af870e005e
add more tests and benchmark for cache
...
refactor cache to use atomic uint
2021-01-19 23:23:41 +01:00
f13530425a
move cache to sync package
...
rollback indexer map
use sync.pool for cache entries
add tests for cache
remove main locks from nrwmutex and use sync.map and sync.pool instead
bump dockerfile go version
2021-01-19 23:23:41 +01:00
a02fb890f7
remove locking from accounts service
...
add a cached named rwlock pkg
use sync.map in the cache pkg
use named rwlock in indexer pkg
use sync.map in indexer pkg
remove husky
2021-01-19 23:23:41 +01:00
cd2eb0e39b
Accounts UserBackend tests
2020-12-22 17:27:55 +01:00
1b29e56d12
account_resolver_test.go
2020-12-22 16:16:57 +01:00
92a1bc8fb6
Make it possible to use CS3 as accounts backend instead of account-service
...
Configureable via:
PROXY_ACCOUNT_BACKEND_TYPE=cs3
PROXY_ACCOUNT_BACKEND_TYPE=accounts (default)
By using a backend which implements the CS3 user-api (currently provided by reva/storage) it is possible to bypass
the ocis-accounts service and for example use ldap directly.
Hides user and auth related communication behind a facade (user/backend) to minimize logic-duplication across middlewares.
Allows to switich the account backend from accounts to cs3.
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-12-11 18:34:43 +01:00
beb83f3f40
Merge pull request #1025 from owncloud/remove-unused-errors
...
Remove unused errors
2020-12-04 18:46:51 +01:00
61a8f00837
Remove unused errors
2020-12-04 15:50:22 +01:00
2cddc0a23c
fix leftover typo
2020-12-04 13:53:34 +01:00
f1521e4df7
refactor authentication.go
2020-12-04 13:51:48 +01:00
7d8336ce4b
use regexp to assert routes, remove StatusRecorder
2020-12-04 13:17:25 +01:00
9a253370e8
export StatusRecorder
2020-12-03 12:22:35 +01:00
c89ead3fc5
fix linter
2020-12-03 12:19:49 +01:00
e4974e020d
minimal refactor
2020-12-02 15:51:39 +01:00
2910e88ba5
ugly working draft
2020-12-02 15:31:17 +01:00
752cd4f626
first draft for configuring user agent multiplex on ocis
2020-12-02 12:04:09 +01:00
28e8f75ebd
whitelist depending on the URI
2020-12-01 17:10:04 +01:00
348c54f2e7
write www-authenticate and delegate to reva
2020-12-01 16:57:36 +01:00
5cb359d877
WIP
2020-11-30 17:19:03 +01:00
dbb52f29ad
Merge pull request #958 from owncloud/basic-auth-cache
...
implement basic auth cache
2020-11-26 17:33:47 +01:00
cb2e2a3896
add changelog
...
remove unused mux
cleanup k6 test
2020-11-26 14:46:44 +01:00
11ba46eb88
remove accounts cache from basic auth middleware
...
move cache to ocis-pkg
add password validation cache to accounts service
2020-11-26 13:52:24 +01:00
e334759874
implement basic auth cache
2020-11-26 10:33:46 +01:00
ab85245093
fix oidc middleware provider lazy initialization
2020-11-25 22:50:11 +01:00
bc6227e8fd
Fix test
2020-11-21 07:58:19 +01:00
edc252e1a0
Add option to disable signing keys in the proxy
2020-11-20 16:04:22 +01:00
2f69265a66
add permission check to role management
2020-11-18 16:30:51 +01:00
a643ad4acd
Merge pull request #886 from owncloud/show-basic-auth-warning-on-startup-only
...
Show basic_auth warning only on startup
2020-11-18 19:25:33 +05:45
79e7f85a57
Show basic_auth warning only on startup
2020-11-18 12:51:41 +01:00
08e218aa3e
Use expiration from access token if available
2020-11-18 12:08:23 +01:00
a410d40166
Make userinfo cache configurable
2020-11-18 11:15:51 +01:00
f1082ca033
Fix comments
2020-11-18 08:48:38 +01:00
b136966b51
Move claim retrieval (from endpoint or cache) into function
2020-11-17 17:25:48 +01:00
a5c09453b9
First implementation for userinfo cache without config
2020-11-17 17:10:14 +01:00
3600d17eba
Fix basic auth middleware for public links context
2020-11-17 12:39:56 +01:00
1bcdf15bde
Remove already implemented TODO
2020-11-17 12:23:40 +01:00
f721caac90
Fix logs messages
2020-11-17 12:19:59 +01:00
982223c7be
fix signedURL expiry validation
2020-11-17 11:32:12 +01:00
8be5323276
linting and other cleanups
2020-11-17 11:32:12 +01:00
f8aa1a5e08
refactor middlewares and reduce technical complexity
...
restructure server command and remove cfg.OIDC.Issuer switch, oidc middleware detects now if it should used or not
fix #761
2020-11-17 11:32:12 +01:00
54c78adcb3
pass on basic auth for public links
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-11-05 13:06:05 +01:00
6f46e1bccb
use the account.id as ocis userid, tests
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-11-05 13:06:05 +01:00
b288fae10a
update tests, forward failed basic auth to render correct error body
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-11-05 13:06:05 +01:00
fbfa05e9b6
always return 401 when auth fails
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-11-05 13:06:05 +01:00
cbbf31a7ce
end requesrt when basic auth fails
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-11-05 13:06:05 +01:00
d75d626695
add enable basic auth option
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-11-05 13:06:05 +01:00
60c319faed
Add autoprovision accounts flag
...
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de >
2020-10-05 11:25:02 +02:00
d8ea10ccd0
proxy working
2020-09-18 15:18:41 +02:00
91bd83938b
update proxy import paths and module name
2020-09-18 12:48:35 +02:00
598ca6c405
Add 'proxy/' from commit '201b9a652685cdfb72ba81c7e7b00ba1c60a0e35'
...
git-subtree-dir: proxy
git-subtree-mainline: 571d96e856201b9a6526
2020-09-18 12:47:26 +02:00
Florian Schade