Commit Graph

860 Commits

Author SHA1 Message Date
Clément Michaud
82d8e1d57a
[BUGFIX] Fix crash when no emails or groups are retrieved from LDAP. (#651)
* [BUGFIX] Fix crash when no emails or groups are retrieved from LDAP.

If group or email attribute configured by user in configuration is not
found in user object the list of attributes in LDAP search result is empty.
This change introduces a check before accessing the first element of the
list which previously led to out of bound access.

Fixes #647.

* [MISC] Change log level of LDAP connection creation to trace.
2020-02-27 23:21:07 +01:00
Clément Michaud
efb567f3d5
Fix development workflow. (#649)
Suites cannot be run locally anymore following the move of the example
directory into the suites directory.
2020-02-27 10:44:29 +01:00
James Elliott
e1cd524f65
[FEATURE] SMTPS support (#643)
* [FEATURE] SMTPS Support
- Added port_tls option to enable SMTPS, off by default.

* Remove configuration variable for SMTPS

Instead we enable SMTPS on port 465 only. The reason for this is so we don't require an additional configuration variable.

* Add SMTPS warning and updated docs

* Adjust SMTPS warning
2020-02-20 12:09:46 +11:00
Amir Zarrinkafsh
4c09df9868
[Buildkite] Fix AUR version tagging (#645)
Need to fetch all tags prior to extracting the correct version.
2020-02-20 11:04:07 +11:00
Amir Zarrinkafsh
447b2461e4
[Buildkite] Automate CD for AUR packages (#644)
* [Buildkite] Automate continuous deployment for AUR packages

* [Buildkite] Make AUR deploy step conditional
2020-02-20 10:25:28 +11:00
Amir Zarrinkafsh
d80becc343
[FIX] Changelog generation for github releases (#641) 2020-02-19 12:25:41 +11:00
Amir Zarrinkafsh
fc526bc927
[RELEASE] 4.4.0 2020-02-19 10:01:34 +11:00
Clément Michaud
6390826618
[MISC] Add several logs to help users detect misconfiguration issues (#639)
* Help users detect misconfiguration of their protected domain.

Sometimes users try to visit an URL pointing to a domain which is
not protected by Authelia and thus authentication fails. This log
line will help users detect those cases.

* Add a log to detect bad schemes in target URLs.

This helps users detect when an URL is http while it should be https.
Indeed, cookies are transported solely over a secure connection for
security reasons.
2020-02-19 09:39:07 +11:00
Clément Michaud
c578c8651d
[MISC] Add unit tests to authorization module and trace logs. (#638)
This aims to help debug #637.
2020-02-19 09:15:09 +11:00
Amir Zarrinkafsh
6530780817
[MISC] Utilise Probot for PR commentary (#633)
Remove Buildkite trigger for commentary.
2020-02-14 18:50:38 +11:00
Clément Michaud
4643e488db
[MISC] Fail with an error message when X-Forwarded-* headers are missing (#631)
* Fail with an error message when X-Forwarded-* headers are missing.

* Remove useless comments.
2020-02-13 13:12:37 +11:00
Amir Zarrinkafsh
2ffbea50af [MISC] Update QEMU to v4.2.0-4 (#629) 2020-02-10 21:38:53 +11:00
Amir Zarrinkafsh
f1a89de2e7
[MISC] Restructure repo folder layout (#628) 2020-02-09 18:04:27 +01:00
Clément Michaud
c2c4d9da79
Add a goreport card badge (#627) 2020-02-07 17:59:12 +01:00
Amir Zarrinkafsh
5588014ea7 [Buildkite] Fix agent key allocation for build step (#624) 2020-02-06 09:18:56 +01:00
Clément Michaud
915b6b5436
[FIX] Prevent crash when storage config is nil (#623)
* Prevent crash when storage config is nil.

* Fix google analytics configuration.

Fixes #622.
2020-02-06 13:53:02 +11:00
Clément Michaud
a63d55201f
[MISC] Improve documentation around headers used by verify endpoint. (#620)
* Explicit document missing X-Forwarded-Proto and X-Fowarded-Host headers.

* Add the name of the authorization header in error messages.

* Add error and debug logs about X-Original-URL header.

* Add error log when not able to parse target URL in verify endpoint.

* Fix unit tests.
2020-02-06 13:24:25 +11:00
Clément Michaud
c1aecf0afc
Add authelia directory in the PATH of docker images. (#621) 2020-02-06 10:02:18 +11:00
Amir Zarrinkafsh
27b8a1b0fe
[Buildkite] Fix issues with releases in CD pipeline (#617)
* [Buildkite] Fix changelog output for github releases

Fetch is required to grab the latest tag, this will ensure the correct data is generated

* [Buildkite] Only clean tags on pushes to master

Also ensure that master tag is not removed on github API failures.

* [Buildkite] Fix tag publishing for releases

* [Buildkite] Minor tweaks to github changelog output
2020-02-05 23:24:19 +11:00
Clement Michaud
9b99420ca0 4.3.0 2020-02-05 09:51:36 +01:00
Clément Michaud
d1d02d9eae
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611)
* Redirect to default URL after 1FA when default policy is one_factor.

User is now redirected to the default redirection URL after 1FA if
the default policy is set to one_factor and there is no target URL
or if the target URL is unsafe.

Also, if the default policy is set to one_factor and the user is already
authenticated, if she visits the login portal, the 'already authenticated'
view is displayed with a logout button.

This fixes #581.

* Update users.yml

* Fix permissions issue causing suite test failure
2020-02-05 08:18:02 +11:00
Amir Zarrinkafsh
9c9d8518eb
[Buildkite] Perform PR commentary in pipeline and remove github action (#614)
* [Buildkite] Perform PR commentary in pipeline and remove github action

* [Buildkite] Optimise deployment post-command hook
2020-02-03 20:07:01 +11:00
Amir Zarrinkafsh
9f904eb27e
[MISC] Make bootstrap.sh OSX friendly (#613)
Fixes #610.
2020-02-03 18:25:53 +11:00
Clément Michaud
4d981b3934
Use forked version of checkout action 2020-02-02 22:54:34 +01:00
Clément Michaud
d8f20ea7a9
Update comment.yml 2020-02-02 22:34:49 +01:00
Clément Michaud
8a07fc5c67
Update comment.yml 2020-02-02 22:30:45 +01:00
Clément Michaud
4df798e067
Update comment.yml 2020-02-02 12:23:24 +01:00
Amir Zarrinkafsh
6245dd68e9
[MISC] Change github action comment plugin (#609) 2020-02-01 18:12:58 +01:00
Amir Zarrinkafsh
006c9e20db
[FIX] Fix token associated with github actions (#607) 2020-02-02 00:47:23 +11:00
Clément Michaud
7f19078efb
[MISC] Document usage of env variables for setting secrets. (#606)
Closes #579.
2020-02-02 00:17:39 +11:00
Clément Michaud
ea9b408b70
[FIX] Fix default redirection URL not taken into account (#600)
* Remove unused mongo docker-compose file.

* Default redirection URL was not taken into account.

* Fix possible storage options in config template.

* Remove useless checks in u2f registration endpoints.

* Add default redirection url in config of duo suite.

* Fix log line in response handler of 2FA methods.

* Fix integration tests.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-02-01 13:54:50 +01:00
Amir Zarrinkafsh
05592cbe2d
[MISC] Add github comment workflow for automated builds (#605) 2020-02-01 12:56:11 +01:00
Clément Michaud
e303ae0083
[MISC] Remove unused mongo docker-compose file. (#599) 2020-02-01 22:19:26 +11:00
Clément Michaud
426b29c382
[MISC] Add a CONTRIBUTING.md to the project. (#604) 2020-02-01 22:05:43 +11:00
Amir Zarrinkafsh
1b478e8f3d
[Buildkite] Do not persist Docker secret in builds (#603) 2020-02-01 19:10:18 +11:00
Amir Zarrinkafsh
275af90137
[Buildkite] Re-order pipeline to improve security (#598) 2020-01-31 15:16:46 +11:00
Amir Zarrinkafsh
49e739d009
[Buildkite] Add automatic deployment and removal of Docker images for Branches and PRs (#592) 2020-01-30 08:37:11 +01:00
James Elliott
152b33e4fa [FIX] SMTP Notifier Unhandled Error Conditions (#585)
- Only attempt to close the connection once it's established.
- Defer the client Quit/Close so that it always executes at the end.
- Fixes #585
2020-01-28 15:19:54 +11:00
Amir Zarrinkafsh
722cbb63a0 [Buildkite] Remove redundant if clause in post-checkout hook 2020-01-28 10:06:03 +11:00
Amir Zarrinkafsh
e646323555 [MISC] Fix AUR badge links in README.md 2020-01-28 10:06:03 +11:00
James Elliott
31ca4f891f [FIX] Disable regulation when max_retries set to 0 (#584)
- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
2020-01-27 22:54:24 +11:00
Amir Zarrinkafsh
25c0b60540 [MISC] Update docs to include updated proxy configuration (#580)
Includes updated documentation for:
* nginx
* Traefik 1.x
* Traefik 2.x
2020-01-27 00:24:49 +01:00
Amir Zarrinkafsh
107126929b Update README.md with AUR references and remove CHANGELOG.md (#576)
* Update README.md
Provide badges and references to the AUR for Arch Linux Authelia packages.
Closes #571 #572.

* Add systemd unit file
Include the unit in future release artifacts.

* Remove CHANGELOG.md
As of future releases Changelog details will dynamically be generated.

* Update README.md
Add badge for authelia-git package.

* Update Changelog to only publish explicit Docker tag
Do not include Major and Minor versions, as these will change over time.
2020-01-24 10:21:17 +01:00
Clement Michaud
aca8be40ac Release v4.2.0 2020-01-22 09:12:21 +01:00
Amir Zarrinkafsh
6f669ec8b7 Package config.template.yml in published artifacts 2020-01-22 08:43:06 +01:00
Amir Zarrinkafsh
d36fbb73b7 Add example for v3 -> v4 migrations utilising Docker 2020-01-22 11:53:15 +11:00
Amir Zarrinkafsh
9a685fefad Update alpine to 3.11.3 2020-01-22 11:53:15 +11:00
Clement Michaud
2acf8bf21c Add hash-password and migrate commands to authelia binary.
This reduce the size of the docker image and avoid confusing users.

We keep the commands in authelia-scripts too in order to keep the
current workflow of developers.
2020-01-22 11:53:15 +11:00
Clement Michaud
bb7781fd2b Use env variables to configure secrets in Standalone suite. 2020-01-22 10:15:25 +11:00
Clement Michaud
cab97d5f2f Bind secret environment variable to allow unmarshalling. 2020-01-22 10:15:25 +11:00