authentik

Commit Graph

Author	SHA1	Message	Date
Jens L	228197ea5e	website/docs: update 2023.5 release notes (#5526 ) * website/docs: update 2023.5 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-12 13:45:25 +02:00
Jens L	61434c807d	stages/identification: auto-redirect to source when no user fields are selected (#5583 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-11 16:52:30 +02:00
risson	7265a56f05	root: switch sentry dsn to our relay (#5494 ) Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2023-05-11 15:24:38 +02:00
Jens L	c68a42f63b	website/docs: improve docs for OAuth2 device code flow (#5570 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-10 20:58:31 +02:00
Jens L	3704f4ccf4	core: disallow username and email changes by default (#5571 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-10 20:57:57 +02:00
Jens L	8215ee19c6	events: include event user in webhook notification (#5524 ) * events: include event user in webhook notification Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update other transports Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-08 15:34:21 +02:00
Jens L	7acd0558f5	core: applications backchannel provider (#5449 ) * backchannel applications Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add webui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include assigned app in provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve backchannel provider list display Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make ldap provider compatible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show backchannel providers in app view Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make backchannel required for SCIM Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-05-08 15:29:12 +02:00
Jens L	9f4be4d150	blueprints: support setting file URLs in blueprints (#5510 ) * blueprints: support setting file URLs in blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make new fields not required Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include conditional fields in schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-08 15:07:00 +02:00
Jens L	4601864f94	web/admin: add toggle to hide deactivated users (#5419 ) * web/admin: add toggle to hide deactivated users Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make default user path configurable Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-03 15:09:10 +03:00
Jens L	5970a6e2a2	events: always run policies for notification rules even if no group is selected (#5353 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-23 19:10:22 +03:00
Bardi Harborow	5c8f024d12	website: add documentation for AUTHENTIK_REDIS__TLS (#5349 ) * website: add documentation for AUTHENTIK_REDIS__TLS Signed-off-by: Bardi Harborow <bardi@bardiharborow.com> * add tls reqs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Bardi Harborow <bardi@bardiharborow.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-04-23 11:37:53 +03:00
Patrick Hofmann	428daa5323	website/docs: Update terminology.md (#5350 ) Signed-off-by: Patrick Hofmann <patrick@ph89.de>	2023-04-23 11:32:01 +03:00
Jens L	d4e502fdf5	ci: bump setup-node version (#5340 ) * ci: bump setup-node version Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set skip-pkg-cache Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix failing codeQL Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix airgapped avatars Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 15:45:41 +03:00
Bojan Bogojevic	05b2fb5ec1	root: Change docker-compose HTTP and HTTPS port variables (#5335 ) * Clarify that COMPOSE_PORT_ changes exposed ports Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com> * Change AUTHENTIK_PORT to COMPOSE_PORT Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com> * Change AUTHENTIK_PORT to COMPOSE_PORT Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com> * Add hint to Configuration for internal ports Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com> * dont use different env syntaxes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add changelog entry Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 14:54:40 +03:00
Jens L	bb92c4a967	providers/ldap: remove deprecated fields (#5154 ) * providers/ldap: remove deprecated fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 14:10:24 +03:00
Jens L	367f86ecfb	root: optimise healthchecks (#5337 ) * tests: remove redundant healthchecks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * internal: do healthcheck within proxy instead of wget to use correct port Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tags Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 13:32:48 +03:00
Jens L	e75e2cf324	website/docs: flow context docs (#5243 ) * add flow context docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup some redundant things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * added more section headers * tweaked new headings * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * add more keys, use dedicated prefix for internal keys Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set toc_max_heading_level: 5 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update datatypes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more consistent header Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/flow/context/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/flow/context/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/flow/context/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana Berry <tana@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-04-20 17:31:34 +00:00
Jens L	34e9af57fe	website/integrations: switch default gitlab name identifier (#5321 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io> #5312	2023-04-20 19:47:41 +03:00
Andre Mainka	7d64ec5066	website/docs: minor outpost adaptions (#5308 ) * update configuration link * Update Outposts list * fix formatting Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-04-19 12:29:27 +02:00
sdimovv	ee6edec1d8	stages/prompt: Add initial_data prompt field and ability to select a default choice for choice fields (#5095 ) * Added initial_value to model * Added initial_value to admin panel * Added initial_value support to flows; updated tests * Updated default blueprints * update docs * Fix test * Fix another test * Fix yet another test * Add placeholder migration * Remove unused import	2023-04-19 12:27:51 +02:00
Jens L	1893626e04	website/docs: clear up radius provider (#5263 ) * website/docs: clear up radius provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/providers/radius/index.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-04-18 10:42:42 +02:00
Jens L	edb2aa2db5	website/docs: 2023.4.1 release notes (#5281 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-18 10:11:59 +02:00
Tana M Berry	3ab9ee5acc	website/docs: separate docker steps (#5246 ) * separated steps for macs * fixed formatting * fixed formatting harder * two passwords * tweaks * separated error logging step * comments in wrong place --------- Co-authored-by: Tana Berry <tana@goauthentik.io>	2023-04-14 17:04:09 -05:00
Jens L	55ad2d7eab	website/docs: add helm RBAC notice (#5255 ) website/docs: add helm notice Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-14 13:21:05 +02:00
Jens L	c08c849fec	website: fix doc build (#5242 ) * ci: run both builds Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-13 17:20:44 +02:00
Jens L	67644ace87	website/docs: prepare 2023.4 release notes (#5223 ) * website/docs: prepare 2023.4 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add prompt preview Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * Update website/docs/releases/2023/v2023.4.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * add new release to sidebar Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-04-13 14:11:46 +02:00
Jens L	977757f561	policies: provider raw result for better policy reusability (#5189 ) * policies: include raw_result in PolicyResult Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move ak_call_policy to base evaluator Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-06 09:42:29 +02:00
Ongy	adcd11b1f8	core: extend postgres configuration (#5138 ) Add postgres configuration options to control TLS verification and client certificates.	2023-04-02 17:39:36 +02:00
Jens L	89abc99dc0	website/docs: prepare 2023.4 release notes (#5083 ) * website/docs: prepare 2023.4 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/releases/_template.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-28 12:05:44 +02:00
sdimovv	9a52d8db83	website/stages/prompt: Update new prompt fields docs (#5055 ) * Update docs Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Update index.md Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> --------- Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>	2023-03-23 16:59:01 +01:00
Tana M Berry	cafff808ab	website/docs: "productive" to "production" term change and version info (#5010 ) * production site change and version info * changed future tense to present tense * fixed section about .env file * removed code block with port info --------- Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local>	2023-03-21 09:04:50 -05:00
Jens L	3f5effb1bc	providers/radius: simple radius outpost (#1796 ) * initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use search-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ip with port being sent to delegated ip Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add radius tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 16:54:35 +01:00
sdimovv	8b52d711e8	stages/prompt: Add Radio Button Group, Dropdown and Text Area prompt fields (#4822 ) * Added radio-button prompt type in model * Add radio-button prompt * Refactored radio-button prompt; Added dropdown prompt * Added tests * Fixed unrelated to choice fields bug causing validation errors; Added more tests * Added description for new prompts * Added docs * Fix lint * Add forgotten file changes * Fix lint * Small fix * Add text-area prompts * Update authentik/stages/prompt/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Update authentik/stages/prompt/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Fix inline css * remove AKGlobal, update schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L. <jens@beryju.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-19 18:56:17 +01:00
Jens L	4da18b5f0c	website/docs: improve docs for configuring event retention (#5002 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io> #2723	2023-03-19 18:56:03 +01:00
Jens L	b69c26d485	website: use slider on docs, add flow images (#4997 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-18 16:21:30 +01:00
Tana M Berry	e13cfec84f	website/docs: added content to Welcome page (#4996 ) * added content to Welcome page * minor tweak * typos * Update website/docs/index.md Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/index.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local> Co-authored-by: Jens L. <jens@goauthentik.io>	2023-03-18 16:12:46 +01:00
Jens L	19ff8129e5	website/docs: prepare 2023.3.1 release notes (#4976 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-16 18:09:30 +01:00
Jens L	eaf56f4f3f	stages/user_login: stay logged in (#4958 ) * add initial remember me offset Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to go executor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ui for user login stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 20:21:05 +01:00
Tana M Berry	bbdb0df42e	website/docs: capitalization and clarifications (#4948 ) * capitalization and clarifications * minor edits * Update website/docs/installation/docker-compose.md Co-authored-by: Jens L. <jens.langhammer@beryju.org> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/installation/docker-compose.md Co-authored-by: Jens L. <jens.langhammer@beryju.org> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local> Co-authored-by: Jens L. <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 11:19:03 -05:00
Thomas McWork	5375637eda	website/docs: Fix detail and improve latest changelog regarding SCIM (#4955 ) * Fix detail and improve latest changelog regarding SCIM I found the wording confusing ("sync from" vs. "sync into" as being used in the docs) Signed-off-by: Thomas McWork <thomas.mc.work@posteo.de> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Thomas McWork <thomas.mc.work@posteo.de> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 11:35:07 +01:00
Tana M Berry	8b7a92068b	website/docs: forward-auth page, add list of links (#4937 ) * add list of links * added commas * fix build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-14 07:45:49 -05:00
Tana M Berry	75794defc6	website/docs: capitalization of product names (#4922 ) Docker and Traefik: for product names we need to follow their brand. Exception is with command lines, etc that are often not capitalized. Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-13 17:10:21 -05:00
Jens L	b46048e74f	website/docs: final 2023.3 release notes (#4923 ) * website/docs: final 2023.3 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-13 18:30:11 +01:00
Jens L	bf7dc5df78	website/docs: separate pages for each webserver (#4911 ) * website/docs: separate pages for each webserver Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-13 17:29:51 +01:00
support-tt	7618c2e45f	website/docs: improve traefik standalone docs (#4493 ) * Create _traefik_standalone_single_application.md Example for Authentik Single Application Proxy with Service example because this was unclear for many users and if you dont create a middleware for every application you get the error "no app for hostname". Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com> * Update _traefik_standalone_single_application.md Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com> * rename to old file Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-10 13:45:41 -06:00
Jens L	06fb81410b	website/docs: fix layout for preview annotation (#4899 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-10 17:38:32 +01:00
Jens L	5732fc0c2e	website/docs: prepare 2023.3 release notes (#4889 ) * website/docs: prepare 2023.3 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * add better docs for custom css Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-10 17:33:59 +01:00
Jens L	b6b820f6f1	web: toggle dark/light theme manually (#4876 )	2023-03-09 23:17:53 +01:00
Jens L	6ae2fc9668	providers/SCIM: customizable externalId, document behavior (#4868 ) * only set externalId if mapping hasn't set it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better document use of SCIM in conjunction with OAuth/SAML Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-08 00:15:16 +01:00
Tana M Berry	34f01d3731	website/docs: fix typo (#4867 ) Update index.mdx Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-07 23:53:05 +01:00
Jens L	9559bc2e1e	providers/scim: add option to filter out service accounts, parent group (#4862 ) * add option to filter out service accounts, parent group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to filter group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework sync card to show scim sync status Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 15:39:48 +01:00
Tana M Berry	f6a8b3d568	website/docs: Corrected typo and added Note about port number if using Istio/Kubern… (#4851 ) * Corrected typo and added Note about port number if using Istio/Kubernetes @BeryJu I was reading [this article](https://prevue.ch/news/2022-10-11-istio-authentik/) about a fellow setting up authentik, using Istio and Kubernetes. I wanted to somehow add a heads up about the port number, but I am not confident that I got it right. Is it only if there are custom decisions being made that the port number has to be for the cluster? Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/providers/proxy/forward_auth.mdx Signed-off-by: Jens L. <jens@beryju.org> * fix lint error Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-06 19:28:40 +00:00
Jens L	28ddeb124f	providers: SCIM (#4835 ) * basic user sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group sync and some refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow null authorization flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task monitored Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing dependency Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make authorization_flow required for most providers via API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task result better readable, exclude anonymous user Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add task UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scheduled task for all sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make scim errors more readable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mappings, migrate to mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mapping UI and more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim docs to web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start implementing membership Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate signals to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate fully to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * strip none keys, fix lint errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix saml Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim schemas and validate against it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group put support, add group tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * send correct application/scim+json headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * stop sync if no mappings are confiugred Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for task sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add membership tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use decorator for tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make tests better Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-06 19:39:08 +01:00
Jens L	e47bbe63b8	website/docs: update release notes (#4833 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-02 20:27:51 +01:00
Jens L	972dce1462	security: fix CVE-2023-26481 (#4832 ) fix CVE-2023-26481 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-02 20:15:33 +01:00
sdimovv	a6eba37d5a	core: Add `resolve_dns` and `reverse_dns` functions to evaluator (#4769 ) * Add resolve_dns * Add reverse_dns * Fix lint * add caching, small optimisation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Added time-aware LRU cache --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-01 22:15:13 +01:00
Jens L	5e60db8593	providers/oauth2: fix typo (#4803 )	2023-02-27 17:17:48 +01:00
Jens L	39d0893303	flows: change default flow stage binding settings (#4784 ) * flows: change default flow stage binding settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fallback to correct value Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-27 15:21:26 +01:00
Jens L	596ff529c4	core: bootstrap email (#4788 )	2023-02-26 17:02:45 +01:00
roche-quentin	cd99b6e48f	providers/ldap: making ldap compatible with synology (#4694 ) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 15:26:41 +01:00
sdimovv	51c6a14786	providers/ldap: Improve compatibility with LDAP clients (#4750 ) * Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-' * Leave old fields for now for backward compatibility * Add forgotten depreceated field * Fix tests * Fix tests * use shorter attribute names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sanitize attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep both sanitized and unsanitized user fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sanitized fields to test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:18:22 +01:00
Jens L	122055b38b	stages/user_login: terminate others (#4754 ) * rework session list Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use sender filtering for signals when possible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add terminate_other_sessions Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:09:28 +01:00
Jens L	b61d181ec7	website/docs: add better explanation for goauthentik.io/user/token-ex… (#4755 ) website/docs: add better explanation for goauthentik.io/user/token-expires closes #4727	2023-02-22 13:24:04 +01:00
Jens Langhammer	2c78053631	website/docs: add release note titles Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-21 12:27:24 +01:00
Jens Langhammer	17364c3bd8	website/docs: add 2023.2.2 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 20:34:25 +01:00
Jens Langhammer	19f5e6e07e	website/docs: update events page Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 16:44:13 +01:00
Jens Langhammer	7d6b573f8b	website: migrate to mermaid charts, rework proxy page Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 12:14:17 +01:00
Jens Langhammer	c340830b37	website/docs: prepare 2023.2.1 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-14 18:19:02 +01:00
Jens Langhammer	cf36da2e5d	website/docs: prepare 2023.2 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-12 17:44:53 +01:00
sdimovv	b69e55eae9	core: Add support for auto generating unique avatars based on the user's initials (#4663 )	2023-02-12 16:35:17 +01:00
Jens L	af43330fd6	providers/oauth2: rework OAuth2 Provider (#4652 ) * always treat flow as openid flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve issuer URL generation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactoring Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update introspection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refinement Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more things, update api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * regen migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start updating tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix implicit flow, auto set exp Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix timeozone not used correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix revoke Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more timezone shenanigans Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix userinfo tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing at_hash for implicit flows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-include at_hash in implicit auth flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use folder context for outpost build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-09 20:19:48 +01:00
Jens Langhammer	a7cf454760	web/admin: add notice for user_login stage session cookie behaviour Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-08 14:18:52 +01:00
Jens Langhammer	7a85038c11	website/docs: prepare 2023.2 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-07 22:52:29 +01:00
Jens Langhammer	3170b2f92c	providers/proxy: add token support for basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-07 22:50:49 +01:00
Melvin Snijders	547c01f481	website/docs: update Caddy docs to include HTTPS proxying (#4316 ) Update Caddy documentation to include HTTPS proxying Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>	2023-02-03 14:43:13 +01:00
Jens L	7d4ce41e12	providers/proxy: outpost wide logout implementation (#4605 ) * initial outpost wide logout implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle deserialize error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix file cleanup, add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 21:18:59 +01:00
Jens Langhammer	cadb710c38	website/docs: add troubleshooting for CSRF Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 11:09:03 +01:00
Skyler Mäntysaari	c2b4d14af5	website/docs: Add note for firefox about FIDO and TouchID (#4552 ) * docs(passwordless): Make sure to include a warning Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com> * add notice for firefox touchID Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-01-28 22:45:51 +01:00
Jens Langhammer	b99afd82b2	stages/user_write: fix migration setting wrong value, fix form Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-23 14:38:26 +01:00
Jens Langhammer	446dc0a17b	website/docs: prepare 2023.1.1 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-20 14:25:20 +01:00
Jens Langhammer	3a59b75f4a	website/docs: update ldap provider docs Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-20 11:46:57 +01:00
Jens L	98485c528e	ci: build beta for amd64 and arm64 (#4468 ) * ci: build for arm64, but independently Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add notice to beta Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-19 21:41:56 +01:00
Jens Langhammer	59be3c7746	website/docs: add docs for validating phone numbers before SMS enrollment Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-19 17:57:52 +01:00
Jens Langhammer	97acc77e0a	website/docs: update 2023.1 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-18 15:25:58 +01:00
Jens Langhammer	eb1e0427c1	website/docs: add missing user uid field Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-18 15:22:06 +01:00
Jens L	23c69c456a	providers/proxy: add setting to intercept authorization header (#4457 ) * add setting to intercept authorization header Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to intercept_header_auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 18:56:48 +01:00
Jens L	c73fce4f58	sources/ldap: manual import (#4456 ) * events: fix task UID Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ldap sync command Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 12:21:33 +01:00
Jens Langhammer	19ee98b36d	outposts/proxy: allow setting no-redirect via header or query param closes #4455 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 10:56:43 +01:00
Jens Langhammer	07767c9376	website/docs: add disclaimer to beta page that downgrade isn't supported Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-16 10:44:42 +01:00
Jens Langhammer	d31e566873	outposts/proxy: add header to prevent redirects Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 22:18:25 +01:00
Jens Langhammer	b6b97f4706	website/docs: update 2023.1 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:32:34 +01:00
Jens L	cd12e177ea	providers/proxy: add initial header token auth (#4421 ) * initial implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for openid/profile claims Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include jwks sources in proxy provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add web ui for jwks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only show sources with JWKS data configured Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix introspection tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start basic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs, update admonitions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add client_id to api, add tab for auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:22:03 +01:00
Jens Langhammer	d3e2f41561	website/docs: fix typo Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-09 13:13:41 +01:00
Jens Langhammer	bec538c543	sources/ldap: make task timeout adjustable closes #4375 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-06 12:37:59 +01:00
Jens L	2604dc14fe	providers/ldap: add code-MFA support for ldap provider (#4354 ) * add code support for ldap provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * only try to extract code when auth validator stage is encountered Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use parseint instead Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 18:32:06 +01:00
Jens L	a960ce9454	stages/user_write: add more user creation options (#4367 ) * add more user creation options Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update blueprints and docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 15:46:20 +01:00
Jens L	e6b5810e03	polices/hibp: remove deprecated (#4363 ) * remove hibp Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * don't save event matcher apps in migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs, update some phrasing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 13:19:26 +01:00
Jens Langhammer	ed3f36e72a	website/docs: update redirect docs closes #4248 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 12:38:38 +01:00
Jens Langhammer	1efc7eecbf	website/docs: add metrics for monitoring and metrics closes #4308 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 20:49:35 +01:00
Jens L	dc1359a763	providers/saml: initial SLO implementation (#2346 ) * providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 19:45:31 +01:00
Jens Langhammer	c4bb51469b	website/docs: prepare 2022.12.2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 10:15:15 +01:00
Jens Langhammer	82184b2882	web/flows: fix alternate captchas not loading closes #4321 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-01 18:49:41 +01:00
Jens Langhammer	c8bd0fbb1c	website/docs: prepare 2022.12.1 release Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-29 23:59:05 +01:00
Jens Langhammer	c99798b1f2	website/docs: update release notes, remove duplicate files Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-29 23:28:15 +01:00
Jens Langhammer	0e6400bfea	web/admin: improve user/group UX for adding/removing users to and from groups Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-28 12:55:38 +01:00
Jens Langhammer	b16d1134ea	core: add endpoints to add/remove users from group atomically closes #4252 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-28 10:50:30 +01:00
Jens Langhammer	1615723f10	website/docs: update release notes for 2022.12 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-27 14:10:38 +01:00
sev	f9b46145de	website/docs: Clarify request.user and add link to Django docs (#4287 ) * Clarify request.user and add link to doc Signed-off-by: sev <git@sev.monster> * rephrase a bit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: sev <git@sev.monster> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-27 14:10:30 +01:00
Jens Langhammer	7046944bf6	website: link CVE and attribute reporter Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-25 14:17:17 +01:00
Jens Langhammer	716584bbae	website: update release notes for CVEs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 14:21:02 +01:00
Jens L	9f846d94be	security: fix CVE 2022 23555 (#4274 ) * add flow to invitation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * show warning on invitation page Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add security advisory Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 14:13:49 +01:00
Jens L	84fbeb5721	security: fix CVE 2022 46172 (#4275 ) * fallback to current user in user_write, add flag to disable user creation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update api and web ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update default flows Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add cve post to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 14:12:58 +01:00
Jens Langhammer	42c278b4f8	root: migrate to hosted sentry with rate-limited DSN Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 11:18:26 +01:00
Jens L	c635487210	blueprints: better OCI support in UI (#4263 ) use oci:// prefix to detect oci blueprint, add UI support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-22 18:49:25 +01:00
Jens Langhammer	28eb7c03fa	website/developer-docs: add templates for announcing fixed security release Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-22 16:13:21 +01:00
Jens Langhammer	423776c7a2	website/docs: prepare 2022.12 release Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-21 21:58:57 +01:00
Jens L	609f95ac97	providers: add preview for mappings (#4254 ) * preview Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: show provider page on application page Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use oauth2 end session url instead of direct interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * dont show provider page on application page for now Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add UI for preview Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * translate and release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate saml api files Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-21 12:13:11 +01:00
Jens L	f4990bb5da	core: bundle geoip (#4250 ) * bundle geoip Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * correctly pass secrets Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add geoip docs and release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-20 22:09:30 +01:00
Jens Langhammer	9d5b9204fc	web/admin: rework markdown, correctly render Admonitions, fix links Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-19 12:48:02 +01:00
Jens Langhammer	3418943949	root: allow custom settings via python module Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-15 10:59:14 +01:00
Jens Langhammer	1dfc0b2e93	website/docs: update flow context variables Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-13 14:37:37 +00:00
Jens Langhammer	0995658ca6	website/docs: add note for possibly blocked SMTP ports closes #4192 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-13 11:13:52 +00:00
Jens Langhammer	49bd028363	website/docs: update release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-03 13:10:16 +02:00
Jens L	db95dfe38d	security: fix CVE 2022 46145 (#4140 ) * add flow authentication requirement Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add website for cve Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: handle FlowNonApplicableException without policy result Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-02 16:14:25 +01:00
Alex Wigen	4e04461820	website/docs: Change Kubernetes ingress apiVersion out of beta (#4099 ) * Change Kubernetes ingress apiVersion out of beta * fix lint Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-28 16:42:59 +01:00
Jens Langhammer	147ebf1a5e	root: rework and expand security policy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-28 12:10:53 +01:00
John Arrandale	501d63b3aa	website/docs: add notice for unique Base DN (#4073 ) * providers/ldap: updates documentation related to issue #4038 Signed-off-by: John Arrandale <bootsie227@gmail.com> * providers/ldap: adheres to the CI prettier-check Signed-off-by: John Arrandale <bootsie227@gmail.com>	2022-11-24 20:52:13 +01:00
Jens Langhammer	ab0f8d027d	website/docs: add 2022.11.1 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-22 21:17:05 +01:00
Jens Langhammer	1efc0c1242	website/docs: update changelog Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-21 19:37:28 +01:00
Jens L	276af8457d	root: make sentry DSN configurable (#4016 ) * make sentry DSN configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * make proxy smarter Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix typo in config struct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 16:05:29 +01:00
Jens L	55aa1897af	root: use single redis db (#4009 ) * use single redis db Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ensure __str__ always returns string Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix remaining old prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 14:31:29 +01:00
Jens L	88594075b2	policies/password: merge hibp add zxcvbn (#4001 ) * initial zxcvbn Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api and port tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api diff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-14 14:42:43 +01:00
Jens L	ffe6f65af5	outposts/kubernetes: ingress class (#4002 ) * add support for ingressClassName Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add option to disable ssl verification for k8s controller Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-14 14:24:11 +01:00
sdimovv	d2bbcc0e1e	website/docs: Fix small error in Invitation stage docs (#3997 ) The `.get` is there to ensure the policy won't throw an error if the key is not there (which can happen if the policy is executed before an Invitation stage). Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>	2022-11-14 09:54:25 +01:00
dependabot[bot]	4095c422df	core: bump python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye (#3864 ) * core: bump python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye Bumps python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye. --- updated-dependencies: - dependency-name: python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * bump project Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * bump deps Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * bump ci to 3.11 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix formatting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-13 14:20:55 +01:00
Jens Langhammer	ac2e85c003	website/docs: fix 404s on ldap provider docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-06 00:01:38 +01:00
Jens Langhammer	c157030905	website/docs: remove old banner, fix nginx formatting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-01 17:12:16 +01:00
Jens Langhammer	77a67dcbc1	website/docs: prepare 2022.10.1 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-28 23:08:55 +02:00
Jens Langhammer	8d7ce49101	website/docs: add docs for using email templates with helm chart closes #3891 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-28 23:06:10 +02:00
Jens Langhammer	7004cb1c91	website/docs: add notice for TOTP issuer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-22 17:11:20 +02:00
Jens Langhammer	fa08e2c7bf	website/docs: update 2022.10 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-21 18:24:25 +02:00
Jens L	cfad472e1b	flows: optimise queries (#3818 ) * flows: optimise flow queries Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * index source on slug and name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * binding index Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add policy parent index Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup old migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release note to upgrade Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 22:53:07 +02:00
Jens Langhammer	6882445937	*: handle PermissionError when saving files, ensure permission bits are set correctly closes #3817 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 20:24:28 +02:00
Jens Langhammer	c22dae868c	website/docs: update 2022.10 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 10:44:28 +02:00
Rob	895658e7a3	website/integrations: add Organizr integration (#3802 ) * Add new integration application category for Dashboard and initialize organizr service template * added images and additional info for organizr integration * alphabetized application integration categories * alphabetized integration federation and social login categories * forgot to make website-lint-fix :/ * revert mention of organizr in generic setup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 10:28:48 +02:00
Jens Langhammer	bb43c49b1e	website/docs: fix passwordless docs, cross-link both closes #3803 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 21:38:01 +02:00
Rob	10cfccd999	website/docs: add General Setup instructions for LDAP Provider (#3680 ) * Added General Setup instructions for LDAP Provider * Added General Setup instructions for LDAP Provider and updated relative links * updated LDAP Outpost note verbiage * Corrected the case for LDAP and renamed to Generic Setup * removed ldapsearch example from index page * updated verbiage around multifactor authentication * removed note about local LDAP provider * updated sidebar to reflect generic_setup * updated logging info * corrected typo * updated stage creation instructions and screenshot * corrected another typo * corrected another typo * reword some things Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-16 14:57:57 +00:00
Jens Langhammer	77f6926a41	website/docs: prepare 2022.10 release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-14 17:23:23 +02:00
Jens L	79e8b72569	flows: always show flow inspector in debug mode, don't require admin in debug (#3786 ) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-14 15:44:59 +02:00
Philipp Kolberg	2980c5884f	root: Add setting to adjust database config for pgbouncer (#3769 ) * Add setting to adjust database config for pgbouncer * docker-compose.yml cleanup Delete pgbouncer setting as false is the default value * Cleanup docker-compose.yml Also remove use_pgbouncer option in server section	2022-10-14 11:53:24 +02:00

1 2 3 4 5 ...

952 Commits