Commit Graph

1560 Commits

Author SHA1 Message Date
Nick Meves
cfd3de807c
Add tests for skip auth functionality 2020-10-07 10:13:41 -07:00
Nick Meves
183cb124a4
Support HTTP method based allowlists 2020-10-07 10:13:40 -07:00
Mitsuo Heijo
fcb83c48f4
Update go-redis/redis to v8 (#801)
* update go-redis/redis to v8

testify, ginko and gomega have also been updated.

* update changelog

* Update pkg/sessions/redis/redis_store_test.go

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-07 11:49:27 +01:00
Joel Speed
581c6c3259
Merge pull request #820 from johejo/fix_testdata
Rename test directory to testdata
2020-10-06 13:45:43 +01:00
Mitsuo Heijo
5c62690653 Rename test directory to testdata
See https://golang.org/cmd/go/#hdr-Test_packages
2020-10-06 21:37:25 +09:00
Jakub Holy
3d203a1a03
Home: Add a brief description of the behavior (#794)
* Home: Add a brief description of the behavior

I could not find this information anywhere and think it is quite important for understanding how to use and configure the proxy for different use cases.

(Especially the Ajax part is not mentioned anywhere else I believe.)

I tried to keep it general enough so that it won't need updating often yet useful enough to have good value :)

* Update docs/0_index.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-05 10:34:42 +01:00
Shinebayar G
dc7dbc5d28
ci: migrate to Github Actions, close #546 (#750)
* ci: migrate to Github Actions

* ci: optimize on feedback

* ci: run gocov in correct dir

* ci: running after-build script always

* ci: giving test script execute permission

* ci: correct error handling on test script

* ci: more verbose test script

* ci: configure CC_TEST_REPORTER_ID env

* ci: check existence of CC_TEST_REPORT_ID variable, skip if unset

* ci: check existence of CC_TEST_REPORT_ID variable, skip if unset

* update changelog

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-10-05 10:29:47 +01:00
Thiago Caiubi
8be97f25e7
Fix build (#813)
* Fix build

Without the v7 path it builds old version of the project (v3.2.0).

* Update CHANGELOG.md
2020-10-03 14:09:40 +01:00
Joel Speed
9bc618bb08
Merge pull request #783 from johejo/go_115
Update Go to 1.15
2020-10-02 18:42:04 +01:00
Mitsuo Heijo
e64322b070 Update Go to 1.15 2020-09-30 09:54:43 +09:00
Mitsuo Heijo
3fa42edb73
Fix import path for v7 (#800)
* fix import path for v7

find ./ -name "*.go" | xargs sed -i -e 's|"github.com/oauth2-proxy/oauth2-proxy|"github.com/oauth2-proxy/oauth2-proxy/v7|'

* fix module path

* go mod tidy

* fix installation docs

* update CHANGELOG

* Update CHANGELOG.md

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
2020-09-29 17:44:42 +01:00
Nick Meves
7c4479791c
Merge pull request #753 from codablock/azure-resource
Pass resource parameter in login url
2020-09-29 09:21:14 -07:00
Alexander Block
d046782f61 Add link to #753 in changelog 2020-09-29 13:35:40 +02:00
Alexander Block
090eff0197 Add CHANGELOG.md entries for #753 2020-09-28 12:17:06 +02:00
Alexander Block
74918c40d8 Refactor makeLoginURL to accept extraParams
And don't require the caller to know how to use the returned params.
2020-09-28 12:15:06 +02:00
Alexander Block
4eb9612679 Move DefaultGetLoginURL into util.go 2020-09-28 12:15:06 +02:00
Alexander Block
9a64e67d5b De-duplicate code in GetLoginURL of in logingov provider
Also add unit test to ensure logingov specific logic is applied.
2020-09-28 12:15:06 +02:00
Alexander Block
fde09bea4e Move azure specific resource parameter handling into azure provider 2020-09-28 12:15:06 +02:00
Alexander Block
97e95fd4ff Move actual implementation of default provider GetLoginURL into DefaultGetLoginURL
This allows us to reuse code from different providers in case slight
modifications to the URL are needed.
2020-09-28 12:15:06 +02:00
Alexander Block
017b9bcfb7 Add unit test for protected resources 2020-09-28 12:15:06 +02:00
Alexander Block
8cbf9219bc Pass resource parameter in login url 2020-09-28 12:15:06 +02:00
Joel Speed
e9aa7acf4e
Merge pull request #791 from grnhse/remove-provider-preferred-username-getter
Remove provider GetPreferredUsername getter method
2020-09-24 18:55:33 +01:00
Nick Meves
e0d915cc03
Stop shadowing GetEmailAddress errors in redeemCode 2020-09-24 10:50:18 -07:00
Nick Meves
3371284a36
Remove GetPreferredUsername method from Provider interface
It isn't used in any providers and we have future plans
to remove the specialness of PreferredUsername and make it
an optional field in the session.

User, Email & Groups will eventually be the only first class
fields on the session that are always set.
2020-09-24 10:49:50 -07:00
Joel Speed
160685abd7
Merge pull request #722 from grnhse/redis-startup-validation
Redis configuration startup validation
2020-09-24 18:48:55 +01:00
Nick Meves
6db1aeb9c6
Validate Redis session store health on startup 2020-09-24 10:41:43 -07:00
Joel Speed
93870ec0ff
Merge pull request #575 from grnhse/deprecate-sha1
Stop accepting legacy SHA1 signed cookies
2020-09-24 18:36:52 +01:00
Nick Meves
56f199a24f
Stop accepting legacy SHA1 signed cookies 2020-09-24 10:31:34 -07:00
Nick Meves
55a941b76e
Merge pull request #788 from blz-ea/patch-1
docs: fix Keycloak provider documentation
2020-09-23 09:54:40 -07:00
blz-ea
4a04ff4529
docs: fix Keycloak provider documentation 2020-09-22 20:13:00 -04:00
Nick Meves
8eb9c69a9a
Merge pull request #616 from stefansedich/group-claim
Add support to ensure user belongs in required groups when using the OIDC provider
2020-09-21 13:04:27 -07:00
Stefan Sedich
9d59519a96
Add support to ensure user belongs in required groups when using the OIDC provider 2020-09-21 10:43:54 -07:00
Joel Speed
a87beab1a0
Merge pull request #764 from lentzi90/patch-1
Document bcrypt encryption for htpasswd
2020-09-11 14:26:03 +01:00
Lennart Jern
e14d6ab791 Document bcrypt encryption for htpasswd
Remove mention of (insecure) SHA option for encryption.
2020-09-11 13:32:00 +03:00
Joel Speed
ef08d01b98
Merge pull request #757 from ManoManoTech/doc/cookieSession
Doc: cookie-secret is a mandatory field for cookie session
2020-09-04 15:30:47 +01:00
Aurélien LAJOIE
0eb0024e87 Doc: cookie-secret is a mandatory field for cookie session 2020-09-04 16:20:41 +02:00
Joel Speed
e4e5580852
Merge pull request #748 from oauth2-proxy/release-6.1.1
Prepare CHANGELOG for v6.1.1 release
2020-08-31 17:18:45 +01:00
Joel Speed
1337f56188
Prepare CHANGELOG for v6.1.1 release 2020-08-31 17:01:52 +01:00
Joel Speed
841bf77f7f
Merge pull request #746 from oauth2-proxy/fix-static
Fix conversion of static responses in upstreams
2020-08-31 16:58:55 +01:00
Joel Speed
bd619ab63e
Fix conversion of file upstreams 2020-08-31 16:54:13 +01:00
Joel Speed
b40517bbe3
Fix conversion of static responses in upstreams 2020-08-31 16:54:01 +01:00
Joel Speed
73f0094486
Merge pull request #729 from grnhse/x-forwarded-host-redirect
Use X-Forwarded-Host in Redirects
2020-08-31 16:48:20 +01:00
Nick Meves
29b24793e3
Use X-Forwarded-Host consistently 2020-08-31 08:31:45 -07:00
Tomoyuki KOYAMA
bd5fab478d
fix docs: command line options (#744) 2020-08-29 09:26:24 +01:00
Joel Speed
37026b60ce
Merge pull request #741 from oauth2-proxy/release-6.1.0
Prepare changelog for v6.1.0 release
2020-08-27 15:15:24 +01:00
Joel Speed
43bf36425d
Prepare changelog for v6.1.0 release 2020-08-27 15:08:46 +01:00
Joel Speed
4134a9010e
Merge pull request #742 from oauth2-proxy/domain-log
Only log no cookie match if cookie domains specified
2020-08-27 15:01:32 +01:00
Joel Speed
105d5acb7b
Only log no cookie match if cookie domains specified 2020-08-27 14:48:00 +01:00
Dan Bond
d7abd56981
dist.sh: remove go version from asset links (#733)
* dist.sh: remove go version from asset links

* update changelog
2020-08-25 08:41:14 -07:00
Joel Speed
5fa5b3186f
Merge pull request #562 from oauth2-proxy/auth-header-helper
Create generic Authorization Header constructor
2020-08-17 16:44:38 +01:00