mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
470 commits 17 branches 59 tags 246 MiB
Commit graph

101 commits

Author SHA1 Message Date
William Brown c9f4b1dc2e (cargo-release) version 1.1.0-alpha.6 2021-10-01 11:44:25 +10:00
Firstyear 573e346476
Add support for storing security token key in domain config (#581) 2021-09-25 11:24:00 +10:00
Quinn a3c0b8ccfe
Customized tracing for tide::Middleware logging (#544) 2021-08-19 11:04:24 +10:00
Firstyear 3f27267ea4
508 token introspect (#565) 2021-08-18 09:41:04 +10:00
Firstyear 002e3d696b
Add stricter headers (#546) 2021-08-16 13:37:15 +10:00
James Hodgkinson c09ebccbda
adding useragent based on client version (#564) 2021-08-12 09:13:33 +10:00
Firstyear 87c6b45fbd
add tokio feature to async-std (#555) 2021-08-04 14:51:09 +10:00
James Hodgkinson 8737a7ad78
making 📎 slightly happier (#551) 2021-08-02 10:54:55 +10:00
Firstyear 1791f12adf
Oauth2 ui flows (#527) 2021-07-25 10:51:37 +10:00
Firstyear ea080feac8
Update webauthn-rs to alpha.9 (#532) 2021-07-24 14:58:38 +10:00
cuberoot74088 8306c3bc6a
Rename to SetCredentialRequest::BackupCodeGenerate (#524) 2021-07-22 12:04:56 +10:00
James Hodgkinson bea2ce76ba
Relates to comments in #528 - pops error now instead of debug message (#529) 2021-07-22 10:58:36 +10:00
cuberoot74088 620a1717a8
495 backup codes cli extension (#517) 2021-07-08 12:50:55 +10:00
William Brown 4be329e946 (cargo-release) version 1.1.0-alpha.5 2021-07-07 12:04:12 +10:00
Firstyear e134fa5b40
Fix totp registration workflow with broken authenticators (#516) 2021-07-03 14:39:22 +10:00
James Hodgkinson 554ff3bb1b
Fixing kanidm windows client build (#507) 2021-06-30 10:34:45 +10:00
Firstyear 1de1b2db3b
Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) 2021-06-29 14:23:39 +10:00
Firstyear 35d32bc5dd
Update webauthn-authenticator-rs to fix test failures (#493) 2021-06-26 11:47:21 +10:00
vcwai 9f5d8540fa
163 account recovery code (#469) 2021-06-25 12:39:05 +10:00
Quinn c2d74ced2b
Removed OperationResponse (#489) 2021-06-21 12:32:39 +10:00
cuberoot74088 f3554d80cf
Set default shell to bin/sh (#488) 2021-06-19 15:35:11 +10:00
Firstyear f5e2295319
20210607 orca ldap (#470) 2021-06-17 13:53:23 +10:00
Quinn 03d2fc841a
kanidm_client bool/return values (#479) 2021-06-17 12:59:34 +10:00
James Hodgkinson 6b696b1923
unixd will now bail if startup tests fail (#476) 2021-06-15 11:54:04 +10:00
Firstyear ea34dc08a9
Add email syntax (#465) 
Part one of #461 - this adds the syntax to support email addresses and validation of their content, and a method to serialise to the DB that can be extended with attribute tagging in the future. Part two will address administration of these values.
 2021-06-12 10:01:44 +10:00
Firstyear 807af81184
64 120 session claims (#462) 2021-06-02 09:30:37 +10:00
James Hodgkinson 35c1de4c45
Calming clippy's nerves, Friday edition (#448) 
* whoa clippy you are very helpful
 2021-05-21 16:35:09 +10:00
James Hodgkinson 1f98018513
444 - client's config URI missing and more file open handling (#446) 2021-05-21 15:19:36 +10:00
Firstyear 78f780910e
Fix proxy usage in tests (#443) 2021-05-20 07:58:11 +10:00
James Hodgkinson 1229669785
adding env vars, making clippy happier, cleaning up some error messages (#438) 2021-05-09 22:06:58 +10:00
Firstyear 6901a5a545
Orca - a load testing framework for Kanidm (#431) 2021-05-06 21:15:12 +10:00
James Hodgkinson e6f34d5dc5
Adding a new verb group remove_members (#434) 
Co-authored-by: William Brown <william@blackhats.net.au>
 2021-05-06 20:47:28 +10:00
James Hodgkinson 77381c1a2a
User feedback improvements, also handling a permissions issue (#424) 2021-04-26 11:52:13 +10:00
James Hodgkinson de431451f4
Making clippy happy (#420) 2021-04-25 11:35:56 +10:00
Firstyear 8da89613e3
Rough working login page (#417) 2021-04-24 10:53:19 +10:00
James Hodgkinson f97a3bf596
Make clippy happy (#415) 2021-04-19 10:20:24 +10:00
James Hodgkinson 495113e607
merging upstream (#411) 2021-04-15 08:54:28 +10:00
James Hodgkinson f466e2a521
Docs update (#400) 
* I couldn't help it - minor spelling fixes
 2021-04-06 10:08:36 +10:00
William Brown dc3588a2c2 (cargo-release) version 1.1.0-alpha.4 2021-04-01 10:29:21 +10:00
Firstyear 988944a085
Add auth session header type (#398) 2021-04-01 07:14:15 +10:00
Firstyear 6bc719cdb2
Base web UI (#391) 
Initial web ui (not-functional yet)
 2021-03-26 11:22:00 +10:00
Firstyear adb3f819ba
Add the unixd tasks daemon (#349) 
Fixes #180 - this adds an oddjobd style tasks daemon to the unix tools. This supports creation of home directories and the maintenance of alias symlinks to these allowing user renames. The tasks daemon is written to require root, but is seperate from the unixd daemon. Communication is via a root-only unix socket that the task daemon connects into to reduce the possibility of exploit.

Fixes #369 due to the changes to call_daemon_blocking
 2021-03-13 12:33:15 +10:00
Firstyear ff61c37ae3
Add credential display command (#370) 
Fixes #364 - this adds a credential display command to the cli, and the api so it can be used later.
 2021-03-11 11:17:13 +10:00
Firstyear 3137e3d682
Complete MFA and Webauthn handlers (#360) 
Fixes #357 - this allows the password MFA handler to correct handle a mixed totp or webauthn credential with passwords. This is likely the "majority" of accounts we will see on the service.
 2021-02-20 12:41:22 +10:00
Firstyear a3d7401d03
Add clean ups based on review feedback (#351) 
* Add clean ups based on charcols suggestions
 2021-02-09 10:25:02 +10:00
Firstyear 8006142c9e
202 totp cli enrollment (#348) 
Fixes #202 - This adds support for enrolling and removing totp on the cli, as well as a rebuilt work flow for login to allow dynamic prompting of what credetials are required.
 2021-02-08 13:31:31 +10:00
Firstyear 3844aadf60
Tokio1.0 (#340) 
Upgrade dependencies, with the major highlight as the upgrade to tokio 1.0
 2021-01-10 13:41:56 +10:00
William Brown 3dfd9a0a81 (cargo-release) version 1.1.0-alpha.3 2020-12-28 09:51:16 +10:00
Firstyear 9dbb5ccb59
Unixd - NXCache of unknown items (#338) 
Previously we would only cache "hits" - items that kanidm is aware
of and did know about. However, this mean querying a raw uid/gid
number that was not known to files or kanidm would result in kanidm
doing an online check each request.

This adds a NXcache to cache misses, so they can be served as misses,
faster, and to reduce load on the main kanidm servers.

Fixes #336
 2020-12-28 09:41:16 +10:00
Firstyear ebdb57bbe7
WIP - Improve Auth Proto to Support Webauthn (#333) 
This is a rewrite of the "on the wire" json for auth. This is a breaking change required to allow webauthn to work given limitations within Webauthn as a standard and how mixed credentials are challenged for.
 2020-12-26 13:58:32 +10:00