Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Added samesite strict validation * Added validation for security profile * ✨ logout csrf validation * ✨ Configuration file validation * talisman file * 👷 set github relase to draft per default * changed default host uri in sample configuration file to localhost:8080 * fix: upgrade com.nimbusds:oauth2-oidc-sdk from 8.23 to 8.23.1 (#16) Snyk has created this PR to upgrade com.nimbusds:oauth2-oidc-sdk from 8.23 to 8.23.1. See this package in Maven Repository: https://mvnrepository.com/artifact/com.nimbusds/oauth2-oidc-sdk/ See this project in Snyk: https://app.snyk.io/org/gianlucafrei-och/project/181b8f16-e1ad-4f9e-a379-cc431e0f9f55?utm_source=github&utm_medium=upgrade-pr * fix: upgrade com.nimbusds:nimbus-jose-jwt from 9.1 to 9.1.1 (#15) Snyk has created this PR to upgrade com.nimbusds:nimbus-jose-jwt from 9.1 to 9.1.1. See this package in Maven Repository: https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt/ See this project in Snyk: https://app.snyk.io/org/gianlucafrei-och/project/181b8f16-e1ad-4f9e-a379-cc431e0f9f55?utm_source=github&utm_medium=upgrade-pr * 👷 Added ci pipeline for dev branch * Hardcoded hosturi for tests * Fixed release pipeline to trigger on version tags only * Added contribution guideline * Update CONTRIBUTING.md * Session renewal (#36) Session renewal * Added config field renewWhenLessThan * ✨ Implemented session senewal * Made error message more precise * updated sample configuration * Added session renewal config to README * cleaned up code Co-authored-by: Gian-Luca Frei <gifr@Gian-Lucas-MacBook-Pro.local> * Initial compiling version - generating new TraceId - assigning to MDC for Logging Open: - taking over values - configuration - sending traceId downstream * Migrated to Spring Cloud Gateway and WebFlux * Init spring cloud gateway routes * ported login logout test * fixed concurrency issue in gateway filters * Migrated Zuul Filter * Added route rewrite * Server-side session invalidation with local persistent blacklist * First running version Open: - taking over values * Added taking over values from incoming calls Open: - a few tests and documentation review * Added implementations for noTrace and simpleTrace as well as api documentation and tests. * Implemented contextual logging * 34 correlation (#55) * Initial compiling version - generating new TraceId - assigning to MDC for Logging Open: - taking over values - configuration - sending traceId downstream * First running version Open: - taking over values * Added taking over values from incoming calls Open: - a few tests and documentation review * Added implementations for noTrace and simpleTrace as well as api documentation and tests. Co-authored-by: Padi Steger <patrick.steger@zuehlke.com> * Big package renaming * Renaming in pipelines * Updated terminology in code and config * Changed docker file to multi-stage build * Updated terminology in docu * Updated terminology in strings * Updated config path variable name * Cleaned up gitignore * Changed java version to 11 * updated banner * git updated dev pipeline to use docker build only * fixed dockerfile when no txt files are in root folder * Dockerfile fix2 * Updated build pipeline to docker only * Try fixed github_ref * Fix github_ref try 2 * Fixed github_ref try 3 * Fixed dockerfile copy error * Updated release pipeline * Fixed release pipeline * Refactored Bean Creation * Fixed container tag name in release pipeline * Added infrastructure package * Added factories for LoginDriver and CsrfProtection * Removed callbackUri from LoginDriverConstructor * Added Factory Classes for LoginDrivers * Changed session id to 64bit secure random nonce * Introduced reasonable trace interface. (#58) Co-authored-by: Padi Steger <patrick.steger@zuehlke.com> * Changed TraceContextBridge to use the Bean from the PostConfigBeanConfiguration class * Re fixed trace id, thanks padi for finding the bug 😁 Co-authored-by: = <=> Co-authored-by: Snyk bot <snyk-bot@snyk.io> Co-authored-by: Gian-Luca Frei <gifr@Gian-Lucas-MacBook-Pro.local> Co-authored-by: Padi Steger <patrick.steger@zuehlke.com> Co-authored-by: Padi Steger (OWASP Switzerland) <77661049+Padi-owasp@users.noreply.github.com>
- Loading branch information