renovate[bot]
1f3cf34080
build(deps): update dependency @types/node to v14.14.37 ( #1859 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-28 02:21:52 +11:00
renovate[bot]
5ab334dcdc
build(deps): update haproxy docker tag to v2.3.8 ( #1858 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-28 02:06:58 +11:00
renovate[bot]
322592f679
build(deps): update module github.com/fasthttp/router to v1.3.10 ( #1856 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-27 09:13:15 +11:00
renovate[bot]
77e21165c9
build(deps): update arm64v8/alpine docker tag to v3.13.3 ( #1855 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 13:54:11 +11:00
renovate[bot]
2177c93aef
build(deps): update arm32v7/alpine docker tag to v3.13.3 ( #1854 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 13:22:22 +11:00
renovate[bot]
e6929cdf3e
build(deps): update alpine docker tag to v3.13.3 ( #1853 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 11:30:30 +11:00
renovate[bot]
13ba4d1795
build(deps): update dependency @types/jest to v26.0.22 ( #1851 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 10:40:48 +11:00
renovate[bot]
b1d18cab9d
build(deps): update dependency @types/node to v14.14.36 ( #1852 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 09:52:01 +11:00
renovate[bot]
2b75e98402
build(deps): update module github.com/jackc/pgx/v4 to v4.11.0 ( #1850 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 09:04:32 +11:00
renovate[bot]
6d4d1d5e2f
build(deps): update traefik docker tag to v2.4.8 ( #1848 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-24 19:34:55 +01:00
James Elliott
5b9f505e6c
docs: add issue templates ( #1847 )
...
* docs: add issue templates
* ci: skip .github/ dir
2021-03-24 09:50:11 +11:00
renovate[bot]
7a88c848ad
build(deps): update dependency @types/react-dom to v17.0.3 ( #1845 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-23 20:12:11 +11:00
James Elliott
a44f0cf959
fix: redis sentinel secret missing ( #1839 )
...
* fix: redis sentinel secret missing
* refactor: use consts for authentication_backend.file.password errs
* fix: unit test for new default port
* test: cover additional misses
* test: fix windows/linux specific test error
* test: more windows specific tests
* test: remove superfluous url.IsAbs
* test: validator 100% coverage
2021-03-22 20:04:09 +11:00
renovate[bot]
7ccbaaffe3
build(deps): update dependency query-string to v7 ( #1840 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-19 11:03:23 +11:00
Amir Zarrinkafsh
66b010cb59
docs: fix haproxy examples for /api/verify?auth=basic ( #1835 )
...
The previous examples did not appropriately pass through the WWW-Authenticate header and 401 when the user was unauthenticated therefore not resulting in a basic auth login prompt.
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-18 19:56:08 +11:00
renovate[bot]
8ff018c82f
build(deps): update dependency @types/jest to v26.0.21 ( #1837 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-17 21:03:07 +01:00
renovate[bot]
e7c9d55c23
build(deps): update haproxy docker tag to v2.3.7 ( #1834 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-17 08:51:46 +11:00
renovate[bot]
ef03751f5f
build(deps): update font awesome ( #1833 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-16 21:46:32 +01:00
renovate[bot]
3cb5a5e7ee
build(deps): update dependency @types/node to v14.14.35 ( #1830 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-16 09:52:30 +11:00
James Elliott
a0248cd096
test(suites): short mode skip suites testing ( #1823 )
...
This PR changes the suites tests so if go test -short is used, they are skipped per go standards and a message is displayed. Additionally removed some redundant types from suite_high_availability_test.go and adjusted a warning about a nil req var.
2021-03-14 18:08:26 +11:00
James Elliott
4f5bda768b
release: v4.27.2 ( #1822 )
2021-03-13 16:34:39 +11:00
James Elliott
e3e8df26f2
refactor(session): use github.com/fasthttp/session/v2 instead of github.com/authelia/session/v2 ( #1809 )
...
Reverts to the upstream library instead of our maintenance fork.
2021-03-13 16:06:19 +11:00
James Elliott
391c8671e9
fix(handlers): log user as '<anonymous>' instead of a blank string ( #1808 )
2021-03-13 15:52:07 +11:00
Amir Zarrinkafsh
25fe7b1ebe
fix(web): fix compilation and running in development mode ( #1821 )
...
During a `yarn start` the react frontend would throw the following errors during compilation:
```
Starting the development server...
Compiled with warnings.
./src/index.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-4-1!./node_modules/postcss-loader/src??postcss!./src/index.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
./node_modules/@fortawesome/fontawesome-svg-core/styles.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-4-1!./node_modules/postcss-loader/src??postcss!./node_modules/@fortawesome/fontawesome-svg-core/styles.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
./src/components/FingerTouchIcon.module.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-5-1!./node_modules/postcss-loader/src??postcss!./src/components/FingerTouchIcon.module.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
./src/components/PushNotificationIcon.module.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-5-1!./node_modules/postcss-loader/src??postcss!./src/components/PushNotificationIcon.module.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
Search for the keywords to learn more about each warning.
To ignore, add // eslint-disable-next-line to the line before.
```
This in turn would mean that the server would never finish loading.
This change will allow the code to compile and run appropriately both in production and development modes.
2021-03-13 14:09:51 +11:00
renovate[bot]
e5a6b6b85d
build(deps): update dependency @types/node to v14.14.34 ( #1814 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-13 10:47:21 +11:00
dependabot[bot]
cb41f5a643
build(deps): bump react-dev-utils from 11.0.3 to 11.0.4 in /web ( #1813 )
...
Bumps [react-dev-utils](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-dev-utils ) from 11.0.3 to 11.0.4.
- [Release notes](https://github.com/facebook/create-react-app/releases )
- [Changelog](https://github.com/facebook/create-react-app/blob/master/CHANGELOG-1.x.md )
- [Commits](https://github.com/facebook/create-react-app/commits/HEAD/packages/react-dev-utils )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-13 10:14:05 +11:00
renovate[bot]
28239214f6
build(deps): update dependency chai to v4.3.4 ( #1816 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-13 09:55:32 +11:00
allcontributors[bot]
d43d477265
docs: add craSH as a contributor ( #1820 )
...
* docs: update README.md
* docs: update .all-contributorsrc
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-13 09:39:40 +11:00
James Elliott
1a43ca7b8a
docs(authorization): document changed resources behavior ( #1819 )
...
I missed documenting this change, but prior to 4.27.0 the query param was never considered when matching resources. But that's no longer the case.
Fixes #1817
2021-03-13 09:36:22 +11:00
James Elliott
5e72f8e8c7
build(deps): update to golang 1.16.2 explicitly ( #1818 )
2021-03-13 09:32:13 +11:00
James Elliott
5a5efa5e02
fix(server): send 404 on missing api endpoints instead of 405 ( #1806 )
...
Returns a 404 instead of 405 on bad API endpoints. The original issue was resolved in 3487fd392e
however this resolves another issue that's related. Additionally this ensures the behavior is tested.
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Fixes #1520
Closes #1534
2021-03-11 18:36:58 +11:00
James Elliott
2fabfecb55
release: v4.27.1 ( #1801 )
2021-03-11 12:29:07 +11:00
allcontributors[bot]
ac329c53e3
docs: add mardom1 as a contributor ( #1804 )
...
* docs: update README.md
* docs: update .all-contributorsrc
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-03-11 12:15:31 +11:00
allcontributors[bot]
8191ca2330
docs: add dchidell as a contributor ( #1803 )
...
* docs: update README.md
* docs: update .all-contributorsrc
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-03-11 12:13:22 +11:00
allcontributors[bot]
28922c762b
docs: add except as a contributor ( #1802 )
...
* docs: update README.md
* docs: update .all-contributorsrc
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-11 12:11:09 +11:00
James Elliott
c310049faa
refactor(authentication): use crypto constant time compare ( #1800 )
...
* refactor(authentication): use crypto constant time compare
Improve security with usage of the crypto/subtle ConstantTimeCompare() method for hash comparison.
Fixes #1799
* docs: add explicit labels for chat types
2021-03-11 12:08:49 +11:00
David Chidell
5cf11f87c8
docs(authorizer): important headers for access-control networks ( #1794 )
...
* Document X-Forwarded-For capabilities within access-control networks
Adds a short paragraph detailing X-Forwarded-For header behaviour
into the documentation.
* Update docs/configuration/access-control.md
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-11 10:18:39 +11:00
dependabot[bot]
c4864ca64c
build(deps): bump elliptic from 6.5.3 to 6.5.4 in /web ( #1796 )
...
Bumps [elliptic](https://github.com/indutny/elliptic ) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/indutny/elliptic/releases )
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-10 16:11:36 +11:00
James Elliott
1e46ec6c44
ci: restore dependabot rules ( #1797 )
...
Restores the dependabot rules in buildkite for the purpose of security fixes which are handled by dependabot still.
2021-03-10 15:53:33 +11:00
James Elliott
98b47227ee
release: v4.27.0 ( #1795 )
2021-03-10 11:53:49 +11:00
renovate[bot]
5001749b1b
build(deps): update module github.com/sirupsen/logrus to v1.8.1 ( #1792 )
...
* build(deps): update module github.com/sirupsen/logrus to v1.8.1
* fix: go mod tidy (go.sum)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-10 11:33:14 +11:00
renovate[bot]
99a7c5ac2f
build(deps): update dependency @types/node to v14.14.33 ( #1793 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-10 10:43:45 +11:00
James Elliott
e041143f87
feat(session): add redis sentinel provider ( #1768 )
...
* feat(session): add redis sentinel provider
* refactor(session): use int for ports as per go standards
* refactor(configuration): adjust tests and validation
* refactor(configuration): add err format consts
* refactor(configuration): explicitly map redis structs
* refactor(session): merge redis/redis sentinel providers
* refactor(session): add additional checks to redis providers
* feat(session): add redis cluster provider
* fix: update config for new values
* fix: provide nil certpool to affected tests/mocks
* test: add additional tests to cover uncovered code
* docs: expand explanation of host and nodes relation for redis
* ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum
* fix(session): sentinel password
* test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config
* test: make entrypoint.sh executable, fix entrypoint.sh if/elif
* test: add redis failover tests
* test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging
* test: add sentinel integration test
* test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep
* feat: use sentinel failover cluster
* fix: renamed addrs to sentineladdrs upstream
* test(session): sentinel failover
* test: add redis standard back into testing
* test: move redis standalone test to traefik2
* fix/docs: apply suggestions from code review
2021-03-10 10:03:05 +11:00
renovate[bot]
073c558296
build(deps): update traefik docker tag to v2.4.7 ( #1790 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 14:18:48 +11:00
renovate[bot]
ac7ee18610
build(deps): update dependency @types/react-dom to v17.0.2 ( #1789 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 09:45:12 +11:00
renovate[bot]
9dcb2e06fb
build(deps): update dependency @types/node to v14.14.32 ( #1784 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 09:28:31 +11:00
renovate[bot]
d7484bd7e2
build(deps): update dependency @types/react to v17.0.3 ( #1785 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-08 15:59:25 +11:00
renovate[bot]
095b9fa16d
build(deps): update dependency typescript to v4.2.3 ( #1780 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-05 22:32:51 +11:00
James Elliott
4dce8f9496
perf(authorizer): preload access control lists ( #1640 )
...
* adjust session refresh to always occur (for disabled users)
* feat: adds filtering option for Request Method in ACL's
* simplify flow of internal/authorization/authorizer.go's methods
* implement query string checking
* utilize authorizer.Object fully
* make matchers uniform
* add tests
* add missing request methods
* add frontend enhancements to handle request method
* add request method to 1FA Handler Suite
* add internal ACL representations (preparsing)
* expand on access_control next
* add docs
* remove unnecessary slice for network names and instead just use a plain string
* add warning for ineffectual bypass policy (due to subjects)
* add user/group wildcard support
* fix(authorization): allow subject rules to match anonymous users
* feat(api): add new params
* docs(api): wording adjustments
* test: add request method into testing and proxy docs
* test: add several checks and refactor schema validation for ACL
* test: add integration test for methods acl
* refactor: apply suggestions from code review
* docs(authorization): update description
2021-03-05 15:18:31 +11:00
renovate[bot]
455b859047
build(deps): update haproxy docker tag to v2.3.6 ( #1779 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-04 14:15:01 +11:00