Commit Graph

636 Commits

Author SHA1 Message Date
Eskil Andreen
652f43ed38 Skip 404 errors when looking up Google groups
When checking user membership against Google groups the groups are checked one
at a time and in the order that they were supplied. If one of the groups does
not exist then the checking is halted with the following error.

google.go:201: googleapi: Error 404: Resource Not Found: groupKey, notFound

None of the groups following the missing group are checked either. This means
that something as trivial as a typo in the first group will make it impossible
for anybody to login.

This change catches the 404, logs a message, and then carries on as usual. In
this way a typo will cause a particular group to stop working but will not
affect any other groups.
2017-03-28 16:06:15 +02:00
Jehiah Czebotar
712739f777 Merge pull request #356 from jehiah/bump_dependencies_356
Update vendored dependencies.
2017-03-27 21:07:08 -04:00
Jehiah Czebotar
2ebab604eb bump golang.org/x/... and google.golang.org dependencies 2017-03-27 20:56:15 -04:00
Jehiah Czebotar
b884b36f26 bump easy pkg upgrades; drop Go 1.6 (no httptest.NewRequest)
This fixes a test w request signing due to a content-length:0 header from Go 1.8
2017-03-27 20:36:35 -04:00
Jehiah Czebotar
951b5f325b Merge pull request #355 from ploxiln/dist_updates
dist.sh and Godeps updates
2017-03-27 20:16:44 -04:00
Pierce Lopez
9167c8ace8 travis: update go versions, gpm version 2017-03-27 19:40:12 -04:00
Pierce Lopez
a2eeec2b7a Godeps: remove redundant dep, add missing
golang.org/x/oauth2/google is same repo as golang.org/x/oauth2
  - this sometimes confused gpm/git

cloud.google.com/go/compute/metadata is a missing dependency
of golang.org/x/oauth2
2017-03-27 19:17:42 -04:00
Pierce Lopez
2024dc34ac dist.sh: run gpm with GOPATH=$DIR/.godeps
so gpm is not affected if module exists in user's GOPATH already
2017-03-27 19:13:05 -04:00
Pierce Lopez
86c9638572 dist.sh: already uses set "-e", remove "|| exit 1" 2017-03-27 18:16:39 -04:00
Jehiah Czebotar
7d920c98a6 Merge pull request #354 from ploxiln/dist_win_exe
dist.sh: add .exe for windows build
2017-03-27 14:49:40 -04:00
Pierce Lopez
bc3fe00be4 dist.sh: add .exe for windows build 2017-03-27 14:35:28 -04:00
Jehiah Czebotar
87847316d4 Merge pull request #349 from braincube-io/signout
[signout] Implement logout endpoint
2017-03-22 23:08:47 -04:00
Guillaume Bienkowski
562cc2e466 [signout] Implement logout endpoint 2017-03-21 17:40:47 +01:00
Brian Dwyer
3379e05fec Oversize Cookie Alert
Cookies cannot be larger than 4kb
2017-02-23 18:48:34 -05:00
Omar Elazhary
24f91a0b60 Allow to pass user headers only (issue #205)
* This fixes https://github.com/bitly/oauth2_proxy/issues/205
* Add new boolean option -pass-user-headers
  to control whether X-Forwarded-User and X-Forwarded-Email
  headers will be set (as opposed to HTTP BASIC auth)
* This is required e.g. for grafana [1] where
  X-Forwarded-User is needed but HTTP BASIC auth fails
  (password is not known and must not be known in this scenario)
* Keep behaviour of PassBasicAuth unchanged for compatibility

[1] http://docs.grafana.org/installation/configuration/#authproxy
2017-01-24 11:11:58 +01:00
Jehiah Czebotar
89ba1d813a Merge pull request #322 from ReadmeCritic/master
Correct the spelling of GitHub in README
2016-11-18 13:00:22 -05:00
ReadmeCritic
4203c26d7c Correct the spelling of GitHub in README 2016-11-18 09:31:22 -08:00
Jehiah Czebotar
a9c55bd6d1 Merge pull request #299 from tamsky/fix-travis-vs-upstream-golang-dependency
repo golang.org/x/oauth2/google has moved, fixes travis build
2016-08-24 22:01:54 -04:00
Marc Tamsky
e0a1831452 upstream vendor import paths have changed.
this fixes the travis build, which is broken
2016-08-24 16:58:38 -07:00
Jehiah Czebotar
a0e4a36821 Merge pull request #292 from nickmiller-wf/redact-access-token
Strip sensitive URL parameters from provider log output
2016-08-02 23:19:22 -04:00
nickmiller-wf
c566648127 add stripParam and stripToken methods to obfuscate log output 2016-08-02 21:01:44 -06:00
Jehiah Czebotar
78f2fe1306 Merge pull request #290 from MarkHerhold/patch-2
Adding skip-provider-button docs
2016-07-30 23:16:30 -04:00
Mark Herhold
116b84906e Adding skip-provider-button docs 2016-07-30 22:34:28 -04:00
Jehiah Czebotar
2f0f95b523 Merge pull request #279 from tanuck/bump-travis-version
Bump travis version
2016-07-19 16:41:44 -04:00
James Tancock
6cbc339442
Bump travis version 2016-07-19 21:29:19 +01:00
tanuck
c015075996 Validate cookie name (#278)
Validate cookie name passes go's isCookieNameValid check
2016-07-19 15:51:25 -04:00
Nick Semenkovich
17f412e407 docs: working nginx auth_request example (#273) 2016-07-05 09:38:34 -04:00
Jehiah Czebotar
da0bb7656a Merge pull request #274 from ElDiabloComputatore/Azure_provider_mail_fix
Getting mail for Azure provider fix + tests
2016-07-03 21:50:51 -04:00
Jehiah Czebotar
9babca599b bump version to 2.2.0-alpha 2016-07-03 21:50:38 -04:00
Tomas Pramuka
5acf96b75d Getting mail for Azure provider fix + tests 2016-06-29 09:00:08 +02:00
Jehiah Czebotar
f9e649456b Merge pull request #272 from semenko/master
Fix documentation for auth_request directive
2016-06-27 21:19:00 -04:00
Nick Semenkovich
56bf3f8add Fix documentation for auth_request directive
The correct endpoint is /oauth2/auth
2016-06-27 20:10:22 -05:00
Jehiah Czebotar
a66f7c50ea Merge pull request #193 from jehiah/release_193
A new tag
2016-06-23 10:11:59 -04:00
Jehiah Czebotar
671f00e60e
cookie secret: give helper command for generating a secret 2016-06-23 09:42:32 -04:00
Jehiah Czebotar
3bba24ab31
Bump verison to 2.1 2016-06-23 09:35:33 -04:00
Jehiah Czebotar
27cc412d79
bump go-options dependency 2016-06-23 09:34:53 -04:00
Jehiah Czebotar
4c6b579480 Merge pull request #270 from jehiah/fb_provider_270
Facebook auth Provider
2016-06-23 08:48:25 -04:00
Jehiah Czebotar
a0763477c5
Facebook Authentication Provider
* will not re-prompt if the email permission is denied, or if you previously authorized the same FB app without the email scope.
2016-06-23 08:43:21 -04:00
Jehiah Czebotar
3a79827af2 Merge pull request #199 from hundt/master
Add URL fragment to sign-in form
2016-06-20 08:42:36 -04:00
Jehiah Czebotar
f6778c79f8 Merge pull request #251 from bluecmd/patch-2
Remove superfluous quotes from config path
2016-06-20 08:20:13 -04:00
Jehiah Czebotar
9b68e8be8d Merge pull request #269 from jehiah/github_enterprise_269
github enterprise provider
2016-06-20 08:17:20 -04:00
Jehiah Czebotar
bcb8064831
github: fix github enterprise support 2016-06-20 08:15:07 -04:00
Jehiah Czebotar
2fa0a35c7f Merge pull request #227 from jehiah/base64_cookie_encoding_227
Cookie secret encoding?
2016-06-20 07:48:38 -04:00
Jehiah Czebotar
cdebfd6436
base64 cookie support 2016-06-20 07:45:43 -04:00
Jehiah Czebotar
57f82ed71e
Custom footer text (optional)
Closes #256 and #166
2016-06-18 23:54:32 -04:00
Jehiah Czebotar
168cff9d4b Merge pull request #161 from rahdjoudj/master
adding option to skip provider button sign_in page
2016-06-18 23:31:39 -04:00
Jehiah Czebotar
fe143ca9e8 Merge pull request #257 from jhoblitt/bugfix/mktemp
fix dist.sh compatibility with GNU coreutils mktemp
2016-06-18 23:24:04 -04:00
Joshua Hoblitt
0a7a90b7a8 fix dist.sh compatibility with GNU coreutils mktemp
Resolves this error:

    mktemp: too few X's in template ‘oauth2_proxy’
2016-05-26 11:00:50 -07:00
Jehiah Czebotar
a631197138 Merge pull request #249 from rremer/update-golang
fix master build by upgrading with supported golang versions
2016-05-26 12:49:14 -04:00
Christian Svensson
d579db4a2d Remove superfluous quotes from config path
Using -config="path" will make the application try to open paths with the quotes included which is not what is expected.
2016-05-15 23:22:39 +02:00