Tinyauth v3.3.0
Hello everyone! The release almost everybody has been waiting for just dropped.
Tinyauth can now act as a simple middleware between your OIDC server and your apps. It automatically maps OIDC claims like prefered_username, name and groups into Remote-User, Remote-Email, Remote-Name and Remote-Groups so as you can easily authenticate to your favorite apps using your existing OIDC server. Additionally you can easily manage access controls with your existing user groups and filter which group can access which app by using the tinyauth.oauth.groups header.
Furthermore, both the OAuth whitelist and the user whitelist support regex (regex cannot be used simultaneously with the comma list) for easier user matching. Last but not least a lot of security improvements and refactors have took place. Documentation for all of the changes and new features will come in the following days.
A big thank you to our new sponsors @jmadden91 and @tribor.
New features
- Added warning login screen when the redirect URI does not match the configured domain
- Regex support for both OAuth and user whitelist
- New forgot password screen with the ability to change the text using markdown
- Map information from OIDC claims to headers
- Support for auto redirecting to your favorite OAuth provider
Improvements
- Add dependabot for dependency updates @gurukulkarni
- Add CSRF cookie for protection against cross-site request forgery
- Log actual errors alongside the information message
Fixes
- Disable basic authentication for TOTP users
- Move the redirect URI back to a separate cookie
Technical
- Ensure the dist directory exists during development
- Bump dependencies
If you encounter any issues please let me know so I can fix them as soon as possible.