github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-09 18:06:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
896 Commits 2 Branches 0 Tags
e59617b341be7f910d7e9481e4b3320fb17d1153
Commit Graph

33 Commits

Author SHA1 Message Date
Trong Huu Nguyen
10e71a7bb5 feat(handler/reverseproxy): remove x-wonderwall headers 
The use of these headers in upstreams may be risky, espeically
if Wonderwall is accidentally misconfigured or disabled, or requests
are performed directly to the upstream circumventing Wonderwall.

We should prefer using a signed token or similar that can be verified by
the upstreams.
 2024-01-16 08:57:07 +01:00
Trong Huu Nguyen
e00832016b feat(handler/login): remove legacy cookie 
We don't really need to set an additional cookie without SameSite
as we now use SameSite=Lax for the login cookie.
 2023-12-19 08:46:08 +01:00
Trong Huu Nguyen
c3904433f2 feat: log and propagate session metadata 
- stop using jti, use sid instead
- store amr and auth_time from id_token in session
- log more metadata on login callback
- log session id where possible
- propagate acr, amr, auth_time, sid to upstreams in headers
- log authenticated reverseproxy requests
 2023-12-19 08:46:02 +01:00
Trong Huu Nguyen
3da0ed1019 fix(middleware/prometheus): filter out irrelevant paths 2023-10-16 11:41:57 +02:00
Trong Huu Nguyen
80d1415fbc fix(logentry): reduce log level for response entries 2023-09-06 12:15:27 +02:00
Trong Huu Nguyen
5c96d5a0fd feat(all): reduce log level for some spammy statements 2023-05-08 10:56:07 +02:00
Trong Huu Nguyen
6ebc95a8e0 feat: add logout cookie 2023-05-03 09:05:42 +02:00
Trong Huu Nguyen
6127417767 fix(router): handle preflight requests for sso server 2023-04-28 06:53:47 +02:00
Trong Huu Nguyen
133d3fd855 refactor(middleware/logentry): ignore ping route 2023-03-01 10:11:37 +01:00
Trong Huu Nguyen
d5b603c98f feat(router): add cors middleware for sso server 2023-02-23 14:30:55 +01:00
Trong Huu Nguyen
08c6e96670 refactor(session): wrap error for decrypt 2023-02-23 14:29:49 +01:00
Trong Huu Nguyen
afc8fd6962 style: formatting 2023-02-21 15:37:48 +01:00
Trong Huu Nguyen
889e0c8edf feat(middleware/correlationid): use x-request-id header if found in request 2022-09-19 08:41:14 +02:00
Trong Huu Nguyen
989aa1e998 refactor(middleware/logentry): add fields to default logger 2022-09-03 20:05:28 +02:00
Trong Huu Nguyen
9144056e28 refactor(handler): split up request handlers into separate modules 2022-09-02 14:53:11 +02:00
Trong Huu Nguyen
5d00d132dd refactor: decouple handler implementation from router and middleware 2022-09-01 19:39:47 +02:00
Trong Huu Nguyen
dc0741f79f refactor(middleware): extract handlers for consistency 2022-08-26 08:34:07 +02:00
Trong Huu Nguyen
4d7502a4be refactor(middleware/logentry): strip query and fragment from referer logs 2022-08-25 22:31:01 +02:00
Trong Huu Nguyen
5f6c0c01a8 feat: add ingress middleware 2022-08-17 11:39:41 +02:00
Trong Huu Nguyen
a9e9644764 refactor: move context utils to middleware 2022-08-17 11:39:40 +02:00
Trong Huu Nguyen
51075ad9ed refactor(middleware/logentry): remove httplog dependency 2022-08-11 09:54:23 +02:00
Trong Huu Nguyen
31ab8ad3b7 refactor(handler/default): redirect auto-login requests instead of inlining login handler 2022-07-21 08:21:28 +02:00
Trong Huu Nguyen
b4e6e97448 refactor(metrics): use const label for hpa, ensure provider label is set 2022-07-20 14:50:13 +02:00
Trong Huu Nguyen
4ab07e9dc2 refactor: clean up logging 2022-07-19 08:39:02 +02:00
Trong Huu Nguyen
bece03c94e refactor(middleware/logentry): replace zerologger with logrus 2022-07-18 15:47:35 +02:00
Trong Huu Nguyen
445a20f1c1 refactor(middleware/prometheus): add host label 2022-07-18 09:40:18 +02:00
Trong Huu Nguyen
e3b9d33296 refactor: split out packages from router 2022-07-15 07:44:54 +02:00
Trong Huu Nguyen
3a35584a21 refactor: restructure and group related packages into subpackages 2021-10-20 09:03:14 +02:00
Trong Huu Nguyen
77d0438411 feat: use latest go-chi v5, add middlewares for panic recovery and logging 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-05 11:45:42 +02:00
Trong Huu Nguyen
569855cef2 refactor: minor cleanups for middleware 2021-10-04 18:45:40 +02:00
Trong Huu Nguyen
788ef1278a refactor: add correlation ID for error response logs 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-04 14:36:54 +02:00
Morten Lied Johansen
43dd8d7926 More, correct, metrics 
Co-authored-by: Trong Huu Nguyen <trong.huu.nguyen@nav.no>
Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-01 10:28:44 +02:00
Kim Tore Jensen
081921d0fa add http request metrics 2021-09-02 11:16:45 +02:00