This implements both a connection timeout for LDAP connections, and makes it configurable by administrators. The default is 5s. The reason for this commit is currently if a connection to an LDAP server cannot be established it does not timeout in a reasonable period.
This change means we only check the filters for the existence of placeholders that cannot be replaced at startup. We then utilized cached results of that lookup for subsequent replacements.
This commit replaces github.com/spf13/viper with github.com/knadh/koanf. Koanf is very similar library to viper, with less dependencies and several quality of life differences. This also allows most config options to be defined by ENV. Lastly it also enables the use of split configuration files which can be configured by setting the --config flag multiple times.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
* test(web): drop enzyme in favor of react-testing-library
Enzyme is falling behind in maintenance, it is currently maintained by one primary developer and still does [not support React 17](https://github.com/enzymejs/enzyme/pull/2430) despite it being released in October 2020.
[react-testing-library (RTL)](https://testing-library.com/docs) is [recommended by Facebook](https://reactjs.org/docs/test-utils.html#overview) and encourages writing tests that avoid testing implementation details.
* build(deps): update react monorepo to v17 (major)
* build(deps): remove @types/{enzyme,jest}
This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration.
BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0
This updates and unifies the contact options so it is easier to maintain. All contact options now link back to one of two locations, and both of these locations are a copy and paste for the most part.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
This is for a better user experience, specifically it makes it so when users tab through the elements in the login form they are selected in a logical order.
Fixes#2204
This implements the public option for clients which allows using Authelia as an OpenID Connect Provider for cli applications and SPA's where the client secret cannot be considered secure.
This adds a performance change to the default Active Directory users filter. Basically as per TechNet the (sAMAccountType=805306368) filter is the same as (&(objectCategory=person)(objectClass=user)) except the performance is better.
Update and adjust OIDC documentation. This also adds information for users about RP's that have been tested.
Co-authored-by: Georg Lauterbach <44545919+aendeavor@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
The recent ldap changes in cb71df5 left a connection to the LDAP server open at startup. This resolves this which prevents an ugly log message and unnecessary open sockets.
James Elliott
renovate[bot]
Clément Michaud
Amir Zarrinkafsh
Mike
Georg Lauterbach