Commit Graph

22 Commits (9f136efe6d36ce1696b566a4d654629ebc4d3e61)

Author SHA1 Message Date
James Elliott 2733fc040c
refactor: webauthn naming (#5243)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:04:42 +10:00
James Elliott 157675f1f3
docs: adjust references of webauthn (#5203)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-10 17:01:23 +10:00
James Elliott fc5ea5b485
refactor(random): add random provider (#4712)
This adds a random provider which makes usage of random operations mockable, and may allow us in the future to swap out the Cryptographical CPU random generator with dedicated hardware random generators.
2023-01-07 11:19:41 +11:00
James Elliott a691131288
fix(notification): missing use of timeout (#4652) 2022-12-27 08:32:00 +11:00
James Elliott d7ab3bb633
feat(commands): storage import/export commands (#4545)
This adds commands to export and import TOTP configurations and Webauthn devices as YAML.
2022-12-23 15:00:23 +11:00
James Elliott e3e31e3cbc
refactor(commands): command context (#4539)
This moves a lot of machinery for commands into a context.Context with other struct values. This allows for PreRunE's to reliably load the configuration and avoids use of global vars.
2022-12-22 11:21:29 +11:00
James Elliott 3e4ac7821d
refactor: remove pre1 migration path (#4356)
This removes pre1 migrations and improves a lot of tooling.
2022-11-25 23:44:55 +11:00
James Elliott 24e41aed84
feat(commands): add webauthn device commands (#3671) 2022-10-19 18:17:55 +11:00
James Elliott 3a70f6739b
feat(authentication): file password algorithms (#3848)
This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 21:51:59 +11:00
James Elliott 5304178165
ci: add dedicated authelia-gen command (#3463)
Adds a dedicated authelia code/doc gen command.
2022-06-14 22:40:00 +10:00
James Elliott 06ba312c28
fix(commands): invalid opaque id service name (#3235)
This fixes the service type being openid_connect instead of openid as expected. This also allows bulk generating opaque identifiers for users.
2022-04-25 18:49:18 +10:00
James Elliott 5a0a15f377
feat(commands): user opaque identifiers commands (#3144)
Add commands for handling user opaque identifiers.
2022-04-09 17:13:19 +10:00
James Elliott 9b6bcca1ba
feat(totp): secret customization (#2681)
Allow customizing the shared secrets size specifically for apps which don't support 256bit shared secrets.
2022-04-08 09:01:01 +10:00
James Elliott 17eef2c679
fix(commands): explicitly close files (#3031)
This fixes an issue that could potentially cause problems with open files due to a deferred file close in a for loop.
2022-03-17 16:53:07 +11:00
James Elliott 6d937cf6cc
refactor(model): rename from models (#2968) 2022-03-06 16:47:40 +11:00
James Elliott 1b2af90e5a
feat(commands): totp qr code in png format (#2673)
This allows exporting the TOTP QR code for easy registration when using `authelia storage totp generate` or `authelia storage totp export`.
2022-03-02 18:50:36 +11:00
Clément Michaud 5d4003c291
refactor: directly return error where sufficient (#2855) 2022-02-10 09:07:53 +11:00
James Elliott f90ca855e3
feat(storage): postgresql schema and ssl options (#2659)
Adds the schema name and all ssl options for PostgreSQL. Also a significant refactor of the storage validation process.
2021-12-02 16:36:03 +11:00
James Elliott ad8e844af6
feat(totp): algorithm and digits config (#2634)
Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm).

Fixes #1226.
2021-12-01 23:11:29 +11:00
Philipp Staiger 01b77384f9
feat(duo): multi device selection (#2137)
Allow users to select and save the preferred duo device and method, depending on availability in the duo account. A default enrollment URL is provided and adjusted if returned by the duo API. This allows auto-enrollment if enabled by the administrator.

Closes #594. Closes #1039.
2021-12-01 14:32:58 +11:00
James Elliott 347bd1be77
feat(storage): encrypted secret values (#2588)
This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330.

Closes #682
2021-11-25 12:56:58 +11:00
James Elliott 3695aa8140
feat(storage): primary key for all tables and general qol refactoring (#2431)
This is a massive overhaul to the SQL Storage for Authelia. It facilitates a whole heap of utility commands to help manage the database, primary keys, ensures all database requests use a context for cancellations, and paves the way for a few other PR's which improve the database.

Fixes #1337
2021-11-23 20:45:38 +11:00