trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,814 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

331 Commits

Author SHA1 Message Date
Jens Langhammer 2d03bd5c89
outposts/ldap: only use common cert if cert is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-28 21:29:36 +01:00
Jens Langhammer ff13b4bb46
outposts/ldap: use configured certificate for LDAPS when all providers' certificates are identical 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-28 19:15:29 +01:00
Jens Langhammer 2b2323fae7
outposts: include hostname in outpost heartbeat 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-28 16:07:52 +01:00
Jens Langhammer b3da1d223c providers/proxy: correctly set id_token_hint if possible 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-12 19:02:37 +00:00
Jens Langhammer 107f2745c8 providers/ldap: improve mapping of LDAP filters to authentik queries 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-12 18:30:52 +00:00
dependabot[bot] c21c1757de
core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 (#4179) 
* core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0

Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update custom tracer

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-09 12:20:41 +01:00
Daniel be9790ef8a
internal: reuse http transport to prevent leaking connections (#3996) 
* Fix: Using the same http transport as the api

* fix: Using global tlsTransport instead of newly created one
 2022-11-25 18:24:01 +01:00
Jens L 276af8457d
root: make sentry DSN configurable (#4016) 
* make sentry DSN configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make proxy smarter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix typo in config struct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-15 16:05:29 +01:00
Jens L 55aa1897af
root: use single redis db (#4009) 
* use single redis db

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup prefixes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ensure __str__ always returns string

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix remaining old prefixes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-15 14:31:29 +01:00
Jens L d53733b6fc
outposts/proxy: reduce possibility for redirect loops, keep single state (#3831) 
use single state, redirect when start url is hit with active session

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-10-20 21:27:34 +02:00
Jens Langhammer b864de7721 outposts/ldap: increase compatibility with different types in user and group attributes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-10-16 22:32:18 +02:00
Jens L 44e4f2e561
crypto: make certificate parsing optional for crypto api (#3711) 2022-10-01 00:06:00 +02:00
Jens Langhammer 50819ae0f0 *: improve error handling in ldap outpost, ignore additional errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-23 22:11:47 +02:00
Jens L 49b6aabb02
outposts/proxy: fix redirect path when external host is a subdirectory (#3628) 
fix redirect path when external host is a subdirectory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-22 10:10:29 +02:00
Jens L 47daaf969a
outposts: fix oauth state when using signature routing (#3616) 
* fix oauth state when using signature routing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more retires

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-19 21:38:34 +02:00
Jens Langhammer 220f123b29 internal: add more tracing for states 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-07 09:53:10 +02:00
Jens Langhammer 621245aece internal: optimise outpost's flow executor to use less requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-03 21:29:58 +02:00
Jens Langhammer 8e7a456f74 providers/proxy: fix routing based on signature in traefik and caddy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-02 22:03:08 +02:00
Jens Langhammer 14a7c9f967 internal: fix outposts not logging flow execution errors correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-31 23:03:57 +02:00
Jens Langhammer 8ffae4505f internal: set Host on url in envoy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-18 23:20:12 +01:00
Jens Langhammer 0cc83c23c4 providers/proxy: fix duplicate proxy set default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-18 21:13:45 +01:00
Jens Langhammer 514c48a986 internal: fix routing for requests with querystring signature to embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-18 20:43:01 +02:00
Jens Langhammer 846b63a17b *: remove some very verbose logging messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-17 13:36:56 +02:00
Jens Langhammer 201bea6d30 internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-07 18:50:24 +02:00
Jens L 89fef0ae72
blueprints: docs (#3376) 
* further blueprint cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make group users and parent optional

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix api client usage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-06 00:52:12 +02:00
Jens L 2ce8e18bab
internal: centralise config for listeners to use same config system everywhere (#3367) 
* centralise config for listeners to use same config system everywhere

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3360

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-03 21:33:27 +02:00
Jens Langhammer fcf4657833 providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser 
closes #3314

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-30 20:29:23 +02:00
Jens L 393d7ec486
providers/proxy: no exposed urls (#3151) 
* test any callback

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dont detect callback in per-server handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use full redirect uri with both path and query param

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* correctly route to embedded outpost for callback signature

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix allowed redirects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-30 17:51:01 +02:00
Jens L b41acebf5b
providers/proxy: add caddy endpoint (#3330) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-29 10:58:53 +02:00
Jens Langhammer 10b48b27b0 internal: walk config in go, check, parse and load from scheme like in python 
closes #2719

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-26 11:33:37 +02:00
Jens Langhammer 41eb44137e internal: remove pkg/errors 2022-07-05 20:26:33 +00:00
Jens Langhammer eb633c607e internal: fix nil pointer reference 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-01 17:02:53 +02:00
Jens Langhammer b6267fdf28 *: add versioned user agent to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-20 11:54:10 +02:00
Jens Langhammer 79bec6f6b2 providers/proxy: only send misconfiguration event once 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-16 10:32:34 +02:00
Jens Langhammer bdf76bb4b7 internal: skip tracing for go healthcheck and metrics endpoints 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-10 22:21:11 +02:00
Jens Langhammer 8d3275817b providers/ldap: fix existing binder not being carried forward correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-05 18:51:01 +02:00
Jens Langhammer e30103aa9f providers/proxy: use same redirect-save code for all modes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-04 23:25:47 +02:00
Jens Langhammer bb244b8338 providers/ldap: fix session cache being lost on provider refresh 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-04 18:03:00 +02:00
Jens L 8447e9b9c2
providers/proxy: envoy v2 (#3029) 
* add path prefix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use prefix correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* only set redirect if session doesn't have a redirect yet

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-03 10:32:52 +02:00
Jens L f9a419107a
outposts/proxyv2: add basic envoy support (#3026) 
* outposts/proxyv2: add basic envoy support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* don't crash when backend is not available

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add envoy tests and docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-03 00:06:09 +02:00
Jens L 8f0572d11e
outposts/ldap: add correct group objectClass (#3023) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2861
 2022-06-02 18:48:07 +02:00
Jens Langhammer eba339ba27 core: improve loading speed of flow background 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-02 14:20:23 +02:00
Jens L 3eb466ff4b
lifecycle: cleanup prometheus (#2972) 
* remove high cardinality labels

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* retry worker number for prometheus multiprocess id

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* revert to pid, use subdirectories

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing app label

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: remove static names

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-29 21:45:25 +02:00
Jens Langhammer a03dde8a90 outposts/ldap: fix type assertion after upgrading to new API Client 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-27 16:36:15 +02:00
Jens L a286f999e2
api: migrate to openapi generator v6 (#2968) 
* migrate to openapi generator v6

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* bump api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-26 15:15:30 +02:00
Jens Langhammer 646d174dd2 internal: revert cookie path on proxy causing redirect loops 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-21 16:26:12 +02:00
Jens Langhammer 5c91658484 internal: fix nil pointer dereference in ldap outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-21 15:48:50 +02:00
Jens Langhammer ebb44c992b Revert "internal: set SameSite for outpost" 
This reverts commit 7e95c756b9.
 2022-05-21 14:08:40 +02:00
Jens Langhammer 7e95c756b9 internal: set SameSite for outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-21 13:21:45 +02:00
Jens Langhammer be26b92927 internal: cleanup outpost logs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-21 13:18:06 +02:00
Jens Langhammer 6f56a61a64 website/docs: add docs for advanced SSH config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2916
 2022-05-21 13:06:54 +02:00
Jens Langhammer a52638d898 internal: fix typo in session name constant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-20 10:10:29 +02:00
Jens Langhammer 421b003218 internal: set path on cookie for proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2305
 2022-05-11 10:08:38 +02:00
Jens Langhammer 25a4310bb1 internal: use Expires not MaxAge for LDAP session 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-11 10:04:32 +02:00
dependabot[bot] 4d755dc0f6
build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 (#2843) 
* build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5

Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.4 to 3.2022041.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-10 20:33:19 +02:00
Jens L ab2299ba1e
outposts/ldap: cached bind (#2824) 
* initial cached ldap bind support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* clean up api generation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use gh action for golangci-lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-08 16:48:53 +02:00
Jens Langhammer 9b6e47e6b8 outposts/ldap: fix panic in type conversion when value is nil 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-11 15:52:58 +02:00
Jens Langhammer b46eb7198b internal: handle log level not being set in config 
closes #2650

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-03 13:23:55 +02:00
Jens Langhammer 51194cbf42 outposts/ldap: use backend group num_pk 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-22 23:54:50 +01:00
Jens Langhammer b45a442447 outposts/ldap: fix contexts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-19 18:28:27 +01:00
Simon Siebert 75a720ead1
outposts/ldap: prevent operations error from nil dereference (#2447) 
closes #2526
 2022-03-19 18:26:26 +01:00
Jens Langhammer 76660e4666 internal: add tests with querystring 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-07 22:03:36 +01:00
Jens Langhammer 62a939b91d internal: bump api client to v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-03 10:40:07 +01:00
Jens Langhammer 6fdf3ad3e5 internal/outpost: improve logging and add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2393
 2022-02-26 22:29:56 +01:00
Jens Langhammer fb33906637 internal/ldap: fix panic when parsing lists with mixed types 
closes #2355

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-22 19:56:55 +01:00
Jens Langhammer 744f250d05 providers/proxy: always set rd param in addition to session to prevent wrong url in session 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-18 10:32:22 +01:00
Jens Langhammer 19b1f3a8c1 internal/outpost: fix logic error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-17 20:50:47 +01:00
Jens Langhammer 45f2c5bae7 web/admin: fix invalid URLs in example proxy config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-15 23:24:27 +01:00
Jens Langhammer 5d8c1aa0b0 outposts/proxy: correctly check host in forward domain redirect 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
 2022-02-15 14:58:19 +01:00
Jens Langhammer 0101368369 outposts/proxy: fix logic error in rd argument 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
 2022-02-15 13:43:55 +01:00
Jens Langhammer 4854f81592 outposts/proxy: correctly handle ?rd= param 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
 2022-02-15 11:05:03 +01:00
Jens Langhammer 908f123d0e website/docs: update nginx config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-15 10:24:08 +01:00
Jens Langhammer 3d577cf15e *: add placeholder custom.css to easily allow user customisation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-14 20:05:00 +01:00
Jens Langhammer 4915e980c5 providers/proxy: revert Host header behaviour 
closes #2284

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-14 12:39:16 +01:00
Jens Langhammer e5a393c534 internal: increase logging for no hostname found 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-13 14:36:56 +01:00
Jens Langhammer 1f838bb2aa outposts/proxy: add X-Forwarded-Host since Host now gets changed by the proxy 
closes #2284

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-10 23:09:55 +01:00
Jens Langhammer affbf85699 internal: don't attempt to lookup SNI Certificate if no SNI is sent 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-09 12:33:25 +01:00
Jens L 4343246a41
*: rename akprox to outpost.goauthentik.io (#2266) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 20:25:38 +01:00
Jens Langhammer 7088a6b0e6 providers/proxy: fix Host/:Authority not being modified 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 16:30:26 +01:00
Jens Langhammer e758995458 providers/proxy: improve error handling for invalid backend_override 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-07 19:59:06 +01:00
Jens Langhammer 654e0d6245 providers/proxy: fix nil error in claims 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-03 17:58:38 +01:00
Jens Langhammer f5cc6c67ec providers/proxy: fix routing for external_host when using forward_auth_domain 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2180
 2022-02-01 10:14:46 +01:00
Jens Langhammer 6021fc0f52 providers/proxy: fix backend override persisting for other users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-30 22:29:34 +01:00
Jens Langhammer 7fd6be5abb providers/proxy: add backend_override 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-30 21:35:08 +01:00
Jens Langhammer 67d550a80d providers/proxy: don't include hostname and scheme in redirect when we only got a path and not a full URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-27 18:23:08 +01:00
Jens Langhammer ebb5711c32 providers/proxy: add support for X-Original-URI in nginx, better handle missing headers and report errors to authentik 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-27 18:14:02 +01:00
Jens Langhammer 96ae68cf09 internal: make error message less confusing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-25 15:45:21 +01:00
Jens Langhammer 63b3434b6f website/docs: improve nginx examples 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-25 14:25:21 +01:00
Ilya Kogan 947ecec02b
outposts/ldap: Fix more case sensitivity issues. (#2144) 2022-01-25 11:27:27 +01:00
Jens Langhammer 1c2b452406 outposts/proxy: fix potential empty redirect, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2141
 2022-01-25 10:57:53 +01:00
Jens Langhammer 650e2cbc38 internal: remove duplicate log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:25:35 +01:00
Jens Langhammer b32800ea71 outposts/proxy: trace full headers to debug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:08:31 +01:00
Jens Langhammer e1c0c0b20c internal: don't override server header 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:05:11 +01:00
Jens Langhammer ef335ec083 outposts/proxy: add more test cases for domain-level auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 21:41:15 +01:00
Jens Langhammer 07b09df3fe internal: add more outpost tests, add support for X-Original-URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 20:50:13 +01:00
Jens Langhammer e70e031a1f internal: start adding tests to outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 20:12:25 +01:00
Jens Langhammer 1dce408c72 internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 09:30:33 +01:00
Jens Langhammer af3fb5c2cd internal: use math.MaxInt for compatibility 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1819
 2022-01-21 23:11:17 +01:00
Jens Langhammer 3bfb8b2cb2 outposts/proxyv2: allow access to /akprox urls in forward auth mode to make routing in nginx/traefik easier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 13:43:16 +01:00
Jens Langhammer 9fc5ff4b77 outposts/proxyv2: fix JWKS url pointing to localhost on embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 13:29:51 +01:00