7bf70aaab6
feat(scram): supports ACL rules in `scram_restapi` backend
2024-07-26 14:30:28 +08:00
141d8144e4
fix(scram): change the name from `scram_http` to `scram_restapi`
2024-07-25 17:01:49 +08:00
c7a7658c7a
Merge pull request #13449 from zhongwencool/resource-log
...
feat: add group/type to resource slog
2024-07-24 14:34:25 +08:00
e7d07ea17c
feat: add resource_type to emqx_resource behaviour
2024-07-23 18:24:28 +08:00
878b218692
feat(authn): added a HTTP backend for the authentication mechanism scram
2024-07-23 16:07:32 +08:00
0a04b1ad6e
feat: add group/type to resource slog
2024-07-23 15:14:41 +08:00
9194756963
feat(auth): support HTTP authn return ACL rules
2024-07-03 15:37:11 +02:00
f7ac829f28
fix(auth,http): improve URI handling
2024-06-17 14:42:29 +03:00
2c264d9a4b
fix(http authz): handle unknown content types in responses
...
Fixes https://emqx.atlassian.net/browse/EMQX-12530
2024-06-12 14:31:12 -03:00
6fe8a09e97
fix(authz/http): rename PH_ACCESS to VAR_ACCESS
2024-05-31 14:49:54 +02:00
ca32cf8d29
Merge branch 'emqx-12487-fix-authz-http-content-type' into 0530-http-acl-compatibility-with-v4
2024-05-30 22:30:20 +02:00
6940930c3e
chore: bump emqx_auth_http app vsn
2024-05-19 09:30:39 +02:00
93232d4253
fix(authn/http): log meaningful error message if http header is missing
2024-05-14 10:22:07 +02:00
db9efb9317
chore: bump apps versions
2024-03-28 10:19:09 +01:00
9ec99fef4a
feat: allow client_attr used in authz rules
2024-03-23 10:16:02 +01:00
e5816f5a13
refactor: rename attr to client_attr
...
client_attr is unique enough for all contexts
so the name can be unified from external responses
to internal template rendering, and rule-engine template rendering
2024-03-23 10:16:02 +01:00
cc4805b1ac
feat: extract attrs field from http and jwt auth response
2024-03-23 10:16:02 +01:00
46877e979b
chore: update copyright-year
2024-02-23 08:21:06 +01:00
c7bfaf51fd
chore: typo error (templete -> template)
2024-02-20 09:41:09 +08:00
322b7bb7d2
chore: bump app vsn
2023-12-22 13:00:37 +01:00
7286f773ba
feat: don't merge authz default headers if user already setting
2023-12-15 09:45:42 +08:00
28a577ad09
chore: bump apps versions
2023-11-14 11:02:26 +01:00
06e440260f
refactor(schema): add args to map alias
2023-11-12 11:29:33 +01:00
f1de0aa176
fix(schema): add namespace to authn schemas
2023-11-10 13:41:51 +01:00
b24b66081a
refactor(authn/authz_http_schema): use typerefl alias
2023-11-10 13:41:51 +01:00
3d20e566d8
docs: add namespace to authn and authz schema
2023-11-10 08:45:20 +01:00
49fba40ee7
fix(tpl): ensure backward compat with authz / authn templates
...
This commit leans heavy into discouraging the former approach where
only part of placeholders were interpolated, depending on `placeholders`
option.
2023-11-02 17:11:10 +07:00
49f5325c67
feat(tpl): unify validations / errors var representations
2023-11-02 17:11:10 +07:00
0538a77700
feat(tpl): use `emqx_connector_template` in `emqx_authn`, `emqx_authz`
...
This slightly changes semantics: now the attempt to create authenticator
with illegal bindings in templates will fail, instead of treating them
as literals. The runtime behaviour on the other hand should be the same.
2023-11-02 17:11:10 +07:00
c2c56ba481
chore(auth): update tests
2023-10-05 13:41:50 +03:00
1eb75b43c4
chore(auth): split emqx_authn and emqx_authz apps
2023-10-05 13:41:50 +03:00
c24f3688c4
build: delete needless auth plugins
2021-06-25 18:45:34 +08:00
f68a89c9ba
fix(auth-http): support content-type header env variable override
2021-05-07 10:14:19 +08:00
a37f47887a
fix(ipv6): add ipv6_probe socket option only when supported
...
ipv6_probe is a socket option supported in EMQ's otp.git fork.
If the target hostname has a ipv6 DNS resolution, gen_tcp
tries to establish a connection on ipv6.
If it fails, then a fallback to default gen_tcp:connection
2021-04-28 10:43:36 +02:00
d9c7c72612
feat(ipv6 probe): automatically probe whether it is IPv6
2021-04-28 10:43:36 +02:00
6354e75626
chore: update copyrights
2021-04-23 20:43:00 +02:00
f08ddec296
Add server_name_indication and verify option ( #4349 )
...
Add server_name_indication and verify option
2021-03-23 19:48:04 +08:00
c752f3bec5
Refactor http lib add uri parse ( #4292 )
...
* feat(http_lib): Add uri parse to emqx_http_lib
* fix(webhook): call emqx_http_lib to parse uri
* fix(auth-http): Call emqx_http_lib to parse uri
* fix(rule-engine): call emqx_http_lib to parse uri
2021-03-06 13:35:02 +08:00
fb8133b998
chore(emqx_auth_http): match emqx:hook with ok
2021-02-24 21:32:48 +09:00
706e272410
chore(emqx_auth_http): fix dialyzer warnings (match returned values)
2021-02-19 16:23:18 +09:00
f000b6583c
fix(tls): Ensure tls config integrity
...
For default tsl version and ciphers, we try to use otp release number
to determin if we want to use tlsv1.3
For default configs, we try to porivde both tlsv1.3 and
ciphers in config (even for commented out configs)
2021-02-09 22:56:28 +01:00
d98d26942c
fix(bridge-mqtt): add max_inflight_size option back
...
For compatibility with versions below 4.2, we still
use the `max_inflight_size` option, but generate it
as the `max_inflight`
Previous PR: https://github.com/emqx/emqx/pull/3938
2021-01-28 16:24:42 +08:00
e6235d3bc9
fix(scheme): fix default scheme
2021-01-27 19:11:41 +01:00
45aafc75dd
fix(scheme): using uri_string:normalize/1
2021-01-27 19:11:41 +01:00
311df2f8a6
fix(scheme): fix scheme parsing
2021-01-27 19:11:41 +01:00
a631a2d64f
fix(ssl): fix ssl option
2021-01-27 19:11:41 +01:00
b77ac247eb
chore(auth-http): remove needless lines
2021-01-27 19:55:21 +08:00
b25dedccc9
refactor(inet parse): refactor inet parse
2021-01-25 15:59:23 +08:00
fd2e9f147b
fix(auth http): using ehttpc ( #4021 )
...
* fix(auth http): using ehttpc
* chore(ehttpc): update tag of ehttpc
* fix(config): update comment
2021-01-16 23:10:53 +08:00
32b23b9181
Revert "feat(auth_http): support for getting websocket cookies"
...
This reverts commit 5427057c2c
2021-01-14 15:10:48 +01:00
firest