Age | Commit message (Collapse) | Author |
|
|
|
* Fix the gitlab oauth issue.
* Update for gitlab 11.1+
Versions beyond 11.1 (and possibly a few releases before) use a
different method for delivering tokens. They also have disabled
version 3 of the api.
These changes address that and add a debugging mode for the server
that make it easier to debug issues like this in the future.
* Cleanup of PR.
Updated README. Removed code duplication.
|
|
Split runs into lint/test
Remove go 1.9 - coverage does not work with `./...` and go 1.9
|
|
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces.
Closes #70
|
|
|
|
- Add `fast_finish` to travis config
- Specify that Go 1.9 is supported
- Additional error checking which was previously missed
- Make the migrations test better
-
|
|
Static content generator finds the root of the git repo and executes from there. Packr will scan subdirs for boxes to be packed.
|
|
|
|
Makefile:
- Use goimports to format
- Regenerate static files
- Check that the git branch is clean
README:
- Remove section on Docker. To be re-added.
- Link to releases
|
|
|
|
|
|
|
|
* enables saving private keys
* renames public_file_prefix to key_file_prefix and updates its docs to better reflect the changes
|
|
|
|
|
|
|
|
Infer the redirect url from the request instead
|
|
|
|
Resolves #40
|
|
Allow the client to save the public key and public cert to files
that start with public_file_prefix and end with .pub and -cert.pub
respectively.
This is the naming scheme the ssh IdentityFile config option supported
for certs starting in version 5.4p1. Starting in version 7.2p1, an
additional option, CertificateFile, was added, but the IdentityFile-only
method with those names still works.
Used in conjunction with a user's ~/.ssh/config file setting
IdentitiesOnly and IdentityFile, this change will allow for multiple
ssh CAs for different services.
Note that this will resolve #49 .
|
|
Defaults to public gitlab.com, but easily redirected to self-hosted
installation.
|
|
|
|
|
|
|
|
|
|
|
|
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt
|
|
The 'datastore' string option is deprecated and will be removed in a
future version. The new 'database' map option is preferred.
|
|
|
|
Vault is supported for the following:
As a well-known filesystem for TLS cert, TLS key and SSH signing key.
For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add contributing section
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Whitelist Google users based on their email address instead of the username part of the email address.
Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse.
Skip testing for a Google Apps domain (ui.Hd) if no domain is configured.
Principals will still be added as the user part of the email address.
For the Github provider, skip checking that the user is a member of an organization is none is configured.
|
|
|
|
|
|
This allows the signing key to be read directly from S3 using a path like
/s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>.
|
|
|
|
|