3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-01 11:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
608 commits 159 branches 125 tags 103 MiB
Commit graph

28 commits

Author SHA1 Message Date
Travis Groth
1f1e63a75b
telemetry/tracing: Add Zipkin tracing support (#723) 2020-05-18 21:57:13 -04:00
Caleb Doxsey
ef399380b7 merge master 2020-05-18 17:10:10 -04:00
Travis Groth
96a95c5aff Update jwt_claims_headers docs (#705) 2020-05-18 17:10:10 -04:00
Caleb Doxsey
352c2b851b envoy: add separate proxy log level option (#689) 2020-05-18 17:10:10 -04:00
Caleb Doxsey
02615b8b6c Merge remote-tracking branch 'origin/master' into feature/envoy 2020-05-18 17:10:10 -04:00
Travis Groth
99e788a9b4 envoy: Initial changes 2020-05-18 17:10:10 -04:00
Bjoern Weidlich
1a1a5a11f9
Documentation around Pomerium/Istio/Grafana (#675) 
* Added an example of how to protect Grafana with Pomerium inside of an Istio mesh
* Added relevant documentation links
 2020-05-17 22:26:09 -07:00
Bobby DeSimone
1cba3d50eb
docs: fixes to v0.8.0 docs (#696) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-05-13 12:38:01 -07:00
Bobby DeSimone
80166bcc40
deployment: release v0.8.0 (#686) 
Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2020-05-12 19:10:12 -07:00
Travis Groth
b9b66ec20f
deploy: autocert documentation and defaults (#658) 
* Define AUTOCERT_DIR in dockerfiles

* Add autocert example and compose file

* Update reference docs for defaults
 2020-05-05 21:13:28 -04:00
Bobby DeSimone
bf9a6f5e97
cryptutil: add automatic certificate management (#644) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-05-05 12:50:19 -07:00
Caleb Doxsey
9e66471c07 docs: add additional path filtering configuration documentation 2020-04-20 18:24:36 -06:00
branchmispredictor
0de3c431a6
forward-auth: validate using forwarded uri header (#600) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-20 10:56:30 -07:00
Bobby DeSimone
b423b234e9
docs: update upgrading / changelog to v0.7.2 (#601) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-13 16:20:29 -07:00
Travis Groth
789068e27a
Add configurable JWT claim headers (#596) 2020-04-09 23:41:55 -04:00
Bobby DeSimone
d780281fc0
v0.7.0 
See (#576)
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-04 20:45:48 -07:00
Travis Groth
cc504362e4
Add storage metrics (#554) 
* Add cache storage metrics

- autocache client metrics
- autocache server metrics
- boltdb metrics
- redis client metrics
- refactor metrics registry to be general purpose
 2020-03-23 22:07:48 -04:00
Bobby DeSimone
8d1732582e
authorize: use jwt insead of state struct (#514) 
authenticate: unmarshal and verify state from jwt, instead of middleware
authorize: embed opa policy using statik
authorize: have IsAuthorized handle authorization for all routes
authorize: if no signing key is provided, one is generated
authorize: remove IsAdmin grpc endpoint
authorize/client: return authorize decision struct
cmd/pomerium: main logger no longer contains email and group
cryptutil: add ECDSA signing methods
dashboard: have impersonate form show up for all users, but have api gated by authz
docs: fix typo in signed jwt header
encoding/jws: remove unused es256 signer
frontend: namespace static web assets
internal/sessions: remove leeway to match authz policy
proxy:  move signing functionality to authz
proxy: remove jwt attestation from proxy (authZ does now)
proxy: remove non-signed headers from headers
proxy: remove special handling of x-forwarded-host
sessions: do not verify state in middleware
sessions: remove leeway from state to match authz
sessions/{all}: store jwt directly instead of state

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-10 11:19:26 -07:00
Bobby DeSimone
27909f22ce
docs: make from source quickstart (#519) 
- move building from so
- remove dnsmasq instructions

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-05 18:07:43 -08:00
Travis Groth
3654f44384
config: Expose and set default GRPC Server Keepalive Parameters (#509) 2020-02-19 21:21:28 -05:00
Bobby DeSimone
5716113c2a
authenticate: make callback path configurable (#493) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-02-08 09:06:23 -08:00
nitper
6a10112ebe docs: fix cookie_domain (#472) 2020-01-28 09:35:07 -08:00
Bobby DeSimone
dd54ce4481
v0.6.0 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-01-24 16:09:47 -08:00
Bobby DeSimone
8956bf4411
proxy: add preserve host header (#463) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-01-22 21:03:22 -08:00
Bobby DeSimone
8b7f344e01
docs: s/fwdauth/forwardauth/ (#447) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-01-07 13:54:36 -08:00
Travis Groth
e20e1f08c5
Fix typo in forward auth nginx docs (#445) 2020-01-01 12:52:18 -05:00
Dave Anderson
86b48a2aaf Add documentation for cookie settings. (#429) 2019-12-21 14:40:31 -08:00
Bobby DeSimone
ec9607d1d5
v0.5.0 (#375) 2019-11-14 20:02:16 -08:00