Commit Graph

101 Commits (1ef34854185d8fa30a9cdbee4fa3869ac82a5d0e)

Author SHA1 Message Date
James Elliott a39245a8e8 Fixed duplicate key in kube example
- rules key was duplicated in the ingress.yml
2020-01-10 17:37:16 +01:00
Amir Zarrinkafsh 7dc4ac5cd9 Create a suite for HAProxy 2020-01-10 11:41:01 +01:00
Silver Bullet eeefec2fac Update references to remove hash router
* Update references to remove hash router

In commit 9ae2096, the redirection parameter is changed in the example `nginx.conf`, and also in other places like `internal/middlewares/identity_verification.go`:

```
- link := fmt.Sprintf("%s://%s/#%s?token=%s", ctx.XForwardedProto(),
+ link := fmt.Sprintf("%s://%s%s?token=%s", ctx.XForwardedProto(),
```
2020-01-10 11:33:18 +01:00
Amir Zarrinkafsh e8ea1d814c Update to Alpine linux 3.11.2 2020-01-02 17:54:47 +11:00
Amir Zarrinkafsh 2fb20882d9
Utilise Buildkite for Authelia CI/CD (#507)
Publish steps are currently disabled.
2019-12-27 22:07:53 +11:00
Amir Zarrinkafsh fabb76754e
Rename org from clems4ever to authelia
Also fix references from config.yml to configuration.yml
2019-12-24 13:14:52 +11:00
Clement Michaud c3569d9bd0 Use static version of Authelia in suites when in CI.
This is to avoid the multiple reloads due to the frontend modules
being installed at the startup of the suite and randomly preventing
Authelia from starting.
2019-12-09 13:03:12 +01:00
Clement Michaud b4a8c4f0ec Introduce version command to Authelia to check the version
The version command displays the tag and the commit hash of the
built commit along with the time when the build was done.
2019-12-09 13:03:12 +01:00
Clement Michaud 3d20142292 Allow administrator to provide a Google Analytics tracking ID.
Providing a GA tracking ID allows administrators to analyze
how the portal is used by their users in large environments,
i.e., with many users.
This will make even more sense when we have users and admins
management interfaces.
2019-12-08 14:31:48 +01:00
Clement Michaud d077ad10da Update expiration timeouts from milliseconds to seconds. 2019-12-07 14:36:24 +01:00
Clement Michaud e21da43fd6 Add support for LDAP over TLS. 2019-12-06 21:33:47 +01:00
Clement Michaud 135cf718d5 Fix DuoPush suite and do some clean up. 2019-12-05 11:05:24 +01:00
Clement Michaud b89f63e9c1 Fix and parallelize integration tests. 2019-12-05 11:05:24 +01:00
Clement Michaud c78a732c6a Rewrite and fix remaining suites in Go. 2019-12-05 11:05:24 +01:00
Clement Michaud 9ae2096d2a Rewrite authelia frontend to improve user experience.
This refactoring simplify the code of the frontend and prepare the
portal for receiving a user settings page and an admin page.
2019-12-05 11:05:24 +01:00
Clement Michaud 3b2d733367 Move source code into internal directory to follow standard project layout.
https://github.com/golang-standards/project-layout
2019-11-17 16:30:33 +01:00
Clement Michaud a06b69dd45 Provide commands to migrate database from v3 to v4. 2019-11-17 16:30:33 +01:00
Clement Michaud 6303485fd2 Add support for PostgreSQL. 2019-11-16 23:39:26 +01:00
Clement Michaud b2ced06402 Fix Kubernetes suite tests.
Also deploy kubernetes dashboard prior to authelia services to ease
debugging of the suite.
2019-11-16 23:39:26 +01:00
Clement Michaud e20112f209 Remove retry mechanism from mysql provider.
The retry logic is implemented in the reflex service script instead.
2019-11-16 23:39:26 +01:00
Clement Michaud 5b836fc4cf Cleanup documentation.
Remove mention of Mongo and basic suites. Also adapt some part
to changes made to authelia-scripts.
2019-11-16 23:39:26 +01:00
Clement Michaud bd19ee48fd Deprecate mongo and add mariadb as storage backend option. 2019-11-16 23:39:26 +01:00
Clement Michaud a991379a74 Declare suites as Go structs and bootstrap e2e test framework in Go.
Some tests are not fully rewritten in Go, a typescript wrapper is called
instead until we remove the remaining TS tests and dependencies.

Also, dockerize every components (mainly Authelia backend, frontend and kind)
so that the project does not interfere with user host anymore (open ports for instance).
The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts.
It will soon be avoided using authelia.com domain that I own.
2019-11-15 20:23:06 +01:00
Clement Michaud b9fea361c9 Create suite for testing the docker image.
Running this suite is the first advice given by the
bootstrap script to help the user move forward.

This commit also updates the documentation to reflect
changes introduced by the Go rewrite.
2019-11-03 16:53:47 +01:00
Clement Michaud 828f565290 Bootstrap Go implementation of Authelia.
This is going to be the v4.

Expected improvements:
- More reliable due to static typing.
- Bump of performance.
- Improvement of logging.
- Authelia can be shipped as a single binary.
- Will likely work on ARM architecture.
2019-10-28 23:28:59 +01:00
Clement Michaud 4016ff1bba [BREAKING] Create a suite for Traefik proxy.
* Removal of the Redirect header sent by Authelia /api/verify endpoint.
* Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host
  to compute the link sent in identity verification emails.
* Authelia used Host header as the application name for U2F authentication but it's now using
  X-Forwarded-* headers.
2019-04-12 09:24:54 +02:00
ViViDboarder 0922b3c215 Build x-original-url from forwarded headers
This is to allow broader support for proxies. In particular, this allows
support with Traefik.

This patch also includes some examples of configuration with Traefik.
2019-04-12 09:24:54 +02:00
Clement Michaud 8a76b5118d Add network criteria in ACLs to specify policy based on network subnet. 2019-03-31 20:11:07 +02:00
Clement Michaud e7c09fddc6 Simplify nginx example configuration. 2019-03-28 23:14:36 +01:00
Clement Michaud d09a307ff8 Fix redirection after 2FA method change.
Authelia was using links with href="#" that changed the URL when clicked
on. Therefore, this commit removes the href property and apply link style
to tags without href property.
2019-03-24 20:02:55 +01:00
Clement Michaud 8ef402511c Add Duo Push Notification option as 2FA. 2019-03-24 15:15:49 +01:00
Clement Michaud d9e487c99f Display only one 2FA option.
Displaying only one option at 2FA stage will allow to add more options
like DUO push or OAuth.

The user can switch to other option and in this case the option is
remembered so that next time, the user will see the same option. The
latest option is considered as the prefered option by Authelia.
2019-03-23 19:34:00 +01:00
Clement Michaud 6a19f7eb91 Add documentation for nginx proxy. 2019-03-22 15:34:42 +01:00
Clement Michaud 76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud fce2e35c8a Move swarm docker-compose file to dedicated dir in examples. 2019-03-03 11:39:40 +01:00
Clement Michaud d82ebfab0e Move dockerhub example in a suite. 2019-03-03 11:39:40 +01:00
Clement Michaud c5eb86e0fd Fix e2e test with minimal configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud 561578dffc Remove generated nginx portal configuration. 2019-03-03 11:39:40 +01:00
Clement Michaud eccf08b6b0 Authelia can be run locally while communicating with docker environment. 2019-03-03 11:39:40 +01:00
Clement Michaud 1bc0029651 Introduce authelia-cli to ease development cycle. 2019-03-03 11:39:40 +01:00
Clement Michaud 694840790b Redirect to https://login.example.com to avoid errors due to https://localhost 2019-03-03 11:39:40 +01:00
Clement Michaud 9d7155a969 Almost full authentication workflow with U2F and TOTP. 2019-03-03 11:39:40 +01:00
Clement Michaud fe14bde29b Backend and frontend are reloaded on code change. 2019-03-03 11:39:40 +01:00
ViViDboarder 264a94d4e7 Add ability to search for groups using {uid}
On some LDAP servers, the `uid` attribute is more like a guid, while the
username exists instead in a dedicated field, like `username`. This
means the `uid` is not necessarily equal to `username`.

This is allows referencing using the `uid` to search for groups in the same
way as `dn` so that one can explicitly match the `memberuid` to the `uid` for
the user without the assumptions that come with using `{0}`.
2019-02-27 21:34:18 -08:00
BankaiNoJutsu 3d1448d3cc fix permissions 2018-12-18 16:34:56 +01:00
BankaiNoJutsu 48c204fc68 added all themes, clean and backup of dist, --theme value check 2018-12-18 16:30:23 +01:00
Clement Michaud 91763e97a1 Get IP of the original client when querying /verify. 2018-08-28 23:06:14 +02:00
Clement Michaud cf89aa909c Fix kubernetes configuration. 2018-08-26 14:32:19 +02:00
Clément Michaud 67f84b97c8
Enable authentication to Mongo and Redis. (#263)
* Fix issue in unit test of IdentityCheckMiddleware.

* Enable authentication to Mongo server.

* Enable authentication to Redis.
2018-08-26 13:10:23 +02:00
Clement Michaud 6d6162f26c Add tests for minimal configuration 2018-08-10 00:12:04 +02:00