3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-30 19:06:33 +02:00
Code Issues Projects Releases Packages Wiki Activity
1359 commits 157 branches 125 tags 103 MiB
Commit graph

1359 commits

This branch
This branch
All branches
Author SHA1 Message Date
Caleb Doxsey
64d247cfeb
onelogin: fix default scopes for v2 (#1896) 2021-02-17 08:51:13 -07:00
Caleb Doxsey
5be71b8e07
xds: fix misdirected script (#1895) 2021-02-16 14:57:21 -07:00
Yuchen Ying
51be8ffd76
remove unused internal/protoutil (#1893) 2021-02-16 13:54:38 -08:00
Caleb Doxsey
eb08658cfc
logs: strip query string (#1894) 2021-02-16 14:23:52 -07:00
Renovate Bot
e9792bdca6 chore(deps): update vuepress monorepo to v1.8.1 2021-02-15 10:53:16 +00:00
Renovate Bot
da3ea6db72 chore(deps): update module spf13/cobra to v1.1.3 2021-02-15 09:11:47 +00:00
Renovate Bot
bf95a08466 chore(deps): update module google.golang.org/api to v0.40.0 2021-02-15 07:21:33 +00:00
Renovate Bot
7a4c2cd108 chore(deps): update mikefarah/yq action to v4.5.1 2021-02-15 05:32:05 +00:00
Renovate Bot
619cb4bede chore(deps): update google.golang.org/genproto commit hash to e7f2df4 2021-02-15 04:32:25 +00:00
Renovate Bot
8da6b6615d chore(deps): update golang.org/x/oauth2 commit hash to 6667018 2021-02-15 03:47:33 +00:00
Travis Groth
07d9074796
docs: additional load balancing documentation (#1875) 2021-02-12 10:29:01 -05:00
bobby
c3e3ed9b50
authenticate: validate origin of signout (#1876) 
* authenticate: validate origin of signout

- add a debug task to kill envoy
- improve various function docs
- userinfo: return "error" page if user is logged out without redirect uri set
- remove front channel logout. There's little difference between it, and the signout function.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-11 21:37:54 -08:00
Travis Groth
9fd58f9b8a
config: add CertificateFiles to FileWatcherSource list (#1878) 2021-02-11 17:58:58 -05:00
Caleb Doxsey
963399b53d
proxy: implement pass-through for authenticate backend (#1870) 
* proxy: implement pass-through for authenticate backend

* address comments
 2021-02-09 14:03:54 -07:00
Caleb Doxsey
4bf5179bb6
controlplane: maybe fix flaky test (#1873) 2021-02-09 13:52:20 -07:00
Caleb Doxsey
9f6dc78798
config: allow customization of envoy boostrap admin options (#1872) 2021-02-09 11:29:58 -07:00
Caleb Doxsey
b5d52ceb3d
redis: fix deletion versioning (#1871) 2021-02-08 16:12:13 -07:00
bobby
a38913925d
controlplane: add global headers to virtualhost (#1861) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-08 12:30:45 -08:00
bobby
fcd8c3644f
options: header only applies to routes and authN (#1862) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-08 11:05:33 -08:00
wasaga
7b06d37913
unique envoy cluster ids (#1858) 2021-02-08 13:52:09 -05:00
Caleb Doxsey
7d236ca1af
authorize: move headers and jwt signing to rego (#1856) 
* wip

* wip

* wip

* remove SignedJWT field

* set google_cloud_serverless_authentication_service_account

* update jwt claim headers

* add mock get_google_cloud_serverless_headers for opa test

* swap issuer and audience

* add comment

* change default port in authz
 2021-02-08 10:53:21 -07:00
renovate[bot]
2dc0be2ec9
chore(deps): update module auth0 to v5 (#1868) 
* chore(deps): update module auth0 to v5

* fix v4->v5

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-02-08 08:50:15 -07:00
renovate[bot]
970662f85f
chore(deps): update module go-redis/redis/v8 to v8.5.0 (#1866) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-02-08 07:51:43 -07:00
Renovate Bot
7abd8a85cc chore(deps): update mikefarah/yq action to v4.5.0 2021-02-08 12:51:14 +00:00
Renovate Bot
9fb577fcdc chore(deps): update module google.golang.org/api to v0.39.0 2021-02-08 05:36:45 +00:00
Renovate Bot
e314b2bf37 chore(deps): update google.golang.org/genproto commit hash to bba0dbe 2021-02-08 03:37:05 +00:00
Renovate Bot
91b43b1404 chore(deps): update golang.org/x/oauth2 commit hash to 0101308 2021-02-08 02:24:51 +00:00
Travis Groth
912fb3532d
remove generated code from code coverage metrics (#1857) 2021-02-05 16:12:22 -05:00
Travis Groth
b9faff7b89
ci: enable backporting from forks (#1854) 2021-02-04 20:15:01 -05:00
Caleb Doxsey
25b697a13d
authorize: allow access by user id (#1850) 2021-02-03 07:15:44 -07:00
Caleb Doxsey
7a5c4fd0f6
authorize: handle null (#1853) 2021-02-02 17:29:21 -08:00
Caleb Doxsey
899076a06a
fix data race (#1851) 2021-02-02 16:19:33 -07:00
Caleb Doxsey
74ac23c980
authorize: remove DataBrokerData input (#1847) 
* authorize: remove DataBrokerData

* add opa test

* domain, group tests

* more tests

* remove databroker data input

* update authz tests

* update dead code

* fix method name

* handle / in keys
 2021-02-02 14:27:35 -07:00
Travis Groth
14a637570f
deployment: set maintainer field in packages (#1848) 2021-02-02 16:21:15 -05:00
Caleb Doxsey
eed873b263
authorize: remove DataBrokerData (#1846) 
* authorize: remove DataBrokerData

* fix method name
 2021-02-02 11:40:21 -07:00
Brad Jones
2f3c73baf3
Update GitLab provider docs (#1591) 
* Update GitLab provider docs

Updates GitLab provider docs to reference self-hosted GitLab and provide additional clarity on required scopes.

* precommit fix

Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-01 15:48:06 -08:00
Caleb Doxsey
655951cfa1
opa: format rego files (#1845) 
* opa: format rego files

* statik
 2021-02-01 15:43:08 -07:00
Caleb Doxsey
b7f0242090
authorize: remove admin (#1833) 
* authorize: remove admin

* regen rego

* add note to upgrading
 2021-02-01 15:22:02 -07:00
Caleb Doxsey
a5a3ab55fc
xds: fix always requiring client certificates (#1844) 
* xds: fix always requiring client certificates

* break early
 2021-02-01 12:44:22 -07:00
Renovate Bot
ce3c0d6185 chore(deps): update module go-redis/redis/v8 to v8.4.11 2021-02-01 17:40:03 +00:00
Travis Groth
5558f81ffc
ci: fix version metadata in non-releases (#1836) 2021-02-01 10:53:57 -05:00
Caleb Doxsey
cc85ea601d
policy: add new certificate-authority option for downstream mTLS client certificates (#1835) 
* policy: add new certificate-authority option for downstream mTLS client certificates

* update proto, docs
 2021-02-01 08:10:32 -07:00
renovate[bot]
8e3404e7be
chore(deps): update module go.opencensus.io to v0.22.6 (#1842) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-02-01 07:59:23 -07:00
renovate[bot]
9cee50a12c
chore(deps): update module google.golang.org/api to v0.38.0 (#1656) 
* chore(deps): update module google.golang.org/api to v0.38.0

* fix google api tests

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-02-01 07:18:56 -07:00
Renovate Bot
f6fc77712e chore(deps): update google.golang.org/genproto commit hash to 44e461b 2021-02-01 04:00:48 +00:00
Renovate Bot
b202c7b815 chore(deps): update golang.org/x/oauth2 commit hash to f9ce19e 2021-02-01 02:23:39 +00:00
wasaga
66ff2cdaba
cluster name (#1834) 2021-01-29 16:55:38 -05:00
wasaga
67f6030e1e
upstream endpoints load balancer weights (#1830) 2021-01-28 09:11:14 -05:00
Caleb Doxsey
3567183ce5
grpc: use custom resolver (#1828) 2021-01-27 16:19:16 -07:00
Vihar Desu
c39fdb51e8
updated host rewrite docs (#1799) 
* updated host rewrite docs

* quick fix

* fixed precommit
 2021-01-27 12:44:58 -07:00