1
0
Fork 0
mirror of https://github.com/Luzifer/nginx-sso.git synced 2024-12-20 21:01:17 +00:00
Commit graph

101 commits

Author SHA1 Message Date
3d0fb11afa
Switch to Go1.12+ vendoring
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-11-03 18:50:44 +01:00
07b98e0a57
Fix: Handle Unauthorized as no user found instead of generic error
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-11-03 18:43:22 +01:00
e83dc6a124
prepare release v0.21.5 2019-06-29 12:57:45 +02:00
09cf06c905
[#41] Set default cookie values in all providers (#45)
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-06-29 12:40:39 +02:00
b84a79ed21
prepare release v0.21.4 2019-06-15 00:18:36 +02:00
Maximilian Gaß
1e9446d2e6 Prefer simple authenticator over LDAP (#42)
Allows to have local accounts that always work, even if there are LDAP
problems
2019-06-15 00:17:16 +02:00
07f10142d1
prepare release v0.21.3 2019-05-14 00:01:02 +02:00
c511e08ab7
Fix: Even with offline access no refresh token is present
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-05-13 22:43:14 +02:00
9bd8af70e5
prepare release v0.21.2 2019-05-13 21:24:48 +02:00
93d242c404
Fix: Google not returning refresh tokens
which then causes logins with duration of more than 60m to time out and
not be able to refresh as of the missing refresh token. The "offline"
access type should ensure the token always contains a refresh token and
the user can be active for longer than 60m.

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-05-13 21:23:14 +02:00
bc006367fe
prepare release v0.21.1 2019-04-26 19:44:58 +02:00
8af1eeaa4c
Fix: Use cookie for redirects after oAuth flow
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-26 19:44:22 +02:00
72187c5f64
prepare release v0.21.0 2019-04-23 00:51:59 +02:00
b8c89a5e0f
Vendor new dependencies for OIDC
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-23 00:50:32 +02:00
2b15b34bb4
Fix: Only overwrite default if config is non-empty
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-23 00:50:32 +02:00
6575bc553d
[#35] Implement OpenID Connect auth provider
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-23 00:50:32 +02:00
abc203a990
prepare release v0.20.1 2019-04-22 20:07:39 +02:00
521042ea15
Fix: Do not list login methods without label
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 20:07:22 +02:00
8bf323fdbd
prepare release v0.20.0 2019-04-22 19:55:05 +02:00
5e46619865
Add special group for all authenticated users
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 19:54:27 +02:00
930a23f461
Modernize login dialog
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 19:43:56 +02:00
1d3f88ff47
prepare release v0.19.0 2019-04-22 06:44:23 +02:00
9b3c895c04
Update dependencies
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:07 +02:00
29beaa6fa3
Move auth plugins to own modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:06 +02:00
282a95c2e9
Move MFA plugins to own modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:06 +02:00
8d968ce29d
Add default page in case neither redirect was specified
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:06 +02:00
42db8e247d
Implement oAuth2 provider: Google
fixes #15
refs #35

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:42:44 +02:00
841f6458cd
Prepare moving auth plugins to own modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 16:58:06 +02:00
9b4ea27827
prepare release v0.18.0 2019-04-21 03:45:16 +02:00
e67316431b
Add redirect on root URL to login page
fixes #34
closes #37

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 03:43:36 +02:00
1cb9199bd9
Add default redirect URL for missing go-parameter
This adds a configuration option to set a default redirect URL for when
no `go` parameter was passed. This allows for users to have bookmarked
the login page and be redirected to the right location instead of seeing
a 404 page.

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 03:43:36 +02:00
a3390d6c75
prepare release v0.17.0 2019-04-21 00:20:42 +02:00
45f15de654
Work around missing URL parameters
when passing the URL with parameters in the `go=` parameter inside
nginx. This is caused by nginx not being able to escape ampersands which
then are parsed as parameters to the login handler instead of parameters
of the redirect URL.

There is a quite old ticket in nginx to implement proper escaping of URL
elements which would be a way better solution but until someone decides
to take care of that this should at least improve the situation.

refs #39

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 00:15:36 +02:00
ccee36a78e
prepare release v0.16.2 2019-04-16 01:38:48 +02:00
77e95d8961
Replace CDNJS as of permanent CORS failures
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-16 01:38:03 +02:00
669744668c
prepare release v0.16.1 2019-03-17 15:41:45 +01:00
cfa158ea18
Fix: Do not crash main program on incompatible plugins
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-03-17 15:41:24 +01:00
7f6de7097a
prepare release v0.16.0 2019-02-23 19:47:46 +01:00
27ee7778c3
Enable CGO for plugin support
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:41:36 +01:00
e9bff08810
Export errors for usage in plugins
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:27:02 +01:00
83fcc4d0fe
Disable CGO during build
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:12:45 +01:00
97b284034f
Add plugin support (#38)
* Extract Authenticator and MFAProvider interfaces
* Implement plugin loading
* Add config example

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:10:43 +01:00
3988fa4f38
prepare release v0.15.1 2019-01-17 23:51:27 +01:00
3cd5ab380a
Fix: Host already had the port attached
This happened when providing a port number in the URI as the `Host`
field still has the port number while the `Hostname()` method only
returns the hostname without the port.

fixes #33

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-01-17 23:50:26 +01:00
Maximilian Gaß
085a158371 Fix audit logging when not using MFA (#32)
Signed-off-by: Maximilian Gaß <m.gass@babiel.com>
2019-01-17 23:50:18 +01:00
3650ad66e7
prepare release v0.15.0 2019-01-06 15:37:05 +01:00
Zlatko Čalušić
876216ee6d Add timestamp to audit log (#31) 2019-01-06 15:35:59 +01:00
5d6fa23377
Fix several linter errors
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-29 01:06:12 +01:00
438dff6aeb
prepare release v0.14.0 2018-12-29 00:46:40 +01:00
20bb1b4745
[#25] Make TOTP provider fully configurable (#29)
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-29 00:38:56 +01:00