DeforaNetworks/corteza
3
0
Fork 0
Code Activity
1,101 Commits 2 Branches 228 Tags
cc89435b9d3e2fdfca8937f21fe63cdcb86ae3a8
Commit Graph

201 Commits

Author SHA1 Message Date
Denis Arh
c15eb72b06 Cleanup testing procedures 
- remove "unit" build flag
 - make sure tests without build flag (integration, external) run
   without deps
 - move unit-tests step in front of "docker image build" drone pipeline
 2019-05-14 14:51:57 +02:00
Denis Arh
a80e45e4a1 Fix copy in auth notification emails 2019-05-13 19:53:22 +02:00
Denis Arh
42e456cc66 Apply style to auth notification emails 
Added command for system-cli for auth notification testing:
> ./system-cli auth test-notifications your@email.tld

This send all (both) notification emails to specified receipient
 2019-05-13 19:43:26 +02:00
Denis Arh
9d8049cf45 Rename cli command "external-auth" to "auth", move jwt subcmd 2019-05-13 19:30:03 +02:00
Denis Arh
6a5e5dead2 Fix auth flow, allow case with missing JWT 2019-05-13 18:29:34 +02:00
Denis Arh
70dcc3300a CLI JWT generator now adds roles/memberOf claim 2019-05-13 13:23:57 +02:00
Denis Arh
e5d5cc16ad Remove obsolete code, placeholders 2019-05-13 13:23:19 +02:00
Denis Arh
b0b7c7d391 Allow HTTP requests to insecure servers 
With SYSTEM_HTTP_CLIENT_TSL_INSECURE we reconfigure DefaultTransport and allow requests to insecure
hosts. This has direct effect on OIDC autodiscovery.
 2019-05-13 09:36:33 +02:00
Denis Arh
8f61787c53 Remove all system deps from compose 2019-05-13 08:57:34 +02:00
Denis Arh
2ad7b466f1 Refactor JWT/ctx, include role membership 2019-05-12 23:40:39 +02:00
Denis Arh
9e043b34fd Resource/operation combo whitelist (refactored validation) 2019-05-10 11:33:32 +02:00
Denis Arh
2a4054c9bc Implement permission provisioning and watchers 
Remove rule reset from roles cli command
Add generic "provision" command for each binary and (re)set perm. rules
Permission rules are now separated and part of AccessControl service

Facility for watchers was added.
 2019-05-10 09:49:07 +02:00
Denis Arh
4dece123a5 Refactor all services & controllers and implement new a/c pattern 2019-05-09 16:55:18 +02:00
Denis Arh
ac817a3e69 Cleaner params handling for users jwt cmd 2019-05-08 10:44:45 +02:00
Denis Arh
e41b55324e Fix auth notification log line 2019-05-08 10:02:30 +02:00
Denis Arh
87b883b388 Extend repo error, Redo error checking in auth flow 2019-05-08 10:00:29 +02:00
Denis Arh
970f545156 Move avail. route output to /routes endpoint 2019-05-07 21:18:23 +02:00
Denis Arh
aea9741a2b Improve logging, migrate to zap, use requestID 
- migrate from log to go.uber.org/zap package
 - add requestID header with sticky log field
 - push logging via context to REST controllers & HTTP middleware
 - enhance request/resnpose logging
 - add service logging framework
 - add ZapProfiler for db query profiling
 2019-05-07 21:18:23 +02:00
Denis Arh
56ff8a1075 CRM=>Compose application migration 2019-05-06 09:02:26 +02:00
Denis Arh
c467edb02b Fixing trigger saving, make (old) migration step more robust (drop if exists) 2019-05-04 12:32:55 +02:00
Denis Arh
5bfbab6a4e Implement namespace CRUD + various small fixes 
Other fixes and improvements:
 - add parseISODateWithErr and parseISODatePtrWithErr handlers for incoming data
 - add service & repository errors
 - cleanup old (unbound) attachment controllers from router
 - fix system repository error prefix (auth => system)
 2019-04-29 18:51:18 +02:00
Denis Arh
5be1b607f5 Add 'users jwt <email>' command 
Command generates valid JWT for that user
 2019-04-27 13:19:14 +02:00
Denis Arh
980b6d581c Refactor JWT encoder/handler 
Handler is no longer passed as argument into routes etc but initialized in the Init()
and stored into auth.DefaultJwtHandler.
 2019-04-27 13:17:37 +02:00
Tit Petric
0ec0431beb upd(system): implement check, return handler 2019-04-26 22:11:28 +02:00
Tit Petric
98a3fc059e upd(all): regenerate handlers 2019-04-26 22:11:28 +02:00
Tit Petric
c297b173eb upd(all): lock migrations table 2019-04-26 22:11:28 +02:00
Tit Petric
1dabd7a838 upd(system): extend user api with avatars 2019-04-26 22:11:28 +02:00
Denis Arh
3026a594ed Decupling system & messaging, removing Organisation type mess 2019-04-26 14:37:23 +02:00
Denis Arh
5d61b3d8cd Logout should return true on success 2019-04-24 19:05:06 +02:00
Denis Arh
6d607f52ac Update auth help/instructions 2019-04-24 19:04:50 +02:00
Denis Arh
b40c7d5886 Disable sys routes test 2019-04-23 19:44:43 +02:00
Denis Arh
ce55535fd7 Fix auth service tests 2019-04-23 19:29:55 +02:00
Denis Arh
91d98f9faf Add system:application permission rules to reset procedure 2019-04-19 13:24:44 +02:00
Denis Arh
11def550c6 Refactor JWT init flow 2019-04-18 19:55:37 +02:00
Denis Arh
c4104488e5 More strict ext-auth protocols, remove jwt cookie + small fixes 2019-04-18 19:53:02 +02:00
Denis Arh
316651c99a Remove explicit jwt-in-a-cookie requirement from /auth/check 2019-04-18 07:33:17 +02:00
Denis Arh
518bbc1e7f Improve auth flow, errors 2019-04-18 07:32:38 +02:00
Denis Arh
60f35bef47 Expose auth settings through REST API 2019-04-18 07:32:07 +02:00
Denis Arh
f44648a3ea Remove email comparison after profile match check 2019-04-15 09:38:26 +02:00
Denis Arh
f3d53ecd5b Add extra checks, typos fixed 2019-04-15 09:37:57 +02:00
Denis Arh
3f83a33622 Change password reset flow, add token exchange step 2019-04-09 22:35:39 +02:00
Denis Arh
4c4445d2a2 Code cleanup, settings tweaking 2019-04-09 21:37:14 +02:00
Denis Arh
5dd9694606 Move auth init to StartRestAPI() 2019-04-09 08:58:31 +02:00
Denis Arh
dd5a2832d0 REST endpoints for /auth/internal 2019-04-09 08:58:31 +02:00
Denis Arh
1912cd7cf4 Improve system-cli "users" command, add password change 2019-04-09 08:58:31 +02:00
Denis Arh
1417242962 Complete internal auth procedures (login, signup, pwd-recovery...) 2019-04-09 08:58:31 +02:00
Denis Arh
758d57a4af Local sign-up 2019-04-09 08:58:31 +02:00
Denis Arh
1cbf591f73 Update used credentials on external authentication 2019-04-09 08:58:31 +02:00
Denis Arh
d18473568e Basic credentials set/check 2019-04-09 08:58:31 +02:00
Denis Arh
b6f7d0e097 Refactoring, polishing system-cli entry path 2019-04-09 08:55:30 +02:00