Adam Ierymenko
|
58119598ae
|
comment out some new deauth code
|
2022-04-13 23:10:11 -04:00 |
|
Adam Ierymenko
|
42a2afaef9
|
This may improve controller behavior with SSO and mixed SSO, needs testing!
|
2022-04-13 21:39:56 -04:00 |
|
Grant Limberg
|
b3fbbd3124
|
refresh tokens now working
Still investigating the best way to do a couple things, but we have something working
|
2021-12-07 16:29:50 -08:00 |
|
Grant Limberg
|
7cce23ae79
|
wip
|
2021-12-01 10:44:29 -08:00 |
|
Grant Limberg
|
a33d7c64fe
|
more fixin
|
2021-11-30 17:27:13 -08:00 |
|
Grant Limberg
|
fa21fdc1cc
|
rename stuff for clarity
authenticationURL will still be used by the client for v1 and v2 of sso
|
2021-11-11 16:19:26 -08:00 |
|
Grant Limberg
|
43433cdb5a
|
integrate rust build of zeroidc to linux
|
2021-11-04 17:16:23 -07:00 |
|
Grant Limberg
|
8d39c9a861
|
plumbing full flow from controller -> client network
|
2021-11-04 15:40:08 -07:00 |
|
Adam Ierymenko
|
134d33c218
|
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring.
|
2021-09-20 15:40:55 -07:00 |
|
Grant Limberg
|
20721491e8
|
kill some noisy logs
|
2021-08-19 13:03:56 -07:00 |
|
Grant Limberg
|
9eae444104
|
kill some verbose logs
|
2021-08-19 09:21:52 -07:00 |
|
Adam Ierymenko
|
576b4f03a5
|
Adjust deauth time window and send revocation when SSO members expire.
|
2021-08-18 12:17:40 -04:00 |
|
Adam Ierymenko
|
461810b06a
|
Move return so record gets created before URL.
|
2021-08-10 11:22:29 -04:00 |
|
Grant Limberg
|
613d7b5ece
|
fix backwards logic
|
2021-08-04 09:16:04 -07:00 |
|
Adam Ierymenko
|
663e748b8d
|
Deauth expiring members right away.
|
2021-07-26 23:45:18 -04:00 |
|
Adam Ierymenko
|
0cf62d334d
|
Remove pointless check.
|
2021-07-26 13:38:35 -04:00 |
|
Adam Ierymenko
|
0310bfa3e3
|
Include authentication URL in config
|
2021-07-23 19:17:42 -04:00 |
|
Adam Ierymenko
|
efe0e8aa7b
|
Notification of about-to-expire status... almost there.
|
2021-07-23 19:05:59 -04:00 |
|
Adam Ierymenko
|
5c7e51feaf
|
Merge branch 'dev' of github.com:zerotier/ZeroTierOne into dev
|
2021-07-23 18:49:05 -04:00 |
|
Adam Ierymenko
|
34de579c91
|
Handling of soon-to-expire members
|
2021-07-23 18:49:00 -04:00 |
|
Grant Limberg
|
10215af96d
|
whoops
|
2021-07-06 13:18:08 -07:00 |
|
Grant Limberg
|
e67fee0264
|
debug logging
|
2021-07-06 13:08:21 -07:00 |
|
Grant Limberg
|
364ad87e2b
|
add ssoEnabled flag to network config
|
2021-06-05 13:44:45 -07:00 |
|
Grant Limberg
|
e6b4fb5af7
|
add "ssoRedirectURL" to local.conf
plumbed it through to the central controller code
|
2021-06-04 16:29:03 -07:00 |
|
Adam Ierymenko
|
1dfe909bab
|
Increase authentication URL sizes.
|
2021-06-04 16:46:56 -04:00 |
|
Grant Limberg
|
74a678c1e1
|
chicken or egg problem.
member must exist in the database before we can generate a nonce & SSO URL
|
2021-06-04 12:49:26 -07:00 |
|
Grant Limberg
|
f27d193cf6
|
.
|
2021-06-04 11:56:12 -07:00 |
|
Grant Limberg
|
7ca2ecb421
|
put expiry time back on nc object
|
2021-06-04 11:39:52 -07:00 |
|
Grant Limberg
|
0702e581a1
|
remove some noisy log lines & fix a query error
|
2021-06-04 11:06:54 -07:00 |
|
Grant Limberg
|
c78792a705
|
moar temporary debug printfs
|
2021-06-04 11:00:51 -07:00 |
|
Grant Limberg
|
287c19e822
|
move this outside the auth block. If SSO is enabled, it should be checked whether authorized or not
|
2021-06-04 09:46:31 -07:00 |
|
Grant Limberg
|
4f521baafd
|
Big SSO update
make things hopefully work
|
2021-06-03 14:38:26 -07:00 |
|
Grant Limberg
|
fc6d90a04a
|
set the correct default
|
2021-06-02 14:27:58 -07:00 |
|
Grant Limberg
|
d2f1d05a06
|
handle cases where authenticationURL and authenticationExpiryTime don't exist
|
2021-06-02 13:46:43 -07:00 |
|
Adam Ierymenko
|
c470c6255e
|
Postgres code for SSO (almost certainly needs work)
|
2021-05-28 17:08:24 -04:00 |
|
Adam Ierymenko
|
6b3a7ec827
|
Fix a few things...
|
2021-05-25 14:40:40 -04:00 |
|
Adam Ierymenko
|
1ce71f9dc0
|
Build fix.
|
2021-05-25 13:05:06 -04:00 |
|
Adam Ierymenko
|
18508b5a2e
|
Build fix.
|
2021-05-25 13:04:14 -04:00 |
|
Adam Ierymenko
|
621898f3c5
|
Forgot to set auth info in NetworkConfig.
|
2021-05-25 13:02:06 -04:00 |
|
Adam Ierymenko
|
2c1d7f3dcc
|
CLI printing of URL.
|
2021-05-25 12:58:33 -04:00 |
|
Adam Ierymenko
|
b270d527f4
|
Basic plumbing for authentication requirement and piping through of URL information.
|
2021-05-24 22:58:17 -04:00 |
|
Adam Ierymenko
|
d64c5a92c6
|
Merge pull request #1233 from dosuperuser/improvement/optimizations
Minor C++ optimizations
|
2020-11-24 19:24:36 -05:00 |
|
Grant Limberg
|
ff23d3051f
|
self hosted controller JSON format fix for DNS
|
2020-09-23 12:16:23 -07:00 |
|
Adam Ierymenko
|
06730c7d1d
|
BSL date bump
|
2020-08-20 12:51:39 -07:00 |
|
Grant Limberg
|
c0c215c83c
|
single dns config per network
|
2020-08-12 13:08:47 -07:00 |
|
Grant Limberg
|
058d888311
|
More debug logging cleanup
|
2020-08-12 10:00:09 -07:00 |
|
Grant Limberg
|
6868e98904
|
Get stuff building on Windows
Been a minute since any of this has been updated
|
2020-08-05 16:04:02 -07:00 |
|
Grant Limberg
|
88a3c685fb
|
latest
|
2020-08-04 13:52:57 -07:00 |
|
Grant Limberg
|
2e52a1eebf
|
forgot a couple queries in postgres. trying to pull dns of member not network in embedded network controller
also some debug logging
|
2020-08-04 09:45:45 -07:00 |
|
Grant Limberg
|
387039456d
|
Pass 1 at adding DNS to controller
|
2020-07-20 14:34:19 -07:00 |
|