Commit Graph

86 Commits

Author SHA1 Message Date
natsutteatsuiyone
445ad05a3d
fix: incompatibility issues with passport-openidconnect@0.1.1 (#5799)
* fix: incompatibility issues with passport-openidconnect

* fix: remove a trailing semicolon
2022-11-07 16:50:47 -05:00
Simon Lichtinghagen
1893fd499a
fix: login with Keycloak 20 by explicit set OAuth scopes (#5808)
* Fix login with Keycloak 20 by explicit set OAuth scopes

* moved scopes to definition.yml

Co-authored-by: Simon Lichtinghagen <sl@bnmsp.de>
2022-11-07 08:41:31 -05:00
Andrei Senchuk
e6bbf9d088
fix: oidc module - map() call on undefined; fix unrelate() usage (#5781) 2022-10-24 20:04:25 -04:00
NGPixel
ebf4da9bea
fix: oidc auth groups relate / unrelate 2022-09-17 17:54:11 -04:00
NGPixel
4b3005057f
fix: prevent user enumeration using local login timings 2022-09-17 17:36:40 -04:00
Fionera
91221e73eb
feat: set groups based on OIDC claim (#5568)
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-09-05 18:40:54 -04:00
Pam S
8290e86aaf
feat: add logout for auth0 (#5545)
Co-authored-by: Pam Selle <pam@thewebivore.com>
2022-08-16 16:37:19 -04:00
Mirco T
628c72ea16
feat: CAS authentication module (#5452)
Co-authored-by: SeaLife <mtries@united-internet.de>
2022-07-16 19:41:41 -04:00
Nicolas Giard
b78026e49f
fix(auth): handle null SAML authnContext context 2022-06-09 14:25:01 -04:00
Nicolas Giard
a37d733523
fix(auth): update SAML authnContext hint text for multiple values 2022-05-14 21:24:14 -04:00
Maximilian Bosch
b345375477
fix(auth): SAML authnContext parameter should be an array (#5290)
* saml auth: `authnContext` must be a list now

This fixes

    this.options.authnContext.forEach is not a function

when trying to login via SAML on wiki-js 2.5.281.

Reason for that is that `authnContext` must be a list now which is
apparently a breaking change that was missed while upgrading
passport-saml[1].

Resolves #5289

[1] https://github.com/node-saml/passport-saml/pull/615

* fix(auth): split authnContext for SAML authenticaiton module

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-05-14 21:17:17 -04:00
Erik Bigler
9b40d60261
fix: update to working twitch passport strategy (#5279) 2022-05-13 16:20:09 -04:00
Nicolas Giard
d9076c4ee9
fix: typo in saml auth module 2022-05-09 21:51:40 -04:00
Nicolas Giard
8205c1f243
fix: update saml strategy to use new config options 2022-05-02 00:18:19 -04:00
NGPixel
2cb7b9fb4e
fix: update passport-saml dependency + set cert as required 2022-05-01 18:54:31 -04:00
Trisztán Piller
de151031ea
feat(auth): OAuth2 access_token in GET query string in userInfoURL (#5188) 2022-04-16 20:39:07 -04:00
myml
74887baa86
feat(auth): OAuth2 scope support (#5181) 2022-04-12 00:14:02 -04:00
Nicolas Giard
a652e43ab1
fix: handle multi social auth strategies 2022-03-25 21:17:04 -04:00
Manuel
1f489a3d8e
fix: handle multiple LDAP strategies (#5116) 2022-03-25 21:11:24 -04:00
Gabriel A. Devenyi
2c83472b63
fix(ldap): typo spelling of distinguished (#5066) 2022-03-01 11:54:06 -05:00
NGPixel
5911867b21
fix: various OAuth2 fixes 2021-10-15 22:36:30 -04:00
Artur Shaik
87084c66b0
feat: Generic OAuth2 authentication implementation (#3094)
* OAuth2 authentication implementation

This PR shoul fix #2392. Used `passport-oauth2` strategy.

* indentations cleanup

* cleanup code
2021-10-15 22:25:15 -04:00
Beh
ed3925b1c5
fix: use first email address in Rocket.Chat auth response (#3122) 2021-09-29 20:42:48 -04:00
Étienne
9864be884d
fix: replace passport-slack implementation (#4369)
This commit replaces the observably defunct @aoberoi/passport-slack
implementation with that of nmaves's passport-slack-oauth2
2021-09-01 12:07:34 -04:00
Denis
ee8006892e
feat: add support of hd auth parameter to work with G Suite domains (#4010)
* Add support of hd google auth parameter - to work with G Suite domains

* Style-fix

* fix: google auth hostedDomain hint

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2021-05-24 18:04:11 -04:00
Kevyn Bruyere
b106018029
fix: LDAP - avoid reading empty tls cert file (#2980)
Co-authored-by: Kevyn Bruyere <kevyn@inovasi.fr>
2021-01-31 01:03:24 -05:00
YAEGASHI Takeshi
a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies (#2567)
This adds cookieEncryptionKeyString configuration in the Azure AD
authentication module.  It represents an array of cookie encryption
strings and enables workaround for SameSite cookies.
2020-11-01 13:10:50 -05:00
NGPixel
b0f61d6605 feat: rocket.chat auth module 2020-09-20 20:15:51 -04:00
NGPixel
f988c5f811 fix: logout URL endpoint option for oauth2 module 2020-09-09 20:20:55 -04:00
NGPixel
aa96e97028 fix: force lowercase for email on local auth 2020-09-09 19:59:46 -04:00
Rus
68d31af7af
fix: discord auth module new URL. (#2390)
Change "discordapp.com" to "discord.com"
2020-09-07 20:04:19 -04:00
NGPixel
78417524b3 feat: ldap avatar support 2020-09-07 20:02:33 -04:00
NGPixel
17f8071abe fix: LDAP missing reqToCallback 2020-09-05 15:19:18 -04:00
NGPixel
062a0b7979 feat: logout by auth strategy + keycloak implementation 2020-09-01 20:01:39 -04:00
NGPixel
4dcf664040 fix: handle removed auth strategies 2020-08-30 16:33:52 -04:00
NGPixel
32d67adee1 feat: social login providers with dynamic instances 2020-08-30 01:36:37 -04:00
Dan Nicholson
d5d368cd33
feat: fix + enable OIDC auth method (#2282)
* fix: pass userinfo URL in oidc strategy

The userinfo URL from the definition was not being provided to the
passport strategy, which resulted in a type error trying to resolve the
user's profile. Furthermore, the name of the defined URL was
inconsistent with all other authentication method URLs.

* fix: pass all necessary scopes to oidc auth method

When no scopes are provided, passport-openidconnect uses only `openid`,
which does not contain the username or email address. Include `profile`
and `email` to ensure the necessary claims are included.

* fix: update oidc method to call processProfile correctly

Now the profile object and providerKey are passed to processProfile. The
usernameClaim no longer has any use as the email address is the
username.

* fix: mark oidc authentication method as available
2020-08-15 13:32:58 -04:00
NGPixel
26af63a80b fix: login input hints 2020-07-20 00:22:29 -04:00
NGPixel
be499e5795 fix: auth strategy dependent username label 2020-07-19 13:20:43 -04:00
Nicolas Giard
c009cc1392
feat: new login experience (#2139)
* feat: multiple auth instances

* fix: auth setup + strategy initialization

* feat: admin auth - add strategy

* feat: redirect on login - group setting

* feat: oauth2 generic - props definitions

* feat: new login UI (wip)

* feat: new login UI (wip)

* feat: admin security login settings

* feat: tabset editor indicators + print view improvements

* fix: code styling
2020-07-03 19:36:33 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117) 2020-06-27 17:01:00 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051)
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
2020-06-16 00:11:38 -04:00
NGPixel
f6bad765a2 feat: assets move + comments migration + admin users UI 2020-05-21 00:20:57 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback (#1888) 2020-05-15 13:28:55 -04:00
NGPixel
d1dd1f195b fix: ldap allow disable cert check + icon 2020-04-24 00:29:49 -04:00
Lucas
a5297f8c6e
feat: option to restrict Discord auth to a specific server (#1548)
* Optionally restrict discord authentication to members of a specific server

* fix: discord auth module code linting

Co-authored-by: Lucas Neves <lneves@modusgames.com>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-03-07 17:59:10 -05:00
gh0stalker
a6dd93746e
fix: resolve Twitch OAuth API (#1561) 2020-03-07 17:57:09 -05:00
NGPixel
692e5ca0bd fix: use preferred_username as alternate for Azure AD 2019-10-27 13:57:39 -04:00
D4uS1
94b0121efa feat: add keycloak auth provider (#1004)
* added custom keycloak authentication.

* update readme.

* updated readme.

* reverted README for PR.

* fix: use async/await

* changed callback parameter name from done to cb.

* fix: keycloak description + website

* fix: keycloak logo
2019-08-30 14:26:34 -04:00
Nick
d3e693ab46 feat: mandatory password change on login + UI fixes 2019-08-24 22:19:54 -04:00