mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
1601 commits 17 branches 59 tags 246 MiB
Commit graph

144 commits

Author SHA1 Message Date
Firstyear cb985a2fd0
fix credential update intent defaults (#2162) 2023-09-30 20:06:44 +10:00
Firstyear 3e345174b6
68 20230919 replication configuration (#2131) 2023-09-29 12:02:13 +10:00
James Hodgkinson c7a269575c
Enforce TLS key size minimums (#2145) 
* Enforce TLS key size minimums - Fixes #2144
* at some point clippy got mad
 2023-09-26 09:59:00 +10:00
James Hodgkinson c998a1eda5
bindaddress default doesn't match documentation (#2150) 
Fixes #2147
 2023-09-26 09:38:07 +10:00
James Hodgkinson d5ed335b52
Cinco de yakko (#2108) 
* there are always more yaks
* see? ldap yaks.
* fixing stupid radius container build thing
 2023-09-16 12:11:06 +10:00
Firstyear 77da40d528
68 20230912 session consistency (#2110) 
This adds support for special-casing sessions in replication to allow them to internally trim and merge so that session revocations and creations are not lost between replicas.
 2023-09-16 09:22:11 +10:00
James Hodgkinson 383592d921
Schema dooby doo ... yon (#2103) 
Refers #1987

Notable changes:

- in server/lib/src/entry.rs - aiming to pass the enum instead of the strings
    - changed signature of add_ava to take Attribute instead of &str (which is used in the entry_init macro... which was fun)
    - set_ava<T> now takes Attribute
- added TryFrom<&AttrString> for Attribute
 2023-09-12 11:47:24 +10:00
Firstyear b3aed1df34
68 20230908 replication attrunique (#2086) 
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2023-09-12 08:50:51 +10:00
James Hodgkinson d3d80e7364
Schema-dooby-doo-part-trois (#2082) 
* adding extra_attributes field to BuiltinGroup, migrating more things.
* checkpoint 3 - ACP, easy as 1,2,3
* codespell
* now throwing error on dyngroup with defined members
 2023-09-09 09:38:47 +10:00
James Hodgkinson 4b7563adc8
CLI and test things (#2080) 
* testing things actually run is handy
* adding build mode to scripts
* uh, so I started messing with handling exit codes...
 2023-09-09 09:35:59 +10:00
Firstyear 61c59d5a5a
68 20230907 replication (#2081) 
* Test replication when nodes are valid beyond cl trim
 2023-09-08 08:59:06 +10:00
James Hodgkinson 2f312e6b2d
Removing default features from git2 package (#2078) 
* don't need ssh or https in git2 - saves 50.69s

* codespell
 2023-09-06 08:25:29 +10:00
Firstyear d1fe7b9127
68 20230829 replication referential integrity (#2048) 
* Member of works!
* Hooray, refint over replication works.
 2023-09-05 21:30:51 +10:00
James Hodgkinson d5d76d1a3c
Schema dooby doo part two (#2071) 
* scim strings!
* mapmapmap
* mapmapmap -comments and map
* updating delete teest
* fixing some tests
 2023-09-05 16:58:42 +10:00
Firstyear 538429838d
When an empty body was returned, do request would error incorrectly (#2074) 2023-09-05 14:14:00 +10:00
James Hodgkinson 1d88cede1b
Yak hassling (#2059) 
* trying this query thing again
* if error show error not panic
* clippyism
* moving dependencies around and fixing log messages for healthcheck
* cleaning up some comment mess
* fixing the "debug thing breaks packaging" issue and test failures
 2023-09-05 11:50:51 +10:00
dependabot[bot] 07c9a9078e
chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064) 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.4.3 to 0.4.4.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.4.3...tower-http-0.4.4)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-03 21:04:53 +00:00
Sebastiano Tocci f2e9c8a16e
Add tests for X-Forwarded-For header (kinda) (#1957) 
* Add tests for X-Forwarded-For header (kinda)
* testing for invalid header format
* added debug endpoint and got tests working
* various fixing here and there
 2023-08-31 09:31:16 +08:00
Firstyear 5bd69b81b8
Clear cache before verify on some low-level tests (#2044) 2023-08-29 12:26:29 +10:00
Firstyear 0f977d33b9
68 20230828 replication of schema (#2045) 2023-08-29 12:20:27 +10:00
Firstyear da56738dea
pam multistep auth state machine (#2022) 
Himmelblau needs to maintain some data about the state of an authentication across the course of pam exchanges.

Signed-off-by: David Mulder <dmulder@samba.org>
Co-authored-by: David Mulder <dmulder@samba.org>
 2023-08-28 09:27:29 +10:00
Samuel Cabrero 9dda8b1ad3
Authentication shortcut to get a RW session (#1993) 
* auth: Add a privileged flag to AuthStep::Init2 step to request a rw session

The privileged flag is defined as Option<bool> for compatibility with
existing clients.
 2023-08-24 09:54:33 +10:00
Sebastiano Tocci 47e953bfd2
wopsies, missing imports (#2023) 
* wopsies, missing imports
* more clippy and fmt
* adding test build for kanidm with idv-tui feature
* making codespell happy

---------

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2023-08-23 22:40:25 +10:00
Sebastiano Tocci 70b19f0630
idv cli (#2001) 2023-08-23 20:51:24 +10:00
James Hodgkinson def4420c4c
pykanidm updoots (#2019) 
* fixing some derpitude in headers and auth, adding tests
* dox fox
* cleaning up typing
 2023-08-23 13:55:08 +10:00
Firstyear 2355dbfead
68 20230821 replication (#2020) 
* Resolve spn incremental replication
 2023-08-23 11:17:13 +10:00
Sebastiano Tocci eb7527379b
Configurable session timeouts (#1965) 
* added `auth_session_expiry` and `auth_privilege_expiry`
* Added `AcountPolicy` struct
* spelling and stuff
* added cli tools
 2023-08-22 11:00:43 +10:00
James Hodgkinson 05b35df413
Less human strings more enums (#1989) 
* statics or enums you choose
* acp rewrite, defined SchemaAcp as a test
* macros and targetscopes and filters oh my
 2023-08-21 17:16:43 +10:00
dependabot[bot] 75263c6214
chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011) 
Bumps [gloo-timers](https://github.com/rustwasm/gloo) from 0.2.6 to 0.3.0.
- [Release notes](https://github.com/rustwasm/gloo/releases)
- [Changelog](https://github.com/rustwasm/gloo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/gloo/compare/gloo-timers-v0.2.6...0.3.0)

---
updated-dependencies:
- dependency-name: gloo-timers
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-20 23:40:42 +00:00
James Hodgkinson 01cdeedc72
reordering layers so the web server works in non-debug-mode (#1999) 2023-08-19 11:00:53 +10:00
Firstyear f6001504a9
20230817 idv migration (#1992) 
* Must attr
* Post merge cleanup of idv
 2023-08-18 20:29:00 +10:00
Samuel Cabrero 17741c4929
daemon: kanidmd version requires a config file to run (#1959) (#1990) 
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
 2023-08-17 17:02:24 +10:00
Firstyear bc341af9d8
Resolve issues with dyngroup members (#1986) 2023-08-17 15:52:12 +10:00
Firstyear 0183ae6c71
Revert "sqlite where IN for id entry (#1988)" (#1991) 
This reverts commit 46f9a36a1c.
 2023-08-17 13:47:11 +10:00
James Hodgkinson 46f9a36a1c
sqlite where IN for id entry (#1988) 
Fixes #258
 2023-08-17 13:32:41 +10:00
Sebastiano Tocci 003234c2d0
Identity verification feature (#1819) 2023-08-16 21:02:48 +10:00
Firstyear 87866c568b
1982 service account access (#1985) 
* Fix issue with incorrect filter class preventing service account delete
 2023-08-16 15:33:28 +10:00
James Hodgkinson 9a6168b67d
Fixing test release (#1983) 
* Fixing cargo test --release

* more tracing less dbg
 2023-08-15 15:42:15 +10:00
James Hodgkinson 83f189fed3
error handling and web server logging fixes (#1960) 
* Fixing the setup_dev_environment script
* clippy calming
* handle_internalunixusertokenread throwing 500's without context
Fixes #1958
 2023-08-14 20:47:49 +10:00
James Hodgkinson aba9f6a724
Struct-ifying schema things (#1971) 
* structifying things
 2023-08-14 19:39:49 +10:00
James Hodgkinson 9246293922
Fighting with zypper, tagging our images (#1964) 
* fighting weird build issues

* labels are better outside

* ugh that stupid linter

* why do you always lint on me

* neat

* adding comments
 2023-08-14 10:06:53 +10:00
James Hodgkinson cc79f7eba1
Are we JSON yet? Kinda. But we're closer. (#1967) 2023-08-14 08:51:44 +10:00
J. B. Crawford 054b580fe6
Allow one-character usernames (#1941) 2023-08-10 08:09:18 +10:00
Sebastiano Tocci c742497866
providing server configuration in the testkit::test macro (#1953) 2023-08-08 20:01:18 +10:00
Sebastiano Tocci 5d96412181
replaced skip_serializing_if with skip_serializing_none (#1932) 
* replaced `skip_serializing_if` with `skip_serializing_none`
 2023-08-03 08:51:30 +10:00
Sebastiano Tocci d50373e64b
fixed serialization of oauth2 token scope (#1930) 2023-08-02 09:50:57 +10:00
Sebastiano Tocci de45732322
added compression layer for the pkg route (#1928) 2023-08-02 08:10:46 +10:00
Firstyear bf3e16cbd3
Resolve issue with publishing (#1925) 
* Resolve issue with publishing

* Fix version
 2023-08-01 17:25:32 +10:00
Firstyear 0fe5ff0f87
Set dev version (#1924) 2023-08-01 15:23:07 +10:00
Firstyear 689c7c74f6
Release 1.1.0-beta.13 (#1922) 2023-08-01 15:12:35 +10:00