1
0
Fork 0
mirror of https://github.com/Luzifer/nginx-sso.git synced 2024-12-20 12:51:17 +00:00
Commit graph

86 commits

Author SHA1 Message Date
6575bc553d
[#35] Implement OpenID Connect auth provider
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-23 00:50:32 +02:00
abc203a990
prepare release v0.20.1 2019-04-22 20:07:39 +02:00
521042ea15
Fix: Do not list login methods without label
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 20:07:22 +02:00
8bf323fdbd
prepare release v0.20.0 2019-04-22 19:55:05 +02:00
5e46619865
Add special group for all authenticated users
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 19:54:27 +02:00
930a23f461
Modernize login dialog
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 19:43:56 +02:00
1d3f88ff47
prepare release v0.19.0 2019-04-22 06:44:23 +02:00
9b3c895c04
Update dependencies
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:07 +02:00
29beaa6fa3
Move auth plugins to own modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:06 +02:00
282a95c2e9
Move MFA plugins to own modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:06 +02:00
8d968ce29d
Add default page in case neither redirect was specified
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:44:06 +02:00
42db8e247d
Implement oAuth2 provider: Google
fixes #15
refs #35

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-22 06:42:44 +02:00
841f6458cd
Prepare moving auth plugins to own modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 16:58:06 +02:00
9b4ea27827
prepare release v0.18.0 2019-04-21 03:45:16 +02:00
e67316431b
Add redirect on root URL to login page
fixes #34
closes #37

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 03:43:36 +02:00
1cb9199bd9
Add default redirect URL for missing go-parameter
This adds a configuration option to set a default redirect URL for when
no `go` parameter was passed. This allows for users to have bookmarked
the login page and be redirected to the right location instead of seeing
a 404 page.

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 03:43:36 +02:00
a3390d6c75
prepare release v0.17.0 2019-04-21 00:20:42 +02:00
45f15de654
Work around missing URL parameters
when passing the URL with parameters in the `go=` parameter inside
nginx. This is caused by nginx not being able to escape ampersands which
then are parsed as parameters to the login handler instead of parameters
of the redirect URL.

There is a quite old ticket in nginx to implement proper escaping of URL
elements which would be a way better solution but until someone decides
to take care of that this should at least improve the situation.

refs #39

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-21 00:15:36 +02:00
ccee36a78e
prepare release v0.16.2 2019-04-16 01:38:48 +02:00
77e95d8961
Replace CDNJS as of permanent CORS failures
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-04-16 01:38:03 +02:00
669744668c
prepare release v0.16.1 2019-03-17 15:41:45 +01:00
cfa158ea18
Fix: Do not crash main program on incompatible plugins
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-03-17 15:41:24 +01:00
7f6de7097a
prepare release v0.16.0 2019-02-23 19:47:46 +01:00
27ee7778c3
Enable CGO for plugin support
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:41:36 +01:00
e9bff08810
Export errors for usage in plugins
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:27:02 +01:00
83fcc4d0fe
Disable CGO during build
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:12:45 +01:00
97b284034f
Add plugin support (#38)
* Extract Authenticator and MFAProvider interfaces
* Implement plugin loading
* Add config example

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-22 00:10:43 +01:00
3988fa4f38
prepare release v0.15.1 2019-01-17 23:51:27 +01:00
3cd5ab380a
Fix: Host already had the port attached
This happened when providing a port number in the URI as the `Host`
field still has the port number while the `Hostname()` method only
returns the hostname without the port.

fixes #33

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-01-17 23:50:26 +01:00
Maximilian Gaß
085a158371 Fix audit logging when not using MFA (#32)
Signed-off-by: Maximilian Gaß <m.gass@babiel.com>
2019-01-17 23:50:18 +01:00
3650ad66e7
prepare release v0.15.0 2019-01-06 15:37:05 +01:00
Zlatko Čalušić
876216ee6d Add timestamp to audit log (#31) 2019-01-06 15:35:59 +01:00
5d6fa23377
Fix several linter errors
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-29 01:06:12 +01:00
438dff6aeb
prepare release v0.14.0 2018-12-29 00:46:40 +01:00
20bb1b4745
[#25] Make TOTP provider fully configurable (#29)
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-29 00:38:56 +01:00
f1fe845bc8
Adjust meta files, add COC
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-29 00:04:40 +01:00
373ececb2f
Move documentation to project Wiki
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-29 00:01:43 +01:00
b2c06efa2b
prepare release v0.13.0 2018-12-28 23:55:32 +01:00
9e0907f494
Add support for Duo MFA (#28)
Squashed commit of the following:

commit f748cc99802dc2a1c2f1b805a280c56fc6cf4123
Author: Knut Ahlers <knut@ahlers.me>
Date:   Fri Dec 28 23:39:07 2018 +0100

    Implement fetching remote IP from mutliple sources

    Signed-off-by: Knut Ahlers <knut@ahlers.me>

commit 416af9eed8
Author: Ben Edmunds <bensammy2@yahoo.co.uk>
Date:   Fri Dec 28 19:35:26 2018 +0000

    Duo MFA, clean up & documentation

commit 0e511023f0
Author: Ben Edmunds <bensammy2@yahoo.co.uk>
Date:   Fri Dec 28 16:34:55 2018 +0000

    Add support for Duo MFA

closes #28
closes #24

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-12-28 23:54:11 +01:00
f958f16e51
prepare release v0.12.0 2018-12-24 10:08:14 +01:00
f6d622d1b8
Implement MFA verification for logins (#10) 2018-12-24 10:07:49 +01:00
3bf7477e98
prepare release v0.11.1 2018-11-18 12:25:08 +01:00
378a557782
[#19] Documentation improvements (#20)
* Docs: Streamline header naming
* Docs: Mention the logout endpoint
2018-11-18 12:24:33 +01:00
51cacde445
prepare release v0.11.0 2018-11-17 14:43:51 +01:00
5ee2feea64
[#17] Implement audit logging
- Add README entry for audit logging
- On login log the redirection target
- Do not log empty headers
- Log login errors into AuditLog
- Fix: Wrong length error is a sign for no Yubikey OTP
- Add missing dependencies
- [#17] Implement audit logging

closes #17

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-11-17 14:42:56 +01:00
5539445806
prepare release v0.10.0 2018-09-24 11:58:04 +02:00
05fe4f2022
Fix TLS dialing (#16)
* Add configuration for TLS connections
* Take both TLS configurations into account
2018-09-24 11:57:27 +02:00
a272b49cf8
Use multi-stage build to reduce image size
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-09-20 16:26:33 +02:00
773a88c5ba
prepare release v0.9.0 2018-09-20 15:39:38 +02:00
8c9a2f6285
Implement config reload on SIGHUP (#12)
closes #11
2018-09-20 15:39:22 +02:00