mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
2261 commits 17 branches 59 tags 246 MiB
Commit graph

168 commits

Author SHA1 Message Date
James Hodgkinson c89f0c011e
20250209 pre release (#3409) 
* fix: removing unused dependencies (assert_cmd, gethostname)
* chore: Release Notes
 2025-02-09 10:06:01 +00:00
Firstyear 1f5ce2617d
Resolve kanidm-unix auth-test bug (#3405) 
* Resolve kanidm-unix auth-test bug

When reworking the unix daemon, we missed changing the auth-test
tool to handle the new challenge-response flow correctly which
would cause the session to disconnect.

* Cleanup
 2025-02-09 02:49:54 +00:00
Firstyear ad3cf8828f
20250205 3369 firefox pin (#3403) 
Improve error message when passkey is missing PIN

Firefox still doesn't support setting a PIN on new devices. Because
of this we need a way to return a better error message for devices
that don't have UV configured.
 2025-02-06 00:33:59 +00:00
James 4938c6796b
Add handle_group_error to cli client (#3399) 
Closes #2616
 2025-02-05 02:52:20 +00:00
Andris Raugulis d4c5a6f4a9
OpenBSD support (#3381) 
* Implement OpenBSD support.
 2025-02-03 22:39:50 +00:00
dependabot[bot] ed76bdbfb1
Bump the all group with 22 updates (#3376) 
* Bump the all group with 22 updates

Bumps the all group with 22 updates:

| Package | From | To |
| --- | --- | --- |
| [async-trait](https://github.com/dtolnay/async-trait) | `0.1.83` | `0.1.85` |
| [bitflags](https://github.com/bitflags/bitflags) | `2.6.0` | `2.8.0` |
| [clap](https://github.com/clap-rs/clap) | `4.5.23` | `4.5.27` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.40` | `4.5.42` |
| [lodepng](https://github.com/kornelski/lodepng-rust) | `3.10.7` | `3.11.0` |
| [openssl](https://github.com/sfackler/rust-openssl) | `0.10.68` | `0.10.69` |
| [proc-macro2](https://github.com/dtolnay/proc-macro2) | `1.0.92` | `1.0.93` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.11` | `0.12.12` |
| [rustls](https://github.com/rustls/rustls) | `0.23.20` | `0.23.21` |
| [sd-notify](https://github.com/lnicola/sd-notify) | `0.4.4` | `0.4.5` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.134` | `1.0.137` |
| [syn](https://github.com/dtolnay/syn) | `2.0.93` | `2.0.96` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.14.0` | `3.15.0` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.42.0` | `1.43.0` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.11.0` | `1.12.1` |
| [oauth2](https://github.com/ramosbugs/oauth2-rs) | `4.4.2` | `5.0.0` |
| [cc](https://github.com/rust-lang/cc-rs) | `1.2.6` | `1.2.10` |
| [axum-extra](https://github.com/tokio-rs/axum) | `0.9.6` | `0.10.0` |
| [axum-macros](https://github.com/tokio-rs/axum) | `0.4.2` | `0.5.0` |
| [fantoccini](https://github.com/jonhoo/fantoccini) | `0.21.3` | `0.21.4` |
| [petgraph](https://github.com/petgraph/petgraph) | `0.6.5` | `0.7.1` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.28.0` | `0.28.3` |


Updates `async-trait` from 0.1.83 to 0.1.85
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/compare/0.1.83...0.1.85)

Updates `bitflags` from 2.6.0 to 2.8.0
- [Release notes](https://github.com/bitflags/bitflags/releases)
- [Changelog](https://github.com/bitflags/bitflags/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bitflags/bitflags/compare/2.6.0...2.8.0)

Updates `clap` from 4.5.23 to 4.5.27
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.23...clap_complete-v4.5.27)

Updates `clap_complete` from 4.5.40 to 4.5.42
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.40...clap_complete-v4.5.42)

Updates `lodepng` from 3.10.7 to 3.11.0
- [Commits](https://github.com/kornelski/lodepng-rust/compare/v3.10.7...v3.11.0)

Updates `openssl` from 0.10.68 to 0.10.69
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.68...openssl-v0.10.69)

Updates `proc-macro2` from 1.0.92 to 1.0.93
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.92...1.0.93)

Updates `reqwest` from 0.12.11 to 0.12.12
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.11...v0.12.12)

Updates `rustls` from 0.23.20 to 0.23.21
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.20...v/0.23.21)

Updates `sd-notify` from 0.4.4 to 0.4.5
- [Changelog](https://github.com/lnicola/sd-notify/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lnicola/sd-notify/compare/v0.4.4...v0.4.5)

Updates `serde_json` from 1.0.134 to 1.0.137
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.134...v1.0.137)

Updates `syn` from 2.0.93 to 2.0.96
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.93...2.0.96)

Updates `tempfile` from 3.14.0 to 3.15.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stebalien/tempfile/compare/v3.14.0...v3.15.0)

Updates `tokio` from 1.42.0 to 1.43.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.42.0...tokio-1.43.0)

Updates `uuid` from 1.11.0 to 1.12.1
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.11.0...1.12.1)

Updates `oauth2` from 4.4.2 to 5.0.0
- [Release notes](https://github.com/ramosbugs/oauth2-rs/releases)
- [Upgrade guide](https://github.com/ramosbugs/oauth2-rs/blob/main/UPGRADE.md)
- [Commits](https://github.com/ramosbugs/oauth2-rs/compare/4.4.2...5.0.0)

Updates `cc` from 1.2.6 to 1.2.10
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.2.6...cc-v1.2.10)

Updates `axum-extra` from 0.9.6 to 0.10.0
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.9.6...axum-extra-v0.10.0)

Updates `axum-macros` from 0.4.2 to 0.5.0
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-macros-v0.4.2...axum-macros-v0.5.0)

Updates `fantoccini` from 0.21.3 to 0.21.4
- [Commits](https://github.com/jonhoo/fantoccini/compare/v0.21.3...v0.21.4)

Updates `petgraph` from 0.6.5 to 0.7.1
- [Changelog](https://github.com/petgraph/petgraph/blob/master/RELEASES.rst)
- [Commits](https://github.com/petgraph/petgraph/compare/petgraph@v0.6.5...petgraph@v0.7.1)

Updates `jsonschema` from 0.28.0 to 0.28.3
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema/compare/rust-v0.28.0...rust-v0.28.3)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: bitflags
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: lodepng
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: openssl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: proc-macro2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sd-notify
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: oauth2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: cc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: axum-macros
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: fantoccini
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: petgraph
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* ok the otel stuff works now

* linting fixes

* fix: less parse more from_str, adding a todo

* fix: removing a TODO

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2025-01-29 13:57:38 +10:00
Firstyear b3be758b74
20250114 3325 SCIM access control (#3359) 
Add an extended query operation to return effective access controls so that UI's can dynamically display what is or is not editable on an entry.
 2025-01-20 11:28:22 +00:00
dependabot[bot] 227853f8cd
Bump the all group with 6 updates (#3324) 
Bumps the all group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [quote](https://github.com/dtolnay/quote) | `1.0.37` | `1.0.38` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.9` | `0.12.11` |
| [serde](https://github.com/serde-rs/serde) | `1.0.216` | `1.0.217` |
| [serde_with](https://github.com/jonasbb/serde_with) | `3.11.0` | `3.12.0` |
| [syn](https://github.com/dtolnay/syn) | `2.0.91` | `2.0.93` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.26.2` | `0.28.0` |


Updates `quote` from 1.0.37 to 1.0.38
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](https://github.com/dtolnay/quote/compare/1.0.37...1.0.38)

Updates `reqwest` from 0.12.9 to 0.12.11
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.9...v0.12.11)

Updates `serde` from 1.0.216 to 1.0.217
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.216...v1.0.217)

Updates `serde_with` from 3.11.0 to 3.12.0
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.11.0...v3.12.0)

Updates `syn` from 2.0.91 to 2.0.93
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.91...2.0.93)

Updates `jsonschema` from 0.26.2 to 0.28.0
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema/compare/rust-v0.26.2...rust-v0.28.0)

---
updated-dependencies:
- dependency-name: quote
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-29 22:46:26 +00:00
Firstyear bbefb0b1b1
Update to latest webauthn-rs/time (#3315) 
This updates to the latest webauthn-rs release. When
updating, an issue with time was found that changes
the behaviour of it's parser for rfc3339. This also
updates our tests to accomodate that change.

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-12-21 06:45:06 +00:00
Firstyear 9f499f3913
Further SCIM sync testing, minor fixes (#3305) 
This adds further testing of SCIM sync, especially around
conversion of the SCIM Sync Person and Group types into
SCIM Entry. This test would have prevented #3298 and
 #3299 from occuring.

During testing two more fixes were found. external_id should have
been required (not optional) and a group with no members would
cause a serialisation issue.
 2024-12-20 07:16:07 +00:00
Be 2174b9b251
client: read attestation CA list JSON from file (#3232) 
instead of passing a giant blob of JSON as a command argument.
Before, it was not possible to allow all valid authenticators
certified by the FIDO Alliance because

fido-mds-list query -o "status gte valid"

outputs a JSON string longer than Linux allows for command
arguments.

Co-authored-by: Firstyear <william@blackhats.net.au>
 2024-12-20 03:02:02 +00:00
Firstyear 50a7d9d700
Allow opt-in of easter eggs (#3308) 
So that we can start to add some more easter eggs to the server,
we also need to respect user preferences that may not want them.

This adds a configuration setting to the domain allowing a release
build to opt-in to easter eggs, and development builds to opt-out
of them.
 2024-12-19 03:30:35 +00:00
Firstyear 1fbbf323fa
Allow reseting account policy values to defaults (#3306) 
* Allow reseting account policy values to defaults

This allows the admin cli to reset account policy values to
defaults by clearing them. Due to how account policy resolves
a lack of value implies the default.
 2024-12-18 17:43:56 +10:00
Firstyear 0b2f349aec
SCIM Sync Missing Annotation (#3300) 
A missing serde annotion in SCIM Sync caused groups to fail to
sync unless they had a description. This resolves the failure
by adding the correct annotation to skip None fields in groups.
 2024-12-17 14:18:30 +10:00
Firstyear a8d149db16
remove unused webauthn features. (#3286) 
While improving the webauthn feature handling yesterday I accidentally left mozilla enabled on linux which doesn't need it and u2fhid on macos.

In the future the plan is to swap fully to u2fhid, but in the mean time we need mozilla for freebsd support. That's something I'll need to work on later with @micolous.
 2024-12-12 22:19:10 -05:00
Firstyear 60cc830ebd
Cleanup webauthn features (#3285) 2024-12-12 06:56:12 -05:00
James Hodgkinson 0054fe17fe
Yaleman/issue3229 (#3239) 
* Fix wrong success message on kanidm group set-entry-manager #3229
 2024-11-25 09:38:46 +10:00
Firstyear bd53c88229
Update to latest fido-mds-tool (#3230) 2024-11-22 06:57:39 +00:00
George Wu ed38e92448
Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212) 
* Change CLI domain command from set-display-name to set-displayname for consistency.

* Also fix CLI.
 2024-11-19 04:28:07 +00:00
dependabot[bot] 9c49c831c1
Bump the all group across 1 directory with 13 updates (#3202) 
Bumps the all group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.91` | `1.0.93` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.35` | `4.5.37` |
| [csv](https://github.com/BurntSushi/rust-csv) | `1.3.0` | `1.3.1` |
| [hyper-util](https://github.com/hyperium/hyper-util) | `0.1.9` | `0.1.10` |
| [libc](https://github.com/rust-lang/libc) | `0.2.161` | `0.2.162` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.8` | `0.12.9` |
| [rustls](https://github.com/rustls/rustls) | `0.23.15` | `0.23.16` |
| [serde](https://github.com/serde-rs/serde) | `1.0.213` | `1.0.214` |
| [syn](https://github.com/dtolnay/syn) | `2.0.85` | `2.0.87` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.13.0` | `3.14.0` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.41.0` | `1.41.1` |
| [escargot](https://github.com/crate-ci/escargot) | `0.5.12` | `0.5.13` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.26.0` | `0.26.1` |



Updates `anyhow` from 1.0.91 to 1.0.93
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.91...1.0.93)

Updates `clap_complete` from 4.5.35 to 4.5.37
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.35...clap_complete-v4.5.37)

Updates `csv` from 1.3.0 to 1.3.1
- [Commits](https://github.com/BurntSushi/rust-csv/compare/1.3.0...1.3.1)

Updates `hyper-util` from 0.1.9 to 0.1.10
- [Release notes](https://github.com/hyperium/hyper-util/releases)
- [Changelog](https://github.com/hyperium/hyper-util/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper-util/compare/v0.1.9...v0.1.10)

Updates `libc` from 0.2.161 to 0.2.162
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.162/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.161...0.2.162)

Updates `reqwest` from 0.12.8 to 0.12.9
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9)

Updates `rustls` from 0.23.15 to 0.23.16
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.15...v/0.23.16)

Updates `serde` from 1.0.213 to 1.0.214
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.213...v1.0.214)

Updates `syn` from 2.0.85 to 2.0.87
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.85...2.0.87)

Updates `tempfile` from 3.13.0 to 3.14.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stebalien/tempfile/compare/v3.13.0...v3.14.0)

Updates `tokio` from 1.41.0 to 1.41.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.41.0...tokio-1.41.1)

Updates `escargot` from 0.5.12 to 0.5.13
- [Changelog](https://github.com/crate-ci/escargot/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/escargot/compare/v0.5.12...v0.5.13)

Updates `jsonschema` from 0.26.0 to 0.26.1
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema/compare/rust-v0.26.0...rust-v0.26.1)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: csv
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: hyper-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: escargot
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-12 20:01:35 +09:00
CEbbinghaus 1b58e4169a
chore: Made oauth2 scopes required in CLI (#3165) 2024-11-01 01:59:27 +00:00
George Wu d2c329f330
Change to text input and use numeric mode for TOTP prompts. (#3154) 
* Change to text input and use inputmode numeric for TOTP prompts.

* Fix some typos.
 2024-10-27 23:57:28 +00:00
Firstyear 2e6d940691
Remove WASM (#3148) 
liberal party took over, more cuts
 2024-10-26 17:19:13 +10:00
James Hodgkinson 151a9ad90f
ripping out some extra packages (#3146) 2024-10-26 02:27:56 +00:00
James Hodgkinson 5a709520dc
OAuth2 Device flow foundations (#3098) 2024-10-26 12:08:48 +10:00
Firstyear 5a3e5f1e07
20241017 3107 token ttl (#3114) 2024-10-18 03:28:52 +00:00
Firstyear 2075125439
Working scim entry get for person (#3088) 2024-10-15 04:29:45 +00:00
Jinna Kiisuo 03645c8bf2
Improve deb packaging, add aarch64 (#3083) 
* feat: Rebuild the deb packaging flow
fix: Add more sudo, GHA likes sudo
fix: Give build_debs.sh only the triplet argument
fix: Work around more GHA weirdness in apt sources
Drop crossbuild as it was only used by debian packaging
docs: Update book and other docs for packaging flow
feat: package kanidm_tools aka kanidm cli
docs: Update packaging docs for latest process and clarity
fix: use full triple in sdynlib variants
fix: Correct kanidm.pam asset placement
fix: Give pam & nss modules a description so the debs get it
fix: Work around wonky libssl3 naming in Ubuntu 24.04
fix: Place kanidm bin correctly :3
feat: Pin all blame on @yaleman :3
WIP: Swap out the submodule reference. Still not the final one though.
refactor: Switch kanidm-pam & kanidm-nss to mandatory deps
While in theory unixd will start and run without them, it also won't do
anything useful.
fix: explicit depends for nss & pam libs without versions
We build the debs on the ubuntu24.04 GHA runner so automatic pins
versions that are too new for 22.04. Ideally we'd run cargo-deb also on
the target images but that'll have to be a future improvement.
* refactor: Switch nss_kanidm & pam_kanidm package naming closer to debian guidance
* feat: Attempt enabling unixd by default with secure defaults
* fix: Relax config permissions so the kanidm user can read
Also, update postinst config instructions
 2024-10-15 02:27:48 +00:00
Firstyear 131ff80b32
20240921 ssh keys and unix password in credential update session (#3056) 2024-10-03 05:57:18 +00:00
Firstyear 44b93804e6
Don't reprompt for login when no session exists in cli (#3082) 
* Fix handling when session is already removed so that we don't re-prompt for login.
* Remove async recursion
 2024-10-03 01:08:47 +00:00
CEbbinghaus dc4a438c31
Feat: Adding POSIX Password fallback (#3067) 
* Added Schema for credential fallback
* Added account polcity management to ac migration
* Refactored Ldap & Unix auth to be common
* removed unused methods and renamed unused fields
* Fixed LDAP missing Anonymous logic
* Added CLI argument for configuring primary cred fallback
 2024-10-02 19:28:36 +10:00
Firstyear bdeb1a6234
Improve pipe handling on linux (#3069) 2024-09-29 09:36:20 +10:00
James Hodgkinson 004e263f90
CLI image error nicening (#3037) 
* fix(scim_proto): fixing an issue with building due to dependencies
* feat(cli): more error message detail when things go wrong with images on the CLI
 2024-09-17 04:07:43 +00:00
Firstyear 95fc6fc5bf
20240828 Support Larger Images, Allow Custom Domain Icons (#3016) 
Allow setting custom domain icons.
 2024-09-05 04:19:27 +00:00
James Hodgkinson db26979a98
fix(kanidm): don't allow empty string fields on CLI (#3018) 2024-09-04 05:29:26 +00:00
Adam C. Stephens 1161da69ef
generate completions for elvish and fish (#3015) 2024-09-03 23:50:59 +00:00
Firstyear 0fac1f301e
20240820 SCIM value (#2992) 
Add the basics of scim value serialisation to entries.
 2024-08-29 11:38:00 +10:00
James Hodgkinson 3eae7be0bb
OAuth2 Token Type (#3008) 
* fix(OAuth2): Invalid `token_type` for token introspection
Fixes #3005

* fix(aut): `assert_eq` instead of `assert ==`

* fix(OAuth2): IANA registry access token types

* fix(OAuth2): deserialize case insensitively
 2024-08-25 23:30:20 +00:00
Firstyear 2ea8a0ed88
Expose group rename (#2999) 
* feat(cli): add group rename
 2024-08-23 06:18:29 +00:00
Firstyear b53c4ba62a
Better Error Message (#2998) 
* fix(cli) better error Messages

---------

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-08-23 02:51:22 +00:00
James Hodgkinson 3cbda02aa8
Docs updates (#2961) 2024-08-10 09:30:51 +00:00
Firstyear a5cd9b5a33
Fix incorrect logic in cred update flow (#2956) 
Incorrect logic in cred update meant that valid transactions would not be allowed to commit as a mistake in the UI flow.

This is a skill issue on my part.
 2024-08-08 02:02:02 +00:00
Sebastiano Tocci 12f297e526
Added orca flag to extend privileged authentication expiry (#2949) 2024-08-03 10:37:49 +10:00
Sebastiano Tocci 60e5b0970e
New orca models (#2909) 
* Orca is happy, everyone is happy
* added model selection option for Orca and properly included opt.rs inside the file tree instead of using `include!` macro
* added variable login delay to both read and write models!
* Clippy and William are happier this way
* fixed toml syntax for member count and removed old person_count_by_group inside ProfileBuilder
* added strong typing for group names, in the future this should help adding CLI support
* added the `latency_measurer` model and improved the ActorModel trait
* Fixed lots of bugs and made clippy happier
* updated all models to use random backoff time for the login transition
 2024-07-30 12:11:01 +10:00
James Hodgkinson 2a7a009482
clippying all the things (#2931) 
* clippying all the things
 2024-07-26 07:02:37 +00:00
Firstyear 21d3f82aa1
Add scim proto to kanidm, refactor to improve serde performance. (#2933) 2024-07-26 15:54:28 +10:00
James Hodgkinson 01deb706fa
kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876) 
Fixes #2875 - change to eprintln for output
 2024-07-24 06:54:13 +00:00
Firstyear c17aade6c3
Improve workflow when account policy isnt satisfied (#2927) 
* Improve workflow when account policy isnt satisfied
* Update tools/cli/src/cli/person.rs

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-07-24 09:57:55 +10:00
Firstyear da7ed77dfa
Substring Indexing (#2905) 2024-07-20 03:12:49 +00:00
Firstyear c7fcdc3e4e
Strict redirect URL enforcement (#2917) 
Add strict OAuth2 URL enforcement per the RFC. This includes a transition process for the next release so that Admins can come into compliance.
 2024-07-20 02:09:50 +00:00