Jehiah Czebotar
dcf62d06df
option for skipping OAuth provider SSL verification
2017-03-29 10:57:07 -04:00
Omar Elazhary
24f91a0b60
Allow to pass user headers only (issue #205 )
...
* This fixes https://github.com/bitly/oauth2_proxy/issues/205
* Add new boolean option -pass-user-headers
to control whether X-Forwarded-User and X-Forwarded-Email
headers will be set (as opposed to HTTP BASIC auth)
* This is required e.g. for grafana [1] where
X-Forwarded-User is needed but HTTP BASIC auth fails
(password is not known and must not be known in this scenario)
* Keep behaviour of PassBasicAuth unchanged for compatibility
[1] http://docs.grafana.org/installation/configuration/#authproxy
2017-01-24 11:11:58 +01:00
Jehiah Czebotar
cdebfd6436
base64 cookie support
2016-06-20 07:45:43 -04:00
Jehiah Czebotar
57f82ed71e
Custom footer text (optional)
...
Closes #256 and #166
2016-06-18 23:54:32 -04:00
Jehiah Czebotar
168cff9d4b
Merge pull request #161 from rahdjoudj/master
...
adding option to skip provider button sign_in page
2016-06-18 23:31:39 -04:00
Eelco Cramer
10f47e325b
Add Azure Provider
2016-01-20 03:57:17 -05:00
Mike Bland
e4626c1360
Sign Upstream requests with HMAC. closes #147
2015-11-15 22:09:30 -05:00
Reda Ahdjoudj
35547a40cb
adding option to skip provider button sign_in page
2015-11-11 11:42:35 +11:00
Brandon Philips
6db18804f3
*: rename Oauth to OAuth
...
Be consistent with Go capitalization styling and use a single way of
spelling this across the tree.
2015-11-09 00:57:01 +01:00
Jeppe Toustrup
ffeccfe552
Add support for serving static files from a directory
...
The path should be provided as a file:// url with the full operating system path.
An alias to where the directory is available as can be specified by appending
a fragment (ie. "#/static/") at the end of the URL.
2015-09-24 15:37:45 +02:00
Justin Burnham
3fd8f911c2
google: Support restricting access to a specific group(s)
2015-09-09 02:10:32 -07:00
Ed Bardsley
33045a792b
Add a flag to set the value of "approval_prompt".
...
By setting this to "force", certain providers, like Google,
will interject an additional prompt on every new session. With other values,
like "auto", this prompt is not forced upon the user.
2015-07-31 00:43:47 -07:00
Justin Burnham
7dd5d299e1
Add support for setting the basic auth password.
...
For tools that don't like empty passwords, this change allows
one to set a shared secret password for all users.
2015-07-24 09:17:43 +00:00
Jehiah Czebotar
aa0a725a3a
Readme: doc updates
2015-06-23 14:01:05 -04:00
Jehiah Czebotar
d78aa13464
v2.0 & cleanup changes
...
* bump version to 2.0
* remove --cookie-https-only option
* add windows build to dist.sh
* rename --cookie-key to --cookie-name
2015-06-12 13:07:26 -04:00
Jehiah Czebotar
f5b2b20f67
support TLS directly
2015-06-07 23:14:48 -04:00
Jehiah Czebotar
56d19b1c84
disable email validation; rename email-domain argument
...
This adds a "*" option to --email-domain to disable email validation, and this renames `--google-apps-domain` to `--email-domain` for clarity across providers
2015-06-06 14:37:54 -04:00
tonymeng
c5ccd43767
Enable specific oauth2proxy path; change cookie name to _oauth2proxy
2015-06-06 14:21:42 -04:00
Jehiah Czebotar
b96a078839
Project Rename -> oauth2_proxy
2015-05-21 02:55:04 -04:00
Jehiah Czebotar
37b38dd2f4
Github provider
2015-05-21 02:21:19 -04:00
Mike Bland
2808ba7beb
Update cookie-refresh doc string
2015-05-11 09:55:07 -04:00
Mike Bland
082b7c0ec8
Set cookie-refresh flag = 0; update README, config
2015-05-09 17:36:17 -04:00
Mike Bland
72857018ee
Introduce validate-url
flag/config
2015-05-08 17:13:35 -04:00
Mike Bland
8e2d83600c
Implement cookie auto-refresh
...
The intention is to refresh the cookie whenever the user accesses an
authenticated service with less than `cookie-refresh` time to go before the
cookie expires.
2015-05-08 14:05:09 -04:00
Mike Bland
ad3c9a886f
Pass the access token to the upstream client
...
This is accomplished by encoding the access_token in the auth cookie and
unpacking it as the X-Forwarded-Access-Token header for upstream requests.
2015-04-03 15:32:01 -04:00
Mike Bland
d9a945ebc3
Integrate Provider into Options and OauthProxy
2015-03-31 09:34:50 -04:00
Jehiah Czebotar
6b771fdd9e
show Go version
2015-03-19 23:03:00 -04:00
Jehiah Czebotar
b9b5e817fc
improve request logging (closer to Apache Common Log)
2015-03-19 22:34:01 -04:00
Jehiah Czebotar
de04e0c519
rename cookie secure flag
2015-03-19 14:08:17 -04:00
Jehiah Czebotar
2b2324e410
support (optional) custom templates
2015-03-17 18:11:58 -04:00
Jehiah Czebotar
263e16eeea
add --proxy-host-header option
2015-03-17 15:53:01 -04:00
David Howden
975c7173c2
Added scheme parsing to http-address param
...
Can now listen for HTTP clients on unix sockets (and any other Go-supported stream oriented network - see golang.org/pkg/net/#Listen). Default behaviour is unchanged, any http-address without a scheme is given the default of tcp.
Amended the README so that the usage output is up to date.
2015-02-11 14:51:57 +11:00
Tom Taylor
132e3d91d6
Add flag to enable/disable cookie's HttpOnly flag.
2015-01-19 16:00:49 +00:00
vishnu chilamakuru
c4d25d271f
Adding Support for multi white listed urls with regex url match.
2015-01-12 14:48:41 +05:30
drew
69804e588a
Allow hiding custom login UI even if an htpasswd file is provided.
2014-12-09 14:38:57 -06:00
Jehiah Czebotar
1c5a01cb7b
test/fix environment var parsing
2014-11-14 23:15:27 -05:00
Jehiah Czebotar
1f515eba3c
options bug fixes; set https cookies on by default
2014-11-09 22:21:46 -05:00
Jehiah Czebotar
9060feb436
better environment parsing
2014-11-09 21:12:36 -05:00
Jehiah Czebotar
d4fe9a4f57
Add config file support
2014-11-09 20:33:12 -05:00
Jehiah Czebotar
b8ef5107de
pretty styling of sign in page
2014-11-09 00:42:49 -05:00
Jehiah Czebotar
bc26835076
always set httponly (there is no good reason not to); simplify httponly and expire flags
2014-11-08 14:32:35 -05:00
Igor Dolgiy
6cdf05e7f2
Added cookie settings
2014-11-08 13:35:45 -05:00
Jehiah Czebotar
590e0b527c
bump to 0.1.0
2014-08-07 20:50:16 +00:00
Jehiah Czebotar
98fb800de4
update to new scopes
2014-08-07 20:49:28 +00:00
drew
964929a56d
Allow specifying multiple google apps domains.
2014-05-22 08:45:31 -05:00
Kevin Lamontagne
7dc5b691e7
secrets as environment variables. closes #5
2013-07-30 17:32:27 -04:00
Jehiah Czebotar
e3002667fc
readme example updates
2012-12-26 21:53:02 +00:00
Jehiah Czebotar
42f539109e
testing
2012-12-17 13:38:33 -05:00
Jehiah Czebotar
fb636396a3
initial code import
2012-12-10 20:59:23 -05:00