aelgasser
38a46e68ea
feat: sync groups with SAML provider ( #6299 )
...
* feat: added implementation for group mapping in SAML strategies
---------
Co-authored-by: Abderraouf El Gasser <abderraouf.elgasser@iktos.com>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-11-20 16:59:33 -05:00
Jason Minard
491d63ceee
fix(auth): keycloak authentication post logout redirect for Keycloak 18+ ( #5878 )
2023-08-10 17:45:06 -04:00
Andrew McFadden
db8a09fe8c
feat: add ACR Value option to OIDC Module ( #6553 )
...
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-07-05 18:18:21 -04:00
DerekJarvis
fd00272314
feat(auth): allow custom GitLab endpoints for self-managed instances ( #6399 )
...
* Allow custom GitLab endpoints for self-hosting
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-05-11 20:42:17 -04:00
robinho81
8db4be668b
feat: expose skipUserProfile option in passport-oidc ( #6190 )
...
Co-authored-by: Robin Chalmers <robin.chalmers@kairostech.no>
2023-03-17 17:58:41 -04:00
gueldi
bba1d1b574
fix(oidc): use _json prop when setting displayName ( #6135 )
...
* Fixes setting displayName from OIDC
Relates to: https://github.com/requarks/wiki/pull/6096
* Update authentication.js
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-02-07 22:00:26 -05:00
Charlotte County Public Schools
8fa771c4ce
feat: set groups based on LDAP groups ( #5903 )
...
* Add mapping ldap groups to wiki groups
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 22:52:21 -05:00
Aurélien Lajoie
1da80eaab8
feat: oauth2 add groups mapping ( #6053 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 18:08:13 -05:00
gueldi
43a797d322
feat: adds displayName property to OIDC authentication module ( #6096 )
...
* Adds displayName property to oidc authentication method
* fix: update displayName prop
* fix: use blank display name in oidc auth
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 17:55:47 -05:00
NGPixel
5f876ced20
feat: optional oauth2 module nonce toggle
2023-01-29 17:14:34 -05:00
Sleuth56
12233c476d
feat: enable state key on generic oauth2 ( #6104 )
2023-01-29 16:51:40 -05:00
natsutteatsuiyone
445ad05a3d
fix: incompatibility issues with passport-openidconnect@0.1.1 ( #5799 )
...
* fix: incompatibility issues with passport-openidconnect
* fix: remove a trailing semicolon
2022-11-07 16:50:47 -05:00
Simon Lichtinghagen
1893fd499a
fix: login with Keycloak 20 by explicit set OAuth scopes ( #5808 )
...
* Fix login with Keycloak 20 by explicit set OAuth scopes
* moved scopes to definition.yml
Co-authored-by: Simon Lichtinghagen <sl@bnmsp.de>
2022-11-07 08:41:31 -05:00
Andrei Senchuk
e6bbf9d088
fix: oidc module - map() call on undefined; fix unrelate() usage ( #5781 )
2022-10-24 20:04:25 -04:00
NGPixel
ebf4da9bea
fix: oidc auth groups relate / unrelate
2022-09-17 17:54:11 -04:00
NGPixel
4b3005057f
fix: prevent user enumeration using local login timings
2022-09-17 17:36:40 -04:00
Fionera
91221e73eb
feat: set groups based on OIDC claim ( #5568 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-09-05 18:40:54 -04:00
Pam S
8290e86aaf
feat: add logout for auth0 ( #5545 )
...
Co-authored-by: Pam Selle <pam@thewebivore.com>
2022-08-16 16:37:19 -04:00
Mirco T
628c72ea16
feat: CAS authentication module ( #5452 )
...
Co-authored-by: SeaLife <mtries@united-internet.de>
2022-07-16 19:41:41 -04:00
Nicolas Giard
b78026e49f
fix(auth): handle null SAML authnContext context
2022-06-09 14:25:01 -04:00
Nicolas Giard
a37d733523
fix(auth): update SAML authnContext hint text for multiple values
2022-05-14 21:24:14 -04:00
Maximilian Bosch
b345375477
fix(auth): SAML authnContext parameter should be an array ( #5290 )
...
* saml auth: `authnContext` must be a list now
This fixes
this.options.authnContext.forEach is not a function
when trying to login via SAML on wiki-js 2.5.281.
Reason for that is that `authnContext` must be a list now which is
apparently a breaking change that was missed while upgrading
passport-saml[1].
Resolves #5289
[1] https://github.com/node-saml/passport-saml/pull/615
* fix(auth): split authnContext for SAML authenticaiton module
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-05-14 21:17:17 -04:00
Erik Bigler
9b40d60261
fix: update to working twitch passport strategy ( #5279 )
2022-05-13 16:20:09 -04:00
Nicolas Giard
d9076c4ee9
fix: typo in saml auth module
2022-05-09 21:51:40 -04:00
Nicolas Giard
8205c1f243
fix: update saml strategy to use new config options
2022-05-02 00:18:19 -04:00
NGPixel
2cb7b9fb4e
fix: update passport-saml dependency + set cert as required
2022-05-01 18:54:31 -04:00
Trisztán Piller
de151031ea
feat(auth): OAuth2 access_token in GET query string in userInfoURL ( #5188 )
2022-04-16 20:39:07 -04:00
myml
74887baa86
feat(auth): OAuth2 scope support ( #5181 )
2022-04-12 00:14:02 -04:00
Nicolas Giard
a652e43ab1
fix: handle multi social auth strategies
2022-03-25 21:17:04 -04:00
Manuel
1f489a3d8e
fix: handle multiple LDAP strategies ( #5116 )
2022-03-25 21:11:24 -04:00
Gabriel A. Devenyi
2c83472b63
fix(ldap): typo spelling of distinguished ( #5066 )
2022-03-01 11:54:06 -05:00
NGPixel
5911867b21
fix: various OAuth2 fixes
2021-10-15 22:36:30 -04:00
Artur Shaik
87084c66b0
feat: Generic OAuth2 authentication implementation ( #3094 )
...
* OAuth2 authentication implementation
This PR shoul fix #2392 . Used `passport-oauth2` strategy.
* indentations cleanup
* cleanup code
2021-10-15 22:25:15 -04:00
Beh
ed3925b1c5
fix: use first email address in Rocket.Chat auth response ( #3122 )
2021-09-29 20:42:48 -04:00
Étienne
9864be884d
fix: replace passport-slack implementation ( #4369 )
...
This commit replaces the observably defunct @aoberoi/passport-slack
implementation with that of nmaves's passport-slack-oauth2
2021-09-01 12:07:34 -04:00
Denis
ee8006892e
feat: add support of hd
auth parameter to work with G Suite domains ( #4010 )
...
* Add support of hd google auth parameter - to work with G Suite domains
* Style-fix
* fix: google auth hostedDomain hint
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2021-05-24 18:04:11 -04:00
Kevyn Bruyere
b106018029
fix: LDAP - avoid reading empty tls cert file ( #2980 )
...
Co-authored-by: Kevyn Bruyere <kevyn@inovasi.fr>
2021-01-31 01:03:24 -05:00
YAEGASHI Takeshi
a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies ( #2567 )
...
This adds cookieEncryptionKeyString configuration in the Azure AD
authentication module. It represents an array of cookie encryption
strings and enables workaround for SameSite cookies.
2020-11-01 13:10:50 -05:00
NGPixel
b0f61d6605
feat: rocket.chat auth module
2020-09-20 20:15:51 -04:00
NGPixel
f988c5f811
fix: logout URL endpoint option for oauth2 module
2020-09-09 20:20:55 -04:00
NGPixel
aa96e97028
fix: force lowercase for email on local auth
2020-09-09 19:59:46 -04:00
Rus
68d31af7af
fix: discord auth module new URL. ( #2390 )
...
Change "discordapp.com" to "discord.com"
2020-09-07 20:04:19 -04:00
NGPixel
78417524b3
feat: ldap avatar support
2020-09-07 20:02:33 -04:00
NGPixel
17f8071abe
fix: LDAP missing reqToCallback
2020-09-05 15:19:18 -04:00
NGPixel
062a0b7979
feat: logout by auth strategy + keycloak implementation
2020-09-01 20:01:39 -04:00
NGPixel
4dcf664040
fix: handle removed auth strategies
2020-08-30 16:33:52 -04:00
NGPixel
32d67adee1
feat: social login providers with dynamic instances
2020-08-30 01:36:37 -04:00
Dan Nicholson
d5d368cd33
feat: fix + enable OIDC auth method ( #2282 )
...
* fix: pass userinfo URL in oidc strategy
The userinfo URL from the definition was not being provided to the
passport strategy, which resulted in a type error trying to resolve the
user's profile. Furthermore, the name of the defined URL was
inconsistent with all other authentication method URLs.
* fix: pass all necessary scopes to oidc auth method
When no scopes are provided, passport-openidconnect uses only `openid`,
which does not contain the username or email address. Include `profile`
and `email` to ensure the necessary claims are included.
* fix: update oidc method to call processProfile correctly
Now the profile object and providerKey are passed to processProfile. The
usernameClaim no longer has any use as the email address is the
username.
* fix: mark oidc authentication method as available
2020-08-15 13:32:58 -04:00
NGPixel
26af63a80b
fix: login input hints
2020-07-20 00:22:29 -04:00
NGPixel
be499e5795
fix: auth strategy dependent username label
2020-07-19 13:20:43 -04:00