James Elliott
92cf5a186d
feat(authentication): ldap memberof
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-15 13:52:02 +10:00
James Elliott
65ecfe4b9a
feat(oidc): private_key_jwt client auth ( #5280 )
...
This adds support for the private_key_jwt client authentication method.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-05-15 10:32:10 +10:00
James Elliott
cef374cdc1
feat(oidc): multiple jwk algorithms ( #5279 )
...
This adds support for multiple JWK algorithms and keys and allows for per-client algorithm choices.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-15 10:03:19 +10:00
James Elliott
1dbfbc5f88
feat(oidc): client_secret_jwt client auth ( #5253 )
...
This adds the authentication machinery for the client_secret_jwt to the Default Client Authentication Strategy.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-15 09:51:59 +10:00
James Elliott
e37f19c170
build: allow users to set the umask easily ( #5407 )
...
This adds an easy way for users to set a UMASK in the container.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-13 13:19:47 +10:00
James Elliott
fb5c285c25
feat(authentication): suport ldap over unix socket ( #5397 )
...
This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-07 16:39:17 +10:00
James Elliott
6d48e4cd51
docs: add nix pkg manager reference ( #5372 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-03 20:18:51 +10:00
Amir Zarrinkafsh
6b04fe2652
docs: fix tailscale oidc typos and inaccuracies ( #5367 )
...
Adjusts some inaccuracies and inconsistencies.
Fixes #5359
Signed-off-by: Amir Zarrinkafsh <nightah@me.com>
2023-05-03 11:29:55 +10:00
James Elliott
871cd8701d
docs: oidc faq resolution ( #5352 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-01 19:54:42 +10:00
James Elliott
eaddb57c27
docs: add exhaustive complete logs reference guide ( #5345 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-01 12:36:02 +10:00
Dennis Gaida
63d2de7604
docs: update screenshot ( #5342 )
...
Signed-off-by: Dennis Gaida <2392217+DennisGaida@users.noreply.github.com>
2023-05-01 12:19:06 +10:00
James Elliott
9537ad6813
docs: fix line endings ( #5340 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-30 11:13:55 +10:00
Dennis Gaida
c3cc4061b8
docs: improve tailscale integration ( #5330 )
...
This is an addendum to #5287 and includes some improvements.
Signed-off-by: Dennis Gaida <2392217+DennisGaida@users.noreply.github.com>
2023-04-30 09:18:57 +10:00
Harold
f08cf83be4
docs(oidc): kasm workspaces ( #5314 )
...
This adds a Kasm Workspaces OpenID Connect 1.0 integration guide.
Signed-off-by: Harold <73724671+HaroldVB@users.noreply.github.com>
2023-04-27 18:40:06 +10:00
James Elliott
c772ec26b1
i18n: update generated language support ( #5316 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-26 13:00:54 +10:00
James Elliott
b11353bbe8
docs: implement developer certificate of origin ( #5096 )
...
This implements the Developer Certificate of Origin as a commit check via the commitlint hook and add the relevant documentation.
Closes #5095
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-26 12:48:15 +10:00
James Elliott
8f2cef5ab2
docs: misc fix ( #5302 )
...
Include a missing link.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-23 10:11:40 +10:00
Dennis Gaida
1ba134fd60
docs(oidc): tailscale integration ( #5287 )
...
Adding Tailscale configuration documentation.
2023-04-23 10:06:28 +10:00
Nicolas Znamenski
0ec58d772a
docs: fix typo ( #5301 )
...
Fixed a typo/deprecated parameter --random-charset into --random.charset
Signed-off-by: Nicolas Znamenski <contact@loud.software>
2023-04-23 10:03:39 +10:00
James Elliott
616fa3c48d
docs: header consistency ( #5266 )
2023-04-18 09:53:26 +10:00
James Elliott
9917e3290a
docs: misc fixes ( #5258 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-16 07:48:03 +10:00
James Elliott
9e8db3c3f3
docs(oidc): faq refresh ( #5254 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 22:25:21 +10:00
James Elliott
3d2da0b070
feat(oidc): client authentication modes ( #5150 )
...
This adds a feature to OpenID Connect 1.0 where clients can be restricted to a specific client authentication mode, as well as implements some backend requirements for the private_key_jwt client authentication mode (and potentially the tls_client_auth / self_signed_tls_client_auth client authentication modes). It also adds some improvements to configuration defaults and validations which will for now be warnings but likely be made into errors.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-13 20:58:18 +10:00
James Elliott
db130dad48
docs: github links ( #5230 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-13 20:10:12 +10:00
James Elliott
157675f1f3
docs: adjust references of webauthn ( #5203 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-10 17:01:23 +10:00
James Elliott
2dcfc0b04c
feat(handlers): authz authrequest authelia url ( #5181 )
...
This adjusts the AuthRequest Authz implementation behave similarly to the other implementations in as much as Authelia can return the relevant redirection to the proxy and the proxy just utilizes it if possible. In addition it swaps the HAProxy examples over to the ForwardAuth implementation as that's now supported.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-08 14:48:55 +10:00
James Elliott
3b52ddb137
docs: add adaptation blurbs ( #5163 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-08 10:00:36 +10:00
James Elliott
19d1b1bbcb
docs: fix gitea example ( #5156 )
...
Fixes the gitea example and a few other minor issues.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-02 13:12:01 +10:00
Joakim Pettersen
9fe2ed9a46
docs(oidc): firezone integration ( #5125 )
...
This adds a Firezone VPN integration with OpenID Connect 1.0.
2023-03-28 20:29:13 +11:00
Trung Le
154110d4d9
docs: correct the link to the docs ( #5112 )
2023-03-22 13:55:31 +10:00
boomam
0bf40f63ea
docs(oidc): minio integration ( #5100 )
...
Add MinIO OpenID Connect 1.0 documentation.
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-03-21 11:21:23 +11:00
tetricky
a048c48da7
docs: misago oidc ( #5024 )
...
This adds Misago integration docs for OpenID Connect.
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-03-14 08:51:13 +11:00
James Elliott
ff6be40f5e
feat(oidc): pushed authorization requests ( #4546 )
...
This implements RFC9126 OAuth 2.0 Pushed Authorization Requests. See https://datatracker.ietf.org/doc/html/rfc9126 for the specification details.
2023-03-06 14:58:50 +11:00
James Elliott
0565be3db1
docs: faq ( #5032 )
2023-03-06 11:32:06 +11:00
James Elliott
fca8e2130a
docs: update integration docs ( #4986 )
2023-03-04 15:53:48 +11:00
James Elliott
f62b4d4cd3
docs: update ngnix docs ( #4980 )
2023-02-22 15:26:10 +11:00
James Elliott
8253b44e5d
docs: update swag docs ( #4979 )
2023-02-22 15:11:11 +11:00
James Hillyerd
ad689275d3
docs: improve gitea oidc guidance ( #4808 )
...
Make the non-obvious relationship between the Gitea `Authentication Name` and the path of the redirect URI explicit.
Signed-off-by: James Hillyerd <james@hillyerd.com>
2023-02-13 07:49:43 +11:00
James Elliott
8e4b660f15
refactor: certs ( #4912 )
...
This refactors the suites to use a Enterprise Root CA PKI signed certificate so the CA public certificate can be trusted. This is particularly useful for webauthn in Chrome.
2023-02-11 14:11:40 +11:00
James Elliott
d1147f9ac4
docs: refactor oidc config docs ( #4892 )
2023-02-08 01:29:43 +11:00
James Elliott
a7ccf3652f
docs: fix rfc references and fix misc issues ( #4879 )
2023-02-05 18:11:30 +11:00
James Elliott
e408cb19b1
test: adjust tests and docs to be similar ( #4856 )
2023-02-02 18:13:18 +11:00
James Elliott
7e285f461f
docs: add common oidc shortcode and update ( #4862 )
2023-02-02 12:30:06 +11:00
Krasimir Nedelchev
b3b24f4479
docs: fix ip addresses ( #4843 )
...
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-01-29 09:25:32 +11:00
James Elliott
1ac4321013
docs: fix misc issues ( #4831 )
2023-01-26 16:38:08 +11:00
James Elliott
a33b37a9cd
docs: make several openid connect areas uniform ( #4824 )
2023-01-26 10:59:18 +11:00
James Elliott
65705a646d
feat(server): customizable authz endpoints ( #4296 )
...
This allows users to customize the authz endpoints.
Closes #2753 , Fixes #3716
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 20:36:40 +11:00
Chris D
8a4c65b548
docs: fix mistakes in swag docs ( #4665 )
...
Co-authored-by: Chris <=>
2022-12-31 10:45:55 +11:00
James Elliott
859b403146
docs: update docs ( #4597 )
2022-12-19 15:04:02 +11:00
James Elliott
b4d9e21387
docs: fix misc url issues ( #4503 )
2022-12-07 20:43:02 +11:00