3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-01 11:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
1501 commits 159 branches 125 tags 103 MiB
Commit graph

10 commits

Author SHA1 Message Date
Caleb Doxsey
3906b70bc5
authorize: support arbitrary jwt claims (#2102) 
* authorize: support arbitrary jwt claims

* remove dead code
 2021-04-19 14:55:08 -06:00
Caleb Doxsey
d7ab817de7
authorize: add databroker server and record version to result, force sync via polling (#2024) 
* authorize: add databroker server and record version to result, force sync via polling

* wrap inmem store to take read lock when grabbing databroker versions

* address code review comments

* reset max to 0
 2021-03-31 10:09:06 -06:00
Caleb Doxsey
4218f49741
authorize: bypass data in rego for databroker data (#2041) 2021-03-30 14:14:32 -06:00
Caleb Doxsey
ae7626df3e
authorize: set JWT to expire after 5 minutes (#1980) 
* authorize: set JWT to expire after 5 minutes

* use lesser of 5 minutes or id token expiration

* add test for expires at
 2021-03-15 07:38:32 -06:00
Caleb Doxsey
b6ec01f377
assets: use embed instead of statik (#1960) 
* assets: use embed instead of statik

* remove empty line

* maybe fix precommit
 2021-03-03 18:56:55 -07:00
Caleb Doxsey
1a1cc30c67
config: support map of jwt claim headers (#1906) 
* config: support map of jwt claim headers

* fix array handling, add test

* update docs

* use separate hook, add tests
 2021-02-17 13:43:18 -07:00
Caleb Doxsey
7d236ca1af
authorize: move headers and jwt signing to rego (#1856) 
* wip

* wip

* wip

* remove SignedJWT field

* set google_cloud_serverless_authentication_service_account

* update jwt claim headers

* add mock get_google_cloud_serverless_headers for opa test

* swap issuer and audience

* add comment

* change default port in authz
 2021-02-08 10:53:21 -07:00
Caleb Doxsey
25b697a13d
authorize: allow access by user id (#1850) 2021-02-03 07:15:44 -07:00
Caleb Doxsey
7a5c4fd0f6
authorize: handle null (#1853) 2021-02-02 17:29:21 -08:00
Caleb Doxsey
74ac23c980
authorize: remove DataBrokerData input (#1847) 
* authorize: remove DataBrokerData

* add opa test

* domain, group tests

* more tests

* remove databroker data input

* update authz tests

* update dead code

* fix method name

* handle / in keys
 2021-02-02 14:27:35 -07:00