authentik

Commit Graph

Author	SHA1	Message	Date
Jens Langhammer	326b574d54	root: update dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-07 16:25:10 +01:00
Jens Langhammer	873aa4bb22	providers/saml: remove SESSION_KEY_POST from session after using it Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1873	2021-12-06 12:47:25 +01:00
Jens Langhammer	ada2a16412	tests/e2e: add post binding test Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-05 11:18:01 +01:00
Jens Langhammer	6a3f7e45cf	providers/saml: add ?force_binding to limit bindings for metadata endpoint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-05 11:14:42 +01:00
Jens Langhammer	2b78c4ba86	*: use request.query_params instead of accessing the django request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-05 11:14:20 +01:00
Jens Langhammer	680ef641fb	providers/saml: fix error when propertymapping returns invalid data in list Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-05 10:31:16 +01:00
Jens Langhammer	4bd1cd127b	providers/saml: fix IndexError in signature check Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-02 20:30:03 +01:00
Jens Langhammer	4f54ce6afb	providers/saml: fix error when using post bindings and user freshly logged in Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1873	2021-12-02 13:00:21 +01:00
Jens Langhammer	b4963bec76	providers/proxy: fix defaults for traefik integration Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 21:47:13 +01:00
Jens Langhammer	7aa8e35f87	providers/proxy: use wildcard for traefik headers copy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 20:19:35 +01:00
Jens Langhammer	60b95271eb	outposts/proxy: add additional headers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 20:19:09 +01:00
Jens Langhammer	0b8cfd437b	*: fix typo'd signing pair name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-24 09:55:10 +01:00
Jens L	9bb0d04aeb	root: Random tests (#1825 ) * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> : generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> : use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-22 22:56:02 +01:00
Jens Langhammer	b0fac9c9f1	providers/saml: fix SessionNotOnOrAfter not being included Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-16 12:36:40 +01:00
dependabot[bot]	f7044e41c6	build(deps-dev): bump bandit from 1.7.0 to 1.7.1 (#1793 ) * build(deps-dev): bump bandit from 1.7.0 to 1.7.1 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.0 to 1.7.1. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1) --- updated-dependencies: - dependency-name: bandit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * *: fix bandit false positives Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 09:16:16 +01:00
Jens Langhammer	c98bdbacc5	providers/proxy: return list of configured scope names so outpost requests custom scopes closes #1762 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 23:06:21 +01:00
Jens Langhammer	2cef220a3e	providers/ldap: add/squash migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 10:41:50 +01:00
Jens L	5a8c66d325	providers/ldap: memory Query (#1681 ) * outposts/ldap: modularise ldap outpost, to allow different searchers and binders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add basic in-memory searcher Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 10:37:30 +01:00
Jens Langhammer	3005ca17bd	web/admin: show warning on provider when not used with outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 01:15:33 +01:00
Jens Langhammer	909461e533	providers/*: include list of outposts Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 01:06:04 +01:00
Jens Langhammer	6036d88392	providers/proxy: allow configuring of additional scope mappings for proxy closes #1255 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 22:25:51 +01:00
Jens Langhammer	335d6edd11	providers/saml: fix error on missing AssertionConsumerServiceURL, fall back to default ACS Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 17:21:15 +01:00
Jens Langhammer	1b21b50b77	providers/oauth2: fallback to uid if UPN was selected but isn't available Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 16:11:35 +02:00
Jens Langhammer	8eb4d53810	providers/oauth2: fix events being created from /application/o/authorize/ Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-21 22:59:01 +02:00
Jens Langhammer	98a56c77e3	providers/proxy: update ingress controller to work with k8s 1.22 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 10:00:24 +02:00
Jens Langhammer	2b09d97522	core: fix squash migrations error when AK_ADMIN_TOKEN is set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 17:45:10 +02:00
Jens L	e4f141c6c0	: Squash Migrations (#1593 ) : first squash pass Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> sources/saml: squash less Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: fix docker controller not correctly checking image Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: fix old migration reference Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-11 21:39:35 +02:00
Jens Langhammer	83150d9920	outposts: fix circular import in kubernetes controller Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:25:18 +02:00
Jens Langhammer	d30dcda814	providers/proxy: always check ingress secret in kubernetes controller Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:14:27 +02:00
Jens Langhammer	3c1ac4c7ec	outposts/proxy: add new headers with unified naming Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-02 22:00:23 +02:00
Jens L	f9ad102915	flows: inspector (#1469 ) * flows: add initial inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: change naming a bit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flow: add inspector frame Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: don't use shadydom when inspecting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add current stage to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/: fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> flows: deep-copy plan instead of just adding Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: restrict inspector to admin Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add buttons to launch flow with inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: don't automatically follow redirects when inspector is open Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: make current_plan optional, only require historry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: handle error messages in inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: improve UI when flow is done Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add is_completed flag to inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: fix monkeypatches for tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add inspector tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: re-enable cache Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-28 09:36:48 +02:00
pemontto	aea1736f70	outposts/proxy: Fix failing traefik healtcheck (#1470 )	2021-09-26 11:33:18 +02:00
Jens Langhammer	4f3583cd7e	providers/proxy: make token_validity float and optional for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 15:54:32 +02:00
Jens Langhammer	f7408626a8	providers/proxy: return token_validity as total seconds instead of expression Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 15:44:16 +02:00
Jens Langhammer	28eeb4798e	providers/proxy: add token_validity field for outpost configuration Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1462	2021-09-25 15:00:06 +02:00
Jens Langhammer	79b92e764e	*: fix typos in code Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 00:01:11 +02:00
Jens Langhammer	ae07f13a87	outposts: don't map port 9300 on docker, only expose port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-21 21:40:08 +02:00
Jens L	13e2eea72f	web/user: new end-user interface (#1404 ) * web/user: migrate to top navbar Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: prepare config from server Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * re-sort Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove old interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update issue template Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use notification badge Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: re-add go-to-admin button Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : fix remaining redirects directly to admin Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> make settings better Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: ensure sources and stages are sorted Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add sessions and consent Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/oauth2: add post wrapper to stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add new interface to release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 22:17:05 +02:00
Jens Langhammer	ae26d2756f	providers/saml: improved error handling Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 10:58:51 +02:00
Jens Langhammer	916530f0d8	providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui closes #1369 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 17:14:53 +02:00
Jens Langhammer	ba6849f29c	*: remove string.format() Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 12:06:47 +02:00
Jens Langhammer	df4c8003b8	api: fix items of list fields having nullable set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 18:15:59 +02:00
Jens Langhammer	4448145aa9	providers/proxy: use auth/traefik subpath Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 13:53:04 +02:00
Jens L	7158c9d2ea	core: metrics v2 (#1370 ) * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 15:52:24 +02:00
Jens Langhammer	da58796768	providers/proxy: fix defaults for old proxy providers (load providers directly) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 13:54:24 +02:00
Jens Langhammer	d98499a3fa	providers/proxy: fix defaults for old proxy providers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 13:26:36 +02:00
Jens Langhammer	f3ff398a44	providers/proxy: add metrics port to controllers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 23:01:22 +02:00
Jens L	3c1b70c355	outposts/proxyv2 (#1365 ) * outposts/proxyv2: initial commit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> more stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add forward auth an sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> match cookie name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> re-add support for rs256 for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> ensure unique user-agent is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> set cookie duration based on id_token expiry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> build proxy v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add ssl Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add basic auth and custom header support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add application cert loading Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> implement whitelist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> migrate embedded outpost to v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> remove old proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> providers/proxy: make token expiration configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only allow one redirect URI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix docker build for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove default port offset Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add AUTHENTIK_HOST_BROWSER Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix e2e/integration tests not using proper tags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove references of old port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix user_attributes not being loaded correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 18:04:56 +00:00
Jens Langhammer	d92d8e6dbb	api: add additional filters for ldap and proxy providers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-03 10:43:09 +02:00
Jens Langhammer	3e9f5ec5ef	providers/proxy: improve error handling for non-tls ingresses Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-30 14:43:57 +02:00

1 2 3 4 5 ...

306 Commits