Commit Graph

3338 Commits (dc79c8ea59622d19db22dae6753936da2be6412f)

Author SHA1 Message Date
Andrew Moore 6ef6d0499a
feat(oidc): add pkce support (#2924)
Implements Proof Key for Code Exchange for OpenID Connect Authorization Code Flow. By default this is enabled for the public client type and requires the S256 challenge method.

Closes #2921
2022-03-02 15:44:05 +11:00
renovate[bot] 8dcb8c4e29
build(deps): update dependency vite to v2.8.6 (#2936)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-02 13:06:14 +11:00
Clément Michaud c511b3415a
build: disable pre-commit hook by env variable (#2887)
One can set the NO_HOOK env variable to avoid running the pre-commit
hook. It can be useful when performing large refactorings.
2022-03-02 00:10:15 +01:00
Toshaan Bharvani 2e2096023c
build: add system service file to support multi setup (#2873)
* using the '@' in a service file allows multiple instances
this enables system to load authelia with multiple configuration files

Signed-off-by: Toshaan Bharvani <toshaan@vantosh.com>

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-03-01 22:52:49 +01:00
James Elliott decc4fd05e
docs: fix missing link (#2934) 2022-03-01 16:06:17 +11:00
James Elliott 1eef78ff7b
docs: move oidc roadmap (#2933) 2022-03-01 16:00:27 +11:00
renovate[bot] b7ddcb1d29
build(deps): update dependency typescript to v4.6.2 (#2932)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 15:39:39 +11:00
renovate[bot] f8d9c6eab7
build(deps): update dependency haproxy to v2.5.4 (#2931)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 15:04:34 +11:00
James Elliott c479ba6386
fix(oidc): make preferred_username a profile scope claim (#2930)
This corrects an issue with the preferred_username which should be part of the profile scope as per https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims.

Introduced in ddbb21a via #2829
2022-03-01 14:07:39 +11:00
renovate[bot] d5684b9f87
build(deps): update typescript-eslint monorepo to v5.13.0 (#2928)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 11:15:55 +11:00
renovate[bot] 4c63d4f59c
build(deps): update dependency vite to v2.8.5 (#2927)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-01 08:21:58 +11:00
James Elliott 3c81e75d79
feat(commands): add access-control check-policy command (#2871)
This adds an access-control command that checks the policy enforcement for a given criteria using a configuration file and refactors the configuration validation command to include all configuration sources.
2022-02-28 14:15:01 +11:00
renovate[bot] d87a56fa1a
build(deps): update dependency eslint-plugin-react to v7.29.2 (#2918)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 17:37:43 +01:00
dependabot[bot] 5ff2323a7f
build(deps): bump nokogiri from 1.12.5 to 1.13.3 in /docs (#2919)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-27 15:19:10 +11:00
renovate[bot] e286741357
build(deps): update dependency mariadb to v10.8.2 (#2917)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-27 10:12:17 +11:00
renovate[bot] d565133f19
build(deps): update dependency eslint-plugin-react to v7.29.0 (#2915)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-25 20:18:44 +11:00
renovate[bot] c525849eee
build(deps): update dependency @types/node to v16.11.26 (#2894)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-25 09:10:01 +11:00
renovate[bot] 4b1bd01167
build(deps): update dependency traefik to v2.6.1 (#2912)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-24 21:13:08 +11:00
James Elliott b733f7b86d
build(deps): update pnpm packages (#2911) 2022-02-24 19:27:57 +11:00
James Elliott 4593da3f00
build(deps): update go modules (#2907)
Update the following deps:

github.com/fasthttp/router v1.4.5 -> v1.4.6
github.com/fasthttp/session/v2 v2.4.5 -> v2.4.7
github.com/go-ldap/ldap/v3 v3.4.1 -> v3.4.2
github.com/golang-jwt/jwt/v4 v4.2.0 -> v4.3.0
github.com/jackc/pgx/v4 v4.14.1 -> v4.15.0
github.com/ory/fosite v0.42.0 -> v0.42.1
github.com/duosecurity/duo_api_golang v0.0.0-20211027140842-72da735c6f15 -> v0.0.0-20220201180708-96a8851a8448
2022-02-24 14:15:10 +11:00
James Elliott 9808da6ba0
build(deps): update module github.com/mattn/go-sqlite3 to v1.14.11 (#2906) 2022-02-24 12:02:27 +11:00
renovate[bot] 7ba6ff71b3
build(deps): update module github.com/valyala/fasthttp to v1.33.0 (#2905)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 11:11:05 +11:00
renovate[bot] eb76de6cdc
build(deps): update dependency haproxy to v2.5.3 (#2897)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 03:12:26 +11:00
renovate[bot] 5cbc88dd59
build(deps): update dependency golang to v1.17.7 (#2896)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-24 02:46:37 +11:00
renovate[bot] 4d06318413
build(deps): update dependency @testing-library/jest-dom to v5.16.2 (#2892)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-23 13:13:20 +11:00
renovate[bot] c03b24232f
build(deps): update dependency @fortawesome/react-fontawesome to v0.1.17 (#2891)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-23 12:08:15 +11:00
James Elliott bed7a8ae32
feat(server): csp template (#2856)
Implements the ability for advanced users to override the CSP and easily include the required nonce.
2022-02-21 10:14:09 +11:00
Clément Michaud 6043b43d94
docs: fix roadmap item about oidc (#2885) 2022-02-21 08:50:20 +11:00
Clément Michaud 64adb9eb67
docs: update roadmap with new priorities based on feedbacks (#2878) 2022-02-18 22:35:22 +11:00
James White 50e9ccafa1
docs: fix grammar (#2863)
Remove the gender specific examples for `default_redirection_url`

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-02-17 13:26:17 +11:00
Karlos 096946bcb7
docs: add OIDC integration details about Harbor and Verdaccio (#2867)
Added Harbor (docker/helm open source registry) and verdaccio (open source NPM proxy registry)
2022-02-13 10:05:38 +01:00
James Elliott ddbb21af90
fix(handlers): include preferred_username claim in meta (#2829)
This includes the preferred_username claim in the meta. Also uses the consts for all the applicable claims and scopes.
2022-02-10 09:55:28 +11:00
Clément Michaud 100d598a0e
docs: add documentation about the logout endpoint (#2860)
fix #2859
2022-02-10 09:10:35 +11:00
Clément Michaud 5d4003c291
refactor: directly return error where sufficient (#2855) 2022-02-10 09:07:53 +11:00
Biel Frontera 8fc48476c6
docs: add community example of integrating authelia with Django (#2858)
Extend the information given at #2636 about how to integrate
authelia with Django.
2022-02-09 21:50:34 +01:00
Amir Zarrinkafsh 9c98321130
fix(docker): fix bootstrap and dev docker image build (#2857)
This reverts commit 380e6fccb6. This change ensures that BUILDKIT is enabled to pick up the correct Dockerfile and .dockerignore files during the build process of the dev image.

Fixes #2843. Closes #2844.
2022-02-08 16:09:45 +11:00
Dylan Drost b6cffaaf50
docs: added example configs for oidc for specific services (portainer, proxmox) (#2831)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-08 00:05:10 +01:00
Shihta Kuan 380e6fccb6
fix(docker): fix the building process of docker image (#2844)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-07 23:40:51 +01:00
Michael Shamoon 5dd0cfb8c7
docs: add Bookstack to list of community-tested OIDC integrations (#2849)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2022-02-07 22:08:48 +01:00
James Elliott fcdd41ea2a
feat: oidc scope i18n (#2799)
This adds i18n for the OIDC scope descriptsions descriptions.
2022-02-08 01:18:16 +11:00
James Elliott 26236f491e
fix(server): use of inconsistent methods for determining origin (#2848)
This unifies the methods to obtain the X-Forwarded-* header values and provides logical fallbacks. In addition, so we can ensure this functionality extends to the templated files we've converted the ServeTemplatedFile method into a function that operates as a middlewares.RequestHandler.

Fixes #2765
2022-02-07 00:37:28 +11:00
James Elliott 7775d2af0e
fix(ntp): disable failure ignored (#2835)
Disable failure was ignored previously, this ensures it isn't.
2022-02-03 14:04:24 +11:00
James Elliott 1772a83190
refactor: apply godot recommendations (#2839) 2022-01-31 16:25:15 +11:00
Clément Michaud 357c654db8
ci(codecov): exclude coverage files from the coverage itself (#2832)
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-23 02:55:13 +11:00
renovate[bot] 029e3268d4
build(deps): update dependency i18next to v21.6.7 (#2824)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 11:04:32 +11:00
renovate[bot] 28b29be0af
build(deps): update dependency i18next-http-backend to v1.3.2 (#2823)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 10:23:00 +11:00
renovate[bot] 7402f6807b
build(deps): update dependency react-i18next to v11.15.3 (#2821)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 00:48:50 +11:00
renovate[bot] 31f3f23195
build(deps): update dependency i18next to v21.6.6 (#2820)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-01-22 00:23:49 +11:00
Manuel Nuñez db046b2d1c
feat(web): i18n (#2697)
This adds support for i18n so that users may be presented a familiar language to the language the browser language they are using automatically. Currently supported languages: en, es.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-01-21 23:05:46 +11:00
Clément Michaud a7a2bc63fe
feat(configuration): support private-use redirect uris in oidc (#2796)
Private-use redirect URIs are used to redirect the user to native apps initiating the authentication flow on a device as described in https://datatracker.ietf.org/doc/html/rfc8252#section-7.1

Fix #2742
2022-01-21 22:05:53 +11:00