46f0d6f7e4
remove dead code
2021-08-18 14:06:02 +02:00
06fda516ec
Update proxy/pkg/middleware/accesslog.go
...
Co-authored-by: David Christofas <dchristofas@owncloud.com >
2021-08-18 14:03:19 +02:00
0f0d305f6d
linter: fix var name
2021-08-18 11:25:44 +02:00
1dd4644370
fix requestid
2021-08-18 11:10:50 +02:00
ed85fedf1a
update github.com/coreos/go-oidc to version 3.0.0
2021-08-13 09:55:17 +02:00
eacdb8fa2f
Merge pull request #2386 from owncloud/switch-jwt-lib
...
switch jwt library
2021-08-12 17:24:57 +02:00
b8150f25b8
switch jwt library
...
The old library github.com/dgrijalva/jwt-go is now unmaintained and was replaced by the community maintained fork github.com/golang-jwt/jwt
2021-08-12 16:53:17 +02:00
55aacdea13
update reva to ec4099da
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-08-12 11:08:10 +00:00
c3951d67c8
forward basic auth to OpenID connect token authentication endpoint
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-26 11:12:33 +00:00
bea986fe26
pass only request instead of context
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-23 09:03:14 +00:00
a0dce56480
use cookie to enforce routing for regex and claim selector
2021-07-23 08:38:55 +00:00
cb70f4882f
add todo for x-access-header handling
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-23 08:33:18 +00:00
4385d3dacb
add RegexSelector
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-23 08:22:40 +00:00
40c8031441
add claims policy selector
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-23 08:07:17 +00:00
2293403d45
use errors.Is()
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-22 16:35:31 +00:00
1f3e963c29
use claims map instead of struct
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-22 09:20:36 +00:00
b148faada6
Merge pull request #2294 from owncloud/fix-trashbin-expected-failures
...
Fix Trashbin Expected Failures
2021-07-21 20:59:43 +02:00
74696dbd36
remove redundant line
2021-07-19 13:29:12 +02:00
8c7f1f01ff
do not try to add the selected policy to the context
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-14 20:45:38 +00:00
1dc7aac6fd
proxy access log
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2021-07-14 13:14:27 +00:00
7ab586b2ab
proxy is now aware of webdav responses
2021-07-13 15:38:44 +02:00
bfdcc0180c
fix 230, 231 - first draft
2021-07-13 14:33:24 +02:00
ac49348b41
fix 215, 216 - first draft
2021-07-13 14:29:26 +02:00
29c5cb627a
Update scope usage and add Changes for lightweight accounts
2021-07-13 13:03:06 +02:00
34e0877df7
Merge pull request #1951 from ishank011/uid-gid-user-object
...
Use CS3 user object fields to store UID and GID
2021-06-25 10:06:14 +02:00
6168ee7095
Use CS3 user object fields to store UID and GID
2021-06-16 18:05:40 +02:00
ed94da5104
ignore authentication header on status.php
2021-06-16 16:59:11 +02:00
f6ac50244b
update invocations of MintToken and DismantleToken
2021-05-11 14:18:43 +02:00
c532073dd1
remove JWT from logs
...
secrets should not be exposed in the logs
2021-03-03 15:30:11 +01:00
cfcd4b5992
resolve linter issues
2021-02-26 14:24:25 +01:00
7ad38d7757
fix token cache TTL
...
The TTL was supplied to the middleware as a duration and then in that middleware multiplied by `time.Second` again. Durations should not be multiplied because they result in unintended values.
```go
time.Second * 1 = 1s
time.Second * time.Second = 277777h46m40s
```
2021-02-22 18:40:15 +01:00
d7b1ecb3dc
Change (ocis,OCIS) to oCIS, unify GitHub branding
2021-01-28 00:32:47 +00:00
af870e005e
add more tests and benchmark for cache
...
refactor cache to use atomic uint
2021-01-19 23:23:41 +01:00
f13530425a
move cache to sync package
...
rollback indexer map
use sync.pool for cache entries
add tests for cache
remove main locks from nrwmutex and use sync.map and sync.pool instead
bump dockerfile go version
2021-01-19 23:23:41 +01:00
a02fb890f7
remove locking from accounts service
...
add a cached named rwlock pkg
use sync.map in the cache pkg
use named rwlock in indexer pkg
use sync.map in indexer pkg
remove husky
2021-01-19 23:23:41 +01:00
cd2eb0e39b
Accounts UserBackend tests
2020-12-22 17:27:55 +01:00
1b29e56d12
account_resolver_test.go
2020-12-22 16:16:57 +01:00
92a1bc8fb6
Make it possible to use CS3 as accounts backend instead of account-service
...
Configureable via:
PROXY_ACCOUNT_BACKEND_TYPE=cs3
PROXY_ACCOUNT_BACKEND_TYPE=accounts (default)
By using a backend which implements the CS3 user-api (currently provided by reva/storage) it is possible to bypass
the ocis-accounts service and for example use ldap directly.
Hides user and auth related communication behind a facade (user/backend) to minimize logic-duplication across middlewares.
Allows to switich the account backend from accounts to cs3.
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-12-11 18:34:43 +01:00
beb83f3f40
Merge pull request #1025 from owncloud/remove-unused-errors
...
Remove unused errors
2020-12-04 18:46:51 +01:00
61a8f00837
Remove unused errors
2020-12-04 15:50:22 +01:00
2cddc0a23c
fix leftover typo
2020-12-04 13:53:34 +01:00
f1521e4df7
refactor authentication.go
2020-12-04 13:51:48 +01:00
7d8336ce4b
use regexp to assert routes, remove StatusRecorder
2020-12-04 13:17:25 +01:00
9a253370e8
export StatusRecorder
2020-12-03 12:22:35 +01:00
c89ead3fc5
fix linter
2020-12-03 12:19:49 +01:00
e4974e020d
minimal refactor
2020-12-02 15:51:39 +01:00
2910e88ba5
ugly working draft
2020-12-02 15:31:17 +01:00
752cd4f626
first draft for configuring user agent multiplex on ocis
2020-12-02 12:04:09 +01:00
28e8f75ebd
whitelist depending on the URI
2020-12-01 17:10:04 +01:00
348c54f2e7
write www-authenticate and delegate to reva
2020-12-01 16:57:36 +01:00
A.Unger