Commit Graph

156 Commits

Author SHA1 Message Date
ferhat elmas
fb52bdb90c Fix some typos 2019-08-13 12:42:23 +02:00
jansinger
7134d22bcc New flag "-ssl-upstream-insecure-skip-validation" (#234)
* New flag "-ssl-upstream-insecure-skip-validation" to skip SSL validation for upstreams with self generated / invalid SSL certificates.

* Fix tests for modified NewReverseProxy method.

* Added change to the changelog.

* Remove duplicate entries from changelog.
2019-08-07 17:48:53 +01:00
Karl Skewes
4e10cc76e0 Add silence ping logging flag using ExcludePath
- Add `ping-path` option to enable switching on and passing to `logger.go`
  Default remains unchanged at: `"/ping"`
- Add note in configuration.md about silence flag taking precedence

Potential tests:
- `options.go` sets `logger.SetExcludePath` based on silence flag?
- Changing `PingPath` reflected in router?
2019-07-16 09:46:53 +12:00
Joel Speed
630db3769b
Merge branch 'master' into refactor 2019-07-15 11:30:43 +01:00
Henry Jenkins
aa37564655
Merge branch 'master' into banner-flag 2019-07-02 14:03:21 +01:00
Henry Jenkins
924eab6355 Adds banner flag
This is to override what's displayed on the main page.
2019-06-25 16:41:51 +01:00
Henry Jenkins
d24aacdb5c Fix lint errors 2019-06-23 21:39:13 +01:00
Brian Van Klaveren
bd651df3c2 Ensure groups in JWT Bearer tokens are also validated
Fix a minor auth logging bug
2019-06-20 13:40:04 -07:00
Brian Van Klaveren
5a50f6223f Do not infer username from email 2019-06-17 12:58:40 -07:00
Brian Van Klaveren
2f6dcf3b5f Move refreshing code to block acquiring cookied session 2019-06-17 12:52:44 -07:00
Brian Van Klaveren
58b06ce761 Fall back to using sub if email is none (as in PR #57) 2019-06-17 12:52:13 -07:00
Brian Van Klaveren
187960e9d8 Improve token pattern matching
Unit tests for token discovery
2019-06-17 12:52:13 -07:00
Brian Van Klaveren
8083501da6 Support JWT Bearer Token and Pass through 2019-06-17 12:51:35 -07:00
Joel Speed
6366690927
Fix gofmt for changed files 2019-06-15 11:34:00 +02:00
Joel Speed
fb9616160e
Move logger to pkg/logger 2019-06-15 11:33:58 +02:00
Joel Speed
d1ef14becc
Move cookie to pkg/encryption 2019-06-15 11:33:57 +02:00
Adam Eijdenberg
d69560d020 No need for case when only 2 conditions 2019-06-15 18:48:27 +10:00
Adam Eijdenberg
f35c82bb0f The AuthOnly path also needs the response headers set 2019-06-07 14:25:12 +10:00
Adam Eijdenberg
9e59b4f62e Restructure so that serving data from upstream is only done when explicity allowed, rather
than as implicit dangling else
2019-06-07 13:50:44 +10:00
Joel Speed
093f9da881
Move cipher creation to options and away from oauth2_proxy.go 2019-05-20 11:26:13 +02:00
Joel Speed
37e31b5f09
Remove dead code 2019-05-20 11:26:11 +02:00
Joel Speed
c61f3a1c65
Use SessionStore for session in proxy 2019-05-20 11:26:10 +02:00
Joel Speed
fbee5eae16
Initialise SessionStore in Options 2019-05-20 11:26:04 +02:00
Joel Speed
2ab8a7d95d
Move SessionState to its own package 2019-05-18 13:09:56 +02:00
timothy-spencer
1a8bd70b46
fixing code redemption error string logging 2019-05-07 10:47:15 -07:00
Mister Wil
9eaa9fdcbf
Standardizing log messages to colons 2019-04-23 09:36:18 -07:00
MisterWil
d77119be55 Merging changes 2019-04-12 09:26:44 -07:00
MisterWil
c22731afa0 Fixed linting errors. 2019-04-12 08:59:46 -07:00
MisterWil
37c415b889 Self code review changes 2019-04-12 08:59:46 -07:00
MisterWil
8ec025f536 Auth and standard logging with file rolling 2019-04-12 08:59:46 -07:00
Costel Moraru
071d17b521 Expose -cookie-path as configuration parameter 2019-04-10 00:36:35 +03:00
gyson
978c0a33e4 Improve websocket support 2019-03-22 17:19:38 -04:00
Patrick Koenig
6f9eac5190
Set redirect URL path when host is present 2019-03-20 09:25:04 -07:00
einfachchr
f715c9371b Fixes deletion of splitted cookies - Issue #69 (#70)
* fixes deletion of splitted cookies

* three minor adjustments to improve the tests

* changed cookie name matching to regex

* Update oauthproxy.go

Co-Authored-By: einfachchr <einfachchr@gmail.com>

* removed unused variable

* Changelog
2019-03-15 07:18:37 +00:00
Joel Speed
e195a74e26
Revert OAuthCallbackPath 2019-03-12 16:46:37 +00:00
Adam Szalkowski
c7193b4085 Merge websocket proxy feature from openshift/oauth-proxy. Original author: Hiram Chirino <hiram@hiramchirino.com> 2019-03-11 14:05:16 +01:00
dt-rush
549766666e fix redirect url param handling (#10)
* Added conditional to prevent user-supplied redirect URL getting
clobbered

Change-type: patch

* use redirectURL as OAuthCallbackURL (as it should be!)

Change-type: patch
2019-03-05 14:58:26 +00:00
David Holsgrove
2280b42f59 Access token forwarding through nginx auth request (#68)
* Access token forwarding through nginx auth request

Related to #420.

(cherry picked from commit b138872bea)
Signed-off-by: David Holsgrove <david.holsgrove@biarri.com>

* Improved documentation for auth request token

(cherry picked from commit 6fab314f72)
Signed-off-by: David Holsgrove <david.holsgrove@biarri.com>

* Update README.md

Example should set header as `X-Access-Token`

Co-Authored-By: davidholsgrove <davidholsgrove@users.noreply.github.com>

* Update Changelog to reference https://github.com/pusher/oauth2_proxy/pull/68

* Fix Changelog message location
2019-02-22 07:49:57 +00:00
Joel Speed
fb13ee87c8
Merge pull request #34 from marratj/cookie-separator
Change cookie index separator to underscore
2019-02-03 13:21:51 +00:00
Joel Speed
fa2545636b
Merge pull request #15 from pusher/whitelist-domains
Whitelist domains
2019-02-02 18:55:37 +00:00
Marcel Juhnke
a339baf94e change cookie index separator to underscore 2019-01-31 20:07:28 +01:00
Cosmin Cojocar
3326194422 Extract the application/json mime type into a const 2019-01-31 16:23:01 +01:00
Cosmin Cojocar
c12db0ebf7 Returns HTTP unauthorized for ajax requests instead of redirecting to the sing-in page 2019-01-31 16:23:01 +01:00
Steve Arch
01c5f5ae3b Implemented flushing interval (#23)
* Implemented flushing interval

When proxying streaming responses, it would not flush the response writer buffer until some seemingly random point (maybe the number of bytes?). This makes it flush every 1 second by default, but with a configurable interval.

* flushing CHANGELOG

* gofmt and goimports
2019-01-31 14:02:15 +00:00
Joel Speed
bc4d5941fc
Remove duplicated logic 2019-01-30 17:30:48 +00:00
Joel Speed
2a1691a994
Add whitelist domains flag 2019-01-30 17:30:40 +00:00
Steve Arch
090ff11923 redirect to original path after login (#24)
* redirect to original path after login

* tests for new redirect behaviour

* fixed comment

* added redirect fix to changelog
2019-01-29 12:13:02 +00:00
Joel Speed
714e2bdfba
Fix cookie split should account for cookie name 2019-01-22 11:34:55 +00:00
Joel Speed
d4b588dbe9
Split large cookies 2019-01-22 11:34:54 +00:00
Joel Speed
68d4164897
Add Authorization header flags 2019-01-22 11:34:23 +00:00