Commits · 466c1d3058cc853e1f3d9005298cd35ad0f70cf3 · id / go-sso

21 Jun, 2019 1 commit

Always use query args for the / endpoint parameters · 466c1d30

ale authored Jun 21, 2019

This allows eventual future usage of 307 redirects and us accepting
POST requests without having to decode the request body.

466c1d30

20 Jun, 2019 1 commit

Add CORS support · ad0ad8f9

ale authored Jun 20, 2019

The sso service endpoint should send the proper CORS headers and
respond to OPTIONS (for CORS prefetches) so that XmlHttpRequests on
authenticated sites can (partially) work.

ad0ad8f9

23 Feb, 2019 1 commit

Add missing TrimRight in URLPrefix template variable · fc85e988

ale authored Feb 23, 2019

This caused the SSO server to generate bad form links, which caused a
302, preventing POST requests to succeed.

fc85e988

16 Feb, 2019 1 commit
- Add some template customization options in the config · c59e1aaa
  ale authored Feb 16, 2019
```
Support serving site-specific logo, favicon, and setting a site title.
```
  c59e1aaa
05 Feb, 2019 1 commit

Do not ask user to log in in order to log out · a756b78a

ale authored Feb 05, 2019

Just serve an error on the logout page if there is no valid session,
instead of redirecting to the login workflow.

a756b78a

27 Jan, 2019 3 commits
- Do not ask for explicit confirmation on logout · 198f7394
  ale authored Jan 27, 2019
```
Fixes issue #8.
```
  198f7394
- Redirect the user to a configurable URL when accessing homepage by mistake · 07c9a990
  ale authored Jan 27, 2019
```
Fixes issue #6.
```
  07c9a990
- Simplify login handler by isolating session init logic · b1c0a012
  ale authored Jan 27, 2019
```
And standardize on a single structure for the gorilla session
map, using the 'data' key for our gob-encoded objects.
```
  b1c0a012
22 Nov, 2018 1 commit
- Make account recovery URL configurable · f0bc2231
  ale authored Nov 22, 2018
  
  f0bc2231
16 Nov, 2018 2 commits
- Allow enabling keystore on a group basis · 7fec26e6
  ale authored Nov 16, 2018
```
Using the new configuration variable 'keystore_enable_groups'.
```
  7fec26e6
- Log keystore.Open on successful login · 7c359bdb
  ale authored Nov 16, 2018
  
  7c359bdb
14 Nov, 2018 1 commit
- Set the URL prefix on the logout page · a7e8bbce
  ale authored Nov 14, 2018
  
  a7e8bbce
03 Nov, 2018 2 commits
- Support deploying the SSO server below a URL path prefix · 86a88695
  ale authored Nov 03, 2018
```
Likely fixes issue #7 (untested).
```
  86a88695
- Make the U2F AppID configurable · d0ca4be4
  ale authored Nov 03, 2018
  
  d0ca4be4
30 Oct, 2018 2 commits
- Fix some lint warnings using 'nolint' instead of weird idioms · 9e4b95f8
  ale authored Oct 30, 2018
  
  9e4b95f8
- Failed group membership check should return 403, not 401 · 57f0955d
  ale authored Oct 30, 2018
  
  57f0955d
29 Oct, 2018 2 commits
- Drop the groups param from the exchange API · 2ddc7cf4
  ale authored Oct 29, 2018
```
There seems to be no good reason to change group membership when
exchanging tokens, let's try just passing the old one over.
```
  2ddc7cf4
- Improve logging for exchange failures · bef0bea2
  ale authored Oct 29, 2018
  
  bef0bea2
18 Feb, 2018 5 commits
- Allow connections from the logout page CSP · c49e8adf
  ale authored Feb 18, 2018
  
  c49e8adf
- Encode services JSON as a string · 6577b086
  ale authored Feb 18, 2018
  
  6577b086
- Encode the services JSON in the logout handler · 70cd91e6
  ale authored Feb 18, 2018
  
  70cd91e6
- Test Javascript-based logout · 42a7cde1
  ale authored Feb 18, 2018
```
Using CORS-enabled requests in the background.
```
  42a7cde1
- Fix the Content-Security-Policy of the logout page · 1712ee81
  ale authored Feb 18, 2018
```
Allow loading remote images.
```
  1712ee81
16 Feb, 2018 1 commit
- Log a message when the keystore client is enabled · bcc3b0e8
  ale authored Feb 16, 2018
  
  bcc3b0e8
14 Jan, 2018 1 commit
- Refactor Server.Handler method for readability · 009e6615
  ale authored Jan 14, 2018
```
Should make the subdivision between apps (idp, sso) more obvious.
```
  009e6615
17 Dec, 2017 1 commit
- Support partitioned keystore service · db67c6a8
  ale authored Dec 17, 2017
```
Uses the clientutil.Backend abstraction for the keystore client API.
```
  db67c6a8
15 Dec, 2017 1 commit
- Add support for unlocking a remote user key store · 58b44b15
  ale authored Dec 09, 2017
  
  58b44b15
11 Dec, 2017 1 commit

Fix incomplete commit 9d388e · efe1ce96

ale authored Dec 11, 2017

It left the Prometheus instrumentation in server/http.go, while
it is already provided by the ai3/go-common package.

efe1ce96

20 Nov, 2017 1 commit
- Automatically recompute integrity hashes in templates · 1acce89a
  ale authored Nov 20, 2017
```
Uses 'go generate' to invoke sri.py.
```
  1acce89a
19 Nov, 2017 1 commit
- Add logout page · ef9ce4ba
  ale authored Nov 19, 2017
  
  ef9ce4ba
18 Nov, 2017 2 commits
- Only check group membership if 'g' param is actually set · f430169e
  ale authored Nov 18, 2017
```
Classic mistake with strings.Split("").
```
  f430169e
- Ensure secret tokens are deserialized as strings · 775db71e
  ale authored Nov 18, 2017
```
Otherwise gopkg.in/yaml.v2 won't decode strings to []bytes.
```
  775db71e
12 Nov, 2017 1 commit

Add a SSO HTTP proxy for legacy services · 929bcfd5

ale authored Nov 12, 2017

The proxy wraps endpoints (exposed as separate HTTP hosts) with single-sign-on
authentication.

929bcfd5

11 Nov, 2017 1 commit
- Add instrumentation of HTTP requests · 307f439e
  ale authored Nov 11, 2017
  
  307f439e
29 Oct, 2017 1 commit
- Initial commit · c1717fb2
  ale authored Oct 29, 2017
  
  c1717fb2