aelgasser
38a46e68ea
feat: sync groups with SAML provider ( #6299 )
...
* feat: added implementation for group mapping in SAML strategies
---------
Co-authored-by: Abderraouf El Gasser <abderraouf.elgasser@iktos.com>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
1 year ago
Jason Minard
491d63ceee
fix(auth): keycloak authentication post logout redirect for Keycloak 18+ ( #5878 )
1 year ago
Andrew McFadden
db8a09fe8c
feat: add ACR Value option to OIDC Module ( #6553 )
...
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
1 year ago
DerekJarvis
fd00272314
feat(auth): allow custom GitLab endpoints for self-managed instances ( #6399 )
...
* Allow custom GitLab endpoints for self-hosting
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2 years ago
robinho81
8db4be668b
feat: expose skipUserProfile option in passport-oidc ( #6190 )
...
Co-authored-by: Robin Chalmers <robin.chalmers@kairostech.no>
2 years ago
gueldi
bba1d1b574
fix(oidc): use _json prop when setting displayName ( #6135 )
...
* Fixes setting displayName from OIDC
Relates to: https://github.com/requarks/wiki/pull/6096
* Update authentication.js
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2 years ago
Charlotte County Public Schools
8fa771c4ce
feat: set groups based on LDAP groups ( #5903 )
...
* Add mapping ldap groups to wiki groups
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2 years ago
Aurélien Lajoie
1da80eaab8
feat: oauth2 add groups mapping ( #6053 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2 years ago
gueldi
43a797d322
feat: adds displayName property to OIDC authentication module ( #6096 )
...
* Adds displayName property to oidc authentication method
* fix: update displayName prop
* fix: use blank display name in oidc auth
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2 years ago
NGPixel
5f876ced20
feat: optional oauth2 module nonce toggle
2 years ago
Sleuth56
12233c476d
feat: enable state key on generic oauth2 ( #6104 )
2 years ago
natsutteatsuiyone
445ad05a3d
fix: incompatibility issues with passport-openidconnect@0.1.1 ( #5799 )
...
* fix: incompatibility issues with passport-openidconnect
* fix: remove a trailing semicolon
2 years ago
Simon Lichtinghagen
1893fd499a
fix: login with Keycloak 20 by explicit set OAuth scopes ( #5808 )
...
* Fix login with Keycloak 20 by explicit set OAuth scopes
* moved scopes to definition.yml
Co-authored-by: Simon Lichtinghagen <sl@bnmsp.de>
2 years ago
Andrei Senchuk
e6bbf9d088
fix: oidc module - map() call on undefined; fix unrelate() usage ( #5781 )
2 years ago
NGPixel
ebf4da9bea
fix: oidc auth groups relate / unrelate
2 years ago
NGPixel
4b3005057f
fix: prevent user enumeration using local login timings
2 years ago
Fionera
91221e73eb
feat: set groups based on OIDC claim ( #5568 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2 years ago
Pam S
8290e86aaf
feat: add logout for auth0 ( #5545 )
...
Co-authored-by: Pam Selle <pam@thewebivore.com>
2 years ago
Mirco T
628c72ea16
feat: CAS authentication module ( #5452 )
...
Co-authored-by: SeaLife <mtries@united-internet.de>
2 years ago
Nicolas Giard
b78026e49f
fix(auth): handle null SAML authnContext context
3 years ago
Nicolas Giard
a37d733523
fix(auth): update SAML authnContext hint text for multiple values
3 years ago
Maximilian Bosch
b345375477
fix(auth): SAML authnContext parameter should be an array ( #5290 )
...
* saml auth: `authnContext` must be a list now
This fixes
this.options.authnContext.forEach is not a function
when trying to login via SAML on wiki-js 2.5.281.
Reason for that is that `authnContext` must be a list now which is
apparently a breaking change that was missed while upgrading
passport-saml[1].
Resolves #5289
[1] https://github.com/node-saml/passport-saml/pull/615
* fix(auth): split authnContext for SAML authenticaiton module
Co-authored-by: Nicolas Giard <github@ngpixel.com>
3 years ago
Erik Bigler
9b40d60261
fix: update to working twitch passport strategy ( #5279 )
3 years ago
Nicolas Giard
d9076c4ee9
fix: typo in saml auth module
3 years ago
Nicolas Giard
8205c1f243
fix: update saml strategy to use new config options
3 years ago
NGPixel
2cb7b9fb4e
fix: update passport-saml dependency + set cert as required
3 years ago
Trisztán Piller
de151031ea
feat(auth): OAuth2 access_token in GET query string in userInfoURL ( #5188 )
3 years ago
myml
74887baa86
feat(auth): OAuth2 scope support ( #5181 )
3 years ago
Nicolas Giard
a652e43ab1
fix: handle multi social auth strategies
3 years ago
Manuel
1f489a3d8e
fix: handle multiple LDAP strategies ( #5116 )
3 years ago
Gabriel A. Devenyi
2c83472b63
fix(ldap): typo spelling of distinguished ( #5066 )
3 years ago
NGPixel
5911867b21
fix: various OAuth2 fixes
3 years ago
Artur Shaik
87084c66b0
feat: Generic OAuth2 authentication implementation ( #3094 )
...
* OAuth2 authentication implementation
This PR shoul fix #2392 . Used `passport-oauth2` strategy.
* indentations cleanup
* cleanup code
3 years ago
Beh
ed3925b1c5
fix: use first email address in Rocket.Chat auth response ( #3122 )
3 years ago
Étienne
9864be884d
fix: replace passport-slack implementation ( #4369 )
...
This commit replaces the observably defunct @aoberoi/passport-slack
implementation with that of nmaves's passport-slack-oauth2
3 years ago
Denis
ee8006892e
feat: add support of `hd` auth parameter to work with G Suite domains ( #4010 )
...
* Add support of hd google auth parameter - to work with G Suite domains
* Style-fix
* fix: google auth hostedDomain hint
Co-authored-by: Nicolas Giard <github@ngpixel.com>
4 years ago
Kevyn Bruyere
b106018029
fix: LDAP - avoid reading empty tls cert file ( #2980 )
...
Co-authored-by: Kevyn Bruyere <kevyn@inovasi.fr>
4 years ago
YAEGASHI Takeshi
a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies ( #2567 )
...
This adds cookieEncryptionKeyString configuration in the Azure AD
authentication module. It represents an array of cookie encryption
strings and enables workaround for SameSite cookies.
4 years ago
NGPixel
b0f61d6605
feat: rocket.chat auth module
4 years ago
NGPixel
f988c5f811
fix: logout URL endpoint option for oauth2 module
4 years ago
NGPixel
aa96e97028
fix: force lowercase for email on local auth
4 years ago
Rus
68d31af7af
fix: discord auth module new URL. ( #2390 )
...
Change "discordapp.com" to "discord.com"
4 years ago
NGPixel
78417524b3
feat: ldap avatar support
4 years ago
NGPixel
17f8071abe
fix: LDAP missing reqToCallback
4 years ago
NGPixel
062a0b7979
feat: logout by auth strategy + keycloak implementation
4 years ago
NGPixel
4dcf664040
fix: handle removed auth strategies
4 years ago
NGPixel
32d67adee1
feat: social login providers with dynamic instances
4 years ago
Dan Nicholson
d5d368cd33
feat: fix + enable OIDC auth method ( #2282 )
...
* fix: pass userinfo URL in oidc strategy
The userinfo URL from the definition was not being provided to the
passport strategy, which resulted in a type error trying to resolve the
user's profile. Furthermore, the name of the defined URL was
inconsistent with all other authentication method URLs.
* fix: pass all necessary scopes to oidc auth method
When no scopes are provided, passport-openidconnect uses only `openid`,
which does not contain the username or email address. Include `profile`
and `email` to ensure the necessary claims are included.
* fix: update oidc method to call processProfile correctly
Now the profile object and providerKey are passed to processProfile. The
usernameClaim no longer has any use as the email address is the
username.
* fix: mark oidc authentication method as available
4 years ago
NGPixel
26af63a80b
fix: login input hints
4 years ago
NGPixel
be499e5795
fix: auth strategy dependent username label
4 years ago