Commit Graph

808 Commits

Author SHA1 Message Date
drew
69804e588a Allow hiding custom login UI even if an htpasswd file is provided. 2014-12-09 14:38:57 -06:00
Jehiah Czebotar
5199e0028b Merge pull request #40 from jehiah/env_parsing_40
When loading client-id/client-secret/cookie-secret from env variables, google_auth_proxy blows up.
2014-11-14 23:18:08 -05:00
Jehiah Czebotar
1c5a01cb7b test/fix environment var parsing 2014-11-14 23:15:27 -05:00
Dan Lotterman
d552effc1e Merge pull request #38 from jehiah/release_38
1.0 release
2014-11-10 08:51:33 -05:00
Jehiah Czebotar
1fa1494e0e fix default in config to match 2014-11-09 23:45:59 -05:00
Jehiah Czebotar
1f515eba3c options bug fixes; set https cookies on by default 2014-11-09 22:21:46 -05:00
Jehiah Czebotar
ba7aee91d6 update install steps; show login img 2014-11-09 22:06:40 -05:00
Jehiah Czebotar
a49eadadeb template updates to display version 2014-11-09 22:01:50 -05:00
Jehiah Czebotar
a5f96b1754 release scripts 2014-11-09 21:48:09 -05:00
Jehiah Czebotar
3a1db8f457 Merge pull request #37 from jehiah/env_parsing_37
Better environment variable parsing
2014-11-10 03:24:42 +01:00
Jehiah Czebotar
9060feb436 better environment parsing 2014-11-09 21:12:36 -05:00
Jehiah Czebotar
01969eebdc Merge pull request #20 from jehiah/config_support_20
add option/flag to specify config file in place of commandline options
2014-11-10 02:34:37 +01:00
Jehiah Czebotar
d4fe9a4f57 Add config file support 2014-11-09 20:33:12 -05:00
Jehiah Czebotar
899749a08d Merge pull request #36 from jehiah/better_templates_36
Better (mobile) sign in template
2014-11-09 20:28:15 +01:00
Jehiah Czebotar
b8ef5107de pretty styling of sign in page 2014-11-09 00:42:49 -05:00
Jehiah Czebotar
7fae45a7b6 Merge pull request #34 from jehiah/secure_cookies_34
Use of secure attribute in cookies
2014-11-08 20:35:35 +01:00
Jehiah Czebotar
bc26835076 always set httponly (there is no good reason not to); simplify httponly and expire flags 2014-11-08 14:32:35 -05:00
Igor Dolgiy
6cdf05e7f2 Added cookie settings 2014-11-08 13:35:45 -05:00
Jehiah Czebotar
23a89b06de Merge pull request #22 from dbrgn/empty_upstream_path
Handle upstreams without a trailing slash
2014-11-08 19:17:44 +01:00
Vikrum Nijjar
ad57a9391f Fixed timing attack in cookie validation.
- Changed from using string == to hmac.Equal
- See more details here: http://verboselogging.com/2012/08/20/a-timing-attack-in-action
2014-11-08 13:16:39 -05:00
Jehiah Czebotar
2f165345a8 Merge pull request #35 from rogerhu/email
Pass in the original email address too as X-Forwarded-Email.
2014-11-08 19:11:51 +01:00
Roger Hu
ec9c11ed28 Pass in the original email address too as X-Forwarded-Email. 2014-11-08 07:33:14 -08:00
Jehiah Czebotar
cfad6acf8f Merge pull request #30 from sonatype/master
Add /ping endpoint
2014-10-17 04:00:37 +02:00
Jason Swank
1e29aa1c12 Make /ping endpoint respond with "OK" 2014-10-14 17:05:59 -04:00
Jason Swank
8702ad2e52 Add /ping endpoint 2014-10-14 16:22:38 -04:00
Pierce Lopez
1c0989ff58 Merge pull request #25 from jehiah/google_oauth_migration_25
/v2/userinfo going away, switch to new scopes and id token payload
2014-08-07 17:21:27 -04:00
Jehiah Czebotar
590e0b527c bump to 0.1.0 2014-08-07 20:50:16 +00:00
Jehiah Czebotar
98fb800de4 update to new scopes 2014-08-07 20:49:28 +00:00
Jehiah Czebotar
715656de2a Merge pull request #23 from zhangcheng/master
Make it looks a little better in mobile browsers
2014-07-22 06:12:00 +02:00
ZHANG Cheng
78ad2f4106 Make it looks a little better in mobile browsers 2014-07-22 11:59:13 +08:00
Pierce Lopez
5205e9ad68 Merge pull request #21 from dbrgn/errmsg_typo
Fixed wrong error message
2014-07-08 20:45:35 -04:00
Danilo Bargen
b3bbc3ca20 Handle upstreams without a trailing slash 2014-07-08 15:06:41 +02:00
Danilo Bargen
cfe186d6cb Fixed wrong error message 2014-07-08 14:07:07 +02:00
Jehiah Czebotar
14e845d021 Merge pull request #18 from ploxiln/add_license_18
proposed LICENSE for google_auth_proxy
2014-06-30 18:14:41 +02:00
Jehiah Czebotar
736da1eddf Merge pull request #19 from justindowning/patch-1
Update README with new Google Developers workflow
2014-06-20 22:05:51 +02:00
Justin Downing
e52a86d027 Update README with new Google Developers workflow
The Google Developers Console has a new interface and workflow. Updated the **OAuth Configuration** section with the correct steps, including a few notes on potential missteps.
2014-06-20 16:00:34 -04:00
Pierce Lopez
2361fb00b9 add MIT license for google_auth_proxy 2014-06-09 16:25:26 -04:00
Jehiah Czebotar
18b4612aae Merge pull request #16 from drewolson/master
Allow specifying multiple google apps domains.
2014-05-22 09:47:33 -04:00
drew
964929a56d Allow specifying multiple google apps domains. 2014-05-22 08:45:31 -05:00
Jehiah Czebotar
7d0a8231cc Merge pull request #7 from SeanOC/fix_post_handling
Updated redirect arg handling to only happen when needed.
2013-10-24 10:42:28 -07:00
Sean O'Connor
11ce460209 Updated redirect arg handling to only happen when needed. 2013-10-24 17:40:29 +00:00
Jehiah Czebotar
9a6e895368 Merge pull request #6 from SeanOC/master
Added the ability to pass an optional redirect path as part of the manual login form
2013-10-23 13:36:27 -07:00
Sean O'Connor
d2b1815d43 After authentication, redirect to original URI. 2013-10-23 20:29:39 +00:00
Kevin Lamontagne
7dc5b691e7 secrets as environment variables. closes #5 2013-07-30 17:32:27 -04:00
Jehiah Czebotar
e3002667fc readme example updates 2012-12-26 21:53:02 +00:00
Jehiah Czebotar
4fd712566a simpler binary install steps 2012-12-26 20:02:26 +00:00
Jehiah Czebotar
37ca0fba18 readme updates 2012-12-26 18:26:07 +00:00
Jehiah Czebotar
7eb17ba9e0 enable travis
add travis badge
2012-12-26 18:26:05 +00:00
Jehiah Czebotar
c97de52200 handle sign in directly (if using htpasswd) 2012-12-26 18:26:03 +00:00
Jehiah Czebotar
4367e47a46 don't promote htpasswd auth; auth directly 2012-12-26 16:55:20 +00:00