web: add support for PII for sentry, add user feedback dialog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
30cb468ec5
commit
513d3c1c31
|
@ -1,8 +1,4 @@
|
|||
import * as Sentry from "@sentry/browser";
|
||||
import { Integrations } from "@sentry/tracing";
|
||||
import { VERSION } from "../constants";
|
||||
import { SentryIgnoredError } from "../common/errors";
|
||||
import { Config, Configuration, Middleware, ResponseContext, RootApi } from "authentik-api";
|
||||
import { Configuration, Middleware, ResponseContext } from "authentik-api";
|
||||
import { getCookie } from "../utils";
|
||||
import { API_DRAWER_MIDDLEWARE } from "../elements/notifications/APIDrawer";
|
||||
import { MessageMiddleware } from "../elements/messages/Middleware";
|
||||
|
@ -13,6 +9,7 @@ export class LoggingMiddleware implements Middleware {
|
|||
console.debug(`authentik/api: ${context.response.status} ${context.init.method} ${context.url}`);
|
||||
return Promise.resolve(context.response);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export const DEFAULT_CONFIG = new Configuration({
|
||||
|
@ -27,27 +24,3 @@ export const DEFAULT_CONFIG = new Configuration({
|
|||
new LoggingMiddleware(),
|
||||
],
|
||||
});
|
||||
|
||||
export function configureSentry(): Promise<Config> {
|
||||
return new RootApi(DEFAULT_CONFIG).rootConfigList().then((config) => {
|
||||
if (config.errorReportingEnabled) {
|
||||
Sentry.init({
|
||||
dsn: "https://a579bb09306d4f8b8d8847c052d3a1d3@sentry.beryju.org/8",
|
||||
release: `authentik@${VERSION}`,
|
||||
integrations: [
|
||||
new Integrations.BrowserTracing(),
|
||||
],
|
||||
tracesSampleRate: 0.6,
|
||||
environment: config.errorReportingEnvironment,
|
||||
beforeSend(event: Sentry.Event, hint: Sentry.EventHint) {
|
||||
if (hint.originalException instanceof SentryIgnoredError) {
|
||||
return null;
|
||||
}
|
||||
return event;
|
||||
},
|
||||
});
|
||||
console.debug("authentik/config: Sentry enabled.");
|
||||
}
|
||||
return config;
|
||||
});
|
||||
}
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
import * as Sentry from "@sentry/browser";
|
||||
import { Integrations } from "@sentry/tracing";
|
||||
import { VERSION } from "../constants";
|
||||
import { SentryIgnoredError } from "../common/errors";
|
||||
import { Config, RootApi } from "authentik-api";
|
||||
import { me } from "./Users";
|
||||
import { DEFAULT_CONFIG } from "./Config";
|
||||
|
||||
export function configureSentry(): Promise<Config> {
|
||||
return new RootApi(DEFAULT_CONFIG).rootConfigList().then((config) => {
|
||||
if (config.errorReportingEnabled) {
|
||||
Sentry.init({
|
||||
dsn: "https://a579bb09306d4f8b8d8847c052d3a1d3@sentry.beryju.org/8",
|
||||
release: `authentik@${VERSION}`,
|
||||
integrations: [
|
||||
new Integrations.BrowserTracing({
|
||||
tracingOrigins: [window.location.host, "localhost"],
|
||||
}),
|
||||
],
|
||||
tracesSampleRate: 0.6,
|
||||
environment: config.errorReportingEnvironment,
|
||||
beforeSend(event: Sentry.Event, hint: Sentry.EventHint) {
|
||||
if (hint.originalException instanceof SentryIgnoredError) {
|
||||
return null;
|
||||
}
|
||||
if (event.exception) {
|
||||
me().then(user => {
|
||||
Sentry.showReportDialog({
|
||||
eventId: event.event_id,
|
||||
user: {
|
||||
email: user.user.email,
|
||||
name: user.user.name,
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
return event;
|
||||
},
|
||||
});
|
||||
console.debug("authentik/config: Sentry enabled.");
|
||||
if (config.errorReportingSendPii) {
|
||||
me().then(user => {
|
||||
Sentry.setUser({ email: user.user.email });
|
||||
console.debug("authentik/config: Sentry with PII enabled.");
|
||||
});
|
||||
}
|
||||
}
|
||||
return config;
|
||||
});
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
import { css, CSSResult, customElement, html, LitElement, property, TemplateResult } from "lit-element";
|
||||
import PFPage from "@patternfly/patternfly/components/Page/page.css";
|
||||
import PFGlobal from "@patternfly/patternfly/patternfly-base.css";
|
||||
import { configureSentry } from "../../api/Config";
|
||||
import { configureSentry } from "../../api/Sentry";
|
||||
import { Config } from "authentik-api";
|
||||
import { ifDefined } from "lit-html/directives/if-defined";
|
||||
|
||||
|
|
|
@ -1394,7 +1394,7 @@ msgstr "Form didn't return a promise for submitting"
|
|||
msgid "Friendly Name"
|
||||
msgstr "Friendly Name"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:109
|
||||
#: src/pages/stages/email/EmailStageForm.ts:107
|
||||
msgid "From address"
|
||||
msgstr "From address"
|
||||
|
||||
|
@ -1728,7 +1728,7 @@ msgstr "Loading"
|
|||
#: src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts:90
|
||||
#: src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts:96
|
||||
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:131
|
||||
#: src/pages/stages/email/EmailStageForm.ts:172
|
||||
#: src/pages/stages/email/EmailStageForm.ts:170
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:120
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:138
|
||||
#: src/pages/stages/password/PasswordStageForm.ts:106
|
||||
|
@ -1900,7 +1900,7 @@ msgstr "Monitor"
|
|||
#: src/pages/stages/consent/ConsentStageForm.ts:57
|
||||
#: src/pages/stages/deny/DenyStageForm.ts:54
|
||||
#: src/pages/stages/dummy/DummyStageForm.ts:54
|
||||
#: src/pages/stages/email/EmailStageForm.ts:124
|
||||
#: src/pages/stages/email/EmailStageForm.ts:122
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:63
|
||||
#: src/pages/stages/invitation/InvitationStageForm.ts:56
|
||||
#: src/pages/stages/password/PasswordStageForm.ts:63
|
||||
|
@ -2607,7 +2607,7 @@ msgstr "SLO URL"
|
|||
msgid "SMTP Host"
|
||||
msgstr "SMTP Host"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:80
|
||||
#: src/pages/stages/email/EmailStageForm.ts:79
|
||||
msgid "SMTP Password"
|
||||
msgstr "SMTP Password"
|
||||
|
||||
|
@ -2872,7 +2872,7 @@ msgstr "Stage used to validate any authenticator. This stage should be used duri
|
|||
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:71
|
||||
#: src/pages/stages/captcha/CaptchaStageForm.ts:62
|
||||
#: src/pages/stages/consent/ConsentStageForm.ts:64
|
||||
#: src/pages/stages/email/EmailStageForm.ts:131
|
||||
#: src/pages/stages/email/EmailStageForm.ts:129
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:70
|
||||
#: src/pages/stages/invitation/InvitationStageForm.ts:63
|
||||
#: src/pages/stages/password/PasswordStageForm.ts:70
|
||||
|
@ -2927,7 +2927,7 @@ msgstr "Status: Enabled"
|
|||
msgid "Stop impersonation"
|
||||
msgstr "Stop impersonation"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:154
|
||||
#: src/pages/stages/email/EmailStageForm.ts:152
|
||||
msgid "Subject"
|
||||
msgstr "Subject"
|
||||
|
||||
|
@ -3262,7 +3262,7 @@ msgstr "Task finished with errors"
|
|||
msgid "Task finished with warnings"
|
||||
msgstr "Task finished with warnings"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:160
|
||||
#: src/pages/stages/email/EmailStageForm.ts:158
|
||||
msgid "Template"
|
||||
msgstr "Template"
|
||||
|
||||
|
@ -3331,7 +3331,7 @@ msgstr "This stage checks the user's current session against the Google reCaptch
|
|||
msgid "Threshold"
|
||||
msgstr "Threshold"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:151
|
||||
#: src/pages/stages/email/EmailStageForm.ts:149
|
||||
msgid "Time in minutes the token sent is valid."
|
||||
msgstr "Time in minutes the token sent is valid."
|
||||
|
||||
|
@ -3345,7 +3345,7 @@ msgstr "Time-based One-Time Passwords"
|
|||
|
||||
#: src/pages/policies/BoundPoliciesList.ts:39
|
||||
#: src/pages/policies/PolicyBindingForm.ts:209
|
||||
#: src/pages/stages/email/EmailStageForm.ts:103
|
||||
#: src/pages/stages/email/EmailStageForm.ts:101
|
||||
msgid "Timeout"
|
||||
msgstr "Timeout"
|
||||
|
||||
|
@ -3367,7 +3367,7 @@ msgstr "Token URL"
|
|||
msgid "Token count"
|
||||
msgstr "Token count"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:147
|
||||
#: src/pages/stages/email/EmailStageForm.ts:145
|
||||
msgid "Token expiry"
|
||||
msgstr "Token expiry"
|
||||
|
||||
|
@ -3588,11 +3588,11 @@ msgstr "Update details"
|
|||
msgid "Update {0}"
|
||||
msgstr "Update {0}"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:98
|
||||
#: src/pages/stages/email/EmailStageForm.ts:96
|
||||
msgid "Use SSL"
|
||||
msgstr "Use SSL"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:90
|
||||
#: src/pages/stages/email/EmailStageForm.ts:88
|
||||
msgid "Use TLS"
|
||||
msgstr "Use TLS"
|
||||
|
||||
|
@ -3604,7 +3604,7 @@ msgstr "Use a code-based authenticator."
|
|||
msgid "Use a security key to prove your identity."
|
||||
msgstr "Use a security key to prove your identity."
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:141
|
||||
#: src/pages/stages/email/EmailStageForm.ts:139
|
||||
msgid "Use global settings"
|
||||
msgstr "Use global settings"
|
||||
|
||||
|
@ -3731,7 +3731,7 @@ msgstr "Validity days"
|
|||
msgid "Verification Certificate"
|
||||
msgstr "Verification Certificate"
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:121
|
||||
#: src/pages/stages/email/EmailStageForm.ts:119
|
||||
msgid "Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity."
|
||||
msgstr "Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity."
|
||||
|
||||
|
@ -3804,7 +3804,7 @@ msgstr "Webhook URL"
|
|||
msgid "When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown."
|
||||
msgstr "When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown."
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:144
|
||||
#: src/pages/stages/email/EmailStageForm.ts:142
|
||||
msgid "When enabled, global Email connection settings will be used and connection settings below will be ignored."
|
||||
msgstr "When enabled, global Email connection settings will be used and connection settings below will be ignored."
|
||||
|
||||
|
|
|
@ -1386,7 +1386,7 @@ msgstr ""
|
|||
msgid "Friendly Name"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:109
|
||||
#: src/pages/stages/email/EmailStageForm.ts:107
|
||||
msgid "From address"
|
||||
msgstr ""
|
||||
|
||||
|
@ -1720,7 +1720,7 @@ msgstr ""
|
|||
#: src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts:90
|
||||
#: src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts:96
|
||||
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:131
|
||||
#: src/pages/stages/email/EmailStageForm.ts:172
|
||||
#: src/pages/stages/email/EmailStageForm.ts:170
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:120
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:138
|
||||
#: src/pages/stages/password/PasswordStageForm.ts:106
|
||||
|
@ -1892,7 +1892,7 @@ msgstr ""
|
|||
#: src/pages/stages/consent/ConsentStageForm.ts:57
|
||||
#: src/pages/stages/deny/DenyStageForm.ts:54
|
||||
#: src/pages/stages/dummy/DummyStageForm.ts:54
|
||||
#: src/pages/stages/email/EmailStageForm.ts:124
|
||||
#: src/pages/stages/email/EmailStageForm.ts:122
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:63
|
||||
#: src/pages/stages/invitation/InvitationStageForm.ts:56
|
||||
#: src/pages/stages/password/PasswordStageForm.ts:63
|
||||
|
@ -2599,7 +2599,7 @@ msgstr ""
|
|||
msgid "SMTP Host"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:80
|
||||
#: src/pages/stages/email/EmailStageForm.ts:79
|
||||
msgid "SMTP Password"
|
||||
msgstr ""
|
||||
|
||||
|
@ -2864,7 +2864,7 @@ msgstr ""
|
|||
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:71
|
||||
#: src/pages/stages/captcha/CaptchaStageForm.ts:62
|
||||
#: src/pages/stages/consent/ConsentStageForm.ts:64
|
||||
#: src/pages/stages/email/EmailStageForm.ts:131
|
||||
#: src/pages/stages/email/EmailStageForm.ts:129
|
||||
#: src/pages/stages/identification/IdentificationStageForm.ts:70
|
||||
#: src/pages/stages/invitation/InvitationStageForm.ts:63
|
||||
#: src/pages/stages/password/PasswordStageForm.ts:70
|
||||
|
@ -2919,7 +2919,7 @@ msgstr ""
|
|||
msgid "Stop impersonation"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:154
|
||||
#: src/pages/stages/email/EmailStageForm.ts:152
|
||||
msgid "Subject"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3254,7 +3254,7 @@ msgstr ""
|
|||
msgid "Task finished with warnings"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:160
|
||||
#: src/pages/stages/email/EmailStageForm.ts:158
|
||||
msgid "Template"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3321,7 +3321,7 @@ msgstr ""
|
|||
msgid "Threshold"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:151
|
||||
#: src/pages/stages/email/EmailStageForm.ts:149
|
||||
msgid "Time in minutes the token sent is valid."
|
||||
msgstr ""
|
||||
|
||||
|
@ -3335,7 +3335,7 @@ msgstr ""
|
|||
|
||||
#: src/pages/policies/BoundPoliciesList.ts:39
|
||||
#: src/pages/policies/PolicyBindingForm.ts:209
|
||||
#: src/pages/stages/email/EmailStageForm.ts:103
|
||||
#: src/pages/stages/email/EmailStageForm.ts:101
|
||||
msgid "Timeout"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3357,7 +3357,7 @@ msgstr ""
|
|||
msgid "Token count"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:147
|
||||
#: src/pages/stages/email/EmailStageForm.ts:145
|
||||
msgid "Token expiry"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3578,11 +3578,11 @@ msgstr ""
|
|||
msgid "Update {0}"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:98
|
||||
#: src/pages/stages/email/EmailStageForm.ts:96
|
||||
msgid "Use SSL"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:90
|
||||
#: src/pages/stages/email/EmailStageForm.ts:88
|
||||
msgid "Use TLS"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3594,7 +3594,7 @@ msgstr ""
|
|||
msgid "Use a security key to prove your identity."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:141
|
||||
#: src/pages/stages/email/EmailStageForm.ts:139
|
||||
msgid "Use global settings"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3721,7 +3721,7 @@ msgstr ""
|
|||
msgid "Verification Certificate"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:121
|
||||
#: src/pages/stages/email/EmailStageForm.ts:119
|
||||
msgid "Verify the user's email address by sending them a one-time-link. Can also be used for recovery to verify the user's authenticity."
|
||||
msgstr ""
|
||||
|
||||
|
@ -3794,7 +3794,7 @@ msgstr ""
|
|||
msgid "When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/stages/email/EmailStageForm.ts:144
|
||||
#: src/pages/stages/email/EmailStageForm.ts:142
|
||||
msgid "When enabled, global Email connection settings will be used and connection settings below will be ignored."
|
||||
msgstr ""
|
||||
|
||||
|
|
Reference in New Issue