mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-25 05:27:01 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity
1730 commits 15 branches 59 tags 246 MiB
Commit graph

10 commits

Author SHA1 Message Date
Firstyear 85022e5e8a
Fix handling of TPM in some trait contexts (#2347) 2023-12-03 05:33:25 +00:00
Firstyear 4b097d8fdc
Expose machine key in auth phase (#2340) 2023-11-29 14:59:16 +10:00
Firstyear 060cb729a7
Expose TPM in more interface places (#2334) 2023-11-27 14:35:59 +10:00
Firstyear 6dc8f1db3a
Resolve future send issue with keystore (#2311) 2023-11-20 12:46:52 +10:00
Firstyear 3bd2cc8a9f
20231101 add id cert to unixint (#2284) 2023-11-09 13:11:23 +10:00
David Mulder 8401c3e1c8
Implement DeviceAuthorizationGrant for MFA (#2079) 
Himmelblau will use the DeviceAuthorizationGrant
(defined in RFC8628) to perform MFA. This commit
adds the bits to Kanidm to make that possible,
using the new pam state machine code.

Signed-off-by: David Mulder <dmulder@samba.org>
 2023-09-13 07:33:46 +10:00
Firstyear da56738dea
pam multistep auth state machine (#2022) 
Himmelblau needs to maintain some data about the state of an authentication across the course of pam exchanges.

Signed-off-by: David Mulder <dmulder@samba.org>
Co-authored-by: David Mulder <dmulder@samba.org>
 2023-08-28 09:27:29 +10:00
Firstyear 87866c568b
1982 service account access (#1985) 
* Fix issue with incorrect filter class preventing service account delete
 2023-08-16 15:33:28 +10:00
David Mulder 498be4f08a
resolver: Himmelblau needs old token for refresh (#1962) 
Himmelblau needs access to the old token during
a refresh otherwise the GECOS is lost (AAD
responds with everything we need except GECOS).

Signed-off-by: David Mulder <dmulder@samba.org>
 2023-08-10 07:36:36 +10:00
Firstyear 99b761c966
20230727 unix int modularity (#1907) 2023-07-28 10:48:56 +10:00