github.com/ory/oathkeeper issues | Ecosyste.ms: OpenCollective

fix: bump libcrypto and alpine

Demonsthere opened this pull request 9 days ago

chore: update dependencies

aeneasr opened this pull request 17 days ago

Oathkeeper: adding additional info to oathkeeper info logs

DenisPnko opened this issue 18 days ago

Option strip_path is ignored by .MatchContext.URL.Path

renom opened this issue 20 days ago

feat: support EdDSA signing algorithms

taisph opened this pull request 23 days ago

fix: configuration editor on ory.sh/docs

alnr opened this pull request 24 days ago

insecure_skip_verify for upstream

wei840222 opened this issue about 1 month ago

chore: update actions and rl workaround

tricky42 opened this pull request about 1 month ago

chore: pin GHA PM action version

nipsufn opened this pull request about 1 month ago

chore: upgrade deps with high cves

Demonsthere opened this pull request about 1 month ago

feat: rule.upstream support insecure_skip_verify

wei840222 opened this pull request about 1 month ago

Multiple matching rules are causing 500

krukowskid opened this issue about 2 months ago

chore: upgrade ristretto to use generics

aeneasr opened this pull request about 2 months ago

Multiple authorizers

renom opened this issue about 2 months ago

Removes duplicated term in conditional expression

chavacava opened this pull request about 2 months ago

chore: adjust project automation

nipsufn opened this pull request 2 months ago

This request object uses unsupported signing algorithm "EdDSA"

taisph opened this issue 3 months ago

Configuration reference isn't displayed at ory.sh

renom opened this issue 3 months ago

fix: ensure `bearer_token` respects `token_from`

TamerShlash opened this pull request 3 months ago

Oathkeeper reverse proxy continuous high memory utilization

DenisPnko opened this issue 3 months ago

fix: remote authorizers

alnr opened this pull request 3 months ago

chore: bump to go 1.22 and fix automations

alnr opened this pull request 3 months ago

feat: upgrade go-swagger to avoid build error.

HappyHacker123 opened this pull request 3 months ago

chore: bump go-jose

hperl opened this pull request 4 months ago

Upgrade 'go-swagger/go-swagger' to avoid build error.

HappyHacker123 opened this issue 4 months ago

feat: include query arguments from forwaded uri in url of decision request

GaneshTILLX opened this pull request 4 months ago

feat: make id_token mutator cache configurable

David-Wobrock opened this pull request 4 months ago

fix: set correct max cost for oauth2 introspection authn handler

David-Wobrock opened this pull request 4 months ago

chore: update newsletter link

vinckr opened this pull request 5 months ago

chore: update newsletter link

vinckr opened this pull request 5 months ago

ci: update Code QL action to v2

IchordeDionysos opened this pull request 5 months ago

cookie_session authenticator does not extract subject when method is HEAD

DrDobbY opened this issue 6 months ago

chore: bump golang-jwt to v5

David-Wobrock opened this pull request 6 months ago

feat: match_json_field in remote_json authorizer (#1164)

jaspeen opened this pull request 6 months ago

Match response body in remote_json authorizer

jaspeen opened this issue 6 months ago

chore: add kubescape image scanner

Demonsthere opened this pull request 7 months ago

Oathkeeper returns a 401 "Access credentials are invalid" when exceeding Ory Network's rate limiting on /sessions/whoami endpoint

wewelll opened this issue 7 months ago

Oathkeeper docker-compose.yml outdated env vars

cerealkill opened this issue 7 months ago

feat(cmd/serve): add in default-shutdown-timeout flag to increase shutdown timeout on http server shutdown

ottingbob opened this pull request 8 months ago

Oathkeeper bombards Ory Network with requests after upgrade to 40.x

Withel opened this issue 8 months ago

Upgrade Oathkeeper helm chart 0.41 causes 503

WoodyWoodsta opened this issue 8 months ago

fix: query string included for the first collapsed path segment

mehdimas opened this pull request 8 months ago

Oathkeeper returns encoded cookie

c0d3rm0n opened this issue 8 months ago

Duplicate requests using decisions endpoint via NGINX

karlis-vagalis opened this issue 9 months ago

update oathkeeper to v0.40.7

brahmlower opened this pull request 9 months ago

Git as a repository for access rules & granularity: check against specific ingress against specific accessrule files

qdrddr opened this issue 10 months ago

feat: add `delegate` authenticator

yunier-rojas opened this pull request 10 months ago

Implement a `delegate` authenticator

yunier-sc opened this issue 10 months ago

None of the provided URLs returned a valid JSON Web Key Set

adriano-di-giovanni opened this issue 10 months ago

chore: bump golangci-lint

alnr opened this pull request 10 months ago

Outdated OTEL dependencies prevent import

nico151999 opened this issue 11 months ago

fix: update regex engine to support possessive match and lookbehind syntaxes

cmmoran opened this pull request 11 months ago

Decision API is not respecting the token_from config

osbornk opened this issue about 1 year ago

feat: add scopes validator for logical evalulation

JarekKa opened this pull request about 1 year ago

Reference to .MatchContext.RegexpCaptureGroups doesn't render in access rules authenticator config

sunnyyip opened this issue about 1 year ago

feat: for remote_json authorizer, add headers

divyun opened this pull request about 1 year ago

Oathkeeper does not support X-Forwarded headers properly

eratolekov opened this issue about 1 year ago

fix: Authorizer "remote" throws exception

timthornton-avid opened this pull request about 1 year ago

Basic Authorization header result in Unauthorized when using `anonymous` authenticator handler

sayoun opened this issue over 1 year ago

Authorizer "remote" throws exception "invalid Read on closed Body" if request body is present in request

denysandriyanov opened this issue over 1 year ago

fix: avoid unescaping slashes when proxying URLs

refi64 opened this pull request over 1 year ago

upstream reference closed: github.com/GoogleContainerTools/distroless/issues/1342

github-actions[bot] opened this issue over 1 year ago

feat: preserve_host feature for oauth2_introspect

alnr opened this pull request over 1 year ago

Docs wrong for `bearer_token` Subject default location

logan-hcg opened this issue over 1 year ago

"any" matching option for "required_scope" in JWT authenticator

damianpietruszewski opened this issue over 1 year ago

chore: update Dockerfile-alpine

Demonsthere opened this pull request over 1 year ago

Allow API key pre-authorization in oauth2_introspection authenticator

marcinfigiel opened this issue over 1 year ago

Allow/deny `remote(_json)` authorizers depending response content

David-Wobrock opened this issue over 1 year ago

chore: bump ory/herodot

alnr opened this pull request over 1 year ago

fix: change distroless to base [Do not merge yet]

Demonsthere opened this pull request over 1 year ago

fix: properly copy x-forwarded headers from upstream

aeneasr opened this pull request over 1 year ago

feat: flag to disable hop-by-hop defenses

aeneasr opened this pull request over 1 year ago

feat: support token rotation in ID token mutator

aeneasr opened this pull request over 1 year ago

chore: update gRPC to v1.56.1

aeneasr opened this pull request over 1 year ago

chore: support in README

vinckr opened this pull request over 1 year ago

chore(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0

dependabot[bot] opened this pull request over 1 year ago

Configure JWT authenticator not to logging sensitive data

StanislavStefanov opened this issue over 1 year ago

feat: add distroless images

Demonsthere opened this pull request over 1 year ago

chore(deps): update ory/x to v0.0.565

davidspek opened this pull request over 1 year ago

Observed memory leak in v0.40.3

shoujun opened this issue over 1 year ago

chore(deps): bump github.com/knadh/koanf to v2.0.1

kralicky opened this pull request over 1 year ago

feat: sqa metrics v2

misamu opened this pull request over 1 year ago

chore: update security scanners

Demonsthere opened this pull request over 1 year ago

fix: [Bearer_token] Use Query.Get when fetching QueryParameter

marbergq opened this pull request over 1 year ago

Authenticator: Bearer_token w. "query_parameter" selector consumes request body

marbergq opened this issue over 1 year ago

fix: leak sensitive secrets option not working

joshm91 opened this pull request over 1 year ago

chore(deps): bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible

dependabot[bot] opened this pull request over 1 year ago

X-Forwarded headers missing from oauth2-client-credentials authenticator request on v.0.40.3, breaking hydra TLS termination

mathportillo opened this issue over 1 year ago

Oathkeeper duplicates CORS headers

kamilkloch opened this issue over 1 year ago

test: use reliable upstream server

zepatrik opened this pull request over 1 year ago

fix: switch to `httputil.ReverseProxy.Rewrite`

zepatrik opened this pull request over 1 year ago

chore(deps): bump @nestjs/core and @openapitools/openapi-generator-cli

dependabot[bot] opened this pull request over 1 year ago

Regex path matching isn't working.

KieronWiltshire opened this issue over 1 year ago

fix: sqa config values unified across projects

misamu opened this pull request over 1 year ago

fix: noop mutator don't overwrite session headers

davidspek opened this pull request over 1 year ago

fix: report 499, 502, or 504

alnr opened this pull request over 1 year ago

Allow for easily matching rules using path prefixes

davidspek opened this issue over 1 year ago

The ability to pass oauth scopes to the application layer without having to write checks on every route.

KieronWiltshire opened this issue over 1 year ago

chore(deps): bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible

dependabot[bot] opened this pull request over 1 year ago

feat: tracing for gRPC middleware

alnr opened this pull request over 1 year ago