mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
531 commits 17 branches 59 tags 246 MiB
Commit graph

531 commits

This branch
This branch
All branches
Author SHA1 Message Date
Firstyear a58edc5128
20220427 dependency updates (#718) 2022-04-27 13:35:26 +10:00
James Hodgkinson 0aa0163ced
Fixes 710 - limit github actions runs based on source (#717) 
* breaking workflows out, adding clippy
* adding dependency review
 2022-04-27 13:02:54 +10:00
Firstyear 9ade567a52
383 170 164 authentication updates 2 (#716) 
Add foundations for credential update sessions.
 2022-04-27 10:56:18 +10:00
dependabot[bot] 61d7000870
Bump paste from 1.0.6 to 1.0.7 (#705) 
Bumps [paste](https://github.com/dtolnay/paste) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/paste/releases)
- [Commits](https://github.com/dtolnay/paste/compare/1.0.6...1.0.7)

---
updated-dependencies:
- dependency-name: paste
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-25 09:51:58 +10:00
dependabot[bot] 6f604f1305
Bump pylint from 2.13.5 to 2.13.7 in /kanidm_rlm_python (#711) 
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.5 to 2.13.7.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.5...v2.13.7)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-25 09:18:48 +10:00
James Hodgkinson eb37e2f4ba
webUI "this is alpha" message (#675) 2022-04-17 09:56:43 +10:00
James Hodgkinson 9fa3de059d
adding issue templates and security policy docs (#676) 
* adding issue templates and security policy docs

* adding python dependency checking config
 2022-04-17 09:08:53 +10:00
Firstyear a1bb7baf7b
Resolve test failure with radius (#674) 2022-04-14 14:26:07 +10:00
Euan Kemp 9427d27141
Add a new ACP and group allowing self-service mail updates (#672) 
* Add a new ACP and group allowing self-service mail updates

This adds a new "idm_people_self_write_mail_priv" group which follows
the existing canned group+acp format closely.

This also adds a test for the functionality

See the discussion in #648 for a bit more background

* Limit the self-write ACP to targets with the "account" class

Per feedback on #672, it's better to limit these APIs specifically to
accounts.

* Fix up

Co-authored-by: Firstyear <william.brown@suse.com>
 2022-04-13 20:45:45 +10:00
cuberoot74088 d9016011f4
Add "oauth2 set_displayname" commad (#670) 
This allows to update the displayname on an existing resource server.
 2022-04-05 08:35:21 +10:00
Euan Kemp 4862b919de
Use pkg-config to link against pam (#665) 
* Use pkg-config to link against pam

Some distros, such as nixos, require more than just '-lpam' to locate
the library. Adding a naive pkg-config invocation to the pam FFI
crate allows pam_kanidm to build on my system, where before this change
it did not.

* Update contributors

Add myself, as requested
 2022-04-02 13:28:48 +10:00
Euan Kemp 0c3ce226cf
Add 'account person set' command (#667) 
* Add 'account person set' command

This command allows a user to modify, say, their legal name in a
self-service fashion.

This wasn't possible before by default since the 'extend' operation
required additional ACPs in order to operate which not every user would
have.

The new "person set" api is compatible with the default self_write ACP,
and so allows self-service modification.

* Add a short section on people attributes to the book
 2022-04-02 13:24:07 +10:00
Euan Kemp fb12a1a86b
Display errors when cli operations fail (#666) 
This fixes a regression, introduced in #659, in the CLI's default output.
Since 404 & 403 errors don't trigger any logs further down the stack,
they'd exit eerily silently with the default cli loglevel.
 2022-04-02 11:49:00 +10:00
James Hodgkinson 134235ef7f
Specifying MSRV in package now (#664) 
* specifying MSRV in package now
 2022-03-31 14:12:53 +10:00
Firstyear 5cb429904d
Improve description of how the suse pam files work (#663) 2022-03-30 10:34:56 +10:00
Firstyear 3f7c692a7c
Cleanup display output (#659) 2022-03-28 13:39:07 +10:00
Firstyear 5213ed4e01
Improve client diagnostics (#660) 2022-03-28 13:32:12 +10:00
Firstyear f3cc2c4c41
Update to concread 0.3 (#658) 2022-03-28 10:17:23 +10:00
James Hodgkinson a61ef91ac6
Fixes 654 - make DEVELOPER_README valid (#656) 
* updating dev readme and scripting

* fixing confusing debug message about config loading
 2022-03-28 08:36:25 +10:00
Firstyear a461564024
Update compact jwt (#651) 2022-03-17 11:29:38 +10:00
Firstyear bd41ef8f91
Add design doc, revive the domain wide enc token (#649) 
* Add design doc, revive the domain wide enc token, use jwt from our lib instead of bundy, update docs
 2022-03-14 17:29:04 +10:00
James Hodgkinson 58fb559262
Docs build cleanup for #646 (#647) 
* moving docs build to makefile
 2022-03-10 08:55:44 +10:00
Firstyear fa610c6d88
106 auth concurrency (#643) 2022-03-07 09:22:35 +10:00
Firstyear f252d91e13
20220219 webui updates + source refactor + clippy go clip clip (#642) 2022-02-20 12:43:38 +10:00
Firstyear 6e1ed9ea07
Update to concread, add hooks for cache quiescing (#641) 2022-02-16 09:20:37 +10:00
Firstyear 840024f006
Change how domain names are handled in our configuration. (#639) 2022-02-15 16:17:43 +10:00
William Brown 4c74fffede Fix relative path in oauth2 workflow 2022-02-09 15:28:43 +10:00
Firstyear a2bd54c4cb
Improve access controls for IDM admins to manage account radius secrets. (#638) 
Remove need for a bundler in wasm
 2022-02-09 12:57:38 +10:00
Firstyear a0ef768fc8
Correct issuer to match url of connected client (#635) 2022-01-27 12:19:03 +10:00
Firstyear 79e958ad37
Add initial design of device authenticator enrollment process (#633) 2022-01-15 12:30:20 +10:00
Firstyear 2a282f8a89
20220104 resolve yew render issues (#632) 2022-01-09 10:47:21 +10:00
William Brown c8468199fc (cargo-release) version 1.1.0-alpha.7 2021-12-31 09:27:57 +10:00
Firstyear d25e3b338a
Pre-release update and cleanup (#631) 2021-12-31 09:11:20 +10:00
Firstyear aa75a696ec
Improve autofocus to oauth2 (#630) 2021-12-29 11:36:56 +10:00
Firstyear c6c564cebb
Finalise email changes for oidc (#629) 2021-12-25 09:47:14 +10:00
Firstyear dc1dd11333
Temp use env filter (#628) 2021-12-21 11:56:23 +10:00
Firstyear 22682279aa
20211216 tracing cleanup (#627) 2021-12-17 13:54:13 +10:00
William Brown ba190d99f8 Art attribution 2021-12-17 10:44:51 +10:00
Firstyear 42df4bf1a3
Refactor of value and addition of base types for business attributes (#626) 2021-12-16 10:13:03 +10:00
William Brown 68072b0420 Add xmas logo 2021-12-15 13:56:23 +10:00
Firstyear 683e0ca8e3
Add rinstall file (#625) 2021-12-08 10:02:19 +10:00
James Hodgkinson 172c2e4825
Check before rename for #622 (#624) 2021-12-08 10:02:04 +10:00
James Hodgkinson 615ddee75f
adding notes about OIDCRemoteUserClaim to the oauth2 book chapter (#621) 2021-11-30 10:34:54 +10:00
James Hodgkinson b7837f3aae
add logging for oauth2 errors (#620) 2021-11-25 14:55:12 +10:00
Firstyear fad0dd86e0
Improve book and errors related to domain name and origin mismatch (#617) 2021-11-25 08:37:50 +10:00
Kerstin 492cb653e8
Make sure that effective domain actually is descendant of rp_id (#618) 2021-11-25 08:30:39 +10:00
Firstyear 0f4189a57e
278 603 OIDC implementation (#608) 2021-11-21 16:41:49 +10:00
William Brown 8397f1b3ae Resolve docs error 2021-10-26 13:12:46 +10:00
Firstyear 761bed0569
20211010 rfc7662 token introspect (#607) 2021-10-26 13:00:02 +10:00
James Hodgkinson 4ef064e4ed
updating docs re oidc (#606) 2021-10-22 08:34:24 +10:00