RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
authelia/internal/middlewares/const.go

62 lines
2.2 KiB
Go
Raw Normal View History

Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
package middlewares
refactor(handlers): utilize referer for auth logging rm/rd (#2655) This utilizes the referrer query parameters instead of current request query parameters for logging the requested URI and method. Minor performance improvements to header peek/sets.
2021-12-02 02:21:46 +00:00
import (
refactor: misc password policy refactoring (#3102) Add tests and makes the password policy a provider so the configuration can be loaded to memory on startup.
2022-04-03 00:48:26 +00:00
"errors"
refactor(handlers): utilize referer for auth logging rm/rd (#2655) This utilizes the referrer query parameters instead of current request query parameters for logging the requested URI and method. Minor performance improvements to header peek/sets.
2021-12-02 02:21:46 +00:00
"github.com/valyala/fasthttp"
fix(handlers): handle xhr requests to /api/verify with 401 (#2189) This changes the way XML HTTP requests are handled on the verify endpoint so that they are redirected using a 401 instead of a 302/303.
2021-07-22 03:52:37 +00:00
)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
refactor(handlers): utilize referer for auth logging rm/rd (#2655) This utilizes the referrer query parameters instead of current request query parameters for logging the requested URI and method. Minor performance improvements to header peek/sets.
2021-12-02 02:21:46 +00:00
var (
headerXForwardedProto = []byte(fasthttp.HeaderXForwardedProto)
headerXForwardedHost = []byte(fasthttp.HeaderXForwardedHost)
headerXForwardedFor = []byte(fasthttp.HeaderXForwardedFor)
headerXRequestedWith = []byte(fasthttp.HeaderXRequestedWith)
headerAccept = []byte(fasthttp.HeaderAccept)
headerXForwardedURI = []byte("X-Forwarded-URI")
headerXOriginalURL = []byte("X-Original-URL")
headerXForwardedMethod = []byte("X-Forwarded-Method")
fix(server): use of inconsistent methods for determining origin (#2848) This unifies the methods to obtain the X-Forwarded-* header values and provides logical fallbacks. In addition, so we can ensure this functionality extends to the templated files we've converted the ServeTemplatedFile method into a function that operates as a middlewares.RequestHandler. Fixes #2765
2022-02-06 13:37:28 +00:00
feat(oidc): add automatic allow all cors to discovery (#2953) This adds a Cross Origin Resource Sharing policy that automatically allows any cross-origin request to the OpenID Connect discovery documents.
2022-03-04 04:46:12 +00:00
headerVary = []byte(fasthttp.HeaderVary)
headerOrigin = []byte(fasthttp.HeaderOrigin)
headerAccessControlAllowCredentials = []byte(fasthttp.HeaderAccessControlAllowCredentials)
headerAccessControlAllowHeaders = []byte(fasthttp.HeaderAccessControlAllowHeaders)
headerAccessControlAllowMethods = []byte(fasthttp.HeaderAccessControlAllowMethods)
headerAccessControlAllowOrigin = []byte(fasthttp.HeaderAccessControlAllowOrigin)
headerAccessControlMaxAge = []byte(fasthttp.HeaderAccessControlMaxAge)
headerAccessControlRequestHeaders = []byte(fasthttp.HeaderAccessControlRequestHeaders)
headerAccessControlRequestMethod = []byte(fasthttp.HeaderAccessControlRequestMethod)
)
var (
headerValueFalse = []byte("false")
headerValueMaxAge = []byte("100")
headerValueVary = []byte("Accept-Encoding, Origin")
)
var (
fix(server): use of inconsistent methods for determining origin (#2848) This unifies the methods to obtain the X-Forwarded-* header values and provides logical fallbacks. In addition, so we can ensure this functionality extends to the templated files we've converted the ServeTemplatedFile method into a function that operates as a middlewares.RequestHandler. Fixes #2765
2022-02-06 13:37:28 +00:00
protoHTTPS = []byte("https")
protoHTTP = []byte("http")
// UserValueKeyBaseURL is the User Value key where we store the Base URL.
UserValueKeyBaseURL = []byte("base_url")
fix(handlers): handle xhr requests to /api/verify with 401 (#2189) This changes the way XML HTTP requests are handled on the verify endpoint so that they are redirected using a 401 instead of a 302/303.
2021-07-22 03:52:37 +00:00
)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
fix(handlers): handle xhr requests to /api/verify with 401 (#2189) This changes the way XML HTTP requests are handled on the verify endpoint so that they are redirected using a 401 instead of a 302/303.
2021-07-22 03:52:37 +00:00
const (
refactor(handlers): utilize referer for auth logging rm/rd (#2655) This utilizes the referrer query parameters instead of current request query parameters for logging the requested URI and method. Minor performance improvements to header peek/sets.
2021-12-02 02:21:46 +00:00
headerValueXRequestedWithXHR = "XMLHttpRequest"
contentTypeApplicationJSON = "application/json"
contentTypeTextHTML = "text/html"
fix(handlers): handle xhr requests to /api/verify with 401 (#2189) This changes the way XML HTTP requests are handled on the verify endpoint so that they are redirected using a 401 instead of a 302/303.
2021-07-22 03:52:37 +00:00
)
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture.
2019-04-24 21:52:08 +00:00
var okMessageBytes = []byte("{\"status\":\"OK\"}")
fix(handlers): handle xhr requests to /api/verify with 401 (#2189) This changes the way XML HTTP requests are handled on the verify endpoint so that they are redirected using a 401 instead of a 302/303.
2021-07-22 03:52:37 +00:00
const (
messageOperationFailed = "Operation failed"
messageIdentityVerificationTokenAlreadyUsed = "The identity verification token has already been used"
messageIdentityVerificationTokenHasExpired = "The identity verification token has expired"
)
feature(oidc): add support for OpenID Connect OpenID connect has become a standard when it comes to authentication and in order to fix a security concern around forwarding authentication and authorization information it has been decided to add support for it. This feature is in beta version and only enabled when there is a configuration for it. Before enabling it in production, please consider that it's in beta with potential bugs and that there are several production critical features still missing such as all OIDC related data is stored in configuration or memory. This means you are potentially going to experience issues with HA deployments, or when restarting a single instance specifically related to OIDC. We are still working on adding the remaining set of features before making it GA as soon as possible. Related to #189 Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-04 22:06:05 +00:00
var protoHostSeparator = []byte("://")
refactor: misc password policy refactoring (#3102) Add tests and makes the password policy a provider so the configuration can be loaded to memory on startup.
2022-04-03 00:48:26 +00:00
var errPasswordPolicyNoMet = errors.New("the supplied password does not met the security policy")