richard
/
wiki
mirror of https://github.com/Requarks/wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2136 Commits
3 Branches
121 Tags
48 MiB
Tree: f0da041c2a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f0da041c2a'
${ noResults }
wiki/server/modules/authentication/saml/definition.yml

176 lines
6.0 KiB
Raw Normal View History

feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: auth jwt, permissions, login ui (wip)
6 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update passport-saml dependency + set cert as required
2 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update passport-saml dependency + set cert as required
2 years ago
fix: git private key alt paste mode
5 years ago
feat: SAML auth module
5 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
fix: git private key alt paste mode
5 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
fix: git private key alt paste mode
5 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: assets move + comments migration + admin users UI
4 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix(auth): update SAML authnContext hint text for multiple values
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
fix: update saml strategy to use new config options
2 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: assets move + comments migration + admin users UI
4 years ago
fix: update saml strategy to use new config options
2 years ago
feat: SAML auth module
5 years ago
feat: admin UI fixes + SAML strategy + dashboard gql
6 years ago
feat: SAML auth module
5 years ago
fix: update saml strategy to use new config options
2 years ago
feat: SAML auth module
5 years ago
fix: update saml strategy to use new config options
2 years ago
feat: SAML auth module
5 years ago
fix: update saml strategy to use new config options
2 years ago
feat: SAML auth module
5 years ago
fix: update saml strategy to use new config options
2 years ago
feat: sync groups with SAML provider (#6299) * feat: added implementation for group mapping in SAML strategies --------- Co-authored-by: Abderraouf El Gasser <abderraouf.elgasser@iktos.com> Co-authored-by: Nicolas Giard <github@ngpixel.com>
1 year ago
  1. key: saml
  2. title: SAML 2.0
  3. description: Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.
  4. author: requarks.io
  5. logo: https://static.requarks.io/logo/saml.svg
  6. color: red darken-3
  7. website: https://wiki.oasis-open.org/security/FrontPage
  8. isAvailable: true
  9. useForm: false
  10. props:
  11. entryPoint:
  12. type: String
  13. title: Entry Point
  14. hint: Identity provider entrypoint (URL)
  15. order: 1
  16. issuer:
  17. type: String
  18. title: Issuer
  19. hint: Issuer string to supply to Identity Provider
  20. order: 2
  21. audience:
  22. type: String
  23. title: Audience
  24. hint: Expected SAML response Audience (if not provided, audience won't be verified)
  25. order: 3
  26. cert:
  27. type: String
  28. title: Certificate
  29. hint: Public PEM-encoded X.509 signing certificate. If the provider has multiple certificates that are valid, join them together using the | pipe symbol.
  30. multiline: true
  31. order: 4
  32. privateKey:
  33. type: String
  34. title: Private Key
  35. hint: PEM formatted key used to sign the certificate.
  36. multiline: true
  37. order: 5
  38. decryptionPvk:
  39. type: String
  40. title: Decryption Private Key
  41. hint: (Optional) - Private key that will be used to attempt to decrypt any encrypted assertions that are received.
  42. multiline: true
  43. order: 6
  44. signatureAlgorithm:
  45. type: String
  46. title: Signature Algorithm
  47. hint: Signature algorithm used for signing requests
  48. maxWidth: 400
  49. order: 7
  50. default: sha1
  51. enum:
  52. - sha1
  53. - sha256
  54. - sha512
  55. digestAlgorithm:
  56. type: String
  57. title: Digest Algorithm
  58. hint: Digest algorithm used to provide a digest for the signed data object
  59. maxWidth: 400
  60. order: 8
  61. default: sha1
  62. enum:
  63. - sha1
  64. - sha256
  65. - sha512
  66. identifierFormat:
  67. type: String
  68. title: Name Identifier format
  69. default: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
  70. order: 20
  71. wantAssertionsSigned:
  72. type: Boolean
  73. title: Always sign assertions
  74. hint: If enabled, add WantAssertionsSigned="true" to the metadata, to specify that the IdP should always sign the assertions.
  75. default: false
  76. order: 21
  77. acceptedClockSkewMs:
  78. type: Number
  79. title: Accepted Clock Skew Milleseconds
  80. hint: Time in milliseconds of skew that is acceptable between client and server when checking OnBefore and NotOnOrAfter assertion condition validity timestamps. Setting to -1 will disable checking these conditions entirely.
  81. default: 0
  82. order: 22
  83. disableRequestedAuthnContext:
  84. type: Boolean
  85. title: Disable Requested Auth Context
  86. hint: If enabled, do not request a specific authentication context. This is known to help when authenticating against Active Directory (AD FS) servers.
  87. default: false
  88. order: 23
  89. authnContext:
  90. type: String
  91. title: Auth Context
  92. hint: Name identifier format to request auth context. For multiple values, join them together using the | pipe symbol.
  93. default: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
  94. order: 24
  95. racComparison:
  96. type: String
  97. title: RAC Comparison Type
  98. hint: Requested Authentication Context comparison type.
  99. maxWidth: 400
  100. order: 25
  101. default: exact
  102. enum:
  103. - exact
  104. - minimum
  105. - maximum
  106. - better
  107. forceAuthn:
  108. type: Boolean
  109. title: Force Initial Re-authentication
  110. hint: If enabled, the initial SAML request from the service provider specifies that the IdP should force re-authentication of the user, even if they possess a valid session.
  111. default: false
  112. order: 26
  113. passive:
  114. type: Boolean
  115. title: Passive
  116. hint: If enabled, the initial SAML request from the service provider specifies that the IdP should prevent visible user interaction.
  117. default: false
  118. order: 27
  119. providerName:
  120. type: String
  121. title: Provider Name
  122. hint: Optional human-readable name of the requester for use by the presenter's user agent or the identity provider.
  123. default: wiki.js
  124. order: 28
  125. skipRequestCompression:
  126. type: Boolean
  127. title: Skip Request Compression
  128. hint: If enabled, the SAML request from the service provider won't be compressed.
  129. default: false
  130. order: 29
  131. authnRequestBinding:
  132. type: String
  133. title: Request Binding
  134. hint: Binding used for request authentication from IDP.
  135. maxWidth: 400
  136. order: 30
  137. default: 'HTTP-POST'
  138. enum:
  139. - HTTP-Redirect
  140. - HTTP-POST
  141. mappingUID:
  142. title: Unique ID Field Mapping
  143. type: String
  144. default: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier'
  145. hint: The field storing the user unique identifier. Can be a variable name or a URI-formatted string.
  146. order: 40
  147. mappingEmail:
  148. title: Email Field Mapping
  149. type: String
  150. default: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'
  151. hint: The field storing the user email. Can be a variable name or a URI-formatted string.
  152. order: 41
  153. mappingDisplayName:
  154. title: Display Name Field Mapping
  155. type: String
  156. default: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'
  157. hint: The field storing the user display name. Can be a variable name or a URI-formatted string.
  158. order: 42
  159. mappingPicture:
  160. title: Avatar Picture Field Mapping
  161. type: String
  162. default: 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/picture'
  163. hint: The field storing the user avatar picture. Can be a variable name or a URI-formatted string.
  164. order: 43
  165. mapGroups:
  166. type: Boolean
  167. title: Map Groups
  168. hint: Map groups matching names from the provider user groups. User Groups Field Mapping must also be defined for this to work. Note this will remove any groups the user has that doesn't match any group from the provider.
  169. default: false
  170. order: 44
  171. mappingGroups:
  172. title: User Groups Field Mapping
  173. type: String
  174. default: 'memberOf'
  175. hint: The field storing the user groups attribute (when Map Groups is enabled). Can be a variable name or a URI-formatted string.
  176. order: 45