could be serving files instead of proxying.
-
Reed Loden authored
The Cookie Prefixes spec disallows the use of the `domain` attribute in cookies if the `__Host-` prefix is used (https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2). There's no need to set it to the host by default, so make it optional. If it is set to a non-empty value, still output a warning if it is not a suffix of the host, as that's likely not wanted. Fixes #352.
-
Jehiah Czebotar authored
-
Jehiah Czebotar authored
-
- Apr 07, 2017
-
-
idntfy authored
-
- Mar 29, 2017
-
-
Ashish Kulkarni authored
-
Jehiah Czebotar authored
-
- Jan 24, 2017
-
-
Omar Elazhary authored
* This fixes https://github.com/bitly/oauth2_proxy/issues/205 * Add new boolean option -pass-user-headers to control whether X-Forwarded-User and X-Forwarded-Email headers will be set (as opposed to HTTP BASIC auth) * This is required e.g. for grafana [1] where X-Forwarded-User is needed but HTTP BASIC auth fails (password is not known and must not be known in this scenario) * Keep behaviour of PassBasicAuth unchanged for compatibility [1] http://docs.grafana.org/installation/configuration/#authproxy
-
- Nov 19, 2016
-
-
ReadmeCritic authored
-
- Jul 31, 2016
-
-
Mark Herhold authored
-
- Jul 05, 2016
-
-
Nick Semenkovich authored
-
- Jun 28, 2016
-
-
Nick Semenkovich authored
The correct endpoint is /oauth2/auth
-
- Jun 23, 2016
-
-
Jehiah Czebotar authored
-
Jehiah Czebotar authored
-
Jehiah Czebotar authored
* will not re-prompt if the email permission is denied, or if you previously authorized the same FB app without the email scope.
-
- Jun 20, 2016
-
-
Jehiah Czebotar authored
-
- Apr 12, 2016
-
-
Joakim Gustin authored
-
- Feb 24, 2016
-
-
Mike Bland authored
-
- Feb 18, 2016
-
-
Raphaël Pinson authored
-
- Feb 17, 2016
-
-
pmosbach authored
-
Robert Hencke authored
-
- Feb 13, 2016
-
-
Alex authored
-
- Jan 22, 2016
-
-
Ruta Sakalauskaite authored
-
- Jan 20, 2016
-
-
Eelco Cramer authored
-
- Dec 17, 2015
-
-
funkymrrogers authored
Google changed to developer console UI, updated walkthrough to match new UI.
-
- Nov 16, 2015
-
-
Mike Bland authored
-
- Nov 10, 2015
-
-
Mike Bland authored
-
- Nov 09, 2015
-
-
Mike Bland authored
Closes #152.
-
- Sep 24, 2015
-
-
Jeppe Toustrup authored
The path should be provided as a file:// url with the full operating system path. An alias to where the directory is available as can be specified by appending a fragment (ie. "#/static/") at the end of the URL.
-
- Sep 09, 2015
-
-
Justin Burnham authored
-