aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2018-04-28Stick to Data.AesonIgor Pashev1-2/+1
2017-12-19Drop StackIgor Pashev2-16/+2
2017-12-19Clean importsIgor Pashev3-19/+16
Drop `containers`.
2017-10-31Use Template HaskellIgor Pashev1-5/+4
2017-10-17Remove unused extensionIgor Pashev1-1/+0
2017-10-14Update stack.yamlIgor Pashev1-2/+5
2017-10-14Use voidIgor Pashev1-3/+2
2017-09-21Allow configure backend response timeoutIgor Pashev3-2/+7
2017-09-21Delete extra spaceIgor Pashev1-1/+1
2017-08-06Version 1.96.01.96.0Igor Pashev2-1/+15
2017-08-06Format with hindentIgor Pashev11-650/+708
2017-08-06Encode full URL in stateIgor Pashev1-5/+5
Encode full URL in state, not just path. Use encoded URL for cross-domain redirect. This is useful for OAuth2 providers that do not support multiple callback URLs, like https://oauth.yandex.com/
2017-08-06Fix POST requests for tokensIgor Pashev2-118/+131
Really use application/x-www-form-urlencoded instead of query paramaters. Apparently, Google and LinkedIn are too tolerant. Yandex is not.
2017-08-06Add .hindent.yamlIgor Pashev1-0/+3
2017-08-06Support stackIgor Pashev2-0/+14
2017-08-06Add YandexIgor Pashev5-10/+105
https://tech.yandex.com/oauth/
2017-06-07Fix commentIgor Pashev1-1/+1
2017-05-15Version 1.95.01.95.0Igor Pashev2-1/+9
2017-05-13Respond with 502 on every backend exceptionIgor Pashev1-2/+6
From RFC 7231: 6.6.3. 502 Bad Gateway The 502 (Bad Gateway) status code indicates that the server, while acting as a gateway or proxy, received an invalid response from an inbound server it accessed while attempting to fulfill the request.
2017-05-13Add end-point for checking access in a bunchIgor Pashev5-36/+140
2017-04-20ChangeLog: updated linkIgor Pashev1-1/+1
2017-02-07Version 1.94.11.94.1Igor Pashev2-1/+8
2017-02-07Oops ¯\_(ツ)_/¯Igor Pashev1-1/+1
2017-01-30Version 1.94.01.94.0Igor Pashev2-1/+16
2017-01-15README: replace HTTP Basic authenticationIgor Pashev1-1/+3
2017-01-03TypoIgor Pashev1-1/+1
2016-12-27Disregard possible port in the Host HTTP headerIgor Pashev2-13/+16
Motivation: to make it easy to switch Sproxy's primary port. This could be useful when running private (behind Sproxy) and public (e. g. nginx) HTTPS services on the same server. In such a setup one can use port 443 for public services and alt. HTTPS port 8443 for Sproxy. Before this change, Sproxy took possible port number into account when looking for backend and privileges. Now it ignores port and considers domain name only. This also gets Sproxy in line with browsers and SSL certificates: certificates do not include port numbers, browsers ignore ports when sending cookies.
2016-12-27Suggest alternative HTTPS port 8443Igor Pashev1-1/+4
2016-12-18BREAKING: no wildcards for domain namesIgor Pashev2-3/+3
This feature was ambiguous (in the same way as paths are) and never used anyway.
2016-12-18sproxy.sql: updated exampleIgor Pashev1-1/+4
SQL wildcards are no longer supported for HTTP methods
2016-12-14TypoIgor Pashev1-1/+1
2016-12-13Version 1.93.01.93.0Igor Pashev2-1/+12
2016-12-10Examples: removed yaml markersIgor Pashev2-9/+0
They don't make much sense in files.
2016-12-05datafile.yml.example -> datafile.example.ymlIgor Pashev3-2/+2
2016-12-05sproxy.yml.example -> sproxy.example.ymlIgor Pashev3-2/+2
2016-12-01BREAKING: Allow !include in config fileIgor Pashev3-25/+16
This changes semantics of these options: - key - oauth2.<provider>.client_secret They are no longer files, but strings. To read content from files, use !include. The point of being files or read from files is to segregate secrets from non-sensitive easily discoverable settings. With !include it is much more simple and flexible.
2016-11-30Restructured README.mdIgor Pashev1-11/+11
2016-11-29TypoIgor Pashev1-1/+1
2016-11-28Version 1.92.01.92.0Igor Pashev2-1/+14
2016-11-28Allow running in plain HTTP mode (no SSL)Igor Pashev3-27/+73
This can be useful when Sproxy is behind some other proxy or load-balancer.
2016-11-28sproxy.sql: add "user" tableIgor Pashev1-6/+11
This will allow simple listing, removing and renaming users (changing email). It also will allow synchronizing Sproxy database with other sources. Note that this change is not compatible with current SproxyWeb, so don't try to update production databases. Speaking of synchronization, more then added, it's important that account are deleted automatically.
2016-11-28Apply same settings to redirect serverIgor Pashev1-7/+7
2016-11-26Version 1.91.01.91.0Igor Pashev2-1/+10
2016-11-26Refactored data importIgor Pashev1-63/+54
Use persistent prepared statements for PostgreSQL data source. Import should be faster from now on.
2016-11-26Cleaned READMEIgor Pashev1-7/+0
2016-11-26Populate permission database from a fileIgor Pashev8-45/+234
2016-11-26Version 1.90.21.90.2Igor Pashev2-1/+15
2016-11-25Make sure all HTTP headers are UTF8-encodedIgor Pashev7-49/+94
Especially X-Family-Name, X-Given-Name. Since we get all the data from JSON and JSON is in UTF8 by default RFC 7159, we are safe. Refactored to make it less error-prone and to get as small number of encoding/decoding as possible.
2016-11-25/.sproxy/logout just redirects if no cookieIgor Pashev1-20/+20
2016-11-24Disable printing exceptionsIgor Pashev1-2/+4
We have our own traps and logging.