github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-09 01:47:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
527 Commits 2 Branches 0 Tags
0ba41e312a2cc6daec319d3f643add503e6468cf
Commit Graph

527 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Trong Huu Nguyen
0ba41e312a feat(handler): local logout returns 204 instead of redirect 
Redirecting after local logout introduces the possibility of matching a
path that automatically performs login, which for a local logout means
the user is automatically logged in again due to having an SSO session -
which nullifies the whole logout operation.

Applications that want local logout must trigger and handle the response
just like any other API call.
 2023-04-21 16:25:26 +02:00
Trong Huu Nguyen
9f14c94849 build: move tests and checks out from dockerfile 2023-04-21 16:13:09 +02:00
Trong Huu Nguyen
fba165552d feat(router): disable local logout endpoint for idporten 2023-04-21 15:34:33 +02:00
Trong Huu Nguyen
0ba124809a feat(handler): local logout redirects back to preconfigured URL 2023-04-21 15:21:02 +02:00
Trong Huu Nguyen
c308efb3ef docs: fix notes on refresh tokens and inactivity [ci skip] 2023-04-19 13:34:53 +02:00
Trong Huu Nguyen
19b2401831 feat(metrics): add authentication method reference label for successful logins 2023-04-18 12:20:23 +02:00
Trong Huu Nguyen
47218da6d2 refactor(openid): simplify parameter handling for auth url 2023-04-18 11:16:50 +02:00
dependabot[bot]
1e6eed5f53 build(deps): bump github.com/prometheus/client_golang (#90) 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-17 20:07:08 +00:00
dependabot[bot]
bbc91d5838 build(deps): bump github.com/rs/cors from 1.8.3 to 1.9.0 (#91) 
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.3 to 1.9.0.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.8.3...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-17 19:59:57 +00:00
J-K. Solbakken
890159c166 use verified distroless images 2023-04-13 15:09:11 +02:00
Trong Huu Nguyen
9eeb6f5e96 feat(router): root path for sso server should redireect to login 2023-04-13 14:30:21 +02:00
Trong Huu Nguyen
bab62c072b feat(handler/sso/server): return not found instead of redirect for wildcard handler 2023-04-13 14:20:38 +02:00
Trong Huu Nguyen
5ad603395c fix(handler/sso/proxy): override request path for reverseproxy to sso-server 2023-04-13 14:19:48 +02:00
Trong Huu Nguyen
9cb648917b fix(handler/sso/proxy): only set default query parameters for login handler 2023-04-13 09:20:34 +02:00
Trong Huu Nguyen
a2d8d6f7c3 fix(router): register OPTIONS routes for CORS middleware 2023-04-13 09:03:04 +02:00
Trong Huu Nguyen
163d9e42ad fix(handler/reverseproxy): preserve inbound forwarded/x-forwarded headers 2023-04-12 15:05:55 +02:00
Trong Huu Nguyen
b3eac4b118 build: go mod tidy 2023-04-11 14:45:13 +02:00
Trong Huu Nguyen
b36942c38b ci: add workflow for auto-merging dependabot PRs 2023-04-11 14:39:44 +02:00
Trong Huu Nguyen
ba6f689056 build(deps): bump 2023-04-11 14:35:04 +02:00
Trong Huu Nguyen
37557ddf2f ci: only run codeql on schedule 2023-04-11 09:59:02 +02:00
Trong Huu Nguyen
765d4e34b1 refactor(url): extract cleaner and validators to separate implementations 2023-04-11 09:58:35 +02:00
Trong Huu Nguyen
ec4ac2b8e9 fix(redis): set ConnMaxIdleTime, not ConnMaxLifetime 2023-03-29 21:43:11 +02:00
Trong Huu Nguyen
10fd7f2b6c ci: remove race detector 2023-03-29 10:03:37 +02:00
Trong Huu Nguyen
e761810630 feat(redis): allow configuration of idle connection timeout 2023-03-29 09:55:17 +02:00
Trong Huu Nguyen
ef8c7d2cca feat(sso/server): redirect to login for wildcard handler 2023-03-29 09:55:16 +02:00
Trong Huu Nguyen
323362073f ci: enable race detector and shuffle for tests 2023-03-29 09:55:16 +02:00
dependabot[bot]
bd09b827f8 build(deps): bump sigstore/cosign-installer (#82) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-28 08:26:16 +02:00
Trong Huu Nguyen
bf964e42f2 build(deps): bump 2023-03-21 09:22:12 +01:00
Trong Huu Nguyen
c72093dda9 fix(handler/sso/proxy): use correct query for login url 2023-03-21 09:11:31 +01:00
Trong Huu Nguyen
fd73a0a83e refactor(openid/config): more descriptive error message for unsupported values 2023-03-21 09:11:30 +01:00
J-K. Solbakken
19714e75b8 document image signing 2023-03-17 15:02:11 +01:00
J-K. Solbakken
2654f6d317 corrected copypasta error 2023-03-17 14:24:34 +01:00
J-K. Solbakken
57f3fa0b7d sign and attest 2023-03-17 13:52:48 +01:00
Jan-Kåre Solbakken
31961cf96f Merge pull request #77 from nais/dependabot/go_modules/github.com/alicebob/miniredis/v2-2.30.1 
build(deps): bump github.com/alicebob/miniredis/v2 from 2.30.0 to 2.30.1
 2023-03-13 21:02:34 +01:00
dependabot[bot]
a3585895c1 build(deps): bump github.com/alicebob/miniredis/v2 from 2.30.0 to 2.30.1 
Bumps [github.com/alicebob/miniredis/v2](https://github.com/alicebob/miniredis) from 2.30.0 to 2.30.1.
- [Release notes](https://github.com/alicebob/miniredis/releases)
- [Changelog](https://github.com/alicebob/miniredis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/alicebob/miniredis/compare/v2.30.0...v2.30.1)

---
updated-dependencies:
- dependency-name: github.com/alicebob/miniredis/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-13 19:58:41 +00:00
Trong Huu Nguyen
c8a887dd01 build: bump to go version 1.20.2 2023-03-08 14:22:16 +01:00
Trong Huu Nguyen
2116f8d23b build(deps): bump golang.org/x/oauth2 from 0.5.0 to 0.6.0 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-08 13:43:43 +01:00
dependabot[bot]
4ab4b54bfe build(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-08 13:43:26 +01:00
dependabot[bot]
db499229de build(deps): bump github.com/bsm/redislock from 0.9.0 to 0.9.1 
Bumps [github.com/bsm/redislock](https://github.com/bsm/redislock) from 0.9.0 to 0.9.1.
- [Release notes](https://github.com/bsm/redislock/releases)
- [Changelog](https://github.com/bsm/redislock/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bsm/redislock/compare/v0.9.0...v0.9.1)

---
updated-dependencies:
- dependency-name: github.com/bsm/redislock
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-08 13:43:23 +01:00
Trong Huu Nguyen
20e733d9f2 ci/dependabot: remove PR limit, add docker 2023-03-08 13:01:52 +01:00
Trong Huu Nguyen
da05c7808d build: add trimpath and ldflags to trim resulting binary 2023-03-08 12:55:17 +01:00
Trong Huu Nguyen
3dc3c1dee5 feat(sso/server): return not found instead of redirect for wildcard handler 2023-03-08 12:53:25 +01:00
Trong Huu Nguyen
07cf8e12b3 feat(cookie): support overriding session cookie name 2023-03-01 11:27:26 +01:00
Trong Huu Nguyen
133d3fd855 refactor(middleware/logentry): ignore ping route 2023-03-01 10:11:37 +01:00
Trong Huu Nguyen
a375ac774d feat(router): add ping route for health probes 2023-03-01 09:27:06 +01:00
dependabot[bot]
27bc5aee60 build(deps): bump honnef.co/go/tools from 0.4.0 to 0.4.2 (#72) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-28 08:12:28 +01:00
dependabot[bot]
f720842e03 build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#73) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-28 08:04:38 +01:00
Trong Huu Nguyen
7c21af2d58 build: clean up dockerfile and compose setup, use distroless image 2023-02-27 14:13:57 +01:00
Trong Huu Nguyen
442e056b26 refactor(handler): inline error handler, remove unnecessary getters 2023-02-24 19:24:02 +01:00
Trong Huu Nguyen
f346e9e91d refactor(router): use a more apt name for wildcard handler 2023-02-24 18:33:41 +01:00