trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
3354 commits 95 branches 330 tags 336 MiB
Commit graph

379 commits

Author SHA1 Message Date
Jens Langhammer ec42869e00 policies: add debug flag to PolicyRequest to prevent alerts from testing policies 2021-02-06 21:45:38 +01:00
Jens Langhammer 45963c2ffc admin: improve layout for policy testing 2021-02-06 21:43:14 +01:00
Jens Langhammer 7af883d80c root: add dedicated live and readiness views 2021-02-06 21:07:05 +01:00
Jens Langhammer 4a5374d03f admin: remove provider list view 2021-02-06 20:54:50 +01:00
Jens Langhammer 3b536f6e55 admin: fix property-mapping views redirecting to invalid URL 2021-02-06 20:54:12 +01:00
Jens Langhammer 6aa13a8666 providers/saml: force-set friendly_name to empty string for managed mappings 2021-02-06 20:52:52 +01:00
Jens Langhammer 33cdbd7776 release: 2021.2.1-rc1 2021-02-06 20:10:50 +01:00
Jens Langhammer db7e9f9b95 sources/ldap: set default group property mapping 2021-02-06 19:17:39 +01:00
Jens Langhammer 91282c7bd8 web: add page for Proxy Provider 2021-02-06 18:57:25 +01:00
Jens Langhammer 830b8bcd5b web: add page for OAuth2 Provider 2021-02-06 18:39:15 +01:00
Jens Langhammer 0f5e6d0d8c api: add dark theme for API Browser 2021-02-06 18:09:24 +01:00
Jens Langhammer 6aa6615608 web: add view page for SAML Provider 2021-02-06 18:07:13 +01:00
Jens Langhammer 91d6a3c8c7 providers/*: simplify provider API 2021-02-06 17:31:29 +01:00
Jens L a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid (#533) 2021-02-06 15:56:21 +00:00
Jens Langhammer 32cf960053 sources/ldap: add property_mappings_group to make group mapping more customisable 2021-02-06 15:27:07 +01:00
Jens Langhammer 83bf639926 sources/ldap: use both entryDN and dn (for active-directory) 2021-02-05 15:17:57 +01:00
Jens Langhammer 2717742bd2 sources/ldap: don't remove users from group which were not synced from AD 2021-02-05 15:17:20 +01:00
Jens Langhammer ef70e93bbd Merge branch 'master' into ldap-groupOfNames 2021-02-05 14:52:39 +01:00
Jens Langhammer 478d3430eb sources/ldap: use openldap tests for entire sync 2021-02-05 14:29:22 +01:00
Jens Langhammer 9c1ade59e9 sources/ldap: add more flatten to user sync, start adding tests for OpenLDAP 2021-02-05 13:36:27 +01:00
Jens Langhammer fadf746234 managed: allow for matching on multiple interfaces 2021-02-05 13:18:44 +01:00
Jens Langhammer 397dfc29f1 sources/ldap: change default object filters to use objectClass= instead of objectCategory 2021-02-05 11:43:39 +01:00
Jens Langhammer b0e3b8b39d sources/ldap: use entryDN attribute from ldap3 as opposed to implicit DN attribute 2021-02-05 11:43:13 +01:00
Jens Langhammer 1f8130e685 events: improve information sent in notification emails 2021-02-04 21:44:59 +01:00
Jens Langhammer e639d8ab56 sources/ldap: add case when group does not have uniqueness attribute 2021-02-04 21:18:49 +01:00
Jens Langhammer 005b4d8dda sources/ldap: fix linting issues 2021-02-04 20:36:05 +01:00
Jens Langhammer de2d8b2d85 providers/oauth2: pass application to configuration error event 2021-02-04 20:35:37 +01:00
Jens Langhammer 7d107991a2 sources/ldap: fix count for membership, fix wrong attribute being searched 2021-02-04 20:22:28 +01:00
Jens Langhammer 14dc420747 sources/ldap: rewrite group membership syncing 2021-02-04 20:06:42 +01:00
Jens L 89dc4db30b
sources/ldap: load operational attributes (#526) 2021-02-04 12:37:55 +01:00
Jens Langhammer cc3fccb27e sources/ldap: use dn attribute for distinguishedName, ignore users with no distinguishedName 
closes #527
 2021-02-04 12:10:57 +01:00
Jens Langhammer add20de8de providers/*: fix api linting issues 2021-02-04 10:27:55 +01:00
Jens Langhammer 53f002a123 events: allow searching by event id 2021-02-04 10:09:19 +01:00
Jens Langhammer c7c387eb38 providers/*: add assigned application name and slug 2021-02-04 10:09:19 +01:00
Jens Langhammer 1b3760a4b7 events: don't log successful system tasks 2021-02-04 10:09:18 +01:00
Jens Langhammer 1101810fea admin: show more details for policy testing 2021-02-03 22:09:46 +01:00
Jens Langhammer 1ab5289e2e admin: add test view for property mappings 2021-02-03 21:58:56 +01:00
Jens Langhammer 4b24b185f2 admin: fix context not being passed correctly to policy test view 2021-02-03 21:40:03 +01:00
Jens Langhammer ea0ba5ae30 stages/password: use form.add_error 2021-02-03 21:39:03 +01:00
Jens Langhammer b74c08620a admin: add link to changelog to update events 2021-02-03 21:19:51 +01:00
Jens L e25d03d8f4
Managed objects (#519) 
* managed: add base manager and Ops

* core: use ManagedModel for Token and PropertyMapping

* providers/saml: implement managed objects for SAML Provider

* sources/ldap: migrate to managed

* providers/oauth2: migrate to managed

* providers/proxy: migrate to managed

* *: load .managed in apps

* managed: add reconcile task, run on startup

* providers/oauth2: fix import path for managed

* providers/saml: don't set FriendlyName when mapping is none

* *: use ObjectManager in tests to ensure objects exist

* ci: use vmImage ubuntu-latest

* providers/saml: add new mapping for username and user id

* tests: remove docker proxy

* tests/e2e: use updated attribute names

* docs: update SAML docs

* tests/e2e: fix remaining saml cases

* outposts: make tokens as managed

* *: make PropertyMapping SerializerModel

* web: add page for property-mappings

* web: add codemirror to common_styles because codemirror

* docs: fix member-of in nextcloud

* docs: nextcloud add admin

* web: fix refresh reloading data two times

* web: add loading lock to table to prevent double loads

* web: add ability to use null in QueryArgs (value will be skipped)

* web: add hide option to property mappings

* web: fix linting
 2021-02-03 21:18:31 +01:00
Jens Langhammer cfed41439e events: add send_once flag to send webhooks only once 2021-02-02 19:34:55 +01:00
Jens Langhammer 3ac148d01c events: only title for slack webhook 2021-02-02 19:18:51 +01:00
Jens Langhammer 3e696d6ac8 flows: use global logger for stored plans 2021-02-02 17:29:03 +01:00
Jens Langhammer 0114bc0d6a flows: fix lint errors 2021-02-02 17:02:02 +01:00
Jens Langhammer c60934f9b1 flows: fix benchmark using wrong context 2021-02-02 16:27:21 +01:00
Jens Langhammer 09bdcfaab0 flows: optimise logging 2021-02-02 16:27:03 +01:00
Jens Langhammer 624206281e policies: optimise logging 2021-02-02 16:12:41 +01:00
Jens Langhammer 3d112e7688 root: use filtering_bound_logger for speed improvements 2021-02-02 15:43:44 +01:00
Jens Langhammer 3c4ff65a01 stages/consent: fix wrong widget for expire 2021-02-02 15:01:33 +01:00
Jens Langhammer 3926ee9eb6 core: clear application cache upon application creation 2021-01-30 18:12:14 +01:00
Jens Langhammer 7fbf915e0a policies: fix application cached not being cleared correctly 2021-01-30 18:12:01 +01:00
Jens Langhammer 5af9e8c05d core: improve application caching 2021-01-30 18:03:44 +01:00
Jens Langhammer d8ae56ed19 providers/saml: fix imported provider not saving properties correctly 2021-01-30 12:33:27 +01:00
Jens Langhammer 3e3f29973b release: 2021.1.4-stable 2021-01-29 10:29:06 +01:00
Jens Langhammer 2f3a086f29 docs: update veeam docs for group mapping 2021-01-28 23:34:51 +01:00
Jens Langhammer 239af7048a providers/saml: import SAML Provider with all autogenerated mappings 2021-01-28 23:32:36 +01:00
Jens Langhammer 188ef0f58f core: only cache Applications API when no filtering is done 2021-01-28 23:16:51 +01:00
Jens Langhammer 5ef4354723 providers/saml: make NameID configurable using a Property Mapping 2021-01-28 22:50:13 +01:00
Jens Langhammer 66a8b52c7c providers/saml: update default OIDs for default property mappings 2021-01-28 22:44:44 +01:00
Jens Langhammer c1563f4cff lib: fix ak_is_group_member checking wrong groups 2021-01-28 22:30:59 +01:00
Jens Langhammer da37b42bcf admin: fix providers not showing SAML Import on empty state 2021-01-28 22:16:50 +01:00
Jens Langhammer f4bb22138c providers/saml: add support for WindowsDomainQualifiedName, add docs for NameID 2021-01-28 22:00:40 +01:00
Jens Langhammer c0199933c8 events: fix email template for notifications 2021-01-27 13:22:43 +01:00
Jens Langhammer 5c3f410016 release: 2021.1.3-stable 2021-01-27 10:50:48 +01:00
Jens Langhammer b1591618ae admin: handle FlowNonApplicableException during flow plan 2021-01-27 09:57:26 +01:00
Jens Langhammer 55bcc254c1 flows: fix FlowNonApplicableException not being Sentry Ignored 2021-01-27 09:57:18 +01:00
Jens Langhammer 7d844d1821 release: 2021.1.2-stable 2021-01-18 11:15:11 +01:00
Jens Langhammer 3d3a0cd9e3 events: create event when system task fails 2021-01-18 10:09:14 +01:00
Jens Langhammer 204792b750 stages/email: fix email task not falling back to use_global_settings 2021-01-17 23:31:58 +01:00
Jens Langhammer 8ffa3e5885 policies: fix logic error for sync mode 2021-01-17 23:31:34 +01:00
Jens Langhammer 677a181b9c release: 2021.1.1-stable 2021-01-17 22:36:16 +01:00
Jens Langhammer 4b551add1a stages/password: catch importerror during authentic() 2021-01-17 20:23:22 +01:00
Jens Langhammer e6f897c7e6 policies: detect when running in a daemon process and run policies sync 2021-01-17 20:09:53 +01:00
Jens Langhammer 65c9d4bf4c policies: use custom context for fork instead of changing global context 2021-01-17 20:09:53 +01:00
Jens Langhammer 6e88e52d78 outposts: add message to outpost_service_connection_monitor task 2021-01-17 20:09:53 +01:00
Jens Langhammer 6e69edf1af core: increase application cache duration 
# Conflicts:
#	authentik/core/api/applications.py
 2021-01-17 19:17:47 +01:00
Jens Langhammer 08e7ef3c1e core: increase application cache duration 2021-01-17 19:04:54 +01:00
Jens Langhammer cf76652a4c release: 2021.1.1-rc2 2021-01-17 17:40:43 +01:00
Jens Langhammer 49d40d4337 admin: fix linting 2021-01-17 17:35:00 +01:00
Jens Langhammer 94182f88a4 release: 2021.1.1-rc1 2021-01-17 17:25:47 +01:00
Jens Langhammer 1c25f4f09b core: use tabs for user settings 2021-01-17 17:25:15 +01:00
Jens Langhammer aad3b43ac3 core: cache applications API 2021-01-16 22:38:09 +01:00
Jens Langhammer 60f52f102a outposts: optimise signals to not always trigger 2021-01-16 22:14:37 +01:00
Jens Langhammer f3ccb5341d outpost: improve logging 2021-01-16 22:13:57 +01:00
Jens Langhammer cb73210447 events: don't log permission creation 2021-01-16 22:03:06 +01:00
Jens Langhammer f959212692 events: make notifications filterable 2021-01-16 19:08:07 +01:00
Jens Langhammer 2d2a404028 providers/oauth2: improve error handling and event creation 2021-01-16 18:27:10 +01:00
Jens Langhammer 4baf9e4a22 web: fix unread count, use white-space pre 2021-01-16 18:04:09 +01:00
Jens Langhammer 4f28a89e63 policies: improve recording of error messages during policy process 2021-01-16 16:38:57 +01:00
Jens Langhammer f8b4b92e8d policies: pass direct exception from expression policies 2021-01-16 15:41:59 +01:00
Jens Langhammer c1fbfc63ab core: use version in qs for static files to ensure latest are loaded 2021-01-16 14:15:42 +01:00
Jens Langhammer 192dbe05c4 events: triggers -> rules 2021-01-16 14:15:23 +01:00
Jens Langhammer d637bd0bf9 events: improve infinite loop detection 2021-01-15 11:27:18 +01:00
Jens Langhammer a2bddc6d91 policies: fix engine tests checking wrong key 2021-01-15 11:27:07 +01:00
Jens Langhammer 2e42da11ea policies/event_matcher: simplify validity checking 2021-01-15 11:26:55 +01:00
Jens Langhammer f297d1256d events: fix linting 2021-01-15 11:19:56 +01:00
Jens Langhammer da59e7c4a7 events: fix infinite loop in unittests 2021-01-15 00:32:59 +01:00
Jens Langhammer 8684d106d5 events: fix default transport for successive migrations 2021-01-14 23:50:18 +01:00
Jens Langhammer 7f5caf901d expressions: set exception as message field 2021-01-14 21:58:10 +01:00
Jens Langhammer 1c686e19b5 policies: set message instead of error for Event 2021-01-14 20:17:21 +01:00
Jens Langhammer 3cc92f6c97 events: ensure created field is timestamp 2021-01-14 20:16:54 +01:00
Jens Langhammer 4447345345 policies: fix display of stacktrace in events 2021-01-14 18:07:41 +01:00
Jens Langhammer 42c6401ba7 events: add event context to slack webhook 2021-01-14 17:40:19 +01:00
Jens Langhammer eef111bcfd events: disable policy cache for trigger 2021-01-14 17:39:59 +01:00
Jens Langhammer 6192b2787f events: notifications: send entire event in API 2021-01-14 17:22:02 +01:00
Jens Langhammer c7d28f8ca9 events: attach default transport to default triggers 2021-01-14 17:22:02 +01:00
Jens Langhammer 1342266368 events: include full group in event notification 2021-01-14 17:22:02 +01:00
Jens Langhammer 7ff679b1a3 policies: fix error when error occurs during policy process with no target 2021-01-14 17:22:02 +01:00
Jens Langhammer 8beddcddb0 events: set severity for default triggers 2021-01-14 17:22:02 +01:00
Jens Langhammer 9fe8554f28 events: make notification read/update only 2021-01-14 17:22:02 +01:00
Jens Langhammer 308896719d docs: add docs for events and notifications 2021-01-13 00:26:33 +01:00
Jens Langhammer 95c1473dd2 events: assign default triggers to default admin group, create default transport 2021-01-12 23:28:17 +01:00
Jens Langhammer b14c5039ed events: set default admin group to receive default triggers 2021-01-12 23:06:42 +01:00
Jens Langhammer b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
Jens Langhammer 29e08e7477 stages/otp_*: fix app's verbose_name 2021-01-12 22:59:46 +01:00
Jens Langhammer 36bc1dc020 events: record source when user is using source to authenticate 2021-01-12 22:48:55 +01:00
Jens Langhammer 61d1407804 sources/*: Set PLAN_CONTEXT_SOURCE when logging in with a source 2021-01-12 22:37:33 +01:00
Jens Langhammer 47ddf0d7f2 web: add UI for notification triggers 2021-01-12 22:26:57 +01:00
Jens Langhammer cac94792fa admin: add event transport forms 2021-01-12 22:03:33 +01:00
Jens Langhammer 8369fa16ae events: add mode_verbose to transport, return string on send error 2021-01-12 21:51:55 +01:00
Jens Langhammer f30bdbecd6 events: catch errors during send and re-raise as custom type 2021-01-12 21:48:16 +01:00
Jens L c727c845df
policies: add and/or mode (#463) 
* policies: add mode to PolicyEngine for AND and OR modes

* events: use PolicyEngine in OR mode
 2021-01-12 18:22:25 +01:00
Jens L 1ccf6dcf6f
events: Notifications (#418) 
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
 2021-01-11 18:43:59 +01:00
Jens Langhammer 4743e72e18 policies: ensure binding has a target during unittests 2021-01-05 12:37:52 +01:00
Jens Langhammer 9fb5ce2a1a policies: add binding to policy_execution context 2021-01-05 11:51:05 +01:00
Jens L 82bb179bc2
root: global email settings (#448) 
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
 2021-01-05 00:41:10 +01:00
Jens Langhammer 6ed78830a0 providers/proxy: check ingress annotations we manage 2021-01-02 01:48:39 +01:00
Jens Langhammer 6fe323f1a7 outposts: by default only check labels 2021-01-02 01:08:05 +01:00
Jens Langhammer 85c2db018e outposts: ensure field_manager is also used for updates 2021-01-02 00:52:42 +01:00
dependabot[bot] bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 (#445) 
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-01-01 15:39:43 +01:00
Jens Langhammer 2e69efe699 providers/saml: sign metadata when signing is enabled 2020-12-31 15:02:21 +01:00
Jens Langhammer a85b8a65c0 release: 0.14.2-stable 2020-12-31 12:00:31 +01:00
Jens Langhammer be54ba4fe2 policies: catch error in process to not hang requests 2020-12-31 11:16:17 +01:00
Jens Langhammer 68b9c34f78 policies: fix obj not being set 2020-12-31 11:16:01 +01:00
Jens Langhammer 3584bdf530 events: fix error when creating an even from policyrequests 2020-12-31 11:15:42 +01:00
Jens Langhammer e712719333 admin: fix reverse urls for application forms 2020-12-31 10:13:06 +01:00
Jens Langhammer 4fde1b7365 providers/saml: allow audience to be empty 2020-12-30 22:15:28 +01:00
Jens Langhammer 412f5b9210 providers/saml: fix signing and verification kp not being set correctly 2020-12-30 22:11:24 +01:00
Jens Langhammer a9e53cd52a providers/saml: fix string being passed to lxml 2020-12-30 22:03:01 +01:00
Jens Langhammer d0ee7908ab providers/saml: force user to select authz flow for import 2020-12-30 22:02:41 +01:00
Jens Langhammer e69834dec4 providers/saml: show error message why import failed 2020-12-30 22:02:28 +01:00
Jens Langhammer 16d5e1d9ff release: 0.14.1-stable 2020-12-29 21:25:49 +01:00
Jens Langhammer 765ae80698 providers/oauth2: fix error when creating RefreshToken 2020-12-29 21:22:49 +01:00
Jens Langhammer 540c22ce15 release: 0.14.0-stable 2020-12-28 17:49:45 +01:00
Jens Langhammer 8c3008abce release: 0.14.0-rc2 2020-12-28 17:49:39 +01:00
Jens Langhammer 8a22c86aaa release: 0.14.0-rc1 2020-12-28 17:49:35 +01:00
Jens Langhammer 22ce142cb8 outposts: include protocol in outpost deployment ports 2020-12-28 17:21:02 +01:00
Jens Langhammer 1a292feebb outposts: always check metadata on reconcile 2020-12-28 17:11:37 +01:00
Jens Langhammer 09f4d812b3 outposts: set field_manager 2020-12-28 17:11:33 +01:00