James Elliott
194d34106e
fix(storage): schema inconsistency ( #4262 )
2022-11-19 16:47:09 +11:00
renovate[bot]
47b78f2272
build(deps): update mariadb docker tag to v10.10.2 ( #4399 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 10:50:47 +00:00
renovate[bot]
a4d9d488b1
build(deps): update traefik docker tag to v2.9.5 ( #4398 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-18 01:29:38 +00:00
James Elliott
36dbc96b14
refactor: sql formatting ( #4371 )
...
* refactor: sql spacing
* refactor editor config
2022-11-14 12:54:30 +11:00
renovate[bot]
3574d8ab17
build(deps): update alpine docker tag to v3.16.3 ( #4362 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-13 12:26:20 +00:00
James Elliott
ad68f33aeb
build(deps): update module github.com/ory/fosite to v0.43.0 ( #4269 )
...
This updates fosite and refactors our usage out of compose.
2022-11-13 14:26:10 +11:00
renovate[bot]
909deafeba
build(deps): update mariadb docker tag to v10.9.4 ( #4355 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-11 07:20:15 +00:00
James Elliott
02920c18be
refactor: few misc issues ( #4330 )
2022-11-04 22:24:10 +11:00
James Elliott
e97a848600
refactor: ldap filter ( #4329 )
2022-11-04 13:42:28 +11:00
James Elliott
500410fac3
refactor(commands): include rfc3986 charset ( #4328 )
...
This includes the RFC3986 unreserved charset as an option, and allows the '-upper' and '-lower' suffix for alphabetic inclusive charsets.
2022-11-04 11:32:49 +11:00
renovate[bot]
1e057819f2
build(deps): update golang docker tag to v1.19.3 ( #4316 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-11-02 03:42:08 +00:00
James Elliott
5a23df4544
refactor: uuid parse bytes ( #4311 )
...
Use ParseBytes instead since it supports a byte encoded string.
2022-11-01 10:31:13 +11:00
James Elliott
6b2f713e10
fix(configuration): certificate_chains can't be defined as secrets ( #4302 )
...
This fixes an issue where certificate_chain values can't be defined as secrets. While not expressly needed for certificates, it's more convenient and less prone to error than defining a environment variable with the contents.
2022-10-31 11:52:14 +11:00
renovate[bot]
db9de7b5a4
build(deps): update traefik docker tag to v2.9.4 ( #4286 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-10-29 17:00:46 +11:00
James Elliott
a048ab6d47
fix(authentication): erroneously escaped group base dn ( #4288 )
...
The BaseDN for groups was escaped improperly and failed on any BaseDN with special characters. This fixes the issue.
2022-10-28 20:21:43 +11:00
James Elliott
a283fda6d6
fix(oidc): handle authorization post requests ( #4270 )
...
This fixes an issue where the authorization endpoint was not handling post requests as per the specification. It also fixes the missing CORS middleware on the authorization endpoint.
2022-10-26 19:14:43 +11:00
James Elliott
dfd196460f
refactor: close database connections on shutdown ( #4255 )
...
This explicitly closes the database connection during shutdown.
2022-10-25 16:12:42 +11:00
James Elliott
53c1b645ee
fix(storage): postgresql default port incorrect ( #4251 )
...
This fixes a typo with the default port for PostgreSQL in 4.37.
Fixes #4249
2022-10-24 06:09:38 +11:00
James Elliott
6654fd6130
refactor: update users_database examples ( #4240 )
2022-10-23 08:12:16 +11:00
James Elliott
e3d82bcfa0
refactor: fix misc alignment issues and gen ( #4239 )
2022-10-23 07:42:19 +11:00
James Elliott
00ab279336
refactor: csp gen ( #4163 )
...
Generator for CSP.
2022-10-22 22:19:32 +11:00
James Elliott
69c4c02d03
feat(storage): tls connection support ( #4233 )
...
This adds support to PostgreSQL and MySQL to connect via TLS via the standard TLS configuration options.
2022-10-22 19:27:59 +11:00
James Elliott
1ea29cb2c2
feat(storage): unix socket support ( #4231 )
...
Support for unix sockets for MySQL and PostgreSQL.
2022-10-22 16:41:27 +11:00
James Elliott
1d821a0d3a
fix(storage): mysql timestamp parsed incorrectly ( #4230 )
...
The timestamps in MySQL were not being parsed correctly. The driver treats all timestamp and datetime objects the same which is not correct.
2022-10-22 15:25:12 +11:00
renovate[bot]
4611636b2b
build(deps): update node.js to v19 ( #4203 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-10-21 20:34:44 +11:00
James Elliott
5c981e7603
feat(configuration): comment unnecessary template lines ( #4222 )
...
This adjusts the default configuration to mostly include commented configuration.
2022-10-21 20:17:30 +11:00
James Elliott
9532823a99
feat(configuration): mtls clients ( #4221 )
...
This implements mTLS support for LDAP, Redis, and SMTP. Specified via the tls.certificate_chain and tls.private_key options.
Closes #4044
2022-10-21 19:41:33 +11:00
James Elliott
3113ec2b80
feat(commands): random character generator ( #4213 )
...
This improves all random character generator command usages to be nearly identical and reuse a large block of code. It also improves several functions to give more options when randomly generating outputs.
2022-10-21 07:41:46 +11:00
James Elliott
248f1d49d4
feat(oidc): hashed client secrets ( #4026 )
...
Allow use of hashed OpenID Connect client secrets.
2022-10-20 14:21:45 +11:00
James Elliott
3aaca0604f
feat(oidc): implicit consent ( #4080 )
...
This adds multiple consent modes to OpenID Connect clients. Specifically it allows configuration of a new consent mode called implicit which never asks for user consent.
2022-10-20 13:16:36 +11:00
renovate[bot]
395d81e72a
build(deps): update envoyproxy/envoy docker tag to v1.24.0 ( #4208 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-20 10:28:27 +11:00
James Elliott
24e41aed84
feat(commands): add webauthn device commands ( #3671 )
2022-10-19 18:17:55 +11:00
James Elliott
52102eea8c
feat(authorization): query parameter filtering ( #3990 )
...
This allows for advanced filtering of the query parameters in ACL's.
Closes #2708
2022-10-19 14:09:22 +11:00
renovate[bot]
47d18b462a
build(deps): update envoyproxy/envoy docker tag to v1.23.2 ( #4201 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-19 08:32:32 +11:00
James Elliott
a4edf21320
fix(authorization): subject wildcard domain rule not matching ( #4187 )
...
This fixes an issue where the subject wildcard domain rules (those containing {user} and {group}) are not considered matches even though they may be once a user authenticates.
Fixes #4186
2022-10-18 19:14:34 +11:00
James Elliott
a0b2e78e5d
feat(authentication): file case-insensitive and email search ( #4194 )
...
This allows both case-insensitive and email searching for the file auth provider.
Closes #3383
2022-10-18 11:57:08 +11:00
James Elliott
d610874be4
feat(authentication): disabled users in yaml file ( #4193 )
...
Allows setting users as disabled.
2022-10-18 09:10:53 +11:00
James Elliott
84cb457cb0
feat(authentication): file provider hot reload ( #4188 )
...
This adds hot reloading to the file auth provider.
2022-10-17 22:31:23 +11:00
James Elliott
3a70f6739b
feat(authentication): file password algorithms ( #3848 )
...
This adds significant enhancements to the file auth provider including multiple additional algorithms.
2022-10-17 21:51:59 +11:00
James Elliott
8eadf72dc7
docs: rule matching concepts ( #4154 )
...
* docs: rule matching concepts
* docs: add named regex note
* docs: adjust wording
* docs: expand match table
* docs: simplify
* docs: fix link
* docs: fix link
2022-10-16 14:11:43 +11:00
renovate[bot]
c6e1197750
build(deps): update postgres docker tag to v15 ( #4182 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-15 11:51:02 +11:00
renovate[bot]
b3abccc034
build(deps): update caddy docker tag to v2.6.2 ( #4177 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-14 15:22:37 +11:00
James Elliott
3107e493e7
refactor: adjust defaults ( #4137 )
...
* refactor: adjust defaults
* refactor: adjust level
* refactor: adjust level
* refactor: fix templates
2022-10-07 13:52:01 +11:00
renovate[bot]
998856b47c
build(deps): update golang docker tag to v1.19.2 ( #4129 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-05 18:36:00 +11:00
James Elliott
dc79c8ea59
refactor: any ( #4133 )
...
* refactor: any
* refactor: fix test
2022-10-05 16:05:23 +11:00
renovate[bot]
ff0ed6fa22
build(deps): update traefik docker tag to v2.9.1 ( #4126 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-10-04 03:13:03 +00:00
James Elliott
3f39914c8f
refactor: private key decoding and generators ( #4116 )
2022-10-03 11:52:29 +11:00
James Elliott
32bd2eba60
test(suites): use iss cert ( #4114 )
2022-10-02 16:19:26 +11:00
Manuel Nuñez
c8fa19e6bd
feat(notification): add disable_starttls option ( #3855 )
...
This adds a boolean option to SMTP which disables StartTLS for SMTP servers that ignore standards.
2022-10-02 13:51:19 +11:00
James Elliott
6810c91d34
feat(oidc): issuer jwk certificates ( #3989 )
...
This allows for JWKs to include certificate information, either signed via Global PKI, Enterprise PKI, or self-signed.
2022-10-02 13:07:40 +11:00