James Elliott
248f1d49d4
feat(oidc): hashed client secrets ( #4026 )
...
Allow use of hashed OpenID Connect client secrets.
2022-10-20 14:21:45 +11:00
James Elliott
3aaca0604f
feat(oidc): implicit consent ( #4080 )
...
This adds multiple consent modes to OpenID Connect clients. Specifically it allows configuration of a new consent mode called implicit which never asks for user consent.
2022-10-20 13:16:36 +11:00
renovate[bot]
395d81e72a
build(deps): update envoyproxy/envoy docker tag to v1.24.0 ( #4208 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-20 10:28:27 +11:00
James Elliott
24e41aed84
feat(commands): add webauthn device commands ( #3671 )
2022-10-19 18:17:55 +11:00
James Elliott
52102eea8c
feat(authorization): query parameter filtering ( #3990 )
...
This allows for advanced filtering of the query parameters in ACL's.
Closes #2708
2022-10-19 14:09:22 +11:00
renovate[bot]
47d18b462a
build(deps): update envoyproxy/envoy docker tag to v1.23.2 ( #4201 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:32:32 +11:00
James Elliott
a4edf21320
fix(authorization): subject wildcard domain rule not matching ( #4187 )
...
This fixes an issue where the subject wildcard domain rules (those containing {user} and {group}) are not considered matches even though they may be once a user authenticates.
Fixes #4186
2022-10-18 19:14:34 +11:00
James Elliott
a0b2e78e5d
feat(authentication): file case-insensitive and email search ( #4194 )
...
This allows both case-insensitive and email searching for the file auth provider.
Closes #3383
2022-10-18 11:57:08 +11:00
James Elliott
d610874be4
feat(authentication): disabled users in yaml file ( #4193 )
...
Allows setting users as disabled.
2022-10-18 09:10:53 +11:00
James Elliott
84cb457cb0
feat(authentication): file provider hot reload ( #4188 )
...
This adds hot reloading to the file auth provider.
2022-10-17 22:31:23 +11:00
James Elliott
3a70f6739b
feat(authentication): file password algorithms ( #3848 )
...
This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 21:51:59 +11:00
James Elliott
8eadf72dc7
docs: rule matching concepts ( #4154 )
...
* docs: rule matching concepts
* docs: add named regex note
* docs: adjust wording
* docs: expand match table
* docs: simplify
* docs: fix link
* docs: fix link
2022-10-16 14:11:43 +11:00
renovate[bot]
c6e1197750
build(deps): update postgres docker tag to v15 ( #4182 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-15 11:51:02 +11:00
renovate[bot]
b3abccc034
build(deps): update caddy docker tag to v2.6.2 ( #4177 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-14 15:22:37 +11:00
James Elliott
3107e493e7
refactor: adjust defaults ( #4137 )
...
* refactor: adjust defaults
* refactor: adjust level
* refactor: adjust level
* refactor: fix templates
2022-10-07 13:52:01 +11:00
renovate[bot]
998856b47c
build(deps): update golang docker tag to v1.19.2 ( #4129 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-05 18:36:00 +11:00
James Elliott
dc79c8ea59
refactor: any ( #4133 )
...
* refactor: any
* refactor: fix test
2022-10-05 16:05:23 +11:00
renovate[bot]
ff0ed6fa22
build(deps): update traefik docker tag to v2.9.1 ( #4126 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-04 03:13:03 +00:00
James Elliott
3f39914c8f
refactor: private key decoding and generators ( #4116 )
2022-10-03 11:52:29 +11:00
James Elliott
32bd2eba60
test(suites): use iss cert ( #4114 )
2022-10-02 16:19:26 +11:00
Manuel Nuñez
c8fa19e6bd
feat(notification): add disable_starttls option ( #3855 )
...
This adds a boolean option to SMTP which disables StartTLS for SMTP servers that ignore standards.
2022-10-02 13:51:19 +11:00
James Elliott
6810c91d34
feat(oidc): issuer jwk certificates ( #3989 )
...
This allows for JWKs to include certificate information, either signed via Global PKI, Enterprise PKI, or self-signed.
2022-10-02 13:07:40 +11:00
James Elliott
66ea374227
feat(authentication): permit feature detection failures ( #4061 )
...
This adds a configuration option which permits the failure of feature detection (control type OIDs and extension OIDs).
2022-10-02 07:44:18 +11:00
renovate[bot]
56b6fd615b
build(deps): update envoyproxy/envoy docker tag to v1.23.1 ( #4112 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-01 14:59:21 +00:00
James Elliott
ed7092c59a
feat: envoy support ( #3793 )
...
Adds support for Envoy and Istio using the X-Authelia-URL header. The documentation will be published just before the release.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-10-01 21:47:09 +10:00
renovate[bot]
fea3bd108b
build(deps): update traefik docker tag to v2.8.8 ( #4109 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-01 06:53:57 +10:00
James Elliott
61943f6986
test(notification): unit testing for mime characteristics ( #4092 )
...
* test: unit testing for mime characteristics
* test: improve reliability
* test: improve readability
2022-09-27 11:12:18 +10:00
James Elliott
8cdf4a5624
fix(authorization): regex subj doesn't redirect anon user ( #4037 )
...
This fixes an issue with the authorization policies where if the Domain Regex or Resources criteria would incorrectly return 403 Forbidden statuses instead of 302 Found statuses.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-09-26 14:33:08 +10:00
renovate[bot]
d8f8f74dce
build(deps): update module github.com/go-rod/rod to v0.111.0 ( #4056 )
...
* build(deps): update module github.com/go-rod/rod to v0.111.0
* fix(suites): update click to include click count
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-09-26 13:10:37 +10:00
Amir Zarrinkafsh
e3f5a574fe
build: add container labels and annotations ( #4071 )
...
This adds a new helper which retrieves the build metadata, uses it to generate container labels, and refactors XFlags uses to utilize the same machinery.
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-09-26 10:05:59 +10:00
renovate[bot]
c832515192
build(deps): update traefik docker tag to v2.8.7 ( #4058 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-09-24 12:31:43 +10:00
James Elliott
b25578392f
i18n: update translations ( #4053 )
2022-09-24 08:27:10 +10:00
renovate[bot]
31e1ca6b59
build(deps): update haproxy docker tag to v2.6.6 ( #4051 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-23 20:00:17 +10:00
renovate[bot]
d6a30baef0
build(deps): update caddy docker tag to v2.6.1 ( #4049 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-23 09:51:18 +10:00
renovate[bot]
f5baf2ea1a
build(deps): update caddy docker tag to v2.6.0 ( #4042 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-21 12:57:47 +10:00
renovate[bot]
8cf290a1df
build(deps): update mariadb docker tag to v10.9.3 ( #4041 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-21 12:37:27 +10:00
James Elliott
c756c7b67b
i18n: update translations ( #3972 )
2022-09-16 15:01:22 +10:00
James Elliott
9c72bc8977
ci: gen github tmpl locales and commitlint ( #3759 )
...
This adds several automatic generators for Authelia docs etc.
2022-09-16 14:21:05 +10:00
James Elliott
15110b732a
fix(server): i18n etags missing ( #3973 )
...
This fixes missing etags from locales assets.
2022-09-16 11:19:16 +10:00
renovate[bot]
d08dcb31d4
build(deps): update traefik docker tag to v2.8.5 ( #4008 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-14 15:57:16 +10:00
James Elliott
d7fd9ca506
refactor(logging): implement common interfaces ( #3994 )
...
This implements and leverages some common library logging interfaces.
2022-09-10 18:02:57 +10:00
renovate[bot]
a02fd4b5bc
build(deps): update haproxy docker tag to v2.6.5 ( #3982 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-08 13:55:30 +10:00
renovate[bot]
cd8b2d22c6
build(deps): update golang docker tag to v1.19.1 ( #3978 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-07 09:18:07 +10:00
James Elliott
cd9bfe3f90
fix(web): i18n explicit lang ignored ( #3961 )
...
This fixes an issue where explicit languages such as nl-NL, pt-PT, zh-CH, and zh-TW are ignored even though they're supported.
2022-09-06 09:09:33 +10:00
James Elliott
9c5a8b77aa
i18n: update translations for portal.json (chinese simplified) ( #3962 )
2022-09-06 06:08:05 +10:00
renovate[bot]
48eb9a8ac3
build(deps): update traefik docker tag to v2.8.4 ( #3945 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-09-05 09:54:51 +10:00
Manuel Nuñez
ca85992ac6
fix(handlers): verify handler ( #3956 )
...
When an anonymous user tries to access a forbidden resource with no subject, we should response with 403.
Fixes #3084
2022-09-05 08:21:30 +10:00
James Elliott
6cc182de08
fix(commands): potential nil ptr error on shutdown ( #3947 )
2022-09-04 22:26:03 +10:00
James Elliott
2325031052
refactor: clean up uri checking functions ( #3943 )
2022-09-03 11:51:02 +10:00
James Elliott
84f9e0c021
fix(configuration): incorrect deprecated version ( #3935 )
2022-09-01 12:44:53 +10:00