Commit graph

925 commits

Author SHA1 Message Date
Alexandre Aubin
e04e601455 Merge remote-tracking branch 'origin/bookworm' into portal-api 2023-09-27 18:49:28 +02:00
Alexandre Aubin
ea9e084688
Merge pull request #220 from selfhoster1312/lua-optimizations
portal-api: Optimization by caching & no check on public routes
2023-09-27 18:43:26 +02:00
Alexandre Aubin
46352e6a7f
fix cached_jwt_verify signature 2023-09-27 18:43:13 +02:00
Alexandre Aubin
809a2a93b6
Merge pull request #221 from orhtej2/pcre2
Fix helper for bookworm.
2023-09-08 19:59:28 +02:00
orhtej2
2880d1cfb9 Fix helper for bookworm. 2023-09-08 19:57:36 +02:00
selfhoster1312
5eff85928e Cache JWT crypto work, only check auth on non-public routes 2023-09-02 19:39:07 +02:00
Alexandre Aubin
5da36abb74
Merge pull request #215 from selfhoster1312/epic_refactoring
Do not 500 when a requested domain is not configured for SSOWat
2023-08-13 18:55:02 +02:00
selfhoster1312
5fcfd9ede6 Do not 500 when a requested domain is not configured for SSOWat 2023-08-13 18:17:52 +02:00
Tagada
1b44ec4898 Merge branch 'dev' into bookworm 2023-07-20 15:55:18 +02:00
Alexandre Aubin
1ac6388242 Misc fixes after tests on the battlefield 2023-07-18 01:26:56 +02:00
Alexandre Aubin
c68f90b83e Update changelog for 11.2 2023-07-17 16:34:57 +02:00
Alexandre Aubin
85591a5744
Merge pull request #214 from yunohost-bot/weblate-yunohost-ssowat
Translations update from Weblate
2023-07-17 15:48:29 +02:00
Alexandre Aubin
6044595ca1 Merge remote-tracking branch 'origin/dev' into epic_refactoring 2023-07-16 00:49:43 +02:00
Alexandre Aubin
24b7630d3c epic refactoring: refactor the 'portal url' logic, we shall now have a dict mapping domains to portal urls (which is anyway imposed by cookie management unless we reintroduce complex cross-domain authentication...) 2023-07-15 21:27:40 +02:00
Alexandre Aubin
93ee6371ae refactoring: drop the complex redirection check which was meant to check the callback URLs ... this is to be handled in the future new portal (or whatever is going to implement the callback redirection logic) 2023-07-15 21:22:27 +02:00
Alexandre Aubin
02952d0202 Moar epic refactoring ... merge 'helpers.lua' inside 'access.lua' to reduce complexity ... 2023-07-15 19:51:31 +02:00
Alexandre Aubin
df094ea0e3 Cleanup unused stuff 2023-07-13 16:41:17 +02:00
motcha
429db4e2d5 Translated using Weblate (Japanese)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/ja/
2023-07-12 01:35:13 +02:00
Alexandre Aubin
ea0bc8a89c portalapi: propagate changes on the new API, decrypt the AES256-encrypted password found in user cookie to be able to construct the basic auth headers 2023-07-11 22:41:09 +02:00
Alexandre Aubin
40389a9aff
Merge pull request #213 from yunohost-bot/weblate-yunohost-ssowat
Translations update from Weblate
2023-07-11 16:34:00 +02:00
motcha
936ae051fc Translated using Weblate (Japanese)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/ja/
2023-07-11 00:51:19 +02:00
Weblate
2e2c37700b Added translation using Weblate (Japanese) 2023-07-09 04:32:44 +02:00
Alexandre Aubin
5d207184fd debian: we need lua-ldap >=1.3.1, version 1.3.0 is buggy 2023-06-13 14:33:33 +02:00
Alexandre Aubin
c0e38b19a0 rex_pcre is now rex_pcre2 2023-05-15 17:22:50 +02:00
Alexandre Aubin
8554e696f3
Merge pull request #211 from yunohost-bot/weblate-yunohost-ssowat
Translations update from Weblate
2023-05-08 15:47:31 +02:00
Neko Nekowazarashi
09914c6c4d Translated using Weblate (Indonesian)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-05-05 09:22:03 +02:00
Alexandre Aubin
5dd7c7269f Update changelog for 12.0.0 2023-05-04 22:38:42 +02:00
Alexandre Aubin
d8965d5b7b bookworm/debian: lua-rex-pcre is now lua-rex-pcre2 ? 2023-05-04 20:03:05 +02:00
Neko Nekowazarashi
548bdbd684 Translated using Weblate (Indonesian)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-04-25 12:11:40 +02:00
Christian Wehrli
86a4c8a3f3 Translated using Weblate (German)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/de/
2023-03-11 06:14:44 +01:00
Neko Nekowazarashi
f0829a93ab Translated using Weblate (Indonesian)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-02-27 19:15:01 +01:00
Neko Nekowazarashi
5828a627ec Translated using Weblate (Indonesian)
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-02-25 22:59:07 +01:00
Poesty Li
bedcc33fb8 Translated using Weblate (Chinese (Simplified))
Currently translated at 100.0% (47 of 47 strings)

Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/zh_Hans/
2023-02-06 20:30:23 +01:00
Alexandre Aubin
fa8be3795e Update changelog for 11.1.4 2023-02-01 20:28:33 +01:00
Alexandre Aubin
dbfc8ce39d Update changelog for 11.1.3 2023-01-30 16:33:53 +01:00
Alexandre Aubin
ebe37f3e4a
Merge pull request #210 from yunohost-bot/weblate-yunohost-ssowat
Translations update from Weblate
2023-01-30 16:06:36 +01:00
Weblate
c2d020cbc0 Added translation using Weblate (Lithuanian) 2023-01-24 14:45:08 +01:00
Alexandre Aubin
beed8a5c7f debian: have a proper postinst script that reload (not restart, omg) nginx... 2023-01-24 14:44:50 +01:00
Alexandre Aubin
37bdfbae4d Update changelog for 11.1.2.5 2023-01-19 17:22:14 +01:00
Alexandre Aubin
a3a4543850
Merge pull request #204 from ewilly/dev
Fix auth_header parsing when password contains semicolon
2023-01-19 16:54:12 +01:00
ewilly
ba5ffba490 Fix auth_header
If a colon is in the password, user and password are not well detected.
For example if user="me" and password="pass:word" the function give
user="me:pass" password="word"
2023-01-12 22:23:41 +01:00
Alexandre Aubin
46b58d3695 Update changelog for 11.1.2.4 2023-01-10 00:03:57 +01:00
Alexandre Aubin
8faa8057f0 security: rework previous fixes to use the new use_remote_user_var_in_nginx_conf in ssowat conf introduced in yunohost 11.1.2 2023-01-10 00:03:25 +01:00
Alexandre Aubin
6cb7327688 Update changelog for 11.1.2.3 2023-01-09 20:51:39 +01:00
Alexandre Aubin
4e92965eda Stupid typo 2023-01-09 20:51:00 +01:00
Alexandre Aubin
d85dc4f999 Update changelog for 11.1.2.2 2023-01-09 19:47:32 +01:00
Alexandre Aubin
92f1e0505a Iterate on previous security fixes: ignore Auth header on PROPFIND routes, and don't drop Auth header which are not Basic auth 2023-01-09 19:46:51 +01:00
Alexandre Aubin
8621a1e1a3 Update changelog for 11.1.2.1 2023-01-09 18:33:46 +01:00
Alexandre Aubin
7a2d0ed27a security: Also check client-provided auth headers to prevent impersonation 2023-01-09 18:32:32 +01:00
Alexandre Aubin
e60e95f5b4
Merge pull request #209 from selfhoster1312/misleading-auth-headers
Authentication headers are ONLY set when user is logged
2023-01-09 18:15:57 +01:00