f164fad2c2
add some more metrics
2023-05-30 18:49:50 +02:00
452b045bb0
expose service users metrics
2023-05-30 16:40:48 +02:00
874c290205
Exclude second last IP from allocation to use it in the Fake DNS ( #912 )
2023-05-30 18:26:44 +04:00
7a9b05c56d
add selfhosted metric for pat and service users
2023-05-30 16:22:34 +02:00
79736197cd
Read config from generic configs ( #909 )
2023-05-29 16:01:04 +02:00
ba7a39a4fc
Feat linux firewall support ( #805 )
...
Update the client's engine to apply firewall rules received from the manager (results of ACL policy).
2023-05-29 16:00:18 +02:00
2eb9a97fee
Add Okta IdP ( #859 )
2023-05-29 14:52:04 +02:00
49c71b9b9d
Add Authentik IdP ( #897 )
2023-05-29 14:35:30 +02:00
3bebbe0409
Refactor IdP Config Structure ( #879 )
2023-05-29 13:48:19 +02:00
7bdb0dd358
merge openapi with version from docs repo
2023-05-26 15:32:52 +02:00
f66574b094
Count only successful HTTP request durations ( #886 )
2023-05-22 16:26:36 +02:00
48265b32f3
Measure write requests separately from read requests ( #880 )
2023-05-19 16:56:15 +02:00
03a42de5a0
Add telemetry to measure app durations ( #878 )
2023-05-19 11:42:25 +02:00
48a8b52740
Avoid storing account if no peer meta or expiration change ( #875 )
...
* Avoid storing account if no peer meta or expiration change
* remove extra log
* Update management/server/peer.go
Co-authored-by: Misha Bragin <bangvalo@gmail.com >
* Clarify why we need to skip account update
---------
Co-authored-by: Misha Bragin <bangvalo@gmail.com >
2023-05-18 19:31:35 +02:00
6e9f7531f5
Track user block/unblock activity event ( #865 )
2023-05-17 09:54:20 +02:00
873abc43bf
move into separate package
2023-05-16 12:57:56 +02:00
2fef52b856
remove dependency to external base62 package and create own methods in utils
2023-05-16 12:44:26 +02:00
2570363861
fix assign correct issuer url to auth0 AuthIssuer
2023-05-12 18:07:11 +03:00
e3d2b6a408
Block user through HTTP API ( #846 )
...
The new functionality allows blocking a user in the Management service.
Blocked users lose access to the Dashboard, aren't able to modify the network map,
and all of their connected devices disconnect and are set to the "login expired" state.
Technically all above was achieved with the updated PUT /api/users endpoint,
that was extended with the is_blocked field.
2023-05-11 18:09:36 +02:00
2c50d7af1e
Automatically load IdP OIDC configuration ( #847 )
2023-05-11 15:14:00 +02:00
e4c28f64fa
Fix user cache lookup filtering for service users ( #849 )
2023-05-10 19:27:17 +02:00
f4ec1699ca
Add Zitadel IdP ( #833 )
...
Added intergration with Zitadel management API.
Use the steps in zitadel.md for configuration.
2023-05-05 19:27:28 +02:00
873b56f856
Add Azure Idp Manager ( #822 )
...
Added intergration with Azure IDP user API.
Use the steps in azure-ad.md for configuration:
cb03373f8f/docs/integrations/identity-providers/self-hosted/azure-ad.md
2023-05-03 14:51:44 +02:00
59372ee159
API cleanup ( #824 )
...
removed all PATCH endpoints
updated path parameters for all endpoints
removed not implemented endpoints for api doc
minor description updates
2023-05-03 00:15:25 +02:00
08db5f5a42
Merge pull request #831 from netbirdio/fix/issue_with_account_creation_after_auth_refactor
...
FIx account creation issue after auth refactor
2023-05-02 19:14:54 +02:00
88678ef364
Merge pull request #808 from bcmmbaga/main
...
Add support for refreshing signing keys on expiry
2023-05-02 17:17:09 +02:00
f1da4fd55d
using old isAdmin function to create account
2023-05-02 16:49:29 +02:00
7f5e1c623e
Use forked Wireguard-go for custom bind ( #823 )
...
Update go version to 1.20
Use forked wireguard-go repo because of custom Bind implementation
2023-04-27 17:50:45 +02:00
6fec0c682e
Merging full service user feature into main ( #819 )
...
Merging full feature branch into main.
Adding full support for service users including backend objects, persistence, verification and api endpoints.
2023-04-22 12:57:51 +02:00
45224e76d0
fallback to olde keys if failing to fetch refreshed keys
2023-04-21 13:34:52 +03:00
90c8cfd863
synchronize access to the signing keys
2023-04-19 17:11:38 +03:00
f7196cd9a5
refactoring
2023-04-15 03:44:42 +03:00
9f352c1b7e
validate keys for idp's with key rotation mechanism
2023-04-14 12:20:34 +03:00
a89808ecae
initialize jwt validator with keys rotation state
2023-04-14 12:17:28 +03:00
0343c5f239
Rollback simple ACL rules processing. ( #803 )
2023-04-12 09:39:17 +02:00
251f2d7bc2
Pass newly generated ID to network map when adding peer ( #800 )
2023-04-11 14:28:22 +02:00
8375491708
Merge pull request #778 from netbirdio/fix/consistent_time_format_for_pat
...
fix/use_utc_for_time_operations
2023-04-10 18:11:41 +02:00
6aba28ccb7
remove UTC from some not store related operations
2023-04-10 10:54:23 +02:00
32b345991a
Support remote scope and use id token configuration ( #784 )
...
Some IDP requires different scope requests and
issue access tokens for different purposes
This change allow for remote configurable scopes
and the use of ID token
2023-04-05 17:46:34 +02:00
fe1ea4a2d0
Check multiple audience values ( #781 )
...
Some IDP use different audience for different clients.
This update checks HTTP and Device authorization flow audience values.
---------
Co-authored-by: Givi Khojanashvili <gigovich@gmail.com >
2023-04-04 16:40:56 +02:00
489892553a
use UTC everywhere in server
2023-04-03 15:09:35 +02:00
b05e30ac5a
do not use UTC for time to stay consistent
2023-04-03 12:44:55 +02:00
769388cd21
Merge pull request #776 from netbirdio/feature/activity_events_for_pat
...
feature/activity_events_for_pat
2023-04-03 12:27:51 +02:00
c54fb9643c
Merge pull request #774 from netbirdio/feature/add_pat_middleware
...
Feature/add pat middleware
2023-04-03 12:09:11 +02:00
5dc0ff42a5
Fix broken auto-generated Rego rule ( #769 )
...
Default Rego policy generated from the rules in some cases is broken.
This change fixes the Rego template for rules to generate policies.
Also, file store load constantly regenerates policy objects from rules.
It allows updating/fixing of the default Rego template during releases.
2023-04-01 12:02:08 +02:00
45badd2c39
add event store to user tests
2023-04-01 11:11:30 +02:00
d3de035961
error responses always lower case + duplicate error response fix
2023-04-01 11:04:21 +02:00
b2da0ae70f
add activity events on PAT creation and deletion
2023-03-31 17:41:22 +02:00
931c20c8fe
fix test name
2023-03-31 12:45:10 +02:00
2eaf4aa8d7
add test for auth middleware
2023-03-31 12:44:22 +02:00
