c340830b37
website/docs: prepare 2023.2.1
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 18:19:02 +01:00
cf36da2e5d
website/docs: prepare 2023.2 release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-12 17:44:53 +01:00
b69e55eae9
core: Add support for auto generating unique avatars based on the user's initials ( #4663 )
2023-02-12 16:35:17 +01:00
af43330fd6
providers/oauth2: rework OAuth2 Provider ( #4652 )
...
* always treat flow as openid flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve issuer URL generation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refactoring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update introspection
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refinement
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more things, update api
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* regen migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start updating tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix implicit flow, auto set exp
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix timeozone not used correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix revoke
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more timezone shenanigans
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix userinfo tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix proxy outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix api tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing at_hash for implicit flows
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-include at_hash in implicit auth flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use folder context for outpost build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 20:19:48 +01:00
a7cf454760
web/admin: add notice for user_login stage session cookie behaviour
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-08 14:18:52 +01:00
7a85038c11
website/docs: prepare 2023.2 release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:52:29 +01:00
3170b2f92c
providers/proxy: add token support for basic auth
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:50:49 +01:00
547c01f481
website/docs: update Caddy docs to include HTTPS proxying ( #4316 )
...
Update Caddy documentation to include HTTPS proxying
Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>
2023-02-03 14:43:13 +01:00
7d4ce41e12
providers/proxy: outpost wide logout implementation ( #4605 )
...
* initial outpost wide logout implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* handle deserialize error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix file cleanup, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 21:18:59 +01:00
cadb710c38
website/docs: add troubleshooting for CSRF
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 11:09:03 +01:00
c2b4d14af5
website/docs: Add note for firefox about FIDO and TouchID ( #4552 )
...
* docs(passwordless): Make sure to include a warning
Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com>
* add notice for firefox touchID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-01-28 22:45:51 +01:00
b99afd82b2
stages/user_write: fix migration setting wrong value, fix form
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 14:38:26 +01:00
446dc0a17b
website/docs: prepare 2023.1.1
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-20 14:25:20 +01:00
3a59b75f4a
website/docs: update ldap provider docs
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-20 11:46:57 +01:00
98485c528e
ci: build beta for amd64 and arm64 ( #4468 )
...
* ci: build for arm64, but independently
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add notice to beta
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 21:41:56 +01:00
59be3c7746
website/docs: add docs for validating phone numbers before SMS enrollment
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 17:57:52 +01:00
97acc77e0a
website/docs: update 2023.1 release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:25:58 +01:00
eb1e0427c1
website/docs: add missing user uid field
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:22:06 +01:00
23c69c456a
providers/proxy: add setting to intercept authorization header ( #4457 )
...
* add setting to intercept authorization header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to intercept_header_auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 18:56:48 +01:00
c73fce4f58
sources/ldap: manual import ( #4456 )
...
* events: fix task UID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ldap sync command
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 12:21:33 +01:00
19ee98b36d
outposts/proxy: allow setting no-redirect via header or query param
...
closes #4455
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 10:56:43 +01:00
07767c9376
website/docs: add disclaimer to beta page that downgrade isn't supported
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-16 10:44:42 +01:00
d31e566873
outposts/proxy: add header to prevent redirects
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:18:25 +01:00
b6b97f4706
website/docs: update 2023.1 release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:32:34 +01:00
cd12e177ea
providers/proxy: add initial header token auth ( #4421 )
...
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* check for openid/profile claims
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include jwks sources in proxy provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add web ui for jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only show sources with JWKS data configured
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix introspection tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start basic
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs, update admonitions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add client_id to api, add tab for auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:22:03 +01:00
d3e2f41561
website/docs: fix typo
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 13:13:41 +01:00
bec538c543
sources/ldap: make task timeout adjustable
...
closes #4375
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-06 12:37:59 +01:00
2604dc14fe
providers/ldap: add code-MFA support for ldap provider ( #4354 )
...
* add code support for ldap provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only try to extract code when auth validator stage is encountered
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use parseint instead
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 18:32:06 +01:00
a960ce9454
stages/user_write: add more user creation options ( #4367 )
...
* add more user creation options
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update blueprints and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 15:46:20 +01:00
e6b5810e03
polices/hibp: remove deprecated ( #4363 )
...
* remove hibp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't save event matcher apps in migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs, update some phrasing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 13:19:26 +01:00
ed3f36e72a
website/docs: update redirect docs
...
closes #4248
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 12:38:38 +01:00
1efc7eecbf
website/docs: add metrics for monitoring and metrics
...
closes #4308
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 20:49:35 +01:00
dc1359a763
providers/saml: initial SLO implementation ( #2346 )
...
* providers/saml: initial SLO implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/saml: add logout request tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/saml: add tests for POST SLO
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* matrix e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* set e2e matrix name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* separate oidc and oauth tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add basic saml slo e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add better metadata download url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* kinda prepare release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* sort releases into folders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add slo urls to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix linking
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 19:45:31 +01:00
c4bb51469b
website/docs: prepare 2022.12.2
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 10:15:15 +01:00
82184b2882
web/flows: fix alternate captchas not loading
...
closes #4321
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-01 18:49:41 +01:00
c8bd0fbb1c
website/docs: prepare 2022.12.1 release
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-29 23:59:05 +01:00
c99798b1f2
website/docs: update release notes, remove duplicate files
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-29 23:28:15 +01:00
0e6400bfea
web/admin: improve user/group UX for adding/removing users to and from groups
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 12:55:38 +01:00
b16d1134ea
core: add endpoints to add/remove users from group atomically
...
closes #4252
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 10:50:30 +01:00
1615723f10
website/docs: update release notes for 2022.12
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 14:10:38 +01:00
f9b46145de
website/docs: Clarify request.user and add link to Django docs ( #4287 )
...
* Clarify request.user and add link to doc
Signed-off-by: sev <git@sev.monster>
* rephrase a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: sev <git@sev.monster>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 14:10:30 +01:00
7046944bf6
website: link CVE and attribute reporter
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:17:17 +01:00
716584bbae
website: update release notes for CVEs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:21:02 +01:00
9f846d94be
security: fix CVE 2022 23555 ( #4274 )
...
* add flow to invitation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* show warning on invitation page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add security advisory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:13:49 +01:00
84fbeb5721
security: fix CVE 2022 46172 ( #4275 )
...
* fallback to current user in user_write, add flag to disable user creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update api and web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add cve post to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:12:58 +01:00
42c278b4f8
root: migrate to hosted sentry with rate-limited DSN
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:18:26 +01:00
c635487210
blueprints: better OCI support in UI ( #4263 )
...
use oci:// prefix to detect oci blueprint, add UI support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 18:49:25 +01:00
28eb7c03fa
website/developer-docs: add templates for announcing fixed security release
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 16:13:21 +01:00
423776c7a2
website/docs: prepare 2022.12 release
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 21:58:57 +01:00
609f95ac97
providers: add preview for mappings ( #4254 )
...
* preview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: show provider page on application page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use oauth2 end session url instead of direct interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dont show provider page on application page for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add UI for preview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* translate and release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* separate saml api files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 12:13:11 +01:00
f4990bb5da
core: bundle geoip ( #4250 )
...
* bundle geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* correctly pass secrets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add geoip docs and release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-20 22:09:30 +01:00
9d5b9204fc
web/admin: rework markdown, correctly render Admonitions, fix links
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 12:48:02 +01:00
3418943949
root: allow custom settings via python module
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-15 10:59:14 +01:00
1dfc0b2e93
website/docs: update flow context variables
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-13 14:37:37 +00:00
0995658ca6
website/docs: add note for possibly blocked SMTP ports
...
closes #4192
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-13 11:13:52 +00:00
49bd028363
website/docs: update release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-03 13:10:16 +02:00
db95dfe38d
security: fix CVE 2022 46145 ( #4140 )
...
* add flow authentication requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add website for cve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: handle FlowNonApplicableException without policy result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 16:14:25 +01:00
4e04461820
website/docs: Change Kubernetes ingress apiVersion out of beta ( #4099 )
...
* Change Kubernetes ingress apiVersion out of beta
* fix lint
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 16:42:59 +01:00
147ebf1a5e
root: rework and expand security policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 12:10:53 +01:00
501d63b3aa
website/docs: add notice for unique Base DN ( #4073 )
...
* providers/ldap: updates documentation related to issue #4038
Signed-off-by: John Arrandale <bootsie227@gmail.com>
* providers/ldap: adheres to the CI prettier-check
Signed-off-by: John Arrandale <bootsie227@gmail.com>
2022-11-24 20:52:13 +01:00
ab0f8d027d
website/docs: add 2022.11.1 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 21:17:05 +01:00
1efc0c1242
website/docs: update changelog
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-21 19:37:28 +01:00
276af8457d
root: make sentry DSN configurable ( #4016 )
...
* make sentry DSN configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make proxy smarter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix typo in config struct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 16:05:29 +01:00
55aa1897af
root: use single redis db ( #4009 )
...
* use single redis db
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure __str__ always returns string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix remaining old prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 14:31:29 +01:00
88594075b2
policies/password: merge hibp add zxcvbn ( #4001 )
...
* initial zxcvbn
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api and port tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api diff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-14 14:42:43 +01:00
ffe6f65af5
outposts/kubernetes: ingress class ( #4002 )
...
* add support for ingressClassName
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add option to disable ssl verification for k8s controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-14 14:24:11 +01:00
d2bbcc0e1e
website/docs: Fix small error in Invitation stage docs ( #3997 )
...
The `.get` is there to ensure the policy won't throw an error if the key is not there (which can happen if the policy is executed before an Invitation stage).
Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
2022-11-14 09:54:25 +01:00
4095c422df
core: bump python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye ( #3864 )
...
* core: bump python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye
Bumps python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye.
---
updated-dependencies:
- dependency-name: python
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* bump project
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump ci to 3.11
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-13 14:20:55 +01:00
ac2e85c003
website/docs: fix 404s on ldap provider docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-06 00:01:38 +01:00
c157030905
website/docs: remove old banner, fix nginx formatting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-01 17:12:16 +01:00
77a67dcbc1
website/docs: prepare 2022.10.1
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-28 23:08:55 +02:00
8d7ce49101
website/docs: add docs for using email templates with helm chart
...
closes #3891
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-28 23:06:10 +02:00
7004cb1c91
website/docs: add notice for TOTP issuer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-22 17:11:20 +02:00
fa08e2c7bf
website/docs: update 2022.10 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-21 18:24:25 +02:00
cfad472e1b
flows: optimise queries ( #3818 )
...
* flows: optimise flow queries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* index source on slug and name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* binding index
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add policy parent index
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup old migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release note to upgrade
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 22:53:07 +02:00
6882445937
*: handle PermissionError when saving files, ensure permission bits are set correctly
...
closes #3817
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 20:24:28 +02:00
c22dae868c
website/docs: update 2022.10 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 10:44:28 +02:00
895658e7a3
website/integrations: add Organizr integration ( #3802 )
...
* Add new integration application category for Dashboard and initialize organizr service template
* added images and additional info for organizr integration
* alphabetized application integration categories
* alphabetized integration federation and social login categories
* forgot to make website-lint-fix :/
* revert mention of organizr in generic setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 10:28:48 +02:00
bb43c49b1e
website/docs: fix passwordless docs, cross-link both
...
closes #3803
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 21:38:01 +02:00
10cfccd999
website/docs: add General Setup instructions for LDAP Provider ( #3680 )
...
* Added General Setup instructions for LDAP Provider
* Added General Setup instructions for LDAP Provider and updated relative links
* updated LDAP Outpost note verbiage
* Corrected the case for LDAP and renamed to Generic Setup
* removed ldapsearch example from index page
* updated verbiage around multifactor authentication
* removed note about local LDAP provider
* updated sidebar to reflect generic_setup
* updated logging info
* corrected typo
* updated stage creation instructions and screenshot
* corrected another typo
* corrected another typo
* reword some things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 14:57:57 +00:00
77f6926a41
website/docs: prepare 2022.10 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 17:23:23 +02:00
79e8b72569
flows: always show flow inspector in debug mode, don't require admin in debug ( #3786 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 15:44:59 +02:00
2980c5884f
root: Add setting to adjust database config for pgbouncer ( #3769 )
...
* Add setting to adjust database config for pgbouncer
* docker-compose.yml cleanup
Delete pgbouncer setting as false is the default value
* Cleanup docker-compose.yml
Also remove use_pgbouncer option in server section
2022-10-14 11:53:24 +02:00
217e145d23
stages/authenticator_sms: make sms stage payload customisable ( #3780 )
...
* make sms stage payload customisable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update phrasing for webhook mapping
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 11:53:01 +02:00
8ed2f7fe9e
providers/oauth2: add device flow ( #3334 )
...
* start device flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix inconsistent app filtering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tenant device code flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add throttling to device code view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* somewhat unrelated changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add initial device code entry flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add finish stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* it works
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add support for verification_uri_complete
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add some tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-11 12:42:10 +02:00
cca0f60bda
root: decrease default token size to 60 chars for compatibility ( #3710 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2614
2022-09-30 23:12:51 +02:00
32c80467b6
website/docs: update log level warning phrasing
2022-09-29 09:52:48 +00:00
74c5a5b4c1
website/docs: add warning to trace log level
2022-09-29 09:27:35 +00:00
6135990762
website/docs: Fix letsencrypt folder ( #3643 )
...
When the docs were changed to the docker-compose.override.yaml version, the change wasnt 100% completed, by still including the "..authentik" folder part in the volumes.
Addtionally, it doesnt work to only mount the /live letsencrypt folder in the worker, as it will be a symlink that the worker wont have access to (as its outside the container context).
So this reverts the change to the previous version where the complete /etc/letsencrypt folder gets mounted in /certs
Signed-off-by: Philipp Rintz <13933258+p-rintz@users.noreply.github.com>
Signed-off-by: Philipp Rintz <13933258+p-rintz@users.noreply.github.com>
2022-09-26 16:32:14 +02:00
bba21d2b85
website/docs: Fix typo ( #3641 )
...
Signed-off-by: Riccardo Di Maio <35903974+rdimaio@users.noreply.github.com>
Signed-off-by: Riccardo Di Maio <35903974+rdimaio@users.noreply.github.com>
2022-09-25 11:44:41 +02:00
f8502edd2b
website: update 2022.9 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-22 10:46:29 +02:00
b16a3d5697
internal: use config system for workers/threads, document the settings ( #3626 )
...
use config system for workers/threads, document the settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-21 09:59:03 +02:00
daa0417c38
website: fix broken link
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-18 17:57:19 +02:00
067166d420
website: update 2022.9 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-17 14:28:04 +02:00
be64296494
stages/authenticator_duo: improved import ( #3601 )
...
* prepare for duo admin integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make duo import params required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add UI to import devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* rework form, automatic import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* limit amount of concurrent tasks on worker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* load tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix API codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tests and such
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* sigh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make stage better
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* basic stage test
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-17 12:10:47 +02:00
3e0778fe31
website: add API diff to 2022.9 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-16 10:20:26 +02:00
9f5c019daa
core: add helper function to create events from expressions, move ak_user_has_authenticator to base evaluator
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-14 21:52:41 +02:00
34928572db
website/docs: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-11 23:11:41 +02:00
c1ad1e5c8b
website: prepare 2022.9 release
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-11 23:02:06 +02:00
7a50d5a4f8
website: add note for using request.user in policies when bound to flows
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-10 14:08:37 +02:00
03a3f1bd6f
crypto: add command to import certificates
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3544
2022-09-06 19:39:10 +02:00
d0a69557d4
website/docs: explain LISTEN envs better ( #3532 )
...
From a recent adventure discovered that this env's define `address:port` not just `port`.
If you define only `port` it will error out with `"error":"listen tcp: address 9000: missing port in address"`
Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
2022-09-05 20:37:11 +02:00
19c36d20b5
website/docs: improve nginx examples ( #3372 )
...
* website/docs: improve nginx examples
Signed-off-by: itsmesid <693151+arevindh@users.noreply.github.com>
* website/docs: improve nginx examples
Signed-off-by: itsmesid <693151+arevindh@users.noreply.github.com>
2022-08-30 21:19:25 +02:00
58e3ca28be
website: fix formatting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-29 19:49:43 +02:00
c6bb41890e
website/docs: add port_in_redirect in nginx config to prevent invalid port in redirect ( #3397 )
...
* Proposal and fix for issue #3359
By adding `port_in_redirect off` in the configuration for the NginxProxyManager (NPM), will avoid a redirect to port 4443.
Credit to @adtwomey for the suggestions.
https://github.com/goauthentik/authentik/issues/3359
Signed-off-by: Zolo <39656359+zolodev@users.noreply.github.com>
* Adding a comment
Signed-off-by: Zolo <39656359+zolodev@users.noreply.github.com>
Signed-off-by: Zolo <39656359+zolodev@users.noreply.github.com>
2022-08-29 17:57:18 +02:00
a4556b3692
website/docs: Added mention of how to force 2fa ( #3497 )
...
* Added mention of how to force 2fa
Added mention of how to force 2fa and fixed some punctuation's.
Signed-off-by: Joeri Colman <colmanjoeri@msn.com>
* Update website/docs/flow/examples/flows.md
Co-authored-by: Jens L. <jens@beryju.org>
Signed-off-by: Joeri Colman <colmanjoeri@msn.com>
Signed-off-by: Joeri Colman <colmanjoeri@msn.com>
Co-authored-by: Jens L. <jens@beryju.org>
2022-08-29 14:14:10 +02:00
d0b52812d5
website/docs: add mention of custom JWT Claims ( #3495 )
...
Signed-off-by: Adam Engebretson <adam@enge.me>
2022-08-29 13:11:18 +02:00
b624bf1cb7
website/docs: prepare 2022.8.2
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-19 11:19:23 +01:00
bda218f7fc
website/docs: add note for which outpost configs apply for which outposts ( #3443 )
...
add note for which outpost configs apply for which outposts
closes #3427
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 14:29:53 +02:00
71d6304407
website: update 2022.8 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 13:47:48 +02:00
1c569c79f3
website: add more blueprint docs, 2022.8 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 19:27:31 +02:00
2ce8e18bab
internal: centralise config for listeners to use same config system everywhere ( #3367 )
...
* centralise config for listeners to use same config system everywhere
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3360
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-03 21:33:27 +02:00
89c84f10d0
blueprints: v1 ( #1573 )
...
* managed: move flowexporter to managed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: implement SerializerModel in all models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* managed: add initial api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* managed: start blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* managed: spec
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* version blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* yep
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove v2, improve v1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start custom tag, more rebrand
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* move blueprints out of website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* try new things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add !lookup, fix web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update and cleanup default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tags in lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't save field if its set to default value
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more flow cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* format web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing serializer for sms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ignore _set fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove custom file extension
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate default flow to tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* include blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-31 17:11:44 +02:00
882250a85e
flows: migrate flows to be yaml ( #3335 )
...
* flows: migrate flows to be yaml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate flows to yaml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 23:55:58 +02:00
d4b8dd7fcc
ci: comment on PR with instructions on how to use branch ( #3333 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 21:22:27 +02:00
b41acebf5b
providers/proxy: add caddy endpoint ( #3330 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 10:58:53 +02:00
b82a142745
stages/authenticator_sms: use twilio SDK, improve docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3237
2022-07-28 22:17:59 +02:00
de26c65fa0
core: add attributes. avatar method to allow custom uploaded avatars
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2631
2022-07-26 21:42:41 +02:00
ad07984158
website/docs: prepare 2022.7.3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-19 21:40:56 +02:00
0448dcf655
website/docs: prepare 2022.7.2
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-06 19:17:15 +02:00
d497db3010
flows: fix OOB flow incorrectly setting pending user
...
closes #3224
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-06 09:51:20 +02:00
49cce6a968
stages/prompt: add basic file field ( #3156 )
...
add basic file field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-05 23:09:41 +02:00
4cd629b5fc
core: handle FlowNonApplicableException correctly in source flow_manager
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-03 22:03:03 +02:00
6020736430
website/docs: update 2022.7
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-03 21:39:59 +02:00
3ab475d916
website/docs: add snippet to skip authenticated flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 18:41:16 +02:00
17d33f4b19
flows: denied action ( #3194 )
2022-07-02 17:37:57 +02:00
a9636b5727
website/docs: fix configuration item headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 13:01:40 +02:00
5e3f44dd87
flows: add shortcut to redirect current flow ( #3192 )
2022-07-01 23:19:41 +02:00
1c64616ebd
sources/ldap: add configuration for LDAP Source ciphers
...
closes #3110
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:53:49 +02:00
23273f53cc
providers/oauth2: if no scopes are sent in authorize request, select all configured scopes
...
closes #3112
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:45:26 +02:00
f6042f29f6
website/docs: add notice to use in-cluster service for nginx forward auth
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-30 21:33:47 +02:00
a6d3fd92df
web/elements: fix ak-wizard-page-form not setting valid
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-30 12:37:10 +02:00
db07f564aa
website/docs: expand nginx reverse-proxy setup ( #3079 )
...
* website/docs: expand nginx reverse-proxy setup
* website/docs: simplify reverse-proxy config
Combine location blocks and remove documentstion links, they were not doing much.
2022-06-29 15:02:59 +00:00
ef218ff1ff
website/docs: update 2022.7 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-27 21:12:36 +02:00
6a4efaecb0
website/docs: start troubleshooting page for forward auth
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-21 22:26:17 +02:00
b6267fdf28
*: add versioned user agent to sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 11:54:10 +02:00
c6f29d9eb4
website/docs: add 2022.6.3 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:41:22 +02:00
0d96e68c1e
core: add limit of 20 to group recursion
...
closes #3116
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:24:57 +02:00
36a326cd81
website/docs: add version dropdown for subdomains
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 21:43:44 +02:00
e17f7020e6
webiste/docs: use autogenerated pages and categories ( #3102 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 20:56:27 +02:00
1c62a3db6e
core: user paths ( #3085 )
...
* init
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add user_path_template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add to sources and flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add outposts & api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dark theme for treeview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add search
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs and tests for validation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add to user write stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 12:12:26 +02:00
8dbb0bd2c6
providers/oauth2: token revoke ( #3077 )
2022-06-11 18:49:16 +02:00
3b182ca223
website/docs: add 2022.6.2 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-07 20:37:34 +02:00
4c39e08dd4
website/docs: fix incorrect oauth end-session URL
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-06 12:48:06 +02:00
0c591a50e3
*: don't dispatch tasks on startup of server ( #3033 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 18:29:24 +02:00
7ee655a318
core: add bootstrap variables with authentik prefix for helm charts ( #3031 )
...
https://github.com/goauthentik/helm/pull/72
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 15:22:56 +02:00
8447e9b9c2
providers/proxy: envoy v2 ( #3029 )
...
* add path prefix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use prefix correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only set redirect if session doesn't have a redirect yet
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 10:32:52 +02:00
f9a419107a
outposts/proxyv2: add basic envoy support ( #3026 )
...
* outposts/proxyv2: add basic envoy support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't crash when backend is not available
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add envoy tests and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 00:06:09 +02:00
8f0572d11e
outposts/ldap: add correct group objectClass ( #3023 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2861
2022-06-02 18:48:07 +02:00
fa81adf254
website/docs: Add warning for timezone mounts ( #3022 )
...
Improve documentation: #3005
2022-06-02 14:02:01 +02:00
c0cb891078
stages/authenticator_sms: verify-only ( #3011 )
2022-06-01 23:16:28 +02:00
34bcc2df1a
root: disable session_save_every_request as it overwrites the session with old data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2991
2022-05-31 20:46:27 +02:00
59e13e8026
website/docs: update docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 21:26:29 +02:00
acf1ded1d4
website/docs: prepare 2022.5.3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:07 +02:00
4d17111233
website/docs: Fix misconfiguration causing POST requests behing Nginx to timeout ( #2967 )
...
* Update _nginx_proxy_manager.md
* Update _nginx_standalone.md
2022-05-26 11:52:57 +02:00
ada53362d5
website/docs: fix formatting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:38:02 +02:00
a6398f46da
website/docs: prepare 2022.5.3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:34:51 +02:00
b4e75218f5
sources/oauth: OIDC well-known and JWKS ( #2936 )
...
* add initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* include source and jwk key id in event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests for source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix web formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add provider tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 21:02:50 +02:00
2ca991ba3d
website/docs: fix grammar ( #2943 )
2022-05-24 13:56:19 +02:00
6460245d5e
website/docs: add missing docs for #2828
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:42:00 +02:00
c99e6d8f2c
website: fix typo in title
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 19:10:16 +02:00
0642af0b78
website/docs: add 2022.5.2 changelog
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 17:16:43 +02:00
6f56a61a64
website/docs: add docs for advanced SSH config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2916
2022-05-21 13:06:54 +02:00
90298a2b6c
website/docs: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 00:15:40 +02:00
84e74bc21e
website/docs: final 2022.5 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 19:34:43 +02:00
7bdecd2ee6
stages/user_write: dynamic groups ( #2901 )
...
* stages/user_write: add dynamic groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* simplify functions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:28:16 +02:00
11f7935155
providers/oauth2: use regex to check redirect URI
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2799
2022-05-18 21:22:27 +02:00
75b0fb3393
sources/oauth: migrate twitter to oauth2 ( #2893 )
2022-05-18 00:03:02 +02:00
35402ada17
website/docs: fix missing new name attribute for invitations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-16 20:40:24 +02:00
333e58ce2f
flows/layouts ( #2867 )
2022-05-16 01:10:23 +02:00
296779ddf1
providers/ldap: remove technical preview disclaimer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-15 17:33:03 +02:00
2e174a1be5
website/docs: update 2022.5 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:48:28 +02:00
fd1d38f844
stages/authenticator_validate: remember ( #2828 )
...
* initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: cleanup timedelta help
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tooltip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* assert response code in self.assertStageResponse
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests, add duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 21:05:22 +02:00
f9469e3f99
website: format docs with prettier ( #2833 )
...
* run prettier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add scim to comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-09 21:22:41 +02:00
4b0324220a
website/docs: prepare 2022.5 release notes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 17:32:21 +02:00
ab2299ba1e
outposts/ldap: cached bind ( #2824 )
...
* initial cached ldap bind support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* clean up api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use gh action for golangci-lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 16:48:53 +02:00
75320bf579
website/docs: add missing breaking change in prompt stages
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 21:19:51 +02:00
778065f468
core: add flag to globally disable impersonation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 16:52:55 +02:00
6e5ac4bffc
website/docs: add missing redis port to configuration page ( #2731 )
...
Added the `AUTHENTIK_REDIS__PORT` to the documentation.
2022-04-17 16:40:00 +02:00
957bb1c5ef
core: make generated token length configurable
...
closes #2574
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:57:16 +02:00
677d46d7fd
website/docs: prepare 2022.4
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:54:16 +02:00
21f92b4a65
website/docs: add docs for customisation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-06 00:06:28 +02:00
633296503d
core: add grouping to applications ( #2648 )
...
* core: add grouping to applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add new field to tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 23:08:58 +02:00
508cec2fd5
web: migrate dropdowns to wizards ( #2633 )
...
* web/admin: add basic wizards for providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add dark mode for wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: migrate policies to wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* Revert "web/admin: migrate policies to wizard"
This reverts commit d8b7f62d3e
2022-04-02 19:48:17 +02:00
4be238018b
providers/oauth2: pass scope and other parameters to access policy request context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2641
2022-04-01 21:39:05 +02:00
8689444954
providers/oauth2: add password grant support (treated as client_credentials)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 18:02:17 +02:00
bb8af2f19b
providers/oauth2: add client_assertion_type jwt bearer support ( #2618 )
2022-03-31 00:30:55 +02:00
ac03f5a97d
website/docs: prepare 2022.4
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-30 23:43:36 +02:00
0c53650216
website/docs: terminology clear unneeded sentence. ( #2577 )
...
certificates: minor improvements
2022-03-23 17:38:36 +01:00
8e028c2feb
website/docs: added missing client_id in client_credential grant type ( #2576 )
2022-03-23 15:07:09 +01:00
9ad4c736f1
stages/email: allow overriding of destination email in plan context
...
closes #2445
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 21:19:34 +01:00
73fe866cb6
website/docs: prepare 2022.3.3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-21 22:37:01 +01:00
0f56d00959
website/docs: added example for custom user attributes ( #2406 )
...
* added example for custom user attributes
* simplified example
Co-authored-by: croudsarabi <constantin.roudsarabi@andrena.de>
2022-03-15 18:12:02 +01:00
37df054f4c
website/docs: prepare 2022.3.2
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 23:59:38 +01:00
47601a767b
website/docs: fix invalid queries in docs
...
closes #2482
2022-03-14 12:38:22 +00:00
c1e4d78672
root: deprecate :stable tag
...
#2439
we haven't released an -rc release in a while and I don't really see a need for them anymore, so lets simplify the release process
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 23:48:32 +01:00
0ab427b5bb
website/docs: prepare 2022.3 release
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 23:42:25 +01:00
a9f095d1d9
website/docs: add docs for different flow executors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 23:36:09 +01:00
920d1f1b0e
providers/oauth2: initial client_credentials grant support ( #2437 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-05 23:24:55 +01:00
4f4f954693
core: customisable user settings ( #2397 )
...
* tenants: add user_settings flow, add basic flow and basic new executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: use flow PromptStage instead of custom stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: add tenant to StageHost interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: fix form missing component
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: re-add success message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: improve support for multiple error messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/prompt: allow expressions in prompt placeholders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/prompt: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: always set pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: never cache stage configuration flow plans
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/user_write: fix error when pending user is anonymous user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add checkbox for prompt placeholder expression
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add prompt expression docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/prompt: add ak-locale field type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tenants: fix default policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add function to do global refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix rendering of ak-locale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tenants: fix default policy, add error handling to placeholder, fix locale attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 00:13:06 +01:00
Jens Langhammer
sdimovv
Jens L
Melvin Snijders
Skyler Mäntysaari
sev
Alex Wigen
John Arrandale
dependabot[bot]
Rob
Philipp Kolberg
Philipp Rintz
Riccardo Di Maio
Stavros Kois
itsmesid
Zolo
Joeri Colman
Adam Engebretson
Andre Mainka
TheMythologist
Johannes Klein
Chris Britt
Bhautik
CRoudsarabi