wonderwall

mirror of https://github.com/nais/wonderwall.git synced 2026-05-09 18:06:42 +00:00

Author	SHA1	Message	Date
Trong Huu Nguyen	ca8c09ae10	fix(openid/client): flatten audience for client assertion In accordance with OpenID Connect 1.0 Core, draft 36 incorporating errata set 3: > aud > REQUIRED. Audience. The aud (audience) Claim. [...] The Audience value MUST be the OP's Issuer Identifier passed as a string, and not a single-element array.	2025-04-02 13:44:37 +02:00
Trong Huu Nguyen	01241f91ac	perf: replace bytes.Buffer with strings.Builder	2025-04-02 11:53:30 +02:00
Trong Huu Nguyen	126db31d25	feat: restrict non-navigational requests to oauth2-routes for all modes	2025-04-02 11:53:29 +02:00
Trong Huu Nguyen	39d695e104	fix(openid/client): retry server errors for PAR	2025-03-06 10:05:58 +01:00
Trong Huu Nguyen	9c26a5591d	feat(retry): increase max retry duration	2025-03-06 10:05:58 +01:00
Trong Huu Nguyen	12f6ce57aa	feat(redis): register prometheus metrics	2025-03-06 10:05:57 +01:00
Trong Huu Nguyen	1982d010f9	fix(handler/session): ignore request context cancellations We ignore these as they are very likely due to the http request itself being cancelled by the browser due to navigation and so on.	2025-03-03 08:48:21 +01:00
Trong Huu Nguyen	7698a6f9b8	fix(router): only apply cors for forward-auth	2025-02-05 11:31:24 +01:00
Trong Huu Nguyen	1efcf32cc0	fix(router): only disallow non-navigation requests for forward-auth Unfortunately, public pages may have older user-agents that does not support Sec-Fetch- headers. This is mostly Safari <16.3. We only apply this limitation for forward-auth for now.	2025-02-05 11:10:24 +01:00
Trong Huu Nguyen	9d926fff03	fix(router): correct cors setup part deux	2025-02-03 11:56:40 +01:00
Trong Huu Nguyen	2e8c7075ff	fix: set content-type header before status	2025-02-03 11:38:35 +01:00
Trong Huu Nguyen	c9de679951	feat(cors): reflect headers for allow-headers Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-02-03 10:52:32 +01:00
Trong Huu Nguyen	1f6a23f73d	fix(router): configure cors for login and logout endpoints Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-02-03 10:18:24 +01:00
Trong Huu Nguyen	ed02b782fe	refactor(http): inline navigation check in middleware	2025-02-03 08:41:59 +01:00
Trong Huu Nguyen	7c6f9d6f70	feat(session): record id attribute regardless of session validity	2025-01-31 18:52:19 +01:00
Trong Huu Nguyen	4b1bdef5cd	feat: disallow non-navigational requests to login and logout endpoints	2025-01-31 16:42:24 +01:00
Trong Huu Nguyen	f192d55971	fix(config): drop 'vcs.modified' when resolving version Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 15:17:36 +01:00
Trong Huu Nguyen	1268f7627c	feat(config): use OTEL_SERVICE_NAME if set Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:41 +01:00
Trong Huu Nguyen	79ac15d455	feat(otel): consistency passthrough for spans and attributes Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:39 +01:00
Sindre Rødseth Hansen	07b542a2f5	feat(openid/error): add spans and attributes Co-authored-by: tronghn <trong.huu.nguyen@nav.no>	2025-01-30 14:03:39 +01:00
Sindre Rødseth Hansen	dd0373b72d	feat(openid/client): add spans and attributes Co-authored-by: tronghn <trong.huu.nguyen@nav.no>	2025-01-30 14:03:38 +01:00
Trong Huu Nguyen	44bb683531	feat(handler): add spans Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:38 +01:00
Trong Huu Nguyen	e6207fe3b4	feat(handler/reverseproxy): more spans Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:37 +01:00
Trong Huu Nguyen	475fe25100	feat(session): add even more tracing Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:36 +01:00
Trong Huu Nguyen	787b54beeb	refactor(crypto): move to internal Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:36 +01:00
Trong Huu Nguyen	85230d5403	feat(session): add trace spans and attributes Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:35 +01:00
Trong Huu Nguyen	a157a13b9c	refactor(o11y): separate logging and otel packages Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:34 +01:00
Trong Huu Nguyen	21b85c4b54	feat(handler/reverseproxy): add trace spans with attributes Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:34 +01:00
Trong Huu Nguyen	dc4c563b26	feat(otel): set more resource attributes Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:33 +01:00
Trong Huu Nguyen	05c5da6bf6	fix(middleware/tracing): check attribute types before setting them Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:33 +01:00
Trong Huu Nguyen	13b11790fe	feat(handler): log additional fields for errors and reverseproxy Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:31 +01:00
Sindre Rødseth Hansen	ca77435d6a	feat(http): propagate traceparent for httpclient Co-authored-by: tronghn <trong.huu.nguyen@nav.no>	2025-01-30 14:03:30 +01:00
Trong Huu Nguyen	bf83a58795	wip: tracing for http transport	2025-01-30 14:03:30 +01:00
Trong Huu Nguyen	e1ed2033cf	refactor(middleware): extract tracing to separate handler Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:29 +01:00
Trong Huu Nguyen	10360958c0	feat(middleware): clean up logging middleware, add span attributes Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:29 +01:00
Trong Huu Nguyen	98cc534806	feat(middleware): use trace_id as correlation id, if available Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:28 +01:00
Trong Huu Nguyen	1f730a3d68	refactor: move logging to observability package Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:27 +01:00
Trong Huu Nguyen	81058458e0	feat: add logrus hook for opentelemetry Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:27 +01:00
Sindre Rødseth Hansen	b882c31585	feat(config): automatically enable otel if OTEL_EXPORTER_OTLP_ENDPOINT env var is set Co-authored-by: tronghn <trong.huu.nguyen@nav.no>	2025-01-30 14:03:23 +01:00
Trong Huu Nguyen	57f5bf951e	fix(config): set correct defaults for resolving version Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:23 +01:00
Trong Huu Nguyen	b7524f516d	refactor(otel): move to observability package Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-30 14:03:21 +01:00
Trong Huu Nguyen	9c8055bcd6	feat(openid/client): fall back to default value for invalid parameter values Instead of erroring when receiving non-empty, invalid parameters, we fall back to the configured (if any) default value for the identity provider, which is already validated with its metadata document on start-up. This prevents end-users from being exposed to unnecessary errors.	2025-01-27 08:44:07 +01:00
Sindre Rødseth Hansen	c07077a148	refactor: extract method for making authCodeURL Co-authored-by: tronghn <trong.huu.nguyen@nav.no>	2025-01-24 10:02:15 +01:00
Trong Huu Nguyen	39207677b5	feat(middleware/logentry): add fields for sec-fetch headers	2025-01-24 09:13:59 +01:00
Trong Huu Nguyen	c147a5a19e	refactor(openid): extract request params for remaining grants, minor cleanups	2025-01-24 08:07:54 +01:00
Trong Huu Nguyen	062e7b09ce	fix(openid/client): prompt parameter is optional	2025-01-24 08:07:54 +01:00
Trong Huu Nguyen	0b32d8839c	test(openid/client): add negative assertions for unwanted parameters	2025-01-24 08:07:52 +01:00
Trong Huu Nguyen	110dd64750	refactor(openid/client): extract authorization code parameters Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-23 12:03:42 +01:00
Trong Huu Nguyen	642457b950	refactor(openid/client): extract oauth request method Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-23 10:17:13 +01:00
Trong Huu Nguyen	ab418c456c	fix(handler/reverseproxy): add nil check for session Co-authored-by: sindrerh2 <sindre.rodseth.hansen@nav.no>	2025-01-23 10:16:13 +01:00

1 2 3 4 5 ...

613 Commits