Revisions of himmelblau
buildservice-autocommit
accepted
request 1175969
from
David Mulder (dmulder)
(revision 26)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1175968
from
David Mulder (dmulder)
(revision 25)
- Update to version 0.4.0+git.4.63e3704: * Fix a refresh token leak in debug from msal
buildservice-autocommit
accepted
request 1175881
from
David Mulder (dmulder)
(revision 24)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1175878
from
David Mulder (dmulder)
(revision 23)
- Update to version 0.4.0+git.2.7b57f5e: * Always normalize idmap upn inputs
buildservice-autocommit
accepted
request 1175396
from
David Mulder (dmulder)
(revision 22)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1175395
from
David Mulder (dmulder)
(revision 21)
- Update to version 0.4.0+git.0.69b64fe: * Add github workflows for the 0.4.x branch * Do not append to pam_allow_groups automatically * Pam Allow Groups must be specified by Object ID * Request the correct resource and permissions * Improve error output on group lookup failure * When faking a uuid for NSS, use a random uuid * Fix clippy warning about inefficient use of clone() * Remove the initial uid hack, use name mapping * Don't stop an MR based on a clippy warning * Update Kanidm tracking * Modify CI workflows to handle idmap build * Add CI job for cargo test * Test the new and legacy idmapping * Ensure duplicate providers are not started * Use the SSSD Idmap code in Himmelblau * Specify in conf that pam_allow_groups is required * Remove code duplication in Hello PIN auth * Fix Device authentication failed after enrollment * Update the base64urlsafedata version * Update README.md with Matrix contact info * Version 0.4.0
buildservice-autocommit
accepted
request 1174276
from
David Mulder (dmulder)
(revision 20)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1174273
from
David Mulder (dmulder)
(revision 19)
- Update to version 0.3.4+git.0.01d099f: * Version 0.3.4 * Only remove cached user if it doesn't exist * Use existing user token at refresh * Always use the spn of the user for nss requests * Generate a fake user token to please SSH * Fix aad-tool to handle MFA * Fix lib_crypto version * Fix user dropping from NSS
buildservice-autocommit
accepted
request 1173352
from
David Mulder (dmulder)
(revision 18)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1173351
from
David Mulder (dmulder)
(revision 17)
- Himmelblau requires libopenssl-3 for PRT messages.
David Mulder (dmulder)
accepted
request 1172984
from
David Mulder (dmulder)
(revision 16)
- Update to version 0.3.3+git.0.c2197d7: * Correct the debug messages for Hello skip * Version 0.3.3 * Allow disabling Hello PIN auth for enrolled users * Add an option for disabling Windows Hello * Remove the TODO doc from stable branch * config: Remove comments about experimental policy enforement
buildservice-autocommit
accepted
request 1172520
from
David Mulder (dmulder)
(revision 15)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1172517
from
David Mulder (dmulder)
(revision 14)
- Update to version 0.3.2+git.0.de9f5b5: * Version 0.3.2 * Fix Hello PIN Authentication error, no nonce
buildservice-autocommit
accepted
request 1170871
from
David Mulder (dmulder)
(revision 13)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1170870
from
David Mulder (dmulder)
(revision 12)
- Update to version 0.3.1+git.0.359a8d0: * Add github workflows for the 0.3.x branch * Fallback to SFA first if MFA fails Browse files * deps(rust): update libnss requirement from 0.6.0 to 0.7.0 * deps(rust): update webauthn-rs-proto requirement from 0.4.8 to 0.5.0 * Fix deadlock caused by client write lock * Add rid idmapping (replacing existing idmap) * Additional debug for Hello auth * Make proto Cargo.toml a physical file * Push the clippy arg count limit a little higher * Version 0.3.0 * Windows Hello PIN implementation * deps(rust): update hostname requirement from ^0.3.1 to ^0.4.0 * Enable actions on stable branches * Prevent dependabot from updating opentelemetry * Revert "deps(rust): update opentelemetry requirement from 0.20.0 to 0.22.0 (#93)" * deps(rust): update reqwest requirement from ^0.11.18 to ^0.12.2 (#95) * deps(rust): update lru requirement from ^0.8.0 to ^0.12.3 (#94) * deps(rust): update opentelemetry requirement from 0.20.0 to 0.22.0 (#93) * deps(rust): update num_enum requirement from ^0.5.11 to ^0.7.2 (#92) * deps(rust): update tonic requirement from 0.10.2 to 0.11.0 (#91) * Use the Kanidm MFA patches * deps(rust): update libnss requirement from 0.5.0 to 0.6.0 (#90) * deps(rust): update tracing-opentelemetry requirement (#89) * deps(rust): update rusqlite requirement from ^0.28.0 to ^0.31.0 (#88) * deps(rust): update clap requirement from ^3.2 to ^4.5 (#87) * deps(rust): update kanidm-hsm-crypto requirement from ^0.1.6 to ^0.2.0 (#86) * Update dependabot.yml * Add missing db dependency on sketching * Set the workspace resolver version to 2 * Init the kanidm submodule during workflows * Ignore clippy blocks_in_conditions warning in daemon * Add build/clippy/dependabot_automerge workflows * deps(rust): update opentelemetry-otlp requirement from 0.13.0 to 0.15.0 * deps(rust): update opentelemetry_sdk requirement from 0.20.0 to 0.22.1 * deps(rust): update base64 requirement from ^0.21.5 to ^0.22.0 * deps(rust): update notify-debouncer-full requirement from 0.1 to 0.3 * deps(rust): update systemd-journal-logger requirement * Create dependabot.yml * Add MFA capabilities * Update to the latest Kanidm reqs * Always force MFA when enrolling the device * Update to latest msal
buildservice-autocommit
accepted
request 1157018
from
David Mulder (dmulder)
(revision 11)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1153594
from
David Mulder (dmulder)
(revision 10)
- Himmelblau provides the features found in aad-auth packages from other distros.
buildservice-autocommit
accepted
request 1149609
from
David Mulder (dmulder)
(revision 9)
baserev update by copy to link target
David Mulder (dmulder)
accepted
request 1149608
from
David Mulder (dmulder)
(revision 8)
- Update to version 0.2.0+git.4.904b915: * Update to latest msal * Version 0.2.0 * Himmelblau now authenticates only to configured domains * Remove reference to python-msal dep in README * Use the external MSAL crate for auth * Rename msal in prep for external msal crate * msal: Remove python msal bindings * msal: Rust msal * Point Cargo.toml to new project home * config: Write domain join to server specific config * idprovider: Invalidate cached user if PRT req fails * idprovider: Pass the keystore to the auth function * Update daemon from kanidm * test: Add a pause to ensure tasks daemon sees himmelblau * Update kanidm submodule * config: Include domain sections in configured domains * msal: Add acquire_token_by_refresh_token * enrollment: Authentication fixes * tests: Create the hsm-pin directory * idprovider: Add domain join debug * cargo: Use relative paths and remove most symlinks * idprovider: Allow group search when device is authenticated * msal: Move the application reqs from misc to msal::application * msal: Move user reqs from misc to msal::user * Remove duplicates from allow_groups during enrollment * Remove device enrollment from TODO * Implement Device enrollment * enrollment: Add the nonce service request * enrollment: Add enrollment service discovery * Implement ConfidentialClientApplication for enrollment * daemon: Fix inverted logic on cache dir check * nss: Use upstream nss package * idprovider: Provider auth needs to point to just the host * config: Consistently use the config file provided to the daemon * cargo: Use relative paths and remove most symlinks * clippy: Add kanidm's clippy config * config: Only check for tenant_id, authority, graph if necessary * Update README.md * Update version to 0.1.2 * config: Fix typos in the config file * Make most params to acquire_token_interactive optional * Config can take defaults * cli: Add missing cli opt file * cli: Improve aad-tool options and interface * Update README.md * tests: Fix tasks daemon name typo * Remove MFA from TODO
buildservice-autocommit
accepted
request 1134659
from
David Mulder (dmulder)
(revision 7)
baserev update by copy to link target
Displaying revisions 1 - 20 of 26