Commit graph

11291 commits

Author SHA1 Message Date
Jens L e47bbe63b8
website/docs: update release notes (#4833)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-02 20:27:51 +01:00
Jens L 972dce1462
security: fix CVE-2023-26481 (#4832)
fix CVE-2023-26481

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-02 20:15:33 +01:00
Jens L 7b44d8972f
stages/authenticator_sms: fix twilio sending, add test (#4829)
closes #4823

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-02 14:39:28 +01:00
dependabot[bot] ba9cafecc5
web: bump @sentry/browser from 7.39.0 to 7.40.0 in /web (#4826)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.39.0 to 7.40.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.40.0/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.39.0...7.40.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 11:57:01 +01:00
dependabot[bot] e0f4f2c80a
web: bump mermaid from 10.0.0 to 10.0.1 in /web (#4825)
Bumps [mermaid](https://github.com/mermaid-js/mermaid) from 10.0.0 to 10.0.1.
- [Release notes](https://github.com/mermaid-js/mermaid/releases)
- [Changelog](https://github.com/mermaid-js/mermaid/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/mermaid-js/mermaid/compare/v10.0.0...v10.0.1)

---
updated-dependencies:
- dependency-name: mermaid
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 11:56:13 +01:00
dependabot[bot] e715f1fbbb
web: bump @sentry/tracing from 7.39.0 to 7.40.0 in /web (#4827)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.39.0 to 7.40.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.40.0/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.39.0...7.40.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 11:55:45 +01:00
dependabot[bot] dde9d02008
web: bump @codemirror/lang-python from 6.1.1 to 6.1.2 in /web (#4828)
Bumps [@codemirror/lang-python](https://github.com/codemirror/lang-python) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/codemirror/lang-python/releases)
- [Changelog](https://github.com/codemirror/lang-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-python/compare/6.1.1...6.1.2)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-python"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 11:55:29 +01:00
sdimovv a6eba37d5a
core: Add resolve_dns and reverse_dns functions to evaluator (#4769)
* Add resolve_dns

* Add reverse_dns

* Fix lint

* add caching, small optimisation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Added time-aware LRU cache

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-01 22:15:13 +01:00
Jens L 2eb7c16a9a
web/admin: set valid correctly when opened and radio is already selected (#4821)
closes #4813

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-01 16:14:32 +01:00
Jens L 87fa50c492
web/admin: workaround for tenant certificate selection being cut off (#4820)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4814
2023-03-01 15:41:28 +01:00
dependabot[bot] 9042664fcf
web: bump pyright from 1.1.295 to 1.1.296 in /web (#4818)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.295 to 1.1.296.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.296/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 11:02:14 +01:00
dependabot[bot] e8a53041cc
core: bump watchdog from 2.3.0 to 2.3.1 (#4819)
Bumps [watchdog](https://github.com/gorakhargosh/watchdog) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/gorakhargosh/watchdog/releases)
- [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst)
- [Commits](https://github.com/gorakhargosh/watchdog/compare/v2.3.0...v2.3.1)

---
updated-dependencies:
- dependency-name: watchdog
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 10:59:42 +01:00
Jens L 20e971f5ce
flows: planner error handling (#4812)
* handle FlowNonApplicableException everywhere

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make flow planner check authentication when no pending user is in planning context

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add mailhog to e2e test services, remove local docker requirement

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-28 15:18:29 +01:00
dependabot[bot] 6f2f4f4aa3
web: bump @sentry/browser from 7.38.0 to 7.39.0 in /web (#4807)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.38.0 to 7.39.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.38.0...7.39.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 11:11:38 +01:00
dependabot[bot] 66e8748503
web: bump @sentry/tracing from 7.38.0 to 7.39.0 in /web (#4806)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.38.0 to 7.39.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.38.0...7.39.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 10:55:42 +01:00
dependabot[bot] b5c8fa24a2
web: bump @typescript-eslint/parser from 5.53.0 to 5.54.0 in /web (#4810)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.53.0 to 5.54.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.54.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 10:55:10 +01:00
dependabot[bot] 335e124c0a
core: bump goauthentik.io/api/v3 from 3.2023022.6 to 3.2023022.8 (#4811)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023022.6 to 3.2023022.8.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023022.6...v3.2023022.8)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 10:54:31 +01:00
dependabot[bot] 1faf3c66c7
core: bump sentry-sdk from 1.15.0 to 1.16.0 (#4809)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.15.0...1.16.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 10:53:22 +01:00
dependabot[bot] 7810063ca0
web: bump @typescript-eslint/eslint-plugin from 5.53.0 to 5.54.0 in /web (#4808)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.53.0 to 5.54.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.54.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 10:53:02 +01:00
Jens L 980320e24b
tests/e2e: use example blueprints for testing (#4805)
* tests/e2e: use blueprints for testing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add identification stage assignment

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add recovery flow tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 22:42:36 +01:00
Jens L 118765ab30
web: fetch custom.css via fetch and add stylesheet (#4804)
* web: fetch custom.css via fetch and add stylesheet

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't hardcode path

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 19:54:19 +01:00
Jens L 5e60db8593
providers/oauth2: fix typo (#4803) 2023-02-27 17:17:48 +01:00
authentik Bot e81a065855
web: bump API Client version (#4801)
Signed-off-by: GitHub <noreply@github.com>
2023-02-27 15:26:11 +01:00
Jens L 39d0893303
flows: change default flow stage binding settings (#4784)
* flows: change default flow stage binding settings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fallback to correct value

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 15:21:26 +01:00
Jens L 99ddbf553c
website: add X-Frame-Options (#4800)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 13:40:33 +01:00
dependabot[bot] 799b509ac6
web: bump @lingui/cli from 3.17.1 to 3.17.2 in /web (#4792)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.17.1 to 3.17.2.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.17.1...v3.17.2)

---
updated-dependencies:
- dependency-name: "@lingui/cli"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:54:28 +01:00
dependabot[bot] bc6b591dfb
web: bump @lingui/macro from 3.17.1 to 3.17.2 in /web (#4797)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.17.1 to 3.17.2.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.17.1...v3.17.2)

---
updated-dependencies:
- dependency-name: "@lingui/macro"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:52:47 +01:00
dependabot[bot] ef6a799533
web: bump @lingui/core from 3.17.1 to 3.17.2 in /web (#4791)
Bumps [@lingui/core](https://github.com/lingui/js-lingui) from 3.17.1 to 3.17.2.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.17.1...v3.17.2)

---
updated-dependencies:
- dependency-name: "@lingui/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:52:03 +01:00
dependabot[bot] 26de143bf8
core: bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#4799)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:44:35 +01:00
dependabot[bot] ad46b3f05c
core: bump coverage from 7.2.0 to 7.2.1 (#4794)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.2.0 to 7.2.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.0...7.2.1)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:44:16 +01:00
dependabot[bot] 0462afe964
web: bump core-js from 3.28.0 to 3.29.0 in /web (#4796)
Bumps [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js) from 3.28.0 to 3.29.0.
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/commits/v3.29.0/packages/core-js)

---
updated-dependencies:
- dependency-name: core-js
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:44:04 +01:00
dependabot[bot] 1100b98596
web: bump @lingui/detect-locale from 3.17.1 to 3.17.2 in /web (#4793)
Bumps [@lingui/detect-locale](https://github.com/lingui/js-lingui) from 3.17.1 to 3.17.2.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.17.1...v3.17.2)

---
updated-dependencies:
- dependency-name: "@lingui/detect-locale"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:43:50 +01:00
dependabot[bot] 89ccdfcf6e
web: bump @trivago/prettier-plugin-sort-imports from 4.1.0 to 4.1.1 in /web (#4790)
web: bump @trivago/prettier-plugin-sort-imports in /web

Bumps [@trivago/prettier-plugin-sort-imports](https://github.com/trivago/prettier-plugin-sort-imports) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/trivago/prettier-plugin-sort-imports/releases)
- [Changelog](https://github.com/trivago/prettier-plugin-sort-imports/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trivago/prettier-plugin-sort-imports/compare/v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: "@trivago/prettier-plugin-sort-imports"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:43:41 +01:00
dependabot[bot] a328d2d68a
web: bump eslint from 8.34.0 to 8.35.0 in /web (#4795)
Bumps [eslint](https://github.com/eslint/eslint) from 8.34.0 to 8.35.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.34.0...v8.35.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:43:30 +01:00
dependabot[bot] d5a94ea687
core: bump goauthentik.io/api/v3 from 3.2023022.5 to 3.2023022.6 (#4798)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023022.5 to 3.2023022.6.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023022.5...v3.2023022.6)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 10:40:05 +01:00
Jens L 596ff529c4
core: bootstrap email (#4788) 2023-02-26 17:02:45 +01:00
Jens L 612d1c76d4
web/admin: fix chart display with no sources (#4782) 2023-02-24 22:54:11 +01:00
dependabot[bot] 886749dcb2
web: bump @braintree/sanitize-url from 6.0.0 to 6.0.2 in /web (#4781)
Bumps [@braintree/sanitize-url](https://github.com/braintree/sanitize-url) from 6.0.0 to 6.0.2.
- [Release notes](https://github.com/braintree/sanitize-url/releases)
- [Changelog](https://github.com/braintree/sanitize-url/blob/main/CHANGELOG.md)
- [Commits](https://github.com/braintree/sanitize-url/compare/v6.0.0...v6.0.2)

---
updated-dependencies:
- dependency-name: "@braintree/sanitize-url"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-24 21:16:26 +01:00
Jens L 26f3275361
sources/ldap: improve error handling for password complexity (#4780)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-24 10:39:43 +00:00
authentik Bot 6441401d94
web: bump API Client version (#4779)
Signed-off-by: GitHub <noreply@github.com>
2023-02-24 11:24:51 +01:00
Jens L b7e4ad7234
web/user: fix source connections not being filtered (#4778)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-24 10:22:02 +00:00
dependabot[bot] 9c82024fd5
core: bump golang.org/x/sync from 0.0.0-20220601150217-0de741cfad7f to 0.1.0 (#4774)
core: bump golang.org/x/sync

Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.0.0-20220601150217-0de741cfad7f to 0.1.0.
- [Release notes](https://github.com/golang/sync/releases)
- [Commits](https://github.com/golang/sync/commits/v0.1.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-24 10:47:05 +01:00
dependabot[bot] 685709decb
core: bump goauthentik.io/api/v3 from 3.2023022.4 to 3.2023022.5 (#4773)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023022.4 to 3.2023022.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023022.4...v3.2023022.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-24 10:46:36 +01:00
dependabot[bot] 6ab2afc8d4
web: bump @trivago/prettier-plugin-sort-imports from 4.0.0 to 4.1.0 in /web (#4771)
web: bump @trivago/prettier-plugin-sort-imports in /web

Bumps [@trivago/prettier-plugin-sort-imports](https://github.com/trivago/prettier-plugin-sort-imports) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/trivago/prettier-plugin-sort-imports/releases)
- [Changelog](https://github.com/trivago/prettier-plugin-sort-imports/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trivago/prettier-plugin-sort-imports/compare/v4.0.0...v4.1.0)

---
updated-dependencies:
- dependency-name: "@trivago/prettier-plugin-sort-imports"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-24 10:45:09 +01:00
dependabot[bot] 23ad132f74
core: bump watchdog from 2.2.1 to 2.3.0 (#4772) 2023-02-24 10:31:40 +01:00
dependabot[bot] 87164f5cdb
core: bump golang.org/x/oauth2 from 0.0.0-20220223155221-ee480838109b to 0.5.0 (#4775) 2023-02-24 10:31:08 +01:00
Jens L d6056755b3
web: give node more memory to build (#4768)
it seems to sometimes fail with an OOM message
2023-02-23 20:45:48 +01:00
Jens Langhammer 36229f4224
blueprints: improve error handling in example flow
closes #4714

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-23 16:57:46 +01:00
Jens L 80f4fccd35
providers/oauth2: OpenID conformance (#4758)
* don't open inspector by default when debug is enabled

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* encode error in fragment when using hybrid grant_type

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* require nonce for all response_types that get an id_token from the authorization endpoint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't set empty family_name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only set at_hash when response has token

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleaner way to get login time

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove authentication requirement from authentication flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use wrapper

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix auth_time not being handled correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* minor cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add test files

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove USER_LOGIN_AUTHENTICATED

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rework prompt=login handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also set last login uid for max_age check to prevent double login when max_age and prompt=login is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-23 15:26:41 +01:00
dependabot[bot] c6a14fa4f1
web: bump @goauthentik/api from 2023.2.2-1677071401 to 2023.2.2-1677073316 in /web (#4761) 2023-02-23 10:36:04 +01:00