Caleb Doxsey
|
f61e7efe73
|
authorize: use query instead of sync for databroker data (#3377)
|
2022-06-01 15:40:07 -06:00 |
|
Caleb Doxsey
|
c19048649a
|
authorize: add support for cidr lookups (#3277)
|
2022-04-19 16:18:34 -06:00 |
|
Caleb Doxsey
|
d299b42509
|
authorize: add name claim (#3238)
|
2022-04-05 12:08:00 -06:00 |
|
Caleb Doxsey
|
99b9a3ee12
|
authorize: add support for passing access or id token upstream (#3047)
* authorize: add support for passing access or id token upstream
* use an enum
|
2022-02-17 09:28:31 -07:00 |
|
Caleb Doxsey
|
0786c7fc45
|
authorize: use session.user_id in headers (#2571)
|
2021-09-03 14:51:09 -06:00 |
|
Caleb Doxsey
|
33f5190572
|
config: remove signature_key_algorithm (#2557)
* config: remove signature_key_algorithm
* typo
* add more tests
|
2021-09-02 11:36:43 -06:00 |
|
Caleb Doxsey
|
de1ed61b9a
|
authorize: fix google cloudrun header audience (#2558)
|
2021-09-02 09:55:06 -06:00 |
|
Caleb Doxsey
|
ef55829cb0
|
authorize: fix X-Pomerium-Claim-Groups (#2539)
|
2021-08-26 20:29:57 -06:00 |
|
Caleb Doxsey
|
a64e5b5fa1
|
authorize: add sid to JWT claims (#2420)
* authorize: add sid to JWT claims
* fix import ordering
|
2021-08-02 16:11:05 -06:00 |
|
Caleb Doxsey
|
f9675f61cc
|
deps: upgrade to go-jose v3 (#2284)
|
2021-06-10 09:35:44 -06:00 |
|
wasaga
|
40ddc2c4b3
|
jwt: round timestamp (#2258)
|
2021-06-01 14:12:45 -07:00 |
|
Caleb Doxsey
|
dad35bcfb0
|
ppl: refactor authorize to evaluate PPL (#2224)
* ppl: refactor authorize to evaluate PPL
* remove opa test step
* add log statement
* simplify assignment
* deny with forbidden if logged in
* add safeEval function
* create evaluator-specific config and options
* embed the headers rego file directly
|
2021-05-21 09:50:18 -06:00 |
|