852dc808bd
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2023-02-11 14:13:18 +11:00
8e4b660f15
refactor: certs ( #4912 )
...
This refactors the suites to use a Enterprise Root CA PKI signed certificate so the CA public certificate can be trusted. This is particularly useful for webauthn in Chrome.
2023-02-11 14:11:40 +11:00
dbafa26ec3
build(deps): update caddy docker tag to v2.6.3 ( #4906 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-09 15:04:46 +11:00
1f1210c6ac
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2023-02-08 13:52:07 +11:00
2e6d17ba8a
feat(configuration): rfc2307bis implementation ( #4900 )
...
This adds configuration defaults for RFC2307bis LDAP implementations such as OpenLDAP with the RFC2307bis LDIF which should service most user needs.
2023-02-08 13:35:57 +11:00
436a78525c
build(deps): update envoyproxy/envoy docker tag to v1.25.1 ( #4899 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-08 09:22:17 +11:00
726850fe43
refactor: add some more useful templating funcs ( #4891 )
2023-02-08 01:28:09 +11:00
9bf0ce212a
build(deps): update mariadb docker tag to v10.10.3 ( #4889 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-07 15:13:12 +11:00
9e5aa1c1a9
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
# Conflicts:
# web/package.json
# web/pnpm-lock.yaml
2023-02-05 20:19:40 +11:00
a7ccf3652f
docs: fix rfc references and fix misc issues ( #4879 )
2023-02-05 18:11:30 +11:00
a2ce9e0573
test: add test for 2329 expand-env ( #4870 )
...
This adds a test for https://github.com/authelia/authelia/issues/2329#issuecomment-1414201785
2023-02-03 10:36:38 +11:00
790139fd48
build(deps): update ghcr.io/k3d-io/k3d docker tag to v5.4.7 ( #4867 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-02-03 02:43:34 +11:00
e408cb19b1
test: adjust tests and docs to be similar ( #4856 )
2023-02-02 18:13:18 +11:00
598ea2bb19
feat(configuration): disallow public suffix domains ( #4855 )
...
This adds a check to the domains configuration to ensure the domain value is not part of the public suffix list at https://publicsuffix.org . These domains are special and users cannot write cookies with this domain value, this makes them unusable with Authelia and this more readily makes that apparent.
2023-02-02 16:34:49 +11:00
30aaa8a245
build(deps): update golang docker tag to v1.20.0 ( #4864 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-02-02 14:23:09 +11:00
d7be1c1359
refactor: reduce complexity
2023-02-01 22:10:38 +11:00
3af20a7daf
build(deps): use @simplewebauthn/browser
2023-01-30 16:37:53 +11:00
f382ba040e
i18n: update translations ( #4850 )
2023-01-30 10:16:52 +11:00
7d17c39c52
Merge origin/master into feat-settings-ui
2023-01-25 22:11:41 +11:00
65705a646d
feat(server): customizable authz endpoints ( #4296 )
...
This allows users to customize the authz endpoints.
Closes #2753 , Fixes #3716
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 20:36:40 +11:00
36e817df92
test(suites): load environment into suites ( #4762 )
...
* test(suites): load environment into suites
* test(suites): default setup suite
* test(suites): create base suite
* test(suites): fix nil ptr
* test(suites): add logging
* test: fix missing devworkflow path
* refactor: apply suggestions
* refactor: log
* fix: dev workflow requires env file to trigger vite hmr
* fix(suites): fix dynamic configuration in dev workflow for all proxies
* refactor: apply final suggestions
* fix: pass log level to suites
* fix(suites): include pathprefix to prevent react router basename issues
* fix: missing setup logging calls
* fix: gate suite setup funcs
* test: fix lint
* test: fix tmp dir
* fix(suites): fix gitignore of .env.development with vite hmr
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-25 15:11:05 +11:00
a566c16d08
feat(web): privacy policy url ( #4625 )
...
This allows users to customize a privacy policy URL at the bottom of the login view.
Closes #2639
2023-01-22 19:58:07 +11:00
8cbd9cb30a
test: make suite browser detection more robust and extensible ( #4807 )
2023-01-21 16:02:27 +11:00
309c355026
build(deps): update haproxy docker tag to v2.7.2 ( #4805 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-21 14:21:48 +11:00
bd279900ca
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2023-01-20 17:56:06 +11:00
530bf72f42
build(deps): update envoyproxy/envoy docker tag to v1.25.0 ( #4796 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-19 16:11:30 +11:00
b815521384
fix(ntp): version 4 encoded incorrectly ( #4773 )
...
This fixes an issue where version 4 was actually serialized as version 5 due to some binary math issues. It also fixes the fact the leap value was incorrect, it should have been set to unknown.
2023-01-17 22:54:17 +11:00
56f028294b
fix(utils): fix suite setup timeout ( #4771 )
...
After PR #4751 the suites times out if takes more of 60 seconds
This PR honors the timeout configured at waitUntilAutheliaBackendIsReady (90s)
2023-01-16 10:58:13 +11:00
1cf9e6f3ef
test(utils): add additional coverage ( #4751 )
2023-01-12 22:30:16 +11:00
8b29cf7ee8
feat(session): multiple session cookie domains ( #3754 )
...
This adds support to configure multiple session cookie domains.
Closes #1198
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-12 21:57:44 +11:00
81ffe9d616
build(deps): update golang docker tag to v1.19.5 ( #4752 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-11 14:48:33 +11:00
0dcaa3d2ab
build(deps): update alpine docker tag to v3.17.1 ( #4742 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-01-10 09:09:34 +11:00
7b00b21da1
build(deps): update module github.com/fasthttp/session/v2 to v2.4.15 ( #4292 )
...
* build(deps): update module github.com/fasthttp/session/v2 to v2.4.15
* fix(session): adjust api for changes in upstream library
Fixes #3751 .
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-09 15:57:40 +11:00
cf4010b4fb
fix(oidc): csp blocks form_post response form submit ( #4719 )
...
This fixes an issue where the form_post response never gets submitted.
Fixes #4669
2023-01-08 07:04:06 +11:00
3d6c67fa33
build(deps): update module github.com/go-webauthn/webauthn to v0.6.0 ( #4646 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-01-07 14:21:27 +11:00
49d421e910
Merge remote-tracking branch 'origin/master' into feat-settings-ui
...
# Conflicts:
# api/openapi.yml
# web/src/views/DeviceRegistration/RegisterWebauthn.tsx
# web/src/views/LoginPortal/SecondFactor/WebauthnMethod.tsx
2023-01-07 11:50:19 +11:00
fc5ea5b485
refactor(random): add random provider ( #4712 )
...
This adds a random provider which makes usage of random operations mockable, and may allow us in the future to swap out the Cryptographical CPU random generator with dedicated hardware random generators.
2023-01-07 11:19:41 +11:00
f223975e79
refactor(oidc): simplify hmac core strategy ( #4711 )
2023-01-07 10:28:53 +11:00
2ab50c7f61
test(handlers): add additional coverage ( #4698 )
...
* test(handlers): handler_checks_safe_redirection
* test(handlers): password_policy
* test(handlers): health
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-01-05 09:37:43 +11:00
6c3d64a06c
test(ntp): add missing tests ( #4693 )
2023-01-04 09:12:19 +11:00
adaf069eab
feat(oidc): per-client pkce enforcement policy ( #4692 )
...
This implements a per-client PKCE enforcement policy with the ability to enforce that it's used, and the specific challenge mode.
2023-01-04 02:03:23 +11:00
8421b1bdb8
build(deps): update module github.com/deckarep/golang-set to v2 ( #4675 )
...
* build(deps): update module github.com/deckarep/golang-set to v2
* fix: utilise new major for lib
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-01-04 00:36:28 +11:00
08cda5d165
refactor: include additional important template funcs ( #4690 )
...
* refactor: include additional important template funcs
* fix: use of interface
* test: improve test cases
2023-01-04 00:11:10 +11:00
5efc996109
test: fix cli suite ( #4686 )
...
* test: fix cli suite
* test: fix cli suite
2023-01-03 21:39:55 +11:00
53a6275a79
fix(server): errors not logged ( #4682 )
...
This fixes a couple errors that were previously not logged as well as ensuring most templates are appropriately parsed via tests.
2023-01-03 17:08:49 +11:00
1c3219e93f
perf(server): cached openapi document ( #4674 )
...
This should lead to a small performance gain by caching the openapi.yml with etags as well as eliminating the use of nonce crypto generation when not required.
2023-01-03 14:49:02 +11:00
917ac89e38
refactor: 2fa api
2023-01-01 22:16:28 +11:00
dd781ffc51
refactor: adjust settings components
2022-12-31 18:27:43 +11:00
f2ee86472d
revert: 2fa skip
2022-12-30 23:51:52 +11:00
0e2770e72d
Merge remote-tracking branch 'origin/master' into feat-settings-ui
2022-12-27 20:05:02 +11:00
James Elliott
renovate[bot]
Manuel Nuñez