removes the sqlite dependency for tests, also brings back the option for
users to run zero persistence instances of tinyauth.
adds new mapErr fn for sqlc wrapper gen to prevent sql errors from
leaking out of the store implementation.
* feat(access-control): Add support for Kubernetes Label
* feat(access-control): Defaults to Docker
* feat(access-control): Remove kubeconfig fallback
* feat(watcher): Watcher for kubernetes service
* feat(watcher): Merge with main + remove nightly fix redirect
* fix(go): Go mod + Go sum after sync with main
* fix(config): Ser default value for LabelProvider to Docker
* feat(go): go mod tidy
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): (Watcher) -> Wait 5s before breaking to outer loop again
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): Remove
var _ = unstructured.Unstructured{} + comments + msg edits
* feat(bootstrap): Remove dockerService from bootstrap svc
* feat(auth_svc): Remove dockerService from authservice
* feat(test): Add tests for kubernetes_services
* feat(test): Remove docker serivce form proxy/user test
* fix(refactor): Remove update logic from watcher and resync
* fix(refactor): Split watchGVR to make it more readable
* fix(refactor): Remove discovery + drop K 1.22 completely
* fix(refactor): Move interface to acess_controls_service
* feat: Autodetect labelprovider if TINYAUTH_LABELPROVIDER not set
* fix(test): Match testing scheme to the controllers
* fix: service bootstrap import after merge
* fix: service bootstrap import after merge
* feat(oidc): support for all in-spec attributes and scopes
* add tests
* assert phone/email verified when either is set
* update tests
* add claims back to userinfo
* remove redundant column drop in migration
* fix duplicate migration id
* fix clobbered imports post-rebase
* feat: auto generate example env file
* refactor: simplify build paths func and better slice handling
* chore: forgot to stage everything
* chore: review comments
* refactor: remove square brackets because they mess up the syntax
highlighting
* refactor: use lowercase name to mark dynamic values
* Refactor logging to use centralized logger utility
- Removed direct usage of zerolog in multiple files and replaced it with a centralized logging utility in the `utils` package.
- Introduced `Loggers` struct to manage different loggers (Audit, HTTP, App) with configurable levels and outputs.
- Updated all relevant files to utilize the new logging structure, ensuring consistent logging practices across the application.
- Enhanced error handling and logging messages for better traceability and debugging.
* refactor: update logging implementation to use new logger structure
* Refactor logging to use tlog package
- Replaced instances of utils logging with tlog in various controllers, services, and middleware.
- Introduced audit logging for login success, login failure, and logout events.
- Created tlog package with structured logging capabilities using zerolog.
- Added tests for the new tlog logger functionality.
* refactor: update logging configuration in environment files
* fix: adding coderabbit suggestions
* fix: ensure correct audit caller
* fix: include reason in audit login failure logs
* feat: allow any HTTP method for /api/auth/envoy and restrict methods for non-envoy proxies
* feat: add Allow header for invalid methods in proxyHandler
* feat: add session max lifetime and fix refresh logic
* fix: set default value for created_at column and improve session expiration logic
---------
Co-authored-by: Stavros <steveiliop56@gmail.com>
* ldap: Add mTLS authentication support to LDAP backend
* ldap: Reuse BindService() for initial bind attempt
* ldap: Make LdapService.config private
Now that we have ldap.BindService(), we don't need to access any
members of LdapService.config externally.
* ldap: Add TODO note about STARTTLS/SASL authentication
* ldap: Add TODO note about mTLS and extra CA certificates
* chore: fix typo
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---------
Co-authored-by: Stavros <steveiliop56@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* wip
* feat: add paerser as submodule and apply patch for nested maps
* refactor: update release workflows to include submodule and patches
* chore: update contributing instructions
* chore: add yaml config ref
* feat: add initial implementation of a traefik like cli
* refactor: remove dependency on traefik
* chore: update example env
* refactor: update build
* chore: remove unused code
* fix: fix translations not loading
* feat: add experimental config file support
* chore: mod tidy
* fix: review comments
* refactor: move tinyauth to separate package
* chore: add quotes to all env variables
* chore: resolve go mod and sum conflicts
* chore: go mod tidy
* fix: review comments
* feat: add header decoder
* feat: allow for dash substitute over slash for environments like kubernetes
* feat: use decoded headers in proxy controller
* refactor: simplify decode header to node function
* refactor: use stdlib prefix check in header decoder
* fix: lowercase key and filter before comparing
* wip: add middlewares
* refactor: use context fom middleware in handlers
* refactor: use controller approach in handlers
* refactor: move oauth providers into services (non-working)
* feat: create oauth broker service
* refactor: use a boostrap service to bootstrap the app
* refactor: split utils into smaller files
* refactor: use more clear name for frontend assets
* feat: allow customizability of resources dir
* fix: fix typo in ui middleware
* fix: validate resource file paths in ui middleware
* refactor: move resource handling to a controller
* feat: add some logging
* fix: configure middlewares before groups
* fix: use correct api path in login mutation
* fix: coderabbit suggestions
* fix: further coderabbit suggestions
Scott McKendry