Commit Graph

204 Commits

Author SHA1 Message Date
renovate[bot]
f1a4c46196
build(deps): update module github.com/fasthttp/session/v2 to v2.4.0 (#2108)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-22 07:07:26 +10:00
renovate[bot]
d5fcfeda61
build(deps): update module github.com/fasthttp/router to v1.4.0 (#2107)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-21 22:14:38 +10:00
renovate[bot]
81069101a2
build(deps): update module github.com/valyala/fasthttp to v1.27.0 (#2106)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-21 19:53:24 +10:00
James Elliott
438555886e
build(deps): replace jwt-go (#2092)
This replaces github.com/dgrijalva/jwt-go and github.com/form3tech-oss/jwt-go with github.com/golang-jwt/jwt which will be the maintained package going forward.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-06-18 10:39:19 +10:00
renovate[bot]
df2a442896
build(deps): update module github.com/spf13/viper to v1.8.0 (#2087)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-17 09:43:21 +10:00
renovate[bot]
6de4f9ea61
build(deps): update module github.com/golang/mock to v1.6.0 (#2079)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-12 18:21:21 +10:00
renovate[bot]
c2a9afe9af
build(deps): update module gopkg.in/square/go-jose.v2 to v2.6.0 (#2065)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-06 09:06:19 +10:00
renovate[bot]
f798ffffdf
build(deps): update module github.com/fasthttp/router to v1.3.14 (#2052)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-06-02 06:30:09 +10:00
renovate[bot]
2454c2145d
build(deps): update module github.com/valyala/fasthttp to v1.26.0 (#2051) 2021-06-01 20:21:05 +10:00
renovate[bot]
b27603c6d7
build(deps): update module github.com/ory/fosite to v0.40.2 (#2024)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-31 11:31:02 +10:00
James Elliott
3735f256c0
build(deps): replace github.com/dgrijalva/jwt-go (#2036)
Replaces github.com/dgrijalva/jwt-go with github.com/form3tech-oss/jwt-go.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-31 11:15:05 +10:00
James Elliott
bbecf632af
fix(server): revert github.com/valyala/fasthttp to v1.24.0 (#2021) 2021-05-24 09:01:19 +10:00
renovate[bot]
a56cffa129
build(deps): update module github.com/fasthttp/router to v1.3.13 (#2013)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-21 10:21:32 +10:00
renovate[bot]
fa8c7173fb
build(deps): update module github.com/valyala/fasthttp to v1.25.0 (#2012)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-21 09:01:09 +10:00
renovate[bot]
1e69bc2835
build(deps): update module github.com/otiai10/copy to v1.6.0 (#1989)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-05-10 01:59:50 +10:00
James Elliott
9931087246
refactor: forcibly use latest go-sqlite3 (#1982)
This is necessary to force the latest version of go-sqlite3 due to an issue with the release lifecycle upstream and due to deep dependencies. Basically go-sqlite3 v2 should never have been released and v1 is now the supported version. This was introduced due to including fosite. The dependency chain looks like this: github.com/ory/fosite@v0.39.0 => github.com/ory/x@v0.0.162 => github.com/gobuffalo/pop/v5@v5.0.11 => github.com/gobuffalo/nulls@v0.2.0.
2021-05-06 15:52:27 +10:00
James Elliott
ddea31193b
feature(oidc): add support for OpenID Connect
OpenID connect has become a standard when it comes to authentication and
in order to fix a security concern around forwarding authentication and authorization information
it has been decided to add support for it.

This feature is in beta version and only enabled when there is a configuration for it.
Before enabling it in production, please consider that it's in beta with potential bugs and that there
are several production critical features still missing such as all OIDC related data is stored in
configuration or memory. This means you are potentially going to experience issues with HA
deployments, or when restarting a single instance specifically related to OIDC.

We are still working on adding the remaining set of features before making it GA as soon as possible.

Related to #189

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-05 00:15:36 +02:00
renovate[bot]
ec17389a54
build(deps): update module github.com/fasthttp/session/v2 to v2.3.2 (#1962)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-04-30 11:57:33 +10:00
renovate[bot]
908146d6f0
build(deps): update module github.com/fasthttp/router to v1.3.12 (#1961)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-04-30 09:54:49 +10:00
renovate[bot]
7831212d02
build(deps): update module github.com/valyala/fasthttp to v1.24.0 (#1957)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-04-29 08:57:33 +10:00
renovate[bot]
dafd61f08d
build(deps): update module github.com/simia-tech/crypt to v0.5.0 (#1938)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-21 22:25:38 +02:00
renovate[bot]
fed55be3e1
build(deps): update module github.com/mattn/go-sqlite3 to v1.14.7 (#1914)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-14 21:49:42 +02:00
renovate[bot]
f087de68f8
build(deps): update module github.com/otiai10/copy to v1.5.1 (#1894)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-08 09:03:53 +10:00
renovate[bot]
09f5aaec25
build(deps): update module github.com/go-ldap/ldap/v3 to v3.3.0 (#1890)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-06 12:19:20 +10:00
renovate[bot]
a5cdf54912
build(deps): update module github.com/fasthttp/session/v2 to v2.3.1 (#1888)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-05 20:22:06 +10:00
renovate[bot]
f646aa5242
build(deps): update module github.com/fasthttp/router to v1.3.11 (#1887)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-05 06:38:09 +10:00
renovate[bot]
64258f93af
build(deps): update module golang.org/x/text to v0.3.6 (#1882)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-02 08:32:57 +11:00
renovate[bot]
ef14e3842c
build(deps): update module github.com/go-sql-driver/mysql to v1.6.0 (#1880)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-01 20:53:47 +11:00
renovate[bot]
122c9126db
build(deps): update module github.com/workiva/go-datastructures to v1.0.53 (#1868)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-30 11:15:30 +11:00
renovate[bot]
0c893a2880
build(deps): update module github.com/valyala/fasthttp to v1.23.0 (#1867)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-30 10:36:31 +11:00
renovate[bot]
322592f679
build(deps): update module github.com/fasthttp/router to v1.3.10 (#1856)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-27 09:13:15 +11:00
renovate[bot]
2b75e98402
build(deps): update module github.com/jackc/pgx/v4 to v4.11.0 (#1850)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 09:04:32 +11:00
James Elliott
e3e8df26f2
refactor(session): use github.com/fasthttp/session/v2 instead of github.com/authelia/session/v2 (#1809)
Reverts to the upstream library instead of our maintenance fork.
2021-03-13 16:06:19 +11:00
renovate[bot]
5001749b1b
build(deps): update module github.com/sirupsen/logrus to v1.8.1 (#1792)
* build(deps): update module github.com/sirupsen/logrus to v1.8.1

* fix: go mod tidy (go.sum)

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-10 11:33:14 +11:00
James Elliott
e041143f87
feat(session): add redis sentinel provider (#1768)
* feat(session): add redis sentinel provider

* refactor(session): use int for ports as per go standards

* refactor(configuration): adjust tests and validation

* refactor(configuration): add err format consts

* refactor(configuration): explicitly map redis structs

* refactor(session): merge redis/redis sentinel providers

* refactor(session): add additional checks to redis providers

* feat(session): add redis cluster provider

* fix: update config for new values

* fix: provide nil certpool to affected tests/mocks

* test: add additional tests to cover uncovered code

* docs: expand explanation of host and nodes relation for redis

* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum

* fix(session): sentinel password

* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config

* test: make entrypoint.sh executable, fix entrypoint.sh if/elif

* test: add redis failover tests

* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging

* test: add sentinel integration test

* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep

* feat: use sentinel failover cluster

* fix: renamed addrs to sentineladdrs upstream

* test(session): sentinel failover

* test: add redis standard back into testing

* test: move redis standalone test to traefik2

* fix/docs: apply suggestions from code review
2021-03-10 10:03:05 +11:00
renovate[bot]
5cf98de225
build(deps): update module github.com/fasthttp/router to v1.3.9 (#1775)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 22:03:47 +11:00
renovate[bot]
e2f08f568a
build(deps): update module github.com/valyala/fasthttp to v1.22.0 (#1772)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 11:27:03 +11:00
renovate[bot]
abe8e438a2
build(deps): update module github.com/fasthttp/router to v1.3.8 (#1771)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-02 08:58:28 +11:00
Amir Zarrinkafsh
4f099b76d7
build(deps): downgrade module github.com/mattn/go-sqlite3 to v1.14.6 (#1758) 2021-02-23 14:51:31 +11:00
renovate[bot]
d000e5dbeb
build(deps): update module github.com/otiai10/copy to v1.5.0 (#1753)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-23 05:41:51 +11:00
renovate[bot]
30d45dd3fc
build(deps): update module github.com/sirupsen/logrus to v1.8.0 (#1747)
* build(deps): update module github.com/sirupsen/logrus to v1.8.0

* go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-02-22 21:52:08 +11:00
renovate[bot]
b10adf6cf4
build(deps): update module github.com/golang/mock to v1.5.0 (#1746)
* build(deps): update module github.com/golang/mock to v1.5.0

* build(deps): go mod tidy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-02-22 20:33:17 +11:00
renovate[bot]
68af1fdfca
build(deps): update module github.com/authelia/session/v2 to v2.4.1 (#1745)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 17:48:10 +11:00
James Elliott
0f7891a823
build(deps): update module github.com/valyala/fasthttp to v1.21.0 (#1755) 2021-02-22 16:37:40 +11:00
renovate[bot]
e77ef2d1dc
build(deps): update module github.com/spf13/cobra to v1.1.3 (#1741)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 15:47:07 +11:00
Amir Zarrinkafsh
74721a9f41
feat: go:embed static assets (#1733)
* feat: go:embed static assets

Go 1.16 introduced the ability to embed files within a generated binary directly with the go tool chain. This simplifies our dependencies and the significantly improves the development workflow for future developers.

Key points to note:

Due to the inability to embed files that do not reside within the local package we need to duplicate our `config.template.yml` within `internal/configuration`.

To avoid issues with the development workflow empty mock files have been included within `internal/server/public_html`. These are substituted with the respective generated files during the CI/CD and build workflows.

* fix(suites): increase ldap suite test timeout

* fix(server): fix swagger asset CSP
2021-02-22 10:07:06 +11:00
Amir Zarrinkafsh
aac5170ddc
ci: remove dependabot (#1696)
da5892faad introduced renovate to Authelia.
Now that it has been evaluated dependabot is no longer necessary and can be removed.
2021-02-04 13:06:23 +11:00
renovate[bot]
f1664fea00
build(deps): update module spf13/cobra to v1 (#1676)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 20:27:06 +11:00
renovate[bot]
d2c1e6afa5
build(deps): update module yaml to v2.4.0 (#1671)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 14:18:46 +11:00
renovate[bot]
895b69d871
build(deps): update module sirupsen/logrus to v1.7.0 (#1667)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 14:00:57 +11:00
renovate[bot]
cfb1ee020e
build(deps): update module pquerna/otp to v1.3.0 (#1665)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:44:15 +11:00
renovate[bot]
6a0ed57196
build(deps): update module otiai10/copy to v1.4.2 (#1664)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:30:22 +11:00
renovate[bot]
c53e590585
build(deps): update module jackc/pgx/v4 to v4.10.1 (#1663)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 13:12:26 +11:00
renovate[bot]
0baf8b808a
build(deps): update module fasthttp/router to v1.3.5 (#1662)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:57:08 +11:00
renovate[bot]
158c70a24c
build(deps): update module data-dog/go-sqlmock to v1.5.0 (#1661)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 12:43:08 +11:00
renovate[bot]
6b1d9d14e7
build(deps): update module golang.org/x/text to v0.3.5 (#1654)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-31 10:27:33 +11:00
renovate[bot]
ccb7e7e955
build(deps): update module go-ldap/ldap/v3 to v3.2.4 (#1653) 2021-01-31 09:50:01 +11:00
renovate[bot]
a089c03fa3
build(deps): update module valyala/fasthttp to v1.19.0 (#1670)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 21:02:31 +11:00
renovate[bot]
bce802621b
build(deps): update module stretchr/testify to v1.7.0 (#1669)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 20:44:07 +11:00
renovate[bot]
a35d9de242
build(deps): update github.com/duosecurity/duo_api_golang commit hash to 0e07e9f (#1646)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 19:49:12 +11:00
renovate[bot]
1448908e40
build(deps): update github.com/asaskevich/govalidator commit hash to 7a23bdc (#1645)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-01-30 18:06:58 +11:00
James Elliott
2763aefe81
[BUGFIX] Static Session Expiration Key (#1564)
* [BUGFIX] Static Session Expiration Key

* keys for session expiration are random for each instance of Authelia
* this is caused by upstream setting it to a random value
* using a temporary bugfix fork of github.com/fasthttp/session to resolve locally
* add some misc doc additions
2020-12-29 12:44:47 +11:00
James Elliott
365304a684
[FEATURE] Add Optional Check for Session Username on VerifyGet (#1427)
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15
2020-12-02 10:03:44 +11:00
James Elliott
a92b0bff1d
[FEATURE] Plain Text Email Notifications (#1238)
* add a plain text email template
* use plain text email template for file based emails
* add config option to SMTP emails named disable_html_emails
  * config option is a boolean that when set to true will only send plain text emails
* add docs for more complex SMTP notifier options
* update template
* add rfc1341 multipart logic to notifier
* check for errors after identity_verification

* * fix nil ptr
* go mod tidy
* remove needless checks

* * use multipart/atlernative instead

* * add rfc5322 compliant date header

* * fix linting issues
2020-08-21 12:16:23 +10:00
dependabot-preview[bot]
f1968343c3
[MISC] (deps): Bump github.com/spf13/viper from 1.7.0 to 1.7.1 (#1251)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.7.0...v1.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-04 09:07:38 +10:00
dependabot-preview[bot]
b9eb94f658
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.8.0 to 4.8.1 (#1244)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.8.0...v4.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-31 12:10:51 +10:00
dependabot-preview[bot]
07c4e96927
[MISC] (deps): Bump github.com/golang/mock from 1.4.3 to 1.4.4 (#1242)
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.3...v1.4.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-30 09:44:38 +02:00
dependabot-preview[bot]
e0774d1524
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.3 to 1.2.4 (#1223)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.3...v1.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 11:29:01 +02:00
dependabot-preview[bot]
fd0de434c4
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.2 to 4.8.0 (#1221)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.2...v4.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-07-25 00:26:03 +02:00
dependabot-preview[bot]
ebd391d67a
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.2.0 to 2.2.1 (#1219)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.2.0...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-24 23:43:11 +02:00
dependabot-preview[bot]
3ae95e6bf0
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.1 to 2.2.0 (#1217)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.1...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 12:11:12 +10:00
dependabot-preview[bot]
9134b0aa8e
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.2 to 1.2.3 (#1216)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.2...v1.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-21 11:37:22 +10:00
dependabot-preview[bot]
0b18d08f01
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.2 to 3.2.3 (#1213)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.2...v3.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-20 12:05:19 +10:00
dependabot-preview[bot]
eb638ec579
[MISC] (deps): Bump github.com/jackc/pgx/v4 from 4.7.1 to 4.7.2 (#1207)
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.7.1...v4.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-17 09:29:24 +10:00
James Elliott
ea1fae6491
[MISC] Storage Schema Versioning Model (#1057)
* [MISC] Storage Schema Versioning Model 

* fixup go.sum
* remove pq
* fix int to text issue
* fix incorrect SQL text
* use key_name vs key
* use transactions for all queries during upgrades
* fix missing parenthesis
* move upgrades to their own file
* add provider name for future usage in upgrades
* fix missing create config table values
* fix using the const instead of the provider SQL
* import logging once and reuse
* update docs
* remove db at suite teardown
* apply suggestions from code review
* fix mysql
* make errors more uniform
* style changes
* remove commented code sections
* remove commented code sections
* add schema version type
* add sql mock unit tests
* go mod tidy
* test blank row situations
2020-07-16 15:56:08 +10:00
dependabot-preview[bot]
e5d02d4b06
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.14.0 to 1.15.1 (#1200)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.14.0 to 1.15.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.14.0...v1.15.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 23:32:54 +02:00
dependabot-preview[bot]
c5c41c6111
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.1 to 3.2.2 (#1199)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.1...v3.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-07-15 11:01:35 +10:00
dependabot-preview[bot]
24ea88156b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.2.0 to 3.2.1 (#1152)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.0...v3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 10:21:14 +10:00
dependabot-preview[bot]
0e206660ef
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.11 to 3.2.0 (#1128)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.11 to 3.2.0.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.11...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:57:16 +10:00
Amir Zarrinkafsh
ff7f9a50ab
[FEATURE] Docker simplification and configuration generation (#1113)
* [FEATURE] Docker simplification and configuration generation
The Authelia binary now will attempt to generate configuration based on the latest template assuming that the config location specified on startup does not exist. If a file based backend is selected and the backend cannot be found similarly it will generate a `user_database.yml` based a template.

This will allow more seamless bootstrapping of an environment no matter the deployment method.

We have also squashed the Docker volume requirement down to just `/config` thus removing the requirement for `/var/lib/authelia` this is primarily in attempts to simplify the Docker deployment.

Users with the old volume mappings have two options:
1. Change their mappings to conform to `/config`
2. Change the container entrypoint from `authelia --config /config/configuration.yml` to their old mapping

* Adjust paths relative to `/etc/authelia` and simplify to single volume for compose
* Add generation for file backend based user database
* Refactor Docker volumes and paths to /config
* Refactor Docker WORKDIR to /app
* Fix integration tests
* Update BREAKING.md for v4.20.0
* Run go mod tidy
* Fix log_file_path in miscellaneous.md docs
* Generate config and userdb with 0600 permissions
* Fix log_file_path in config.template.yml
2020-06-17 16:25:35 +10:00
dependabot-preview[bot]
53ea5a067a
[MISC] (deps): Bump github.com/fasthttp/router from 1.2.1 to 1.2.2 (#1116)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 22:27:45 +02:00
dependabot-preview[bot]
9ae68999e8
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.10 to 3.1.11 (#1115)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.10 to 3.1.11.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.10...v3.1.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-15 10:56:29 +10:00
dependabot-preview[bot]
532ccb8fdf
[MISC] (deps): Bump github.com/lib/pq from 1.6.0 to 1.7.0 (#1106)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-11 10:24:18 +10:00
dependabot-preview[bot]
1a82d3192b
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.7 to 1.2.1 (#1102)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.7 to 1.2.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.7...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-06-09 23:14:15 +02:00
dependabot-preview[bot]
a08856a7dd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7 (#1099)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.6 to 1.1.7

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.6...v1.1.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Update go.sum

* Update go.sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 11:08:49 +10:00
dependabot-preview[bot]
cd38e9aa3f
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.1.0 to 2.1.1 (#1098)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.1.0...v2.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 09:27:17 +10:00
dependabot-preview[bot]
ef0c0fe8bf
[MISC] (deps): Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 (#1095)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 08:35:03 +10:00
Amir Zarrinkafsh
33e5677f87
[MISC] Update and clean go.mod/go.sum (#1076) 2020-06-04 13:34:25 +10:00
dependabot-preview[bot]
94a5386aff
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.5 to 1.1.6 (#1079)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.5...v1.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 21:12:15 +02:00
dependabot-preview[bot]
431d059c2e
[MISC] (deps): Bump github.com/lib/pq from 1.5.2 to 1.6.0 (#1067)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 09:52:45 +10:00
dependabot-preview[bot]
844a4c58d1
[MISC] (deps): Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 (#1066)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 08:52:59 +10:00
dependabot-preview[bot]
5d3f010a1f
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.4 to 1.1.5 (#1058)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:53:52 +02:00
dependabot-preview[bot]
54fe2a9abd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.3 to 1.1.4 (#1054)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.3...v1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-26 21:32:37 +02:00
dependabot-preview[bot]
9eda7fb612
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.0.2 to 2.1.0 (#1055)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.0.2...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:20 +02:00
dependabot-preview[bot]
2b8a8a24a1
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.12.0 to 1.13.1 (#1056)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.12.0 to 1.13.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.12.0...v1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:10 +02:00
dependabot-preview[bot]
00fa11020e
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3 (#1048)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* fix sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-25 08:54:38 +10:00
dependabot-preview[bot]
70e0bba1d1
[MISC] (deps): Bump github.com/otiai10/copy from 1.1.1 to 1.2.0 (#1047)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 21:31:04 +02:00
dependabot-preview[bot]
b5f27b7451
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.1 to 1.1.2 (#1041)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 08:04:45 +10:00
Clément Michaud
fe5ebfb75a
[FEATURE] Bump to fasthttp/session/v2 to support redis unix socket. (#1001)
* [FEATURE] Bump to fasthttp/session/v2 to support redis unix socket.

* Fix lint issues.

* Remove v1 import and fix double import.

* [DOCS] Document use of redis unix socket.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-18 12:45:47 +10:00
James Elliott
73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00