Commit Graph

3291 Commits (f04596b8e00508cd322ab17f2cd7b8c96e67dc2f)

Author SHA1 Message Date
James Elliott 8bb8207808
feat(oidc): pairwise subject identifiers (#3116)
Allows configuring clients with a sector identifier to allow pairwise subject types.
2022-04-07 16:13:01 +10:00
James Elliott 0a970aef8a
feat(oidc): persistent storage (#2965)
This moves the OpenID Connect storage from memory into the SQL storage, making it persistent and allowing it to be used with clustered deployments like the rest of Authelia.
2022-04-07 15:33:53 +10:00
James Elliott 06fd7105ea
refactor(templates): utilize more accurate naming (#3125) 2022-04-07 13:05:20 +10:00
James Elliott 4ebd8fdf4e
feat(oidc): provide cors config including options handlers (#3005)
This adjusts the CORS headers appropriately for OpenID Connect. This includes responding to OPTIONS requests appropriately. Currently this is only configured to operate when the Origin scheme is HTTPS; but can easily be expanded in the future to include additional Origins.
2022-04-07 10:58:51 +10:00
renovate[bot] a694cf851f
build(deps): update module github.com/fasthttp/router to v1.4.8 (#3126)
* build(deps): update module github.com/fasthttp/router to v1.4.8

* fix: go.sum

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-06 21:42:17 +10:00
renovate[bot] 6dde133cc1
build(deps): update module github.com/fasthttp/session/v2 to v2.4.9 (#3127)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-06 20:58:13 +10:00
James Elliott b325965a55
build(deps): update module github.com/go-webauthn/webauthn to v0.3.0 (#3123) 2022-04-06 14:45:01 +10:00
renovate[bot] a6a924cf79
build(deps): update dependency eslint-plugin-import to v2.26.0 (#3121)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-06 09:34:20 +10:00
renovate[bot] 5f4ce14615
build(deps): update dependency @testing-library/jest-dom to v5.16.4 (#3119)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-06 08:22:27 +10:00
renovate[bot] d96c93ef2b
build(deps): update module github.com/valyala/fasthttp to v1.35.0 (#3120)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-06 07:57:23 +10:00
renovate[bot] 89b78f0ad3
build(deps): update dependency vite to v2.9.1 (#3079)
* build(deps): update dependency vite to v2.9.1

* fix(web): load correct vite env vars

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-04-05 15:43:52 +10:00
renovate[bot] 004490c7b1
build(deps): update dependency alpine to v3.15.4 (#3114)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-05 11:15:43 +10:00
renovate[bot] 3ea41edbaa
build(deps): update typescript-eslint monorepo to v5.18.0 (#3113)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-05 10:55:29 +10:00
Clément Michaud 3ca438e3d5
feat: implement mutual tls in the web server (#3065)
Mutual TLS helps prevent untrusted clients communicating with services like Authelia. This can be utilized to reduce the attack surface.

Fixes #3041
2022-04-05 09:57:47 +10:00
James Elliott a2eb0316c8
feat(web): password reset custom url (#3111)
This allows providing a custom URL for password resets. If provided the disable_reset_password option is ignored, the password reset API is disabled, and the button provided in the UI to reset the password redirects users to the configured endpoint.

Closes #1934, Closes #2854

Co-authored-by: you1996 <youssri@flyweight.tech>
2022-04-04 17:46:55 +10:00
James Elliott b8280dfed6
build(deps): update dependency swagger-ui to 4.10.3 (#3110) 2022-04-04 14:59:27 +10:00
James Elliott 73212671fc
build(web): remove unused types (#3109) 2022-04-04 13:19:07 +10:00
James Elliott fb59ff6972
build: enable empty out dir vite option (#3107) 2022-04-04 12:55:09 +10:00
James Elliott aac4c4772c
feat(web): i18n asset overrides (#3040)
This allows overriding translation files in folders with lowercase RFC5646 / BCP47 Format language codes. This also fixes an issues where languages which don't expressly match the language code specified due to having a variant will also match the existing codes.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-04-04 12:15:26 +10:00
James Elliott ee9ce27ccf
ci: codeql only on code changes (#3108) 2022-04-04 10:02:33 +10:00
James Elliott 2502d89682
fix(server): respond with 404/405 appropriately (#3087)
This adjusts the not found handler to not respond with a 404 on not found endpoints that are part of the /api or /.well-known folders, and respond with a 405 when the method isn't implemented.

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2022-04-04 09:58:01 +10:00
Amir Zarrinkafsh fa143ea029
fix(web): update client rendering method (#3106)
This PR utilises the React 18 Client Rendering API along with createRoot as opposed to the React 17 ReactDOM.render method.
2022-04-04 09:39:18 +10:00
renovate[bot] ec8d71f63f
build(deps): update material-ui monorepo (#3105)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-04 07:24:27 +10:00
James Elliott 7230db7cea
refactor(configuration): decode_hooks blackbox and better testing (#3097) 2022-04-03 22:44:52 +10:00
Manuel Nuñez bfd5d66ed8
feat(notification): password reset notification custom templates (#2828)
Implemented a system to allow overriding email templates, including the remote IP, and sending email notifications when the password was reset successfully.

Closes #2755, Closes #2756

Co-authored-by: Manuel Nuñez <@mind-ar>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-03 22:24:51 +10:00
James Elliott 9e05066097
refactor(handlers): ppolicy (#3103)
Add tests and makes the password policy a provider so the configuration can be loaded to memory on startup.
2022-04-03 21:58:27 +10:00
renovate[bot] 0f6ca55016
build(deps): update dependency eslint-import-resolver-typescript to v2.7.1 (#3104)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-03 17:02:59 +10:00
renovate[bot] 0559e33263
build(deps): update dependency prettier to v2.6.2 (#3100)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-03 16:21:13 +10:00
James Elliott 36cf662458
refactor: misc password policy refactoring (#3102)
Add tests and makes the password policy a provider so the configuration can be loaded to memory on startup.
2022-04-03 10:48:26 +10:00
Manuel Nuñez 8659ba394d
feat(authentication): password policy (#2723)
Implement a password policy with visual feedback in the web portal.

Co-authored-by: Manuel Nuñez <@mind-ar>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-03 08:32:57 +10:00
bgh-github cd2d88f9f3
docs: add oidc details for miniflux app (#3096)
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-02 17:28:48 +11:00
James Elliott 4d7f930e74
docs: fix regex examples (#3094) 2022-04-02 16:41:16 +11:00
James Elliott 86dcb54e4a
ci: skip internal/configuration/config.template.yml (#3095) 2022-04-02 16:24:02 +11:00
allcontributors[bot] 1d67072c78
docs: add protvis74 as a contributor for translation (#3091)
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-02 15:43:43 +11:00
James Elliott e888d2c4a8
ci: skip codeql on repo or doc files (#3093) 2022-04-02 15:38:52 +11:00
allcontributors[bot] 6ecbc3d7d9
docs: add mind-ar as a contributor for code, translation (#3092)
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2022-04-02 15:36:27 +11:00
allcontributors[bot] 9eca6bbd64
docs: add you1996 as a contributor for design (#3090)
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2022-04-02 15:17:22 +11:00
allcontributors[bot] 89340c5aaa
docs: add bgh-github as a contributor for doc (#3089)
Co-authored-by: allcontributors[bot] <46447321+allcontributors[bot]@users.noreply.github.com>
2022-04-02 15:11:51 +11:00
bgh-github ce69cb2414
docs: fix oidc applications table display (#3088) 2022-04-02 15:09:47 +11:00
yossbg 1bae65ad33
feat(templates): display link in mails sent by authelia (#2785)
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-01 23:34:17 +11:00
James Elliott 3c1bb3ec19
feat(authorization): domain regex match with named groups (#2789)
This adds an option to match domains by regex including two special named matching groups. User matches the username of the user, and Group matches the groups a user is a member of. These are both case-insensitive and you can see examples in the docs.
2022-04-01 22:38:49 +11:00
James Elliott 0116506330
feat(oidc): implement amr claim (#2969)
This adds the amr claim which stores methods used to authenticate with Authelia by the users session.
2022-04-01 22:18:58 +11:00
James Elliott b2d35d88ec
feat(configuration): allow rfc4918 http verbs in acl (#2988)
This allows the HTTP Method verbs from RFC4918 to be used. See https://datatracker.ietf.org/doc/html/rfc4918 for more information.
2022-04-01 21:53:10 +11:00
protvis74 c3faa38d72
feat(web): add de i18n translation (#3043)
Added German translation to Authelia.

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-01 21:25:30 +11:00
Clément Michaud fa2cebf009
ci: introduce github codeql analysis (#3071)
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-01 09:42:50 +11:00
renovate[bot] 4e6ceeb38d
build(deps): update dependency react-router-dom to v6.3.0 (#3085)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-04-01 09:20:11 +11:00
renovate[bot] 87ef1ad9e1
build(deps): update dependency @testing-library/react to v13 (#3082)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-31 18:09:32 +11:00
renovate[bot] df9492ca0e
build(deps): update dependency traefik to v2.6.3 (#3075)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-31 17:00:08 +11:00
renovate[bot] 67f4bab7a6
build(deps): update dependency @vitejs/plugin-react to v1.3.0 (#3078)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-03-31 13:05:31 +11:00
renovate[bot] 93d8eb9dee
build(deps): update dependency qrcode.react to v3.0.1 (#3080)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-03-31 09:08:23 +11:00