Jens L
168423a54e
enterprise: licensing fixes ( #6601 )
...
* enterprise: fix unique index for key, fix field names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* enterprise: update UI to match
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-23 13:20:42 +02:00
Jens L
0472ef583c
core: hotfix group membership check ( #6584 )
2023-08-20 23:47:13 +02:00
Jens L
8bba3c0a9b
core: rework recursive group membership ( #6017 )
...
* rework checking group membership and add `user.all_groups` to get full list of groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor some more for better performance
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate things to use all_groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix for django 4.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-18 17:31:39 +02:00
Jens L
42c21da8b6
blueprints: fix blueprint importer logging potentially sensitive data ( #6567 )
2023-08-18 00:33:26 +01:00
Jens L
7b3d1a229f
stages/authenticator_static: make static token size adjustable ( #6565 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-17 23:48:05 +02:00
risson
1d99ec95b5
root: always use persistent database connections ( #6560 )
...
* root: always use persistent database connections
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* root: activate database connection health checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-08-17 19:38:39 +02:00
Jens L
287cf6f0c7
web/admin: fix user sorting by active field ( #6485 )
...
* web/admin: fix user sorting by active field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web/admin: fix hide service account toggle
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-05 22:07:17 +02:00
Jens L
00fae2353c
api: optimise pagination in API schema ( #6478 )
2023-08-05 15:37:06 +02:00
Jean-Michel DILLY
e191cd6e7f
provider/oauth2: fix aud (Audience) field type which can be a list of… ( #6447 )
...
provider/oauth2: fix aud (Audience) field type which can be a list of strings
2023-08-01 23:16:26 +02:00
Jens L
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 19:30:28 +02:00
Jens L
561e6956fe
root: add get_int to config loader instead of casting to int everywhere ( #6436 )
...
* root: add get_int to config loader instead of casting to int everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve error handling, add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 19:34:59 +02:00
Jens L
10b0c84d97
root: migrate bootstrap to blueprints ( #6433 )
...
* remove old bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add meta model to set user password
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure KeyOf works with objects in the state of created that already exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add support for shorter form !If tag
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow !Context to resolve other yaml tags
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't require serializer to be valid for deleting an object
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix check if a model is being created
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove duplicate way to set password
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate token
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only change what is required with migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add description
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix admin status
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* expand tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't require bootstrap in events to fix ci?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 19:34:46 +02:00
Jens L
09907ecb6a
root: add generated Source docs ( #5323 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 11:59:20 +02:00
Jens L
b08f8d8e0c
api: re-fix url import logging ( #6400 )
...
* fix logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove lib from apps
lib doesn't declare any models, so it really doesn't need to be in there anyways?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove lib from schema too
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-27 12:56:51 +02:00
risson
94836a3ce7
api: log errors if app URLs import fail ( #6397 )
...
* api: log errors if app URLs import fail
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* bump level to warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-27 11:29:20 +02:00
Jens L
f272d14fcf
events: fix monitored task not removing state ( #6386 )
...
when `save_on_success` is set, a task failure saves state. when it succeeds afterwards, that state should be removed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-26 16:00:50 +02:00
Timo Schwarzer
17fe595528
sources/ldap: fix syncing large LDAP directories ( #6384 )
...
* sources/ldap: fix syncing large LDAP directories
* add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-26 12:25:40 +02:00
Marc 'risson' Schmitt
18472c231a
enterprise: fix license check not using the proper JWT algorithm
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-07-25 12:10:15 +02:00
Jens L
7be94df00c
root: set csrf cookie's secure flag same as session ( #6350 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 13:57:30 +02:00
Yip Rui Fung
346c6e6a85
outposts: Fix infinite self-recursion in traefik reconciler. ( #6336 )
...
Fix infinite self-recursion in traefik reconciler.
2023-07-24 10:25:29 +00:00
ChandonPierre
8d4b7ce8d3
outposts: fix patch processing ( #6338 )
...
* outposts: fix patch processing for custom object types
* outposts: correct parsing patch type
* small change
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 10:25:14 +00:00
Jens L
4647fbacb0
enterprise: fix license check not using DER as spec specifies ( #6348 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 12:11:47 +02:00
ChandonPierre
d435a65cfd
outposts: support json patch for Kubernetes ( #6319 )
2023-07-22 02:29:28 +02:00
Jens L
a728dad166
providers/oauth2: fix grant_type password raising an exception ( #6333 )
2023-07-22 01:36:55 +02:00
Jens L
d50f92d8b4
enterprise: cleanup v2 ( #6330 )
...
* cleanup minor stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* change default user type to internal to be more consistent
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-21 18:23:51 +02:00
Jens L
9b7c30d44c
sources/ldap: fix ldap_sync cli command not running in foreground ( #6325 )
...
closes #6317
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-21 13:03:06 +02:00
Jens Langhammer
d12db62a6d
root: fix lint error
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-20 00:38:01 +02:00
Jens L
546425acde
root: fix config env var resolution ( #6310 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-20 00:16:00 +02:00
Jens L
2f469d2709
root: partial Live-updating config ( #5959 )
...
* stages/email: directly use email credentials from config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use custom database backend that supports dynamic credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add crude config reloader
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make method names for CONFIG clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace config.set with environ
Not sure if this is the cleanest way, but it persists through a config reload
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add set for @patch
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* even more crudeness
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clean up some old stuff?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup old things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flow e2e
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-19 23:13:22 +02:00
Jens L
b6e8342466
enterprise: add more info to enterprise forecast ( #6292 )
...
* add more info to enterprise forecast
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix banner colour
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some layout
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix layout for warning banner
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-18 23:24:44 +02:00
Jens L
41af486006
enterprise: initial enterprise ( #5721 )
...
* initial
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add user type
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add external users
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ui, add more logic, add public JWT validation key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* revert to not use install_id as session jwt signing key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* switch to PKI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more licensing stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add install ID to form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use x5c correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* license checks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use production CA
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more UI stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to summary
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale, improve ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add direct button
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update link
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format and such
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove old attributes from ldap
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove is_enterprise_licensed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix admin interface styling issue
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update authentik/core/models.py
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* fix default case
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-17 17:57:08 +02:00
Jens L
cf799fca03
sources/ldap: check nsaccountlock for FreeIPA/389-ds ( #6270 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-17 12:59:29 +02:00
Jens L
5ca65003f1
events: fix authentik_system_tasks metric status label ( #6252 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-13 16:24:13 +02:00
Jens Langhammer
d6af506a78
release: 2023.6.1
2023-07-10 13:20:22 +02:00
Jens L
080ac6b5bb
core: fix UUID filter field for users api ( #6203 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-10 12:14:06 +02:00
Jens L
5fe737326e
sources/ldap: fix more errors ( #6191 )
2023-07-09 15:10:57 +02:00
Jens L
ff0d3c3d63
sources/ldap: fix page size ( #6187 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-09 15:10:51 +02:00
Jens Langhammer
7db9ced218
release: 2023.6.0
2023-07-07 13:43:16 +02:00
Jens L
d22d147c8e
security: fix CVE-2023-36456 ( #6171 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-06 18:16:26 +02:00
Jens L
f306fb9c26
stages/user_write: fix duplicate source writing ( #6105 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-29 21:42:42 +02:00
Jens L
e712225ced
sources/ldap: improve scalability ( #6056 )
...
* sources/ldap: improve scalability
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use cache instead of call signature for page data
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-28 17:13:42 +02:00
Jens L
a987846c76
root: celery refactor ( #6095 )
...
* root: celery refactor
cleanup deprecation messages by configuring celery with a single object
run celery as django management command
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve debug experience
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add debugpy to dev dependencies
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix task_always_eager
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-28 16:44:50 +02:00
Jens L
35e2b648ba
sources/ldap: fix 100% cpu usage when LDAP Server is unavailable ( #6094 )
2023-06-28 15:13:12 +02:00
Jens L
8bd23f1686
sources/oauth: fix OIDC client sending access token as header and query param ( #6081 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-27 23:16:52 +02:00
Jens L
863454a895
flows: allow empty value in AutosubmitChallenge ( #6079 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-27 23:13:58 +02:00
Jens L
416f916da6
core: fix inconsistent favicon ( #6080 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-27 23:13:31 +02:00
Jens Langhammer
422b19df60
release: 2023.5.4
2023-06-26 23:33:04 +02:00
Jens L
eab767fc1b
stages/authenticator_validate: fix regression ( #6062 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-26 13:06:11 +02:00
Jens L
b0fbd576fc
security: cure53 fix ( #6039 )
...
* ATH-01-001: resolve path and check start before loading blueprints
This is even less of an issue since 411ef239f6
, since with that commit we only allow files that the listing returns
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-010: fix missing user filter for webauthn device
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
* ATH-01-008: fix web forms not submitting correctly when pressing enter
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
* ATH-01-004: remove env from admin system endpoint
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-005: use hmac.compare_digest for secret_key authentication
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-009: migrate impersonation to use API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-010: rework
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-014: save authenticator validation state in flow context
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-012: escape quotation marks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add website
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release ntoes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update with all notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:25:04 +02:00
Samir Musali
b1de0b767e
sources/ldap: include UnwillingToPerformError as possible exception ( #6031 )
...
feat: include UnwillingToPerformError as possible exception
2023-06-21 19:45:20 +03:00
Jens L
469899233a
policies/event_matcher: change empty values to null ( #6032 )
...
* policies/event_matcher: change empty values to null
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate old default values
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-21 15:49:46 +02:00
Jens L
93575a9966
core: prevent selecting a group as a parent of itself ( #6016 )
...
* core: prevent selecting a group as a parent of itself
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix api error when no parent is given
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-20 20:21:58 +02:00
Jens L
01311929d1
providers/ldap: improve password totp detection ( #6006 )
...
* providers/ldap: improve password totp detection
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add flag for totp mfa support
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* keep support for static tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-20 12:09:13 +02:00
Jens L
f6181ceb70
providers/oauth2: correctly advertise code_challenge_methods_supported ( #6007 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 21:26:33 +02:00
Jens L
a5db60129d
*: use dataclass slots wherever applicable ( #6005 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 18:31:07 +02:00
Jens L
05d73f688c
policies/event_matcher: add model filter ( #5802 )
...
* policies/event_matcher: add model filter
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve logic
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove t``
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 22:11:11 +02:00
ChandonPierre
029395d08b
sources/ldap: add support for cert based auth ( #5850 )
...
* ldap: support cert based auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ldap: default sni switch to off
* ldap: `get_info=NONE` on insufficient access error
* fix: Make file locale script
* ldap: add google ldap attribute mappings
* ldap: move google secure ldap blueprint to examples
Revert "ldap: add google ldap attribute mappings"
This reverts commit 8a861bb92c1bd763b6e7ec0513f73b3039a1adb4.
* ldap: remove `validate` for client cert auth
not strictly necessary
* ldap: write temp cert files more securely
* ldap: use first array value for sni when provided csv input
* don't specify tempdir
we set $TMPDIR in the dockerfile
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* limit API to only allow certificate key pairs with private key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use maxsplit
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 15:41:44 +02:00
Jens L
51f4d4646c
providers/ldap: fix Outpost provider listing excluding backchannel providers ( #5933 )
...
* providers/ldap: fix Outpost provider listing excluding backchannel providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 11:28:00 +02:00
Jens L
c45e92b17e
root: revert to use secret_key for JWT signing ( #5934 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 11:02:05 +02:00
Jens L
4741d8aa0d
sources/ldap: fix duplicate bind when authenticating user directly to… ( #5927 )
...
sources/ldap: fix duplicate bind when authenticating user directly to LDAP source
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 10:24:01 +02:00
risson
0041cf88f4
providers/oauth2: launch url: if URL parsing fails, return no launch URL ( #5918 )
...
* providers/oauth2: launch url: if URL parsing fails, return no launch URL
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only get provider launch URL when no url is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only catch value error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-09 21:56:34 +02:00
Jens L
69f0460f69
website: update translation docs ( #5875 )
...
* website/docs: remove lingui references
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace deprecated cryptography types
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* tell eslint to avoid escapes in strings when possible
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ignore generated locale code
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 12:32:32 +02:00
Jens Langhammer
0a1d0b85ca
Merge branch 'version-2023.5'
2023-06-01 21:00:13 +02:00
Jens Langhammer
be85eecac5
release: 2023.5.3
2023-06-01 19:35:13 +02:00
Jens L
e141a11475
blueprints: fix API validation with OCI blueprint path ( #5822 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:52:12 +02:00
Jens L
772acb10d6
providers/ldap: fix LDAP Outpost application selection ( #5812 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:51:46 +02:00
Jens L
b6d338659f
blueprints: fix API validation with OCI blueprint path ( #5822 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:50:39 +02:00
Jens L
fd4c5f5ce7
providers/ldap: fix LDAP Outpost application selection ( #5812 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:14:25 +02:00
rlew-is
a7bf963409
stages/deny: fix typos ( #5800 )
...
* Fix typo in stage.py
Fix typo in "Cancells the current flow"
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
* Fix typo in models.py
Fix typo in "Cancells the current flow"
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
---------
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
2023-05-30 10:54:24 +02:00
rlew-is
0b25c612c0
stages/deny: fix typos ( #5800 )
...
* Fix typo in stage.py
Fix typo in "Cancells the current flow"
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
* Fix typo in models.py
Fix typo in "Cancells the current flow"
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
---------
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
2023-05-30 10:36:51 +02:00
Jens L
f0619814f9
blueprints: allow setting user's passwords from blueprints ( #5797 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-29 21:28:44 +02:00
Jens L
d09bee7bf9
providers/proxy: add support for traefik.io API and CRD ( #5801 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-29 21:12:59 +02:00
Jens Langhammer
ce96600adb
Merge branch 'version-2023.5'
2023-05-28 13:23:32 +02:00
Jens Langhammer
5e5a74eebf
release: 2023.5.2
2023-05-26 23:54:12 +02:00
Jens L
5b0cc3672b
root: add method to get install_id without django being loaded ( #5755 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-25 18:52:21 +02:00
Jens L
47d5fc26cc
events: fix ak_create_event using wrong request for event creation ( #5731 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:14 +02:00
Jens L
9a996e7176
outposts: fix missing radius outpost controller ( #5730 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:11 +02:00
Jens L
554a26442d
blueprints: support custom ports for OCI blueprints ( #5727 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:07 +02:00
Jens L
573517bf0a
lib: add tests for ak_create_event ( #5710 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# locale/en/LC_MESSAGES/django.po
2023-05-24 21:51:52 +02:00
Jens L
2cd68dfa87
blueprints: fix check for file path not being run on worker ( #5703 )
2023-05-24 21:51:30 +02:00
Jens L
8029a13be1
core: make groups field for user optional ( #5702 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:51:23 +02:00
Jens L
6766b12bd1
events: fix ak_create_event using wrong request for event creation ( #5731 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 00:51:16 +02:00
Jens L
c1404285bb
outposts: fix missing radius outpost controller ( #5730 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 00:49:20 +02:00
Jens L
8bba8422d7
blueprints: support custom ports for OCI blueprints ( #5727 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-23 13:52:50 +02:00
Jens L
0d0bb1a559
root: add install ID ( #5717 )
...
* root: add install ID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add fallback when no migrations table exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-22 17:24:12 +02:00
Jens L
44341f0224
lib: add tests for ak_create_event ( #5710 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-22 00:18:54 +02:00
Jens L
411ef239f6
blueprints: fix check for file path not being run on worker ( #5703 )
2023-05-21 15:29:55 +02:00
Jens L
bb64fb1130
core: make groups field for user optional ( #5702 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-21 15:19:05 +02:00
Jens L
5d5938c412
sources/saml: separate verification cert ( #5699 )
...
* sources/saml: allow separate verification certificate to be specified
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add migration to keep current behaviour
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update strings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* keep testing verification
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-21 14:42:17 +02:00
Jens Langhammer
6900ffffd8
release: 2023.5.1
2023-05-18 21:33:38 +02:00
Jens L
9c69f67778
sources/ldap: log full exception when user password set fails ( #5678 )
...
* sources/ldap: log full exception when user password set fails
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update authentik/sources/ldap/auth.py
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-18 19:00:17 +02:00
Jens L
79dcc30778
providers/radius: add warning message when radius provider is not used with outpost ( #5656 )
...
* providers/radius: add warning message when radius provider is not used with outpost
same message as Proxy and LDAP provider have
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:19:33 +02:00
Jens L
68a1bcf233
providers/SCIM: improve backchannel signalling ( #5657 )
...
* providers/scim: add warning when provider is not used as backchannel provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* providers/scim: don't sync SCIM provider that isn't used as backchannel at all
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:19:18 +02:00
Jens L
cd7de4c0b9
sources/ldap: improve error message ( #5653 )
...
* sources/ldap: improve ldap password change error message
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* stages/user_write: handle validation error when updating user
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 15:26:46 +02:00
Jens L
f4b0d6e85c
providers/scim: default to None for fields instead of empty list ( #5642 )
...
* providers/scim: default to None for fields instead of empty list
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make name of delete_none_keys clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 00:25:28 +02:00
Jens L
a6b16ecc68
lib: fix fallback_names migration not working when multiple objects n… ( #5637 )
...
lib: fix fallback_names migration not working when multiple objects need to be renamed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-16 22:17:56 +02:00
Jens Langhammer
8faec99bd6
release: 2023.5.0
2023-05-16 14:00:48 +02:00
tograss
557aadecc0
stages/authenticator_sms: Fix json serialization in send_generic ( #5630 )
...
stages/authenticator_sms: Fix SMS Authenticator Setup Stage with generic provider does not work without mapping
This fixes issue #5629 . Problem is/was that self.get_message(token) in send_generic returned a type django.utils.functional.lazy.<locals>.__proxy__ which is not json serializable.
2023-05-16 10:28:14 +00:00
Jens L
ff1510dedc
events: sanitize enums ( #5610 )
...
when importing a flow and returning logs, sometimes an enum might be included which is currently not sanitized and hence causes an exception
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-15 14:39:58 +02:00
Jens L
c3398004ff
blueprints: add meta models to schema ( #5611 )
...
these models were previously ignored
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-15 14:39:48 +02:00
Jens L
47f09ac285
providers/scim: improve SCIM error messages ( #5600 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-15 14:39:27 +02:00
Jens L
6299fc7f81
root: migrate from os.path to Pathlib ( #5594 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-12 20:04:02 +02:00
Jens L
a032fd529b
events: don't include task uid in task metric ( #5595 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-12 20:03:52 +02:00
Jens L
ec78e56fbd
providers/scim: fix group patch schema ( #5596 )
...
the original request was made based on the sentry docs, which aren't actually correct
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-12 20:03:43 +02:00
Jens L
61434c807d
stages/identification: auto-redirect to source when no user fields are selected ( #5583 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-11 16:52:30 +02:00
risson
7265a56f05
root: switch sentry dsn to our relay ( #5494 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-05-11 15:24:38 +02:00
Tana M Berry
95df14106c
blueprints: further copy-edits ( #5559 )
...
another copy-edit
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-05-11 13:48:27 +02:00
Jens L
91d78b0c7d
sources/oauth: re-fix reddit source ( #5582 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-11 13:48:11 +02:00
Jens L
906faf9cce
providers/proxy: fix panic when claims in session were nil ( #5569 )
...
* providers/proxy: fix panic when claims in session were nil
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add new options
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:58:44 +02:00
Jens L
3704f4ccf4
core: disallow username and email changes by default ( #5571 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:57:57 +02:00
Michael OBrien
eb071d4d90
providers/oauth2: add user UUID as subject option ( #5556 )
...
* providers/oauth2: add user UUID as subject option
* Added translations for new OAuth2 subject option
2023-05-10 17:50:13 +02:00
Jens L
1c04dc0986
providers/SCIM: patch group name ( #5564 )
...
* providers/scim: patch name when group put fails
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-raise ResourceMissing in group update to trigger recreation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 12:29:39 +02:00
Jens L
92fd6a55db
blueprints: adjust wording on managed field ( #5558 )
2023-05-09 23:41:42 +02:00
Jens L
b5b1ed5887
sources/oauth: fix reddit ( #5557 )
2023-05-09 23:41:24 +02:00
Jens L
eaa3d11df8
api: modular urls ( #5551 )
...
* api: make API urls modular
load API urls from app module's urls file instead of a single static file
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor websocket url mounting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-09 14:46:47 +02:00
Jens L
9c25d72d61
providers/scim: fix scim_sync_all error ( #5539 )
...
* providers/scim: fix scim_sync_all error
closes #5538
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't use static names in tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 22:39:48 +02:00
Jens L
5ea54e8f7e
*: improve configuration error events ( #5523 )
...
* *: improve configuration error events
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* delete test-db when resetting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 15:34:43 +02:00
Jens L
8215ee19c6
events: include event user in webhook notification ( #5524 )
...
* events: include event user in webhook notification
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update other transports
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 15:34:21 +02:00
Jens L
7acd0558f5
core: applications backchannel provider ( #5449 )
...
* backchannel applications
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include assigned app in provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve backchannel provider list display
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make ldap provider compatible
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* show backchannel providers in app view
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make backchannel required for SCIM
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup api
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-08 15:29:12 +02:00
Jens L
9f4be4d150
blueprints: support setting file URLs in blueprints ( #5510 )
...
* blueprints: support setting file URLs in blueprints
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make new fields not required
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include conditional fields in schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 15:07:00 +02:00
Jens L
7df0e88b9d
events: cleanse http query string in events ( #5508 )
...
* events: cleanse http query string in events
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-07 20:11:36 +02:00
Jens L
53f827b54f
blueprints: specify schema for blueprint metadata ( #5509 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-07 20:11:18 +02:00
Jens L
2a2e159a0d
blueprints: improve schema generation by including model schema ( #5503 )
...
* blueprints: improve schema generation by including model schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* unset required
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-07 12:32:01 +02:00
Jens L
564b2874a9
providers/oauth2: use simpler charset for refresh tokens ( #5502 )
...
various implementations might have issues with the special chars
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-07 00:19:11 +02:00
Jens L
b99ce890ef
providers/scim: fix missing user/group filtering on SCIM direct save signals ( #5473 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-04 02:28:58 +03:00
Jens L
5509bce3d7
blueprints: ignore hidden files in discovery ( #5472 )
...
blueprints: ignore hidden files
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-04 02:16:48 +03:00
Jens L
3f607ee2c8
policies: make policy engine modes consistent with database values ( #5462 )
...
* policies: make policy engine modes consistent with database values
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix in ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing case
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-03 18:16:16 +03:00
DerGardine
a2994218e4
sources/oauth: add patreon type ( #5452 )
...
* Models Update to include Patreon as Social Sign On
Signed-off-by: DerGardine <julian.burgschweiger@gmail.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests, use vanity as username
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: DerGardine <julian.burgschweiger@gmail.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-03 13:49:43 +03:00
Jens L
bb8b87fcb3
providers/scim: improve compatibility ( #5425 )
...
* providers/scim: improve compatibility
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint and tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-30 19:43:24 +03:00
Jens L
f36a5a053f
root: fix import error on non debug builds ( #5424 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-30 16:36:43 +03:00
Jens L
0b0e08446d
blueprints: fix tests ( #5421 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-30 14:08:36 +03:00
Jens L
af7cc8d42d
blueprints: fix error when imported blueprint is invalid ( #5414 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 22:44:19 +03:00
Jens L
5830781a5a
root: add websocket logging ( #5408 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 20:34:34 +03:00
Jens L
ecce31ee87
providers/scim: correctly handle 404 by re-creating object ( #5405 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 14:36:21 +03:00
Jens L
967a38b7ac
crypto: make name field unique to prevent double certs ( #5406 )
...
* crypto: make name field unique to prevent double certs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 14:35:59 +03:00
Jens L
9d1ad104ec
outposts: make state more consistent ( #5403 )
2023-04-28 13:53:07 +03:00
Jens L
54d508ae8c
ci: fix pyright errors ( #5392 )
...
* ci: fix pyright errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix error in oauth 1 source
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove redundant blueprint fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-27 17:33:47 +03:00
Jens L
7b0d8f8991
providers/scim: ensure scim group member isn't None ( #5391 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-27 15:03:50 +03:00
Jens L
4426cbec34
policies: clear app cache when writing user, groups, policies ( #5371 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-25 15:24:47 +03:00
Jens L
5970a6e2a2
events: always run policies for notification rules even if no group is selected ( #5353 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-23 19:10:22 +03:00
Jens L
480f5c2aac
ci: add log grouping ( #5342 )
...
* ci: add log grouping
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* try to group structlog output
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* earlier hooks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* hmm
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* disable beats integration for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* test container logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove testing
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 19:06:11 +03:00
Jens L
e75e2cf324
website/docs: flow context docs ( #5243 )
...
* add flow context docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup some redundant things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* added more section headers
* tweaked new headings
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* add more keys, use dedicated prefix for internal keys
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* set toc_max_heading_level: 5
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update datatypes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more consistent header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update website/docs/flow/context/index.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/docs/flow/context/index.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/docs/flow/context/index.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-04-20 17:31:34 +00:00
Jens L
4671d4afb4
enterprise: initial license ( #5293 )
...
* enterprise: add enterprise license and app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add license and terms
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't build enterprise into docker for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-19 16:13:45 +02:00
sdimovv
ee6edec1d8
stages/prompt: Add initial_data prompt field and ability to select a default choice for choice fields ( #5095 )
...
* Added initial_value to model
* Added initial_value to admin panel
* Added initial_value support to flows; updated tests
* Updated default blueprints
* update docs
* Fix test
* Fix another test
* Fix yet another test
* Add placeholder migration
* Remove unused import
2023-04-19 12:27:51 +02:00
Jens L
dfa80543b5
root: add ruff linter ( #5240 )
...
* root: add ruff linter
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually add ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-18 13:28:19 +02:00
Jens L
ce5f6d5d43
release: Version 2023.4 ( #5283 )
...
* release: 2023.4.0
* release: 2023.4.1
2023-04-18 10:45:17 +02:00
Jens L
8160663214
release: 2023.4.0 ( #5254 )
2023-04-14 13:20:22 +02:00
Jens L
6a700cb376
core: fix user metrics for users which can't access events ( #5252 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 11:20:26 +02:00
Jens L
a5098364eb
events: unpack wrapped query from FlowExecutor ( #5244 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 00:07:41 +02:00
Jens L
6a74fa11c6
providers/oauth2: inconsistent client secret generation ( #5241 )
...
* use simpler char set for client secret
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* also adjust radius
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use similar logic in web to generate ids and secrets
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dont use math.random
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 15:06:28 +02:00