d5cf2921e7
Merge pull request #200 from iegomez/issue-197-add-option-to-strip-prefixes
...
Add option to strip prefixes upon checking user or acl.
2021-09-23 21:49:05 -03:00
49073c8a62
Merge pull request #199 from iegomez/issue-198-fix-firefox-websockets
...
Disable http2 to workaround websockets issues in Firefox.
2021-09-23 20:42:26 -03:00
fa99ba6583
Add option to strip prefixes upon checking user or acl.
2021-09-23 20:40:32 -03:00
842718728d
Disable http2 to workaround websockets issues in Firefox.
2021-09-23 19:45:40 -03:00
1207622cb2
Merge pull request #196 from iegomez/feat/add-codeql-action
...
Codeql setup.
2021-09-15 16:47:05 -03:00
a331aa1d73
Codeql setup.
...
Cleanup comments.
2021-09-15 16:12:00 -03:00
b25ac28619
Merge pull request #195 from iegomez/security/patch-and-migrate-dependabot-alerts
...
Bump mongo driver version and migrate jwt module.
2021-09-15 15:47:36 -03:00
91e77551a7
Bump mongo driver version and migrate jwt module.
2021-09-15 15:16:49 -03:00
290c1c516a
Add gRPC options to set timeout and skip dial errors ( #193 )
...
* Don't bubble up grpc client error, just keep it nil and derive it again on checking.
Add option to check if we should faild on gRCP dial error or not.
Add timeout option.
* Instead of attempting on each check, remove with block when fail on dial error is not set to true so gRPC takes care of the connection itself.
Add tests to check that auth fails with dial errors, but works once the service is back up.
* Fix docker files missing libwebsockets8 by building from source, fix docker test run by starting maridb service instead of mysql one.
Co-authored-by: Ignacio Gómez <ignacio_gomez@apple.com>
2021-09-15 13:46:44 -03:00
5dc063f104
Add user-agent to requests ( #176 )
...
* Add default 'mosquitto' user-agent to http/jwt requests
* Add libmosquitto version ofr http and jwt remote user agent.
Add more room for extended versions.
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-07-11 21:52:22 -04:00
cff71ffe69
Add GitHub actions workflow to automaticall build and push Docker images ( #179 )
...
* Add support for Mosquitto version >=2.x and arm
* Hopefully fix ARMv6 build
* Add disclaimer regarding tests on hardware
* Add github actions workflow to build Docker images
2021-06-25 18:42:32 -04:00
1c8e24b650
Add support for Mosquitto version >=2.x and arm(v7 and 64) to Dockerfile ( #163 )
...
* Add support for Mosquitto version >=2.x and arm
* Hopefully fix ARMv6 build
* Add disclaimer regarding tests on hardware
2021-06-10 09:53:09 -04:00
d895cf567a
Add 'tini' as init to handle signals more correctly ( #178 )
2021-06-03 19:00:31 -04:00
2d264437df
Updated README ( #177 )
...
Bump versions, state minimum Go version and add example instructions.
2021-05-31 21:33:45 -04:00
45b8a85f02
Added monogdb TLS option ( #170 )
...
* Added monogdb TLS option
* Syntax fix
* Made TLS configurable
* Update README.md
Chnaged tls option name
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
* Update README.md
Chnaged tls option name.
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
* Update backends/mongo.go
Chnaged tls option name
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
* Update backends/mongo.go
Better style for setting TLS option
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
* Better style for setting TLS config
* Fixed variable name in struct
* Chnaged tab in Readme
* Added option to dkip TLS verify
Co-authored-by: Joachim Danmayr <danmayr.joachim@fronius.com>
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-04-30 09:43:31 -04:00
f28476090b
Merge pull request #166 from iegomez/feat/jwt-files
...
[JWT]: Add files-like ACLs
2021-04-27 19:59:27 -04:00
ee6e68db3a
Add JWT files mode. Now both JWT and Files may use the generally available strict files checker.
...
Files should be able to check ACLs only.
Clen setPrefixes method.
Fix test-backends by building custom plugin too, fix files only acls by checking if a user was seen before creating a general record.
2021-04-27 19:58:54 -04:00
3eea16872d
Merge pull request #159 from iegomez/feat/register-backend-functions
...
[Backens] Register checks
2021-03-11 20:17:31 -03:00
16db4e244f
With a prefixed user, skip superuser check when disabled or not registered.
2021-03-10 22:57:52 -03:00
e4d655557e
Fix README custom plugin returns, fix prefix/registered order for auth check, don return an error on enabled but unregistered superuser on valid prefix.
2021-03-09 23:13:06 -03:00
5cc687351e
Add backends tests and fix a couple of issues in Redis.
2021-03-09 23:13:03 -03:00
ca22c6f9fa
Refactor backends to take all the init and checking logic out of the main package, add options to enable registering specific checks per backend.
2021-03-09 23:11:57 -03:00
82ca3fc6a1
Merge pull request #123 from PierreF/cache-jitter
...
Cache jitter
2021-03-07 20:42:58 +01:00
a3a27a1a45
Kept cache jitter disabled by default
2021-03-07 19:50:13 +01:00
541c3f9ffa
Use ACL cache jitter for ACL check
...
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-03-07 11:16:40 +01:00
76e798c72c
Merge pull request #124 from PierreF/retry-http
...
Retry on backend error
2021-03-07 11:05:31 +01:00
19315cf24a
Merge pull request #121 from PierreF/docker-test
...
Add Docker image to run tests
2021-03-07 11:04:52 +01:00
766110745f
Merge pull request #157 from iegomez/fix/add-deny-and-spaces-in-files
...
[Files]: Add support for deny ACL, and whitespaces in usernames/topics.
2021-03-05 18:17:14 -03:00
e7c2aec65f
Add tests for files fixes... not yet ready, patterns are failing.
2021-03-05 18:15:53 -03:00
c619a88e79
Improve retry count description
...
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-03-05 10:23:23 +01:00
ca6e9d8e21
Add retry capibility
2021-03-05 10:23:23 +01:00
59281887bc
Use jitter in cache test
2021-03-05 10:13:02 +01:00
fa6d397c5f
Add warning for cache jitter larger than expiration
2021-03-05 10:03:21 +01:00
8abfcd2755
Apply suggestions from code review
...
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-03-05 09:57:52 +01:00
d2fc01e2f7
Add support for deny ACL and whitespaces in topics.
...
Support whitespaces in Files username
2021-02-26 20:33:18 -03:00
c0667a4c6e
Merge pull request #120 from PierreF/backend-error
...
Improve handling of backend failure
2021-02-17 16:37:45 +01:00
04ca042252
Fix typo
...
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-02-13 16:04:43 +01:00
84620d8665
Rename "firstError" in "err"
2021-02-13 15:56:39 +01:00
b5c925d119
Allow to get a shell on Docker testing image
...
This make much easier to re-run test multiple time without avoid to wait
backends to start each time.
2021-02-13 15:07:26 +01:00
90a24b52c6
Fix leaking existence of username from error
2021-02-13 15:00:35 +01:00
f1a3fef9ee
Improve log messages
...
Apply suggestions from code review
Co-authored-by: Ignacio Gómez <iegomez@uc.cl>
2021-02-13 14:04:13 +01:00
9321be9081
Merge pull request #153 from PierreF/file-cpu-hog
...
Avoid using 100% when using file backend
2021-02-13 13:59:37 +01:00
e2f384916c
Use switch and cover all plugin possible reply
2021-02-13 13:59:07 +01:00
28db4c0362
Avoid using 100% when using file backend
2021-02-13 13:35:16 +01:00
250485f2bd
Merge branch 'master' into backend-error
2021-02-13 12:14:28 +01:00
46f79fc499
Merge pull request #152 from iegomez/feat/reload-file-on-sighup
...
Reload static files on SIGHUP.
2021-02-12 13:22:28 -03:00
4bb8dcc34b
Reload static files on SIGHUP.
2021-02-12 13:20:05 -03:00
4be4a085d8
Merge branch 'master' into backend-error
2021-02-11 16:04:00 +01:00
2cfa50cd63
Remove outadted comment from readme.
2021-02-11 11:12:24 -03:00
f8108ebbe9
Merge pull request #116 from iegomez/feat/jwt-add-js-interpreter
...
JWT checkers and JS mode
2021-02-11 11:05:28 -03:00
Ignacio Gómez