mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity
2140 commits 17 branches 59 tags 246 MiB
Commit graph

2140 commits

This branch
This branch
All branches
Author SHA1 Message Date
pando85 5572497909
fix(kanidmd): Print replication cert to stdout (#3179) 
ShowReplicationCertificate was printing the certificate to stderr
which is not consistent with the rest of the output commands.
 2024-11-07 00:30:24 +00:00
Firstyear fbbe10e295
Correct missing CSP header (#3177) 2024-11-05 14:48:11 +10:00
Firstyear c96e9772c7
Resolve pam services not always having a tty (#3176) 2024-11-05 00:49:33 +00:00
Firstyear ea1fcf59e5
Resolve incorrect handling of rhost in pam (#3171) 2024-11-03 00:13:26 +00:00
CEbbinghaus 1b58e4169a
chore: Made oauth2 scopes required in CLI (#3165) 2024-11-01 01:59:27 +00:00
micolous cc7530aa65
More "choosing a domain" revision (#3161) 
* More "choosing a domain" revision:

* Link to the domain rename process
* Add some hyphens to make things easier to read
* Move the OAuth 2.0 domain sharing guidance into the origin section
* Add DNS -> IP as a potential issue
* Discourage requesting public suffix list inclusion as a workaround

* Add "own hostname" section
 2024-10-30 01:48:46 +00:00
dependabot[bot] d174cbfd72
Bump jsonschema from 0.21.0 to 0.26.0 in the all group (#3157) 
* Bump jsonschema from 0.21.0 to 0.26.0 in the all group

Bumps the all group with 1 update: [jsonschema](https://github.com/Stranger6667/jsonschema).


Updates `jsonschema` from 0.21.0 to 0.26.0
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema/compare/rust-v0.21.0...rust-v0.26.0)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* fixing up change in JSONschema errors

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
Co-authored-by: Firstyear <william@blackhats.net.au>
 2024-10-30 01:31:48 +00:00
George Wu fbb3b6b2db
Update missing inputmode numeric when adding a new TOTP. (#3160) 2024-10-29 12:57:24 +00:00
Firstyear ce31abeeb0
Improve OAuth2 authorisation ux (#3158) 
- Resolve an issue where oauth2 could trigger the login page to
  incorrectly redirect to an oauth2 application instead of apps
- Add indication of what client application we are accessing
  if the session is not yet authenticated
 2024-10-29 04:56:28 +00:00
Firstyear 53dcb5265a
Fix attribute scim sync attribute naming (#3159) 2024-10-29 14:26:51 +10:00
George Wu d2c329f330
Change to text input and use numeric mode for TOTP prompts. (#3154) 
* Change to text input and use inputmode numeric for TOTP prompts.

* Fix some typos.
 2024-10-27 23:57:28 +00:00
dependabot[bot] 44ddfb98f1
Bump the all group in /pykanidm with 3 updates (#3156) 
Bumps the all group in /pykanidm with 3 updates: [mypy](https://github.com/python/mypy), [coverage](https://github.com/nedbat/coveragepy) and [ruff](https://github.com/astral-sh/ruff).


Updates `mypy` from 1.12.1 to 1.13.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.12.1...v1.13.0)

Updates `coverage` from 7.6.3 to 7.6.4
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.3...7.6.4)

Updates `ruff` from 0.7.0 to 0.7.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.0...0.7.1)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-28 09:18:11 +10:00
Firstyear f7d701c344
Fix release note date and typos (#3153) 2024-10-27 13:06:11 +10:00
Firstyear a76a0f5a6e
Begin 1.5.0 Development Cycle (#3150) 2024-10-27 01:53:24 +00:00
Firstyear 243a020bdb
Release Notes (#3149) 
* Update RELEASE_NOTES.md
 2024-10-27 00:46:25 +00:00
Firstyear 2e6d940691
Remove WASM (#3148) 
liberal party took over, more cuts
 2024-10-26 17:19:13 +10:00
micolous 5c9eb87a75
Rewrite "choosing a domain", add other considerations (#3147) 
Co-authored-by: Firstyear <william@blackhats.net.au>
 2024-10-26 05:31:01 +00:00
Wei Jian Gan bc55313d87
Harmonize UI and remove unused css (#3033) 
-------

Co-authored-by: Wei Jian Gan <wg@danicapension.dk>
Co-authored-by: William Brown <william@blackhats.net.au>
 2024-10-26 04:47:44 +00:00
James Hodgkinson 151a9ad90f
ripping out some extra packages (#3146) 2024-10-26 02:27:56 +00:00
James Hodgkinson 5a709520dc
OAuth2 Device flow foundations (#3098) 2024-10-26 12:08:48 +10:00
Firstyear b0824fef18
htmx by default (#3145) 
* htmx by default

* restore the webmanifest

* fixing unused import

---------

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-10-26 01:44:00 +00:00
Firstyear b7e682c43f
Support reloading via systemd (#3144) 2024-10-26 01:24:58 +00:00
CEbbinghaus dc56a3217d
Chore: Refactor Groups to be more generic (#3136) 2024-10-25 00:36:20 +00:00
Firstyear d2ae2ca206
20241024 1271 cert reload on SIGHUP (#3140) 
reload certificates and keys on SIGHUP
 2024-10-25 00:01:30 +00:00
Firstyear 4c2eeeb135
Update docs, improve locking (#3141) 2024-10-25 09:42:52 +10:00
James Hodgkinson 120f990ce1
2856 - use tags for containers on build (#3139) 
* ci: push docker image for git tags
* tweaking tag references, such tag, many build

---------

Co-authored-by: guillaumedsde <30023543+guillaumedsde@users.noreply.github.com>
 2024-10-24 02:12:20 +00:00
Firstyear ccb3848b88
Fix image when too smol (#3138) 2024-10-23 17:11:12 +10:00
James Hodgkinson bbe9ad1a06
yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135) 2024-10-23 16:04:38 +10:00
Firstyear 31420c3ff9
ipinfo should be single value (#3137) 2024-10-23 02:39:40 +00:00
Firstyear 48cd6638fe
Tidy the reauth ui (#3130) 
* Tidy the reauth ui
 2024-10-23 11:59:05 +10:00
George Wu 8b4d0d6ead
Add missing schemas to get OpenAPI validation to pass. (#3129) 2024-10-22 08:27:37 +10:00
George Wu 7eb54be487
Change some OperationError into HTTP Bad Request (400). (#3125) 2024-10-21 02:57:23 +00:00
dependabot[bot] bdc0dc6190
Bump the all group with 11 updates (#3127) 
Bumps the all group with 11 updates:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.89` | `1.0.90` |
| [hyper](https://github.com/hyperium/hyper) | `1.4.1` | `1.5.0` |
| [libc](https://github.com/rust-lang/libc) | `0.2.159` | `0.2.161` |
| [openssl-sys](https://github.com/sfackler/rust-openssl) | `0.9.103` | `0.9.104` |
| [openssl](https://github.com/sfackler/rust-openssl) | `0.10.66` | `0.10.68` |
| [proc-macro2](https://github.com/dtolnay/proc-macro2) | `1.0.87` | `1.0.88` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.128` | `1.0.132` |
| [syn](https://github.com/dtolnay/syn) | `2.0.79` | `2.0.82` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.10.0` | `1.11.0` |
| [wasm-bindgen-futures](https://github.com/rustwasm/wasm-bindgen) | `0.4.43` | `0.4.45` |
| [wasm-bindgen-test](https://github.com/rustwasm/wasm-bindgen) | `0.3.43` | `0.3.45` |


Updates `anyhow` from 1.0.89 to 1.0.90
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.89...1.0.90)

Updates `hyper` from 1.4.1 to 1.5.0
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper/compare/v1.4.1...v1.5.0)

Updates `libc` from 0.2.159 to 0.2.161
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.161/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.159...0.2.161)

Updates `openssl-sys` from 0.9.103 to 0.9.104
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.103...openssl-sys-v0.9.104)

Updates `openssl` from 0.10.66 to 0.10.68
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.66...openssl-v0.10.68)

Updates `proc-macro2` from 1.0.87 to 1.0.88
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.87...1.0.88)

Updates `serde_json` from 1.0.128 to 1.0.132
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/1.0.128...1.0.132)

Updates `syn` from 2.0.79 to 2.0.82
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.79...2.0.82)

Updates `uuid` from 1.10.0 to 1.11.0
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.10.0...1.11.0)

Updates `wasm-bindgen-futures` from 0.4.43 to 0.4.45
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/commits)

Updates `wasm-bindgen-test` from 0.3.43 to 0.3.45
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/commits)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: hyper
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: openssl-sys
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: openssl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: proc-macro2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: wasm-bindgen-futures
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: wasm-bindgen-test
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-20 22:27:26 +00:00
dependabot[bot] ab84b0a081
Bump the all group in /pykanidm with 5 updates (#3128) 
Bumps the all group in /pykanidm with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [mypy](https://github.com/python/mypy) | `1.11.2` | `1.12.1` |
| [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.5.40` | `9.5.42` |
| [mkdocstrings-python](https://github.com/mkdocstrings/python) | `1.12.0` | `1.12.2` |
| [pook](https://github.com/h2non/pook) | `2.1.0` | `2.1.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.6.9` | `0.7.0` |


Updates `mypy` from 1.11.2 to 1.12.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.11.2...v1.12.1)

Updates `mkdocs-material` from 9.5.40 to 9.5.42
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.40...9.5.42)

Updates `mkdocstrings-python` from 1.12.0 to 1.12.2
- [Release notes](https://github.com/mkdocstrings/python/releases)
- [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/python/compare/1.12.0...1.12.2)

Updates `pook` from 2.1.0 to 2.1.1
- [Release notes](https://github.com/h2non/pook/releases)
- [Changelog](https://github.com/h2non/pook/blob/master/History.rst)
- [Commits](https://github.com/h2non/pook/compare/v2.1.0...v2.1.1)

Updates `ruff` from 0.6.9 to 0.7.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.9...0.7.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: mkdocs-material
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: mkdocstrings-python
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: pook
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-21 08:07:33 +10:00
George Wu 57aeeb5f94
Fill in some Swagger API docs for a few v1 endpoints. (#3126) 2024-10-20 07:56:34 +00:00
Matthew Wilks e530cde361
Diagram Improvements in Book (#3124) 
* Bump mermaid to 11.3.0
* Mermaid theme changes based on mdbook theme
* Replace old use cases diagram with mermaid one
* Change out ASCII git art with mermaid git graph
* Remove old theme.css file from book
 2024-10-19 23:46:29 +00:00
Merlijn 5064712fe6
Fix passkey auth flow redirects (#3123) 
* Fix passkey auth flow redirects
* Handle webauthn error
 2024-10-20 09:24:41 +10:00
Firstyear c9bf304bc0
Improve handling of inaccesible shadow file (#3122) 2024-10-19 07:36:27 +00:00
George Wu a0944b8601
Log HTTP Not Found (404) as info log level. (#3119) 2024-10-19 07:00:29 +00:00
James Hodgkinson 68119e1067
more errors for the people (#3121) 2024-10-18 23:51:45 +00:00
Firstyear dc5f40d404
20241017 unixd home (#3113) 2024-10-18 05:06:33 +00:00
Firstyear 5a3e5f1e07
20241017 3107 token ttl (#3114) 2024-10-18 03:28:52 +00:00
Jinna Kiisuo 99a799d72a
docs: Update kanidm_ppa instructions for new repo logic (#3117) 
Anyone that had the alpha version of the kanidm_ppa repo in use
will need to follow the guidance under "Installing stable on top of nightly"
to migrate.
 2024-10-18 01:17:21 +00:00
James Hodgkinson b96eceb205
fix(lint) minor lint fix for unnecessary match use (#3118) 
sorry clippy I'm a better lintyboi naow
 2024-10-17 23:27:49 +00:00
George Wu 9836b2bf12
Totp input changes (#3115) 2024-10-17 06:45:13 +00:00
Firstyear 8c8f72381f
Add the strict flag on client creates for developers (#3111) 2024-10-16 13:58:57 +10:00
Firstyear 2075125439
Working scim entry get for person (#3088) 2024-10-15 04:29:45 +00:00
Firstyear 50e513b30b
Add nss testframework and fallback when daemon offline (#3093) 2024-10-15 04:05:51 +00:00
Jinna Kiisuo 03645c8bf2
Improve deb packaging, add aarch64 (#3083) 
* feat: Rebuild the deb packaging flow
fix: Add more sudo, GHA likes sudo
fix: Give build_debs.sh only the triplet argument
fix: Work around more GHA weirdness in apt sources
Drop crossbuild as it was only used by debian packaging
docs: Update book and other docs for packaging flow
feat: package kanidm_tools aka kanidm cli
docs: Update packaging docs for latest process and clarity
fix: use full triple in sdynlib variants
fix: Correct kanidm.pam asset placement
fix: Give pam & nss modules a description so the debs get it
fix: Work around wonky libssl3 naming in Ubuntu 24.04
fix: Place kanidm bin correctly :3
feat: Pin all blame on @yaleman :3
WIP: Swap out the submodule reference. Still not the final one though.
refactor: Switch kanidm-pam & kanidm-nss to mandatory deps
While in theory unixd will start and run without them, it also won't do
anything useful.
fix: explicit depends for nss & pam libs without versions
We build the debs on the ubuntu24.04 GHA runner so automatic pins
versions that are too new for 22.04. Ideally we'd run cargo-deb also on
the target images but that'll have to be a future improvement.
* refactor: Switch nss_kanidm & pam_kanidm package naming closer to debian guidance
* feat: Attempt enabling unixd by default with secure defaults
* fix: Relax config permissions so the kanidm user can read
Also, update postinst config instructions
 2024-10-15 02:27:48 +00:00
James Hodgkinson c8b3b6214c
Cache buster buster (#3091) 2024-10-15 01:54:46 +00:00