2421 commits

Author	SHA1	Message	Date
Jens Langhammer	5644d5f3f7	stages/authenticator_totp: fix key error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 19:57:00 +02:00
Jens Langhammer	f391c33bdf	providers/oauth2: fix tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 12:41:40 +02:00
Jens Langhammer	18f450bd49	root: enable sentry for tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 12:29:30 +02:00
Jens Langhammer	ee36b7f3eb	flows: move autosubmit stage into flows package ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 12:06:19 +02:00
Jens Langhammer	a9a62bbfc8	providers/oauth2: use correct title based on flow context and translated ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 00:08:29 +02:00
Jens Langhammer	ddd785898b	providers/saml: add title attribute to autosubmit stage and render correctly ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 00:08:14 +02:00
Jens Langhammer	8ba45a5f6a	providers/oauth2: don't create events before client_id can be verified to prevent spam ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-14 00:02:01 +02:00
Jens Langhammer	7d41e6227b	providers/oauth2: add tests for form_post, fix attrs not being flattened ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-13 23:52:50 +02:00
Jens Langhammer	1363226697	providers/saml: make SAML metadata generation consistent ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-13 17:40:18 +02:00
scheibling	d4abf5621e	providers/oauth2: add support for form_post response mode (#2818) ... * Added request verification and parameter generation * response_mode added to OAuthAuthorizationParams return * Added class OauthPostFulfillmentStage Check response_mode in initialization * Corrected typo * Removed separate class Added handling for FORM_POST in create_response_uri Added handling for FORM_POST in return class * Fixed pylint error (trailing-whitespace) Removed comment * Reformatted authorize.py with black	2022-05-12 21:36:31 +02:00
Jens L	ec67b60219	policies/hibp: check in prompt data (#2845) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-10 23:47:36 +02:00
Jens L	fd1d38f844	stages/authenticator_validate: remember (#2828) ... * initial Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: cleanup timedelta help Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tooltip Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * assert response code in self.assertStageResponse Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add more tests, add duo Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-10 21:05:22 +02:00
Jens Langhammer	3554406aa5	root: fix duplicate enum in api scheme ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-10 10:24:18 +02:00
Jens L	ab2299ba1e	outposts/ldap: cached bind (#2824) ... * initial cached ldap bind support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * clean up api generation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use gh action for golangci-lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-08 16:48:53 +02:00
Jens Langhammer	860269acf0	root: set SESSION_SAVE_EVERY_REQUEST to enable sliding sessions ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1878	2022-05-07 22:32:56 +02:00
scheibling	30c7e6c94c	providers/oauth2: fixed typo (PROMPT_CONSNET => PROMPT_CONSENT) (#2819)	2022-05-06 10:09:09 +02:00
Jens Langhammer	59df02b3b8	root: disable stdout capturing for tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-05 23:08:36 +02:00
Jens Langhammer	ddbe0aaf13	stages/user_delete: fix delete stage failing when pending user is not explicitly set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-01 13:59:33 +02:00
Jens Langhammer	84930b4924	Revert "internal: fix high cpu when backend isnt healthy" ... This reverts commit eb6cfd22a7. Revert "root: handle JSON error in metrics too" This reverts commit 1ede972222. Revert "root: don't force multiprocess prometheus registry" This reverts commit cd1d1b4402. Revert "root: add error handling for prometheus view" This reverts commit c0a883f76f.	2022-04-29 18:13:26 +02:00
Jens Langhammer	1ede972222	root: handle JSON error in metrics too ... this can happen when the worker is killed while writing metrics	2022-04-29 11:01:04 +00:00
Jens Langhammer	cd1d1b4402	root: don't force multiprocess prometheus registry ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-29 10:53:47 +02:00
Jens Langhammer	c0a883f76f	root: add error handling for prometheus view ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-29 10:17:53 +02:00
Jens Langhammer	ab8b37a899	events: fix ignored instances not being a tuple ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-25 11:19:58 +02:00
Jens Langhammer	9077eff34d	root: add silk and debugging views ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-21 22:38:32 +02:00
Jens Langhammer	2399fa456b	policies: fix current user not being set in server-side policy deny ... closes #2039 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-21 22:30:27 +02:00
Jens Langhammer	0b4ac54363	*: default to max 60 for fqdn_rand ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-20 20:07:25 +02:00
Jens Langhammer	1a1434bfda	*: decrease frequency of background tasks, smear tasks based on name and fqdn ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2159	2022-04-20 18:43:40 +02:00
Jens Langhammer	d283a5236c	core: add custom shell command which imports all models and creates events for model events ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-17 18:14:57 +02:00
github-actions[bot]	e4486b98fc	web: Update Web API Client version (#2733) ... Signed-off-by: GitHub <noreply@github.com> Co-authored-by: BeryJu <BeryJu@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-17 17:05:43 +02:00
Jens Langhammer	778065f468	core: add flag to globally disable impersonation ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-17 16:52:55 +02:00
Behn	70794d79dd	sources/oauth: Fix wording for OAuth source names (#2732)	2022-04-17 16:40:10 +02:00
Jens Langhammer	a3bb5d89cc	events: fix created events only being logged as debug level ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-14 22:37:30 +02:00
Jens Langhammer	f4f9f525d7	providers/oauth2: include application in login event ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-14 22:36:45 +02:00
Jens Langhammer	4c14e88a25	flows: pin dependency in migration ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-14 22:28:26 +02:00
Jens Langhammer	7561ea15de	providers/oauth2: add additional tracing to token view	2022-04-14 16:48:17 +00:00
Jens Langhammer	8242b09394	flows: handle flow title formatting error better, add user to flow title context	2022-04-14 13:56:20 +00:00
Jens Langhammer	9b9c0fe663	release: 2022.4.1	2022-04-12 22:07:34 +02:00
Jens Langhammer	5a58f6ee64	providers/oauth2: remove test for non sa user ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-12 20:35:13 +02:00
Jens Langhammer	e84b17d550	providers/oauth2: don't force service accounts for client_credentials flow ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-12 10:23:25 +02:00
Jens Langhammer	9da439623b	stages/authenticator_duo: fix bad request being sent to duo when calling enrollment_status outside a flow ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2666	2022-04-11 21:02:32 +02:00
Jens Langhammer	957bb1c5ef	core: make generated token length configurable ... closes #2574 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-11 20:57:16 +02:00
Jens Langhammer	2303a97bb9	core: add method to set key of token ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2574	2022-04-11 20:43:39 +02:00
Jens Langhammer	8be04cc013	providers/oauth2: fix elliptic curve keys attempting to use EC256 instead of ES256 ... closes #2703 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-11 20:05:58 +02:00
Jens Langhammer	cca33a74b6	core: fix error when checking generated users with no expiry ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-10 17:53:46 +02:00
Jens Langhammer	f977bf61eb	providers/oauth2: make exp optional on jwt client_credentials flow ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-10 17:25:35 +02:00
Jens Langhammer	f8f8a9bbb9	providers/oauth2: give keypairs private key preference over certificate in client_credentials jwt flow ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-10 16:27:53 +02:00
Jens Langhammer	e64ca4ab04	core: fix lint error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-08 10:10:30 +02:00
Jens Langhammer	e2f0a76309	outposts: check if docker ports should be mapped before comparing ports ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-07 17:30:33 +02:00
Jens Langhammer	5861d41ad3	tenants: add tenant-level attributes, applied to users based on request ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-06 10:41:35 +02:00
Jens Langhammer	20262f3f4b	core: mark provider_obj as read_only ... closes #2637 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-04 10:17:59 +02:00
Jens L	633296503d	core: add grouping to applications (#2648) ... * core: add grouping to applications Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add new field to tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-02 23:08:58 +02:00
Jens L	508cec2fd5	web: migrate dropdowns to wizards (#2633) ... * web/admin: add basic wizards for providers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add dark mode for wizard Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: migrate policies to wizard Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * start source Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * policies: sanitze_dict when returning log messages during tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * Revert "web/admin: migrate policies to wizard" This reverts commit d8b7f62d3e. Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/src/locales/zh-Hans.po # web/src/locales/zh-Hant.po # web/src/locales/zh_TW.po * web: rewrite wizard to be element based Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * further cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update sources Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: migrate property mappings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate stages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate misc dropdowns Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate outpost integrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-02 19:48:17 +02:00
Jens Langhammer	7a93614e4b	policies: fix tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-02 18:31:02 +02:00
Jens Langhammer	4f319eaa4f	policies/dummy: bump to info to always get message ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-02 17:28:51 +02:00
Jens Langhammer	86a8d00b3f	policies: sanitze_dict when returning log messages during tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-02 17:15:44 +02:00
Jens Langhammer	5fe8c1f3d7	policies: fix missing default for log_messages ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-02 16:44:49 +02:00
Jens Langhammer	d84ff2bbca	policies: add policy log messages to test endpoints ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-01 22:07:35 +02:00
Jens Langhammer	4be238018b	providers/oauth2: pass scope and other parameters to access policy request context ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2641	2022-04-01 21:39:05 +02:00
Jens Langhammer	99008252f8	providers/oauth2: fix verification_keys being required ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-31 20:19:13 +02:00
Jens Langhammer	8689444954	providers/oauth2: add password grant support (treated as client_credentials) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-31 18:02:17 +02:00
Jens L	bb8af2f19b	providers/oauth2: add client_assertion_type jwt bearer support (#2618)	2022-03-31 00:30:55 +02:00
Jens Langhammer	996bd05ba6	api: fix API header auth not passing to next auth method ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-31 00:06:01 +02:00
Jens Langhammer	a1a64e25ee	api: remove legacy http basic auth ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-30 23:39:08 +02:00
Jens Langhammer	993c6472db	crypto: only count discovered when cert was loaded successfully	2022-03-28 08:58:23 +00:00
Jens Langhammer	123b0b2f05	core: fix pylint renamed variable	2022-03-28 08:58:13 +00:00
Jens Langhammer	7cbd5174f0	stages/invitation: fix tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-26 19:12:22 +01:00
Jens Langhammer	c7a83e6182	stages/invitation: add invitation name ... closes #2583 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-26 18:32:59 +01:00
Jens Langhammer	74ff9d04dd	stages/prompt: set field default based on placeholder, fix duplicate fields ... closes #2572 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-23 22:26:06 +01:00
Jens Langhammer	969902f503	stages/prompt: filter rest_framework.fields.empty when field is not required ... closes #2572 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-23 20:21:12 +01:00
Jens Langhammer	04372e21dd	events: handle types in event contexts ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2572	2022-03-23 19:49:55 +01:00
Adam G	d75a864f0e	providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation (#2497) ... * providers/oauth2: impl `/user/teams` endpoint for Github OAuth2 This commit adds a functional `/user/teams` endpoint for the emulated Github OAuth2 service. The teams a user is part of are based on the user's groups in Authentik. * providers/oauth2: Move org template inside loop; Change slug to use Django slugify * providers/oauth2: Remove placeholder replacement * Possibly fix complaints from the linters * Update github.py * Change organization name * Update github.py	2022-03-23 12:05:20 +01:00
Jens Langhammer	0c2b32da31	core: add num_pk to group for applications that need a numerical group id ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2497	2022-03-22 21:37:11 +01:00
Jens Langhammer	9ad4c736f1	stages/email: allow overriding of destination email in plan context ... closes #2445 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-22 21:19:34 +01:00
Jens Langhammer	4154b62565	stages/prompt: fix non-required fields not allowing blank values, add more tests ... closes #2544 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-22 20:38:04 +01:00
Jens Langhammer	86a4a7dcee	release: 2022.3.3	2022-03-21 22:37:13 +01:00
Angel Nunez Mencias	8b95e9f97a	crypto: open files in read-only mode for importing (#2536) ... closes #2535	2022-03-21 10:46:09 +01:00
Jens Langhammer	be232e2b77	core: fix provider launch URL being prioritised over manually configured launch URL ... closes #2493 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-16 10:26:55 +01:00
Jens Langhammer	53d0205e86	outposts/proxy: use Prefix in ingress for k8s ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-15 19:01:08 +01:00
Jens Langhammer	260a7aac63	release: 2022.3.2	2022-03-15 00:01:01 +01:00
Jens Langhammer	a3df414f24	sources/ldap: fix parent_group not being applied ... closes #2464 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-14 22:13:20 +01:00
Jens Langhammer	dcaa8d6322	flows: revert default flow user change ... closes #2483 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-14 22:05:30 +01:00
Jens Langhammer	ceb894039e	stages/authenticator_validate: fix passwordless flows not working ... closes #2484 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-14 21:15:47 +01:00
Jens Langhammer	c7a825c393	lib: lower default sample rate	2022-03-14 12:38:14 +00:00
Jens Langhammer	54f170650a	core: replace uid with uuid search ... uid can't be searched it as its a computed field closes #2480 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-14 10:35:55 +01:00
Jens Langhammer	fedb81571d	release: 2022.3.1	2022-03-10 19:12:29 +01:00
Jens Langhammer	37528e1bba	stages/authenticator_validate: fix lint ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-10 09:56:04 +01:00
Jens Langhammer	cc1509cf57	stages/authenticator_validate: fix logic error when multiple authenticator devices can be selected ... closes #2290 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-10 00:46:42 +01:00
Jens Langhammer	0dfecc6ae2	stages/authenticator_*: fix device.confirmed being set incorrectly ... closes #2330 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-10 00:19:49 +01:00
Jens Langhammer	de17207c68	lib: fix default geoip path ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2453	2022-03-09 21:57:29 +01:00
Jens L	920d1f1b0e	providers/oauth2: initial client_credentials grant support (#2437) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-05 23:24:55 +01:00
Jens Langhammer	b1fd801ceb	tenants: fix syntax error in expression for locale	2022-03-03 11:50:46 +00:00
Jens Langhammer	1e1d9f1bdd	core/api: allow filtering users by uid, add uid to search ... closes #2428 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-03 10:19:56 +01:00
Jens L	4f4f954693	core: customisable user settings (#2397) ... * tenants: add user_settings flow, add basic flow and basic new executor Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: use flow PromptStage instead of custom stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: add tenant to StageHost interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: fix form missing component Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: re-add success message Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: improve support for multiple error messages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/prompt: allow expressions in prompt placeholders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/prompt: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: always set pending user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: never cache stage configuration flow plans Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/user_write: fix error when pending user is anonymous user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add checkbox for prompt placeholder expression Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add prompt expression docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/prompt: add ak-locale field type Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tenants: fix default policy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add function to do global refresh Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix rendering of ak-locale Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tenants: fix default policy, add error handling to placeholder, fix locale attribute Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-03 00:13:06 +01:00
Jens Langhammer	c57fbcfd89	sources/oauth: log body when get_profile fails ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-02 20:37:42 +01:00
Jens Langhammer	08acc7ba41	providers/oauth2: fix invalid launch URL being generated	2022-03-01 15:29:21 +00:00
Jens Langhammer	7bdd32506e	web: cleanup default footer links	2022-03-01 15:27:21 +00:00
dependabot[bot]	f98a9bed9f	build(deps-dev): bump bandit from 1.7.2 to 1.7.3 (#2403) ... * build(deps-dev): bump bandit from 1.7.2 to 1.7.3 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.2 to 1.7.3. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.7.2...1.7.3) --- updated-dependencies: - dependency-name: bandit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * sigh Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-28 10:13:51 +01:00
Dorian Zedler	e9064509fe	sources/oauth: Add Mailcow oauth source (#2380) ... * Feat: Add Mailcow oauth source * Feat: Add mailcow icon * Run make * Feat: Add tests * Fix: Remainder from discord test * Docs: Add mailcow oauth source docs * Docs: add mailcow source to menu * Fix: Mailcow provider type in test * Fix: Formatting * Fix: Doc file name	2022-02-27 15:06:02 +01:00
Jens Langhammer	7e5d8624c8	web: fix locale change not updating all elements ... closes #2365 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-26 16:29:12 +01:00
Jens Langhammer	2f8dbe9b97	core: handle all exceptions for applications listing ... closes #2382 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-26 16:08:38 +01:00
Jens L	677bcaadd7	core: add initial app launch url (#2367) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-23 22:48:55 +01:00
Jens Langhammer	80f218a6bf	core: also handle TypeError for invalid app URL formatting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-17 18:23:11 +01:00
Jens Langhammer	4a1acd377b	release: 2022.2.1	2022-02-16 10:51:55 +01:00
Jens Langhammer	72259f6479	events: fix lint ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-14 23:15:45 +01:00
Jens Langhammer	0973c74b9d	providers/oauth2: fix redirect_uri being lowercased on successful validation ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-14 23:04:00 +01:00
Jens Langhammer	c7ed4f7ac1	events: check mtime on geoip database ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-14 22:42:46 +01:00
Jens Langhammer	3d577cf15e	*: add placeholder custom.css to easily allow user customisation ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-14 20:05:00 +01:00
Jens Langhammer	c040b13b29	providers/proxy: remove leading slash to allow subdirectories in proxy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2305	2022-02-14 12:51:04 +01:00
Jens L	df362dd9ea	core: handle error when formatting launch URL fails closes #2304	2022-02-14 12:02:51 +01:00
Jens Langhammer	3af0de6a00	Revert "root: disable sentry's auto_session_tracking" ... This reverts commit 4f24d61290.	2022-02-14 09:55:35 +01:00
Jens Langhammer	4f24d61290	root: disable sentry's auto_session_tracking ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-14 09:44:12 +01:00
Jens Langhammer	3b6497cd51	outposts: ensure keypair is set for SSH connections ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-13 15:39:37 +01:00
Jens Langhammer	bb4be944dc	sources/ldap: use merger that only appends unique items to list ... closes #2211 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-13 14:20:13 +01:00
Jens Langhammer	21efee8f44	admin: add additional logging when restarting a task ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-12 18:40:21 +01:00
Jens Langhammer	f61549a60f	providers/proxy: enable TLS in ingress via traefik annotation ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1997	2022-02-12 18:35:24 +01:00
Jens Langhammer	0da043a9fe	outposts: make local discovery configurable ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-12 17:27:41 +01:00
Jens Langhammer	f336f204cb	stages/authenticator_validate: fix handling when single configuration stage is selected ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-12 17:27:33 +01:00
Jens Langhammer	b5d43b15f8	providers/oauth2: add support for explicit response_mode ... closes #1953 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-12 16:56:47 +01:00
Jens Langhammer	2ccab75021	stages/authenticator_validate: add ability to select multiple configuration stages which the user can choose ... closes #1843 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-12 16:55:50 +01:00
Jens Langhammer	8bc3db7c90	release: 2022.1.5	2022-02-09 22:42:34 +01:00
Jens Langhammer	e741caa6b3	core: allow formatting strings to be used for applications' launch URLs ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-08 23:46:23 +01:00
Jens L	4343246a41	*: rename akprox to outpost.goauthentik.io (#2266) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-08 20:25:38 +01:00
Jens Langhammer	c63e1c9b87	outposts: fix compare_ports to support both service and container ports ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-08 17:40:49 +01:00
Jens Langhammer	f44cf06d22	outposts: fix service reconciler re-creating services ... closes #2095 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-08 17:23:00 +01:00
Jens Langhammer	15e2032493	stages/authenticator_validate: handle non-existent device_challenges ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-07 20:31:49 +01:00
Jens Langhammer	c87f6cd9d9	outposts: remove node_port on V1ServicePort checks to prevent service creation loops ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2095	2022-02-07 20:26:14 +01:00
Jens Langhammer	b0936ea8f3	sources/ldap: log entire exception ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-07 19:37:39 +01:00
Jens L	d5e04a2301	*: remove deprecated backup (#2129) ... * *: remove backup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: final cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: use correct pyproject when migrating from stable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: fix broken docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-05 18:54:15 +01:00
Jens Langhammer	4e4e2b36b6	sources/saml: fix server error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-05 15:41:26 +01:00
Jens Langhammer	eaba8006e6	sources/saml: fix incorrect ProtocolBinding being sent ... closes #2213 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-03 18:20:06 +01:00
Jens Langhammer	39ff202f8c	outposts: fix channel not always having a logger attribute ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-03 17:58:54 +01:00
Jens Langhammer	49dfb4756e	release: 2022.1.4	2022-02-01 20:12:55 +01:00
Jens Langhammer	88603fa4f7	providers/proxy: set traefik labels using object_naming_template instead of UUID	2022-02-01 17:13:27 +00:00
Jens Langhammer	0232c4e162	lifecycle: send analytics in gunicorn config to decrease outgoing requests when workers get restarted ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-01 15:01:43 +01:00
Jens Langhammer	e93be0de9a	sources/ldap: add list_flatten function to property mappings, enable on managed LDAP mappings ... closes #2199 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-31 23:07:32 +01:00
Jens Langhammer	a5adc4f8ed	core: fix view_token permission not being assigned on token creation for non-admin user ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-31 20:00:30 +01:00
Jens Langhammer	ceaf832e63	root: remove boto integration in sentry to ease backup removal	2022-01-31 13:47:18 +00:00
Jens Langhammer	c55f503b9b	release: 2022.1.3	2022-01-26 22:15:28 +01:00
Jens Langhammer	c2586557d8	root: fix redis passwords not being encoded correctly ... closes #2130 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-26 20:45:45 +01:00
Jens Langhammer	0d47654651	root: add max-requests for gunicorn and max tasks for celery ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-26 10:04:58 +01:00
Jens Langhammer	2f4c92deb9	Merge branch 'version-2022.1'	2022-01-24 21:42:12 +01:00
Jens Langhammer	c7ba183dc0	providers/proxy: fix traefik label ... closes #2128 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-24 17:45:09 +01:00
Jens Langhammer	3d724db0e3	release: 2022.1.2	2022-01-24 11:28:00 +01:00
Jens Langhammer	2997542114	lib: disable backup by default, add note to configuration	2022-01-24 10:00:15 +00:00
Jens Langhammer	42f5cf8c93	outposts: allow custom label for docker containers ... closes #2128 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-23 21:55:58 +01:00
Jens Langhammer	82cc1d536a	providers/proxy: add PathPrefix to auto-traefik labels ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2128	2022-01-23 21:55:46 +01:00
Jens Langhammer	6a411d7960	policies/hibp: ensure password is encodable ... closes AUTHENTIK-1SA Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-23 21:23:24 +01:00
Jens Langhammer	f4a6c70e98	release: 2022.1.1	2022-01-22 18:28:40 +01:00
Jens Langhammer	dd8b579dd6	lib: ignore paramiko logger ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-21 10:46:33 +01:00
Jens Langhammer	994c5882ab	root: fix error if secret_key is purely numerical ... closes #2099 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-18 09:17:33 +01:00
Jens Langhammer	0db0a12ef3	root: rename csrf header ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-16 16:17:44 +01:00
Jens Langhammer	eaeab27004	lib: add support for custom env ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-16 14:56:02 +01:00
Jens Langhammer	111fbf119b	*: refactor prometheus gauges to directly updating metrics view ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-16 13:57:07 +01:00
Jens Langhammer	92cc0c9c64	root: decrease to 10 backup history ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-14 19:59:50 +01:00
Jens Langhammer	18ff803370	outposts: trigger service update on k8s when selector doesnt match ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-14 11:42:57 +01:00
Jens Langhammer	6338785ce1	outposts: change label app.kubernetes.io/name to include outpost type ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-14 10:34:54 +01:00
Jens Langhammer	973e151dff	outposts: add Additional version labels to managed k8s deployments ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-13 17:48:01 +01:00
Jens Langhammer	fae6d83f27	*: simplify extracting current version info ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-13 17:47:31 +01:00
Jens Langhammer	ed84fe0b8d	root: set samesite for csrf cookie ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-12 23:14:14 +01:00
Jens Langhammer	7db7b7cc4d	stages/authenticator_validate: fix lint ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-12 23:00:28 +01:00
Jens Langhammer	e758db5727	stages/authenticator_webauthn: make more WebAuthn options configurable ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-12 22:57:49 +01:00
Jens Langhammer	4d7d700afa	providers/oauth2: change default redirect uri behaviour; set first used url when blank and use star for wildcard ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-12 22:44:57 +01:00
Jens Langhammer	f9a5add01d	root: include build in analytics ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-12 22:18:52 +01:00
Jens Langhammer	2986b56389	root: fix backups running every minute instead of once ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-12 22:09:44 +01:00
Jens Langhammer	11e25617bd	crypto: fully parse certificate on validation in serializer to prevent invalid certificates from being saved ... closes #2082 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-10 20:36:50 +01:00
Jens Langhammer	19d5902a92	flows: handle error if flow title contains invalid format string ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-10 19:49:27 +01:00
Jens Langhammer	71dffb21a9	outposts: improve error handling for outpost service connection state ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-10 19:44:13 +01:00
Jens Langhammer	2543224c7c	core: dont return 404 when trying to view key of expired token ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-10 17:53:09 +01:00
Jens Langhammer	6b6702521f	api: don't return error reporting enabled when debug is enabled ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-07 21:53:22 +01:00
Jens Langhammer	c07b8d95d0	outposts/proxy: remove deprecated headers ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-07 17:01:23 +01:00
Jens Langhammer	0027dbc0e5	root: remove old api path ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-06 22:21:21 +01:00
Jens Langhammer	c15e4b24a1	release: 2021.12.5	2022-01-06 21:29:12 +01:00
Jens Langhammer	03503363e5	core: fix UserSelfSerializer's save() overwriting other user attributes ... closes #2070 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-06 18:23:06 +01:00
Jens Langhammer	22d6621b02	root run backup every 24 hours ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-06 15:29:11 +01:00
Jens Langhammer	91dd33cee6	policies/reputation: trigger save on update ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-05 22:06:20 +01:00
Jens Langhammer	5a2c367e89	policies/reputation: fix test ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-05 21:44:15 +01:00
Jens Langhammer	6e53f1689d	policies/reputation: rework reputation to use a single entry, include geo_ip data ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-05 21:02:33 +01:00
Jens Langhammer	7b1373e8d6	core: fix lint error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-04 23:17:37 +01:00
Jens Langhammer	e70b486f20	outposts: handle error in certificate cleanup ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-04 22:53:37 +01:00
Jens Langhammer	5769ff45b5	core: add goauthentik.io/user/can-change-name ... closes #2054 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-04 19:03:12 +01:00
Jens Langhammer	9d6f79558f	tenants: forbid creation of multiple default tenants ... closes #2059 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-04 19:01:20 +01:00
Jens Langhammer	935a8f4d58	core: add tests for non-applicable flows with flow manager ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-03 22:14:52 +01:00
Jens Langhammer	7d3d17acb9	core: add error handling in source flow manager when flow isn't applicable ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-03 21:57:55 +01:00
Jens Langhammer	ebd476be14	sources/oauth: fix sources not allowing blank values ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2047	2022-01-03 21:36:14 +01:00
Jens Langhammer	31ba543c62	*: don't use exception keyword with structlog ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-03 21:33:52 +01:00
Jens Langhammer	a101d48b5a	core: passthrough connection and additional data to FlowManager ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2047	2022-01-03 21:31:26 +01:00
Jens Langhammer	8f44c792ac	sources/oauth: fix github provider not including correct base scopes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2047	2022-01-03 21:04:18 +01:00
Jens Langhammer	212220554f	sources/oauth: add additional scopes field to get additional data from provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2047	2022-01-03 16:43:52 +01:00
Jens Langhammer	3e22740eac	core: add API endpoint to directly set user's password ... closes #2040 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-03 13:31:58 +01:00
Jens Langhammer	d18a691f63	core: prevent LDAP password being set for internal hash upgrades ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-03 13:23:42 +01:00
Jens Langhammer	90c31c2214	flows: add test helpers to simplify and improve checking of stages, remove force_str ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-01 20:25:32 +01:00
Jens Langhammer	50e3d317b2	flows: use WithUserInfoChallenge for AccessDeniedChallenge ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2039	2022-01-01 19:45:34 +01:00
Jens Langhammer	3eed7bb010	lib: dont send any sentry events when testing ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-01 18:56:14 +01:00
Jens Langhammer	9154b9b85d	web/user: rework user source connection UI ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-30 21:59:41 +01:00
Jens Langhammer	fc19372709	flows: fix migration removing flow titles ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-30 21:00:00 +01:00
Jens Langhammer	d03b0b8152	outposts: include outposts build hash in state ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-30 15:16:34 +01:00
Jens Langhammer	c249b55ff5	*: use py3.10 syntax for unions, remove old Type[] import when possible ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-30 14:59:01 +01:00
Jens Langhammer	fc7a452b0c	flows: update default flow titles ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-27 22:04:35 +01:00
Jens Langhammer	46f12e62e8	flows: don't create EventAction.FLOW_EXECUTION ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-27 15:07:33 +01:00
Jens Langhammer	53b10e64f8	outposts: fix error when client hasn't be initialised ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-26 14:26:48 +01:00
Jens Langhammer	abe38bb16a	outposts: fix __exit__ being called without params ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-25 17:52:20 +01:00
Jens Langhammer	b19da6d774	crypto: return private key's type (required for some oauth2 providers) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-25 16:51:28 +01:00
Jens Langhammer	7c55616e29	outposts: fix creation of from_env docker client ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-25 16:48:23 +01:00
Jens Langhammer	6510b97c1e	outposts: add remote docker integration via SSH ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-25 16:31:34 +01:00
Jens Langhammer	22d1dd801c	root: also use analytics uuid for sentry ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-24 15:13:27 +01:00
Jens Langhammer	e7e0e6d213	lib: strip values for timedelta from string ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-23 18:49:35 +01:00
Jens Langhammer	ca0250e19f	core: add meta theme-color ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-23 18:49:24 +01:00
Jens Langhammer	5c5634830f	stages/identification: add field for passwordless flow ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-23 18:27:00 +01:00
Jens Langhammer	9c42b75567	release: 2021.12.4	2021-12-23 10:32:48 +01:00
Jens Langhammer	457e17fec3	website/docs: add small let's encrypt docs ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-23 00:59:06 +01:00
Jens Langhammer	846006f2e3	events: create test notification with event with data ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 23:32:29 +01:00
Jens Langhammer	f557b2129f	*: fix random typos ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 23:13:18 +01:00
Jens Langhammer	6dc2003e34	providers/oauth2: fix tests validating JWT incorrectly ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 23:00:57 +01:00
Jens Langhammer	0149c89003	providers/oauth2: fix invalid assignments in JWKS view ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 22:41:28 +01:00
Jens Langhammer	f458cae954	providers/proxy: add error handing when field is already gone ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 22:31:53 +01:00
Jens Langhammer	f01d117ce6	providers/proxy: fix imports in migrations ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 22:25:02 +01:00
Jens Langhammer	2bde43e5dc	crypto: use older syntax for type union ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 22:22:45 +01:00
Jens Langhammer	2f3026084e	providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 22:09:49 +01:00
Jens Langhammer	c1f0833c09	crypto: improve support for non-rsa private keys (discovery) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 21:46:22 +01:00
Jens Langhammer	8e83209631	stages/authenticator_validate: fix lint error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 18:14:35 +01:00
Jens Langhammer	2e48e0cc2f	stages/authenticator_validate: fix prompt not triggering when using in non-authentication context ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 18:03:02 +01:00
Jens Langhammer	e72f0ab160	stages/authenticator_validation: refuse passwordless flow if flow is not for authentication ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 18:02:43 +01:00
Jens Langhammer	5b3a9e29fb	stages/authenticator_validate: add passwordless login ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 17:34:46 +01:00
Jens Langhammer	34b11524f1	tenants: add web certificate field, make authentik's core certificate configurable based on keypair ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-22 11:43:45 +01:00
Jens Langhammer	16b6c17305	Revert "policies: don't always clear application cache on post_save" ... This reverts commit 5ef385f0bb. Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # authentik/policies/signals.py	2021-12-22 00:23:19 +01:00
Jens Langhammer	cf4b4030aa	release: 2021.12.3	2021-12-21 20:52:08 +01:00
Jens Langhammer	7fb939f97b	core: fix error when getting launch URL for application with non-existent Provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 19:40:29 +01:00
Jens Langhammer	c78236a2a2	root: don't set secure cross opener policy ... closes #1977 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 19:16:22 +01:00
Jens Langhammer	ca314c262c	*: revert to using GHCR directly ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 13:54:49 +01:00
Jens Langhammer	8a60a7e26f	providers/proxy: revert to static list of forwarded headers ... wildcard is not usable for this since the regular expression doesn't support negative lookahead, meaning we would always forward all headers, including Connection and others closes #1969 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 12:04:54 +01:00
Jens Langhammer	92b4244e81	providers/proxy: update traefik regex ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1969	2021-12-20 22:43:58 +01:00
Jens Langhammer	dfbf7027bc	providers/proxy: add traefik.ingress.kubernetes.io/router.tls annotation for ingress ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 22:24:42 +01:00
Jens Langhammer	4658018a90	Revert "outposts: rename outpost" ... This reverts commit a5c30fd9c7.	2021-12-20 21:37:31 +01:00
Jens Langhammer	577b7ee515	providers/proxy: include auth headers ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 21:37:22 +01:00
Jens Langhammer	3da526f20e	root: allow trace log level to work for core/embedded ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 21:11:47 +01:00
Jens Langhammer	c843f18743	lib: add additional celery logger to sentry ignore ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 21:04:45 +01:00
Jens Langhammer	80d0b14bb8	outposts: fix error when getting state for non-existent outpost ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 19:44:47 +01:00
Jens Langhammer	a5c30fd9c7	outposts: rename outpost ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 19:28:05 +01:00
Jens Langhammer	ef23a0da52	outposts/proxy: fix traefik header regex to only match Remote- and X- headers to prevent websocket errors ... closes #1969 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 13:30:19 +01:00
Jens Langhammer	ba527e7141	root: drop redis cache sentry errors ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 13:12:14 +01:00
Jens Langhammer	602573f83f	ci: fix label ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-19 13:44:34 +01:00
Jens Langhammer	8599d9efe0	web/admin: auto set the embedded outpost's authentik_host on first view ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-19 13:27:04 +01:00
Jens Langhammer	8e6fcfe350	root: fix inconsistent URL quoting of redis URLs ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-18 22:24:41 +01:00
Jens Langhammer	e9910732bc	release: 2021.12.2	2021-12-18 21:03:50 +01:00
Jens Langhammer	b6ff04694f	providers/oauth2: don't rely on expiry task for access codes and refresh tokens ... closes #1911 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-18 17:42:41 +01:00
Jens Langhammer	61097b9400	policies/password: add minimum digits ... closes #1952 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-18 16:15:56 +01:00
Jens Langhammer	4c5537ddfe	sources/oauth: allow writing to user in SourceConnection ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1888	2021-12-18 15:33:46 +01:00
Jens Langhammer	a95779157d	tests/integration: add rename and full update tests for k8s controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-18 15:32:16 +01:00
Jens Langhammer	ac6afb2b82	stages/email: add test for non-existent directory ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-18 15:05:40 +01:00
Jens Langhammer	71a22c2a34	outposts: add unittests for docker controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-17 13:42:33 +01:00