Jens Langhammer
731f5d0199
release: 2021.10.1-rc2
2021-10-21 16:38:30 +02:00
dependabot[bot]
6fc54ed7c6
build(deps): bump postcss from 8.3.9 to 8.3.10 in /website ( #1652 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-21 10:29:48 +02:00
Jens Langhammer
2df4322ecf
sources/oauth: add choices to oauth provider_type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 00:11:19 +02:00
Jens Langhammer
5da7d9a573
release: 2021.10.1-rc1
2021-10-19 15:34:59 +02:00
Jens Langhammer
f62786e58b
policies: add additional filters to create flow charts on frontend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-15 18:21:44 +02:00
Jens Langhammer
9bc9568008
stages/authenticator_sms: make fields non-nullable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 11:42:11 +02:00
Skyler Mäntysaari
634375c43f
stages/authenticator_sms: add generic provider ( #1595 )
...
* stages/sms: New SMS provider, aka wrapper for outside API
* web/pages/authenicator_sms: Conditionally show options based on provider.
* stages/authenicator_sms: Fixing up the model.
* Whoops
* stages/authenicator_sms: Adding supported auth types for Generic provider.
* web/pages/stages/authenicator_sms: Added auth type for generic provider
* web/pages/stages/authenicator_sms: Fixing up my generic provider options.
* stages/authenicator/sms: Working version of generic provider.
* stages/authenicator/sms: Cleanup and creating an event on error.
* web/ages/stages/authenicator_sms: Made a default for Auth Type and cleaned up the non-needed name attribute.
* stages/authenicator_validate: Fixing up the migration as it had no SMS.
* stages/authenicator_sms: Removd non-needed migration and better error code handling.
* stages/authenicator_sms: Removd non-needed migration and better error code handling.
* web/pages/stages/authenicator_sms: Provider default is not empty anymore.
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 10:24:15 +02:00
Jens L
aef9d27706
stages/authenticator_sms: Add SMS Authenticator Stage ( #1577 )
...
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
Jens Langhammer
b80ecd4668
stages/prompt: fix wrong field type of field_key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-10 18:54:56 +02:00
Jens Langhammer
d959b7a930
Merge branch 'version-2021.9'
2021-10-10 14:35:40 +02:00
Jens Langhammer
619203c177
release: 2021.9.8
2021-10-10 13:12:26 +02:00
Jens Langhammer
dff0613b3d
crypto: add managed field, prepare managed JWT cert
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 19:14:39 +02:00
Jens Langhammer
09696207a6
web/user: remove debug
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 16:03:14 +02:00
Jens Langhammer
b33ea9cc61
core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 15:35:18 +02:00
Jens Langhammer
57e5acaf2f
stages/prompt: add sub_text field to add HTML below prompt fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 18:34:37 +02:00
Jens Langhammer
8c27616d0c
Merge branch 'version-2021.9'
2021-10-06 21:04:16 +02:00
Jens Langhammer
e444d0d640
release: 2021.9.7
2021-10-06 20:57:56 +02:00
Jens Langhammer
d75c63d38b
Merge branch 'version-2021.9'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# web/src/locales/fr_FR.po
2021-10-06 00:04:09 +02:00
Jens Langhammer
2b730dec54
release: 2021.9.6
2021-10-05 22:22:54 +02:00
Jens Langhammer
79eec5a3a0
core: include group uuids in self serializer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:49:14 +02:00
Jens Langhammer
c1f302fb7c
core: only return group names for user_self
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:48:53 +02:00
Jens Langhammer
d1a1bfbbc5
web/user: don't show managed tokens in user interface
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:47:49 +02:00
Jens Langhammer
9e7e22367b
core: include group uuids in self serializer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:10:44 +02:00
Jens Langhammer
f5761dc70d
core: only return group names for user_self
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 12:31:25 +02:00
Jens Langhammer
847cfed73f
web/user: don't show managed tokens in user interface
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:11:34 +02:00
Jens Langhammer
1c340ddbbd
Merge branch 'version-2021.9'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# web/package-lock.json
# web/package.json
2021-10-04 22:02:56 +02:00
Jens Langhammer
bcf7e162a4
release: 2021.9.5
2021-10-04 20:08:46 +02:00
Jens Langhammer
cb37e5c10e
stages/email: add activate_user_on_success flag, add for all example flows
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# web/src/locales/fr_FR.po
2021-10-04 18:50:19 +02:00
Jens Langhammer
0692663537
stages/email: add activate_user_on_success flag, add for all example flows
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:47:51 +02:00
Jens Langhammer
faca127217
Merge branch 'version-2021.9'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Pipfile.lock
2021-10-01 12:19:11 +02:00
Jens Langhammer
1a6ea72c09
release: 2021.9.4
2021-10-01 09:51:51 +02:00
Jens L
f9ad102915
flows: inspector ( #1469 )
...
* flows: add initial inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: change naming a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flow: add inspector frame
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: don't use shadydom when inspecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add current stage to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/*: fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: deep-copy plan instead of just adding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: restrict inspector to admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add buttons to launch flow with inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: don't automatically follow redirects when inspector is open
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: make current_plan optional, only require historry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: handle error messages in inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: improve UI when flow is done
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add is_completed flag to inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: fix monkeypatches for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add inspector tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: re-enable cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:36:48 +02:00
Jens Langhammer
941bc61b31
release: 2021.9.3
2021-09-27 17:31:50 +02:00
Jens Langhammer
4f3583cd7e
providers/proxy: make token_validity float and optional for backwards compat
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 15:54:32 +02:00
Jens Langhammer
f7408626a8
providers/proxy: return token_validity as total seconds instead of expression
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 15:44:16 +02:00
Jens Langhammer
28eeb4798e
providers/proxy: add token_validity field for outpost configuration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1462
2021-09-25 15:00:06 +02:00
Jens Langhammer
d0bfb99859
web/elements: improve error handling on forms
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 12:19:56 +02:00
Jens Langhammer
eddca478dc
release: 2021.9.2
2021-09-23 12:34:02 +02:00
Jens Langhammer
2fe6de0505
release: 2021.9.1
2021-09-22 19:11:20 +02:00
Jens Langhammer
8f7d21b692
stages/email: don't throw 404 when token can't be found
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:01:25 +02:00
Jens Langhammer
ac52667327
release: 2021.9.1-rc3
2021-09-19 21:52:49 +02:00
Jens Langhammer
06af306e8a
sources/ldap: bump timeout, run each sync component in its own task
...
closes #1411
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 12:42:20 +02:00
Jens Langhammer
28189bdddf
release: 2021.9.1-rc2
2021-09-16 23:23:36 +02:00
Jens Langhammer
bdd5e16db1
release: 2021.9.1-rc1
2021-09-15 20:20:54 +02:00
Jens Langhammer
ef341dd405
stages/user_write: add option to add newly created users to a group
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 21:45:34 +02:00
Jens Langhammer
71e68b498e
core: optimise groups api by removing member superuser status
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 18:06:37 +02:00
Jens Langhammer
9a7fa39de4
events: allow setting a mapping for webhook transport to customise request payloads
...
closes #1383
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-12 01:05:42 +02:00
Jens Langhammer
bf771f8b6c
release: 2021.8.5
2021-09-11 19:20:13 +02:00
Jens Langhammer
df4c8003b8
api: fix items of list fields having nullable set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 18:15:59 +02:00
Jens Langhammer
7dfbcdbb81
stages/authenticator_duo: add API to "import" devices from duo
...
closes #1371
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 11:35:09 +02:00
Jens L
3c1b70c355
outposts/proxyv2 ( #1365 )
...
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
Jens Langhammer
2db8b07578
events: add mark_all_seen
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 22:08:12 +02:00
Jens Langhammer
d92d8e6dbb
api: add additional filters for ldap and proxy providers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:43:09 +02:00
Jens Langhammer
c2b9dc5c75
api: cache schema, fix server urls
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:23:14 +02:00
Jens Langhammer
276d8fe5cf
release: 2021.8.4
2021-09-02 20:21:21 +02:00
Jens Langhammer
f0db408699
api: add v3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 17:40:02 +02:00
Jens Langhammer
cc5cc43baa
api: fix sentry endpoint not working due to mime-media
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 16:56:53 +02:00
Jens Langhammer
17cb76c334
stages/invitation: fix invitation not inheriting ExpiringModel
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 14:25:19 +02:00
Jens Langhammer
523b96a6d2
api: add basic rate limiting for sentry endpoint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 19:33:18 +02:00
Jens Langhammer
160139813d
release: 2021.8.3
2021-08-28 16:58:44 +02:00
Jens Langhammer
c4f72c2bc1
release: 2021.8.2
2021-08-26 17:58:20 +02:00
Jens Langhammer
897f6f3473
release: 2021.8.1
2021-08-26 16:03:45 +02:00
Jens Langhammer
2ae164df78
*: cleanup api schema warnings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-26 09:36:41 +02:00
Jens Langhammer
0ccec96490
core: make user optional in token creation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:21:51 +02:00
Jens Langhammer
d79975c409
core: fix user object for token not be setable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 20:43:34 +02:00
Jens Langhammer
4d27694706
release: 2021.8.1-rc2
2021-08-24 21:29:29 +02:00
Jens Langhammer
d7ad5f6a16
core: add API to create service account with token for app password
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 20:09:22 +02:00
Jens Langhammer
b0efab6d6d
admin: add env to API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 10:55:46 +02:00
Jens Langhammer
07a4f474f4
website/docs: add docs for `auth_method` and `auth_method_args` fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:23:55 +02:00
Jens Langhammer
9a6a3e66b8
root: update schema
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:14:33 +02:00
Jens Langhammer
aad753de68
ci: fix extraction of generated client
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:57:56 +02:00
Jens Langhammer
a79a150a1f
root: test schema auto-update
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:55:26 +02:00
Jens Langhammer
7639cdad0a
release: 2021.8.1-rc1
2021-08-22 20:17:35 +02:00
Jens Langhammer
3e909ae6bb
core: allow filtering users by the groups they are in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:27:48 +02:00
Jens Langhammer
b4f738492d
sources/oauth: improve UI with prefilled urls (when customizable) and hiding provider type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 15:52:41 +02:00
Jens Langhammer
6433b5982e
api: add cache timeouts to config API for outposts
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 14:14:18 +02:00
Jens Langhammer
84c4547005
sources/plex: add API for user connections
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-17 13:02:40 +02:00
Jens Langhammer
2592fc3826
sources/ldap: allow for anonymous binds, fix sync_users_password not working correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 19:09:29 +02:00
Jens Langhammer
ec95a2bddc
core: allow changing of groups a user is in from user api
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 19:31:30 +02:00
Jens Langhammer
de9d483b9f
admin: add API to show embedded outpost status, add notice when its not configured properly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 19:16:11 +02:00
Jens Langhammer
557724768a
core: add API to directly send recovery link to user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 13:54:59 +02:00
Jens Langhammer
ccfc1dbcc2
*: make all PropertyMappings filterable by multiple managed attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:06:44 +02:00
Jens Langhammer
9c9addb0ce
*: ensure all resources can be filtered
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 16:34:14 +02:00
Jens Langhammer
18211a2033
release: 2021.7.3
2021-08-05 19:23:03 +02:00
Jens Langhammer
1b91543add
core: add UserSelfSerializer and separate method for users to update themselves with limited fields
...
rework user settings page to better use form
closes #1227
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# authentik/core/api/users.py
# web/src/elements/forms/ModelForm.ts
# web/src/pages/user-settings/UserDetailsPage.ts
# web/src/pages/user-settings/UserSettingsPage.ts
2021-08-05 17:47:45 +02:00
Jens Langhammer
add7a80fdc
release: 2021.7.2
2021-08-01 19:11:50 +02:00
Jens Langhammer
e6b515e3f7
release: 2021.7.1
2021-07-27 10:35:45 +02:00
Jens Langhammer
3c9cc9d421
Merge branch 'version-2021.7'
2021-07-24 20:07:42 +02:00
Jens Langhammer
1972464a20
tenants: make event retention configurable on tenant level
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-24 20:07:12 +02:00
Jens Langhammer
3041a30193
release: 2021.7.1-rc2
2021-07-24 18:32:05 +02:00
Jens Langhammer
8ae7403abc
core: add group filter by member username and pk
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 19:35:41 +02:00
Jens Langhammer
8cd1223081
core: add email filter for user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 20:10:42 +02:00
Jens Langhammer
0a3fade1fd
providers/proxy: remove deprecated field
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 16:20:26 +02:00
Jens Langhammer
39ad9d7c9d
release: 2021.7.1-rc1
2021-07-21 10:44:40 +02:00
Jens Langhammer
b3159a74e5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
# internal/outpost/ak/api.go
# internal/outpost/ak/api_uag.go
# internal/outpost/ak/global.go
# internal/outpost/ldap/api_tls.go
# internal/outpost/ldap/instance_bind.go
# internal/outpost/ldap/utils.go
# internal/outpost/proxy/api_bundle.go
# outpost/go.mod
# outpost/go.sum
# outpost/pkg/ak/cert.go
2021-07-17 12:49:38 +02:00
Jens Langhammer
aa701c5725
core: don't delete expired tokens, rotate their key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 21:47:32 +02:00
Jens Langhammer
6f98833150
core: allow users to create non-expiring tokens when flag is set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 21:15:14 +02:00
Jens Langhammer
4fe0bd4b6c
tests/e2e: fix e2e tests for ldap provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 10:10:11 +02:00
Lukas Söder
7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. ( #1138 )
...
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.
The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.
The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.
I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.
* Add a 'fake' primary group for each user
* First attempt att adding config to interface
* Updated API to support new fields
* Refactor code, update documentation and remove obsolete comment
Simplify `GetRIDForGroup`, was a bit overcomplicated before.
Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User
Add proper support in the interface for changing gidNumber and uidNumber starting points
* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
Jens L
7dfc621ae4
LDAP Provider: TLS support ( #1137 )
2021-07-13 18:24:18 +02:00