mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
442 commits 17 branches 59 tags 246 MiB
Commit graph

91 commits

Author SHA1 Message Date
Firstyear b8c33ea3ac
Update to remove vuln jquery instance (#541) 2021-07-28 10:38:47 +10:00
James Hodgkinson 25961b2c46
adding a check for rustc MSRV (#542) 2021-07-27 13:20:50 +10:00
Firstyear 5069df9939
Improve errors (#539) 2021-07-26 08:33:49 +10:00
Firstyear 1791f12adf
Oauth2 ui flows (#527) 2021-07-25 10:51:37 +10:00
Firstyear ea080feac8
Update webauthn-rs to alpha.9 (#532) 2021-07-24 14:58:38 +10:00
James Hodgkinson 7997864187
Prompting user for their username when multiple tokens exist (#525) 2021-07-13 08:46:45 +10:00
James Hodgkinson fc2824eec5
fixing restores on #456 (#519) 2021-07-08 10:09:15 +10:00
William Brown 4be329e946 (cargo-release) version 1.1.0-alpha.5 2021-07-07 12:04:12 +10:00
William Brown e5e760b109 Release prep 2021-07-07 12:02:46 +10:00
Firstyear 4c6a28b7ad
511 upgrade failure - add debuging tools and improve debugging of the issue. (#512) 2021-07-01 14:51:25 +10:00
Firstyear 1de1b2db3b
Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) 2021-06-29 14:23:39 +10:00
Firstyear 35d32bc5dd
Update webauthn-authenticator-rs to fix test failures (#493) 2021-06-26 11:47:21 +10:00
Firstyear f5e2295319
20210607 orca ldap (#470) 2021-06-17 13:53:23 +10:00
Firstyear ea34dc08a9
Add email syntax (#465) 
Part one of #461 - this adds the syntax to support email addresses and validation of their content, and a method to serialise to the DB that can be extended with attribute tagging in the future. Part two will address administration of these values.
 2021-06-12 10:01:44 +10:00
Firstyear e8b1089bfd
414 clear stale credentials (#447) 2021-05-26 16:11:00 +10:00
Firstyear 6901a5a545
Orca - a load testing framework for Kanidm (#431) 2021-05-06 21:15:12 +10:00
Firstyear 644eb0b0d6
Add verification of name indexes (#433) 2021-05-06 21:12:02 +10:00
Firstyear 8da89613e3
Rough working login page (#417) 2021-04-24 10:53:19 +10:00
Firstyear 72dfe1b035
Idlset2, query cache, acp resolve cache (#409) 2021-04-14 09:56:40 +10:00
William Brown 0ac5da855f (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:22 +10:00
William Brown c95ce71fcb (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:22 +10:00
William Brown ce0f10cd95 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:22 +10:00
William Brown 6152b7ae14 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:21 +10:00
William Brown dc3588a2c2 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:21 +10:00
William Brown e8554073a3 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:21 +10:00
William Brown b3b48b6c43 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:20 +10:00
William Brown 3b6be9aaf2 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:20 +10:00
William Brown 9bf4b0f052 Release Prep 2021-04-01 10:29:09 +10:00
Firstyear 988944a085
Add auth session header type (#398) 2021-04-01 07:14:15 +10:00
Firstyear 6bc719cdb2
Base web UI (#391) 
Initial web ui (not-functional yet)
 2021-03-26 11:22:00 +10:00
William Brown e1cbd325a5 Update sshkeys to resolve ssh issue 2021-03-15 10:20:54 +10:00
Firstyear adb3f819ba
Add the unixd tasks daemon (#349) 
Fixes #180 - this adds an oddjobd style tasks daemon to the unix tools. This supports creation of home directories and the maintenance of alias symlinks to these allowing user renames. The tasks daemon is written to require root, but is seperate from the unixd daemon. Communication is via a root-only unix socket that the task daemon connects into to reduce the possibility of exploit.

Fixes #369 due to the changes to call_daemon_blocking
 2021-03-13 12:33:15 +10:00
Firstyear d2ca2c5bc9
Fix pattern to match substr from ldap (#372) 2021-03-12 10:11:12 +10:00
William Brown 483aa6f23d Update build 2021-02-17 18:49:03 +10:00
Firstyear c416bc19df
Automatically create .cache if it doesn't exist. (#355) 2021-02-11 22:32:31 +10:00
Firstyear d745b15768
Use jemallocator in main server (#353) 2021-02-10 15:08:22 +10:00
Firstyear 8006142c9e
202 totp cli enrollment (#348) 
Fixes #202 - This adds support for enrolling and removing totp on the cli, as well as a rebuilt work flow for login to allow dynamic prompting of what credetials are required.
 2021-02-08 13:31:31 +10:00
Firstyear f4e31f1bb9
Improve idl behaviour (#342) 2021-01-28 09:50:43 +10:00
Firstyear 3844aadf60
Tokio1.0 (#340) 
Upgrade dependencies, with the major highlight as the upgrade to tokio 1.0
 2021-01-10 13:41:56 +10:00
Firstyear faa4b74683
320 filter double verify (#339) 
Fixes #320, remove double verification of filters. In addition this replaces attr strings with smartstring to allow better inling due to their static and compact nature.
 2020-12-30 09:53:19 +10:00
William Brown b34c8935ea (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:17 +10:00
William Brown 3582199e70 (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:16 +10:00
William Brown eaff53bf40 (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:16 +10:00
William Brown 9e536e9202 (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:16 +10:00
William Brown 3dfd9a0a81 (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:16 +10:00
William Brown df441769ec (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:15 +10:00
William Brown abb6c8201b (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:15 +10:00
William Brown 41b739fe95 Update Dependencies 2020-12-28 09:45:44 +10:00
Firstyear 9dbb5ccb59
Unixd - NXCache of unknown items (#338) 
Previously we would only cache "hits" - items that kanidm is aware
of and did know about. However, this mean querying a raw uid/gid
number that was not known to files or kanidm would result in kanidm
doing an online check each request.

This adds a NXcache to cache misses, so they can be served as misses,
faster, and to reduce load on the main kanidm servers.

Fixes #336
 2020-12-28 09:41:16 +10:00
Firstyear ebdb57bbe7
WIP - Improve Auth Proto to Support Webauthn (#333) 
This is a rewrite of the "on the wire" json for auth. This is a breaking change required to allow webauthn to work given limitations within Webauthn as a standard and how mixed credentials are challenged for.
 2020-12-26 13:58:32 +10:00