336b32818a
[MISC] (deps): [Security] Bump node-notifier from 8.0.0 to 8.0.1 in /web ( #1553 )
...
Bumps [node-notifier](https://github.com/mikaelbr/node-notifier ) from 8.0.0 to 8.0.1. **This update includes a security fix.**
- [Release notes](https://github.com/mikaelbr/node-notifier/releases )
- [Changelog](https://github.com/mikaelbr/node-notifier/blob/v8.0.1/CHANGELOG.md )
- [Commits](https://github.com/mikaelbr/node-notifier/compare/v8.0.0...v8.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-22 09:45:45 +11:00
39bb2d2d1a
Add config example for LDAP groupOfUniqueNames group structure ( #1549 )
...
* Add config example for groupOfUniqueNames group structure
* Update ldap.md
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-22 08:16:20 +11:00
d5904bdae4
[MISC] (deps): Bump arm32v7/alpine from 3.12.2 to 3.12.3 ( #1552 )
...
Bumps arm32v7/alpine from 3.12.2 to 3.12.3.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-22 07:55:55 +11:00
ee3ce69f9f
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind ( #1548 )
...
Bumps alpine from 3.12.2 to 3.12.3.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-19 14:11:31 +11:00
a9635aafd2
[MISC] (deps): Bump alpine from 3.12.2 to 3.12.3 ( #1547 )
...
Bumps alpine from 3.12.2 to 3.12.3.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-19 12:55:57 +11:00
5ea3aebd44
[MISC] (deps): Bump arm32v7/alpine from 3.12.1 to 3.12.2 ( #1545 )
...
Bumps arm32v7/alpine from 3.12.1 to 3.12.2.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-17 09:36:56 +11:00
18627d5869
[RELEASE] v4.24.1 ( #1543 )
2020-12-16 14:11:41 +11:00
b989c1b169
[MISC] Refactor and address most errcheck linter ignores ( #1511 )
...
* [MISC] Refactor and address most errcheck linter ignores
This is mostly a quality of life change.
When we first implemented the errcheck linter we ignored a number of items in our legacy codebase with intent to revisit down the track.
* Handle errors for regulation marks and remove unnecessary logging
2020-12-16 12:47:31 +11:00
7c6a86882f
[MISC] Catch OpenLDAP ppolicy error ( #1508 )
...
* [MISC] Catch OpenLDAP ppolicy error
Further to the discussion over at #361 , this change now ensures that OpenLDAP password complexity errors are caught and appropriately handled.
This change also includes the PasswordComplexity test suite in the LDAP integration suite. This is because a ppolicy has been setup and enforced.
* Remove password history for integration tests
* Adjust max failures due to regulation trigger
* Fix error handling for password resets
* Refactor and include code suggestions
2020-12-16 12:30:03 +11:00
52e6435896
[DOCS] Add Discord badge to README.md ( #1542 )
...
* [DOCS] Add Discord badge to README.md
* add to contact section
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-16 12:08:51 +11:00
f2282f78a9
[DOCS] Add notes for IPv6 literal address ( #1541 )
2020-12-16 11:31:39 +11:00
a7968bc77b
[DOCS] Update hash-password example with single quotes ( #1537 )
...
* [Doc] Single quote the hash-password input
Closes #1536
* Update docs/configuration/authentication/file.md
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-12-16 11:07:51 +11:00
86c4577127
[DOCS] Add a note on regexps in ACLs ( #1533 )
...
Fixes #1523
2020-12-16 11:00:58 +11:00
21fd616f8c
[MISC] (deps): Bump @types/node from 14.14.13 to 14.14.14 in /web ( #1540 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 14.14.13 to 14.14.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-12-16 10:35:59 +11:00
b5e23f3392
[MISC] (deps): Bump arm64v8/alpine from 3.12.1 to 3.12.2 ( #1539 )
...
Bumps arm64v8/alpine from 3.12.1 to 3.12.2.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-15 22:29:24 +01:00
7c4abf7b26
[MISC] (deps): Bump @types/node from 14.14.12 to 14.14.13 in /web ( #1530 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 14.14.12 to 14.14.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-14 13:19:35 +11:00
c14af472dd
[MISC] (deps): Bump alpine in /internal/suites/example/compose/kind ( #1531 )
...
Bumps alpine from 3.12.1 to 3.12.2.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-14 09:12:55 +11:00
ceee1f1bb0
[MISC] (deps): Bump alpine from 3.12.1 to 3.12.2 ( #1532 )
...
Bumps alpine from 3.12.1 to 3.12.2.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-14 07:50:55 +11:00
6c930d88a8
[MISC] (deps): Bump typescript from 4.1.2 to 4.1.3 in /web ( #1528 )
...
Bumps [typescript](https://github.com/Microsoft/TypeScript ) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases )
- [Commits](https://github.com/Microsoft/TypeScript/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-12 12:37:45 +11:00
101bbef5a6
[MISC] (deps): [Security] Bump ini from 1.3.5 to 1.3.7 in /web ( #1524 )
...
Bumps [ini](https://github.com/isaacs/ini ) from 1.3.5 to 1.3.7. **This update includes a security fix.**
- [Release notes](https://github.com/isaacs/ini/releases )
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-12 12:05:38 +11:00
f246b629c3
[MISC] (deps): Bump @types/node from 14.14.11 to 14.14.12 in /web ( #1522 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 14.14.11 to 14.14.12.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-12 11:35:51 +11:00
c2708c40ab
[MISC] (deps): Bump golang from 1.15.5-alpine to 1.15.6-alpine ( #1519 )
...
Bumps golang from 1.15.5-alpine to 1.15.6-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-12 10:52:08 +11:00
12a6286dc1
[MISC] (deps): Bump @types/jest from 26.0.17 to 26.0.19 in /web ( #1525 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 26.0.17 to 26.0.19.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-11 10:03:29 +11:00
c9d8851b5d
[MISC] (deps): Bump @types/node from 14.14.10 to 14.14.11 in /web ( #1516 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 14.14.10 to 14.14.11.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-09 10:31:18 +11:00
c63d20c9a2
[MISC] (deps): Bump @types/jest from 26.0.16 to 26.0.17 in /web ( #1514 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 26.0.16 to 26.0.17.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-09 10:10:23 +11:00
a7fa59a70b
[MISC] (deps): Bump @craco/craco from 5.9.0 to 6.0.0 in /web ( #1515 )
...
Bumps [@craco/craco](https://github.com/gsoft-inc/craco ) from 5.9.0 to 6.0.0.
- [Release notes](https://github.com/gsoft-inc/craco/releases )
- [Commits](https://github.com/gsoft-inc/craco/compare/v5.9.0...v6.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-09 06:25:31 +11:00
d7fea74177
[MISC] (deps): Bump golang in /internal/suites/example/compose/authelia ( #1512 )
...
Bumps golang from 1.15.5-alpine to 1.15.6-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-07 12:47:48 +11:00
fc034fbabc
[RELEASE] v4.24.0 ( #1507 )
2020-12-03 18:30:49 +11:00
0bf192aae0
[CI] Adjust reviewdog filtermode for linting ( #1506 )
...
This will ensure that linter errors are picked up for the entire codebase instead of just against the default of [added/modified lines](https://github.com/reviewdog/reviewdog#added-default ).
2020-12-03 18:06:42 +11:00
426f5260ad
[FEATURE] LDAP StartTLS ( #1500 )
...
* add start_tls config option
* add StartTLS method to the LDAP conn factory and the mock
* implemented use of the StartTLS method when the config is set to true
* add mock unit tests
* add docs
* add TLS min version support
* add tests to tls version method
* fix lint issues
* minor adjustments
* remove SSL3.0
* add tls consts
* deprecate old filter placeholders
* remove redundant fake hashing in file auth provider (to delay username enumeration, was replaced by #993
* make suite ActiveDirectory use StartTLS
* misc adjustments to docs
* suggested changes from code review
* deprecation notice conformity
* add mock test for LDAPS plus StartTLS
2020-12-03 16:23:52 +11:00
ba9e89e750
[MISC] (deps): Bump @material-ui/core from 4.11.1 to 4.11.2 in /web ( #1504 )
...
Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui ) from 4.11.1 to 4.11.2.
- [Release notes](https://github.com/mui-org/material-ui/releases )
- [Changelog](https://github.com/mui-org/material-ui/blob/v4.11.2/CHANGELOG.md )
- [Commits](https://github.com/mui-org/material-ui/commits/v4.11.2/packages/material-ui )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-03 11:56:46 +11:00
9e90c8b044
[MISC] (deps): Bump @material-ui/icons from 4.9.1 to 4.11.2 in /web ( #1503 )
...
Bumps [@material-ui/icons](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui-icons ) from 4.9.1 to 4.11.2.
- [Release notes](https://github.com/mui-org/material-ui/releases )
- [Changelog](https://github.com/mui-org/material-ui/blob/v4.11.2/CHANGELOG.md )
- [Commits](https://github.com/mui-org/material-ui/commits/v4.11.2/packages/material-ui-icons )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-03 11:35:45 +11:00
c9837568b5
[MISC] (deps): Bump haproxy in /internal/suites/example/compose/haproxy ( #1501 )
...
Bumps haproxy from 2.3.1-alpine to 2.3.2-alpine.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-03 09:54:21 +11:00
e99e7e8be0
[MISC] (deps): Bump @types/jest from 26.0.15 to 26.0.16 in /web ( #1498 )
...
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest ) from 26.0.15 to 26.0.16.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-12-02 10:27:11 +11:00
365304a684
[FEATURE] Add Optional Check for Session Username on VerifyGet ( #1427 )
...
* Adding the Session-Username header to the /api/verify endpoint when using cookie auth will check the value stored in the session store for the username and the header value are the same.
* use strings.EqualFold to compare case insensitively
* add docs
* add unit tests
* invalidate session if it is theoretically hijacked and log it as a warning (can only be determined if the header doesn't match the cookie)
* add example PAM script
* go mod tidy
* go mod bump to 1.15
2020-12-02 10:03:44 +11:00
9d3bc378ac
[MISC] (deps): Bump @craco/craco from 5.8.0 to 5.9.0 in /web ( #1496 )
...
Bumps [@craco/craco](https://github.com/gsoft-inc/craco ) from 5.8.0 to 5.9.0.
- [Release notes](https://github.com/gsoft-inc/craco/releases )
- [Commits](https://github.com/gsoft-inc/craco/compare/v5.8.0...v5.9.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-12-01 08:58:10 +11:00
b0fbf2c4cc
[CI] Exclude non-coverage files from codecov upload ( #1495 )
...
* [CI] Exclude non-coverage files from codecov upload
* Ignore React serviceWorker.ts for coverage
As we do not utilise service workers in React gives more accurate coverage percentages when ignored.
2020-11-30 21:12:46 +11:00
d890e7d751
[CI] Add metadata switch for codecov verbose output ( #1494 )
2020-11-30 12:04:09 +11:00
b786b2e1f5
[MISC] Refactor webdriver port initialization ( #1491 )
...
This change aims to factorize code introduced in #1467 for webdriver port customisation within the suites.
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-11-28 11:06:42 +11:00
ba04d1072b
[BUGFIX] Make username_attribute a mandatory placeholder in users_filter ( #1449 )
...
* [BUGFIX] Make username_attribute a mandatory placeholder in users_filter
Not including the `username_attribute` in the `users_filter` will cause issues with the LDAP session refresh and will result in session resets when the refresh interval has expired.
This change makes said attribute mandatory for the `users_filter`.
* Update version referenced in docs for fix
2020-11-28 00:30:27 +11:00
aa64d0c4e5
[FEATURE] Support MSAD password reset via unicodePwd attribute ( #1460 )
...
* Added `ActiveDirectory` suite for integration tests with Samba AD
* Updated documentation
* Minor styling refactor to suites
* Clean up LDAP user provisioning
* Fix Authelia home splash to reference correct link for webmail
* Add notification message for password complexity errors
* Add password complexity integration test
* Rename implementation default from rfc to custom
* add specific defaults for LDAP (activedirectory implementation)
* add docs to show the new defaults
* add docs explaining the importance of users filter
* add tests
* update instances of LDAP implementation names to use the new consts where applicable
* made the 'custom' case in the UpdatePassword method for the implementation switch the default case instead
* update config examples due to the new defaults
* apply changes from code review
* replace schema default name from MSAD to ActiveDirectory for consistency
* fix missing default for username_attribute
* replace test raising on empty username attribute with not raising on empty
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-11-27 20:59:22 +11:00
ffde77bdfd
[MISC] (deps): Bump @types/node from 14.14.9 to 14.14.10 in /web ( #1492 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 14.14.9 to 14.14.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-11-25 21:11:33 +11:00
d75ce2b5c3
[MISC] (deps): Bump @material-ui/core from 4.11.0 to 4.11.1 in /web ( #1490 )
...
Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui ) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/mui-org/material-ui/releases )
- [Changelog](https://github.com/mui-org/material-ui/blob/v4.11.1/CHANGELOG.md )
- [Commits](https://github.com/mui-org/material-ui/commits/v4.11.1/packages/material-ui )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-11-25 11:10:14 +11:00
a29eeb52b6
[FEATURE] Add JSON log formatting option ( #1488 )
...
This change adds the ability to format Authelia's log output as JSON.
Example below:
```
{"level":"info","msg":"Logging severity set to info","time":"2020-01-01T00:00:00+11:00"}
{"level":"info","msg":"Authelia is listening for non-TLS connections on 0.0.0.0:9091","time":"2020-01-01T00:00:00+11:00"}
```
2020-11-25 10:46:41 +11:00
f1ecc5b82a
[FEATURE] Create dedicated health endpoint ( #1489 )
...
This change points the Docker containers healthcheck to the dedicated `/api/health` endpoint and also includes support for Authelia running with a path prefix.
2020-11-25 10:20:52 +11:00
774c1c0207
[MISC] Consistently utilise correct logging interface ( #1487 )
...
This change aims to utilise the correct logging interface consistently.
The only instances where stdlib log is utilised is for tests and when commands that Authelia supports; for example certificate generation, password hashing and config validation.
2020-11-25 09:54:36 +11:00
9310cead97
[RELEASE] v4.23.3 ( #1486 )
2020-11-24 13:23:18 +11:00
1ed59957a3
[BUGFIX] Fix Docker healthcheck script ( #1485 )
...
* [MISC] Update Docker healthcheck script
This change now determines the host for Docker healthcheck from the `configuration.yml` that Authelia is started with.
The script has also been run through shellcheck and terminated with a newline in hopes to resolve a number of unreproducible issues.
* Fix healthcheck failing because of CRLF in configuration.yml (#1483 )
The configuration.yml might contain CRLF characters. If that's the case, they are included in the results of sed, which breaks the healthcheck, so remove any CR characters in the host/port variables.
Co-authored-by: Berisan <berisan@berisan.dev>
2020-11-24 13:04:06 +11:00
3832b55312
[DOCS] Fix links in Contributing ( #1484 )
2020-11-24 12:47:12 +11:00
495e57b46c
[DOCS] Make HAProxy regex case insensitive ( #1478 )
2020-11-24 12:35:38 +11:00
dependabot-preview[bot]
ZMiguel Valdiviesso
James Elliott
Amir Zarrinkafsh
Begley Brothers (Development)
Clément Michaud
Timo