Commit Graph

34 Commits

Author SHA1 Message Date
Clement Michaud
4016ff1bba [BREAKING] Create a suite for Traefik proxy.
* Removal of the Redirect header sent by Authelia /api/verify endpoint.
* Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host
  to compute the link sent in identity verification emails.
* Authelia used Host header as the application name for U2F authentication but it's now using
  X-Forwarded-* headers.
2019-04-12 09:24:54 +02:00
Clement Michaud
36d65c284e Add a test checking forwarded headers on bypass-based resources. 2019-04-10 22:34:15 +02:00
Clement Michaud
8a76b5118d Add network criteria in ACLs to specify policy based on network subnet. 2019-03-31 20:11:07 +02:00
Clement Michaud
81207b49ad Fix failing second factor when no default redirection url set.
When no default redirection url was set, Duo push second factor was shown as
failing even if authentication was successful.
2019-03-28 22:38:16 +01:00
Clement Michaud
28cc5e7e1b Fix integration tests. 2019-03-24 23:29:46 +01:00
Clement Michaud
a717b965c1 Display only available 2FA methods.
For instance Duo Push Notification method is not displayed if the API
is not configured.
2019-03-24 22:23:25 +01:00
Clement Michaud
d09a307ff8 Fix redirection after 2FA method change.
Authelia was using links with href="#" that changed the URL when clicked
on. Therefore, this commit removes the href property and apply link style
to tags without href property.
2019-03-24 20:02:55 +01:00
Clement Michaud
8ef402511c Add Duo Push Notification option as 2FA. 2019-03-24 15:15:49 +01:00
Clement Michaud
d9e487c99f Display only one 2FA option.
Displaying only one option at 2FA stage will allow to add more options
like DUO push or OAuth.

The user can switch to other option and in this case the option is
remembered so that next time, the user will see the same option. The
latest option is considered as the prefered option by Authelia.
2019-03-23 19:34:00 +01:00
Clement Michaud
76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud
6ce0ae5d90 Remove description of suites and use suite name instead. 2019-03-03 11:39:41 +01:00
Clement Michaud
c534753c2c Increase timeout to prepare environment to 30 seconds. 2019-03-03 11:39:40 +01:00
Clement Michaud
d82ebfab0e Move dockerhub example in a suite. 2019-03-03 11:39:40 +01:00
Clement Michaud
a1c9bb6302 Improve authelia-scripts to add suites with Docker-based Authelia server. 2019-03-03 11:39:40 +01:00
Clement Michaud
4adb0569ac Display Authelia server logs when tests fail. 2019-03-03 11:39:40 +01:00
Clement Michaud
ecdc91b221 Leave more room for Authelia to spawn and terminate. 2019-03-03 11:39:40 +01:00
Clement Michaud
7ee1e39b8d Build before running integration tests. 2019-03-03 11:39:40 +01:00
Clement Michaud
b3d381bfa7 Fix integration and unit tests. 2019-03-03 11:39:40 +01:00
Clement Michaud
50d4ab1368 Finish migrating integration tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud
3702d6607d Replace WaitRedirected assertion by VerifyUrlIs. 2019-03-03 11:39:40 +01:00
Clement Michaud
036d1a4f51 Replace SeeNotification by VerifyNotificationDisplayed assertion. 2019-03-03 11:39:40 +01:00
Clement Michaud
c487ed0a37 Migrate more tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud
595ee97182 Add test behavior VisitPageAndWaitUrlIs. 2019-03-03 11:39:40 +01:00
Clement Michaud
c579355c5b Migrate more Cucumber tests into Mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud
efceb66ffa Migrate some tests to mocha. 2019-03-03 11:39:40 +01:00
Clement Michaud
c5af4498ab Introduce the concept of suite in authelia-scripts. 2019-03-03 11:39:40 +01:00
Clement Michaud
d3a790627e Fix inactivity Ãe2e tests. 2019-03-03 11:39:40 +01:00
Clement Michaud
d2a547eca6 Fix e2e tests for complete configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud
c5eb86e0fd Fix e2e test with minimal configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud
42581dfe93 Fix open redirection vulnerability.
In order to redirect the user after authentication, Authelia uses
rd query parameter provided by the proxy. However an attacker could
use phishing to make the user be redirected to a bad domain. In order
to avoid the user to be redirected to a bad location, Authelia now
verifies the redirection URL is under the protected domain.
2018-11-17 17:48:20 +01:00
Clement Michaud
05c423c6f8 Add integration test for keep me logged in feature. 2018-10-23 20:41:02 +02:00
Clément Michaud
9dab40c2ce
Add support for users database on disk. (#262)
In order to simplify the deployment of Authelia for
testing, LDAP is now optional made optional thanks
to users database stored in a file. One can update
the file manually even while Authelia is running.

With this feature the minimal configuration requires
only two components: Authelia and nginx.

The users database is obviously made for development
environments only as it prevents Authelia to be scaled
to more than one instance.

Note: Configuration has been updated. Key `ldap` has
been nested in `authentication_backend`.
2018-08-26 10:30:43 +02:00
Clément Michaud
c503765dd6
Implement retry mechanism for broken connections to mongo (#258)
Before this patch, when Authelia started, if Mongo was not
up and running, Authelia failed to connect and never retried.
Now, everytime Authelia faces a broken connection, it tries
to reconnect during the next operation.
2018-08-19 16:51:36 +02:00
Clement Michaud
6d6162f26c Add tests for minimal configuration 2018-08-10 00:12:04 +02:00