Pulse · oauth2-proxy/oauth2-proxy · GitHub

December 8, 2024 – January 8, 2025

Overview

16 Active pull requests

19 Active issues

13 Pull requests merged by 5 people

Fix formatting issue in Google provider doc
#2907 merged Jan 9, 2025
chore(deps): update helmv3
#2731 merged Jan 8, 2025
chore(deps): update docker-compose
#2853 merged Jan 8, 2025
chore(deps): update dependency golangci/golangci-lint to v1.63.4
#2899 merged Jan 8, 2025
doc: fix dex helm chart values for k8s example
#2880 merged Jan 4, 2025
chore(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.46.0
#2871 merged Jan 4, 2025
chore(deps): update alpine docker tag to v3.21.0
#2877 merged Jan 4, 2025
Fix linting after updating golangci-lint to 1.62.2
#2894 merged Dec 31, 2024
chore(deps): update dependency golangci/golangci-lint to v1.62.2
#2872 merged Dec 31, 2024
chore(deps): update dependency golang to v1.23.4
#2878 merged Dec 31, 2024
Microsoft Entra ID provider
#2390 merged Dec 31, 2024
chore(deps): update module golang.org/x/net to v0.33.0 [security]
#2886 merged Dec 23, 2024
chore(deps): update module golang.org/x/crypto to v0.31.0 [security]
#2884 merged Dec 17, 2024

3 Pull requests opened by 3 people

bugfix: when skip-jwt-bearer-tokens error on bearer token regex validation
#2888 opened Dec 19, 2024
Entra ID: Workload Identity support
#2902 opened Jan 5, 2025
Change redirect code from 302 to 307
#2905 opened Jan 7, 2025

3 Issues closed by 4 people

Make AzureProvider a child type of OIDCProvider
#2384 closed Jan 3, 2025
[Help]: redirect loop after [AuthSuccess]
#2889 closed Dec 24, 2024
[Support]: Unable to log error messages
#2885 closed Dec 12, 2024

16 Issues opened by 13 people

[Support]: KeyCloak is bypassed on a fresh session
#2908 opened Jan 9, 2025
[Feature]: Optional OIDC JWT Secured Authorization Response Mode
#2906 opened Jan 7, 2025
[Bug]: oauth2-proxy http2 oidc provider
#2904 opened Jan 7, 2025
Redirections return 302 instead of 307 code
#2903 opened Jan 7, 2025
[RFC]: Introduce Log Levels Using slog for Enhanced Logging Granularity
#2901 opened Jan 5, 2025
AuthFailure Invalid authentication via OAuth2: unable to obtain CSRF cookie
#2897 opened Jan 1, 2025
OIDC Discovery fails
#2896 opened Jan 1, 2025
Keycloak Health Check
#2895 opened Jan 1, 2025
Keycloak OIDC - Error redeeming code during OAuth2 callback: token exchange failed
#2893 opened Dec 30, 2024
[Feature]: Run oauth2-proxy from a golang project
#2892 opened Dec 26, 2024
[Bug]: OIDC with Firebase (GCP Identity) and option --allowed-group
#2891 opened Dec 26, 2024
[Bug]: Cookie Not Refreshed after Refresh Token is Accepted by Keycloak and New Access Token is issued (Redis Session Storage)
#2890 opened Dec 23, 2024
[Bug]: When skip-jwt-bearer-tokens=true got error on bearer token RegEx
#2887 opened Dec 19, 2024
[Bug]: Initial Redirect from IDP is to the main Oauth2 Proxy Ingress - Not the originating site
#2883 opened Dec 11, 2024
[Bug]: Critical fixable CVE
#2882 opened Dec 11, 2024
[Support]: Serve Angular content and API in the same time (alpha config)
#2881 opened Dec 9, 2024

45 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

feat: add ACR (Authentication Context Class Reference) capability
#2861 commented on Jan 8, 2025 • 6 new comments
feature: public keys file support for oidc provider
#2376 commented on Jan 8, 2025 • 5 new comments
Refresh Token on Demand
#2431 commented on Jan 4, 2025 • 2 new comments
Role-based Authorization support in `/oauth2/auth` endpoint
#2724 commented on Dec 24, 2024 • 1 new comment
Not redirecting to subpath after login using Traefik's 401 errors middleware
#1297 commented on Dec 20, 2024 • 0 new comments
Add support for per route authorization
#2011 commented on Jan 4, 2025 • 0 new comments
Add support for Google Cloud Identity API
#2122 commented on Jan 8, 2025 • 0 new comments
Add Cidaas provider
#2273 commented on Jan 4, 2025 • 0 new comments
adds option to use custom CAs for upstreams
#2526 commented on Dec 31, 2024 • 0 new comments
feat: Add support for Introspection based on headers
#2585 commented on Dec 27, 2024 • 0 new comments
structured config #1: introduce mapstructure decoder for yaml parsing
#2628 commented on Jan 5, 2025 • 0 new comments
structured config #2: legacy file structure refactoring and cookie support
#2629 commented on Jan 4, 2025 • 0 new comments
structured config #3: support for proxy options
#2630 commented on Jan 4, 2025 • 0 new comments
structured config #4: support for session and probes
#2632 commented on Jan 4, 2025 • 0 new comments
structured config #5: support logging
#2633 commented on Jan 4, 2025 • 0 new comments
Enable JWT token in non-standard headers
#2694 commented on Jan 8, 2025 • 0 new comments
feat: Allow use more possible google admin-sdk api scopes.
#2743 commented on Jan 6, 2025 • 0 new comments
Propagate errors during route building
#2767 commented on Jan 8, 2025 • 0 new comments
chore(deps): update docker-compose (major)
#2805 commented on Jan 9, 2025 • 0 new comments
feat: configure claim as JMES Path
#2834 commented on Jan 5, 2025 • 0 new comments
feat: add allowed_* constraint option to proxy endpoint query string
#2841 commented on Dec 27, 2024 • 0 new comments
[WIP]Add support for specifying allowed OIDC JWT signing algorithms (#2753)
#2851 commented on Jan 9, 2025 • 0 new comments
Pass along oidc config to verifier
#2869 commented on Jan 8, 2025 • 0 new comments
[Feature]: Docker: Add HEALTHCHECK command
#2555 commented on Dec 26, 2024 • 0 new comments
Feature Request: Batteries included dark theme
#1643 commented on Dec 28, 2024 • 0 new comments
Add name to error message "Error proxying to upstream server"
#1896 commented on Dec 28, 2024 • 0 new comments
[Support]: injectRequestHeaders with nested claims
#2519 commented on Dec 28, 2024 • 0 new comments
XHR request redirected instead of 401
#1522 commented on Dec 30, 2024 • 0 new comments
[Feature]: allowed_groups as header
#2875 commented on Dec 31, 2024 • 0 new comments
Upstream certificates not accepted
#1901 commented on Dec 31, 2024 • 0 new comments
401 cookie domain issue still not covered in docs and logs
#2857 commented on Dec 31, 2024 • 0 new comments
[Bug]: Nonce Mismatch During Refresh Token Flow with Keycloak (OIDC)
#2876 commented on Jan 1, 2025 • 0 new comments
[Bug]: Error while parsing OAuth2 state: invalid length
#2833 commented on Jan 2, 2025 • 0 new comments
[Bug]: --allowed-role from keycloak-oidc breaks basic authentication configured with htpasswd
#2791 commented on Jan 2, 2025 • 0 new comments
[Feature]: Don't require email for OIDC
#2667 commented on Jan 3, 2025 • 0 new comments
[Support]: Get AppRoles in role claim of an Azure App Registration
#2874 commented on Jan 3, 2025 • 0 new comments
[RFC]: Introduce structural configuration (Deprecate flags and env?)
#532 commented on Jan 4, 2025 • 0 new comments
from version V7.2.0 silent refresh not working, oauth2-proxy validates ID token which will be valid for initial 1 hour only. causing refresh flow to trigger reauthentication to IDP after 1 hour from initial login
#1640 commented on Jan 5, 2025 • 0 new comments
[Support]: How to Implement OAuth2 Proxy with React App and Node.js Backend Without Losing Headers
#2860 commented on Jan 6, 2025 • 0 new comments
[Support]: Oauth2-proxy as proper ExtAuth solution
#2832 commented on Jan 6, 2025 • 0 new comments
[Bug]: azure provider configuration does not work following documentation for v1.0 Azure Auth endpoint
#2707 commented on Jan 8, 2025 • 0 new comments
Add feature of oauth2 token introspection based on RFC7662
#1751 commented on Jan 4, 2025 • 0 new comments
Fix wrong token used in Keycloak OIDC provider
#1916 commented on Jan 4, 2025 • 0 new comments
Feature/multi tenancy
#1923 commented on Jan 4, 2025 • 0 new comments
Validate a session using the access token in the OIDC provider
#1933 commented on Jan 4, 2025 • 0 new comments