github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-11 10:56:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
414 Commits 2 Branches 0 Tags
67d3977cc157244ff7cbfbf96e461dca2426da8c
Commit Graph

414 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Trong Huu Nguyen
67d3977cc1 refactor(handler/sessionrefresh): use found session key instead of looking up key again 2023-02-10 14:57:47 +01:00
Trong Huu Nguyen
ae31267fd1 refactor: simplify returning boolean expressions 2023-02-10 14:57:47 +01:00
Trong Huu Nguyen
a682f08715 ci: add staticcheck and govulncheck 2023-02-10 14:57:46 +01:00
Trong Huu Nguyen
c3a5033968 test(handler): add test for authorization headers, ensure upstream validates token 2023-02-10 14:57:45 +01:00
Michal J. Sladek
d1b810a317 Add support for Apple Silicon (linux/arm64) platform. (#69)Fixes https://github.com/nais/wonderwall/issues/67 2023-02-10 13:05:25 +01:00
dependabot[bot]
da54f4fcc5 build(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#65) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-31 09:16:41 +01:00
dependabot[bot]
d8493e1e7b build(deps): bump github.com/alicebob/miniredis/v2 from 2.23.1 to 2.30.0 (#62) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-10 08:42:51 +00:00
dependabot[bot]
fb8a4edb71 build(deps): bump golang.org/x/oauth2 from 0.3.0 to 0.4.0 (#63) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-10 09:40:57 +01:00
dependabot[bot]
a925a3f112 build(deps): bump github.com/bmatcuk/doublestar/v4 from 4.4.0 to 4.6.0 (#64) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-01-10 09:36:21 +01:00
Trong Huu Nguyen
4291de3afc ci: re-run workflow for 0cb51a3 2022-12-19 15:36:19 +01:00
dependabot[bot]
0cb51a32ba build(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.23.1 (#60) 2022-12-19 14:29:25 +00:00
Trong Huu Nguyen
af78c91c09 ci: prefix sha-tags with date 2022-12-19 15:13:06 +01:00
Trong Huu Nguyen
9cf982fd6a ci: add write permission to allow publishing to ghcr 2022-12-19 15:02:54 +01:00
Trong Huu Nguyen
b3c50acb76 docs: use mermaid for diagrams 2022-12-19 13:04:12 +01:00
Trong Huu Nguyen
4896f9aa41 deps: more bumps 2022-12-19 09:45:16 +01:00
Trong Huu Nguyen
55c615f095 ci: set up jobs for publishing to GAR 2022-12-16 15:07:01 +01:00
Trong Huu Nguyen
f65f7a695b build: use latest go version, 1.19.4 2022-12-16 14:55:08 +01:00
Trong Huu Nguyen
0485074829 refactor(handler/reverseproxy): reduce log severity for invalid auth state 2022-12-16 14:53:35 +01:00
Trong Huu Nguyen
1d754baabe feat(handler/reverseproxy): preserve incoming authorization for unauthenticated sessions 2022-12-16 14:53:27 +01:00
Trong Huu Nguyen
4ee771856a deps: bump em 2022-12-02 13:49:27 +01:00
Trong Huu Nguyen
2f6dc9c779 refactor(session/handler): reduce log severity for lock release, adjust lock duration and timeout 2022-12-02 13:47:59 +01:00
Trong Huu Nguyen
185485a6fe feat(handler/autologin): use doublestar library for nested path matching 
Fixes #54.
 2022-11-24 11:36:54 +01:00
Trong Huu Nguyen
e76bb5c369 perf: use automaxprocs to prevent cpu throttling under cgroup quotas 2022-11-24 11:36:54 +01:00
Trong Huu Nguyen
16fa07921f chore: bump dependencies 2022-11-24 11:36:51 +01:00
Trong Huu Nguyen
e7244df4d5 feat: add local logout endpoint 2022-11-24 11:36:49 +01:00
Hans Kristian Flaatten
30f155a644 Add CodeQL Code Scanning (#58) 2022-11-10 09:22:14 +01:00
Trong Huu Nguyen
0b381bbb00 test(session/data): fix flaky expire test 2022-10-17 12:06:03 +02:00
Trong Huu Nguyen
82743f76bb test(session/data): fix flaky timeout test 2022-10-17 12:00:44 +02:00
Trong Huu Nguyen
002e4ac8ea feat(handler/error): automatically retry errors before displaying error page 2022-10-11 10:55:14 +02:00
Trong Huu Nguyen
bdec8c662c refactor(router): correct HTTP verb for session refresh endpoint 
Since this changes the state for a user's session, a POST is more
appropriate than just a GET - even though the POST body is empty.

We keep the GET route temporarily to allow any consumers to migrate.
 2022-10-11 09:22:03 +02:00
Trong Huu Nguyen
b651db40e4 refactor(handler/url): remove support for Referer header 
The header isn't guaranteed to be set or sent with requests, and all of
our users prefer the `redirect` query parameter anyways.
 2022-09-22 13:59:37 +02:00
Trong Huu Nguyen
aaaaaaa38d feat(session): add session inactivity timeout feature 
Fixes #52.
 2022-09-22 10:03:17 +02:00
Trong Huu Nguyen
55a5f357d5 chore: remove metadata rollout toggle 2022-09-21 09:41:28 +02:00
Trong Huu Nguyen
843bf5dfcd refactor(handler/error): rename config variable to match intention 2022-09-21 09:39:57 +02:00
Trong Huu Nguyen
f093fd549e fix(autologin): ignore trailing slash in request paths during matching 2022-09-21 08:41:13 +02:00
Trong Huu Nguyen
4a0f41e8c2 fix(loginstatus): clear more cookies on logout 2022-09-20 10:06:42 +02:00
Trong Huu Nguyen
f6cf60a013 refactor(handler/reverseproxy): improve log messages 2022-09-20 08:00:57 +02:00
Trong Huu Nguyen
e5a285887c refactor(handler/url): extract redirect url decoder method 2022-09-19 21:14:22 +02:00
Trong Huu Nguyen
80738f2a4b fix(handler/url): use base64 encoding for redirects to preserve query parameters 
Load balancers or reverse proxies may rewrite or modify the Location
header and unescape its value, which would result in redirects not
preserving the original set of query parameters. This was especially
evident for autologins where we need to redirect to `/oauth2/login` with
the `redirect` parameter containing the original requested URL so that
the end-user ultimately ends up at the latter URL.

We avoid this issue by base64-encoding the original URL, before passing
it along as the intended redirect for the login route.
To preserve existing behaviour, we use a separate query parameter
for the `/oauth2/login`-endpoint that accepts and handles base64-encoded
values.
 2022-09-19 11:51:30 +02:00
Trong Huu Nguyen
97d2a88bb1 fix(handler/url): ensure that parameters for original url aren't dropped 2022-09-19 08:41:25 +02:00
Trong Huu Nguyen
ed56aac3d0 style: follow conventions for error variable names 2022-09-19 08:41:23 +02:00
Trong Huu Nguyen
b8785b7414 style: use shorthand time functions where possible 2022-09-19 08:41:21 +02:00
Trong Huu Nguyen
d718c36595 style(openid/client): remove unused struct field 2022-09-19 08:41:20 +02:00
Trong Huu Nguyen
d732a5b3cd test(session/store): add missing assertion 2022-09-19 08:41:18 +02:00
Trong Huu Nguyen
62f0359438 fix(handler/autologin): ensure path has prefix 2022-09-19 08:41:17 +02:00
Trong Huu Nguyen
9af867bf91 chore: bump deps 2022-09-19 08:41:14 +02:00
Trong Huu Nguyen
889e0c8edf feat(middleware/correlationid): use x-request-id header if found in request 2022-09-19 08:41:14 +02:00
Trong Huu Nguyen
b68877b963 fix(ingress): also use X-Forwarded-Host for match operation 2022-09-19 08:41:09 +02:00
Jan-Kåre Solbakken
5a385622d8 Merge pull request #51 from nais/dependabot/go_modules/github.com/spf13/viper-1.13.0 
build(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0
 2022-09-19 08:33:43 +02:00
Jan-Kåre Solbakken
4fddbaa4df Merge branch 'master' into dependabot/go_modules/github.com/spf13/viper-1.13.0 2022-09-19 08:11:47 +02:00