Commit graph

13343 commits

Author SHA1 Message Date
Ken Sternberg fef7892821 web: localization
This package contains all the localization strings needed by all of the other packages in our
application, and provides tooling for making them available as JavaScript translation catalogs
suitable for `lit-localize`. It does this by scanning the source trees of all of the packages and
assembling the complete list of translatable (and already translated) strings into the `./xliff`
folder.

Commands provided:

- extract-locales: extracts any string tagged as translatable (i.e., with the `msg(...)` syntax) and
  integrates any newfound strings into the existing XLIFF files. Also: reprocesses the
  `sourceLocale` file to create a pseudolocale for testing purposes. (This must be done
  sequentially, as the `sourceLocale` file must be built before the conversion takes place.)
- build: Convert XLIFF to Typescript, compile, lint, and format. The `lint` pass is especially
  important as it enforces the "backquotes to doublequotes when no template in use" rule, and the
  `format` pass must always come last to ensure our committed code matches our standard.
- clean: Delete the `dist` and `src` folders, as well as the constructed `.mjs` file for
  pseudolocalization.

Due to the circular nature of translation's dependencies (*every* package must be scanned for new
strings, and if there are new strings, *every* package must then be rebuilt), extraction is not
performed automatically. This introduces the risk that a developer may not run the extraction and
test as needed. The reminder in the GitHub pull request template is there for a reason.

If you add a new package to the monorepo and it has strings that need translating, you must add it
to the list of `inputFiles` scanned in `lit-localize.json`.

---

(p.s.: The content you just read is also in the README file for this package.)
2024-01-09 14:14:25 -08:00
Ken Sternberg 5d3d2a2548 Added a 'clean' pass. 2024-01-09 13:06:10 -08:00
Ken Sternberg 3aae23e23f The user's URL options should (must!) override the brand-local request. 2024-01-09 11:12:23 -08:00
Ken Sternberg 058cdc5180 Pure build version of locales. No "src", no "dist"; just the locale files and instructions on building them. 2024-01-09 11:11:53 -08:00
Ken Sternberg a241ef03cb Still refining the build process. 2024-01-09 09:04:02 -08:00
Ken Sternberg 4eec37d4d1 raw moves toward isolating localization 2024-01-08 15:49:06 -08:00
Ken Sternberg b053c17fb0 Merge branch 'main' into web/monorepo-stage-1
* main:
  web: Replace  calls to `rootInterface()?.tenant?` with a contextual `this.tenant` object (#7778)
  web: abstract `rootInterface()?.config?.capabilities.includes()` into `.can()` (#7737)
2024-01-08 15:44:50 -08:00
Ken Sternberg a2dce3fb63
web: Replace calls to rootInterface()?.tenant? with a contextual this.tenant object (#7778)
* This commit abstracts access to the object `rootInterface()?.config?` into a single accessor,
`authentikConfig`, that can be mixed into any AKElement object that requires access to it.

Since access to `rootInterface()?.config?` is _universally_ used for a single (and repetitive)
boolean check, a separate accessor has been provided that converts all calls of the form:

``` javascript
rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate)
```

into:

``` javascript
this.can(CapabilitiesEnum.CanImpersonate)
```

It does this via a Mixin, `WithCapabilitiesConfig`, which understands that these calls only make
sense in the context of a running, fully configured authentik instance, and that their purpose is to
inform authentik components of a user’s capabilities. The latter is why I don’t feel uncomfortable
turning a function call into a method; we should make it explicit that this is a relationship
between components.

The mixin has a single single field, `[WCC.capabilitiesConfig]`, where its association with the
upper-level configuration is made. If that syntax looks peculiar to you, good! I’ve used an explict
unique symbol as the field name; it is inaccessable an innumerable in the object list. The debugger
shows it only as:

    Symbol(): {
        cacheTimeout: 300
        cacheTimeoutFlows: 300
        cacheTimeoutPolicies: 300
        cacheTimeoutReputation: 300
        capabilities: (5) ['can_save_media', 'can_geo_ip', 'can_impersonate', 'can_debug', 'is_enterprise']
    }

Since you can’t reference it by identity, you can’t write to it. Until every browser supports actual
private fields, this is the best we can do; it does guarantee that field name collisions are
impossible, which is a win.

The mixin takes a second optional boolean; setting this to true will cause any web component using
the mixin to automatically schedule a re-render if the capabilities list changes.

The mixin is also generic; despite the "...into a Lit-Context" in the title, the internals of the
Mixin can be replaced with anything so long as the signature of `.can()` is preserved.

Because this work builds off the work I did to give the Sidebar access to the configuration without
ad-hoc retrieval or prop-drilling, it wasn’t necessary to create a new context for it. That will be
necessary for the following:

TODO:

``` javascript
rootInterface()?.uiConfig;
rootInterface()?.tenant;
me();
```

* This commit abstracts access to the object `rootInterface()?.tenant?` into a single accessor,
`tenant`, that can be mixed into any AKElement object that requires access to it.

Like `WithCapabilitiesConfig` and `WithAuthentikConfig`, this one is named `WithTenantConfig`.

TODO:

``` javascript
rootInterface()?.uiConfig;
me();
```

* web: Added a README with a description of the applications' "mental model," essentially an architectural description.

* web: prettier did a thing

* web: prettier had opinions about the README

* web: Jens requested that subscription be  by default, and it's the right call.

* web: Jens requested that the default subscription state for contexts be , and it's the right call.

* web: prettier having opinions after merging with dependent branch

* web: prettier still having opinions.
2024-01-08 13:03:00 -08:00
Ken Sternberg d555c0db41
web: abstract rootInterface()?.config?.capabilities.includes() into .can() (#7737)
* This commit abstracts access to the object `rootInterface()?.config?` into a single accessor,
`authentikConfig`, that can be mixed into any AKElement object that requires access to it.

Since access to `rootInterface()?.config?` is _universally_ used for a single (and repetitive)
boolean check, a separate accessor has been provided that converts all calls of the form:

``` javascript
rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate)
```

into:

``` javascript
this.can(CapabilitiesEnum.CanImpersonate)
```

It does this via a Mixin, `WithCapabilitiesConfig`, which understands that these calls only make
sense in the context of a running, fully configured authentik instance, and that their purpose is to
inform authentik components of a user’s capabilities. The latter is why I don’t feel uncomfortable
turning a function call into a method; we should make it explicit that this is a relationship
between components.

The mixin has a single single field, `[WCC.capabilitiesConfig]`, where its association with the
upper-level configuration is made. If that syntax looks peculiar to you, good! I’ve used an explict
unique symbol as the field name; it is inaccessable an innumerable in the object list. The debugger
shows it only as:

    Symbol(): {
        cacheTimeout: 300
        cacheTimeoutFlows: 300
        cacheTimeoutPolicies: 300
        cacheTimeoutReputation: 300
        capabilities: (5) ['can_save_media', 'can_geo_ip', 'can_impersonate', 'can_debug', 'is_enterprise']
    }

Since you can’t reference it by identity, you can’t write to it. Until every browser supports actual
private fields, this is the best we can do; it does guarantee that field name collisions are
impossible, which is a win.

The mixin takes a second optional boolean; setting this to true will cause any web component using
the mixin to automatically schedule a re-render if the capabilities list changes.

The mixin is also generic; despite the "...into a Lit-Context" in the title, the internals of the
Mixin can be replaced with anything so long as the signature of `.can()` is preserved.

Because this work builds off the work I did to give the Sidebar access to the configuration without
ad-hoc retrieval or prop-drilling, it wasn’t necessary to create a new context for it. That will be
necessary for the following:

TODO:

``` javascript
rootInterface()?.uiConfig;
rootInterface()?.tenant;
me();
```

* web: Added a README with a description of the applications' "mental model," essentially an architectural description.

* web: prettier had opinions about the README

* web: Jens requested that subscription be  by default, and it's the right call.

* This commit abstracts access to the object `rootInterface()?.config?` into a single accessor,
`authentikConfig`, that can be mixed into any AKElement object that requires access to it.

Since access to `rootInterface()?.config?` is _universally_ used for a single (and repetitive)
boolean check, a separate accessor has been provided that converts all calls of the form:

``` javascript
rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate)
```

into:

``` javascript
this.can(CapabilitiesEnum.CanImpersonate)
```

It does this via a Mixin, `WithCapabilitiesConfig`, which understands that these calls only make
sense in the context of a running, fully configured authentik instance, and that their purpose is to
inform authentik components of a user’s capabilities. The latter is why I don’t feel uncomfortable
turning a function call into a method; we should make it explicit that this is a relationship
between components.

The mixin has a single single field, `[WCC.capabilitiesConfig]`, where its association with the
upper-level configuration is made. If that syntax looks peculiar to you, good! I’ve used an explict
unique symbol as the field name; it is inaccessable an innumerable in the object list. The debugger
shows it only as:

    Symbol(): {
        cacheTimeout: 300
        cacheTimeoutFlows: 300
        cacheTimeoutPolicies: 300
        cacheTimeoutReputation: 300
        capabilities: (5) ['can_save_media', 'can_geo_ip', 'can_impersonate', 'can_debug', 'is_enterprise']
    }

Since you can’t reference it by identity, you can’t write to it. Until every browser supports actual
private fields, this is the best we can do; it does guarantee that field name collisions are
impossible, which is a win.

The mixin takes a second optional boolean; setting this to true will cause any web component using
the mixin to automatically schedule a re-render if the capabilities list changes.

The mixin is also generic; despite the "...into a Lit-Context" in the title, the internals of the
Mixin can be replaced with anything so long as the signature of `.can()` is preserved.

Because this work builds off the work I did to give the Sidebar access to the configuration without
ad-hoc retrieval or prop-drilling, it wasn’t necessary to create a new context for it. That will be
necessary for the following:

TODO:

``` javascript
rootInterface()?.uiConfig;
rootInterface()?.tenant;
me();
```

* web: Added a README with a description of the applications' "mental model," essentially an architectural description.

* web: prettier had opinions about the README

* web: Jens requested that subscription be  by default, and it's the right call.

* web: adjust RAC to point to the (now independent) Interface.

- Also, removed redundant check.
2024-01-08 10:22:52 -08:00
Ken Sternberg 8a07541a32 Merge branch 'dev' into web/monorepo-stage-1
* dev:
  web: update some locale details (#8090)
2024-01-08 09:35:54 -08:00
Ken Sternberg f8f03f3fce Merge remote-tracking branch 'refs/remotes/origin/web/monorepo-stage-1' into web/monorepo-stage-1
* refs/remotes/origin/web/monorepo-stage-1:
  fix for broken lint pass.
  web: strengthened weak regex in import map.
  web: move the content of the application to a sub-folder and build it via lage
  Another stash to check something else...
  Stashing this to go back to harmonizing package.json
  web: first stab at monorepo.
  web: moved all of the authentik building materials into a package.
2024-01-08 09:34:00 -08:00
Ken Sternberg c9dc500a2b
web: update some locale details (#8090)
This commit adds "Polish" and "Korean" to the list of languages recognized by the
web-UI, and updates the XLIFF files to include a few new strings from the RAC
project.
2024-01-08 17:27:09 +00:00
Ken Sternberg c4b34b2d5b fix for broken lint pass. 2024-01-08 08:42:16 -08:00
Ken Sternberg bdc2f68a4d web: strengthened weak regex in import map. 2024-01-08 08:42:16 -08:00
Ken Sternberg bc91221c4c web: move the content of the application to a sub-folder and build it via lage
**This commit**

- Moves the content of the authentik web-ui to a subfolder, `packages/authentik`
- Mirrors all of the commands from package.json in the root package, and
  mirrors them *again* in Lage, so that lage will run them all as-is.
- Changes paths for things like sonarJS, Codespell, and such to find the
  correct sources of their content.
- Update `glob` and `pseudolocale` versions; they were throwing exceptions.
- Update Storybook-Vite's CSS import map function to be a little more readable.
2024-01-08 08:42:16 -08:00
Ken Sternberg 3f3ab32502 Another stash to check something else... 2024-01-08 08:42:16 -08:00
Ken Sternberg cc31b078d3 Stashing this to go back to harmonizing package.json 2024-01-08 08:42:16 -08:00
Ken Sternberg 54aae94143 web: first stab at monorepo. 2024-01-08 08:42:16 -08:00
Ken Sternberg cb685c42bc web: moved all of the authentik building materials into a package. 2024-01-08 08:42:16 -08:00
dependabot[bot] 7dff303572
web: bump the eslint group in /web with 2 updates (#8082)
Bumps the eslint group in /web with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@typescript-eslint/eslint-plugin` from 6.17.0 to 6.18.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.18.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 6.17.0 to 6.18.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.18.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 13:14:05 +01:00
dependabot[bot] c2433689cb
web: bump rollup from 4.9.2 to 4.9.4 in /web (#8083)
Bumps [rollup](https://github.com/rollup/rollup) from 4.9.2 to 4.9.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.9.2...v4.9.4)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 13:13:57 +01:00
dependabot[bot] cd0adfcfaa
core: bump github.com/redis/go-redis/v9 from 9.3.1 to 9.4.0 (#8085)
Bumps [github.com/redis/go-redis/v9](https://github.com/redis/go-redis) from 9.3.1 to 9.4.0.
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/go-redis/compare/v9.3.1...v9.4.0)

---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/v9
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 13:13:49 +01:00
dependabot[bot] e5815154f9
web: bump the eslint group in /tests/wdio with 2 updates (#8086)
Bumps the eslint group in /tests/wdio with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@typescript-eslint/eslint-plugin` from 6.17.0 to 6.18.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.18.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 6.17.0 to 6.18.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.18.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 13:13:40 +01:00
dependabot[bot] 058dda5d0a
website: bump @types/react from 18.2.46 to 18.2.47 in /website (#8088)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 18.2.46 to 18.2.47.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@types/react"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 13:13:31 +01:00
Ken Sternberg 06f64ed068 fix for broken lint pass. 2024-01-05 16:17:20 -08:00
Ken Sternberg bf618ab790 web: strengthened weak regex in import map. 2024-01-05 16:09:35 -08:00
Ken Sternberg a8f0e0dd12 web: move the content of the application to a sub-folder and build it via lage
**This commit**

- Moves the content of the authentik web-ui to a subfolder, `packages/authentik`
- Mirrors all of the commands from package.json in the root package, and
  mirrors them *again* in Lage, so that lage will run them all as-is.
- Changes paths for things like sonarJS, Codespell, and such to find the
  correct sources of their content.
- Update `glob` and `pseudolocale` versions; they were throwing exceptions.
- Update Storybook-Vite's CSS import map function to be a little more readable.
2024-01-05 15:56:44 -08:00
Ken Sternberg a945d588a9 Another stash to check something else... 2024-01-05 13:13:23 -08:00
Ken Sternberg 323af18aae Stashing this to go back to harmonizing package.json 2024-01-05 13:13:23 -08:00
Ken Sternberg 4b66462925 web: first stab at monorepo. 2024-01-05 13:13:23 -08:00
Ken Sternberg a2ea248747 web: moved all of the authentik building materials into a package. 2024-01-05 13:13:23 -08:00
Jens L 3e44e9d3f6
stages/user_login: only set last_ip in session if a binding is given (#8074) 2024-01-05 19:10:27 +01:00
Jens L c77ea41af0
providers/oauth2: fix missing nonce in token endpoint not being saved (#8073)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-05 19:03:15 +01:00
dependabot[bot] c8b35b9b21
core: bump goauthentik.io/api/v3 from 3.2023105.3 to 3.2023105.5 (#8066)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023105.3 to 3.2023105.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023105.3...v3.2023105.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 18:58:03 +01:00
Jens L 78396717fe
providers/oauth2: fix missing nonce in id_token (#8072)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-05 17:27:53 +01:00
Jens L cd61cb3847
rbac: fix error when looking up permissions for now uninstalled apps (#8068)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-05 13:13:32 +01:00
Jens L 259d5e6181
web/flows: fix device picker incorrect foreground color (#8067)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-05 13:13:21 +01:00
transifex-integration[bot] 67c130302d
translate: Updates for file web/xliff/en.xlf in zh_CN (#8061)
Translate web/xliff/en.xlf in zh_CN

100% translated source file: 'web/xliff/en.xlf'
on 'zh_CN'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2024-01-05 11:55:58 +01:00
transifex-integration[bot] ffb78484da
translate: Updates for file web/xliff/en.xlf in zh-Hans (#8062)
Translate web/xliff/en.xlf in zh-Hans

100% translated source file: 'web/xliff/en.xlf'
on 'zh-Hans'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2024-01-05 11:55:42 +01:00
dependabot[bot] 018cda43b7
website: bump postcss from 8.4.32 to 8.4.33 in /website (#8063)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.32 to 8.4.33.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.32...8.4.33)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 11:55:25 +01:00
dependabot[bot] 268fb840fd
web: bump the sentry group in /web with 2 updates (#8064)
Bumps the sentry group in /web with 2 updates: [@sentry/browser](https://github.com/getsentry/sentry-javascript) and [@sentry/tracing](https://github.com/getsentry/sentry-javascript).


Updates `@sentry/browser` from 7.91.0 to 7.92.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.91.0...7.92.0)

Updates `@sentry/tracing` from 7.91.0 to 7.92.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.91.0...7.92.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: sentry
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 11:54:40 +01:00
dependabot[bot] 053062f606
core: bump golang.org/x/sync from 0.5.0 to 0.6.0 (#8065)
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.5.0 to 0.6.0.
- [Commits](https://github.com/golang/sync/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 11:54:24 +01:00
Tana M Berry 827591d376
website/docs: add link to our example flows (#8052)
add link to our example flows

Co-authored-by: Tana Berry <tana@goauthentik.io>
2024-01-04 13:32:44 -06:00
Jens L 509b502d3c
providers/oauth2: offline access (#8026)
* improve scope check (log when application requests non-configured scopes)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add offline_access special scope

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ensure scope is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update tests for refresh tokens

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* special handling of scopes for github compat

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix spec

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* attempt to fix oidc tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove hardcoded slug

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* check scope from authorization code instead of request

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix injection for consent stage checking incorrectly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-04 19:57:11 +01:00
authentik-automation[bot] 1b36cb8331
web: bump API Client version (#8059)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2024-01-04 16:29:57 +01:00
Bryan J a3ec4e7948
Update index.md (#8056)
Signed-off-by: Bryan J. <132493975+chkpwd@users.noreply.github.com>
2024-01-04 16:27:57 +01:00
Jens L 2064395434
enterprise/providers/rac: add option to limit concurrent connections to endpoint (#8053)
* enterprise/providers/rac: add option to limit concurrent connections to endpoint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* unrelated: put outpost settings in group

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-04 16:27:16 +01:00
authentik-automation[bot] 519062bc39
web: bump API Client version (#8058)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2024-01-04 16:26:58 +01:00
Jens L 116ac30c72
enterprise/providers/rac: add alert that enterprise is required for RAC (#8057)
add alert that enterprise is required for RAC

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-04 16:18:12 +01:00
Jens L b93ad8615c
enterprise/providers/rac: create authorize_application event when creating token (#8050)
* events: don't log creation of creation token

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* enterprise/providers/rac: create authorize_application event when creating token

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-03 14:47:17 +01:00