Commit Graph

  • c453b57440 refactor: simplify user parsing refactor/user-parsing Stavros 2026-01-08 15:56:23 +02:00
  • 454612226b chore: move sql files to sql directory Stavros 2026-01-08 15:35:58 +02:00
  • 0aa8037edc chore(deps-dev): bump globals from 16.5.0 to 17.0.0 in /frontend (#570) dependabot[bot] 2026-01-08 15:30:01 +02:00
  • 8872e68589 chore(deps): bump the minor-patch group in /frontend with 2 updates (#569) dependabot[bot] 2026-01-08 15:28:50 +02:00
  • 1ffb838c0f feat: add support for global ip filters (#567) Stavros 2026-01-08 15:26:53 +02:00
  • e8a7144302 Merge branch 'main' into feat/global-ip-filters feat/global-ip-filters Stavros 2026-01-08 15:24:13 +02:00
  • e3c98faf36 fix: username provider appearing when no auth is configured (#568) Pushpinder Singh 2026-01-08 03:28:54 -05:00
  • e553dae3c4 feat: add support for global ip filters Stavros 2026-01-07 20:08:37 +02:00
  • 1dc83c835c feat: add makefile to simplify development Stavros 2026-01-07 16:30:15 +02:00
  • 23987aade8 chore(deps): bump the minor-patch group across 1 directory with 5 updates (#566) dependabot[bot] 2026-01-07 13:38:08 +02:00
  • 9f52d13028 chore(deps): bump the minor-patch group across 1 directory with 2 updates (#560) dependabot[bot] 2026-01-07 13:37:45 +02:00
  • e7bd64d7a3 feat: add session max lifetime and fix refresh logic (#559) Pushpinder Singh 2026-01-07 06:37:23 -05:00
  • 721f302c0b chore: fix typo in example env Stavros 2026-01-07 13:25:39 +02:00
  • f1e2b55cd1 fix: add rate limiting in the forward auth endpoint (#555) Stavros 2025-12-31 21:04:08 +02:00
  • ad62bb8809 fix: add rate limiting in the forward auth endpoint fix/rate-limiting Stavros 2025-12-31 20:33:57 +02:00
  • caf993a738 wip Stavros 2025-12-31 19:47:53 +02:00
  • f564032a11 LDAP: Add mTLS / client certificate authentication support (#509) Priit Laes 2025-12-31 18:01:21 +02:00
  • 1ec1f82dbd chore(deps): bump the minor-patch group in /frontend with 2 updates (#552) dependabot[bot] 2025-12-31 18:00:12 +02:00
  • 7e17a4ad86 refactor: replace gorm with vanilla sql and sqlc (#541) Stavros 2025-12-31 17:59:21 +02:00
  • 3caebe18fa fix: review comments refactor/sqlc Stavros 2025-12-31 17:55:42 +02:00
  • 8652659e83 tests: fix tests Stavros 2025-12-31 17:25:07 +02:00
  • 2dc047d9b7 docs: regenerate readme sponsors list (#554) github-actions[bot] 2025-12-31 11:36:33 +02:00
  • 974f2a67f0 fix: allow any HTTP method for /api/auth/envoy (#551) Pushpinder Singh 2025-12-31 04:34:25 -05:00
  • 7c726cbcef refactor: rebase for main Stavros 2025-12-30 20:34:51 +02:00
  • 484db001c5 chore: go mod tidy Stavros 2025-12-30 18:36:23 +02:00
  • 9d97cab77c Merge branch 'main' into refactor/sqlc Stavros 2025-12-30 18:34:42 +02:00
  • 3c6bd44906 chore(deps): bump the minor-patch group across 1 directory with 3 updates (#545) dependabot[bot] 2025-12-30 18:28:04 +02:00
  • afddb2c353 chore(deps): bump github.com/google/go-querystring (#547) dependabot[bot] 2025-12-30 18:27:34 +02:00
  • 9a3fecd565 feat: non-docker acls (#549) Stavros 2025-12-30 18:26:57 +02:00
  • d348d97003 chore: update contributing instructions feat/non-docker-acls Stavros 2025-12-30 16:53:41 +02:00
  • 3a93800158 refactor: update release workflows to include submodule and patches Stavros 2025-12-30 16:31:50 +02:00
  • b37614f458 feat: add paerser as submodule and apply patch for nested maps Stavros 2025-12-30 16:08:40 +02:00
  • 3f2f813902 Trigger automated review shreknel-feature/oidc-provider-pr Olivier Dumont 2025-12-30 14:22:53 +01:00
  • 014550f80e CRITICAL: Add audience validation for access tokens Olivier Dumont 2025-12-30 14:10:50 +01:00
  • 5ec9989189 Remove redundant 'openid' scope special case logic Olivier Dumont 2025-12-30 13:52:01 +01:00
  • ad12110fbf Replace SHA256 with HKDF for key derivation and fix scope validation Olivier Dumont 2025-12-30 13:37:43 +01:00
  • ca74534048 Add bcrypt hashing for client secrets and RSA key encryption Olivier Dumont 2025-12-30 13:26:06 +01:00
  • 1b37096b58 CRITICAL: Add replay protection for authorization codes Olivier Dumont 2025-12-30 13:00:19 +01:00
  • cd068d16c2 Fix Python scoping issue: rename html variable to avoid conflict Olivier Dumont 2025-12-30 12:52:53 +01:00
  • 5b5799ab62 Fix XSS vulnerability: Escape user claims in HTML output Olivier Dumont 2025-12-30 12:46:03 +01:00
  • 672914ceb7 Remove insecure query parameter fallback for client credentials Olivier Dumont 2025-12-30 12:40:55 +01:00
  • f006ebe5e4 Fix open redirect vulnerability in authorize endpoint Olivier Dumont 2025-12-30 12:40:01 +01:00
  • dabb4398ad Implement PKCE (Proof Key for Code Exchange) support Olivier Dumont 2025-12-30 12:39:00 +01:00
  • ef157ae9ba Fix critical security issue: verify JWT signature in access token validation Olivier Dumont 2025-12-30 12:36:30 +01:00
  • 020fcb9878 Add OIDC provider functionality with validation setup Olivier Dumont 2025-12-30 12:17:40 +01:00
  • 333b854533 wip Stavros 2025-12-29 22:44:23 +02:00
  • 986ac88e14 Merge branch 'main' of https://github.com/steveiliop56/tinyauth Stavros 2025-12-29 19:46:38 +02:00
  • b159f44729 fix: add missing ldap search filter Stavros 2025-12-29 19:46:33 +02:00
  • 43487d44f7 feat: forward sub from oidc providers (#543) Stavros 2025-12-26 19:02:51 +02:00
  • 80121f2a36 fix: review comments feat/forward-sub Stavros 2025-12-26 18:55:08 +02:00
  • eef674a4e6 feat: forward sub from oidc providers Stavros 2025-12-26 18:28:53 +02:00
  • 2d8af0510e feat: refresh session cookie when session is active (#540) Stavros 2025-12-26 17:55:54 +02:00
  • a1c3e416b6 refactor: use proper module name (#542) Stavros 2025-12-26 17:53:24 +02:00
  • b58275dc48 refactor: use proper module name refactor/module Stavros 2025-12-26 17:44:07 +02:00
  • 6fc356a0a7 chore: reorganize go mod Stavros 2025-12-26 17:39:00 +02:00
  • c8e86d8536 refactor: replace gorm with vanilla sql and sqlc Stavros 2025-12-24 20:17:41 +02:00
  • 4275aa684a refactor: use current time to set new expiry feat/session-keep-alive Stavros 2025-12-24 14:52:44 +02:00
  • 7269fa1b95 chore: disable issue enrichment in coderabbit Stavros 2025-12-23 23:10:09 +02:00
  • d1c41a116b feat: refresh session cookie when session is active Stavros 2025-12-23 23:01:07 +02:00
  • ef25872fc3 feat: add support for Envoy proxy (#538) Stavros 2025-12-22 22:28:34 +02:00
  • 97291732f3 refactor: use a slice to check for supported proxies pushpinderbal/main Stavros 2025-12-22 22:19:43 +02:00
  • b75e715f9f Merge branch 'main' into pushpinderbal/main Stavros 2025-12-22 22:15:21 +02:00
  • 03ed18343e feat: unified config (#533) Stavros 2025-12-22 22:13:40 +02:00
  • 0a7e259d02 fix: review comments feat/unified-config Stavros 2025-12-22 22:11:17 +02:00
  • 7c5fa117fb chore: go mod tidy Stavros 2025-12-22 22:08:39 +02:00
  • d8b8be0100 Merge branch 'main' of https://github.com/steveiliop56/tinyauth into feat/unified-config Stavros 2025-12-22 22:08:24 +02:00
  • db4ed949e1 chore: resolve go mod and sum conflicts Stavros 2025-12-22 22:03:40 +02:00
  • 5cfe2babc4 chore: add quotes to all env variables Stavros 2025-12-22 22:01:09 +02:00
  • ed28e7a218 refactor: move tinyauth to separate package Stavros 2025-12-21 17:37:34 +02:00
  • 7db81121e1 fix: review comments Stavros 2025-12-21 17:25:04 +02:00
  • 195b70b4d7 chore: mod tidy Stavros 2025-12-21 11:23:00 +02:00
  • c4529be557 feat: add experimental config file support Stavros 2025-12-21 11:21:11 +02:00
  • 5a046bcfb2 fix(proxy): reorder method validation for proxy authentication Pushpinder Singh 2025-12-19 11:18:23 -05:00
  • ca2ec6cc01 feat(proxy): add method validation for proxy authentication Pushpinder Singh 2025-12-18 15:41:50 -05:00
  • f1bd1ca637 Merge branch 'steveiliop56:main' into main Pushpinder Singh 2025-12-18 15:15:52 -05:00
  • f3d2e14535 chore(deps): bump the minor-patch group across 1 directory with 15 updates (#531) dependabot[bot] 2025-12-18 20:51:31 +02:00
  • 0968f7317b chore(deps): bump oven/bun from 1.3.4-alpine to 1.3.5-alpine (#528) dependabot[bot] 2025-12-18 20:47:22 +02:00
  • 07638a27d0 chore(deps): bump github.com/go-playground/validator/v10 (#520) dependabot[bot] 2025-12-18 20:46:56 +02:00
  • 9aee6d8890 chore(deps): bump github.com/quic-go/quic-go from 0.54.1 to 0.57.0 (#513) dependabot[bot] 2025-12-18 20:46:37 +02:00
  • ba59ac687b chore(deps-dev): bump @types/node from 24.10.2 to 25.0.0 in /frontend (#512) dependabot[bot] 2025-12-18 20:46:15 +02:00
  • 36fbfa37a3 chore: add docs repo to readme (#525) exenza 2025-12-18 14:12:22 +00:00
  • 8e062bb1df refactor: simplify proxy route setup by consolidating envoy handling pushpinderbal 2025-12-17 20:21:17 -05:00
  • f64afce83d feat: add support for 'envoy' proxy in proxyHandler validation pushpinderbal 2025-12-17 18:56:26 -05:00
  • 0374370b0c fix: fix translations not loading Stavros 2025-12-17 23:36:01 +02:00
  • 7857dba57a chore: remove unused code Stavros 2025-12-17 23:31:24 +02:00
  • 3e12721844 refactor: update build Stavros 2025-12-17 23:21:15 +02:00
  • 9c7a4af295 chore: update example env Stavros 2025-12-17 19:42:26 +02:00
  • dba5580a7c refactor: remove dependency on traefik Stavros 2025-12-17 18:30:43 +02:00
  • e4e99f4805 feat: add initial implementation of a traefik like cli Stavros 2025-12-17 16:40:54 +02:00
  • 3555569a97 chore: add yaml config ref Stavros 2025-12-17 15:17:55 +02:00
  • 78f97c8550 refactor: split bootstrap to smaller files for better readability (#518) Stavros 2025-12-17 15:04:09 +02:00
  • 7df60840ce fix: assign configured providers to app context refactor/bootstrap Stavros 2025-12-14 19:34:45 +02:00
  • 2932aba750 chore: rename setup routes to setup router Stavros 2025-12-13 16:02:14 +02:00
  • 5cad1f0219 refactor: split bootstrap to smaller files for better readability Stavros 2025-12-13 15:58:41 +02:00
  • 3961589f1e feat: auto-create database directory if missing (#510) Modestas Rinkevičius 2025-12-11 14:43:57 +02:00
  • 5f2ec02c3d chore(deps): bump the minor-patch group across 1 directory with 10 updates (#508) dependabot[bot] 2025-12-10 17:47:16 +02:00
  • fa531cfd84 chore(deps): bump the minor-patch group across 1 directory with 3 updates (#504) dependabot[bot] 2025-12-10 17:46:41 +02:00
  • aa208267a7 chore(deps): bump oven/bun from 1.3.3-alpine to 1.3.4-alpine (#502) dependabot[bot] 2025-12-10 17:46:09 +02:00
  • d79901a962 chore(deps): bump alpine from 3.22 to 3.23 (#493) dependabot[bot] 2025-12-10 17:45:43 +02:00
  • 2c1554ab90 fix: CVE-2025-55182 in React (#507) Jaime 2025-12-09 22:44:52 +01:00