diff --git a/.github/workflows/ci-outpost.yml b/.github/workflows/ci-outpost.yml index 7324c536b..20e4b1d56 100644 --- a/.github/workflows/ci-outpost.yml +++ b/.github/workflows/ci-outpost.yml @@ -24,12 +24,8 @@ jobs: mkdir -p web/dist mkdir -p website/help touch web/dist/test website/help/test - docker run \ - --rm \ - -v $(pwd):/app \ - -w /app \ - golangci/golangci-lint:v1.43 \ - golangci-lint run -v --timeout 200s + - name: golangci-lint + uses: golangci/golangci-lint-action@v3 test-unittest: runs-on: ubuntu-latest steps: diff --git a/.github/workflows/ci-web.yml b/.github/workflows/ci-web.yml index bd9140b9c..dfb18e25b 100644 --- a/.github/workflows/ci-web.yml +++ b/.github/workflows/ci-web.yml @@ -24,7 +24,7 @@ jobs: cd web npm ci - name: Generate API - run: make gen-web + run: make gen-client-web - name: Eslint run: | cd web @@ -42,7 +42,7 @@ jobs: cd web npm ci - name: Generate API - run: make gen-web + run: make gen-client-web - name: prettier run: | cd web @@ -60,7 +60,7 @@ jobs: cd web npm ci - name: Generate API - run: make gen-web + run: make gen-client-web - name: lit-analyse run: | cd web @@ -88,7 +88,7 @@ jobs: cd web npm ci - name: Generate API - run: make gen-web + run: make gen-client-web - name: build run: | cd web diff --git a/.github/workflows/web-api-publish.yml b/.github/workflows/web-api-publish.yml index ada95439a..c21e4dac0 100644 --- a/.github/workflows/web-api-publish.yml +++ b/.github/workflows/web-api-publish.yml @@ -15,7 +15,7 @@ jobs: node-version: '16' registry-url: 'https://registry.npmjs.org' - name: Generate API Client - run: make gen-web + run: make gen-client-web - name: Publish package run: | cd web-api/ diff --git a/.gitignore b/.gitignore index 6e83beb50..6fd1ae769 100644 --- a/.gitignore +++ b/.gitignore @@ -202,5 +202,4 @@ media/ *mmdb .idea/ -/api/ -/web-api/ +/gen-*/ diff --git a/Makefile b/Makefile index 53bbb3e26..1ecdebb77 100644 --- a/Makefile +++ b/Makefile @@ -61,21 +61,21 @@ gen-clean: rm -rf web/api/src/ rm -rf api/ -gen-web: +gen-client-web: docker run \ --rm -v ${PWD}:/local \ --user ${UID}:${GID} \ openapitools/openapi-generator-cli:v6.0.0-beta generate \ -i /local/schema.yml \ -g typescript-fetch \ - -o /local/web-api \ + -o /local/gen-ts-api \ --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=@goauthentik/api,npmVersion=${NPM_VERSION} mkdir -p web/node_modules/@goauthentik/api - \cp -fv scripts/web_api_readme.md web-api/README.md - cd web-api && npm i - \cp -rfv web-api/* web/node_modules/@goauthentik/api + \cp -fv scripts/web_api_readme.md gen-ts-api/README.md + cd gen-ts-api && npm i + \cp -rfv gen-ts-api/* web/node_modules/@goauthentik/api -gen-outpost: +gen-client-go: wget https://raw.githubusercontent.com/goauthentik/client-go/main/config.yaml -O config.yaml mkdir -p templates wget https://raw.githubusercontent.com/goauthentik/client-go/main/templates/README.mustache -O templates/README.mustache @@ -86,12 +86,12 @@ gen-outpost: openapitools/openapi-generator-cli:v6.0.0-beta generate \ -i /local/schema.yml \ -g go \ - -o /local/api \ + -o /local/gen-go-api \ -c /local/config.yaml - go mod edit -replace goauthentik.io/api=./api + go mod edit -replace goauthentik.io/api/v3=./gen-go-api rm -rf config.yaml ./templates/ -gen: gen-build gen-clean gen-web +gen: gen-build gen-clean gen-client-web migrate: python -m lifecycle.migrate diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index df9d69777..1caceb998 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -17,6 +17,7 @@ from django_filters.filterset import FilterSet from drf_spectacular.types import OpenApiTypes from drf_spectacular.utils import ( OpenApiParameter, + OpenApiResponse, extend_schema, extend_schema_field, inline_serializer, @@ -31,7 +32,6 @@ from rest_framework.serializers import ( ListSerializer, ModelSerializer, PrimaryKeyRelatedField, - Serializer, ValidationError, ) from rest_framework.viewsets import ModelViewSet @@ -351,8 +351,8 @@ class UserViewSet(UsedByMixin, ModelViewSet): }, ), responses={ - 204: "", - 400: "", + 204: OpenApiResponse(description="Successfully changed password"), + 400: OpenApiResponse(description="Bad request"), }, ) @action(detail=True, methods=["POST"]) @@ -410,8 +410,8 @@ class UserViewSet(UsedByMixin, ModelViewSet): ) ], responses={ - "204": Serializer(), - "404": Serializer(), + "204": OpenApiResponse(description="Successfully sent recover email"), + "404": OpenApiResponse(description="Bad request"), }, ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/providers/ldap/api.py b/authentik/providers/ldap/api.py index 2532fac56..e1649f41a 100644 --- a/authentik/providers/ldap/api.py +++ b/authentik/providers/ldap/api.py @@ -25,6 +25,7 @@ class LDAPProviderSerializer(ProviderSerializer): "gid_start_number", "outpost_set", "search_mode", + "bind_mode", ] @@ -70,6 +71,7 @@ class LDAPOutpostConfigSerializer(ModelSerializer): "uid_start_number", "gid_start_number", "search_mode", + "bind_mode", ] diff --git a/authentik/providers/ldap/migrations/0002_ldapprovider_bind_mode.py b/authentik/providers/ldap/migrations/0002_ldapprovider_bind_mode.py new file mode 100644 index 000000000..f39ab1db4 --- /dev/null +++ b/authentik/providers/ldap/migrations/0002_ldapprovider_bind_mode.py @@ -0,0 +1,20 @@ +# Generated by Django 4.0.4 on 2022-05-08 13:43 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("authentik_providers_ldap", "0001_squashed_0005_ldapprovider_search_mode"), + ] + + operations = [ + migrations.AddField( + model_name="ldapprovider", + name="bind_mode", + field=models.TextField( + choices=[("direct", "Direct"), ("cached", "Cached")], default="direct" + ), + ), + ] diff --git a/authentik/providers/ldap/models.py b/authentik/providers/ldap/models.py index da540b27e..ae2037c6b 100644 --- a/authentik/providers/ldap/models.py +++ b/authentik/providers/ldap/models.py @@ -10,8 +10,8 @@ from authentik.crypto.models import CertificateKeyPair from authentik.outposts.models import OutpostModel -class SearchModes(models.TextChoices): - """Search modes""" +class APIAccessMode(models.TextChoices): + """API Access modes""" DIRECT = "direct" CACHED = "cached" @@ -66,7 +66,8 @@ class LDAPProvider(OutpostModel, Provider): ), ) - search_mode = models.TextField(default=SearchModes.DIRECT, choices=SearchModes.choices) + bind_mode = models.TextField(default=APIAccessMode.DIRECT, choices=APIAccessMode.choices) + search_mode = models.TextField(default=APIAccessMode.DIRECT, choices=APIAccessMode.choices) @property def launch_url(self) -> Optional[str]: diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 0ccf06d9b..342772b6a 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -60,11 +60,10 @@ LOGIN_URL = "authentik_flows:default-authentication" # Custom user model AUTH_USER_MODEL = "authentik_core.User" -_cookie_suffix = "_debug" if DEBUG else "" CSRF_COOKIE_NAME = "authentik_csrf" CSRF_HEADER_NAME = "HTTP_X_AUTHENTIK_CSRF" -LANGUAGE_COOKIE_NAME = f"authentik_language{_cookie_suffix}" -SESSION_COOKIE_NAME = f"authentik_session{_cookie_suffix}" +LANGUAGE_COOKIE_NAME = "authentik_language" +SESSION_COOKIE_NAME = "authentik_session" SESSION_COOKIE_DOMAIN = CONFIG.y("cookie_domain", None) AUTHENTICATION_BACKENDS = [ diff --git a/go.mod b/go.mod index 45c6259da..1d38fb1ef 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,10 @@ module goauthentik.io -go 1.16 +go 1.18 require ( github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb github.com/coreos/go-oidc v2.2.1+incompatible - github.com/garyburd/redigo v1.6.2 // indirect github.com/getsentry/sentry-go v0.13.0 github.com/go-ldap/ldap/v3 v3.4.3 github.com/go-openapi/runtime v0.24.1 @@ -18,22 +17,61 @@ require ( github.com/gorilla/sessions v1.2.1 github.com/gorilla/websocket v1.5.0 github.com/imdario/mergo v0.3.12 + github.com/jellydator/ttlcache/v3 v3.0.0 github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484 github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba github.com/pires/go-proxyproto v0.6.2 github.com/pkg/errors v0.9.1 - github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac // indirect github.com/prometheus/client_golang v1.12.1 github.com/quasoft/memstore v0.0.0-20191010062613-2bce066d2b0b github.com/sirupsen/logrus v1.8.1 github.com/stretchr/testify v1.7.1 - goauthentik.io/api/v3 v3.2022041.3 - golang.org/x/net v0.0.0-20220225172249-27dd8689420f // indirect + goauthentik.io/api/v3 v3.2022041.4 golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b golang.org/x/sync v0.0.0-20210220032951-036812b2e83c - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.27.1 // indirect gopkg.in/boj/redistore.v1 v1.0.0-20160128113310-fc113767cd6b - gopkg.in/square/go-jose.v2 v2.5.1 // indirect gopkg.in/yaml.v2 v2.4.0 ) + +require ( + github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e // indirect + github.com/PuerkitoBio/purell v1.1.1 // indirect + github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect + github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect + github.com/beorn7/perks v1.0.1 // indirect + github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/felixge/httpsnoop v1.0.1 // indirect + github.com/garyburd/redigo v1.6.2 // indirect + github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect + github.com/go-openapi/analysis v0.21.2 // indirect + github.com/go-openapi/errors v0.20.2 // indirect + github.com/go-openapi/jsonpointer v0.19.5 // indirect + github.com/go-openapi/jsonreference v0.19.6 // indirect + github.com/go-openapi/loads v0.21.1 // indirect + github.com/go-openapi/spec v0.20.4 // indirect + github.com/go-openapi/swag v0.21.1 // indirect + github.com/go-openapi/validate v0.21.0 // indirect + github.com/go-stack/stack v1.8.1 // indirect + github.com/golang/protobuf v1.5.2 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect + github.com/mitchellh/mapstructure v1.4.3 // indirect + github.com/oklog/ulid v1.3.1 // indirect + github.com/opentracing/opentracing-go v1.2.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pquerna/cachecontrol v0.0.0-20201205024021-ac21108117ac // indirect + github.com/prometheus/client_model v0.2.0 // indirect + github.com/prometheus/common v0.32.1 // indirect + github.com/prometheus/procfs v0.7.3 // indirect + go.mongodb.org/mongo-driver v1.8.3 // indirect + golang.org/x/crypto v0.0.0-20220331220935-ae2d96664a29 // indirect + golang.org/x/net v0.0.0-20220225172249-27dd8689420f // indirect + golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect + golang.org/x/text v0.3.7 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/protobuf v1.27.1 // indirect + gopkg.in/square/go-jose.v2 v2.5.1 // indirect + gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect +) diff --git a/go.sum b/go.sum index e607f9487..16051542b 100644 --- a/go.sum +++ b/go.sum @@ -31,32 +31,24 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/AndreasBriese/bbloom v0.0.0-20190306092124-e2d15f34fcf9/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8= github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e h1:ZU22z/2YRFLyf/P4ZwUYSdNCWsMEI0VeyrFoI2rAhJQ= github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/CloudyKit/fastprinter v0.0.0-20200109182630-33d98a066a53/go.mod h1:+3IMCy2vIlbG1XG/0ggNQv0SvxCAIpPM5b1nCz56Xno= -github.com/CloudyKit/jet/v3 v3.0.0/go.mod h1:HKQPgSJmdK8hdoAbKUUWajkHyHo4RaU5rMdUywE7VMo= -github.com/Joker/hpp v1.0.0/go.mod h1:8x5n+M1Hp5hC0g8okX3sR3vFQwynaX/UgSOM9MeBKzY= github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb h1:w9IDEB7P1VzNcBpOG7kMpFkZp2DkyJIUt0gDx5MBhRU= github.com/Netflix/go-env v0.0.0-20210215222557-e437a7e7f9fb/go.mod h1:9XMFaCeRyW7fC9XJOWQ+NdAv8VLG7ys7l3x4ozEGLUQ= github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/goreferrer v0.0.0-20181106222321-ec9c9a553398/go.mod h1:a1uqRtAwp2Xwc6WNPJEufxJ7fx3npB4UV/JOLmbu5I0= -github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/aymerick/raymond v2.0.3-0.20180322193309-b565731e1464+incompatible/go.mod h1:osfaiScAUVup+UC9Nfq76eWqDhXlp+4UYaA8uhTBO6g= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -70,43 +62,26 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-oidc v2.2.1+incompatible h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk= github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgraph-io/badger v1.6.0/go.mod h1:zwt7syl517jmP8s94KqSxTlM6IMsdhYy6psNgSztDR4= -github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/eknkc/amber v0.0.0-20171010120322-cdade1c07385/go.mod h1:0vRUJqYpeSZifjYj7uP3BG/gKcuzL9xWVV/Y+cK33KM= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/etcd-io/bbolt v1.3.3/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHjkjCrw= -github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ= github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/garyburd/redigo v1.6.2 h1:yE/pwKCrbLpLpQICzYTeZ7JsTA/C53wFTJHaEtRqniM= github.com/garyburd/redigo v1.6.2/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= -github.com/gavv/httpexpect v2.0.0+incompatible/go.mod h1:x+9tiU1YnrOvnB725RkpoLv1M62hOWzwo5OXotisrKc= github.com/getsentry/sentry-go v0.13.0 h1:20dgTiUSfxRB/EhMPtxcL9ZEbM1ZdR+W/7f7NWD+xWo= github.com/getsentry/sentry-go v0.13.0/go.mod h1:EOsfu5ZdvKPfeHYV6pTVQnsjfp30+XA7//UooKNumH0= -github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= -github.com/gin-gonic/gin v1.7.7/go.mod h1:axIBovoeJpVj8S3BwE0uPMTeReE4+AfFtqpqaZ1qq1U= github.com/go-asn1-ber/asn1-ber v1.5.4 h1:vXT6d/FNDiELJnLb6hGNa309LMsrCoYFvpwHDF0+Y1A= github.com/go-asn1-ber/asn1-ber v1.5.4/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= -github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= -github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -118,7 +93,6 @@ github.com/go-ldap/ldap/v3 v3.4.3/go.mod h1:7LdHfVt6iIOESVEe3Bs4Jp2sHEKgDeduAhgM github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= github.com/go-openapi/analysis v0.21.2 h1:hXFrOYFHUAMQdu6zwAiKKJHJQ8kqZs1ux/ru1P1wLJU= github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= @@ -146,10 +120,6 @@ github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrK github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/validate v0.21.0 h1:+Wqk39yKOhfpLqNLEC0/eViCkzM5FVXVqrvt526+wcI= github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= -github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= -github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= -github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= -github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-stack/stack v1.8.1 h1:ntEHSVwIt7PNXNpgPmVfMrNhLtgjlmnZha2kOpuRiDw= github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= @@ -177,9 +147,6 @@ github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWe github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= -github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= -github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= -github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= @@ -212,7 +179,6 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -226,7 +192,6 @@ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -243,7 +208,6 @@ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= @@ -252,49 +216,32 @@ github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyC github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI= github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= -github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/iris-contrib/blackfriday v2.0.0+incompatible/go.mod h1:UzZ2bDEoaSGPbkg6SAB4att1aAwTmVIx/5gCVqeyUdI= -github.com/iris-contrib/go.uuid v2.0.0+incompatible/go.mod h1:iz2lgM/1UnEf1kP0L/+fafWORmlnuysV2EMP8MW+qe0= -github.com/iris-contrib/jade v1.1.3/go.mod h1:H/geBymxJhShH5kecoiOCSssPX7QWYH7UaeZTSWddIk= -github.com/iris-contrib/pongo2 v0.0.1/go.mod h1:Ssh+00+3GAZqSQb30AvBRNxBx7rf0GqwkjqxNd0u65g= -github.com/iris-contrib/schema v0.0.1/go.mod h1:urYA3uvUNG1TIIjOSCzHr9/LmbQo8LrOcOqfqxa4hXw= +github.com/jellydator/ttlcache/v3 v3.0.0 h1:zmFhqrB/4sKiEiJHhtseJsNRE32IMVmJSs4++4gaQO4= +github.com/jellydator/ttlcache/v3 v3.0.0/go.mod h1:WwTaEmcXQ3MTjOm4bsZoDFiCu/hMvNWLO1w67RXz6h4= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= -github.com/kataras/golog v0.0.10/go.mod h1:yJ8YKCmyL+nWjERB90Qwn+bdyBZsaQwU3bTVFgkFIp8= -github.com/kataras/iris/v12 v12.1.8/go.mod h1:LMYy4VlP67TQ3Zgriz8RE2h2kMZV2SgMYbq3UhfoFmE= -github.com/kataras/neffos v0.0.14/go.mod h1:8lqADm8PnbeFfL7CLXh1WHw53dG27MC3pgi2R1rmoTE= -github.com/kataras/pio v0.0.2/go.mod h1:hAoW0t9UmXi4R5Oyq5Z4irTbaTsOemSrDGUtaTl7Dro= -github.com/kataras/sitemap v0.0.5/go.mod h1:KY2eugMKiPwsJgx7+U103YZehfvNGOXURubcGyk0Bz8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.8.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/compress v1.9.7/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -304,10 +251,6 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/labstack/echo/v4 v4.5.0/go.mod h1:czIriw4a0C1dFun+ObrXp7ok03xON0N1awStJ6ArI7Y= -github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= -github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -315,20 +258,8 @@ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= -github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/mediocregopher/radix/v3 v3.4.2/go.mod h1:8FL3F6UQRXHXIBSPUs5h0RybMF8i4n7wVopoX3x7Bv8= -github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs= @@ -339,13 +270,8 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= -github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg= -github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w= -github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= -github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484 h1:D9EvfGQvlkKaDr2CRKN++7HbSXbefUNDrPq60T+g24s= @@ -356,10 +282,8 @@ github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4= -github.com/pingcap/errors v0.11.4/go.mod h1:Oi8TUi2kEtXXLMJk9l1cGmz20kV3TaQ0usTwv5KuLY8= github.com/pires/go-proxyproto v0.6.2 h1:KAZ7UteSOt6urjme6ZldyFm4wDe/z0ZUP0Yv0Dos0d8= github.com/pires/go-proxyproto v0.6.2/go.mod h1:Odh9VFOZJCf9G8cLW5o435Xf1J95Jw9Gw5rnCjcwzAY= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -397,11 +321,6 @@ github.com/quasoft/memstore v0.0.0-20191010062613-2bce066d2b0b/go.mod h1:wTPjTep github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/schollz/closestmatch v2.1.0+incompatible/go.mod h1:RtP1ddjLong6gTkbtmuhtR2uUrrJOpYzYRvbcPAid+g= -github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= @@ -409,15 +328,8 @@ github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6Mwd github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= @@ -429,26 +341,10 @@ github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMT github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= -github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4= -github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasthttp v1.6.0/go.mod h1:FstJa9V+Pj9vQ7OJie2qMHdwemEDaDiSdBnvPM1Su9w= -github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= -github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= -github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0/go.mod h1:/LWChgwKmvncFJFHJ7Gvn9wZArjbV5/FppcK2fKk/tI= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= -github.com/yudai/gojsondiff v1.0.0/go.mod h1:AY32+k2cwILAkW1fbgxQ5mUmMiZFgLIV+FBNExI05xg= -github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDfVJdfcVVdX+jpBxNmX4rDAzaS45IcYoM= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -461,22 +357,20 @@ go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0= goauthentik.io/api/v3 v3.2022041.3 h1:7P2RqYhIu6UtDTif38rqcflUBE22hlVoWj98rbSWp30= goauthentik.io/api/v3 v3.2022041.3/go.mod h1:QM9J32HgYE4gL71lWAfAoXSPdSmLVLW08itfLI3Mo10= +goauthentik.io/api/v3 v3.2022041.4 h1:eCo6KRXyZ4denzM3kZcXpRVfkjEFRmAxOoC+Jz7XVeo= +goauthentik.io/api/v3 v3.2022041.4/go.mod h1:QM9J32HgYE4gL71lWAfAoXSPdSmLVLW08itfLI3Mo10= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= -golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220331220935-ae2d96664a29 h1:tkVvjkPTB7pnW3jnid7kNyAMPVWllTNOf/qKDze4p9o= golang.org/x/crypto v0.0.0-20220331220935-ae2d96664a29/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -501,6 +395,7 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5 h1:2M3HP5CCK1Si9FQhwnzYhXdG6DXeebvUHFpre8QvbyI= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= @@ -512,11 +407,9 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190327091125-710a502c58a2/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -525,7 +418,6 @@ golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -540,11 +432,8 @@ golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211008194852-3b03d305991f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc= @@ -573,9 +462,7 @@ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -586,16 +473,13 @@ golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -612,15 +496,10 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 h1:XfKQ4OlFl8okEOr5UvAqFRVj8pY/4yfcXrddB8qAbU0= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -639,16 +518,12 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181221001348-537d06c36207/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190327201419-c70d86f8b7cf/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -687,6 +562,7 @@ golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20210112230658-8b4aab62c064 h1:BmCFkEH4nJrYcAc2L08yX5RhYGD4j58PTMkEUDkpz2I= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -780,8 +656,6 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/ini.v1 v1.51.1/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -792,7 +666,6 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/internal/outpost/flow/executor.go b/internal/outpost/flow/executor.go index cc3232c91..41e1382dc 100644 --- a/internal/outpost/flow/executor.go +++ b/internal/outpost/flow/executor.go @@ -35,11 +35,13 @@ type FlowExecutor struct { Answers map[StageComponent]string Context context.Context - cip string - api *api.APIClient - flowSlug string - log *log.Entry - token string + cip string + api *api.APIClient + flowSlug string + log *log.Entry + token string + session *http.Cookie + transport http.RoundTripper sp *sentry.Span } @@ -54,28 +56,41 @@ func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Config l.WithError(err).Warning("Failed to create cookiejar") panic(err) } + transport := ak.NewUserAgentTransport(constants.OutpostUserAgent(), ak.NewTracingTransport(rsp.Context(), ak.GetTLSTransport())) + fe := &FlowExecutor{ + Params: url.Values{}, + Answers: make(map[StageComponent]string), + Context: rsp.Context(), + flowSlug: flowSlug, + log: l, + sp: rsp, + cip: "", + transport: transport, + } // Create new http client that also sets the correct ip config := api.NewConfiguration() config.Host = refConfig.Host config.Scheme = refConfig.Scheme config.HTTPClient = &http.Client{ Jar: jar, - Transport: ak.NewUserAgentTransport(constants.OutpostUserAgent(), ak.NewTracingTransport(rsp.Context(), ak.GetTLSTransport())), + Transport: fe, } - token := strings.Split(refConfig.DefaultHeader["Authorization"], " ")[1] - config.AddDefaultHeader(HeaderAuthentikOutpostToken, token) - apiClient := api.NewAPIClient(config) - return &FlowExecutor{ - Params: url.Values{}, - Answers: make(map[StageComponent]string), - Context: rsp.Context(), - api: apiClient, - flowSlug: flowSlug, - log: l, - token: token, - sp: rsp, - cip: "", + fe.token = strings.Split(refConfig.DefaultHeader["Authorization"], " ")[1] + config.AddDefaultHeader(HeaderAuthentikOutpostToken, fe.token) + fe.api = api.NewAPIClient(config) + return fe +} + +func (fe *FlowExecutor) RoundTrip(req *http.Request) (*http.Response, error) { + res, err := fe.transport.RoundTrip(req) + if res != nil { + for _, cookie := range res.Cookies() { + if cookie.Name == "authentik_session" { + fe.session = cookie + } + } } + return res, err } func (fe *FlowExecutor) ApiClient() *api.APIClient { @@ -115,6 +130,10 @@ func (fe *FlowExecutor) getAnswer(stage StageComponent) string { return "" } +func (fe *FlowExecutor) GetSession() *http.Cookie { + return fe.session +} + // WarmUp Ensure authentik's flow cache is warmed up func (fe *FlowExecutor) WarmUp() error { gcsp := sentry.StartSpan(fe.Context, "authentik.outposts.flow_executor.get_challenge") diff --git a/internal/outpost/ldap/bind.go b/internal/outpost/ldap/bind.go index fedab284b..32505aa5a 100644 --- a/internal/outpost/ldap/bind.go +++ b/internal/outpost/ldap/bind.go @@ -3,8 +3,10 @@ package ldap import ( "net" + "github.com/getsentry/sentry-go" "github.com/nmcclain/ldap" "github.com/prometheus/client_golang/prometheus" + log "github.com/sirupsen/logrus" "goauthentik.io/internal/outpost/ldap/bind" "goauthentik.io/internal/outpost/ldap/metrics" "goauthentik.io/internal/utils" @@ -24,6 +26,16 @@ func (ls *LDAPServer) Bind(bindDN string, bindPW string, conn net.Conn) (ldap.LD }).Observe(float64(span.EndTime.Sub(span.StartTime))) req.Log().WithField("took-ms", span.EndTime.Sub(span.StartTime).Milliseconds()).Info("Bind request") }() + + defer func() { + err := recover() + if err == nil { + return + } + log.WithError(err.(error)).Error("recover in bind request") + sentry.CaptureException(err.(error)) + }() + for _, instance := range ls.providers { username, err := instance.binder.GetUsername(bindDN) if err == nil { diff --git a/internal/outpost/ldap/bind/direct/direct.go b/internal/outpost/ldap/bind/direct/direct.go index b559c922b..3eeec8191 100644 --- a/internal/outpost/ldap/bind/direct/direct.go +++ b/internal/outpost/ldap/bind/direct/direct.go @@ -66,6 +66,10 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul fe.Answers[flow.StagePassword] = req.BindPW passed, err := fe.Execute() + flags := flags.UserFlags{ + Session: fe.GetSession(), + } + db.si.SetFlags(req.BindDN, flags) if !passed { metrics.RequestsRejected.With(prometheus.Labels{ "outpost_name": db.si.GetOutpostName(), @@ -74,6 +78,7 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul "dn": req.BindDN, "client": req.RemoteAddr(), }).Inc() + req.Log().Info("Invalid credentials") return ldap.LDAPResultInvalidCredentials, nil } if err != nil { @@ -127,10 +132,8 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul return ldap.LDAPResultOperationsError, nil } cs := db.SearchAccessCheck(userInfo.User) - flags := flags.UserFlags{ - UserPk: userInfo.User.Pk, - CanSearch: cs != nil, - } + flags.UserPk = userInfo.User.Pk + flags.CanSearch = cs != nil db.si.SetFlags(req.BindDN, flags) if flags.CanSearch { req.Log().WithField("group", cs).Info("Allowed access to search") @@ -143,6 +146,9 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul func (db *DirectBinder) SearchAccessCheck(user api.UserSelf) *string { for _, group := range user.Groups { for _, allowedGroup := range db.si.GetSearchAllowedGroups() { + if allowedGroup == nil { + continue + } db.log.WithField("userGroup", group.Pk).WithField("allowedGroup", allowedGroup).Trace("Checking search access") if group.Pk == allowedGroup.String() { return &group.Name diff --git a/internal/outpost/ldap/bind/memory/memory.go b/internal/outpost/ldap/bind/memory/memory.go new file mode 100644 index 000000000..8f1899568 --- /dev/null +++ b/internal/outpost/ldap/bind/memory/memory.go @@ -0,0 +1,62 @@ +package memory + +import ( + "time" + + ttlcache "github.com/jellydator/ttlcache/v3" + "github.com/nmcclain/ldap" + log "github.com/sirupsen/logrus" + "goauthentik.io/internal/outpost/ldap/bind" + "goauthentik.io/internal/outpost/ldap/bind/direct" + "goauthentik.io/internal/outpost/ldap/server" +) + +type Credentials struct { + DN string + Password string +} + +type SessionBinder struct { + direct.DirectBinder + si server.LDAPServerInstance + log *log.Entry + sessions *ttlcache.Cache[Credentials, ldap.LDAPResultCode] +} + +func NewSessionBinder(si server.LDAPServerInstance) *SessionBinder { + sb := &SessionBinder{ + DirectBinder: *direct.NewDirectBinder(si), + si: si, + log: log.WithField("logger", "authentik.outpost.ldap.binder.session"), + sessions: ttlcache.New(ttlcache.WithDisableTouchOnHit[Credentials, ldap.LDAPResultCode]()), + } + go sb.sessions.Start() + sb.log.Info("initialised session binder") + return sb +} + +func (sb *SessionBinder) Bind(username string, req *bind.Request) (ldap.LDAPResultCode, error) { + item := sb.sessions.Get(Credentials{ + DN: req.BindDN, + Password: req.BindPW, + }) + if item != nil { + sb.log.WithField("bindDN", req.BindDN).Info("authenticated from session") + return item.Value(), nil + } + sb.log.Debug("No session found for user, executing flow") + result, err := sb.DirectBinder.Bind(username, req) + // Only cache the result if there's been an error + if err == nil { + flags, ok := sb.si.GetFlags(req.BindDN) + if !ok { + sb.log.Error("user flags not set after bind") + return result, err + } + sb.sessions.Set(Credentials{ + DN: req.BindDN, + Password: req.BindPW, + }, result, time.Duration(flags.Session.MaxAge)) + } + return result, err +} diff --git a/internal/outpost/ldap/flags/flags.go b/internal/outpost/ldap/flags/flags.go index c53a1dc20..f02fc1292 100644 --- a/internal/outpost/ldap/flags/flags.go +++ b/internal/outpost/ldap/flags/flags.go @@ -1,9 +1,14 @@ package flags -import "goauthentik.io/api/v3" +import ( + "net/http" + + "goauthentik.io/api/v3" +) type UserFlags struct { UserInfo *api.User UserPk int32 CanSearch bool + Session *http.Cookie } diff --git a/internal/outpost/ldap/refresh.go b/internal/outpost/ldap/refresh.go index cd5fd9529..df489bf87 100644 --- a/internal/outpost/ldap/refresh.go +++ b/internal/outpost/ldap/refresh.go @@ -11,6 +11,7 @@ import ( log "github.com/sirupsen/logrus" "goauthentik.io/api/v3" directbind "goauthentik.io/internal/outpost/ldap/bind/direct" + memorybind "goauthentik.io/internal/outpost/ldap/bind/memory" "goauthentik.io/internal/outpost/ldap/constants" "goauthentik.io/internal/outpost/ldap/flags" directsearch "goauthentik.io/internal/outpost/ldap/search/direct" @@ -81,7 +82,11 @@ func (ls *LDAPServer) Refresh() error { } else if *provider.SearchMode.Ptr() == api.SEARCHMODEENUM_DIRECT { providers[idx].searcher = directsearch.NewDirectSearcher(providers[idx]) } - providers[idx].binder = directbind.NewDirectBinder(providers[idx]) + if *provider.BindMode.Ptr() == api.BINDMODEENUM_CACHED { + providers[idx].binder = memorybind.NewSessionBinder(providers[idx]) + } else if *provider.BindMode.Ptr() == api.BINDMODEENUM_DIRECT { + providers[idx].binder = directbind.NewDirectBinder(providers[idx]) + } } ls.providers = providers ls.log.Info("Update providers") diff --git a/internal/outpost/ldap/server/base.go b/internal/outpost/ldap/server/base.go index b42c02057..bc8b26e06 100644 --- a/internal/outpost/ldap/server/base.go +++ b/internal/outpost/ldap/server/base.go @@ -31,8 +31,8 @@ type LDAPServerInstance interface { UsersForGroup(api.Group) []string - GetFlags(string) (flags.UserFlags, bool) - SetFlags(string, flags.UserFlags) + GetFlags(dn string) (flags.UserFlags, bool) + SetFlags(dn string, flags flags.UserFlags) GetBaseEntry() *ldap.Entry GetNeededObjects(int, string, string) (bool, bool) diff --git a/tests/e2e/test_provider_ldap.py b/tests/e2e/test_provider_ldap.py index 7bb8fe23b..53c9dbae2 100644 --- a/tests/e2e/test_provider_ldap.py +++ b/tests/e2e/test_provider_ldap.py @@ -15,7 +15,7 @@ from authentik.events.models import Event, EventAction from authentik.flows.models import Flow from authentik.outposts.managed import MANAGED_OUTPOST from authentik.outposts.models import Outpost, OutpostConfig, OutpostType -from authentik.providers.ldap.models import LDAPProvider, SearchModes +from authentik.providers.ldap.models import APIAccessMode, LDAPProvider from tests.e2e.utils import SeleniumTestCase, apply_migration, object_manager, retry @@ -55,7 +55,7 @@ class TestProviderLDAP(SeleniumTestCase): name="ldap_provider", authorization_flow=Flow.objects.get(slug="default-authentication-flow"), search_group=self.user.ak_groups.first(), - search_mode=SearchModes.CACHED, + search_mode=APIAccessMode.CACHED, ) # we need to create an application to actually access the ldap Application.objects.create(name="ldap", slug="ldap", provider=ldap) diff --git a/web/src/locales/de.po b/web/src/locales/de.po index 276909ab0..d1c83cda0 100644 --- a/web/src/locales/de.po +++ b/web/src/locales/de.po @@ -672,6 +672,10 @@ msgstr "Bind Password" msgid "Bind flow" msgstr "Ablauf-Verknüpfung" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -718,6 +722,10 @@ msgstr "Standardmäßig werden für Quellen nur Symbole angezeigt. Aktiviere die msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "CA, anhand derer das Zertifikat des Endpunkts überprüft wird. Kann leer gelassen werden, um keine Validierung durchzuführen." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "Gecachte Abläufe" @@ -1045,6 +1053,10 @@ msgstr "Konfigurieren Sie, wie der Flow Executor eine ungültige Antwort auf ein msgid "Configure how the issuer field of the ID Token should be filled." msgstr "Konfigurieren Sie, wie der Flow-Executor mit einer ungültigen Antwort auf eine Abfrage umgehen soll." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "Konfigurieren Sie, wie der Outpost die Benutzer des Core-Authentik-Servers abfragt." @@ -1586,6 +1598,10 @@ msgstr "Digest-Algorithmus" msgid "Digits" msgstr "Ziffern" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "Direkte Abfragen geben immer die neuesten Daten zurück, sind jedoch langsamer als zwischengespeicherte Abfragen." diff --git a/web/src/locales/en.po b/web/src/locales/en.po index 7626f3e48..41af80247 100644 --- a/web/src/locales/en.po +++ b/web/src/locales/en.po @@ -668,6 +668,10 @@ msgstr "Bind Password" msgid "Bind flow" msgstr "Bind flow" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "Bind mode" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -715,6 +719,10 @@ msgstr "By default, only icons are shown for sources. Enable this to show their msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "Cached flows" @@ -1050,6 +1058,10 @@ msgstr "Configure how the flow executor should handle an invalid response to a c msgid "Configure how the issuer field of the ID Token should be filled." msgstr "Configure how the issuer field of the ID Token should be filled." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "Configure how the outpost authenticates requests." + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "Configure how the outpost queries the core authentik server's users." @@ -1605,6 +1617,10 @@ msgstr "Digest algorithm" msgid "Digits" msgstr "Digits" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "Direct querying, always execute the configured bind flow to authenticate the user." + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "Direct querying, always returns the latest data, but slower than cached querying." diff --git a/web/src/locales/es.po b/web/src/locales/es.po index 9ea06c304..6d14955b7 100644 --- a/web/src/locales/es.po +++ b/web/src/locales/es.po @@ -662,6 +662,10 @@ msgstr "Enlazar contraseña" msgid "Bind flow" msgstr "Flujo de enlace" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -708,6 +712,10 @@ msgstr "De forma predeterminada, solo se muestran los iconos de las fuentes. Act msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "CA con la que se verifica el certificado del punto final. Se puede dejar vacío para que no se valide." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "Flujos almacenados en caché" @@ -1036,6 +1044,10 @@ msgstr "Configure cómo el ejecutor de flujo debe gestionar una respuesta no vá msgid "Configure how the issuer field of the ID Token should be filled." msgstr "Configure cómo se debe rellenar el campo emisor del token de ID." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "Configure la forma en que el puesto avanzado consulta a los usuarios del servidor auténtico principal." @@ -1577,6 +1589,10 @@ msgstr "algoritmo de resumen" msgid "Digits" msgstr "dígitos" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "La consulta directa siempre devuelve los datos más recientes, pero más lento que la consulta en caché." diff --git a/web/src/locales/fr_FR.po b/web/src/locales/fr_FR.po index 4aa3243cc..5df1f5290 100644 --- a/web/src/locales/fr_FR.po +++ b/web/src/locales/fr_FR.po @@ -668,6 +668,10 @@ msgstr "Mot de passe" msgid "Bind flow" msgstr "Lier un flux" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -714,6 +718,10 @@ msgstr "" msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "AC auprès de laquelle le certificat du terminal est vérifié. Peut être laissé vide en l'absence de validation." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "Flux mis en cache" @@ -1045,6 +1053,10 @@ msgstr "Configure comment l'exécuteur de flux gère une réponse invalide à un msgid "Configure how the issuer field of the ID Token should be filled." msgstr "Configure comment le champ émetteur du jeton ID sera rempli." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "" @@ -1590,6 +1602,10 @@ msgstr "Algorithme d'empreinte" msgid "Digits" msgstr "Chiffres" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "" diff --git a/web/src/locales/pl.po b/web/src/locales/pl.po index abfefae81..d9d253bd0 100644 --- a/web/src/locales/pl.po +++ b/web/src/locales/pl.po @@ -659,6 +659,10 @@ msgstr "Powiąż hasło" msgid "Bind flow" msgstr "Powiąż przepływ" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -705,6 +709,10 @@ msgstr "Domyślnie dla źródeł wyświetlane są tylko ikony. Włącz tę opcj msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "CA względem którego weryfikowany jest certyfikat. Można pozostawić puste, aby nie sprawdzać poprawności." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "Przepływy w pamięci podręcznej" @@ -1033,6 +1041,10 @@ msgstr "Skonfiguruj sposób, w jaki executor przepływu powinien obsługiwać ni msgid "Configure how the issuer field of the ID Token should be filled." msgstr "Skonfiguruj jak pole wystawcy tokena ID powinien być wypełniony." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "Skonfiguruj sposób, w jaki placówka wysyła zapytania do użytkowników podstawowego serwera authentik." @@ -1574,6 +1586,10 @@ msgstr "Algorytm skrótu" msgid "Digits" msgstr "Cyfry" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "Zapytania bezpośrednie zawsze zwracają najnowsze dane, ale są wolniejsze niż zapytania w pamięci podręcznej." diff --git a/web/src/locales/pseudo-LOCALE.po b/web/src/locales/pseudo-LOCALE.po index 347369a9f..83e994cb5 100644 --- a/web/src/locales/pseudo-LOCALE.po +++ b/web/src/locales/pseudo-LOCALE.po @@ -660,6 +660,10 @@ msgstr "" msgid "Bind flow" msgstr "" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -707,6 +711,10 @@ msgstr "" msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "" @@ -1038,6 +1046,10 @@ msgstr "" msgid "Configure how the issuer field of the ID Token should be filled." msgstr "" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "" @@ -1591,6 +1603,10 @@ msgstr "" msgid "Digits" msgstr "" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "" diff --git a/web/src/locales/tr.po b/web/src/locales/tr.po index 8d4353cbb..926ad2943 100644 --- a/web/src/locales/tr.po +++ b/web/src/locales/tr.po @@ -662,6 +662,10 @@ msgstr "Parola Bağla" msgid "Bind flow" msgstr "Bağlama akışı" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -708,6 +712,10 @@ msgstr "Varsayılan olarak, kaynaklar için yalnızca simgeler gösterilir. Tam msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "Uç noktanın Sertifikası karşı doğrulanan CA. Doğrulama yapılmadan boş bırakılabilir." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "Önbelleğe alınmış akışlar" @@ -1036,6 +1044,10 @@ msgstr "Akış yürütücüsünün bir meydan okuma için geçersiz bir yanıt n msgid "Configure how the issuer field of the ID Token should be filled." msgstr "Kimlik Belirtecinin yayımcı alanının nasıl doldurulacağını yapılandırın." +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "Üssün çekirdek authentik sunucusunun kullanıcılarını nasıl sorgulayacağını yapılandırın." @@ -1577,6 +1589,10 @@ msgstr "Digest algoritması" msgid "Digits" msgstr "Rakamlar" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "Doğrudan sorgulama, her zaman en son verileri döndürür, ancak önbelleğe alınmış sorgulardan daha yavaş olur." diff --git a/web/src/locales/zh-Hans.po b/web/src/locales/zh-Hans.po index abbc2cb51..3b41da84e 100644 --- a/web/src/locales/zh-Hans.po +++ b/web/src/locales/zh-Hans.po @@ -659,6 +659,10 @@ msgstr "Bind 密码" msgid "Bind flow" msgstr "Bind 流程" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -705,6 +709,10 @@ msgstr "默认情况下,只为源显示图标。启用此选项可显示它们 msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "验证端点证书所依据的 CA。可以留空,表示不进行验证。" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "缓存流程" @@ -1033,6 +1041,10 @@ msgstr "配置流程执行器应如何处理对质询的无效响应。" msgid "Configure how the issuer field of the ID Token should be filled." msgstr "配置如何填写 ID 令牌的颁发者字段。" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "配置前哨如何查询核心 authentik 服务器的用户。" @@ -1574,6 +1586,10 @@ msgstr "摘要算法" msgid "Digits" msgstr "数字" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "直接查询,总是返回最新数据,但比缓存查询慢。" diff --git a/web/src/locales/zh-Hant.po b/web/src/locales/zh-Hant.po index d25112cb5..21c23cf19 100644 --- a/web/src/locales/zh-Hant.po +++ b/web/src/locales/zh-Hant.po @@ -659,6 +659,10 @@ msgstr "Bind 密码" msgid "Bind flow" msgstr "Bind 流程" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -705,6 +709,10 @@ msgstr "默认情况下,只为源显示图标。启用此选项可显示他们 msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "验证终端节点证书所依据的 CA。可以留空以表示不进行验证。" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "缓存的流程" @@ -1033,6 +1041,10 @@ msgstr "配置流程执行器应如何处理对质询的无效响应。" msgid "Configure how the issuer field of the ID Token should be filled." msgstr "配置如何填写 ID 令牌的颁发者字段。" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "配置前哨如何查询核心 authentik 服务器的用户。" @@ -1574,6 +1586,10 @@ msgstr "摘要算法" msgid "Digits" msgstr "数字" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "直接查询,总是返回最新数据,但比缓存查询慢。" diff --git a/web/src/locales/zh_TW.po b/web/src/locales/zh_TW.po index 30ddc1b40..94ef54129 100644 --- a/web/src/locales/zh_TW.po +++ b/web/src/locales/zh_TW.po @@ -659,6 +659,10 @@ msgstr "Bind 密码" msgid "Bind flow" msgstr "Bind 流程" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Bind mode" +msgstr "" + #: src/pages/flows/BoundStagesList.ts #: src/pages/flows/BoundStagesList.ts msgid "Bind stage" @@ -705,6 +709,10 @@ msgstr "默认情况下,只为源显示图标。启用此选项可显示他们 msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." msgstr "验证终端节点证书所依据的 CA。可以留空以表示不进行验证。" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Cached binding, flow is executed and session is cached in memory. Flow is executed when session expires." +msgstr "" + #: src/pages/admin-overview/charts/FlowStatusChart.ts msgid "Cached flows" msgstr "缓存的流程" @@ -1033,6 +1041,10 @@ msgstr "配置流程执行器应如何处理对质询的无效响应。" msgid "Configure how the issuer field of the ID Token should be filled." msgstr "配置如何填写 ID 令牌的颁发者字段。" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Configure how the outpost authenticates requests." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Configure how the outpost queries the core authentik server's users." msgstr "配置前哨如何查询核心 authentik 服务器的用户。" @@ -1574,6 +1586,10 @@ msgstr "摘要算法" msgid "Digits" msgstr "数字" +#: src/pages/providers/ldap/LDAPProviderForm.ts +msgid "Direct querying, always execute the configured bind flow to authenticate the user." +msgstr "" + #: src/pages/providers/ldap/LDAPProviderForm.ts msgid "Direct querying, always returns the latest data, but slower than cached querying." msgstr "直接查询,总是返回最新数据,但比缓存查询慢。" diff --git a/web/src/pages/providers/ldap/LDAPProviderForm.ts b/web/src/pages/providers/ldap/LDAPProviderForm.ts index bcac9ea32..cdb1359be 100644 --- a/web/src/pages/providers/ldap/LDAPProviderForm.ts +++ b/web/src/pages/providers/ldap/LDAPProviderForm.ts @@ -6,6 +6,7 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { until } from "lit/directives/until.js"; import { + BindModeEnum, CoreApi, CryptoApi, FlowsApi, @@ -119,6 +120,25 @@ export class LDAPProviderFormPage extends ModelForm { ${t`Users in the selected group can do search queries. If no group is selected, no LDAP Searches are allowed.`}

+ + +

+ ${t`Configure how the outpost authenticates requests.`} +

+