Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-08-10 | Add Microsoft auth provider | Kevin Lyda | |
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces. Closes #70 | |||
2018-08-10 | Mention `require_reason` in config & READMEv1.1.0 | Niall Sheridan | |
2018-08-08 | Misc fixes | Niall Sheridan | |
- Add `fast_finish` to travis config - Specify that Go 1.9 is supported - Additional error checking which was previously missed - Make the migrations test better - | |||
2018-08-07 | Updates to static content generation, docs and examples | Niall Sheridan | |
Static content generator finds the root of the git repo and executes from there. Packr will scan subdirs for boxes to be packed. | |||
2018-08-07 | Use multi-stage build with current Go version | Niall Sheridan | |
2018-08-06 | Makefile and README fixes | Niall Sheridan | |
Makefile: - Use goimports to format - Regenerate static files - Check that the git branch is clean README: - Remove section on Docker. To be re-added. - Link to releases | |||
2017-10-19 | Warn when not using a persistent datastore | Niall Sheridan | |
2017-08-14 | Use bold text | Niall Sheridan | |
2017-08-14 | Add a note about the dangers of relying on dropping privs in Go | Niall Sheridan | |
2017-06-05 | Saving private keys (#61) | fuero | |
* enables saving private keys * renames public_file_prefix to key_file_prefix and updates its docs to better reflect the changes | |||
2017-03-02 | Add Go to client requirements | Niall Sheridan | |
2017-02-11 | Revert "Remove the oauth_callback_url config option" | Niall Sheridan | |
2017-02-11 | no-op commit | Niall Sheridan | |
2017-02-09 | Remove the oauth_callback_url config option | Niall Sheridan | |
Infer the redirect url from the request instead | |||
2017-01-27 | Remove datastore | Kevin Lyda | |
2017-01-27 | Remove mongo support | Kevin Lyda | |
Resolves #40 | |||
2017-01-27 | Add a public_file_prefix option to cashier.conf | Kevin Lyda | |
Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 . | |||
2017-01-25 | Create a gitlab auth source. | Kevin Lyda | |
Defaults to public gitlab.com, but easily redirected to self-hosted installation. | |||
2017-01-18 | Clarify logfiles and well-known filepaths | Niall Sheridan | |
2017-01-14 | Add critical options support | Niall Sheridan | |
2017-01-13 | Use wkfs to manage the lets encrypt cache | Niall Sheridan | |
2017-01-08 | Remove dbinit and use sql/js seed files | Niall Sheridan | |
2017-01-06 | Check that tls cert/key are set if use_tls is true | Niall Sheridan | |
2016-12-28 | Add LetsEncrypt support | Niall Sheridan | |
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt | |||
2016-10-11 | Replace the 'datastore' option with a 'database' option | Niall Sheridan | |
The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred. | |||
2016-10-06 | Update README | Niall Sheridan | |
2016-10-06 | Add support for Hashicorp Vault | Niall Sheridan | |
Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options. | |||
2016-10-06 | Drop support for go 1.5 | Niall Sheridan | |
2016-09-12 | Minor changes | Niall Sheridan | |
2016-09-04 | update README | Niall Sheridan | |
2016-09-04 | Update README | Niall Sheridan | |
2016-08-27 | Allow setting some config from environment | Niall Sheridan | |
2016-08-26 | First attempt at dropping privileges | sid77 | |
2016-08-22 | Update README | Niall Sheridan | |
Add contributing section | |||
2016-08-16 | Allow selecting which ip to listen on | Niall Sheridan | |
2016-08-09 | Update doc | Niall Sheridan | |
2016-08-09 | Document sqlite | Niall Sheridan | |
2016-07-31 | Support mongo datastores | Niall Sheridan | |
2016-07-03 | first pass at a certificate store | Niall Sheridan | |
2016-06-30 | Configurable logfile location | Niall Sheridan | |
2016-06-29 | Add CI image | Niall Sheridan | |
2016-06-14 | Update whitelisting | Niall Sheridan | |
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured. | |||
2016-06-14 | Update README | Niall Sheridan | |
2016-06-14 | Add support for a users whitelist | Marco Bonetti | |
2016-06-05 | Add AWS S3 and Google GCS virtual filesystems. | Niall Sheridan | |
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>. | |||
2016-06-01 | Fix | Niall Sheridan | |
2016-05-29 | Replace json examples with hcl examples | Niall Sheridan | |
2016-05-29 | Merge pull request #7 from nsheridan/client_config | Niall Sheridan | |
client: use a config file in addition to command-line flags | |||
2016-05-29 | Use flags as defaults, allow them to override config file | Niall Sheridan | |
2016-05-29 | Remove unneeded template_dir | Niall Sheridan | |