${msg(
diff --git a/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts b/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
index f5b59efe5..000df8cad 100644
--- a/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
+++ b/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts
@@ -1,5 +1,6 @@
import "@goauthentik/admin/common/ak-crypto-certificate-search";
import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils";
import "@goauthentik/components/ak-radio-input";
@@ -7,7 +8,6 @@ import "@goauthentik/components/ak-text-input";
import "@goauthentik/components/ak-textarea-input";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/forms/SearchSelect";
import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -116,7 +116,7 @@ export const redirectUriHelp = html`${redirectUriHelpMessages.map(
*/
@customElement("ak-provider-oauth2-form")
-export class OAuth2ProviderFormPage extends ModelForm {
+export class OAuth2ProviderFormPage extends BaseProviderForm {
propertyMappings?: PaginatedScopeMappingList;
oauthSources?: PaginatedOAuthSourceList;
@@ -143,14 +143,6 @@ export class OAuth2ProviderFormPage extends ModelForm {
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated provider.");
- } else {
- return msg("Successfully created provider.");
- }
- }
-
async send(data: OAuth2Provider): Promise {
if (this.instance) {
return new ProvidersApi(DEFAULT_CONFIG).providersOauth2Update({
diff --git a/web/src/admin/providers/proxy/ProxyProviderForm.ts b/web/src/admin/providers/proxy/ProxyProviderForm.ts
index 9886c9be3..ddd554572 100644
--- a/web/src/admin/providers/proxy/ProxyProviderForm.ts
+++ b/web/src/admin/providers/proxy/ProxyProviderForm.ts
@@ -1,11 +1,11 @@
import "@goauthentik/admin/common/ak-crypto-certificate-search";
import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/components/ak-toggle-group";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -30,7 +30,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-provider-proxy-form")
-export class ProxyProviderFormPage extends ModelForm {
+export class ProxyProviderFormPage extends BaseProviderForm {
static get styles(): CSSResult[] {
return [...super.styles, PFContent, PFList, PFSpacing];
}
@@ -65,14 +65,6 @@ export class ProxyProviderFormPage extends ModelForm {
@state()
mode: ProxyMode = ProxyMode.Proxy;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated provider.");
- } else {
- return msg("Successfully created provider.");
- }
- }
-
async send(data: ProxyProvider): Promise {
data.mode = this.mode;
if (this.mode !== ProxyMode.ForwardDomain) {
@@ -324,7 +316,7 @@ export class ProxyProviderFormPage extends ModelForm {
{
+export class RadiusProviderFormPage extends BaseProviderForm {
loadInstance(pk: number): Promise {
return new ProvidersApi(DEFAULT_CONFIG).providersRadiusRetrieve({
id: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated provider.");
- } else {
- return msg("Successfully created provider.");
- }
- }
-
async send(data: RadiusProvider): Promise {
if (this.instance) {
return new ProvidersApi(DEFAULT_CONFIG).providersRadiusUpdate({
diff --git a/web/src/admin/providers/saml/SAMLProviderForm.ts b/web/src/admin/providers/saml/SAMLProviderForm.ts
index c48993e84..006a32545 100644
--- a/web/src/admin/providers/saml/SAMLProviderForm.ts
+++ b/web/src/admin/providers/saml/SAMLProviderForm.ts
@@ -1,9 +1,9 @@
import "@goauthentik/admin/common/ak-crypto-certificate-search";
import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/forms/SearchSelect";
import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -27,7 +27,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-provider-saml-form")
-export class SAMLProviderFormPage extends ModelForm {
+export class SAMLProviderFormPage extends BaseProviderForm {
loadInstance(pk: number): Promise {
return new ProvidersApi(DEFAULT_CONFIG).providersSamlRetrieve({
id: pk,
@@ -44,14 +44,6 @@ export class SAMLProviderFormPage extends ModelForm {
propertyMappings?: PaginatedSAMLPropertyMappingList;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated provider.");
- } else {
- return msg("Successfully created provider.");
- }
- }
-
async send(data: SAMLProvider): Promise {
if (this.instance) {
return new ProvidersApi(DEFAULT_CONFIG).providersSamlUpdate({
@@ -175,7 +167,7 @@ export class SAMLProviderFormPage extends ModelForm {
name="signingKp"
>
${msg(
@@ -188,7 +180,7 @@ export class SAMLProviderFormPage extends ModelForm {
name="verificationKp"
>
diff --git a/web/src/admin/providers/scim/SCIMProviderForm.ts b/web/src/admin/providers/scim/SCIMProviderForm.ts
index cdc935973..e505c4b23 100644
--- a/web/src/admin/providers/scim/SCIMProviderForm.ts
+++ b/web/src/admin/providers/scim/SCIMProviderForm.ts
@@ -1,8 +1,8 @@
+import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/forms/SearchSelect";
@@ -22,7 +22,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-provider-scim-form")
-export class SCIMProviderFormPage extends ModelForm {
+export class SCIMProviderFormPage extends BaseProviderForm {
loadInstance(pk: number): Promise {
return new ProvidersApi(DEFAULT_CONFIG).providersScimRetrieve({
id: pk,
@@ -39,14 +39,6 @@ export class SCIMProviderFormPage extends ModelForm {
propertyMappings?: PaginatedSCIMMappingList;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated provider.");
- } else {
- return msg("Successfully created provider.");
- }
- }
-
async send(data: SCIMProvider): Promise {
if (this.instance) {
return new ProvidersApi(DEFAULT_CONFIG).providersScimUpdate({
diff --git a/web/src/admin/roles/RoleForm.ts b/web/src/admin/roles/RoleForm.ts
index 7d4778469..e5cc0e8f3 100644
--- a/web/src/admin/roles/RoleForm.ts
+++ b/web/src/admin/roles/RoleForm.ts
@@ -21,11 +21,9 @@ export class RoleForm extends ModelForm {
}
getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated role.");
- } else {
- return msg("Successfully created role.");
- }
+ return this.instance
+ ? msg("Successfully updated role.")
+ : msg("Successfully created role.");
}
async send(data: Role): Promise {
diff --git a/web/src/admin/sources/BaseSourceForm.ts b/web/src/admin/sources/BaseSourceForm.ts
new file mode 100644
index 000000000..f8c68c4bd
--- /dev/null
+++ b/web/src/admin/sources/BaseSourceForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BaseSourceForm extends ModelForm {
+ getSuccessMessage(): string {
+ return this.instance
+ ? msg("Successfully updated source.")
+ : msg("Successfully created source.");
+ }
+}
diff --git a/web/src/admin/sources/ldap/LDAPSourceForm.ts b/web/src/admin/sources/ldap/LDAPSourceForm.ts
index a927eae29..39a121cb9 100644
--- a/web/src/admin/sources/ldap/LDAPSourceForm.ts
+++ b/web/src/admin/sources/ldap/LDAPSourceForm.ts
@@ -1,10 +1,10 @@
import "@goauthentik/admin/common/ak-crypto-certificate-search";
import { placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -24,7 +24,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-source-ldap-form")
-export class LDAPSourceForm extends ModelForm {
+export class LDAPSourceForm extends BaseSourceForm {
loadInstance(pk: string): Promise {
return new SourcesApi(DEFAULT_CONFIG).sourcesLdapRetrieve({
slug: pk,
@@ -41,14 +41,6 @@ export class LDAPSourceForm extends ModelForm {
propertyMappings?: PaginatedLDAPPropertyMappingList;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated source.");
- } else {
- return msg("Successfully created source.");
- }
- }
-
async send(data: LDAPSource): Promise {
if (this.instance) {
return new SourcesApi(DEFAULT_CONFIG).sourcesLdapPartialUpdate({
@@ -206,7 +198,7 @@ export class LDAPSourceForm extends ModelForm {
name="peerCertificate"
>
@@ -220,7 +212,7 @@ export class LDAPSourceForm extends ModelForm {
name="clientCertificate"
>
${msg(
diff --git a/web/src/admin/sources/oauth/OAuthSourceForm.ts b/web/src/admin/sources/oauth/OAuthSourceForm.ts
index 51b1c6e42..cf0209fcb 100644
--- a/web/src/admin/sources/oauth/OAuthSourceForm.ts
+++ b/web/src/admin/sources/oauth/OAuthSourceForm.ts
@@ -1,5 +1,6 @@
import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search";
import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils";
import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
@@ -8,7 +9,6 @@ import "@goauthentik/elements/CodeMirror";
import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -28,7 +28,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-source-oauth-form")
-export class OAuthSourceForm extends ModelForm {
+export class OAuthSourceForm extends BaseSourceForm {
async loadInstance(pk: string): Promise {
const source = await new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({
slug: pk,
@@ -61,14 +61,6 @@ export class OAuthSourceForm extends ModelForm {
@state()
clearIcon = false;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated source.");
- } else {
- return msg("Successfully created source.");
- }
- }
-
async send(data: OAuthSource): Promise {
data.providerType = (this.providerType?.slug || "") as ProviderTypeEnum;
let source: OAuthSource;
diff --git a/web/src/admin/sources/plex/PlexSourceForm.ts b/web/src/admin/sources/plex/PlexSourceForm.ts
index 1318a1ae9..8091067ff 100644
--- a/web/src/admin/sources/plex/PlexSourceForm.ts
+++ b/web/src/admin/sources/plex/PlexSourceForm.ts
@@ -1,5 +1,6 @@
import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search";
import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils";
import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config";
import { PlexAPIClient, PlexResource, popupCenterScreen } from "@goauthentik/common/helpers/plex";
@@ -7,7 +8,6 @@ import { ascii_letters, digits, first, randomString } from "@goauthentik/common/
import { rootInterface } from "@goauthentik/elements/Base";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -24,7 +24,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-source-plex-form")
-export class PlexSourceForm extends ModelForm {
+export class PlexSourceForm extends BaseSourceForm {
async loadInstance(pk: string): Promise {
const source = await new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({
slug: pk,
@@ -50,14 +50,6 @@ export class PlexSourceForm extends ModelForm {
} as PlexSource;
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated source.");
- } else {
- return msg("Successfully created source.");
- }
- }
-
async send(data: PlexSource): Promise {
data.plexToken = this.plexToken || "";
let source: PlexSource;
diff --git a/web/src/admin/sources/saml/SAMLSourceForm.ts b/web/src/admin/sources/saml/SAMLSourceForm.ts
index 9e9fb8392..76e996322 100644
--- a/web/src/admin/sources/saml/SAMLSourceForm.ts
+++ b/web/src/admin/sources/saml/SAMLSourceForm.ts
@@ -1,13 +1,13 @@
import "@goauthentik/admin/common/ak-crypto-certificate-search";
import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search";
import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText";
+import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm";
import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils";
import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import { rootInterface } from "@goauthentik/elements/Base";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -29,7 +29,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-source-saml-form")
-export class SAMLSourceForm extends ModelForm {
+export class SAMLSourceForm extends BaseSourceForm {
@state()
clearIcon = false;
@@ -41,14 +41,6 @@ export class SAMLSourceForm extends ModelForm {
return source;
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated source.");
- } else {
- return msg("Successfully created source.");
- }
- }
-
async send(data: SAMLSource): Promise {
let source: SAMLSource;
if (this.instance) {
@@ -272,7 +264,7 @@ export class SAMLSourceForm extends ModelForm {
${msg(
@@ -285,7 +277,7 @@ export class SAMLSourceForm extends ModelForm {
name="verificationKp"
>
diff --git a/web/src/admin/stages/BaseStageForm.ts b/web/src/admin/stages/BaseStageForm.ts
new file mode 100644
index 000000000..67c5ffc35
--- /dev/null
+++ b/web/src/admin/stages/BaseStageForm.ts
@@ -0,0 +1,11 @@
+import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
+
+import { msg } from "@lit/localize";
+
+export abstract class BaseStageForm extends ModelForm {
+ getSuccessMessage(): string {
+ return this.instance
+ ? msg("Successfully updated stage.")
+ : msg("Successfully created stage.");
+ }
+}
diff --git a/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts b/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
index 4d74059be..db9322a84 100644
--- a/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
+++ b/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
@@ -1,9 +1,9 @@
import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -21,21 +21,13 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-authenticator-duo-form")
-export class AuthenticatorDuoStageForm extends ModelForm {
+export class AuthenticatorDuoStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorDuoRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: AuthenticatorDuoStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorDuoPartialUpdate({
diff --git a/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts b/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts
index 4522d050b..2938b156a 100644
--- a/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts
+++ b/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts
@@ -1,9 +1,9 @@
import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/forms/SearchSelect";
@@ -26,7 +26,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-authenticator-sms-form")
-export class AuthenticatorSMSStageForm extends ModelForm {
+export class AuthenticatorSMSStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG)
.stagesAuthenticatorSmsRetrieve({
@@ -45,14 +45,6 @@ export class AuthenticatorSMSStageForm extends ModelForm {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorSmsUpdate({
diff --git a/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts b/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts
index f9f2684d0..7a5dcab47 100644
--- a/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts
+++ b/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts
@@ -1,8 +1,8 @@
import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -19,21 +19,13 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-authenticator-static-form")
-export class AuthenticatorStaticStageForm extends ModelForm {
+export class AuthenticatorStaticStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: AuthenticatorStaticStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticUpdate({
diff --git a/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts b/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
index aebca9872..91ddcab19 100644
--- a/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
+++ b/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts
@@ -1,9 +1,9 @@
import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -21,21 +21,13 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-authenticator-totp-form")
-export class AuthenticatorTOTPStageForm extends ModelForm {
+export class AuthenticatorTOTPStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: AuthenticatorTOTPStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpUpdate({
diff --git a/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts b/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
index 146422988..2884f948c 100644
--- a/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
+++ b/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/utils/TimeDeltaHelp";
@@ -20,7 +20,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-authenticator-validate-form")
-export class AuthenticatorValidateStageForm extends ModelForm {
+export class AuthenticatorValidateStageForm extends BaseStageForm {
async loadInstance(pk: string): Promise {
const stage = await new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateRetrieve({
stageUuid: pk,
@@ -41,14 +41,6 @@ export class AuthenticatorValidateStageForm extends ModelForm {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateUpdate({
diff --git a/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts b/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts
index 9bd8bebe1..d8464b6f3 100644
--- a/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts
+++ b/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts
@@ -1,8 +1,8 @@
import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/forms/SearchSelect";
@@ -23,21 +23,13 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-authenticator-webauthn-form")
-export class AuthenticateWebAuthnStageForm extends ModelForm {
+export class AuthenticateWebAuthnStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: AuthenticateWebAuthnStage): Promise {
if (data.authenticatorAttachment?.toString() === "") {
data.authenticatorAttachment = null;
diff --git a/web/src/admin/stages/captcha/CaptchaStageForm.ts b/web/src/admin/stages/captcha/CaptchaStageForm.ts
index cc8299f30..cacdee5de 100644
--- a/web/src/admin/stages/captcha/CaptchaStageForm.ts
+++ b/web/src/admin/stages/captcha/CaptchaStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -11,21 +11,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { CaptchaStage, CaptchaStageRequest, StagesApi } from "@goauthentik/api";
@customElement("ak-stage-captcha-form")
-export class CaptchaStageForm extends ModelForm {
+export class CaptchaStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: CaptchaStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesCaptchaPartialUpdate({
diff --git a/web/src/admin/stages/consent/ConsentStageForm.ts b/web/src/admin/stages/consent/ConsentStageForm.ts
index 84866b10d..7bc5ad0ec 100644
--- a/web/src/admin/stages/consent/ConsentStageForm.ts
+++ b/web/src/admin/stages/consent/ConsentStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/utils/TimeDeltaHelp";
import { msg } from "@lit/localize";
@@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { ConsentStage, ConsentStageModeEnum, StagesApi } from "@goauthentik/api";
@customElement("ak-stage-consent-form")
-export class ConsentStageForm extends ModelForm {
+export class ConsentStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG)
.stagesConsentRetrieve({
@@ -27,14 +27,6 @@ export class ConsentStageForm extends ModelForm {
@property({ type: Boolean })
showExpiresIn = false;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: ConsentStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesConsentUpdate({
diff --git a/web/src/admin/stages/deny/DenyStageForm.ts b/web/src/admin/stages/deny/DenyStageForm.ts
index 340e911d2..ed3dffa5f 100644
--- a/web/src/admin/stages/deny/DenyStageForm.ts
+++ b/web/src/admin/stages/deny/DenyStageForm.ts
@@ -1,6 +1,6 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { DenyStage, StagesApi } from "@goauthentik/api";
@customElement("ak-stage-deny-form")
-export class DenyStageForm extends ModelForm {
+export class DenyStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesDenyRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: DenyStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesDenyUpdate({
diff --git a/web/src/admin/stages/dummy/DummyStageForm.ts b/web/src/admin/stages/dummy/DummyStageForm.ts
index 03fbbb4c3..39d36b99d 100644
--- a/web/src/admin/stages/dummy/DummyStageForm.ts
+++ b/web/src/admin/stages/dummy/DummyStageForm.ts
@@ -1,7 +1,7 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -11,21 +11,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { DummyStage, StagesApi } from "@goauthentik/api";
@customElement("ak-stage-dummy-form")
-export class DummyStageForm extends ModelForm {
+export class DummyStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesDummyRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: DummyStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesDummyUpdate({
diff --git a/web/src/admin/stages/email/EmailStageForm.ts b/web/src/admin/stages/email/EmailStageForm.ts
index a08b5c115..c2595674d 100644
--- a/web/src/admin/stages/email/EmailStageForm.ts
+++ b/web/src/admin/stages/email/EmailStageForm.ts
@@ -1,8 +1,8 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { EmailStage, StagesApi, TypeCreate } from "@goauthentik/api";
@customElement("ak-stage-email-form")
-export class EmailStageForm extends ModelForm {
+export class EmailStageForm extends BaseStageForm {
async loadInstance(pk: string): Promise {
const stage = await new StagesApi(DEFAULT_CONFIG).stagesEmailRetrieve({
stageUuid: pk,
@@ -30,14 +30,6 @@ export class EmailStageForm extends ModelForm {
@property({ type: Boolean })
showConnectionSettings = false;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: EmailStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesEmailPartialUpdate({
diff --git a/web/src/admin/stages/identification/IdentificationStageForm.ts b/web/src/admin/stages/identification/IdentificationStageForm.ts
index 6fad5fbb2..cc064adf1 100644
--- a/web/src/admin/stages/identification/IdentificationStageForm.ts
+++ b/web/src/admin/stages/identification/IdentificationStageForm.ts
@@ -1,9 +1,9 @@
import "@goauthentik/admin/common/ak-flow-search/ak-flow-search";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first, groupBy } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -23,7 +23,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-identification-form")
-export class IdentificationStageForm extends ModelForm {
+export class IdentificationStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesIdentificationRetrieve({
stageUuid: pk,
@@ -38,14 +38,6 @@ export class IdentificationStageForm extends ModelForm {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesIdentificationUpdate({
diff --git a/web/src/admin/stages/invitation/InvitationForm.ts b/web/src/admin/stages/invitation/InvitationForm.ts
index 4555a547e..24b2c34cf 100644
--- a/web/src/admin/stages/invitation/InvitationForm.ts
+++ b/web/src/admin/stages/invitation/InvitationForm.ts
@@ -23,11 +23,9 @@ export class InvitationForm extends ModelForm {
}
getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated invitation.");
- } else {
- return msg("Successfully created invitation.");
- }
+ return this.instance
+ ? msg("Successfully updated invitation.")
+ : msg("Successfully created invitation.");
}
async send(data: Invitation): Promise {
diff --git a/web/src/admin/stages/invitation/InvitationStageForm.ts b/web/src/admin/stages/invitation/InvitationStageForm.ts
index 549c58ae6..822d8a2da 100644
--- a/web/src/admin/stages/invitation/InvitationStageForm.ts
+++ b/web/src/admin/stages/invitation/InvitationStageForm.ts
@@ -1,8 +1,8 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -11,21 +11,13 @@ import { customElement } from "lit/decorators.js";
import { InvitationStage, StagesApi } from "@goauthentik/api";
@customElement("ak-stage-invitation-form")
-export class InvitationStageForm extends ModelForm {
+export class InvitationStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: InvitationStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesUpdate({
diff --git a/web/src/admin/stages/password/PasswordStageForm.ts b/web/src/admin/stages/password/PasswordStageForm.ts
index ce503ef00..939f92931 100644
--- a/web/src/admin/stages/password/PasswordStageForm.ts
+++ b/web/src/admin/stages/password/PasswordStageForm.ts
@@ -1,9 +1,9 @@
import { RenderFlowOption } from "@goauthentik/admin/flows/utils";
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/SearchSelect";
import { msg } from "@lit/localize";
@@ -22,21 +22,13 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-password-form")
-export class PasswordStageForm extends ModelForm {
+export class PasswordStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesPasswordRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: PasswordStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesPasswordUpdate({
diff --git a/web/src/admin/stages/prompt/PromptForm.ts b/web/src/admin/stages/prompt/PromptForm.ts
index c5138e69d..386ae7004 100644
--- a/web/src/admin/stages/prompt/PromptForm.ts
+++ b/web/src/admin/stages/prompt/PromptForm.ts
@@ -90,11 +90,9 @@ export class PromptForm extends ModelForm {
}
getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated prompt.");
- } else {
- return msg("Successfully created prompt.");
- }
+ return this.instance
+ ? msg("Successfully updated prompt.")
+ : msg("Successfully created prompt.");
}
static get styles(): CSSResult[] {
diff --git a/web/src/admin/stages/prompt/PromptStageForm.ts b/web/src/admin/stages/prompt/PromptStageForm.ts
index f3841e10f..43e35f475 100644
--- a/web/src/admin/stages/prompt/PromptStageForm.ts
+++ b/web/src/admin/stages/prompt/PromptStageForm.ts
@@ -1,9 +1,9 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import "@goauthentik/admin/stages/prompt/PromptForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
import "@goauthentik/elements/forms/ModalForm";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg, str } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -19,7 +19,7 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-prompt-form")
-export class PromptStageForm extends ModelForm {
+export class PromptStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRetrieve({
stageUuid: pk,
@@ -38,14 +38,6 @@ export class PromptStageForm extends ModelForm {
prompts?: PaginatedPromptList;
policies?: PaginatedPolicyList;
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: PromptStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesUpdate({
diff --git a/web/src/admin/stages/user_delete/UserDeleteStageForm.ts b/web/src/admin/stages/user_delete/UserDeleteStageForm.ts
index 3d15b52ff..617cd182a 100644
--- a/web/src/admin/stages/user_delete/UserDeleteStageForm.ts
+++ b/web/src/admin/stages/user_delete/UserDeleteStageForm.ts
@@ -1,6 +1,6 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { StagesApi, UserDeleteStage } from "@goauthentik/api";
@customElement("ak-stage-user-delete-form")
-export class UserDeleteStageForm extends ModelForm {
+export class UserDeleteStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: UserDeleteStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteUpdate({
diff --git a/web/src/admin/stages/user_login/UserLoginStageForm.ts b/web/src/admin/stages/user_login/UserLoginStageForm.ts
index 6ba879799..c386a9af2 100644
--- a/web/src/admin/stages/user_login/UserLoginStageForm.ts
+++ b/web/src/admin/stages/user_login/UserLoginStageForm.ts
@@ -1,9 +1,9 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/Alert";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/utils/TimeDeltaHelp";
import { msg } from "@lit/localize";
@@ -13,21 +13,13 @@ import { customElement } from "lit/decorators.js";
import { StagesApi, UserLoginStage } from "@goauthentik/api";
@customElement("ak-stage-user-login-form")
-export class UserLoginStageForm extends ModelForm {
+export class UserLoginStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: UserLoginStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesUserLoginUpdate({
diff --git a/web/src/admin/stages/user_logout/UserLogoutStageForm.ts b/web/src/admin/stages/user_logout/UserLogoutStageForm.ts
index 7e90aade6..40a99500f 100644
--- a/web/src/admin/stages/user_logout/UserLogoutStageForm.ts
+++ b/web/src/admin/stages/user_logout/UserLogoutStageForm.ts
@@ -1,6 +1,6 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
@@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js";
import { StagesApi, UserLogoutStage } from "@goauthentik/api";
@customElement("ak-stage-user-logout-form")
-export class UserLogoutStageForm extends ModelForm {
+export class UserLogoutStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: UserLogoutStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutUpdate({
diff --git a/web/src/admin/stages/user_write/UserWriteStageForm.ts b/web/src/admin/stages/user_write/UserWriteStageForm.ts
index 3ef5185cd..08b436f9b 100644
--- a/web/src/admin/stages/user_write/UserWriteStageForm.ts
+++ b/web/src/admin/stages/user_write/UserWriteStageForm.ts
@@ -1,9 +1,9 @@
+import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm";
import { UserCreationModeEnum } from "@goauthentik/api/dist/models/UserCreationModeEnum";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { first } from "@goauthentik/common/utils";
import "@goauthentik/elements/forms/FormGroup";
import "@goauthentik/elements/forms/HorizontalFormElement";
-import { ModelForm } from "@goauthentik/elements/forms/ModelForm";
import "@goauthentik/elements/forms/Radio";
import "@goauthentik/elements/forms/SearchSelect";
@@ -22,21 +22,13 @@ import {
} from "@goauthentik/api";
@customElement("ak-stage-user-write-form")
-export class UserWriteStageForm extends ModelForm {
+export class UserWriteStageForm extends BaseStageForm {
loadInstance(pk: string): Promise {
return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRetrieve({
stageUuid: pk,
});
}
- getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated stage.");
- } else {
- return msg("Successfully created stage.");
- }
- }
-
async send(data: UserWriteStage): Promise {
if (this.instance) {
return new StagesApi(DEFAULT_CONFIG).stagesUserWriteUpdate({
diff --git a/web/src/admin/tokens/TokenForm.ts b/web/src/admin/tokens/TokenForm.ts
index 904c8cdac..7324b0e70 100644
--- a/web/src/admin/tokens/TokenForm.ts
+++ b/web/src/admin/tokens/TokenForm.ts
@@ -26,11 +26,9 @@ export class TokenForm extends ModelForm {
}
getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated token.");
- } else {
- return msg("Successfully created token.");
- }
+ return this.instance
+ ? msg("Successfully updated token.")
+ : msg("Successfully created token.");
}
async send(data: Token): Promise {
diff --git a/web/src/admin/users/UserViewPage.ts b/web/src/admin/users/UserViewPage.ts
index 25915b64a..6ef77aa51 100644
--- a/web/src/admin/users/UserViewPage.ts
+++ b/web/src/admin/users/UserViewPage.ts
@@ -14,6 +14,11 @@ import "@goauthentik/app/elements/rbac/ObjectPermissionsPage";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { EVENT_REFRESH } from "@goauthentik/common/constants";
import { userTypeToLabel } from "@goauthentik/common/labels";
+import "@goauthentik/components/DescriptionList";
+import {
+ type DescriptionPair,
+ renderDescriptionList,
+} from "@goauthentik/components/DescriptionList";
import "@goauthentik/components/ak-status-label";
import "@goauthentik/components/events/ObjectChangelog";
import "@goauthentik/components/events/UserEvents";
@@ -137,165 +142,91 @@ export class UserViewPage extends AKElement {
const user = this.user;
- const canImpersonate =
- rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate) &&
- this.user.pk !== this.me?.user.pk;
+ // prettier-ignore
+ const userInfo: DescriptionPair[] = [
+ [msg("Username"), user.username],
+ [msg("Name"), user.name],
+ [msg("Email"), user.email || "-"],
+ [msg("Last login"), user.lastLogin?.toLocaleString()],
+ [msg("Active"), html``],
+ [msg("Type"), userTypeToLabel(user.type)],
+ [msg("Superuser"), html``],
+ [msg("Actions"), this.renderActionButtons(user)],
+ [msg("Recovery"), this.renderRecoveryButtons(user)],
+ ];
return html`
${msg("User Info")}
-
-
-
-
-
- ${msg("Username")}
-
-
-
-
${user.username}
-
-
-
-
- ${msg("Name")}
-
-
-
-
${user.name}
-
-
-
-
- ${msg("Email")}
-
-
-
-
${user.email || "-"}
-
-
-
-
- ${msg("Last login")}
-
-
-
-
- ${user.lastLogin?.toLocaleString()}
-
-
-
-
-
- ${msg("Active")}
-
-
-
-
-
-
-
-
- ${msg("Type")}
-
-
-
-
- ${userTypeToLabel(user.type)}
-
-
-
-
-
- ${msg("Superuser")}
-
-
-
-
-
-
-
-
- ${msg("Actions")}
-
-
-
-
-
- ${msg("Update")}
- ${msg("Update User")}
-
-
-
-
-
{
- return new CoreApi(DEFAULT_CONFIG).coreUsersPartialUpdate({
- id: user.pk,
- patchedUserRequest: {
- isActive: !user.isActive,
- },
- });
- }}
- >
-
-
- ${canImpersonate
- ? html`
-
{
- return new CoreApi(DEFAULT_CONFIG)
- .coreUsersImpersonateCreate({
- id: user.pk,
- })
- .then(() => {
- window.location.href = "/";
- });
- }}
- >
-
- ${msg("Impersonate")}
-
-
- `
- : nothing}
-
-
-
-
- ${msg("Recovery")}
-
-
-
-
+
${renderDescriptionList(userInfo)}
+ `;
+ }
+
+ renderActionButtons(user: User) {
+ const canImpersonate =
+ rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate) &&
+ user.pk !== this.me?.user.pk;
+
+ return html`
`;
+ }
+
+ renderRecoveryButtons(user: User) {
+ return html`
+
+ | `;
+ }
+
+ /* For very large tables where the user is selecting a limited number of entries, we provide a
+ * chip-based subtable at the top that shows the list of selected entries. Long text result in
+ * ellipsized chips, which is sub-optimal.
+ */
+ renderSelectedChip(_item: T): TemplateResult {
+ // Override this for chip-based displays
+ return html``;
+ }
+
+ get needChipGroup() {
+ return this.checkbox && this.checkboxChip;
+ }
+
+ renderChipGroup(): TemplateResult {
+ return html`
+ ${this.selectedElements.map((el) => {
+ return html`${this.renderSelectedChip(el)}`;
+ })}
+ `;
+ }
+
+ /* A simple pagination display, shown at both the top and bottom of the page. */
+ renderTablePagination(): TemplateResult {
+ const handler = (page: number) => {
+ updateURLParams({ tablePage: page });
+ this.page = page;
+ this.fetch();
+ };
+
+ return html`
+
+ `;
+ }
+
renderTable(): TemplateResult {
- return html` ${this.checkbox && this.checkboxChip
- ? html`
- ${this.selectedElements.map((el) => {
- return html`${this.renderSelectedChip(el)}`;
- })}
- `
- : html``}
+ const renderBottomPagination = () =>
+ html``;
+
+ return html` ${this.needChipGroup ? this.renderChipGroup() : html``}
${this.renderToolbarContainer()}
- ${this.paginated
- ? html` `
- : html``}`;
+ ${this.paginated ? renderBottomPagination() : html``}`;
}
render(): TemplateResult {
diff --git a/web/src/flow/stages/captcha/CaptchaStage.ts b/web/src/flow/stages/captcha/CaptchaStage.ts
index 7690fc626..753bda99c 100644
--- a/web/src/flow/stages/captcha/CaptchaStage.ts
+++ b/web/src/flow/stages/captcha/CaptchaStage.ts
@@ -1,11 +1,11 @@
///
-///
import "@goauthentik/elements/EmptyState";
import { PFSize } from "@goauthentik/elements/Spinner";
import "@goauthentik/elements/forms/FormElement";
import "@goauthentik/flow/FormStatic";
import "@goauthentik/flow/stages/access_denied/AccessDeniedStage";
import { BaseStage } from "@goauthentik/flow/stages/base";
+import type { TurnstileObject } from "turnstile-types";
import { msg } from "@lit/localize";
import { CSSResult, TemplateResult, html } from "lit";
@@ -21,6 +21,10 @@ import PFBase from "@patternfly/patternfly/patternfly-base.css";
import { CaptchaChallenge, CaptchaChallengeResponseRequest } from "@goauthentik/api";
+interface TurnstileWindow extends Window {
+ turnstile: TurnstileObject;
+}
+
@customElement("ak-stage-captcha")
export class CaptchaStage extends BaseStage {
static get styles(): CSSResult[] {
@@ -110,9 +114,8 @@ export class CaptchaStage extends BaseStage {
this.host?.submit({
token: token,
diff --git a/web/src/global.d.ts b/web/src/global.d.ts
index b7b3dfdf8..059e86815 100644
--- a/web/src/global.d.ts
+++ b/web/src/global.d.ts
@@ -1,4 +1,5 @@
declare module "*.css";
+
declare module "*.md" {
const html: string;
const metadata: { [key: string]: string };
diff --git a/web/src/user/UserInterface.ts b/web/src/user/UserInterface.ts
index 40eb4d5db..bef0aa2c1 100644
--- a/web/src/user/UserInterface.ts
+++ b/web/src/user/UserInterface.ts
@@ -82,9 +82,9 @@ export class UserInterface extends Interface {
:host([theme="dark"]) .pf-c-page__header {
color: var(--ak-dark-foreground) !important;
}
- .pf-c-page__header-tools-item .fas,
- .pf-c-notification-badge__count,
- .pf-c-page__header-tools-group .pf-c-button {
+ :host([theme="light"]) .pf-c-page__header-tools-item .fas,
+ :host([theme="light"]) .pf-c-notification-badge__count,
+ :host([theme="light"]) .pf-c-page__header-tools-group .pf-c-button {
color: var(--ak-global--Color--100) !important;
}
.pf-c-page {
@@ -183,7 +183,7 @@ export class UserInterface extends Interface {
- ${this.uiConfig.theme.background === ""
+ ${(this.uiConfig.theme.background || "") === ""
? html`
`
: html``}
diff --git a/web/src/user/user-settings/tokens/UserTokenForm.ts b/web/src/user/user-settings/tokens/UserTokenForm.ts
index 05bb3b111..78ce3413d 100644
--- a/web/src/user/user-settings/tokens/UserTokenForm.ts
+++ b/web/src/user/user-settings/tokens/UserTokenForm.ts
@@ -21,11 +21,9 @@ export class UserTokenForm extends ModelForm
{
}
getSuccessMessage(): string {
- if (this.instance) {
- return msg("Successfully updated token.");
- } else {
- return msg("Successfully created token.");
- }
+ return this.instance
+ ? msg("Successfully updated token.")
+ : msg("Successfully created token.");
}
async send(data: Token): Promise {
diff --git a/web/xliff/de.xlf b/web/xliff/de.xlf
index 7ac99fb5a..d1c409b92 100644
--- a/web/xliff/de.xlf
+++ b/web/xliff/de.xlf
@@ -2885,10 +2885,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
Diese Einstellung betrifft nur neue Ereignisse, da die Ablaufzeit für jedes Ereignis gespeichert wird.
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Format: "Wochen=3;Tage=2;Stunden=3,Sekunden=2".
-
Configure visual settings and defaults for different domains.
Konfiguriere visuelle Einstellungen und Standards für verschiedene Domains.
diff --git a/web/xliff/en.xlf b/web/xliff/en.xlf
index e7d1af19e..884a5b389 100644
--- a/web/xliff/en.xlf
+++ b/web/xliff/en.xlf
@@ -3020,10 +3020,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
This setting only affects new Events, as the expiration is saved per-event.
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Format: "weeks=3;days=2;hours=3,seconds=2".
-
Configure visual settings and defaults for different domains.
Configure visual settings and defaults for different domains.
diff --git a/web/xliff/es.xlf b/web/xliff/es.xlf
index a0dcf47a9..9167c39cc 100644
--- a/web/xliff/es.xlf
+++ b/web/xliff/es.xlf
@@ -2839,10 +2839,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
Esta configuración solo afecta a los eventos nuevos, ya que la caducidad se guarda por evento.
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Formato: «semanas = 3; días = 2; horas = 3, segundos = 2».
-
Configure visual settings and defaults for different domains.
Configure los ajustes visuales y los valores predeterminados para los diferentes dominios.
diff --git a/web/xliff/fr.xlf b/web/xliff/fr.xlf
index fd080e5f4..bc2ccee84 100644
--- a/web/xliff/fr.xlf
+++ b/web/xliff/fr.xlf
@@ -3767,11 +3767,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
Ce paramètre n'affecte que les nouveaux événements, l'expiration étant enregistrée pour chaque événement.
-
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Format : "weeks=3;days=2;hours=3,seconds=2".
-
Configure visual settings and defaults for different domains.
@@ -7927,51 +7922,67 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
There was an error in the application.
+ Une erreur a été rencontrée dans l'application.
Review the application.
+ Passer en revue l'application.
There was an error in the provider.
+ Une erreur a été rencontrée dans le fournisseur.
Review the provider.
+ Passer en revue le fournisseur.
There was an error
+ Il y a eu une erreur
There was an error creating the application, but no error message was sent. Please review the server logs.
+ Il y a eu une erreur lors de la création de l'application, mais aucun message d'erreur n'a été envoyé. Veuillez consulter les logs du serveur.
Configure LDAP Provider
+ Configurer le fournisseur LDAP
Configure OAuth2/OpenId Provider
+ Configurer le fournisseur OAuth2/OpenID
Configure Proxy Provider
+ Configurer le fournisseur Proxy
AdditionalScopes
+ Scopes additionels
Configure Radius Provider
+ Configurer le fournisseur Radius
Configure SAML Provider
+ Configurer le fournisseur SAML
Property mappings used for user mapping.
+ Mappages de propriété utilisés pour la correspondance des utilisateurs.
Configure SCIM Provider
+ Configurer le fournisseur SCIM
Property mappings used for group creation.
+ Mappages de propriétés utilisés lors de la création des groupe
Event volume
+ Volume d'événements
Brand
diff --git a/web/xliff/pl.xlf b/web/xliff/pl.xlf
index a078518eb..229b0f71f 100644
--- a/web/xliff/pl.xlf
+++ b/web/xliff/pl.xlf
@@ -2935,10 +2935,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
To ustawienie ma wpływ tylko na nowe zdarzenia, ponieważ data wygaśnięcia jest zapisywana dla każdego zdarzenia.
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Format: "weeks=3;days=2;hours=3,seconds=2".
-
Configure visual settings and defaults for different domains.
Skonfiguruj ustawienia wizualne i domyślne dla różnych domen.
diff --git a/web/xliff/pseudo-LOCALE.xlf b/web/xliff/pseudo-LOCALE.xlf
index fe552ebad..3c2c9c5cf 100644
--- a/web/xliff/pseudo-LOCALE.xlf
+++ b/web/xliff/pseudo-LOCALE.xlf
@@ -3744,11 +3744,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
Ţĥĩś śēţţĩńĝ ōńĺŷ àƒƒēćţś ńēŵ Ēvēńţś, àś ţĥē ēxƥĩŕàţĩōń ĩś śàvēď ƥēŕ-ēvēńţ.
-
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Ƒōŕmàţ: "ŵēēķś=3;ďàŷś=2;ĥōũŕś=3,śēćōńďś=2".
-
Configure visual settings and defaults for different domains.
diff --git a/web/xliff/tr.xlf b/web/xliff/tr.xlf
index d7dd22eb5..a4f031133 100644
--- a/web/xliff/tr.xlf
+++ b/web/xliff/tr.xlf
@@ -2838,10 +2838,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
Bu ayar, süre sonu olay başına kaydedildiğinden, yalnızca yeni Olayları etkiler.
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- Biçim: “hafta=3; gün = 2; saat=3, ikincil=2".
-
Configure visual settings and defaults for different domains.
Farklı etki alanları için görsel ayarları ve varsayılanları yapılandırın.
diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf
index c285ee2af..de089b651 100644
--- a/web/xliff/zh-Hans.xlf
+++ b/web/xliff/zh-Hans.xlf
@@ -3769,11 +3769,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
此设置仅影响新事件,因为过期时间是分事件保存的。
-
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- 格式:"weeks=3;days=2;hours=3,seconds=2"。
-
Configure visual settings and defaults for different domains.
diff --git a/web/xliff/zh-Hant.xlf b/web/xliff/zh-Hant.xlf
index c6f3ba9ce..5c2b4ef83 100644
--- a/web/xliff/zh-Hant.xlf
+++ b/web/xliff/zh-Hant.xlf
@@ -2864,10 +2864,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
此设置仅影响新事件,因为过期时间是按事件保存的。
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- 格式:"weeks=3;days=2;hours=3,seconds=2"。
-
Configure visual settings and defaults for different domains.
配置不同域的可视化设置和默认值。
diff --git a/web/xliff/zh_TW.xlf b/web/xliff/zh_TW.xlf
index 092e985bd..34767d71b 100644
--- a/web/xliff/zh_TW.xlf
+++ b/web/xliff/zh_TW.xlf
@@ -3743,11 +3743,6 @@ doesn't pass when either or both of the selected options are equal or above the
This setting only affects new Events, as the expiration is saved per-event.
此設定僅會影響新的事件紀錄,舊的紀錄到期時間已經設定。
-
-
- Format: "weeks=3;days=2;hours=3,seconds=2".
- 格式:(weeks=3;days=2;hours=3,seconds=2)。
-
Configure visual settings and defaults for different domains.
diff --git a/website/blog/2023-11-1-happy-birthday-to-us/item.md b/website/blog/2023-11-1-happy-birthday-to-us/item.md
index 684975a1b..a49487d74 100644
--- a/website/blog/2023-11-1-happy-birthday-to-us/item.md
+++ b/website/blog/2023-11-1-happy-birthday-to-us/item.md
@@ -1,6 +1,6 @@
---
-title: “Happy Birthday to Us!”
-description: “We are celebrating our one-year anniversary since the founding of Authentik Security..”
+title: "Happy Birthday to Us!"
+description: "We are celebrating our one-year anniversary since the founding of Authentik Security.."
slug: 2023-11-1-happy-birthday-to-us
authors:
- name: Jens Langhammer and the authentik team
@@ -56,7 +56,7 @@ Once you get to know Jens, you won’t be surprised to his answer about what he
That task alone will scare most of us. In software, team work is most definitely what makes the dream work, so finding the right talents and skills sets and experiences to compliment Jens’ deep technical skills and full-stack experience was of paramount importance. We now have developers with expertise in frontend and backend development, infrastructure, and security, a well as a content editor.
-Of course, it is not just the technical skills that a potential new hire needs; as important are less-measurable skills like collaboration, communication, and perhaps most importantly, what we call “technical curiosity”.
+Of course, it is not just the technical skills that a potential new hire needs; as important are less-measurable skills like collaboration, communication, and perhaps most importantly, what we call "technical curiosity".
> How does this thing work, from whom can I learn more, and with whom can I share my knowledge?
@@ -90,10 +90,10 @@ An interesting offset to our shared love of building is the shared sense of humi
The tone and espirit of the company is one reason it’s so meaningful to celebrate our 1-year birthday; we can happily celebrate a hard year of doing things with full, enthusiastic engagement. At authentik, nerdiness is embraced, technical curiosity flourishes, and transparency is a big part of our nature. Speaking of how we communicate with our community, our Discord forum is (in addition to GitHub) an important place where transparency matters. For example, we recently asked our community what they preferred for a release cycle. Based on the answers, we lengthened the release time from from monthly to every two or three months.
-Moving from a role of solo creator of an open source project, to being primary maintainer of a popular, growing project, to suddenly being CTO of a company based on that project is a quite a transition. A natural question we wanted to ask Jens is “What’s been the hardest thing about building a company?” His answers:
+Moving from a role of solo creator of an open source project, to being primary maintainer of a popular, growing project, to suddenly being CTO of a company based on that project is a quite a transition. A natural question we wanted to ask Jens is "What’s been the hardest thing about building a company?" His answers:
-- “Recognizing and accepting that you don’t get to work on only what you want to, 100% of time… “
-- “Learning to delegate, learning to let go a bit, trusting others to do it in their way, in the right spirit. Especially letting others get into the code… I’ve learned that instead of saying ‘I would not have done it this way’, I instead measure the success of the change itself.”
+- "Recognizing and accepting that you don’t get to work on only what you want to, 100% of time… "
+- "Learning to delegate, learning to let go a bit, trusting others to do it in their way, in the right spirit. Especially letting others get into the code… I’ve learned that instead of saying ‘I would not have done it this way’, I instead measure the success of the change itself."
### What’s up next?
diff --git a/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md b/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md
index ff1e0bf24..6814a8857 100644
--- a/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md
+++ b/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md
@@ -1,6 +1,6 @@
---
title: Automated security versus the security mindset
-description: “Automated security plays a key part in many cybersecurity tasks. But what are its failings and will a security mindset always require the human factor?”
+description: "Automated security plays a key part in many cybersecurity tasks. But what are its failings and will a security mindset always require the human factor?"
slug: 2023-11-30-automated-security-versus-the-security-mindset
authors:
- name: Jens Langhammer
@@ -142,7 +142,7 @@ Once new and significant threats are detected by the automated security, it is h
### Human-centered cybersecurity
-Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the “Blue Team” and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset.
+Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the "Blue Team" and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset.
- The human ability to think creatively and rapidly adapt to changing situations is invaluable to good security processes.
- The higher the security risk, the more you need skilled security professionals to supervise the security process.
diff --git a/website/blog/2023-12-12-oktas-october-breach-part-two/item.md b/website/blog/2023-12-12-oktas-october-breach-part-two/item.md
new file mode 100644
index 000000000..24284f79a
--- /dev/null
+++ b/website/blog/2023-12-12-oktas-october-breach-part-two/item.md
@@ -0,0 +1,93 @@
+---
+title: "Okta's October breach part two: a delayed but slightly better response"
+description: "Okta continues to revel more information about the HAR files breach first revealed in October; now we know that a service account was involved, and 100% of their customer support users were impacted."
+slug: 2023-12-12-oktas-october-breach-part-two
+authors:
+ - name: Jens Langhammer
+ title: CTO at Authentik Security Inc
+ url: https://github.com/BeryJu
+ image_url: https://github.com/BeryJu.png
+tags:
+ - authentik
+ - security mindset
+ - incident response
+ - service account
+ - Okta
+ - SSO
+ - HAR files
+ - identity provider
+ - authentication
+ - Authentik Security
+hide_table_of_contents: false
+image: ./okta-timeline.png
+---
+
+> **_authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a [public benefit company](https://github.com/OpenCoreVentures/ocv-public-benefit-company/blob/main/ocv-public-benefit-company-charter.md) building on top of the open source project._**
+
+---
+
+On November 29th, 2023, Okta [revealed](https://sec.okta.com/harfiles) that a breach they announced in October was much worse than originally conveyed. The number of impacted users went from less than 1% of customers to every single customer who had every opened a Support ticket in the Okta Help Center.
+
+> So the impact leapt from [134 users](https://sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause) to [18,400 users](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach-update).
+
+We wrote in October about Okta’s poor response to breaches (see [Okta got breached again](https://goauthentik.io/blog/2023-10-23-another-okta-breach)), but since our blog doesn’t seem to be changing Okta’s behaviour, let’s take a closer look at the new revelations from Okta about what happened back in October, how it is impacting users now, and why Okta is still dealing with it in December.
+
+> Now all of Okta’s customers are paying the price… with increased phishing and spam.
+
+Our take is that any company can be hacked, but it is the response that matters. How quick is the response, how transparent are the details, how forthright are the acknowledgments? Okta’s initial announcement about the October breach (remember the [HAR file](https://goauthentik.io/blog/2023-10-23-another-okta-breach) that contained a session token?) was less-than-timely, devoid of details, and titled with one of the worst titles ever given such a serious announcement.
+
+
+
+
+
+## Looking back at October’s breach
+
+With the original incident, probably what most people now recall is not only the technical details of the session tokens that were exposed in HAR files, but also the very slow response time. Turns out 1Password reported the breach to Okta on September 29, and [BeyondTrust](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach) reported the breach to Okta on October 2. But Okta waited three weeks before announcing the breach on October 20th.
+
+In this October 20th announcement, Okta CISO David Bradbury stated that the malicious actor had gained access to Okta’s Support dashboard and retrieved only names and emails addresses for a very small number of customers. He explained that the hacker used session tokens that were not scrubbed from a HAR file (which Okta support routinely asks their customers to submit, for troubleshooting purposes) to gain access to specific customer’s accounts. But what wasn’t revealed at the time (because Okta themselves did not yet know) was _how_ the hacker obtained access to the Customer Support dashboard to access customer accounts and then download associated HAR files.
+
+### The second **Okta shoe fell in early November**
+
+As mentioned above, the new information revealed by Okta came from their security team retracing the steps of the original malicious actor. Okta’s research and analysis was greatly aided by the fact that [BeyondTrust shared a suspicious IP address with Okta](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach-update); the IP address that BeyondTrust believed to be the hacker’s.
+
+**Initial access gained via a service account**
+
+This new finding, based on retracing the steps of that IP address, show that the initial breach occurred when the hacker obtained the credentials for a service account "stored in the system", which provided access to the Customer Support dashboard and had permissions to view and update customer support cases. The hacker then reviewed customer support cases, downloaded the associated HAR files, and retrieved the session tokens.
+
+From the [November 3rd announcement](https://sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause), we now know that the service account credentials were exposed through an Okta employee’s personal Google account, which the employee had accessed on the Okta-issued work laptop.
+
+In announcing the service account’s role in the breach, Okta’s CISO stated:
+
+> "During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account."
+
+The use of the service account was discovered on October 16, by examining the activities of the IP address of the hacker that BeyondTrust had supplied Okta. This begs the question of why Okta did not revel the malicious use of the service account in their October 20th announcement. Perhaps they did not yet want to show details of their internal investigation?
+
+### And a third shoe in late November
+
+Now fast-forward to Okta’s [November 29th announcement](https://sec.okta.com/harfiles). Back in October, it was known that after the hacker accessed Okta’s Support dashboard they ran queries on the support database to create reports containing customer data. In the November 3rd announcement Okta shared that the report was thought to be quite small is scope; this is the infamous "less than 1% of Okta customers" statement.
+
+But after more internal investigation and recreating the reports that the malicious actor ran, Okta announced on November 29th that their original statement that less than 1% of their users were impacted by the October breach was incorrect. Instead, Okta revealed that the scope of the report was much larger, and indeed concluded that "[the report contained a list of all customer support system users](https://sec.okta.com/harfiles)". A total of 18,400 users. The only customers that were not impacted are those in FedRAMP and DoD IL4 environments, who are on a separate support platform.
+
+> An aside, perhaps, but the timing of Okta’s update is interesting; the announcement was released on the same date as the quarterly earnings report. This could be seen as transparency, or it could be seen as damage control. (Also, why in the heck is Nov 29th within Okta’s 3rd quarter of **fiscal year 2024**? But we aren’t writing here about Okta’s financial schedules; I digress.)
+
+**Filters removed from report**
+
+Apparently when the hacker ran queries to gather customer data, they used a standard template available from the dashboard. However, they removed all filters on the templated report, thus grabbing much more data then the original template would have returned.
+
+In addition to removing all filters on the report, it seems that Okta’s original analysis of the logs pertaining to the breach failed to take in to account exactly HOW the hacker accessed and downloaded data:
+
+> "For a period of 14 days, while actively investigating, Okta did not identify suspicious downloads in our logs. When a user opens and views files attached to a support case, a specific log event type and ID is generated tied to that file. If a user instead navigates directly to the Files tab in the customer support system, as the threat actor did in this attack, they will instead generate an **entirely different log event** with a different record ID."
+
+## Now what?
+
+The third shoe has dropped, but it feels like there might still be a fourth. Maybe even more data was stolen, beyond just email addresses. Perhaps the malicious actor gained more sensitive customer data when they were able to log into specific customer’s accounts, but are sitting on it waiting to use it. Perhaps the explorations by the hacker form within the customer support system reveled other weaknesses that have yet to be exploited.
+
+So while we are all waiting with baited breath to see if Okta can squeeze even more drama into 2023, here are a few tips to consider:
+
+- If you are an Okta customer, do indeed follow each and every one of their recommendations, listed under the "**Implementing recommended best practices**" section of their [November 29th announcement](https://sec.okta.com/harfiles).
+- Be aware of Okta’s plan for a 90-day pause on new features. During the [earning report call](https://seekingalpha.com/article/4655057-okta-inc-okta-q3-2024-earnings-call-transcript) on November 29th CEO Todd McKinnon stated "During this hyper-focused phase, no other project or even product development area is more important. In fact, the launch dates for the new products and features that we highlighted at Oktane last month will be pushed out approximately 90 days."
+- As Okta advises, be on the lookout for more phishing attempts and stay hyper-vigilant.
+- In general, across the board, be vigilant and adopt a "[security mindset](https://goauthentik.io/blog/2023-11-30-automated-security-versus-the-security-mindset)" (as valuable and maybe more than any technology).
+- Consider breaking out of vendor lock-in and using an on-premise, open core solution such as [authentik](https://goauthentik.io/). We realize change is hard, but continual breaches and uncertainty around when a breach has been fully contained is also painful.
+
+We’d be happy to talk with you more about your security and identity management needs; reach out to us with an email to [hello@goauthentik.io](mailto:hello@goauthentik.io) or on [Discord](https://discord.com/channels/809154715984199690/809154716507963434).
diff --git a/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png b/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png
new file mode 100644
index 000000000..69e0a8aa2
Binary files /dev/null and b/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png differ
diff --git a/website/docs/core/applications.md b/website/docs/core/applications.md
index 9908cdfa9..d27d51097 100644
--- a/website/docs/core/applications.md
+++ b/website/docs/core/applications.md
@@ -27,6 +27,8 @@ The following aspects can be configured:
Starting with authentik 2022.2, you can use placeholders in the launch url to build them dynamically based on logged in user. For example, you can set the Launch URL to `https://goauthentik.io/%(username)s`, which will be replaced with the currently logged in user's username.
+ Only applications whose launch URL starts with `http://` or `https://` or are relative URLs are shown on the users's **My applications** page. This can also be used to hide applications that shouldn't be visible on the **My applications** page but are still accessible by users, by setting the _Launch URL_ to `hidden://`.
+
- _Icon (URL)_: Optionally configure an Icon for the application
If the authentik server does not have a volume mounted under `/media`, you'll get a text input. This accepts absolute URLs. If you've mounted single files into the container, you can reference them using `https://authentik.company/media/my-file.png`.
diff --git a/website/docs/flow/stages/authenticator_validate/index.md b/website/docs/flow/stages/authenticator_validate/index.md
index b72afa47a..9a7df4e0e 100644
--- a/website/docs/flow/stages/authenticator_validate/index.md
+++ b/website/docs/flow/stages/authenticator_validate/index.md
@@ -46,7 +46,7 @@ As first stage, add an _Authentication validation_ stage, with the WebAuthn devi
After this stage you can bind any additional verification stages.
As final stage, bind a _User login_ stage.
-Users can either access this flow directly via it's URL, or you can modify any Identification stage to add a direct link to this flow.
+Users can either access this flow directly via its URL, or you can modify any Identification stage's _Passwordless flow_ setting to add a direct link to this flow.
### Logging
diff --git a/website/docs/flow/stages/identification/index.md b/website/docs/flow/stages/identification/index.md
index f2f6cbb98..f911fc4f8 100644
--- a/website/docs/flow/stages/identification/index.md
+++ b/website/docs/flow/stages/identification/index.md
@@ -14,10 +14,6 @@ Select which fields the user can use to identify themselves. Multiple fields can
UPN will attempt to identify the user based on the `upn` attribute, which can be imported with an [LDAP Source](/integrations/sources/ldap/index)
-:::info
-Starting with authentik 2023.5, when no user fields are selected and only one source is selected, authentik will automatically redirect the user to that source.
-:::
-
## Password stage
To prompt users for their password on the same step as identifying themselves, a password stage can be selected here. If a password stage is selected in the Identification stage, the password stage should not be bound to the flow.
@@ -33,3 +29,29 @@ Requires authentik 2024.1
:::
When enabled, any user identifier will be accepted as valid (as long as they match the correct format, i.e. when [User fields](#user-fields) is set to only allow Emails, then the identifier still needs to be an Email). The stage will succeed and the flow will continue to the next stage. Stages like the [Password stage](../password/index.md) and [Email stage](../email/index.mdx) are aware of this "pretend" user and will behave the same as if the user would exist.
+
+## Source settings
+
+Some sources (like the [OAuth Source](../../../../integrations/sources/oauth/) and [SAML Source](../../../../integrations/sources/saml/)) require user interaction. To make these sources available to users, they can be selected in the Identification stage settings, which will show them below the selected [user field](#user-fields).
+
+By default, sources are only shown with their icon, which can be changed with the _Show sources' labels_ option.
+
+Furthermore, it is also possible to deselect any [user field option](#user-fields) for an Identification stage, which will result in users only being able to use currently configured sources.
+
+:::info
+Starting with authentik 2023.5, when no user fields are selected and only one source is selected, authentik will automatically redirect the user to that source. This only applies when the **Passwordless flow** option is _not_ configured.
+:::
+
+## Flow settings
+
+### Passwordless flow
+
+See [Passwordless authentication](../authenticator_validate/index.md#passwordless-authentication).
+
+### Enrollment flow
+
+Optionally can be set to a flow with the designation of _Enrollment_, which will allow users to sign up.
+
+### Recovery flow
+
+Optionally can be set to a flow with the designation of _Recovery_, which will allow users to recover their credentials.
diff --git a/website/docs/outposts/_config.md b/website/docs/outposts/_config.md
index f1b3e8792..ce013b625 100644
--- a/website/docs/outposts/_config.md
+++ b/website/docs/outposts/_config.md
@@ -64,9 +64,17 @@ kubernetes_image_pull_secrets: []
# (Available with 2022.11.0+)
# Applies to: proxy outposts
kubernetes_ingress_class_name: null
-# Optionally apply an RFC 6902 compliant patch to the Kubernetes objects. This value expects
-# a mapping of a key which can be any of the values from `kubernetes_disabled_components`,
-# which configures which component the patches are applied to. For example:
+# Optionally apply an RFC 6902 compliant patch to the Kubernetes objects.
+# For an understanding of how this works, refer to the link below:
+# https://github.com/kubernetes-sigs/kustomize/blob/master/examples/jsonpatch.md
+#
+# This value expects a mapping where the key represents
+# the Kubernetes component that shall be patched.
+# It can be any of the same values supported by `kubernetes_disabled_components`.
+#
+# For example use this patch to add custom resource requests and limits
+# to the outpost deployment:
+#
# deployment:
# - op: add
# path: "/spec/template/spec/containers/0/resources"
diff --git a/website/docs/security/2023-06-cure53.md b/website/docs/security/2023-06-cure53.md
index 3df339e81..55d65d12d 100644
--- a/website/docs/security/2023-06-cure53.md
+++ b/website/docs/security/2023-06-cure53.md
@@ -1,8 +1,8 @@
# 2023-06 Cure53 Code audit
-In May/June of 2023, we've had a Pen-test conducted by [Cure53](https://cure53.de). The following security updates, 2023.4.2 and 2023.5.3 were released as a response to the found issues.
+In May/June of 2023, we've had a Pentest conducted by [Cure53](https://cure53.de). The following security updates, 2023.4.2 and 2023.5.3 were released as a response to the found issues.
-From the complete report, these are the points we're addressing with this update:
+From the [complete report](https://cure53.de/pentest-report_authentik.pdf), these are the points we're addressing with this update:
### ATH-01-001: Path traversal on blueprints allows arbitrary file-read (Medium)
diff --git a/website/integrations/services/dokuwiki/index.md b/website/integrations/services/dokuwiki/index.md
index 7b7e27e4c..b84dd50a2 100644
--- a/website/integrations/services/dokuwiki/index.md
+++ b/website/integrations/services/dokuwiki/index.md
@@ -17,7 +17,7 @@ The following placeholders will be used:
- `dokuwiki.company` is the FQDN of the DokiWiki install.
- `authentik.company` is the FQDN of the authentik install.
-## Service Configuration
+## DokuWiki configuration
In DokuWiki, navigate to the _Extension Manager_ section in the _Administration_ interface and install
diff --git a/website/integrations/services/grafana/index.mdx b/website/integrations/services/grafana/index.mdx
index e6cc7a5a8..a79730ea0 100644
--- a/website/integrations/services/grafana/index.mdx
+++ b/website/integrations/services/grafana/index.mdx
@@ -86,7 +86,7 @@ resource "authentik_group" "grafana_viewers" {
```
-## Grafana
+## Grafana configuration
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
diff --git a/website/integrations/services/immich/index.md b/website/integrations/services/immich/index.md
new file mode 100644
index 000000000..88554d302
--- /dev/null
+++ b/website/integrations/services/immich/index.md
@@ -0,0 +1,48 @@
+---
+title: Immich
+---
+
+Support level: Community
+
+## What is Immich
+
+> Immich is a self-hosted backup solution for photos and videos on mobile devices.
+>
+> -- https://immich.app/
+
+## Preparation
+
+The following placeholders will be used:
+
+- `https://immich.company` is the URL used to access the Immich instance.
+- `authentik.company` is the FQDN of the authentik install.
+
+## authentik configuration
+
+1. Create a new OAuth2/OpenID Provider using the following settings:
+ - **Name**: Immich
+ - **Authentication flow**: default-authentication-flow
+ - **Authorization flow**: default-provider-authorization-explicit-consent
+ - **Client type**: Confidential
+ - **Client ID**: Either create your own Client ID or make a note of the auto-populated one
+ - **Client Secret**: Either create your own Client Secret or make a note of the auto-populated one
+ - **Redirect URIs/Origins (RegEx)**:
+ _Please note that the following URIs are just examples. Be sure to include all of the domains / URLs that you will use to access Immich._
+ - app.immich:/
+ - https://immich.company/auth/login
+ - https://immich.company/user-settings
+ - **Signing Key**: authentik Self-signed Certificate
+ - Leave everything else as default
+2. Open the new provider you've just created.
+3. Make a note of the **OpenID Configuration Issuer**.
+
+## Immich Configuration
+
+Immich documentation can be found here: https://immich.app/docs/administration/oauth
+
+1. In Immich, navigate to **Administration** > **Settings** > **OAuth Authentication**
+2. Configure Immich as follows:
+ - **Issuer URL**: Populate this field with the `OpenID Configuration Issuer`
+ - **Client ID**: Enter your Client ID from authentik
+ - **Client Secret**: Enter your Client Secret from authentik
+ - **Scope**: `openid email profile`
diff --git a/website/integrations/services/jellyfin/index.md b/website/integrations/services/jellyfin/index.md
index c92e21f52..5de18d3b4 100644
--- a/website/integrations/services/jellyfin/index.md
+++ b/website/integrations/services/jellyfin/index.md
@@ -32,7 +32,7 @@ The following placeholders will be used:
- `dc=company,dc=com` the Base DN of the LDAP outpost.
- `ldap_bind_user` the username of the desired LDAP Bind User
-## Service Configuration
+## Jellyfin configuration
1. If you don't have one already create an LDAP bind user before starting these steps.
- Ideally, this user doesn't have any permissions other than the ability to view other users. However, some functions do require an account with permissions.
diff --git a/website/integrations/services/jenkins/index.md b/website/integrations/services/jenkins/index.md
new file mode 100644
index 000000000..a8b4388ab
--- /dev/null
+++ b/website/integrations/services/jenkins/index.md
@@ -0,0 +1,53 @@
+---
+title: Jenkins
+---
+
+Support level: Community
+
+## What is Jenkins
+
+> The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.
+>
+> -- https://www.jenkins.io/
+
+## Preparation
+
+The following placeholders will be used:
+
+- `jenkins.company` is the FQDN of the Service install.
+- `authentik.company` is the FQDN of the authentik install.
+
+Create an OAuth2/OpenID provider with the following parameters:
+
+- **Client Type**: `Confidential`
+- Scopes: OpenID, Email and Profile
+- **Signing Key**: Select any available key
+
+Note the Client ID and Client Secret values for the provider.
+
+Next, create an application, using the provider you've created above. Note the slug of the application you create.
+
+## Jenkins Configuration
+
+Navigate to the Jenkins plugin manager: **Manage Jenkins** -> **Plugins** -> **Available plugins**. Search for the plugin `oic-auth` in the search field, and install the plugin. Jenkins must be restarted afterwards to ensure the plugin is loaded.
+
+After the restart, navigate to **Manage Jenkins** again, and click **Security**.
+
+Modify the **Security Realm** option to select `Login with Openid Connect`.
+
+In the **Client id** and **Client secret** fields, enter the Client ID and Client Secret values from the provider you created.
+
+Set the configuration mode to **Automatic configuration** and set the **Well-known configuration endpoint** to `https://authentik.company/application/o//.well-known/openid-configuration`
+
+Check the checkbox **Override scopes** and input the scopes `openid profile email` into the new input field.
+
+Further down the page, expand the **Advanced** section and input the following values:
+
+- **User name field name**: `preferred_username`
+- **Full name field name**: `name`
+- **Email field name**: `email`
+- **Groups field name**: `groups`
+
+We also recommend enabling the option **Enable Proof Key for Code Exchange** further down the page.
+
+Additionally, as a fallback to regain access to Jenkins in the case of misconfiguration, we recommend configuring the **Configure 'escape hatch' for when the OpenID Provider is unavailable** option below. How to configure this option is beyond the scope of this document, and is explained by the OpenID Plugin.
diff --git a/website/package-lock.json b/website/package-lock.json
index 6a119f446..009fe65dd 100644
--- a/website/package-lock.json
+++ b/website/package-lock.json
@@ -33,8 +33,8 @@
"@docusaurus/module-type-aliases": "3.0.1",
"@docusaurus/tsconfig": "3.0.1",
"@docusaurus/types": "3.0.1",
- "@types/react": "^18.2.42",
- "prettier": "3.1.0",
+ "@types/react": "^18.2.45",
+ "prettier": "3.1.1",
"typescript": "~5.3.3"
},
"engines": {
@@ -4373,9 +4373,9 @@
"integrity": "sha512-+0autS93xyXizIYiyL02FCY8N+KkKPhILhcUSA276HxzreZ16kl+cmwvV2qAM/PuCCwPXzOXOWhiPcw20uSFcA=="
},
"node_modules/@types/react": {
- "version": "18.2.42",
- "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.42.tgz",
- "integrity": "sha512-c1zEr96MjakLYus/wPnuWDo1/zErfdU9rNsIGmE+NV71nx88FG9Ttgo5dqorXTu/LImX2f63WBP986gJkMPNbA==",
+ "version": "18.2.45",
+ "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.45.tgz",
+ "integrity": "sha512-TtAxCNrlrBp8GoeEp1npd5g+d/OejJHFxS3OWmrPBMFaVQMSN0OFySozJio5BHxTuTeug00AVXVAjfDSfk+lUg==",
"dependencies": {
"@types/prop-types": "*",
"@types/scheduler": "*",
@@ -13754,9 +13754,9 @@
}
},
"node_modules/prettier": {
- "version": "3.1.0",
- "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.1.0.tgz",
- "integrity": "sha512-TQLvXjq5IAibjh8EpBIkNKxO749UEWABoiIZehEPiY4GNpVdhaFKqSTu+QrlU6D2dPAfubRmtJTi4K4YkQ5eXw==",
+ "version": "3.1.1",
+ "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.1.1.tgz",
+ "integrity": "sha512-22UbSzg8luF4UuZtzgiUOfcGM8s4tjBv6dJRT7j275NXsy2jb4aJa4NNveul5x4eqlF1wuhuR2RElK71RvmVaw==",
"dev": true,
"bin": {
"prettier": "bin/prettier.cjs"
diff --git a/website/package.json b/website/package.json
index cac35029a..c8c48c25d 100644
--- a/website/package.json
+++ b/website/package.json
@@ -52,8 +52,8 @@
"@docusaurus/module-type-aliases": "3.0.1",
"@docusaurus/tsconfig": "3.0.1",
"@docusaurus/types": "3.0.1",
- "@types/react": "^18.2.42",
- "prettier": "3.1.0",
+ "@types/react": "^18.2.45",
+ "prettier": "3.1.1",
"typescript": "~5.3.3"
},
"engines": {
diff --git a/website/sidebarsIntegrations.js b/website/sidebarsIntegrations.js
index bc857116b..22b65ab22 100644
--- a/website/sidebarsIntegrations.js
+++ b/website/sidebarsIntegrations.js
@@ -75,6 +75,7 @@ module.exports = {
"services/fortimanager/index",
"services/harbor/index",
"services/hashicorp-vault/index",
+ "services/jenkins/index",
"services/minio/index",
"services/netbox/index",
"services/opnsense/index",
@@ -99,6 +100,7 @@ module.exports = {
"services/freshrss/index",
"services/gravitee/index",
"services/home-assistant/index",
+ "services/immich/index",
"services/jellyfin/index",
"services/node-red/index",
"services/sonar-qube/index",