Joel Speed
|
874c147e04
|
Fix tls-key-file and tls-cert-file consistency
|
2019-07-15 12:01:44 +01:00 |
|
Joel Speed
|
bdcdfb74f9
|
Update docs and changelog
|
2019-07-15 12:01:43 +01:00 |
|
Joel Speed
|
f0d006259e
|
Ensure all options use a consistent format for flag vs cfg vs env
|
2019-07-15 11:59:46 +01:00 |
|
Joel Speed
|
6311fa2950
|
Merge pull request #187 from pusher/refactor
Move root packages to pkg folder
|
2019-07-15 11:43:50 +01:00 |
|
Joel Speed
|
630db3769b
|
Merge branch 'master' into refactor
|
2019-07-15 11:30:43 +01:00 |
|
Joel Speed
|
4bc0a91e2e
|
Merge pull request #210 from steakunderscore/alpine-3-10
Update to Alpine 3.10
|
2019-07-15 11:25:12 +01:00 |
|
Henry Jenkins
|
179ee6c2db
|
Update CHANGELOG
|
2019-07-14 13:51:46 +01:00 |
|
Henry Jenkins
|
e92e2f0cb4
|
Update CHANGELOG
|
2019-07-14 13:32:37 +01:00 |
|
Henry Jenkins
|
27bdb194b1
|
Update to Alpine 3.10
|
2019-07-13 22:14:05 +01:00 |
|
Henry Jenkins
|
c98ff79aba
|
Update other docker files
|
2019-07-13 22:12:20 +01:00 |
|
Henry Jenkins
|
e245ef4854
|
Switch from dep to go mod
Update modules to avoid issues with golangci-lint
|
2019-07-13 21:54:45 +01:00 |
|
Joel Speed
|
a83c5eabb6
|
Merge pull request #159 from djfinlay/wip/allow-unverified-email
Create option to skip verified email check in OIDC provider
|
2019-07-11 16:38:17 +01:00 |
|
Daryl Finlay
|
9823971b7d
|
Make insecure-oidc-allow-unverified-email configuration usage consistent
|
2019-07-11 15:58:31 +01:00 |
|
Daryl Finlay
|
776d063b98
|
Update changelog to include --insecure-oidc-allow-unverified-email
|
2019-07-11 15:30:57 +01:00 |
|
Daryl Finlay
|
39b6a42d43
|
Mark option to skip verified email check as insecure
|
2019-07-11 15:29:48 +01:00 |
|
Daryl Finlay
|
018a25be04
|
Create option to skip verified email check in OIDC provider
|
2019-07-11 15:29:48 +01:00 |
|
Joel Speed
|
ecd0f89c84
|
Merge pull request #206 from nniikkoollaaii/feature/update_docs_nginx_auth_request
update configuration.md auth_request section
|
2019-07-10 09:38:21 +01:00 |
|
Seip, Nikolai
|
387a7267e1
|
update configuration.md auth_request section
|
2019-07-10 10:26:31 +02:00 |
|
Joel Speed
|
4eefc01600
|
Merge pull request #195 from steakunderscore/banner-flag
Adds banner flag
|
2019-07-04 11:24:16 +01:00 |
|
Henry Jenkins
|
aa37564655
|
Merge branch 'master' into banner-flag
|
2019-07-02 14:03:21 +01:00 |
|
Joel Speed
|
85c5cef783
|
Merge pull request #198 from steakunderscore/switch_to_golangci-lint
Switch linter to golangci-lint
|
2019-07-01 16:37:26 +01:00 |
|
hjenkins
|
ce7e384095
|
Remove TODO vetshadow as it's part of govet
|
2019-07-01 16:27:19 +01:00 |
|
Henry Jenkins
|
b9cfa8f49f
|
Add changelog entry
|
2019-06-25 16:42:24 +01:00 |
|
Henry Jenkins
|
924eab6355
|
Adds banner flag
This is to override what's displayed on the main page.
|
2019-06-25 16:41:51 +01:00 |
|
Henry Jenkins
|
5bcb998e6b
|
Update changelog
|
2019-06-23 21:39:13 +01:00 |
|
Henry Jenkins
|
d24aacdb5c
|
Fix lint errors
|
2019-06-23 21:39:13 +01:00 |
|
Henry Jenkins
|
411adf6f21
|
Switch linter to golangci-lint
|
2019-06-23 20:44:16 +01:00 |
|
Joel Speed
|
317f09f41e
|
Merge pull request #65 from lsst/jwt_bearer_passthrough
JWT bearer passthrough
|
2019-06-21 15:40:34 +01:00 |
|
Brian Van Klaveren
|
3881955605
|
Update unit tests for ValidateGroup
|
2019-06-20 16:57:20 -07:00 |
|
Brian Van Klaveren
|
bd651df3c2
|
Ensure groups in JWT Bearer tokens are also validated
Fix a minor auth logging bug
|
2019-06-20 13:40:04 -07:00 |
|
Brian Van Klaveren
|
058ffd1047
|
Update unit tests for username
|
2019-06-17 13:11:49 -07:00 |
|
Brian Van Klaveren
|
5a50f6223f
|
Do not infer username from email
|
2019-06-17 12:58:40 -07:00 |
|
Brian Van Klaveren
|
100f126405
|
Make JwtIssuer struct private
|
2019-06-17 12:52:44 -07:00 |
|
Brian Van Klaveren
|
2f6dcf3b5f
|
Move refreshing code to block acquiring cookied session
|
2019-06-17 12:52:44 -07:00 |
|
Brian Van Klaveren
|
48dbb391bc
|
Move around CHANGELOG.md update
|
2019-06-17 12:52:44 -07:00 |
|
Brian Van Klaveren
|
54d91c69cc
|
Use logger instead of log
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
350c1cd127
|
Use JwtIssuer struct when parsing
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
58b06ce761
|
Fall back to using sub if email is none (as in PR #57)
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
79acef9036
|
Clarify skip-jwt-bearer-tokens default and add env tags
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
10f65e0381
|
Add a more realistic test for JWT passthrough
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
1ff74d322a
|
Fix imports
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
69cb34a04e
|
Add unit tests for JWT -> session translation
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
187960e9d8
|
Improve token pattern matching
Unit tests for token discovery
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
8413c30c26
|
Update changelog with info about -skip-jwt-bearer-tokens
|
2019-06-17 12:52:13 -07:00 |
|
Brian Van Klaveren
|
b895f49c52
|
Use idToken expiry because that's the time checked for refresh
RefreshSessionIfNeeded checks the token expiry, we want to use
the ID token's expiry
|
2019-06-17 12:51:35 -07:00 |
|
Brian Van Klaveren
|
8083501da6
|
Support JWT Bearer Token and Pass through
|
2019-06-17 12:51:35 -07:00 |
|
Joel Speed
|
0af18d6d7c
|
Merge pull request #141 from openai/googleGroupEmail
Check google group membership based on email address
|
2019-06-15 14:05:56 +02:00 |
|
Joel Speed
|
77e1fff753
|
Merge pull request #185 from jonas/check-against-validate-url-string
Only validate tokens if ValidateURL resolves to a non-empty string
|
2019-06-15 12:30:03 +02:00 |
|
Joel Speed
|
0d6fa6216d
|
Merge pull request #180 from govau/littletidyups
Minor restructure for greater confidence that only authenticated requests are proxied
|
2019-06-15 12:21:54 +02:00 |
|
Joel Speed
|
6366690927
|
Fix gofmt for changed files
|
2019-06-15 11:34:00 +02:00 |
|