Skip to content

v0.15.9

Choose a tag to compare

View all tags
@zalando-robot zalando-robot released this 23 Jan 11:23
v0.15.9
3fa84cc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Changes

filters/auth: redirect grant callback request to the initial request domain (#2209)
Normally callback host (redirect_uri auth parameter) matches initial request host
because redirect_uri is created dynamically from the initial request and
therefore this change is doing nothing.
This change is useful when redirect_uri is fixed via -oauth2-auth-url-parameters,
initial request host is diffrent from the redirect_uri host but token
cookie should be issued for the initial request domain.
Consider example configuration:
Initial request to the https://foo.example.org/test triggers
authorization flow, provider redirects user to the https://callback.example.org/a-callback?...,
callback filter observes that initial request has diffrent host and
redirects request to another callback at https://foo.example.org/a-callback?...
which completes the flow and creates a token cookie for the foo.example.org domain.

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.15.9 skipper --help
# arm64
docker run -it registry.opensource.zalan.do/teapot/skipper-arm64:v0.15.9 skipper --help
# arm v7 32bit
docker run -it registry.opensource.zalan.do/teapot/skipper-armv7:v0.15.9 skipper --help
Assets 9
Loading