* Create forksync.yml
* update oidc to use openid-client
* update oidc module requirements
* working oidc+
includes all oauth2 clients automatically migrated. azure will need some kind of fix for the uid
* update openid-client install checks
* created overarching schema for OIDC
* bug fixs for azure login
* update schema
prepare schema for unified oidc module
* update 'oidc' to strategy variable
* working azure+ groups
groups from azure are in,
you can use memberOf or transitiveMemberOf in config (Graphs API)
* clean up old config import + working google oidc
previous config map was recursive nonsense, changed to multiple IFs
* added convertStrArray
* de-expanded scope
put all other auth strategies back to normal and fixed oidc strategy
* swap back to using authlog debugger
* Update meshcentral-config-schema.json
* working google oidc + groups
* working azure+groups (again)
* init oidc docs
very incomplete but basic config is present
* add oidc
* more work on docs
* add scope and claim options
plus fixed a few bugs and faults in my logic
used logs correctly
* further cleanup debug
* more debug cleanup
* continue documentation push
fixed minor debug bugs also
* more work on docs
missing links, need to get azure preset docs, probably more.
* done with docs
its good enough for now
* minor fix + presets get correct icon
* fix google oidc not visible at login
* fix bug with emailVerified property
* fix logout bug + debug cleanup
* fix strategy logout bug +cleanup
* fixed preset login icon
* fix alert + fix schema
* terminate lines
* Dutch language update 1.0.85
line up polish translation
* Fixed guest web relay session revocation (#4667)
* Updated French translation.
* Add hook to allow adding custom api endpoints to Express routing
* Updated German translation.
* Update meshcentral-config-schema.json (change formatting)
This way it is easier to edit and maintain
* Fixed schema.
* fix meshcentral-config-schema.json
* add language selector to login (#5648)
* add language selector to login
* add showLanguageSelect to pick top or bottom boxe
* remove additionalProperties: false in schema to allow comments #5697
Signed-off-by: si458 <simonsmith5521@gmail.com>
* fix notes in docs
* Fix web relay session handling and redirection due to bad merge
* Added option to check HTTP origin.
* add links and fix typo
* move groups after strategy
* Update version split in docs
* Fix preset issuer URL in OIDC strategy
* Update clientid and clientsecret to client_id and client_secret
* Update meshcentral-config-schema.json and fix bad rebase
* Update meshcentral-config-schema.json
* fix bad rebase
* fix bad rebase
* Add 'connect-flash' to passport dependencies
* Remove unnecessary passport dependencies - fix bad rebase
* Fix auth strategy bug and remove console.log statement
* Set groupType to the preset name if it exists, otherwise use the strategy name
* remove finally block from
* Refactor authentication logging in handleStrategyLogin to include strategy name
---------
Signed-off-by: si458 <simonsmith5521@gmail.com>
Co-authored-by: petervanv <58996467+petervanv@users.noreply.github.com>
Co-authored-by: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Co-authored-by: Martin Mädler <martin.maedler@gmail.com>
Co-authored-by: Fausto Gutierrez <28719096+faustogut@users.noreply.github.com>
Co-authored-by: Simon Smith <simonsmith5521@gmail.com>
* allow setting meshcentral assistant type for agentinvites
Signed-off-by: si458 <simonsmith5521@gmail.com>
* forgot webserver for assistantTypeAgentInvite
Signed-off-by: si458 <simonsmith5521@gmail.com>
* dont use capital letters with domain args
Signed-off-by: si458 <simonsmith5521@gmail.com>
---------
Signed-off-by: si458 <simonsmith5521@gmail.com>
* add android apk to web ui
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
* add amazon and google buttons instead
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
* add android link and brand icons to agentinvite
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
* oops change mysql back
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
* add android to agentinvite selector
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
* forgot paragraph begin
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
---------
Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
- fix: ensure TLS is used when TLS is enabled
- add constants.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION for TLS client connection for newer Nodejs
- ensure nc of AMT redirection Digest authentication to have at 8 bytes length