mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-02-24 11:07:14 -05:00
Code Issues Packages Projects Releases Wiki Activity
22,749 Commits 51 Branches 48 Tags
3dfd6fd527e5e45409aec5dc424b384a3dc82c90
Commit Graph

22749 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pascal Bleser
3dfd6fd527 upgrade Stalwart to 0.12 2026-02-23 09:34:45 +01:00
Pascal Bleser
a0e1dc21a7 minor corrections to the Stalwart configuration 2026-02-23 09:34:45 +01:00
Pascal Bleser
8742f0a38c Introduce a the auth-api service 
* primitive implementation to demonstrate how it could work, still to
   be considered WIP at best

 * add new dependency: MicahParks/jwkset and MicahParks/keyfunc to
   retrieve the JWK set from KeyCloak to verify the signature of the
   JWTs sent as part of Bearer authentication in the /auth API

 * (minor) opencloud/.../service.go: clean up a logging statement that
   was introduced earlier to hunt down why the auth-api service was not
   being started
 2026-02-23 09:34:44 +01:00
Pascal Bleser
a541c8f60a add an auth-api service to make an exemplary implementation of an external authentication API for third party services such as Stalwart 2026-02-23 09:34:44 +01:00
Pascal Bleser
a75fdaa484 move services/groupware/pkg/jmap to pkg/jmap 2026-02-23 09:34:44 +01:00
Pascal Bleser
1d8650999e WIP: restructure the Jmap client, and implement the /me/messages Graph API endpoint with it 2026-02-23 09:34:44 +01:00
Pascal Bleser
1e1557b1fa add an OIDC Directory to Stalwart, requires exposing Keycloak port 8080 directly to access the userinfo endpoint using HTTP since the certificates in traefik are self-signed and end up being rejected by Stalwart with no option to bypass the certificate check 2026-02-23 09:34:44 +01:00
Pascal Bleser
f23b1b83e3 rename Stalwart fallback admin username from 'admin' to 'mailadmin' since 'admin' exists as a regular user in LDAP and thus won't have access to the administration 2026-02-23 09:34:44 +01:00
Pascal Bleser
a30626ec19 add missing routing for /groupware (currently unprotected for testing) 2026-02-23 09:34:44 +01:00
Pascal Bleser
7f7f25c11c WIP: initial implementation of the groupware service 2026-02-23 09:34:44 +01:00
Pascal Bleser
0e4838bb68 Add Stalwart container to the opencloud_full deployment, using the OpenLDAP container as a directory for user authentication 2026-02-23 09:34:44 +01:00
dependabot[bot]
b7eb6f768d build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 
Bumps [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) from 2.27.7 to 2.28.0.
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Commits](https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.27.7...v2.28.0)

---
updated-dependencies:
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-version: 2.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 09:34:09 +01:00
dependabot[bot]
e13ba4af06 build(deps): bump github.com/open-policy-agent/opa from 1.13.1 to 1.13.2 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.13.1 to 1.13.2.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v1.13.1...v1.13.2)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 09:31:49 +01:00
Jannik Stehle
2a2e882a59 Merge pull request #2377 from opencloud-eu/feat/web-adjust-surface-colors 
feat(web): change surface colors to more modern ones
 2026-02-23 07:34:59 +01:00
opencloudeu
42e9c27174 [tx] updated from transifex 2026-02-22 00:13:15 +00:00
Jannik Stehle
02d73157c1 feat(web): change surface colors to more modern ones 2026-02-20 16:13:32 +01:00
dependabot[bot]
801a4ce8c4 build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.78.0 to 1.79.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.78.0...v1.79.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-19 18:27:12 +01:00
dependabot[bot]
74ff47e4c2 build(deps): bump github.com/onsi/ginkgo/v2 from 2.28.0 to 2.28.1 
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.28.0 to 2.28.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.28.0...v2.28.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-19 17:04:06 +01:00
dependabot[bot]
5851db3d93 build(deps): bump go.opentelemetry.io/contrib/zpages 
Bumps [go.opentelemetry.io/contrib/zpages](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.64.0 to 0.65.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.64.0...zpages/v0.65.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/zpages
  dependency-version: 0.65.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-19 13:27:49 +01:00
Ralf Haferkamp
6dde2839df fix(oidc_auth): Fix userinfo cache expiration logic 
When the userinfo claims store in the usercache is found to be expired,
do not return an error but ignore the cached entry and force a
re-verification of the access token (either via parsing the JWT again or
via a UserInfo lookup).
This is required for setups with non-JWT access tokes where the expiry
date set in the cached claims does not reflect the actual token expiry,
but just the CacheTTL.

Fixes: #1493
 2026-02-19 13:17:17 +01:00
Ralf Haferkamp
212846f2f4 fix(idp): Remove kpop dependency 
The built package (https://download.kopano.io/community/kapp:/kpop-2.7.2.tgz)
seems to be no longer available and upstream lico already switched away
from it quite a while ago.

Fixes: #2364
 2026-02-19 12:16:30 +01:00
opencloudeu
4447893aeb [tx] updated from transifex 2026-02-18 00:15:57 +00:00
Jörn Friedrich Dreyer
cd655f3ac7 Add openCloudEducationExternalId to user 2026-02-17 17:57:39 +01:00
dependabot[bot]
44d2f95fa6 build(deps): bump golang.org/x/net from 0.49.0 to 0.50.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.49.0 to 0.50.0.
- [Commits](https://github.com/golang/net/compare/v0.49.0...v0.50.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-17 16:53:59 +01:00
dependabot[bot]
d0edd5bf99 build(deps): bump github.com/go-resty/resty/v2 from 2.17.1 to 2.17.2 
Bumps [github.com/go-resty/resty/v2](https://github.com/go-resty/resty) from 2.17.1 to 2.17.2.
- [Release notes](https://github.com/go-resty/resty/releases)
- [Commits](https://github.com/go-resty/resty/compare/v2.17.1...v2.17.2)

---
updated-dependencies:
- dependency-name: github.com/go-resty/resty/v2
  dependency-version: 2.17.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-17 16:51:33 +01:00
Alex
cdb942a093 feat: app-registry adjust default mime-types (#2354) 2026-02-17 16:39:55 +01:00
Ralf Haferkamp
342cb3df95 adr(webfinger): Align example config with implementation 2026-02-17 12:13:43 +01:00
Ralf Haferkamp
78703806e4 feat(webfinger): add fallbacks for CLIENT_ID and SCOPE setting 
This adds the variables 'OC_OIDC_CLIENT_ID' and
'OC_OIDC_CLIENT_SCOPES' as fallbacks for the platform specific settings.

For backwards compatibility with the "old" settings for the 'web'
service we also allow 'WEB_OIDC_CLIENT_ID' and 'WEB_OIDC_SCOPE' for the
"web" platform.
 2026-02-17 10:41:35 +01:00
Ralf Haferkamp
4f1aca6d90 feat(webfinger): use webfinger properties instead new relations 
This works the previous commits so that clients can add an addtional
'platform' query parameter to the webfinger request that  can be used
to query the oidc client id and list of scopes that the clients need
to use when connecting to the IDP.

This also removes the non-standard issuer relatation introduced in a
previous commit as we can just introduce new relations in the
http://openid.net name space.

For IDP like Authentik that create a separate issuer url per Client
(Application in Authentik's terms) it is suggested to just configure
as single Client and use that id for all platforms (i.e. setting
'WEBFINGER_ANDROID_OIDC_CLIENT_ID', 'WEBFINGER_DESKTOP_OIDC_CLIENT_ID',
'WEBFINGER_IOS_OIDC_CLIENT_ID' and 'WEBFINGER_WEB_OIDC_CLIENT_ID' to
same value.

Related: #2088
Related: https://github.com/opencloud-eu/desktop/issues/246
 2026-02-17 10:41:35 +01:00
Ralf Haferkamp
24aaeb46ba chore(webfinger): Simplify weird Query parameter extraction loop 2026-02-17 10:41:35 +01:00
pat-s
daeae1f443 feat(webfinger): support desktop and mobile specific OIDC client_id 2026-02-17 10:41:35 +01:00
pat-s
84da592c88 feat(webfinger): add desktop-specific OIDC issuer support 2026-02-17 10:41:35 +01:00
dependabot[bot]
5058e2ffc2 build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 
Bumps [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.64.0 to 0.65.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.64.0...zpages/v0.65.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-version: 0.65.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-17 09:25:43 +01:00
dependabot[bot]
5daeada697 build(deps): bump github.com/open-policy-agent/opa from 1.12.3 to 1.13.1 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.12.3 to 1.13.1.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/compare/v1.12.3...v1.13.1)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-17 09:02:30 +01:00
opencloudeu
4e9eb596f0 [tx] updated from transifex 2026-02-17 00:17:42 +00:00
Ralf Haferkamp
a1b6f534f7 adr(webfinger): Change status to accepted 2026-02-16 17:40:19 +01:00
Ralf Haferkamp
815b049321 adr(webfinger): Apply suggestions from code review 
Co-authored-by: Benedikt Kulmann <benedikt@kulmann.biz>
 2026-02-16 17:40:19 +01:00
Ralf Haferkamp
2bf4f2e12e adr(webfinger): Document OIDC client parameter discovery 2026-02-16 17:40:19 +01:00
OpenCloud Devops
edb917b74a 🎉 Release 5.1.0 (#2300) v5.1.0 2026-02-16 15:31:10 +01:00
Andre Duffeck
2fdb87291e Merge pull request #2348 from aduffeck/bump-reva-v2.42.4 
[full-ci] Bump reva v2.42.4
 2026-02-16 14:11:04 +01:00
Benedikt Kulmann
153fdeeac0 Merge pull request #2349 from opencloud-eu/bump-web-5.1.0 
[full-ci] chore: bump web to v5.1.0
 2026-02-16 12:51:34 +01:00
André Duffeck
2043dee745 Bump opencloud version 2026-02-16 11:02:50 +01:00
Benedikt Kulmann
5be98670f4 chore: bump web to v5.1.0 2026-02-16 11:01:47 +01:00
André Duffeck
97da8655b7 Bump reva 2026-02-16 10:53:20 +01:00
opencloudeu
e698a35aef [tx] updated from transifex 2026-02-16 00:16:53 +00:00
opencloudeu
d867665dc1 [tx] updated from transifex 2026-02-15 00:16:35 +00:00
opencloudeu
e0b465342f [tx] updated from transifex 2026-02-14 00:16:38 +00:00
Thomas Schweiger
8f3714f08f Merge pull request #2333 from opencloud-eu/fix/fix-typo-in-var-description 
fix: fix typo in variable description
 2026-02-12 18:13:02 +01:00
Michael Barz
1c493ec46b fix: include sessionID in sse logout event (#2327) 2026-02-12 17:21:09 +01:00
Thomas Schweiger
bac83c4729 fix: fix typo in variable description 2026-02-12 16:48:12 +01:00