Commit Graph

92 Commits (0e6adebc49f0f3d5403dd1196f4203739b136e15)

Author SHA1 Message Date
James Elliott cef374cdc1
feat(oidc): multiple jwk algorithms (#5279)
This adds support for multiple JWK algorithms and keys and allows for per-client algorithm choices.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-15 10:03:19 +10:00
James Elliott 033d3c0408
fix(commands): missing pkcs8 option (#5270)
Several crypto generate situations could not generate PKCS #8 ASN.1 DER format keys. Ths fixes this.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-18 12:16:45 +10:00
James Elliott eaddf11df6
refactor: http verbs etc (#5248)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 15:03:14 +10:00
James Elliott 2733fc040c
refactor: webauthn naming (#5243)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:04:42 +10:00
James Elliott a179775f6f
refactor: misc out of band changes (#5238)
This just implements some changes from feat-settings-ui that are out of scope.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-14 21:42:31 +10:00
James Elliott 0f4f5d5848
fix(commands): no args not enforced on crypto hash generate (#5237)
This fixes an issue where the authelia crypto hash generate command does not require no arguments leading to some confusing output.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-14 20:46:43 +10:00
James Elliott 569af0fef0
fix(commands): storage cmd fail when implicit config absent (#5213)
This fixes an issue where if the implicit config location of configuration.yml does not exist that an error is returned. This does not affect the behavior when the method was either implicit or environment.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-11 20:52:04 +10:00
James Elliott 157675f1f3
docs: adjust references of webauthn (#5203)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-10 17:01:23 +10:00
James Elliott f44700c352
fix(commands): internal services not cleaned up properly (#4966)
This fixes a race condition which in some circumstances (seemed to only affect a deliberately under provisioned VM in testing, however it could still theoretically occur on any system) can cause the process to hang during a shutdown. While unrelated this also adds additional trace logging to the shutdown process to better capture each stage to better facilitate debugging in the future specifically when one particular service is taking time to stop.

Fixes #4963
2023-02-20 16:37:22 +11:00
James Elliott 891f1de9f2
refactor(commands): x509 bundling (#4942)
This adds another bundling mode to the certificate command.
2023-02-17 14:29:07 +11:00
James Elliott 2888ee7f41
refactor(commands): services (#4914)
Misc refactoring of the services logic to simplify the
2023-02-11 21:45:26 +11:00
James Elliott 8e4b660f15
refactor: certs (#4912)
This refactors the suites to use a Enterprise Root CA PKI signed certificate so the CA public certificate can be trusted. This is particularly useful for webauthn in Chrome.
2023-02-11 14:11:40 +11:00
James Elliott 65705a646d
feat(server): customizable authz endpoints (#4296)
This allows users to customize the authz endpoints.

Closes #2753, Fixes #3716

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 20:36:40 +11:00
James Elliott cf4010b4fb
fix(oidc): csp blocks form_post response form submit (#4719)
This fixes an issue where the form_post response never gets submitted.

Fixes #4669
2023-01-08 07:04:06 +11:00
James Elliott fc5ea5b485
refactor(random): add random provider (#4712)
This adds a random provider which makes usage of random operations mockable, and may allow us in the future to swap out the Cryptographical CPU random generator with dedicated hardware random generators.
2023-01-07 11:19:41 +11:00
James Elliott 53a6275a79
fix(server): errors not logged (#4682)
This fixes a couple errors that were previously not logged as well as ensuring most templates are appropriately parsed via tests.
2023-01-03 17:08:49 +11:00
James Elliott a691131288
fix(notification): missing use of timeout (#4652) 2022-12-27 08:32:00 +11:00
Eng Zer Jun 54afe925b8
test: use test machinery to set env vars in tests (#4640)
This commit replaces `os.Setenv` with `t.Setenv` in tests. The environment variable is automatically restored to its original value when the test and all its subtests complete. Reference: https://pkg.go.dev/testing#T.Setenv

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-12-26 07:16:05 +11:00
James Elliott 0bb657e11c
refactor(notifier): utilize smtp lib (#4403)
This drops a whole heap of code we were maintaining in favor of a SMTP library.

Closes #2678
2022-12-23 16:06:49 +11:00
James Elliott d7ab3bb633
feat(commands): storage import/export commands (#4545)
This adds commands to export and import TOTP configurations and Webauthn devices as YAML.
2022-12-23 15:00:23 +11:00
James Elliott 0130edb870
feat(configuration): env config file discovery (#4618)
This allows Authelia to discover config files and config options via environment variables.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-12-23 11:03:50 +11:00
James Elliott cc1e58e004
feat(configuration): load config from directory (#4616)
This allows specifying paths to a combination of files and directories with the --config option provided none of the specified file paths reside directly inside one of the specified directory paths. The directory paths are not recursive, and load .yml and .yaml files at this time.
2022-12-22 17:34:20 +11:00
James Elliott e3e31e3cbc
refactor(commands): command context (#4539)
This moves a lot of machinery for commands into a context.Context with other struct values. This allows for PreRunE's to reliably load the configuration and avoids use of global vars.
2022-12-22 11:21:29 +11:00
James Elliott c7f4d5999d
feat(configuration): file filters (#4515)
This adds experimental file filters which are not guaranteed under our stability policies. These filters take effect after reading the files and before parsing their content.
2022-12-21 20:48:14 +11:00
James Elliott 728902335b
refactor: const int type stringers (#4588) 2022-12-17 23:39:24 +11:00
James Elliott 0aa6745059
build(deps): update module github.com/go-crypt/crypt to v0.2.2 (#4452) 2022-12-05 09:37:08 +11:00
James Elliott 3e4ac7821d
refactor: remove pre1 migration path (#4356)
This removes pre1 migrations and improves a lot of tooling.
2022-11-25 23:44:55 +11:00
James Elliott 500410fac3
refactor(commands): include rfc3986 charset (#4328)
This includes the RFC3986 unreserved charset as an option, and allows the '-upper' and '-lower' suffix for alphabetic inclusive charsets.
2022-11-04 11:32:49 +11:00
James Elliott dfd196460f
refactor: close database connections on shutdown (#4255)
This explicitly closes the database connection during shutdown.
2022-10-25 16:12:42 +11:00
James Elliott 1ea29cb2c2
feat(storage): unix socket support (#4231)
Support for unix sockets for MySQL and PostgreSQL.
2022-10-22 16:41:27 +11:00
James Elliott 3113ec2b80
feat(commands): random character generator (#4213)
This improves all random character generator command usages to be nearly identical and reuse a large block of code. It also improves several functions to give more options when randomly generating outputs.
2022-10-21 07:41:46 +11:00
James Elliott 24e41aed84
feat(commands): add webauthn device commands (#3671) 2022-10-19 18:17:55 +11:00
James Elliott 52102eea8c
feat(authorization): query parameter filtering (#3990)
This allows for advanced filtering of the query parameters in ACL's.

Closes #2708
2022-10-19 14:09:22 +11:00
James Elliott 84cb457cb0
feat(authentication): file provider hot reload (#4188)
This adds hot reloading to the file auth provider.
2022-10-17 22:31:23 +11:00
James Elliott 3a70f6739b
feat(authentication): file password algorithms (#3848)
This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 21:51:59 +11:00
James Elliott dc79c8ea59
refactor: any (#4133)
* refactor: any

* refactor: fix test
2022-10-05 16:05:23 +11:00
James Elliott 6cc182de08
fix(commands): potential nil ptr error on shutdown (#3947) 2022-09-04 22:26:03 +10:00
James Elliott 2325031052
refactor: clean up uri checking functions (#3943) 2022-09-03 11:51:02 +10:00
James Elliott f17268ee80
docs: remove cobra auto gen tags (#3937) 2022-09-01 12:24:47 +10:00
James Elliott 342497a869
refactor(server): use errgroup to supervise services (#3755)
Uses the errgroup package and pattern for supervising services like servers etc.
2022-08-09 07:50:12 +10:00
James Elliott b2cbcf3913
fix(handlers): consent session prevents standard flow (#3668)
This fixes an issue where consent sessions prevent the standard workflow.
2022-07-26 15:43:39 +10:00
James Elliott df016be29e
fix(notification): incorrect date header format (#3684)
* fix(notification): incorrect date header format

The date header in the email envelopes was incorrectly formatted missing a space between the `Date:` header and the value of this header. This also refactors the notification templates system allowing people to manually override the envelope itself.

* test: fix tests and linting issues

* fix: misc issues

* refactor: misc refactoring

* docs: add example for envelope with message id

* refactor: organize smtp notifier

* refactor: move subject interpolation

* refactor: include additional placeholders

* docs: fix missing link

* docs: gravity

* fix: rcpt to command

* refactor: remove mid

* refactor: apply suggestions

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>

* refactor: include pid

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-07-18 10:56:09 +10:00
James Elliott 7d170f09b4
fix(commands): acl check panic on decode failure (#3697)
This fixes an issue with the authelia access-control check-policy command which potentially panics when a decode hook fails to parse an item.
2022-07-13 17:22:42 +10:00
James Elliott 55e03e2e32
docs: fix ntp inconsistency (#3686) 2022-07-11 23:29:10 +10:00
James Elliott fcac438637
feat(commands): enhance crypto generation capabilities (#2842)
This expands the functionality of the certificates and rsa commands and merges them into one command called cypto which can either use the cert or pair subcommands to generate certificates or key-pairs respectively. The rsa, ecdsa, and ed25519 subcommands exist for both the cert and pair commands. A new --ca-path argument for the cert subcommand allows Authelia to sign other certs with CA certs.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-06-27 18:27:57 +10:00
James Elliott b2c60ef898
feat: major documentation refresh (#3475)
This marks the launch of the new documentation website.
2022-06-15 17:51:47 +10:00
James Elliott 5304178165
ci: add dedicated authelia-gen command (#3463)
Adds a dedicated authelia code/doc gen command.
2022-06-14 22:40:00 +10:00
James Elliott 001589cd6d
feat(metrics): implement prometheus metrics (#3234)
Adds ability to record metrics and gather them for Prometheus.
2022-06-14 17:20:13 +10:00
James Elliott 2037a0ee4f
fix(commands): hash-password usage instructions (#3437)
This fixes the hash-password usage instructions and ensures it uses mostly a configuration source based config. In addition it updates our recommended argon2id parameters with the RFC recommendations.
2022-06-02 09:18:45 +10:00
James Elliott 06ba312c28
fix(commands): invalid opaque id service name (#3235)
This fixes the service type being openid_connect instead of openid as expected. This also allows bulk generating opaque identifiers for users.
2022-04-25 18:49:18 +10:00