Commit Graph

232 Commits

Author SHA1 Message Date
Adam Ierymenko
58119598ae
comment out some new deauth code 2022-04-13 23:10:11 -04:00
Adam Ierymenko
42a2afaef9
This may improve controller behavior with SSO and mixed SSO, needs testing! 2022-04-13 21:39:56 -04:00
Grant Limberg
b3fbbd3124
refresh tokens now working
Still investigating the best way to do a couple things, but we have something working
2021-12-07 16:29:50 -08:00
Grant Limberg
7cce23ae79
wip 2021-12-01 10:44:29 -08:00
Grant Limberg
a33d7c64fe
more fixin 2021-11-30 17:27:13 -08:00
Grant Limberg
fa21fdc1cc
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
2021-11-11 16:19:26 -08:00
Grant Limberg
43433cdb5a integrate rust build of zeroidc to linux 2021-11-04 17:16:23 -07:00
Grant Limberg
8d39c9a861
plumbing full flow from controller -> client network 2021-11-04 15:40:08 -07:00
Adam Ierymenko
134d33c218
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 15:40:55 -07:00
Grant Limberg
20721491e8
kill some noisy logs 2021-08-19 13:03:56 -07:00
Grant Limberg
9eae444104
kill some verbose logs 2021-08-19 09:21:52 -07:00
Adam Ierymenko
576b4f03a5
Adjust deauth time window and send revocation when SSO members expire. 2021-08-18 12:17:40 -04:00
Adam Ierymenko
461810b06a
Move return so record gets created before URL. 2021-08-10 11:22:29 -04:00
Grant Limberg
613d7b5ece
fix backwards logic 2021-08-04 09:16:04 -07:00
Adam Ierymenko
663e748b8d
Deauth expiring members right away. 2021-07-26 23:45:18 -04:00
Adam Ierymenko
0cf62d334d
Remove pointless check. 2021-07-26 13:38:35 -04:00
Adam Ierymenko
0310bfa3e3
Include authentication URL in config 2021-07-23 19:17:42 -04:00
Adam Ierymenko
efe0e8aa7b
Notification of about-to-expire status... almost there. 2021-07-23 19:05:59 -04:00
Adam Ierymenko
5c7e51feaf
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev 2021-07-23 18:49:05 -04:00
Adam Ierymenko
34de579c91
Handling of soon-to-expire members 2021-07-23 18:49:00 -04:00
Grant Limberg
10215af96d
whoops 2021-07-06 13:18:08 -07:00
Grant Limberg
e67fee0264
debug logging 2021-07-06 13:08:21 -07:00
Grant Limberg
364ad87e2b
add ssoEnabled flag to network config 2021-06-05 13:44:45 -07:00
Grant Limberg
e6b4fb5af7
add "ssoRedirectURL" to local.conf
plumbed it through to the central controller code
2021-06-04 16:29:03 -07:00
Adam Ierymenko
1dfe909bab
Increase authentication URL sizes. 2021-06-04 16:46:56 -04:00
Grant Limberg
74a678c1e1
chicken or egg problem.
member must exist in the database before we can generate a nonce & SSO URL
2021-06-04 12:49:26 -07:00
Grant Limberg
f27d193cf6
. 2021-06-04 11:56:12 -07:00
Grant Limberg
7ca2ecb421
put expiry time back on nc object 2021-06-04 11:39:52 -07:00
Grant Limberg
0702e581a1
remove some noisy log lines & fix a query error 2021-06-04 11:06:54 -07:00
Grant Limberg
c78792a705
moar temporary debug printfs 2021-06-04 11:00:51 -07:00
Grant Limberg
287c19e822
move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not 2021-06-04 09:46:31 -07:00
Grant Limberg
4f521baafd
Big SSO update
make things hopefully work
2021-06-03 14:38:26 -07:00
Grant Limberg
fc6d90a04a
set the correct default 2021-06-02 14:27:58 -07:00
Grant Limberg
d2f1d05a06
handle cases where authenticationURL and authenticationExpiryTime don't exist 2021-06-02 13:46:43 -07:00
Adam Ierymenko
c470c6255e
Postgres code for SSO (almost certainly needs work) 2021-05-28 17:08:24 -04:00
Adam Ierymenko
6b3a7ec827
Fix a few things... 2021-05-25 14:40:40 -04:00
Adam Ierymenko
1ce71f9dc0
Build fix. 2021-05-25 13:05:06 -04:00
Adam Ierymenko
18508b5a2e
Build fix. 2021-05-25 13:04:14 -04:00
Adam Ierymenko
621898f3c5
Forgot to set auth info in NetworkConfig. 2021-05-25 13:02:06 -04:00
Adam Ierymenko
2c1d7f3dcc
CLI printing of URL. 2021-05-25 12:58:33 -04:00
Adam Ierymenko
b270d527f4
Basic plumbing for authentication requirement and piping through of URL information. 2021-05-24 22:58:17 -04:00
Adam Ierymenko
d64c5a92c6
Merge pull request #1233 from dosuperuser/improvement/optimizations
Minor C++ optimizations
2020-11-24 19:24:36 -05:00
Grant Limberg
ff23d3051f
self hosted controller JSON format fix for DNS 2020-09-23 12:16:23 -07:00
Adam Ierymenko
06730c7d1d BSL date bump 2020-08-20 12:51:39 -07:00
Grant Limberg
c0c215c83c
single dns config per network 2020-08-12 13:08:47 -07:00
Grant Limberg
058d888311
More debug logging cleanup 2020-08-12 10:00:09 -07:00
Grant Limberg
6868e98904 Get stuff building on Windows
Been a minute since any of this has been updated
2020-08-05 16:04:02 -07:00
Grant Limberg
88a3c685fb
latest 2020-08-04 13:52:57 -07:00
Grant Limberg
2e52a1eebf
forgot a couple queries in postgres. trying to pull dns of member not network in embedded network controller
also some debug logging
2020-08-04 09:45:45 -07:00
Grant Limberg
387039456d
Pass 1 at adding DNS to controller 2020-07-20 14:34:19 -07:00