* Add method to retrieve peer's applied posture checks
* Add posture checks in server response and update proto messages
* Refactor
* Extends peer metadata synchronization through SyncRequest and propagate posture changes on syncResponse
* Remove account lock
* Pass system info on sync
* Fix tests
* Refactor
* resolve merge
* Evaluate process check on client (#1749)
* implement server and client sync peer meta alongside mocks
* wip: add check file and process
* Add files to peer metadata for process check
* wip: update peer meta on first sync
* Add files to peer's metadata
* Evaluate process check using files from peer metadata
* Fix panic and append windows path to files
* Fix check network address and files equality
* Evaluate active process on darwin
* Evaluate active process on linux
* Skip processing processes if no paths are set
* Return network map on peer meta-sync and update account peer's
* Update client network map on meta sync
* Get system info with applied checks
* Add windows package
* Remove a network map from sync meta-response
* Update checks proto message
* Keep client checks state and sync meta on checks change
* Evaluate a running process
* skip build for android and ios
* skip check file and process for android and ios
* bump gopsutil version
* fix tests
* move process check to separate os file
* refactor
* evaluate info with checks on receiving management events
* skip meta-update for an old client with no meta-sync support
* Check if peer meta is empty without reflection
Enhance the user experience by enabling authentication to Netbird using Single Sign-On (SSO) with any Identity Provider (IDP) provider. Current client offers this capability through the Device Authorization Flow, however, is not widely supported by many IDPs, and even some that do support it do not provide a complete verification URL.
To address these challenges, this pull request enable Authorization Code Flow with Proof Key for Code Exchange (PKCE) for client logins, which is a more widely adopted and secure approach to facilitate SSO with various IDP providers.
Send Desktop UI client version as user-agent to daemon
This is sent on every login request to the management
Parse the GRPC context on the system package and
retrieves the user-agent
Management receives the new UIVersion field and
store in the Peer's system meta
The management will validate the JWT as it does in the API
and will register the Peer to the user's account.
New fields were added to grpc messages in management
and client daemon and its clients were updated
Peer has one new field, UserID,
that will hold the id of the user that registered it
JWT middleware CheckJWT got a splitter
and renamed to support validation for non HTTP requests
Added test for adding new Peer with UserID
Lots of tests update because of a new field
* feature: replace RegisterPeer with Login method that does both - registration and login
* test: add management login test
* feature: add WiretrusteeConfig to the Login response to configure peer global config
* feature: add client peer login support
* fix: missing parts
* chore: update go deps
* feature: support Management Service gRPC endpoints [CLIENT]
* feature: finalize client sync with management
* fix: management store peer key lower case restore
* fix: management returns peer ip without a mask
* refactor: remove cmd pkg
* fix: invalid tun interface name on mac
* fix: timeout when calling management client
* fix: tests and lint errors
* fix: golang-test workflow
* fix: client service tests
* fix: iface build
* feature: detect management scheme on startup
* chore: better logs for management
* fix: goreleaser
* fix: lint errors
* fix: signal TLS
* fix: direct Wireguard connection
* chore: verbose logging on direct connection
* feature: add peer sync and a server public key endpoints
* test: add Management.Sync() gRpc endpoint test
* feat: implement peer sync
* docs: added some comments to the Management server
* chore: use for loop over channel when monitoring peer updates
* fix: exit infinite loop when sending updates to peers
* test: add multiple concurrent peers test for management service
* chore: remove unused test
* fix: reduce the amount peers for a concurrent peer update test
Co-authored-by: braginini <m.bragin@wiretrustee.com>
