Marc
f4a0c0ef31
feat(auth): sso fallback mapping ( #3068 )
...
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/3068
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Marc <marc88@free.fr>
Co-committed-by: Marc <marc88@free.fr>
2025-03-02 15:21:09 +00:00
kolaente
4e93806a44
fix(auth): load oidc provider before trying to use it
...
Resolves https://kolaente.dev/vikunja/vikunja/issues/3067
2025-03-02 14:09:02 +01:00
kolaente
e9d9f04763
chore: improve debug logging
2025-02-03 17:42:17 +01:00
kolaente
f898bdaf2d
feat(auth): use config variable to check if we should verify tls
2025-01-28 09:59:08 +00:00
kolaente
03412dd358
feat(auth): verify ldap config before trying to connect
2025-01-28 09:59:08 +00:00
kolaente
d22c3fb19e
feat(auth): make ldap user filter configurable
2025-01-28 09:59:08 +00:00
kolaente
71cad7aa13
chore(auth): refactor creating users in openid and ldap
2025-01-28 09:59:08 +00:00
kolaente
38bb8de4f1
feat(auth): authenticate users via ldap
2025-01-28 09:59:08 +00:00
kolaente
090dd4b2f6
fix(user): do not allow changing name in settings when the user originates from an external auth provider
...
This improves the UX because it does not allow external users to change their name in Vikunja, since that change would be overridden once they log in again.
Resolves https://github.com/go-vikunja/vikunja/issues/357
2025-01-21 16:27:06 +01:00
kolaente
c9a68d3a63
fix(openid): lint
2024-12-11 17:10:41 +01:00
kolaente
4512045cbf
fix: check if all required keys are available when parsing openid configuration
...
Related to https://github.com/go-vikunja/vikunja/issues/371
2024-12-11 16:25:41 +01:00
kolaente
b8c4e0a91e
fix(openid): log error when config is still using array value
2024-11-18 12:16:38 +01:00
kolaente
05349ddb5c
feat!: config for auth providers now use a map instead of an array
...
The config values for openid providers now use a map with the provider as key instead of an array. For example before:
auth:
openid:
providers:
- name: foo
clientid: ...
now becomes:
auth:
openid:
providers:
foo:
clientid: ...
This allows us to read values for openid providers from files using the same syntax as everywhere and makes the configuration more predictable. It also allows configuring providers through env variables, though it is still required to set at least one value via the config file because Vikunja won't discover the provider otherwise.
2024-11-18 10:34:30 +01:00
kolaente
329de3aab3
chore(web): remove unused echo context
2024-08-29 16:20:39 +02:00
kolaente
2063da9eec
chore(web): move web handler package to Vikunja
2024-08-29 16:15:28 +02:00
kolaente
66e96322ea
fix: do not remove empty openid teams when none are present
...
Maybe resolves https://community.vikunja.io/t/empty-openid-team-cleanup-cron-error-removing-empty-openid-team-database-is-locked-error-when-exporting-data/2306/3
2024-04-25 14:21:31 +02:00
kolaente
0910d5d2f2
chore(auth): refactor removing empty openid teams to cron job
2024-03-11 17:20:05 +01:00
waza-ari
ffa82556e0
feat(teams): add public flags to teams to allow easier sharing with other teams ( #2179 )
...
Resolves #2173
Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2179
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-10 14:04:32 +00:00
renovate
d7fdefcead
chore(deps): update golangci/golangci-lint docker tag to v1.56.2 ( #2099 )
...
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2099
Co-authored-by: renovate <renovatebot@kolaente.de>
Co-committed-by: renovate <renovatebot@kolaente.de>
2024-03-10 13:47:19 +00:00
waza-ari
d69fc28125
fix(openid): OIDC teams should not have admins ( #2161 )
...
This PR fixes an issue discussed in #2152 . Before this PR, the user who triggered team creation automatically got the admin flag set for this group, which makes perfect sense for the normal UI workflow. OIDC managed teams cannot be edited in Vikunja, and they're created automatically by the first user logging in having this team assigned. This PR therefore makes sure that OIDC managed team members do not receive the admin flag.
Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2161
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-05 22:08:39 +00:00
waza-ari
a3154e805c
fix(auth): use (issuer, name) to check for uniqueness of oidc teams ( #2152 )
...
The change introduced in #2150 introduces a bug where a Team would be re-created every time a user logs in, as the check if a team already exists was based on both the unique `oidcID` and the `name`. This PR proposes to only base the check on the ID, as this should be unique.
Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2152
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-04 20:26:45 +00:00
kolaente
379b0b24b3
fix(auth): test assertion
2024-03-02 15:38:01 +01:00
kolaente
a4a0ea973a
feat(auth): update team name in Vikunja when it was changed in the openid provider
2024-03-02 15:27:15 +01:00
kolaente
fc4303a778
chore(auth): add oidc suffix to openid team name in db
...
Related to https://kolaente.dev/vikunja/vikunja/issues/2150
2024-03-02 15:23:19 +01:00
kolaente
4f1f96f1e9
chore(auth): refactor openid team creation
2024-03-02 15:22:37 +01:00
viehlieb
ed4da96ab1
feat: assign users to teams via OIDC claims ( #1393 )
...
This change adds the ability to sync teams via a custom openid claim. Vikunja will automatically create and delete teams as necessary, it will also add and remove users when they log in. These teams are fully managed by Vikunja and cannot be updated by a user.
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/1393
Resolves https://kolaente.dev/vikunja/vikunja/issues/1279
Resolves https://github.com/go-vikunja/vikunja/issues/42
Resolves https://kolaente.dev/vikunja/vikunja/issues/950
Co-authored-by: viehlieb <pf@pragma-shift.net>
Co-committed-by: viehlieb <pf@pragma-shift.net>
2024-03-02 08:47:10 +00:00
kolaente
30a2dcd04c
fix: lint
2024-01-28 15:27:14 +01:00
kolaente
ce53663a88
fix(openid): use the calculated redirect url when authenticating with openid providers
2024-01-28 12:41:35 +01:00
kolaente
a5a6aba7c8
fix(auth): don't reset user settings when updating name or email from external auth provider
...
Resolves https://github.com/go-vikunja/api/issues/102
2023-12-25 17:09:19 +01:00
kolaente
c05f51b923
chore(deps): update golangci-lint rules
2023-12-19 13:34:31 +01:00
kolaente
ab2eda4bd5
fix(openid): make sure usernames with spaces work
2023-11-13 11:38:24 +01:00
kolaente
e4c71123ef
fix: lint
2023-09-01 08:39:25 +02:00
kolaente
fb2a1c59db
feat(api tokens): check if a provided token matched a hashed on in the database
2023-09-01 08:36:15 +02:00
kolaente
e518fb1191
chore: remove year from copyright headers
...
Resolves https://kolaente.dev/vikunja/api/pulls/1483
2023-09-01 08:32:28 +02:00
kolaente
fef253312c
feat(projects): cleanup namespace leftovers
2023-05-24 15:51:54 +02:00
kolaente
16de7cd591
feat(projects): remove namespaces
2023-05-24 15:51:54 +02:00
kolaente
359d0512cc
fix: upgrade jwt v5
2023-05-23 16:37:16 +02:00
kolaente
9bf535d06f
fix: remove old saved openid provider settings from cache when starting Vikunja
...
Resolves https://kolaente.dev/vikunja/api/issues/1487
2023-04-10 13:32:20 +02:00
Dominik Pschenitschni
441722372a
feat: add token example
2023-04-03 05:20:01 +00:00
Dominik Pschenitschni
4f7d69a108
fix: docs auth openID method
2023-04-03 05:19:32 +00:00
kolaente
349e6a5905
feat: rename lists to projects
2023-03-13 14:28:06 +01:00
kolaente
9f14466dfa
fix: lint
2023-03-05 22:24:29 +01:00
kolaente
530bb0a63c
fix(user): make reset the user's name to empty actually work
2023-01-23 18:30:01 +01:00
viehlieb
a79b1de2d0
feat: provide logout url for openid providers ( #1340 )
...
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1340
Co-authored-by: viehlieb <pf@pragma-shift.net>
Co-committed-by: viehlieb <pf@pragma-shift.net>
2022-12-18 18:26:28 +00:00
kolaente
25ffa1bc2e
fix: prevent logging openid provider errors twice
2022-07-07 15:47:37 +02:00
kolaente
5cf263a86f
feat: upgrade golangci-lint to 1.45.2
2022-03-27 16:55:37 +02:00
konrad
1322cb16d7
feat: add long-lived api tokens ( #1085 )
...
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1085
Co-authored-by: konrad <k@knt.li>
Co-committed-by: konrad <k@knt.li>
2022-02-06 13:18:08 +00:00
kolaente
190a9f2a4c
fix: friendly name not getting synced on first login from openid
...
Resolves #874
2021-12-12 12:35:13 +01:00
kolaente
516c812043
feat: expose if a user is a local user through its jwt token
2021-10-31 12:37:31 +01:00
stephen-hill
82a3330412
Added the ability to configure the JWT expiry date using a new server.jwtttl config parameter. ( #999 )
...
Co-authored-by: Stephen Hill <stephen@gatekiller.co.uk>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/999
Co-authored-by: stephen-hill <stephen@gatekiller.co.uk>
Co-committed-by: stephen-hill <stephen@gatekiller.co.uk>
2021-10-09 11:02:28 +00:00