Commit Graph

2446 Commits

Author SHA1 Message Date
James Elliott
8f05846e21
feat: webauthn (#2707)
This implements Webauthn. Old devices can be used to authenticate via the appid compatibility layer which should be automatic. New devices will be registered via Webauthn, and devices which do not support FIDO2 will no longer be able to be registered. At this time it does not fully support multiple devices (backend does, frontend doesn't allow registration of additional devices). Does not support passwordless.
2022-03-03 22:20:43 +11:00
renovate[bot]
3c0d9b3b57
build(deps): update dependency eslint-config-prettier to v8.5.0 (#2941)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-03 12:29:26 +11:00
renovate[bot]
ee4c7d7340
build(deps): update dependency @types/react-dom to v17.0.13 (#2940)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-03 10:58:55 +11:00
renovate[bot]
476df97622
build(deps): update dependency react-router-dom to v6.2.2 (#2929)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-02 23:07:43 +11:00
renovate[bot]
03b2b45c4d
build(deps): update dependency @types/react-dom to v17.0.12 (#2935)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-02 20:15:39 +11:00
James Elliott
1b2af90e5a
feat(commands): totp qr code in png format (#2673)
This allows exporting the TOTP QR code for easy registration when using `authelia storage totp generate` or `authelia storage totp export`.
2022-03-02 18:50:36 +11:00
James Elliott
6276883f04
refactor(configuration): utilize time duration decode hook (#2938)
This enhances the existing time.Duration parser to allow multiple units, and implements a decode hook which can be used by koanf to decode string/integers into time.Durations as applicable.
2022-03-02 17:40:26 +11:00
James Elliott
d867fa1a63
fix(storage): return reason for identity verification not being found (#2937)
This includes the reason a token was not found during the identity verification process.
2022-03-02 16:33:47 +11:00
Andrew Moore
6ef6d0499a
feat(oidc): add pkce support (#2924)
Implements Proof Key for Code Exchange for OpenID Connect Authorization Code Flow. By default this is enabled for the public client type and requires the S256 challenge method.

Closes #2921
2022-03-02 15:44:05 +11:00
renovate[bot]
8dcb8c4e29
build(deps): update dependency vite to v2.8.6 (#2936)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-02 13:06:14 +11:00
Clément Michaud
c511b3415a
build: disable pre-commit hook by env variable (#2887)
One can set the NO_HOOK env variable to avoid running the pre-commit
hook. It can be useful when performing large refactorings.
2022-03-02 00:10:15 +01:00
Toshaan Bharvani
2e2096023c
build: add system service file to support multi setup (#2873)
* using the '@' in a service file allows multiple instances
this enables system to load authelia with multiple configuration files

Signed-off-by: Toshaan Bharvani <toshaan@vantosh.com>

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-03-01 22:52:49 +01:00
James Elliott
decc4fd05e
docs: fix missing link (#2934) 2022-03-01 16:06:17 +11:00
James Elliott
1eef78ff7b
docs: move oidc roadmap (#2933) 2022-03-01 16:00:27 +11:00
renovate[bot]
b7ddcb1d29
build(deps): update dependency typescript to v4.6.2 (#2932)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 15:39:39 +11:00
renovate[bot]
f8d9c6eab7
build(deps): update dependency haproxy to v2.5.4 (#2931)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 15:04:34 +11:00
James Elliott
c479ba6386
fix(oidc): make preferred_username a profile scope claim (#2930)
This corrects an issue with the preferred_username which should be part of the profile scope as per https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims.

Introduced in ddbb21a via #2829
2022-03-01 14:07:39 +11:00
renovate[bot]
d5684b9f87
build(deps): update typescript-eslint monorepo to v5.13.0 (#2928)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 11:15:55 +11:00
renovate[bot]
4c63d4f59c
build(deps): update dependency vite to v2.8.5 (#2927)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 08:21:58 +11:00
James Elliott
3c81e75d79
feat(commands): add access-control check-policy command (#2871)
This adds an access-control command that checks the policy enforcement for a given criteria using a configuration file and refactors the configuration validation command to include all configuration sources.
2022-02-28 14:15:01 +11:00
renovate[bot]
d87a56fa1a
build(deps): update dependency eslint-plugin-react to v7.29.2 (#2918)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 17:37:43 +01:00
dependabot[bot]
5ff2323a7f
build(deps): bump nokogiri from 1.12.5 to 1.13.3 in /docs (#2919)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-27 15:19:10 +11:00
renovate[bot]
e286741357
build(deps): update dependency mariadb to v10.8.2 (#2917)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 10:12:17 +11:00
renovate[bot]
d565133f19
build(deps): update dependency eslint-plugin-react to v7.29.0 (#2915)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-25 20:18:44 +11:00
renovate[bot]
c525849eee
build(deps): update dependency @types/node to v16.11.26 (#2894)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-25 09:10:01 +11:00
renovate[bot]
4b1bd01167
build(deps): update dependency traefik to v2.6.1 (#2912)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-24 21:13:08 +11:00
James Elliott
b733f7b86d
build(deps): update pnpm packages (#2911) 2022-02-24 19:27:57 +11:00
James Elliott
4593da3f00
build(deps): update go modules (#2907)
Update the following deps:

github.com/fasthttp/router v1.4.5 -> v1.4.6
github.com/fasthttp/session/v2 v2.4.5 -> v2.4.7
github.com/go-ldap/ldap/v3 v3.4.1 -> v3.4.2
github.com/golang-jwt/jwt/v4 v4.2.0 -> v4.3.0
github.com/jackc/pgx/v4 v4.14.1 -> v4.15.0
github.com/ory/fosite v0.42.0 -> v0.42.1
github.com/duosecurity/duo_api_golang v0.0.0-20211027140842-72da735c6f15 -> v0.0.0-20220201180708-96a8851a8448
2022-02-24 14:15:10 +11:00
James Elliott
9808da6ba0
build(deps): update module github.com/mattn/go-sqlite3 to v1.14.11 (#2906) 2022-02-24 12:02:27 +11:00
renovate[bot]
7ba6ff71b3
build(deps): update module github.com/valyala/fasthttp to v1.33.0 (#2905)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 11:11:05 +11:00
renovate[bot]
eb76de6cdc
build(deps): update dependency haproxy to v2.5.3 (#2897)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 03:12:26 +11:00
renovate[bot]
5cbc88dd59
build(deps): update dependency golang to v1.17.7 (#2896)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 02:46:37 +11:00
renovate[bot]
4d06318413
build(deps): update dependency @testing-library/jest-dom to v5.16.2 (#2892)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-23 13:13:20 +11:00
renovate[bot]
c03b24232f
build(deps): update dependency @fortawesome/react-fontawesome to v0.1.17 (#2891)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-23 12:08:15 +11:00
James Elliott
bed7a8ae32
feat(server): csp template (#2856)
Implements the ability for advanced users to override the CSP and easily include the required nonce.
2022-02-21 10:14:09 +11:00
Clément Michaud
6043b43d94
docs: fix roadmap item about oidc (#2885) 2022-02-21 08:50:20 +11:00
Clément Michaud
64adb9eb67
docs: update roadmap with new priorities based on feedbacks (#2878) 2022-02-18 22:35:22 +11:00
James White
50e9ccafa1
docs: fix grammar (#2863)
Remove the gender specific examples for `default_redirection_url`

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-17 13:26:17 +11:00
Karlos
096946bcb7
docs: add OIDC integration details about Harbor and Verdaccio (#2867)
Added Harbor (docker/helm open source registry) and verdaccio (open source NPM proxy registry)
2022-02-13 10:05:38 +01:00
James Elliott
ddbb21af90
fix(handlers): include preferred_username claim in meta (#2829)
This includes the preferred_username claim in the meta. Also uses the consts for all the applicable claims and scopes.
2022-02-10 09:55:28 +11:00
Clément Michaud
100d598a0e
docs: add documentation about the logout endpoint (#2860)
fix #2859
2022-02-10 09:10:35 +11:00
Clément Michaud
5d4003c291
refactor: directly return error where sufficient (#2855) 2022-02-10 09:07:53 +11:00
Biel Frontera
8fc48476c6
docs: add community example of integrating authelia with Django (#2858)
Extend the information given at #2636 about how to integrate
authelia with Django.
2022-02-09 21:50:34 +01:00
Amir Zarrinkafsh
9c98321130
fix(docker): fix bootstrap and dev docker image build (#2857)
This reverts commit 380e6fccb6. This change ensures that BUILDKIT is enabled to pick up the correct Dockerfile and .dockerignore files during the build process of the dev image.

Fixes #2843. Closes #2844.
2022-02-08 16:09:45 +11:00
Dylan Drost
b6cffaaf50
docs: added example configs for oidc for specific services (portainer, proxmox) (#2831)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-08 00:05:10 +01:00
Shihta Kuan
380e6fccb6
fix(docker): fix the building process of docker image (#2844)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-07 23:40:51 +01:00
Michael Shamoon
5dd0cfb8c7
docs: add Bookstack to list of community-tested OIDC integrations (#2849)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-07 22:08:48 +01:00
James Elliott
fcdd41ea2a
feat: oidc scope i18n (#2799)
This adds i18n for the OIDC scope descriptsions descriptions.
2022-02-08 01:18:16 +11:00
James Elliott
26236f491e
fix(server): use of inconsistent methods for determining origin (#2848)
This unifies the methods to obtain the X-Forwarded-* header values and provides logical fallbacks. In addition, so we can ensure this functionality extends to the templated files we've converted the ServeTemplatedFile method into a function that operates as a middlewares.RequestHandler.

Fixes #2765
2022-02-07 00:37:28 +11:00
James Elliott
7775d2af0e
fix(ntp): disable failure ignored (#2835)
Disable failure was ignored previously, this ensures it isn't.
2022-02-03 14:04:24 +11:00