í«îÛ    okta-auth-validator-2.8.4-lp154.45.1                                                Ž­è         <   >     ,     è            ê          ì          M€‰ f<ôª 7ž‹¶ª´ç‘ýì¹zmÝ #“\¹n3­¼Y¤l1	ÔÂ‰sƒuÌ»œ‚éPÉð<D²ò]ÝP<éÜ`†çÅ¤Œ`µ'†cé*X@,'ê±ÿ,ÖÎ„_ÿ@øi[†˜:õO7ÈíÅíÁ‹†®žgf÷¥&µ^GùmSd²+Ë®]@uÿœ' žë|Ðš?oŸÔ+“A*RQŸtÆ4ß,‘$¨¾Ù&e#_××*%˜”j	'°²¤ÿÿ¤þÛ‹‘]{„Ç-K£ïšÂT‹¾ñ•úFw½ùÒ¸Õ„yù‚¤>¥Šýeéü•üZ†õé®†k;‡âmgåuäQÅ¨Ëì¦ùHÞD#Ž€ÒÚ   >   ÿÿÿÀ       Ž­è       ;  E˜   ?     Eˆ      d            è           é           ê           ì   	   '     í   	   V     î      ¸     ï      ¼     ñ      È     ò      Ì     ó      ä     ö     
     ÷          ø   	  (     ü     I     ý     v     þ     |          „          ˆ     	     Š     
     Œ                    Ñ          Ô          Ø          Ý          â                              H          \          Ú     (     ü     8          9     l     :          F     C	     G     C      H     C$     I     C(     X     C,     Y     C4     \     CX     ]     C\     ^     Cp     b     Cz     c     D      d     D‚     e     D‡     f     DŠ     l     DŒ     u     D      v     D¤     z     E&     “     E8     Æ     E<     ä     EB     å     E„   C okta-auth-validator 2.8.4 lp154.45.1 Command line tool to authenticate against Okta This is a command line tool that authenticates users directly against Okta, with support for MFA. f<ôi01-armsrv2  pAhome:Algolia:OSS / 15.4 obs://build.opensuse.org/home:Algolia MPL-2.0 https://www.suse.com/ Productivity/Networking/Security https://github.com/algolia/openvpn-auth-okta linux aarch64  pAí  f<ô7f70a3d57ff811c59b69630312355484e2910b7bf7eb56a848f2e72849ffb1b6        root root openvpn-auth-okta-2.8.4-lp154.45.1.src.rpm    ÿÿÿÿokta-auth-validator okta-auth-validator(aarch-64)        
  
  
  
okta-auth-validator-common rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz) 2.8.4 3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.14.3  f‚š@f|Àf:ÀeÜ}@eÛ+Àe×7@eÆÀe…z@e…Àe€4@e}‘@e}‘@e|?Àezî@e:TÀe9@e7±Àe7±Àe5Àe2kÀe2kÀe1@e1@e/ÈÀe/ÈÀe/ÈÀJeremy JACQUE <jeremy.jacque@algolia.com> - 2.8.4-1 Jeremy JACQUE <jeremy.jacque@algolia.com> - 2.8.3-1 Jeremy Jacque <jeremy.jacque@algolia.com> - 2.8.2-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.8.1-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.8.0-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.7.0-1 vagrant <jeremy.jacque@algolia.com> 2.6.1-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.6.0-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.10-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.9-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.8-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.7-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.6-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.5-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.4-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.3-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.2-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.1-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.5.0-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.4.3-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.4.2-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.4.1-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.4.0-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.3.4-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.3.3-1 Jeremy Jacque <jeremy.jacque@algolia.com> 2.3.2-1 - chore(deps): bump github.com/phuslu/log from 1.0.106 to 1.0.107
- chore(oktaApiAuth): use Chrome on Linux user agent along with Sec-CH headers
- chore(oktaApiAuth): improve Push factor debugging - chore(dist): build using Golang 1.22
- fix(Makefile): raspbian always needs CGO
- chore(deps): bump github.com/phuslu/log from 1.0.97 to 1.0.100
- chore(deps): bump github.com/phuslu/log from 1.0.100 to 1.0.101
- chore(deps): bump github.com/phuslu/log from 1.0.101 to 1.0.102
- chore(deps): bump github.com/go-playground/validator/v10
- chore(doc): fix codacy warnings in README
- chore(ci): disable codacy checks for fixtures and test code
- chore(doc): add codacy badge
- fix(Makefile): /etc/os-release does not exist on MacOS, test before sourcing
- chore(ci): push coverage report to Codacy
- chore(lib): deduplicate identical piece of code
- chore(doc): fix more markdown warnings
- chore(deps): bump github.com/phuslu/log from 1.0.102 to 1.0.106
- chore(deps): bump github.com/go-playground/validator/v10
- chore: use sentinel errors when possible
- fix(oktaApiAuth): do not print authRes.Result when it is empty
- refacto(oktaApiAuth): dedup JSON api response processing
- chore(doc): update coverage badge
- fix(oktaApiAuth): gofmt
- test(oktaApiAuth): use assert.EqualError instead of assert.Equal
- test: use testify dedicated errors functions
- fix: use a valid hardcoded user agent
- chore(doc): update available package distros and archs
- fix(oktaApiAuth): respect Go style guide
- fix(oktaApiAuth): use fmt.Errorf instead of errors.New of fmt string
- refacto(oktaApiAuth): simplify Okta Auth error handling using wrappers
- chore(doc): update coverage badge
- fix(oktaApiAuth): wrong authRes variable was tested
- test(oktaApiAuth): add tests for parseOktaError - chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0
- chore(deps): bump github.com/go-playground/validator/v10
- chore(deps): bump github.com/phuslu/log from 1.0.88 to 1.0.89
- chore(deps): bump github.com/phuslu/log from 1.0.89 to 1.0.90
- chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0
- chore(deps): bump github.com/phuslu/log from 1.0.90 to 1.0.91
- chore(deps): bump github.com/go-playground/validator/v10
- chore(deps): bump github.com/phuslu/log from 1.0.91 to 1.0.92
- chore(deps): bump github.com/phuslu/log from 1.0.92 to 1.0.93
- chore(deps): bump github.com/phuslu/log from 1.0.93 to 1.0.96
- chore(deps): bump github.com/phuslu/log from 1.0.96 to 1.0.97
- feat(lib): allow to use a struct for PluginEnv
- feat(lib): provide a way to compute lib args from plugin envp, args passed as a struct
- fix(Makefile): use proper inc dirs for gcc and cppcheck
- feat(lib): rename the C function computing args
- doc: add some comments
- fix(lib): gotfmt
- chore(lib): let the user allocate and free himself the ArgsOktaAuthValidatorV2 struct
- refacto(plugin): mutualize error code during lib related calls
- chore(cmd): add missing license header - chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0
- chore(deps): bump github.com/go-playground/validator/v10
- chore(ci): check go fmt
- fix(cmd): gofmt - chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.17.0
- chore(deps): bump golang.org/x/net from 0.8.0 to 0.17.0
- fix(oktaApiAuth): do not return "valid" http 500 on request error
- chore: add comments and basic traces
- chore(oktaApiAuth): add validity checks on Okta groups
- feat(validator): allow various log level and to set it up in the conf file
- chore(doc): update coverage badge
- chore: normalize validator constructor name
- chore: normalize oktaApiAuth constructor name
- chore(validator): if log level has been set in constructor, use it as default if not provided in config
- refacto: use phuslu/log instead of logrus for better perf/memory usage
- chore(go): clean sums - chore(go): add go-playground/validator for API response validation
- chore(go): use proper json unmarshaling/validation instead of string parsing for API responses
- refacto(oktaApiAuth): factorize common (first step) MFA verification code
- chore(oktaApiAuth/test): test MFA with multiple push retries
- refacto(oktaApiAuth/test): split TestAuth function
- chore(oktaApiAuth) respect API spec anf honor HTTP codes
- chore(oktaApiAuth/test): respect API spec anf honor HTTP codes
- chore(oktaApiAuth): factorize TOTP and Push MFA verification code
- refacto(oktaApiAuth): dedup and simplify doAuthFirstStep code
- fix(oktaApiAuth): Okta will never answer success at first push MFA verify call
- fix(oktaApiAuth): status is mandatory in a AuthResponse
- fix(oktaApiAuth): add missing cancel in verifyFactors, simplify if/else with return
- fix(oktaApiAuth): return proper error for checkAllowedGroups HTTP error
- chore(oktaApiAuth/test): cover all Auth scenarii
- chore(oktaApiAuth/test): increase coverage of CheckAllowedGroups
- chore(doc): update coverage badge
- chore(oktaApiAuth/test): add auth_invalid_totp_no_sum fixture file
- chore(oktaApiAuth): cancelAuth is a fire & forget, no need for return values
- chore(oktaApiAuth): add some debug messages
- chore(doc): update coverage badge
- fix(oktaApiAuth): reset AuthResponse at each loop iteration to prevent persistency issues
- chore: make TOTP to Push fallback configurable
- refacto: simplify code - remove else when not needed - chore(go): fmt
- chore(ci): remove snyk jobs as we are decommissioning it
- chore(doc): simplify pkg install section by using OBS instruction page
- chore: add license header to source files - fix(plugin): add missing dlclose
- chore(Makefile): minimize built file size and trimpath
- chore(Makefile): clean unused vars and targets, tune go build params
- refacto(go): simplify logging by using different fomatter before and after username is set
- chore(doc): update coverage badge
- chore(doc): add a section about logs
- refacto(oktaApiAuth): split oktaApiAuth package into multiple files
- refacto(oktaApiAuth/test): split oktaApiAuth tests into multiple files
- refacto(validator): integrate utils pkg as it is only used by validator
- refacto(validator): split validator package into multiple files
- refacto(validator/test): split validator tests into multiple files
- refacto(Makefile): use a shell cmd to get the full list of pkg files for dependencies
- fix(Makefile): GOLDFLAGS has been renamed GOPLUGIN_LDFLAGS in a previous commit
- refacto(oktaApiAuth/test): use types_test.go only for stuff common to multiple tests
- refacto(validator): move checkControlFilePerm to utils(_test)
- chore(oktaApiAuth): add a todo for Pool only used in tests - chore(oktaApiAuth): rephrase/enrich log outputs
- chore(validator): rephrase/enrich log outputs
- chore: create a dedicated func for logging setup (formatting with uuid, log-level)
- chore(go): add uuid package needed for logging
- chore(tools): update url for https://toolkit.okta.com/apps/ - refacto(oktaApiAuth): handle totp and push MFA sequentialy with different error msg
- chore(oktaApiAuth/test): rename MFA errors, add test for invalid response for totp auth
- fix(oktaApiAuth): continue outer loop when push triggers error and not last
- chore(oktaApiAuth/test): test if multiple TOTP or push providers are possible
- chore(doc): update coverage badge
- refacto(oktaApiAuth): split validateUserMFA with 2 more functions (TOTP and push)
- chore(oktaApiAuth/test): implement tests following refacto - fix(oktaApiAuth): user may have multiple OTP providers, try all - fix(oktaApiAuth): handle properly transaction cancelation, only when needed
- fix(oktaApiAuth/test): fix with new calls to transaction cancellation
- chore(doc): update coverage badge
- chore(oktaApiAuth): homogenize / clean auth logs
- fix(oktaApiAuth): handle properly TOTP error (invalid passcode)
- chore(oktaApiAuth): simplify validateMFA signature
- chore(oktaApiAuth): rename some functions/vars for better readability
- fix(oktaApiAuth): respect MFAPushMaxRetries count, saves an API call/MFAPushDelaySeconds sleep
- feat(oktaApiAuth): handle expired password (only when no active MFA)
- chore(config): clean a bit api.ini config template
- chore(doc): rearrange and fix typo in README
- fix(dist): add missing packages in dsc - style: gofmt some source files
- refacto(oktaApiAuth): reduce gocyclo score of Auth to an acceptable score
- chore(oktaApiAuth): homogenize some Auth logs
- chore(oktaApiAuth/test): add a test for invalid preauth response
- chore(doc): update coverage badge - chore(validator): add msg for setup failures
- chore: use logrus to have a clean output
- fix(Makefile): missing source deps in targets
- chore(doc): update coverage badge
- fix(Makefile): allow to build on MacOS
- chore(validator): handle properly new config files names
- chore(Makefile): add proper MacOS ldflags for libs
- chore(oktaApiAuth): allow POST and GET in oktaReq
- feat(oktaApiAuth): check if user is a member of an AllowedGroup
- feat((oktaApiAuth/test): test checkAllowedGroups functions
- feat(config): add AllowedGroups option
- chore(doc): update coverage badge
- feat(oktaApiAuth/test): add invalid payload test
- chore(validator/test): check config file detection
- chore(validator/test): test wrongly formatted ini file
- chore(doc): update coverage badge
- chore(github): remove refs to pip in dependabot - chore: rename config files
- fix(doc): fix invalid license header
- chore(doc): small README updates
- chore(doc): remove CODE.md as the pkg is now referenced in pkg.go.dev
- chore(doc): update authors
- chore(dist): move tool to update packages version
- chore(config): move config files to a dedicated dir
- chore(Makefile): enforce some compiler options
- fix(debian): ensure proper config files permissions - style(utils): use gofmt std indentation
- style(oktaApiAuth): use gofmt std indentation
- style(validator): use gofmt std indentation
- style(cmd): use gofmt std indentation
- style(lib): use gofmt std indentation
- chore(doc): update coverage badge
- chore(doc): add doc ref and goreportcard badges
- chore(pkg): rename config files
- chore(Makefile): rename config files
- chore(dist): rename config files
- chore(doc): rename config files
- chore(git): rename config files - chore(oktaApiAuth): add comments for functions
- chore(utils): add comments for functions
- chore(validator): remove useless function
- chore(validator): add comments for functions
- chore(validator): do not set clientIp when not needed
- chore(oktaApiAuth): clientIp is not set anymore to 0.0.0.0
- chore(oktaApiAuth): add struct comments
- chore(validator): add struct comments - chore(pkg): relocate http pool initialisation from utils to oktaApiAuth
- chore(utils): simplify test
- chore(utils): add a function to remove comments from a slice
- chore(validator): remove from the pinset list empty lines and comments
- chore(utils): simplify CheckUsernameFormat - chore(pkg): remove now useless types package
- chore(oktaApiAuth): move types in pkg, split constructor, make needed struct fields public
- chore(oktaApiAuth/test): struct has been renamed, test InitPool
- chore(validator): move types in pkg, parse for passcode here, move okta api related struct
- chore(validator/test): adapt to latest changes, add more tests
- chore(lib): adapt to struct moves
- chore(testing): add new fixture for validator
- chore(doc): reflect latest changes
- chore(validator): remove useles comments, error test
- chore(doc): update coverage badge after new tests implem
- chore(debian): add missing common package for config files
- chore(dist): split RPM pkg to have a dedicated config file one
- chore(tools): small fix
- fix(dist): add missing description for okta-auth-validator-common
- chore(dist): fix some rpmlint issues
- chore(cfg): remove algolia ref - chore: change plugin file name to be aligned with other OpenVPN plugins
- chore(doc): fix typo in install section and add info about OpenVPN tmp dir
- chore(plugin): rename source according to new plugin file name
- chore(doc): update with new plugin name
- chore(git): now all produced files are in a dedicated dir, so ignore this dir - chore(validator): refacto to remove useless functions and better err control on Authenticate
- chore(cmd/okta-auth-validator): adapt to new Authenticate return type
- chore(lib): adapt to new Authenticate return type
- chore(validator/test): test new Authenticate err returned
- chore(oktaApiAuth/test): test the case where we need to sort the offered MFAs
- fix(validator/test): handle possible nil error
- chore(oktaApiAuth/test): test the case where preAuth fails (connection issue)
- chore(fixtures): add preauth_mfa_required_multi used by oktaApiAuth/TestAuth
- chore(doc): update coverage badge after new tests implem - chore: renamed repo and packages
- chore(github): add code owners and PR template
- chore(Makefile): change config files location
- chore(doc): change config files location
- chore(dist): change config files location
- chore(validator): change default config files location - chore(debian): split package
- chore(dist): split package
- chore(dist): update rpmlintrc filters
- fix(tools): work on current branch to generate changelogs - chore(tools): fix distro name in changelog creation
- fix(Makefile): wrong soname for golang c-shared lib
- chore: remove unneeded defer_simple source code
- chore(doc): add section about package installation
- chore(dist): remove refs to defer_simple in spec file
- chore(dist): bump version - chore(Makefile): refacto to handle properly dlopened libokta-openvpn.so
- chore(debian): adapt rules after Makefile refacto
- fix(defer_okta_openvpn): context is needed, dlopen is mandatory to respect signals
- fix(defer_simple): passing wrong args array to deferred_auth_handler
- chore(pkg): use a struct instead of env to hold shared lib setup
- chore(cmd/lib): use new validator.Setup params
- chore(doc): update coverage badge
- chore(debian): update version
- chore(Makefile): symlink is not needed as dlopen follows ld.so
- chore(Makefile): add missing soname to shared lib
- chore(Makefile): binary should bo to /usr/bin
- chore(dist): add files needed to build packages
- chore(dist): add script to manage versions
- chore(debian): Update changelog for 2.3.2 release
- chore(dist): Update changelog for 2.3.2 release
- chore(debian): add source format
- fix(Makefile): create bin dir before install
- fix(debian): wrong package format
- chore(defer_okta_openvpn): fix indent, do not store useless pointer in context
- chore: rename function for clarity
- chore(Makefile): DESTDIR should be empty by default
- chore: rename okta_openvpn to okta-auth-validator to be more generic
- fix(lib): wrong (previous) export function name
- chore: rename C source file
- chore: rename lib to be more generic
- chore(oktaApiAuth): do not flood openvpn logs with useless messages - chore(Makefile): add missing soname to shared lib
- chore(Makefile): binary should bo to /usr/bin
- chore(dist): add files needed to build packages
- chore(dist): add script to manage versions i01-armsrv2 1720728820                 2.8.4-lp154.45.1 2.8.4-lp154.45.1       okta-auth-validator /usr/bin/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection obs://build.opensuse.org/home:Algolia:OSS/15.4/3749a5628db01dd528406e2cefffb634-openvpn-auth-okta drpm xz 5 aarch64-suse-linux      ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, stripped ½0—Âv<ùåŒG¼s     utf-8 39ecabb6dc8c45b4537843c8ddcf5389226fd6ec1582915e7dcbe5a60c27e01f        ?   ÿÿüP   ý7zXZ  
áû¡ !   t/å£àyÍ] "ÌkÀ%¡lÄzˆf9ÏÂ:H U¶J¹%²G¯ù@à¦í)%F+À¶¨N#ºq_<Š4ê™²ŠôÉ=6ñÒ„ºŽ¸8Z?c9H“Š³‰~'pvÆhÉSøŒÙ ¶éUì¨œ.rP¯AÆówÄ›\õÜñ—*[¾·­wJDÇ«µbŒÍWÀ
Ä)ª˜Aø=k¸Ðì»¸­#0Ë•›Å6”Fª¦¾'8’–S4ÖhH«: *kÁ€ds¼\Ëp4º
Æb‹¶­^ŒÞ <ßT¨KiÝUçî|ßÎ"ÚàÈ«¨ê
ø? CiÖ ê«@ÄH‚p5“g°c`«¬&¹‹ zòN“h@ÆIÞÿ
$2ƒøì.®>Î%º²wÞOr)"sá°dÄ©ïõµ8pèoT¡ø×ì¢EÏÁôÎl÷mJ2NØðI²(c’xåU½xlTüè“cr÷D<»|ÿè€è¨âbüœÃ
ñEÚÄV¾ÐÿÅcÛ7øÑy‰žá
5k³$˜ïƒñIvàcÑB»^ŠÓgõ²ï&‚áeaXº|+GxÌ+R›©Ô5OÅ!ì¶6b1òi­h‹R0h–$Aìì&‚Êˆâ…×-’lÂ—Mºï¾6ÛZ’*e	Ïþ&¶ö£Y<â¨´GiÎRåy¡ü>G9=>V$>n«å\î"»|ë=tf¦rb‘`³”±ÝÑ’•qÑà5*a8k!2ÕQ#“ØÑ_Ên =­C”àÔot=¡ÄËRéMa¼"¶ÿã«xë#‰Ó±ñ™öEVghN]½µ>§IÄ‰Ü›Aãá±ÿ“ÕQ7ËÓÑ/"7GÕb=÷XýYr£Sã=‹H]ºqŽ‘çØAæÓê+„5RNq ÆxÉ|«¬;@Ÿ ßºîÌô8„‹ûƒÍ“b_+¶¥ Äd,æÍjF¿€(\šóï1ïù¨,âb$hïY¹|Éa§¯'p8äË§Û¬3ôˆû‹ˆ»¦TFÂÇF&’ÜC þ½]´?öVO!A\¡WLŸPïÄ ý3]¶šà¡ÆÌãAŠæÔTw…IOÃÈîšÇâ új©aùéïx¯ŸY¾'òÏÆ¥¥‰íP¼Oý«;a`Æ¬p˜î:»ŒÛ
„BW©ŒE=„ê‰•âØ!–0hÀÞ{°ÈSdÜiÒï	;‰þÄ[-œ˜<é—÷Ø@‡.ž‰C3Šbï‡]‰;ˆÒ@¤ÒDbMµ*0vîþ~³TÒÅ    †}ªXÐX©<ù»,ØœñPRR¨ÃcŽR Ö¡ ú$  ž@Vð¶éß    
YZ