Alexandre Aubin
e04e601455
Merge remote-tracking branch 'origin/bookworm' into portal-api
2023-09-27 18:49:28 +02:00
Alexandre Aubin
ea9e084688
Merge pull request #220 from selfhoster1312/lua-optimizations
...
portal-api: Optimization by caching & no check on public routes
2023-09-27 18:43:26 +02:00
Alexandre Aubin
46352e6a7f
fix cached_jwt_verify signature
2023-09-27 18:43:13 +02:00
Alexandre Aubin
809a2a93b6
Merge pull request #221 from orhtej2/pcre2
...
Fix helper for bookworm.
2023-09-08 19:59:28 +02:00
orhtej2
2880d1cfb9
Fix helper for bookworm.
2023-09-08 19:57:36 +02:00
selfhoster1312
5eff85928e
Cache JWT crypto work, only check auth on non-public routes
2023-09-02 19:39:07 +02:00
Alexandre Aubin
5da36abb74
Merge pull request #215 from selfhoster1312/epic_refactoring
...
Do not 500 when a requested domain is not configured for SSOWat
2023-08-13 18:55:02 +02:00
selfhoster1312
5fcfd9ede6
Do not 500 when a requested domain is not configured for SSOWat
2023-08-13 18:17:52 +02:00
Tagada
1b44ec4898
Merge branch 'dev' into bookworm
2023-07-20 15:55:18 +02:00
Alexandre Aubin
1ac6388242
Misc fixes after tests on the battlefield
2023-07-18 01:26:56 +02:00
Alexandre Aubin
c68f90b83e
Update changelog for 11.2
2023-07-17 16:34:57 +02:00
Alexandre Aubin
85591a5744
Merge pull request #214 from yunohost-bot/weblate-yunohost-ssowat
...
Translations update from Weblate
2023-07-17 15:48:29 +02:00
Alexandre Aubin
6044595ca1
Merge remote-tracking branch 'origin/dev' into epic_refactoring
2023-07-16 00:49:43 +02:00
Alexandre Aubin
24b7630d3c
epic refactoring: refactor the 'portal url' logic, we shall now have a dict mapping domains to portal urls (which is anyway imposed by cookie management unless we reintroduce complex cross-domain authentication...)
2023-07-15 21:27:40 +02:00
Alexandre Aubin
93ee6371ae
refactoring: drop the complex redirection check which was meant to check the callback URLs ... this is to be handled in the future new portal (or whatever is going to implement the callback redirection logic)
2023-07-15 21:22:27 +02:00
Alexandre Aubin
02952d0202
Moar epic refactoring ... merge 'helpers.lua' inside 'access.lua' to reduce complexity ...
2023-07-15 19:51:31 +02:00
Alexandre Aubin
df094ea0e3
Cleanup unused stuff
2023-07-13 16:41:17 +02:00
motcha
429db4e2d5
Translated using Weblate (Japanese)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/ja/
2023-07-12 01:35:13 +02:00
Alexandre Aubin
ea0bc8a89c
portalapi: propagate changes on the new API, decrypt the AES256-encrypted password found in user cookie to be able to construct the basic auth headers
2023-07-11 22:41:09 +02:00
Alexandre Aubin
40389a9aff
Merge pull request #213 from yunohost-bot/weblate-yunohost-ssowat
...
Translations update from Weblate
2023-07-11 16:34:00 +02:00
motcha
936ae051fc
Translated using Weblate (Japanese)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/ja/
2023-07-11 00:51:19 +02:00
Weblate
2e2c37700b
Added translation using Weblate (Japanese)
2023-07-09 04:32:44 +02:00
Alexandre Aubin
5d207184fd
debian: we need lua-ldap >=1.3.1, version 1.3.0 is buggy
2023-06-13 14:33:33 +02:00
Alexandre Aubin
c0e38b19a0
rex_pcre is now rex_pcre2
2023-05-15 17:22:50 +02:00
Alexandre Aubin
8554e696f3
Merge pull request #211 from yunohost-bot/weblate-yunohost-ssowat
...
Translations update from Weblate
2023-05-08 15:47:31 +02:00
Neko Nekowazarashi
09914c6c4d
Translated using Weblate (Indonesian)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-05-05 09:22:03 +02:00
Alexandre Aubin
5dd7c7269f
Update changelog for 12.0.0
2023-05-04 22:38:42 +02:00
Alexandre Aubin
d8965d5b7b
bookworm/debian: lua-rex-pcre is now lua-rex-pcre2 ?
2023-05-04 20:03:05 +02:00
Neko Nekowazarashi
548bdbd684
Translated using Weblate (Indonesian)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-04-25 12:11:40 +02:00
Christian Wehrli
86a4c8a3f3
Translated using Weblate (German)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/de/
2023-03-11 06:14:44 +01:00
Neko Nekowazarashi
f0829a93ab
Translated using Weblate (Indonesian)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-02-27 19:15:01 +01:00
Neko Nekowazarashi
5828a627ec
Translated using Weblate (Indonesian)
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/id/
2023-02-25 22:59:07 +01:00
Poesty Li
bedcc33fb8
Translated using Weblate (Chinese (Simplified))
...
Currently translated at 100.0% (47 of 47 strings)
Translation: YunoHost/SSOwat
Translate-URL: https://translate.yunohost.org/projects/yunohost/ssowat/zh_Hans/
2023-02-06 20:30:23 +01:00
Alexandre Aubin
fa8be3795e
Update changelog for 11.1.4
2023-02-01 20:28:33 +01:00
Alexandre Aubin
dbfc8ce39d
Update changelog for 11.1.3
2023-01-30 16:33:53 +01:00
Alexandre Aubin
ebe37f3e4a
Merge pull request #210 from yunohost-bot/weblate-yunohost-ssowat
...
Translations update from Weblate
2023-01-30 16:06:36 +01:00
Weblate
c2d020cbc0
Added translation using Weblate (Lithuanian)
2023-01-24 14:45:08 +01:00
Alexandre Aubin
beed8a5c7f
debian: have a proper postinst script that reload (not restart, omg) nginx...
2023-01-24 14:44:50 +01:00
Alexandre Aubin
37bdfbae4d
Update changelog for 11.1.2.5
2023-01-19 17:22:14 +01:00
Alexandre Aubin
a3a4543850
Merge pull request #204 from ewilly/dev
...
Fix auth_header parsing when password contains semicolon
2023-01-19 16:54:12 +01:00
ewilly
ba5ffba490
Fix auth_header
...
If a colon is in the password, user and password are not well detected.
For example if user="me" and password="pass:word" the function give
user="me:pass" password="word"
2023-01-12 22:23:41 +01:00
Alexandre Aubin
46b58d3695
Update changelog for 11.1.2.4
2023-01-10 00:03:57 +01:00
Alexandre Aubin
8faa8057f0
security: rework previous fixes to use the new use_remote_user_var_in_nginx_conf in ssowat conf introduced in yunohost 11.1.2
2023-01-10 00:03:25 +01:00
Alexandre Aubin
6cb7327688
Update changelog for 11.1.2.3
2023-01-09 20:51:39 +01:00
Alexandre Aubin
4e92965eda
Stupid typo
2023-01-09 20:51:00 +01:00
Alexandre Aubin
d85dc4f999
Update changelog for 11.1.2.2
2023-01-09 19:47:32 +01:00
Alexandre Aubin
92f1e0505a
Iterate on previous security fixes: ignore Auth header on PROPFIND routes, and don't drop Auth header which are not Basic auth
2023-01-09 19:46:51 +01:00
Alexandre Aubin
8621a1e1a3
Update changelog for 11.1.2.1
2023-01-09 18:33:46 +01:00
Alexandre Aubin
7a2d0ed27a
security: Also check client-provided auth headers to prevent impersonation
2023-01-09 18:32:32 +01:00
Alexandre Aubin
e60e95f5b4
Merge pull request #209 from selfhoster1312/misleading-auth-headers
...
Authentication headers are ONLY set when user is logged
2023-01-09 18:15:57 +01:00