github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-09 01:47:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
159 Commits 2 Branches 0 Tags
c70037bd4c8a87d6c19f88d2911bbe64b189737d
Commit Graph

37 Commits

Author SHA1 Message Date
Trong Huu Nguyen
c70037bd4c refactor: clean up main 2021-11-01 11:04:54 +01:00
Trong Huu Nguyen
3a35584a21 refactor: restructure and group related packages into subpackages 2021-10-20 09:03:14 +02:00
Trong Huu Nguyen
c1482d09e1 refactor: generalize config to allow more providers; add azure 2021-10-16 12:44:59 +02:00
Trong Huu Nguyen
c702f8ff6c refactor: introduce generic provider for openid configs 2021-10-16 10:42:49 +02:00
Trong Huu Nguyen
f7f476db87 refactor: add toggle for redis tls negotiation 2021-10-13 08:47:58 +02:00
Morten Lied Johansen
6152b94aba Configure HA redis 
Co-authored-by: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-12 15:56:30 +02:00
Trong Huu Nguyen
657d7df988 refactor: remove startup redis ping 2021-10-12 09:33:16 +02:00
Trong Huu Nguyen
3bdbfd0030 refactor: only handle single ingress 
As OIDC is very specific on using complete redirect URIs
for the authorization-step, it does not really make sense
to handle multiple ingresses in Wonderwall.

We could dynamically figure out which ingress was used
by looking at the scheme and host for the request and
decide which redirect URI we would use, but such an
implementation is both time-consuming and prone to
errors and vulnerabilities without the proper precautions.
 2021-10-07 08:16:49 +02:00
sindrerh2
1f939d603d feat: add configurable redirect to custom error page 
Co-authored-by: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
 2021-10-06 14:49:04 +02:00
Trong Huu Nguyen
77d0438411 feat: use latest go-chi v5, add middlewares for panic recovery and logging 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-05 11:45:42 +02:00
Trong Huu Nguyen
cc8ba980ca refactor: deduplicate crypto operations for sessions 2021-09-30 18:27:53 +02:00
Trong Huu Nguyen
2ec1b7ace9 feat: encrypt session data 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-09-30 13:47:29 +02:00
Morten Lied Johansen
214b14323c Do graceful shutdown on signals 2021-09-28 21:29:33 +02:00
Kim Tore Jensen
081921d0fa add http request metrics 2021-09-02 11:16:45 +02:00
Trong Huu Nguyen
723f25326c ping redis on startup; fail on error 2021-08-26 08:33:33 +02:00
Kent Daleng
8ee87a8a84 get ingresses from naiserator to build router correctly 
Co-Authored-By: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
Co-Authored-By: Kim Tore Jensen <kim.tore.jensen@nav.no>
 2021-08-25 13:15:26 +02:00
Trong Huu Nguyen
6e45fa804c refactor: use keygen from liberator 2021-08-25 10:15:45 +02:00
Trong Huu Nguyen
de619c6e89 refactor: add constructor for routing handler to deduplicate config 2021-08-25 09:21:40 +02:00
Trong Huu Nguyen
0f160f7f99 fix: generate encryption key if not set 2021-08-25 08:23:19 +02:00
Trong Huu Nguyen
03a14eb2bd refactor: clean up id_token validation 2021-08-25 08:22:34 +02:00
Kim Tore Jensen
f414470910 support entering encryption key as environment variable 2021-08-24 15:46:55 +02:00
Kim Tore Jensen
097f4fd5b2 make redis support configurable 2021-08-24 13:07:57 +02:00
Kim Tore Jensen
55f26fb54c incorporate new session storage code 2021-08-24 12:58:16 +02:00
Kim Tore Jensen
764adc3d77 wip: tests for authorize 2021-08-23 14:39:48 +02:00
Kent Daleng
d2a3db75c2 refactor cookie handling 2021-08-23 13:11:50 +02:00
Kim Tore Jensen
1d36b8e6a3 code restructuring 2021-08-23 11:17:30 +02:00
Trong Huu Nguyen
f36848babe feat: validate id_token in auth code flow 
Co-authored-by: Kent Daleng <kent.daleng@nav.no>
 2021-08-23 09:59:15 +02:00
Kim Tore Jensen
9722c17eb5 route requests to upstream host 2021-08-20 12:22:17 +02:00
Kim Tore Jensen
c9668986a6 encrypt cookies and store access tokens in-memory with browser session 2021-08-19 15:25:39 +02:00
Kim Tore Jensen
8baa18281d remove caos/oidc as dependency 2021-08-19 14:25:55 +02:00
Kent Daleng
8815ffb34b wip: callback function 2021-08-19 14:05:21 +02:00
Kent Daleng
b1272ed712 refactor login, use caos/oidc 2021-08-18 11:42:50 +02:00
Kent Daleng
3784006e99 fetch well-known config from remote and store it in runtime config 2021-08-18 07:46:09 +02:00
Kim Tore Jensen
2b5206fdff run a webserver and supply a non-working login redirect uri 2021-08-17 15:31:03 +02:00
Kent Daleng
1177ef1210 implement config and logging 2021-08-17 14:30:34 +02:00
Kent Daleng
18b9d43545 use ci 2021-08-17 13:57:06 +02:00
Kent Daleng
1aec4cd36a initial commit 2021-08-17 13:39:10 +02:00