wonderwall

github/wonderwall

Fork 0

mirror of https://github.com/nais/wonderwall.git synced 2026-05-06 16:36:51 +00:00

Commit Graph

Select branches

Hide Pull Requests

dependabot/go_modules/otel-3525194e36

master

#1

#10

#101

#102

#103

#104

#105

#106

#107

#108

#109

#11

#110

#111

#111

#112

#113

#114

#115

#117

#118

#119

#12

#120

#121

#122

#123

#124

#125

#126

#127

#128

#129

#13

#130

#131

#132

#133

#134

#135

#136

#138

#139

#14

#140

#141

#142

#143

#144

#145

#146

#147

#148

#149

#15

#150

#151

#152

#153

#154

#155

#157

#158

#159

#16

#160

#161

#162

#163

#164

#165

#166

#167

#168

#169

#170

#171

#172

#173

#174

#175

#176

#177

#178

#179

#18

#180

#181

#182

#183

#184

#185

#186

#187

#188

#189

#19

#190

#192

#193

#194

#195

#196

#197

#198

#199

#2

#20

#200

#201

#202

#203

#204

#205

#206

#207

#208

#209

#21

#210

#211

#212

#213

#214

#215

#216

#217

#218

#219

#22

#220

#221

#222

#223

#224

#225

#226

#227

#228

#229

#23

#230

#231

#232

#233

#234

#236

#237

#238

#239

#24

#240

#241

#242

#243

#244

#245

#246

#247

#248

#249

#25

#250

#251

#252

#253

#254

#255

#256

#257

#258

#259

#26

#260

#261

#263

#264

#265

#266

#267

#268

#269

#27

#270

#271

#272

#273

#274

#275

#276

#277

#278

#279

#28

#280

#281

#282

#283

#284

#285

#286

#287

#288

#289

#29

#290

#291

#292

#293

#294

#295

#296

#297

#298

#299

#3

#30

#300

#301

#302

#303

#304

#305

#308

#309

#31

#310

#311

#312

#313

#314

#316

#317

#318

#319

#32

#320

#321

#322

#323

#325

#326

#327

#328

#329

#33

#330

#331

#332

#333

#334

#335

#336

#337

#338

#339

#34

#340

#341

#342

#343

#344

#345

#346

#347

#348

#349

#35

#350

#351

#352

#353

#354

#355

#356

#357

#358

#359

#360

#361

#362

#363

#364

#365

#366

#367

#368

#369

#37

#370

#371

#372

#373

#374

#375

#376

#377

#378

#379

#38

#380

#381

#382

#383

#384

#385

#386

#387

#388

#389

#39

#390

#391

#392

#393

#394

#395

#396

#397

#398

#399

#4

#40

#400

#401

#402

#403

#404

#405

#406

#407

#408

#409

#41

#410

#411

#412

#413

#414

#415

#416

#417

#418

#419

#42

#420

#421

#422

#423

#424

#425

#426

#427

#428

#429

#43

#430

#431

#432

#433

#435

#436

#437

#438

#439

#44

#440

#441

#442

#443

#444

#445

#446

#447

#448

#449

#45

#450

#451

#452

#453

#454

#455

#456

#457

#458

#459

#46

#460

#461

#462

#463

#464

#465

#466

#467

#468

#469

#47

#470

#48

#5

#51

#53

#56

#57

#58

#59

#60

#61

#62

#63

#64

#65

#66

#68

#69

#70

#72

#73

#74

#75

#76

#77

#78

#79

#8

#80

#81

#82

#83

#84

#85

#86

#87

#88

#89

#9

#90

#91

#92

#93

#94

#95

#96

#97

#98

#99

09bbc35df7 fix: ensure acr claim exists if security level is enabled Trong Huu Nguyen 2021-09-06 11:35:46 +02:00
4237e84de3 feat: add feature toggle for security level; allow user-defined levels Trong Huu Nguyen 2021-09-06 11:05:19 +02:00
e819cc0de1 use host-agnostic path for default zero-config ingress Trong Huu Nguyen 2021-09-02 12:23:32 +02:00
081921d0fa add http request metrics Kim Tore Jensen 2021-09-02 11:16:45 +02:00
e0662efa66 default zero-config ingress for testing Kim Tore Jensen 2021-08-30 11:50:15 +02:00
1aa134ecf0 redirect after successful oauth2 flow - to user-defined location, or referer Kim Tore Jensen 2021-08-26 12:54:40 +02:00
c1660ad1d0 also unset x-pwned-by when un-authenticated Kim Tore Jensen 2021-08-26 12:21:21 +02:00
da4f6dc6a7 use correct session ID for front-channel logout Trong Huu Nguyen 2021-08-26 10:35:45 +02:00
723f25326c ping redis on startup; fail on error Trong Huu Nguyen 2021-08-26 08:33:33 +02:00
c76daf61f7 don't set x-pwned-by header for end-users; only upstream Kim Tore Jensen 2021-08-25 17:29:09 +02:00
679566977e forward host header correctly Kim Tore Jensen 2021-08-25 17:28:46 +02:00
8ee87a8a84 get ingresses from naiserator to build router correctly Kent Daleng 2021-08-25 13:15:26 +02:00
26a74cb0db ci: do not push to nais-yaml unless on master Trong Huu Nguyen 2021-08-25 12:03:23 +02:00
5da34f0139 fix: include id_token_hint on self-initiated logout Trong Huu Nguyen 2021-08-25 11:55:36 +02:00
e83542b046 fix: prefix local session keys to prevent collisions Trong Huu Nguyen 2021-08-25 11:11:23 +02:00
cb514c2294 refactor: make SessionMaxLifetime configurable Trong Huu Nguyen 2021-08-25 10:55:53 +02:00
6e45fa804c refactor: use keygen from liberator Trong Huu Nguyen 2021-08-25 10:15:45 +02:00
700b6732d7 fix: add acceptable skew for id_token validation Trong Huu Nguyen 2021-08-25 09:31:21 +02:00
f63bade2b9 chore: remove obsolete fixme, redundant type conversion Trong Huu Nguyen 2021-08-25 09:28:14 +02:00
de619c6e89 refactor: add constructor for routing handler to deduplicate config Trong Huu Nguyen 2021-08-25 09:21:40 +02:00
0f160f7f99 fix: generate encryption key if not set Trong Huu Nguyen 2021-08-25 08:23:19 +02:00
03a14eb2bd refactor: clean up id_token validation Trong Huu Nguyen 2021-08-25 08:22:34 +02:00
f414470910 support entering encryption key as environment variable Kim Tore Jensen 2021-08-24 15:46:55 +02:00
d6b6b617d5 deploy only as part of nais-yaml Kim Tore Jensen 2021-08-24 14:35:52 +02:00
18aaa754c6 makefile for integration tests Kim Tore Jensen 2021-08-24 13:11:11 +02:00
097f4fd5b2 make redis support configurable Kim Tore Jensen 2021-08-24 13:07:57 +02:00
94569a6f3c include redis docker-compose file Kim Tore Jensen 2021-08-24 12:58:28 +02:00
55f26fb54c incorporate new session storage code Kim Tore Jensen 2021-08-24 12:58:16 +02:00
15a7c14324 redis and in-memory session store Kim Tore Jensen 2021-08-24 12:46:28 +02:00
2becde51b9 add front-channel logout test Trong Huu Nguyen 2021-08-24 10:52:00 +02:00
b7dbb000aa test self-initiated logout Trong Huu Nguyen 2021-08-24 10:31:43 +02:00
1f58b5ae15 write callback test Kent Daleng 2021-08-24 09:59:34 +02:00
cf8b4d56cc fix: set path for cookies Trong Huu Nguyen 2021-08-24 08:49:57 +02:00
43cb01ad00 wip: idporten mock server Trong Huu Nguyen 2021-08-24 07:44:05 +02:00
9354ee7629 wip: mock authorization server Kim Tore Jensen 2021-08-23 15:12:47 +02:00
764adc3d77 wip: tests for authorize Kim Tore Jensen 2021-08-23 14:39:48 +02:00
6c23aaa243 test for login url handler Kim Tore Jensen 2021-08-23 14:03:35 +02:00
b4b9fd1a2a implement front-channel logout Kim Tore Jensen 2021-08-23 13:44:26 +02:00
612fcaed78 deduplication; store sessions with name Kim Tore Jensen 2021-08-23 13:29:15 +02:00
d2a3db75c2 refactor cookie handling Kent Daleng 2021-08-23 13:11:50 +02:00
1d36b8e6a3 code restructuring Kim Tore Jensen 2021-08-23 11:17:30 +02:00
42d6d93ee3 lock concurrent session writes Kim Tore Jensen 2021-08-23 11:10:59 +02:00
2d7adb55b5 remove unused session id Kim Tore Jensen 2021-08-23 11:01:30 +02:00
0677c29c5b fix merge imports Kim Tore Jensen 2021-08-23 11:00:13 +02:00
a7975d707c fixes after discussion with TT and TH Kim Tore Jensen 2021-08-23 10:58:46 +02:00
eb7f18b46d wip: replace generated session value with provided value Trong Huu Nguyen 2021-08-23 10:56:31 +02:00
7ab8967b91 test: remove debug logging Trong Huu Nguyen 2021-08-23 10:27:45 +02:00
1fcc97819b feat: implement self-initiated logout Trong Huu Nguyen 2021-08-23 10:26:47 +02:00
f36848babe feat: validate id_token in auth code flow Trong Huu Nguyen 2021-08-23 09:59:15 +02:00
83b7eb65b0 fix crypt tests Kim Tore Jensen 2021-08-20 13:09:29 +02:00
9722c17eb5 route requests to upstream host Kim Tore Jensen 2021-08-20 12:22:17 +02:00
23f7c9bd6d WIP proxying Kim Tore Jensen 2021-08-19 17:32:10 +02:00
c9668986a6 encrypt cookies and store access tokens in-memory with browser session Kim Tore Jensen 2021-08-19 15:25:39 +02:00
8baa18281d remove caos/oidc as dependency Kim Tore Jensen 2021-08-19 14:25:38 +02:00
262413036c functional oauth2 pkce flow Kim Tore Jensen 2021-08-19 14:24:24 +02:00
8815ffb34b wip: callback function Kent Daleng 2021-08-19 14:05:21 +02:00
4da8e5263f loginurl as our own implementation Kim Tore Jensen 2021-08-19 13:05:39 +02:00
60ce40e404 fixes and formatting Kim Tore Jensen 2021-08-19 11:39:16 +02:00
956cda2a40 generate a codeverifier better Kent Daleng 2021-08-19 12:02:54 +02:00
f94dfc6c1c add .vscode Kent Daleng 2021-08-19 08:36:35 +02:00
6d5a14358e generate a long enough code_verifier Kent Daleng 2021-08-19 08:32:00 +02:00
7458ebd5d7 attempt to exchange code on callback Kent Daleng 2021-08-18 13:08:23 +02:00
b1272ed712 refactor login, use caos/oidc Kent Daleng 2021-08-18 11:42:50 +02:00
a7eacb3b66 whoops, i meant 8090 Kent Daleng 2021-08-18 10:19:51 +02:00
252306fabc define port 3000 Kent Daleng 2021-08-18 10:14:36 +02:00
6c9c34244f configurable oauth2 redirect url parameters Kim Tore Jensen 2021-08-18 09:59:44 +02:00
5b625769d1 use authorization endpoint from wellknown Kent Daleng 2021-08-18 09:46:15 +02:00
3784006e99 fetch well-known config from remote and store it in runtime config Kent Daleng 2021-08-18 07:46:09 +02:00
f09cfabfdf add some info about what this app does Kent Daleng 2021-08-17 15:53:48 +02:00
2b5206fdff run a webserver and supply a non-working login redirect uri Kim Tore Jensen 2021-08-17 15:31:03 +02:00
1177ef1210 implement config and logging Kent Daleng 2021-08-17 14:28:50 +02:00
ef7d630d38 enable idporten Kent Daleng 2021-08-17 14:04:21 +02:00
8776d289f1 add alpine rule Kent Daleng 2021-08-17 14:01:42 +02:00
accb44925a add test rule, fix env injections Kent Daleng 2021-08-17 14:00:13 +02:00
18b9d43545 use ci Kent Daleng 2021-08-17 13:57:06 +02:00
1aec4cd36a initial commit Kent Daleng 2021-08-17 13:39:10 +02:00

... 11 12 13 14 15 ...