This repository has been archived by the owner on Jan 24, 2019. It is now read-only.
Improvements & Bug Fixes:
- #278 Cookie Name validation (thanks @tanuck)
- #292 Strip sensitive URL parameters from log output (thanks @nickmiller-wf)
- #299 Update vendor'd
oauth2/google(thanks @tamsky) - #205 #339 -pass-user-headers options (thanks @jsievers)
- #346 warn on oversized cookies (thanks @bdwyertech)
- #349 Add
/oauth2/sign_outendpoint (thanks @braincube-io) - #354 fix windows build (thanks @ploxiln)
- #355 Improvements to release build scripting (thanks @ploxiln)
- #359 Fix
//...redirect checking (thanks @arnottcr) - #360 CSRF protection for OAuth flow (thanks @arnottcr @TheRook)
- #362
-ssl-insecure-skip-verifyoption - #319 nginx oauth_request fixes (thanks @ashkulz)
- #365 fix http-address parsing (thanks @travisofthenorth)
- #370
-skip-auth-preflightoption to skip preflight OPTIONS requests (thanks @idntfy)
Provider Bug Fixes & Improvements
- #274 Azure provider (thanks @ElDiabloComputatore)
- #357 Skip 404 errors when looking up Google groups (thanks @mtak @wrapp)
Docs:
- #272, #273 nginx auth_request documentation updates (thanks @semenko)
- #290 - skip-provider-button (thanks @MarkHerhold)