f6120640d2
evaluate role in higher layer
2023-11-06 22:09:29 +01:00
Thom Seddon
c4317b7503
Allow to be run without middleware + improve request reading consistency ( #217 )
...
Prior to this change, the request URI was only ever read from the
X-Forwarded-Uri header which was only set when the container was
accessed via the forwardauth middleware. As such, it was necessary
to apply the treafik-forward-auth middleware to the treafik-forward-auth
container when running auth host mode.
This is a quirk, unnecessary complexity and is a frequent source of
configuration issues.
2021-06-24 21:45:28 +01:00
Thom Seddon
04f5499f0b
Allow override of domains and whitelist in rules ( #169 )
...
Co-authored-by: Mathieu Cantin <mcantin@petalmd.com>
Co-authored-by: Pete Shaw <lozlow@users.noreply.github.com>
2020-09-23 14:50:15 +01:00
Thom Seddon
41560feaa7
Support concurrent CSRF cookies by using a prefix of nonce ( #187 )
...
* Support concurrent CSRF cookies by using a prefix of nonce.
* Move ValidateState out and make CSRF cookies last 1h
* add tests to check csrf cookie nam + minor tweaks
Co-authored-by: Michal Witkowski <michal@cerberus>
2020-09-23 14:48:04 +01:00
Thom Seddon
870724c994
Fail if there is an error retrieving the user + extra test ( #142 )
...
Previously this would fail, but permit the request, which isn't
normally what you'd want.
2020-06-29 21:02:45 +01:00
Thom Seddon
8b3a950162
Add logout endpoint ( #107 )
...
Add logout endpoint that clears the auth cookie + optional "logout-redirect" config option, to which, when set, the user will be redirected.
2020-06-03 14:00:47 +01:00
Thom Seddon
a668454a11
Warn when using http without insecure cookie
...
Closes #114
2020-05-12 13:20:51 +01:00
Thom Seddon
eec62eb03a
Improve logging detail and consistency
...
Closes #114
2020-05-11 14:42:53 +01:00
Thom Seddon
7381450015
Improve internal function docs
2020-05-11 14:42:33 +01:00
Thom Seddon
68c329901a
Update go1.12 -> go1.13 + update dependencies + mod tidy
2020-02-10 17:09:09 +00:00
Thom Seddon
5a9c6adedf
Multiple provider support + OIDC provider
2020-02-10 17:09:09 +00:00
Thom Seddon
3e6ccc8f45
Redirect to login on cookie expiry + simplify ValidateCookie function
...
Possible fix for #31
2019-06-13 15:13:52 +01:00
Thom Seddon
5a17187855
Fix go-flags dep + formatting
2019-05-13 11:56:43 +01:00
Thom Seddon
d1b12e4ffb
Fix host/method rule matching + tests
2019-05-07 14:16:38 +01:00
Thom Seddon
6f3ac5efe5
pre-release logging + docs improvements and fixes
2019-05-07 12:05:47 +01:00
Thom Seddon
93912f4a6e
Overhaul testing to use testify
2019-04-23 17:49:16 +01:00
Thom Seddon
2074bc7727
Import f1ba9b5
2019-04-18 16:37:41 +01:00
Thom Seddon
6968f6181b
Add more v2 tests + fixes + improve legacy config parsing
2019-04-18 16:37:41 +01:00
Thom Seddon
9abe509f66
Refactor progress
...
- move directory structure
- string based rule definition
- use traefik rule parsing
- drop toml config
- new flag library
- implement go dep
2019-04-18 16:37:55 +01:00