public/hass-oidc-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
152 Commits 1 Branch 17 Tags
main
Commit Graph

58 Commits

Author SHA1 Message Date
Christiaan Goossens
843c415f88 Respect force https on the initial redirect URI (#303) 
* Also force HTTPS on the redirect URI

* Format & test
 2026-05-01 15:09:34 +02:00
Ramon
9d9025164a Redirect native-picker click on OIDC provider to /auth/oidc/welcome (fix dead-end) (#266) 
Fixes #252
 2026-05-01 14:57:40 +02:00
Andrew Marshall
d251ebfb92 Allow environment config of HTTP proxy for auth server connection (#299) 
You can set `HTTP_PROXY` on the container/host level, see https://docs.aiohttp.org/en/stable/client_advanced.html#proxy-support
 2026-05-01 14:53:17 +02:00
Christiaan Goossens
d3c359064d Do not reveal existance of trusted networks provider (#302) 
* Skip welcome page if the only other provider is trusted networks

* Add test
 2026-05-01 14:27:23 +02:00
Christiaan Goossens
c7370ed266 Implement trusted_networks support (#283) 
* Implement bypass for trusted_networks

* Trusted Network tests

* Test cleanup

* Improve integration tests

* Defensive programming

* Fix wrong import issue
 2026-05-01 14:03:14 +02:00
Christiaan Goossens
a154ffc197 Bump to 1.0.2 (#280) 2026-04-21 21:44:15 +02:00
Christiaan Goossens
fe706abdb5 Fix type casting error (#278) 2026-04-21 21:34:11 +02:00
Christiaan Goossens
1e5b89fa32 Bump to 1.0.1 (#275) 2026-04-20 20:07:49 +02:00
Christiaan Goossens
3ba65adc8b Allow for skipping the welcome screen (even if HA username/password is still registered) (#272) 
* Allow for skipping the welcome screen (even if HA username/password is still registered)

* Linting & formatting

* Typing & tests
 2026-04-20 14:27:46 +02:00
Christiaan Goossens
f90a7d5346 Ship brand icons with the integrations (#271) 
* Upload icons

* Correct path
 2026-04-20 14:01:12 +02:00
Christiaan Goossens
084e0e606e Enable cache headers on styling (#270) 2026-04-20 13:55:45 +02:00
Christiaan Goossens
02babe0022 README updates for 1.0.0 (#250) 
* Stable README changes

* Simplify texts

* Add link to FAQ

* Add information about proxy setups

* Syncing changes from README to FAQ

* Improve wording

* Remove outdated Usage Guide

* Add placeholder usage guide
 2026-04-15 15:10:25 +02:00
Christiaan Goossens
7cc960e4db Bump to rc3 (#249) 2026-04-15 12:08:36 +02:00
Christiaan Goossens
07c1e3a4c4 Fix regression of storeToken parameter (#248) 
* Try a different method to set ?storeToken

* Formatting

* Only insert storeToken on web client & fix tests
 2026-04-15 12:07:19 +02:00
Christiaan Goossens
ddb2952e64 Release with autogenerated zip files (#242) 
* Try autobuilding

* Typo fix

* Entire components dir

* Directly upload zip
 2026-04-14 13:55:09 +02:00
Christiaan Goossens
baf3ac6b5a Fixes for known bugs in v1.0.0-rc1 (#241) 
* Fix #238 for same-site cookies

* Redirect in Python + bump to rc2
 2026-04-14 09:43:58 +02:00
Christiaan Goossens
c7672f65d9 Prepare for 1.0.0 pre-release 1 (#237) 
* Bump to 1.0.0-rc1

* Remove alpha disclaimer for 1.0.0
 2026-04-13 23:32:13 +02:00
Christiaan Goossens
fd3643685d Reimplement UI injection (#236) 2026-04-13 22:51:31 +02:00
Christiaan Goossens
a29e0e6730 Bump to rc5 (#204) 2026-02-06 12:33:39 +01:00
Christiaan Goossens
0f0679d46d Fix visual bug in latest HA (#203) 2026-02-06 12:29:04 +01:00
Christiaan Goossens
d6b8f6bbb1 Bump to 0.7.0-alpha-rc4 (#202) 2026-02-06 11:14:08 +01:00
Christiaan Goossens
6f93a22c37 Fix 500 on redirect path (#201) 
* Fix 500 on redirect path

Co-authored-by: anntnzrb <anntnzrb@proton.me>
 2026-02-06 11:07:46 +01:00
Andrew Garrett
b2d07c28f0 Enable Jinja2 autoescaping (#200) 
- Enable Jinja2 autoescape by default in the template environment.
- Use json.dumps to safely inject sso_name into JavaScript context.
- Fix linting issue (line too long) in injected_auth_page.py.
- Update tests to verify escaping and safe injection.

---------

Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Co-authored-by: werdnum <271070+werdnum@users.noreply.github.com>
 2026-02-06 09:07:54 +01:00
Christiaan Goossens
1f95efd0aa fix(deps): update home assistant update (major) (#196) 
* Major HA update to 2026.1

* Lock file maintenance npm
 2026-02-04 12:18:08 +01:00
Christiaan Goossens
0133446975 Fix manifest json requirements (#152) 2025-10-31 10:28:14 +01:00
Christiaan Goossens
674c342a81 Migrate to joserfc, remove python-jose (#150) 2025-10-31 10:16:45 +01:00
Tricked
4e898087d4 Use tailwind cli to compile css instead of tailwind cdn (#132) 
* implement feature
* use npm instead of cli
 2025-10-18 13:47:59 +02:00
Christiaan Goossens
404d2451df Add unit tests (#133) 
* Add initial test & add pipeline

* Add very basic YAML config tests

* Add coverage reporting

* Add some webserver & template loading tests

* Add test cases for the helpers

* Implement initial OIDC server tests

* Test codestore & discovery checker

* Test basics of the config flow

* Add test for the HA auth provider

* Cleaned up tests & test injection
 2025-10-05 21:03:02 +02:00
Christiaan Goossens
5714e844a7 Pre-release 3 for v0.7.0 (#129) 
* Bump to 0.7.0-alpha-rc3
* Small tweak to forgot password link
* Add version param for cache busting
 2025-10-04 17:43:45 +02:00
Christiaan Goossens
d1da841e1f Move some code around and improve validation (#128) 2025-10-04 17:34:31 +02:00
David Baines
3b481cd282 45 - Implement config flow for UI configuration (#123) 2025-10-04 17:32:10 +02:00
Lake
b87dd35577 Removed mwc prefixes in favour for ha. (#117) 2025-09-02 18:48:45 +02:00
Evan Zhang
c13eb7c438 Persist OIDC logins on HTTP refresh (#105) 
This relates to #70, where refreshing the webpage causes the user to
need to login again, due to homeassistant not storing the user's session
token `hassTokens`.
 2025-07-30 17:35:38 +02:00
Christiaan Goossens
e22f960d69 Allow forcing HTTPS in URL generation (#92) 
* Force HTTPS feature
* Add docs
 2025-07-16 12:21:11 +02:00
Christiaan Goossens
0888ea0400 Disable welcome page if the new features are enabled (#86) 
* Disable welcome page if frontend injection is enabled
* Make button indicate redirecting
 2025-07-13 20:07:47 +02:00
Christiaan Goossens
27de2bcf71 Bump to 0.7.0 (#85) 2025-07-13 20:04:26 +02:00
Christiaan Goossens
2e85f4bd16 Small UX touchups (#84) 
* Small touchups

* Disable sso view on mobile
 2025-07-13 19:50:48 +02:00
Tag Howard
5651e9bff3 Improve the JS for SSO (#83) 
* Tweak code field error status

* Add a toggle for SSO vs Code and show a proper error when code fails

* Refactor SSO button handling and improve error message display

* Update timeout warning message duration in UI injection
 2025-07-13 19:00:39 +02:00
Christiaan Goossens
86c663700c Inject javascript into the main authorize page for better UX (#81) 2025-07-12 10:40:06 +02:00
Seth
b4d5d7f2bf Add Additional Scopes to Maximize Functionality from Custom idP (#80) 
* add additional scopes to config schema

Keep original groups setting for backwards compatibility.

* fix weird text issue

* Add support for additional scopes in OIDC setup

* fix compile error

* Update documentation to include description of additional oidc scopes

* clarify documentation
 2025-07-09 09:55:37 +02:00
Christiaan Goossens
aaa977781c Bump to 0.6.2 (#53) 2025-02-21 19:46:59 +01:00
Christiaan Goossens
1fc4e0f21a Fetch userinfo to supplement id_token claims (#50) 
Fetches the userinfo endpoint whenever available to supplement the id_token claims.

---------

Co-authored-by: Luca Olivetti <luca@ventoso.org>
 2025-02-17 22:55:11 +01:00
Christiaan Goossens
6e56311176 Fix compatibility with Microsoft Entra ID (#48) 
* Fixes necessary for Entra ID

* Better error

* Bump 0.6.1

* Also bump manifest

* Linting
 2025-02-16 11:29:24 +01:00
Christiaan Goossens
d565380435 Add groups scope option & fixup features.include_groups_scope (#42) 2025-02-15 13:25:04 +01:00
Tom Kölsch
29a2545396 Add feature toggle to disable groups scope (#39) 
* Update README.md

Ad two to dos:
- bool for scopes
- "groups" scope configurable

* Update README.md

- Add scope bool to configuration options

* Final Update for making scope "groups" optinal

README:
Add scope bool to configuration options
Add two to dos:

bool for scopes
"groups" scope configurable

config:
Make scope "groups" a feature which can be deactivated

init:
Make the feature for the groups bool working in the scope variable

* Remove double description

* Update config.py
 2025-02-14 19:03:14 +01:00
Christiaan Goossens
63f5f175ee Fixes Home Assistant error about re-creating HTTP sessions (#22) 
* Bump to 0.5.1

* Prevent HA errors about HTTP session left open
 2025-01-12 12:43:41 +01:00
Schakko
bfad0418ad feat: enable verification of certs via network.tls_verify and private CA chains with network.tls_ca_path (#16) 
Signed-off-by: Christopher Klein <ckl@dreitier.com>
 2025-01-06 10:09:30 +01:00
Christiaan Goossens
00da053f50 Add configurable group names for roles (#17) 2025-01-05 22:24:48 +01:00
Baptiste Roux
2131fe5d36 fix: group mapping (#13) 2025-01-01 16:28:48 +01:00
Christiaan Goossens
72dbc49c6f Slowed down code checking to prevent brute forcing (#12) 2024-12-31 16:54:39 +01:00