pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-05-01 11:26:29 +02:00

Author	SHA1	Message	Date
Caleb Doxsey	5491f99d78	Merge pull request from GHSA-pvrc-wvj2-f59p * authorize: use route id from envoy for policy evaluation * authorize: normalize URL query params * config: enable envoy normalize_path option --------- Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>	2023-05-26 13:34:21 -07:00
backport-actions-token[bot]	3307b9b824	authorize: move sign out and jwks urls to route, update issuer for JWT (#4049 ) authorize: move sign out and jwks urls to route, update issuer for JWT (#4046) * authorize: move sign out and jwks urls to route, update issuer for JWT * fix test Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>	2023-03-08 19:41:48 +00:00
Denis Mishin	a3cfe8fa42	keep trace span context (#3724 )	2022-11-04 17:52:13 -04:00
Caleb Doxsey	c19048649a	authorize: add support for cidr lookups (#3277 )	2022-04-19 16:18:34 -06:00
Caleb Doxsey	99b9a3ee12	authorize: add support for passing access or id token upstream (#3047 ) * authorize: add support for passing access or id token upstream * use an enum	2022-02-17 09:28:31 -07:00
Caleb Doxsey	c97dcf7e0f	envoy: add hash policy and routing key for hash-based load balancers (#2791 ) * envoy: add hash policy and routing key for hash-based load balancers * fix integration test * fix nginx	2021-12-01 13:42:12 -07:00
Caleb Doxsey	de1ed61b9a	authorize: fix google cloudrun header audience (#2558 )	2021-09-02 09:55:06 -06:00
Caleb Doxsey	c7a8f11d9a	authorize: add additional tracing for rego evaluation (#2381 )	2021-07-21 15:37:51 -06:00
Caleb Doxsey	dad35bcfb0	ppl: refactor authorize to evaluate PPL (#2224 ) * ppl: refactor authorize to evaluate PPL * remove opa test step * add log statement * simplify assignment * deny with forbidden if logged in * add safeEval function * create evaluator-specific config and options * embed the headers rego file directly	2021-05-21 09:50:18 -06:00

9 commits