-
Notifications
You must be signed in to change notification settings - Fork 148
Externalise configuration and secrets #70
base: master
Are you sure you want to change the base?
Commits on May 28, 2020
-
Merge pull request #2 from iress/fix-code-challenge-import
Fix codeChallenge import
Configuration menu - View commit details
-
Copy full SHA for c7be318 - Browse repository at this point
Copy the full SHA c7be318View commit details
Commits on May 29, 2020
-
Configuration menu - View commit details
-
Copy full SHA for ff883df - Browse repository at this point
Copy the full SHA ff883dfView commit details -
Configuration menu - View commit details
-
Copy full SHA for dd7fd03 - Browse repository at this point
Copy the full SHA dd7fd03View commit details
Commits on May 31, 2020
-
Configuration menu - View commit details
-
Copy full SHA for a228ede - Browse repository at this point
Copy the full SHA a228edeView commit details
Commits on Jun 5, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 655da6c - Browse repository at this point
Copy the full SHA 655da6cView commit details -
Configuration menu - View commit details
-
Copy full SHA for fb89b40 - Browse repository at this point
Copy the full SHA fb89b40View commit details
Commits on Jun 16, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 36bec4c - Browse repository at this point
Copy the full SHA 36bec4cView commit details
Commits on Jul 16, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 748a756 - Browse repository at this point
Copy the full SHA 748a756View commit details
Commits on Jul 17, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 280de0b - Browse repository at this point
Copy the full SHA 280de0bView commit details
Commits on Jul 31, 2020
-
Configuration menu - View commit details
-
Copy full SHA for c1bade0 - Browse repository at this point
Copy the full SHA c1bade0View commit details
Commits on Oct 5, 2020
-
Use access token and dont re-sign using custom keys. (#13)
Verify the access_token instead of the id_token. Set the TOKEN cookie with the signed access_token and make it secure http only Removed logic to re-sign the token using custom signing key.
Configuration menu - View commit details
-
Copy full SHA for 1d83d49 - Browse repository at this point
Copy the full SHA 1d83d49View commit details
Commits on Oct 7, 2020
-
* Merge Latest fix from origin repo (#15) * Very basic XSS prevention * Parse `%20` as spaces before printing them Co-authored-by: Payton Garland <[email protected]> Co-authored-by: Thomas <[email protected]> * Use the id_token nonce to validate. Co-authored-by: Payton Garland <[email protected]> Co-authored-by: Thomas <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for c0941d5 - Browse repository at this point
Copy the full SHA c0941d5View commit details
Commits on Oct 8, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 5eba0d3 - Browse repository at this point
Copy the full SHA 5eba0d3View commit details
Commits on Apr 29, 2021
-
Configuration menu - View commit details
-
Copy full SHA for ac736eb - Browse repository at this point
Copy the full SHA ac736ebView commit details
Commits on May 3, 2021
-
Merge pull request #18 from iress/PFS-1811
PFS-1811 Add scope variable for AUTH_REQUEST
Configuration menu - View commit details
-
Copy full SHA for 30d2dd8 - Browse repository at this point
Copy the full SHA 30d2dd8View commit details -
* PFS-1811 Update READ.ME * Fix typo Co-authored-by: Adrian Grucza <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 4785c61 - Browse repository at this point
Copy the full SHA 4785c61View commit details
Commits on Jul 26, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 30ef2cc - Browse repository at this point
Copy the full SHA 30ef2ccView commit details
Commits on Jul 30, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 18b00ac - Browse repository at this point
Copy the full SHA 18b00acView commit details
Commits on Sep 8, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 912a036 - Browse repository at this point
Copy the full SHA 912a036View commit details
Commits on Sep 12, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 16abdc5 - Browse repository at this point
Copy the full SHA 16abdc5View commit details
Commits on Sep 29, 2021
-
allow secrets manager secrets to be encrypted with a CMK
Chris Wilson committedSep 29, 2021 Configuration menu - View commit details
-
Copy full SHA for 9bd02c2 - Browse repository at this point
Copy the full SHA 9bd02c2View commit details -
Chris Wilson committed
Sep 29, 2021 Configuration menu - View commit details
-
Copy full SHA for 70bbe91 - Browse repository at this point
Copy the full SHA 70bbe91View commit details
Commits on Sep 30, 2021
-
Merge pull request #25 from iress/encrypt-sec-manager-secret-cmk
Encrypt sec manager secret cmk
Configuration menu - View commit details
-
Copy full SHA for 57af25c - Browse repository at this point
Copy the full SHA 57af25cView commit details
Commits on Nov 30, 2021
-
Allow user to specify a customized IDP. (#26)
Signed-off-by: QiFanIress <[email protected]>
Qi Fan committedNov 30, 2021 Configuration menu - View commit details
-
Copy full SHA for 863ec52 - Browse repository at this point
Copy the full SHA 863ec52View commit details
Commits on Dec 1, 2021
-
Update fault value of IDP to be a space to avoid SSM parameter creati…
…on issue. (#27)
Qi Fan committedDec 1, 2021 Configuration menu - View commit details
-
Copy full SHA for 2b9e826 - Browse repository at this point
Copy the full SHA 2b9e826View commit details
Commits on Oct 12, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 89df7c3 - Browse repository at this point
Copy the full SHA 89df7c3View commit details
Commits on Oct 14, 2022
-
secret rotation now depends on the permissions
This fixes a bug where if you deploy the components one by one with parallelism=1, deploying the secret rotation fails because of a lack of permission to call the rotation lambda.
Configuration menu - View commit details
-
Copy full SHA for 3946160 - Browse repository at this point
Copy the full SHA 3946160View commit details
Commits on Oct 17, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 5c9c396 - Browse repository at this point
Copy the full SHA 5c9c396View commit details -
Merge pull request #29 from Tar-Elendil/provider_constraint_update
remove max version constraint on provider
Configuration menu - View commit details
-
Copy full SHA for 699dcf8 - Browse repository at this point
Copy the full SHA 699dcf8View commit details
Commits on Nov 7, 2022
-
fix: Migrate away from 'override_json' which is deprecated in AWS Pro…
…vider V4 - NOTE: 'override_policy_documents' is available since 3.28.0
Configuration menu - View commit details
-
Copy full SHA for 0fb3237 - Browse repository at this point
Copy the full SHA 0fb3237View commit details
Commits on Nov 9, 2022
-
Configuration menu - View commit details
-
Copy full SHA for c6c30b5 - Browse repository at this point
Copy the full SHA c6c30b5View commit details
Commits on Nov 10, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 51ee344 - Browse repository at this point
Copy the full SHA 51ee344View commit details -
Configuration menu - View commit details
-
Copy full SHA for 21b2496 - Browse repository at this point
Copy the full SHA 21b2496View commit details
Commits on Nov 11, 2022
-
Configuration menu - View commit details
-
Copy full SHA for cd16605 - Browse repository at this point
Copy the full SHA cd16605View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9ca91fb - Browse repository at this point
Copy the full SHA 9ca91fbView commit details
Commits on Nov 14, 2022
-
Merge pull request #36 from iress-ac/add-logout-route
implement logout
Configuration menu - View commit details
-
Copy full SHA for 505eebe - Browse repository at this point
Copy the full SHA 505eebeView commit details
Commits on Nov 15, 2022
-
Configuration menu - View commit details
-
Copy full SHA for b1af407 - Browse repository at this point
Copy the full SHA b1af407View commit details -
Merge pull request #37 from iress/default-logout-path
Correct default logout path
Configuration menu - View commit details
-
Copy full SHA for 095c614 - Browse repository at this point
Copy the full SHA 095c614View commit details
Commits on Jul 12, 2023
-
Merge pull request #32 from iress/deprecation_fix
fix: Migrate away from 'override_json' which is deprecated in AWS Pro…
Configuration menu - View commit details
-
Copy full SHA for f4c0e44 - Browse repository at this point
Copy the full SHA f4c0e44View commit details
Commits on Sep 22, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 8455c15 - Browse repository at this point
Copy the full SHA 8455c15View commit details -
Configuration menu - View commit details
-
Copy full SHA for d9e32aa - Browse repository at this point
Copy the full SHA d9e32aaView commit details
Commits on Sep 25, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 6fc36a2 - Browse repository at this point
Copy the full SHA 6fc36a2View commit details -
Configuration menu - View commit details
-
Copy full SHA for c5fc6c4 - Browse repository at this point
Copy the full SHA c5fc6c4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 801f50d - Browse repository at this point
Copy the full SHA 801f50dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7d0c091 - Browse repository at this point
Copy the full SHA 7d0c091View commit details
Commits on Sep 26, 2023
-
Merge pull request #41 from iress/node-18
include nodejs18.x in build targets
Configuration menu - View commit details
-
Copy full SHA for 35b12be - Browse repository at this point
Copy the full SHA 35b12beView commit details -
Merge pull request #39 from iress/DP-481
Configure NONCE and CV cookies as `secure` for pkce
Configuration menu - View commit details
-
Copy full SHA for bf49023 - Browse repository at this point
Copy the full SHA bf49023View commit details -
Configuration menu - View commit details
-
Copy full SHA for d1a2225 - Browse repository at this point
Copy the full SHA d1a2225View commit details -
Merge pull request #40 from iress/DP-479
All cookies sameSite as `Strict` for pkce
Configuration menu - View commit details
-
Copy full SHA for fee9836 - Browse repository at this point
Copy the full SHA fee9836View commit details -
Configuration menu - View commit details
-
Copy full SHA for ac267da - Browse repository at this point
Copy the full SHA ac267daView commit details -
Configuration menu - View commit details
-
Copy full SHA for 360ada9 - Browse repository at this point
Copy the full SHA 360ada9View commit details -
Merge pull request #42 from iress/openid-secure-samesite
Set cookies as `secure` and `samesite: strict`in open github and openid
Configuration menu - View commit details
-
Copy full SHA for c84be23 - Browse repository at this point
Copy the full SHA c84be23View commit details -
include node 14 in "engines" of package
allows tooling to identify engine version
Configuration menu - View commit details
-
Copy full SHA for 888a212 - Browse repository at this point
Copy the full SHA 888a212View commit details
Commits on Sep 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for abc09fa - Browse repository at this point
Copy the full SHA abc09faView commit details -
Configuration menu - View commit details
-
Copy full SHA for d34734d - Browse repository at this point
Copy the full SHA d34734dView commit details -
Merge pull request #44 from iress/content-type
include Content-Type header in responses
Configuration menu - View commit details
-
Copy full SHA for 60915a5 - Browse repository at this point
Copy the full SHA 60915a5View commit details -
Configuration menu - View commit details
-
Copy full SHA for d46dbbe - Browse repository at this point
Copy the full SHA d46dbbeView commit details -
Merge pull request #43 from iress/footer
Correct footers to correct repository url
Configuration menu - View commit details
-
Copy full SHA for 0d6d923 - Browse repository at this point
Copy the full SHA 0d6d923View commit details
Commits on Oct 2, 2023
-
replace dependancy 'entities' with 'html-entities'
This is due to licensing consern. 'html-entities' is distributed with the MIT license .
Configuration menu - View commit details
-
Copy full SHA for 185bfdb - Browse repository at this point
Copy the full SHA 185bfdbView commit details -
Merge pull request #38 from iress/DP-803
URI encode template replacement to avoid XSS
Configuration menu - View commit details
-
Copy full SHA for 1d9f87a - Browse repository at this point
Copy the full SHA 1d9f87aView commit details -
update npm dependancies to remove vulnerabilities
all `npm audit` vulnerability severities removed by updating referenced versions note: some are breaking change updates
Configuration menu - View commit details
-
Copy full SHA for 4454871 - Browse repository at this point
Copy the full SHA 4454871View commit details -
Merge pull request #45 from iress/v4
Version 4: Resolution of security (pen test) findings, dependancy vulnerabilities and other small updates
Configuration menu - View commit details
-
Copy full SHA for 183bf6b - Browse repository at this point
Copy the full SHA 183bf6bView commit details -
Whilst the app runs on nodejs18.x, the AWS SKD supplied is version 3.x and this app references version 2.x. A lambda layer can be supplied for this to work. nodejs16.x comes bundled with v2.x of the AWS SDK, so no futher intervention is required.
Configuration menu - View commit details
-
Copy full SHA for 483f7e1 - Browse repository at this point
Copy the full SHA 483f7e1View commit details -
Merge pull request #46 from iress/fix-aws-sdk
default runtime to nodejs16.x
Configuration menu - View commit details
-
Copy full SHA for 59cdf41 - Browse repository at this point
Copy the full SHA 59cdf41View commit details
Commits on Oct 3, 2023
-
set SameSite cookie attribute to lax for CV and NONCE
This enables authentication that isn't embeded into the same site. e.g. changing host to Okta to log in, then back to site once authenticated.
Configuration menu - View commit details
-
Copy full SHA for 5824dc9 - Browse repository at this point
Copy the full SHA 5824dc9View commit details -
Merge pull request #47 from iress/SameSite-lax
Set SameSite cookie attribute to Lax for CV and NONCE
Configuration menu - View commit details
-
Copy full SHA for f051484 - Browse repository at this point
Copy the full SHA f051484View commit details -
Configuration menu - View commit details
-
Copy full SHA for 03efeef - Browse repository at this point
Copy the full SHA 03efeefView commit details -
Merge pull request #48 from iress/fix-same-site
fix: stop redirect loop caused by TOKEN cookie not sent
Configuration menu - View commit details
-
Copy full SHA for bdd68f0 - Browse repository at this point
Copy the full SHA bdd68f0View commit details