Jens L
7d4ce41e12
providers/proxy: outpost wide logout implementation ( #4605 )
...
* initial outpost wide logout implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* handle deserialize error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix file cleanup, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 21:18:59 +01:00
Jens Langhammer
5ea9595c9c
internal: fix cache-control header
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
#4525
2023-01-25 21:18:20 +01:00
Jens L
a9b32e2f97
providers/ldap: add unbind flow execution ( #4484 )
...
add unbind flow execution
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 20:36:30 +01:00
Jens Langhammer
9397598376
release: 2023.1.2
2023-01-23 14:25:55 +01:00
Jens Langhammer
430a207865
release: 2023.1.1
2023-01-23 11:34:58 +01:00
Jens Langhammer
8deac81364
outposts/ldap: fix queries filtering objectClass with non-lowercase values
...
closes #2756
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-20 11:42:23 +01:00
Jens Langhammer
43854dc828
outposts/proxy: fix panic due to IsSet misbehaving
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 18:22:55 +01:00
Jens L
c11367553e
providers/proxy: fix issuer for embedded outpost ( #4480 )
...
fix issuer for embedded outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 15:39:30 +01:00
Jens Langhammer
49b6c71079
release: 2023.1.0
2023-01-18 15:49:45 +01:00
Jens L
23c69c456a
providers/proxy: add setting to intercept authorization header ( #4457 )
...
* add setting to intercept authorization header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to intercept_header_auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 18:56:48 +01:00
Jens Langhammer
bd0ef69ece
outposts/ldap: decrease verbosity
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 11:12:31 +01:00
Jens Langhammer
19ee98b36d
outposts/proxy: allow setting no-redirect via header or query param
...
closes #4455
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 10:56:43 +01:00
Jens Langhammer
9b2ceb0d44
outposts/proxy: make logged user more consistent, set FlushInterval
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 23:58:15 +01:00
Jens Langhammer
2deb185550
internal: fix empty scheme field
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 23:27:34 +01:00
Jens Langhammer
69d4719687
outposts/proxy: set http code when no redirect header is set
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:20:52 +01:00
Jens Langhammer
d31e566873
outposts/proxy: add header to prevent redirects
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:18:25 +01:00
Jens Langhammer
0ddcefce80
outposts/proxy: cache basic and bearer credentials for one minute
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:12:48 +01:00
Jens Langhammer
4c45d35507
outposts/proxy: fix error handling, remove requirement for profile/etc scopes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 21:44:28 +01:00
Jens Langhammer
829e49275d
outposts/proxy: fix proxy's TokenIntrospection potentially not being set
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 20:54:34 +01:00
Jens L
cd12e177ea
providers/proxy: add initial header token auth ( #4421 )
...
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* check for openid/profile claims
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include jwks sources in proxy provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add web ui for jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only show sources with JWKS data configured
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix introspection tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start basic
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs, update admonitions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add client_id to api, add tab for auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:22:03 +01:00
Jens Langhammer
a42f2f7217
internal: fix linting error
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 17:17:27 +01:00
Jens Langhammer
a1be924fa4
*: strip leading and trailing whitespace when reading config values from files
...
also add a debug endpoint that dumps the go parsed config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 15:29:22 +01:00
Jens Langhammer
98876df5c5
internal: improve error handling
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-08 20:35:25 +01:00
Jens Langhammer
a9680d6088
internal: fix race condition with config loading on startup, add index on debug server
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-08 20:33:04 +01:00
Jens Langhammer
7eb6320d74
outposts: use common config loader for outposts to support loading values from file
...
closes #4383
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-08 14:19:16 +01:00
Jens Langhammer
001869641d
web: ensure img tags have alt attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-06 12:44:51 +01:00
Jens L
2604dc14fe
providers/ldap: add code-MFA support for ldap provider ( #4354 )
...
* add code support for ldap provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only try to extract code when auth validator stage is encountered
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use parseint instead
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 18:32:06 +01:00
Jens Langhammer
06f67c738c
internal: check certificate value and not IsSet
...
closes #4369
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 18:30:11 +01:00
Jens Langhammer
ac07833688
release: 2022.12.2
2023-01-05 10:01:30 +01:00
Jens Langhammer
2c42c87689
release: 2022.12.1
2022-12-30 13:43:42 +01:00
Jens Langhammer
39424839c5
outposts/ldap: only use common cert if cert is configured, correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 22:50:50 +01:00
Jens Langhammer
2d03bd5c89
outposts/ldap: only use common cert if cert is configured
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 21:29:36 +01:00
Jens Langhammer
ff13b4bb46
outposts/ldap: use configured certificate for LDAPS when all providers' certificates are identical
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 19:15:29 +01:00
Jens Langhammer
2b2323fae7
outposts: include hostname in outpost heartbeat
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 16:07:52 +01:00
Jens Langhammer
24eb4ed963
release: 2022.12.0
2022-12-28 13:00:49 +01:00
Jens Langhammer
1b86a3d5d6
Merge branch 'version-2022.11'
2022-12-23 14:39:52 +01:00
Jens Langhammer
9dc0bb2a77
release: 2022.11.4
2022-12-23 14:17:48 +01:00
Jens Langhammer
bacf2afed1
internal: remove sentry proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 17:52:07 +01:00
Jens Langhammer
b3da1d223c
providers/proxy: correctly set id_token_hint if possible
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 19:02:37 +00:00
Jens Langhammer
107f2745c8
providers/ldap: improve mapping of LDAP filters to authentik queries
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 18:30:52 +00:00
Jens Langhammer
8d169a8bd9
Merge branch 'version-2022.11'
2022-12-12 17:05:39 +00:00
Jens Langhammer
b6b72e389d
internal: dont error if environment config isn't found
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 10:38:38 +00:00
dependabot[bot]
c21c1757de
core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 ( #4179 )
...
* core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go ) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases )
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0 )
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* update custom tracer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-09 12:20:41 +01:00
Jens Langhammer
44bf9a890e
release: 2022.11.3
2022-12-02 23:00:59 +02:00
Jens Langhammer
58cd6007b2
Merge branch 'version-2022.11'
2022-12-02 18:12:38 +02:00
Jens Langhammer
2a4daa5360
release: 2022.11.2
2022-12-01 10:41:29 +02:00
Daniel
be9790ef8a
internal: reuse http transport to prevent leaking connections ( #3996 )
...
* Fix: Using the same http transport as the api
* fix: Using global tlsTransport instead of newly created one
2022-11-25 18:24:01 +01:00
Jens Langhammer
3a13d19695
release: 2022.11.1
2022-11-22 21:42:10 +01:00
Jens Langhammer
20c1770ec4
release: 2022.11.0
2022-11-21 20:12:02 +01:00
Jens L
276af8457d
root: make sentry DSN configurable ( #4016 )
...
* make sentry DSN configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make proxy smarter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix typo in config struct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 16:05:29 +01:00
Jens L
55aa1897af
root: use single redis db ( #4009 )
...
* use single redis db
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure __str__ always returns string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix remaining old prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 14:31:29 +01:00
Jens Langhammer
f3a72761c0
release: 2022.10.1
2022-10-29 17:24:55 +02:00
Jens Langhammer
89dc46a7ff
release: 2022.10.0
2022-10-21 19:42:38 +02:00
Jens L
d53733b6fc
outposts/proxy: reduce possibility for redirect loops, keep single state ( #3831 )
...
use single state, redirect when start url is hit with active session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-20 21:27:34 +02:00
Jens Langhammer
56181a45a1
internal: limit body size
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-17 18:52:16 +02:00
Jens Langhammer
b864de7721
outposts/ldap: increase compatibility with different types in user and group attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 22:32:18 +02:00
Jens Langhammer
26adf3f774
cmd: always stop gunicorn before exiting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-15 11:54:11 +02:00
Jens L
44e4f2e561
crypto: make certificate parsing optional for crypto api ( #3711 )
2022-10-01 00:06:00 +02:00
Jens Langhammer
50819ae0f0
*: improve error handling in ldap outpost, ignore additional errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-23 22:11:47 +02:00
Jens Langhammer
2cfba36cb7
release: 2022.9.0
2022-09-23 12:33:01 +02:00
Jens L
49b6aabb02
outposts/proxy: fix redirect path when external host is a subdirectory ( #3628 )
...
fix redirect path when external host is a subdirectory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-22 10:10:29 +02:00
Jens L
47daaf969a
outposts: fix oauth state when using signature routing ( #3616 )
...
* fix oauth state when using signature routing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more retires
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-19 21:38:34 +02:00
Jens Langhammer
53f224300b
internal: set ETag header on static resources to reduce cache issues
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3456
2022-09-11 23:18:34 +02:00
Jens Langhammer
220f123b29
internal: add more tracing for states
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-07 09:53:10 +02:00
Jens Langhammer
621245aece
internal: optimise outpost's flow executor to use less requests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-03 21:29:58 +02:00
Jens Langhammer
242423cf3c
internal: remove sentryhttp from main server mux to prevent double traces
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-03 16:41:47 +02:00
Jens Langhammer
8e7a456f74
providers/proxy: fix routing based on signature in traefik and caddy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-02 22:03:08 +02:00
Jens Langhammer
14a7c9f967
internal: fix outposts not logging flow execution errors correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-31 23:03:57 +02:00
Jens Langhammer
15c34c6f1f
release: 2022.8.2
2022-08-19 15:59:53 +01:00
Jens Langhammer
8ffae4505f
internal: set Host on url in envoy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 23:20:12 +01:00
Jens Langhammer
0cc83c23c4
providers/proxy: fix duplicate proxy set default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 21:13:45 +01:00
Jens Langhammer
514c48a986
internal: fix routing for requests with querystring signature to embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 20:43:01 +02:00
Jens Langhammer
846b63a17b
*: remove some very verbose logging messages
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-17 13:36:56 +02:00
Jens Langhammer
435d126a1c
release: 2022.8.1
2022-08-16 16:23:36 +02:00
Jens Langhammer
4c9878313c
sources/oauth: correctly concatenate URLs to allow custom parameters to be included
...
closes #3374
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 21:17:32 +02:00
Jens Langhammer
6356ddd9f3
internal: replace ioutils
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 21:00:45 +02:00
Jens Langhammer
201bea6d30
internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 18:50:24 +02:00
Jens L
89fef0ae72
blueprints: docs ( #3376 )
...
* further blueprint cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make group users and parent optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix api client usage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 00:52:12 +02:00
Jens Langhammer
85640d402f
internal: fix race conditions when accessing settings before bootstrap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 00:24:55 +02:00
Jens L
2ce8e18bab
internal: centralise config for listeners to use same config system everywhere ( #3367 )
...
* centralise config for listeners to use same config system everywhere
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3360
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-03 21:33:27 +02:00
Jens Langhammer
fcf4657833
providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser
...
closes #3314
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 20:29:23 +02:00
Jens L
393d7ec486
providers/proxy: no exposed urls ( #3151 )
...
* test any callback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dont detect callback in per-server handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use full redirect uri with both path and query param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* correctly route to embedded outpost for callback signature
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix allowed redirects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 17:51:01 +02:00
Jens L
b41acebf5b
providers/proxy: add caddy endpoint ( #3330 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 10:58:53 +02:00
Jens Langhammer
55739ee982
internal: add additional error handling in config loader
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:48:57 +02:00
Jens Langhammer
10b48b27b0
internal: walk config in go, check, parse and load from scheme like in python
...
closes #2719
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:33:37 +02:00
Jens Langhammer
dae6493a3e
release: 2022.7.3
2022-07-20 09:37:43 +02:00
Jens Langhammer
8e19fb3a8c
release: 2022.7.2
2022-07-06 20:31:48 +02:00
Jens Langhammer
41eb44137e
internal: remove pkg/errors
2022-07-05 20:26:33 +00:00
Jens Langhammer
f316a3000b
release: 2022.7.1
2022-07-04 21:10:20 +02:00
Jens Langhammer
eb633c607e
internal: fix nil pointer reference
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 17:02:53 +02:00
Jens Langhammer
ece0429ea8
internal: failback with self-signed cert if cert for tenant fails to load
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 21:26:34 +02:00
Jens Langhammer
b6267fdf28
*: add versioned user agent to sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 11:54:10 +02:00
Jens Langhammer
9201fc1834
release: 2022.6.3
2022-06-19 22:01:06 +02:00
Jens Langhammer
8faa909c32
internal: fix routing to embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:37:03 +02:00
Jens Langhammer
49142fa80b
internal: dont sample gunicorn proxied requests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:57 +02:00
Jens Langhammer
2a6fccd22a
providers/proxy: only send misconfiguration event once
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:50 +02:00
Jens Langhammer
59b899ddff
internal: skip tracing for go healthcheck and metrics endpoints
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:48 +02:00
Jens Langhammer
ff2baf502b
release: 2022.6.2
2022-06-07 21:36:18 +02:00
Jens Langhammer
8d3275817b
providers/ldap: fix existing binder not being carried forward correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 18:51:01 +02:00
Jens Langhammer
e30103aa9f
providers/proxy: use same redirect-save code for all modes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 23:25:47 +02:00
Jens Langhammer
67d54c5209
release: 2022.6.1
2022-06-04 21:23:33 +02:00
Jens Langhammer
bb244b8338
providers/ldap: fix session cache being lost on provider refresh
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 18:03:00 +02:00
Jens L
8447e9b9c2
providers/proxy: envoy v2 ( #3029 )
...
* add path prefix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use prefix correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only set redirect if session doesn't have a redirect yet
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 10:32:52 +02:00
Jens L
f9a419107a
outposts/proxyv2: add basic envoy support ( #3026 )
...
* outposts/proxyv2: add basic envoy support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't crash when backend is not available
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add envoy tests and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 00:06:09 +02:00
Jens L
8f0572d11e
outposts/ldap: add correct group objectClass ( #3023 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2861
2022-06-02 18:48:07 +02:00
Jens Langhammer
eba339ba27
core: improve loading speed of flow background
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-02 14:20:23 +02:00
Jens L
3eb466ff4b
lifecycle: cleanup prometheus ( #2972 )
...
* remove high cardinality labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* retry worker number for prometheus multiprocess id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* revert to pid, use subdirectories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing app label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: remove static names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 21:45:25 +02:00
Jens Langhammer
1883402b3d
release: 2022.5.3
2022-05-28 12:04:26 +02:00
Jens Langhammer
88a8b7d2fa
outposts/ldap: fix type assertion after upgrading to new API Client
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 21:43:58 +02:00
Jens L
d7713357f4
api: migrate to openapi generator v6 ( #2968 )
...
* migrate to openapi generator v6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# go.mod
# go.sum
2022-05-26 22:17:57 +02:00
Jens Langhammer
3d4a45c93f
release: 2022.5.2
2022-05-21 17:17:21 +02:00
Jens Langhammer
646d174dd2
internal: revert cookie path on proxy causing redirect loops
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 16:26:12 +02:00
Jens Langhammer
5c91658484
internal: fix nil pointer dereference in ldap outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 15:48:50 +02:00
Jens Langhammer
ebb44c992b
Revert "internal: set SameSite for outpost"
...
This reverts commit 7e95c756b9
.
2022-05-21 14:08:40 +02:00
Jens Langhammer
7e95c756b9
internal: set SameSite for outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 13:21:45 +02:00
Jens Langhammer
be26b92927
internal: cleanup outpost logs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 13:18:06 +02:00
Jens Langhammer
6f56a61a64
website/docs: add docs for advanced SSH config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2916
2022-05-21 13:06:54 +02:00
Jens Langhammer
220d21c3e0
release: 2022.5.1
2022-05-20 19:34:45 +02:00
Jens Langhammer
a52638d898
internal: fix typo in session name constant
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 10:10:29 +02:00
Jens Langhammer
421b003218
internal: set path on cookie for proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2305
2022-05-11 10:08:38 +02:00
Jens Langhammer
25a4310bb1
internal: use Expires not MaxAge for LDAP session
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-11 10:04:32 +02:00
dependabot[bot]
4d755dc0f6
build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 ( #2843 )
...
* build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go ) from 3.2022041.4 to 3.2022041.5.
- [Release notes](https://github.com/goauthentik/client-go/releases )
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5 )
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 20:33:19 +02:00
Jens Langhammer
9e1a518689
internal: add signal handler for SIGTERM
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 23:05:47 +02:00
Jens L
ab2299ba1e
outposts/ldap: cached bind ( #2824 )
...
* initial cached ldap bind support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* clean up api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use gh action for golangci-lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 16:48:53 +02:00
Jens Langhammer
84930b4924
Revert "internal: fix high cpu when backend isnt healthy"
...
This reverts commit eb6cfd22a7
.
Revert "root: handle JSON error in metrics too"
This reverts commit 1ede972222
.
Revert "root: don't force multiprocess prometheus registry"
This reverts commit cd1d1b4402
.
Revert "root: add error handling for prometheus view"
This reverts commit c0a883f76f
.
2022-04-29 18:13:26 +02:00
Jens Langhammer
eb6cfd22a7
internal: fix high cpu when backend isnt healthy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 10:03:40 +02:00
Jens Langhammer
9b9c0fe663
release: 2022.4.1
2022-04-12 22:07:34 +02:00
Jens Langhammer
9b6e47e6b8
outposts/ldap: fix panic in type conversion when value is nil
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 15:52:58 +02:00
Jens Langhammer
82a999f95d
internal: disable HTML encoding in logrus
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 22:57:55 +02:00
Jens Langhammer
b46eb7198b
internal: handle log level not being set in config
...
closes #2650
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-03 13:23:55 +02:00
Jens L
508cec2fd5
web: migrate dropdowns to wizards ( #2633 )
...
* web/admin: add basic wizards for providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add dark mode for wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: migrate policies to wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* Revert "web/admin: migrate policies to wizard"
This reverts commit d8b7f62d3e
.
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# web/src/locales/zh-Hans.po
# web/src/locales/zh-Hant.po
# web/src/locales/zh_TW.po
* web: rewrite wizard to be element based
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* further cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: migrate property mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate misc dropdowns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate outpost integrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 19:48:17 +02:00
Jens Langhammer
51194cbf42
outposts/ldap: use backend group num_pk
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 23:54:50 +01:00
Jens Langhammer
86a4a7dcee
release: 2022.3.3
2022-03-21 22:37:13 +01:00
Jens Langhammer
b45a442447
outposts/ldap: fix contexts
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-19 18:28:27 +01:00
Simon Siebert
75a720ead1
outposts/ldap: prevent operations error from nil dereference ( #2447 )
...
closes #2526
2022-03-19 18:26:26 +01:00
Jens Langhammer
260a7aac63
release: 2022.3.2
2022-03-15 00:01:01 +01:00
Jens Langhammer
fedb81571d
release: 2022.3.1
2022-03-10 19:12:29 +01:00
Jens Langhammer
76660e4666
internal: add tests with querystring
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-07 22:03:36 +01:00
Jens Langhammer
62a939b91d
internal: bump api client to v3
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 10:40:07 +01:00
Jens Langhammer
6fdf3ad3e5
internal/outpost: improve logging and add tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2393
2022-02-26 22:29:56 +01:00
Jens Langhammer
fb33906637
internal/ldap: fix panic when parsing lists with mixed types
...
closes #2355
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-22 19:56:55 +01:00
Jens Langhammer
744f250d05
providers/proxy: always set rd param in addition to session to prevent wrong url in session
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-18 10:32:22 +01:00
Jens Langhammer
19b1f3a8c1
internal/outpost: fix logic error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-17 20:50:47 +01:00
Jens Langhammer
4a1acd377b
release: 2022.2.1
2022-02-16 10:51:55 +01:00
Jens Langhammer
45f2c5bae7
web/admin: fix invalid URLs in example proxy config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-15 23:24:27 +01:00
Jens Langhammer
5d8c1aa0b0
outposts/proxy: correctly check host in forward domain redirect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
2022-02-15 14:58:19 +01:00
Jens Langhammer
0101368369
outposts/proxy: fix logic error in rd argument
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
2022-02-15 13:43:55 +01:00
Jens Langhammer
4854f81592
outposts/proxy: correctly handle ?rd= param
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
2022-02-15 11:05:03 +01:00
Jens Langhammer
908f123d0e
website/docs: update nginx config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-15 10:24:08 +01:00
Jens Langhammer
3d577cf15e
*: add placeholder custom.css to easily allow user customisation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 20:05:00 +01:00