Commit graph

223 commits

Author SHA1 Message Date
Starz0r ae77c872a0
root: celery requires additional parameters when tls is enabled (#1148) 2021-07-16 08:51:09 +02:00
Starz0r a5bb583268
root: optional TLS support on redis connections (#1147)
* root: optional TLS support on redis connections

* root: don't use f-strings when not interpolating variables

* root: use f-string in redis protocol prefix interpolation

* root: glaring typo

* formatting

* small formatting change I missed

* root: swap around default redis protocol prefixes
2021-07-15 11:48:52 +02:00
Starz0r 5cfbb0993a
Allow for Configurable Redis Port (#1124)
* root: make redis port configurable

* root: parse redis port from config as an integer

* code formatting

* lifecycle: truncate line under 100 chars

* lifecycle: incorrect indenting on newline
2021-07-12 11:01:41 +02:00
dependabot[bot] d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095)
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: update source for new pylint version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-30 10:37:28 +02:00
Jens Langhammer 2b98637ca5 lib: fix regex_match result being inverted, add tests
closes #1073

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-23 20:06:43 +02:00
Jens Langhammer 19ae6585dc lib: add tests for config loader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 13:12:07 +02:00
Jens Langhammer c6ede78fba core: add support for custom urls for avatars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 12:25:24 +02:00
Jens Langhammer f6026fdb13 root: allow loading local /static files without debug flag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 21:21:35 +02:00
Jens Langhammer de954250e5 root: make general cache timeouts configurable
closes #974

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:18:49 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 19:52:55 +02:00
Jens Langhammer e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 17:22:58 +02:00
Jens Langhammer 7e8044619c lib: return default IP if none could be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 12:49:44 +02:00
Jens Langhammer 73338bdf32 core: add geo_ip to authenticated sessions if enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:01:20 +02:00
Jens Langhammer a4c28a28b4 website/docs: improve docs for expressions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 21:47:35 +02:00
Jens Langhammer 14f85ec980 tenants: migrate context_processor to tenants
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:01:48 +02:00
Jens Langhammer ff611f21cd tenants: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 17:47:25 +02:00
Jens Langhammer 1a0f72d0a8 Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/stages/authenticator_static/api.py
#	swagger.yaml
2021-05-21 21:33:18 +02:00
Jens Langhammer 7c6185b581 api: fix URL names for admin Authenticator Views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:53:40 +02:00
Jens Langhammer 7666c246c3 Merge branch 'version-2021.5' 2021-05-20 20:46:18 +02:00
Jens Langhammer a925418f60 lib: don't send ImproperlyConfigured to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:18:35 +02:00
Jens Langhammer bc6aef7af2 lib: improve sentry integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-18 11:29:36 +02:00
Tom Pansino 8d2a3b67b9
lib: Fix config loading of secrets from files (#887) 2021-05-16 21:10:31 +02:00
Jens Langhammer 968b7ec17a lib: fix parsing of remote IP header when behind multiple reverse proxies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 15:08:53 +02:00
Jens Langhammer 709581f5a8 root: use ghcr images by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:15:29 +02:00
Jens Langhammer f9f2e00913 core: improve error handling for backups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 17:56:49 +02:00
Jens Langhammer a3fccbdaff outposts: add build_hash for docker image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 20:36:18 +02:00
Jens Langhammer c7f0ea8a4b root: update dbbackup to git version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 01:20:31 +02:00
Jens Langhammer 17b65adcc5 lib: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:07:47 +02:00
Jens Langhammer 172bfceb31 root: fix db backup failing when password has special chars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 02:01:22 +02:00
Jens Langhammer c7d4e69669 root: make database port configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:25:15 +02:00
Jens Langhammer d751a7fc4c lib: add user attribute "goauthentik.io/user/override-ips" to allow overriding of client ips
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:42:31 +02:00
Jens Langhammer 1b87375661 lib: add default to config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 17:13:13 +02:00
Jens Langhammer 86c2a5d69d lib: handle errors when reading config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:03:00 +02:00
Jens Langhammer 1a02049104 core: show users and groups when user has overall user permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:02:47 +02:00
Jens Langhammer ba57bf4fa2 lib: add support for file:// protocol in config file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:53:59 +02:00
Jens Langhammer 99d161e212 Merge branch 'master' into outpost-ldap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
2021-05-04 21:02:20 +02:00
Jens Langhammer 42f9ba8efe gproxy: load default config file for debug and listen statements
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:10:34 +02:00
Jens Langhammer 25c001f2cd outposts: allow better configuration of outpost image name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 20:07:53 +02:00
Jens Langhammer 35f0e6b88d lib: don't send 404 errors to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:25:54 +02:00
Jens Langhammer e9e0992dce root: add middleware to properly report websocket connection to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 16:21:44 +02:00
Jens Langhammer cad6c42fdd lib: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:11 +02:00
Jens Langhammer 3983b7fbe4 lib: don't send SuspiciousOperation to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:17:00 +02:00
Jens Langhammer 32d88c3a49 core: consider never consider expiring models with self.expiring set to false expired
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:42:42 +02:00
Jens Langhammer 19e73630ab lib: discard all log messages from dbbackup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:20:20 +02:00
Jens Langhammer 37632bd0c7 lib: don't send DockerException to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:03:10 +02:00
dependabot[bot] 17de0ff24e
build(deps): bump django from 3.1.7 to 3.2 (#707)
* build(deps): bump django from 3.1.7 to 3.2

Bumps [django](https://github.com/django/django) from 3.1.7 to 3.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.7...3.2)

Signed-off-by: dependabot[bot] <support@github.com>

* root: set DEFAULT_AUTO_FIELD and remove full app config paths

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: check parent class for component and serializer on abstract classes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 10:54:38 +02:00
Jens Langhammer eeb9449c11 lib: remove templatetags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:37:32 +02:00
Jens Langhammer 0f76e80341 admin: remove policies views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:15:48 +02:00
Jens Langhammer d3f2f987e0 providers/saml: migrate saml property mappings to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:38:40 +02:00
Jens Langhammer 533a719914 sources/oauth: migrate to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 20:35:00 +01:00
Jens Langhammer e67f235a9f website: add docs for compose configuration options 2021-03-12 16:43:31 +01:00
Jens Langhammer 38d9533afd root: update screenshots 2021-03-02 12:15:32 +01:00
Jens Langhammer 644a03e40e lib: don't order_by on widget because PolicyBindingModel, order in form 2021-03-01 19:23:09 +01:00
Jens Langhammer 37b59bb5b9 lib: sort GroupedModelChoiceField by name
closes #602
2021-03-01 18:30:27 +01:00
Jens Langhammer a81f981471 lib: fix being unable to set authentik. options 2021-03-01 11:11:00 +01:00
Jens Langhammer 890e0e9054 *: remove unused templates and code, move avatar to User model 2021-02-25 19:58:23 +01:00
Jens Langhammer ecff810021 *: replace List from typing with normal list 2021-02-18 13:45:46 +01:00
Jens Langhammer fdde97cbbf *: replace Dict from typing with normal dict 2021-02-18 13:41:03 +01:00
Jens Langhammer 417b5d61a4 root: add initial geoip implementation 2021-02-12 09:52:14 +01:00
Jens Langhammer e555bdd42b lib: fix stacktrace for general expressions 2021-02-08 22:14:13 +01:00
Jens Langhammer 624206281e policies: optimise logging 2021-02-02 16:12:41 +01:00
Jens Langhammer c1563f4cff lib: fix ak_is_group_member checking wrong groups 2021-01-28 22:30:59 +01:00
Jens Langhammer 3d3a0cd9e3 events: create event when system task fails 2021-01-18 10:09:14 +01:00
Jens Langhammer c1fbfc63ab core: use version in qs for static files to ensure latest are loaded 2021-01-16 14:15:42 +01:00
Jens L 82bb179bc2
root: global email settings (#448)
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
dependabot[bot] bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 (#445)
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-01-01 15:39:43 +01:00
Jens L a4dc6d13b5
events: rename audit to events and use for more metrics (#397)
* events: rename audit to events

* policies/expression: log expression exceptions as event

* policies/expression: add ExpressionPolicy Model to event when possible

* lib/expressions: ensure syntax errors are logged too

* lib: fix lint error

* policies: add execution_logging field

* core: add property mapping tests

* policies/expression: add full test

* policies/expression: fix attribute name

* policies: add execution_logging

* web: fix imports

* root: update swagger

* policies: use dataclass instead of dict for types

* events: add support for dataclass as event param

* events: add special keys which are never cleaned

* policies: add tests for process, don't clean full cache

* admin: create event when new version is seen

* events: move utils to separate file

* admin: add tests for admin tasks

* events: add .set_user method to ensure users have correct attributes set

* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
Jens Langhammer e120d274e9 lib: fix sentry tests not running 2020-12-13 20:38:50 +01:00
Jens Langhammer d380194e13 */saml: test against SAML Schema 2020-12-13 19:53:16 +01:00
Jens Langhammer ea6ca23f57 lib: add tests for sentry integration 2020-12-13 18:41:47 +01:00
Jens Langhammer f056b026d6 lib: test edgecase for timedelta_from_string 2020-12-13 18:35:51 +01:00
Jens Langhammer ff15514d5b stages/identification: add show_matched_user to optionally hide user details 2020-12-06 13:12:32 +01:00
Jens L 1cfe1aff13
wip: rename to authentik (#361)
* root: initial rename

* web: rename custom element prefix

* root: rename external functions with pb_ prefix

* root: fix formatting

* root: replace domain with goauthentik.io

* proxy: update path

* root: rename remaining prefixes

* flows: rename file extension

* root: pbadmin -> akadmin

* docs: fix image filenames

* lifecycle: ignore migration files

* ci: copy default config from current source before loading last tagged

* *: new sentry dsn

* tests: fix missing python3.9-dev package

* root: add additional migrations for service accounts created by outposts

* core: mark system-created service accounts with attribute

* policies/expression: fix pb_ replacement not working

* web: fix last linting errors, add lit-analyse

* policies/expressions: fix lint errors

* web: fix sidebar display on screens where not all items fit

* proxy: attempt to fix proxy pipeline

* proxy: use go env GOPATH to get gopath

* lib: fix user_default naming inconsistency

* docs: add upgrade docs

* docs: update screenshots to use authentik

* admin: fix create button on empty-state of outpost

* web: fix modal submit not refreshing SiteShell and Table

* web: fix height of app-card and height of generic icon

* web: fix rendering of subtext

* admin: fix version check error not being caught

* web: fix worker count not being shown

* docs: update screenshots

* root: new icon

* web: fix lint error

* admin: fix linting error

* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00