mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-06-16 03:49:08 -04:00
Code Issues Packages Projects Releases Wiki Activity
23,340 Commits 68 Branches 62 Tags
2bde822b784cb20c637ed955b62afffc623dd708
Commit Graph

84 Commits

Author SHA1 Message Date
Pascal Bleser
673c2136d2 /auth: add SkipXAccessToken:true 2026-06-11 15:01:37 +02:00
Pascal Bleser
e1683ae74b Refactor groupware service after ADR decision on the Groupware API 
* after having decided that the Groupware API should be a standalone
   independent custom REST API that is using JMAP data models as much as
   possible,
 * removed Groupware APIs from the Graph service
 * moved Groupware implementation to the Groupware service, and
   refactored a few things accordingly
 2026-06-11 15:01:30 +02:00
Pascal Bleser
4f2782930a add an auth-api service to make an exemplary implementation of an external authentication API for third party services such as Stalwart 2026-06-11 15:00:41 +02:00
Pascal Bleser
53ca9f40f8 add missing routing for /groupware (currently unprotected for testing) 2026-06-11 15:00:05 +02:00
Florian Schade
f1208cfa32 enhancement: make collaboration mention functionality public 2026-06-11 09:28:37 +02:00
Florian Schade
159785a3b5 enhancement: make collaboration font management functionality public 2026-06-11 09:28:37 +02:00
Florian Schade
f72e3f1e32 chore: cleanup backchannel logout pr for review 2026-02-25 14:02:09 +01:00
Florian Schade
f6553498f6 enhancement: finalize backchannel logout 2026-02-25 14:02:09 +01:00
Christian Richter
21975d75eb consolidate log config in proxy 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2026-01-08 13:16:55 +01:00
Jörn Friedrich Dreyer
c99342318f merge ocdav into frontend 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2026-01-07 15:04:34 +01:00
Jörn Friedrich Dreyer
10913ca00a Merge pull request #1918 from opencloud-eu/otlp-tracing 
update otlp tracing
 2025-11-27 12:57:26 +01:00
Christian Richter
444af91cce Merge pull request #1714 from MahdiBaghbani/feature-ocm-wayf 
feat(ocm): add WAYF configuration for reva OCM service
 2025-11-27 12:55:59 +01:00
Jörn Friedrich Dreyer
a3ef7f6d79 update otlp tracing 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-11-27 12:28:15 +01:00
Christian Richter
8007e8a269 add ability to completely override csp config 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-19 09:38:16 +01:00
Mahdi Baghbani
a004a9114f feat(ocm): add wayf configuration for reva ocm service 
Signed-off-by: Mahdi Baghbani <mahdi-baghbani@azadehafzar.io>
 2025-10-27 06:37:40 +00:00
Michael Barz
4a0cc1004f Fix collaboration service name (#1577) 
* fix: collaboration service name

* change: do not use app name in service name

* feat: make collaboration service name configurable

* test: fix test config
 2025-09-29 10:06:05 +02:00
Michael Barz
e7b7ceafd5 feat: make it possible to start the collaboration service in the single process (#1569) 
* feat: make it possible to start the collaboration service in the single process

* feat: add proxy policy
 2025-09-26 09:08:20 +02:00
Ralf Haferkamp
cda94ce584 Start auth-app service by default 
Co-Authored-By: André Duffeck <a.duffeck@opencloud.eu>
 2025-03-20 15:09:47 +01:00
Jörn Friedrich Dreyer
4afc70c549 'default' routing policy 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-02-12 14:25:06 +01:00
Florian Schade
8824393ec7 Merge pull request #57 from opencloud-eu/proxy 
proxy
 2025-01-17 11:30:52 +01:00
Jörn Friedrich Dreyer
747b2879d7 proxy 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-01-16 17:31:51 +01:00
Jörn Friedrich Dreyer
243ffe81c7 nats cluster name 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-01-16 16:14:22 +01:00
Ralf Haferkamp
213e9663a9 Rename go-micro services 2025-01-16 09:45:46 +01:00
Jörn Friedrich Dreyer
b07b5a1149 use plain pkg module 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-01-13 16:42:19 +01:00
Jörn Friedrich Dreyer
8e028f17e9 change module name 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-01-13 09:58:18 +01:00
jkoberg
c80254c4f1 feat(ocis): remove ocm store 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2024-10-15 17:24:51 +02:00
Jörn Friedrich Dreyer
d29e09f0c1 Merge pull request #9815 from owncloud/ocm-wellknown-config 
add ocm wellknown config
 2024-10-04 10:13:16 +02:00
Florian Schade
349a25169b enhancement: Load CSP configuration file if it exists 2024-09-23 16:30:54 +02:00
Jörn Friedrich Dreyer
1faa36f303 add ocm wellknown config 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-08-14 21:56:31 +02:00
jkoberg
2a498daf07 feat(auth-app): list and delete endpoints 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2024-08-07 12:21:39 +02:00
jkoberg
48af3fae32 feat(auth-app): Add an API to generate AppTokens 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2024-08-07 10:29:54 +02:00
Ralf Haferkamp
0d65908e82 autoprovisioning: sync group memberships 
Add support for autoprovisioning group memberships from OIDC claims.
Users are added to and removed from groups based on the value of an OIDC
claim. If a group does not exist, it is created.

Closes: #5538
 2024-07-08 09:32:23 +02:00
Roman Perekhod
eac5eaea8f Add the backchannel logout event 2024-06-25 12:13:24 +02:00
Florian Schade
949c5d0848 enhancement(activitylog): enhance activitylog graph endpoint 
- make use of libregraph artifacts
- add a basic activity kql ast parser
 2024-06-24 16:23:54 +02:00
jkoberg
882689549f feat(activitylog): add api 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2024-06-24 16:23:54 +02:00
Jörn Friedrich Dreyer
799b12b8dd fix service names for userlog, graph, invitations, sse and web 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-05-13 17:04:01 +02:00
Ralf Haferkamp
741dce501b enhancement(autoprovision): Allow to configure which claims to use for auto-provisioning user accounts 
When auto-provisioning user accounts we used a fixed mapping for claims
for the userinfo response to user attributes. This change introduces
configuration options to defined which claims should be user for the
username, display name and email address of the auto-provisioned
accounts.

This also removes the automatic fallback to use the 'mail' claim as the
username when the 'preferred_username' claim does not exist.

Fixes: #8635
 2024-04-30 17:09:19 +02:00
Thomas Müller
bdbba929d0 feat: add CSP and other security related headers in the oCIS proxy service (#8777) 
* feat: add CSP and other security related headers in the oCIS proxy service

* fix: consolidate security related headers - drop middleware.Secure

* fix: use github.com/DeepDiver1975/secure

* fix: acceptance tests

* feat: support env var replacements in csp.yaml
 2024-04-26 09:10:35 +02:00
Michael Barz
643d4ccbfb fix: change default config for the role mapping 2024-02-28 12:04:57 +01:00
Jörn Friedrich Dreyer
26136f8f81 drop store service in favor of a micro store implementation (#8419) 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-02-26 16:08:03 +01:00
jkoberg
d62cb9d34b use inmemory cache by default 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2023-12-13 12:49:54 +01:00
jkoberg
ad87ac955a configure services individually 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2023-12-13 12:49:54 +01:00
jkoberg
bbc4f83f7d bump dependencies 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2023-12-13 12:49:53 +01:00
jkoberg
69a2da889a allow configuring addtional proxy routes 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2023-11-17 09:20:10 +01:00
André Duffeck
668f917dba Add an ocm service exposing the ocm related http and grpc APIs 2023-10-24 10:29:29 +02:00
Ralf Haferkamp
684f5c07e5 Use service user for role assignment and autoprovisioning 
This gets us a rid of the need to configure the reva jwt secret in the
proxy. Also we no longer need to fake an internal admin user for
autoprovsioning user and/or assigning the roles to users from oidc
claims.
 2023-09-07 20:54:14 +02:00
jkoberg
1bfdc43054 reroute sse path to sse service 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2023-08-29 13:59:39 +02:00
Jörn Friedrich Dreyer
5422586bfa allow skipping userinfo call 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2023-08-23 13:56:48 +02:00
Jörn Friedrich Dreyer
21f52a8523 properly register webdav methods with chi 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2023-07-31 17:38:15 +02:00
Ralf Haferkamp
7a4bc71e65 Revert "idp/proxy: Match users by ID instead of name by default" 
This reverts commit 52951b42b0.

The change broke authentication for at least the desktop client when
using the builtin idp. There seem to be issues in the IDP (lico) which
result in the implicit scoped not being added correctly in some case.
When that scope is missing the `lg.uuid` claim will not be present in
the userinfo and we can correctly match users by id.

This reverts back to the old behaviour of matching users by name. Which
also brings some aspects of https://github.com/owncloud/ocis/issues/904

Fixes #6415
 2023-06-01 11:13:47 +02:00