rommapp/romm
1
0
Fork 0
mirror of https://github.com/rommapp/romm.git synced 2026-02-18 00:27:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,048 Commits 29 Branches 168 Tags
8e5d4cdcb54b8dbf16c3a0f77407bbbefd9153cf
Commit Graph

45 Commits

Author SHA1 Message Date
Georges-Antoine Assi
8e5d4cdcb5 disable pyright 2025-01-26 11:29:33 -05:00
Georges-Antoine Assi
2859ac04c8 fix pyright issues 2025-01-26 10:57:27 -05:00
Michael Manganiello
7fedaca59a fix: Improve OIDC email verified check 
The OIDC email verified check now fails if the email is explicitly
unverified, or if the `email_verified` claim is supported and the email
is not explicitly verified.

Previously, the OIDC implementation failed for any OIDC provider that
did not include the `email_verified` claim in the userinfo response.
Providers like Synology do not include this claim, so the check always
failed with error "Email is not verified."

I haven't found a formal specification for the `email_verified` claim,
and how it should be handled, but this implementation should be more
robust and work with more OIDC providers.

Fixes #1446.
 2025-01-09 00:55:20 -03:00
Michael Manganiello
865370ec13 misc: Move auth constants to separate file 
This simplifies avoiding circular imports when trying to use auth
handlers.
 2025-01-08 22:16:31 -03:00
Georges-Antoine Assi
4473b6e498 fix formatting and tests 2024-12-28 10:11:36 -05:00
Anthony Uk
d96f11d56f Fix preferred_username 2024-12-28 07:11:23 +01:00
Anthony Uk
920aee5095 Rework OIDC base_handler 2024-12-28 07:05:29 +01:00
zurdi
f6673dd707 fix: Use preferred_username for new user creation instead of email prefix 2024-12-27 15:43:37 +00:00
zurdi
ff03d8e125 refactor: Remove OIDC_CREATE_USER configuration and generate an uuid in a OIDC created user password 2024-12-27 14:49:23 +00:00
zurdi
ffbebc2f46 fix: Rename CREATE_OIDC_USER to OIDC_CREATE_USER for consistency 2024-12-27 12:32:49 +00:00
zurdi
e52ebcbc5a feat: Add CREATE_OIDC_USER configuration to enable automatic user creation 2024-12-27 12:04:49 +00:00
Georges-Antoine Assi
dbb3b6083b only json() once 2024-12-23 14:03:24 -05:00
Georges-Antoine Assi
8332c7b27b fetch jwks_url from server metadata endppoint 2024-12-23 09:34:38 -05:00
Georges-Antoine Assi
37db255328 refactor oidc handler and fix tests 2024-12-18 10:49:45 -05:00
Georges-Antoine Assi
34d49e6494 changes from self review 2024-12-13 11:33:39 -05:00
Georges-Antoine Assi
2d5bc34e9c add tests for oidc handler 2024-12-12 17:37:30 -05:00
Georges-Antoine Assi
82ac766c9e oidc login using email 2024-12-12 10:08:27 -05:00
Georges-Antoine Assi
0e2866f0f5 dont setup OIDC if disabled 2024-12-11 23:20:21 -05:00
Georges-Antoine Assi
cae4089ccf add email field 2024-12-09 19:57:13 -05:00
Georges-Antoine Assi
b7dac4743a Merge branch 'master' into openid-connect 2024-12-07 22:19:24 -05:00
zurdi
caa24433b1 refactor: improve user authentication handling without requesting to database 2024-12-02 15:37:13 +00:00
Georges-Antoine Assi
1866cfdbae revert one oauth to oidc change 2024-11-27 23:39:53 -05:00
Georges-Antoine Assi
a2179604bf fix trunk error 2024-11-27 23:36:41 -05:00
Georges-Antoine Assi
3abf50b056 changes from self review 2024-11-27 23:28:54 -05:00
Georges-Antoine Assi
11923786be fetch and use rsa key 2024-11-27 22:40:02 -05:00
Georges-Antoine Assi
bc5c2e45f3 wokring oidc setup with authentik 2024-11-26 23:57:15 -05:00
Michael Manganiello
beeb9f0c31 misc: Create enum for authorization scopes 
Instead of using just strings, this change converts the scopes to a
`StrEnum`, to be compatible with places where a string is expected. This
avoids typos when using these scopes, simplifies searching for usages,
and improves type hints.

An extra change was the fix to the Firmware download endpoint, which
wasn't respecting the `DISABLE_DOWNLOAD_ENDPOINT_AUTH` flag.
 2024-10-18 23:57:42 -03:00
Georges-Antoine Assi
8fc25cde99 use timezone aware datetimes 2024-09-09 10:11:46 -04:00
zurdi
8a2a4d6099 fixes from trunk 2024-07-04 23:54:18 +02:00
zurdi
3d27a05c22 fixes from trunk 2024-07-04 23:47:14 +02:00
zurdi
4b81c01140 fixed tests 2024-07-04 22:26:35 +02:00
zurdi
2ec4debd61 setup wizard added 2024-07-04 14:19:00 +02:00
zurdi
1d6ba70080 collections get_roms endpoint added 2024-07-02 14:31:27 +02:00
Georges-Antoine Assi
7530fdd576 mega refactor of pr 2024-07-01 15:12:07 -04:00
zurdi
4749bf84c6 atomic update user_rom_props 2024-06-30 01:50:08 +02:00
Zurdi
d3381e16b0 Update backend/handler/auth/base_handler.py 
Co-authored-by: Georges-Antoine Assi <3247106+gantoine@users.noreply.github.com>
 2024-06-29 18:20:01 +02:00
Zurdi
c022e9cef7 added user_rom_props entity 2024-06-29 00:13:28 +02:00
zurdi
d3fd75bff4 format from trunk 2024-06-18 19:20:26 +02:00
Hsiaoming Yang
5d82be1ca4 use OctKey directly to prevent joserfc deprecate message 2024-06-14 17:13:36 +09:00
Georges-Antoine Assi
b2085f87a8 bunch of fixes for trunk 2024-05-21 17:10:11 -04:00
Georges-Antoine Assi
a7cf0d389a run trunk format on all files 2024-05-21 10:18:13 -04:00
Georges-Antoine Assi
2756121f06 Merge branch 'master' into python-pkg-drop 2024-05-14 09:22:59 -04:00
Georges-Antoine Assi
da784fc7ab Merge branch 'master' into firmware-bios-support 2024-05-13 09:13:55 -04:00
Georges-Antoine Assi
2749aaee4a rename back to old names 2024-05-05 16:59:30 -04:00
Georges-Antoine Assi
9ad28f3294 more refactoring again 2024-05-05 16:32:40 -04:00