trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
9841 commits 95 branches 330 tags 336 MiB
Commit graph

423 commits

Author SHA1 Message Date
Jens Langhammer 18b48684eb providers/oauth2: add configuration error event when wrong redirect uri is used in token request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-28 21:15:58 +02:00
Jens Langhammer 2b68363452 providers/oauth2: add migration from "*" to ".*" 
closes #2970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-27 10:23:13 +02:00
Jens Langhammer a81d5a3d41 providers/oauth2: regex-escape URLs when set to blank 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-26 12:52:56 +02:00
Jens Langhammer 5da47b69dd providers/oauth2: only set expiry on user when it was freshly created 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-25 23:02:33 +02:00
Jens Langhammer 0e0dd2437b providers/oauth2: handle attribute errors when validation JWK contains private key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-25 22:23:05 +02:00
Jens Langhammer 4a9b788703 providers/oauth2: set related_name for many-to-many so used by detects the connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-24 22:12:35 +02:00
Jens L 80c1dbdfbb
ensure all viewsets have filter and search and add tests (#2946) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-24 22:01:18 +02:00
Jens L b4e75218f5
sources/oauth: OIDC well-known and JWKS (#2936) 
* add initial

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* include source and jwk key id in event

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests for source

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix web formatting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add provider tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-24 21:02:50 +02:00
Jens Langhammer 61a876b582 providers/saml: handle parse error 
AUTHENTIK-1K5

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-23 22:03:12 +02:00
Jens Langhammer 8c9748e4a0 providers/oauth2: improve error handling for invalid regular expressions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-23 20:47:36 +02:00
Jens Langhammer 11f7935155 providers/oauth2: use regex to check redirect URI 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2799
 2022-05-18 21:22:27 +02:00
Jens Langhammer f391c33bdf providers/oauth2: fix tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-14 12:41:40 +02:00
Jens Langhammer ee36b7f3eb flows: move autosubmit stage into flows package 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-14 12:06:19 +02:00
Jens Langhammer a9a62bbfc8 providers/oauth2: use correct title based on flow context and translated 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-14 00:08:29 +02:00
Jens Langhammer ddd785898b providers/saml: add title attribute to autosubmit stage and render correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-14 00:08:14 +02:00
Jens Langhammer 8ba45a5f6a providers/oauth2: don't create events before client_id can be verified to prevent spam 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-14 00:02:01 +02:00
Jens Langhammer 7d41e6227b providers/oauth2: add tests for form_post, fix attrs not being flattened 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-13 23:52:50 +02:00
Jens Langhammer 1363226697 providers/saml: make SAML metadata generation consistent 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-13 17:40:18 +02:00
scheibling d4abf5621e
providers/oauth2: add support for form_post response mode (#2818) 
* Added request verification and parameter generation

* response_mode added to OAuthAuthorizationParams return

* Added class OauthPostFulfillmentStage
Check response_mode in initialization

* Corrected typo

* Removed separate class
Added handling for FORM_POST in create_response_uri
Added handling for FORM_POST in return class

* Fixed pylint error (trailing-whitespace)
Removed comment

* Reformatted authorize.py with black
 2022-05-12 21:36:31 +02:00
Jens L ab2299ba1e
outposts/ldap: cached bind (#2824) 
* initial cached ldap bind support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* clean up api generation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use gh action for golangci-lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-08 16:48:53 +02:00
scheibling 30c7e6c94c
providers/oauth2: fixed typo (PROMPT_CONSNET => PROMPT_CONSENT) (#2819) 2022-05-06 10:09:09 +02:00
Jens Langhammer f4f9f525d7 providers/oauth2: include application in login event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-14 22:36:45 +02:00
Jens Langhammer 7561ea15de providers/oauth2: add additional tracing to token view 2022-04-14 16:48:17 +00:00
Jens Langhammer 5a58f6ee64 providers/oauth2: remove test for non sa user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-12 20:35:13 +02:00
Jens Langhammer e84b17d550 providers/oauth2: don't force service accounts for client_credentials flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-12 10:23:25 +02:00
Jens Langhammer 8be04cc013 providers/oauth2: fix elliptic curve keys attempting to use EC256 instead of ES256 
closes #2703

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-11 20:05:58 +02:00
Jens Langhammer f977bf61eb providers/oauth2: make exp optional on jwt client_credentials flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-10 17:25:35 +02:00
Jens Langhammer f8f8a9bbb9 providers/oauth2: give keypairs private key preference over certificate in client_credentials jwt flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-10 16:27:53 +02:00
Jens Langhammer 5861d41ad3 tenants: add tenant-level attributes, applied to users based on request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-06 10:41:35 +02:00
Jens Langhammer 4be238018b providers/oauth2: pass scope and other parameters to access policy request context 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2641
 2022-04-01 21:39:05 +02:00
Jens Langhammer 99008252f8 providers/oauth2: fix verification_keys being required 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-31 20:19:13 +02:00
Jens Langhammer 8689444954 providers/oauth2: add password grant support (treated as client_credentials) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-31 18:02:17 +02:00
Jens L bb8af2f19b
providers/oauth2: add client_assertion_type jwt bearer support (#2618) 2022-03-31 00:30:55 +02:00
Adam G d75a864f0e
providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation (#2497) 
* providers/oauth2: impl `/user/teams` endpoint for Github OAuth2

This commit adds a functional `/user/teams` endpoint for the emulated Github OAuth2 service.
The teams a user is part of are based on the user's groups in Authentik.

* providers/oauth2: Move org template inside loop; Change slug to use Django slugify

* providers/oauth2: Remove placeholder replacement

* Possibly fix complaints from the linters

* Update github.py

* Change organization name

* Update github.py
 2022-03-23 12:05:20 +01:00
Jens Langhammer 53d0205e86 outposts/proxy: use Prefix in ingress for k8s 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-15 19:01:08 +01:00
Jens L 920d1f1b0e
providers/oauth2: initial client_credentials grant support (#2437) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-03-05 23:24:55 +01:00
Jens Langhammer 08acc7ba41 providers/oauth2: fix invalid launch URL being generated 2022-03-01 15:29:21 +00:00
Jens Langhammer 72259f6479 events: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-14 23:15:45 +01:00
Jens Langhammer 0973c74b9d providers/oauth2: fix redirect_uri being lowercased on successful validation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-14 23:04:00 +01:00
Jens Langhammer c040b13b29 providers/proxy: remove leading slash to allow subdirectories in proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2305
 2022-02-14 12:51:04 +01:00
Jens Langhammer f61549a60f providers/proxy: enable TLS in ingress via traefik annotation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
 2022-02-12 18:35:24 +01:00
Jens Langhammer b5d43b15f8 providers/oauth2: add support for explicit response_mode 
closes #1953

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-12 16:56:47 +01:00
Jens L 4343246a41
*: rename akprox to outpost.goauthentik.io (#2266) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 20:25:38 +01:00
Jens Langhammer eaba8006e6 sources/saml: fix incorrect ProtocolBinding being sent 
closes #2213

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-03 18:20:06 +01:00
Jens Langhammer 88603fa4f7 providers/proxy: set traefik labels using object_naming_template instead of UUID 2022-02-01 17:13:27 +00:00
Jens Langhammer c7ba183dc0 providers/proxy: fix traefik label 
closes #2128

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 17:45:09 +01:00
Jens Langhammer 82cc1d536a providers/proxy: add PathPrefix to auto-traefik labels 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2128
 2022-01-23 21:55:46 +01:00
Jens Langhammer 4d7d700afa providers/oauth2: change default redirect uri behaviour; set first used url when blank and use star for wildcard 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 22:44:57 +01:00
Jens Langhammer c07b8d95d0 outposts/proxy: remove deprecated headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 17:01:23 +01:00
Jens Langhammer 90c31c2214 flows: add test helpers to simplify and improve checking of stages, remove force_str 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-01 20:25:32 +01:00
Jens Langhammer c249b55ff5 *: use py3.10 syntax for unions, remove old Type[] import when possible 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 14:59:01 +01:00
Jens Langhammer 6dc2003e34 providers/oauth2: fix tests validating JWT incorrectly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 23:00:57 +01:00
Jens Langhammer 0149c89003 providers/oauth2: fix invalid assignments in JWKS view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:41:28 +01:00
Jens Langhammer f458cae954 providers/proxy: add error handing when field is already gone 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:31:53 +01:00
Jens Langhammer f01d117ce6 providers/proxy: fix imports in migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:25:02 +01:00
Jens Langhammer 2bde43e5dc crypto: use older syntax for type union 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:22:45 +01:00
Jens Langhammer 2f3026084e providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:09:49 +01:00
Jens Langhammer 8a60a7e26f providers/proxy: revert to static list of forwarded headers 
wildcard is not usable for this since the regular expression doesn't support negative lookahead, meaning we would always forward all headers, including Connection and others

closes #1969

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 12:04:54 +01:00
Jens Langhammer 92b4244e81 providers/proxy: update traefik regex 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1969
 2021-12-20 22:43:58 +01:00
Jens Langhammer dfbf7027bc providers/proxy: add traefik.ingress.kubernetes.io/router.tls annotation for ingress 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 22:24:42 +01:00
Jens Langhammer 577b7ee515 providers/proxy: include auth headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 21:37:22 +01:00
Jens Langhammer ef23a0da52 outposts/proxy: fix traefik header regex to only match Remote- and X- headers to prevent websocket errors 
closes #1969

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 13:30:19 +01:00
Jens Langhammer b6ff04694f providers/oauth2: don't rely on expiry task for access codes and refresh tokens 
closes #1911

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-18 17:42:41 +01:00
NeroPcStation 273f5211a0
providers/saml: Fix typo (#1950) 2021-12-17 11:00:20 +00:00
Jens Langhammer fec6de1ba2 providers/oauth2: add additional logging to show with token path is taken 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 22:49:42 +01:00
Jens Langhammer 69678dcfa6 providers/oauth2: use generate_key instead of uuid4 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 22:13:20 +01:00
Jens Langhammer f2b3a2ec91 providers/saml: optimise excessive queries to user when evaluating attributes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 16:38:38 +01:00
Jens Langhammer 326b574d54 root: update dependencies 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-07 16:25:10 +01:00
Jens Langhammer 873aa4bb22 providers/saml: remove SESSION_KEY_POST from session after using it 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1873
 2021-12-06 12:47:25 +01:00
Jens Langhammer ada2a16412 tests/e2e: add post binding test 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-05 11:18:01 +01:00
Jens Langhammer 6a3f7e45cf providers/saml: add ?force_binding to limit bindings for metadata endpoint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-05 11:14:42 +01:00
Jens Langhammer 2b78c4ba86 *: use request.query_params instead of accessing the django request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-05 11:14:20 +01:00
Jens Langhammer 680ef641fb providers/saml: fix error when propertymapping returns invalid data in list 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-05 10:31:16 +01:00
Jens Langhammer 4bd1cd127b providers/saml: fix IndexError in signature check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 20:30:03 +01:00
Jens Langhammer 4f54ce6afb providers/saml: fix error when using post bindings and user freshly logged in 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1873
 2021-12-02 13:00:21 +01:00
Jens Langhammer b4963bec76 providers/proxy: fix defaults for traefik integration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-01 21:47:13 +01:00
Jens Langhammer 7aa8e35f87 providers/proxy: use wildcard for traefik headers copy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-01 20:19:35 +01:00
Jens Langhammer 60b95271eb outposts/proxy: add additional headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-01 20:19:09 +01:00
Jens Langhammer 0b8cfd437b *: fix typo'd signing pair name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-24 09:55:10 +01:00
Jens L 9bb0d04aeb
root: Random tests (#1825) 
* root: add pytest-randomly to randomise tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate flows for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate users for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: use generated certificate

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: keep containers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: use websockets test case

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-22 22:56:02 +01:00
Jens Langhammer b0fac9c9f1 providers/saml: fix SessionNotOnOrAfter not being included 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-16 12:36:40 +01:00
dependabot[bot] f7044e41c6
build(deps-dev): bump bandit from 1.7.0 to 1.7.1 (#1793) 
* build(deps-dev): bump bandit from 1.7.0 to 1.7.1

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1)

---
updated-dependencies:
- dependency-name: bandit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: fix bandit false positives

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 09:16:16 +01:00
Jens Langhammer c98bdbacc5 providers/proxy: return list of configured scope names so outpost requests custom scopes 
closes #1762

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-10 23:06:21 +01:00
Jens Langhammer 2cef220a3e providers/ldap: add/squash migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 10:41:50 +01:00
Jens L 5a8c66d325
providers/ldap: memory Query (#1681) 
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add basic in-memory searcher

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 10:37:30 +01:00
Jens Langhammer 3005ca17bd web/admin: show warning on provider when not used with outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 01:15:33 +01:00
Jens Langhammer 909461e533 providers/*: include list of outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 01:06:04 +01:00
Jens Langhammer 6036d88392 providers/proxy: allow configuring of additional scope mappings for proxy 
closes #1255

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-31 22:25:51 +01:00
Jens Langhammer 335d6edd11 providers/saml: fix error on missing AssertionConsumerServiceURL, fall back to default ACS 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-31 17:21:15 +01:00
Jens Langhammer 1b21b50b77 providers/oauth2: fallback to uid if UPN was selected but isn't available 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-27 16:11:35 +02:00
Jens Langhammer 8eb4d53810 providers/oauth2: fix events being created from /application/o/authorize/ 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-21 22:59:01 +02:00
Jens Langhammer 98a56c77e3 providers/proxy: update ingress controller to work with k8s 1.22 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-18 10:00:24 +02:00
Jens Langhammer 2b09d97522 core: fix squash migrations error when AK_ADMIN_TOKEN is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-12 17:45:10 +02:00
Jens L e4f141c6c0
*: Squash Migrations (#1593) 
* *: first squash pass

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/saml: squash less

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix docker controller not correctly checking image

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix old migration reference

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-11 21:39:35 +02:00
Jens Langhammer 83150d9920 outposts: fix circular import in kubernetes controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:25:18 +02:00
Jens Langhammer d30dcda814 providers/proxy: always check ingress secret in kubernetes controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:14:27 +02:00
Jens Langhammer 3c1ac4c7ec outposts/proxy: add new headers with unified naming 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-02 22:00:23 +02:00
Jens L f9ad102915
flows: inspector (#1469) 
* flows: add initial inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: change naming a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flow: add inspector frame

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: don't use shadydom when inspecting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add current stage to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/*: fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: deep-copy plan instead of just adding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: restrict inspector to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add buttons to launch flow with inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: don't automatically follow redirects when inspector is open

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make current_plan optional, only require historry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: handle error messages in inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve UI when flow is done

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add is_completed flag to inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix monkeypatches for tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add inspector tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: re-enable cache

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-28 09:36:48 +02:00
pemontto aea1736f70
outposts/proxy: Fix failing traefik healtcheck (#1470) 2021-09-26 11:33:18 +02:00
Jens Langhammer 4f3583cd7e providers/proxy: make token_validity float and optional for backwards compat 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-25 15:54:32 +02:00