| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-05-28 | refactor: parse headers injected by envoy | mo khan | |
| 2025-05-26 | fix: do not clear id_token cookie on error | mo khan | |
| 2025-05-26 | refactor: parse id token from custom x-jwt-payload header | mo khan | |
| 2025-05-23 | feat: add external authorization service (authzd) with JWT authentication | mo khan | |
| - Add new authzd gRPC service implementing Envoy's external authorization API - Integrate JWT authentication filter in Envoy configuration with claim extraction - Update middleware to support both cookie-based and header-based user authentication - Add comprehensive test coverage for authorization service and server - Configure proper service orchestration with authzd, sparkled, and Envoy - Update build system and Docker configuration for multi-service deployment - Add grpcurl tool for gRPC service debugging and testing This enables fine-grained authorization control through Envoy's ext_authz filter while maintaining backward compatibility with existing cookie-based authentication. | |||
| 2025-05-15 | refactor: decouple from oauth config | mo khan | |
| 2025-05-15 | refactor: remove oidc.OpenID struct | mo khan | |
| 2025-05-15 | refactor: inline usage of validate id token | mo khan | |
| 2025-05-11 | refactor: use same cookie names as envoy plugin | mo khan | |
| 2025-05-08 | feat: use a cookie prefix to lock down the session cookie | mo khan | |
| > __Host-: If a cookie name has this prefix, it's accepted in a > Set-Cookie header only if it's also marked with the Secure attribute, > was sent from a secure origin, does not include a Domain attribute, > and has the Path attribute set to /. In other words, the cookie is > domain-locked. https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#cookie_prefixes | |||
| 2025-05-07 | refactor: extract helper to log errors consistently | mo khan | |
| 2025-05-07 | refactor: move cookie to web package | mo khan | |
| 2025-04-30 | refactor: delegate to cookie.Reset to overload with options | mo khan | |
| 2025-04-28 | refactor: extract method to validate id token | mo khan | |
| 2025-04-28 | feat: use htmx to render partials | mo khan | |
| 2025-04-25 | refactor: move key pacakge to cfg | mo khan | |
| 2025-04-25 | refactor: move db and mountable to app | mo khan | |
 |
index : gitlab/sparkled.git | |
| GitLab CI/CD utilities | git |
| summaryrefslogtreecommitdiff |