diff --git a/.github/codespell-words.txt b/.github/codespell-words.txt index 31648d9d9..4b126169d 100644 --- a/.github/codespell-words.txt +++ b/.github/codespell-words.txt @@ -1 +1,3 @@ keypair +keypairs +hass diff --git a/Makefile b/Makefile index 54cb3b84a..189b69301 100644 --- a/Makefile +++ b/Makefile @@ -20,7 +20,14 @@ test: lint-fix: isort authentik tests lifecycle black authentik tests lifecycle - codespell -I .github/codespell-words.txt -S 'web/src/locales/**' -w authentik internal cmd web/src website/src + codespell -I .github/codespell-words.txt -S 'web/src/locales/**' -w \ + authentik \ + internal \ + cmd \ + web/src \ + website/src \ + website/docs \ + website/developer-docs lint: pyright authentik tests lifecycle diff --git a/website/docs/events/notifications.md b/website/docs/events/notifications.md index b885a8165..723a6aa82 100644 --- a/website/docs/events/notifications.md +++ b/website/docs/events/notifications.md @@ -22,7 +22,7 @@ To match events with an "Expression Policy", you can write code like so: if "event" not in request.context: return False -return ip_address(request.context["evnet"].client_ip) in ip_network('192.0.2.0/24') +return ip_address(request.context["event"].client_ip) in ip_network('192.0.2.0/24') ``` ## Selecting who gets notified diff --git a/website/docs/flow/examples.md b/website/docs/flow/examples.md index 31ffb45c1..dbb40e137 100644 --- a/website/docs/flow/examples.md +++ b/website/docs/flow/examples.md @@ -3,7 +3,7 @@ title: Example Flows --- :::info -You can apply theses flows multiple times to stay updated, however this will discard all changes you've made. +You can apply these flows multiple times to stay updated, however this will discard all changes you've made. ::: :::info diff --git a/website/docs/flow/stages/prompt/index.md b/website/docs/flow/stages/prompt/index.md index 09775196b..7ce8932d8 100644 --- a/website/docs/flow/stages/prompt/index.md +++ b/website/docs/flow/stages/prompt/index.md @@ -11,7 +11,7 @@ The prompt can be any of the following types: | Type | Description | | -------- | ----------------------------------------------------------------- | | text | Arbitrary text. No client-side validation is done. | -| email | Email input. Requires a valid email adress. | +| email | Email input. Requires a valid email address. | | password | Password input. | | number | Number input. Any number is allowed. | | checkbox | Simple checkbox. | diff --git a/website/docs/integrations/services/apache-guacamole/index.mdx b/website/docs/integrations/services/apache-guacamole/index.mdx index 866f65cd5..0355511fc 100644 --- a/website/docs/integrations/services/apache-guacamole/index.mdx +++ b/website/docs/integrations/services/apache-guacamole/index.mdx @@ -24,7 +24,7 @@ Create an OAuth2/OpenID provider with the following parameters: - Redirect URIs: `https://guacamole.company/` (depending on your Tomcat setup, you might have to add `/guacamole/` if the application runs in a subfolder) - Scopes: OpenID, Email and Profile -Under *Advanced protocol settings*, set the folloiwng: +Under *Advanced protocol settings*, set the following: - Token validity: Any value to configure how long the session should last. Guacamole will not accept any tokens valid longer than 300 Minutes. diff --git a/website/docs/integrations/services/bookstack/index.md b/website/docs/integrations/services/bookstack/index.md index 7fb4d4942..e6466df04 100644 --- a/website/docs/integrations/services/bookstack/index.md +++ b/website/docs/integrations/services/bookstack/index.md @@ -99,5 +99,5 @@ BookStack will attempt to match the SAML user to an existing BookStack user base ::: :::note -SAML Group Sync is supported by Bookstack. Review the BookStack documention on the required Environment variables. https://www.bookstackapp.com/docs/admin/saml2-auth/ +SAML Group Sync is supported by Bookstack. Review the BookStack documentation on the required Environment variables. https://www.bookstackapp.com/docs/admin/saml2-auth/ ::: diff --git a/website/docs/integrations/services/grafana/index.mdx b/website/docs/integrations/services/grafana/index.mdx index 5b6d2aa4e..f6420fc73 100644 --- a/website/docs/integrations/services/grafana/index.mdx +++ b/website/docs/integrations/services/grafana/index.mdx @@ -98,7 +98,7 @@ For more information on group/role mappings, see [Grafana's docs](https://grafan ### Grafana Configuration Considerations -Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accesible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company:3000`. +Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accessible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company:3000`. If you get `user does not belong to org` error when trying to log into grafana for the first time via OAuth, check if you have an organization with the ID of `1`, if not, then you have to add the following to your grafana config: ```ini diff --git a/website/docs/integrations/services/wiki-js/index.md b/website/docs/integrations/services/wiki-js/index.md index bff6cd460..aed3c5916 100644 --- a/website/docs/integrations/services/wiki-js/index.md +++ b/website/docs/integrations/services/wiki-js/index.md @@ -50,7 +50,7 @@ In Wiki.js, configure the authentication strategy with these settings: - Client Secret: Client Secret from the authentik provider. - Authorization Endpoint URL: https://authentik.company/application/o/authorize/ - Token Endpoint URL: https://authentik.company/application/o/token/ -- User Info Endpont URL: https://authentik.company/application/o/userinfo/ +- User Info Endpoint URL: https://authentik.company/application/o/userinfo/ - Issuer: https://authentik.company/application/o/wikijs/ - Logout URL: https://authentik.company/application/o/wikijs/end-session/ - Allow self-registration: Enabled diff --git a/website/docs/integrations/sources/active-directory/index.md b/website/docs/integrations/sources/active-directory/index.md index c683d4d18..43dd89fb9 100644 --- a/website/docs/integrations/sources/active-directory/index.md +++ b/website/docs/integrations/sources/active-directory/index.md @@ -27,7 +27,7 @@ The following placeholders will be used: ![](./02_delegate.png) -7. Grant these additional permissions (only required when *Sync users' password* is enabled, and dependant on your AD Domain) +7. Grant these additional permissions (only required when *Sync users' password* is enabled, and dependent on your AD Domain) ![](./03_additional_perms.png) diff --git a/website/docs/integrations/sources/google/index.md b/website/docs/integrations/sources/google/index.md index 03f33e36d..69d517b12 100644 --- a/website/docs/integrations/sources/google/index.md +++ b/website/docs/integrations/sources/google/index.md @@ -20,7 +20,7 @@ You will need to create a new project, and OAuth credentials in the Google Devel ![Example Screen](googledeveloper1.png) 3. **Project Name**: Choose a name -4. **Organization**: Leave as defaut if unsure +4. **Organization**: Leave as default if unsure 5. **Location**: Leave as default if unsure ![Example Screen](googledeveloper2.png) @@ -36,7 +36,7 @@ You will need to create a new project, and OAuth credentials in the Google Devel ![Example Screen](googledeveloper4.png) -10. **User Type:** If you do not have a Google Workspace (GSuite) account choose _External_. If you do have a Google Workspace (Gsuite) account and want to limit acces to only users inside of your organization choose _Internal_ +10. **User Type:** If you do not have a Google Workspace (GSuite) account choose _External_. If you do have a Google Workspace (Gsuite) account and want to limit access to only users inside of your organization choose _Internal_ _I'm only going to list the mandatory/important fields to complete._ diff --git a/website/docs/integrations/sources/index.md b/website/docs/integrations/sources/index.md index 8309369b6..5721fe2a2 100644 --- a/website/docs/integrations/sources/index.md +++ b/website/docs/integrations/sources/index.md @@ -11,4 +11,4 @@ To have sources show on the default login screen you will need to add them. This 2. Click on **default-authentication-flow** 3. Click the **Stage Bindings** tab 4. Chose **Edit Stage** for the _default-authentication-identification_ stage -5. Under **Sources** you should see the addtional sources you have configured. Click all applicable sources to have them displayed on the Login Page +5. Under **Sources** you should see the additional sources you have configured. Click all applicable sources to have them displayed on the Login Page diff --git a/website/docs/policies/expression.mdx b/website/docs/policies/expression.mdx index 7403be683..fc387646e 100644 --- a/website/docs/policies/expression.mdx +++ b/website/docs/policies/expression.mdx @@ -67,7 +67,7 @@ import Objects from '../expressions/_objects.md' return ak_client_ip.is_private ``` - See also [Python documetnation](https://docs.python.org/3/library/ipaddress.html#ipaddress.ip_address) + See also [Python documentation](https://docs.python.org/3/library/ipaddress.html#ipaddress.ip_address) Additionally, when the policy is executed from a flow, every variable from the flow's current context is accessible under the `context` object. diff --git a/website/docs/releases/v0.14.md b/website/docs/releases/v0.14.md index 88e475601..2e3d1248d 100644 --- a/website/docs/releases/v0.14.md +++ b/website/docs/releases/v0.14.md @@ -41,7 +41,7 @@ slug: "0.14" - outposts: validate kubeconfig before saving - proxy: update to latest stable oauth2_proxy version - root: update license -- web: fix sidebar being overlayed over modal backdrop +- web: fix sidebar being overlaid over modal backdrop - web: fix table styling on mobile - web: use displyname in sidebar for user diff --git a/website/docs/releases/v2021.3.md b/website/docs/releases/v2021.3.md index d517a50e1..419650110 100644 --- a/website/docs/releases/v2021.3.md +++ b/website/docs/releases/v2021.3.md @@ -37,7 +37,7 @@ slug: "2021.3" A new stage which simply denies access. This can be used to conditionally deny access to users during a flow. Authorization flows for example required an authenticated user, but there was no previous way to block access for un-authenticated users. - If you conditionally include this stage in a flow, make sure to disable "Evaluate on plan", as that will always include the stage in the flow, irregardless of the inputs. + If you conditionally include this stage in a flow, make sure to disable "Evaluate on plan", as that will always include the stage in the flow, regardless of the inputs. ## Fixed in 2021.3.2 diff --git a/website/docs/releases/v2021.5.md b/website/docs/releases/v2021.5.md index 4ff939bdc..a1f30e223 100644 --- a/website/docs/releases/v2021.5.md +++ b/website/docs/releases/v2021.5.md @@ -115,4 +115,4 @@ The helm chart has been rewritten by [@dirtycajunrice](https://github.com/dirtyc Please upgrade to the new chart using values from [ArtifactHub](https://artifacthub.io/packages/helm/goauthentik/authentik). -The old repository will stil exist for backwards-compatibility. +The old repository will still exist for backwards-compatibility. diff --git a/website/docs/releases/v2021.7.md b/website/docs/releases/v2021.7.md index b302f4efe..2ef6d005e 100644 --- a/website/docs/releases/v2021.7.md +++ b/website/docs/releases/v2021.7.md @@ -11,7 +11,7 @@ slug: "2021.7" Currently, only SSL on port 636 is supported, not StartTLS. -- Add bundeled docs +- Add bundled docs You can now browse the authentik docs for your version by browsing to `/help`. This means you don't have to rely on an internet connection to check the docs, and you also have the correct docs for your currently running version. diff --git a/website/docs/releases/v2021.8.md b/website/docs/releases/v2021.8.md index bf080f968..b1ee3ed50 100644 --- a/website/docs/releases/v2021.8.md +++ b/website/docs/releases/v2021.8.md @@ -46,7 +46,7 @@ slug: "2021.8" - core: handle error when ?for_user is not numberical - lib: move id and key generators to lib (#1286) - lifecycle: rename to ak -- outpost: handle non-existant permission +- outpost: handle non-existent permission - outpost: add recursion limit for docker controller - outpost: add repair_permissions command - root: add alias for akflow files diff --git a/website/docs/releases/v2021.9.md b/website/docs/releases/v2021.9.md index d897e0291..cb3a1a7f9 100644 --- a/website/docs/releases/v2021.9.md +++ b/website/docs/releases/v2021.9.md @@ -7,7 +7,7 @@ slug: "2021.9" - Split user interface - This release splits the administration interface from the end-user interface. This makes things clearer for end-users, as all their options are layed out more clearly. + This release splits the administration interface from the end-user interface. This makes things clearer for end-users, as all their options are laid out more clearly. Additionally, the new end-user interface will be more customisable than the admin interface, allowing Administrators to configure what their users can see. diff --git a/website/docs/terminology.md b/website/docs/terminology.md index fedc9495d..fe6540f40 100644 --- a/website/docs/terminology.md +++ b/website/docs/terminology.md @@ -39,7 +39,7 @@ Property Mappings allow you to make information available for external applicati ### Outpost -An outpost is a separate component of authentik, which can be deployed anywhere, irregardless of the authentik deployment. The outpost offers services that aren't implemented directly into the authentik core, like Reverse Proxying. +An outpost is a separate component of authentik, which can be deployed anywhere, regardless of the authentik deployment. The outpost offers services that aren't implemented directly into the authentik core, like Reverse Proxying. Currently there is only a reverse-proxy outpost, in the future there will be more different outpost types.