3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-03 20:36:03 +02:00
Code Issues Projects Releases Packages Wiki Activity
2640 commits 159 branches 125 tags 104 MiB
Commit graph

2640 commits

This branch
This branch
All branches
Author SHA1 Message Date
Travis Groth
db9895a274
Bump grpc up to 1.27.1 (#609) 2020-04-13 22:27:02 -04:00
Bobby DeSimone
b423b234e9
docs: update upgrading / changelog to v0.7.2 (#601) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-13 16:20:29 -07:00
Ogundele Olumide
e0dd6734d3
an attempt to improve the identity provider docs (#608) 2020-04-13 11:30:29 -07:00
Renovate Bot
e9057c83e8 chore(deps): update module square/go-jose to v2.5.0 2020-04-13 04:45:00 +00:00
Renovate Bot
f964847762 chore(deps): update module spf13/viper to v1.6.3 2020-04-13 03:36:52 +00:00
Travis Groth
7ad528fef5
Update docker master/latest tag handling (#598) 
* Ensure latest is actually latest semver and not last published

* Resume publishing master snapshot

* Build master image off debug gcr.io/distroless/base:debug
 2020-04-12 14:42:03 -04:00
Bobby DeSimone
6337377ad6
cli: fix some confusing comments (#602) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-12 10:16:50 -07:00
Ogundele Olumide
ae4204d42b
internal/identity: implement github provider support (#582) 
Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-10 10:48:14 -07:00
Travis Groth
789068e27a
Add configurable JWT claim headers (#596) 2020-04-09 23:41:55 -04:00
Renovate Bot
b08ecc624a chore(deps): update vuepress monorepo to v1.4.0 2020-04-09 22:33:07 +00:00
Bobby DeSimone
ad56322c7e
site: fix site on mobile (#597) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-09 10:56:39 -07:00
Bobby DeSimone
8111a3d1b5
grpcutil: remove unused pkg (#593) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-08 15:10:48 -07:00
Bobby DeSimone
56e3f92181
proxy: remove unused session unmarshal (#592) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-07 19:59:40 -07:00
Travis Groth
3e562bbf37
deployment: publish with github actions and goreleaser (#586) 
* Add release workflow
 2020-04-07 07:28:58 -04:00
Renovate Bot
12560f93f4 chore(deps): update golang.org/x/crypto commit hash to baeed62 2020-04-06 01:28:53 +00:00
Bobby DeSimone
d780281fc0
v0.7.0 
See (#576)
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-04-04 20:45:48 -07:00
Travis Groth
d0acad597d
deployment: Add testing workflow (#583) 
* Add testing workflow

* Remove testing from travis
 2020-04-04 19:44:14 -04:00
Renovate Bot
519a79f685 chore(deps): update module fatih/color to v1.9.0 2020-03-30 02:26:26 +00:00
Renovate Bot
ce728c14b8 chore(deps): update golang.org/x/crypto commit hash to 0ec3e99 2020-03-30 01:50:16 +00:00
Ogundele Olumide
3c6431e5bc
change gitlab group unique identifier from name to ID (#571) 2020-03-28 12:45:24 -07:00
Bobby DeSimone
4c5d2d8020
bug: fix group impersonation (#569) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-27 09:46:08 -07:00
İlker Göktuğ Öztürk
297b0fd6c7
docs: fix typo (#566) 2020-03-26 11:55:55 -07:00
Travis Groth
799d1ad162
Use Host:port for JWT audience generation 
Signed-off-by: Travis Groth <travisgroth@users.noreply.github.com> (#562)
 2020-03-25 22:15:15 -04:00
Cuong Manh Le
136a366e5c
authenticate: return 401 for some specific error codes (#561) 
Fixes #551
 2020-03-25 18:36:03 -07:00
Bobby DeSimone
9bee6bb648
cmd: add cli to generate service accounts (#552) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-24 20:23:07 -07:00
Travis Groth
cc504362e4
Add storage metrics (#554) 
* Add cache storage metrics

- autocache client metrics
- autocache server metrics
- boltdb metrics
- redis client metrics
- refactor metrics registry to be general purpose
 2020-03-23 22:07:48 -04:00
Renovate Bot
acfc880421 chore(deps): update module open-policy-agent/opa to v0.18.0 2020-03-23 05:53:40 +00:00
Renovate Bot
ba96854a4f chore(deps): update module go.etcd.io/bbolt to v1.3.4 2020-03-23 04:19:40 +00:00
Renovate Bot
df606bdff6 chore(deps): update golang.org/x/crypto commit hash to 891825f 2020-03-23 02:16:37 +00:00
Bobby DeSimone
c23db546fa
authorization: log audience claim failure (#553) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-22 12:06:25 -07:00
Renovate Bot
74637ea4ac chore(deps): update module fsnotify/fsnotify to v1.4.9 2020-03-20 13:18:47 +00:00
Renovate Bot
ed963f9c38 chore(deps): update module prometheus/client_golang to v1.5.1 2020-03-20 02:40:33 +00:00
Bobby DeSimone
4491d1b0e9
sessions: sign-out bug fixes #530 (#544) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-19 18:43:43 -07:00
Renovate Bot
d5d180aa01 chore(deps): update golang.org/x/crypto commit hash to 1b76d66 2020-03-17 17:59:51 +00:00
Renovate Bot
d597af9de4 chore(deps): update module golang/protobuf to v1.3.5 2020-03-17 13:35:07 +00:00
Renovate Bot
8ddb702572 chore(deps): update module golang/mock to v1.4.3 2020-03-17 11:48:19 +00:00
Ogundele Olumide
3dd9188004
feat: gitlab oidc/ oauth provider (#518) 
- implement gitlab oauth support
 - add documentation for the gitlab support
 2020-03-16 19:58:49 -07:00
Bobby DeSimone
ba14ea246d
*: remove import path comments (#545) 
- import path comments are obsoleted by the go.mod file's module statement

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-16 10:13:47 -07:00
Mihai Todor
c14e3d8b34
Make IDP_PROVIDER env var mandatory (#536) 2020-03-15 19:00:23 -07:00
Renovate Bot
1b8db111f5 chore(deps): update github.com/pomerium/autocache commit hash to 227c993 2020-03-16 01:34:39 +00:00
Bobby DeSimone
6f4b26abe2
identity: support oidc UserInfo Response (#529) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-12 20:56:40 -07:00
Bobby DeSimone
8d1732582e
authorize: use jwt insead of state struct (#514) 
authenticate: unmarshal and verify state from jwt, instead of middleware
authorize: embed opa policy using statik
authorize: have IsAuthorized handle authorization for all routes
authorize: if no signing key is provided, one is generated
authorize: remove IsAdmin grpc endpoint
authorize/client: return authorize decision struct
cmd/pomerium: main logger no longer contains email and group
cryptutil: add ECDSA signing methods
dashboard: have impersonate form show up for all users, but have api gated by authz
docs: fix typo in signed jwt header
encoding/jws: remove unused es256 signer
frontend: namespace static web assets
internal/sessions: remove leeway to match authz policy
proxy:  move signing functionality to authz
proxy: remove jwt attestation from proxy (authZ does now)
proxy: remove non-signed headers from headers
proxy: remove special handling of x-forwarded-host
sessions: do not verify state in middleware
sessions: remove leeway from state to match authz
sessions/{all}: store jwt directly instead of state

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-10 11:19:26 -07:00
Renovate Bot
a477af9378 chore(deps): update module prometheus/client_golang to v1.5.0 2020-03-10 11:42:23 +00:00
Bobby DeSimone
855860136c
depedency: use go mod versioned redis (#528) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-03-08 10:48:53 -07:00
Renovate Bot
7e1c4fa498 chore(deps): update module google.golang.org/api to v0.20.0 2020-03-07 15:53:20 +00:00
Renovate Bot
9515a48ba0 chore(deps): update golang.org/x/crypto commit hash to 78000ba 2020-03-07 14:44:21 +00:00
Renovate Bot
702f63fea1 chore(deps): update module open-policy-agent/opa to v0.17.3 2020-03-07 13:01:58 +00:00
Renovate Bot
32904cfe36 chore(deps): update module rakyll/statik to v0.1.7 2020-03-07 03:03:35 +00:00
Renovate Bot
3378a5ecf8 chore(deps): update module golang/protobuf to v1.3.4 2020-03-07 01:18:26 +00:00
Renovate Bot
37a50b3a34 chore(deps): update module gorilla/mux to v1.7.4 2020-03-06 23:49:00 +00:00