James Elliott
18b1fc5ed2
refactor: simplified
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-22 15:16:48 +10:00
James Elliott
a1351b1473
refactor: totp
2023-04-21 21:33:58 +10:00
James Elliott
bf5272dc61
refactor: totp
2023-04-21 21:33:58 +10:00
James Elliott
873749a28f
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
# Conflicts:
# web/package.json
# web/pnpm-lock.yaml
2023-04-21 21:32:32 +10:00
James Elliott
616fa3c48d
docs: header consistency ( #5266 )
2023-04-18 09:53:26 +10:00
James Elliott
a8a8089f33
fix: missing files
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 16:21:42 +10:00
James Elliott
29ddc73012
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
# Conflicts:
# internal/suites/scenario_backend_protection_test.go
2023-04-15 15:05:09 +10:00
James Elliott
eaddf11df6
refactor: http verbs etc ( #5248 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 15:03:14 +10:00
James Elliott
e464295c8b
fix: more webauthn consistency fixes
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 11:00:52 +10:00
James Elliott
6c89ee1f9c
Merge orgin/master into feat-settings-ui
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 03:12:55 +10:00
James Elliott
86b525ce21
Merge remote tracking branch origin/master into feat-settings-ui
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:14:23 +10:00
James Elliott
2733fc040c
refactor: webauthn naming ( #5243 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:04:42 +10:00
James Elliott
d97c0eb0ea
fix: remove gen files
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 01:28:47 +10:00
James Elliott
774f64a932
Merge remote tracking branch 'origin/master' into feat-settings-ui
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-14 20:58:49 +10:00
James Elliott
7fdcc351d4
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
# Conflicts:
# internal/handlers/handler_register_webauthn.go
# internal/handlers/webauthn.go
# internal/handlers/webauthn_test.go
# internal/mocks/storage.go
# internal/model/webauthn.go
# internal/storage/provider.go
# internal/storage/sql_provider.go
# web/package.json
# web/pnpm-lock.yaml
# web/src/layouts/LoginLayout.tsx
2023-04-11 21:34:45 +10:00
James Elliott
928df8a698
Merge remote-tracking branch 'origin/master' into feat-oidc-auth-mode
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
# Conflicts:
# internal/configuration/validator/const.go
2023-04-09 13:19:29 +10:00
James Elliott
0424652940
refactor: adjust openapi ( #5192 )
...
Misc fixes to OpenAPI Specification that were missed.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-08 15:25:19 +10:00
James Elliott
2dcfc0b04c
feat(handlers): authz authrequest authelia url ( #5181 )
...
This adjusts the AuthRequest Authz implementation behave similarly to the other implementations in as much as Authelia can return the relevant redirection to the proxy and the proxy just utilizes it if possible. In addition it swaps the HAProxy examples over to the ForwardAuth implementation as that's now supported.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-08 14:48:55 +10:00
James Elliott
b6883a337f
Merge origin/master into feat-settings-ui
2023-03-07 10:12:49 +11:00
James Elliott
ff6be40f5e
feat(oidc): pushed authorization requests ( #4546 )
...
This implements RFC9126 OAuth 2.0 Pushed Authorization Requests. See https://datatracker.ietf.org/doc/html/rfc9126 for the specification details.
2023-03-06 14:58:50 +11:00
James Elliott
8b8d6ce417
Merge remote-tracking branch origin/master into feat-settings-ui
2023-02-28 20:07:42 +11:00
James Elliott
a345490826
feat(server): handle head method ( #5003 )
...
This implements some HEAD method handlers for various static resources and the /api/health endpoint.
2023-02-28 20:01:09 +11:00
James Elliott
ac72ee494c
ci: fix misc and refactorings ( #4994 )
...
* ci: fix misc and refactorings
* ci: additional fix
2023-02-26 13:22:22 +11:00
James Elliott
5be5de02d8
feat: webauthn users
2023-02-17 06:40:40 +11:00
James Elliott
e84ca4956a
refactor: sql updates
2023-02-14 23:35:15 +11:00
James Elliott
130a28a430
fix: misc
2023-02-12 23:57:43 +11:00
James Elliott
ba1ed1252c
fix: tests
2023-02-12 22:11:00 +11:00
James Elliott
515309c10e
feat: translate all the things
2023-02-12 21:57:45 +11:00
James Elliott
8c057f65a5
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2023-02-11 21:53:34 +11:00
James Elliott
2888ee7f41
refactor(commands): services ( #4914 )
...
Misc refactoring of the services logic to simplify the
2023-02-11 21:45:26 +11:00
James Elliott
9e5aa1c1a9
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
# Conflicts:
# web/package.json
# web/pnpm-lock.yaml
2023-02-05 20:19:40 +11:00
James Elliott
d7be1c1359
refactor: reduce complexity
2023-02-01 22:10:38 +11:00
James Elliott
3af20a7daf
build(deps): use @simplewebauthn/browser
2023-01-30 16:37:53 +11:00
James Elliott
f382ba040e
i18n: update translations ( #4850 )
2023-01-30 10:16:52 +11:00
James Elliott
7d17c39c52
Merge origin/master into feat-settings-ui
2023-01-25 22:11:41 +11:00
James Elliott
65705a646d
feat(server): customizable authz endpoints ( #4296 )
...
This allows users to customize the authz endpoints.
Closes #2753 , Fixes #3716
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 20:36:40 +11:00
James Elliott
a566c16d08
feat(web): privacy policy url ( #4625 )
...
This allows users to customize a privacy policy URL at the bottom of the login view.
Closes #2639
2023-01-22 19:58:07 +11:00
James Elliott
bd279900ca
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2023-01-20 17:56:06 +11:00
Manuel Nuñez
8b29cf7ee8
feat(session): multiple session cookie domains ( #3754 )
...
This adds support to configure multiple session cookie domains.
Closes #1198
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 21:57:44 +11:00
James Elliott
cf4010b4fb
fix(oidc): csp blocks form_post response form submit ( #4719 )
...
This fixes an issue where the form_post response never gets submitted.
Fixes #4669
2023-01-08 07:04:06 +11:00
James Elliott
49d421e910
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
# Conflicts:
# api/openapi.yml
# web/src/views/DeviceRegistration/RegisterWebauthn.tsx
# web/src/views/LoginPortal/SecondFactor/WebauthnMethod.tsx
2023-01-07 11:50:19 +11:00
James Elliott
fc5ea5b485
refactor(random): add random provider ( #4712 )
...
This adds a random provider which makes usage of random operations mockable, and may allow us in the future to swap out the Cryptographical CPU random generator with dedicated hardware random generators.
2023-01-07 11:19:41 +11:00
James Elliott
53a6275a79
fix(server): errors not logged ( #4682 )
...
This fixes a couple errors that were previously not logged as well as ensuring most templates are appropriately parsed via tests.
2023-01-03 17:08:49 +11:00
James Elliott
1c3219e93f
perf(server): cached openapi document ( #4674 )
...
This should lead to a small performance gain by caching the openapi.yml with etags as well as eliminating the use of nonce crypto generation when not required.
2023-01-03 14:49:02 +11:00
James Elliott
917ac89e38
refactor: 2fa api
2023-01-01 22:16:28 +11:00
James Elliott
dd781ffc51
refactor: adjust settings components
2022-12-31 18:27:43 +11:00
James Elliott
0e2770e72d
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2022-12-27 20:05:02 +11:00
James Elliott
a691131288
fix(notification): missing use of timeout ( #4652 )
2022-12-27 08:32:00 +11:00
James Elliott
4a2fd3dea7
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2022-12-23 16:08:47 +11:00
James Elliott
3ba2eae20e
fix(server): verify endpoint 405ing non-get/head reqs ( #4607 )
...
Fixes an issue specific to envoy that prevents the verify endpoint working with requests not using the GET or HEAD methods.
2022-12-21 18:47:20 +11:00