Merge pull request #1091 from fosrl/dev

Dev

Author: miloschwartz

install/config/crowdsec/profiles.yaml

@@ -1,4 +1,4 @@
-iame: captcha_remediation
+name: captcha_remediation
 filters:
   - Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetScenario() contains "http"
 decisions:
@@ -22,4 +22,4 @@ filters:
 decisions:
  - type: ban
    duration: 4h
-on_success: break
+on_success: break

messages/en-US.json

@@ -1162,7 +1162,7 @@
     "selectDomainTypeCnameName": "Single Domain (CNAME)",
     "selectDomainTypeCnameDescription": "Just this specific domain. Use this for individual subdomains or specific domain entries.",
     "selectDomainTypeWildcardName": "Wildcard Domain",
-    "selectDomainTypeWildcardDescription": "This domain and its first level of subdomains.",
+    "selectDomainTypeWildcardDescription": "This domain and its subdomains.",
     "domainDelegation": "Single Domain",
     "selectType": "Select a type",
     "actions": "Actions",

server/emails/index.ts

@@ -18,10 +18,10 @@ function createEmailClient() {
         host: emailConfig.smtp_host,
         port: emailConfig.smtp_port,
         secure: emailConfig.smtp_secure || false,
-        auth: {
+        auth: (emailConfig.smtp_user && emailConfig.smtp_pass) ? {
             user: emailConfig.smtp_user,
             pass: emailConfig.smtp_pass
-        }
+        } : null
     } as SMTPTransport.Options;
 
     if (emailConfig.smtp_tls_reject_unauthorized !== undefined) {

server/lib/consts.ts

@@ -2,7 +2,7 @@ import path from "path";
 import { fileURLToPath } from "url";
 
 // This is a placeholder value replaced by the build process
-export const APP_VERSION = "1.7.0";
+export const APP_VERSION = "1.7.3";
 
 export const __FILENAME = fileURLToPath(import.meta.url);
 export const __DIRNAME = path.dirname(__FILENAME);

server/routers/external.ts

@@ -620,8 +620,6 @@ authenticated.post(
 
 authenticated.delete("/idp/:idpId", verifyUserIsServerAdmin, idp.deleteIdp);
 
-authenticated.get("/idp", verifyUserIsServerAdmin, idp.listIdps);
-
 authenticated.get("/idp/:idpId", verifyUserIsServerAdmin, idp.getIdp);
 
 authenticated.put(

server/routers/idp/validateOidcCallback.ts

@@ -162,6 +162,12 @@ export async function validateOidcCallback(
             );
         }
 
+        logger.debug("State verified", {
+            urL: ensureTrailingSlash(existingIdp.idpOidcConfig.tokenUrl),
+            expectedState,
+            state
+        });
+
         const tokens = await client.validateAuthorizationCode(
             ensureTrailingSlash(existingIdp.idpOidcConfig.tokenUrl),
             code,

server/routers/resource/createResource.ts

@@ -261,14 +261,6 @@ async function createHttpResource(
                     )
                 );
             }
-            if (parsedSubdomain.data.includes(".")) {
-                return next(
-                    createHttpError(
-                        HttpCode.BAD_REQUEST,
-                        "Subdomain cannot contain a dot when using wildcard domains"
-                    )
-                );
-            }
             fullDomain = `${subdomain}.${domainRes.domains.baseDomain}`;
         } else {
             fullDomain = domainRes.domains.baseDomain;

server/routers/resource/updateResource.ts

@@ -297,14 +297,6 @@ async function updateHttpResource(
                         )
                     );
                 }
-                if (parsedSubdomain.data.includes(".")) {
-                    return next(
-                        createHttpError(
-                            HttpCode.BAD_REQUEST,
-                            "Subdomain cannot contain a dot when using wildcard domains"
-                        )
-                    );
-                }
                 fullDomain = `${updateData.subdomain}.${domainRes.domains.baseDomain}`;
             } else {
                 fullDomain = domainRes.domains.baseDomain;

src/app/[orgId]/settings/access/users/create/page.tsx

@@ -9,7 +9,7 @@ import {
     SettingsSectionHeader,
     SettingsSectionTitle
 } from "@app/components/Settings";
-import { StrategySelect } from "@app/components/StrategySelect";
+import { StrategyOption, StrategySelect } from "@app/components/StrategySelect";
 import HeaderTitle from "@app/components/SettingsSectionTitle";
 import { Button } from "@app/components/ui/button";
 import { useParams, useRouter } from "next/navigation";
@@ -45,15 +45,10 @@ import { createApiClient } from "@app/lib/api";
 import { Checkbox } from "@app/components/ui/checkbox";
 import { ListIdpsResponse } from "@server/routers/idp";
 import { useTranslations } from "next-intl";
+import { build } from "@server/build";
 
 type UserType = "internal" | "oidc";
 
-interface UserTypeOption {
-    id: UserType;
-    title: string;
-    description: string;
-}
-
 interface IdpOption {
     idpId: number;
     name: string;
@@ -147,13 +142,20 @@ export default function Page() {
         }
     }, [userType, env.email.emailEnabled, internalForm, externalForm]);
 
-    const userTypes: UserTypeOption[] = [
+    const [userTypes, setUserTypes] = useState<StrategyOption<string>[]>([
         {
             id: "internal",
             title: t("userTypeInternal"),
-            description: t("userTypeInternalDescription")
+            description: t("userTypeInternalDescription"),
+            disabled: false
+        },
+        {
+            id: "oidc",
+            title: t("userTypeExternal"),
+            description: t("userTypeExternalDescription"),
+            disabled: true
         }
-    ];
+    ]);
 
     useEffect(() => {
         if (!userType) {
@@ -177,9 +179,6 @@ export default function Page() {
 
             if (res?.status === 200) {
                 setRoles(res.data.data.roles);
-                if (userType === "internal") {
-                    setDataLoaded(true);
-                }
             }
         }
 
@@ -200,24 +199,32 @@ export default function Page() {
 
             if (res?.status === 200) {
                 setIdps(res.data.data.idps);
-                setDataLoaded(true);
 
                 if (res.data.data.idps.length) {
-                    userTypes.push({
-                        id: "oidc",
-                        title: t("userTypeExternal"),
-                        description: t("userTypeExternalDescription")
-                    });
+                    setUserTypes((prev) =>
+                        prev.map((type) => {
+                            if (type.id === "oidc") {
+                                return {
+                                    ...type,
+                                    disabled: false
+                                };
+                            }
+                            return type;
+                        })
+                    );
                 }
             }
         }
 
-        setDataLoaded(false);
-        fetchRoles();
-        if (userType !== "internal") {
-            fetchIdps();
+        async function fetchInitialData() {
+            setDataLoaded(false);
+            await fetchRoles();
+            await fetchIdps();
+            setDataLoaded(true);
         }
-    }, [userType]);
+
+        fetchInitialData();
+    }, []);
 
     async function onSubmitInternal(
         values: z.infer<typeof internalFormSchema>
@@ -323,7 +330,7 @@ export default function Page() {
 
             <div>
                 <SettingsContainer>
-                    {!inviteLink && userTypes.length > 1 ? (
+                    {!inviteLink && build !== "saas" ? (
                         <SettingsSection>
                             <SettingsSectionHeader>
                                 <SettingsSectionTitle>
@@ -610,7 +617,7 @@ export default function Page() {
                                                                     idp || null
                                                                 );
                                                             }}
-                                                            cols={3}
+                                                            cols={2}
                                                         />
                                                         <FormMessage />
                                                     </FormItem>

src/app/page.tsx

@@ -12,6 +12,7 @@ import { cleanRedirect } from "@app/lib/cleanRedirect";
 import { Layout } from "@app/components/Layout";
 import { InitialSetupCompleteResponse } from "@server/routers/auth";
 import { cookies } from "next/headers";
+import { build } from "@server/build";
 
 export const dynamic = "force-dynamic";
 
@@ -83,25 +84,27 @@ export default async function Page(props: {
         if (ownedOrg) {
             redirect(`/${ownedOrg.orgId}`);
         } else {
-            redirect("/setup");
+            if (!env.flags.disableUserCreateOrg || user.serverAdmin) {
+                redirect("/setup");
+            }
         }
     }
 
-    // return (
-    //     <UserProvider user={user}>
-    //         <Layout orgs={orgs} navItems={[]}>
-    //             <div className="w-full max-w-md mx-auto md:mt-32 mt-4">
-    //                 <OrganizationLanding
-    //                     disableCreateOrg={
-    //                         env.flags.disableUserCreateOrg && !user.serverAdmin
-    //                     }
-    //                     organizations={orgs.map((org) => ({
-    //                         name: org.name,
-    //                         id: org.orgId
-    //                     }))}
-    //                 />
-    //             </div>
-    //         </Layout>
-    //     </UserProvider>
-    // );
+    return (
+        <UserProvider user={user}>
+            <Layout orgs={orgs} navItems={[]}>
+                <div className="w-full max-w-md mx-auto md:mt-32 mt-4">
+                    <OrganizationLanding
+                        disableCreateOrg={
+                            env.flags.disableUserCreateOrg && !user.serverAdmin
+                        }
+                        organizations={orgs.map((org) => ({
+                            name: org.name,
+                            id: org.orgId
+                        }))}
+                    />
+                </div>
+            </Layout>
+        </UserProvider>
+    );
 }