Trong Huu Nguyen
b910d3e65a
feat(config): redis username and password flags overrides uri
2023-10-12 08:21:34 +02:00
Trong Huu Nguyen
555f87b42b
docs: correct default value for session lifetime [ci skip]
2023-10-11 14:42:15 +02:00
Trong Huu Nguyen
f246fc7975
refactor(openid): move acr to own package
2023-10-11 14:25:12 +02:00
Trong Huu Nguyen
320176d48b
refactor(config): consolidate, don't parse/bind/load flags twice
2023-10-11 14:24:19 +02:00
Trong Huu Nguyen
6dbc747aad
feat(config): enable refresh tokens and automatic refreshing by default, increase default session lifetime
2023-10-11 14:16:53 +02:00
Trong Huu Nguyen
3594a5c8ff
build: bump docker-compose images, simplify redis config
2023-10-11 14:13:30 +02:00
Trong Huu Nguyen
7e97fd7a93
revert: "style: go fmt"
...
This wasn't actually formatting.
This reverts commit d71ff7ddc3
2023-10-10 14:51:12 +02:00
Trong Huu Nguyen
8bbd947d5b
feat(config): add support for Redis URI
2023-10-10 14:48:50 +02:00
Trong Huu Nguyen
d71ff7ddc3
style: go fmt
2023-10-10 13:41:28 +02:00
Trong Huu Nguyen
af6642fe90
refactor(openid): use pkce implementation from golang.org/x/oauth2
2023-10-10 10:18:01 +02:00
dependabot[bot]
4f722d9041
build(deps): bump golang.org/x/crypto from 0.13.0 to 0.14.0 ( #167 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/crypto/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 19:14:52 +00:00
dependabot[bot]
2585fd51b8
build(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 ( #165 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 19:11:39 +00:00
dependabot[bot]
a8f003089e
build(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0 ( #166 )
...
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.16.0...v1.17.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 19:07:56 +00:00
Trong Huu Nguyen
63685a09a5
docs: more, prettier mermaid diagrams and minor corrections [ci skip]
2023-10-09 14:46:53 +02:00
Trong Huu Nguyen
a2e939f716
fix(handler/sessionrefresh): handle not found error
2023-10-04 10:06:03 +02:00
Trong Huu Nguyen
c1bdb90566
feat(handler/reverseproxy): don't return json response after all
...
Expose fewer interfaces; less maintenance and documentation needed.
2023-10-04 10:01:03 +02:00
Trong Huu Nguyen
91cd58d18b
docs: update sections on autologin and sessions
2023-10-03 14:21:09 +02:00
Trong Huu Nguyen
2e21dae33a
feat(handler/reverseproxy): return json response for non-navigational autologin requests
2023-10-03 14:21:09 +02:00
Trong Huu Nguyen
52331a93db
refactor(ingress): simplify and remove unnecessary variables
2023-10-03 14:21:08 +02:00
dependabot[bot]
92cec63d0c
build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.12 to 2.0.13 ( #163 )
...
Bumps [github.com/lestrrat-go/jwx/v2](https://github.com/lestrrat-go/jwx ) from 2.0.12 to 2.0.13.
- [Release notes](https://github.com/lestrrat-go/jwx/releases )
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v2/Changes )
- [Commits](https://github.com/lestrrat-go/jwx/compare/v2.0.12...v2.0.13 )
---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 20:10:53 +00:00
dependabot[bot]
cabf4d257b
build(deps): bump github.com/redis/go-redis/v9 from 9.2.0 to 9.2.1 ( #162 )
...
Bumps [github.com/redis/go-redis/v9](https://github.com/redis/go-redis ) from 9.2.0 to 9.2.1.
- [Release notes](https://github.com/redis/go-redis/releases )
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/go-redis/compare/v9.2.0...v9.2.1 )
---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/v9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 20:07:07 +00:00
dependabot[bot]
5e12cd3fe8
build(deps): bump github.com/rs/cors from 1.10.0 to 1.10.1 ( #164 )
...
Bumps [github.com/rs/cors](https://github.com/rs/cors ) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/rs/cors/releases )
- [Commits](https://github.com/rs/cors/compare/v1.10.0...v1.10.1 )
---
updated-dependencies:
- dependency-name: github.com/rs/cors
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 20:03:42 +00:00
dependabot[bot]
64e933a718
build(deps): bump github.com/prometheus/client_golang ( #161 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.16.0...v1.17.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 20:00:32 +00:00
Trong Huu Nguyen
7a72586ca8
refactor(autologin): return early if fetch metadata is set
2023-09-25 15:07:11 +02:00
Trong Huu Nguyen
0ce938c101
build, docs: simplify local run instructions
2023-09-25 14:16:25 +02:00
Trong Huu Nguyen
61a641c8d7
fix(url): only add redirect query parameter if non-empty
2023-09-25 14:14:28 +02:00
Trong Huu Nguyen
337723150b
fix(reverseproxy/autologin): skip cleaning redirect target
2023-09-25 14:13:15 +02:00
Trong Huu Nguyen
ff39783f78
chore(deps): bump dependencies
2023-09-22 22:29:11 +02:00
Trong Huu Nguyen
a1d7cc3587
ci: use dependabot groups
2023-09-22 22:22:05 +02:00
Trong Huu Nguyen
34d90d2c78
fix(autologin): do not return ambiguous 3xx redirect
...
If autologin is enabled, check for headers that indicate that the request is a navigation request
and respond appropriately.
A navigation request is assumed to match all of the following:
- uses the GET HTTP method
- either:
- a) sends the fetch metadata headers, specifically
`Sec-Fetch-Mode=navigate` and `Sec-Fetch-Dest=document`, or (if
unsupported by the browser)
- b) sends the `Accept` header with a value that contains
`text/html` (which most browsers do by default for navigation
requests, the exception being IE8 AFAIK)
Non-navigation requests (e.g. fetch / xhr / ajax requests) will receive a
401 Unauthorized, with the Location header set to the login endpoint.
The redirect parameter is also set to point back to the URL found in the
Referer header (though with the scheme and host removed to only allow
redirects relative to the origin host.)
With this fix, autologin will also intercept requests other than GET.
This is to improve the security posture of upstreams that assume that autologin
enforces authentication for all methods.
Fixes #156 .
2023-09-22 14:51:35 +02:00
dependabot[bot]
735a3b12b1
build(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 ( #157 )
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.11.0 to 0.12.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 19:39:55 +00:00
dependabot[bot]
abe8401fb8
build(deps): bump honnef.co/go/tools from 0.4.5 to 0.4.6 ( #159 )
...
Bumps [honnef.co/go/tools](https://github.com/dominikh/go-tools ) from 0.4.5 to 0.4.6.
- [Release notes](https://github.com/dominikh/go-tools/releases )
- [Commits](https://github.com/dominikh/go-tools/compare/v0.4.5...v0.4.6 )
---
updated-dependencies:
- dependency-name: honnef.co/go/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 19:36:22 +00:00
dependabot[bot]
67b8d29d70
build(deps): bump golang.org/x/crypto from 0.12.0 to 0.13.0 ( #160 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/crypto/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 19:33:21 +00:00
dependabot[bot]
e4eb932fba
build(deps): bump github.com/rs/cors from 1.9.0 to 1.10.0 ( #158 )
...
Bumps [github.com/rs/cors](https://github.com/rs/cors ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/rs/cors/releases )
- [Commits](https://github.com/rs/cors/compare/v1.9.0...v1.10.0 )
---
updated-dependencies:
- dependency-name: github.com/rs/cors
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-18 19:29:55 +00:00
Trong Huu Nguyen
c4911b1344
feat(session): add feature toggle for automatic refreshing
2023-09-15 09:08:42 +02:00
dependabot[bot]
0b3cd4d9f6
build(deps): bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-09-07 06:43:34 +00:00
Trong Huu Nguyen
4a72a01496
feat(server): support wait before triggering graceful shutdown
2023-09-06 15:23:11 +02:00
Trong Huu Nguyen
c887cf711e
fix(handler/sso/server): wildcard redirects to default url
2023-09-06 12:15:30 +02:00
Trong Huu Nguyen
80d1415fbc
fix(logentry): reduce log level for response entries
2023-09-06 12:15:27 +02:00
dependabot[bot]
2d99cc1a60
build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 ( #155 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](6e04d228eb...11086d2504support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 19:54:32 +00:00
Trong Huu Nguyen
7029bd1210
fix(router): correct cors setup for session routes
2023-08-22 07:46:24 +02:00
dependabot[bot]
7ffe291ebe
build(deps): bump github.com/redis/go-redis/v9 from 9.0.5 to 9.1.0 ( #152 )
...
Bumps [github.com/redis/go-redis/v9](https://github.com/redis/go-redis ) from 9.0.5 to 9.1.0.
- [Release notes](https://github.com/redis/go-redis/releases )
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/go-redis/compare/v9.0.5...v9.1.0 )
---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/v9
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-21 20:15:34 +00:00
dependabot[bot]
df508c9526
build(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 ( #153 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-21 20:01:38 +00:00
dependabot[bot]
45df4830ff
build(deps): bump honnef.co/go/tools from 0.4.3 to 0.4.5 ( #151 )
...
Bumps [honnef.co/go/tools](https://github.com/dominikh/go-tools ) from 0.4.3 to 0.4.5.
- [Release notes](https://github.com/dominikh/go-tools/releases )
- [Commits](https://github.com/dominikh/go-tools/compare/v0.4.3...v0.4.5 )
---
updated-dependencies:
- dependency-name: honnef.co/go/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-21 19:58:55 +00:00
dependabot[bot]
fc713acac1
build(deps): bump golang.org/x/vuln from 1.0.0 to 1.0.1 ( #150 )
...
Bumps [golang.org/x/vuln](https://github.com/golang/vuln ) from 1.0.0 to 1.0.1.
- [Commits](https://github.com/golang/vuln/compare/v1.0.0...v1.0.1 )
---
updated-dependencies:
- dependency-name: golang.org/x/vuln
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-21 19:55:54 +00:00
Trong Huu Nguyen
7987ad767e
feat(config): allow specifying upstream ip and port separately
2023-08-17 08:41:53 +02:00
Trong Huu Nguyen
185701d53b
refactor(openid): clean up tests
2023-08-16 12:18:58 +02:00
Trong Huu Nguyen
e7799204b2
feat(openid): harden id_token validation
2023-08-15 21:30:41 +02:00
dependabot[bot]
f8d6633abd
build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 ( #149 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-14 19:36:42 +00:00
dependabot[bot]
3f1f2e2233
build(deps): bump github.com/alicebob/miniredis/v2 from 2.30.4 to 2.30.5 ( #147 )
...
Bumps [github.com/alicebob/miniredis/v2](https://github.com/alicebob/miniredis ) from 2.30.4 to 2.30.5.
- [Release notes](https://github.com/alicebob/miniredis/releases )
- [Changelog](https://github.com/alicebob/miniredis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/alicebob/miniredis/compare/v2.30.4...v2.30.5 )
---
updated-dependencies:
- dependency-name: github.com/alicebob/miniredis/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-14 19:28:43 +00:00
