Commit Graph

3080 Commits

Author SHA1 Message Date
James Elliott
c479ba6386
fix(oidc): make preferred_username a profile scope claim (#2930)
This corrects an issue with the preferred_username which should be part of the profile scope as per https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims.

Introduced in ddbb21a via #2829
2022-03-01 14:07:39 +11:00
renovate[bot]
d5684b9f87
build(deps): update typescript-eslint monorepo to v5.13.0 (#2928)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 11:15:55 +11:00
renovate[bot]
4c63d4f59c
build(deps): update dependency vite to v2.8.5 (#2927)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 08:21:58 +11:00
James Elliott
3c81e75d79
feat(commands): add access-control check-policy command (#2871)
This adds an access-control command that checks the policy enforcement for a given criteria using a configuration file and refactors the configuration validation command to include all configuration sources.
2022-02-28 14:15:01 +11:00
renovate[bot]
d87a56fa1a
build(deps): update dependency eslint-plugin-react to v7.29.2 (#2918)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 17:37:43 +01:00
dependabot[bot]
5ff2323a7f
build(deps): bump nokogiri from 1.12.5 to 1.13.3 in /docs (#2919)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-27 15:19:10 +11:00
renovate[bot]
e286741357
build(deps): update dependency mariadb to v10.8.2 (#2917)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 10:12:17 +11:00
renovate[bot]
d565133f19
build(deps): update dependency eslint-plugin-react to v7.29.0 (#2915)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-25 20:18:44 +11:00
renovate[bot]
c525849eee
build(deps): update dependency @types/node to v16.11.26 (#2894)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-25 09:10:01 +11:00
renovate[bot]
4b1bd01167
build(deps): update dependency traefik to v2.6.1 (#2912)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-24 21:13:08 +11:00
James Elliott
b733f7b86d
build(deps): update pnpm packages (#2911) 2022-02-24 19:27:57 +11:00
James Elliott
4593da3f00
build(deps): update go modules (#2907)
Update the following deps:

github.com/fasthttp/router v1.4.5 -> v1.4.6
github.com/fasthttp/session/v2 v2.4.5 -> v2.4.7
github.com/go-ldap/ldap/v3 v3.4.1 -> v3.4.2
github.com/golang-jwt/jwt/v4 v4.2.0 -> v4.3.0
github.com/jackc/pgx/v4 v4.14.1 -> v4.15.0
github.com/ory/fosite v0.42.0 -> v0.42.1
github.com/duosecurity/duo_api_golang v0.0.0-20211027140842-72da735c6f15 -> v0.0.0-20220201180708-96a8851a8448
2022-02-24 14:15:10 +11:00
James Elliott
9808da6ba0
build(deps): update module github.com/mattn/go-sqlite3 to v1.14.11 (#2906) 2022-02-24 12:02:27 +11:00
renovate[bot]
7ba6ff71b3
build(deps): update module github.com/valyala/fasthttp to v1.33.0 (#2905)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 11:11:05 +11:00
renovate[bot]
eb76de6cdc
build(deps): update dependency haproxy to v2.5.3 (#2897)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 03:12:26 +11:00
renovate[bot]
5cbc88dd59
build(deps): update dependency golang to v1.17.7 (#2896)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 02:46:37 +11:00
renovate[bot]
4d06318413
build(deps): update dependency @testing-library/jest-dom to v5.16.2 (#2892)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-23 13:13:20 +11:00
renovate[bot]
c03b24232f
build(deps): update dependency @fortawesome/react-fontawesome to v0.1.17 (#2891)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-23 12:08:15 +11:00
James Elliott
bed7a8ae32
feat(server): csp template (#2856)
Implements the ability for advanced users to override the CSP and easily include the required nonce.
2022-02-21 10:14:09 +11:00
Clément Michaud
6043b43d94
docs: fix roadmap item about oidc (#2885) 2022-02-21 08:50:20 +11:00
Clément Michaud
64adb9eb67
docs: update roadmap with new priorities based on feedbacks (#2878) 2022-02-18 22:35:22 +11:00
James White
50e9ccafa1
docs: fix grammar (#2863)
Remove the gender specific examples for `default_redirection_url`

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-17 13:26:17 +11:00
Karlos
096946bcb7
docs: add OIDC integration details about Harbor and Verdaccio (#2867)
Added Harbor (docker/helm open source registry) and verdaccio (open source NPM proxy registry)
2022-02-13 10:05:38 +01:00
James Elliott
ddbb21af90
fix(handlers): include preferred_username claim in meta (#2829)
This includes the preferred_username claim in the meta. Also uses the consts for all the applicable claims and scopes.
2022-02-10 09:55:28 +11:00
Clément Michaud
100d598a0e
docs: add documentation about the logout endpoint (#2860)
fix #2859
2022-02-10 09:10:35 +11:00
Clément Michaud
5d4003c291
refactor: directly return error where sufficient (#2855) 2022-02-10 09:07:53 +11:00
Biel Frontera
8fc48476c6
docs: add community example of integrating authelia with Django (#2858)
Extend the information given at #2636 about how to integrate
authelia with Django.
2022-02-09 21:50:34 +01:00
Amir Zarrinkafsh
9c98321130
fix(docker): fix bootstrap and dev docker image build (#2857)
This reverts commit 380e6fccb6. This change ensures that BUILDKIT is enabled to pick up the correct Dockerfile and .dockerignore files during the build process of the dev image.

Fixes #2843. Closes #2844.
2022-02-08 16:09:45 +11:00
Dylan Drost
b6cffaaf50
docs: added example configs for oidc for specific services (portainer, proxmox) (#2831)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-08 00:05:10 +01:00
Shihta Kuan
380e6fccb6
fix(docker): fix the building process of docker image (#2844)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-07 23:40:51 +01:00
Michael Shamoon
5dd0cfb8c7
docs: add Bookstack to list of community-tested OIDC integrations (#2849)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-07 22:08:48 +01:00
James Elliott
fcdd41ea2a
feat: oidc scope i18n (#2799)
This adds i18n for the OIDC scope descriptsions descriptions.
2022-02-08 01:18:16 +11:00
James Elliott
26236f491e
fix(server): use of inconsistent methods for determining origin (#2848)
This unifies the methods to obtain the X-Forwarded-* header values and provides logical fallbacks. In addition, so we can ensure this functionality extends to the templated files we've converted the ServeTemplatedFile method into a function that operates as a middlewares.RequestHandler.

Fixes #2765
2022-02-07 00:37:28 +11:00
James Elliott
7775d2af0e
fix(ntp): disable failure ignored (#2835)
Disable failure was ignored previously, this ensures it isn't.
2022-02-03 14:04:24 +11:00
James Elliott
1772a83190
refactor: apply godot recommendations (#2839) 2022-01-31 16:25:15 +11:00
Clément Michaud
357c654db8
ci(codecov): exclude coverage files from the coverage itself (#2832)
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-23 02:55:13 +11:00
renovate[bot]
029e3268d4
build(deps): update dependency i18next to v21.6.7 (#2824)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 11:04:32 +11:00
renovate[bot]
28b29be0af
build(deps): update dependency i18next-http-backend to v1.3.2 (#2823)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 10:23:00 +11:00
renovate[bot]
7402f6807b
build(deps): update dependency react-i18next to v11.15.3 (#2821)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 00:48:50 +11:00
renovate[bot]
31f3f23195
build(deps): update dependency i18next to v21.6.6 (#2820)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 00:23:49 +11:00
Manuel Nuñez
db046b2d1c
feat(web): i18n (#2697)
This adds support for i18n so that users may be presented a familiar language to the language the browser language they are using automatically. Currently supported languages: en, es.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-21 23:05:46 +11:00
Clément Michaud
a7a2bc63fe
feat(configuration): support private-use redirect uris in oidc (#2796)
Private-use redirect URIs are used to redirect the user to native apps initiating the authentication flow on a device as described in https://datatracker.ietf.org/doc/html/rfc8252#section-7.1

Fix #2742
2022-01-21 22:05:53 +11:00
James Elliott
8d5a29117e
release: v4.33.2 (#2800) 2022-01-21 15:34:17 +11:00
James Elliott
e59f571816
refactor(oidc): add client id to two factor log message (#2816)
Adds the client id to a log message where it's likely useful. Additionally adds beta stage for prompt/display handling.
2022-01-21 14:15:50 +11:00
renovate[bot]
d8cf272757
build(deps): update traefik docker tag to v2.5.7 (#2815)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-21 13:43:06 +11:00
renovate[bot]
6020dd611f
build(deps): update dependency typescript to v4.5.5 (#2812)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-21 11:38:48 +11:00
renovate[bot]
c4cef2918b
build(deps): update dependency @commitlint/cli to v16.1.0 (#2810)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-21 11:19:25 +11:00
James Elliott
9a8c6602dd
fix(middlewares): smart delay on reset password (#2767)
This adds a smart delay on reset password attempts to prevent username enumeration. Additionally utilizes crypto rand instead of math rand. It also moves the timing delay functionality into its own handler func.
2022-01-21 10:46:13 +11:00
renovate[bot]
97a862e81a
build(deps): update dependency @commitlint/cli to v16.0.3 (#2808)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-20 07:30:44 +11:00
renovate[bot]
6366e3452c
build(deps): update dependency vite to v2.7.13 (#2807)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-19 18:22:27 +11:00