Commit Graph

218 Commits (67846faacb231d05b659ca69bbf3acfadfe07fc2)

Author SHA1 Message Date
dependabot-preview[bot] ef0c0fe8bf
[MISC] (deps): Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 (#1095)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-09 08:35:03 +10:00
Amir Zarrinkafsh 33e5677f87
[MISC] Update and clean go.mod/go.sum (#1076) 2020-06-04 13:34:25 +10:00
dependabot-preview[bot] 94a5386aff
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.5 to 1.1.6 (#1079)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.5...v1.1.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 21:12:15 +02:00
dependabot-preview[bot] 431d059c2e
[MISC] (deps): Bump github.com/lib/pq from 1.5.2 to 1.6.0 (#1067)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-06-01 09:52:45 +10:00
dependabot-preview[bot] 844a4c58d1
[MISC] (deps): Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 (#1066)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 08:52:59 +10:00
dependabot-preview[bot] 5d3f010a1f
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.4 to 1.1.5 (#1058)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:53:52 +02:00
dependabot-preview[bot] 54fe2a9abd
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.3 to 1.1.4 (#1054)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.3...v1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-05-26 21:32:37 +02:00
dependabot-preview[bot] 9eda7fb612
[MISC] (deps): Bump github.com/fasthttp/session/v2 from 2.0.2 to 2.1.0 (#1055)
Bumps [github.com/fasthttp/session/v2](https://github.com/fasthttp/session) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v2.0.2...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:20 +02:00
dependabot-preview[bot] 2b8a8a24a1
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.12.0 to 1.13.1 (#1056)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.12.0 to 1.13.1.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.12.0...v1.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-26 20:33:10 +02:00
dependabot-preview[bot] 00fa11020e
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3 (#1048)
* [MISC] (deps): Bump github.com/fasthttp/router from 1.1.2 to 1.1.3

Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* fix sum

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-25 08:54:38 +10:00
dependabot-preview[bot] 70e0bba1d1
[MISC] (deps): Bump github.com/otiai10/copy from 1.1.1 to 1.2.0 (#1047)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-24 21:31:04 +02:00
dependabot-preview[bot] b5f27b7451
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.1 to 1.1.2 (#1041)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 08:04:45 +10:00
Clément Michaud fe5ebfb75a
[FEATURE] Bump to fasthttp/session/v2 to support redis unix socket. (#1001)
* [FEATURE] Bump to fasthttp/session/v2 to support redis unix socket.

* Fix lint issues.

* Remove v1 import and fix double import.

* [DOCS] Document use of redis unix socket.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-18 12:45:47 +10:00
James Elliott 73bd2e4479
[FIX] Hash Password Cmd Not Encoding Provided Salt (#999)
* using authelia hash-password if you provide a salt it doesn't encode it as a base64 string
* this causes invalid salts to be stored if a user manually provided one instead of reliance on the automatic generation
* additionally bumped the minimum required salt length to 8 as per reference spec
* additionally removed the maximum salt length as per reference spec (actually 2^32-1 per int32)
* see docs:
  * https://tools.ietf.org/html/draft-irtf-cfrg-argon2-10
  * https://github.com/P-H-C/phc-winner-argon2
  * https://github.com/P-H-C/phc-string-format
* encode all salts
* fix edge case of false positive in CheckPassword
* bump crypt version and fix tests
2020-05-14 15:55:03 +10:00
dependabot-preview[bot] 8339b095c9
[MISC] (deps): Bump github.com/fasthttp/router from 1.1.0 to 1.1.1 (#1016)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-14 08:08:34 +10:00
dependabot-preview[bot] e259e6182e
[MISC] (deps): Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0 (#1017)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.8 to 2.3.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.8...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-14 07:19:17 +10:00
dependabot-preview[bot] 7718c48e68
[MISC] (deps): Bump github.com/spf13/viper from 1.6.3 to 1.7.0 (#1005)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.6.3 to 1.7.0.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.6.3...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-11 09:41:48 +10:00
dependabot-preview[bot] e2785e37c0
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.4 to 1.1.0 (#1004)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.4...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-11 09:16:49 +10:00
dependabot-preview[bot] 3d43e98bcf
[MISC] (deps): Bump github.com/lib/pq from 1.5.1 to 1.5.2 (#995)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.1...v1.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-09 02:24:24 +10:00
dependabot-preview[bot] df1fd31092
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.9 to 3.1.10 (#991)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.9 to 3.1.10.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.9...v3.1.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-05-08 11:20:46 +10:00
dependabot-preview[bot] 6aa97fa56b
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.8 to 3.1.9 (#986)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.8 to 3.1.9.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.8...v3.1.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-06 20:44:35 +02:00
dependabot-preview[bot] 2da79d6599
[MISC] (deps): Bump github.com/lib/pq from 1.5.0 to 1.5.1 (#972)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.5.0...v1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 20:54:18 +02:00
dependabot-preview[bot] e6caac7db0
[MISC] (deps): Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 (#968)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2020-05-04 07:55:02 +10:00
dependabot-preview[bot] 8d06187a17
[MISC] (deps): Bump github.com/lib/pq from 1.4.0 to 1.5.0 (#969)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.4.0...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 06:57:29 +10:00
Amir Zarrinkafsh f8bd506326
[FEATURE] Embed static assets in Go binary (#916)
* [FEATURE] Embed static assets in Go binary

* Refactor/consolidate code and specify public_html via configuration

* Update docs and config template for assets

* Update AUR package pre-requisites and systemd unit

* Include static assets as Buildkite and GitHub artifacts

* Remove references to PUBLIC_DIR

* Only serve assets via embedded filesystem and remove configuration references

* Update authelia-scripts helper to build the embedded filesystem

* Mock the embedded filesystem for unit tests
Add to gitignore to ensure this isn't overwritten.

* Move go:generate to satisfy linter
2020-04-29 00:07:20 +10:00
dependabot-preview[bot] 5d2b7a1398
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.3 to 1.0.4 (#923)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.3...v1.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-26 20:43:59 +02:00
James Elliott c1ac25a15b
[FEATURE] Config Validation (#901)
* [FEATURE] Config Validation

* check configuration for invalid keys on startup
* allow users to manually trigger all configuration validation on a file using a cmd
* setup all defaults in config template and run tests against it to prevent accidents
* use tests to check bad configuration values are caught
* use tests to check old configuration values are caught
* add tests for specific key errors
* resolve merge conflicts
* nolint prealloc for test
2020-04-23 11:47:27 +10:00
dependabot-preview[bot] d6f240dca5
[MISC] (deps): Bump github.com/lib/pq from 1.3.0 to 1.4.0 (#898)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.3.0...v1.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-22 15:18:30 +10:00
dependabot-preview[bot] 799945ba4b
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.11.0 to 1.12.0 (#897)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.11.0...v1.12.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-22 14:37:32 +10:00
Amir Zarrinkafsh 2e784084c7
[MISC] Implement golint recommendations (#885)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-20 23:03:38 +02:00
dependabot-preview[bot] fcfe8c4da8
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.2 to 1.0.3 (#884)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.2...v1.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-19 21:48:45 +02:00
dependabot-preview[bot] f139de97de
[MISC] (deps): Bump github.com/valyala/fasthttp from 1.9.0 to 1.10.0 (#875)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/valyala/fasthttp/releases)
- [Commits](https://github.com/valyala/fasthttp/compare/v1.9.0...v1.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-17 09:10:27 +10:00
dependabot-preview[bot] 4d1c2f38be
[MISC] (deps): Bump github.com/fasthttp/session from 1.1.7 to 1.1.8 (#867)
Bumps [github.com/fasthttp/session](https://github.com/fasthttp/session) from 1.1.7 to 1.1.8.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v1.1.7...v1.1.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-15 09:59:33 +10:00
dependabot-preview[bot] 49630664e7
[MISC] (deps): Bump github.com/fasthttp/router from 1.0.1 to 1.0.2 (#860)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v1.0.1...v1.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-13 12:47:27 +10:00
dependabot-preview[bot] 94d985b465
[MISC] (deps): Bump github.com/spf13/viper from 1.6.2 to 1.6.3 (#859)
Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.6.2...v1.6.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-13 11:46:04 +10:00
James Elliott 92084bc5b2
[MISC] Add http debug routes (#848)
* [MISC] Add debug endpoints to Authelia

* enabled only with trace logging
* allows go tool pprof usage when enabled
* enables both the expvarhandler and pprofhandler from fasthttp
* simplify tls/non-tls listen and serve
* make it easy to define custom settings of the fasthttp server in the future
* make name param optional
* add note about the trace setting in the documentation
2020-04-11 14:59:58 +10:00
dependabot-preview[bot] f05bce66f0
[MISC] (deps): Bump go.mongodb.org/mongo-driver from 1.3.1 to 1.3.2 (#836)
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.3.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-08 22:56:01 +02:00
dependabot-preview[bot] 8405b4fee1
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.7 to 3.1.8 (#812)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.7 to 3.1.8.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.7...v3.1.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 22:06:25 +02:00
dependabot-preview[bot] 376333affe
[MISC] (deps): Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 (#795)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.6 to 0.0.7.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v0.0.6...0.0.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-30 10:36:39 +11:00
James Elliott 40fb13ba3c
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773)
* Add period TOPT config key to define the time in seconds each OTP is rotated
* Add skew TOTP config to define how many keys either side of the current one should be considered valid
* Add tests and set minimum values
* Update config template
* Use unix epoch for position calculation and Fix QR gen
  * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute
* Generate QR based on period
* Fix OTP timer graphic
2020-03-25 12:48:20 +11:00
dependabot-preview[bot] 7cf39cb3a1
[MISC] (deps): Bump github.com/sirupsen/logrus from 1.4.2 to 1.5.0 (#774)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.4.2 to 1.5.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.4.2...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-24 10:42:32 +11:00
dependabot-preview[bot] 42d09da6ca
[MISC] (deps): Bump github.com/fasthttp/router from 0.6.1 to 0.7.0 (#737)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 0.6.1 to 0.7.0.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v0.6.1...v0.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 23:28:29 +11:00
dependabot-preview[bot] 89a81b7a05
[DEPS] Bump go.mongodb.org/mongo-driver from 1.1.3 to 1.3.1 (#731)
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.1.3 to 1.3.1.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.1.3...v1.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-19 20:32:50 +11:00
dependabot-preview[bot] 57cb342d0a
[DEPS] Bump github.com/lib/pq from 1.2.0 to 1.3.0 (#732)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.2.0...v1.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 20:09:10 +11:00
dependabot-preview[bot] ebd13cad46
[DEPS] Bump github.com/mattn/go-sqlite3 from 1.11.0 to 1.13.0 (#729)
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.11.0 to 1.13.0.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.11.0...v1.13.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 19:46:49 +11:00
dependabot-preview[bot] e174853564
[DEPS] Bump github.com/fasthttp/session from 1.1.3 to 1.1.7 (#730)
Bumps [github.com/fasthttp/session](https://github.com/fasthttp/session) from 1.1.3 to 1.1.7.
- [Release notes](https://github.com/fasthttp/session/releases)
- [Commits](https://github.com/fasthttp/session/compare/v1.1.3...v1.1.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-19 19:28:17 +11:00
dependabot-preview[bot] 309695fa7f
[DEPS] Bump github.com/spf13/cobra from 0.0.5 to 0.0.6 (#733)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.5 to 0.0.6.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/0.0.5...v0.0.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-19 17:40:58 +11:00
dependabot-preview[bot] de2bf6e5bc
[DEPS] Bump github.com/golang/mock from 1.3.1 to 1.4.3 (#728)
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.3.1 to 1.4.3.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/1.3.1...v1.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 17:16:59 +11:00
dependabot-preview[bot] 29b78508ea
[DEPS] Bump github.com/stretchr/testify from 1.4.0 to 1.5.1 (#727)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.5.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 16:51:22 +11:00
Amir Zarrinkafsh 298d56dea3
[DEPS] Fix gopkg.in/ldap.v3 import for dependabot (#726) 2020-03-19 15:22:46 +11:00
dependabot-preview[bot] 3666343be8
[DEPS] Bump github.com/otiai10/copy from 1.0.2 to 1.1.1 (#720)
Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.0.2 to 1.1.1.
- [Release notes](https://github.com/otiai10/copy/releases)
- [Commits](https://github.com/otiai10/copy/compare/v1.0.2...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 14:11:28 +11:00
dependabot-preview[bot] 18c7f06655
[DEPS] Bump github.com/fasthttp/router from 0.5.2 to 0.6.1 (#719)
Bumps [github.com/fasthttp/router](https://github.com/fasthttp/router) from 0.5.2 to 0.6.1.
- [Release notes](https://github.com/fasthttp/router/releases)
- [Commits](https://github.com/fasthttp/router/compare/v0.5.2...v0.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 13:51:32 +11:00
dependabot-preview[bot] ca0b3388bc
[DEPS] Bump gopkg.in/yaml.v2 from 2.2.4 to 2.2.8 (#718)
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.4 to 2.2.8.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.2.4...v2.2.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 13:04:29 +11:00
dependabot-preview[bot] 4a9997b959
[DEPS] Bump github.com/Workiva/go-datastructures from 1.0.50 to 1.0.52 (#717)
Bumps [github.com/Workiva/go-datastructures](https://github.com/Workiva/go-datastructures) from 1.0.50 to 1.0.52.
- [Release notes](https://github.com/Workiva/go-datastructures/releases)
- [Commits](https://github.com/Workiva/go-datastructures/compare/v1.0.50...v1.0.52)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 12:33:00 +11:00
dependabot-preview[bot] 7e7148c804
[DEPS] Bump github.com/go-sql-driver/mysql from 1.4.1 to 1.5.0 (#716)
Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases)
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.4.1...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-19 12:11:38 +11:00
James Elliott 26369fff3d
[FEATURE] Support Argon2id password hasing and improved entropy (#679)
* [FEATURE] Support Argon2id Passwords

- Updated go module github.com/simia-tech/crypt
- Added Argon2id support for file based authentication backend
- Made it the default method
- Made it so backwards compatibility with SHA512 exists
- Force seeding of the random string generator used for salts to ensure they are all different
- Added command params to the authelia hash-password command
- Automatically remove {CRYPT} from hashes as they are updated
- Automatically change hashes when they are updated to the configured algorithm
- Made the hashing algorithm parameters completely configurable
- Added reasonably comprehensive test suites
- Updated docs
- Updated config template

* Adjust error output

* Fix unit test

* Add unit tests and argon2 version check

* Fix new unit tests

* Update docs, added tests

* Implement configurable values and more comprehensive testing

* Added cmd params to hash_password, updated docs, misc fixes

* More detailed error for cmd, fixed a typo

* Fixed cmd flag error, minor refactoring

* Requested Changes and Minor refactoring

* Increase entropy

* Update docs for entropy changes

* Refactor to reduce nesting and easier code maintenance

* Cleanup Errors (uniformity for the function call)

* Check salt length, fix docs

* Add Base64 string validation for argon2id

* Cleanup and Finalization
- Moved RandomString function from ./internal/authentication/password_hash.go to ./internal/utils/strings.go
- Added SplitStringToArrayOfStrings func that splits strings into an array with a fixed max string len
- Fixed an error in validator that would allow a zero salt length
- Added a test to verify the upstream crypt module supports our defined random salt chars
- Updated docs
- Removed unused "HashingAlgorithm" string type

* Update crypt go mod, support argon2id key length and major refactor

* Config Template Update, Final Tests

* Use schema defaults for hash-password cmd

* Iterations check

* Docs requested changes

* Test Coverage, suggested edits

* Wording edit

* Doc changes

* Default sanity changes

* Default sanity changes - docs

* CI Sanity changes

* Memory in MB
2020-03-06 12:38:02 +11:00
Clément Michaud adf7bbaf5b
[DOCS] Bootstrap new documentation website based on just-the-docs (#659) 2020-02-29 01:43:59 +01:00
Clement Michaud e92d3ced3a Introduce viper in order to read secrets from env variables. 2020-01-22 10:15:25 +11:00
Clement Michaud e21da43fd6 Add support for LDAP over TLS. 2019-12-06 21:33:47 +01:00
Clement Michaud b89f63e9c1 Fix and parallelize integration tests. 2019-12-05 11:05:24 +01:00
Clement Michaud a06b69dd45 Provide commands to migrate database from v3 to v4. 2019-11-17 16:30:33 +01:00
Clement Michaud 6303485fd2 Add support for PostgreSQL. 2019-11-16 23:39:26 +01:00
Clement Michaud e20112f209 Remove retry mechanism from mysql provider.
The retry logic is implemented in the reflex service script instead.
2019-11-16 23:39:26 +01:00
Clement Michaud bd19ee48fd Deprecate mongo and add mariadb as storage backend option. 2019-11-16 23:39:26 +01:00
Clement Michaud a991379a74 Declare suites as Go structs and bootstrap e2e test framework in Go.
Some tests are not fully rewritten in Go, a typescript wrapper is called
instead until we remove the remaining TS tests and dependencies.

Also, dockerize every components (mainly Authelia backend, frontend and kind)
so that the project does not interfere with user host anymore (open ports for instance).
The only remaining intrusive change is the one done during bootstrap to add entries in /etc/hosts.
It will soon be avoided using authelia.com domain that I own.
2019-11-15 20:23:06 +01:00
Clement Michaud 5bd9e831eb Use pure implementation of crypt to generate and check password hashes.
This allows to remove the dependency to libc.
2019-11-01 23:06:31 +01:00
Clement Michaud 9d7224b7ad Replace typescript version of authelia-scripts by Go version. 2019-11-01 19:03:22 +01:00
Clement Michaud 931887a0a7 Use Golang modules to freeze dependencies. 2019-10-29 00:40:45 +01:00