Commit Graph

3101 Commits

Author SHA1 Message Date
James Elliott
6b3246a6d3
docs: refactor and update security (#1944)
Refactors the secrurity documentation to be up-to-date and conform to our style guidelines. Additionally went over each part and reworded things that needed it.
2021-06-01 14:11:33 +10:00
James Elliott
cef35fadcd
feat(configuration): add error and warn log levels (#2050)
This is so levels like warn and error can be used to exclude info or warn messages. Additionally there is a reasonable refactoring of logging moving the log config options to the logging key because there are a significant number of log options now. This also decouples the expvars and pprof handlers from the log level, and they are now configured by server.enable_expvars and server.enable_pprof at any logging level.
2021-06-01 14:09:50 +10:00
Frederic Hemberger
4cfda7eece
fix(docs): Update link to Lite bundle (#2048) 2021-06-01 01:17:26 +02:00
Amir Zarrinkafsh
05df642f3e
feat: add option to keep stdout logging with log_file_path (#2037)
Currently if a `log_file_path` is defined Authelia will redirect all logging from standard output to said defined location. This change allows users to keep standard output logging along with a defined `log_file_path`.
2021-05-31 14:02:54 +10:00
dependabot[bot]
03a1b004cf
build(deps): bump dns-packet from 1.3.1 to 1.3.4 in /web (#2040)
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-31 11:52:49 +10:00
renovate[bot]
b27603c6d7
build(deps): update module github.com/ory/fosite to v0.40.2 (#2024)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-31 11:31:02 +10:00
James Elliott
3735f256c0
build(deps): replace github.com/dgrijalva/jwt-go (#2036)
Replaces github.com/dgrijalva/jwt-go with github.com/form3tech-oss/jwt-go.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-31 11:15:05 +10:00
renovate[bot]
1c510edbf3
build(deps): update dependency react-otp-input to v2.3.1 (#2043)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-31 10:04:20 +10:00
Amir Zarrinkafsh
2b95acb82a
ci(buildkite): add tag for highavailability suite (#2038)
Allows granular control for node assignment on the high availability testing suite.
2021-05-27 14:23:56 +10:00
renovate[bot]
e82ca61c7a
build(deps): update dependency typescript to v4.3.2 (#2034)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-27 08:26:48 +10:00
renovate[bot]
263e6f1dcf
build(deps): update dependency @types/react to v17.0.8 (#2033)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-26 15:50:04 +10:00
renovate[bot]
d28d36b568
build(deps): update haproxy docker tag to v2.4.0 (#2004)
* build(deps): update haproxy docker tag to v2.4.0

* fix(suites): fix haproxy dockerfile user

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-26 14:13:53 +10:00
renovate[bot]
6a226ec122
build(deps): update mariadb docker tag to v10.6.1 (#2028)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-26 08:28:16 +10:00
renovate[bot]
b07c465ffb
build(deps): update dependency @types/react to v17.0.7 (#2030)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-26 07:17:19 +10:00
renovate[bot]
14780c7b45
build(deps): update dependency @types/node to v15.6.0 (#2017)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-24 15:34:53 +10:00
James Elliott
9d6ad5aa94
release: v4.29.4 (#2025) 2021-05-24 09:26:08 +10:00
James Elliott
bbecf632af
fix(server): revert github.com/valyala/fasthttp to v1.24.0 (#2021) 2021-05-24 09:01:19 +10:00
James Elliott
70002108bd
release: v4.29.3 (#2015) 2021-05-21 22:34:37 +10:00
James Elliott
c62dbd43d6
fix(handlers): align response status codes for the verify endpoint (#2016)
This aligns all response status codes on the /api/verify endpoint when an error occurs, making it impossible to determine the actual reason for the failure.
2021-05-21 14:03:44 +02:00
renovate[bot]
a56cffa129
build(deps): update module github.com/fasthttp/router to v1.3.13 (#2013)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-21 10:21:32 +10:00
renovate[bot]
fa8c7173fb
build(deps): update module github.com/valyala/fasthttp to v1.25.0 (#2012)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-21 09:01:09 +10:00
dependabot[bot]
d945e2a9b2
build(deps): bump nokogiri from 1.11.3 to 1.11.4 in /docs (#2011)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.3 to 1.11.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.3...v1.11.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-05-20 13:27:08 +10:00
renovate[bot]
40a26c96b6
build(deps): update dependency @types/react to v17.0.6 (#2009)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-20 13:08:51 +10:00
renovate[bot]
208106249a
build(deps): update dependency @types/node to v15.3.1 (#2010)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-20 12:48:08 +10:00
renovate[bot]
3ff50ae979
build(deps): update node.js to v16 (#2005) 2021-05-16 00:18:01 +10:00
renovate[bot]
d6f3b92201
build(deps): update dependency @types/node to v15.3.0 (#2003) 2021-05-15 10:15:43 +10:00
renovate[bot]
d7d4266b6d
build(deps): update dependency eslint-formatter-rdjson to v1.0.5 (#2002)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-15 07:19:40 +10:00
renovate[bot]
3ffdf19a7e
build(deps): update dependency @types/react-dom to v17.0.5 (#2001)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-14 07:18:17 +10:00
renovate[bot]
132d1258fe
build(deps): update dependency @types/node to v15.0.3 (#2000)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-13 09:25:30 +10:00
dependabot[bot]
6769694b17
build(deps): bump hosted-git-info from 2.8.8 to 2.8.9 in /web (#1999)
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-11 21:54:20 +10:00
James Elliott
40fc1cdc6d
release: v4.29.2 (#1998) 2021-05-11 11:21:15 +10:00
James Elliott
46c8a25c15
fix(oidc): implement required subject types supported meta (#1996)
The well known openid-configuration should have the subject_types_supported meta values.
2021-05-11 11:00:29 +10:00
renovate[bot]
2c8341974d
build(deps): update dependency @types/react-dom to v17.0.4 (#1997)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-11 10:39:06 +10:00
renovate[bot]
4cbb3826d7
build(deps): update dependency prettier to v2.3.0 (#1995)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-10 13:26:05 +10:00
Clément Michaud
168404fbb4
doc: reword the sponsor section of readme (#1994)
Also add an explicit mention on the fact that the team is looking
for sponsorship to organize an audit of the code or a pen test.
2021-05-10 09:53:34 +10:00
renovate[bot]
1e69bc2835
build(deps): update module github.com/otiai10/copy to v1.6.0 (#1989)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-05-10 01:59:50 +10:00
Clément Michaud
0c915b933e
docs: add link for users to take quick survey on usage (#1993)
We want to gather some statistics around the usage of Authelia in
order for the team to take better design decisions and direction
regarding the roadmap.
2021-05-10 01:23:57 +10:00
dependabot[bot]
3ad43652d1
build(deps): bump url-parse from 1.4.7 to 1.5.1 in /web (#1992)
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 11:43:50 +02:00
renovate[bot]
fac13f3485
build(deps): update dependency @types/chai to v4.2.18 (#1990)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-08 13:14:27 +10:00
renovate[bot]
f97c0df929
build(deps): update postgres docker tag to v13 (#1987) 2021-05-08 00:40:58 +10:00
James Elliott
cf63f84753
release: v4.29.1 (#1985) 2021-05-07 12:22:01 +10:00
James Elliott
c0ac8bf5ad
fix: include the jwk key id in the jwt for validation (#1983)
This is so the sig key used to sign the JWT can be verified using the JWKS endpoint.

Fixes #1979
2021-05-07 11:59:39 +10:00
renovate[bot]
544373de17
build(deps): update golang docker tag to v1.16.4 (#1984)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-07 10:24:17 +10:00
James Elliott
9931087246
refactor: forcibly use latest go-sqlite3 (#1982)
This is necessary to force the latest version of go-sqlite3 due to an issue with the release lifecycle upstream and due to deep dependencies. Basically go-sqlite3 v2 should never have been released and v1 is now the supported version. This was introduced due to including fosite. The dependency chain looks like this: github.com/ory/fosite@v0.39.0 => github.com/ory/x@v0.0.162 => github.com/gobuffalo/pop/v5@v5.0.11 => github.com/gobuffalo/nulls@v0.2.0.
2021-05-06 15:52:27 +10:00
Ikko Ashimine
9b1151d525
docs: fix capitalization (#1980)
This fixes the capitalization of a single instance of `Github` to `GitHub`.

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2021-05-06 07:12:32 +10:00
James Elliott
952e072f1b
docs: update secrets configuration (#1978)
This updates secrets configuration for 4.29.0 and fixes an existing issue.

Fixes #1977
2021-05-05 21:23:24 +02:00
Amir Zarrinkafsh
a31a17b222
fix(cmd): retry clean tag logic for dockerhub (#1976)
This change will ensure that if the curl command for the cleaning of Docker tags on DockerHub fails it will be reattempted up to 2 more times (total of 3) with a 10 second sleep between each attempt.

The clean tag logic itself within curl attempts to execute the http request upto 3 times so this will ensure a maximum of 9 attempts.
2021-05-05 17:09:31 +10:00
Clément Michaud
4e8d472e46
release: v4.29.0 (#1972)
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-05-05 11:46:07 +10:00
renovate[bot]
ea76455ff3
build(deps): update dependency @types/node to v15.0.2 (#1974)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-05 11:24:31 +10:00
James Elliott
a984e2700b
refactor: use fatal log message on oidc init error (#1973)
Instead of using panic() when an unknown error was detected on OP initialization, use logger.Fatalf. This provides a more useful output to the user.
2021-05-05 10:50:24 +10:00