├── .github ├── dependabot.yml ├── resources │ └── hosts ├── scripts │ ├── build_and_test.sh │ ├── cleanup │ │ └── main.go │ └── prepare │ │ └── main.go └── workflows │ ├── build_and_test.yml │ └── tagged-release.yml ├── .gitignore ├── Dockerfile ├── LICENSE ├── README.md ├── cmd └── haproxy-spoe-auth │ └── main.go ├── docker-compose.yml ├── docs ├── configuration.md ├── images │ ├── architecture-oidc.png │ └── sequence-oidc.png ├── ldap.md ├── openidconnect.md └── performance.md ├── go.mod ├── go.sum ├── internal ├── agent │ └── agent.go └── auth │ ├── aes_encryptor.go │ ├── aes_encryptor_test.go │ ├── authenticator.go │ ├── authenticator_ldap.go │ ├── authenticator_oidc.go │ ├── errors.go │ ├── messages.go │ ├── oidc_clients_store.go │ ├── oidc_clients_store_test.go │ ├── signature.go │ ├── signature_hmac_sha256.go │ ├── signature_hmac_sha256_test.go │ └── templates.go ├── resources ├── configuration │ └── config.yml ├── dex │ └── config.yaml ├── haproxy │ ├── haproxy.cfg │ └── spoe-auth.conf ├── ldap │ └── 01-base.ldif ├── nginx │ └── default.conf ├── protected │ ├── index.html │ └── secret.html ├── scripts │ ├── entrypoint.sh │ ├── run-with-debug.sh │ └── run.sh ├── unauthorized │ └── index.html └── unprotected │ └── index.html └── tests ├── actions.go ├── assertions.go ├── const.go ├── ldap_authentication_test.go ├── oidc_authentication_test.go ├── public_test.go └── webdriver.go /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/resources/hosts: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/resources/hosts -------------------------------------------------------------------------------- /.github/scripts/build_and_test.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/scripts/build_and_test.sh -------------------------------------------------------------------------------- /.github/scripts/cleanup/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/scripts/cleanup/main.go -------------------------------------------------------------------------------- /.github/scripts/prepare/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/scripts/prepare/main.go -------------------------------------------------------------------------------- /.github/workflows/build_and_test.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/workflows/build_and_test.yml -------------------------------------------------------------------------------- /.github/workflows/tagged-release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/.github/workflows/tagged-release.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | haproxy-ldap-auth 3 | 4 | .vscode/ 5 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/README.md -------------------------------------------------------------------------------- /cmd/haproxy-spoe-auth/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/cmd/haproxy-spoe-auth/main.go -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docker-compose.yml -------------------------------------------------------------------------------- /docs/configuration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docs/configuration.md -------------------------------------------------------------------------------- /docs/images/architecture-oidc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docs/images/architecture-oidc.png -------------------------------------------------------------------------------- /docs/images/sequence-oidc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docs/images/sequence-oidc.png -------------------------------------------------------------------------------- /docs/ldap.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docs/ldap.md -------------------------------------------------------------------------------- /docs/openidconnect.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docs/openidconnect.md -------------------------------------------------------------------------------- /docs/performance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/docs/performance.md -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/go.sum -------------------------------------------------------------------------------- /internal/agent/agent.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/agent/agent.go -------------------------------------------------------------------------------- /internal/auth/aes_encryptor.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/aes_encryptor.go -------------------------------------------------------------------------------- /internal/auth/aes_encryptor_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/aes_encryptor_test.go -------------------------------------------------------------------------------- /internal/auth/authenticator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/authenticator.go -------------------------------------------------------------------------------- /internal/auth/authenticator_ldap.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/authenticator_ldap.go -------------------------------------------------------------------------------- /internal/auth/authenticator_oidc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/authenticator_oidc.go -------------------------------------------------------------------------------- /internal/auth/errors.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/errors.go -------------------------------------------------------------------------------- /internal/auth/messages.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/messages.go -------------------------------------------------------------------------------- /internal/auth/oidc_clients_store.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/oidc_clients_store.go -------------------------------------------------------------------------------- /internal/auth/oidc_clients_store_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/oidc_clients_store_test.go -------------------------------------------------------------------------------- /internal/auth/signature.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/signature.go -------------------------------------------------------------------------------- /internal/auth/signature_hmac_sha256.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/signature_hmac_sha256.go -------------------------------------------------------------------------------- /internal/auth/signature_hmac_sha256_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/signature_hmac_sha256_test.go -------------------------------------------------------------------------------- /internal/auth/templates.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/internal/auth/templates.go -------------------------------------------------------------------------------- /resources/configuration/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/configuration/config.yml -------------------------------------------------------------------------------- /resources/dex/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/dex/config.yaml -------------------------------------------------------------------------------- /resources/haproxy/haproxy.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/haproxy/haproxy.cfg -------------------------------------------------------------------------------- /resources/haproxy/spoe-auth.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/haproxy/spoe-auth.conf -------------------------------------------------------------------------------- /resources/ldap/01-base.ldif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/ldap/01-base.ldif -------------------------------------------------------------------------------- /resources/nginx/default.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/nginx/default.conf -------------------------------------------------------------------------------- /resources/protected/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/protected/index.html -------------------------------------------------------------------------------- /resources/protected/secret.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/protected/secret.html -------------------------------------------------------------------------------- /resources/scripts/entrypoint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/scripts/entrypoint.sh -------------------------------------------------------------------------------- /resources/scripts/run-with-debug.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/scripts/run-with-debug.sh -------------------------------------------------------------------------------- /resources/scripts/run.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/scripts/run.sh -------------------------------------------------------------------------------- /resources/unauthorized/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/unauthorized/index.html -------------------------------------------------------------------------------- /resources/unprotected/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/resources/unprotected/index.html -------------------------------------------------------------------------------- /tests/actions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/actions.go -------------------------------------------------------------------------------- /tests/assertions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/assertions.go -------------------------------------------------------------------------------- /tests/const.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/const.go -------------------------------------------------------------------------------- /tests/ldap_authentication_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/ldap_authentication_test.go -------------------------------------------------------------------------------- /tests/oidc_authentication_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/oidc_authentication_test.go -------------------------------------------------------------------------------- /tests/public_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/public_test.go -------------------------------------------------------------------------------- /tests/webdriver.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/criteo/haproxy-spoe-auth/HEAD/tests/webdriver.go --------------------------------------------------------------------------------