BasicOIDC

Author	SHA1	Message	Date
Pierre Hubert	9e345895ff	Managed to authenticate user using Webauthn	2022-04-23 20:17:49 +02:00
Pierre Hubert	1d69ea536f	Get auth challenge	2022-04-23 18:56:14 +02:00
Pierre Hubert	0f2fe87b5d	cargo clippy	2022-04-21 19:26:50 +02:00
Pierre Hubert	49716a8bf5	Register user security keys	2022-04-21 19:24:43 +02:00
Pierre Hubert	1f0e6d05c8	Generate & return webauthn registration challenge	2022-04-20 21:06:53 +02:00
Pierre Hubert	10982190e7	Add new test to validate TOTP codes generation	2022-04-20 18:06:04 +02:00
Pierre Hubert	68cb630339	Automatically display first factor input form if there is only one	2022-04-20 12:06:56 +02:00
Pierre Hubert	0e02b63d93	Refuse to deliver token if `code_verifier` is present without code challenge	2022-04-20 09:52:00 +02:00
Pierre Hubert	1e401a0b10	Authentication using TOPT code is working	2022-04-20 09:35:57 +02:00
Pierre Hubert	e8b3828f2c	cargo clippy	2022-04-19 20:52:59 +02:00
Pierre Hubert	94aeefe450	Replace type `UserID` with a structure	2022-04-19 19:40:36 +02:00
Pierre Hubert	feb6db09b9	Fix typo	2022-04-19 19:33:16 +02:00
Pierre Hubert	806a085c97	Improve redirect URI management	2022-04-19 19:30:24 +02:00
Pierre Hubert	ce7118ff81	Display form to enter OTP code	2022-04-19 19:24:07 +02:00
Pierre Hubert	c1677071fc	Add a page to choose second factor	2022-04-19 18:27:21 +02:00
Pierre Hubert	3add7a5d37	Rename `SecondFactor` => `TwoFactor`	2022-04-19 17:57:50 +02:00
Pierre Hubert	9ff4392afb	Replace `Option<SecondFactor>` with `SecondFactor`	2022-04-19 17:56:53 +02:00
Pierre Hubert	5903ec2e8c	Refactor login flow	2022-04-19 17:49:57 +02:00
Pierre Hubert	78d70af510	Administrators can remove two factor authentication	2022-04-19 17:14:05 +02:00
Pierre Hubert	630ebe2ddd	Can remove created factors	2022-04-19 16:17:58 +02:00
Pierre Hubert	deb00c572d	Prevent crash from occuring	2022-04-19 16:01:16 +02:00
Pierre Hubert	8cdb47a139	Rename route	2022-04-19 11:05:41 +02:00
Pierre Hubert	b5a2f1abcb	cargo clippy	2022-04-19 11:03:10 +02:00
Pierre Hubert	65b5c812b1	Can register Authenticator app	2022-04-19 11:01:31 +02:00
Pierre Hubert	18353f0639	Add form to authenticator page	2022-04-19 10:10:05 +02:00
Pierre Hubert	38eddc1cf0	Generate QrCode to enroll Authenticator App	2022-04-19 09:57:08 +02:00
Pierre Hubert	3023771334	Start to work on 2FA	2022-04-18 19:23:43 +02:00
Pierre Hubert	5cf1f63674	Fix deprecation warnings	2022-04-18 17:13:41 +02:00
Pierre Hubert	fad92c5930	Deprecate dangerous feature	2022-04-18 17:05:26 +02:00
Pierre Hubert	bce601c550	Adapt OpenID discovery route to cluster configuration	2022-04-16 09:06:59 +02:00
Pierre Hubert	489f938b71	Can specify environment variables in client configuration	2022-04-15 21:58:07 +02:00
Pierre Hubert	937343c5f9	Add email to id_token	2022-04-15 20:34:07 +02:00
Pierre Hubert	03a4bbb580	Cargo clippy	2022-04-15 20:18:36 +02:00
Pierre Hubert	acabf438ed	Reduce access tokens length	2022-04-15 20:16:02 +02:00
Pierre Hubert	94c601119a	Use JWT token for access token	2022-04-15 20:08:31 +02:00
Pierre Hubert	69bb2816b9	Can disable code_challenge for specific clients	2022-04-15 19:26:17 +02:00
Pierre Hubert	cac461e03d	Can bypass code verifier for specific clients	2022-04-15 18:28:53 +02:00
Pierre Hubert	1d21b30b68	Fix bad issuer	2022-04-15 17:30:43 +02:00
Pierre Hubert	e0016b8305	More permissive redirect uris	2022-04-15 17:27:53 +02:00
Pierre Hubert	819210ae86	Userinfo endpoint is working	2022-04-15 17:04:23 +02:00
Pierre Hubert	b867016a71	Start to build userinfo endpoint	2022-04-14 18:39:18 +02:00
Pierre Hubert	27cee8d3a0	Simplify code	2022-04-14 18:07:30 +02:00
Pierre Hubert	45f125a331	Add code challenge support	2022-04-14 18:04:01 +02:00
Pierre Hubert	0b64c88fc6	Normalize error responses	2022-04-14 17:13:07 +02:00
Pierre Hubert	078a913f6a	Can request refresh tokens	2022-04-14 17:02:47 +02:00
Pierre Hubert	8a005c4185	Add missing claim	2022-04-13 19:14:37 +02:00
Pierre Hubert	53a540139c	Emit id_token	2022-04-13 19:07:58 +02:00
Pierre Hubert	d69b44528e	Add `/openid/token` route	2022-04-12 20:40:44 +02:00
Pierre Hubert	88e34902c0	cargo clippy	2022-04-09 12:25:56 +02:00
Pierre Hubert	5633aae029	Check if user is authorized to access an application before authenticating him	2022-04-09 12:24:03 +02:00
Pierre Hubert	b10215ae9c	Save open id session	2022-04-09 12:18:59 +02:00
Pierre Hubert	c4bc559b4d	Check OpenID request parameters	2022-04-09 11:30:23 +02:00
Pierre Hubert	51e52e5ed7	cargo clippy	2022-04-08 18:54:22 +02:00
Pierre Hubert	7978706803	Add openid-connecter discovery route	2022-04-08 18:53:57 +02:00
Pierre Hubert	c7d075f94e	Can delete user account	2022-04-08 17:54:51 +02:00
Pierre Hubert	65dac1e923	Can update user information	2022-04-08 16:28:19 +02:00
Pierre Hubert	91817bd2a4	Fix bad strings	2022-04-07 19:02:34 +02:00
Pierre Hubert	4e14e383b4	cargo clippy	2022-04-07 19:00:36 +02:00
Pierre Hubert	c9ca23cd82	Can create user accounts	2022-04-07 18:59:48 +02:00
Pierre Hubert	a6acbde093	Dynamically check username	2022-04-07 17:57:10 +02:00
Pierre Hubert	91d71c7006	Start to build edit user form	2022-04-07 17:32:29 +02:00
Pierre Hubert	af903de7c2	Start to build edit user form	2022-04-07 17:04:05 +02:00
Pierre Hubert	754814f04a	Display the list of users	2022-04-06 18:03:00 +02:00
Pierre Hubert	da6a494875	Load a list of clients	2022-04-06 17:18:06 +02:00
Pierre Hubert	f6403afa34	Move login templates to a specific folder	2022-04-05 17:42:01 +02:00
Pierre Hubert	fc92b9452a	Easily get current signed in user in requests	2022-04-05 17:40:33 +02:00
Pierre Hubert	30c8470bcb	Simplify code	2022-04-05 17:23:26 +02:00
Pierre Hubert	31949bf414	Cargo clippy	2022-04-05 17:18:41 +02:00
Pierre Hubert	83e6871997	Can change user password	2022-04-05 17:17:34 +02:00
Pierre Hubert	f21e40d804	Add home route	2022-04-04 17:43:53 +02:00
Pierre Hubert	e1eb64f27c	Display account details	2022-04-04 17:39:23 +02:00
Pierre Hubert	fef8ca84f4	simplify functions	2022-04-03 18:10:33 +02:00
Pierre Hubert	627138544f	add further tests	2022-04-03 18:04:12 +02:00
Pierre Hubert	27ba6f9ede	cargo clippy	2022-04-03 17:53:57 +02:00
Pierre Hubert	7183b5e6ce	cargo clippy	2022-04-03 17:51:42 +02:00
Pierre Hubert	aa5327d603	Improve returned error code	2022-04-03 17:48:55 +02:00
Pierre Hubert	1ff9c7686e	Improve some code	2022-04-03 17:46:01 +02:00
Pierre Hubert	188b4f836d	Improve some code	2022-04-03 17:44:19 +02:00
Pierre Hubert	48f4d4c6c5	cargo clippy	2022-04-03 17:40:10 +02:00
Pierre Hubert	886bae32c8	Enable bruteforce protection on login endpoint	2022-04-03 17:33:01 +02:00
Pierre Hubert	9943df4952	Automatically clean failed login attempts	2022-04-03 16:45:25 +02:00
Pierre Hubert	05e911bfc5	Start to implement brute force protection	2022-04-03 16:21:09 +02:00
Pierre Hubert	b965fa6b4f	Format code	2022-04-03 15:50:49 +02:00
Pierre Hubert	9236b91f12	Block POST requests from unknown origins	2022-04-03 15:48:45 +02:00
Pierre Hubert	9f5fdd65ab	Do not consider as valid sessions that are not completely signed in	2022-04-03 14:46:58 +02:00
Pierre Hubert	123dc519af	Disabled accounts can not login	2022-04-03 14:42:16 +02:00
Pierre Hubert	f08fddc79c	Can redirect user on successful login	2022-04-02 19:44:13 +02:00
Pierre Hubert	da74acaed8	Restrict access to admin routes	2022-04-02 19:23:32 +02:00
Pierre Hubert	91fd763fe1	Redirect anonymous user from authenticated pages	2022-04-02 17:44:10 +02:00
Pierre Hubert	9e72e6a044	Delegate session lifetime to `actix-identity` crate	2022-04-02 17:17:54 +02:00
Pierre Hubert	cb4daa1112	Get identity from middleware	2022-04-02 17:03:51 +02:00
Pierre Hubert	ad58d2de7e	Remove expect on session deserialization failure	2022-04-02 16:02:07 +02:00
Pierre Hubert	1070d80553	Restrict access to .git directory	2022-04-02 15:58:31 +02:00
Pierre Hubert	3fdb775308	Start to implement auth middleware	2022-04-02 15:44:09 +02:00
Pierre Hubert	ce220c52f7	Add max session duration	2022-04-02 15:30:08 +02:00
Pierre Hubert	777b8814f5	Cargo clippy	2022-04-02 08:31:48 +02:00
Pierre Hubert	4b8c9fdfdc	Can request new user password on login	2022-04-02 08:30:01 +02:00
Pierre Hubert	41ee80a077	Refactor sessions management	2022-04-01 22:51:33 +02:00
Pierre Hubert	372dfa3f31	User can sign out	2022-04-01 19:05:40 +02:00
Pierre Hubert	e07dee7fde	Redirect user after successful login	2022-04-01 18:59:17 +02:00

1 2 3 4

160 Commits