pascal-fischer
88678ef364
Merge pull request #808 from bcmmbaga/main
...
Add support for refreshing signing keys on expiry
2023-05-02 17:17:09 +02:00
Pascal Fischer
f1da4fd55d
using old isAdmin function to create account
2023-05-02 16:49:29 +02:00
Misha Bragin
e096ec39d5
Enable roaming for mobile ( #827 )
2023-04-28 16:26:54 +02:00
Zoltan Papp
7f5e1c623e
Use forked Wireguard-go for custom bind ( #823 )
...
Update go version to 1.20
Use forked wireguard-go repo because of custom Bind implementation
2023-04-27 17:50:45 +02:00
Maycon Santos
afaa3fbe4f
Use local time zone for display last update changes ( #825 )
...
* Use local time zone for display last update changes
* using TZ UTC for testing purposes
* use init func
2023-04-27 16:02:00 +02:00
pascal-fischer
6fec0c682e
Merging full service user feature into main ( #819 )
...
Merging full feature branch into main.
Adding full support for service users including backend objects, persistence, verification and api endpoints.
2023-04-22 12:57:51 +02:00
Bethuel
45224e76d0
fallback to olde keys if failing to fetch refreshed keys
2023-04-21 13:34:52 +03:00
Chinmay Pai
c2e90a2a97
feat: add support for custom device hostname ( #789 )
...
Configure via --hostname (or -n) flag in the `up` and `login` commands
---------
Signed-off-by: Chinmay D. Pai <chinmay.pai@zerodha.com>
2023-04-20 16:00:22 +02:00
Maycon Santos
118880b6f7
Send a status notification on offline peers change ( #821 )
...
Sum offline peers too
2023-04-20 15:59:07 +02:00
Bethuel
90c8cfd863
synchronize access to the signing keys
2023-04-19 17:11:38 +03:00
Zoltan Papp
bb147c2a7c
Remove unnecessary uapi open ( #807 )
...
Remove unnecessary uapi open from Android implementation
2023-04-17 11:50:12 +02:00
Zoltan Papp
4616bc5258
Add route management for Android interface ( #801 )
...
Support client route management feature on Android
2023-04-17 11:15:37 +02:00
Bethuel
f7196cd9a5
refactoring
2023-04-15 03:44:42 +03:00
Zoltan Papp
1803cf3678
Fix error handling in case of the port is in used ( #810 )
2023-04-14 16:18:00 +02:00
Zoltan Papp
9f35a7fb8d
Ignore ipv6 labeled address ( #809 )
...
Ignore ipv6 labeled address
2023-04-14 15:40:27 +02:00
Bethuel
53d78ad982
make variable unexported
2023-04-14 13:16:01 +03:00
Bethuel
9f352c1b7e
validate keys for idp's with key rotation mechanism
2023-04-14 12:20:34 +03:00
Bethuel
a89808ecae
initialize jwt validator with keys rotation state
2023-04-14 12:17:28 +03:00
Bethuel
c6190fa2ba
add use-key-cache-headers flag to management command
2023-04-13 20:19:04 +03:00
Misha Bragin
2eeed55c18
Bind implementation ( #779 )
...
This PR adds supports for the WireGuard userspace implementation
using Bind interface from wireguard-go.
The newly introduced ICEBind struct implements Bind with UDPMux-based
structs from pion/ice to handle hole punching using ICE.
The core implementation was taken from StdBind of wireguard-go.
The result is a single WireGuard port that is used for host and server reflexive candidates.
Relay candidates are still handled separately and will be integrated in the following PRs.
ICEBind checks the incoming packets for being STUN or WireGuard ones
and routes them to UDPMux (to handle hole punching) or to WireGuard respectively.
2023-04-13 17:00:01 +02:00
Givi Khojanashvili
0343c5f239
Rollback simple ACL rules processing. ( #803 )
2023-04-12 09:39:17 +02:00
Misha Bragin
251f2d7bc2
Pass newly generated ID to network map when adding peer ( #800 )
2023-04-11 14:28:22 +02:00
Maycon Santos
306e02d32b
Update calculate server state ( #796 )
...
Refactored updateServerStates and calculateState
added some checks to ensure we are not sending connecting on context canceled
removed some state updates from the RunClient function
2023-04-10 18:22:25 +02:00
pascal-fischer
8375491708
Merge pull request #778 from netbirdio/fix/consistent_time_format_for_pat
...
fix/use_utc_for_time_operations
2023-04-10 18:11:41 +02:00
Pascal Fischer
e197b89ac3
remove UTC from some not store related operations
2023-04-10 11:09:27 +02:00
Pascal Fischer
6aba28ccb7
remove UTC from some not store related operations
2023-04-10 10:54:23 +02:00
Maycon Santos
8f9826b207
Fix export path for certificate files ( #794 )
...
assign the value for NETBIRD_LETSENCRYPT_DOMAIN
in the base.setup.env file
2023-04-07 10:34:17 +02:00
Zoltan Papp
0aad9169e9
Fix nil pointer exception ( #790 )
...
Nil pointer exception fix. The error handling was in wrong order.
2023-04-06 18:15:55 +02:00
Maycon Santos
1057cd211d
Add scope and id token environment variables ( #785 )
2023-04-05 21:57:47 +02:00
Maycon Santos
32b345991a
Support remote scope and use id token configuration ( #784 )
...
Some IDP requires different scope requests and
issue access tokens for different purposes
This change allow for remote configurable scopes
and the use of ID token
2023-04-05 17:46:34 +02:00
Maycon Santos
e903522f8c
Configurable port defaults from setup.env ( #783 )
...
Allow configuring management and signal ports from setup.env
Allow configuring Coturn range from setup.env
2023-04-05 15:22:06 +02:00
Maycon Santos
ea88ec6d27
Roolback configurable port defaults from setup.env
2023-04-05 11:42:14 +02:00
Maycon Santos
2be1a82f4a
Configurable port defaults from setup.env
...
Allow configuring management and signal ports from setup.env
Allow configuring Coturn range from setup.env
2023-04-05 11:39:22 +02:00
Maycon Santos
fe1ea4a2d0
Check multiple audience values ( #781 )
...
Some IDP use different audience for different clients.
This update checks HTTP and Device authorization flow audience values.
---------
Co-authored-by: Givi Khojanashvili <gigovich@gmail.com>
2023-04-04 16:40:56 +02:00
Maycon Santos
f14f34cf2b
Add token source and device flow audience variables ( #780 )
...
Supporting new dashboard option to configure a source token.
Adding configuration support for setting
a different audience for device authorization flow.
fix custom id claim variable
2023-04-04 15:56:02 +02:00
Bethuel
109481e26d
Use first available package manager ( #782 )
2023-04-04 14:26:17 +02:00
Bethuel
18098e7a7d
Add single line installer ( #775 )
...
detect OS package manager
If a supported package manager is not available,
use binary installation
Check if desktop environment is available
Skip installing the UI client if SKIP_UI_APP is set to true
added tests for Ubuntu and macOS tests
2023-04-04 00:35:54 +02:00
Ruakij
5993982cca
Add disable letsencrypt ( #747 )
...
Add NETBIRD_DISABLE_LETSENCRYPT support to explicit disable let's encrypt
Organize the setup.env.example variables into sections
Add traefik example
2023-04-04 00:21:40 +02:00
Zoltan Papp
86f9051a30
Fix/connection listener ( #777 )
...
Fix add/remove connection listener
In case we call the RemoveConnListener from Java then
we lose the reference from the original instance
2023-04-03 16:59:13 +02:00
Pascal Fischer
489892553a
use UTC everywhere in server
2023-04-03 15:09:35 +02:00
Pascal Fischer
b05e30ac5a
do not use UTC for time to stay consistent
2023-04-03 12:44:55 +02:00
pascal-fischer
769388cd21
Merge pull request #776 from netbirdio/feature/activity_events_for_pat
...
feature/activity_events_for_pat
2023-04-03 12:27:51 +02:00
pascal-fischer
c54fb9643c
Merge pull request #774 from netbirdio/feature/add_pat_middleware
...
Feature/add pat middleware
2023-04-03 12:09:11 +02:00
Givi Khojanashvili
5dc0ff42a5
Fix broken auto-generated Rego rule ( #769 )
...
Default Rego policy generated from the rules in some cases is broken.
This change fixes the Rego template for rules to generate policies.
Also, file store load constantly regenerates policy objects from rules.
It allows updating/fixing of the default Rego template during releases.
2023-04-01 12:02:08 +02:00
Pascal Fischer
45badd2c39
add event store to user tests
2023-04-01 11:11:30 +02:00
Pascal Fischer
d3de035961
error responses always lower case + duplicate error response fix
2023-04-01 11:04:21 +02:00
Pascal Fischer
b2da0ae70f
add activity events on PAT creation and deletion
2023-03-31 17:41:22 +02:00
Pascal Fischer
931c20c8fe
fix test name
2023-03-31 12:45:10 +02:00
Pascal Fischer
2eaf4aa8d7
add test for auth middleware
2023-03-31 12:44:22 +02:00
Pascal Fischer
110067c00f
change order for access control checks and aquire account lock after global lock
2023-03-31 12:03:53 +02:00