lukaszraczylo
2d1b04c637
review fixes apr 2026 ( #130 )
...
* Multiple fixes
- refresh coordinator dedup + memory pressure wire
- middleware sse consolidation + timer leak + claim cache
- universal cache sync backfill + isDebug gate
- lazy background task race
- memory monitor stw cached + refresh() api
* fix(auth): suppress OIDC redirects on non-navigation requests
- [x] Add isNonNavigationRequest using Sec-Fetch-Mode and Accept headers
- [x] Add comprehensive TestIsNonNavigationRequest
- [x] Update ServeHTTP to 401 non-navigation and AJAX requests
Fixes #129
* feat(config): add custom CA and insecure skip verify for OIDC TLS
- [x] Add CACertPath, CACertPEM, InsecureSkipVerify to Config
- [x] Implement loadCACertPool for CA bundle loading
- [x] Update HTTPClientConfig with RootCAs and InsecureSkipVerify
- [x] Apply CA pool and skip verify to pooled HTTP clients
- [x] Enhance configKey to distinguish TLS configs
- [x] Add comprehensive ca_cert_test.go
Fixes #125
* feat(oidc): add custom CA certificate support for private OIDC providers
- [x] Add caCertPath, caCertPEM, insecureSkipVerify config options
- [x] Update traefik.yml with new OIDC client config fields
- [x] Add configuration schema descriptions for new options
- [x] Update README table and add Custom CA Certificates section
* Fix the documentation.
* test(redis): add oversized argument rejection test
- [x] Add TestRedisConn_RejectOversizedArgumentBytes
- [x] Import strings package
* Dependencies cleanup
2026-04-19 10:12:00 +01:00
lukaszraczylo
9d52f1b018
feat(core): refactor linters config and improve code quality ( #119 )
...
- [x] Reorganize golangci-lint configuration with documented disable reasons
- [x] Simplify errcheck and revive linter rules with targeted exclusions
- [x] Pre-compile regex patterns in input_validation.go for performance
- [x] Fix type assertions in memory_shard.go and resp.go with safety checks
- [x] Replace string comparison with EqualFold for case-insensitive matching
- [x] Fix loop variable captures in jwk.go and logout.go
- [x] Change high goroutine log level from Info to Debug in autocleanup.go
- [x] Replace deprecated "cancelled" spelling with "canceled" throughout
- [x] Add nolint annotations for intentional unused parameters
- [x] Improve comment formatting for deprecated functions
- [x] Fix comment spelling: "marshalling" → "marshaling"
- [x] Refactor provider warnings formatting in internal/providers/warnings.go
- [x] Simplify metrics summary building in internal/recovery/metrics.go
- [x] Pre-allocate slice in error_recovery.go GetDegradedServices
- [x] Refactor context cancellation checks in redis.go
2026-01-15 10:40:49 +00:00
lukaszraczylo
6efb78b7a8
Smarter approach to the cookies ( #103 )
...
* Smarter approach to the cookies
- Single maxCookieSize = 1400 constant with clear documentation
- Combined cookie storage for ~40-45% size reduction
- Backward compatible migration from legacy cookies
* Tuneup the code.
2025-12-12 18:35:06 +00:00
lukaszraczylo
5fcbd54955
Add sharded cache and prevention of CPU spikes / locks ( #96 )
...
* Add sharded cache and prevention of CPU spikes / locks
* Add dynamic client registration with oidc provider
* Fix race condition introduced during the sharded cache implementation.
* Add page for traefikoidc.
2025-11-30 01:41:12 +00:00
lukaszraczylo
1e4142a7fb
release 0.7.2 ( #66 )
...
* Remove trailing / from metadata provider.
* Resolves issue #67
- Before: 100 concurrent requests → 300+ refresh attempts → OOM
- After: 100 concurrent requests → 1 refresh attempt → Stable memory
Added following changes:
- Introduced a refresh coordinator to manage concurrent refresh requests
- Implemented a test to simulate high concurrency and verify memory stability
* Issue #67 fixed.
2025-09-25 12:52:53 +01:00
lukaszraczylo