3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-28 18:06:34 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/config
History
Kenneth Jenkins 21b9e7890c
authorize: add filter options for JWT groups (#5417) 
Add a new option for filtering to a subset of directory groups in the
Pomerium JWT and Impersonate-Group headers. Add a JWTGroupsFilter field
to both the Options struct (for a global filter) and to the Policy
struct (for per-route filter). These will be populated only from the
config protos, and not from a config file.

If either filter is set, then for each of a user's groups, the group
name or group ID will be added to the JWT groups claim only if it is an
exact string match with one of the elements of either filter.
2025-01-08 13:57:57 -08:00
..
envoyconfig config: generate fallback cert only as last resort (#5250) 2024-12-19 09:46:59 -08:00
testdata config: additional kubernetes token source support (#1200) 2020-08-04 09:40:51 -04:00
autocert.go core/ci: update linting (#4844) 2023-12-14 09:07:54 -08:00
autocert_test.go core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
codec_type.go HTTP/3 Support (#5349) 2024-11-19 08:48:30 -07:00
codec_type_test.go config: default to http2 (#3660) 2022-10-12 14:46:06 -06:00
config.go config: minor cleanup in GenerateCatchAllCertificate (#5397) 2024-12-18 13:21:48 -08:00
config_source.go Fix many instances of contexts and loggers not being propagated (#5340) 2024-10-25 14:50:56 -04:00
config_source_test.go Fix many instances of contexts and loggers not being propagated (#5340) 2024-10-25 14:50:56 -04:00
config_test.go config: minor cleanup in GenerateCatchAllCertificate (#5397) 2024-12-18 13:21:48 -08:00
constants.go core/config: implement direct response (#4960) 2024-02-15 14:33:56 -07:00
custom.go authorize: add filter options for JWT groups (#5417) 2025-01-08 13:57:57 -08:00
custom_test.go core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
doc.go *: remove import path comments (#545) 2020-03-16 10:13:47 -07:00
from.go core/config: add support for stripping the port for matching routes (#5085) 2024-04-26 08:24:46 -06:00
from_test.go change Policy.Matches to accept a URL pointer (#5360) 2024-11-07 14:55:44 -05:00
helpers.go core/redis: remove redis (#4768) 2023-11-28 13:14:36 -07:00
helpers_test.go databroker: rename cache service (#1790) 2021-01-21 08:41:22 -07:00
http.go core/logging: change log.Error function (#5251) 2024-09-05 15:42:46 -06:00
http_test.go core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
identity.go change Policy.Matches to accept a URL pointer (#5360) 2024-11-07 14:55:44 -05:00
layered.go core/logging: change log.Error function (#5251) 2024-09-05 15:42:46 -06:00
layered_test.go core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
log.go core/config: remove debug option, always use json logs (#4857) 2023-12-15 11:29:05 -07:00
log_level.go config: validate log levels (#4367) 2023-07-17 16:41:48 -06:00
metrics.go logging: remove ctx from global log methods (#5337) 2024-10-23 14:18:52 -06:00
metrics_test.go core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
mtls.go Core-Zero Import (#5288) 2024-10-09 18:51:56 -04:00
mtls_test.go add mTLS UserPrincipalName SAN match (#5177) 2024-07-26 10:23:19 -07:00
options.go authorize: add filter options for JWT groups (#5417) 2025-01-08 13:57:57 -08:00
options_check.go config: suppress unused warnings for all fields in embedded route envoy options (#5330) 2024-10-22 16:46:22 -04:00
options_test.go authorize: add filter options for JWT groups (#5417) 2025-01-08 13:57:57 -08:00
policy.go authorize: add filter options for JWT groups (#5417) 2025-01-08 13:57:57 -08:00
policy_ppl.go ppl: fix empty/no-op allow block added in some cases to converted PPL policies (#5289) 2024-09-16 18:52:54 -04:00
policy_ppl_test.go ppl: more flexible matchers (#5336) 2024-10-25 07:56:57 -06:00
policy_test.go UDP support (#5390) 2024-12-11 13:07:31 -07:00
runtime_flags.go proxy: deprecate the /.pomerium/jwt endpoint (#5254) 2024-09-04 11:22:18 -07:00
session.go core/proxy: support loading sessions from headers and query string (#5291) 2024-09-19 09:23:13 -06:00
session_test.go core/proxy: support loading sessions from headers and query string (#5291) 2024-09-19 09:23:13 -06:00
trace.go logging: remove ctx from global log methods (#5337) 2024-10-23 14:18:52 -06:00
trace_test.go core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
validate.go config: add cookie_same_site option (#4148) 2023-05-03 14:36:42 -06:00