Trong Huu Nguyen
a6040b0dba
build(deps): bump golang.org/x/vuln from 0.1.0 to 0.2.0
2023-07-05 09:23:27 +02:00
dependabot[bot]
8cc8cd72bb
build(deps): bump dependabot/fetch-metadata from 1.5.1 to 1.6.0 ( #136 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.5.1...v1.6.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 20:03:12 +00:00
dependabot[bot]
f58c45730e
build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 ( #135 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d13028333d...6e04d228ebsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 20:01:27 +00:00
dependabot[bot]
2a7f1ecc78
build(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 ( #134 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](ecf95283f0...16c0bc4a6esupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 19:59:42 +00:00
dependabot[bot]
67086ee7c2
build(deps): bump github.com/prometheus/client_golang ( #128 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.15.1 to 1.16.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.15.1...v1.16.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 19:56:58 +00:00
dependabot[bot]
76419ac7d5
build(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 ( #130 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 19:53:58 +00:00
dependabot[bot]
650a1c234a
build(deps): bump github.com/alicebob/miniredis/v2 from 2.30.3 to 2.30.4 ( #132 )
...
Bumps [github.com/alicebob/miniredis/v2](https://github.com/alicebob/miniredis ) from 2.30.3 to 2.30.4.
- [Release notes](https://github.com/alicebob/miniredis/releases )
- [Changelog](https://github.com/alicebob/miniredis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/alicebob/miniredis/compare/v2.30.3...v2.30.4 )
---
updated-dependencies:
- dependency-name: github.com/alicebob/miniredis/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 19:51:12 +00:00
dependabot[bot]
f6ac588013
build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 ( #131 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...d13028333dsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 19:59:20 +00:00
dependabot[bot]
b7ebcdb04d
build(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 ( #124 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](6a58db7e0d...ecf95283f0support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-19 20:16:24 +00:00
dependabot[bot]
e4dfe64235
build(deps): bump docker/login-action from 2.1.0 to 2.2.0 ( #127 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](f4ef78c080...465a07811fsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-19 20:14:36 +00:00
dependabot[bot]
a8b3f08b97
build(deps): bump docker/build-push-action from 4.1.0 to 4.1.1 ( #125 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](44ea916f6c...2eb1c1961asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-19 20:05:41 +00:00
dependabot[bot]
6629f52082
build(deps): bump docker/metadata-action from 4.5.0 to 4.6.0 ( #126 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](2c0bd771b4...818d4b7b91support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-19 19:59:42 +00:00
dependabot[bot]
b344fc904b
build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.9 to 2.0.11 ( #123 )
...
Bumps [github.com/lestrrat-go/jwx/v2](https://github.com/lestrrat-go/jwx ) from 2.0.9 to 2.0.11.
- [Release notes](https://github.com/lestrrat-go/jwx/releases )
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v2/Changes )
- [Commits](https://github.com/lestrrat-go/jwx/compare/v2.0.9...v2.0.11 )
---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-14 17:28:08 +00:00
dependabot[bot]
8e633d6e30
build(deps): bump aquasecurity/trivy-action from 0.11.0 to 0.11.2 ( #121 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.11.0 to 0.11.2.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](b43daad0c3...41f05d9ecfsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 20:12:14 +00:00
dependabot[bot]
c5e08f7725
build(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 ( #118 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4b4e9c3e2d...6a58db7e0dsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 20:10:24 +00:00
dependabot[bot]
45f63e64bb
build(deps): bump docker/metadata-action from 4.4.0 to 4.5.0 ( #119 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](c4ee3adeed...2c0bd771b4support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 20:08:35 +00:00
dependabot[bot]
9680fe447f
build(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 ( #120 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](e81a89b173...2b82ce82d5support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 20:06:01 +00:00
dependabot[bot]
606905b98e
build(deps): bump docker/build-push-action from 4.0.0 to 4.1.0 ( #117 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](3b5e8027fc...44ea916f6csupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 19:58:46 +00:00
Trong Huu Nguyen
cb1392ec97
build: bump to go version 1.20.5
2023-06-09 13:52:36 +02:00
Trong Huu Nguyen
2925ebe9e4
fix(handler/session): return metadata response even if session is inactive
2023-06-09 13:52:36 +02:00
Trong Huu Nguyen
9852b0a290
fix(handler/logout): ignore session validation errors; attempt to delete regardless
2023-06-09 13:52:35 +02:00
Trong Huu Nguyen
2a8d410425
feat(session/reader): return session on validation error
2023-06-09 13:52:35 +02:00
Trong Huu Nguyen
cbfa3fe2e2
refactor(session): extract inactive session error
2023-06-09 13:52:33 +02:00
dependabot[bot]
248a0fab81
build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 ( #112 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-06 07:56:11 +00:00
dependabot[bot]
60846e847a
build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 ( #113 )
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-06 07:53:28 +00:00
dependabot[bot]
ae1d2f0132
build(deps): bump github.com/alicebob/miniredis/v2 from 2.30.2 to 2.30.3 ( #114 )
...
Bumps [github.com/alicebob/miniredis/v2](https://github.com/alicebob/miniredis ) from 2.30.2 to 2.30.3.
- [Release notes](https://github.com/alicebob/miniredis/releases )
- [Changelog](https://github.com/alicebob/miniredis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/alicebob/miniredis/compare/v2.30.2...v2.30.3 )
---
updated-dependencies:
- dependency-name: github.com/alicebob/miniredis/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-06 07:50:33 +00:00
dependabot[bot]
c4b834dc1f
build(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 ( #115 )
...
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.15.0...v1.16.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-06 07:47:39 +00:00
dependabot[bot]
6d79f97d05
build(deps): bump aquasecurity/trivy-action from 0.10.0 to 0.11.0 ( #111 )
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](e5f43133f6...b43daad0c3support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 19:59:46 +00:00
dependabot[bot]
a804543e0c
build(deps): bump github.com/redis/go-redis/v9 from 9.0.4 to 9.0.5 ( #110 )
...
Bumps [github.com/redis/go-redis/v9](https://github.com/redis/go-redis ) from 9.0.4 to 9.0.5.
- [Release notes](https://github.com/redis/go-redis/releases )
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/go-redis/compare/v9.0.4...v9.0.5 )
---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/v9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jan-Kåre Solbakken <jksolbakken@users.noreply.github.com >
2023-05-30 06:31:36 +00:00
dependabot[bot]
6646ea28ad
build(deps): bump dependabot/fetch-metadata from 1.5.0 to 1.5.1 ( #109 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-29 19:59:19 +00:00
Trong Huu Nguyen
46852be025
feat(openid): prepare acr mappings for migration to new idporten
2023-05-25 15:54:29 +02:00
Trong Huu Nguyen
021e7551f4
fix(crypto): set max plaintext size
2023-05-24 12:32:52 +02:00
dependabot[bot]
5097d40a1d
build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 ( #108 )
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.0 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.2 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-23 07:54:13 +00:00
dependabot[bot]
daab5e3d8c
build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 ( #107 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jan-Kåre Solbakken <jksolbakken@users.noreply.github.com >
2023-05-23 07:51:16 +00:00
dependabot[bot]
aab4b972f5
build(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.5 ( #105 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...dd6b2e2b61support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 20:06:12 +00:00
dependabot[bot]
59715d6073
build(deps): bump dependabot/fetch-metadata from 1.4.0 to 1.5.0 ( #106 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.4.0...v1.5.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 19:59:27 +00:00
Trong Huu Nguyen
b28c91c94c
perf(all): use single Transport, set IdleConnTimeout
...
Reduces IdleConnTimeout to 5 seconds. Reverse proxying to a server that
has a shorter keep-alive may cause "EOF" and "connection reset by peer"
issues as the connections may be closed by the upstream before our
client notices.
2023-05-16 08:36:45 +02:00
dependabot[bot]
6edfcc1269
build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 ( #104 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-16 06:25:33 +00:00
dependabot[bot]
82d975f531
build(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 ( #103 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.7.0...v0.8.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-16 06:22:14 +00:00
dependabot[bot]
86e9340f9c
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 ( #102 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4d34df0c23...fac708d667support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-15 20:00:03 +00:00
Trong Huu Nguyen
97f0d078bf
feat(handler): validate acr if configured, change auth status if invalid
2023-05-12 08:47:27 +02:00
Trong Huu Nguyen
390cd78e9f
feat(handler): set legacy cookie for sso server
2023-05-12 08:47:26 +02:00
dependabot[bot]
ae9448bf52
build(deps): bump google-github-actions/auth from 1.1.0 to 1.1.1 ( #101 )
...
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/google-github-actions/auth/releases )
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md )
- [Commits](e8df18b60c...35b0e87d16support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-08 19:59:23 +00:00
Trong Huu Nguyen
5c96d5a0fd
feat(all): reduce log level for some spammy statements
2023-05-08 10:56:07 +02:00
Trong Huu Nguyen
350d7ff780
feat(cookie): allow configuration of name prefix
...
This is to alleviate issues with deployments on different
subdomains using overlapping cookie names where browsers
behave unpredictably.
2023-05-08 10:23:27 +02:00
Trong Huu Nguyen
0c531d9ec1
perf: increase max idle connections for http clients
2023-05-04 14:45:45 +02:00
Trong Huu Nguyen
d2151f9948
build(deps): bump
2023-05-04 14:45:44 +02:00
Trong Huu Nguyen
b806ecc787
build: bump to go version 1.20.4
2023-05-04 14:45:42 +02:00
Trong Huu Nguyen
6151aa3279
feat(openid, handler): support runtime override of redirect after single-logout
...
Fixes #100 .
2023-05-04 14:45:13 +02:00
Trong Huu Nguyen
b0bb1aa8ea
feat(url): add logout url constructor
2023-05-03 09:07:03 +02:00
