Commit Graph

143 Commits (62a9f917c1a1d379eae300b59b2ab5c52e92499a)

Author SHA1 Message Date
James Elliott 6c472d8627
refactor(configuration): umask from query (#5416)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-09 21:25:56 +10:00
James Elliott 90d190121d
feat(server): listen on unix sockets (#5038)
This allows listening on unix sockets.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-07 15:48:26 +10:00
James Elliott 71a01b9945
i18n: update translation for portal.json (Italian) (#5338) 2023-04-30 15:07:30 +10:00
James Elliott 456ba9947b
i18n: update translations (#5315)
* i18n: update translation for portal.json (German)

* i18n: update translation for portal.json (Hungarian)

* i18n: update translation for portal.json (Slovenian)

* i18n: update translation for portal.json (Chinese Traditional)
2023-04-26 12:35:07 +10:00
James Elliott 616fa3c48d
docs: header consistency (#5266) 2023-04-18 09:53:26 +10:00
James Elliott eaddf11df6
refactor: http verbs etc (#5248)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 15:03:14 +10:00
James Elliott 2733fc040c
refactor: webauthn naming (#5243)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:04:42 +10:00
James Elliott 0424652940
refactor: adjust openapi (#5192)
Misc fixes to OpenAPI Specification that were missed.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-08 15:25:19 +10:00
James Elliott 2dcfc0b04c
feat(handlers): authz authrequest authelia url (#5181)
This adjusts the AuthRequest Authz implementation behave similarly to the other implementations in as much as Authelia can return the relevant redirection to the proxy and the proxy just utilizes it if possible. In addition it swaps the HAProxy examples over to the ForwardAuth implementation as that's now supported.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-08 14:48:55 +10:00
James Elliott ff6be40f5e
feat(oidc): pushed authorization requests (#4546)
This implements RFC9126 OAuth 2.0 Pushed Authorization Requests. See https://datatracker.ietf.org/doc/html/rfc9126 for the specification details.
2023-03-06 14:58:50 +11:00
James Elliott a345490826
feat(server): handle head method (#5003)
This implements some HEAD method handlers for various static resources and the /api/health endpoint.
2023-02-28 20:01:09 +11:00
James Elliott ac72ee494c
ci: fix misc and refactorings (#4994)
* ci: fix misc and refactorings

* ci: additional fix
2023-02-26 13:22:22 +11:00
James Elliott 2888ee7f41
refactor(commands): services (#4914)
Misc refactoring of the services logic to simplify the
2023-02-11 21:45:26 +11:00
James Elliott f382ba040e
i18n: update translations (#4850) 2023-01-30 10:16:52 +11:00
James Elliott 65705a646d
feat(server): customizable authz endpoints (#4296)
This allows users to customize the authz endpoints.

Closes #2753, Fixes #3716

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 20:36:40 +11:00
James Elliott a566c16d08
feat(web): privacy policy url (#4625)
This allows users to customize a privacy policy URL at the bottom of the login view.

Closes #2639
2023-01-22 19:58:07 +11:00
Manuel Nuñez 8b29cf7ee8
feat(session): multiple session cookie domains (#3754)
This adds support to configure multiple session cookie domains.

Closes #1198

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 21:57:44 +11:00
James Elliott cf4010b4fb
fix(oidc): csp blocks form_post response form submit (#4719)
This fixes an issue where the form_post response never gets submitted.

Fixes #4669
2023-01-08 07:04:06 +11:00
James Elliott fc5ea5b485
refactor(random): add random provider (#4712)
This adds a random provider which makes usage of random operations mockable, and may allow us in the future to swap out the Cryptographical CPU random generator with dedicated hardware random generators.
2023-01-07 11:19:41 +11:00
James Elliott 53a6275a79
fix(server): errors not logged (#4682)
This fixes a couple errors that were previously not logged as well as ensuring most templates are appropriately parsed via tests.
2023-01-03 17:08:49 +11:00
James Elliott 1c3219e93f
perf(server): cached openapi document (#4674)
This should lead to a small performance gain by caching the openapi.yml with etags as well as eliminating the use of nonce crypto generation when not required.
2023-01-03 14:49:02 +11:00
James Elliott a691131288
fix(notification): missing use of timeout (#4652) 2022-12-27 08:32:00 +11:00
James Elliott 3ba2eae20e
fix(server): verify endpoint 405ing non-get/head reqs (#4607)
Fixes an issue specific to envoy that prevents the verify endpoint working with requests not using the GET or HEAD methods.
2022-12-21 18:47:20 +11:00
James Elliott d13247ce43
refactor(server): simplify templating and url derivation (#4547)
This refactors a few areas of the server templating and related functions.
2022-12-17 11:49:05 +11:00
James Elliott 07e32ca734
i18n: update translation for portal.json (Finnish) (#4460) 2022-12-05 12:20:23 +11:00
James Elliott a283fda6d6
fix(oidc): handle authorization post requests (#4270)
This fixes an issue where the authorization endpoint was not handling post requests as per the specification. It also fixes the missing CORS middleware on the authorization endpoint.
2022-10-26 19:14:43 +11:00
James Elliott e3d82bcfa0
refactor: fix misc alignment issues and gen (#4239) 2022-10-23 07:42:19 +11:00
James Elliott 00ab279336
refactor: csp gen (#4163)
Generator for CSP.
2022-10-22 22:19:32 +11:00
James Elliott 3aaca0604f
feat(oidc): implicit consent (#4080)
This adds multiple consent modes to OpenID Connect clients. Specifically it allows configuration of a new consent mode called implicit which never asks for user consent.
2022-10-20 13:16:36 +11:00
James Elliott 3a70f6739b
feat(authentication): file password algorithms (#3848)
This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 21:51:59 +11:00
James Elliott 3107e493e7
refactor: adjust defaults (#4137)
* refactor: adjust defaults

* refactor: adjust level

* refactor: adjust level

* refactor: fix templates
2022-10-07 13:52:01 +11:00
James Elliott ed7092c59a
feat: envoy support (#3793)
Adds support for Envoy and Istio using the X-Authelia-URL header. The documentation will be published just before the release.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-10-01 21:47:09 +10:00
James Elliott b25578392f
i18n: update translations (#4053) 2022-09-24 08:27:10 +10:00
James Elliott c756c7b67b
i18n: update translations (#3972) 2022-09-16 15:01:22 +10:00
James Elliott 15110b732a
fix(server): i18n etags missing (#3973)
This fixes missing etags from locales assets.
2022-09-16 11:19:16 +10:00
James Elliott d7fd9ca506
refactor(logging): implement common interfaces (#3994)
This implements and leverages some common library logging interfaces.
2022-09-10 18:02:57 +10:00
James Elliott cd9bfe3f90
fix(web): i18n explicit lang ignored (#3961)
This fixes an issue where explicit languages such as nl-NL, pt-PT, zh-CH, and zh-TW are ignored even though they're supported.
2022-09-06 09:09:33 +10:00
James Elliott 9c5a8b77aa
i18n: update translations for portal.json (chinese simplified) (#3962) 2022-09-06 06:08:05 +10:00
James Elliott 305619f324
i18n: update translation for portal.json (portuguese) (#3932) 2022-09-01 06:22:22 +10:00
James Elliott 0f64618cb6
i18n: update translations (#3699) 2022-08-09 10:35:33 +10:00
James Elliott 342497a869
refactor(server): use errgroup to supervise services (#3755)
Uses the errgroup package and pattern for supervising services like servers etc.
2022-08-09 07:50:12 +10:00
James Elliott f12346e39c
fix(server): missing cache-control header (#3737)
This fixes a missing cache control header.

Fixes #3732.
2022-07-25 20:43:50 +10:00
James Elliott f115f77df8
fix(web): offline_access consent description (#3679) 2022-07-11 16:24:09 +10:00
James Elliott 394dafde01
refactor(server): factorize and improve csp (#3509) 2022-07-09 12:00:21 +10:00
James Elliott 3b7c858477
i18n: update translations (#3544)
* i18n: update translation for portal.json (Chinese Simplified)

* i18n: update translation for portal.json (Dutch)

* i18n: update translation for portal.json (German)

* i18n: update translation for portal.json (French)
2022-07-08 23:34:43 +10:00
James Elliott d2f1e5d36d
feat(configuration): automatically map old keys (#3199)
This performs automatic remapping of deprecated configuration keys in most situations.
2022-06-28 13:15:50 +10:00
James Elliott 001589cd6d
feat(metrics): implement prometheus metrics (#3234)
Adds ability to record metrics and gather them for Prometheus.
2022-06-14 17:20:13 +10:00
James Elliott 5e3a1fd863
fix(server): handled errors not logged correctly (#3507)
This fixes an issue where errors handled by the ErrorHandler were not correctly logged. It also ensures the errors are logged with fields to make them easy to diagnose.

Fixes #3506
2022-06-12 09:26:28 +10:00
Amir Zarrinkafsh a22e320f42
refactor(server): alphabetize translations (#3499) 2022-06-10 11:55:38 +10:00
James Elliott a50d425863
refactor(middlewares): convert the bridge to a builder (#3338)
This adjusts the bridge to be utilized as a builder in order to make it more reusable.
2022-06-10 11:34:43 +10:00