Ryan Luckie
0d94f5e515
fix lint error
2019-07-19 08:53:20 -05:00
Ryan Luckie
2eecf756e4
Add OIDC support for UserInfo Endpoint Email Verification
...
* Current OIDC implementation asserts that user email check must come
from JWT token claims. OIDC specification also allows for source
of user email to be fetched from userinfo profile endpoint.
http://openid.net/specs/openid-connect-core-1_0.html#UserInfo
* First, attempt to retrieve email from JWT token claims. Then fall back to
requesting email from userinfo endpoint.
* Don't fallback to subject for email
https://github.com/bitly/oauth2_proxy/pull/481
2019-07-19 08:53:20 -05:00
Joel Speed
8635391543
Merge pull request #178 from kskewes/pinglog
...
Add silence-ping-logging flag
2019-07-19 11:30:31 +01:00
Karl
f29e353586
Update options.go
...
Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk>
2019-07-19 22:11:53 +12:00
Joel Speed
2c104c4e7d
Merge pull request #211 from steakunderscore/go-mod
...
Switch from dep to go modules
2019-07-17 10:21:09 +01:00
Joel Speed
7bf00b7f4a
Merge pull request #213 from pusher/fix-tls-flags
...
Correct TLS Flags broken in #186
2019-07-17 10:10:18 +01:00
Joel Speed
7b1132df13
Fix tls-*-file docs
2019-07-17 09:58:11 +01:00
Karl Skewes
6bf3f2a51b
Correct tls cert flag name per 186
2019-07-16 13:32:57 +01:00
Karl Skewes
f00a474d91
Correct tls cert flag name per 186
2019-07-16 11:39:06 +12:00
Karl Skewes
b57d7f77e1
Use ok naming convention for map presence check
2019-07-16 10:06:29 +12:00
Karl Skewes
84da3c3d8c
update changelog with both flags
2019-07-16 10:06:29 +12:00
Karl Skewes
9ed5623f2a
Change env vars to suit incoming PR186
2019-07-16 10:05:10 +12:00
Karl Skewes
7236039b9d
remove remnant from rebase
2019-07-16 10:04:09 +12:00
Karl Skewes
289dfce28a
logger.go ExcludedPaths changed to slice of paths.
...
- `logger.go` convert slice of paths to map for quicker lookup
- `options.go` combines csv paths and pingpath into slice
2019-07-16 10:04:09 +12:00
Karl Skewes
4e10cc76e0
Add silence ping logging flag using ExcludePath
...
- Add `ping-path` option to enable switching on and passing to `logger.go`
Default remains unchanged at: `"/ping"`
- Add note in configuration.md about silence flag taking precedence
Potential tests:
- `options.go` sets `logger.SetExcludePath` based on silence flag?
- Changing `PingPath` reflected in router?
2019-07-16 09:46:53 +12:00
Karl Skewes
08021429ea
formatting and extra test
...
Can probably slim down the `ExcludePath` tests.
2019-07-16 09:43:48 +12:00
Karl Skewes
c4f20fff3d
Add exclude logging path option
...
Useful for excluding /ping endpoint to reduce log volume.
This is somewhat more verbose than a simple bool to disable logging of
the `/ping` endpoint.
Perhaps better to add `-silence-ping-logging` bool flag to `options.go` and
pass in the `/ping` endpoint as part of `logger` declaration in `options.go`.
Could be extended into a slice of paths similar to go-gin's `SkipPaths`:
https://github.com/gin-gonic/gin/blob/master/logger.go#L46
2019-07-16 09:43:47 +12:00
Karl Skewes
ec97000169
Add silence ping logging flag
...
Add ability to silence logging of requests to /ping endpoint, reducing
log clutter
Pros:
- Don't have to change all handlers to set/not set silent ping logging
- Don't have to duplicate `loggingHandler` (this could be preferable yet)
Cons:
- Leaking oauth2proxy logic into `package logger`
- Defining default pingPath in two locations
Alternative:
- Add generic exclude path to `logger.go` and pass in `/ping`.
2019-07-16 09:42:24 +12:00
Henry Jenkins
03f218a63c
Ensure gomodules are used when downloading
2019-07-15 21:49:38 +01:00
Henry Jenkins
bc81a0f6e4
Merge branch 'master' into go-mod
...
* master:
Move docker dep commands to earlier in the build
2019-07-15 21:38:55 +01:00
Joel Speed
e952ab4bdf
Merge pull request #209 from dekimsey/improve-docker-rebuild-caching
...
Move docker dep commands to earlier in the build
2019-07-15 16:09:22 +01:00
Henry Jenkins
56f51417ae
Merge branch 'master' into go-mod
2019-07-15 16:08:21 +01:00
Daniel Kimsey
816c2a6da9
Move docker dep commands to earlier in the build
...
This will let Docker cache the results of the vendor dependencies.
Making re-builds during testing faster.
Also clean-up spurious test & rm in ./configure
2019-07-15 10:00:34 -05:00
Joel Speed
d7e88a4718
Merge pull request #186 from pusher/consistent-config
...
Make configuration consistent
2019-07-15 15:35:11 +01:00
Joel Speed
874c147e04
Fix tls-key-file and tls-cert-file consistency
2019-07-15 12:01:44 +01:00
Joel Speed
bdcdfb74f9
Update docs and changelog
2019-07-15 12:01:43 +01:00
Joel Speed
f0d006259e
Ensure all options use a consistent format for flag vs cfg vs env
2019-07-15 11:59:46 +01:00
Joel Speed
6311fa2950
Merge pull request #187 from pusher/refactor
...
Move root packages to pkg folder
2019-07-15 11:43:50 +01:00
Joel Speed
630db3769b
Merge branch 'master' into refactor
2019-07-15 11:30:43 +01:00
Joel Speed
4bc0a91e2e
Merge pull request #210 from steakunderscore/alpine-3-10
...
Update to Alpine 3.10
2019-07-15 11:25:12 +01:00
Henry Jenkins
179ee6c2db
Update CHANGELOG
2019-07-14 13:51:46 +01:00
Henry Jenkins
e92e2f0cb4
Update CHANGELOG
2019-07-14 13:32:37 +01:00
Henry Jenkins
27bdb194b1
Update to Alpine 3.10
2019-07-13 22:14:05 +01:00
Henry Jenkins
c98ff79aba
Update other docker files
2019-07-13 22:12:20 +01:00
Henry Jenkins
e245ef4854
Switch from dep to go mod
...
Update modules to avoid issues with golangci-lint
2019-07-13 21:54:45 +01:00
Joel Speed
a83c5eabb6
Merge pull request #159 from djfinlay/wip/allow-unverified-email
...
Create option to skip verified email check in OIDC provider
2019-07-11 16:38:17 +01:00
Daryl Finlay
9823971b7d
Make insecure-oidc-allow-unverified-email configuration usage consistent
2019-07-11 15:58:31 +01:00
Daryl Finlay
776d063b98
Update changelog to include --insecure-oidc-allow-unverified-email
2019-07-11 15:30:57 +01:00
Daryl Finlay
39b6a42d43
Mark option to skip verified email check as insecure
2019-07-11 15:29:48 +01:00
Daryl Finlay
018a25be04
Create option to skip verified email check in OIDC provider
2019-07-11 15:29:48 +01:00
Joel Speed
ecd0f89c84
Merge pull request #206 from nniikkoollaaii/feature/update_docs_nginx_auth_request
...
update configuration.md auth_request section
2019-07-10 09:38:21 +01:00
Seip, Nikolai
387a7267e1
update configuration.md auth_request section
2019-07-10 10:26:31 +02:00
Joel Speed
4eefc01600
Merge pull request #195 from steakunderscore/banner-flag
...
Adds banner flag
2019-07-04 11:24:16 +01:00
Henry Jenkins
aa37564655
Merge branch 'master' into banner-flag
2019-07-02 14:03:21 +01:00
Joel Speed
85c5cef783
Merge pull request #198 from steakunderscore/switch_to_golangci-lint
...
Switch linter to golangci-lint
2019-07-01 16:37:26 +01:00
hjenkins
ce7e384095
Remove TODO vetshadow as it's part of govet
2019-07-01 16:27:19 +01:00
Henry Jenkins
b9cfa8f49f
Add changelog entry
2019-06-25 16:42:24 +01:00
Henry Jenkins
924eab6355
Adds banner flag
...
This is to override what's displayed on the main page.
2019-06-25 16:41:51 +01:00
Henry Jenkins
5bcb998e6b
Update changelog
2019-06-23 21:39:13 +01:00
Henry Jenkins
d24aacdb5c
Fix lint errors
2019-06-23 21:39:13 +01:00