190e85a79d
docs: fix urls
2019-09-25 20:51:31 +02:00
fbe7b77bce
Update vulnerable dependencies
...
* lodash
* mixin-deep
* set-value
* union-value
NPM also updated the schema of package-lock.json.
2019-07-29 14:55:24 +02:00
e40777735b
Use Node 8.7 to be in line with current master
2019-07-03 17:23:52 +02:00
81e39b93b6
Added the ability for users to configure a CA when using ldaps
2019-07-03 17:23:52 +02:00
4979f2bd2d
Remove tests with dockerhub image.
2019-06-28 22:40:06 +02:00
21d55a027d
Added debugging logging output to track down
...
*domain mismatches
*session cookie issues
2019-06-07 17:39:04 +02:00
80b1428849
Added environment variable parsing for:
...
*session secret
*e-mail service password
*smtp server password
*duo-auth api secret key
*ldap bind password
These still need to be specified in the configuration file
but can have dummy values there while the real values are
passed in via environment variables.
2019-06-07 17:39:04 +02:00
cb4eb710fb
Added ldap password environment variable.
2019-06-07 17:39:04 +02:00
8478216e5d
Update README.md
2019-04-25 13:36:14 +02:00
dd36902467
3.15.0
2019-04-24 23:55:21 +02:00
e37ee9e5c7
Add changelog for version 3.15.0.
2019-04-24 23:55:07 +02:00
4f63de4020
Remove useless packages from server package.json.
2019-04-24 23:53:23 +02:00
186839d6e5
Remove the shared directory and move files to server.
2019-04-17 23:31:56 +02:00
5a195f7ebd
Update README to mention nginx and Traefik and update images.
2019-04-17 23:06:56 +02:00
e0dab01442
Update README.md
2019-04-17 00:28:31 +02:00
743b84aeaa
Change license from MIT to Apache 2.0.
2019-04-16 23:40:15 +02:00
ab8402314b
Add a link to the breaking changes markdown in README.
2019-04-16 22:58:45 +02:00
b36f2c78f9
3.14.0
2019-04-16 22:53:48 +02:00
9e90662a89
Update CHANGELOG.md and add BREAKING.md.
2019-04-16 22:53:42 +02:00
7d639df0b6
Fix nginx.md examples to reflect latest breaking changes
2019-04-16 21:24:18 +02:00
4016ff1bba
[BREAKING] Create a suite for Traefik proxy.
...
* Removal of the Redirect header sent by Authelia /api/verify endpoint.
* Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host
to compute the link sent in identity verification emails.
* Authelia used Host header as the application name for U2F authentication but it's now using
X-Forwarded-* headers.
2019-04-12 09:24:54 +02:00
617e929e1a
Fix relative paths and add error handling
2019-04-12 09:24:54 +02:00
356b82f443
Fix lint error
2019-04-12 09:24:54 +02:00
0922b3c215
Build x-original-url from forwarded headers
...
This is to allow broader support for proxies. In particular, this allows
support with Traefik.
This patch also includes some examples of configuration with Traefik.
2019-04-12 09:24:54 +02:00
36d65c284e
Add a test checking forwarded headers on bypass-based resources.
2019-04-10 22:34:15 +02:00
c074270b54
Fix attaching User/Groups headers for bypass strategy
2019-04-10 21:32:12 +02:00
87e06e6528
Remove bad error message when registering U2F device.
2019-03-31 20:39:20 +02:00
8a76b5118d
Add network criteria in ACLs to specify policy based on network subnet.
2019-03-31 20:11:07 +02:00
3c6e2ae448
3.13.0
2019-03-29 14:12:58 +01:00
23658dbcdf
Update the CHANGELOG before release of v3.13.0.
2019-03-29 14:12:41 +01:00
e7c09fddc6
Simplify nginx example configuration.
2019-03-28 23:14:36 +01:00
81207b49ad
Fix failing second factor when no default redirection url set.
...
When no default redirection url was set, Duo push second factor was shown as
failing even if authentication was successful.
2019-03-28 22:38:16 +01:00
e3b6410e79
Merge pull request #344 from nightah/duo-additions
...
Capture IP address and Target URL in Duo 2FA request
2019-03-27 10:47:23 +01:00
274c6135c7
Capture IP address and Target URL in Duo 2FA request
2019-03-27 19:44:50 +11:00
c2810101a4
Update README.md
2019-03-25 09:04:58 +01:00
30f47a1451
Merge pull request #342 from clems4ever/duo-push
...
Add Duo Push Notification option as 2FA.
2019-03-24 23:55:44 +01:00
28cc5e7e1b
Fix integration tests.
2019-03-24 23:29:46 +01:00
a4b129a676
Security Key method is not displayed if browser does not support it.
2019-03-24 22:36:49 +01:00
a717b965c1
Display only available 2FA methods.
...
For instance Duo Push Notification method is not displayed if the API
is not configured.
2019-03-24 22:23:25 +01:00
d09a307ff8
Fix redirection after 2FA method change.
...
Authelia was using links with href="#" that changed the URL when clicked
on. Therefore, this commit removes the href property and apply link style
to tags without href property.
2019-03-24 20:02:55 +01:00
4eaafb7115
Update the documentation to include information on Duo.
2019-03-24 18:45:32 +01:00
ff88ad354f
Install /etc/hosts entries from bootstrap script.
...
This allows to add an entry which is not pointing to localhost but
to a docker container in the Travis virtual env.
2019-03-24 16:43:30 +01:00
8ef402511c
Add Duo Push Notification option as 2FA.
2019-03-24 15:15:49 +01:00
090a74299f
Merge pull request #340 from clems4ever/2fa-opt-state
...
Display only one 2FA option.
2019-03-23 20:53:37 +01:00
d9e487c99f
Display only one 2FA option.
...
Displaying only one option at 2FA stage will allow to add more options
like DUO push or OAuth.
The user can switch to other option and in this case the option is
remembered so that next time, the user will see the same option. The
latest option is considered as the prefered option by Authelia.
2019-03-23 19:34:00 +01:00
92eb897a03
Merge pull request #336 from clems4ever/fix-bypass-policy
...
Fix bypass policy
2019-03-23 09:20:41 +01:00
40574bc8ec
Fix the bypass strategy.
...
Before this fix an anonymous user was not able to access a resource
that were configured with a bypass policy. This was due to a useless
check of the userid in the auth session. Moreover, in the case of an
anonymous user, we should not check the inactivity period since there
is no session.
Also refactor /verify endpoint for better testability and add tests
in a new suite.
2019-03-22 23:51:36 +01:00
55f423a6ae
Merge pull request #334 from clems4ever/log-header-access
...
Log what is retrieved from headers to help debugging.
2019-03-22 15:50:46 +01:00
bd5bb497e3
Log stage names as they are running in travis script.
2019-03-22 15:34:42 +01:00
9366741980
Forbid test selected with only in CI.
2019-03-22 15:34:42 +01:00
Nain Tornez
Callan Bryant
Max Planck
Clement Michaud
Clément Michaud
Amir Zarrinkafsh
ViViDboarder