Clement Michaud
4016ff1bba
[BREAKING] Create a suite for Traefik proxy.
...
* Removal of the Redirect header sent by Authelia /api/verify endpoint.
* Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host
to compute the link sent in identity verification emails.
* Authelia used Host header as the application name for U2F authentication but it's now using
X-Forwarded-* headers.
2019-04-12 09:24:54 +02:00
ViViDboarder
617e929e1a
Fix relative paths and add error handling
2019-04-12 09:24:54 +02:00
ViViDboarder
356b82f443
Fix lint error
2019-04-12 09:24:54 +02:00
ViViDboarder
0922b3c215
Build x-original-url from forwarded headers
...
This is to allow broader support for proxies. In particular, this allows
support with Traefik.
This patch also includes some examples of configuration with Traefik.
2019-04-12 09:24:54 +02:00
Clement Michaud
36d65c284e
Add a test checking forwarded headers on bypass-based resources.
2019-04-10 22:34:15 +02:00
Amir Zarrinkafsh
c074270b54
Fix attaching User/Groups headers for bypass strategy
2019-04-10 21:32:12 +02:00
Clement Michaud
87e06e6528
Remove bad error message when registering U2F device.
2019-03-31 20:39:20 +02:00
Clement Michaud
8a76b5118d
Add network criteria in ACLs to specify policy based on network subnet.
2019-03-31 20:11:07 +02:00
Clement Michaud
3c6e2ae448
3.13.0
2019-03-29 14:12:58 +01:00
Clement Michaud
23658dbcdf
Update the CHANGELOG before release of v3.13.0.
2019-03-29 14:12:41 +01:00
Clement Michaud
e7c09fddc6
Simplify nginx example configuration.
2019-03-28 23:14:36 +01:00
Clement Michaud
81207b49ad
Fix failing second factor when no default redirection url set.
...
When no default redirection url was set, Duo push second factor was shown as
failing even if authentication was successful.
2019-03-28 22:38:16 +01:00
Clément Michaud
e3b6410e79
Merge pull request #344 from nightah/duo-additions
...
Capture IP address and Target URL in Duo 2FA request
2019-03-27 10:47:23 +01:00
Amir Zarrinkafsh
274c6135c7
Capture IP address and Target URL in Duo 2FA request
2019-03-27 19:44:50 +11:00
Clément Michaud
c2810101a4
Update README.md
2019-03-25 09:04:58 +01:00
Clément Michaud
30f47a1451
Merge pull request #342 from clems4ever/duo-push
...
Add Duo Push Notification option as 2FA.
2019-03-24 23:55:44 +01:00
Clement Michaud
28cc5e7e1b
Fix integration tests.
2019-03-24 23:29:46 +01:00
Clement Michaud
a4b129a676
Security Key method is not displayed if browser does not support it.
2019-03-24 22:36:49 +01:00
Clement Michaud
a717b965c1
Display only available 2FA methods.
...
For instance Duo Push Notification method is not displayed if the API
is not configured.
2019-03-24 22:23:25 +01:00
Clement Michaud
d09a307ff8
Fix redirection after 2FA method change.
...
Authelia was using links with href="#" that changed the URL when clicked
on. Therefore, this commit removes the href property and apply link style
to tags without href property.
2019-03-24 20:02:55 +01:00
Clement Michaud
4eaafb7115
Update the documentation to include information on Duo.
2019-03-24 18:45:32 +01:00
Clement Michaud
ff88ad354f
Install /etc/hosts entries from bootstrap script.
...
This allows to add an entry which is not pointing to localhost but
to a docker container in the Travis virtual env.
2019-03-24 16:43:30 +01:00
Clement Michaud
8ef402511c
Add Duo Push Notification option as 2FA.
2019-03-24 15:15:49 +01:00
Clément Michaud
090a74299f
Merge pull request #340 from clems4ever/2fa-opt-state
...
Display only one 2FA option.
2019-03-23 20:53:37 +01:00
Clement Michaud
d9e487c99f
Display only one 2FA option.
...
Displaying only one option at 2FA stage will allow to add more options
like DUO push or OAuth.
The user can switch to other option and in this case the option is
remembered so that next time, the user will see the same option. The
latest option is considered as the prefered option by Authelia.
2019-03-23 19:34:00 +01:00
Clément Michaud
92eb897a03
Merge pull request #336 from clems4ever/fix-bypass-policy
...
Fix bypass policy
2019-03-23 09:20:41 +01:00
Clement Michaud
40574bc8ec
Fix the bypass strategy.
...
Before this fix an anonymous user was not able to access a resource
that were configured with a bypass policy. This was due to a useless
check of the userid in the auth session. Moreover, in the case of an
anonymous user, we should not check the inactivity period since there
is no session.
Also refactor /verify endpoint for better testability and add tests
in a new suite.
2019-03-22 23:51:36 +01:00
Clément Michaud
55f423a6ae
Merge pull request #334 from clems4ever/log-header-access
...
Log what is retrieved from headers to help debugging.
2019-03-22 15:50:46 +01:00
Clement Michaud
bd5bb497e3
Log stage names as they are running in travis script.
2019-03-22 15:34:42 +01:00
Clement Michaud
9366741980
Forbid test selected with only in CI.
2019-03-22 15:34:42 +01:00
Clement Michaud
6a19f7eb91
Add documentation for nginx proxy.
2019-03-22 15:34:42 +01:00
Clement Michaud
7c3d6cc376
Log what is retrieved from headers to help debugging.
2019-03-22 15:34:38 +01:00
Clément Michaud
d858e13d87
Merge pull request #331 from clems4ever/test-kubernetes
...
Add a suite for Kubernetes.
2019-03-17 08:55:36 +01:00
Clement Michaud
76fa325f08
[BREAKING] Create a suite for kubernetes tests.
...
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.
This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00
Clement Michaud
f8a12b8482
Fix dead link in README of suites.
2019-03-04 00:02:45 +01:00
Clement Michaud
f529cd7b38
Make password from hash-password command required.
2019-03-03 23:55:34 +01:00
Clement Michaud
ace780d86b
Fix commands in getting-started documentation.
2019-03-03 23:54:10 +01:00
Clement Michaud
d7bc937226
Fix broken image in documentation about features.
2019-03-03 12:11:26 +01:00
Clement Michaud
9812cbdc30
Resize image of first factor page to be the same as second factor.
2019-03-03 12:09:35 +01:00
Clément Michaud
d1f6502788
Merge pull request #330 from clems4ever/react-ui
...
Rewrite frontend in React and improve development experience.
2019-03-03 12:06:04 +01:00
Clement Michaud
117d0ffeab
Resize image showing first factor page.
2019-03-03 11:40:32 +01:00
Clement Michaud
06aa9803bf
Update the documentation to include info about suites and authelia-scripts.
2019-03-03 11:40:32 +01:00
Clement Michaud
27c4312709
Resize image of first factor page.
2019-03-03 11:39:41 +01:00
Clement Michaud
6ce0ae5d90
Remove description of suites and use suite name instead.
2019-03-03 11:39:41 +01:00
Clement Michaud
2e3e1a7c8b
Update images with latest UI.
2019-03-03 11:39:41 +01:00
Clement Michaud
e8d7fe4111
Move users_database.yml files to dedicated suites.
2019-03-03 11:39:41 +01:00
Clement Michaud
4c0bb2ce7f
Rename some suites and add a README for each of them.
2019-03-03 11:39:41 +01:00
Clement Michaud
6d45692906
Create a specific suite for short timeouts to let humans use simple suite.
2019-03-03 11:39:41 +01:00
Clement Michaud
82848b448b
Fix some npm commands.
2019-03-03 11:39:40 +01:00
Clement Michaud
b3202976f2
Display warning message when trying to run unexisting suite.
2019-03-03 11:39:40 +01:00