Affected by GO-2022-0783 and 4 other vulnerabilities

GO-2022-0783: JWT leak via Open Redirect in Programmatic access in github.com/pomerium/pomerium

GO-2022-0933: Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomerium

GO-2023-1800: Pomerium vulnerable to Incorrect Authorization with specially crafted requests in github.com/pomerium/pomerium

GO-2024-2965: Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium

GO-2024-3179: Pomerium service account access token may grant unintended access to databroker API in github.com/pomerium/pomerium

gitlab

package

v0.10.0-rc2 Latest Latest Go to latest Published: Jul 20, 2020 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Package gitlab implements OpenID Connect for Gitlab

View Source

const Name = "gitlab"

Name identifies the GitLab identity provider.

This section is empty.

This section is empty.

type Provider struct {
	*pom_oidc.Provider
}

Provider is a Gitlab implementation of the Authenticator interface.

func New(ctx context.Context, o *oauth.Options) (*Provider, error)

New instantiates an OpenID Connect (OIDC) provider for Gitlab.