kanidm

mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00

Author	SHA1	Message	Date
Merlijn	eddca4fc86	Feature object graph (#2518 ) * Refactor: move the object graph ui to admin web ui * Add dynamic js loading support Load viz.js dynamically * Add some js docs * chore: cleanup imports * chore: remove unused clipboard feature chore: remove unused mermaid.sh * Messing with the profile.release settings and reverting the changes I tried has now made the build much smaller yay :D * Refactor: user raw search requests Assert service-accounts properly * refactor: new v1 proto structure * Add self to CONTRIBUTORS.md --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>	2024-02-29 02:25:40 +00:00
Firstyear	fbc021f487	20240221 2489 cleanup api v1 (#2573 )	2024-02-27 09:25:02 +00:00
Firstyear	68d788a9f7	20240216 308 resource limits (#2559 ) This adds account policy based resource limits to control the maximum number of entries that an account may query	2024-02-21 00:15:43 +00:00
James Hodgkinson	84b2c4956d	Removing unused constant and updating docstring for LDAP bind address (#2556 )	2024-02-20 11:10:02 +10:00
James Hodgkinson	6b44495704	Ordering auth methods in the CLI (#2508 ) * rewriting ordering of authallowed enum * ordering the authstate in the CLI --------- Co-authored-by: William Brown <william@blackhats.net.au>	2024-02-15 12:31:01 +10:00
Firstyear	002ab13698	Add code_challenge_methods_supported to OIDC discovery (#2525 )	2024-02-15 09:17:08 +10:00
Firstyear	cdbaefe23d	Fix for incorrect domain migration rollbacks (#2482 )	2024-02-07 13:11:55 +10:00
Firstyear	9050188b29	Add tools for remigration and domain level raising (#2481 )	2024-02-06 10:01:06 +00:00
Firstyear	d42268269a	20240125 2217 client credentials grant (#2456 ) * Huge fix of a replication problem. * Update test * Increase min replication level * Client Credentials Grant implementation	2024-02-01 02:00:29 +00:00
Firstyear	b1e7cb13a5	Add rfc8414 metadata (#2434 )	2024-01-19 04:14:52 +00:00
Firstyear	8dc884f38e	2390 1980 allow native applications (#2428 )	2024-01-16 10:44:12 +10:00
Firstyear	3408816932	Add DN as a virtual ldap attr (#2379 )	2023-12-19 15:07:19 +10:00
James Hodgkinson	a4c44bc5f9	fixing default for oauth2 request_parameter_supported metadata (#2378 )	2023-12-19 11:56:47 +10:00
Firstyear	5c445a4704	20231218 ipa sync unix password (#2374 ) * Add support for importing the users password as unix password	2023-12-18 11:20:37 +10:00
Firstyear	854b696532	249 2024 managed by syntax (#2359 ) Allows hierarchial entry management rules.	2023-12-07 10:00:09 +00:00
Firstyear	76269f9de2	20231129 webauthn attestation (#2351 ) This adds full support for attestation of webauthn/passkeys.	2023-12-03 06:13:52 +00:00
Firstyear	31b939fca3	20231128 freeipa migration (#2338 ) * Add more weak password formats for freeipa * Verification of freeipa migration from older ipa versions	2023-11-29 10:43:15 +10:00
James Hodgkinson	916bb4ec04	Adding env var configs for the server (#2329 ) * env var config for server * I am my own clippy now * Man, that got complicated quick	2023-11-24 01:27:49 +00:00
Firstyear	bb8914c70d	20231120 2320 sssd compat (#2328 )	2023-11-22 10:18:03 +10:00
Firstyear	47bcea7708	20231109 1122 credential class (#2300 ) * Add CredentialType for acc pol * Reword ui hints * Finish account policy * Clean up artefacts	2023-11-11 09:26:44 +10:00
James Hodgkinson	12f1de8358	Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296 ) * updating lockfile * OpenAPI validation issues Fixes #2295 * clippy sez no * adding another validator, more specs	2023-11-07 11:35:17 +10:00
Firstyear	b7852d1d71	pw min length in account policy (#2289 )	2023-11-05 10:33:25 +10:00
Firstyear	9e5449a644	Minor improvements to incoming replication (#2279 )	2023-11-02 01:21:21 +00:00
James Hodgkinson	ef96ca6aa1	started writing docs and ended up in another rabbit hole (#2267 ) * started writing docs and ended up in another rabbit hole * updoots * dangit fedora	2023-10-31 19:15:35 +10:00
James Hodgkinson	3bfc347c53	CLI integration test beginnings (#2261 ) * more integration test things, using assert_cmd to test the CLI end-to-end * packagez * making clippy happy * making deno happy	2023-10-30 06:10:54 +00:00
William Brown	ecc46bb015	Add book chapter + cli	2023-10-28 13:07:06 +10:00
NavinShrinivas	b80a3b271c	Cargo fmt and clippy checks Signed-off-by: NavinShrinivas <karupal2002@gmail.com>	2023-10-28 13:07:06 +10:00
NavinShrinivas	12ea1c8702	Restrict posix passwords on ldap bind with config Signed-off-by: NavinShrinivas <karupal2002@gmail.com>	2023-10-28 13:07:06 +10:00
James Hodgkinson	e02328ae8b	Splitting the SPAs (#2219 ) * doing some work for enumerating how the accounts work together * fixing up build scripts and removing extra things * making JavaScript as_tag use the struct field names * making shared.js a module, removing wasmloader.js * don't compress compressed things	2023-10-27 06:03:58 +00:00
James Hodgkinson	7093149975	Auth flow docs (#2249 )	2023-10-24 04:00:37 +00:00
James Hodgkinson	6f3e932f7f	pykanidm test code (#2202 ) * Testing #1998 - validated response is JSON-parseable * disable network tests in pytest * fixing a type-handling thing in a test	2023-10-24 13:26:10 +10:00
Firstyear	afe9d28754	20231019 1122 account policy basics (#2245 ) --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>	2023-10-22 11:16:42 +00:00
Firstyear	6ff9082fd2	20231014 account policy (#2218 ) * Start to prep for unix+ssh keys in credupdate session	2023-10-19 01:40:06 +00:00
James Hodgkinson	f28d5cef22	OpenAPI/swagger docs autogen (#2175 ) * always be clippyin' * pulling oauth2 api things out into their own module * starting openapi generation	2023-10-14 12:39:14 +10:00
Firstyear	8bcf1935a5	20231012 346 name deny list (#2214 ) * Migrate to improved system config reload, cleanup acc pol * Denied names feature	2023-10-13 08:50:36 +10:00
James Hodgkinson	d9da1eeca0	Chasing yaks down dark alleyways (#2207 ) * adding some test coverage because there was some rando panic-inducing thing * ldap constants * documenting a macro * helpful weird errors * the war on strings continues * less json more better * testing things fixing bugs * idm_domain_reset_token_key wasn't working, added a test and fixed it (we weren't testing it) * idm_domain_set_ldap_basedn - adding tests * adding testing for idm_account_credential_update_cancel_mfareg * warning of deprecation	2023-10-11 15:44:29 +10:00
James Hodgkinson	0adc3e0dd9	Chasing wooly quadrapeds again (#2163 ) * I really like well-tended yaks * documenting yaks * spellink * less surprise more good * schema test fix * clippyisms	2023-10-05 12:30:46 +10:00
James Hodgkinson	e7f594a1c1	In-system image storage (#2112 ) * In-system image storage refers to #2057 * adding multipart feature to axum * thanks to @Firstyear for fixing my bufs * fixing coverage test things * clippy-calming * more tests, jpg acropalypse tests, benches * spelling * lockfile updates * linting	2023-10-04 17:24:12 +10:00
James Hodgkinson	c998a1eda5	bindaddress default doesn't match documentation (#2150 ) Fixes #2147	2023-09-26 09:38:07 +10:00
James Hodgkinson	d5ed335b52	Cinco de yakko (#2108 ) * there are always more yaks * see? ldap yaks. * fixing stupid radius container build thing	2023-09-16 12:11:06 +10:00
Firstyear	77da40d528	68 20230912 session consistency (#2110 ) This adds support for special-casing sessions in replication to allow them to internally trim and merge so that session revocations and creations are not lost between replicas.	2023-09-16 09:22:11 +10:00
Firstyear	b3aed1df34	68 20230908 replication attrunique (#2086 ) Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>	2023-09-12 08:50:51 +10:00
James Hodgkinson	d5d76d1a3c	Schema dooby doo part two (#2071 ) * scim strings! * mapmapmap * mapmapmap -comments and map * updating delete teest * fixing some tests	2023-09-05 16:58:42 +10:00
Samuel Cabrero	9dda8b1ad3	Authentication shortcut to get a RW session (#1993 ) * auth: Add a privileged flag to AuthStep::Init2 step to request a rw session The privileged flag is defined as Option<bool> for compatibility with existing clients.	2023-08-24 09:54:33 +10:00
Sebastiano Tocci	eb7527379b	Configurable session timeouts (#1965 ) * added `auth_session_expiry` and `auth_privilege_expiry` * Added `AcountPolicy` struct * spelling and stuff * added cli tools	2023-08-22 11:00:43 +10:00
James Hodgkinson	05b35df413	Less human strings more enums (#1989 ) * statics or enums you choose * acp rewrite, defined SchemaAcp as a test * macros and targetscopes and filters oh my	2023-08-21 17:16:43 +10:00
Sebastiano Tocci	003234c2d0	Identity verification feature (#1819 )	2023-08-16 21:02:48 +10:00
James Hodgkinson	83f189fed3	error handling and web server logging fixes (#1960 ) * Fixing the setup_dev_environment script * clippy calming * handle_internalunixusertokenread throwing 500's without context Fixes #1958	2023-08-14 20:47:49 +10:00
James Hodgkinson	cc79f7eba1	Are we JSON yet? Kinda. But we're closer. (#1967 )	2023-08-14 08:51:44 +10:00
Sebastiano Tocci	5d96412181	replaced `skip_serializing_if` with `skip_serializing_none` (#1932 ) * replaced `skip_serializing_if` with `skip_serializing_none`	2023-08-03 08:51:30 +10:00
Sebastiano Tocci	d50373e64b	fixed serialization of oauth2 token scope (#1930 )	2023-08-02 09:50:57 +10:00
Firstyear	cccc20ea42	20230731 release (#1921 ) * Cleanup how we check for last git commit to avoid an insecure dep * Resolve unmaintained or old deps * Fix ci	2023-07-31 22:27:21 +10:00
Firstyear	99b761c966	20230727 unix int modularity (#1907 )	2023-07-28 10:48:56 +10:00
Firstyear	60a1cdf9d8	Sync account import improvements (#1873 )	2023-07-18 08:49:22 +10:00
Firstyear	8e1e533f40	1792 public oauth clients (#1821 )	2023-07-07 18:53:31 +10:00
Firstyear	17fa61ceeb	Add client UX for redirecting to an external portal for synced accounts (#1791 )	2023-07-05 09:13:06 +10:00
James Hodgkinson	cc1cc691f3	Started chasing noise, found some code to delete... (#1768 ) logging changes: * Offering auth mechanisms -> debug * 404's aren't really warnings * double tombstone message, one goes to debug other changes: * CSP changes to allow the bootstrap images to load * more testing javascriptfile things, I R * it's nice to know where things are * putting non-rust web things in static/ instead of src/ * RequestCredentials::SameOrigin is the default, also adding a utility function to save dupe code. Wow this saved... kilobytes. * removing commented code, fixing up codespell config * clippyisms * wtf, gha * dee-gloo-ing some things * adding some ubuntu build test things * sigh rustwasm/wasm-pack/issues/1138 * more do_request things * packaging things * hilarious dev env setup script * updated script works, all the UI works, including the experimental UI for naughty crabs * deb package fixes * fixed some notes * setup experimental UI tweaks	2023-06-27 11:38:22 +10:00
Firstyear	a20dd3b113	Remove r2d2 - sad beep noises (#1766 )	2023-06-24 16:15:31 +10:00
Firstyear	d5670d0add	Ux improvements - Allow enrolling other devices (#1764 )	2023-06-24 12:24:13 +10:00
Firstyear	6513fae5e2	1737 1739 sync - map uidnumbers mail (#1741 )	2023-06-16 19:15:36 +10:00
Firstyear	0eaab19775	20230608 ldap sync (#1728 )	2023-06-13 14:26:50 +10:00
James Hodgkinson	fcab605320	Time travelling (#1648 ) * yeet the time package into the future (updating min time version to 0.3.21) * CI change to catch web ui builds in future, updating SCIM requirements * removing allow deprecated flag * making references to rfc3339 formatter shorter * clippyisms * fmt	2023-05-25 08:25:16 +10:00
Firstyear	48c620e43a	20230508 replication incremental (#1620 )	2023-05-23 13:25:22 +10:00
Firstyear	33f0034b80	20230424 clippppppppppppyyyyyyyy (#1574 ) * Resolve a lot of clips	2023-04-26 21:55:42 +10:00
Firstyear	155c93c931	20230330 oauth2 refresh tokens (#1502 )	2023-04-20 08:34:21 +10:00
Firstyear	4718f2dc6b	1115 priv (reauth, sudo) mode (#1479 )	2023-03-27 11:38:09 +10:00
dependabot[bot]	913a94cba4	chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418 ) * chore(deps): bump tokio from 1.25.0 to 1.26.0 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.25.0 to 1.26.0. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.25.0...tokio-1.26.0) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fixing doctest --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>	2023-03-02 16:58:52 +10:00
Firstyear	e33beea89d	1399 cleanup cli docs (#1413 ) * Cleanup cli args * Update book * Update wasm * making the CI happy --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>	2023-03-02 12:47:23 +10:00
Firstyear	00cca81012	1399 cleanup reorg (#1412 )	2023-03-01 13:10:52 +10:00

1 2 3

119 commits