3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-02 02:42:57 +02:00
Code Issues Projects Releases Packages Wiki Activity
Pomerium is an identity and context-aware access proxy.
3041 commits 169 branches 127 tags 105 MiB
Find a file
backport-actions-token[bot] 70d77b283b
identity: rework session refresh error handling (#4639) 
identity: rework session refresh error handling (#4638)

Currently, if a temporary error occurs while attempting to refresh an
OAuth2 token, the identity manager won't schedule another attempt.

Instead, update the session refresh logic so that it will retry after
temporary errors. Extract the bulk of this logic into a separate method
that returns a boolean indicating whether to schedule another refresh.

Update the unit test to simulate a temporary error during OAuth2 token
refresh.

Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
2023-10-24 15:59:52 -07:00
.github chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#4429) 2023-08-02 09:01:32 -06:00
.vscode use tlsClientConfig instead of custom dialer (#3830) 2022-12-27 09:55:36 -07:00
authenticate core/authenticate: refactor idp sign out (#4589) 2023-09-28 08:52:22 -07:00
authorize core/authorize: check for expired tokens (#4547) 2023-09-15 16:10:01 -06:00
cmd/pomerium chore(deps): bump github.com/golangci/golangci-lint from 1.48.0 to 1.50.0 (#3667) 2022-10-19 09:36:59 -06:00
config config: do not add route headers to global map (#4630) 2023-10-18 14:19:48 -07:00
databroker config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00
examples Docs: remove tcp example (#4617) 2023-10-04 15:58:15 -06:00
integration add integration test for https IP address route (#4476) 2023-08-18 09:32:21 -07:00
internal identity: rework session refresh error handling (#4639) 2023-10-24 15:59:52 -07:00
ospkg move directory providers (#3633) 2022-11-03 11:33:56 -06:00
pkg core/authorize: check for expired tokens (#4547) 2023-09-15 16:10:01 -06:00
proxy config: add cookie_same_site option (#4148) 2023-05-03 14:36:42 -06:00
scripts dependencies: upgrade go and envoy (#4116) 2023-04-17 16:44:58 -06:00
ui core/authenticate: refactor idp sign out (#4589) 2023-09-28 08:52:22 -07:00
.codecov.yml
.dockerignore
.fossa.yml
.gitattributes
.gitignore tls: wildcard catch-all cert must be at the end of cert list (#4119) 2023-04-21 12:37:32 -04:00
.golangci.yml config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00
.pre-commit-config.yaml
.tool-versions dependencies: upgrade go and envoy (#4116) 2023-04-17 16:44:58 -06:00
3RD-PARTY
DEBUG.MD
Dockerfile chore(deps): bump node from 3801c22 to 850d8e1 (#4416) 2023-08-02 09:01:18 -06:00
Dockerfile.debug chore(deps): bump node from 3801c22 to 850d8e1 (#4416) 2023-08-02 09:01:18 -06:00
go.mod chore(deps): bump github.com/go-chi/chi/v5 from 5.0.8 to 5.0.10 (#4407) 2023-08-02 10:12:06 -06:00
go.sum chore(deps): bump github.com/go-chi/chi/v5 from 5.0.8 to 5.0.10 (#4407) 2023-08-02 10:12:06 -06:00
LICENSE
Makefile config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00
pomerium.go
README.md Docs: remove tcp example (#4617) 2023-10-04 15:58:15 -06:00
RELEASING.md deployment: update RELEASING.md (#3503) 2022-08-16 10:40:03 -07:00
SECURITY.md Update SECURITY.md (#4144) 2023-05-01 15:17:50 -04:00
tools.go config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00

README.md

pomerium logo

Go Report Card GoDoc LICENSE Docker Pulls

Pomerium builds secure, clientless connections to internal web apps and services without a corporate VPN.

Pomerium is:

  • Easier because you dont have to maintain a client or software.
  • Faster because its deployed directly where your apps and services are. No more expensive data backhauling.
  • Safer because every single action is verified for trusted identity, device, and context.

Its not a VPN alternative its the trusted, foolproof way to protect your business.

Docs

For comprehensive docs, and tutorials see our documentation.

Integration Tests

To run the integration tests locally, first build a local development image:

./scripts/build-dev-docker.bash

Next go to the integration/clusters folder and pick a cluster, for example google-single, then use docker-compose to start the cluster. We use an environment variable to specify the dev docker image we built earlier:

cd integration/clusters/google-single
env POMERIUM_TAG=dev docker-compose up -V

Once that's up and running you can run the integration tests from another terminal:

go test -count=1 -v ./integration/...

If you need to make a change to the clusters themselves, there's a tpl folder that contains jsonnet files. Make a change and then rebuild the clusters by running:

go run ./integration/cmd/pomerium-integration-tests/ generate-configuration