Tags: Kerrnel/glauth
Tags
Dev (glauth#254) * use functional options pattern to inject logr (glauth#124) * use functional options pattern to inject logr Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * cleanup log formatting Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * allow clean shutdown (glauth#126) * fix owncloud posix query, log message and provisioning api results (glauth#128) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * don't hardcode graphapi endpoint Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * add support for write handlers (glauth#135) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * config: match shadowaccount objectlcass (glauth#136) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * Makefile compatiblility (glauth#134) Co-authored-by: Jörn Friedrich Dreyer <[email protected]> * update travis.yml (glauth#154) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * check owncloud status code is ok (glauth#153) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * Bulid and push multiarch docker images (glauth#142) Fix glauth#141. With this change, a github action is added that builds a multiarch docker image on every commit, supporting x86_64, aarch64 and arm/v7. When the action is triggered on a release or tag, it also uploads the versioned image to github container image registry. Co-authored-by: Jörn Friedrich Dreyer <[email protected]> * don't mix graph and provisioning api (glauth#157) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * Reuse http client as much as possible and allow insecure transport (glauth#160) * Allow using configmaps when deploying in kubernetes (glauth#161) * Ensure config watcher also works in kubernetes When using configmaps in kubernetes, the file is a symlink, and then file-watcher is not opdated with a write event. Instead it receives a CHMOD and a REMOVE event. This change adds two things 1) Removal of the current wacther and adding of a new watcher for the same path 2) The do-reload conditional is updated to also include the remove event. * Align write and removed conditionals * Fix API server json formating (glauth#163) (glauth#164) * Update README.md (glauth#167) Fixing bad port in quickstart * Use port 3893 with ldapsearch in example (glauth#150) * feat: add flags for ldap listen addresses (glauth#169) Signed-off-by: Mark Sagi-Kazar <[email protected]> * Assets build fix. (glauth#171) * Docker build fix. * Makefile fix. * update readme, config and deps (glauth#170) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * Remove byanke's donation fields * Database plugins (glauth#133) This commit actually covers a few items. In future commits, I will keep features distinct. This is only happening this time around due to how long it took to merge this branch. Covered: - Database plugins (at this time: SQLite, MySQL, Postgres) - Backends acting as middleware: added the [[Backends]] configuration directive while retaining backward compatibility with [Backend] - Schema introspection (root DSE query with base scope) - When proxying, insert queried attribute back in upstream response, if absent, so that the LDAP library does not filter out all entries - When chaining backends, any backend can be used to inject OTP value in password, before reaching a non-OTP-aware backend (currently guarded by a True statement in case we find an issue (I did thoroughly test but you never know)) - Handling of special "1.1" attributes filter meaning "I do not want attributes" (RFC 4511, 4.5.1.8) - Support for "want types only" queries, even when proxying * Mac M1 Support and LDAP Req Attributes (glauth#192) * Mac M1 Support * Augmented root DSS and schema discovery based on content of schema directory * LDAP workaround where req. attribute gets injected in response now works with combined filters * SubSchema query can return a minimal set, freeipa or openldap's schemas * Feature/upgrade ldap library version (glauth#194) * Stronger, salted paswords using bcrypt. (glauth#195) * Fixed badges in README file and added a couple improvements (glauth#196) * fix lock for ownCloud / graph backend (glauth#198) Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * the config struct is only needed by the config backend (glauth#199) * Variable "unixid" is now respectively "UIDNumber" and "GIDNumber" for… (glauth#201) * fix: keep watch config file when changed,renamed,removed (glauth#189) I will need to run `glauth.go` through `gofmt` myself but that is fine. * Returning when unable to start config watcher (glauth#203) * Introducing goconvey testing and refactoring of config and ... (glauth#204) * Introducing goconvey testing and refactoring of config and plugin backends. * gofmt, oops * Refactored re-insertion of requested attributes * Allow bind operations with no group provided (glauth#205) * Support for userPrincipalName binding and browsing. (glauth#206) * Support for userPrincipalName binding and browsing. * Fixed travis CI test for userprincipalname * fixing travis tests for more users * Rate limit after failed binds (glauth#207) * Capabilities -- part 2 (glauth#214) + do not dump config at startup * Attempting migration from Travis to Github Actions * Migration Step#2 * Migration Step#3 * Migration Step#4 * Migration Step#5 * Migration Step#6 * Migration Step#7 * Migration Step#8 * Migration Step#9 * Migration Step#9 * Migration dev... * Migration dev... * Migration dev... * Migration dev... * Docker with plugins, first step (glauth#215) * Docker with plugins, first step * Build better docker images, including plugins * Merge back from dev to feature branch step glauth#2 * Added capabilities to CI * - Now creating two docker images, including one with plugins - Moving from Travis CI to GitHub Actions * Plugins now run on distroless (glauth#217) * Getting rid of Travis CI now that it doesn't support FOSS anymore. * Internal Stats -- performance view (glauth#221) * Local merge * Update CI to forget about bindata * Forgot to cleanup the cleanup... * assets: use stdlib "embed" package (glauth#200) This should make it easier to include GLAuth in other projects using `go get` * 'Airgapping' web assets for security and preventing breakage (glauth#227) * v2 -- V2 hierarchy (glauth#228) * Search refactoring, tree traversal and scope correctness (glauth#229) Search refactoring, tree traversal and scope correctness. * Feature/multi cfg (glauth#233) * Feature/custom attributes (glauth#240) * Makefiles: platform releases (glauth#241) * Feature/release script (glauth#242) * Bug/fix docker build in v2 (glauth#244) * Fix glauth#246 and glauth#252 Co-authored-by: Jörn Friedrich Dreyer <[email protected]> Co-authored-by: Zhou Wenzong <[email protected]> Co-authored-by: Jairo Llopis <[email protected]> Co-authored-by: Benedikt Kulmann <[email protected]> Co-authored-by: Nicolai Willems <[email protected]> Co-authored-by: Thibault Soubiran <[email protected]> Co-authored-by: Clement JACOB <[email protected]> Co-authored-by: Lutz Horn <[email protected]> Co-authored-by: Márk Sági-Kazár <[email protected]> Co-authored-by: Peter Heise <[email protected]> Co-authored-by: Ben Yanke <[email protected]> Co-authored-by: fanlix <[email protected]> Co-authored-by: Hank Donnay <[email protected]>
Dev to Master 2.1.0 RC1 (glauth#243) Co-authored-by: Jörn Friedrich Dreyer <[email protected]> Co-authored-by: Zhou Wenzong <[email protected]> Co-authored-by: Jairo Llopis <[email protected]> Co-authored-by: Benedikt Kulmann <[email protected]> Co-authored-by: Nicolai Willems <[email protected]> Co-authored-by: Thibault Soubiran <[email protected]> Co-authored-by: Clement JACOB <[email protected]> Co-authored-by: Lutz Horn <[email protected]> Co-authored-by: Márk Sági-Kazár <[email protected]> Co-authored-by: Peter Heise <[email protected]> Co-authored-by: Ben Yanke <[email protected]> Co-authored-by: fanlix <[email protected]> Co-authored-by: Hank Donnay <[email protected]>
remove unsupported deploy option: body (glauth#114) Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
Pulling in latest changes and fixes for 1.1.1 (glauth#56) * Adding a few test dockerfiles * Continued work on docker builds * Basic example of docker build and run works - see build.sh for now * Continuing to work on docker build * Removing testing from build script, since it belongs later in process * Implementing dumb init * Docker build fully switched to alpine * Setting up alpine build * Cleaning up dockerfile * Cleaning up repo in prep for merge * Updating permissions for clean merge * Removing old ansible cruft, as per glauth#12 * Removing binaries (since we now build) * Updating sample config to use new fields now available * Testing travis * another travis test * Still working on travis builds * Fix missing amazon packages * Merge in Travis config feature branch (glauth#26) * Adding version string * Fixing and cleaning up docker build * Adding image hashing and verification to 'make all' * Testing build * Running gofmt to fix build * Testing switching travis to make * Testing build again * Merging in Fixes from travis-build feature branch (glauth#33) This includes an integration test which runs glauth and compares ldapsearch snapshot output stored in the repo compared to the snapshot output of the glauth. Additionally, removing old versions of go, and adding windows and linuxar builds (but not tests) to the makefile, and consequently, the travis build. While the mac, linux-arm, and windows binaries are not able to be run in travis, they are able to be at least compiled. * Remove needless comment from integration test * Adding 'is-process-running' check before integration tests run, to clearly note if the program crashes on run * Switching from 1 sec to 2 sec timeout for integration test * Adding back config file to fix build. Previous commit intended to see if build failed (and it did) * Add support for including groups in groups (glauth#23) * Add support for including groups in groups * Pulling in Makefile structure to allow easier testing and builds * Forgot to remove spare test * Add Version Info at Buildtime (glauth#39) Adds the build info to the binary at buildtime via buildtime variables. This is shown by `./glauth --version`. Example output for a non-release: ``` GLauth Non-release build from branch feature/buildversion Build time: 20180531_181011Z Commit: 07ba631 ``` And example of a built release: ``` GLauth v2.3.4 Build time: 20180601_041330Z Commit: 931d666 ``` * Fixing Broken Docker Build (glauth#41) Forgot to include go-bindata run in Dockerfile. * Removing leftover TODO from merge * Testing releases * Testing releases * Testing releases * Adjusting logging * Add new group tests to integration tests * add cleanup to test process * Add documentation about otherGroups, which was a previously undocumented field. * Auto fetching bindata during build so it's not needed to be done manually * Syntax fix * starting framework for unit tests * Merging in ongoing progress from Feature/travis build (glauth#44) Fixes a few minor issues: glauth#42 - now uses the makefile in the docker build, which means version info is correctly embedded at runtime - also now outputs version data at the top of the log when the container starts Fixing a simple issue found by go vet. Need to do more work on fixing issues found in go vet. * Forgot to run 'go fmt' * Adding codecov for go now that a single test is written * Testing not quite ready yet, removing from build * Add Support For 2 Factor Authentication Merging in feature from @ryskov (PR glauth#24) adding 2FA support during LDAP binds. This is accomplished by concatenating the code to the end of the password. Also added integration tests for the TOTP method to run in CI. Could not, however, add automated tests for the yubikey, due the physical nature. * Expose LDAPS ports in Docker container (glauth#49) Currently, the LDAPS ports are not exposed in the docker container. * Adding better logging to docker start script * Add more logging info to docker startup script * Fix Arm32 Build (glauth#52) As discussed in issue glauth#51, Arm32 builds were using 368 (intel/amd) arch accidentally, generating linux 32 bit binaries instead of arm 32 bit binaries. This commit fixes this in the Makefile, which will fix both the local builds, as well as the travis CI and release builds. fixes glauth#52 * Update docker hub image badge to a working one previous one simply returned 0. * Removing 3893 - fixes glauth#50 * Fixing readme MD formatting * Adding travis_retry to fix against intermittent network outages * Add TLS options for running both with TLS and without on the same time (glauth#27) * Add TLS options for running both with TLS and without on the same time. This commit expands on the settings available for using TLS. It puts TLS settings under the [frontend.tls] section and adds a new setting to [frontend] called TLSExclusive (bool). TLSExclusive specifies whether or not to only run TLS when it is enabled, and is 'true' by default. Setting it to 'false' and having TLS enabled, causes the server to start both a LDAP and LDAPS server, and therefore requires to seperate 'listen' options (to run on different ports) - the Frontend.Listen and the Frontend.TLS.Listen. If TLSExclusive is set to 'true' and no Frontend.TLS.Listen is specified, it will use the Frontend.Listen. * Adding PR template and improving integration test tooling * Updating formatting * Add get dependencies step to makefile setup * Add go 1.11 * Add App Password Support (glauth#60) App passwords can now be used to allow easier OTP use alongside applications which need to bind with a static password. Use the key `passappsha256` and specify an array of password hashes. See the readme and sample configuration file for more information. Fixes glauth#54 * Adding NCoC as official project code of conduct We happily accept contributions based on the merit of the contributions. * Properly handling paramaters in logs - fixes glauth#64 * Adding ldapsearch for healthchecks
PreviousNext