Bumps
[@fontsource/source-sans-3](https://github.com/fontsource/font-files/tree/HEAD/fonts/google/source-sans-3)
from 5.0.18 to 5.0.19.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/fontsource/font-files/commits/HEAD/fonts/google/source-sans-3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Tuning the logging down a bit on our production releases. Prevents
gathering data we don't need to be gathering and prevents filling up
drive space with debug logs.
refs #3618
Bumps [flowbite](https://github.com/themesberg/flowbite) from 2.2.1 to
2.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite/releases">flowbite's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<ul>
<li>added new <a
href="https://flowbite.com/docs/components/clipboard/">copy to
clipboard</a> component and examples</li>
<li>added new JavaScript tab to the documentation examples</li>
<li>update dependency to Tailwind CSS v3.4.1</li>
<li>fixed carousel component behavior when there’s only one image</li>
<li>added new data attribute to set active and inactive classes for
tabs</li>
<li>Ruby on Rails integration fix for turbo load</li>
<li>minor bug fixes and improvements</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7941f8bb79"><code>7941f8b</code></a>
docs(README): add new clipboard component to readme</li>
<li><a
href="e4f9f16aae"><code>e4f9f16</code></a>
fix(clipboard): target element can be input element too</li>
<li><a
href="5cd600a348"><code>5cd600a</code></a>
feat(changelog): add Ruby on Rails fix mention</li>
<li><a
href="fdf9bfe52a"><code>fdf9bfe</code></a>
chore(versioning): bump all version instances to
<code>v2.3.0</code></li>
<li><a
href="bfbf97db7b"><code>bfbf97d</code></a>
chore(package): update keywords and name</li>
<li><a
href="52ed4101a0"><code>52ed410</code></a>
Merge pull request <a
href="https://redirect.github.com/themesberg/flowbite/issues/804">#804</a>
from themesberg/fix-inconsistencies</li>
<li><a
href="06778c3906"><code>06778c3</code></a>
fix(modals): replace old alternative buttons with the new ones to have
consis...</li>
<li><a
href="bcb1dbf990"><code>bcb1dbf</code></a>
refactor(input fields): add maximum width to search and select
inputs</li>
<li><a
href="03667ef73a"><code>03667ef</code></a>
fix(input-forms): fix bg-color & text-color on:dark for "Form
validation" inp...</li>
<li><a
href="3179d1ffa8"><code>3179d1f</code></a>
fix(forms): toggle switch typo</li>
<li>Additional commits viewable in <a
href="https://github.com/themesberg/flowbite/compare/v2.2.1...v2.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Phoenix VerifiedRoutes expects directories for `statics` where we were
passing filenames too.
These are removed since they're not required -- all of the top level
files we need to serve at the root don't need VerifiedRoutes.
For the website, the files were named incorrectly.
The above issues were causing 404s on both the website and portal.
This message is sent by the some of the broadcasters and it was
resulting in a process crash (on a socket that will be disconnected
anyways), but this triggered our logging alerts anyways. So we will
simply ignore them globally to suppres the noise.
Why:
* The extra assertions added to the sign-in success acceptance tests do
not behave as reliably as needed. The assertions being removed were
checking an intermediate step of the sign-in success redirect process,
so the test should not be fundamentally changed by removing them. We'll
just be checking the final state rather than the intermediate state and
the final state. The previous commit removing these assertions was only
done on the email signin tests. This commit updates the userpass and
openid_connect tests
Why:
* The extra assertions added to the sign-in success acceptance tests do
not behave as reliably as needed. The assertions being removed were
checking an intermediate step of the sign-in success redirect process,
so the test should not be fundamentally changed by removing them. We'll
just be checking the final state rather than the intermediate state and
the final state.
Why:
* On some clients, the web view that is opened to sign-in to Firezone is
left open and ends up getting stuck on the Sign In page with the
liveview loader on the top of the page also stuck and appearing as
though it is waiting for another response. This commit adds a sign-in
success page that is displayed upon successful sign-in and shows a
message to the user that lets them know they can close the window if
needed. If the client device is able to close the web view that was
opened, then the page will either very briefly be shown or will not be
visible at all due to how quickly the redirect happens.
Why:
* On some clients, the web view that is opened to sign-in to Firezone is
left open and ends up getting stuck on the Sign In page with the
liveview loader on the top of the page also stuck and appearing as
though it is waiting for another response. This commit adds a sign-in
success page that is displayed upon successful sign-in and shows a
message to the user that lets them know they can close the window if
needed. If the client device is able to close the web view that was
opened, then the page will either very briefly be shown or will not be
visible at all due to how quickly the redirect happens.
Closes#3608
<img width="625" alt="Screenshot 2024-02-15 at 4 30 57 PM"
src="https://github.com/firezone/firezone/assets/2646332/eb6a5df6-4a4c-4e54-b57c-5da239069ea9">
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Why:
* After reviewing the Okta docs closer, in order for an OAuth token to
have Okta API scopes attached to it, the Okta org authorization server
must be used, not a custom authorization server (which includes the
'default' authorization server). This means that the OAuth Authorization
URI that was previously being asked for in the Okta Adapter form won't
work for IDP sync to Firezone. This commit updates the form to accept
the Okta Account Domain (i.e. `<company>.okta.com`)
Why:
* To allow syncing of users/groups/memberships from an IDP to Firezone,
a custom identify provider adapter needs to be created in the portal
codebase at this time. The custom IDP adapter created in this commit is
for Okta.
* This commit also includes some additional tests for the Microsoft
Entra IDP adapter. These tests were mistakenly overlooked when finishing
the Entra adapter.
Why:
* To allow syncing of users/groups/memberships from an IDP to Firezone,
a custom identify provider adapter needs to be created in the portal
codebase at this time. The custom IDP adapter created in this commit is
for Microsoft Entra.
# Gateways
- [x] When Gateway Group is deleted all gateways should be disconnected
- [x] When Gateway Group is updated (eg. routing) broadcast to all
affected gateway to disconnect all the clients
- [x] When Gateway is deleted it should be disconnected
- [x] When Gateway Token is revoked all gateways that use it should be
disconnected
# Relays
- [x] When Relay Group is deleted all relays should be disconnected
- [x] When Relay is deleted it should be disconnected
- [x] When Relay Token is revoked all gateways that use it should be
disconnected
# Clients
- [x] Remove Delete Client button, show clients using the token on the
Actors page (#2669)
- [x] When client is deleted disconnect it
- [ ] ~When Gateway is offline broadcast to the Clients connected to it
it's status~
- [x] Persist `last_used_token_id` in Clients and show it in tokens UI
# Resources
- [x] When Resource is deleted it should be removed from all gateways
and clients
- [x] When Resource connection is removed it should be deleted from
removed gateway groups
- [x] When Resource is updated (eg. traffic filters) all it's
authorizations should removed
# Authentication
- [x] When Token is deleted related sessions are terminated
- [x] When an Actor is deleted or disabled it should be disconnected
from browser and client
- [x] When Identity is deleted it's sessions should be disconnected from
browser and client
- [x] ^ Ensure the same happens for identities during IdP sync
- [x] When IdP is disabled act like all actors for it are disabled?
- [x] When IdP is deleted act like all actors for it are deleted?
# Authorization
- [x] When Policy is created clients that gain access to a resource
should get an update
- [x] When Policy is deleted we need to all authorizations it's made
- [x] When Policy is disabled we need to all authorizations it's made
- [x] When Actor Group adds or removes a user, related policies should
be re-evaluated
- [x] ^ Ensure the same happens for identities during IdP sync
# Settings
- [x] Re-send init message to Client when DNS settings change
# Code
- [x] Crear way to see all available topics and messages, do not use
binary topics any more
---------
Co-authored-by: conectado <gabrielalejandro7@gmail.com>
Before, any user logging into via the OIDC connector would need to have
an identity created beforehand with their known `sub` id. This presented
a chicken-and-egg scenario where this was only populated in the
`Identity Providers` settings flow by an admin, preventing regular users
from signing in.
With this change, Admins can now create identities for actors and
specify an `email` address or `sub` claim value to match against for
incoming authentications to the connector.
This will allow end-users to authenticate with the configured OIDC
connector.
Fixes#3308
Why:
* The Sites edit page was toggling the routing option in the page on and
off every time a change to the page was made (i.e. every time something
was clicked or typed). This was causing the Site to not be editable in
certain situations. It ended up being because the form field value being
set was not consistently the same type. It would come back as either an
atom or a string, but the radio button input was only checking for
atoms.
Fixes: #3239
- [x] Introduce api_client actor type and code to create and
authenticate using it's token
- [x] Unify Tokens usage for Relays and Gateways
- [x] Unify Tokens usage for magic links
Closes#2367
Ref #2696
Bumps [phoenix_html](https://github.com/phoenixframework/phoenix_html)
from 3.3.3 to 4.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/phoenixframework/phoenix_html/blob/main/CHANGELOG.md">phoenix_html's
changelog</a>.</em></p>
<blockquote>
<h2>v4.0.0 (2023-12-19)</h2>
<p>This version removes deprecated functionality and moved all HTML
helpers to a separate library. HTML Helpers are no longer used in new
apps from Phoenix v1.7. Older applications who wish to maintain
compatibility, add <code>{:phoenix_html_helpers, "~>
1.0"}</code> to your <code>mix.exs</code> and then replace
<code>use Phoenix.HTML</code> in your applications by:</p>
<pre lang="elixir"><code>import Phoenix.HTML
import Phoenix.HTML.Form
use PhoenixHTMLHelpers
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0687606d16"><code>0687606</code></a>
Release v4.0.0</li>
<li><a
href="3d7cc4ed0d"><code>3d7cc4e</code></a>
Improve to_form/4 coverage</li>
<li><a
href="071dd38489"><code>071dd38</code></a>
More tests</li>
<li><a
href="478d310fd7"><code>478d310</code></a>
Update description</li>
<li><a
href="0be2c6f1fa"><code>0be2c6f</code></a>
Prepare v4.0</li>
<li><a
href="ec3764e02f"><code>ec3764e</code></a>
Improve docs</li>
<li><a
href="06e9840407"><code>06e9840</code></a>
Fix tests</li>
<li>See full diff in <a
href="https://github.com/phoenixframework/phoenix_html/compare/v3.3.3...v4.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
