Commit graph

2148 commits

Author SHA1 Message Date
Jens Langhammer a1bb9661e0
web/user: shrink logo in navbar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-07 12:23:22 +02:00
Jens Langhammer 422b19df60
release: 2023.5.4 2023-06-26 23:33:04 +02:00
Jens L b0fbd576fc
security: cure53 fix (#6039)
* ATH-01-001: resolve path and check start before loading blueprints

This is even less of an issue since 411ef239f6, since with that commit we only allow files that the listing returns

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: fix missing user filter for webauthn device

This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.

* ATH-01-008: fix web forms not submitting correctly when pressing enter

When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly

This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.

* ATH-01-004: remove env from admin system endpoint

this endpoint already required admin access, but for debugging the env variables are used very little

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-005: use hmac.compare_digest for secret_key authentication

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-009: migrate impersonation to use API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-014: save authenticator validation state in flow context

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

bugfixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-012: escape quotation marks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add website

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release ntoes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update with all notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:25:04 +02:00
Jens L 93575a9966
core: prevent selecting a group as a parent of itself (#6016)
* core: prevent selecting a group as a parent of itself

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api error when no parent is given

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-20 20:21:58 +02:00
Jens L 01311929d1
providers/ldap: improve password totp detection (#6006)
* providers/ldap: improve password totp detection

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add flag for totp mfa support

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep support for static tokens

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-20 12:09:13 +02:00
Ken Sternberg f179d6572e
web: Storybook css import fix (#5964)
* web: fix storybook `build` css import issue

This is an incredibly frustrating issue, because Storybook works
in `dev` mode but not in `build` mode, and that's not at all what
you'd expecte from a mature piece of software.  Lit uses the native
CSS adoptedStylesheets field, which takes only a constructedStylesheet.
Lit provides a way of generating those, but the imports from
Patternfly (or any `.css` file) are text, and converting those to
stylesheets required a bit of magic.

What this means going forward is that any Storied components will
have to have their CSS wrapped in a way that ensures it is managed
correctly by Lit (well, to be pedantic, by the
shadowDOM.adoptedStylesheets).  That wrapper is provided and the
components that need it have been wrapped.

This problem deserves further investigation, but for the time
being this actually does solve it with a minimum amount of surgical
pain.

* web: fix storybook build issue

This commit further fixes the typing issues around strings, CSSResults,
and CSSStyleSheets by providing overloaded functions that assist
consumers in knowing that if they send an array to expect an array
in return, and if they send a scalar expect a scalar in return.

* replace any with unknown

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-16 13:36:04 +02:00
Jens L 16454af1c0
web/admin: theme adjustments (#5944)
* web/admin: theme adjustments

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-13 15:41:48 +02:00
Jens L 05d73f688c
policies/event_matcher: add model filter (#5802)
* policies/event_matcher: add model filter

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve logic

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove t``

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 22:11:11 +02:00
ChandonPierre 029395d08b
sources/ldap: add support for cert based auth (#5850)
* ldap: support cert based auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ldap: default sni switch to off

* ldap: `get_info=NONE` on insufficient access error

* fix: Make file locale script

* ldap: add google ldap attribute mappings

* ldap: move google secure ldap blueprint to examples

Revert "ldap: add google ldap attribute mappings"

This reverts commit 8a861bb92c1bd763b6e7ec0513f73b3039a1adb4.

* ldap: remove `validate` for client cert auth

not strictly necessary

* ldap: write temp cert files more securely

* ldap: use first array value for sni when provided csv input

* don't specify tempdir

we set $TMPDIR in the dockerfile

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* limit API to only allow certificate key pairs with private key

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use maxsplit

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 15:41:44 +02:00
Jens L bf1a363124
web/flows: update default flow background (#5905)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 15:16:25 +02:00
dependabot[bot] e573b3a29f
web: bump @formatjs/intl-listformat from 7.2.2 to 7.3.0 in /web (#5866)
* web: bump @formatjs/intl-listformat from 7.2.2 to 7.3.0 in /web

Bumps [@formatjs/intl-listformat](https://github.com/formatjs/formatjs) from 7.2.2 to 7.3.0.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/@formatjs/intl-listformat@7.2.2...@formatjs/intl-listformat@7.3.0)

---
updated-dependencies:
- dependency-name: "@formatjs/intl-listformat"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix poly import

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 13:28:15 +02:00
Ken Sternberg d0f0f9b29e
web: Add storybook (#5865)
* \#\# Details

web: replace lingui with lit/localize

\#\# Changes

This rather massive shift replaces the lingui and `t()` syntax with lit-localize, XLIFF, and the `msg()`
syntax used by lit-localize.  90% of this work was mechanized; simple perl scripts found and replaced
all uses of `t()` with the appropriate corresponding syntax for `msg()` and `msg(str())`.

The XLIFF files were auto-generated from the PO files.  They have not been audited, and they should be
checked over by professional translators.  The actual _strings_ have not been changed, but as this was
a mechanized change there is always the possibility of mis-translation-- not by the translator, but by
the script.

* web: revise lit/localize: fix two installation issues.

* web: revise localization

TL;DR:

- Replaced all of Lingui's `t()` syntax with `msg()` syntax.
- Mechanically (i.e with a script) converted all of the PO files to XLIFF files
- Refactored the localization code to be a bit smarter:
  - the function `getBestMatchLocale` takes the locale lists and a requested locale, and returns the
    first match of:
    - The locale's code exactly matches the requested locale
    - The locale code exactly matches the prefix of the requested locale (i.e the "en" part of "en-US")
    - the locale code's prefix exactly matches the prefix of the requested locale
    This function is passed to lit-locate's `loadLocale()`.
  - `activateLocale()` just calls `loadLocale()` now.
  - `autodetectLanguage` searches the following, and picks the first that returns a valid locale
    object, before passing it to `loadLocale()`:
    - The User's settings
    - A `?locale=` component found in `window.location.search`
    - The `window.navigator.language` field
    - English

The `msg()` only runs when it's run.  This seems obvious, but it means that you cannot cache
strings at load time; they must be kept inside functions that are re-run so that the `msg()` engine
can look up the strings in the preferred language of the user at that moment.

You can use thunks-of-strings if you really need them that way.

* Including the 'xliff-converter' in case anyone wants to review it.

* The xliff-converter is tagged as 'xliff-converter', but has been
deleted.

\#\# Details

-   Resolves #5171

\#\# Changes

\#\#\# New Features

-   Adds a "Add an Application" to the LibraryView if there are no applications and the user is an administrator.

\#\#\# Breaking Changes

-   Adds breaking change which causes \<issue\>.

\#\# Checklist

-   [ ] Local tests pass (`ak test authentik/`)
-   [ ] The code has been formatted (`make lint-fix`)

If an API change has been made

-   [ ] The API schema has been updated (`make gen-build`)

If changes to the frontend have been made

-   [ ] The code has been formatted (`make web`)
-   [ ] The translation files have been updated (`make i18n-extract`)

If applicable

-   [ ] The documentation has been updated
-   [ ] The documentation has been formatted (`make website`)

* web: fix redundant locales for zh suite.

* web: prettier pass for locale update

* web: localization moderization

Changed the names of the lit-localize commands to make it clear they're
part of the localization effort, and not just "build" and "extract".

* web: add storybook to test components

* update transifex config

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix package lock?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use build not compile

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* web: conversion to lit-localize

The CI produced a list of problems that I hadn't caught earlier,
due to a typo ("localize build" is correct, "localize compile" is
not) I had left in package.json.  They were minor and linty, but
it was still wise to fix them.

* web: replace lingui with lit/locale

This commit fixes some minor linting issues that were hidden by a typo in package.json.  The
issues were not apparently problematic from a Javascript point of view, but they pointed
to sloppy thinking in the progression of types through the system, so I cleaned them
up and formalized the types from LocaleModule to AkLocale.

* web: replace lingui with lit/localize

One problem that has repeatedly come up is that localize's templates do not produce
JavaScript that conforms with our shop style.  I've replaced `build-locale` with
a two-step that builds the locale *and* ensures that it conforms to the shop style
via `prettier` every time.

* web: replace lingui with lit-locale

This commit applies the most recent bundle of translations to the
new lit-locale aspect component.  It also revises the algorithm
for *finding* the correct locale, replacing the complex fall-back
with some rather straightforward regular expressions.

In the case of Chinese, the fallback comes at the end of the
selection list, which may not be, er, politically valuable
(since Taiwan and Hong Kong come before, being exceptions that
need to be tested).  If we need a different order for presentation,
that'll be a future feature.

* web: replace lingui with lit/locale

Well, that was embarassing.

* web: add storybook

The delta on this didn't make any sense; putting it back causes no behavioral
changes.

* web: add Storybook

Fixed a typo in the package.json that prevented the TSC check
from passing.

* web: incorporate storybook

This commit includes a number of type and definitional changes needed to make lit-analyze pass. In
most cases, it was a matter of reassuring Lit that we were using the right type and the right type
converter, or configuring the property such that it should never be called as an attribute.

The most controversial change is adding the 'no-incompatible-type-binding' to the LIT analyzer
configuration (found in `tsconfig.json`). This "routes around" lit-analyzer not doing very well
understanding that some HTML objects can have generic property types, as long as the renderer is
configured correctly.

The 'no-missing-import: off' setting is required as lit-analyzer also does not use the tsconfig
`paths` setting correctly and cannot find objects defined via aliases.

It's a shame JSON can't support comments; these should be in the tsconfig.json file directly.  As it
is, I've started a README file that includes a section to record configuration decisions.

Deleted the lingui.config file as we're not using it anymore

* ignore storybook build in git

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-07 13:05:33 +02:00
Jens L 0ce41a1b2d
providers/ldap: add StartTLS support (#5861)
* providers/ldap: add StartTLS support

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add starttls test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update form and docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-add tls server name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 21:40:19 +02:00
Jens L 69f0460f69
website: update translation docs (#5875)
* website/docs: remove lingui references

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* replace deprecated cryptography types

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* tell eslint to avoid escapes in strings when possible

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ignore generated locale code

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 12:32:32 +02:00
Ken Sternberg 44a057ed9c
web: Replace lingui.js with lit-localize (#5761)
* \#\# Details

web: replace lingui with lit/localize

\#\# Changes

This rather massive shift replaces the lingui and `t()` syntax with lit-localize, XLIFF, and the `msg()`
syntax used by lit-localize.  90% of this work was mechanized; simple perl scripts found and replaced
all uses of `t()` with the appropriate corresponding syntax for `msg()` and `msg(str())`.

The XLIFF files were auto-generated from the PO files.  They have not been audited, and they should be
checked over by professional translators.  The actual _strings_ have not been changed, but as this was
a mechanized change there is always the possibility of mis-translation-- not by the translator, but by
the script.

* web: revise lit/localize: fix two installation issues.

* web: revise localization

TL;DR:

- Replaced all of Lingui's `t()` syntax with `msg()` syntax.
- Mechanically (i.e with a script) converted all of the PO files to XLIFF files
- Refactored the localization code to be a bit smarter:
  - the function `getBestMatchLocale` takes the locale lists and a requested locale, and returns the
    first match of:
    - The locale's code exactly matches the requested locale
    - The locale code exactly matches the prefix of the requested locale (i.e the "en" part of "en-US")
    - the locale code's prefix exactly matches the prefix of the requested locale
    This function is passed to lit-locate's `loadLocale()`.
  - `activateLocale()` just calls `loadLocale()` now.
  - `autodetectLanguage` searches the following, and picks the first that returns a valid locale
    object, before passing it to `loadLocale()`:
    - The User's settings
    - A `?locale=` component found in `window.location.search`
    - The `window.navigator.language` field
    - English

The `msg()` only runs when it's run.  This seems obvious, but it means that you cannot cache
strings at load time; they must be kept inside functions that are re-run so that the `msg()` engine
can look up the strings in the preferred language of the user at that moment.

You can use thunks-of-strings if you really need them that way.

* Including the 'xliff-converter' in case anyone wants to review it.

* The xliff-converter is tagged as 'xliff-converter', but has been
deleted.

\#\# Details

-   Resolves #5171

\#\# Changes

\#\#\# New Features

-   Adds a "Add an Application" to the LibraryView if there are no applications and the user is an administrator.

\#\#\# Breaking Changes

-   Adds breaking change which causes \<issue\>.

\#\# Checklist

-   [ ] Local tests pass (`ak test authentik/`)
-   [ ] The code has been formatted (`make lint-fix`)

If an API change has been made

-   [ ] The API schema has been updated (`make gen-build`)

If changes to the frontend have been made

-   [ ] The code has been formatted (`make web`)
-   [ ] The translation files have been updated (`make i18n-extract`)

If applicable

-   [ ] The documentation has been updated
-   [ ] The documentation has been formatted (`make website`)

* web: fix redundant locales for zh suite.

* web: prettier pass for locale update

* web: localization moderization

Changed the names of the lit-localize commands to make it clear they're
part of the localization effort, and not just "build" and "extract".

* update transifex config

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix package lock?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use build not compile

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* web: conversion to lit-localize

The CI produced a list of problems that I hadn't caught earlier,
due to a typo ("localize build" is correct, "localize compile" is
not) I had left in package.json.  They were minor and linty, but
it was still wise to fix them.

* web: replace lingui with lit/locale

This commit fixes some minor linting issues that were hidden by a typo in package.json.  The
issues were not apparently problematic from a Javascript point of view, but they pointed
to sloppy thinking in the progression of types through the system, so I cleaned them
up and formalized the types from LocaleModule to AkLocale.

* web: replace lingui with lit/localize

One problem that has repeatedly come up is that localize's templates do not produce
JavaScript that conforms with our shop style.  I've replaced `build-locale` with
a two-step that builds the locale *and* ensures that it conforms to the shop style
via `prettier` every time.

* web: replace lingui with lit-locale

This commit applies the most recent bundle of translations to the
new lit-locale aspect component.  It also revises the algorithm
for *finding* the correct locale, replacing the complex fall-back
with some rather straightforward regular expressions.

In the case of Chinese, the fallback comes at the end of the
selection list, which may not be, er, politically valuable
(since Taiwan and Hong Kong come before, being exceptions that
need to be tested).  If we need a different order for presentation,
that'll be a future feature.

* web: replace lingui with lit/locale

Well, that was embarassing.

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-02 08:08:36 -07:00
Jens Langhammer 0a1d0b85ca
Merge branch 'version-2023.5' 2023-06-01 21:00:13 +02:00
Jens Langhammer be85eecac5
release: 2023.5.3 2023-06-01 19:35:13 +02:00
Jens L 772acb10d6
providers/ldap: fix LDAP Outpost application selection (#5812)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:51:46 +02:00
Jens L fd4c5f5ce7
providers/ldap: fix LDAP Outpost application selection (#5812)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:14:25 +02:00
Saeverix 317afc932a
web/flows: fix RedirectStage not detecting absolute URLs correctly (#5781)
* web: getURL() method in RedirectStage.ts now actually detects URLs (#5732)

Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com>

* use native API to build full URL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-30 10:54:12 +02:00
Saeverix 47a916ad5e
web/flows: fix RedirectStage not detecting absolute URLs correctly (#5781)
* web: getURL() method in RedirectStage.ts now actually detects URLs (#5732)

Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com>

* use native API to build full URL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-29 12:20:40 +00:00
Jens Langhammer ce96600adb
Merge branch 'version-2023.5' 2023-05-28 13:23:32 +02:00
Jens Langhammer 5e5a74eebf
release: 2023.5.2 2023-05-26 23:54:12 +02:00
dependabot[bot] c869f3a3e2
web: bump mermaid from 10.1.0 to 10.2.0 in /web (#5749)
* web: bump mermaid from 10.1.0 to 10.2.0 in /web

Bumps [mermaid](https://github.com/mermaid-js/mermaid) from 10.1.0 to 10.2.0.
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Changelog](https://github.com/mermaid-js/mermaid/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/mermaid-js/mermaid/compare/v10.1.0...v10.2.0)

---
updated-dependencies:
- dependency-name: mermaid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix lit-analyse issues

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-25 11:29:23 +02:00
Jens L 0deaf25b1f
web/user: fix MFA enroll dropdown broken when password stage has no configuration flow (#5744)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:21 +02:00
Jens L 22ee587e9f
web/user: fix search input styling (#5745)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:50:35 +02:00
Jens L 1ba734cc7b
web/user: fix MFA enroll dropdown broken when password stage has no configuration flow (#5744)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:19:19 +02:00
Ken Sternberg 7c43c1a05b
web/user: fix broken search on application library (#5743)
web: fix broken search on application library

This is *mortifying*.  I didn't test this well enough, and apparently
broke it again once I'd tested it.  This patch restores the original
behavior ("no match" means "just show everything"), and fixes a
small bit of semantic lint -- the "search" feature should not be
assigning meaning to what it finds; it's enough to pass back the
prioritized list to whatever client wanted it, and let the client
decide what to do with it.
2023-05-24 11:51:49 -07:00
Ken Sternberg 7c7957f160
web/user: refactor LibraryPage for testing, add CTA (#5665)
* 5171: Fixed README to comply with Prettier rules.

I'm pretty impressed that that worked.  Good on Jens for having that
in the prettier rules.

* web: revised package.json

Removed the migration and web/README.md file.  The former should not have
been included; the latter is currently unprofessional in tone.

* web: revise LibraryPage, add CTA

TL;DR:

- Separated LibraryPage into a bunch of different, independent parts, none of which require
Authentik running to be testable or viewable.
- This made adding the "Add an Application" CTA easier.
- This sets the stage for unit and view testing of the UI

This commit revises the LibraryPage, devolving it into a couple of independent components that have
to asynchronous dependencies, with a single asynchronous master:

- LibraryPage: Loads the UIConfig, UserConfig, and CoreApi, and once those are loaded, launches the
  LibraryPageImpl.
- LibraryPageImpl: the ListView of applications available, and updates the ListView according to
  search criteria it receives via an event listener.
  - LibraryPageImpl.css: The stylesheet. Put here because it's visual clutter.
  - LibraryPageImpl.utils: defines static functions used to filter the view. Here because, again, it
    would otherwise be visual clutter of the LibraryPageImpl.
- ApplicationEmptyState: Shows the "You have no applications" and, if the user is a superuser, the
  "Add an application" button.
- ApplicationSearch: Contains the Fuse implementation and, as the search result is updated, sends
  the selected and filtered app list to the LibraryPage via an event.  Also controls the "Choose an
  application by pressing Enter" event.
- ApplicationList: Displays the list of applications.

All of these components are _responsive_ to changes in the Apps collection via the LibraryPage
itself, but none of them invoke the Apps collection, UIConfig, and CoreApi directly, so it should be
possible to create Storybook implementations that view the LibraryPageImpl itself without having to
have an instance of Authentik running.

If the user is a superuser, the "You have no applications" panel now shows the "Add an Application"
button and a link to the documentation on how to add an application.

* web: lint and prettier updates

\#\# Details

-   Resolves #5171

\#\# Changes

This just updates the prettier and eslint passes.

* \#\# Details

-   Resolves #5171

\#\# Changes

Removed unused declarations.

* \#\# Details

-   web: refactor LibraryPage, resolves #5171

\#\# Changes

Some changes found in code review, including an embarassing failure
to both remove the old internal accessor and propagate the new
one for "isAdmin".

A pattern is emerging that a LitComponent class should consist of:

- styles
- properties
- states
- queries
- other object fields
- constructor()
- connectedCallBack()
- disconnectedCallBack()
- event listeners
- callback helpers
- render helpers
- render()

... in that order.

* actually remove LibraryPage that got re-added in the rebase

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix router import

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use pf-c-button for CTA

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix different alignment compared to old version

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use docLink() for documentation link

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also open docs in new tab

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* web: minor language changes

As requested by @Tana.

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-22 23:35:26 +02:00
Jens L 5d5938c412
sources/saml: separate verification cert (#5699)
* sources/saml: allow separate verification certificate to be specified

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add migration to keep current behaviour

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update strings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep testing verification

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-21 14:42:17 +02:00
transifex-integration[bot] 300901e93f
Translations for web/src/locales/en.po in zh-Hans (#5686)
Translate web/src/locales/en.po in zh-Hans

100% translated source file: 'web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-19 11:05:51 +02:00
transifex-integration[bot] 33386b126c
Translations for web/src/locales/en.po in zh_CN (#5685)
Translate web/src/locales/en.po in zh_CN

100% translated source file: 'web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-19 11:05:33 +02:00
Jens Langhammer 6900ffffd8
release: 2023.5.1 2023-05-18 21:33:38 +02:00
Jens L 6cf7a72831
web/flows: improve UI for TOTP code input (#5676)
* web/flows: improve UI for TOTP code input

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update phrasing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-18 18:41:53 +02:00
Jens L 79dcc30778
providers/radius: add warning message when radius provider is not used with outpost (#5656)
* providers/radius: add warning message when radius provider is not used with outpost

same message as Proxy and LDAP provider have

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:19:33 +02:00
Jens L 68a1bcf233
providers/SCIM: improve backchannel signalling (#5657)
* providers/scim: add warning when provider is not used as backchannel provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* providers/scim: don't sync SCIM provider that isn't used as backchannel at all

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:19:18 +02:00
Jens L 3195a75b9a
web/admin: fix radius provider page (#5651)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 10:56:24 +02:00
tograss daa3c91afc
web/flows: fix authenticator_validate device select not sent to backend (#5638) 2023-05-16 22:55:59 +02:00
Jens L 5eba598584
web/flows: update flow background (#5639)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-16 22:18:13 +02:00
Jens Langhammer 8faec99bd6
release: 2023.5.0 2023-05-16 14:00:48 +02:00
Jens L 52132112f6
web/elements: don't send value from writeOnly field that hasn't been modified (#5614)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-15 19:45:36 +02:00
Jens L 61434c807d
stages/identification: auto-redirect to source when no user fields are selected (#5583)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-11 16:52:30 +02:00
transifex-integration[bot] 78ecbc097c
Translations for web/src/locales/en.po in zh_CN (#5574)
Translate web/src/locales/en.po in zh_CN

100% translated source file: 'web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-11 11:55:49 +02:00
transifex-integration[bot] 7fc350bb0b
Translations for web/src/locales/en.po in zh-Hans (#5575)
Translate web/src/locales/en.po in zh-Hans

100% translated source file: 'web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-11 11:55:35 +02:00
Jens L c8e074c363
web/admin: add description to notification rule group field (#5568)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 21:00:51 +02:00
Jens L fd8c1d41db
web/admin: only show prompt creation when editing prompt stage (#5572)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:58:13 +02:00
Michael OBrien eb071d4d90
providers/oauth2: add user UUID as subject option (#5556)
* providers/oauth2: add user UUID as subject option

* Added translations for new OAuth2 subject option
2023-05-10 17:50:13 +02:00
Jens L 8ccdbdc370
web/user: fix empty banner on application page not showing correctly (#5555)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-09 21:12:58 +02:00
transifex-integration[bot] ad2d38fa4a
Translations for web/src/locales/en.po in zh-Hans (#5534)
Translate web/src/locales/en.po in zh-Hans

100% translated source file: 'web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-08 22:06:10 +02:00
transifex-integration[bot] b1b0cf8a87
Translations for web/src/locales/en.po in zh_CN (#5535)
Translate web/src/locales/en.po in zh_CN

100% translated source file: 'web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-08 22:06:01 +02:00
Jens L 99e2c6911c
web/admin: add example data for ldap property mapping (#5530)
* web/admin: add example data for ldap property mapping

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* correctly retry flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 17:18:07 +02:00
Jens L 9bddc9b577
web/admin: remove redundant markdown notice (#5525)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 15:33:00 +02:00
Jens L 7acd0558f5
core: applications backchannel provider (#5449)
* backchannel applications

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add webui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* include assigned app in provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve backchannel provider list display

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make ldap provider compatible

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* show backchannel providers in app view

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make backchannel required for SCIM

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup api

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-08 15:29:12 +02:00
Jens L 395dc08f05
web/flows: don't autoclose in redirect stage if redirecting to non-http protocol (#5506)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-07 12:58:14 +02:00
Jens L 8ded11806a
ci: fix backend translate compile ci job (#5500)
* ci: fix backend translate compile ci job

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix redirect challenge for relative URLs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-06 13:42:41 +02:00
Jens L 36bd4b1e51
web/admin: use radio for client type (#5499)
* web/admin: use radio for client type

also fix search select not correctly passing all items in .selected callback

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* include unrelated typo fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-06 00:11:27 +02:00
Jens L 95a679ab3b
web/flows: rework redirect logic (#5498)
* web/flows: rework redirect logic

always use redirect stage, remove special logic from flow executor

show better message when redirect target URL isn't http or https (show notice to close the page)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update strings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-05 22:24:43 +02:00
Jens L 5ca8eefa8b
web: fix loading text not being loaded (#5497)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-05 22:22:32 +02:00
transifex-integration[bot] c0f3b56012
Translate 'web/src/locales/en.po' in 'zh_CN' (#5467)
Translate web/src/locales/en.po in zh_CN

100% translated for the source file 'web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-03 23:51:45 +03:00
transifex-integration[bot] 53415d8af8
Translate 'web/src/locales/en.po' in 'zh-Hans' (#5468)
Translate web/src/locales/en.po in zh-Hans

100% translated for the source file 'web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-05-03 23:51:35 +03:00
Jens L 3f607ee2c8
policies: make policy engine modes consistent with database values (#5462)
* policies: make policy engine modes consistent with database values

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix in ui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing case

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-03 18:16:16 +03:00
Jens L da6e74a353
web/admin: fix file path setting not saved properly (#5463) 2023-05-03 18:13:34 +03:00
Jens L b1508b9d01
web/admin: add notes for users and groups (#5459)
* web/admin: add notes for users and groups

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix unrelated typo

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-03 15:19:14 +03:00
Jens L 4601864f94
web/admin: add toggle to hide deactivated users (#5419)
* web/admin: add toggle to hide deactivated users

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make default user path configurable

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-03 15:09:10 +03:00
Jens L 4da66cdb6b
web/admin: fix radius view page not imported (#5450)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-02 17:44:06 +03:00
Jens L fef841a458
web/admin: always override send method instead of assigning (#5426)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-30 19:55:29 +03:00
Jens L cc8f52b502
web/admin: fix state issue after clearIcon/Background is used and for… (#5423)
web/admin: fix state issue after clearIcon/Background is used and form is re-used

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-30 14:25:18 +03:00
Jens L 1913b5ec41
web/admin: fix outpost integration list (#5418)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-29 20:35:17 +03:00
Jens L a8332eced6
web/flow: render prompt inputs without unsafeHTML (#5404)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 22:46:34 +03:00
transifex-integration[bot] 3af27323de
Translate 'web/src/locales/en.po' in 'zh_CN' (#5412)
Translate web/src/locales/en.po in zh_CN

100% translated for the source file 'web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-04-28 18:00:50 +03:00
transifex-integration[bot] 8a6febaa02
Translate 'web/src/locales/en.po' in 'zh-Hans' (#5411)
Translate web/src/locales/en.po in zh-Hans

100% translated for the source file 'web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-04-28 18:00:35 +03:00
macmoritz 01663468de
web: Fix label not clickable for checkbox and choice field in prompts (#5355)
* fix label not clickable for checkbox and choice field in prompts

* web/flows: fix label for attribute, fix checkbox styling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

# Conflicts:
#	web/src/flow/stages/prompt/PromptStage.ts

---------

Co-authored-by: moritz <m.tratar@senbax.computer>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 12:26:39 +03:00
Jens L cb0fa6beb9
web: fix API browser error (#5402)
* web: fix API browser error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 12:21:46 +03:00
dependabot[bot] dfe8a98849
web: bump @lingui/cli from 3.17.2 to 4.0.0 in /web (#5387)
* web: bump @lingui/cli from 3.17.2 to 4.0.0 in /web

Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.17.2 to 4.0.0.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.17.2...v4.0.0)

---
updated-dependencies:
- dependency-name: "@lingui/cli"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* update

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also bump typescript

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix logic error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-27 18:28:08 +03:00
Jens L e05f028c0a
web/admin: disable generated proxy config by default (#5372)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-25 15:24:31 +03:00
Jens L 158fe2f9bb
web/admin: fix cert expiry coloring (#5354) 2023-04-23 19:16:50 +03:00
Jens L f1cec03dcf
web/admin: remove grouping (#5343)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 21:31:23 +03:00
Jens L 948b83a2b2
web: fix build (#5327)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-20 19:48:56 +03:00
sdimovv ee6edec1d8
stages/prompt: Add initial_data prompt field and ability to select a default choice for choice fields (#5095)
* Added initial_value to model

* Added initial_value to admin panel

* Added initial_value support to flows; updated tests

* Updated default blueprints

* update docs

* Fix test

* Fix another test

* Fix yet another test

* Add placeholder migration

* Remove unused import
2023-04-19 12:27:51 +02:00
cskwrd 04cc7817ee
web/admin: fix blueprint instance list without metadata or labels (#5296)
* Update BlueprintListPage.ts

`Object.hasOwn()` throws an exception if the first argument is `null` or `undefined`.
This change ensures that the first argument is never `null` or `undefined`.

Signed-off-by: cskwrd <cskwrd@users.noreply.github.com>

* Update web/src/admin/blueprints/BlueprintListPage.ts

Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: cskwrd <cskwrd@users.noreply.github.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@beryju.org>
2023-04-19 12:15:26 +02:00
Jens L 6a554ef45a
web/admin: fix error when prompt previewing fails when loading the page (#5290)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-18 14:53:13 +02:00
Jens L 5f99887b50
web/admin: fix flow stage binding update failing (#5287)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-18 13:10:50 +02:00
Jens L ce5f6d5d43
release: Version 2023.4 (#5283)
* release: 2023.4.0

* release: 2023.4.1
2023-04-18 10:45:17 +02:00
Jens L 8160663214
release: 2023.4.0 (#5254) 2023-04-14 13:20:22 +02:00
Jens L e123afd9ee
web/admin: fix impersonate button layout (#5251)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 11:20:07 +02:00
Jens L 6a74fa11c6
providers/oauth2: inconsistent client secret generation (#5241)
* use simpler char set for client secret

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also adjust radius

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use similar logic in web to generate ids and secrets

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* dont use math.random

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 15:06:28 +02:00
Jens L c1615d044b
web/flows: update flow background (#5222) 2023-04-10 19:33:29 +02:00
Jens L f84c176bd0
web/admin: fix sidebar avatar not loaded (#5184) 2023-04-05 15:49:18 +02:00
Jens L 7c7bb9dc2e
web/admin: fix ldap form when editing scim provider from view page (#5164) 2023-04-04 12:42:18 +02:00
sdimovv 6192d01b7e
stages: Add ability to set user friendly names for MFA stages (#5005)
* Added ability to name MFA stage

* Schema

* Changed Charfield to Textfield

* Regenerated schema

* Add explicit required

* set null instead of blank so title check works

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add help text and adjust wording

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-02 16:52:44 +02:00
Jens L 2084156f1d
web: only show debug locale if debug mode is enabled (#5111)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-28 20:49:40 +02:00
Jens L b9754f9c13
web/user: rework search (#5107)
closes #5106

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-28 14:09:55 +02:00
Jens L a7fc579202
web/admin: show warning when adding user to superuser group (#5091)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-27 16:27:34 +02:00
Jens L 5c0d7f9a58
web/admin: fix error when creating bindings due to hidden inputs (#5081)
* web/admin: fix error when creating bindings due to hidden inputs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-26 18:58:02 +02:00
Jens L 6437fbc814
web/admin: prompt preview (#5078)
* add initial prompt preview

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve error handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't flood api with requests when fields are changeed

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-25 22:31:48 +01:00
risson 1957717160
providers: Add ability to choose a default authentication flow (#5070)
* core: add ability to choose a default authentication flow for a provider

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* update web to use correct ak-search-select

I don't think this element existed when the PR was initially created, lol

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only use provider authentication flow for authentication designation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-24 13:26:00 +01:00
Jens L b3dd87bbab
web: remove more until (#5057)
* more cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't dynamically import duo form

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix import

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* properly send evens when tab isn't switched

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix loop on tabs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't bubble tab events

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove most other uses of until()

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup user settings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only use stale for issues

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-23 23:16:26 +01:00
Jens L 14f0034a0a
web/elements: only render form once instance is loaded (#5049)
* web/elements: only render form once instance is loaded

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use radio for transport

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only wait for instance to be loaded if set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add hook to load additional data in form

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make send an abstract function instead of attribute

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ensure form is updated after data is loaded

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove until for select and multi-selects in forms

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't use until for file uploads

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove last until from form

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove deprecated import

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* prevent form double load, add error handling for PreventFormSubmit

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix double creation of inner element in proxy form

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make PreventFormSubmit work correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-23 14:05:14 +01:00
sdimovv 6b42e404bf
stages/prompt: Fix dropdown invalid choice (#5046) 2023-03-22 21:25:13 +01:00
Jens L 9abd4b3e14
web/admin: fix error listing blueprints with missing metadata (#5041)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-22 10:21:27 +01:00