Commit Graph

937 Commits

Author SHA1 Message Date
Josiah Baldwin
150e2337f5
Add options for overriding TLS ciphers used (#5915)
* Add the ability to set TLS cipher suites

Added config option to set the TLS ciphers instead of relying on a hardcoded list of ciphers determined by meshcentral.

* Added option to use default node ciphers

This allows the ciphers used to be set to the recommended ciphers by nodejs, as well as allowing the user to override the ciphers using the "--tls-cipher-list" command line switch for node.

* Updated validArguments array to include "usenodedefaulttlsciphers" and "tlsciphers" as options
2024-03-09 23:45:10 -08:00
mstrhakr
dfc08b05a9
Login/logout bugfix for OIDC strategy. (#5920)
* add extra logging

* fix how strategy is saved
2024-03-09 23:44:18 -08:00
si458
2d75bbde33 add osx mpkg customized filename
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-03-07 10:19:31 +00:00
si458
c1bec67839 allow multiple osx mpkg installs now and update uninstall.command
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-03-04 16:34:41 +00:00
si458
234acd3347 add displayname to macos pkg
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-03-04 12:50:22 +00:00
si458
473b9d0265 add osx custom filename to zip
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-03-04 11:17:43 +00:00
Ylian Saint-Hilaire
bab35e7bca Removed Reddit auth strategy since it never worked well. 2024-03-03 16:34:01 -08:00
mstrhakr
4be5b7273e
Migrate to openid client (#5856)
* Create forksync.yml

* update oidc to use openid-client

* update oidc module requirements

* working oidc+

includes all oauth2 clients automatically migrated. azure will need some kind of fix for the uid

* update openid-client install checks

* created overarching schema for OIDC

* bug fixs for azure login

* update schema

prepare schema for unified oidc module

* update 'oidc' to strategy variable

* working azure+ groups

groups from azure are in,
you can use memberOf or transitiveMemberOf in config (Graphs API)

* clean up old config import + working google oidc

previous config map was recursive nonsense, changed to multiple IFs

* added convertStrArray

* de-expanded scope

put all other auth strategies back to normal and fixed oidc strategy

* swap back to using authlog debugger

* Update meshcentral-config-schema.json

* working google oidc + groups

* working azure+groups (again)

* init oidc docs

very incomplete but basic config is present

* add oidc

* more work on docs

* add scope and claim options

plus fixed a few bugs and faults in my logic
used logs correctly

* further cleanup debug

* more debug cleanup

* continue documentation push

fixed minor debug bugs also

* more work on docs

missing links, need to get azure preset docs, probably more.

* done with docs

its good enough for now

* minor fix + presets get correct icon

* fix google oidc not visible at login

* fix bug with emailVerified property

* fix logout bug + debug cleanup

* fix strategy logout bug +cleanup

* fixed preset login icon

* fix alert + fix schema

* terminate lines

* Dutch language update 1.0.85

line up polish translation

* Fixed guest web relay session revocation (#4667)

* Updated French translation.

* Add hook to allow adding custom api endpoints to Express routing

* Updated German translation.

* Update meshcentral-config-schema.json (change formatting)

This way it is easier to edit and maintain

* Fixed schema.

* fix meshcentral-config-schema.json

* add language selector to login (#5648)

* add language selector to login

* add showLanguageSelect to pick top or bottom boxe

* remove additionalProperties: false in schema to allow comments #5697

Signed-off-by: si458 <simonsmith5521@gmail.com>

* fix notes in docs

* Fix web relay session handling and redirection due to bad merge

* Added option to check HTTP origin.

* add links and fix typo

* move groups after strategy

* Update version split in docs

* Fix preset issuer URL in OIDC strategy

* Update clientid and clientsecret to client_id and client_secret

* Update meshcentral-config-schema.json and fix bad rebase

* Update meshcentral-config-schema.json

* fix bad rebase

* fix bad rebase

* Add 'connect-flash' to passport dependencies

* Remove unnecessary passport dependencies - fix bad rebase

* Fix auth strategy bug and remove console.log statement

* Set groupType to the preset name if it exists, otherwise use the strategy name

* remove finally block from

* Refactor authentication logging in handleStrategyLogin to include strategy name

---------

Signed-off-by: si458 <simonsmith5521@gmail.com>
Co-authored-by: petervanv <58996467+petervanv@users.noreply.github.com>
Co-authored-by: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Co-authored-by: Martin Mädler <martin.maedler@gmail.com>
Co-authored-by: Fausto Gutierrez <28719096+faustogut@users.noreply.github.com>
Co-authored-by: Simon Smith <simonsmith5521@gmail.com>
2024-03-03 16:03:27 -08:00
Ylian Saint-Hilaire
9e9cd821bf Use userid instead of username when username is null in authlog, #5870 2024-03-03 12:21:21 -08:00
si458
aa87fd61bb maybe fix weird undefined user login accepted #5870
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-03-01 15:45:39 +00:00
Ylian Saint-Hilaire
f2e43cc6da Added option to check HTTP origin. 2024-02-17 11:22:38 -08:00
si458
0b0f2999db fix meshcentral assistant downloads
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-14 16:45:04 +00:00
Simon Smith
7c2eea68b6
Fix meshcentral assistant monitor mode always using direct connect mode (#5693)
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-13 10:52:17 -08:00
si458
c248eada46 add blob to frame-src csp for intel amt #5678
Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-09 13:00:24 +00:00
Simon Smith
e967f00977
allow setting meshcentral assistant type for agentinvites (#5672)
* allow setting meshcentral assistant type for agentinvites

Signed-off-by: si458 <simonsmith5521@gmail.com>

* forgot webserver for assistantTypeAgentInvite

Signed-off-by: si458 <simonsmith5521@gmail.com>

* dont use capital letters with domain args

Signed-off-by: si458 <simonsmith5521@gmail.com>

---------

Signed-off-by: si458 <simonsmith5521@gmail.com>
2024-01-07 22:21:54 -08:00
Simon Smith
e4001e67ef
add language selector to login (#5648)
* add language selector to login

* add showLanguageSelect to pick top or bottom boxe
2024-01-04 02:17:27 +00:00
jrf280
bc0550a791
Added device group name to search results as config option (#5544) 2023-11-12 15:18:00 -08:00
Simon Smith
c05cbeae88
showNotesPanel in device view (#5543)
Signed-off-by: si458 <simonsmith5521@gmail.com>
2023-11-12 10:13:21 -08:00
Simon Smith
b7385e382c
fix agentaliasdns display (#5518) 2023-11-07 00:10:12 +00:00
gomeghi
a8aa294199
add connect-flash for generic open oidc (#5497) 2023-11-04 11:30:22 -07:00
Simon Smith
47767e86a1
add android apk to web ui (#5449)
* add android apk to web ui

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* add amazon and google buttons instead

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* add android link and brand icons to agentinvite

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* oops change mysql back

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* add android to agentinvite selector

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

* forgot paragraph begin

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>

---------

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-10-20 17:29:48 -07:00
Ylian Saint-Hilaire
6e1138ee5b Added scrollToTop option in domain section of the config.json. 2023-10-08 21:33:23 -07:00
Ylian Saint-Hilaire
a0b7280893
Merge pull request #5398 from Ylianst/hide-powerstate
hidePowerTimeline
2023-10-06 12:16:06 -07:00
Simon Smith
4171a0766f fix pwa manifest
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-10-06 18:24:51 +00:00
Simon Smith
82c94cdf9d rename hidepowerstate to hidepowertimeline 2023-10-06 12:31:25 +00:00
Simon Smith
8b8ec48430 hide powerstate with hidepowerstate
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-10-06 12:01:04 +00:00
Ylian Saint-Hilaire
3a3663bb55 Improvements to show config option in MyServer tab. 2023-10-03 20:35:02 -07:00
Simon Smith
403c313771 update passport to 0.6.0
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-09-07 08:26:13 +01:00
Ylian Saint-Hilaire
b1d2d1aea9 Started work on support for loading ECDSA certificates as HTTPS cert. 2023-08-20 23:29:08 -07:00
Simon Smith
258d7d1d12 update ua-parser-js to latest npm
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-08-08 16:13:31 +01:00
jirijanata
3f0d9484b7
If is user using 2FA the basic URL user and pass method fails.
https://github.com/Ylianst/MeshCentral/issues/4870

If user has 2FA enabled and tries to login with URL parameters then the login should fail.
2023-07-05 19:15:18 +02:00
Gaston Meghinasso
181d4db0fe add oidc options from config if they exist 2023-05-21 22:18:53 -03:00
Ylian Saint-Hilaire
775568c7a7 Added Windows ARM 64bit support. 2023-04-14 13:36:34 -07:00
Martin Mädler
d698760d30 Fix pluginHandler access 2023-02-01 14:04:23 +01:00
Martin Mädler
a8f89e1068 Add hook to allow adding custom api endpoints to Express routing 2023-01-27 12:28:33 +01:00
Ylian Saint-Hilaire
b52385406f Removed debug line. 2022-12-15 19:45:45 -08:00
Ylian Saint-Hilaire
79faaaee1f Fixed various server exceptions. 2022-12-10 12:02:33 -08:00
Joko Sastriawan
b5338b746a fix: AMT Direct TLS connection and Digest authentication
- fix: ensure TLS is used when TLS is enabled
- add constants.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION for TLS client connection for newer Nodejs
- ensure nc of AMT redirection Digest authentication to have at 8 bytes length
2022-11-15 14:12:12 -07:00
Антон Мороз
c1b59294cf Added displayname handling to SAML strategy 2022-11-06 09:50:24 +03:00
Ylian Saint-Hilaire
99fc690f4b Tuned HTTPS cipher suites to get A+ on SSL labs testing." 2022-11-02 22:36:03 -07:00
Ylian Saint-Hilaire
3a22bfbc24 Fixed issue with TLS certificate that had an no issuer CN (#4681) 2022-11-02 10:45:10 -07:00
Ylian Saint-Hilaire
e74a308113 Added relay right and fixed relay permissions (#4682) 2022-11-01 16:05:36 -07:00
Ylian Saint-Hilaire
0c2c55726e Fixed web relay when used with local device group. 2022-11-01 14:23:46 -07:00
Ylian Saint-Hilaire
6f234f83fc Fixed handleStrategyLogin() server exception. 2022-10-26 14:45:22 -07:00
Ylian Saint-Hilaire
41fb7d4f42 Fixed guest web relay session revocation (#4667) 2022-10-25 11:14:26 -07:00
Ylian Saint-Hilaire
392c34bbd0 Updated MeshCentral Router to support messaging 2FA (#4650) 2022-10-24 07:13:20 -07:00
Ylian Saint-Hilaire
e2cf723c6a Added support for 2FA messaging (#4650) 2022-10-22 12:59:12 -07:00
Ylian Saint-Hilaire
7e3dce0ef7 First pass at adding Telegram support (#4650) 2022-10-22 07:23:55 -07:00
Ylian Saint-Hilaire
1abaa54b62
Merge pull request #4521 from mstrhakr/bug-4520
BUG: Fix handleStrategyLogin checking undefined property.
2022-09-07 08:10:28 -07:00
silversword411
8a34b88151
Typo???? Please check! 2022-09-07 10:41:20 -04:00