3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
Pomerium is an identity and context-aware access proxy.
3280 commits 157 branches 125 tags 103 MiB
Go 96.1%
TypeScript 2.1%
Jsonnet 1%
Shell 0.3%
Lua 0.2%
Other 0.2%
Find a file
Kenneth Jenkins fb9eb31be9
authenticateflow: change how sessions are deleted (#4893) 
The identity manager expects to be able to read session ID and user ID
from any deleted databroker session records. The session.Delete()
wrapper method is not compatible with this expectation, as it calls
Put() with a record containing an empty session. The stateful
authentication flow currently calls session.Delete() from its
RevokeSession() method.

The result is that the identity manager will not correctly track
sessions deleted by the the stateful authentication flow, and will still
try to use them during session refresh and user info refresh.

Instead, let's change the stateful authentication flow RevokeSession()
method to perform deletions in a way that is compatible with the current
identity manager code. That is, include the existing session data in the
Put() call to delete the revoked session.
2024-01-03 09:48:11 -08:00
.github chore(deps): bump distroless/base-debian12 from 1dfdb5e to 0a93daa in /.github (#4886) 2024-01-02 09:31:33 -07:00
.vscode use tlsClientConfig instead of custom dialer (#3830) 2022-12-27 09:55:36 -07:00
authenticate core/authenticate: refactor identity authenticators to initiate redirect (#4858) 2023-12-19 12:04:23 -07:00
authorize chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2 (#4861) 2023-12-27 16:16:38 -07:00
cmd/pomerium core/go: use max procs (#4766) 2023-12-07 09:14:57 -07:00
config chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.2 (#4861) 2023-12-27 16:16:38 -07:00
databroker core: fix graceful stop (#4865) 2023-12-29 10:18:08 -07:00
examples core/config: remove debug option, always use json logs (#4857) 2023-12-15 11:29:05 -07:00
integration core/ci: update linting (#4844) 2023-12-14 09:07:54 -08:00
internal authenticateflow: change how sessions are deleted (#4893) 2024-01-03 09:48:11 -08:00
ospkg move directory providers (#3633) 2022-11-03 11:33:56 -06:00
pkg chore(deps): bump golang from a6b787c to 1415bb0 (#4883) 2024-01-02 11:05:37 -07:00
proxy support both stateful and stateless authenticate (#4765) 2023-12-07 14:24:13 -08:00
scripts ci: use built-in github release notes generator (#4754) 2023-11-16 13:36:13 -05:00
ui core/ci: update linting (#4844) 2023-12-14 09:07:54 -08:00
.codecov.yml development: change codecov precision 2019-07-18 16:49:37 -07:00
.dockerignore frontend: react+mui (#3004) 2022-02-07 08:47:58 -07:00
.fossa.yml rm cli code (#2824) 2021-12-15 16:25:21 -05:00
.gitattributes assets: use embed instead of statik (#1960) 2021-03-03 18:56:55 -07:00
.gitignore tls: wildcard catch-all cert must be at the end of cert list (#4119) 2023-04-21 12:37:32 -04:00
.golangci.yml core/ci: update linting (#4844) 2023-12-14 09:07:54 -08:00
.pre-commit-config.yaml integration: add single-cluster integration tests (#2516) 2021-08-24 15:35:05 -06:00
.tool-versions update to Go 1.21.4 (#4770) 2023-11-29 19:16:12 -08:00
3RD-PARTY dependencies: vendor base58, remove shortuuid (#2739) 2021-11-02 09:23:15 -06:00
DEBUG.MD deplyoment: add debug build / container / docs (#1513) 2020-10-13 16:54:21 -04:00
Dockerfile chore(deps): bump node from 445acd9 to 8d0f16f (#4881) 2024-01-02 11:06:05 -07:00
Dockerfile.debug chore(deps): bump node from 445acd9 to 8d0f16f (#4881) 2024-01-02 11:06:05 -07:00
go.mod chore(deps): bump github.com/jackc/pgx/v5 from 5.5.0 to 5.5.1 (#4871) 2024-01-02 11:07:55 -07:00
go.sum chore(deps): bump github.com/jackc/pgx/v5 from 5.5.0 to 5.5.1 (#4871) 2024-01-02 11:07:55 -07:00
LICENSE initial release 2019-01-02 12:13:36 -08:00
Makefile zero/telemetry: add reporter (#4855) 2023-12-20 14:53:06 -05:00
pomerium.go fix go get, improve redis test (#2450) 2021-08-06 12:07:20 -06:00
README.md Docs: remove tcp example (#4616) 2023-10-03 17:47:33 -04:00
RELEASING.md deployment: update RELEASING.md (#3503) 2022-08-16 10:40:03 -07:00
SECURITY.md Update SECURITY.md (#4144) 2023-05-01 15:17:50 -04:00

README.md

pomerium logo

Go Report Card GoDoc LICENSE Docker Pulls

Pomerium builds secure, clientless connections to internal web apps and services without a corporate VPN.

Pomerium is:

  • Easier because you dont have to maintain a client or software.
  • Faster because its deployed directly where your apps and services are. No more expensive data backhauling.
  • Safer because every single action is verified for trusted identity, device, and context.

Its not a VPN alternative its the trusted, foolproof way to protect your business.

Docs

For comprehensive docs, and tutorials see our documentation.

Integration Tests

To run the integration tests locally, first build a local development image:

./scripts/build-dev-docker.bash

Next go to the integration/clusters folder and pick a cluster, for example google-single, then use docker-compose to start the cluster. We use an environment variable to specify the dev docker image we built earlier:

cd integration/clusters/google-single
env POMERIUM_TAG=dev docker-compose up -V

Once that's up and running you can run the integration tests from another terminal:

go test -count=1 -v ./integration/...

If you need to make a change to the clusters themselves, there's a tpl folder that contains jsonnet files. Make a change and then rebuild the clusters by running:

go run ./integration/cmd/pomerium-integration-tests/ generate-configuration