sso
sso copied to clipboard
buzzfeed
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
### TL;DR If an invalid `COOKIE_SECRET` value is given, sso should provide guidance for how to generate a valid one rather than a cryptic error message. Bonus points for providing...
Now that we're versioning, it's generally useful to be able to introspect what version of a binary you have. For Go specifically, I also find it useful to know what...
We should add a `--help` CLI flag to both `sso-auth` and `sso-proxy` that outputs documentation about configuration, for anyone exploring or debugging the apps at the command line. At the...
Not all environments may have need for metrics collection, as such the following options should be optional or have defaults: * STATSD_HOST * STATSD_PORT
**Is your feature request related to a problem? Please describe.** Create a default provider for the authenticator that can be used for quick-start purposes rather than having to set up...
Signed-off-by: Nam Hai Nguyen ## Problem Logging pkg doesn't use either RFC3339 or ISO 8601 time format, then we have to parse SSO logs specifically. ## Solution Use a valid...
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames...
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20190620200207-3b0461eec859 to 0.17.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
## Problem unnecessary use of fmt.Sprintf. ## Solution remove fmt.Sprintf ## Notes Other pertinent information. Examples: a walkthrough of how the solution might work, why this solution is optimal compared...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.23.12 to 1.34.0. Changelog Sourced from github.com/aws/aws-sdk-go's changelog. Release v1.34.0 (2020-08-07) Service Client Updates service/glue: Updates service API and documentation AWS Glue now adds support for Network...