Karl Skewes
f00a474d91
Correct tls cert flag name per 186
2019-07-16 11:39:06 +12:00
Karl Skewes
b57d7f77e1
Use ok naming convention for map presence check
2019-07-16 10:06:29 +12:00
Karl Skewes
84da3c3d8c
update changelog with both flags
2019-07-16 10:06:29 +12:00
Karl Skewes
9ed5623f2a
Change env vars to suit incoming PR186
2019-07-16 10:05:10 +12:00
Karl Skewes
7236039b9d
remove remnant from rebase
2019-07-16 10:04:09 +12:00
Karl Skewes
289dfce28a
logger.go ExcludedPaths changed to slice of paths.
...
- `logger.go` convert slice of paths to map for quicker lookup
- `options.go` combines csv paths and pingpath into slice
2019-07-16 10:04:09 +12:00
Karl Skewes
4e10cc76e0
Add silence ping logging flag using ExcludePath
...
- Add `ping-path` option to enable switching on and passing to `logger.go`
Default remains unchanged at: `"/ping"`
- Add note in configuration.md about silence flag taking precedence
Potential tests:
- `options.go` sets `logger.SetExcludePath` based on silence flag?
- Changing `PingPath` reflected in router?
2019-07-16 09:46:53 +12:00
Karl Skewes
08021429ea
formatting and extra test
...
Can probably slim down the `ExcludePath` tests.
2019-07-16 09:43:48 +12:00
Karl Skewes
c4f20fff3d
Add exclude logging path option
...
Useful for excluding /ping endpoint to reduce log volume.
This is somewhat more verbose than a simple bool to disable logging of
the `/ping` endpoint.
Perhaps better to add `-silence-ping-logging` bool flag to `options.go` and
pass in the `/ping` endpoint as part of `logger` declaration in `options.go`.
Could be extended into a slice of paths similar to go-gin's `SkipPaths`:
https://github.com/gin-gonic/gin/blob/master/logger.go#L46
2019-07-16 09:43:47 +12:00
Karl Skewes
ec97000169
Add silence ping logging flag
...
Add ability to silence logging of requests to /ping endpoint, reducing
log clutter
Pros:
- Don't have to change all handlers to set/not set silent ping logging
- Don't have to duplicate `loggingHandler` (this could be preferable yet)
Cons:
- Leaking oauth2proxy logic into `package logger`
- Defining default pingPath in two locations
Alternative:
- Add generic exclude path to `logger.go` and pass in `/ping`.
2019-07-16 09:42:24 +12:00
Joel Speed
e952ab4bdf
Merge pull request #209 from dekimsey/improve-docker-rebuild-caching
...
Move docker dep commands to earlier in the build
2019-07-15 16:09:22 +01:00
Daniel Kimsey
816c2a6da9
Move docker dep commands to earlier in the build
...
This will let Docker cache the results of the vendor dependencies.
Making re-builds during testing faster.
Also clean-up spurious test & rm in ./configure
2019-07-15 10:00:34 -05:00
Joel Speed
d7e88a4718
Merge pull request #186 from pusher/consistent-config
...
Make configuration consistent
2019-07-15 15:35:11 +01:00
Joel Speed
874c147e04
Fix tls-key-file and tls-cert-file consistency
2019-07-15 12:01:44 +01:00
Joel Speed
bdcdfb74f9
Update docs and changelog
2019-07-15 12:01:43 +01:00
Joel Speed
f0d006259e
Ensure all options use a consistent format for flag vs cfg vs env
2019-07-15 11:59:46 +01:00
Joel Speed
6311fa2950
Merge pull request #187 from pusher/refactor
...
Move root packages to pkg folder
2019-07-15 11:43:50 +01:00
Joel Speed
630db3769b
Merge branch 'master' into refactor
2019-07-15 11:30:43 +01:00
Joel Speed
4bc0a91e2e
Merge pull request #210 from steakunderscore/alpine-3-10
...
Update to Alpine 3.10
2019-07-15 11:25:12 +01:00
Henry Jenkins
e92e2f0cb4
Update CHANGELOG
2019-07-14 13:32:37 +01:00
Henry Jenkins
27bdb194b1
Update to Alpine 3.10
2019-07-13 22:14:05 +01:00
Joel Speed
a83c5eabb6
Merge pull request #159 from djfinlay/wip/allow-unverified-email
...
Create option to skip verified email check in OIDC provider
2019-07-11 16:38:17 +01:00
Daryl Finlay
9823971b7d
Make insecure-oidc-allow-unverified-email configuration usage consistent
2019-07-11 15:58:31 +01:00
Daryl Finlay
776d063b98
Update changelog to include --insecure-oidc-allow-unverified-email
2019-07-11 15:30:57 +01:00
Daryl Finlay
39b6a42d43
Mark option to skip verified email check as insecure
2019-07-11 15:29:48 +01:00
Daryl Finlay
018a25be04
Create option to skip verified email check in OIDC provider
2019-07-11 15:29:48 +01:00
Joel Speed
ecd0f89c84
Merge pull request #206 from nniikkoollaaii/feature/update_docs_nginx_auth_request
...
update configuration.md auth_request section
2019-07-10 09:38:21 +01:00
Seip, Nikolai
387a7267e1
update configuration.md auth_request section
2019-07-10 10:26:31 +02:00
Joel Speed
4eefc01600
Merge pull request #195 from steakunderscore/banner-flag
...
Adds banner flag
2019-07-04 11:24:16 +01:00
Henry Jenkins
aa37564655
Merge branch 'master' into banner-flag
2019-07-02 14:03:21 +01:00
Joel Speed
85c5cef783
Merge pull request #198 from steakunderscore/switch_to_golangci-lint
...
Switch linter to golangci-lint
2019-07-01 16:37:26 +01:00
hjenkins
ce7e384095
Remove TODO vetshadow as it's part of govet
2019-07-01 16:27:19 +01:00
Henry Jenkins
b9cfa8f49f
Add changelog entry
2019-06-25 16:42:24 +01:00
Henry Jenkins
924eab6355
Adds banner flag
...
This is to override what's displayed on the main page.
2019-06-25 16:41:51 +01:00
Henry Jenkins
5bcb998e6b
Update changelog
2019-06-23 21:39:13 +01:00
Henry Jenkins
d24aacdb5c
Fix lint errors
2019-06-23 21:39:13 +01:00
Henry Jenkins
411adf6f21
Switch linter to golangci-lint
2019-06-23 20:44:16 +01:00
Joel Speed
317f09f41e
Merge pull request #65 from lsst/jwt_bearer_passthrough
...
JWT bearer passthrough
2019-06-21 15:40:34 +01:00
Brian Van Klaveren
3881955605
Update unit tests for ValidateGroup
2019-06-20 16:57:20 -07:00
Brian Van Klaveren
bd651df3c2
Ensure groups in JWT Bearer tokens are also validated
...
Fix a minor auth logging bug
2019-06-20 13:40:04 -07:00
Brian Van Klaveren
058ffd1047
Update unit tests for username
2019-06-17 13:11:49 -07:00
Brian Van Klaveren
5a50f6223f
Do not infer username from email
2019-06-17 12:58:40 -07:00
Brian Van Klaveren
100f126405
Make JwtIssuer struct private
2019-06-17 12:52:44 -07:00
Brian Van Klaveren
2f6dcf3b5f
Move refreshing code to block acquiring cookied session
2019-06-17 12:52:44 -07:00
Brian Van Klaveren
48dbb391bc
Move around CHANGELOG.md update
2019-06-17 12:52:44 -07:00
Brian Van Klaveren
54d91c69cc
Use logger instead of log
2019-06-17 12:52:13 -07:00
Brian Van Klaveren
350c1cd127
Use JwtIssuer struct when parsing
2019-06-17 12:52:13 -07:00
Brian Van Klaveren
58b06ce761
Fall back to using sub if email is none (as in PR #57 )
2019-06-17 12:52:13 -07:00
Brian Van Klaveren
79acef9036
Clarify skip-jwt-bearer-tokens default and add env tags
2019-06-17 12:52:13 -07:00
Brian Van Klaveren
10f65e0381
Add a more realistic test for JWT passthrough
2019-06-17 12:52:13 -07:00