mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
855 commits 17 branches 59 tags 246 MiB
Commit graph

161 commits

Author SHA1 Message Date
dependabot[bot] bdca8310fc
Bump clap from 3.1.18 to 3.2.5 (#831) 2022-06-20 07:26:52 +10:00
dependabot[bot] a18ff9e2e4
Bump tracing from 0.1.34 to 0.1.35 (#820) 2022-06-13 08:51:23 +10:00
Mateus Amin 50a253027b
Clap Migration (#817) 2022-06-11 15:24:29 +10:00
dependabot[bot] 032c324295
Bump tokio from 1.18.2 to 1.19.1 (#812) 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.18.2 to 1.19.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.18.2...tokio-1.19.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-06 08:22:36 +10:00
Firstyear b97d13d284
383 170 164 authentication updates - credential update webui! (#809) 2022-06-05 16:30:08 +10:00
Triss Healy b5794c97a3
Change success message to println instead of warn (#795) 2022-05-29 13:39:20 +10:00
dependabot[bot] 92fe11ce41
Bump libc from 0.2.125 to 0.2.126 (#763) 
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.125 to 0.2.126.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.125...0.2.126)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-05-23 08:16:48 +10:00
dependabot[bot] 31234cfddb Bump rayon from 1.5.2 to 1.5.3 
Bumps [rayon](https://github.com/rayon-rs/rayon) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/rayon-rs/rayon/releases)
- [Changelog](https://github.com/rayon-rs/rayon/blob/master/RELEASES.md)
- [Commits](https://github.com/rayon-rs/rayon/compare/v1.5.2...v1.5.3)

---
updated-dependencies:
- dependency-name: rayon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 12:52:07 +10:00
dependabot[bot] 7389a145c9
Bump dialoguer from 0.10.0 to 0.10.1 (#753) 
Bumps [dialoguer](https://github.com/mitsuhiko/dialoguer) from 0.10.0 to 0.10.1.
- [Release notes](https://github.com/mitsuhiko/dialoguer/releases)
- [Changelog](https://github.com/mitsuhiko/dialoguer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/dialoguer/compare/v0.10.0...v0.10.1)

---
updated-dependencies:
- dependency-name: dialoguer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-05-10 13:50:56 +10:00
Firstyear 12852cf0a0
383 170 164 authentication updates 4 (#739) 
* Codes and TOTP done!
* Cleanup
 2022-05-06 09:52:58 +10:00
dependabot[bot] 71f6c193a0
Bump serde from 1.0.136 to 1.0.137 (#731) 2022-05-02 10:30:09 +10:00
dependabot[bot] 3f898ab66b
Bump libc from 0.2.124 to 0.2.125 (#732) 2022-05-02 10:06:52 +10:00
dependabot[bot] cca1eee3d2
Bump serde_json from 1.0.79 to 1.0.80 (#733) 2022-05-02 10:06:40 +10:00
William Brown 980f358d85 Push some missed bits to documents 2022-05-01 15:18:26 +10:00
William Brown b6be05248c (cargo-release) version 1.1.0-alpha.8 2022-05-01 13:58:18 +10:00
Firstyear 53f3260285
Remove async references (#724) 2022-04-29 13:23:46 +10:00
Firstyear 8dc0199380
383 170 164 authentication updates 3 (#723) 2022-04-29 13:03:21 +10:00
Firstyear a58edc5128
20220427 dependency updates (#718) 2022-04-27 13:35:26 +10:00
Firstyear 9ade567a52
383 170 164 authentication updates 2 (#716) 
Add foundations for credential update sessions.
 2022-04-27 10:56:18 +10:00
James Hodgkinson eb37e2f4ba
webUI "this is alpha" message (#675) 2022-04-17 09:56:43 +10:00
cuberoot74088 d9016011f4
Add "oauth2 set_displayname" commad (#670) 
This allows to update the displayname on an existing resource server.
 2022-04-05 08:35:21 +10:00
Euan Kemp 0c3ce226cf
Add 'account person set' command (#667) 
* Add 'account person set' command

This command allows a user to modify, say, their legal name in a
self-service fashion.

This wasn't possible before by default since the 'extend' operation
required additional ACPs in order to operate which not every user would
have.

The new "person set" api is compatible with the default self_write ACP,
and so allows self-service modification.

* Add a short section on people attributes to the book
 2022-04-02 13:24:07 +10:00
Euan Kemp fb12a1a86b
Display errors when cli operations fail (#666) 
This fixes a regression, introduced in #659, in the CLI's default output.
Since 404 & 403 errors don't trigger any logs further down the stack,
they'd exit eerily silently with the default cli loglevel.
 2022-04-02 11:49:00 +10:00
James Hodgkinson 134235ef7f
Specifying MSRV in package now (#664) 
* specifying MSRV in package now
 2022-03-31 14:12:53 +10:00
Firstyear 3f7c692a7c
Cleanup display output (#659) 2022-03-28 13:39:07 +10:00
James Hodgkinson a61ef91ac6
Fixes 654 - make DEVELOPER_README valid (#656) 
* updating dev readme and scripting

* fixing confusing debug message about config loading
 2022-03-28 08:36:25 +10:00
Firstyear bd41ef8f91
Add design doc, revive the domain wide enc token (#649) 
* Add design doc, revive the domain wide enc token, use jwt from our lib instead of bundy, update docs
 2022-03-14 17:29:04 +10:00
Firstyear f252d91e13
20220219 webui updates + source refactor + clippy go clip clip (#642) 2022-02-20 12:43:38 +10:00
William Brown c8468199fc (cargo-release) version 1.1.0-alpha.7 2021-12-31 09:27:57 +10:00
Firstyear d25e3b338a
Pre-release update and cleanup (#631) 2021-12-31 09:11:20 +10:00
Firstyear c6c564cebb
Finalise email changes for oidc (#629) 2021-12-25 09:47:14 +10:00
Firstyear 22682279aa
20211216 tracing cleanup (#627) 2021-12-17 13:54:13 +10:00
Firstyear 42df4bf1a3
Refactor of value and addition of base types for business attributes (#626) 2021-12-16 10:13:03 +10:00
Firstyear 0f4189a57e
278 603 OIDC implementation (#608) 2021-11-21 16:41:49 +10:00
Firstyear c9ef4fe5df
Setup for webauthn subdomain support (#598) 2021-10-20 14:42:43 +10:00
James Hodgkinson a195964b2e
Update outputs for "group" commands (#591) 2021-10-11 08:53:45 +10:00
Firstyear a09c1bc169
fixes (#589) 2021-10-10 08:44:58 +10:00
Firstyear c62b39c338
509 oauth2 scope mapping (#586) 2021-10-07 18:31:48 +10:00
Quinn d59ddcc74a
Added num-enum support for runtime enums (#585) 2021-10-02 09:02:36 +10:00
William Brown c9f4b1dc2e (cargo-release) version 1.1.0-alpha.6 2021-10-01 11:44:25 +10:00
cuberoot74088 ed522fb769
Added an interactive cli dialog to kanidm login (#584) 2021-10-01 08:35:01 +10:00
Firstyear 573e346476
Add support for storing security token key in domain config (#581) 2021-09-25 11:24:00 +10:00
James Hodgkinson 9f3352cf71
fixes #556, humanises connection errors a little (#561) 2021-08-08 13:36:41 +10:00
James Hodgkinson 100ef49e4e
prompting for username when multiple tokens exist on logout (#559) 2021-08-08 09:56:09 +10:00
James Hodgkinson 8737a7ad78
making 📎 slightly happier (#551) 2021-08-02 10:54:55 +10:00
James Hodgkinson 6ff74c976e
Auto-publishing the book and rustdoc. (#534) 2021-07-24 11:12:35 +10:00
cuberoot74088 8306c3bc6a
Rename to SetCredentialRequest::BackupCodeGenerate (#524) 2021-07-22 12:04:56 +10:00
James Hodgkinson 7997864187
Prompting user for their username when multiple tokens exist (#525) 2021-07-13 08:46:45 +10:00
cuberoot74088 620a1717a8
495 backup codes cli extension (#517) 2021-07-08 12:50:55 +10:00
William Brown 4be329e946 (cargo-release) version 1.1.0-alpha.5 2021-07-07 12:04:12 +10:00
Firstyear e134fa5b40
Fix totp registration workflow with broken authenticators (#516) 2021-07-03 14:39:22 +10:00
James Hodgkinson 93d5c5434d
fixes #503 - TOTP prompt no longer drops a newline (#515) 
* fixes #503

* Adding comment for future archeologists. Hello, future-people!
 2021-06-30 16:56:31 +10:00
James Hodgkinson 554ff3bb1b
Fixing kanidm windows client build (#507) 2021-06-30 10:34:45 +10:00
Firstyear 1de1b2db3b
Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) 2021-06-29 14:23:39 +10:00
James Hodgkinson 78e189ee34
Fixes #494 - password change user-facing responses (#499) 2021-06-28 13:05:37 +10:00
Firstyear 35d32bc5dd
Update webauthn-authenticator-rs to fix test failures (#493) 2021-06-26 11:47:21 +10:00
Quinn fff6a1bdbc
Closure Refactoring (#482) 2021-06-17 10:03:48 +10:00
Firstyear 807af81184
64 120 session claims (#462) 2021-06-02 09:30:37 +10:00
Firstyear e8b1089bfd
414 clear stale credentials (#447) 2021-05-26 16:11:00 +10:00
James Hodgkinson 1229669785
adding env vars, making clippy happier, cleaning up some error messages (#438) 2021-05-09 22:06:58 +10:00
Firstyear 6901a5a545
Orca - a load testing framework for Kanidm (#431) 2021-05-06 21:15:12 +10:00
James Hodgkinson e6f34d5dc5
Adding a new verb group remove_members (#434) 
Co-authored-by: William Brown <william@blackhats.net.au>
 2021-05-06 20:47:28 +10:00
James Hodgkinson 77381c1a2a
User feedback improvements, also handling a permissions issue (#424) 2021-04-26 11:52:13 +10:00
James Hodgkinson de431451f4
Making clippy happy (#420) 2021-04-25 11:35:56 +10:00
James Hodgkinson 01e9aa982d
Fix 421 - clearer debug messages when doing things (#422) 2021-04-25 11:35:36 +10:00
Firstyear 8da89613e3
Rough working login page (#417) 2021-04-24 10:53:19 +10:00
James Hodgkinson f97a3bf596
Make clippy happy (#415) 2021-04-19 10:20:24 +10:00
William Brown 6152b7ae14 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:21 +10:00
Firstyear 6bc719cdb2
Base web UI (#391) 
Initial web ui (not-functional yet)
 2021-03-26 11:22:00 +10:00
Sebastian Neubauer 7eed7393c8
Raw database json use lowercase keys (#380) 
Update docs to reflect that.
 2021-03-20 13:47:32 +10:00
Firstyear adb3f819ba
Add the unixd tasks daemon (#349) 
Fixes #180 - this adds an oddjobd style tasks daemon to the unix tools. This supports creation of home directories and the maintenance of alias symlinks to these allowing user renames. The tasks daemon is written to require root, but is seperate from the unixd daemon. Communication is via a root-only unix socket that the task daemon connects into to reduce the possibility of exploit.

Fixes #369 due to the changes to call_daemon_blocking
 2021-03-13 12:33:15 +10:00
Firstyear ff61c37ae3
Add credential display command (#370) 
Fixes #364 - this adds a credential display command to the cli, and the api so it can be used later.
 2021-03-11 11:17:13 +10:00
Firstyear 3137e3d682
Complete MFA and Webauthn handlers (#360) 
Fixes #357 - this allows the password MFA handler to correct handle a mixed totp or webauthn credential with passwords. This is likely the "majority" of accounts we will see on the service.
 2021-02-20 12:41:22 +10:00
Firstyear 6c79914395
306 command complete (#354) 
Fixes #306 adding command line autocompletion. These are generated to: CARGO_TARGET_DIR/item-hash/out/. These will need to be packaged for distros later, it's unclear how we could use cargo install with these as cargo doesn't support arbitrary artefacts like this (yet?).
 2021-02-13 13:46:22 +10:00
Firstyear c416bc19df
Automatically create .cache if it doesn't exist. (#355) 2021-02-11 22:32:31 +10:00
Firstyear a3d7401d03
Add clean ups based on review feedback (#351) 
* Add clean ups based on charcols suggestions
 2021-02-09 10:25:02 +10:00
Firstyear 8006142c9e
202 totp cli enrollment (#348) 
Fixes #202 - This adds support for enrolling and removing totp on the cli, as well as a rebuilt work flow for login to allow dynamic prompting of what credetials are required.
 2021-02-08 13:31:31 +10:00
Firstyear 3844aadf60
Tokio1.0 (#340) 
Upgrade dependencies, with the major highlight as the upgrade to tokio 1.0
 2021-01-10 13:41:56 +10:00
William Brown 9e536e9202 (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:16 +10:00
Firstyear ec48edac82
13 135 webauthn support (#332) 
Fixes #13 and Fixes #135 - webauthn and webauthn with cli. This is the core of webauthn, but only as a single factor. Some changes are still needed for webauthn as MFA and as a verified single factor. This will be made in a subsequent PR.
 2020-12-02 11:12:07 +10:00
Firstyear 018039b0b2
Account valid-from and expiry (#322) 
Fixes #59 account policy and lockout. This is achived with a valid_from and expire attribute that are timestamps. Cli tools are added to manage these.
 2020-10-10 10:31:51 +10:00
William Brown 764e7277fd Update 2020-10-01 10:11:21 +10:00
William Brown d2fab0659c (cargo-release) version 1.1.0-alpha.2 2020-10-01 10:04:26 +10:00
Firstyear 4bf8ef72d5
250 cookie to auth bearer (#321) 
Fixes #250, replacing cookies with auth-bearer tokens. This is done using fernet with randomised keys each startup. The reason for this is that in the future the size of the auth token may exceed cookie limits, so we must be able to understand and process auth bearer. Additionaly, this lets us store the tokens for say the kanidm cli as reqwest today can't persist a cookie jar.
 2020-09-18 13:19:57 +10:00
William Brown 85ec82832e V large cleanup 2020-08-05 09:58:49 +10:00
William Brown 217e3455a2 Cleanup and improve client error handling 2020-08-02 09:16:34 +10:00
Firstyear c8ac4970d8
Release Prep (#283) 2020-06-30 14:58:35 +10:00
Firstyear fec28e03e2
195 rel cleanup (#268) 
Fixes #195 pre release cleanup. This does a LOT, clippy, formatting, and much much more. It fixes a lot of parts of the book, improves server config and more.
 2020-06-18 10:30:42 +10:00
Firstyear 5eb370bc43
Phase 2, logging refactor (#236) 
* Phase 2, logging refactor
 2020-05-22 17:03:42 +10:00
Charelle Collett d4e73ef5c9 Fixes #203 confirm password dialog 2020-05-17 20:25:47 +10:00
Firstyear 15bc8d4120
101 idlcache (#224) 
Fixes #101, concurrent caching of IDL and Entries. This yields a 10% improvement for test case execution, and 35% for tests run under --release mode. A lot of code around the code base was needed to be touched due to the extra need for mut in some operations and some lifetimes, but the majority of the work was in idl_arc_sqlite.rs, which has the cache layer. There are many performance gains yet to see, but most of those will come through improvement of the concread ARC and it's related BTree implementation.
 2020-05-11 21:12:32 +10:00
William Brown b8f906ed36 Update outdated libraries and add helper make argument. 2020-04-11 10:48:34 +10:00
William Brown 29d99654c3 Update to latest rc 2020-04-10 15:55:25 +10:00
Firstyear 6388bcf6fc
20200322 132 recyclebin 2 (#193) 
Implements #132, the recycle bin. This completes the feature, with working API's, front end tests and CLI tooling. It also includes a refactor of the CLI tools to make them a bit easier to manage/work with.
 2020-03-25 08:21:49 +10:00
Firstyear 5a9ad39d6b
20200218 pam (#189) 
Add support for unix_password handling, and pam authentication for services.
 2020-02-29 14:02:14 +10:00
Firstyear 9de7d33293
129 nsswitch stage 2 groups (#185) 
Implements #129, adding the libnss_kanidm.so/dylib, and the related caching parts for properly handling these types.
 2020-02-15 10:57:25 +10:30
Firstyear d063d358ad
129 pam nsswitch stage 1 daemon (#179) 
Implements #129, pam and nsswitch daemon capability. This is stage 1, which adds a localhost unix domain socket resolver, a ssh key client, support to the server for generating unix tokens, an async client lib, and client handles for adding posix extensions to accounts and groups.
 2020-02-13 10:43:01 +11:00
Tristram Healy 4470311f84 Replaced Firstyear 2020-01-17 11:57:30 +10:00
Alberto Planas c2d98f2057 Address clippy reports attending to #![deny(warnings)] 2020-01-15 09:55:01 +10:00
Alberto Planas 311de5248b Remove "extern crate" from binary crates 2020-01-15 09:55:01 +10:00