summaryrefslogtreecommitdiff
path: root/internal/server
AgeCommit message (Collapse)Author
2023-09-01Client + Server: Increase endpoint update frequency and update secure ↵jwijenbergh
internet handling
2023-08-29Server: Set OAuth endpoints on refreshjwijenbergh
This fixes OAuth endpoints after e.g. an update from 2.x to 3.x
2023-04-18Client + Server: Set default secure internet locationjwijenbergh
2023-04-18Server Custom: Fix invalid wrap erorrjwijenbergh
2023-04-18Client + Server: Implement a token updater callbackjwijenbergh
2023-02-28API + OAuth: Add some debug logging for tokensjwijenbergh
2023-02-27Profile Test: formatjwijenbergh
2023-02-17Refactor: Improve some errors by using errors.New and add contextjwijenbergh
2023-02-16Server: Add test for profilesjwijenbergh
2023-02-16Format: Run gofumptjwijenbergh
2023-02-16Server: Validate endpointsjwijenbergh
This commit validates the server endpoints by checking the Host and scheme of each URL to check if they match eachother. This is to prevent further mixup attacks
2023-02-15Server: Remove 75% requirement on renew buttonjwijenbergh
2023-01-31Server: Add script-security 0 to the OpenVPN configjwijenbergh
This prevents scripts from being executed by default. Clients can override this by either using the OpenVPN --script-security flag or add a script-security setting themselves.
2023-01-13Server API: Set a lower timeout for disconnectjwijenbergh
2023-01-10Client + Discovery: Implement further organizations expiryjwijenbergh
2023-01-06Refactor: Re-use a HTTP clientjwijenbergh
2022-12-21Client + Exports: Forward tokens for /disconnectjwijenbergh
2022-12-21Exports + OAuth + Server: Forward tokens to getting a configjwijenbergh
2022-12-21Failover: Initial implementationjwijenbergh
2022-12-21Server: Implement forcing WireGuard selection through envjwijenbergh
2022-12-14Server: Fix revive lint errorjwijenbergh
``` internal/server/servers.go:51:9: indent-error-flow: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) (revive) } else { return srv, nil } ```
2022-12-12Format: Run gofumptjwijenbergh
2022-12-12Server + Exports: Rename and simplify GetCurrentProfileIndexjwijenbergh
2022-12-12Server: Minor style changesjwijenbergh
2022-12-12simplify error handlingAleksandar Pesic
fixes #6 Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com>
2022-11-28Server: Split more into multiple implementation filesjwijenbergh
2022-11-28Lint: Use gocritic linter and fix errors returned by itjwijenbergh
2022-11-28Formatting: Run golinesjwijenbergh
2022-11-28Formatting: Run gofumpt -wjwijenbergh
2022-11-28Refactor: Fix revive linter errors by deleting redundant prefixesjwijenbergh
2022-11-28OAuth: Refactor Token getting and do not save them in the configjwijenbergh
This commit refactors getting the tokens into receiver methods. This means that functions do not have to call the cryptic "EnsureTokens" method. The receiver getter then already verifier whether or not the tokens could be obtained (and refreshes too). The downside is that some things are now private, so testing for invalid tokens needs to be done somewhere else. This needs another patch such that clients can save the tokens themselves using a keyring.
2022-11-28Lint: Run godot fixjwijenbergh
Full command: golangci-lint run --disable-all -E godot --fix
2022-11-28Refactor: Remove most get prefixes for receiver functionsjwijenbergh
2022-11-24Style: Use stylecheck and fix errorsjwijenbergh
2022-11-24Discovery + Server: Get rid of unused importsjwijenbergh
2022-11-24Util: Get rid of current time helperjwijenbergh
Fixes #5
2022-11-14Client + Server: Refresh the endpoints before checking for a valid profilejwijenbergh
2022-11-10Server: Re-initialize endpoints when getting a configjwijenbergh
2022-10-24Client + Server + Exports: Implement optional WireGuard supportjwijenbergh
2022-10-19OAuth + Server: Fix ISS for secure internetjwijenbergh
The wrong base url was used. Use the one from the home server NOT the current location
2022-10-19Refactor: Make errors use the parent's error leveljwijenbergh
- All wrapped errors have to be created with types.NewWrappedError to inherit the error level from the parent - Or types.NewWrappedErrorLevel can be used which means a custom error level is given. For example this is done with cancelling OAuth - Client public errors are forwarded with handleError that also logs it with the error's level
2022-10-19Discovery + Server: Remove unused 'Raw' stringsjwijenbergh
2022-10-17Client + Server: Delete tokens before attempting a login for renewjwijenbergh
2022-10-17Server + Util: Ensure the base URL already ends with a /jwijenbergh
2022-10-17OAuth: Implement Authorization Server Issuer Identification (ISS)jwijenbergh
- This patch implements ISS checking according to RFC 9207 https://datatracker.ietf.org/doc/html/rfc9207 - This tries to prevent so called "mix-up" attacks where the client is fooled into authorizing with an honest AS through a malicious entity
2022-10-13Server API: Use default timeout for /disconnectjwijenbergh
2022-10-13Format: Run gofumptjwijenbergh
2022-10-11Client + Server: Set the current institute / custom server on addingjwijenbergh
2022-10-11Client: Refactor out adding a Server from getting a configjwijenbergh
2022-10-04Server: Implement `prefer_tcp` according to specjwijenbergh