summaryrefslogtreecommitdiff
path: root/app
AgeCommit message (Collapse)Author
2025-05-24feat: connect rpc client to inversion of control containermo khan
2025-05-24refactor: decorate handler with access check middlewaremo khan
2025-05-24feat: create middleware to check if user has permissionmo khan
2025-05-23feat: parse the body of the id tokenmo khan
2025-05-23feat: add external authorization service (authzd) with JWT authenticationmo khan
- Add new authzd gRPC service implementing Envoy's external authorization API - Integrate JWT authentication filter in Envoy configuration with claim extraction - Update middleware to support both cookie-based and header-based user authentication - Add comprehensive test coverage for authorization service and server - Configure proper service orchestration with authzd, sparkled, and Envoy - Update build system and Docker configuration for multi-service deployment - Add grpcurl tool for gRPC service debugging and testing This enables fine-grained authorization control through Envoy's ext_authz filter while maintaining backward compatibility with existing cookie-based authentication.
2025-05-15chore: allow envoy to handle health checksmo khan
2025-05-15feat: remove oauth config and client secret from sparklemo khan
2025-05-15refactor: decouple from oauth configmo khan
2025-05-15refactor: rename TestServer to OIDCServermo khan
2025-05-15refactor: allow cookie parser to accept cookie namemo khan
2025-05-15refactor: remove unused environment variablesmo khan
2025-05-15refactor: move NewOIDCProvider to web packagemo khan
2025-05-15refactor: inline usage of RawToken typemo khan
2025-05-15refactor: remove more types from oidc packagemo khan
2025-05-15refactor: remove oidc.OpenID structmo khan
2025-05-15refactor: provide oauth config to oidc.Newmo khan
2025-05-15chore: register oauth2 config in inversion of control containermo khan
2025-05-15refactor: inline usage of validate id tokenmo khan
2025-05-15refactor: delete code that is now handled by envoymo khan
2025-05-14refactor: remove unnecessary params from ctormo khan
2025-05-14feat: provider a fallback provider that defaults to hard-coded pathsmo khan
2025-05-14test: exit if discovery endpoint is not reachablemo khan
2025-05-11fix: redirect to dashboard when already logged in at callback urlmo khan
2025-05-11refactor: inline unncessary methodmo khan
2025-05-11refactor: use same cookie names as envoy pluginmo khan
2025-05-11feat: add endpoint to reflect JWT bodymo khan
2025-05-11test: test envoy and sparkle via testcontainersmo khan
2025-05-08refactor: move html render to data transfer objectmo khan
2025-05-08feat: test out a redirect page in stagingmo khan
2025-05-08feat: use a cookie prefix to lock down the session cookiemo khan
> __Host-: If a cookie name has this prefix, it's accepted in a > Set-Cookie header only if it's also marked with the Secure attribute, > was sent from a secure origin, does not include a Domain attribute, > and has the Path attribute set to /. In other words, the cookie is > domain-locked. https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#cookie_prefixes
2025-05-08chore: add link to 404 issuemo khan
2025-05-08chore: write cookie validity to logmo khan
2025-05-08feat: clear the oauth state cookie after usagemo khan
2025-05-08chore: log the generated cookiemo khan
2025-05-07refactor: use Mapper typemo khan
2025-05-07feat: check if cookie is validmo khan
2025-05-07fix: do not clear set-cookie headermo khan
2025-05-07fix: remove the csrf cookie after usagemo khan
2025-05-07chore: log the expiration of the access tokenmo khan
2025-05-07chore: log session cookie to understand why it is not being deliveredmo khan
2025-05-07fix: use same site lax mode to allow setting cooking on redirectmo khan
2025-05-07refactor: provide context to repository to apply timeoutmo khan
2025-05-07feat: digitally sign and verify cookie using randomly generated keymo khan
2025-05-07refactor: move test server to oidc packagemo khan
2025-05-07refactor: extract helper to log errors consistentlymo khan
2025-05-07refactor: delegate to cookie packagemo khan
2025-05-07refactor: move cookie to web packagemo khan
2025-05-07refactor: delegate to cookie package to write to response streammo khan
2025-05-07refactor: delegate to cookie packagemo khan
2025-04-30fix: strict same site mode breaks redirectsmo khan
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 04:54:04 +0000