RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/commands/const.go

593 lines
25 KiB
Go
Raw Normal View History

feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
package commands
feat(storage): encrypted secret values (#2588) This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682
2021-11-25 01:56:58 +00:00
import (
"errors"
)
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
const (
fmtCmdAutheliaShort = "authelia %s"
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
fmtCmdAutheliaLong = `authelia %s
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
An open-source authentication and authorization server providing
two-factor authentication and single sign-on (SSO) for your
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
applications via a web portal.
feat: major documentation refresh (#3475) This marks the launch of the new documentation website.
2022-06-15 07:51:47 +00:00
Documentation is available at: https://www.authelia.com/`
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaExample = `authelia --config /etc/authelia/config.yml --config /etc/authelia/access-control.yml
authelia --config /etc/authelia/config.yml,/etc/authelia/access-control.yml
authelia --config /etc/authelia/config/`
fmtAutheliaBuild = `Last Tag: %s
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
State: %s
Branch: %s
Commit: %s
Build Number: %s
Build OS: %s
Build Arch: %s
Build Date: %s
Extra: %s
`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaBuildInfoShort = "Show the build information of Authelia"
cmdAutheliaBuildInfoLong = `Show the build information of Authelia.
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
This outputs detailed version information about the specific version
of the Authelia binary. This information is embedded into Authelia
by the continuous integration.
This could be vital in debugging if you're not using a particular
tagged build of Authelia. It's suggested to provide it along with
your issue.
`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaBuildInfoExample = `authelia build-info`
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaAccessControlShort = "Helpers for the access control system"
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaAccessControlLong = `Helpers for the access control system.`
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaAccessControlExample = `authelia access-control --help`
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaAccessControlCheckPolicyShort = "Checks a request against the access control rules to determine what policy would be applied"
feat(configuration): replace viper with koanf (#2053) This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-08-03 09:55:21 +00:00
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaAccessControlCheckPolicyLong = `
feat(commands): add access-control check-policy command (#2871) This adds an access-control command that checks the policy enforcement for a given criteria using a configuration file and refactors the configuration validation command to include all configuration sources.
2022-02-28 03:15:01 +00:00
Checks a request against the access control rules to determine what policy would be applied.
Legend:
# The rule position in the configuration.
* The first fully matched rule.
~ Potential match i.e. if the user was authenticated they may match this rule.
hit The criteria in this column is a match to the request.
miss The criteria in this column is not match to the request.
may The criteria in this column is potentially a match to the request.
Notes:
A rule that potentially matches a request will cause a redirection to occur in order to perform one-factor
authentication. This is so Authelia can adequately determine if the rule actually matches.
`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaAccessControlCheckPolicyExample = `authelia access-control check-policy --config config.yml --url https://example.com
authelia access-control check-policy --config config.yml --url https://example.com --username john
authelia access-control check-policy --config config.yml --url https://example.com --groups admin,public
authelia access-control check-policy --config config.yml --url https://example.com --username john --method GET
authelia access-control check-policy --config config.yml --url https://example.com --username john --method GET --verbose`
cmdAutheliaStorageShort = "Manage the Authelia storage"
cmdAutheliaStorageLong = `Manage the Authelia storage.
This subcommand has several methods to interact with the Authelia SQL Database. This allows doing several advanced
operations which would be much harder to do manually.
`
cmdAutheliaStorageExample = `authelia storage --help`
cmdAutheliaStorageEncryptionShort = "Manage storage encryption"
cmdAutheliaStorageEncryptionLong = `Manage storage encryption.
This subcommand allows management of the storage encryption.`
cmdAutheliaStorageEncryptionExample = `authelia storage encryption --help`
cmdAutheliaStorageEncryptionCheckShort = "Checks the encryption key against the database data"
cmdAutheliaStorageEncryptionCheckLong = `Checks the encryption key against the database data.
This is useful for validating all data that can be encrypted is intact.`
cmdAutheliaStorageEncryptionCheckExample = `authelia storage encryption check
authelia storage encryption check --verbose
authelia storage encryption check --verbose --config config.yml
authelia storage encryption check --verbose --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageEncryptionChangeKeyShort = "Changes the encryption key"
cmdAutheliaStorageEncryptionChangeKeyLong = `Changes the encryption key.
This subcommand allows you to change the encryption key of an Authelia SQL database.`
cmdAutheliaStorageEncryptionChangeKeyExample = `authelia storage encryption change-key --config config.yml --new-encryption-key 0e95cb49-5804-4ad9-be82-bb04a9ddecd8
authelia storage encryption change-key --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --new-encryption-key 0e95cb49-5804-4ad9-be82-bb04a9ddecd8 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserShort = "Manages user settings"
cmdAutheliaStorageUserLong = `Manages user settings.
This subcommand allows modifying and exporting user settings.`
cmdAutheliaStorageUserExample = `authelia storage user --help`
cmdAutheliaStorageUserIdentifiersShort = "Manage user opaque identifiers"
cmdAutheliaStorageUserIdentifiersLong = `Manage user opaque identifiers.
This subcommand allows performing various tasks related to the opaque identifiers for users.`
cmdAutheliaStorageUserIdentifiersExample = `authelia storage user identifiers --help`
cmdAutheliaStorageUserIdentifiersExportShort = "Export the identifiers to a YAML file"
cmdAutheliaStorageUserIdentifiersExportLong = `Export the identifiers to a YAML file.
This subcommand allows exporting the opaque identifiers for users in order to back them up.`
cmdAutheliaStorageUserIdentifiersExportExample = `authelia storage user identifiers export
authelia storage user identifiers export --file export.yaml
authelia storage user identifiers export --file export.yaml --config config.yml
authelia storage user identifiers export --file export.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserIdentifiersImportShort = "Import the identifiers from a YAML file"
cmdAutheliaStorageUserIdentifiersImportLong = `Import the identifiers from a YAML file.
This subcommand allows you to import the opaque identifiers for users from a YAML file.
The YAML file can either be automatically generated using the authelia storage user identifiers export command, or
manually provided the file is in the same format.`
cmdAutheliaStorageUserIdentifiersImportExample = `authelia storage user identifiers import
authelia storage user identifiers import --file export.yaml
authelia storage user identifiers import --file export.yaml --config config.yml
authelia storage user identifiers import --file export.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserIdentifiersGenerateShort = "Generate opaque identifiers in bulk"
cmdAutheliaStorageUserIdentifiersGenerateLong = `Generate opaque identifiers in bulk.
This subcommand allows various options for generating the opaque identifies for users in bulk.`
cmdAutheliaStorageUserIdentifiersGenerateExample = `authelia storage user identifiers generate --users john,mary
authelia storage user identifiers generate --users john,mary --services openid
authelia storage user identifiers generate --users john,mary --services openid --sectors=",example.com,test.com"
authelia storage user identifiers generate --users john,mary --services openid --sectors=",example.com,test.com" --config config.yml
authelia storage user identifiers generate --users john,mary --services openid --sectors=",example.com,test.com" --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserIdentifiersAddShort = "Add an opaque identifier for a user to the database"
cmdAutheliaStorageUserIdentifiersAddLong = `Add an opaque identifier for a user to the database.
This subcommand allows manually adding an opaque identifier for a user to the database provided it's in the correct format.`
cmdAutheliaStorageUserIdentifiersAddExample = `authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073
authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --config config.yml
authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
feat(commands): add webauthn device commands (#3671)
2022-10-19 07:17:55 +00:00
cmdAutheliaStorageUserWebAuthnShort = "Manage Webauthn devices"
cmdAutheliaStorageUserWebAuthnLong = `Manage Webauthn devices.
This subcommand allows interacting with Webauthn devices.`
cmdAutheliaStorageUserWebAuthnExample = `authelia storage user webauthn --help`
cmdAutheliaStorageUserWebAuthnListShort = "List WebAuthn devices"
cmdAutheliaStorageUserWebAuthnListLong = `List WebAuthn devices.
This subcommand allows listing WebAuthn devices.`
cmdAutheliaStorageUserWebAuthnListExample = `authelia storage user webauthn list
authelia storage user webauthn list john
authelia storage user webauthn list --config config.yml
authelia storage user webauthn list john --config config.yml
authelia storage user webauthn list --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserWebAuthnDeleteShort = "Delete a WebAuthn device"
cmdAutheliaStorageUserWebAuthnDeleteLong = `Delete a WebAuthn device.
This subcommand allows deleting a WebAuthn device directly from the database.`
cmdAutheliaStorageUserWebAuthnDeleteExample = `authelia storage user webauthn delete john --all
authelia storage user webauthn delete john --all --config config.yml
authelia storage user webauthn delete john --all --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user webauthn delete john --description Primary
authelia storage user webauthn delete john --description Primary --config config.yml
authelia storage user webauthn delete john --description Primary --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user webauthn delete --kid abc123
authelia storage user webauthn delete --kid abc123 --config config.yml
authelia storage user webauthn delete --kid abc123 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaStorageUserTOTPShort = "Manage TOTP configurations"
cmdAutheliaStorageUserTOTPLong = `Manage TOTP configurations.
This subcommand allows deleting, exporting, and creating user TOTP configurations.`
cmdAutheliaStorageUserTOTPExample = `authelia storage user totp --help`
cmdAutheliaStorageUserTOTPGenerateShort = "Generate a TOTP configuration for a user"
cmdAutheliaStorageUserTOTPGenerateLong = `Generate a TOTP configuration for a user.
This subcommand allows generating a new TOTP configuration for a user,
and overwriting the existing configuration if applicable.`
cmdAutheliaStorageUserTOTPGenerateExample = `authelia storage user totp generate john
authelia storage user totp generate john --period 90
authelia storage user totp generate john --digits 8
authelia storage user totp generate john --algorithm SHA512
authelia storage user totp generate john --algorithm SHA512 --config config.yml
authelia storage user totp generate john --algorithm SHA512 --config config.yml --path john.png`
cmdAutheliaStorageUserTOTPDeleteShort = "Delete a TOTP configuration for a user"
cmdAutheliaStorageUserTOTPDeleteLong = `Delete a TOTP configuration for a user.
This subcommand allows deleting a TOTP configuration directly from the database for a given user.`
cmdAutheliaStorageUserTOTPDeleteExample = `authelia storage user totp delete john
authelia storage user totp delete john --config config.yml
authelia storage user totp delete john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserTOTPExportShort = "Perform exports of the TOTP configurations"
cmdAutheliaStorageUserTOTPExportLong = `Perform exports of the TOTP configurations.
This subcommand allows exporting TOTP configurations to various formats.`
cmdAutheliaStorageUserTOTPExportExample = `authelia storage user totp export --format csv
authelia storage user totp export --format png --dir ./totp-qr
authelia storage user totp export --format png --dir ./totp-qr --config config.yml
authelia storage user totp export --format png --dir ./totp-qr --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageSchemaInfoShort = "Show the storage information"
cmdAutheliaStorageSchemaInfoLong = `Show the storage information.
This subcommand shows advanced information about the storage schema useful in some diagnostic tasks.`
cmdAutheliaStorageSchemaInfoExample = `authelia storage schema-info
authelia storage schema-info --config config.yml
authelia storage schema-info --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageMigrateShort = "Perform or list migrations"
cmdAutheliaStorageMigrateLong = `Perform or list migrations.
This subcommand handles schema migration tasks.`
cmdAutheliaStorageMigrateExample = `authelia storage migrate --help`
cmdAutheliaStorageMigrateHistoryShort = "Show migration history"
cmdAutheliaStorageMigrateHistoryLong = `Show migration history.
This subcommand allows users to list previous migrations.`
cmdAutheliaStorageMigrateHistoryExample = `authelia storage migrate history
authelia storage migrate history --config config.yml
authelia storage migrate history --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageMigrateListUpShort = "List the up migrations available"
cmdAutheliaStorageMigrateListUpLong = `List the up migrations available.
This subcommand lists the schema migrations available in this version of Authelia which are greater than the current
schema version of the database.`
cmdAutheliaStorageMigrateListUpExample = `authelia storage migrate list-up
authelia storage migrate list-up --config config.yml
authelia storage migrate list-up --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageMigrateListDownShort = "List the down migrations available"
cmdAutheliaStorageMigrateListDownLong = `List the down migrations available.
This subcommand lists the schema migrations available in this version of Authelia which are less than the current
schema version of the database.`
cmdAutheliaStorageMigrateListDownExample = `authelia storage migrate list-down
authelia storage migrate list-down --config config.yml
authelia storage migrate list-down --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageMigrateUpShort = "Perform a migration up"
cmdAutheliaStorageMigrateUpLong = `Perform a migration up.
This subcommand performs the schema migrations available in this version of Authelia which are greater than the current
schema version of the database. By default this will migrate up to the latest available, but you can customize this.`
cmdAutheliaStorageMigrateUpExample = `authelia storage migrate up
authelia storage migrate up --config config.yml
authelia storage migrate up --target 20 --config config.yml
authelia storage migrate up --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageMigrateDownShort = "Perform a migration down"
cmdAutheliaStorageMigrateDownLong = `Perform a migration down.
This subcommand performs the schema migrations available in this version of Authelia which are less than the current
schema version of the database.`
cmdAutheliaStorageMigrateDownExample = `authelia storage migrate down --target 20
authelia storage migrate down --target 20 --config config.yml
authelia storage migrate down --target 20 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaValidateConfigShort = "Check a configuration against the internal configuration validation mechanisms"
cmdAutheliaValidateConfigLong = `Check a configuration against the internal configuration validation mechanisms.
This subcommand allows validation of the YAML and Environment configurations so that a configuration can be checked
prior to deploying it.`
cmdAutheliaValidateConfigExample = `authelia validate-config
authelia validate-config --config config.yml`
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdAutheliaCryptoShort = "Perform cryptographic operations"
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdAutheliaCryptoLong = `Perform cryptographic operations.
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
This subcommand allows preforming cryptographic certificate, key pair, etc tasks.`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdAutheliaCryptoExample = `authelia crypto --help`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(authentication): file password algorithms (#3848) This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 10:51:59 +00:00
cmdAutheliaCryptoRandShort = "Generate a cryptographically secure random string"
cmdAutheliaCryptoRandLong = `Generate a cryptographically secure random string.
This subcommand allows generating cryptographically secure random strings for use for encryption keys, HMAC keys, etc.`
cmdAutheliaCryptoRandExample = `authelia crypto rand --help
authelia crypto rand --length 80
authelia crypto rand -n 80
authelia crypto rand --charset alphanumeric
authelia crypto rand --charset alphabetic
authelia crypto rand --charset ascii
authelia crypto rand --charset numeric
authelia crypto rand --charset numeric-hex
authelia crypto rand --characters 0123456789ABCDEF`
cmdAutheliaCryptoHashShort = "Perform cryptographic hash operations"
cmdAutheliaCryptoHashLong = `Perform cryptographic hash operations.
This subcommand allows preforming hashing cryptographic tasks.`
cmdAutheliaCryptoHashExample = `authelia crypto hash --help`
cmdAutheliaCryptoHashValidateShort = "Perform cryptographic hash validations"
cmdAutheliaCryptoHashValidateLong = `Perform cryptographic hash validations.
This subcommand allows preforming cryptographic hash validations. i.e. checking hash digests against a password.`
cmdAutheliaCryptoHashValidateExample = `authelia crypto hash validate --help
authelia crypto hash validate '$5$rounds=500000$WFjMpdCQxIkbNl0k$M0qZaZoK8Gwdh8Cw5diHgGfe5pE0iJvxcVG3.CVnQe.' -- 'p@ssw0rd'`
cmdAutheliaCryptoHashGenerateShort = "Generate cryptographic hash digests"
cmdAutheliaCryptoHashGenerateLong = `Generate cryptographic hash digests.
This subcommand allows generating cryptographic hash digests.
See the help for the subcommands if you want to override the configuration or defaults.`
cmdAutheliaCryptoHashGenerateExample = `authelia crypto hash generate --help`
fmtCmdAutheliaCryptoHashGenerateSubShort = "Generate cryptographic %s hash digests"
fmtCmdAutheliaCryptoHashGenerateSubLong = `Generate cryptographic %s hash digests.
This subcommand allows generating cryptographic %s hash digests.`
fmtCmdAutheliaCryptoHashGenerateSubExample = `authelia crypto hash generate %s --help`
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdAutheliaCryptoCertificateShort = "Perform certificate cryptographic operations"
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdAutheliaCryptoCertificateLong = `Perform certificate cryptographic operations.
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
This subcommand allows preforming certificate cryptographic tasks.`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdAutheliaCryptoCertificateExample = `authelia crypto certificate --help`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
fmtCmdAutheliaCryptoCertificateSubShort = "Perform %s certificate cryptographic operations"
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
fmtCmdAutheliaCryptoCertificateSubLong = `Perform %s certificate cryptographic operations.
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
This subcommand allows preforming %s certificate cryptographic tasks.`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(authentication): file password algorithms (#3848) This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 10:51:59 +00:00
fmtCmdAutheliaCryptoCertificateSubExample = `authelia crypto certificate %s --help`
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
fmtCmdAutheliaCryptoCertificateGenerateRequestShort = "Generate an %s private key and %s"
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
fmtCmdAutheliaCryptoCertificateGenerateRequestLong = `Generate an %s private key and %s.
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
This subcommand allows generating an %s private key and %s.`
cmdAutheliaCryptoCertificateRSAGenerateExample = `authelia crypto certificate rsa generate --help`
cmdAutheliaCryptoCertificateECDSAGenerateExample = `authelia crypto certificate ecdsa generate --help`
cmdAutheliaCryptoCertificateEd25519GenerateExample = `authelia crypto certificate ed25519 request --help`
cmdAutheliaCryptoCertificateRSARequestExample = `authelia crypto certificate rsa request --help`
cmdAutheliaCryptoCertificateECDSARequestExample = `authelia crypto certificate ecdsa request --help`
cmdAutheliaCryptoCertificateEd25519RequestExample = `authelia crypto certificate ed25519 request --help`
cmdAutheliaCryptoPairShort = "Perform key pair cryptographic operations"
cmdAutheliaCryptoPairLong = `Perform key pair cryptographic operations.
This subcommand allows preforming key pair cryptographic tasks.`
cmdAutheliaCryptoPairExample = `authelia crypto pair --help`
cmdAutheliaCryptoPairSubShort = "Perform %s key pair cryptographic operations"
cmdAutheliaCryptoPairSubLong = `Perform %s key pair cryptographic operations.
This subcommand allows preforming %s key pair cryptographic tasks.`
cmdAutheliaCryptoPairRSAExample = `authelia crypto pair rsa --help`
cmdAutheliaCryptoPairECDSAExample = `authelia crypto pair ecdsa --help`
cmdAutheliaCryptoPairEd25519Example = `authelia crypto pair ed25519 --help`
fmtCmdAutheliaCryptoPairGenerateShort = "Generate a cryptographic %s key pair"
fmtCmdAutheliaCryptoPairGenerateLong = `Generate a cryptographic %s key pair.
This subcommand allows generating an %s key pair.`
cmdAutheliaCryptoPairRSAGenerateExample = `authelia crypto pair rsa generate --help`
cmdAutheliaCryptoPairECDSAGenerateExample = `authelia crypto pair ecdsa generate --help`
cmdAutheliaCryptoPairEd25519GenerateExample = `authelia crypto pair ed25519 generate --help`
cmdAutheliaHashPasswordShort = "Hash a password to be used in file-based users database"
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
cmdAutheliaHashPasswordLong = `Hash a password to be used in file-based users database.`
//nolint:gosec // This is an example.
cmdAutheliaHashPasswordExample = `authelia hash-password -- 'mypass'
authelia hash-password --sha512 -- 'mypass'
authelia hash-password --iterations=4 -- 'mypass'
authelia hash-password --memory=128 -- 'mypass'
authelia hash-password --parallelism=1 -- 'mypass'
authelia hash-password --key-length=64 -- 'mypass'`
)
feat(storage): primary key for all tables and general qol refactoring (#2431) This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database. Fixes #1337
2021-11-23 09:45:38 +00:00
const (
storageMigrateDirectionUp = "up"
storageMigrateDirectionDown = "down"
)
feat(storage): encrypted secret values (#2588) This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682
2021-11-25 01:56:58 +00:00
const (
ci: add dedicated authelia-gen command (#3463) Adds a dedicated authelia code/doc gen command.
2022-06-14 12:40:00 +00:00
storageTOTPExportFormatCSV = "csv"
storageTOTPExportFormatURI = "uri"
storageTOTPExportFormatPNG = "png"
)
var (
validStorageTOTPExportFormats = []string{storageTOTPExportFormatCSV, storageTOTPExportFormatURI, storageTOTPExportFormatPNG}
feat(storage): encrypted secret values (#2588) This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682
2021-11-25 01:56:58 +00:00
)
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
const (
timeLayoutCertificateNotBefore = "Jan 2 15:04:05 2006"
)
const (
cmdFlagNameDirectory = "directory"
cmdFlagNamePathCA = "path.ca"
cmdFlagNameFilePrivateKey = "file.private-key"
cmdFlagNameFilePublicKey = "file.public-key"
cmdFlagNameFileCertificate = "file.certificate"
cmdFlagNameFileCAPrivateKey = "file.ca-private-key"
cmdFlagNameFileCACertificate = "file.ca-certificate"
cmdFlagNameFileCSR = "file.csr"
cmdFlagNameExtendedUsage = "extended-usage"
cmdFlagNameSignature = "signature"
cmdFlagNameCA = "ca"
cmdFlagNameSANs = "sans"
cmdFlagNameCommonName = "common-name"
cmdFlagNameOrganization = "organization"
cmdFlagNameOrganizationalUnit = "organizational-unit"
cmdFlagNameCountry = "country"
cmdFlagNameProvince = "province"
cmdFlagNameLocality = "locality"
cmdFlagNameStreetAddress = "street-address"
cmdFlagNamePostcode = "postcode"
cmdFlagNameNotBefore = "not-before"
cmdFlagNameDuration = "duration"
cmdFlagNamePKCS8 = "pkcs8"
cmdFlagNameBits = "bits"
cmdFlagNameCurve = "curve"
feat(authentication): file password algorithms (#3848) This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 10:51:59 +00:00
cmdFlagNamePassword = "password"
cmdFlagNameRandom = "random"
cmdFlagNameRandomLength = "random.length"
cmdFlagNameNoConfirm = "no-confirm"
cmdFlagNameVariant = "variant"
cmdFlagNameCost = "cost"
cmdFlagNameIterations = "iterations"
cmdFlagNameParallelism = "parallelism"
cmdFlagNameBlockSize = "block-size"
cmdFlagNameMemory = "memory"
cmdFlagNameKeySize = "key-size"
cmdFlagNameSaltSize = "salt-size"
cmdFlagNameProfile = "profile"
cmdFlagNameSHA512 = "sha512"
cmdFlagNameConfig = "config"
cmdFlagNameCharSet = "charset"
cmdFlagNameCharacters = "characters"
cmdFlagNameLength = "length"
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
)
const (
feat(authentication): file password algorithms (#3848) This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 10:51:59 +00:00
cmdUseHashPassword = "hash-password [flags] -- [password]"
cmdUseHash = "hash"
cmdUseHashArgon2 = "argon2"
cmdUseHashSHA2Crypt = "sha2crypt"
cmdUseHashPBKDF2 = "pbkdf2"
cmdUseHashBCrypt = "bcrypt"
cmdUseHashSCrypt = "scrypt"
cmdUseCrypto = "crypto"
cmdUseRand = "rand"
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdUseCertificate = "certificate"
cmdUseGenerate = "generate"
feat(authentication): file password algorithms (#3848) This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 10:51:59 +00:00
cmdUseValidate = "validate"
cmdUseFmtValidate = "%s [flags] -- <digest>"
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
cmdUseRequest = "request"
cmdUsePair = "pair"
cmdUseRSA = "rsa"
cmdUseECDSA = "ecdsa"
cmdUseEd25519 = "ed25519"
)
const (
cryptoCertPubCertOut = "certificate"
cryptoCertCSROut = "certificate signing request"
feat(authentication): file password algorithms (#3848) This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 10:51:59 +00:00
prefixFilePassword = "authentication_backend.file.password"
feat(commands): enhance crypto generation capabilities (#2842) This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs. Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 08:27:57 +00:00
)
feat(storage): encrypted secret values (#2588) This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682
2021-11-25 01:56:58 +00:00
var (
errNoStorageProvider = errors.New("no storage provider configured")
)
feat(commands): user opaque identifiers commands (#3144) Add commands for handling user opaque identifiers.
2022-04-09 07:13:19 +00:00
const (
fix(commands): invalid opaque id service name (#3235) This fixes the service type being openid_connect instead of openid as expected. This also allows bulk generating opaque identifiers for users.
2022-04-25 08:49:18 +00:00
identifierServiceOpenIDConnect = "openid"
)
var (
validIdentifierServices = []string{identifierServiceOpenIDConnect}
feat(commands): user opaque identifiers commands (#3144) Add commands for handling user opaque identifiers.
2022-04-09 07:13:19 +00:00
)