Pierce Lopez
6d295f8446
README: nginx auth_request example refresh cookie handling
...
how to pass back the refreshed oauth2_proxy cookie from an nginx auth_request
2017-04-24 17:59:21 -04:00
Pierce Lopez
7f5672b433
README: simplify nginx auth_request example
...
/oauth2/auth is not more sensitive than other /oauth2/ paths,
does not need "internal" protection
"spdy" protocol is obsolete, http2 is the thing to enable now.
But it's orthogonal anyway.
No need for two separate content/upstream location blocks in
this example, reduce to just one, with a comment that it could
be serving files instead of proxying.
2017-04-24 17:56:15 -04:00
Jehiah Czebotar
f457a9042a
Readme: update --help usage
2017-04-24 12:16:16 -04:00
Jehiah Czebotar
3fa5635d6c
Release 2.2.0
2017-04-24 12:11:23 -04:00
idntfy
1e7d2a08a3
#369 : Optionally allow skipping authentication for preflight requests
2017-04-07 15:01:47 +03:00
Ashish Kulkarni
fe44b89f57
update documentation for Nginx auth_request mode
2017-03-29 21:28:55 +05:30
Jehiah Czebotar
dcf62d06df
option for skipping OAuth provider SSL verification
2017-03-29 10:57:07 -04:00
Omar Elazhary
24f91a0b60
Allow to pass user headers only (issue #205 )
...
* This fixes https://github.com/bitly/oauth2_proxy/issues/205
* Add new boolean option -pass-user-headers
to control whether X-Forwarded-User and X-Forwarded-Email
headers will be set (as opposed to HTTP BASIC auth)
* This is required e.g. for grafana [1] where
X-Forwarded-User is needed but HTTP BASIC auth fails
(password is not known and must not be known in this scenario)
* Keep behaviour of PassBasicAuth unchanged for compatibility
[1] http://docs.grafana.org/installation/configuration/#authproxy
2017-01-24 11:11:58 +01:00
ReadmeCritic
4203c26d7c
Correct the spelling of GitHub in README
2016-11-18 09:31:22 -08:00
Mark Herhold
116b84906e
Adding skip-provider-button docs
2016-07-30 22:34:28 -04:00
Nick Semenkovich
17f412e407
docs: working nginx auth_request example ( #273 )
2016-07-05 09:38:34 -04:00
Nick Semenkovich
56bf3f8add
Fix documentation for auth_request directive
...
The correct endpoint is /oauth2/auth
2016-06-27 20:10:22 -05:00
Jehiah Czebotar
671f00e60e
cookie secret: give helper command for generating a secret
2016-06-23 09:42:32 -04:00
Jehiah Czebotar
3bba24ab31
Bump verison to 2.1
2016-06-23 09:35:33 -04:00
Jehiah Czebotar
a0763477c5
Facebook Authentication Provider
...
* will not re-prompt if the email permission is denied, or if you previously authorized the same FB app without the email scope.
2016-06-23 08:43:21 -04:00
Jehiah Czebotar
bcb8064831
github: fix github enterprise support
2016-06-20 08:15:07 -04:00
Joakim Gustin
60a59ce7b1
Fix typo
2016-04-12 07:26:13 +02:00
Mike Bland
87d80d6d22
OAUTH2_PROXY_SIGNATURE_KEY env var, README update
2016-02-24 08:23:31 -05:00
Jehiah Czebotar
293d674e14
Merge pull request #214 from raphink/github_multiple_teams
...
github provider: allow multiple teams
2016-02-17 17:24:50 -05:00
Raphaël Pinson
338e99773a
github provider: allow multiple teams
2016-02-17 23:17:08 +01:00
Jehiah Czebotar
bfb8dc13bf
Merge pull request #211 from pmosbach/gitlab-provider
...
Add GitLab provider
2016-02-17 09:04:07 -05:00
pmosbach
034612bf8b
Add GitLab provider
2016-02-17 06:19:52 -06:00
Robert Hencke
51dbc9fb9b
Fix small typo in README.md.
2016-02-16 17:07:26 -05:00
Alex
c0a18a5cb3
fixed formatting
2016-02-13 01:41:10 -06:00
Jehiah Czebotar
36128e971f
Merge pull request #197 from ruta-goomba/enterprise-github
...
use Github provider with GitHub enterprise
2016-02-06 13:24:48 -06:00
Ruta Sakalauskaite
79b548dae6
modifying README to add information about use with enterprise github
2016-01-21 21:54:29 +00:00
Eelco Cramer
10f47e325b
Add Azure Provider
2016-01-20 03:57:17 -05:00
funkymrrogers
0fad1da1df
Google UI changes
...
Google changed to developer console UI, updated walkthrough to match new UI.
2015-12-16 19:10:38 -06:00
Mike Bland
e4626c1360
Sign Upstream requests with HMAC. closes #147
2015-11-15 22:09:30 -05:00
Mike Bland
d247274b06
Add nginx auth_request config to README
2015-11-09 11:00:18 -05:00
Mike Bland
e61fc9e7a6
Add /auth endpoint to support Nginx's auth_request
...
Closes #152 .
2015-11-09 10:31:41 -05:00
Jeppe Toustrup
ffeccfe552
Add support for serving static files from a directory
...
The path should be provided as a file:// url with the full operating system path.
An alias to where the directory is available as can be specified by appending
a fragment (ie. "#/static/") at the end of the URL.
2015-09-24 15:37:45 +02:00
Justin Burnham
3fd8f911c2
google: Support restricting access to a specific group(s)
2015-09-09 02:10:32 -07:00
Jehiah Czebotar
d1c0208824
Merge pull request #131 from ebardsley/master
...
Allow passing the value of "approval_prompt" as a flag or option.
2015-08-27 07:33:07 -04:00
Srivatsa Ray
85fcd66be6
Google auth configuration screen flow has changed
2015-08-09 12:08:21 -07:00
Ed Bardsley
33045a792b
Add a flag to set the value of "approval_prompt".
...
By setting this to "force", certain providers, like Google,
will interject an additional prompt on every new session. With other values,
like "auto", this prompt is not forced upon the user.
2015-07-31 00:43:47 -07:00
Sharif Nassar
f3353c0eea
Fix spelling
...
*snicker*
*titter*
*giggle*
2015-07-24 14:31:25 -07:00
Justin Burnham
7dd5d299e1
Add support for setting the basic auth password.
...
For tools that don't like empty passwords, this change allows
one to set a shared secret password for all users.
2015-07-24 09:17:43 +00:00
Jehiah Czebotar
3a792555f1
tag v2.0.1
2015-07-02 23:29:25 -04:00
Jehiah Czebotar
51852c045a
Doc updates clarifying external Load Balancer config
2015-07-02 23:21:59 -04:00
Jehiah Czebotar
aa0a725a3a
Readme: doc updates
2015-06-23 14:01:05 -04:00
Jehiah Czebotar
d78aa13464
v2.0 & cleanup changes
...
* bump version to 2.0
* remove --cookie-https-only option
* add windows build to dist.sh
* rename --cookie-key to --cookie-name
2015-06-12 13:07:26 -04:00
Jehiah Czebotar
f5b2b20f67
support TLS directly
2015-06-07 23:14:48 -04:00
Jehiah Czebotar
f5db2e1ff7
More complete HTTP error logging
2015-06-07 21:03:53 -04:00
Jehiah Czebotar
56d19b1c84
disable email validation; rename email-domain argument
...
This adds a "*" option to --email-domain to disable email validation, and this renames `--google-apps-domain` to `--email-domain` for clarity across providers
2015-06-06 14:37:54 -04:00
tonymeng
c5ccd43767
Enable specific oauth2proxy path; change cookie name to _oauth2proxy
2015-06-06 14:21:42 -04:00
Jehiah Czebotar
a80aad04f7
Readme Updates
2015-05-21 09:54:21 -04:00
Jehiah Czebotar
b96a078839
Project Rename -> oauth2_proxy
2015-05-21 02:55:04 -04:00
Jehiah Czebotar
37b38dd2f4
Github provider
2015-05-21 02:21:19 -04:00
Jehiah Czebotar
9047920e90
Merge pull request #88 from 18F/auto-refresh
...
Auto refresh auth token
2015-05-11 22:24:50 -04:00