mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-09-20 08:32:41 +00:00
cff6c2b3af* Add SSO functionality using OpenID Connect Co-authored-by: Pablo Ovelleiro Corral <mail@pablo.tools> Co-authored-by: Stuart Heap <sheap13@gmail.com> Co-authored-by: Alex Moore <skiepp@my-dockerfarm.cloud> Co-authored-by: Brian Munro <brian.alexander.munro@gmail.com> Co-authored-by: Jacques B. <timshel@github.com> * Improvements and error handling * Stop rolling device token * Add playwright tests * Activate PKCE by default * Ensure result order when searching for sso_user * add SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION * Toggle SSO button in scss * Base64 encode state before sending it to providers * Prevent disabled User from SSO login * Review fixes * Remove unused UserOrganization.invited_by_email * Split SsoUser::find_by_identifier_or_email * api::Accounts::verify_password add the policy even if it's ignored * Disable signups if SSO_ONLY is activated * Add verifiedDate to organizations::get_org_domain_sso_details * Review fixes * Remove OrganizationId guard from get_master_password_policy * Add wrapper type OIDCCode OIDCState OIDCIdentifier * Membership::confirm_user_invitations fix and tests * Allow set-password only if account is unitialized * Review fixes * Prevent accepting another user invitation * Log password change event on SSO account creation * Unify master password policy resolution * Upgrade openidconnect to 4.0.0 * Revert "Remove unused UserOrganization.invited_by_email" This reverts commit 548e19995e141314af98a10d170ea7371f02fab4. * Process org enrollment in accounts::post_set_password * Improve tests * Pass the claim invited_by_email in case it was not in db * Add Slack configuration hints * Fix playwright tests * Skip broken tests * Add sso identifier in admin user panel * Remove duplicate expiration check, add a log * Augment mobile refresh_token validity * Rauthy configuration hints * Fix playwright tests * Playwright upgrade and conf improvement * Playwright tests improvements * 2FA email and device creation change * Fix and improve Playwright tests * Minor improvements * Fix enforceOnLogin org policies * Run playwright sso tests against correct db * PKCE should now work with Zitadel * Playwright upgrade maildev to use MailBuffer.expect * Upgrades playwright tests deps * Check email_verified in id_token and user_info * Add sso verified endpoint for v2025.6.0 * Fix playwright tests * Create a separate sso_client * Upgrade openidconnect to 4.0.1 * Server settings for login fields toggle * Use only css for login fields * Fix playwright test * Review fix * More review fix * Perform same checks when setting kdf --------- Co-authored-by: Felix Eckhofer <felix@eckhofer.com> Co-authored-by: Pablo Ovelleiro Corral <mail@pablo.tools> Co-authored-by: Stuart Heap <sheap13@gmail.com> Co-authored-by: Alex Moore <skiepp@my-dockerfarm.cloud> Co-authored-by: Brian Munro <brian.alexander.munro@gmail.com> Co-authored-by: Jacques B. <timshel@github.com> Co-authored-by: Timshel <timshel@480s> |
||
|---|---|---|
| .. | ||
| 2018-01-14-171611_create_tables | ||
| 2018-02-17-205753_create_collections_and_orgs | ||
| 2018-04-27-155151_create_users_ciphers | ||
| 2018-05-08-161616_create_collection_cipher_map | ||
| 2018-05-25-232323_update_attachments_reference | ||
| 2018-06-01-112529_update_devices_twofactor_remember | ||
| 2018-07-11-181453_create_u2f_twofactor | ||
| 2018-08-27-172114_update_ciphers | ||
| 2018-09-10-111213_add_invites | ||
| 2018-09-19-144557_add_kdf_columns | ||
| 2018-11-27-152651_add_att_key_columns | ||
| 2019-05-26-216651_rename_key_and_type_columns | ||
| 2019-10-10-083032_add_column_to_twofactor | ||
| 2019-11-17-011009_add_email_verification | ||
| 2020-03-13-205045_add_policy_table | ||
| 2020-04-09-235005_add_cipher_delete_date | ||
| 2020-07-01-214531_add_hide_passwords | ||
| 2020-08-02-025025_add_favorites_table | ||
| 2020-11-30-224000_add_user_enabled | ||
| 2020-12-09-173101_add_stamp_exception | ||
| 2021-03-11-190243_add_sends | ||
| 2021-04-30-233251_add_reprompt | ||
| 2021-05-11-205202_add_hide_email | ||
| 2021-07-01-203140_add_password_reset_keys | ||
| 2021-08-30-193501_create_emergency_access | ||
| 2021-10-24-164321_add_2fa_incomplete | ||
| 2022-01-17-234911_add_api_key | ||
| 2022-03-02-210038_update_devices_primary_key | ||
| 2022-07-27-110000_add_group_support | ||
| 2022-10-18-170602_add_events | ||
| 2023-01-06-151600_add_reset_password_support | ||
| 2023-01-11-205851_add_avatar_color | ||
| 2023-01-31-222222_add_argon2 | ||
| 2023-02-18-125735_push_uuid_table | ||
| 2023-06-02-200424_create_organization_api_key | ||
| 2023-06-17-200424_create_auth_requests_table | ||
| 2023-06-28-133700_add_collection_external_id | ||
| 2023-09-01-170620_update_auth_request_table | ||
| 2023-09-02-212336_move_user_external_id | ||
| 2023-09-10-133000_add_sso | ||
| 2023-09-14-133000_add_users_organizations_invited_by_email | ||
| 2023-10-21-221242_add_cipher_key | ||
| 2024-01-12-210182_change_attachment_size | ||
| 2024-02-14-135828_change_time_stamp_data_type | ||
| 2024-02-14-170000_add_state_to_sso_nonce | ||
| 2024-02-26-170000_add_pkce_to_sso_nonce | ||
| 2024-03-06-170000_add_sso_users | ||
| 2024-03-13-170000_sso_users_cascade | ||
| 2024-06-05-131359_add_2fa_duo_store | ||
| 2024-09-04-091351_use_device_type_for_mails | ||
| 2025-01-09-172300_add_manage | ||