3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-03 04:16:03 +02:00
Code Issues Projects Releases Packages Wiki Activity
2359 commits 159 branches 125 tags 104 MiB
Commit graph

618 commits

Author SHA1 Message Date
Caleb Doxsey
bc078f8bd2
authorize: fix x-forwarded-uri (#3479) 
* authorize: fix x-forwarded-uri

* fix raw path
 2022-07-14 09:32:48 -06:00
Caleb Doxsey
24a9d627cd
postgres: registry support (#3454) 2022-07-13 09:14:47 -06:00
Caleb Doxsey
d9274f0d19
autocert: continue on error (#3476) 2022-07-12 14:05:27 -06:00
Caleb Doxsey
b4cbecc4fd
Revert "userinfo: embed assets as data URLs for forward auth" (#3474) 
Revert "userinfo: embed assets as data URLs for forward auth (#3460)"

This reverts commit 6c573282ee.
 2022-07-12 09:38:53 -06:00
Caleb Doxsey
6c573282ee
userinfo: embed assets as data URLs for forward auth (#3460) 2022-07-11 08:04:24 -06:00
Denis Mishin
f67b33484b
add metrics aggregation (#3452) 2022-06-30 10:52:45 -04:00
Caleb Doxsey
a938a23ea2
device enrollment: fix ip address (#3430) 2022-06-16 11:30:38 -06:00
Denis Mishin
d1037d784a
allow pomerium to be embedded as a library (#3415) 2022-06-15 20:29:19 -04:00
Denis Mishin
db426072b0
eliminate global events manager (#3422) 2022-06-14 15:05:16 -04:00
bobby
ebbb6a7ff2
docs: update references, remove docs dir (#3420) 
* docs: update references, remove docs dir

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* Update README.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

* Update Docs Paths

* precommit

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* remove spellcheck

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* spell the check

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-06-13 16:52:52 -07:00
Caleb Doxsey
45a29ea879
databroker: add support for syncing by type (#3412) 
* databroker: add support for syncing by type

* add type url, fix query
 2022-06-13 09:52:13 -06:00
Caleb Doxsey
a7bd284b52
identity: batch directory updates (#3411) 
* identity: batch directory updates

* add batch details to log message
 2022-06-08 16:48:15 -06:00
Denis Mishin
f7b6ed0ad4
use generic version of btree (#3404) 2022-06-06 14:31:05 -04:00
Caleb Doxsey
fd82cc7870
authenticate: allow changing the authenticate service URL at runtime (#3378) 
* config: better change detection

* wip

* fix middleware

* add middleware before handlers

* use ctx
 2022-05-31 13:24:40 -06:00
Denis Mishin
9baaea5e85
do not require idp set in the bootstrap config, as it may be later configured via the databroker (#3386) 2022-05-31 11:42:19 -04:00
Caleb Doxsey
1c2aad2de6
postgres: databroker storage backend (#3370) 
* wip

* storage: add filtering to SyncLatest

* don't increment the record version, so intermediate changes are requested

* databroker: add support for query filtering

* fill server and record version

* postgres: databroker storage backend

* wip

* serialize puts

* add test

* skip tests for macos

* add test

* return error from protojson

* set data

* exclude postgres from cover tests
 2022-05-25 10:23:58 -06:00
Caleb Doxsey
994faba0c8
databroker: add support for query filtering (#3369) 
* wip

* storage: add filtering to SyncLatest

* don't increment the record version, so intermediate changes are requested

* databroker: add support for query filtering

* fill server and record version

* add test checks

* add explanation to query filter error
 2022-05-19 09:07:32 -06:00
Caleb Doxsey
1669b601ea
storage: add filtering to SyncLatest (#3368) 
* wip

* storage: add filtering to SyncLatest

* don't increment the record version, so intermediate changes are requested

* fix stream filter
 2022-05-17 16:00:23 -06:00
Caleb Doxsey
f73c5c615f
databroker: add support for putting multiple records (#3291) 
* databroker: add support for putting multiple records

* add OptimumPutRequestsFromRecords function

* replace GetAll with SyncLatest

* fix stream when there are no records
 2022-04-26 16:41:38 -06:00
Caleb Doxsey
74310b3de3
authorize: pass idp id for webauthn url, allow unauthenticated access to static files (#3282) 2022-04-20 11:07:09 -06:00
Caleb Doxsey
761c17b8ac
grpc: wait for connect to be ready before making calls (#3253) 
* grpc: wait for connect to be ready before making calls

* make sure to stop the ticker
 2022-04-08 12:18:52 -06:00
Caleb Doxsey
b79f1e379f
config: add support for downstream TLS server name (#3243) 
* config: add support for downstream TLS server name

* fix whitespace

* fix whitespace

* add docs

* add tls_upstream_server_name and tls_downstream_server_name to config

* Update docs/reference/settings.yaml

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

* Update docs/reference/readme.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

* add deprecation notice

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-04-06 06:48:45 -07:00
Caleb Doxsey
36f73fa6c7
authorize: track session and service account access date (#3220) 
* session: add accessed at date

* authorize: track session and service account access times

* Revert "databroker: add support for field masks on Put (#3210)"

This reverts commit 2dc778035d.

* add test

* fix data race in test

* add deadline for update

* track dropped accesses
 2022-03-31 09:19:04 -06:00
Caleb Doxsey
a243056cfa
Revert "databroker: add support for field masks on Put (#3210)" (#3217) 
This reverts commit 2dc778035d.
 2022-03-31 11:17:57 -04:00
Caleb Doxsey
b435f73e2b
authenticate: fix debug and metrics endpoints (#3212) 2022-03-30 09:37:37 -06:00
Caleb Doxsey
2dc778035d
databroker: add support for field masks on Put (#3210) 
* databroker: add support for field masks on Put

* return errors

* clean up go.mod
 2022-03-29 16:36:40 -06:00
dependabot[bot]
8d8d82fa4d
chore(deps): bump github.com/caddyserver/certmagic from 0.15.4 to 0.16.0 (#3198) 
* chore(deps): bump github.com/caddyserver/certmagic from 0.15.4 to 0.16.0

Bumps [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) from 0.15.4 to 0.16.0.
- [Release notes](https://github.com/caddyserver/certmagic/releases)
- [Commits](https://github.com/caddyserver/certmagic/compare/v0.15.4...v0.16.0)

---
updated-dependencies:
- dependency-name: github.com/caddyserver/certmagic
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update dependency names

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2022-03-28 12:46:17 -06:00
Caleb Doxsey
69ba511c64
authenticate: fix internal url with webauthn (#3194) 2022-03-28 06:36:48 -06:00
Caleb Doxsey
75a037b901
try pinning docker dependency (#3185) 
* try pinning docker dependency

* pin deps
 2022-03-23 13:47:35 -06:00
Caleb Doxsey
7d00ad9b7d
remove version (#3184) 2022-03-23 11:51:24 -06:00
Caleb Doxsey
a65024f8fe
github: fix missing groups (#3171) 2022-03-22 12:07:42 -06:00
Caleb Doxsey
f894205d08
directory: support non-base64 encoded service accounts (#3150) 2022-03-14 14:38:41 -06:00
Caleb Doxsey
aaff52fc61
databroker: use contextual logging for errors, use original record type for encryption (#3096) 2022-03-04 14:40:15 -05:00
JBodkin-Amphora
8567b56b8d
Extract email for active directory users that don't have access to exchange (#3053) 2022-03-04 13:18:39 -05:00
Caleb Doxsey
1342523cda
grpc: remove ptypes references (#3078) 2022-02-24 08:37:59 -07:00
Caleb Doxsey
38c7089642
userinfo: fix logout button, add sign out confirm page (#3058) 
* userinfo: fix logout button, add sign out confirm page

* fix test
 2022-02-23 08:15:00 -07:00
Caleb Doxsey
f9b95a276b
authenticate: support for per-route client id and client secret (#3030) 
* implement dynamic provider support

* authenticate: support per-route client id and secret
 2022-02-16 12:31:55 -07:00
Caleb Doxsey
46c4d5fa7e
session: remove unused session state properties (#3022) 
* fix error page

* share dashboard code

* sessions: remove unused session state properties

* remove programmatic

* remove version
 2022-02-09 10:59:06 -07:00
Caleb Doxsey
0898dd4f34
proxy: fix error page (#3020) 
* fix error page

* proxy: fix error page

* share dashboard code

* fix test
 2022-02-09 09:14:24 -07:00
Caleb Doxsey
2824faecbf
frontend: react+mui (#3004) 
* mui v5 wip

* wip

* wip

* wip

* use compressor for all controlplane endpoints

* wip

* wip

* add deps

* fix authenticate URL

* fix test

* fix test

* fix build

* maybe fix build

* fix integration test

* remove image asset test

* add yarn.lock
 2022-02-07 08:47:58 -07:00
Caleb Doxsey
7757988015
controlplane: add compression middleware (#3000) 2022-02-03 16:33:49 -07:00
Caleb Doxsey
d1c4c55fd9
auth0: support explicit domains in the service account (#2980) 
* auth0: support explicit domains in the service account

* also handle FromOptions
 2022-02-02 08:58:05 -07:00
Denis Mishin
ac9e086691
last known metric error (#2974) 2022-01-31 12:35:51 -05:00
Caleb Doxsey
64ee7eca5c
directory: save IDP errors to databroker, put event handling in dedicated package (#2957) 2022-01-28 15:15:32 -07:00
Caleb Doxsey
ace5bbb89a
config: fix policy matching for regular expressions (#2966) 
* config: fix policy matching for regular expressions

* compile regex in validate, add test

* fix test
 2022-01-25 08:48:40 -07:00
cfanbo
e83c7f971b
fix: frontend html tag mismatch (#2954) 2022-01-24 20:18:35 -05:00
Caleb Doxsey
ed6c3e5087
google: support groups for users outside of the organization (#2950) 
* google: support groups for users outside of the organization

* wrap error
 2022-01-21 09:36:32 -07:00
Sylvain Rabot
6574926c42
Remove spurious </ul> tags (#2946) 
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
 2022-01-20 10:01:44 -07:00
Denis Mishin
6b26f58e4f
return explicit error when directory sync is disabled (#2949) 2022-01-19 17:02:49 -05:00
dependabot[bot]
58ca681f40
chore(deps): bump github.com/go-chi/chi from 1.5.4 to 4.1.2+incompatible (#2910) 
* chore(deps): bump github.com/go-chi/chi from 1.5.4 to 4.1.2+incompatible

Bumps [github.com/go-chi/chi](https://github.com/go-chi/chi) from 1.5.4 to 4.1.2+incompatible.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v1.5.4...v4.1.2)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* upgrade chi

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2022-01-10 10:50:11 -07:00