Joel Speed
7fa913e51c
Add Dockerfile
2018-12-20 11:06:26 +00:00
Joel Speed
d37cc2889e
Fix err declaration shadowing
2018-12-20 10:46:19 +00:00
Joel Speed
e200bd5c20
Add comments to exported methods for providers package
2018-12-20 10:37:59 +00:00
Joel Speed
a65ceb2c41
Add comments to exported methods for api package
2018-12-20 09:37:02 +00:00
Joel Speed
ee913fb788
Add comments to exported methods for root package
2018-12-20 09:30:42 +00:00
Joel Speed
8ee802d4e5
Lint for non-comment linter errors
2018-11-29 14:26:41 +00:00
Joel Speed
990873eb42
Exit on first failure for travis
2018-11-27 12:17:59 +00:00
Joel Speed
fa21208005
Fix fsnotify import
2018-11-27 12:08:22 +00:00
Joel Speed
d41089d315
Update README to reflect new repo ownership
2018-11-27 12:08:21 +00:00
Joel Speed
bc93198aa7
Update CI to separate linting and testing
2018-11-27 12:08:20 +00:00
Joel Speed
847cf25228
Move imports from bitly to pusher
2018-11-27 11:45:05 +00:00
Joel Speed
bfdccf681a
Add Fork notice
2018-11-27 11:23:37 +00:00
Jehiah Czebotar
a94b0a8b25
Merge pull request #549 from brennie/dev/bcrypt-htpasswd
...
Support bcrypt passwords in htpasswd
2018-03-24 23:48:45 -04:00
Jehiah Czebotar
1c1db881c3
Merge pull request #561 from danopia/patch-1
...
Strip JWT base64 padding before parsing. #560
2018-03-24 23:45:15 -04:00
Jehiah Czebotar
ae78840614
Merge pull request #555 from MiniJerome/master
...
typo(README): Terminiation » Termination
2018-03-24 23:44:16 -04:00
Daniel Lamando
542ef54093
Strip JWT base64 padding before parsing. #560
2018-03-08 16:44:11 -08:00
Jérôme Lecorvaisier
2db0443e04
typo(README): Terminiation » Termination
2018-03-01 12:10:02 -05:00
Barret Rennie
008ffae3bb
Support bcrypt passwords in htpasswd
2018-02-16 02:14:41 -06:00
Jehiah Czebotar
ae49c7d23c
Merge pull request #529 from fsegouin/fix/templates-css-typo
...
Fix typo in css for the sign in page template
2018-01-23 10:08:09 -05:00
Florent Segouin
a6e247825c
Fix typo in css for the sign in page template
2018-01-23 15:04:41 +00:00
Tanvir Alam
1209c63b58
Merge pull request #510 from ploxiln/clear_invalid_session
...
more robust ClearSessionCookie()
2018-01-16 10:57:53 -05:00
Tanvir Alam
1a82180376
Merge pull request #514 from ploxiln/readme_auth_request_body
...
README: fix nginx auth_request example for requests with body
2018-01-16 10:47:41 -05:00
Pierce Lopez
74d0fbc868
more robust ClearSessionCookie()
...
default domain changed from request Host to blank, recently
try to clear cookies for both
2017-12-18 21:16:51 -05:00
Pierce Lopez
20e87edde8
README: fix nginx auth_request example for requests with body
...
Nginx never sends the body with the auth_request sub-request, but
keeps the original Content-Length header by default. Without some
config tweaks, this results in the request to /oauth2/auth hanging.
2017-12-18 20:55:37 -05:00
Heather Hendy
d75f626cdd
Merge pull request #414 from relaxdiego/multi-page-org
...
Iterate through pages returned by List Your Organizations endpoint
2017-12-04 15:12:25 -07:00
Mark Maglana
882fcf0a01
providers: iterate across all pages from /user/orgs github endpoint.
...
For some GHE instances where a user can have more than 100
organizations, traversing the other pages is important otherwise
oauth2_proxy will consider the user unauthorized. This change traverses
the list returned by the API to avoid that.
Update github provider tests to include this case.
2017-12-04 15:51:48 -05:00
Tanvir Alam
faff555c55
Merge pull request #423 from Jimdo/configure_accesslog_format
...
Make Request Logging Format Configurable
2017-12-04 12:56:54 -05:00
Paul Seiffert
1cefc96311
Test request logging
2017-12-04 12:52:47 -05:00
Paul Seiffert
69550cbb23
Document request-logging-format option
2017-12-04 12:52:47 -05:00
Paul Seiffert
9341dcbf79
Make request logging format configurable
2017-12-04 12:52:47 -05:00
Jehiah Czebotar
085c6cf79b
Merge pull request #503 from talam/add_checksum_for_binary_releases
...
distribution: create sha256sum.txt file when creating version releases
2017-12-04 10:39:33 -05:00
Tanvir Alam
842a45b1db
distribution: remove gpm references and update to use dep
2017-12-04 09:54:31 -05:00
Tanvir Alam
dc65ff800f
distribution: create sha256sum.txt file when creating binaries to allow validation of checksums.
...
* update README.md to include instructions on how to verify prebuilt binaries for new releases.
2017-11-21 15:00:30 -05:00
Heather Hendy
b0c1c85177
Merge pull request #466 from clobrano/github-use-login-as-user
...
GitHub use login as user
2017-11-20 12:48:14 -07:00
Carlo Lobrano
731fa9f8e0
Github provider: use login as user
...
- Save both user and email in session state:
Encoding/decoding methods save both email and user
field in session state, for use cases when User is not derived from
email's local-parth, like for GitHub provider.
For retrocompatibility, if no user is obtained by the provider,
(e.g. User is an empty string) the encoding/decoding methods fall back
to the previous behavior and use the email's local-part
Updated also related tests and added two more tests to show behavior
when session contains a non-empty user value.
- Added first basic GitHub provider tests
- Added GetUserName method to Provider interface
The new GetUserName method is intended to return the User
value when this is not the email's local-part.
Added also the default implementation to provider_default.go
- Added call to GetUserName in redeemCode
the new GetUserName method is used in redeemCode
to get SessionState User value.
For backward compatibility, if GetUserName error is
"not implemented", the error is ignored.
- Added GetUserName method and tests to github provider.
2017-11-20 20:02:27 +01:00
Heather Hendy
6ddbb2c572
Merge pull request #502 from talam/update_options_parsing
...
options: update options parsing for better handling of incorrect values
2017-11-20 11:00:48 -07:00
Dave Nicponski
e955d2be0e
options: update options parsing for better handling of incorrect values
...
* don't add in failed compiled regexes for skip auth regex option
* improve test coverage for skip auth regex option to handle partial
success case
* add tests for incorrect upstream options parsing errors
2017-11-20 11:37:53 -05:00
Tanvir Alam
a7c5d9c478
Merge pull request #421 from arnottcr/raw-url-encode
...
raw url encoding
2017-11-20 10:50:56 -05:00
Tanvir Alam
781bd0851e
Merge pull request #491 from jehiah/dep_491
...
Switch from gpm -> dep for dependency management
2017-11-17 15:55:15 -05:00
Jehiah Czebotar
c4905f2347
Switch from gpm -> dep for dependency management
2017-11-16 20:58:11 -05:00
Tanvir Alam
363a0dda16
Merge pull request #448 from mbland/hmacauth
...
Switch from 18F/hmacauth to mbland/hmacauth
2017-11-07 09:46:06 -05:00
Mike Bland
e241fe86d3
Switch from 18F/hmacauth to mbland/hmacauth
...
Since I'm no longer with 18F, I've re-released hmacauth under the ISC
license as opposed to the previous CC0 license. There have been no
changes to the hmacauth code itself, and all tests still pass.
2017-11-07 07:55:24 -05:00
Jehiah Czebotar
28e217dc8f
Merge pull request #496 from talam/update_gitlab_api_endpoint
...
providers: update gitlab api endpoint to use latest version, v4
2017-11-06 13:15:45 -05:00
Tanvir Alam
f2a995b8d9
providers: update gitlab api endpoint to use latest version, v4
2017-11-06 12:05:58 -05:00
Jehiah Czebotar
bfda078caa
Merge pull request #376 from reedloden/make-cookie-domain-optional
...
Don't set the cookie domain to the host by default, as it breaks Cookie Prefixes
2017-10-23 14:14:45 -04:00
Jehiah Czebotar
bc1b839f7f
Merge pull request #484 from talam/update_assert_package
...
Swap out bmizerany/assert package in favor of stretchr/testify/assert
2017-10-23 13:56:35 -04:00
Tanvir Alam
8a77cfcac3
Swap out bmizerany/assert package that is deprecated in favor of stretchr/testify/assert
2017-10-23 12:24:17 -04:00
Jehiah Czebotar
fd3925d204
Merge pull request #444 from Starefossen/patch-1
...
Clarify that GitHub team option in README
2017-10-23 11:52:21 -04:00
Jehiah Czebotar
b7f9438b8a
Merge pull request #473 from jmcarp/oidc-name
...
Add OpenID Connect provider name.
2017-10-13 09:10:44 -04:00
Jehiah Czebotar
f6828631cf
Merge pull request #472 from jmcarp/drop-myusa
...
Drop deprecated MyUSA provider.
2017-10-08 13:05:15 -04:00