wonderwall

mirror of https://github.com/nais/wonderwall.git synced 2026-05-09 09:56:48 +00:00

Author	SHA1	Message	Date
Trong Huu Nguyen	25221added	rename callbackparams to logincookie for clarity, ensure logincookie is deleted when no longer needed	2021-09-29 13:27:30 +02:00
Morten Lied Johansen	b60db493ac	Add ClientID to cookie names Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-09-29 10:20:11 +02:00
Trong Huu Nguyen	28b750517b	wip: cookies	2021-09-29 10:00:42 +02:00
Trong Huu Nguyen	11f860d5dd	docs: write an actual readme Co-Authored-By: Morten Lied Johansen <morten.lied.johansen@nav.no> Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-09-29 09:38:52 +02:00
Trong Huu Nguyen	bf8441bb1c	build: bump go to 1.17	2021-09-29 09:22:25 +02:00
Morten Lied Johansen	7869c3368b	Merge pull request #1 from nais/graceful Do graceful shutdown on signals	2021-09-29 09:00:48 +02:00
Morten Lied Johansen	214b14323c	Do graceful shutdown on signals	2021-09-28 21:29:33 +02:00
Trong Huu Nguyen	5160987978	feat: allow user-defined post_logout_redirect_uri	2021-09-10 14:46:28 +02:00
Kyrre Havik	9dc5b08d65	ci: byttet til SRVNAIS_REPO_PUSH_PAT	2021-09-08 14:18:54 +02:00
Trong Huu Nguyen	acc32fe893	fix: log actual errors for callback route	2021-09-08 09:26:26 +02:00
Trong Huu Nguyen	c7040b0284	feat: add feature toggle for authorization locale; allow user-supplied parameter	2021-09-08 09:17:08 +02:00
Trong Huu Nguyen	55002e3cfe	refactor: separate parsing and validation of id_token	2021-09-07 21:30:38 +02:00
Trong Huu Nguyen	09bbc35df7	fix: ensure acr claim exists if security level is enabled	2021-09-06 11:35:55 +02:00
Trong Huu Nguyen	4237e84de3	feat: add feature toggle for security level; allow user-defined levels	2021-09-06 11:05:19 +02:00
Trong Huu Nguyen	e819cc0de1	use host-agnostic path for default zero-config ingress	2021-09-02 12:23:32 +02:00
Kim Tore Jensen	081921d0fa	add http request metrics	2021-09-02 11:16:45 +02:00
Kim Tore Jensen	e0662efa66	default zero-config ingress for testing	2021-08-30 11:50:15 +02:00
Kim Tore Jensen	1aa134ecf0	redirect after successful oauth2 flow - to user-defined location, or referer	2021-08-26 12:54:40 +02:00
Kim Tore Jensen	c1660ad1d0	also unset x-pwned-by when un-authenticated	2021-08-26 12:21:21 +02:00
Trong Huu Nguyen	da4f6dc6a7	use correct session ID for front-channel logout	2021-08-26 10:35:45 +02:00
Trong Huu Nguyen	723f25326c	ping redis on startup; fail on error	2021-08-26 08:33:33 +02:00
Kim Tore Jensen	c76daf61f7	don't set x-pwned-by header for end-users; only upstream	2021-08-25 17:29:09 +02:00
Kim Tore Jensen	679566977e	forward host header correctly	2021-08-25 17:28:46 +02:00
Kent Daleng	8ee87a8a84	get ingresses from naiserator to build router correctly Co-Authored-By: Trong Huu Nguyen <trong.huu.nguyen@nav.no> Co-Authored-By: Kim Tore Jensen <kim.tore.jensen@nav.no>	2021-08-25 13:15:26 +02:00
Trong Huu Nguyen	26a74cb0db	ci: do not push to nais-yaml unless on master	2021-08-25 12:03:23 +02:00
Trong Huu Nguyen	5da34f0139	fix: include id_token_hint on self-initiated logout This is required when including the post_logout_redirect_uri parameter.	2021-08-25 11:55:36 +02:00
Trong Huu Nguyen	e83542b046	fix: prefix local session keys to prevent collisions `sid` is a key that refers to the user's unique SSO session at the Identity Provider, and the same key is present in all tokens acquired by any Relying Party (such as Wonderwall) during that session. Thus, we cannot assume that the value of `sid` to uniquely identify the pair of (user, application session) if using a shared session store.	2021-08-25 11:26:24 +02:00
Trong Huu Nguyen	cb514c2294	refactor: make SessionMaxLifetime configurable	2021-08-25 10:55:53 +02:00
Trong Huu Nguyen	6e45fa804c	refactor: use keygen from liberator	2021-08-25 10:15:45 +02:00
Trong Huu Nguyen	700b6732d7	fix: add acceptable skew for id_token validation	2021-08-25 09:31:21 +02:00
Trong Huu Nguyen	f63bade2b9	chore: remove obsolete fixme, redundant type conversion	2021-08-25 09:29:01 +02:00
Trong Huu Nguyen	de619c6e89	refactor: add constructor for routing handler to deduplicate config	2021-08-25 09:21:40 +02:00
Trong Huu Nguyen	0f160f7f99	fix: generate encryption key if not set	2021-08-25 08:23:19 +02:00
Trong Huu Nguyen	03a14eb2bd	refactor: clean up id_token validation	2021-08-25 08:22:34 +02:00
Kim Tore Jensen	f414470910	support entering encryption key as environment variable	2021-08-24 15:46:55 +02:00
Kim Tore Jensen	d6b6b617d5	deploy only as part of nais-yaml	2021-08-24 14:35:52 +02:00
Kim Tore Jensen	18aaa754c6	makefile for integration tests	2021-08-24 13:11:11 +02:00
Kim Tore Jensen	097f4fd5b2	make redis support configurable	2021-08-24 13:07:57 +02:00
Kim Tore Jensen	94569a6f3c	include redis docker-compose file	2021-08-24 12:58:28 +02:00
Kim Tore Jensen	55f26fb54c	incorporate new session storage code	2021-08-24 12:58:16 +02:00
Kim Tore Jensen	15a7c14324	redis and in-memory session store	2021-08-24 12:49:23 +02:00
Trong Huu Nguyen	2becde51b9	add front-channel logout test Co-Authored-By: Kim Tore Jensen <kim.tore.jensen@nav.no>	2021-08-24 10:52:00 +02:00
Trong Huu Nguyen	b7dbb000aa	test self-initiated logout Co-Authored-By: Kim Tore Jensen <kim.tore.jensen@nav.no>	2021-08-24 10:31:49 +02:00
Kent Daleng	1f58b5ae15	write callback test Co-Authored-By: Trong Huu Nguyen <trong.huu.nguyen@nav.no>	2021-08-24 10:02:21 +02:00
Trong Huu Nguyen	cf8b4d56cc	fix: set path for cookies	2021-08-24 08:49:57 +02:00
Trong Huu Nguyen	43cb01ad00	wip: idporten mock server	2021-08-24 07:44:05 +02:00
Kim Tore Jensen	9354ee7629	wip: mock authorization server	2021-08-23 15:12:47 +02:00
Kim Tore Jensen	764adc3d77	wip: tests for authorize	2021-08-23 14:39:48 +02:00
Kim Tore Jensen	6c23aaa243	test for login url handler	2021-08-23 14:03:35 +02:00
Kim Tore Jensen	b4b9fd1a2a	implement front-channel logout	2021-08-23 13:44:26 +02:00

1 2

88 Commits