authentik

Archived

Author	SHA1	Message	Date
Jens Langhammer	f7408626a8	providers/proxy: return token_validity as total seconds instead of expression Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 15:44:16 +02:00
Jens Langhammer	28eeb4798e	providers/proxy: add token_validity field for outpost configuration Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1462	2021-09-25 15:00:06 +02:00
Jens Langhammer	79b92e764e	*: fix typos in code Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 00:01:11 +02:00
Jens Langhammer	ae07f13a87	outposts: don't map port 9300 on docker, only expose port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-21 21:40:08 +02:00
Jens L	13e2eea72f	web/user: new end-user interface (#1404 ) * web/user: migrate to top navbar Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: prepare config from server Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * re-sort Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove old interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update issue template Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use notification badge Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: re-add go-to-admin button Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : fix remaining redirects directly to admin Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> make settings better Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: ensure sources and stages are sorted Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add sessions and consent Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/oauth2: add post wrapper to stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add new interface to release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 22:17:05 +02:00
Jens Langhammer	ae26d2756f	providers/saml: improved error handling Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 10:58:51 +02:00
Jens Langhammer	916530f0d8	providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui closes #1369 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 17:14:53 +02:00
Jens Langhammer	ba6849f29c	*: remove string.format() Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 12:06:47 +02:00
Jens Langhammer	df4c8003b8	api: fix items of list fields having nullable set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 18:15:59 +02:00
Jens Langhammer	4448145aa9	providers/proxy: use auth/traefik subpath Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 13:53:04 +02:00
Jens L	7158c9d2ea	core: metrics v2 (#1370 ) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 15:52:24 +02:00
Jens Langhammer	da58796768	providers/proxy: fix defaults for old proxy providers (load providers directly) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 13:54:24 +02:00
Jens Langhammer	d98499a3fa	providers/proxy: fix defaults for old proxy providers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 13:26:36 +02:00
Jens Langhammer	f3ff398a44	providers/proxy: add metrics port to controllers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 23:01:22 +02:00
Jens L	3c1b70c355	outposts/proxyv2 (#1365 ) * outposts/proxyv2: initial commit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> more stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add forward auth an sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> match cookie name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> re-add support for rs256 for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> ensure unique user-agent is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> set cookie duration based on id_token expiry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> build proxy v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add ssl Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add basic auth and custom header support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add application cert loading Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> implement whitelist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> migrate embedded outpost to v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> remove old proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> providers/proxy: make token expiration configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only allow one redirect URI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix docker build for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove default port offset Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add AUTHENTIK_HOST_BROWSER Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix e2e/integration tests not using proper tags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove references of old port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix user_attributes not being loaded correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 18:04:56 +00:00
Jens Langhammer	d92d8e6dbb	api: add additional filters for ldap and proxy providers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-03 10:43:09 +02:00
Jens Langhammer	3e9f5ec5ef	providers/proxy: improve error handling for non-tls ingresses Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-30 14:43:57 +02:00
Jens Langhammer	0c6e781e5b	providers/proxy: fix traefik middleware being generated with wrong ports for embedded outposts Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-29 20:49:11 +02:00
Jens Langhammer	2d8b4f543b	providers/proxy: fix url parsing for traefik labels on docker containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-27 22:21:16 +02:00
Jens Langhammer	8542dc10ab	providers/proxy: fix docker container labels not being inherited correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-27 20:20:34 +02:00
Jens Langhammer	2ae164df78	*: cleanup api schema warnings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-26 09:36:41 +02:00
Jens Langhammer	cba255eaaa	Merge branch 'master' into app-passwords Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # authentik/core/tests/test_source_flow_manager.py # authentik/stages/authenticator_validate/tests.py # authentik/stages/password/tests.py # scripts/generate_ci_config.py	2021-08-23 21:21:12 +02:00
Jens L	859cf2bd8f	lib: move id and key generators to lib (#1286 ) * lib: move generators to lib Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: bump default token key size Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : fix split being used for http basic auth instead of partition Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> web/elements: don't rethrow error in ActionButton Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-23 20:27:38 +02:00
Jens Langhammer	a2578ffaad	core: add token tests for invalid intent and token auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-23 20:21:54 +02:00
Jens Langhammer	d18e829d80	providers/ldap: fix error in outpost when certificate is configured Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-09 20:47:26 +02:00
Jens Langhammer	f496b8b5d7	providers/oauth2: add more test cases for token view Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-09 00:20:32 +02:00
Jens Langhammer	665c1aa81b	providers/proxy: don't create ingress when no hosts are defined Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-08 21:46:05 +02:00
Jens Langhammer	ccfc1dbcc2	*: make all PropertyMappings filterable by multiple managed attributes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-08 16:06:44 +02:00
Jens Langhammer	3367b83368	providers/saml: use idp-initiated sso flow as launch url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-08 15:01:52 +02:00
Jens Langhammer	9a8240bdd1	proviers/saml: fix validation error not being raised Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-07 21:39:30 +02:00
Jens Langhammer	f6ab241219	providers/oauth2: fix accessing undefined variable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-07 21:35:17 +02:00
Jens Langhammer	b0f09eb2c4	web/admin: fix Table not updating selectedElements correctly after update Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-07 20:53:28 +02:00
Jens Langhammer	9c9addb0ce	*: ensure all resources can be filtered Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-07 16:34:14 +02:00
Jens Langhammer	a449f9c69b	providers/saml: fix error when PropertyMapping return value isn't string Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-03 22:40:56 +02:00
Jens Langhammer	36b346662c	providers/saml: add WantAssertionsSigned Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-03 22:40:13 +02:00
Jens Langhammer	9d392931df	root: fix lint errors from re-format Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-03 18:09:16 +02:00
Jens Langhammer	77ed25ae34	root: reformat to 100 line width Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-03 17:45:16 +02:00
Jens Langhammer	f875149983	providers/saml: fix metadata being inaccessible without authentication Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-01 14:50:17 +02:00
Jens Langhammer	d70b81fe43	providers/saml: fix Error when getting metadata for invalid ID Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-01 13:50:54 +02:00
Jens Langhammer	8495ff9fc0	providers/oauth2: fix error when requesting jwks keys with no rs256 aet Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-29 21:22:31 +02:00
Jens Langhammer	75ff2480e2	providers/proxy: fix hosts for ingress not being compared correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-28 16:08:06 +02:00
Jens Langhammer	e7b7bfddd6	providers/oauth2: fix blank redirect_uri not working with TokenView Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-26 11:29:16 +02:00
Jens Langhammer	0a3fade1fd	providers/proxy: remove deprecated field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-22 16:20:26 +02:00
Jens Langhammer	66bfa6879d	outposts/proxy: add X-Auth-Groups header to pass groups Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-22 10:47:58 +02:00
Jens Langhammer	70e000d327	providers/saml: improve error handling for property mappings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 23:14:03 +02:00
Jens Langhammer	a7467e6740	providers/oauth2: handler PropertyMapping exceptions and create event Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 22:51:39 +02:00
Jens Langhammer	ba9a4efc9b	providers/oauth2: fix nonce field not being optional Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 00:34:01 +02:00
Jens Langhammer	902378af53	providers/oauth2: fix redirect_uris not having blank set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 00:22:09 +02:00
Jens Langhammer	2352a7f4d6	providers/oauth2: nonce is only required for implicit flows, don't check or fallback for other flows Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 00:21:08 +02:00
Jens Langhammer	7c2decf5ec	providers/ldap: squash migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-14 09:22:25 +02:00
Lukas Söder	7f39399c32	providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138 ) * Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. The starting number for uid/gid can be configured iva environtment variables and is by default 2000 which should work fine for most instances unless there are more than 999 local accounts on the server/computer. The uidNumber is just the users Pk + the starting number. The guidNumber is calculated by the last couple of bytes in the uuid of the group + the starting number, this should have a low enough chance for collisions that it's going to be fine for most use cases. I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases. * Add a 'fake' primary group for each user * First attempt att adding config to interface * Updated API to support new fields * Refactor code, update documentation and remove obsolete comment Simplify `GetRIDForGroup`, was a bit overcomplicated before. Add an additional class/struct `LDAPGroup` which is the new argument for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User Add proper support in the interface for changing gidNumber and uidNumber starting points * make lint-fix for the migration files	2021-07-14 09:17:01 +02:00
Jens L	7dfc621ae4	LDAP Provider: TLS support (#1137 )	2021-07-13 18:24:18 +02:00
Jens Langhammer	90fe1c2ce8	providers/oauth2: allow blank redirect_uris to allow any redirect_uri Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-08 19:28:35 +02:00
Jens Langhammer	40428f5a82	providers/saml: fix parsing of POST bindings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-06 16:54:58 +02:00
Jens Langhammer	77a507d2f8	providers/oauth2: add revoked field, create suspicious event when previous token is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-03 15:59:01 +02:00
Jens Langhammer	3e60e956f4	providers/oauth2: fix CORS headers not being set for unsuccessful requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-03 15:49:00 +02:00
Jens Langhammer	84ec70c2a2	providers/oauth2: use self.expires for exp field instead of calculating it again Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-03 15:32:58 +02:00
Jens Langhammer	3e26170f4b	providers/oauth2: deepmerge claims Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-01 17:33:46 +02:00
dependabot[bot]	d102c59654	build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095 ) * build(deps-dev): bump pylint from 2.8.3 to 2.9.0 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * *: update source for new pylint version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-30 10:37:28 +02:00
Jens Langhammer	ba9edd6c44	flows: handle possible errors with FlowPlans received from cache Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-27 22:03:48 +02:00
Jens Langhammer	3b2b3262d7	flows: add FlowStageBinding to flow plan instead of just stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-27 18:47:04 +02:00
Jens Langhammer	a3ff7cea23	providers/oauth2: fix usage of timedelta.seconds Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-25 11:55:00 +02:00
Jens Langhammer	9b5e3921cb	providers/saml: better handle decoding errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-21 22:48:34 +02:00
Jens Langhammer	831b32c279	core: fix PropertyMapping's globals not matching Expression policy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-21 15:54:43 +02:00
Jens Langhammer	19cac4bf43	providers/saml: fix error when getting transient user identifier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-17 13:52:10 +02:00
Jens Langhammer	4ca564490e	providers/saml: add support for NameID type unspecified Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-17 12:45:53 +02:00
Jens Langhammer	fcb795c273	providers/saml: fix NameIDPolicy not being parsed correctly, improve error handling Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-17 12:22:40 +02:00
Jens Langhammer	0e02925a3d	stages/authenticator_validate: add tests for authenticator validation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-14 16:32:36 +02:00
Jens Langhammer	5b837c3ccc	providers/saml: improve error handling for signature errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-14 12:51:42 +02:00
Jens Langhammer	31d2ea65fd	provider/proxy: mark forward_auth flag as deprecated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-13 12:39:25 +02:00
Jens Langhammer	d878d2140e	providers/saml: add metadata download link to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 14:06:44 +02:00
Jens L	34ae9e6dab	API: add endpoint to show by what objects an object is used (#995 ) * core: add used_by API to show what objects are affected before deletion Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add support for used_by API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add authentik_used_by_shadows to shadow other models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: implement used_by API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : fix duplicate imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> core: add action field to used_by api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add UI for used_by action Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add notice to tenant form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: fix naming in used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: check length for used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: fix used_by for non-pk models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : improve __str__ on models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> core: add support for many to many in used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 11:58:12 +02:00
Jens L	dad24c03ff	outposts: set cookies for a domain to authenticate an entire domain (#971 ) * outposts: initial cookie domain implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add cookie domain setting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: replace forward_auth_mode with general mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: rebuild proxy provider form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: re-add forward_auth_mode for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix data.mode not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * root: always set log level to debug when testing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: use new mode attribute Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only ingress /akprox on forward_domain Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: fix lint error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix error on ProxyProviderForm when not using proxy mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix default for outpost form's type missing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add additional desc for proxy modes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: fix service account permissions not always being updated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost/proxy: fix redirecting to incorrect host for domain mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: improve error handling for network errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: fix image naming not matching main imaeg Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/proxy: fix redirects for domain mode and traefik Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix colour for paragraphs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix consent stage not showing permissions correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add domain-level docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: fix broken links Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/proxy: remove dead code Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix missing id for #header-text Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-08 23:10:17 +02:00
Jens Langhammer	029d58191e	sources/saml: include metadata download link in API response Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-08 17:22:03 +02:00
Jens Langhammer	9180d448df	core: move end-session to core Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-06 13:56:38 +02:00
Jens Langhammer	cec47c3cfc	providers/oauth2: show id_token issues for refresh token Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-02 22:05:04 +02:00
Jens Langhammer	b50ac96605	providers/oauth2: remove size limit on Access code nonce Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-02 20:20:07 +02:00
Jens Langhammer	14f85ec980	tenants: migrate context_processor to tenants Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-29 18:01:48 +02:00
Jens Langhammer	58a4b20297	outposts: handle disconnects without outpost better Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-25 12:06:55 +02:00
Jens Langhammer	c6bb6709fd	flows: add default challenge response Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 20:27:50 +02:00
Jens Langhammer	fb4e0723ee	stages: fix stage unittests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 17:12:48 +02:00
Jens Langhammer	6f6ae7831e	flows: make use of oneOf OpenAPI to annotate all challenge types Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 14:11:23 +02:00
Jens Langhammer	9b57f0b81d	Merge branch 'version-2021.5' into next Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/src/locales/en.po # web/src/locales/pseudo-LOCALE.po	2021-05-22 20:01:16 +02:00
Jens Langhammer	2c816e6162	providers/proxy: don't use https to communicate with outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-22 18:56:38 +02:00
Jens Langhammer	bb89b9b572	Merge branch 'version-2021.5' into next	2021-05-21 23:50:43 +02:00
Jens Langhammer	6600da7d98	providers/oauth2: add missing kid header to JWT Tokens Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-21 23:40:00 +02:00
Jens Langhammer	92f2a82c03	providers/oauth2: fix double login required when prompt=login Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-20 01:10:08 +02:00
Jens Langhammer	dcf074650e	providers/proxy: fix redirect_uris not always being set on save Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-20 01:10:04 +02:00
Jens Langhammer	acf1ad91d9	providers/oauth2: fix double login required when prompt=login Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-19 23:34:27 +02:00
Jens Langhammer	a74419214c	providers/proxy: fix redirect_uris not always being set on save Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-19 23:10:00 +02:00
Jens Langhammer	3cf0f07baf	*: fix API Schema for file uploads Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-17 23:12:52 +02:00
Jens Langhammer	ef9f08553c	*: linting pass, rename from swagger to schema Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 15:22:57 +02:00
Jens Langhammer	4fb71a6bdd	api: fix pagination schema Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 15:08:51 +02:00
Jens Langhammer	0bac738090	*: fix static response descriptions Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 14:07:29 +02:00
Jens Langhammer	1324d03815	*: initial migration to openapi v3 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-15 23:57:28 +02:00
Jens Langhammer	6600d5bf69	providers/oauth2: use user.uid Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-15 14:08:49 +02:00
Jens Langhammer	a4278833d8	providers/proxy: fix ingress not being created with full https Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-15 13:45:41 +02:00
Jens Langhammer	942905b9b1	providers/proxy: fix formatting issue Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-14 16:24:35 +02:00
Jens Langhammer	8d7bb7da17	providers/proxy: connect ingress to https instead of http Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #882	2021-05-14 11:42:03 +02:00
Jens Langhammer	0620324702	root: bump version of psf black Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-12 00:42:46 +02:00
Jens Langhammer	84dfbcaaae	providers/api: return redirect_uris for proxy provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 20:02:17 +02:00
Jens Langhammer	24f2932777	crypto: add ?download flag Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #861	2021-05-11 14:21:35 +02:00
Jens Langhammer	932b19999e	providers/proxy: missing @property for noop Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 01:26:01 +02:00
Jens Langhammer	788fd00390	outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 00:27:29 +02:00
Jens Langhammer	1f1d322958	*: fix api results when non-superuser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-10 00:01:35 +02:00
Jens Langhammer	a6a8eddf7c	providers/proxy: create ingress for forward_auth /akprox path Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-09 12:40:44 +02:00
Jens Langhammer	8c0a87b710	outposts: improve logging for outpost controller Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-09 12:34:44 +02:00
Jens Langhammer	5cad59a9f8	providers/proxy: fix being able to set empty internal_host Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-09 00:07:34 +02:00
Jens Langhammer	e6dfa8294e	providers/proxy: use name.namespace for middleware service Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-07 10:07:30 +02:00
Jens Langhammer	ea7f9f291f	outposts: create traefikmiddleware if forwardAuth is enabled Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-07 00:01:35 +02:00
Jens Langhammer	4e9176ed2e	outposts: support different port on container vs exposed port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-06 19:59:49 +02:00
Jens Langhammer	701c140cfd	providers/proxy: fix logic error for ingress lookup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-05 20:28:13 +02:00
Jens Langhammer	be8b2bf6f6	providers/proxy: don't create ingress for domains which use forwardAuth, don't create ingress at all if all providers are forward auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-05 17:53:12 +02:00
Jens Langhammer	9a15a66d85	outposts: make k8s object naming configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-05 15:36:27 +02:00
Jens Langhammer	e674f03064	*/api: fix lookups per user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-04 21:58:20 +02:00
Jens Langhammer	99d161e212	Merge branch 'master' into outpost-ldap Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # authentik/core/api/users.py # authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py	2021-05-04 21:02:20 +02:00
Jens Langhammer	c529340d6c	*: fix title not being set correctly for server-side rendered views Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-02 12:22:50 +02:00
Jens Langhammer	b55cb2b40c	Merge branch 'master' into outpost-ldap	2021-04-29 20:13:47 +02:00
Jens L	2a409215d3	outpost: forwardAuth mode (#790 )	2021-04-29 18:17:10 +02:00
Jens L	c4e4e17f93	providers/oauth2: add access_code_validity (#795 ) closes #794 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-28 21:03:43 +02:00
Jens Langhammer	4d858c64e0	Merge branch 'master' into outpost-ldap	2021-04-27 17:08:26 +02:00
Jens Langhammer	48c0c0baca	*/api: simplify lookups for per-user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-27 14:53:01 +02:00
Jens Langhammer	fe28d216fe	providers/oauth2: always test JWT keys in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-27 14:07:04 +02:00
Jens Langhammer	3ce8b836dc	outposts: allow outposts to have non-object specific permissions Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 23:28:26 +02:00
Jens Langhammer	1d5958a78f	providers/ldap: add search_group to limit who can do search requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 23:25:03 +02:00
Jens Langhammer	fae4d34131	Merge branch 'master' into outpost-ldap	2021-04-26 17:11:50 +02:00
Jens Langhammer	7ff7bfeb58	core: fix incorrect styling for bse_full template Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 16:44:13 +02:00
Jens Langhammer	29da7dd8d6	providers/ldap: fix lint error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 15:49:19 +02:00
Jens Langhammer	b3c8ffb96c	outposts/ldap: use authorization_flow instead of separate field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 15:09:41 +02:00
Jens Langhammer	302b047f1a	outposts/ldap: add controllers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 14:26:31 +02:00
Jens Langhammer	d741ed430a	web/admin: add UI for LDAP Provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 12:12:02 +02:00
Jens Langhammer	f89479caf3	providers/ldap: add LDAP provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 11:52:42 +02:00
Jens Langhammer	9341787fe7	providers/oauth2: replace deprecated jwkest with pyjwt Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 00:02:13 +02:00
Jens Langhammer	d616bdd5d6	providers/oauth2: add proper support for non-http schemes as redirect URIs closes #772 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-23 16:34:52 +02:00
Jens Langhammer	3282b34431	providers/oauth2: fix TokenView not having CORS headers set even with proper Origin and added tests. closes #771 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-22 23:48:28 +02:00
Jens Langhammer	392d9bb10b	providers/oauth2: fix misleading name of cors_allow_any Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #771	2021-04-22 23:29:49 +02:00
Jens Langhammer	d75284a587	flows: fix errors which occur during flow execution being sent to sentry malformed Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-22 20:14:37 +02:00
Jens Langhammer	ce082ead5e	providers/oauth2: add unittests for authorize and token views Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-18 21:05:49 +02:00
Jens Langhammer	f328b21e89	providers/oauth2: Set CORS Headers for token endpoint, check Origin header against redirect URLs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-18 14:20:50 +02:00
Jens Langhammer	32c5bf04b8	*: fix linting errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-17 20:08:49 +02:00
Jens Langhammer	ab4569e5d6	web/admin: fix application form's provider selection not working Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-11 13:49:35 +02:00
Jens Langhammer	cb048764f4	providers/proxy: make outpost API readonly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-11 13:31:15 +02:00
Jens Langhammer	d76db3caba	*: add missing error codes as swagger annotations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-10 23:55:43 +02:00
Jens Langhammer	eeb9449c11	lib: remove templatetags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-03 12:37:32 +02:00
Jens Langhammer	c17eb00e3b	providers/oauth2: fix component for Scope Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-03 12:08:21 +02:00
Jens Langhammer	70fc4c0d88	sources/ldap: migrate to web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-02 12:12:14 +02:00
Jens Langhammer	ed2e9b88e7	Merge branch 'master' into new-forms-part-3 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-01 23:02:22 +02:00
Jens Langhammer	509f21a9b4	providers/oauth2: add validation and tests to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-01 20:43:18 +02:00
Jens Langhammer	b299451cab	providers/saml: fix metadata download not being unauthenticated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-01 20:16:07 +02:00
Jens Langhammer	7e63a18d37	providers/saml: fix unittests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-01 20:05:50 +02:00
Jens Langhammer	b4a6f8350b	admin: remove provider views Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-01 19:28:30 +02:00
Jens Langhammer	5eb9b95ab5	providers/saml: migrate import to API, add API tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-01 19:28:12 +02:00
Jens Langhammer	d3f2f987e0	providers/saml: migrate saml property mappings to web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-31 23:38:40 +02:00
Jens Langhammer	221e6190c8	sources/ldap: migrate property mappings to web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-31 23:08:40 +02:00
Jens Langhammer	6a69425688	providers/oauth2: migrate scope mapping to web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-31 23:07:57 +02:00
Jens Langhammer	69ee18e13d	Merge branch 'master' into new-forms Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # Pipfile.lock # authentik/api/decorators.py # authentik/core/api/applications.py # authentik/core/api/users.py # authentik/events/api/event.py # authentik/events/api/notification_transport.py # authentik/flows/api/flows.py # swagger.yaml	2021-03-30 10:26:18 +02:00
dependabot[bot]	c180a521ec	build(deps-dev): bump pylint from 2.7.2 to 2.7.3 (#674 ) * build(deps-dev): bump pylint from 2.7.2 to 2.7.3 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.7.2 to 2.7.3. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.7.2...pylint-2.7.3) Signed-off-by: dependabot[bot] <support@github.com> * sources/saml: fix linting for SAMLBindingTypes.Redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sources/oauth: Fix linting for RequestKind Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: fix linting for ChallengeTypes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-30 10:05:14 +02:00
Jens Langhammer	7d74e1d2c4	*: revert to drf-yasg upstream Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-29 21:04:54 +02:00
Jens Langhammer	4612cea970	sources/saml: replace server-side pre-auth views for pre_auth flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-24 09:22:15 +01:00
Jens Langhammer	33787d0685	web: remove pf-c-card-aggregate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-23 16:05:37 +01:00
Jens Langhammer	3157bf63a6	root: upgrade to pylint 2.7 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-22 20:03:33 +01:00
Jens L	fe7f23238c	Static SPA (#648 ) * core: initial migration to /if Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: move jsi18n to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix static URLs in tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add new html files to rollup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix rollup config and nginx config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add Impersonation support to user API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add banner for impersonation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix test_user function for new User API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add background to API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: set background from flow API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: make root view login_required for redirect Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: redirect to root-redirect instead of if-admin direct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add header to prevent Authorization Basic prompt in browser Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: redirect to root when user/me request fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-22 13:44:17 +01:00
Jens Langhammer	43f19f78bb	providers/oauth2: fix error when redirecting from an authorization error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-20 22:06:45 +01:00
Jens Langhammer	3d45956f15	web: fix display of scopes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-20 19:05:10 +01:00
Jens Langhammer	9ad10863de	providers/oauth2: add API for auth codes and refresh tokens Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-03-18 15:59:38 +01:00
Jens L	2852fa3c5e	web: use generated API Client (#616 ) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting	2021-03-08 11:14:00 +01:00
Jens Langhammer	c6de4e47d7	providers/oauth2: allow protected_resource_view when method is OPTIONS	2021-03-05 16:57:37 +01:00
Jens Langhammer	de4b3d6290	providers/oauth2: always set CORS headers on provider info view	2021-03-05 14:27:16 +01:00
Jens Langhammer	792fa45dca	providers/oauth2: add logout URL to Setup URLs API	2021-03-02 15:11:18 +01:00
Jens Langhammer	a81f981471	lib: fix being unable to set authentik. options	2021-03-01 11:11:00 +01:00
Jens Langhammer	d6fd2b0afa	sources/saml: add Metadata API	2021-03-01 10:50:45 +01:00
Jens Langhammer	7f65ae3f92	Merge branch 'master' into stage-challenge # Conflicts: # web/package-lock.json	2021-02-28 00:47:18 +01:00
Jens Langhammer	0958740b51	providers/saml: fix Autosubmit Challenge	2021-02-28 00:09:08 +01:00
Jens Langhammer	d2dfc6d63b	Merge branch 'master' into stage-challenge	2021-02-27 16:04:57 +01:00
Jens Langhammer	a18240fcd7	providers/oauth2: fix error when no login event could be found	2021-02-27 16:02:07 +01:00
Jens Langhammer	890e0e9054	*: remove unused templates and code, move avatar to User model	2021-02-25 19:58:23 +01:00
Jens Langhammer	ca223fa4df	providers/saml: migrate to challenge for submit	2021-02-21 14:36:22 +01:00
Jens Langhammer	b9f409d6d9	stages/consent: migrate to SPA	2021-02-21 13:15:45 +01:00
Jens Langhammer	bdb86d7119	*: replace shortcuts.reverse with urls.reverse	2021-02-20 19:13:50 +01:00
Jens Langhammer	e4f0613fab	*: replace tuple and set from typing with normal	2021-02-18 13:53:57 +01:00
Jens Langhammer	ecff810021	*: replace List from typing with normal list	2021-02-18 13:45:46 +01:00
Jens Langhammer	fdde97cbbf	*: replace Dict from typing with normal dict	2021-02-18 13:41:03 +01:00
Jens Langhammer	60c244c31d	core: add User.uid for globally unique user ID	2021-02-16 23:04:48 +01:00
Jens Langhammer	68eefd083e	web: fix linting errors	2021-02-16 22:35:55 +01:00
Jens Langhammer	a647917074	providers/saml: use redirect binding first	2021-02-16 21:35:19 +01:00
Jens Langhammer	099197ba8c	providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly	2021-02-16 21:30:15 +01:00
Jens Langhammer	baa2ed5ecc	web: fix download button for SAML Metadata download	2021-02-16 21:04:03 +01:00
Jens Langhammer	6bcdf36ca6	admin: add ?provider for ApplicationCreateView	2021-02-16 20:00:52 +01:00
Jens Langhammer	0b75a0028b	providers/saml: fix error when getting metadata of provider with no application	2021-02-16 19:58:04 +01:00
Jens Langhammer	0901d7461e	providers/saml: fix redirect error	2021-02-16 19:28:18 +01:00
Jens Langhammer	61772b75ff	providers/saml: fix managed mappings not being set on import	2021-02-16 19:20:52 +01:00
Jens Langhammer	5ae030997a	providers/saml: fix missing import	2021-02-15 09:25:22 +01:00
Jens Langhammer	35e8a0c374	admin: fix ?next for Flow list	2021-02-14 18:39:36 +01:00
Jens Langhammer	bf754369d9	providers/proxy: fix certificates without key being selectable	2021-02-09 21:11:44 +01:00
Jens Langhammer	efc46f52e6	outposts: move health to API	2021-02-08 19:01:10 +01:00
Jens Langhammer	fe4b2d1a34	providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event	2021-02-08 11:51:38 +01:00
Jens Langhammer	f8abe3e210	providers/oauth2: add unofficial groups attribute to default profile claim	2021-02-08 11:50:26 +01:00
Jens Langhammer	bfc8e9200f	providers/saml: split views into separate files	2021-02-07 13:39:33 +01:00
Jens Langhammer	6aa13a8666	providers/saml: force-set friendly_name to empty string for managed mappings	2021-02-06 20:52:52 +01:00
Jens Langhammer	91282c7bd8	web: add page for Proxy Provider	2021-02-06 18:57:25 +01:00

... 2 3 4 5 6 ...

423 commits