Zaiming (Stone) Shi
467010e3d3
chore: bump emqx_authz app vsn
2022-11-08 17:40:34 +01:00
Stefan Strigler
0678e05e84
style: fix message returned for 404
...
Co-authored-by: Zaiming (Stone) Shi <zmstone@gmail.com>
2022-11-08 17:40:34 +01:00
Stefan Strigler
ba1e19f068
fix(emqx_authz_api_sources): make schema fit to what we send
2022-11-08 17:40:34 +01:00
Stefan Strigler
e0ed0855ff
fix(emqx_authz_api_sources): return 'code' in response body for 404
2022-11-08 17:40:34 +01:00
JimMoen
2984397e73
chore: apps vsn bump
2022-09-23 17:09:15 +08:00
JimMoen
85835256f1
Merge tag 'v5.0.8' into merge-release-v5.0.8-into-master
2022-09-23 16:06:44 +08:00
Ilya Averyanov
c11afc357e
fix(auth): use empty strings for absent placeholder values
2022-09-20 15:20:55 +03:00
firest
14b5977996
feat(authz): Support `cert_common_name` and `cert_subject` in Authz
2022-09-15 18:02:54 +08:00
Xinyu Liu
d9c9a1dec3
Merge pull request #8958 from JimMoen/fix-ssl-drop-invalid-certs
...
fix(bridge/authz/exhook): no need to drop invalid certs
2022-09-15 09:01:08 +08:00
JianBo He
a461375b30
chore: support strip double quote in authn/authz
...
more compatibility for https://github.com/emqx/emqx/pull/8827
2022-09-14 15:25:31 +08:00
JimMoen
f018b8ab49
fix(bridge/authz/exhook): no need to drop invalid certs
2022-09-14 14:08:55 +08:00
firest
05bbadc8c5
chore: bump ahutz version && update CHANGES-5.0.md
2022-08-31 21:15:55 +08:00
firest
71aaf5c538
fix(authz): fix dialyzer && test case && proper error
2022-08-31 16:49:27 +08:00
JianBo He
168f44e45b
fix: exhook client.authorize never be execauted
...
see: https://github.com/emqx/emqx/issues/8779
2022-08-31 14:34:02 +08:00
Ilya Averyanov
64aa30ec63
chore(authn/authz): better handling of placeholder interpolation errors
2022-08-10 18:22:37 +03:00
Zhongwen Deng
dd59c850e0
chore: make sure swagger's tags always titlecase
2022-07-25 16:09:17 +08:00
Zhongwen Deng
a12478225a
fix: fix bad swagger format
2022-07-20 16:56:07 +08:00
Zaiming (Stone) Shi
e49686a276
fix(authz): should apply no rule on superuser
2022-07-08 22:35:15 +02:00
JianBo He
4c17b38102
chore: treat 200/204 as acl nomatch
2022-07-01 20:42:22 +08:00
JianBo He
83f5da8f9d
fix(authz-http): fix https://github.com/emqx/emqx/pull/8377#discussion_r911743360
2022-07-01 17:46:55 +08:00
JianBo He
52b77b570f
refactor: authz-http return body to reject pub/sub
2022-07-01 17:46:55 +08:00
JianBo He
f8c90452cc
chore: auto retry disconnected authn/authz resources
2022-07-01 12:01:39 +08:00
ieQu1
a9ec193ef8
fix(prometheus): Disable authorization for metrics scraping endpoint
2022-06-23 00:31:53 +02:00
Shawn
51efe22e57
chore: update the appup files for authz/authn
2022-06-22 15:54:37 +08:00
Shawn
defacb97df
fix: disabled resources for authz/authn started after emqx reboot
2022-06-22 14:34:30 +08:00
Xinyu Liu
3b00b16abe
Merge pull request #8221 from terry-xiaoyu/fix_delayed_module_disbled_after_emqx_stop
...
feat: fix the hook priorities
2022-06-16 09:42:42 +08:00
Shawn
39b1b20506
feat: fix the hook priorities
2022-06-15 19:03:40 +08:00
JianBo He
03967a83de
chore(authz): make `authorization.cache.enable` required
2022-06-15 13:46:17 +08:00
firest
45aa9d604b
fix(metrics): remove the client. prefix for AuthN/AuthZ metrics
2022-06-14 14:08:25 +08:00
Shawn
f18eab402a
fix(CI): don't use any authz sources when testing
2022-06-10 14:21:20 +08:00
firest
86a3ac0bef
fix(authz): prohibit overriding of existing client/user
2022-06-07 16:34:01 +08:00
Zhongwen Deng
c7cc2e85b2
fix: add default&example for schema
2022-06-06 09:52:10 +08:00
Zaiming (Stone) Shi
2eb621ba57
fix: hint metrics merge errors
2022-05-13 21:38:51 +02:00
Ilya Averyanov
91da451803
feat(authz): add default authn-based authz source
2022-05-13 12:51:10 +03:00
Ilya Averyanov
ca0c80965a
Merge pull request #7890 from savonarola/fix-jwt-acl-v5
...
fix(jwt auth): improve JWT handling
2022-05-12 19:48:37 +03:00
Ilya Averyanov
e0fa07b679
fix(jwt auth): improve JWT handling
2022-05-12 12:10:47 +03:00
JimMoen
87af77ec35
refactor: do not destory resource when update authn/authz resource
2022-05-12 14:19:57 +08:00
firest
5220869dd8
fix(authz): add authz source type into the authorize logger
2022-05-11 17:54:42 +08:00
Chris Hicks
841acb7828
Merge pull request #7783 from emqx/EMQX-4199-introduce-a-new-emqx-resource-manager-module
...
feat: isolate resource manager processes
2022-05-09 18:33:01 +02:00
Chris
0b3e30e813
feat: isolate resource manager processes
2022-05-09 13:24:34 +02:00
EMQ-YangM
30b3060327
fix: improve authn, authz metrics
2022-05-05 18:53:31 +08:00
JianBo He
d36d27c533
Merge pull request #7781 from HJianBo/rename-acl-metrics
...
feat(metrics): refactor authz metrics name
2022-04-29 16:52:43 +08:00
JianBo He
344a754674
Merge pull request #7817 from JimMoen/fix-auth-http
2022-04-29 16:36:10 +08:00
JianBo He
1632df9ebb
Merge pull request #7837 from EMQ-YangM/reduce_duplicate_field
...
fix: reduce duplicate field
2022-04-29 15:50:27 +08:00
JianBo He
7bbed713f4
Merge pull request #7835 from JimMoen/fix-mongo-require-fields
...
fix(auth): mongo field `filter` not required and have default value
2022-04-29 15:38:54 +08:00
JianBo He
1597ea50c1
feat(metrics): refactor authz metrics name
...
In the current implementation:
```
Authz checking times = client.authorize + client.authorization.cache_hit
= client.authorization.allow + client.authorization.deny
client.authorize means how many times the `client.authorize` hook has been executed.
client.authorize = client.authorization.matched.allow +
client.authorization.matched.deny +
client.authorization.nomatch
```
2022-04-29 15:20:05 +08:00
EMQ-YangM
110f0d0e94
fix: reduce duplicate field
2022-04-29 14:37:49 +08:00
JimMoen
ad4b70c27e
fix(auth): mongo field `filter` not required and have default value
2022-04-29 13:37:29 +08:00
JimMoen
15ef9892c5
fix(auth): authn & authz http support placeholder in HTTP path
2022-04-29 12:48:00 +08:00
JimMoen
dae418ae4a
fix(auth): authn & authz http not required `body` field
2022-04-29 12:47:56 +08:00