Commit Graph

14 Commits

Author SHA1 Message Date
Christian Svensson
0b117133b9 Remove check for >0 upstreams
When used solely for auth_request there is no upstream.
Instead of forcing users to set a dummy upstream, remove
the check.
2017-07-20 21:54:31 +02:00
tanuck
c015075996 Validate cookie name (#278)
Validate cookie name passes go's isCookieNameValid check
2016-07-19 15:51:25 -04:00
Jehiah Czebotar
cdebfd6436
base64 cookie support 2016-06-20 07:45:43 -04:00
Mike Bland
e4626c1360 Sign Upstream requests with HMAC. closes #147 2015-11-15 22:09:30 -05:00
Brandon Philips
51a2e4e48c *: rename Url to URL everywhere
Go coding style says that acronyms should be all lower or all upper. Fix
Url to URL.
2015-11-09 00:47:44 +01:00
Justin Burnham
3fd8f911c2 google: Support restricting access to a specific group(s) 2015-09-09 02:10:32 -07:00
Jehiah Czebotar
0692c3763f More robust handling for missing email 2015-07-24 16:26:40 -04:00
Jehiah Czebotar
8d50b372e4 immediately redeem refresh token for provider==Google 2015-06-23 13:56:14 -04:00
Mike Bland
41b21dd0b1 Enforce that cookie_refresh < cookie_expire 2015-05-09 17:37:33 -04:00
Mike Bland
8ec967ac32 Check cookie_secret size when cookie_refresh set 2015-05-09 17:37:33 -04:00
Mike Bland
cf79fd9e4c Refactor pass_access_token+cookie_secret check
Moves the check from NewOauthProxy() to Options.Validate() and adds a test.
2015-04-07 05:53:40 -04:00
Mike Bland
d9a945ebc3 Integrate Provider into Options and OauthProxy 2015-03-31 09:34:50 -04:00
Jehiah Czebotar
263e16eeea add --proxy-host-header option 2015-03-17 15:53:01 -04:00
Mike Bland
d751bbea4c Catch more options errors at once; add test 2015-03-16 14:45:20 -04:00