James Elliott
ddea31193b
feature(oidc): add support for OpenID Connect
...
OpenID connect has become a standard when it comes to authentication and
in order to fix a security concern around forwarding authentication and authorization information
it has been decided to add support for it.
This feature is in beta version and only enabled when there is a configuration for it.
Before enabling it in production, please consider that it's in beta with potential bugs and that there
are several production critical features still missing such as all OIDC related data is stored in
configuration or memory. This means you are potentially going to experience issues with HA
deployments, or when restarting a single instance specifically related to OIDC.
We are still working on adding the remaining set of features before making it GA as soon as possible.
Related to #189
Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2021-05-05 00:15:36 +02:00
renovate[bot]
48d8e1e541
build(deps): update dependency eslint-formatter-rdjson to v1.0.4 ( #1969 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-04 09:46:06 +02:00
renovate[bot]
181f65f3c9
build(deps): update dependency @types/node to v15 ( #1952 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-29 10:49:51 +10:00
renovate[bot]
a4e7a794b8
build(deps): update dependency @material-ui/core to v4.11.4 ( #1954 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 10:03:50 +02:00
renovate[bot]
b2ca9b7805
build(deps): update dependency @craco/craco to v6.1.2 ( #1955 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 09:19:10 +02:00
renovate[bot]
06a2fb8026
build(deps): update dependency @types/node to v14.14.43 ( #1951 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 15:49:25 +10:00
renovate[bot]
d6a767745b
build(deps): update dependency @types/chai to v4.2.17 ( #1950 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 13:53:36 +10:00
renovate[bot]
e7ce5c1ff7
build(deps): update dependency @types/jest to v26.0.23 ( #1949 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-28 09:29:00 +10:00
renovate[bot]
cf2687bb57
build(deps): update dependency @types/react to v17.0.4 ( #1948 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-27 16:03:53 +10:00
renovate[bot]
3593c94511
build(deps): update dependency eslint-config-prettier to v8.3.0 ( #1946 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-25 09:43:37 +02:00
renovate[bot]
d321ae9be1
build(deps): update dependency @types/classnames to v2.3.0 ( #1937 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-23 10:57:16 +10:00
dependabot[bot]
823be5d179
build(deps): bump ssri from 6.0.1 to 6.0.2 in /web ( #1933 )
...
Bumps [ssri](https://github.com/npm/ssri ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases )
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md )
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-20 09:58:58 +10:00
renovate[bot]
168dbf7265
build(deps): update dependency @types/node to v14.14.41 ( #1923 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 21:42:57 +02:00
renovate[bot]
605fba0422
build(deps): update dependency eslint-plugin-prettier to v3.4.0 ( #1922 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 14:27:16 +10:00
renovate[bot]
f3e35baa29
build(deps): update dependency @types/node to v14.14.39 ( #1920 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 14:06:07 +10:00
renovate[bot]
9fad66596a
build(deps): update dependency eslint-config-prettier to v8.2.0 ( #1911 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-14 11:28:07 +10:00
James Elliott
f0cb75e1e1
fix(handlers): logout redirection validation ( #1908 )
2021-04-13 10:38:12 +02:00
renovate[bot]
a0f67bf3dd
build(deps): update dependency typescript to v4.2.4 ( #1893 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-08 06:12:02 +10:00
renovate[bot]
9b9991238a
build(deps): update dependency @types/chai to v4.2.16 ( #1885 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-04 08:10:14 +10:00
renovate[bot]
121dfb899f
build(deps): update dependency classnames to v2.3.1 ( #1886 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-03 20:17:36 +11:00
renovate[bot]
959769164d
build(deps): update dependency classnames to v2.3.0 ( #1881 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-01 21:35:48 +11:00
dependabot[bot]
6fc0cb97cb
build(deps): bump y18n from 4.0.0 to 4.0.1 in /web ( #1876 )
...
Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-04-01 10:20:37 +11:00
renovate[bot]
1f3cf34080
build(deps): update dependency @types/node to v14.14.37 ( #1859 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-28 02:21:52 +11:00
renovate[bot]
13ba4d1795
build(deps): update dependency @types/jest to v26.0.22 ( #1851 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 10:40:48 +11:00
renovate[bot]
b1d18cab9d
build(deps): update dependency @types/node to v14.14.36 ( #1852 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-26 09:52:01 +11:00
renovate[bot]
7a88c848ad
build(deps): update dependency @types/react-dom to v17.0.3 ( #1845 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-23 20:12:11 +11:00
renovate[bot]
7ccbaaffe3
build(deps): update dependency query-string to v7 ( #1840 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-19 11:03:23 +11:00
renovate[bot]
8ff018c82f
build(deps): update dependency @types/jest to v26.0.21 ( #1837 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-17 21:03:07 +01:00
renovate[bot]
ef03751f5f
build(deps): update font awesome ( #1833 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-16 21:46:32 +01:00
renovate[bot]
3cb5a5e7ee
build(deps): update dependency @types/node to v14.14.35 ( #1830 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-16 09:52:30 +11:00
Amir Zarrinkafsh
25fe7b1ebe
fix(web): fix compilation and running in development mode ( #1821 )
...
During a `yarn start` the react frontend would throw the following errors during compilation:
```
Starting the development server...
Compiled with warnings.
./src/index.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-4-1!./node_modules/postcss-loader/src??postcss!./src/index.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
./node_modules/@fortawesome/fontawesome-svg-core/styles.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-4-1!./node_modules/postcss-loader/src??postcss!./node_modules/@fortawesome/fontawesome-svg-core/styles.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
./src/components/FingerTouchIcon.module.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-5-1!./node_modules/postcss-loader/src??postcss!./src/components/FingerTouchIcon.module.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
./src/components/PushNotificationIcon.module.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-5-1!./node_modules/postcss-loader/src??postcss!./src/components/PushNotificationIcon.module.css)
Warning
Greetings, time traveller. We are in the golden age of prefix-less CSS, where Autoprefixer is no longer needed for your stylesheet.
Search for the keywords to learn more about each warning.
To ignore, add // eslint-disable-next-line to the line before.
```
This in turn would mean that the server would never finish loading.
This change will allow the code to compile and run appropriately both in production and development modes.
2021-03-13 14:09:51 +11:00
renovate[bot]
e5a6b6b85d
build(deps): update dependency @types/node to v14.14.34 ( #1814 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-13 10:47:21 +11:00
dependabot[bot]
cb41f5a643
build(deps): bump react-dev-utils from 11.0.3 to 11.0.4 in /web ( #1813 )
...
Bumps [react-dev-utils](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-dev-utils ) from 11.0.3 to 11.0.4.
- [Release notes](https://github.com/facebook/create-react-app/releases )
- [Changelog](https://github.com/facebook/create-react-app/blob/master/CHANGELOG-1.x.md )
- [Commits](https://github.com/facebook/create-react-app/commits/HEAD/packages/react-dev-utils )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-13 10:14:05 +11:00
renovate[bot]
28239214f6
build(deps): update dependency chai to v4.3.4 ( #1816 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-13 09:55:32 +11:00
dependabot[bot]
c4864ca64c
build(deps): bump elliptic from 6.5.3 to 6.5.4 in /web ( #1796 )
...
Bumps [elliptic](https://github.com/indutny/elliptic ) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/indutny/elliptic/releases )
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2021-03-10 16:11:36 +11:00
renovate[bot]
99a7c5ac2f
build(deps): update dependency @types/node to v14.14.33 ( #1793 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-10 10:43:45 +11:00
renovate[bot]
ac7ee18610
build(deps): update dependency @types/react-dom to v17.0.2 ( #1789 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 09:45:12 +11:00
renovate[bot]
9dcb2e06fb
build(deps): update dependency @types/node to v14.14.32 ( #1784 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-09 09:28:31 +11:00
renovate[bot]
d7484bd7e2
build(deps): update dependency @types/react to v17.0.3 ( #1785 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-08 15:59:25 +11:00
renovate[bot]
095b9fa16d
build(deps): update dependency typescript to v4.2.3 ( #1780 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-05 22:32:51 +11:00
James Elliott
4dce8f9496
perf(authorizer): preload access control lists ( #1640 )
...
* adjust session refresh to always occur (for disabled users)
* feat: adds filtering option for Request Method in ACL's
* simplify flow of internal/authorization/authorizer.go's methods
* implement query string checking
* utilize authorizer.Object fully
* make matchers uniform
* add tests
* add missing request methods
* add frontend enhancements to handle request method
* add request method to 1FA Handler Suite
* add internal ACL representations (preparsing)
* expand on access_control next
* add docs
* remove unnecessary slice for network names and instead just use a plain string
* add warning for ineffectual bypass policy (due to subjects)
* add user/group wildcard support
* fix(authorization): allow subject rules to match anonymous users
* feat(api): add new params
* docs(api): wording adjustments
* test: add request method into testing and proxy docs
* test: add several checks and refactor schema validation for ACL
* test: add integration test for methods acl
* refactor: apply suggestions from code review
* docs(authorization): update description
2021-03-05 15:18:31 +11:00
renovate[bot]
1438cf5deb
build(deps): update dependency chai to v4.3.3 ( #1778 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-04 12:15:04 +11:00
renovate[bot]
f24ec3989a
build(deps): update dependency chai to v4.3.1 ( #1776 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-03-03 13:14:32 +11:00
renovate[bot]
bd610b5b5b
build(deps): update dependency query-string to v6.14.1 ( #1769 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-28 16:40:01 +11:00
renovate[bot]
96bb3e2f88
build(deps): update dependency eslint-config-prettier to v8.1.0 ( #1764 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-25 10:58:41 +11:00
renovate[bot]
f09eb1fcc8
build(deps): update dependency typescript to v4.2.2 ( #1760 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-02-24 10:56:21 +11:00
renovate[bot]
40099edc45
build(deps): update dependency react-scripts to v4.0.3 ( #1756 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-23 10:54:38 +11:00
renovate[bot]
dc341a3894
build(deps): update dependency eslint-config-prettier to v8 ( #1750 )
...
* build(deps): update dependency eslint-config-prettier to v8
* fix(web): update eslint/prettier config to v8.0
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2021-02-23 10:26:57 +11:00
renovate[bot]
a8f83568c0
build(deps): update dependency query-string to v6.14.0 ( #1744 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 17:23:58 +11:00
renovate[bot]
19a5e28930
build(deps): update dependency eslint-import-resolver-typescript to v2.4.0 ( #1743 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-02-22 17:05:37 +11:00