0bc57f571b
api: update API browser to match admin UI and auto-switch theme
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:34 +02:00
a81d5a3d41
providers/oauth2: regex-escape URLs when set to blank
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 12:52:56 +02:00
34ef4af799
flows: fix flakiness in tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 09:53:40 +02:00
5da47b69dd
providers/oauth2: only set expiry on user when it was freshly created
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 23:02:33 +02:00
0e0dd2437b
providers/oauth2: handle attribute errors when validation JWK contains private key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 22:23:05 +02:00
e42386b150
api: update API browser to match admin UI and auto-switch theme
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 20:09:29 +02:00
ef219198d4
flows: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 00:05:04 +02:00
cc744dc581
flows: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 00:04:58 +02:00
816b0c7d83
flows: fix re-imports of entries with identical PK re-creating objects
...
closes #2941
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:35:06 +02:00
56babb2649
flows: fix re-imports of entries with identical PK re-creating objects
...
closes #2941
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:32:08 +02:00
b8fdda50ec
ensure all viewsets have filter and search and add tests ( #2946 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:13:59 +02:00
4a9b788703
providers/oauth2: set related_name for many-to-many so used by detects the connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:12:35 +02:00
80c1dbdfbb
ensure all viewsets have filter and search and add tests ( #2946 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:01:18 +02:00
b4e75218f5
sources/oauth: OIDC well-known and JWKS ( #2936 )
...
* add initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* include source and jwk key id in event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests for source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix web formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add provider tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 21:02:50 +02:00
482491e93c
core: fix username validator not allowing changes that can be done via flows
...
closes #2755
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 19:40:54 +02:00
61a876b582
providers/saml: handle parse error
...
AUTHENTIK-1K5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 22:03:12 +02:00
8c9748e4a0
providers/oauth2: improve error handling for invalid regular expressions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:47:36 +02:00
b7979ad48e
Revert "events: ignore silk SQLQuery object"
...
This reverts commit a26f25ccd6
2022-05-23 20:29:05 +02:00
4704de937a
stages/user_write: fix typo in request context variable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:18:37 +02:00
394d8e99a4
policies: improve error logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:18:00 +02:00
a26f25ccd6
events: ignore silk SQLQuery object
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:17:52 +02:00
63dc8fe7dc
crypto: set SAN in default generated Certificate to semi-random domain
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2462
2022-05-22 23:22:06 +02:00
cfe2648b62
events: fix transport not allowing blank values
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-22 19:32:58 +02:00
3d4a45c93f
release: 2022.5.2
2022-05-21 17:17:21 +02:00
75d6cd1674
outposts: ensure the user and token are created on initial outpost save
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 15:55:19 +02:00
2dee8034d3
outposts: allow externally managed SSH Config for outposts ( #2917 )
2022-05-21 12:10:08 +02:00
220d21c3e0
release: 2022.5.1
2022-05-20 19:34:45 +02:00
b43df2ae27
stages/identification: redirect with QS to keep next parameters ( #2909 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 16:10:10 +02:00
d570feffac
flows: add types to diagrams ( #2902 )
...
* add policy and stage types to diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* show policies bound to the root flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix get_build_hash being empty
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:50:28 +02:00
3d52266773
flows: handle missing `initial_data` in challenge
...
AUTHENTIK-1HK
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:31:28 +02:00
7bdecd2ee6
stages/user_write: dynamic groups ( #2901 )
...
* stages/user_write: add dynamic groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* simplify functions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:28:16 +02:00
11f7935155
providers/oauth2: use regex to check redirect URI
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2799
2022-05-18 21:22:27 +02:00
75b0fb3393
sources/oauth: migrate twitter to oauth2 ( #2893 )
2022-05-18 00:03:02 +02:00
538c2ca4d3
stages/authenticator_*: directly save devices into db instead of session to prevent race conditions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-17 10:02:30 +02:00
5080840ed9
admin: ensure disable_update_check is set to false for tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-17 10:00:26 +02:00
333e58ce2f
flows/layouts ( #2867 )
2022-05-16 01:10:23 +02:00
4de2ac3248
events: add task to expire seen notifications
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 22:41:50 +02:00
eb4dce91c3
events: add user filter to notifications
...
as superuser all notifications are returned regardless of permission so we need to filter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 22:31:13 +02:00
d4fd6153c8
api: fix OwnerFilter filtering out objects for superusers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:36:00 +02:00
85b6bfbe5f
sources: fix parent serializer for user connections
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:26:02 +02:00
5644d5f3f7
stages/authenticator_totp: fix key error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 19:57:00 +02:00
f391c33bdf
providers/oauth2: fix tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:41:40 +02:00
18f450bd49
root: enable sentry for tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:29:30 +02:00
ee36b7f3eb
flows: move autosubmit stage into flows package
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:06:19 +02:00
a9a62bbfc8
providers/oauth2: use correct title based on flow context and translated
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 00:08:29 +02:00
ddd785898b
providers/saml: add title attribute to autosubmit stage and render correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 00:08:14 +02:00
8ba45a5f6a
providers/oauth2: don't create events before client_id can be verified to prevent spam
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 00:02:01 +02:00
7d41e6227b
providers/oauth2: add tests for form_post, fix attrs not being flattened
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-13 23:52:50 +02:00
1363226697
providers/saml: make SAML metadata generation consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-13 17:40:18 +02:00
d4abf5621e
providers/oauth2: add support for form_post response mode ( #2818 )
...
* Added request verification and parameter generation
* response_mode added to OAuthAuthorizationParams return
* Added class OauthPostFulfillmentStage
Check response_mode in initialization
* Corrected typo
* Removed separate class
Added handling for FORM_POST in create_response_uri
Added handling for FORM_POST in return class
* Fixed pylint error (trailing-whitespace)
Removed comment
* Reformatted authorize.py with black
2022-05-12 21:36:31 +02:00
ec67b60219
policies/hibp: check in prompt data ( #2845 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 23:47:36 +02:00
fd1d38f844
stages/authenticator_validate: remember ( #2828 )
...
* initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: cleanup timedelta help
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tooltip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* assert response code in self.assertStageResponse
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests, add duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 21:05:22 +02:00
3554406aa5
root: fix duplicate enum in api scheme
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 10:24:18 +02:00
ab2299ba1e
outposts/ldap: cached bind ( #2824 )
...
* initial cached ldap bind support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* clean up api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use gh action for golangci-lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 16:48:53 +02:00
860269acf0
root: set SESSION_SAVE_EVERY_REQUEST to enable sliding sessions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1878
2022-05-07 22:32:56 +02:00
30c7e6c94c
providers/oauth2: fixed typo (PROMPT_CONSNET => PROMPT_CONSENT) ( #2819 )
2022-05-06 10:09:09 +02:00
59df02b3b8
root: disable stdout capturing for tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-05 23:08:36 +02:00
ddbe0aaf13
stages/user_delete: fix delete stage failing when pending user is not explicitly set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-01 13:59:33 +02:00
84930b4924
Revert "internal: fix high cpu when backend isnt healthy"
...
This reverts commit eb6cfd22a71ede972222cd1d1b4402c0a883f76f
2022-04-29 18:13:26 +02:00
1ede972222
root: handle JSON error in metrics too
...
this can happen when the worker is killed while writing metrics
2022-04-29 11:01:04 +00:00
cd1d1b4402
root: don't force multiprocess prometheus registry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 10:53:47 +02:00
c0a883f76f
root: add error handling for prometheus view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 10:17:53 +02:00
ab8b37a899
events: fix ignored instances not being a tuple
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-25 11:19:58 +02:00
9077eff34d
root: add silk and debugging views
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-21 22:38:32 +02:00
2399fa456b
policies: fix current user not being set in server-side policy deny
...
closes #2039
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-21 22:30:27 +02:00
0b4ac54363
*: default to max 60 for fqdn_rand
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-20 20:07:25 +02:00
1a1434bfda
*: decrease frequency of background tasks, smear tasks based on name and fqdn
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2159
2022-04-20 18:43:40 +02:00
d283a5236c
core: add custom shell command which imports all models and creates events for model events
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 18:14:57 +02:00
e4486b98fc
web: Update Web API Client version ( #2733 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 17:05:43 +02:00
778065f468
core: add flag to globally disable impersonation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 16:52:55 +02:00
70794d79dd
sources/oauth: Fix wording for OAuth source names ( #2732 )
2022-04-17 16:40:10 +02:00
a3bb5d89cc
events: fix created events only being logged as debug level
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:37:30 +02:00
f4f9f525d7
providers/oauth2: include application in login event
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:36:45 +02:00
4c14e88a25
flows: pin dependency in migration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:28:26 +02:00
7561ea15de
providers/oauth2: add additional tracing to token view
2022-04-14 16:48:17 +00:00
8242b09394
flows: handle flow title formatting error better, add user to flow title context
2022-04-14 13:56:20 +00:00
9b9c0fe663
release: 2022.4.1
2022-04-12 22:07:34 +02:00
5a58f6ee64
providers/oauth2: remove test for non sa user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-12 20:35:13 +02:00
e84b17d550
providers/oauth2: don't force service accounts for client_credentials flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-12 10:23:25 +02:00
9da439623b
stages/authenticator_duo: fix bad request being sent to duo when calling enrollment_status outside a flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2666
2022-04-11 21:02:32 +02:00
957bb1c5ef
core: make generated token length configurable
...
closes #2574
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:57:16 +02:00
2303a97bb9
core: add method to set key of token
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2574
2022-04-11 20:43:39 +02:00
8be04cc013
providers/oauth2: fix elliptic curve keys attempting to use EC256 instead of ES256
...
closes #2703
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:05:58 +02:00
cca33a74b6
core: fix error when checking generated users with no expiry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-10 17:53:46 +02:00
f977bf61eb
providers/oauth2: make exp optional on jwt client_credentials flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-10 17:25:35 +02:00
f8f8a9bbb9
providers/oauth2: give keypairs private key preference over certificate in client_credentials jwt flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-10 16:27:53 +02:00
e64ca4ab04
core: fix lint error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-08 10:10:30 +02:00
e2f0a76309
outposts: check if docker ports should be mapped before comparing ports
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-07 17:30:33 +02:00
5861d41ad3
tenants: add tenant-level attributes, applied to users based on request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-06 10:41:35 +02:00
20262f3f4b
core: mark provider_obj as read_only
...
closes #2637
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 10:17:59 +02:00
633296503d
core: add grouping to applications ( #2648 )
...
* core: add grouping to applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add new field to tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 23:08:58 +02:00
508cec2fd5
web: migrate dropdowns to wizards ( #2633 )
...
* web/admin: add basic wizards for providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add dark mode for wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: migrate policies to wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* Revert "web/admin: migrate policies to wizard"
This reverts commit d8b7f62d3e
2022-04-02 19:48:17 +02:00
7a93614e4b
policies: fix tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 18:31:02 +02:00
4f319eaa4f
policies/dummy: bump to info to always get message
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 17:28:51 +02:00
86a8d00b3f
policies: sanitze_dict when returning log messages during tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 17:15:44 +02:00
5fe8c1f3d7
policies: fix missing default for log_messages
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 16:44:49 +02:00
d84ff2bbca
policies: add policy log messages to test endpoints
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-01 22:07:35 +02:00
4be238018b
providers/oauth2: pass scope and other parameters to access policy request context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2641
2022-04-01 21:39:05 +02:00
99008252f8
providers/oauth2: fix verification_keys being required
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 20:19:13 +02:00
8689444954
providers/oauth2: add password grant support (treated as client_credentials)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 18:02:17 +02:00
bb8af2f19b
providers/oauth2: add client_assertion_type jwt bearer support ( #2618 )
2022-03-31 00:30:55 +02:00
996bd05ba6
api: fix API header auth not passing to next auth method
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 00:06:01 +02:00
a1a64e25ee
api: remove legacy http basic auth
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-30 23:39:08 +02:00
993c6472db
crypto: only count discovered when cert was loaded successfully
2022-03-28 08:58:23 +00:00
123b0b2f05
core: fix pylint renamed variable
2022-03-28 08:58:13 +00:00
7cbd5174f0
stages/invitation: fix tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 19:12:22 +01:00
c7a83e6182
stages/invitation: add invitation name
...
closes #2583
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 18:32:59 +01:00
74ff9d04dd
stages/prompt: set field default based on placeholder, fix duplicate fields
...
closes #2572
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-23 22:26:06 +01:00
969902f503
stages/prompt: filter rest_framework.fields.empty when field is not required
...
closes #2572
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-23 20:21:12 +01:00
04372e21dd
events: handle types in event contexts
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2572
2022-03-23 19:49:55 +01:00
d75a864f0e
providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation ( #2497 )
...
* providers/oauth2: impl `/user/teams` endpoint for Github OAuth2
This commit adds a functional `/user/teams` endpoint for the emulated Github OAuth2 service.
The teams a user is part of are based on the user's groups in Authentik.
* providers/oauth2: Move org template inside loop; Change slug to use Django slugify
* providers/oauth2: Remove placeholder replacement
* Possibly fix complaints from the linters
* Update github.py
* Change organization name
* Update github.py
2022-03-23 12:05:20 +01:00
0c2b32da31
core: add num_pk to group for applications that need a numerical group id
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2497
2022-03-22 21:37:11 +01:00
9ad4c736f1
stages/email: allow overriding of destination email in plan context
...
closes #2445
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 21:19:34 +01:00
4154b62565
stages/prompt: fix non-required fields not allowing blank values, add more tests
...
closes #2544
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 20:38:04 +01:00
86a4a7dcee
release: 2022.3.3
2022-03-21 22:37:13 +01:00
8b95e9f97a
crypto: open files in read-only mode for importing ( #2536 )
...
closes #2535
2022-03-21 10:46:09 +01:00
be232e2b77
core: fix provider launch URL being prioritised over manually configured launch URL
...
closes #2493
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-16 10:26:55 +01:00
53d0205e86
outposts/proxy: use Prefix in ingress for k8s
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-15 19:01:08 +01:00
260a7aac63
release: 2022.3.2
2022-03-15 00:01:01 +01:00
a3df414f24
sources/ldap: fix parent_group not being applied
...
closes #2464
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 22:13:20 +01:00
dcaa8d6322
flows: revert default flow user change
...
closes #2483
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 22:05:30 +01:00
ceb894039e
stages/authenticator_validate: fix passwordless flows not working
...
closes #2484
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 21:15:47 +01:00
c7a825c393
lib: lower default sample rate
2022-03-14 12:38:14 +00:00
54f170650a
core: replace uid with uuid search
...
uid can't be searched it as its a computed field
closes #2480
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 10:35:55 +01:00
fedb81571d
release: 2022.3.1
2022-03-10 19:12:29 +01:00
37528e1bba
stages/authenticator_validate: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-10 09:56:04 +01:00
cc1509cf57
stages/authenticator_validate: fix logic error when multiple authenticator devices can be selected
...
closes #2290
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-10 00:46:42 +01:00
0dfecc6ae2
stages/authenticator_*: fix device.confirmed being set incorrectly
...
closes #2330
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-10 00:19:49 +01:00
de17207c68
lib: fix default geoip path
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2453
2022-03-09 21:57:29 +01:00
920d1f1b0e
providers/oauth2: initial client_credentials grant support ( #2437 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-05 23:24:55 +01:00
b1fd801ceb
tenants: fix syntax error in expression for locale
2022-03-03 11:50:46 +00:00
1e1d9f1bdd
core/api: allow filtering users by uid, add uid to search
...
closes #2428
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 10:19:56 +01:00
4f4f954693
core: customisable user settings ( #2397 )
...
* tenants: add user_settings flow, add basic flow and basic new executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: use flow PromptStage instead of custom stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: add tenant to StageHost interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: fix form missing component
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: re-add success message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: improve support for multiple error messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/prompt: allow expressions in prompt placeholders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/prompt: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: always set pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: never cache stage configuration flow plans
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/user_write: fix error when pending user is anonymous user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add checkbox for prompt placeholder expression
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add prompt expression docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/prompt: add ak-locale field type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tenants: fix default policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add function to do global refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix rendering of ak-locale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tenants: fix default policy, add error handling to placeholder, fix locale attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 00:13:06 +01:00
c57fbcfd89
sources/oauth: log body when get_profile fails
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-02 20:37:42 +01:00
08acc7ba41
providers/oauth2: fix invalid launch URL being generated
2022-03-01 15:29:21 +00:00
7bdd32506e
web: cleanup default footer links
2022-03-01 15:27:21 +00:00
f98a9bed9f
build(deps-dev): bump bandit from 1.7.2 to 1.7.3 ( #2403 )
...
* build(deps-dev): bump bandit from 1.7.2 to 1.7.3
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.7.2 to 1.7.3.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.2...1.7.3 )
---
updated-dependencies:
- dependency-name: bandit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* sigh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-28 10:13:51 +01:00
e9064509fe
sources/oauth: Add Mailcow oauth source ( #2380 )
...
* Feat: Add Mailcow oauth source
* Feat: Add mailcow icon
* Run make
* Feat: Add tests
* Fix: Remainder from discord test
* Docs: Add mailcow oauth source docs
* Docs: add mailcow source to menu
* Fix: Mailcow provider type in test
* Fix: Formatting
* Fix: Doc file name
2022-02-27 15:06:02 +01:00
7e5d8624c8
web: fix locale change not updating all elements
...
closes #2365
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 16:29:12 +01:00
2f8dbe9b97
core: handle all exceptions for applications listing
...
closes #2382
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 16:08:38 +01:00
677bcaadd7
core: add initial app launch url ( #2367 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-23 22:48:55 +01:00
80f218a6bf
core: also handle TypeError for invalid app URL formatting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-17 18:23:11 +01:00
4a1acd377b
release: 2022.2.1
2022-02-16 10:51:55 +01:00
72259f6479
events: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 23:15:45 +01:00
0973c74b9d
providers/oauth2: fix redirect_uri being lowercased on successful validation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 23:04:00 +01:00
c7ed4f7ac1
events: check mtime on geoip database
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 22:42:46 +01:00
3d577cf15e
*: add placeholder custom.css to easily allow user customisation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 20:05:00 +01:00
c040b13b29
providers/proxy: remove leading slash to allow subdirectories in proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2305
2022-02-14 12:51:04 +01:00
df362dd9ea
core: handle error when formatting launch URL fails closes #2304
2022-02-14 12:02:51 +01:00
3af0de6a00
Revert "root: disable sentry's auto_session_tracking"
...
This reverts commit 4f24d61290
2022-02-14 09:55:35 +01:00
4f24d61290
root: disable sentry's auto_session_tracking
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 09:44:12 +01:00
3b6497cd51
outposts: ensure keypair is set for SSH connections
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-13 15:39:37 +01:00
bb4be944dc
sources/ldap: use merger that only appends unique items to list
...
closes #2211
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-13 14:20:13 +01:00
21efee8f44
admin: add additional logging when restarting a task
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 18:40:21 +01:00
f61549a60f
providers/proxy: enable TLS in ingress via traefik annotation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
2022-02-12 18:35:24 +01:00
0da043a9fe
outposts: make local discovery configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 17:27:41 +01:00
f336f204cb
stages/authenticator_validate: fix handling when single configuration stage is selected
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 17:27:33 +01:00
b5d43b15f8
providers/oauth2: add support for explicit response_mode
...
closes #1953
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 16:56:47 +01:00
2ccab75021
stages/authenticator_validate: add ability to select multiple configuration stages which the user can choose
...
closes #1843
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 16:55:50 +01:00
8bc3db7c90
release: 2022.1.5
2022-02-09 22:42:34 +01:00
e741caa6b3
core: allow formatting strings to be used for applications' launch URLs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 23:46:23 +01:00
4343246a41
*: rename akprox to outpost.goauthentik.io ( #2266 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 20:25:38 +01:00
c63e1c9b87
outposts: fix compare_ports to support both service and container ports
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 17:40:49 +01:00
f44cf06d22
outposts: fix service reconciler re-creating services
...
closes #2095
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 17:23:00 +01:00
15e2032493
stages/authenticator_validate: handle non-existent device_challenges
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 20:31:49 +01:00
c87f6cd9d9
outposts: remove node_port on V1ServicePort checks to prevent service creation loops
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2095
2022-02-07 20:26:14 +01:00
b0936ea8f3
sources/ldap: log entire exception
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 19:37:39 +01:00
d5e04a2301
*: remove deprecated backup ( #2129 )
...
* *: remove backup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: final cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: use correct pyproject when migrating from stable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: fix broken docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-05 18:54:15 +01:00
4e4e2b36b6
sources/saml: fix server error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-05 15:41:26 +01:00
eaba8006e6
sources/saml: fix incorrect ProtocolBinding being sent
...
closes #2213
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-03 18:20:06 +01:00
39ff202f8c
outposts: fix channel not always having a logger attribute
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-03 17:58:54 +01:00
49dfb4756e
release: 2022.1.4
2022-02-01 20:12:55 +01:00
88603fa4f7
providers/proxy: set traefik labels using object_naming_template instead of UUID
2022-02-01 17:13:27 +00:00
0232c4e162
lifecycle: send analytics in gunicorn config to decrease outgoing requests when workers get restarted
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-01 15:01:43 +01:00
e93be0de9a
sources/ldap: add list_flatten function to property mappings, enable on managed LDAP mappings
...
closes #2199
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-31 23:07:32 +01:00
a5adc4f8ed
core: fix view_token permission not being assigned on token creation for non-admin user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-31 20:00:30 +01:00
ceaf832e63
root: remove boto integration in sentry to ease backup removal
2022-01-31 13:47:18 +00:00
c55f503b9b
release: 2022.1.3
2022-01-26 22:15:28 +01:00
c2586557d8
root: fix redis passwords not being encoded correctly
...
closes #2130
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-26 20:45:45 +01:00
0d47654651
root: add max-requests for gunicorn and max tasks for celery
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-26 10:04:58 +01:00
2f4c92deb9
Merge branch 'version-2022.1'
2022-01-24 21:42:12 +01:00
c7ba183dc0
providers/proxy: fix traefik label
...
closes #2128
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 17:45:09 +01:00
3d724db0e3
release: 2022.1.2
2022-01-24 11:28:00 +01:00
2997542114
lib: disable backup by default, add note to configuration
2022-01-24 10:00:15 +00:00
42f5cf8c93
outposts: allow custom label for docker containers
...
closes #2128
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:55:58 +01:00
82cc1d536a
providers/proxy: add PathPrefix to auto-traefik labels
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2128
2022-01-23 21:55:46 +01:00
6a411d7960
policies/hibp: ensure password is encodable
...
closes AUTHENTIK-1SA
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:23:24 +01:00
f4a6c70e98
release: 2022.1.1
2022-01-22 18:28:40 +01:00
dd8b579dd6
lib: ignore paramiko logger
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 10:46:33 +01:00
994c5882ab
root: fix error if secret_key is purely numerical
...
closes #2099
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-18 09:17:33 +01:00
0db0a12ef3
root: rename csrf header
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 16:17:44 +01:00
eaeab27004
lib: add support for custom env
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 14:56:02 +01:00
111fbf119b
*: refactor prometheus gauges to directly updating metrics view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 13:57:07 +01:00
92cc0c9c64
root: decrease to 10 backup history
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 19:59:50 +01:00
18ff803370
outposts: trigger service update on k8s when selector doesnt match
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 11:42:57 +01:00
6338785ce1
outposts: change label app.kubernetes.io/name to include outpost type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 10:34:54 +01:00
973e151dff
outposts: add Additional version labels to managed k8s deployments
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-13 17:48:01 +01:00
fae6d83f27
*: simplify extracting current version info
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-13 17:47:31 +01:00
ed84fe0b8d
root: set samesite for csrf cookie
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 23:14:14 +01:00
7db7b7cc4d
stages/authenticator_validate: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 23:00:28 +01:00
e758db5727
stages/authenticator_webauthn: make more WebAuthn options configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:57:49 +01:00
4d7d700afa
providers/oauth2: change default redirect uri behaviour; set first used url when blank and use star for wildcard
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:44:57 +01:00
f9a5add01d
root: include build in analytics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:18:52 +01:00
2986b56389
root: fix backups running every minute instead of once
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:09:44 +01:00
11e25617bd
crypto: fully parse certificate on validation in serializer to prevent invalid certificates from being saved
...
closes #2082
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:36:50 +01:00
19d5902a92
flows: handle error if flow title contains invalid format string
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 19:49:27 +01:00
71dffb21a9
outposts: improve error handling for outpost service connection state
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 19:44:13 +01:00
2543224c7c
core: dont return 404 when trying to view key of expired token
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 17:53:09 +01:00
6b6702521f
api: don't return error reporting enabled when debug is enabled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 21:53:22 +01:00
c07b8d95d0
outposts/proxy: remove deprecated headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 17:01:23 +01:00
0027dbc0e5
root: remove old api path
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 22:21:21 +01:00
c15e4b24a1
release: 2021.12.5
2022-01-06 21:29:12 +01:00
03503363e5
core: fix UserSelfSerializer's save() overwriting other user attributes
...
closes #2070
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 18:23:06 +01:00
22d6621b02
root run backup every 24 hours
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 15:29:11 +01:00
91dd33cee6
policies/reputation: trigger save on update
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 22:06:20 +01:00
5a2c367e89
policies/reputation: fix test
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:44:15 +01:00
6e53f1689d
policies/reputation: rework reputation to use a single entry, include geo_ip data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:02:33 +01:00
7b1373e8d6
core: fix lint error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 23:17:37 +01:00
e70b486f20
outposts: handle error in certificate cleanup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 22:53:37 +01:00
5769ff45b5
core: add goauthentik.io/user/can-change-name
...
closes #2054
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 19:03:12 +01:00
9d6f79558f
tenants: forbid creation of multiple default tenants
...
closes #2059
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 19:01:20 +01:00
935a8f4d58
core: add tests for non-applicable flows with flow manager
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 22:14:52 +01:00
7d3d17acb9
core: add error handling in source flow manager when flow isn't applicable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:57:55 +01:00
ebd476be14
sources/oauth: fix sources not allowing blank values
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2047
2022-01-03 21:36:14 +01:00
31ba543c62
*: don't use exception keyword with structlog
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:33:52 +01:00
a101d48b5a
core: passthrough connection and additional data to FlowManager
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2047
2022-01-03 21:31:26 +01:00
8f44c792ac
sources/oauth: fix github provider not including correct base scopes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2047
2022-01-03 21:04:18 +01:00
212220554f
sources/oauth: add additional scopes field to get additional data from provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2047
2022-01-03 16:43:52 +01:00
3e22740eac
core: add API endpoint to directly set user's password
...
closes #2040
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 13:31:58 +01:00
d18a691f63
core: prevent LDAP password being set for internal hash upgrades
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 13:23:42 +01:00
90c31c2214
flows: add test helpers to simplify and improve checking of stages, remove force_str
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 20:25:32 +01:00
50e3d317b2
flows: use WithUserInfoChallenge for AccessDeniedChallenge
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2039
2022-01-01 19:45:34 +01:00
3eed7bb010
lib: dont send any sentry events when testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 18:56:14 +01:00
9154b9b85d
web/user: rework user source connection UI
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:59:41 +01:00
fc19372709
flows: fix migration removing flow titles
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:00:00 +01:00
d03b0b8152
outposts: include outposts build hash in state
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 15:16:34 +01:00
c249b55ff5
*: use py3.10 syntax for unions, remove old Type[] import when possible
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 14:59:01 +01:00
fc7a452b0c
flows: update default flow titles
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 22:04:35 +01:00
46f12e62e8
flows: don't create EventAction.FLOW_EXECUTION
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 15:07:33 +01:00
53b10e64f8
outposts: fix error when client hasn't be initialised
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:26:48 +01:00
abe38bb16a
outposts: fix __exit__ being called without params
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 17:52:20 +01:00
b19da6d774
crypto: return private key's type (required for some oauth2 providers)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:51:28 +01:00
7c55616e29
outposts: fix creation of from_env docker client
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:48:23 +01:00
6510b97c1e
outposts: add remote docker integration via SSH
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:31:34 +01:00
22d1dd801c
root: also use analytics uuid for sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 15:13:27 +01:00
e7e0e6d213
lib: strip values for timedelta from string
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:49:35 +01:00
ca0250e19f
core: add meta theme-color
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:49:24 +01:00
5c5634830f
stages/identification: add field for passwordless flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:27:00 +01:00
9c42b75567
release: 2021.12.4
2021-12-23 10:32:48 +01:00
457e17fec3
website/docs: add small let's encrypt docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 00:59:06 +01:00
846006f2e3
events: create test notification with event with data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:32:29 +01:00
f557b2129f
*: fix random typos
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:13:18 +01:00
6dc2003e34
providers/oauth2: fix tests validating JWT incorrectly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:00:57 +01:00
0149c89003
providers/oauth2: fix invalid assignments in JWKS view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:41:28 +01:00
f458cae954
providers/proxy: add error handing when field is already gone
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:31:53 +01:00
f01d117ce6
providers/proxy: fix imports in migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:25:02 +01:00
2bde43e5dc
crypto: use older syntax for type union
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:22:45 +01:00
2f3026084e
providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:09:49 +01:00
c1f0833c09
crypto: improve support for non-rsa private keys (discovery)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:22 +01:00
8e83209631
stages/authenticator_validate: fix lint error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:14:35 +01:00
2e48e0cc2f
stages/authenticator_validate: fix prompt not triggering when using in non-authentication context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:03:02 +01:00
e72f0ab160
stages/authenticator_validation: refuse passwordless flow if flow is not for authentication
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:02:43 +01:00
5b3a9e29fb
stages/authenticator_validate: add passwordless login
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 17:34:46 +01:00
34b11524f1
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
16b6c17305
Revert "policies: don't always clear application cache on post_save"
...
This reverts commit 5ef385f0bb
2021-12-22 00:23:19 +01:00
cf4b4030aa
release: 2021.12.3
2021-12-21 20:52:08 +01:00
7fb939f97b
core: fix error when getting launch URL for application with non-existent Provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:40:29 +01:00
c78236a2a2
root: don't set secure cross opener policy
...
closes #1977
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:22 +01:00
ca314c262c
*: revert to using GHCR directly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:54:49 +01:00
8a60a7e26f
providers/proxy: revert to static list of forwarded headers
...
wildcard is not usable for this since the regular expression doesn't support negative lookahead, meaning we would always forward all headers, including Connection and others
closes #1969
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 12:04:54 +01:00
92b4244e81
providers/proxy: update traefik regex
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1969
2021-12-20 22:43:58 +01:00
dfbf7027bc
providers/proxy: add traefik.ingress.kubernetes.io/router.tls annotation for ingress
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:24:42 +01:00
4658018a90
Revert "outposts: rename outpost"
...
This reverts commit a5c30fd9c7
2021-12-20 21:37:31 +01:00
577b7ee515
providers/proxy: include auth headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:37:22 +01:00
3da526f20e
root: allow trace log level to work for core/embedded
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:11:47 +01:00
c843f18743
lib: add additional celery logger to sentry ignore
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:04:45 +01:00
80d0b14bb8
outposts: fix error when getting state for non-existent outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:44:47 +01:00
a5c30fd9c7
outposts: rename outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:28:05 +01:00
ef23a0da52
outposts/proxy: fix traefik header regex to only match Remote- and X- headers to prevent websocket errors
...
closes #1969
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 13:30:19 +01:00
ba527e7141
root: drop redis cache sentry errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 13:12:14 +01:00
602573f83f
ci: fix label
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:44:34 +01:00
8599d9efe0
web/admin: auto set the embedded outpost's authentik_host on first view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:27:04 +01:00
8e6fcfe350
root: fix inconsistent URL quoting of redis URLs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 22:24:41 +01:00
e9910732bc
release: 2021.12.2
2021-12-18 21:03:50 +01:00
b6ff04694f
providers/oauth2: don't rely on expiry task for access codes and refresh tokens
...
closes #1911
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 17:42:41 +01:00
61097b9400
policies/password: add minimum digits
...
closes #1952
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 16:15:56 +01:00
4c5537ddfe
sources/oauth: allow writing to user in SourceConnection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1888
2021-12-18 15:33:46 +01:00
a95779157d
tests/integration: add rename and full update tests for k8s controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:32:16 +01:00
ac6afb2b82
stages/email: add test for non-existent directory
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:05:40 +01:00
71a22c2a34
outposts: add unittests for docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-17 13:42:33 +01:00
273f5211a0
providers/saml: Fix typo ( #1950 )
2021-12-17 11:00:20 +00:00
2ca115285c
crypto: fix private keys not being imported correctly
...
closes #1945
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 21:14:15 +01:00
14c159500d
core: don't rotate non-api tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 19:32:39 +01:00
f33190caa5
release: 2021.12.1
2021-12-16 15:48:59 +01:00
741822424a
Merge branch 'master' into version-2021.12
2021-12-16 15:48:53 +01:00
a105760123
events: improve app lookup for event creation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 16:46:02 +01:00
6ff8fdcc49
root: enable threading integration in sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 15:49:08 +01:00
50ca3dc772
core: fix error when attempting to provider from cached application
...
closes #1940
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 15:11:13 +01:00
2a09fc0ae2
release: 2021.12.1-rc5
2021-12-15 10:21:29 +01:00
fbb6756488
Merge branch 'master' into version-2021.12
2021-12-15 10:16:05 +01:00
6e83467481
web/flows: fix error when attempting to enroll new webauthn device
...
closes #1936
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 00:24:46 +01:00
72db17f23b
stages/identification: fix miscalculated sleep
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 23:31:08 +01:00
e18e681c2b
events: dont store full backtrace in systemtask
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:55:38 +01:00
10fe67e08d
sources/ldap: fix incorrect task names being referenced, use source native slug
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:53:14 +01:00
3740e65906
web/admin: add dashboard with user creation/login statistics
...
closes #1867
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:08:41 +01:00
30386cd899
events: add custom manager with helpers for metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 21:49:33 +01:00
64a10e9a46
events: fix schema for top_per_user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 21:08:15 +01:00
0b00768b84
events: add flow_execution event type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:13:51 +01:00
d162c79373
flows: fix wrong exception being caught in flow inspector
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:06:00 +01:00
8c16dfc478
stages/invitation: use GroupMemberSerializer serializer to prevent all of the user's groups and their users from being returned
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:56:13 +01:00
32ace1bece
crypto: add additional validation before importing a certificate
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 14:49:25 +01:00
54f893b84f
flows: add additional sentry spans
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:59:36 +01:00
5854833240
stages/authenticator_webauthn: fix migrations for different choices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:06:46 +01:00
4b2437a6f1
stages/authenticator_webauthn: use correct choices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:51:34 +01:00
59a51c859a
stages/authenticator_webauthn: add migration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:09:35 +01:00
4e6714fffe
stages/authenticator_webauthn: make user_verification configurable
...
closes #1921
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:58:20 +01:00
0131b1f6cc
sources/oauth: fix wrong redirect URL being generated
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:34:47 +01:00
2993f506a7
sources/oauth: implement apple native sign-in using the apple JS SDK
...
closes #1881
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 00:40:29 +01:00
e4841d54a1
*: migrate ui_* properties to functions to allow context being passed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:56:35 +01:00
4f05dcec89
sources/oauth: allow oauth types to override their login button challenge
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:45:11 +01:00
ede6bcd31e
*: remove debug statements from tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:41:08 +01:00
728c8e994d
sources/oauth: strip parts of custom apple client_id
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:26:00 +01:00
fec6de1ba2
providers/oauth2: add additional logging to show with token path is taken
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:49:42 +01:00
69678dcfa6
providers/oauth2: use generate_key instead of uuid4
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:13:20 +01:00
4911a243ff
sources/oauth: add initial okta type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1910
2021-12-13 21:48:59 +01:00
4e63f0f215
core: add fallback for missing sentry trace
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 18:06:01 +01:00
29241cc287
core: always inject sentry trace into template
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 17:41:00 +01:00
f2b3a2ec91
providers/saml: optimise excessive queries to user when evaluating attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:38:38 +01:00
69780c67a9
lib: set evaluation span's description based on filename
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:32:01 +01:00
ac9cf590bc
*: use prefixed span names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:18:42 +01:00
cb6edcb198
core: set tag with request ID
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:15:27 +01:00
8eecc28c3c
events: add sentry for geoip
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:15:20 +01:00
09b02e1aec
release: 2021.12.1-rc4
2021-12-13 12:53:58 +01:00
5914bbf173
Merge branch 'master' into version-2021.12
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
2021-12-13 10:54:21 +01:00
83c12ad483
flows: fix description for spans
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 21:51:51 +01:00
4224fd5c6f
lib: correctly report "faked" IPs to sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:54:29 +01:00
597ce1eb42
Revert "*: use cache.delete_pattern instead of getting keys and deleting them"
...
This reverts commit ff481ba6e7
2021-12-12 20:41:34 +01:00
5ef385f0bb
policies: don't always clear application cache on post_save
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:39:04 +01:00
cda4be3d47
flows: add additional tags
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:37:20 +01:00
8cdf22fc94
root: set default redis iter to 1000
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:24:43 +01:00
6efc7578ef
flows: add additional sentry spans to flow executor
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:04:21 +01:00
7859145138
outposts: don't try to create docker client for embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:13:26 +01:00
8a8aafec81
root: enable boto3 sentry integration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 14:38:24 +01:00
534689895c
lib: remove old load_local_files setting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:03:06 +01:00
8a0dd6be24
outposts: handle RuntimeError during websocket connect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:01:55 +01:00
65d2eed82d
stagse/authenticator_webauthn: remove pydantic import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 20:32:25 +01:00
bafeff7306
outposts: improve logging for outpost controllers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 15:35:20 +01:00
7eda794070
outposts: fix docker controller not stopping containers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1859
2021-12-11 14:00:15 +01:00
e3129c1067
root: bump celery messages to info
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 13:59:56 +01:00
ff481ba6e7
*: use cache.delete_pattern instead of getting keys and deleting them
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 21:35:28 +01:00
b761659227
root: use ghcr for containers during testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 20:57:09 +01:00
2ee48cd039
outposts: set display name for outpost service account
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 19:59:38 +01:00
340a9bc8ee
core: fix error when using invalid key-values in attributes query
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 19:53:47 +01:00
4ba55aa8e9
flows: fix error when trying to print FlowToken objects
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:55:43 +01:00
bab6f501ec
flows: fix error in inspector view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:52:46 +01:00
ffb0135f06
release: 2021.12.1-rc3
2021-12-09 13:23:41 +01:00
ee0ddc3d17
Merge branch 'master' into version-2021.12
2021-12-09 13:23:28 +01:00
a9bd34f3c5
events: revert to @prefill_task decorator since base class doesn't get executed until task runs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 10:18:00 +01:00
db316b59c5
stages/prompt: use policyenginemode all
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:40 +01:00
6209714f87
policies/expression: add ak_call_policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:28 +01:00
1ed2bddba7
root: fix celery task ID not being included in log
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:36:52 +01:00
26b35c9b7b
root: fix name conflict in threadlocal
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:42:48 +01:00
86a9271f75
root: add request_id to celery tasks, prefixed with "task-"
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:34:20 +01:00
402ed9bd20
root: allow usage of --randomly-seed for testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:33:41 +01:00
326b574d54
root: update dependencies
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-07 16:25:10 +01:00
a91204e5b9
web/user: allow custom font-awesome icons for applications
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1189
2021-12-06 21:20:15 +01:00
873aa4bb22
providers/saml: remove SESSION_KEY_POST from session after using it
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1873
2021-12-06 12:47:25 +01:00
c1ea78c422
core: fix missing permission check for group creating when creating service account
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 12:33:29 +01:00
3c8bbc2621
sources/*: only allow superusers to directly create source connections
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 12:22:40 +01:00
4143d3fe28
events: don't set metrics on import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:13:48 +01:00
e3e9178ccc
web/admin: show outpost warning on application page too
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:10:44 +01:00
b694816e7b
sources/*: Allow creation of source connections via API
...
closes #1888
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:05:42 +01:00
317e9ec605
core: add FlowToken which saves the pickled flow plan, replace standard token in email stage to allow finishing flows in different sessions
...
closes #1801
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 15:20:11 +01:00
ada2a16412
tests/e2e: add post binding test
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:18:01 +01:00
6a3f7e45cf
providers/saml: add ?force_binding to limit bindings for metadata endpoint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:42 +01:00
2b78c4ba86
*: use request.query_params instead of accessing the django request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:20 +01:00
680ef641fb
providers/saml: fix error when propertymapping returns invalid data in list
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 10:31:16 +01:00
2b5504ff63
release: 2021.12.1-rc2
2021-12-04 20:06:41 +01:00
639c2f5c2e
Merge branch 'master' into version-2021.12
2021-12-04 19:55:37 +01:00
426cef998f
sources/ldap: make task names more consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:39:42 +01:00
8ddb62ed0f
sources/plex: fix plex token being included in event log
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:37:40 +01:00
572f6d4ea0
crypto: add certificate discovery to automatically import certificates from lets encrypt
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1835
2021-12-03 18:27:36 +01:00
f1b9021e3e
sources/ldap: add optional tls verification certificate
...
closes #1875
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:09:13 +01:00
8ae50814fe
*: add missing migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:04:54 +01:00
2e2b491ec7
source/ldap: fix hanging unittests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 09:41:13 +01:00
ac432e78e2
sources/ldap: don't cache LDAP Connection, use random server
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 21:18:20 +01:00
83ac42ac43
stages/prompt: fix error when both default and required are set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 21:11:22 +01:00
4bd1cd127b
providers/saml: fix IndexError in signature check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:30:03 +01:00
2eb5a5cc76
sources/ldap: handle typeerror during creation of objects when using wrong kwargs params
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:24:24 +01:00
75051687e6
sources/ldap: allow multiple server URIs for loadbalancing and failover
...
closes #1874
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:15:11 +01:00
7e316b5fc2
root: add missing sample_rate default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:54:37 +01:00
66c530ea06
outposts: always trigger outpost reconcile on startup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:06:14 +01:00
cf78c89830
events: replace @prefill_task with custom base class to prefill
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:47:35 +01:00
20c738c384
crypto: fix default API not having an ordering
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:00:41 +01:00
4f54ce6afb
providers/saml: fix error when using post bindings and user freshly logged in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1873
2021-12-02 13:00:21 +01:00
f0d7edb963
*: fix @prefill_task
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 10:05:51 +01:00
b4963bec76
providers/proxy: fix defaults for traefik integration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 21:47:13 +01:00
7aa8e35f87
providers/proxy: use wildcard for traefik headers copy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:35 +01:00
60b95271eb
outposts/proxy: add additional headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:09 +01:00
e6818c1f6a
release: 2021.12.1-rc1
2021-12-01 13:08:13 +01:00
917eef96fb
lib: add improved log to sentry events being sent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 21:37:29 +01:00
9a393848b2
outpost: configure error reporting based off of main instance config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:42:19 +01:00
7d2f622f4b
web: Update Web API Client version ( #1857 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:17:12 +01:00
e3a5ef1907
root: make sentry sample rate configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 13:52:34 +01:00
e597bb4542
policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type ( #1849 )
...
* Fix ak_user_has_authenticator evaluation when not specifying optional device_type
* Simpler patch
2021-11-29 10:35:17 +01:00
5c54de66fc
*: add meta_model_name field to all models with inheritance
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:32:39 +01:00
2c0d8d8943
core: add meta_model_name to MetaNameSerializer to easily show relevant events
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:27:08 +01:00
0a0eee138a
stages/authenticator_validate: catch error when attempting to configure user without flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:44:48 +01:00
de8cf65503
stages/email: prevent error with duplicate token
...
closes #1827
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:17:37 +01:00
121b36f35f
lib: log error for file:// in config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 19:21:40 +01:00
363aed2a47
root: url quote redis passwords for connection string
...
closes https://github.com/goauthentik/helm/issues/39
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 18:05:36 +01:00
e1ef196283
core: remove dump_config, handle directly in config loader without booting django, don't check database
2021-11-25 13:38:31 +01:00
0b8cfd437b
*: fix typo'd signing pair name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 09:55:10 +01:00
75724b6f8d
root: make testing output more consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:46:27 +01:00
5b9e6bed6c
lib: fix custom URL schemes being overwritten
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:23:09 +01:00
0e3602d7eb
lib: improve probability of symbols in generated key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:01:30 +01:00
2b94e9a687
tests/e2e: bump retries
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:54:08 +01:00
6ed7d842e4
*: allow URLs without domain and custom schemas
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:51:04 +01:00
8794c840cf
web: only show applications with http link
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:40:31 +01:00
9c9c00755a
core: fix test user not having password set properly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:30:09 +01:00
b2d2e7cbc8
tests/e2e: remove logger
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 21:19:33 +01:00
91fd792f88
tests/e2e: use generated uid
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:19:13 +01:00
9835785864
core: make test user's password optional
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:06:44 +01:00
d785998c5a
Revert "root: disable random tests for now"
...
This reverts commit 8ba9553220
2021-11-23 18:46:51 +01:00
8ba9553220
root: disable random tests for now
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:57:56 +01:00
6eb132c48b
tests/e2e: fix ldap provider tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:28:35 +01:00
355b832cc3
tests/e2e: fix email backend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 13:22:28 +01:00
e32d4f0095
tests/e2e: don't run e2e tests randomly for now
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:32:24 +01:00
d3397c349f
stages/email: minify email css template
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:10:43 +01:00
9bb0d04aeb
root: Random tests ( #1825 )
...
* root: add pytest-randomly to randomise tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate flows for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate users for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: use generated certificate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: keep containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: use websockets test case
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 22:56:02 +01:00
61621e7d60
lifecycle: improve backup restore by dropping database before
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-20 00:32:24 +01:00
431ba6b4ef
lib: add cli option for lib.config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:52:10 +01:00
bb6eed0db1
root: properly catch 404 errors for websocket connections
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:19:07 +01:00
e831e4fb94
root: add lifespan shim to prevent errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 13:25:03 +01:00
b0fac9c9f1
providers/saml: fix SessionNotOnOrAfter not being included
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 12:36:40 +01:00
f4db09cd59
events: add gdpr_compliance option
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1551
2021-11-16 11:29:13 +01:00
638e8d741f
*: fix multiple tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 10:38:21 +01:00
425b87a6d0
outposts: add ack and disconnect tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 09:34:37 +01:00
d12e24017e
outposts: add websocket tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 23:58:19 +01:00
078633c2af
lib: drop all sentry exceptions when debug enabled
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 22:18:56 +01:00
4b8b800648
stages/*: add more tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 20:58:34 +01:00
6f9ed001a1
crypto: add more tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 20:38:03 +01:00
e4095dfffe
admin: add more tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 20:10:09 +01:00
d5341c2284
managed: add tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:53:08 +01:00
867fb0dac0
root: fix settings for managed not loaded
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:49:03 +01:00
2666aa2c73
root: add errorhandling in log middleware
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 17:11:44 +01:00
f0e9bafa35
outposts: add tests for management commands
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:44:42 +01:00
0d739f5c1a
recovery: add additional tests for commands
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:41:37 +01:00
e08077c73a
root: replace asgi-based logger with middleware
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:32:56 +01:00
c43049a981
website/docs: remove deprecated docker_image_base
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 15:58:17 +01:00
f7044e41c6
build(deps-dev): bump bandit from 1.7.0 to 1.7.1 ( #1793 )
...
* build(deps-dev): bump bandit from 1.7.0 to 1.7.1
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1 )
---
updated-dependencies:
- dependency-name: bandit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* *: fix bandit false positives
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 09:16:16 +01:00
59343ff441
stages/email: fix missing component in response when retrying email send
...
closes #1791
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-14 17:52:31 +01:00
cab564152d
lib: load json strings in config env variables
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-14 12:44:22 +01:00
88516ba2ca
core: make defaults for _change_email and _change_username configurable
...
closes #1789
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 22:33:03 +01:00
2a3b049b01
release: 2021.10.4
2021-11-12 12:31:24 +01:00
e4a5e86c93
sources/oauth: Fixed the incorrect padding issue in apple.py ( #1773 )
...
* Fixed the incorrect padding issue in apple.py
Fixed the incorrect padding issue in apple.py by adding proper padding to the raw_payload.
* Fixed the incorrect encoding of client_secret in apple.py
In the get_client_secret() method, the "sub" in the payload must be only the client ID. So I have changed self.source.consumer_key to parts[0]
* Added the decode method for the id_token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-12 12:10:29 +01:00
1cfe81887b
stages/authenticator_validate: improve logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:33:41 +01:00
53905d1a89
stages/authenticator_validate: enable all device classes by default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 22:49:30 +01:00
6db1c914ee
stages/authenticator_duo: fix devices created with name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 22:16:47 +01:00
c98bdbacc5
providers/proxy: return list of configured scope names so outpost requests custom scopes
...
closes #1762
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 23:06:21 +01:00
1e8d45dc15
web: write interfaces to different folders and remove custom chunk names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 17:54:50 +01:00
d5d8641b37
stages/*: disable trim_whitespace on important fields
...
closes #1765
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 16:48:19 +01:00
cc0832f487
core: force lowercase emails for gravatar usage
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 12:40:20 +01:00
e73606b54d
root: catch error in analytics on startup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 11:28:08 +01:00
5d479a6c8f
root: set utm_source
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 23:23:47 +01:00
4a773b2b4f
sources/ldap: set connect/receive timeout (default to 15s)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 22:27:58 +01:00
8003d67844
sources/ldap: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 22:24:33 +01:00
51783c1cbb
sorces/ldap: fix user/group sync overwriting attributes instead of merging them
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 21:16:59 +01:00
ab2b13938e
release: 2021.10.3
2021-11-08 20:52:11 +01:00
9ca15983a2
root: keep last 30 backups
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 17:46:25 +01:00
99ef94b7aa
stages/prompt: only set placeholder when in context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 15:10:32 +01:00
c3faa61ed9
stages/prompt: set field placeholder based on plan context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:47:50 +01:00
da74304221
stages/prompt: add text_read_only field
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:45:56 +01:00
79db0ce4c1
stages/prompt: use initial instead of default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 22:20:08 +01:00
5e23b11764
stages/prompt: default prompts to the current value of the context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:59:50 +01:00
c4e029ffe2
recovery: add create_admin_group management command
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:53:21 +01:00
61b5b36192
core: add command to output full config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:45:52 +01:00
c6cc1b1728
root: fix defaults for EMAIL_USE_TLS
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:37:14 +01:00
90151a13ae
stages/identification: only allow limited challenges for login sources
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 14:53:38 +01:00
f958aa6930
stages/identification: use random sleep
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 14:50:35 +01:00
924a13e832
core: fix auth_method for tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:04:41 +01:00
ae83c35dfd
events: ignore creation/deletion of AuthenticatedSession objects
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:04:34 +01:00
6424bf98da
admin: improve check to remove version notifications
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 12:15:05 +01:00
2cef220a3e
providers/ldap: add/squash migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:41:50 +01:00
5a8c66d325
providers/ldap: memory Query ( #1681 )
...
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/ldap: add basic in-memory searcher
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/ldap: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:37:30 +01:00
8de13d3f67
build(deps): bump goauthentik.io/api from 0.2021102.2 to 0.2021102.4 ( #1738 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 09:33:26 +01:00
7798292aa8
sources/plex: use exception_to_string in tasks
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:16:36 +01:00
3005ca17bd
web/admin: show warning on provider when not used with outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:15:33 +01:00
909461e533
providers/*: include list of outposts
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:06:04 +01:00
a40c3aeb68
core: make group membership lookup respect parent groups (upwards)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:53:56 +01:00
4a89be3048
core: include parent group name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:11:17 +01:00
023b97aa69
sources/ldap: remove deprecated default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 22:13:47 +01:00
738e4d5c74
web/admin: only show flows with an invitation stage configured instead of all enrollment flows
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1720
2021-11-04 20:54:55 +01:00
5bc1301043
stages/authenticator_*: add default name for authenticators
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:34:51 +01:00
8d766efecb
root: don't set signal on start when running in ci or dev
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:32:21 +01:00
b362d2af03
lib: fix linting issue
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:43:09 +01:00
bcd42fce13
root: further improve detection of environment we're running in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:35:22 +01:00
6deddd038f
internal: start embedded outpost directly after backend is healthy instead of waiting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:18:04 +01:00
3b47cb64da
root: improve compose detection, add anonymous stats
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:16:21 +01:00
cf5e70c759
lifecycle: revert to non-h11 worker
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:16:10 +01:00
Jens Langhammer
scheibling
github-actions[bot]
Behn
Adam G
Angel Nunez Mencias
dependabot[bot]
Dorian Zedler
Jens L
NeroPcStation
Matthew R. McDougal
Rizwan Ahmed