github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-06 00:17:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
745 Commits 2 Branches 0 Tags
e00832016bc21e092189d5ef0ffa44c7e3c287eb
Commit Graph

745 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Trong Huu Nguyen
e00832016b feat(handler/login): remove legacy cookie 
We don't really need to set an additional cookie without SameSite
as we now use SameSite=Lax for the login cookie.
 2023-12-19 08:46:08 +01:00
Trong Huu Nguyen
083cb54df7 feat(handler/error): remove automatic retry 2023-12-19 08:46:06 +01:00
Trong Huu Nguyen
273eb3604a feat(cookie): use samesite lax instead of none for callback 2023-12-19 08:46:03 +01:00
Trong Huu Nguyen
c3904433f2 feat: log and propagate session metadata 
- stop using jti, use sid instead
- store amr and auth_time from id_token in session
- log more metadata on login callback
- log session id where possible
- propagate acr, amr, auth_time, sid to upstreams in headers
- log authenticated reverseproxy requests
 2023-12-19 08:46:02 +01:00
Trong Huu Nguyen
a10da5d0d7 feat(handler/login): add support for prompt param in login 2023-12-19 08:46:01 +01:00
Trong Huu Nguyen
8f3c5cde88 fix(handler/error): redirect callbacks to initial handlers, retry others as-is 2023-12-19 08:45:57 +01:00
dependabot[bot]
3280cb2e4a build(deps): bump the gh-actions group with 1 update (#184) 
Bumps the gh-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 08:17:57 +01:00
dependabot[bot]
dd94f3d16f build(deps): bump github.com/spf13/viper from 1.18.1 to 1.18.2 (#187) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.18.1 to 1.18.2.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.18.1...v1.18.2)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 19:39:10 +00:00
dependabot[bot]
b411e6837e build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#186) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 19:36:25 +00:00
dependabot[bot]
11bc43f309 build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#185) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 19:33:25 +00:00
Trong Huu Nguyen
ecf761d7fb ci: add concurrency configuration for workflow 2023-12-12 09:21:49 +01:00
Trong Huu Nguyen
3f7af9e232 chore(config): set new default value for idporten acr 2023-12-12 09:12:41 +01:00
dependabot[bot]
b919f9f083 build(deps): bump the gh-actions group with 2 updates (#183) 2023-12-12 08:04:48 +00:00
dependabot[bot]
cd8cafafe0 build(deps): bump github.com/spf13/viper from 1.17.0 to 1.18.1 (#182) 
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.17.0 to 1.18.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.17.0...v1.18.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-11 19:08:34 +00:00
Trong Huu Nguyen
0d7ec329e4 build: add asdf .tool-versions to specify go version 2023-12-06 18:20:49 +01:00
dependabot[bot]
6a183da146 build(deps): bump the gh-actions group with 1 update (#181) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 08:46:31 +01:00
dependabot[bot]
37b52138f4 build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.17 to 2.0.18 (#180) 
Bumps [github.com/lestrrat-go/jwx/v2](https://github.com/lestrrat-go/jwx) from 2.0.17 to 2.0.18.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v2/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v2.0.17...v2.0.18)

---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-04 19:23:42 +00:00
Trong Huu Nguyen
1804d95350 ci: image tag is no longer required 2023-11-29 14:15:37 +01:00
Trong Huu Nguyen
8204c0bc30 ci: correct job identifier 2023-11-29 14:02:43 +01:00
Trong Huu Nguyen
ab18784c34 ci: soothe helm's strict version validation 2023-11-29 13:58:01 +01:00
Trong Huu Nguyen
273ed7e829 ci: add helm chart 2023-11-29 13:41:16 +01:00
Jan-Kåre Solbakken
1bbcb31079 Use latest cosign 2023-11-29 10:40:10 +01:00
Trong Huu Nguyen
6d32363d13 feat(config): drop dirty modifier from version string 2023-11-29 09:21:04 +01:00
Trong Huu Nguyen
acede833c8 build: use defacto image, build module for buildinfo 
Building specific file doesn't appear to embed buildinfo into the static
binary for some reason.
 2023-11-28 16:15:51 +01:00
Trong Huu Nguyen
70a45e1522 style: formatting 2023-11-28 10:15:32 +01:00
Trong Huu Nguyen
423bb4f22f fix(router): skip middleware if otel is not enabled 2023-11-28 10:12:15 +01:00
Trong Huu Nguyen
35e4953557 fix(session/redis): skip setup if otel is not enabled 2023-11-28 10:08:31 +01:00
Trong Huu Nguyen
0c36a6b820 build(deps): bump liberator 2023-11-28 09:52:24 +01:00
dependabot[bot]
0808969665 build(deps): bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 (#178) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-27 20:39:06 +00:00
dependabot[bot]
5dd38684e7 build(deps): bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#179) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/crypto/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-27 20:22:13 +00:00
Trong Huu Nguyen
de78193361 chore(handler): remove temporary amr-based redirect 2023-11-24 16:52:15 +01:00
Trong Huu Nguyen
b3a7dbf081 refactor(otel): move configuration 2023-11-24 16:52:05 +01:00
Trong Huu Nguyen
14735484c3 refactor(otel): remove unneeded meter provider 2023-11-24 16:39:49 +01:00
J-K. Solbakken
894cc35e47 telemetry for redis 2023-11-23 13:16:43 +01:00
J-K. Solbakken
b5fe1c916f include cluster name in otel service name so they can be queried separately 2023-11-23 10:59:56 +01:00
J-K. Solbakken
3e00f8105a add request method to span name 2023-11-23 09:37:43 +01:00
J-K. Solbakken
d28579028e removed unused variable 2023-11-23 08:56:52 +01:00
J-K. Solbakken
38b9891caf use otelchi middleware for http tracing 2023-11-23 08:53:36 +01:00
J-K. Solbakken
5f11c2a5d7 use recommended otel reporting intervals 2023-11-23 08:20:56 +01:00
J-K. Solbakken
795c91950d change otel exporter from stdout to grpc 2023-11-22 10:03:22 +01:00
Jan-Kåre Solbakken
39ac68704f Merge pull request #177 from nais/otel 
starting simple
 2023-11-21 09:23:45 +01:00
Jan-Kåre Solbakken
757b9c987c Merge branch 'master' into otel 2023-11-21 09:21:53 +01:00
J-K. Solbakken
23268c6762 starting simple 2023-11-21 08:47:42 +01:00
dependabot[bot]
b3c7b595cb build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.16 to 2.0.17 (#176) 
Bumps [github.com/lestrrat-go/jwx/v2](https://github.com/lestrrat-go/jwx) from 2.0.16 to 2.0.17.
- [Release notes](https://github.com/lestrrat-go/jwx/releases)
- [Changelog](https://github.com/lestrrat-go/jwx/blob/develop/v2/Changes)
- [Commits](https://github.com/lestrrat-go/jwx/compare/v2.0.16...v2.0.17)

---
updated-dependencies:
- dependency-name: github.com/lestrrat-go/jwx/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-20 19:52:47 +00:00
dependabot[bot]
95445a9305 build(deps): bump the gh-actions group with 1 update (#175) 
Bumps the gh-actions group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).

- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](11086d2504...1fc5bd396d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-20 19:05:17 +00:00
Trong Huu Nguyen
1b3ba8a7ad refactor(session): skip logging for client context cancellations 
We use the context from the inbound http.Request, which means that this
error generally occurs due to the user agent disconnecting mid-request.
Skip logging these errors as they're not really actionable.
 2023-11-16 14:52:10 +01:00
Trong Huu Nguyen
191f3c3ca8 fix(router): enable cors on session endpoints for sso proxies 2023-11-15 08:42:42 +01:00
Trong Huu Nguyen
27ade353d9 build: optimize dockerfile for multi-platform 2023-11-15 08:42:36 +01:00
dependabot[bot]
4348161b4a build(deps): bump golang.org/x/crypto from 0.14.0 to 0.15.0 (#173) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-13 19:25:02 +00:00
dependabot[bot]
0b12de5d1c build(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#174) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-13 19:20:40 +00:00