diff --git a/CHANGELOG.md b/CHANGELOG.md index 723fb76ce6..88688ecb14 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -56,6 +56,7 @@ * Change - Update phoenix to v0.25.0: [#868](https://github.com/owncloud/ocis/pull/868) * Change - Update phoenix to v0.26.0: [#935](https://github.com/owncloud/ocis/pull/935) * Change - Update phoenix to v0.27.0: [#943](https://github.com/owncloud/ocis/pull/943) +* Change - Update phoenix to v0.28.0: [#1027](https://github.com/owncloud/ocis/pull/1027) * Change - Update reva config: [#336](https://github.com/owncloud/ocis/pull/336) * Change - Clarify storage driver env vars: [#729](https://github.com/owncloud/ocis/pull/729) * Change - Settings and accounts appear in the user menu: [#656](https://github.com/owncloud/ocis/pull/656) @@ -97,6 +98,7 @@ * Enhancement - Update reva to cdb3d6688da5: [#748](https://github.com/owncloud/ocis/pull/748) * Enhancement - Update reva to dd3a8c0f38: [#725](https://github.com/owncloud/ocis/pull/725) * Enhancement - Update reva to v1.4.1-0.20201127111856-e6a6212c1b7b: [#971](https://github.com/owncloud/ocis/pull/971) +* Enhancement - Add www-authenticate based on user agent: [#1009](https://github.com/owncloud/ocis/pull/1009) ## Details @@ -620,6 +622,16 @@ https://github.com/owncloud/ocis/pull/943 https://github.com/owncloud/phoenix/releases/tag/v0.27.0 +* Change - Update phoenix to v0.28.0: [#1027](https://github.com/owncloud/ocis/pull/1027) + + Tags: web + + We updated phoenix to v0.28.0. Please refer to the changelog (linked) for details on the + phoenix release. + + https://github.com/owncloud/ocis/pull/1027 + https://github.com/owncloud/phoenix/releases/tag/v0.28.0 + * Change - Update reva config: [#336](https://github.com/owncloud/ocis/pull/336) * EOS homes are not configured with an enable-flag anymore, but with a dedicated storage driver. @@ -1852,3 +1864,29 @@ https://github.com/owncloud/ocis/pull/971 https://github.com/cs3org/reva/pull/1331 https://github.com/cs3org/reva/pull/1342 + +* Enhancement - Add www-authenticate based on user agent: [#1009](https://github.com/owncloud/ocis/pull/1009) + + Tags: reva, proxy + + We now comply with HTTP spec by adding Www-Authenticate headers on every `401` request. + Furthermore, we not only take care of such a thing at the Proxy but also Reva will take care of it. + In addition, we now are able to lock-in a set of User-Agent to specific challenges. + + Admins can use this feature by configuring OCIS + Reva following this approach: + + ``` STORAGE_FRONTEND_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT="mirall:basic, + Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 + Firefox/83.0:bearer" \ + PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT="mirall:basic, Mozilla/5.0 + (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0:bearer" \ + PROXY_ENABLE_BASIC_AUTH=true \ go run cmd/ocis/main.go server ``` + + We introduced two new environment variables: + + `STORAGE_FRONTEND_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT` as well as + `PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT`, The reason they have the same value + is not to rely on the os env on a distributed environment, so in redundancy we trust. They both + configure the same on the backend storage and OCIS Proxy. + + https://github.com/owncloud/ocis/pull/1009 diff --git a/ocis/go.mod b/ocis/go.mod index a49d62b5c8..01ca7ada1a 100644 --- a/ocis/go.mod +++ b/ocis/go.mod @@ -7,7 +7,6 @@ require ( contrib.go.opencensus.io/exporter/ocagent v0.7.0 contrib.go.opencensus.io/exporter/zipkin v0.1.2 github.com/UnnoTed/fileb0x v1.1.4 - github.com/cs3org/reva v1.4.1-0.20201203075131-783e35cbff51 // indirect github.com/go-test/deep v1.0.6 // indirect github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00 // indirect github.com/micro/cli/v2 v2.1.2 diff --git a/ocis/go.sum b/ocis/go.sum index 8b2d1af17d..d89eb62e40 100644 --- a/ocis/go.sum +++ b/ocis/go.sum @@ -313,6 +313,7 @@ github.com/cs3org/reva v1.4.1-0.20201127111856-e6a6212c1b7b h1:Bypxdf3vXwyEeL86M github.com/cs3org/reva v1.4.1-0.20201127111856-e6a6212c1b7b/go.mod h1:MTBlfobTE8W2hgXQ9+r+75jpJa1TxD04IZm5TpS9H48= github.com/cs3org/reva v1.4.1-0.20201130061320-ac85e68e0600 h1:4CKU+R4UNvILzsPrcAFwEbk/8Hc6vJqwO7SxK0gAm4I= github.com/cs3org/reva v1.4.1-0.20201130061320-ac85e68e0600/go.mod h1:MTBlfobTE8W2hgXQ9+r+75jpJa1TxD04IZm5TpS9H48= +github.com/cs3org/reva v1.4.1-0.20201203075131-783e35cbff51/go.mod h1:UUIurLdFYag/W+3YlAqwFuVvfzF3Ps1Elq1NzsE9kvo= github.com/cs3org/reva v1.4.1-0.20201203135805-655c9babdc3f h1:3Y1TbQCN9s8+eWjfnUVlnVA7YlZJdxMTffmMVxZwMP8= github.com/cs3org/reva v1.4.1-0.20201203135805-655c9babdc3f/go.mod h1:3Bz9oExBSgKjDspq3pBso31HlLSD98SlcURV54N3yPs= github.com/cznic/b v0.0.0-20181122101859-a26611c4d92d h1:SwD98825d6bdB+pEuTxWOXiSjBrHdOl/UVp75eI7JT8=