v1.15-arista

extra-auth: Change behavior from using http headers to cookies

v1.14-arista

auth: Add a new extra authenticator for basic JWT

v1.13-arista

• Add redisfailover as a session type (#30)

v1.12-arista

• merge from upstream as of 0c4ea9a #29
• Fix config watcher reload #28

v1.11-arista

• Fix config watch reloading #26
• Add default rule matching #25

v1.9-arista

Update Go and Alpine.

v1.6-arista

• Add cache headers on auth redirection
• Remove CORS middleware which was always returning 200 on OPTIONS requests (not secure, OPTIONS requests should also be authenticated).

v1.5-arista

Update golang and alpine images

v1.4-arista

• adds an Authorization header containing the users id token (JWT) in addition to the existing user id and group headers. The key for this header can be set through the new TOKEN_HEADER env var.
• Remove k8s_authenticator since it is not used in our environment
• Change authenticator so that the Authenticate interface function has access to the response writer so it can set the token header.
• Define custom Authenticator interface and User struct rather than using the k8s.io/apiserver/pkg/authentication package
• Pull in upstream commit which updates logic for loading session from header or cookie
• Omit USERID and GROUPS headers by default, they can still be included through setting the GROUPS_HEADER and USERID_HEADER environment variables

v1.3-arista

CHANGELOG:

• New autoreload functionality for AuthzConfig file
• Set HttpOnly and Secure attributes for session cookie
• Add LOG_LEVEL env var