pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-05-30 09:27:19 +02:00

Author	SHA1	Message	Date
backport-actions-token[bot]	c0848eecfe	only support loading idp tokens via bearer tokens (#5546 ) only support loading idp tokens via bearer tokens (#5545) Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>	2025-03-26 09:52:00 -06:00
Caleb Doxsey	cb5ee48323	config: preserve existing user when creating sessions from idp token (#5502 ) * config: preserve existing user when creating sessions from idp token * fix	2025-02-27 09:05:31 -07:00
Caleb Doxsey	a9e26b155d	identity: disable session refresh for idp token sessions, fix query cache invalidation (#5495 )	2025-02-24 15:33:23 -07:00
Caleb Doxsey	b9fd926618	authorize: support authenticating with idp tokens (#5484 ) * identity: add support for verifying access and identity tokens * allow overriding with policy option * authenticate: add verify endpoints * wip * implement session creation * add verify test * implement idp token login * fix tests * add pr permission * make session ids route-specific * rename method * add test * add access token test * test for newUserFromIDPClaims * more tests * make the session id per-idp * use type for * add test * remove nil checks	2025-02-18 13:02:06 -07:00
Caleb Doxsey	52d4899d4c	core/proxy: support loading sessions from headers and query string (#5291 ) * core/proxy: support loading sessions from headers and query string * update test	2024-09-19 09:23:13 -06:00
Caleb Doxsey	e5e6558de6	core/authorize: require new login when authenticate url changes (#5165 )	2024-07-12 10:57:41 -06:00
Caleb Doxsey	6a9d6e45e1	config: allow blank identity providers when loading sessions for service account support (#3709 )	2022-10-27 08:32:06 -06:00
Caleb Doxsey	30bdae3d9e	sessions: check idp id to detect provider changes to force session invalidation (#3707 ) * sessions: check idp id to detect provider changes to force session invalidation * remove dead code * fix test	2022-10-25 16:20:32 -06:00

8 commits