luzifer/nginx-sso
1
0
Fork 0
mirror of https://github.com/Luzifer/nginx-sso.git synced 2024-10-18 07:34:22 +00:00
Code Issues Releases Wiki Activity
70 commits 1 branch 45 tags 29 MiB
Commit graph

12 commits

Author SHA1 Message Date
Knut Ahlers
45f15de654
Work around missing URL parameters 
when passing the URL with parameters in the `go=` parameter inside
nginx. This is caused by nginx not being able to escape ampersands which
then are parsed as parameters to the login handler instead of parameters
of the redirect URL.

There is a quite old ticket in nginx to implement proper escaping of URL
elements which would be a way better solution but until someone decides
to take care of that this should at least improve the situation.

refs #39

Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2019-04-21 00:15:36 +02:00
Knut Ahlers
e9bff08810
Export errors for usage in plugins 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2019-02-22 00:27:02 +01:00
Knut Ahlers
97b284034f
Add plugin support (#38) 
* Extract Authenticator and MFAProvider interfaces
* Implement plugin loading
* Add config example

Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2019-02-22 00:10:43 +01:00
Maximilian Gaß
085a158371 Fix audit logging when not using MFA (#32) 
Signed-off-by: Maximilian Gaß <m.gass@babiel.com>
 2019-01-17 23:50:18 +01:00
Knut Ahlers
5d6fa23377
Fix several linter errors 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2018-12-29 01:06:12 +01:00
Knut Ahlers
f6d622d1b8
Implement MFA verification for logins (#10) 2018-12-24 10:07:49 +01:00
Knut Ahlers
378a557782
[#19] Documentation improvements (#20) 
* Docs: Streamline header naming
* Docs: Mention the logout endpoint
 2018-11-18 12:24:33 +01:00
Knut Ahlers
5ee2feea64
[#17] Implement audit logging 
- Add README entry for audit logging
- On login log the redirection target
- Do not log empty headers
- Log login errors into AuditLog
- Fix: Wrong length error is a sign for no Yubikey OTP
- Add missing dependencies
- [#17] Implement audit logging

closes #17

Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2018-11-17 14:42:56 +01:00
Knut Ahlers
8c9a2f6285
Implement config reload on SIGHUP (#12) 
closes #11
 2018-09-20 15:39:22 +02:00
Knut Ahlers
e6952ed1b0
Fix: Memory leak due to http requests stored forever 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2018-09-08 19:39:59 +02:00
Knut Ahlers
c9836b032a
Pass through the ResponseWriter to allow cookie renewal 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2018-01-28 21:27:23 +01:00
Knut Ahlers
87d719367d
Initial version (#1) 
* Initial draft
* HCL does not support int64
* Add http stubs
* Login does not need to return user details
* Fields should have a label
* Add example configuration
* Add stub for "Simple" authenticator
* Add debug logging
* Implement configuration loading
* Implement user detection
* Fix error names in doc strings
* Implement session store
* Implement "Token" provider
* Add login frontend
* Implement login and logout
* Do not show tabs when there is no choice
* Fix multi-tab errors, sorting
* Implement "Yubikey" authenticator
* Lint: Rename error to naming convention
* Apply cookie security
* Prevent double-login
* Adjust parameters for crowd
* Implement ACL
* Replace HCL config with YAML config
* Remove config debug output
* Remove crowd config

Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2018-01-28 15:16:52 +01:00