feat(cookie): add feature support for cookie-secret-file #3104
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Jun 19, 2025
Contributor
Author
|
@JoelSpeed, @jehiah, @tuunit please help take a look at this PR :)! |
Contributor
Author
|
You beat me to the punch on this one, thanks! |
Contributor
Author
|
@tuunit Thank you! Conflict is resolved. |
Member
|
I don't really understand why you want a separate file for the cookie secret? What's the issue with having it in the config file? And security best practices actually recommend storing crucial data inside environment variables and not storing them in files. Which is why I don't get the point of this PR |
Contributor
Author
You can refer to this related issue for additional context: #2659 — it highlights a similar use case where managing In our internal environment, we are explicitly prohibited from storing secrets in environment variables, and are only allowed to use files (typically mounted from Kubernetes Secrets or similar mechanisms). There are several strong reasons behind this:
So for environments where |
Member
|
You don't have to bombard me with an LLM response 😅 I do understand your use case I just find it peculiar that files are preferred to environment variables. I do get the why though. I personally would treat the whole config file as a secret and therefore one file should be enough. Secret rotation for the cookie doesn't really make sense because it would automatically break all your user sessions but nevertheless let get this PR moving. |
Member
|
@sandy2008 please allow me to push to your PR / repo |
Contributor
Author
Here you go: https://github.com/sandy2008/oauth2-proxy/invitations |
Co-Authored-By: Sandy Chen <Yuxuan.Chen@morganstanley.com> Co-Authored-By: Jan Larwig <jan@larwig.com> Signed-off-by: Jan Larwig <jan@larwig.com>
Member
|
@sandy2008 I added a changelog entry and documentation for the flag and did some minor refactoring to get rid of the unnecessary private getSecretFromFile method. Overall looks good now! |
Member
|
@sandy2008 you have one test failure in |
Contributor
Author
|
@tuunit Seems unit test failed, shall I fix like: |
Contributor
Author
|
FYI, |
Contributor
Author
|
Ooops :) Linting... |
tuunit
approved these changes
Jul 22, 2025
Contributor
|
I believe ticket.go is broken with cookie-secret-file. When making the cookie, you refer directly to Secret, not getSecret(). |
salmanazmat666
pushed a commit
to sensysllc/oauth2-proxy
that referenced
this pull request
Nov 6, 2025
* deps: remove tools/reference-gen from go.mod Remove github.com/oauth2-proxy/tools/reference-gen from dependencies. Instead we are now running it with "go run" with a version suffix. Long version: - github.com/oauth2-proxy/tools/reference-gen is removed from tools/tool/go - in pkg/apis/options/doc.go we now run reference-run with a version suffix (go run package@version) with the version comming from go.mod. - the "//go:generate" line is split in 2 lines (using the -command flag) for readability - "go mod tidy" for cleaning dependencies from go.mod, go.sum Note: we are not upgrading reference-gen here. That will be a further separate change. * chore(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.49.0 * chore(deps): update gomod (oauth2-proxy#2952) * chore(deps): update gomod Co-authored-by: Jan Larwig <jan@larwig.com> * chore(deps): update module github.com/golang-jwt/jwt/v5 to v5.2.2 [security] (oauth2-proxy#3003) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update golang dependencies and pin to latest golang v1.23.x release (oauth2-proxy#3011) Signed-off-by: Jan Larwig <jan@larwig.com> * release v7.8.2 (oauth2-proxy#3012) * update to release version v7.8.2 * docs: release letter --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Jan Larwig <jan@larwig.com> * chore(deps): update dependency golangci/golangci-lint to v1.64.8 (oauth2-proxy#3004) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat: update HashNonce to use crypto/sha256 (oauth2-proxy#2967) Signed-off-by: egibs <20933572+egibs@users.noreply.github.com> * chore(deps): update docker-compose (oauth2-proxy#3005) * docs: fix gitlab docs url for oauth2 integration (oauth2-proxy#3002) * Update gitlab.md with correct url for creating an application * docs: fix gitlab docs url for oauth2 integration --------- Co-authored-by: Jan Larwig <jan@larwig.com> * feat: allow to set non-default authorization request response mode (oauth2-proxy#3001) * Update Go version in devcontainer * Add option to change response mode in authorization request * Fix option name * Update docs and changelog * Rename config value to underscore * Add unit tests for added parameter * Move change to upcoming release * Generate alpha config --------- Co-authored-by: Michael Cornel <michael@stieler.it> * chore(deps): update docker-compose * chore(deps): update gitea/gitea docker tag to v1.23.7 (oauth2-proxy#3030) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Add --bearer-token-login-fallback option (oauth2-proxy#2924) * add --deny-invalid-bearer-tokens * update changelog * PR feedback, update api-routes description * update --api-routes description * revert load_test fix that I needed locally --------- Co-authored-by: Justin Ryan <j.ryan@mwam.com> * chore(deps): update module golang.org/x/net to v0.38.0 [security] (oauth2-proxy#3035) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): upgrade to latest golang v1.23.x release (oauth2-proxy#3041) * chore(deps): update docker-compose (oauth2-proxy#3038) * fix(entra-id): use federated credentials for refresh token (oauth2-proxy#3031) * fix: use federated credentials to refresh token in entra id * fix: add some error handling * chore: update changelog * chore: update comments * chore: update comments * doc: reference entra id docs and clearer phrasing of comments Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * chore(deps): update ghcr.io/dexidp/dex docker tag to v2.42.1 (oauth2-proxy#3044) * doc(entra-id): correct toml field in sample (oauth2-proxy#2946) --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * chore(build): refactoring makefile for better usability and introducing a default help target (oauth2-proxy#2930) * fix: role extraction from access token in keycloak oidc (oauth2-proxy#1916) * Fix wrong token used in Keycloak OIDC provider * Update CHANGELOG for PR oauth2-proxy#1916 * Update tests * fix: keycloak oidc role extraction --------- Co-authored-by: Jan Larwig <jan@larwig.com> * feat: ability to parse JWT encoded profile claims (oauth2-proxy#3014) * fix: parse JWT profile claims * Comment with OIDC specs reference * fix: formatting * Updated changelog --------- Co-authored-by: Jan Larwig <jan@larwig.com> * release: v7.9.0 (oauth2-proxy#3047) * add new docs version 7.9.x * update to release version v7.9.0 * doc: add changelog summary --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Jan Larwig <jan@larwig.com> * docs: clear up multiple-providers is unimplemented (oauth2-proxy#3046) * docs: clear up multiple-providers is unimplemented Currently this configuration option is held up by oauth2-proxy#926. So users don't assume this solution will work for them, and later find the feature is not yet implemented -- own the shortcoming clearly. * doc: add note about missing multi provider implementation to versioned docs --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * docs: add note about version obfuscation to footer option (oauth2-proxy#3051) Signed-off-by: Jan Larwig <jan@larwig.com> * chore(deps): update docker-compose (oauth2-proxy#3074) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): drop golang.org/x/exp/{slices,maps} (oauth2-proxy#3065) Use Go 1.23 stdlib instead: slices, maps. * chore(lint): fix staticcheck issues (oauth2-proxy#3061) * chores: fix staticcheck QF1012 Fix use of fmt.Sprintf when writing to a writer. https://staticcheck.dev/docs/checks/#QF1012 oauth2-proxy#3060 * chores: fix staticcheck QF1003 Use switch instead of multiple if/else. https://staticcheck.dev/docs/checks/#QF1003 oauth2-proxy#3060 * chores: exclude staticcheck QF1008 for now We aim to migrate golangci-lint to v2 Let's disable QF1008 (Omit embedded fields from selector expression) for now. https://staticcheck.dev/docs/checks/#QF1008 * chores: fix golangci config: run.deadline -> timeout Rename config option to match v1 documentation: deadline -> timeout. https://golangci.github.io/legacy-v1-doc/usage/configuration/#run-configuration This error has been spotted by golangci-lint v2 migration tool. * chores: fix staticcheck QF1012 * chores: major upgrade of golangci-lint from v1.64.8 to v2.1.6 (oauth2-proxy#3062) .golangci.yml migrated with "golangci-lint migrated" and then tweaked to add comments back. * feat: support for multiple github orgs (oauth2-proxy#3072) * fix for github teams * Update github.go * added errorhandling * Update github.md * refactored GitHub provider refactored hasOrg, hasOrgAndTeams and hasTeam into hasAccess to stay within function limit * reverted Refactoring * refactored github.go - joined hasOrgAndTeamAccess into checkRestrictions * refactored github.go - reduced number of returns of function checkRestrictions to 4 * updated GitHub provider to accept legacy team ids * GoFmt and golangci-lint Formatted with GoFmt and followed recommendations of GoLint * added Tests added Tests for checkRestrictions. * refactored in maintainer feedback * Removed code, documentation and tests for legacy ids * add changelog and update docs --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * Create FUNDING.yml * feat: bump to go1.24.5 and full dependency update (oauth2-proxy#3116) * upgrade to go1.24.5 dependency updates lint fixes chore(deps): upgrade github.com/spf13/viper to v1.20.1 Note that this upgrade also implied to upgrade github.com/mitchellh/mapstructure (nowadays unmaintained: https://gist.github.com/mitchellh/90029601268e59a29e64e55bab1c5bdc) to github.com/go-viper/mapstructure/v2. fix: adapt tests to match mapstructure v2 error messages pkg/apis/options/load_test.go: skip tests on Go 1.23 Add a compile guard for Go < 1.24 for the pkg/apis/options/load_test.go because the LoadYAML test depends on error messages produced by encoding/json that changed slightly (names of embedded structs are now reported). As we updated the test for go1.24, the test now fails on 1.23, but just for a slight difference, so we disable the test there. fix: adapt tests to match mapstructure v2 error messages remove pre 1.24 disclaimer add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> Co-Authored-By: Olivier Mengué <dolmen@cpan.org> * add exclusion for 'avoid meaningless package names' in .golangci.yml * chore(dep): upgrade all dependencies Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Olivier Mengué <dolmen@cpan.org> Co-authored-by: Jan Larwig <jan@larwig.com> * chore(deps): update dependency golangci/golangci-lint to v2.2.2 (oauth2-proxy#3111) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.51.0 (oauth2-proxy#3098) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update example docker-compose files (oauth2-proxy#3096) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update helm examples (oauth2-proxy#2951) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update alpine base image to v3.22.0 (oauth2-proxy#3097) * chore(deps): update alpine docker tag to v3.22.0 * add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Jan Larwig <jan@larwig.com> * fix: return error for empty Redis URL list (oauth2-proxy#3101) * fix: return error for empty Redis URL list * add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * add new docs version 7.10.x * update to release version v7.10.0 * add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> * chore(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.52.0 (oauth2-proxy#3131) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update gomod (oauth2-proxy#3132) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update helm release oauth2-proxy to v7.14.1 (oauth2-proxy#3133) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update docker-compose (oauth2-proxy#3130) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update alpine docker tag to v3.22.1 (oauth2-proxy#3129) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cookie) csrf per request limit (oauth2-proxy#3134) * Allow setting maximum number of csrf cookies, deleting the oldest if necessary * Add a test for multiple CSRF cookies to remove the old cookie * Add docs/changelog * If limit is <=0 do not clear Signed-off-by: test <bert@transtrend.com> * Better docs Co-authored-by: Jan Larwig <jan@larwig.com> * direct check of option value Co-authored-by: Jan Larwig <jan@larwig.com> * direct use of option value Co-authored-by: Jan Larwig <jan@larwig.com> * sort based on clock compare vs time compare Co-authored-by: Jan Larwig <jan@larwig.com> * clock.Clock does not implement Compare, fix csrf cookie extraction after rename Signed-off-by: Bert Helderman <bert@transtrend.com> * Linter fix * add method signature documentation and slight formatting Signed-off-by: Jan Larwig <jan@larwig.com> * fix: test case for csrf cookie limit and flag Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Bert Helderman <bert@transtrend.com> Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: test <bert@transtrend.com> Co-authored-by: bh-tt <71650427+bh-tt@users.noreply.github.com> * fix: show login page on broken session cookie (oauth2-proxy#2605) * fix: redirect on invalid cookie * docs: update changelog * chore: remove duplicated code * fix: status code handling if wrong http method is used --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * Fix local-environment ports (oauth2-proxy#3136) * Change Dex port in local-environment from 4190 to 5556 Port 4190 is blocked by standards-compliant browsers (e.g. Firefox), as per https://fetch.spec.whatwg.org/#port-blocking. Port 5556 is used by Dex in its example config files: https://github.com/dexidp/dex/blob/745e1114f341e849f3b0edde45b39c14017deaf8/examples/config-dev.yaml#L50 * Fix upstream in local-environment/oauth2-proxy.cfg http://httpbin.localtest.me:8080 is only exposed to the host, not to httpbin Docker network. Causes Bad Gateway before. * Do not expose unauthenticated httpbin service in local-environment This defeats the point of having oauth2-proxy. It has already been misleading by causing the bug fixed in cafc6af. It serves as a bad example: users might accidentally expose the service they're trying to protect in the first place. * Remove unnecessary httpbin.localtest.me alias from local-environment * feat: allow use more possible google admin-sdk api scopes (oauth2-proxy#2743) * feat: Allow use more possible google admin-sdk api scopes. * reduce cognitive complexity Signed-off-by: Bob Du <i@bobdu.cc> * remove unnecessary else block / indentation Signed-off-by: Jan Larwig <jan@larwig.com> * add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> * slight formatting and error message rephrasing Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Bob Du <i@bobdu.cc> Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * feat: add SourceHut (sr.ht) provider (oauth2-proxy#2359) * Add SourceHut (sr.ht) provider * fix changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * fix: regex substitution for $ signs in upstream path handling before running envsubst (oauth2-proxy#2524) * Perform a regex replace of $NUM to $$NUM before running envsubst * Perform a regex replace of $NUM to $$NUM before running envsubst * add test case; fix linter warnings; add method documentation Signed-off-by: Jan Larwig <jan@larwig.com> * add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * feat(cookie): add feature support for cookie-secret-file (oauth2-proxy#3104) * feat: add feature support for cookie-secret-file --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-Authored-By: Sandy Chen <Yuxuan.Chen@morganstanley.com> Co-authored-by: Jan Larwig <jan@larwig.com> * feat: use non-default authorization request response mode in OIDC providers (oauth2-proxy#3055) * fix: OIDC sets response mode * Update CHANGELOG * feat: make google-groups argument optional (oauth2-proxy#3138) add test cases update documentation refactor code and some cleanup update changelog Signed-off-by: Jan Larwig <jan@larwig.com> * feat: differentiate between "no available key" and error for redis sessions (oauth2-proxy#3093) * add some better error handling * add changelog entry Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * Merge commit from fork Signed-off-by: Jan Larwig <jan@larwig.com> * release v7.11.0 (oauth2-proxy#3145) * add new docs version 7.11.x * update to release version v7.11.0 * add changelog entry for v7.11.0 Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Jan Larwig <jan@larwig.com> * fix: port for local-environment (oauth2-proxy#3148) * feat(e2e): add workflow to trigger e2e test suite through PR comments (oauth2-proxy#3153) * feat(e2e): add workflow to trigger e2e test suite through PR comments * add empty line * feat: add Cidaas provider (oauth2-proxy#2273) * Add sensible logging flag to default setup for logger * Fix default value flag for sensitive logging * Remove sensitive logging changes * Add Cidaas provider * Update CHANGELOG.md * Add required groups scope to defaults * Fix tests * Remove if block with protected resource * Fix linting * Adjust provider sorting, fixes * Directly handle error return Co-authored-by: Jan Larwig <jan@larwig.com> * Use less deep nesting Co-authored-by: Jan Larwig <jan@larwig.com> * Directly handle returned error Co-authored-by: Jan Larwig <jan@larwig.com> * Pass provider options to Cidaas provider Co-authored-by: Jan Larwig <jan@larwig.com> * Add import for provider options * Fix tests * Fix linting * Add Cidaas doc page * Add Cidaas provider doc page to overview * Fix link in docs * Fix link in docs * Add link to Cidaas * fix provider order in docs and changelog position Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Teko012 <112829523+Teko012@users.noreply.github.com> Co-authored-by: Jan Larwig <jan@larwig.com> Co-authored-by: Kevin Kreitner <kevinkreitner@gmail.com> * chore(dep): upgrade to latest golang 1.24.6 (oauth2-proxy#3166) Signed-off-by: Jan Larwig <jan@larwig.com> * chore(deps): update actions/checkout action to v5 (oauth2-proxy#3164) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency golangci/golangci-lint to v2.4.0 (oauth2-proxy#3161) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update docker-compose (oauth2-proxy#3160) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat: allow disable-keep-alives configuration in upstream (oauth2-proxy#3156) Signed-off-by: Jan Larwig <jan@larwig.com> * fix: Gitea team membership (oauth2-proxy#3150) * bugfix: Gitaa team membership Gitea doesn't properly fill in all the fields like GitHub, so implement a series of fallbacks. Signed-off-by: magic_rb <magic_rb@redalder.org> * add changelog, documentation and fix groups list Signed-off-by: Jan Larwig <jan@larwig.com> --------- Signed-off-by: magic_rb <magic_rb@redalder.org> Signed-off-by: Jan Larwig <jan@larwig.com> Co-authored-by: Jan Larwig <jan@larwig.com> * add new docs version 7.12.x Signed-off-by: Jan Larwig <jan@larwig.com> * update to release version v7.12.0 * add changelog entry for v7.12.0 Signed-off-by: Jan Larwig <jan@larwig.com> * doc: SourceHut documentation fixes (oauth2-proxy#3170) * fix: SourceHut documentation - Add it to sidebar and provider index - Fix broken link This fixes an oversight in oauth2-proxy#2359, where I had not fully understood how the documentation works. Signed-off-by: Conrad Hoffmann <ch@bitfehler.net> * fix: doc build instructions in docs/README.md --------- Signed-off-by: Conrad Hoffmann <ch@bitfehler.net> * chore(deps): update actions/upload-pages-artifact action to v4 (oauth2-proxy#3194) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * doc: update contribution guide to avoid a specific mention of the version of Go being used. (oauth2-proxy#3157) * fix(deps): revert actions/upload-pages-artifact action to v3 (oauth2-proxy#3211) Signed-off-by: Richard Ahlquist <richard.jimmy.johansson@gmail.com> * chore(deps): update alpine docker tag to v3.22.2 (oauth2-proxy#3241) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update actions/setup-node action to v6 (oauth2-proxy#3242) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update actions/stale action to v10 (oauth2-proxy#3193) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update actions/setup-go action to v6 (oauth2-proxy#3191) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update actions/labeler action to v6 (oauth2-proxy#3190) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update helmv3 (oauth2-proxy#3189) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update docker-compose (oauth2-proxy#3188) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency golangci/golangci-lint to v2.5.0 (oauth2-proxy#3212) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore: CI-1455 remove comments * chore: CI-1455 update docs/configs/alpha-configs.yaml after generate * fix: CI-1455 lint --------- Signed-off-by: Jan Larwig <jan@larwig.com> Signed-off-by: egibs <20933572+egibs@users.noreply.github.com> Signed-off-by: Bert Helderman <bert@transtrend.com> Signed-off-by: Bob Du <i@bobdu.cc> Signed-off-by: magic_rb <magic_rb@redalder.org> Signed-off-by: Conrad Hoffmann <ch@bitfehler.net> Signed-off-by: Richard Ahlquist <richard.jimmy.johansson@gmail.com> Co-authored-by: Olivier Mengué <dolmen@cpan.org> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Jan Larwig <jan@larwig.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Evan Gibler <20933572+egibs@users.noreply.github.com> Co-authored-by: Copolycube <kaourintin+github@gmail.com> Co-authored-by: Michael Cornel <michael@stieler.it> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Justin Ryan <jryan@verticalresponse.com> Co-authored-by: Justin Ryan <j.ryan@mwam.com> Co-authored-by: Enrico <enrico.pelizzon@gmail.com> Co-authored-by: Richard Hagen <richard.hagen@gmail.com> Co-authored-by: Michael Niksa <miniksa@microsoft.com> Co-authored-by: Guillaume "Elektordi" Genty <github@elektordi.net> Co-authored-by: ikarius <fred@ikarius.com> Co-authored-by: Evan Carroll <me@evancarroll.com> Co-authored-by: Daniel Mersch <94058351+daniel-mersch@users.noreply.github.com> Co-authored-by: Edward Viaene <ward.viaene@gmail.com> Co-authored-by: Daniel Givens <1581675+dgivens@users.noreply.github.com> Co-authored-by: test <bert@transtrend.com> Co-authored-by: bh-tt <71650427+bh-tt@users.noreply.github.com> Co-authored-by: Johann <76482511+Primexz@users.noreply.github.com> Co-authored-by: Simmo Saan <simmo.saan@gmail.com> Co-authored-by: Bob Du <i@bobdu.cc> Co-authored-by: Conrad Hoffmann <1226676+bitfehler@users.noreply.github.com> Co-authored-by: Ashkan Daie <1415513+dashkan@users.noreply.github.com> Co-authored-by: Sandy Chen <sandy19890604@gmail.com> Co-authored-by: Sandy Chen <Yuxuan.Chen@morganstanley.com> Co-authored-by: Sourav Agrawal <146818014+sourava01@users.noreply.github.com> Co-authored-by: nobletrout <nobletrout@gmail.com> Co-authored-by: Theron Boerner <hunterboerner@gmail.com> Co-authored-by: Kevin Kreitner <kevin.kreitner@real-digital.de> Co-authored-by: Teko012 <112829523+Teko012@users.noreply.github.com> Co-authored-by: Kevin Kreitner <kevinkreitner@gmail.com> Co-authored-by: jet <71936688+jet-go@users.noreply.github.com> Co-authored-by: Richard Brežák <richard@brezak.sk> Co-authored-by: David Symonds <dsymonds@gmail.com> Co-authored-by: Richard Ahlquist <richard.jimmy.johansson@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR adds a new command-line option
--cookie-secret-filethat allows users to specify a file path containing the cookie secret, similar to the existing--client-secret-fileoption. This enhancement provides a more secure way to handle cookie secrets, especially in containerized environments and when using secret management systems.Changes made:
SecretFilefield to theCookiestruct with appropriate tagsGetSecret()method that reads from file ifSecretFileis set, otherwise returns inlineSecret--cookie-secret-filecommand-line flag with validationGetSecret()methodFixes: #2659
Motivation and Context
Currently, oauth2-proxy only supports setting the cookie secret via the
--cookie-secretcommand-line argument or environment variables, which can be problematic in secure environments where secrets should not be passed as command-line arguments or environment variables that might be logged or exposed.This change addresses the need for:
--client-secret-fileoptionHow Has This Been Tested?
Unit Tests:
GetSecret()method covering both inline and file-based scenariosIntegration Tests:
--cookie-secretusageManual Testing:
Affected Components Tested:
Checklist: