github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-14 12:26:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
222 Commits 2 Branches 0 Tags
fc695b079bf99f98632f9adbc6deadf8550dd8cb
Commit Graph

222 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Trong Huu Nguyen
fc695b079b ci: bump setup-go from v2 to v3 2022-05-05 11:03:03 +02:00
Trong Huu Nguyen
f10bb80f9e refactor(handler): use logger with request context 2022-05-05 09:15:59 +02:00
Trong Huu Nguyen
cd57e72d56 refactor(router/request): clean up construction of canonical redirect uris; add missing tests 2022-05-05 08:12:23 +02:00
Trong Huu Nguyen
40a4c8a02c docs: minor cleanups, add overview with diagrams 2022-05-04 15:54:45 +02:00
Trong Huu Nguyen
2252b1dbce refactor(handler/callback): unconditionally clear callback cookies 2022-03-25 11:26:24 +01:00
Trong Huu Nguyen
cc78d2195b fix: ensure canonical redirect URL is not empty 2022-03-10 11:03:27 +01:00
J-K. Solbakken
2fb145fc00 all repos should have CODEOWNERS and LICENSE files 2022-03-08 14:50:26 +01:00
Trong Huu Nguyen
0792c8a783 deps: bump versions 2022-03-01 07:53:20 +01:00
Trong Huu Nguyen
f0318b269e fix: ensure jwk set is refreshed regularly 2022-03-01 07:49:51 +01:00
Trong Huu Nguyen
9c114f198a feat: set path for cookies for ingresses with subpaths 2022-02-14 13:18:29 +01:00
Trong Huu Nguyen
502d5f73f0 refactor(frontchannel-logout): accidentally a level too high 2022-02-11 11:42:08 +01:00
Trong Huu Nguyen
785186bf5a refactor: route errors should still log at least warning 2022-02-11 09:12:28 +01:00
Trong Huu Nguyen
714fc7e34f refactor: reduce log level severity for front-channel logout 2022-02-10 14:52:11 +01:00
Trong Huu Nguyen
8362722929 fix: don't log all requests at info level 2022-02-10 14:25:52 +01:00
Trong Huu Nguyen
de27328a84 refactor: improve error page 2022-02-10 13:38:02 +01:00
Trong Huu Nguyen
e5917964ba refactor: reduce log level severity for some spammy warnings 2022-02-10 13:31:58 +01:00
Trong Huu Nguyen
5373360c41 refactor: improve some log statements 2022-02-07 15:32:48 +01:00
Trong Huu Nguyen
3d45cfb998 refactor(config): remove features stanza 2022-02-03 13:52:48 +01:00
Trong Huu Nguyen
72f64b6c4c refactor(handler/frontchannellogout): better log statements 2022-02-03 12:17:56 +01:00
Trong Huu Nguyen
f95e618585 refactor(jwt): azure ad sets uti claim instead of jti 2022-02-03 11:41:44 +01:00
Trong Huu Nguyen
3828437dc5 refactor(jwt): clean up and deduplicate 2022-02-03 11:41:43 +01:00
Trong Huu Nguyen
59532eab0f build: add coverprofile for tests 2022-02-03 11:41:43 +01:00
Trong Huu Nguyen
b449ab2191 refactor: token -> jwt for accuracy 2022-02-03 11:41:43 +01:00
Trong Huu Nguyen
eeccebc5dd feat: log jwt IDs for tracability 2022-02-03 11:41:42 +01:00
Trong Huu Nguyen
e4e95ef5c6 refactor: move token parsing to own package; prepare for audit logs 2022-02-03 11:41:41 +01:00
Trong Huu Nguyen
6a4a268e15 docs: update available flags 2022-02-03 11:41:41 +01:00
Trong Huu Nguyen
c3da899190 feat(loginstatus): ensure that cookie is set in default route 2022-02-03 11:41:41 +01:00
Trong Huu Nguyen
fcba6815b9 feat: add feature toggled support for loginstatus 
Co-Authored-By: Youssef Bel Mekki <youssef.bel.mekki@nav.no>
Co-Authored-By: Tommy Trøen <tommy.troen@nav.no>
 2022-02-03 11:41:40 +01:00
Trong Huu Nguyen
f36d65a6ba fix(openid/config): close response body after get 2022-02-03 11:41:39 +01:00
ybelMekk
996f543f4d add: dependabot.yml, update workflow with test job and only deploy when its on master. 2022-02-02 13:36:00 +01:00
Trong Huu Nguyen
2668963e94 Merge pull request #8 from nais/support-for-front-channel-logout 2022-01-28 11:01:41 +01:00
Trong Huu Nguyen
05fae6ca5e refactor: get or generate session ID with fallbacks 
Turns out that Azure AD doesn't support the `check_session_iframe` property.
However it still returns the session ID in the `session_state` parameter during
callbacks, and optionally can be configured to return the `sid` claim in id_tokens.

This commit changes the behaviour of the SessionID method to get the session ID
if found, with the order of preference being:

1. from the `sid` claim in the id_token,
2. from the `session_state` parameter provided by the OP during callbacks

If neither are found, and the OP's configuration does not indicate that either
should be (e.g. no support for front-channel logout and/or session
management), we fall back to generating our own session ID.
 2022-01-27 12:57:52 +01:00
Trong Huu Nguyen
834c79ef1d style: go fmt 2022-01-25 15:59:57 +01:00
Trong Huu Nguyen
b40dbffa19 refactor: clean up tests 
Co-Authored-By: Youssef Bel Mekki <youssef.bel.mekki@nav.no>
 2022-01-25 15:58:19 +01:00
Trong Huu Nguyen
24cae11ba2 refactor: split out session ID generation to own file, add tests 
Co-Authored-By: Youssef Bel Mekki <youssef.bel.mekki@nav.no>
 2022-01-25 15:33:45 +01:00
ybelMekk
abc8bd1835 fix: clean up tests and fix name 2022-01-25 12:08:42 +01:00
ybelMekk
1a2b85a5f5 fix: rename from externalSessionId to sessionID. 
Better impl. for generating a random sessionID.
 2022-01-25 11:38:17 +01:00
ybelMekk
413b8dfc19 fix: revert frontChannelLogout impl. 2022-01-25 11:36:41 +01:00
ybelMekk
768aa7af49 fix: test to only check for generated session_state, remove frontChannel from CheckIframe test. 2022-01-25 11:35:56 +01:00
ybelMekk
8df169e6e0 debug: remove print statm. 2022-01-24 23:13:10 +01:00
ybelMekk
f996c4a6fe fix: remove omitempty from check_session_iframe, more robust checking of empty values in checkIframe configuration function. Fix bug in extractExternalSessionID in frontChannelLogout, return first match. 2022-01-24 23:12:07 +01:00
ybelMekk
74c1592d0a remove: unused function 2022-01-24 22:57:43 +01:00
ybelMekk
bc5f5138e4 add: handle trigger of logout for third-party and session_state 2022-01-24 22:44:45 +01:00
ybelMekk
a23595b9b4 add: handle trigger of logout for third-party and session_state 2022-01-23 23:14:25 +01:00
ybelMekk
e4c47f59e8 fix: create function for externalSessionId add random string generator. fix tests to reflect provider with checkSessionIframe Session management. 2022-01-23 21:37:36 +01:00
ybelMekk
65a0b5de52 fix: create function for externalSessionId add random string generator. 2022-01-23 14:31:01 +01:00
ybelMekk
7f6d323dde add: session management check to get session_state from OP response, generate a externalSessionID if none supported. 2022-01-22 16:23:16 +01:00
ybelMekk
f5e5d842e6 wip: sid claim only required if frontchannel_logout_session_supported && frontchannel_logout_supported. 2022-01-22 15:03:54 +01:00
Trong Huu Nguyen
6411f168e2 refactor(handler/login): move user agent debug statement to field 2022-01-10 11:12:54 +01:00
Trong Huu Nguyen
7432f86b64 refactor(cookie): set expires to epoch zero time on deletion 2022-01-07 15:29:49 +01:00