mirror
/
galene
mirror of https://github.com/jech/galene.git
1
Fork 0
Code
1,206 Commits 18 Branches 31 Tags 12 MiB
Commit Graph

91 Commits

Author SHA1 Message Date
Juliusz Chroboczek b7f9ef00b6 Token API. 2024-05-01 23:12:20 +02:00
Juliusz Chroboczek fe15057252 Check for empty path in api. 2024-05-01 22:20:51 +02:00
Juliusz Chroboczek 3409f5a27f Replace uses of os.IsExist and os.IsNotExist with errors.Is. 
The former don't properly unwrap errors.
 2024-04-14 13:34:32 +02:00
Juliusz Chroboczek 31f89163a2 Simplify server startup. 
We now create the server and the listener in the calling thread,
and only create a new goroutine before calling server.Serve.
 2024-04-14 02:12:46 +02:00
Juliusz Chroboczek 8fb1c1556e Fix typo in usersHandler. 2024-04-14 01:10:02 +02:00
Juliusz Chroboczek df46e6df21 Rename usersHandler. 2024-04-14 01:04:44 +02:00
Juliusz Chroboczek 695c379a6c Distinguish empty key in password from absence of key. 2024-04-12 01:05:48 +02:00
Juliusz Chroboczek 7673a95b05 Implement FallbackUsers in API. 2024-04-11 17:53:48 +02:00
Juliusz Chroboczek 31a18bcf44 Implement keys handling in API. 2024-04-11 14:30:44 +02:00
Juliusz Chroboczek cc38c53075 Implement administrative API. 2024-04-11 13:27:08 +02:00
Juliusz Chroboczek 5753c46910 Use methodNotAllowed in whip. 2024-04-10 14:45:04 +02:00
Juliusz Chroboczek f646191e01 Implement methodNotAllowed. 2024-04-10 14:44:03 +02:00
Juliusz Chroboczek e14eec86d3 Implement parseContentType. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek c4c7d0b60d More tests for splitPath. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek eee6650336 Add precondition.go. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek b7094fc373 Beginnings of administrative API. 
The "stats.json" file is moved under "galene-api", where the rest
of the API will live.
 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek d887a216f0 Rework configuration file format. 
The "users" entry is now a dictionary mapping user names to
passwords and permissions.  In order to allow for wildcards,
there is a new type of password, the wildcard password, and
an extra array called "fallback-users".

The field "allow-anonymous" no longer exists, this is now
the default behaviour.  The field "allow-subgroups" has been
renamed to "auto-subgroups".

We provide backwards compatibility for group definition files,
but not for the config.json file, where the old "admin" array
is simply ignored.
 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek 89f947df1f Rework handling of authorisation errors. 
We'd sometimes return "Internal server error" on authentication
failures.  This should be gone now.
 2024-03-03 13:43:50 +01:00
Juliusz Chroboczek 29e006037c Allow proxyURL to contain a path. 
We now support or reasonable values for proxyURL, such as "http:"
or "/galene".
 2024-02-24 12:46:30 +01:00
Juliusz Chroboczek 6756e7f7cc Add test for groupBase. 2024-02-24 12:27:19 +01:00
Juliusz Chroboczek 923d78eaa3 Fix handling of WHIP URLs. 
We broke WHIP when we introduced splitPath.  Thanks to Tim Panton.
 2024-02-22 23:31:03 +01:00
Juliusz Chroboczek 0f53bf0373 More tweaks to webserver error handling. 2024-01-18 01:02:56 +01:00
Juliusz Chroboczek 3ad6f27b17 Move .status.json to .status. 
Keep a redirect for backwards compatibility.
 2024-01-18 00:39:32 +01:00
Juliusz Chroboczek b92cf0480a Implement splitPath. 
Use it for parsing special paths instead of ad hoc code.
 2024-01-17 22:28:21 +01:00
Juliusz Chroboczek 6455ae3a4c Fix error handling in groupBase. 2024-01-17 22:22:47 +01:00
Juliusz Chroboczek a612e4d869 Use httpError in groupHandler. 2024-01-11 23:10:15 +01:00
Juliusz Chroboczek 03038eaf45 Obfuscate WHIP ids. 
If the WHIP session is not authenticated, then the only thing
preventing an attacker from DELETEing the session is the session
URL.  Since client ids are known, obfuscate the id before using
it in the session URL.
 2024-01-11 22:05:07 +01:00
Juliusz Chroboczek dc34350d8f Complete parsing of WHIP candidates. 2023-12-20 01:42:11 +01:00
Juliusz Chroboczek be2d3ab4ca Fix error handing in WHIP resource handler. 2023-12-20 00:40:30 +01:00
Juliusz Chroboczek 5c2e5ee5c0 Add test for parsing bearer tokens. 2023-12-09 20:50:39 +01:00
Juliusz Chroboczek bee1c3d0c3 Use url.JoinPath in webserver. 2023-12-09 17:40:04 +01:00
Juliusz Chroboczek 1f3b349ea2 Use MaxBytesReader in whip. 2023-12-09 16:17:48 +01:00
Juliusz Chroboczek 1e050fa4e3 Implement the WHIP protocol. 2023-07-11 17:25:58 +02:00
Juliusz Chroboczek 90e2de0b2d Add configuration option publicServer. 2023-07-10 23:59:24 +02:00
Juliusz Chroboczek aa53b78b2c Distinguish between no username and empty username. 2023-04-03 22:58:38 +02:00
Alexandre Iooss 02e7c7e824 Add Referrer-Policy and X-Content-Type-Options headers 2023-04-01 15:32:23 +02:00
Juliusz Chroboczek be0f05dac8 Fix incorrect formatting of error message. 2022-10-21 19:05:37 +02:00
Juliusz Chroboczek 10c57c7596 Don't use url.JoinPath. 
It was introduced in Go 1.19.
 2022-10-21 19:03:42 +02:00
Juliusz Chroboczek 16e2888d56 Add new configuration directive proxyURL. 
The strategy of computing the base URL from the request doesn't
necessarily work if we're behind a reverse proxy.  proxyURL
can be set in cases where our guess is incorrect.

Thanks to Dianne Skoll.
 2022-10-21 13:28:11 +02:00
Juliusz Chroboczek 31ed146a95 Fix computation of group URL in webserver. 
We were computing the scheme incorrectly, which caused us
to compute the wrong websocket URL when -insecure is set.
Thanks to Fabien de Montgolfier.
 2022-10-09 12:37:13 +02:00
Juliusz Chroboczek 6bdcd504a7 Make GetPermission a method of Group. 2022-09-08 20:55:35 +02:00
Juliusz Chroboczek b55e531aa5 Encode group location in the status.json file. 2022-09-01 15:38:29 +02:00
Juliusz Chroboczek 4bc873a574 Publish websocket endpoint in group status. 2022-09-01 14:55:52 +02:00
Juliusz Chroboczek dcb370677f Allow running the web server on a Unix domain socket. 
Thanks to Martin Pépin.
 2022-08-04 18:36:07 +02:00
Juliusz Chroboczek fc9f28fd68 Minor cleanups. 2022-04-23 18:43:01 +02:00
Juliusz Chroboczek de3a016f4d Set the username in the server when using tokens. 
This avoids the need to pass the username in the URL without
requiring the client to parse tokens.
 2022-02-20 15:33:11 +01:00
Juliusz Chroboczek a86fb08f6c Replace ClientPermissions with a list of strings. 
Now that we support external auth, the permissions list is
open-ended.  Make it a list for simplicity.
 2022-02-19 23:44:57 +01:00
Juliusz Chroboczek 03811db37d Implement token authentication. 2022-02-18 13:35:17 +01:00
Juliusz Chroboczek d2dff184d1 Move fontawesome to external, upgrade to 6.0.0. 2022-02-16 19:24:32 +01:00
Juliusz Chroboczek 62fb6d853c Move toastify into separate dir, upgrade. 2022-02-16 18:56:21 +01:00