|
|
2f32818a72
|
deploy with caprover cli
|
2023-03-21 23:47:20 +01:00 |
|
|
|
5e1eac4d78
|
ezidam: add templates to dockerfile
|
2023-03-21 00:12:25 +01:00 |
|
|
|
8365bc5dff
|
ezidam: dont put relative path for static files, bundle them in docker image
|
2023-03-20 23:16:43 +01:00 |
|
|
|
7aa5c96f7a
|
ci: docker pipeline depends on rust
|
2023-03-20 00:04:28 +01:00 |
|
|
|
2c3dfcdeb3
|
ci: use of woodpecker mutli-pipelines
|
2023-03-20 00:03:03 +01:00 |
|
|
|
4a7723a9a8
|
ci: docker depends on test, put LABEL at bottom of dockerfile
|
2023-03-19 23:55:52 +01:00 |
|
|
|
971d2f46f4
|
ci: build and push docker image on master
|
2023-03-19 23:50:26 +01:00 |
|
|
|
bad54cece3
|
ezidam: redirect: dont generate jwt + refresh token if already signed in
|
2023-03-19 22:52:53 +01:00 |
|
|
|
1dec56ed14
|
ezidam: authorize: don't prompt login if already authenticated
|
2023-03-19 22:52:22 +01:00 |
|
|
|
8db0bbb874
|
if access token expired, use refresh token, and get new access + refresh tokens
|
2023-03-19 20:03:30 +01:00 |
|
|
|
9172155893
|
ezidam: header: display name, username, email
|
2023-03-19 00:48:41 +01:00 |
|
|
|
c9ef821d2b
|
ezidam: request guards: jwt admin, jwt user, verify jwt
|
2023-03-19 00:25:35 +01:00 |
|
|
|
009b8664fd
|
revoke all refresh tokens and use all authorization codes for user
|
2023-03-18 22:03:03 +01:00 |
|
|
|
5100aa1b4e
|
ezidam: added logout page, added RefreshToken guard
|
2023-03-18 21:49:08 +01:00 |
|
|
|
49b3a3d1fe
|
openid: configuration: added jwt claims
|
2023-03-18 21:47:25 +01:00 |
|
|
|
72c67a7a82
|
ezidam: store access token in cookie
|
2023-03-18 16:48:40 +01:00 |
|
|
|
1b2a9d1af7
|
ezidam: store refresh token in cookie
|
2023-03-18 16:43:33 +01:00 |
|
|
|
e99115e174
|
ezidam + jwt: get key, import private key, create jwt claims and sign them
|
2023-03-18 16:14:26 +01:00 |
|
|
|
ef8d75ecee
|
ezidam + refresh tokens: create and insert refresh token
|
2023-03-18 15:16:15 +01:00 |
|
|
|
609933d98f
|
ezidam: oauth: redirect: check if user is archived
|
2023-03-18 13:44:17 +01:00 |
|
|
|
e9200f8682
|
ezidam: oauth: redirect: redirect automatically to home page
|
2023-03-18 00:49:29 +01:00 |
|
|
|
827bba041a
|
ezidam: oauth: redirect: get and check code, get user info, mark code as used, display html template
|
2023-03-18 00:40:11 +01:00 |
|
|
|
719048e268
|
ezidam: oauth: redirect page
|
2023-03-17 23:30:33 +01:00 |
|
|
|
fd16e78fb1
|
ezidam: oauth: split in multiple mods
|
2023-03-17 23:30:12 +01:00 |
|
|
|
8c8caa905d
|
ezidam: oauth: redirect to redirect uri with code and state
|
2023-03-17 22:17:56 +01:00 |
|
|
|
ae71a6a512
|
ezidam: oauth: removed FormPost from ResponseModes
|
2023-03-17 22:17:35 +01:00 |
|
|
|
bb4ff8a9f8
|
ezidam: oauth: authorize: generate and save authorization code
|
2023-03-16 23:20:27 +01:00 |
|
|
|
471e2fc740
|
authorization_codes: crate, database, insert one
|
2023-03-16 23:15:56 +01:00 |
|
|
|
0b4aeb89cb
|
ezidam: setup: dont sign in directly, force user to go through authorize flow
|
2023-03-16 22:30:19 +01:00 |
|
|
|
0866de94b6
|
hash: secret: defaults at 64, can generate custom length
|
2023-03-16 22:29:51 +01:00 |
|
|
|
64f3db3864
|
openid: response types: remove support of implicit flow for the moment
|
2023-03-16 22:29:32 +01:00 |
|
|
|
eb93cbd7ec
|
ezidam, openid: refactor check app in method, verifying and send POST as well
|
2023-03-16 21:38:32 +01:00 |
|
|
|
8ae0c59a25
|
ezidam, openid: check scopes, check response types before getting app
|
2023-03-16 00:05:54 +01:00 |
|
|
|
396856eee5
|
ezidam: oauth: authorize for ezidam: fill ezidam app info from database, show app label on template
|
2023-03-15 22:01:53 +01:00 |
|
|
|
95173b1a09
|
ezidam: setup: create "ezidam" app in database
|
2023-03-15 22:01:01 +01:00 |
|
|
|
71b083895d
|
apps: sql + get valid one, get by id, insert, generate app id, generate secret
|
2023-03-15 22:00:04 +01:00 |
|
|
|
b5c2be6c9f
|
ezidam: renamed page auth/sign_in to oauth/authorize, started work on handling oauth requests, big WIP
|
2023-03-13 23:42:21 +01:00 |
|
|
|
d16c6760fe
|
template: renamed auth/sign_in to oauth/authorize, footer is pushed to bottom of page
|
2023-03-13 23:40:37 +01:00 |
|
|
|
a0c0c3fa8f
|
openid: configuration: split scopes and response types in own mods, to be used in ezidam later
|
2023-03-13 23:31:00 +01:00 |
|
|
|
3d065bbc22
|
ezidam: mount all routes in "/", and use functions directly when redirecting
|
2023-03-12 21:29:02 +01:00 |
|
|
|
36fb1cff52
|
ezidam: on launch: in testing environment, use premade keys, else generate them
|
2023-03-12 19:20:00 +01:00 |
|
|
|
d62cfcd1d9
|
ezidam: added jwks route in well-known
|
2023-03-12 18:46:58 +01:00 |
|
|
|
8c37fc1181
|
database: added keys migration, get/insert, insert keys at launch if none are present
|
2023-03-12 18:45:55 +01:00 |
|
|
|
7f11016a34
|
openid: fix ambiguous error
|
2023-03-12 14:21:36 +01:00 |
|
|
|
d7783a2002
|
ezidam: tests: openid configuration
|
2023-03-12 14:19:03 +01:00 |
|
|
|
2d0d6857ce
|
ezidam: added openid configration, well known route
|
2023-03-12 14:08:39 +01:00 |
|
|
|
44506422e9
|
jwt: added key rsa key generation, import/export, jwk as PS256
|
2023-03-12 14:04:16 +01:00 |
|
|
|
e1ec84f7c6
|
database_pool: build.rs: fixed path of migrations
|
2023-03-11 13:05:51 +01:00 |
|
|
|
1695eca466
|
auth: wip: sign in page and form, need to finish
|
2023-03-11 00:38:13 +01:00 |
|
|
|
d790d2ff29
|
users: get user by id, email, username
|
2023-03-11 00:33:58 +01:00 |
|
