James Elliott
4577fce95b
refactor: path from address ( #5492 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-30 18:21:19 +10:00
James Elliott
f90c369b45
docs: fix some example formatting ( #5501 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-30 14:46:23 +10:00
James Elliott
32c68804e0
feat(oidc): disable minimum parameter entropy ( #5495 )
...
This allows disabling the minimum parameter entropy checks.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-28 11:50:55 +10:00
James Elliott
17db704f4d
test(authentication): add missing type tests ( #5483 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-25 12:26:19 +10:00
James Elliott
fbbeef3ae8
test(authentication): add missing tests ( #5482 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-25 11:17:35 +10:00
James Elliott
f1b3fc7b31
test(handlers): add missing tests ( #5480 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-25 07:58:00 +10:00
James Elliott
2e8a460a66
test: add misc missing tests ( #5479 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-24 22:33:05 +10:00
James Elliott
e784a72735
test(authorization): add missing tests ( #5478 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-24 19:23:46 +10:00
James Elliott
f724818c44
test(authentication): file provider ( #5473 )
...
Add additional tests to the file provider.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-24 05:57:53 +10:00
James Elliott
65f69aeb4e
feat(oidc): jwk selection by id ( #5464 )
...
This adds support for JWK selection by ID on a per-client basis, and allows multiple JWK's for the same algorithm.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-22 21:14:32 +10:00
James Elliott
83c4cb8a94
docs: misc fixes ( #5462 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-20 10:11:50 +10:00
renovate[bot]
90c0bce3a4
build(deps): update ghcr.io/k3d-io/k3d docker tag to v5.5.1 ( #5461 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-19 23:49:22 +10:00
renovate[bot]
5ce36d37cd
build(deps): update ghcr.io/k3d-io/k3d docker tag to v5.5.0 ( #5450 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-18 08:00:59 +10:00
James Elliott
65ecfe4b9a
feat(oidc): private_key_jwt client auth ( #5280 )
...
This adds support for the private_key_jwt client authentication method.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2023-05-15 10:32:10 +10:00
James Elliott
cef374cdc1
feat(oidc): multiple jwk algorithms ( #5279 )
...
This adds support for multiple JWK algorithms and keys and allows for per-client algorithm choices.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-15 10:03:19 +10:00
James Elliott
1dbfbc5f88
feat(oidc): client_secret_jwt client auth ( #5253 )
...
This adds the authentication machinery for the client_secret_jwt to the Default Client Authentication Strategy.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-15 09:51:59 +10:00
renovate[bot]
1d99e42436
build(deps): update mariadb docker tag to v10.11.3 ( #5429 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-12 15:40:35 +10:00
renovate[bot]
70df11be16
build(deps): update alpine docker tag to v3.18.0 ( #5421 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-10 13:06:31 +10:00
James Elliott
6c472d8627
refactor(configuration): umask from query ( #5416 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-09 21:25:56 +10:00
James Elliott
998ffe5255
refactor: strip word and from duration ( #5412 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-08 15:57:11 +10:00
James Elliott
a0deacff55
refactor: misc consistency fixes ( #5406 )
...
Misc consistency fixes to docs and related content.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-08 13:51:17 +10:00
James Elliott
713f8e9ab7
fix(configuration): fail to parse large int duration ( #5408 )
...
Large integers used with the duration common syntax failed to parse if they exceeded the ability to fit into an int32.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-08 13:30:49 +10:00
James Elliott
b219a85e12
refactor(model): use recommended semver regex ( #5403 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-07 17:51:35 +10:00
James Elliott
fb5c285c25
feat(authentication): suport ldap over unix socket ( #5397 )
...
This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-07 16:39:17 +10:00
James Elliott
90d190121d
feat(server): listen on unix sockets ( #5038 )
...
This allows listening on unix sockets.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-07 15:48:26 +10:00
James Elliott
73861ff17a
build(deps): update module github.com/go-ldap/ldap/v3 to b50d289 ( #5396 )
...
This fixes various issues.
Fixes #4199
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-06 13:02:04 +10:00
renovate[bot]
60cb20906c
build(deps): update redis docker tag to v7 ( #3260 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-06 09:43:33 +10:00
James Elliott
7785a33ade
build(deps): update module github.com/fasthttp/session to v2.5.0 ( #5391 )
...
This offers redis v7 full compatibility.
Closes #3856
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-05 23:50:35 +10:00
renovate[bot]
ede5623485
build(deps): update haproxy docker tag to v2.7.8 ( #5366 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-03 13:04:56 +10:00
renovate[bot]
20f9b886a8
build(deps): update golang docker tag to v1.20.4 ( #5364 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-05-03 05:47:18 +10:00
James Elliott
71a01b9945
i18n: update translation for portal.json (Italian) ( #5338 )
2023-04-30 15:07:30 +10:00
James Elliott
34ec813370
fix(middlewares): failure to detect remote ip ( #5339 )
...
This fixes an edge case where the RemoteIP detection could safely fail with an error, and instead defaults to the TCP packet information.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-30 10:52:45 +10:00
renovate[bot]
d78c490649
build(deps): update haproxy docker tag to v2.7.7 ( #5328 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-28 13:52:51 +10:00
renovate[bot]
04b340350a
build(deps): update traefik docker tag to v2.10.1 ( #5326 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-28 07:03:26 +10:00
renovate[bot]
8ce111a8fb
build(deps): update envoyproxy/envoy docker tag to v1.26.1 ( #5325 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-28 01:04:06 +10:00
James Elliott
456ba9947b
i18n: update translations ( #5315 )
...
* i18n: update translation for portal.json (German)
* i18n: update translation for portal.json (Hungarian)
* i18n: update translation for portal.json (Slovenian)
* i18n: update translation for portal.json (Chinese Traditional)
2023-04-26 12:35:07 +10:00
renovate[bot]
2213540738
build(deps): update traefik docker tag to v2.10.0 ( #5310 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-25 18:20:52 +10:00
renovate[bot]
1c64e7731a
build(deps): update node.js to v20 ( #5294 )
2023-04-24 12:08:40 +10:00
James Elliott
033d3c0408
fix(commands): missing pkcs8 option ( #5270 )
...
Several crypto generate situations could not generate PKCS #8 ASN.1 DER format keys. Ths fixes this.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-18 12:16:45 +10:00
renovate[bot]
4050bb6a64
build(deps): update envoyproxy/envoy docker tag to v1.26.0 ( #5268 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-04-18 11:43:03 +10:00
James Elliott
616fa3c48d
docs: header consistency ( #5266 )
2023-04-18 09:53:26 +10:00
James Elliott
4db965e19f
refactor: interfaces ( #5252 )
...
Use any alias instead of empty interfaces.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 22:35:44 +10:00
James Elliott
eaddf11df6
refactor: http verbs etc ( #5248 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 15:03:14 +10:00
James Elliott
d2cdbb23f3
refactor(authentication): remove deprecated func ( #5246 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 10:51:50 +10:00
James Elliott
370585d1de
refactor(web): webauthn references ( #5244 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:54:24 +10:00
James Elliott
2733fc040c
refactor: webauthn naming ( #5243 )
...
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:04:42 +10:00
James Elliott
a179775f6f
refactor: misc out of band changes ( #5238 )
...
This just implements some changes from feat-settings-ui that are out of scope.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-14 21:42:31 +10:00
James Elliott
0f4f5d5848
fix(commands): no args not enforced on crypto hash generate ( #5237 )
...
This fixes an issue where the authelia crypto hash generate command does not require no arguments leading to some confusing output.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-14 20:46:43 +10:00
Manuel Nuñez
56c10eab76
test(configuration): add additional coverage ( #4779 )
2023-04-13 21:15:28 +10:00
James Elliott
3d2da0b070
feat(oidc): client authentication modes ( #5150 )
...
This adds a feature to OpenID Connect 1.0 where clients can be restricted to a specific client authentication mode, as well as implements some backend requirements for the private_key_jwt client authentication mode (and potentially the tls_client_auth / self_signed_tls_client_auth client authentication modes). It also adds some improvements to configuration defaults and validations which will for now be warnings but likely be made into errors.
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-13 20:58:18 +10:00