Commit Graph

1872 Commits (7b1f18675331176239a72e50d447ef9231ee211e)

Author SHA1 Message Date
dependabot[bot] 6769694b17
build(deps): bump hosted-git-info from 2.8.8 to 2.8.9 in /web (#1999)
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-11 21:54:20 +10:00
James Elliott 40fc1cdc6d
release: v4.29.2 (#1998) 2021-05-11 11:21:15 +10:00
James Elliott 46c8a25c15
fix(oidc): implement required subject types supported meta (#1996)
The well known openid-configuration should have the subject_types_supported meta values.
2021-05-11 11:00:29 +10:00
renovate[bot] 2c8341974d
build(deps): update dependency @types/react-dom to v17.0.4 (#1997)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-11 10:39:06 +10:00
renovate[bot] 4cbb3826d7
build(deps): update dependency prettier to v2.3.0 (#1995)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-10 13:26:05 +10:00
Clément Michaud 168404fbb4
doc: reword the sponsor section of readme (#1994)
Also add an explicit mention on the fact that the team is looking
for sponsorship to organize an audit of the code or a pen test.
2021-05-10 09:53:34 +10:00
renovate[bot] 1e69bc2835
build(deps): update module github.com/otiai10/copy to v1.6.0 (#1989)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-05-10 01:59:50 +10:00
Clément Michaud 0c915b933e
docs: add link for users to take quick survey on usage (#1993)
We want to gather some statistics around the usage of Authelia in
order for the team to take better design decisions and direction
regarding the roadmap.
2021-05-10 01:23:57 +10:00
dependabot[bot] 3ad43652d1
build(deps): bump url-parse from 1.4.7 to 1.5.1 in /web (#1992)
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.1.
- [Release notes](https://github.com/unshiftio/url-parse/releases)
- [Commits](https://github.com/unshiftio/url-parse/compare/1.4.7...1.5.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 11:43:50 +02:00
renovate[bot] fac13f3485
build(deps): update dependency @types/chai to v4.2.18 (#1990)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-08 13:14:27 +10:00
renovate[bot] f97c0df929
build(deps): update postgres docker tag to v13 (#1987) 2021-05-08 00:40:58 +10:00
James Elliott cf63f84753
release: v4.29.1 (#1985) 2021-05-07 12:22:01 +10:00
James Elliott c0ac8bf5ad
fix: include the jwk key id in the jwt for validation (#1983)
This is so the sig key used to sign the JWT can be verified using the JWKS endpoint.

Fixes #1979
2021-05-07 11:59:39 +10:00
renovate[bot] 544373de17
build(deps): update golang docker tag to v1.16.4 (#1984)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-07 10:24:17 +10:00
James Elliott 9931087246
refactor: forcibly use latest go-sqlite3 (#1982)
This is necessary to force the latest version of go-sqlite3 due to an issue with the release lifecycle upstream and due to deep dependencies. Basically go-sqlite3 v2 should never have been released and v1 is now the supported version. This was introduced due to including fosite. The dependency chain looks like this: github.com/ory/fosite@v0.39.0 => github.com/ory/x@v0.0.162 => github.com/gobuffalo/pop/v5@v5.0.11 => github.com/gobuffalo/nulls@v0.2.0.
2021-05-06 15:52:27 +10:00
Ikko Ashimine 9b1151d525
docs: fix capitalization (#1980)
This fixes the capitalization of a single instance of `Github` to `GitHub`.

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2021-05-06 07:12:32 +10:00
James Elliott 952e072f1b
docs: update secrets configuration (#1978)
This updates secrets configuration for 4.29.0 and fixes an existing issue.

Fixes #1977
2021-05-05 21:23:24 +02:00
Amir Zarrinkafsh a31a17b222
fix(cmd): retry clean tag logic for dockerhub (#1976)
This change will ensure that if the curl command for the cleaning of Docker tags on DockerHub fails it will be reattempted up to 2 more times (total of 3) with a 10 second sleep between each attempt.

The clean tag logic itself within curl attempts to execute the http request upto 3 times so this will ensure a maximum of 9 attempts.
2021-05-05 17:09:31 +10:00
Clément Michaud 4e8d472e46
release: v4.29.0 (#1972)
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-05-05 11:46:07 +10:00
renovate[bot] ea76455ff3
build(deps): update dependency @types/node to v15.0.2 (#1974)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-05 11:24:31 +10:00
James Elliott a984e2700b
refactor: use fatal log message on oidc init error (#1973)
Instead of using panic() when an unknown error was detected on OP initialization, use logger.Fatalf. This provides a more useful output to the user.
2021-05-05 10:50:24 +10:00
renovate[bot] 3c4b320096
build(deps): update dependency @types/react to v17.0.5 (#1970)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-05 09:32:40 +10:00
Clément Michaud e8e29831c1
docs: add oidc package in contributor guidelines (#1971) 2021-05-05 09:08:14 +10:00
James Elliott ddea31193b
feature(oidc): add support for OpenID Connect
OpenID connect has become a standard when it comes to authentication and
in order to fix a security concern around forwarding authentication and authorization information
it has been decided to add support for it.

This feature is in beta version and only enabled when there is a configuration for it.
Before enabling it in production, please consider that it's in beta with potential bugs and that there
are several production critical features still missing such as all OIDC related data is stored in
configuration or memory. This means you are potentially going to experience issues with HA
deployments, or when restarting a single instance specifically related to OIDC.

We are still working on adding the remaining set of features before making it GA as soon as possible.

Related to #189

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-05 00:15:36 +02:00
renovate[bot] 48d8e1e541
build(deps): update dependency eslint-formatter-rdjson to v1.0.4 (#1969)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-04 09:46:06 +02:00
Amir Zarrinkafsh 9f3bd0e589
build(deps): update swagger-ui to v3.48.0 (#1967) 2021-05-04 08:31:50 +10:00
renovate[bot] ec17389a54
build(deps): update module github.com/fasthttp/session/v2 to v2.3.2 (#1962)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-04-30 11:57:33 +10:00
renovate[bot] 908146d6f0
build(deps): update module github.com/fasthttp/router to v1.3.12 (#1961)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-04-30 09:54:49 +10:00
renovate[bot] 77c3058368
build(deps): update mariadb docker tag to v10.6.0 (#1958)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-29 15:59:16 +10:00
renovate[bot] 181f65f3c9
build(deps): update dependency @types/node to v15 (#1952)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-29 10:49:51 +10:00
renovate[bot] 7831212d02
build(deps): update module github.com/valyala/fasthttp to v1.24.0 (#1957)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-04-29 08:57:33 +10:00
renovate[bot] a4e7a794b8
build(deps): update dependency @material-ui/core to v4.11.4 (#1954)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 10:03:50 +02:00
renovate[bot] b2ca9b7805
build(deps): update dependency @craco/craco to v6.1.2 (#1955)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 09:19:10 +02:00
renovate[bot] 06a2fb8026
build(deps): update dependency @types/node to v14.14.43 (#1951)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 15:49:25 +10:00
renovate[bot] d6a767745b
build(deps): update dependency @types/chai to v4.2.17 (#1950)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 13:53:36 +10:00
renovate[bot] e7ce5c1ff7
build(deps): update dependency @types/jest to v26.0.23 (#1949)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 09:29:00 +10:00
renovate[bot] cf2687bb57
build(deps): update dependency @types/react to v17.0.4 (#1948)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-27 16:03:53 +10:00
renovate[bot] 3593c94511
build(deps): update dependency eslint-config-prettier to v8.3.0 (#1946)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-25 09:43:37 +02:00
renovate[bot] b952e9e71d
build(deps): update haproxy docker tag to v2.3.10 (#1942)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-24 10:43:48 +02:00
renovate[bot] d321ae9be1
build(deps): update dependency @types/classnames to v2.3.0 (#1937)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-23 10:57:16 +10:00
renovate[bot] dafd61f08d
build(deps): update module github.com/simia-tech/crypt to v0.5.0 (#1938)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-21 22:25:38 +02:00
dependabot[bot] 823be5d179
build(deps): bump ssri from 6.0.1 to 6.0.2 in /web (#1933)
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-20 09:58:58 +10:00
allcontributors[bot] d1d0aa967d
docs: add jonbayl as a contributor (#1930)
* docs: update README.md

* docs: update .all-contributorsrc

Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2021-04-18 19:13:40 +10:00
Amir Zarrinkafsh 3d08e03592
ci(buildkite): log ghcr id on branch tag removal (#1929) 2021-04-18 14:20:45 +10:00
James Elliott c16edda893
release: v4.28.2 (#1928) 2021-04-18 11:01:39 +10:00
James Elliott 706fbfdb2c
fix(session): ensure default cookie samesite value is lax (#1926)
This implements a change to the default behaviour of the cookies generated by the sessions package. The old behaviour was to set the SameSite=None, this changes it to SameSite=Lax. Additionally this puts the option in the hands of the end-user so they can decide for themselves what the best option is.
2021-04-18 10:02:04 +10:00
James Elliott 2f1e45071a
release: v4.28.1 (#1924) 2021-04-16 12:20:31 +10:00
James Elliott cc4f47f21c
fix: removed deprecated smtp/ldap options (#1912)
This removes the deprecated options from 4.25. This includes the LDAP filters which allow {0} or {1} placeholders. The new aliases are documented. Additionally it refactors the keys validator to use uniform messages for most replaced keys.
2021-04-16 11:44:37 +10:00
renovate[bot] 168dbf7265
build(deps): update dependency @types/node to v14.14.41 (#1923)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 21:42:57 +02:00
Clément Michaud 7c18081f57
ci: include version in the name of tar.gz artifacts (#1919)
This makes sure the version is included in GitHub artifacts.

Fix #1918

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-04-15 17:56:32 +10:00