3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-02 10:52:49 +02:00
Code Issues Projects Releases Packages Wiki Activity
1119 commits 169 branches 127 tags 105 MiB
Commit graph

1119 commits

This branch
This branch
All branches
Author SHA1 Message Date
bobby
43d37ace94
proxy/controlplane: make health checks debug level (#1368) 
- proxy: remove version from ping handler

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-09-04 07:31:12 -07:00
Cuong Manh Le
08a094ae93
internal/directory/okta: remove rate limiter (#1370) 
We did honor the rate limit header from okta, so don't bother to add our
rate limiter there.
 2020-09-04 18:23:14 +07:00
Travis Groth
9535f99c57
ci: add stale issue automation (#1366) 2020-09-03 14:46:02 -04:00
Caleb Doxsey
49d1a71ff2
databroker: add tracing for rego evaluation and databroker sync, fix bug in databroker config source (#1367) 2020-09-03 08:11:34 -06:00
Travis Groth
5488e6d5fa
deployment: fully split release archives and brews (#1365) 2020-09-02 17:32:52 -04:00
Caleb Doxsey
0a2638e5dc
authorize: use impersonate email/groups in JWT (#1364) 2020-09-02 13:50:46 -06:00
Caleb Doxsey
4fb90fabe8
config: support explicit prefix and regex path rewriting (#1363) 
* config: support explicity prefix and regex path rewriting

* add rewrite tests
 2020-09-02 13:48:19 -06:00
Caleb Doxsey
a269441c34
proxy: disable control-plane robots.txt for public unauthenticated routes (#1361) 2020-09-02 07:56:15 -06:00
Caleb Doxsey
f6b622c7dc
proxy: support websocket timeouts (#1362) 2020-09-02 07:55:57 -06:00
Caleb Doxsey
e4e6abfd29
certmagic: improve logging (#1358) 
* certmagic: improve logging

* Update internal/autocert/manager.go

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2020-09-01 09:58:09 -06:00
Travis Groth
c44219b9b3
deps: ensure renovate runs go mod tidy (#1357) 2020-09-01 11:37:28 -04:00
Cuong Manh Le
b8584a3f46
internal/directory/okta: accept non-json service account (#1359) 
Fixes #1354
 2020-09-01 22:33:55 +07:00
Travis Groth
0e27e014be
deps: run go mod tidy (#1356) 2020-09-01 09:47:28 -04:00
Travis Groth
2e714c211e
internal/controlplane: add telemetry http handler (#1353) 2020-09-01 09:22:24 -04:00
Caleb Doxsey
8ab0dcb45b
logs: add new log scrubber (#1346) 2020-08-31 08:12:08 -06:00
Renovate Bot
3caaf29899 Update google.golang.org/genproto commit hash to 2bf3329 2020-08-31 11:21:32 +00:00
Renovate Bot
1cff26e0c9 Update module open-policy-agent/opa to v0.23.2 2020-08-31 06:28:41 +00:00
Renovate Bot
f34ca258f3 Update module google/uuid to v1.1.2 2020-08-31 05:00:12 +00:00
Renovate Bot
1c3323834f Update module google/go-cmp to v0.5.2 2020-08-31 03:37:55 +00:00
Renovate Bot
124ccdce77 Update module google.golang.org/grpc to v1.31.1 2020-08-31 02:39:04 +00:00
Robert
1846c71d94
Include pomerium-cli in the docker image by default. Fixes #1343. (#1345) 
Size increases by 22MB.  (144MB -> 167MB)

This normalizes with expectations (and instructions, see impersonation
docs) that it will be there.
 2020-08-28 15:39:54 -04:00
Robert
99f05e661a
Use apt-get instead of apt to eliminate warning. (#1344) 
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

Signed-off-by: Robert <rspier@pobox.com>
 2020-08-28 15:34:13 -04:00
Robert
2dc8879583
Allow setting the shared secret via an environment variable. (#1337) 
This makes it easier to safely pass it in programmatically to a container
without cutting and pasting or putting it on the command line.
 2020-08-27 08:39:07 -06:00
Travis Groth
a69b9957a1
docs: add nginx example (#1329) 
* docs: add nginx example

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2020-08-26 17:10:23 -04:00
Caleb Doxsey
51bdf9baae
authorize: add jti to JWT payload (#1328) 2020-08-24 15:35:16 -06:00
bobby
fbd8c8f294
deployment: add goimports with path awareness (#1316) 
Plus fix some spelling

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-08-24 13:04:55 -07:00
Cuong Manh Le
ffaceadfdd
internal/urlutil: remove un-used constants (#1326) 2020-08-25 02:07:56 +07:00
Cuong Manh Le
9de99d0211
all: add signout redirect url (#1324) 
Fixes #1213
 2020-08-25 01:23:58 +07:00
Renovate Bot
3d7206dc1e chore(deps): update module gorilla/handlers to v1.5.0 2020-08-24 14:23:20 +00:00
Renovate Bot
645e6dfa84 chore(deps): update golang.org/x/net commit hash to c890458 2020-08-24 13:37:29 +00:00
Renovate Bot
c7372cb6b0 chore(deps): update vuepress monorepo to v1.5.4 2020-08-24 05:26:10 +00:00
Renovate Bot
b50dd6e6e1 chore(deps): update module open-policy-agent/opa to v0.23.1 2020-08-24 04:28:33 +00:00
Renovate Bot
cbaf62aad3 chore(deps): update module gorilla/mux to v1.8.0 2020-08-24 03:41:03 +00:00
Renovate Bot
941f65224b chore(deps): update golang.org/x/crypto commit hash to 5c72a88 2020-08-24 02:42:15 +00:00
bobby
c1b3b45d12
proxy: remove unused handlers (#1317) 
proxy: remove unused handlers

authenticate: remove unused references to refresh_token

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-08-22 10:02:12 -07:00
Cuong Manh Le
82deafee63 integration: add forward auth test 2020-08-21 14:01:54 +07:00
Caleb Doxsey
79741d5345
autocert: fix locking issue (#1310) 2020-08-20 14:08:52 -06:00
Travis Groth
d81cfb6e99
pkg/storage/redis: update tests to use local certs + upstream image (#1306) 2020-08-20 12:44:15 -04:00
bobby
45fc4ec3cc
authorize: log users and groups (#1303) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-08-19 08:07:30 -07:00
Renovate Bot
66d43b6d27 chore(deps): update golang.org/x/time commit hash to 3af7569 2020-08-18 23:50:49 +00:00
Renovate Bot
9c3b0ad146 chore(deps): update golang.org/x/net commit hash to 3edf25e 2020-08-18 22:20:09 +00:00
Caleb Doxsey
c4c8ef8e53
azure: support deriving credentials from client id, client secret and provider url (#1300) 2020-08-18 10:17:28 -06:00
Caleb Doxsey
882b6b54ee
authenticate: move databroker connection to state (#1292) 
* authenticate: move databroker connection to state

* re-use err

* just return

* remove nil checks
 2020-08-18 09:33:43 -06:00
Caleb Doxsey
a1378c81f8
cache: support databroker option changes (#1294) 2020-08-18 07:27:20 -06:00
Cuong Manh Le
31205c0c29 proxy: fix wrong applied middleware 
Validate signature middleware must be applied for the callback
sub-router, not the whole dashboard router.

Fixes #1297
 2020-08-18 20:25:11 +07:00
Cuong Manh Le
afec38e5cb .github/workflows: skip running lint in pre-commit 
We did run lint in tests already.
 2020-08-18 20:24:15 +07:00
Cuong Manh Le
a4408ab6cf internal/directory/okta: fix wrong API query filter 
Okta uses space " " instead of plus sign "+" in query filter.
See https://developer.okta.com/docs/reference/api-overview/#filtering
 2020-08-18 20:24:15 +07:00
Travis Groth
9289de9140
ci: add precommit to test workflow (#669) 2020-08-17 18:34:38 -04:00
bobby
8a384985f0
autocert: fix bootstrapped cache store path (#1283) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2020-08-17 13:27:11 -07:00
Caleb Doxsey
6dee647a16
authorize: use atomic state for properties (#1290) 2020-08-17 14:24:06 -06:00