3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-09 07:16:02 +02:00
Code Issues Projects Releases Packages Wiki Activity
2640 commits 159 branches 126 tags 104 MiB
Commit graph

2640 commits

This branch
This branch
All branches
Author SHA1 Message Date
wasaga
6aa716bc95
propagate changes back from encrypted backend (#2079) 2021-04-12 09:42:45 -04:00
Caleb Doxsey
8924b1a5fc
config: use tls_custom_ca from policy if available (#2077) 2021-04-09 12:26:46 -06:00
Caleb Doxsey
6d1d2bec54
crypto: use actual bytes of shared secret, not the base64 encoded representation (#2075) 
* crypto: use actual bytes of shared secret, not the base64 encoded representation

* return errors

* return errors
 2021-04-08 20:04:01 -06:00
dependabot[bot]
7a04b16163
chore(deps): bump gopkg.in/auth0.v5 from 5.13.0 to 5.14.1 (#2071) 
Bumps [gopkg.in/auth0.v5](https://github.com/go-auth0/auth0) from 5.13.0 to 5.14.1.
- [Release notes](https://github.com/go-auth0/auth0/releases)
- [Changelog](https://github.com/go-auth0/auth0/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-auth0/auth0/compare/v5.13.0...v5.14.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-08 09:15:38 -06:00
dependabot[bot]
9359ae6deb
chore(deps): bump google.golang.org/grpc from 1.36.1 to 1.37.0 (#2072) 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.36.1 to 1.37.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.36.1...v1.37.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-08 09:10:52 -06:00
dependabot[bot]
f72fa85f89
chore(deps): bump google.golang.org/api from 0.43.0 to 0.44.0 (#2073) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.43.0 to 0.44.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.43.0...v0.44.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-08 09:09:49 -06:00
Travis Groth
f59f31410a
deps: switch from renovate to dependabot (#2069) 2021-04-08 10:29:48 -04:00
Caleb Doxsey
aeb8aaf9cd
directory: remove provider from user id (#2068) 2021-04-07 15:06:08 -06:00
Caleb Doxsey
a51c7140ea
cryptutil: use bytes for hmac (#2067) 2021-04-07 14:57:24 -06:00
wasaga
a935c1ba30
config related metrics (#2065) 2021-04-07 12:29:36 -07:00
Caleb Doxsey
9de340b48b
cryptutil: always use kek public id, add x509 support (#2066) 2021-04-07 09:44:36 -07:00
Caleb Doxsey
294addd857
databroker: remove unused installation id, close streams when backend is closed (#2062) 2021-04-06 13:41:19 -06:00
Travis Groth
187d0a0195
docs: update community slack link (#2063) 2021-04-06 14:57:59 -04:00
Caleb Doxsey
d8f11dcb91
proxy: support re-proxying request through control plane for kubernetes (#2051) 
* proxy: support re-proxying request from envoy for kubernetes

* encrypt policy id for reproxy, implement tls options

* add comment, use hmac

* use httputil handler and error

* remove reproxy headers on all incoming request

* only allow re-proxying for kubernetes, strip headers

* fix tests
 2021-04-06 12:08:09 -06:00
Caleb Doxsey
f84f7551d0
authenticate: fix default sign out url (#2061) 2021-04-06 10:35:08 -06:00
Caleb Doxsey
8a2af8029b
authorize: additional tracing, add benchmark for encryptor (#2059) 2021-04-05 12:55:16 -06:00
Caleb Doxsey
f4c4fe314a
authorize: audit logging (#2050) 
* authorize: add databroker server and record version to result, force sync via polling

* authorize: audit logging
 2021-04-05 09:58:55 -06:00
Renovate Bot
00e56212ec fix(deps): update module github.com/golang/protobuf to v1.5.2 2021-04-05 10:37:13 +00:00
Renovate Bot
7f3093f60f fix(deps): update module github.com/envoyproxy/protoc-gen-validate to v0.5.1 2021-04-05 09:50:57 +00:00
Renovate Bot
4c85d3b3d8 fix(deps): update google.golang.org/genproto commit hash to 6c239bb 2021-04-05 09:04:12 +00:00
Renovate Bot
5469caeb6c fix(deps): update golang.org/x/oauth2 commit hash to 2e8d934 2021-04-05 05:08:34 +00:00
Renovate Bot
ecfd29d4f0 fix(deps): update golang.org/x/net commit hash to 0fccb6f 2021-04-05 03:42:02 +00:00
Travis Groth
c7d243d742
proxy: restrict programmatic URLs to localhost (#2049) 
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-04-01 10:04:49 -04:00
Travis Groth
0635c838c9
authenticate: validate signature on /.pomerium, /.pomerium/sign_in and /.pomerium/sign_out (#2048) 
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-04-01 10:04:16 -04:00
contrun
c96ff595e5
fix not obtaining correct gitlab url because of empty string (#2044) 2021-03-31 11:21:16 -06:00
Caleb Doxsey
d7ab817de7
authorize: add databroker server and record version to result, force sync via polling (#2024) 
* authorize: add databroker server and record version to result, force sync via polling

* wrap inmem store to take read lock when grabbing databroker versions

* address code review comments

* reset max to 0
 2021-03-31 10:09:06 -06:00
wasaga
8f97b0d6ee
skip redis cluster on non-linux systems (#2045) 2021-03-31 10:42:49 -04:00
contrun
9980206073
change require_proxy_protocol to use_proxy_protocol (#2043) 
I set `use_proxy_protocol` to be true in my yaml config. Envoy didn't use proxy protocol albeit. Both the documents and https://github.com/pomerium/pomerium/pull/1777 hint the name should be use_proxy_protocol.
 2021-03-31 07:40:31 -06:00
wasaga
c27cd9030d
support host:port in metrics_address (#2042) 2021-03-30 18:54:33 -04:00
Caleb Doxsey
4218f49741
authorize: bypass data in rego for databroker data (#2041) 2021-03-30 14:14:32 -06:00
Caleb Doxsey
76bc7a7e9a
proxy: add nil check for fix-misdirected (#2040) 
* proxy: add nil check for fix-misdirected

* fix test
 2021-03-30 08:22:38 -06:00
dharmendra kariya
7767992a29
Updating Doc for Pomerium-Dex Exercise (#2018) 
* Updating Doc for Pomerium-Dex Exercise

This PR has Documentation for Pomerium-Dex Integration.

Please let me know the changes or do the needful.

I can refactor this.

* Removing Last Two Lines

* Update readme.md
 2021-03-30 07:24:58 -06:00
wasaga
80c55dd50c
databroker: return server version in Get (#2039) 2021-03-29 13:18:38 -04:00
renovate[bot]
a44b50f76e
fix(deps): update golang.org/x/crypto commit hash to 0c34fe9 (#2027) 
* fix(deps): update golang.org/x/crypto commit hash to 0c34fe9

* fix(deps): update golang.org/x/crypto commit hash to 0c34fe9

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:23:52 -06:00
renovate[bot]
ad514227ee
fix(deps): update golang.org/x/net commit hash to 61e0566 (#2028) 
* fix(deps): update golang.org/x/net commit hash to 61e0566

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:20:29 -06:00
renovate[bot]
862576eec9
fix(deps): update google.golang.org/genproto commit hash to 679c6ae (#2030) 
* fix(deps): update google.golang.org/genproto commit hash to 679c6ae

* fix(deps): update google.golang.org/genproto commit hash to 679c6ae

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:18:56 -06:00
renovate[bot]
740a9b81d9
fix(deps): update module github.com/go-redis/redis/v8 to v8.8.0 (#2032) 
* fix(deps): update module github.com/go-redis/redis/v8 to v8.8.0

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:17:24 -06:00
renovate[bot]
3dcc182749
fix(deps): update module github.com/prometheus/common to v0.20.0 (#2033) 
* fix(deps): update module github.com/prometheus/common to v0.20.0

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:16:03 -06:00
renovate[bot]
2926e5c82f
fix(deps): update module github.com/rs/zerolog to v1.21.0 (#2034) 
* fix(deps): update module github.com/rs/zerolog to v1.21.0

* fix(deps): update module github.com/rs/zerolog to v1.21.0

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:15:00 -06:00
renovate[bot]
9ca72ea437
fix(deps): update module google.golang.org/api to v0.43.0 (#2035) 
* fix(deps): update module google.golang.org/api to v0.43.0

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:13:26 -06:00
renovate[bot]
85ad7d93ed
fix(deps): update module google.golang.org/grpc to v1.36.1 (#2036) 
* fix(deps): update module google.golang.org/grpc to v1.36.1

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-03-29 09:10:36 -06:00
Renovate Bot
563f65b916 fix(deps): update module gopkg.in/auth0.v5 to v5.13.0 2021-03-29 15:05:02 +00:00
Renovate Bot
ba7dd8f3c9 chore(deps): update mikefarah/yq action to v4.6.3 2021-03-29 07:21:09 +00:00
Renovate Bot
15aa5f62be fix(deps): update golang.org/x/oauth2 commit hash to 22b0ada 2021-03-29 03:11:11 +00:00
Caleb Doxsey
5a33012950
protoutil: add generic transformer (#2023) 2021-03-26 09:59:38 -06:00
Caleb Doxsey
dda6a9af60
cryptutil: add envelope encryption w/key encryption key and data encryption key (#2020) 
* cryptutil: add envelope encryption w/key encryption key and data encryption key

* use randomBytes, derive kek id, add tests

* add comment about lru error
 2021-03-26 06:57:35 -06:00
Caleb Doxsey
4cc697ace4
autocert: add metrics for renewal count, total and next expiration (#2019) 2021-03-25 08:03:04 -06:00
Travis Groth
7eac4283ed
deps: bundle all patch upgrades in a single group (#2016) 2021-03-24 10:22:42 -04:00
Caleb Doxsey
e2ebef44ef
telemetry: add installation id (#2017) 
* telemetry: add installation id

* set installation id globally

* remove unneeded changes
 2021-03-24 07:22:54 -06:00
Caleb Doxsey
853d2dd478
config: use getters for certificates (#2001) 
* config: use getters for certificates

* update log message
 2021-03-23 08:02:50 -06:00