3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-07 14:26:01 +02:00
Code Issues Projects Releases Packages Wiki Activity
1910 commits 159 branches 125 tags 104 MiB
Commit graph

100 commits

Author SHA1 Message Date
Denis Mishin
7a7d5722f8
desktop client api (#2711) 2021-10-29 10:56:48 -06:00
Caleb Doxsey
9d4ebcf871
webauthn: update session to support device credentials per type (#2699) 2021-10-22 14:33:34 -06:00
Denis Mishin
30664cd307
skip configuration updates to the most recent one (#2690) 2021-10-21 11:03:26 -04:00
Caleb Doxsey
3051ad77e0
protoc: add xds repo (#2687) 
* protoc: add xds repo

* fix protoc-gen-validate dependency
 2021-10-19 14:36:23 -06:00
Caleb Doxsey
ddccbcf631
devices: add device protobuf types (#2682) 2021-10-19 07:22:26 -06:00
Denis Mishin
55fec9b51b
add host-rewrite options to config.proto (#2668) 2021-10-08 11:50:56 -04:00
Nathan Hayfield
1f718e4ce1
add description to service accounts (#2611) 2021-09-20 14:10:12 -04:00
Denis Mishin
0878315d60
bump protoc-validate (#2606) 2021-09-16 12:02:55 -04:00
Caleb Doxsey
33f5190572
config: remove signature_key_algorithm (#2557) 
* config: remove signature_key_algorithm

* typo

* add more tests
 2021-09-02 11:36:43 -06:00
Caleb Doxsey
f5a558d4a0
grpc: disable gRPC connection re-use across services (#2515) 2021-08-24 11:47:16 -06:00
Caleb Doxsey
bbec2cae9f
grpc: send client traffic through envoy (#2469) 
* wip

* wip

* handle wildcards in override name

* remove wait for ready, add comment about sync, force initial sync complete in test

* address comments
 2021-08-16 16:12:22 -06:00
Caleb Doxsey
6af0655206
protoutil: add NewAny method for deterministic serialization (#2462) 2021-08-09 17:51:57 -06:00
Caleb Doxsey
63ee30d69c
options: remove refresh_cooldown, add allow_spdy to proto (#2446) 2021-08-06 10:06:57 -06:00
wasaga
51ab7e6226
telemetry: add nonce and make explicit ack/nack (#2434) 2021-08-04 21:08:55 -04:00
Caleb Doxsey
94eb3c1149
config: remove grpc server max connection age options (#2427) 
* config: remove grpc server max connection age options

* remove docs
 2021-08-03 09:39:48 -06:00
Caleb Doxsey
1a95036b8c
sessions: add impersonate_session_id, remove legacy impersonation (#2407) 
* sessions: add impersonate_session_id, remove legacy impersonation

* show impersonated user details

* fix headers

* address feedback

* only check impersonate id on non-nil pbSession

* Revert "only check impersonate id on non-nil pbSession"

This reverts commit a6f7ca5abd.
 2021-07-30 08:42:36 -06:00
Caleb Doxsey
ac8ae3ef5b
directory: add logging http client to help with debugging outbound http requests (#2385) 2021-07-22 11:58:52 -06:00
Caleb Doxsey
cef08a1c2d
authorize: remove service account impersonate user id, email and groups (#2365) 2021-07-15 09:31:45 -06:00
wasaga
134ca74ec9
proxy: add idle timeout (#2319) 2021-07-02 10:29:53 -04:00
Caleb Doxsey
fcb33966e2
config: add enable_google_cloud_serverless_authentication to config protobuf (#2306) 
* config: add enable_google_cloud_serverless_authentication to config protobuf

* use dependency injection for embedded envoy provider

* Revert "use dependency injection for embedded envoy provider"

This reverts commit 5c08990501.

* config: attach envoy version to Config to avoid metrics depending on envoy/files
 2021-06-21 18:00:29 -06:00
wasaga
744e2c7993
xds: only tag contexts used for UpdateRecords (#2269) 2021-06-04 14:01:25 -04:00
dependabot[bot]
e9ffc5fde3
chore(deps): bump google.golang.org/grpc from 1.37.1 to 1.38.0 (#2231) 
* chore(deps): bump google.golang.org/grpc from 1.37.1 to 1.38.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.1 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.1...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump google.golang.org/grpc from 1.37.1 to 1.38.0

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.37.1 to 1.38.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.37.1...v1.38.0)

Signed-off-by: dependabot[bot] <support@github.com>

* fix UpdateState method

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-05-24 09:33:53 -06:00
wasaga
c71f7dca5b
authorize: grpc health check (#2200) 2021-05-13 15:00:10 -04:00
Caleb Doxsey
94aa0b1a48
databroker: implement leases (#2172) 
* databroker: implement leases

* return error

* handle gRPC errors
 2021-05-10 13:30:25 -06:00
Caleb Doxsey
aeece76928
databroker: store issued at timestamp with session (#2173) 2021-05-04 10:09:14 -06:00
Caleb Doxsey
69576cffe4
config: add support for set_response_headers in a policy (#2171) 
* config: add support for set_response_headers in a policy

* docs: add note about precedence
 2021-05-04 09:43:52 -06:00
wasaga
129df47f9c
xds extended event (#2158) 2021-05-03 12:28:11 -04:00
Caleb Doxsey
b5b1013947
config: add client_crl (#2157) 
* config: add client_crl

* address comments

* add ignored file
 2021-04-30 14:36:32 -06:00
Caleb Doxsey
699ebf061a
config: add support for codec_type (#2156) 
* config: add support for codec_type

* add comma

* fix warning block

* fix docs
 2021-04-30 07:21:40 -06:00
Caleb Doxsey
0adbf4f24c
controlplane: save configuration events to databroker (#2153) 
* envoy: save events to databroker

* controlplane: add tests for envoy configuration events

* format imports
 2021-04-29 15:51:46 -06:00
Caleb Doxsey
c85c8b0778
authorize: refactor store locking (#2151) 
* authorize: refactor store locking

* fix nil reference panic
 2021-04-29 08:37:27 -06:00
Caleb Doxsey
91c7dc742f
databroker: store server version in backend (#2142) 2021-04-28 09:12:52 -06:00
wasaga
1b698053f6
let pass custom grpc dial opts (#2144) 2021-04-27 18:26:27 -04:00
Caleb Doxsey
636b3d6846
databroker: add options for maximum capacity (#2095) 
* databroker: add options

* implement redis

* add trace for enforce options
 2021-04-26 17:14:54 -06:00
wasaga
e0c09a0998
log context (#2107) 2021-04-22 10:58:13 -04:00
Caleb Doxsey
116805acb3
config: rename headers to set_response_headers (#2081) 
* config: rename headers to set_response_headers

* Update config/options.go

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-04-14 11:22:21 -07:00
wasaga
0e66619081
do not require project be in GOPATH/src (#2078) 2021-04-12 09:43:05 -04:00
Caleb Doxsey
aeb8aaf9cd
directory: remove provider from user id (#2068) 2021-04-07 15:06:08 -06:00
wasaga
a935c1ba30
config related metrics (#2065) 2021-04-07 12:29:36 -07:00
Caleb Doxsey
f4c4fe314a
authorize: audit logging (#2050) 
* authorize: add databroker server and record version to result, force sync via polling

* authorize: audit logging
 2021-04-05 09:58:55 -06:00
Travis Groth
c7d243d742
proxy: restrict programmatic URLs to localhost (#2049) 
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-04-01 10:04:49 -04:00
Caleb Doxsey
d7ab817de7
authorize: add databroker server and record version to result, force sync via polling (#2024) 
* authorize: add databroker server and record version to result, force sync via polling

* wrap inmem store to take read lock when grabbing databroker versions

* address code review comments

* reset max to 0
 2021-03-31 10:09:06 -06:00
wasaga
80c55dd50c
databroker: return server version in Get (#2039) 2021-03-29 13:18:38 -04:00
Caleb Doxsey
e2ebef44ef
telemetry: add installation id (#2017) 
* telemetry: add installation id

* set installation id globally

* remove unneeded changes
 2021-03-24 07:22:54 -06:00
ntoofu
fee4979246
Add xff_num_trusted_hops config option (#2003) 
* Add `xff_num_trusted_hops` config option

* Fix code formatting with gofmt

* Update docs for `xff_num_trusted_hops`
 2021-03-22 10:30:20 -06:00
Caleb Doxsey
23bc3f979f
config: add headers to config proto (#1996) 2021-03-19 08:06:01 -06:00
Caleb Doxsey
46ae3cf358
add rewrite_response_headers to protobuf (#1962) 2021-03-05 13:57:27 -07:00
Caleb Doxsey
664358dfad
config: multiple endpoints for authorize and databroker (#1957) 
* wip

* update docs

* remove dead code
 2021-03-03 09:53:19 -07:00
Caleb Doxsey
a825b06014
metrics: add TLS options (#1939) 
* move metrics listener to envoy

* add metrics tls options

* add test

* update docs

* update config proto

* add function to validate metric addr

* fix validation
 2021-02-24 09:42:53 -07:00
Caleb Doxsey
8b42eb5ebd
config: add metrics_basic_auth option (#1917) 
* config: add metrics_basic_auth option

* remove println

* use constant time compare
 2021-02-22 13:37:18 -07:00