Commit Graph

73 Commits

Author SHA1 Message Date
Nicolas Giard
8205c1f243
fix: update saml strategy to use new config options 2022-05-02 00:18:19 -04:00
NGPixel
2cb7b9fb4e
fix: update passport-saml dependency + set cert as required 2022-05-01 18:54:31 -04:00
Trisztán Piller
de151031ea
feat(auth): OAuth2 access_token in GET query string in userInfoURL (#5188) 2022-04-16 20:39:07 -04:00
myml
74887baa86
feat(auth): OAuth2 scope support (#5181) 2022-04-12 00:14:02 -04:00
Nicolas Giard
a652e43ab1
fix: handle multi social auth strategies 2022-03-25 21:17:04 -04:00
Manuel
1f489a3d8e
fix: handle multiple LDAP strategies (#5116) 2022-03-25 21:11:24 -04:00
Gabriel A. Devenyi
2c83472b63
fix(ldap): typo spelling of distinguished (#5066) 2022-03-01 11:54:06 -05:00
NGPixel
5911867b21
fix: various OAuth2 fixes 2021-10-15 22:36:30 -04:00
Artur Shaik
87084c66b0
feat: Generic OAuth2 authentication implementation (#3094)
* OAuth2 authentication implementation

This PR shoul fix #2392. Used `passport-oauth2` strategy.

* indentations cleanup

* cleanup code
2021-10-15 22:25:15 -04:00
Beh
ed3925b1c5
fix: use first email address in Rocket.Chat auth response (#3122) 2021-09-29 20:42:48 -04:00
Étienne
9864be884d
fix: replace passport-slack implementation (#4369)
This commit replaces the observably defunct @aoberoi/passport-slack
implementation with that of nmaves's passport-slack-oauth2
2021-09-01 12:07:34 -04:00
Denis
ee8006892e
feat: add support of hd auth parameter to work with G Suite domains (#4010)
* Add support of hd google auth parameter - to work with G Suite domains

* Style-fix

* fix: google auth hostedDomain hint

Co-authored-by: Nicolas Giard <github@ngpixel.com>
2021-05-24 18:04:11 -04:00
Kevyn Bruyere
b106018029
fix: LDAP - avoid reading empty tls cert file (#2980)
Co-authored-by: Kevyn Bruyere <kevyn@inovasi.fr>
2021-01-31 01:03:24 -05:00
YAEGASHI Takeshi
a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies (#2567)
This adds cookieEncryptionKeyString configuration in the Azure AD
authentication module.  It represents an array of cookie encryption
strings and enables workaround for SameSite cookies.
2020-11-01 13:10:50 -05:00
NGPixel
b0f61d6605 feat: rocket.chat auth module 2020-09-20 20:15:51 -04:00
NGPixel
f988c5f811 fix: logout URL endpoint option for oauth2 module 2020-09-09 20:20:55 -04:00
NGPixel
aa96e97028 fix: force lowercase for email on local auth 2020-09-09 19:59:46 -04:00
Rus
68d31af7af
fix: discord auth module new URL. (#2390)
Change "discordapp.com" to "discord.com"
2020-09-07 20:04:19 -04:00
NGPixel
78417524b3 feat: ldap avatar support 2020-09-07 20:02:33 -04:00
NGPixel
17f8071abe fix: LDAP missing reqToCallback 2020-09-05 15:19:18 -04:00
NGPixel
062a0b7979 feat: logout by auth strategy + keycloak implementation 2020-09-01 20:01:39 -04:00
NGPixel
4dcf664040 fix: handle removed auth strategies 2020-08-30 16:33:52 -04:00
NGPixel
32d67adee1 feat: social login providers with dynamic instances 2020-08-30 01:36:37 -04:00
Dan Nicholson
d5d368cd33
feat: fix + enable OIDC auth method (#2282)
* fix: pass userinfo URL in oidc strategy

The userinfo URL from the definition was not being provided to the
passport strategy, which resulted in a type error trying to resolve the
user's profile. Furthermore, the name of the defined URL was
inconsistent with all other authentication method URLs.

* fix: pass all necessary scopes to oidc auth method

When no scopes are provided, passport-openidconnect uses only `openid`,
which does not contain the username or email address. Include `profile`
and `email` to ensure the necessary claims are included.

* fix: update oidc method to call processProfile correctly

Now the profile object and providerKey are passed to processProfile. The
usernameClaim no longer has any use as the email address is the
username.

* fix: mark oidc authentication method as available
2020-08-15 13:32:58 -04:00
NGPixel
26af63a80b fix: login input hints 2020-07-20 00:22:29 -04:00
NGPixel
be499e5795 fix: auth strategy dependent username label 2020-07-19 13:20:43 -04:00
Nicolas Giard
c009cc1392
feat: new login experience (#2139)
* feat: multiple auth instances

* fix: auth setup + strategy initialization

* feat: admin auth - add strategy

* feat: redirect on login - group setting

* feat: oauth2 generic - props definitions

* feat: new login UI (wip)

* feat: new login UI (wip)

* feat: admin security login settings

* feat: tabset editor indicators + print view improvements

* fix: code styling
2020-07-03 19:36:33 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117) 2020-06-27 17:01:00 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051)
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
2020-06-16 00:11:38 -04:00
NGPixel
f6bad765a2 feat: assets move + comments migration + admin users UI 2020-05-21 00:20:57 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback (#1888) 2020-05-15 13:28:55 -04:00
NGPixel
d1dd1f195b fix: ldap allow disable cert check + icon 2020-04-24 00:29:49 -04:00
Lucas
a5297f8c6e
feat: option to restrict Discord auth to a specific server (#1548)
* Optionally restrict discord authentication to members of a specific server

* fix: discord auth module code linting

Co-authored-by: Lucas Neves <lneves@modusgames.com>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-03-07 17:59:10 -05:00
gh0stalker
a6dd93746e
fix: resolve Twitch OAuth API (#1561) 2020-03-07 17:57:09 -05:00
NGPixel
692e5ca0bd fix: use preferred_username as alternate for Azure AD 2019-10-27 13:57:39 -04:00
D4uS1
94b0121efa feat: add keycloak auth provider (#1004)
* added custom keycloak authentication.

* update readme.

* updated readme.

* reverted README for PR.

* fix: use async/await

* changed callback parameter name from done to cb.

* fix: keycloak description + website

* fix: keycloak logo
2019-08-30 14:26:34 -04:00
Nick
d3e693ab46 feat: mandatory password change on login + UI fixes 2019-08-24 22:19:54 -04:00
rbtprograms
0f9ddf1e5d fix: Switch converted to Object Literal (#940)
* updating a switch into object literal and fixed a couple linter errors

* added a comment about weird formatting

* style: use lodash get

* fix: pass eslint + puglint + jest
2019-08-04 16:31:13 -04:00
Tiemen
e184fed8ee feat: skip discord authorization screen (#949) 2019-08-04 15:56:46 -04:00
Nick
7f4e392877 fix: gitlab baseurl typo (#934) 2019-07-23 21:21:24 -04:00
Nick
0c6472ab85 feat: azure ad auth 2019-07-20 11:09:55 -04:00
Nick
9966a97bd3 feat: azure ad auth (wip) 2019-07-20 00:16:29 -04:00
Nick
fd8d358b63 fix: git private key alt paste mode 2019-07-14 18:55:12 -04:00
Nick
8b7122277a fix: github enterprise auth compatibility 2019-07-14 13:36:39 -04:00
Nick
bd24ff225b fix: gitlab baseurl missing (#907) 2019-07-13 01:57:50 -04:00
NGPixel
4e990d50eb feat: gitlab auth module + storage locale namespacing fix 2019-06-25 02:13:41 +00:00
Nick
922f179a90 feat: LDAP debug flag 2019-06-04 22:23:32 -04:00
Nick
4f23984ac6 feat: users create (wip) 2019-04-28 20:25:19 -04:00
Nick
849d4f4774 feat: twitch auth module 2019-04-28 14:11:27 -04:00
Nick
d80bb928f7 feat: okta auth module 2019-04-28 13:51:42 -04:00