Commit Graph

1352 Commits

Author SHA1 Message Date
Jens L eaf56f4f3f
stages/user_login: stay logged in (#4958)
* add initial remember me offset

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add to go executor

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add ui for user login stage

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-15 20:21:05 +01:00
Tana M Berry bbdb0df42e
website/docs: capitalization and clarifications (#4948)
* capitalization and clarifications

* minor edits

* Update website/docs/installation/docker-compose.md

Co-authored-by: Jens L. <jens.langhammer@beryju.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/installation/docker-compose.md

Co-authored-by: Jens L. <jens.langhammer@beryju.org>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local>
Co-authored-by: Jens L. <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-15 11:19:03 -05:00
Thomas McWork 5375637eda
website/docs: Fix detail and improve latest changelog regarding SCIM (#4955)
* Fix detail and improve latest changelog regarding SCIM

I found the wording confusing ("sync from" vs. "sync into" as being used in the docs)

Signed-off-by: Thomas McWork <thomas.mc.work@posteo.de>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Thomas McWork <thomas.mc.work@posteo.de>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-15 11:35:07 +01:00
dependabot[bot] ff1feb653b
website: bump webpack from 5.73.0 to 5.76.1 in /website (#4950)
Bumps [webpack](https://github.com/webpack/webpack) from 5.73.0 to 5.76.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.73.0...v5.76.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-15 00:21:24 +01:00
Tana M Berry 8b7a92068b
website/docs: forward-auth page, add list of links (#4937)
* add list of links

* added commas

* fix build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-14 07:45:49 -05:00
SiskoUrso ff1532da13
website/integrations: Changes to reverse proxy information for grafana (#4938)
Changes to reverse proxy information for grafana

Changed to remove the port at the end of the domain for root_url, if grafana is behind a reverse proxy and is reachable at its ip or at https://grafana.company it would not than be accessible by that port. 

Until the root_url was changed in grafana.ini to https://grafana.company/ gives the following error  The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).

This was tested using:
authentik 2023.3.0
grafana 9.3.6
nginx proxy manager 2.9.19

Signed-off-by: SiskoUrso <91812199+SiskoUrso@users.noreply.github.com>
2023-03-14 13:44:08 +01:00
Tana M Berry 75794defc6
website/docs: capitalization of product names (#4922)
Docker and Traefik: for product names we need to follow their brand. Exception is with command lines, etc that are often not capitalized.

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-03-13 17:10:21 -05:00
Jens L 095850f038
website/docs: add new release to sidebar, cleanup (#4926)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-13 19:04:25 +01:00
Jens L b46048e74f
website/docs: final 2023.3 release notes (#4923)
* website/docs: final 2023.3 release notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-03-13 18:30:11 +01:00
Jens L bf7dc5df78
website/docs: separate pages for each webserver (#4911)
* website/docs: separate pages for each webserver

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-03-13 17:29:51 +01:00
Nate Brady f0d0abb66e
website/integrations: Update Skyhigh provider instructions (#4921)
Update Skyhigh Provider instructions

Co-authored-by: Nate Brady <nate@skyhighsecurity.com>
2023-03-13 15:44:46 +01:00
support-tt 7618c2e45f
website/docs: improve traefik standalone docs (#4493)
* Create _traefik_standalone_single_application.md 

Example for Authentik Single Application Proxy with Service example because this was unclear for many users and if you dont create a middleware for every application you get the error "no app for hostname". 

Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com>

* Update _traefik_standalone_single_application.md

Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com>

* rename to old file

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-10 13:45:41 -06:00
Jens L 06fb81410b
website/docs: fix layout for preview annotation (#4899)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-10 17:38:32 +01:00
Jens L 5732fc0c2e
website/docs: prepare 2023.3 release notes (#4889)
* website/docs: prepare 2023.3 release notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

* add better docs for custom css

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-03-10 17:33:59 +01:00
Jens L b6b820f6f1
web: toggle dark/light theme manually (#4876) 2023-03-09 23:17:53 +01:00
Jens L 6ae2fc9668
providers/SCIM: customizable externalId, document behavior (#4868)
* only set externalId if mapping hasn't set it

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* better document use of SCIM in conjunction with OAuth/SAML

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-08 00:15:16 +01:00
Tana M Berry 34f01d3731
website/docs: fix typo (#4867)
Update index.mdx

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-03-07 23:53:05 +01:00
Jens L 36f92f01de
website/blog: Becoming OpenID certified - Why standards matter (#4865)
* website/blog: Becoming OpenID certified - Why standards matter

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

* Update website/blog/2023-03-07-becoming-openid-certified-why-standards-matter/index.md

Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-03-07 18:22:53 +01:00
Jens L 9559bc2e1e
providers/scim: add option to filter out service accounts, parent group (#4862)
* add option to filter out service accounts, parent group

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rename to filter group

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rework sync card to show scim sync status

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-07 15:39:48 +01:00
Tana M Berry f6a8b3d568
website/docs: Corrected typo and added Note about port number if using Istio/Kubern… (#4851)
* Corrected typo and added Note about port number if using Istio/Kubernetes

@BeryJu I was reading [this article](https://prevue.ch/news/2022-10-11-istio-authentik/) about a fellow setting up authentik, using Istio and Kubernetes. I wanted to somehow add a heads up about the port number, but I am not confident that I got it right. Is it only if there are custom decisions being made that the port number has to be for the cluster? 

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>

* Update website/docs/providers/proxy/forward_auth.mdx

Signed-off-by: Jens L. <jens@beryju.org>

* fix lint error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-06 19:28:40 +00:00
Jens L c4a7648ce3
website: add website development setup, update contribution guidelines on PR titles (#4852)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-06 19:27:05 +00:00
Jens L 28ddeb124f
providers: SCIM (#4835)
* basic user sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add group sync and some refactor

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* allow null authorization flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make task monitored

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add missing dependency

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make authorization_flow required for most providers via API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make task result better readable, exclude anonymous user

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add task UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add scheduled task for all sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make scim errors more readable

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add mappings, migrate to mappings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add mapping UI and more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add scim docs to web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start implementing membership

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate signals to tasks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate fully to tasks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* strip none keys, fix lint errors

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start adding tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix saml

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add scim schemas and validate against it

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve error handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add group put support, add group tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* send correct application/scim+json headers

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* stop sync if no mappings are confiugred

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add test for task sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add membership tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use decorator for tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make tests better

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-06 19:39:08 +01:00
dependabot[bot] 2c32e54746
website: bump dns-packet from 5.3.1 to 5.4.0 in /website (#4836) 2023-03-03 00:05:22 +01:00
Jens L e47bbe63b8
website/docs: update release notes (#4833)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-02 20:27:51 +01:00
Jens L 972dce1462
security: fix CVE-2023-26481 (#4832)
fix CVE-2023-26481

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-02 20:15:33 +01:00
sdimovv a6eba37d5a
core: Add `resolve_dns` and `reverse_dns` functions to evaluator (#4769)
* Add resolve_dns

* Add reverse_dns

* Fix lint

* add caching, small optimisation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Added time-aware LRU cache

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-01 22:15:13 +01:00
Jens L 5e60db8593
providers/oauth2: fix typo (#4803) 2023-02-27 17:17:48 +01:00
Jens L 39d0893303
flows: change default flow stage binding settings (#4784)
* flows: change default flow stage binding settings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fallback to correct value

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 15:21:26 +01:00
Jens L 99ddbf553c
website: add X-Frame-Options (#4800)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 13:40:33 +01:00
Jens L 596ff529c4
core: bootstrap email (#4788) 2023-02-26 17:02:45 +01:00
Tealk 7503b32c74
website/integrations: Zammad instructions (#4644)
* add zammad

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* some improvements

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* add navi-item

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* fix mappings

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* typo

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* personalized link removed

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder & fix SAML

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
2023-02-22 16:55:32 +00:00
Tealk 383b6a38ba
website/integrations: Mastodon integration (#4733)
* init mastodon integration

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace username with sub

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
2023-02-22 17:23:38 +01:00
Tealk 7d9eef37ed
website/integrations: Mobilizon instructions (#4747)
* add mobilizonintegration

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
2023-02-22 16:20:47 +00:00
kolaente 60d3da20f3
website/integrations: fix Vikunja setup instructions (#4730)
* fix: Vikunja setup instructions

Signed-off-by: kolaente <k@knt.li>

* fix: clarify what needs restarting after config change

---------

Signed-off-by: kolaente <k@knt.li>
2023-02-22 15:31:18 +00:00
roche-quentin cd99b6e48f
providers/ldap: making ldap compatible with synology (#4694)
* internal/outpost/ldap: making ldap compatible with synology

* fix duplicate attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs about homedirectory

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix duplicate attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add substitution to values

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 15:26:41 +01:00
sdimovv 51c6a14786
providers/ldap: Improve compatibility with LDAP clients (#4750)
* Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-'

* Leave old fields for now for backward compatibility

* Add forgotten depreceated field

* Fix tests

* Fix tests

* use shorter attribute names

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* sanitize attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep both sanitized and unsanitized user fields

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add sanitized fields to test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:18:22 +01:00
Jens L 122055b38b
stages/user_login: terminate others (#4754)
* rework session list

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use sender filtering for signals when possible

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add terminate_other_sessions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:09:28 +01:00
Jens L b61d181ec7
website/docs: add better explanation for goauthentik.io/user/token-ex… (#4755)
website/docs: add better explanation for goauthentik.io/user/token-expires

closes #4727
2023-02-22 13:24:04 +01:00
Jens Langhammer 2c78053631
website/docs: add release note titles
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-21 12:27:24 +01:00
Jens Langhammer 8de4471322
website: update blog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-17 19:35:39 +01:00
Jens Langhammer e5dfe7dafe
website: always show build version in version dropdown
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#3940
2023-02-16 14:38:58 +01:00
Jens Langhammer 17364c3bd8
website/docs: add 2023.2.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 20:34:25 +01:00
Jens Langhammer 19f5e6e07e
website/docs: update events page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 16:44:13 +01:00
Jens Langhammer 7d6b573f8b
website: migrate to mermaid charts, rework proxy page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 12:14:17 +01:00
Jens Langhammer 859b6cc60e
website: adjust padding on hero header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 00:28:45 +01:00
Jens Langhammer c340830b37
website/docs: prepare 2023.2.1
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 18:19:02 +01:00
Jens Langhammer fc9ae9e938
website: include 2023.2 in sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 13:17:55 +01:00
Jens Langhammer 6bb809fd82
website/integrations: remove exclude_x5 from guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 11:55:11 +01:00
Jens Langhammer cf36da2e5d
website/docs: prepare 2023.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-12 17:44:53 +01:00
sdimovv b69e55eae9
core: Add support for auto generating unique avatars based on the user's initials (#4663) 2023-02-12 16:35:17 +01:00
sdimovv e490d25791
website/integrations: Add danger annotation for using username as Nextcloud UID (#4667)
* Add danger annotation for using username as Nextcloud UID

* fix lint
2023-02-12 14:13:32 +01:00
sdimovv a2947975e4
website/integrations: Fix Nextcloud SAM UID value setting (#4656)
Fix SAM UID value setting

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
2023-02-10 14:58:11 +01:00
Jens Langhammer 99bb4c2cf8
website/sources: update mailcow docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-10 11:45:29 +01:00
Jens Langhammer b225f6f3ff
website: add sidebar item tests, bump node version to latest LTS
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 22:06:07 +01:00
barrelltitor ecd5fab082
website/integrations: add Gravitee integration (#4564)
* Add documentation on using Authentik with Gravitee

Adds documentation on using Authentik with Gravitee

Signed-off-by: barrelltitor <108460132+barrelltitor@users.noreply.github.com>

* Update sidebarsIntegrations.js

Signed-off-by: barrelltitor <108460132+barrelltitor@users.noreply.github.com>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: barrelltitor <108460132+barrelltitor@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 22:04:53 +01:00
Jens L af43330fd6
providers/oauth2: rework OAuth2 Provider (#4652)
* always treat flow as openid flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve issuer URL generation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more refactoring

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update introspection

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more refinement

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix more things, update api

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* regen migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix a bunch of things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start updating tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix implicit flow, auto set exp

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix timeozone not used correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix revoke

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more timezone shenanigans

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix userinfo tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix proxy outpost

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing at_hash for implicit flows

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-include at_hash in implicit auth flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use folder context for outpost build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 20:19:48 +01:00
dependabot[bot] cae04b8198
website: bump @sideway/formula from 3.0.0 to 3.0.1 in /website (#4647) 2023-02-09 03:26:08 +01:00
Jens Langhammer a7cf454760
web/admin: add notice for user_login stage session cookie behaviour
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-08 14:18:52 +01:00
dependabot[bot] 91db046978
website: bump prettier from 2.8.3 to 2.8.4 in /website (#4632)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.3 to 2.8.4.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.3...2.8.4)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 11:34:43 +01:00
Jens Langhammer 7a85038c11
website/docs: prepare 2023.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:52:29 +01:00
Jens Langhammer 3170b2f92c
providers/proxy: add token support for basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:50:49 +01:00
Jens Langhammer 555b33c252
website/blog: fix formatting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 17:40:16 +01:00
Jens Langhammer f5047e3ab0
website/blog: publish new blog post
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 17:35:39 +01:00
dependabot[bot] ed01a844ef
website: bump @docusaurus/preset-classic from 2.2.0 to 2.3.1 in /website (#4619)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.3.1/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-06 11:25:28 +01:00
dependabot[bot] c6843a1307
website: bump @docusaurus/plugin-client-redirects from 2.2.0 to 2.3.1 in /website (#4620)
website: bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.3.1/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-06 11:20:47 +01:00
Antoine a890b93869
website/integrations: Update pgAdmin documentation (#4319)
* Update index.md

Signed-off-by: Antoine <antoine+github@jiveoff.fr>

* doc: quick update

* Update index.md

Signed-off-by: Antoine <antoine+github@jiveoff.fr>

---------

Signed-off-by: Antoine <antoine+github@jiveoff.fr>
2023-02-03 14:54:04 +01:00
bjk525 8cf0a5dace
website/integrations: update pfSense integration details (#4337)
* Update index.md

Removed need to enable ExtendedQuery, changed format of Authentication Containers to use semi-colons per note in pfSense, and added setting for Group member attribute (to allow users to not have to create pfsense users individually)

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>

* Update index.md

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>

* Update index.md

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>

* revert Authentication containers

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 13:45:13 +00:00
Melvin Snijders 547c01f481
website/docs: update Caddy docs to include HTTPS proxying (#4316)
Update Caddy documentation to include HTTPS proxying

Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>
2023-02-03 14:43:13 +01:00
Abdullah Alhazmy fabb03ca69
website/integrations: update NextCloud integration details (#4346)
* Update nextcloud Documentation

Signed-off-by: Abdullah Alhazmy <me@alhazmy13.net>

* Update nextcloud Documentation

Signed-off-by: Abdullah Alhazmy <me@alhazmy13.net>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Abdullah Alhazmy <me@alhazmy13.net>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 13:39:05 +00:00
Zakaria aourzag 352a2057dd
website/integrations: change default portainer user identifier (#3945)
* change email to username

change the current settings from username as email to username.

Signed-off-by: Zakaria aourzag <z.aourzag@gmail.com>

* update

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Zakaria aourzag <z.aourzag@gmail.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 14:37:31 +01:00
Jens L 7d4ce41e12
providers/proxy: outpost wide logout implementation (#4605)
* initial outpost wide logout implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* handle deserialize error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix file cleanup, add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 21:18:59 +01:00
Jens Langhammer ccf956d5c6
website/integrations: update pgadmin docs
closes #4603

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 15:51:49 +01:00
Jens Langhammer cadb710c38
website/docs: add troubleshooting for CSRF
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 11:09:03 +01:00
dependabot[bot] 3f108a0ed8
website: bump http-cache-semantics from 4.1.0 to 4.1.1 in /website (#4602)
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases)
- [Commits](https://github.com/kornelski/http-cache-semantics/commits)

---
updated-dependencies:
- dependency-name: http-cache-semantics
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-02 10:47:37 +01:00
Oliver Møller dbd324f202
website/integrations: Added GitHub Enterprise Server (#4591) 2023-02-01 19:22:53 +01:00
Jens Langhammer a9ee43791d
website/integrations: fix google username mapping
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-30 18:31:08 +01:00
Jens Langhammer 27231fd5d7
website: add gtag
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-30 17:29:06 +01:00
Jens Langhammer 5044f8ce6d
website: add new url redirect
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-30 13:37:30 +01:00
Jens Langhammer 13cc7ca77b
Revert "website: bump @docusaurus/preset-classic from 2.2.0 to 2.3.0 in /website (#4565)"
This reverts commit 19b3d648a4.
2023-01-30 12:35:42 +01:00
Jens Langhammer 6d207b0b0a
Revert "website: bump @docusaurus/plugin-client-redirects from 2.2.0 to 2.3.0 in /website (#4567)"
This reverts commit fcc47038e4.
2023-01-30 12:35:37 +01:00
dependabot[bot] fcc47038e4
website: bump @docusaurus/plugin-client-redirects from 2.2.0 to 2.3.0 in /website (#4567)
website: bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.3.0/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 10:57:30 +01:00
dependabot[bot] 19b3d648a4
website: bump @docusaurus/preset-classic from 2.2.0 to 2.3.0 in /website (#4565)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.3.0/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 10:54:30 +01:00
Skyler Mäntysaari c2b4d14af5
website/docs: Add note for firefox about FIDO and TouchID (#4552)
* docs(passwordless): Make sure to include a warning

Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com>

* add notice for firefox touchID

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-01-28 22:45:51 +01:00
Jens Langhammer 3651fb5daf
website/integrations: add notice for google source and username
closes #3709 closes #4432

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-27 15:10:46 +01:00
Jens Langhammer f97b65d44b
website: fix comparison for authelia, correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4088
2023-01-26 01:14:38 +01:00
Jens Langhammer ee70ebfb10
website/blog: fix typo
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-26 00:34:10 +01:00
Jens Langhammer 1cc578be66
website: update comparison
closes #4088

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-25 14:49:09 +01:00
Jens Langhammer 0abbe8288e
website: update comparison
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4088
2023-01-25 11:39:58 +01:00
dependabot[bot] b5ae712f35
website: bump ua-parser-js from 0.7.32 to 0.7.33 in /website (#4526)
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.32 to 0.7.33.
- [Release notes](https://github.com/faisalman/ua-parser-js/releases)
- [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md)
- [Commits](https://github.com/faisalman/ua-parser-js/compare/0.7.32...0.7.33)

---
updated-dependencies:
- dependency-name: ua-parser-js
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-25 11:25:38 +01:00
Jens Langhammer 0bc1b33663
website/blog: fix mixed up images
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-24 19:46:15 +01:00
Jens Langhammer 8564f9ef87
website: hardcode url for disqus comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-24 19:26:04 +01:00
Jens Langhammer 7cfd84d8f0
website/blog: update blog title
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-24 19:03:05 +01:00
Jens Langhammer f2e40ec7e3
website: publish new blog post
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-24 18:59:54 +01:00
Jens L 53b65a9d1a
stages/prompt: field name (#4497)
* add prompt field name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove numerical prefix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use text field

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add description label

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add migrate blueprint to remove old stages

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add task to remove unretrievable blueprints

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix blueprint test paths

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* actually fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests even more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix fixtures

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-24 12:23:22 +01:00
Jens Langhammer 9437e2d3ab
website: add disqus to blog posts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-24 12:14:59 +01:00
Jens Langhammer b99afd82b2
stages/user_write: fix migration setting wrong value, fix form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 14:38:26 +01:00
Jens Langhammer 446dc0a17b
website/docs: prepare 2023.1.1
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-20 14:25:20 +01:00
Jens Langhammer 3a59b75f4a
website/docs: update ldap provider docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-20 11:46:57 +01:00
Jens L 98485c528e
ci: build beta for amd64 and arm64 (#4468)
* ci: build for arm64, but independently

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add notice to beta

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 21:41:56 +01:00
Jens Langhammer 59be3c7746
website/docs: add docs for validating phone numbers before SMS enrollment
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 17:57:52 +01:00
Jens L e390f5b2d1
providers/oauth2: more x5c and ecdsa x/y tests (#4463)
* add option to exclude x5*

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4082

* cleanup jwks, add flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add workaround based on https://github.com/jpadilla/pyjwt/issues/709

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't rstrip hashes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keycloak seems to strip equals

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 18:11:36 +00:00
Jens Langhammer 26f9bbeefa
website/docs: add 2023.1 to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 16:36:03 +01:00
Jens Langhammer 97acc77e0a
website/docs: update 2023.1 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:25:58 +01:00
Jens Langhammer eb1e0427c1
website/docs: add missing user uid field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:22:06 +01:00
Jens L 23c69c456a
providers/proxy: add setting to intercept authorization header (#4457)
* add setting to intercept authorization header

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rename to intercept_header_auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 18:56:48 +01:00
Jens L c73fce4f58
sources/ldap: manual import (#4456)
* events: fix task UID

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add ldap sync command

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 12:21:33 +01:00
Jens Langhammer 19ee98b36d
outposts/proxy: allow setting no-redirect via header or query param
closes #4455

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 10:56:43 +01:00
Jens Langhammer 07767c9376
website/docs: add disclaimer to beta page that downgrade isn't supported
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-16 10:44:42 +01:00
dependabot[bot] 5f7f80fdee
website: bump rapidoc from 9.3.3 to 9.3.4 in /website (#4438)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.3.3 to 9.3.4.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.3.3...v9.3.4)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:14:11 +01:00
dependabot[bot] be10dd629b
website: bump prettier from 2.8.2 to 2.8.3 in /website (#4439)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.2...2.8.3)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:09:58 +01:00
Jens Langhammer 063877a615
website: fix version dropdown and generated subdomains
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4437
2023-01-15 17:23:33 +01:00
Jens Langhammer d31e566873
outposts/proxy: add header to prevent redirects
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:18:25 +01:00
Jens Langhammer b6b97f4706
website/docs: update 2023.1 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:32:34 +01:00
Jens L cd12e177ea
providers/proxy: add initial header token auth (#4421)
* initial implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* check for openid/profile claims

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* include jwks sources in proxy provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add web ui for jwks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only show sources with JWKS data configured

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix introspection tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start basic

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add basic auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs, update admonitions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add client_id to api, add tab for auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:22:03 +01:00
Jens L b424c5dd27
web/admin: rework admin dashboard, add more links, remove user and group graphs (#4399) 2023-01-10 23:47:55 +01:00
Jens L 1ed24a5eef
blueprints: internal storage (#4397)
* rework oci client

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add blueprint content

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make path optional

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add validation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-10 22:00:34 +01:00
Jens Langhammer d3e2f41561
website/docs: fix typo
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 13:13:41 +01:00
dependabot[bot] 3b103b22e2
website: bump prettier from 2.8.1 to 2.8.2 in /website (#4384)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.1...2.8.2)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:55:56 +01:00
dependabot[bot] 158f4c1c4c
website: bump postcss from 8.4.20 to 8.4.21 in /website (#4386)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.20 to 8.4.21.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.20...8.4.21)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-09 09:55:46 +01:00
Jens Langhammer bec538c543
sources/ldap: make task timeout adjustable
closes #4375

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-06 12:37:59 +01:00
sdimovv 53cab07a48
blueprints: Add `!Enumerate`, `!Value` and `!Index` tags (#4338)
* Added For and Item tags

* Removed Sequence node support from ForItem tag

* Added ForItemIndex tag

* Added support for iterating over mappings

* Added support for mapping output body

* Renamed tags: For to Enumerate, ForItem to Value, ForItemIndex to Index

* Refactored tests

* Formatting

* Improved exception info

* Improved error handing

* Added docs

* lint

* Small doc improvements

* Replaced deepcopy() call with call to copy()

* Fix mistake in docs example

* Fix missed "!" in example
2023-01-05 21:36:19 +01:00
Jens L 2604dc14fe
providers/ldap: add code-MFA support for ldap provider (#4354)
* add code support for ldap provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* only try to extract code when auth validator stage is encountered

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use parseint instead

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 18:32:06 +01:00
Jens L a960ce9454
stages/user_write: add more user creation options (#4367)
* add more user creation options

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update blueprints and docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 15:46:20 +01:00
Jens L e6b5810e03
polices/hibp: remove deprecated (#4363)
* remove hibp

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* don't save event matcher apps in migrations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup migrations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update docs, update some phrasing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 13:19:26 +01:00
Jens Langhammer ed3f36e72a
website/docs: update redirect docs
closes #4248

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 12:38:38 +01:00
Jens Langhammer 1efc7eecbf
website/docs: add metrics for monitoring and metrics
closes #4308

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 20:49:35 +01:00
Jens L dc1359a763
providers/saml: initial SLO implementation (#2346)
* providers/saml: initial SLO implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/saml: add logout request tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/saml: add tests for POST SLO

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* matrix e2e tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix import

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* set e2e matrix name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* separate oidc and oauth tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add basic saml slo e2e tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add better metadata download url

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* kinda prepare release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sort releases into folders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add slo urls to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix linking

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add api tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 19:45:31 +01:00
Jens Langhammer c4bb51469b
website/docs: prepare 2022.12.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 10:15:15 +01:00
Jens Langhammer 82184b2882
web/flows: fix alternate captchas not loading
closes #4321

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-01 18:49:41 +01:00
Jens L bd56922a2f
blueprints: watch blueprints directory and trigger tasks (#4309)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-30 11:30:18 +01:00
Jens Langhammer c8bd0fbb1c
website/docs: prepare 2022.12.1 release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-29 23:59:05 +01:00
Jens Langhammer c99798b1f2
website/docs: update release notes, remove duplicate files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-29 23:28:15 +01:00
dependabot[bot] 4cce99b207
website: bump json5 from 2.2.1 to 2.2.2 in /website (#4303)
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.2.1...v2.2.2)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-29 09:39:53 +01:00
Jens Langhammer b56fd5e745
website/developer-docs: list native dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 15:25:16 +01:00
Jens Langhammer 0e6400bfea
web/admin: improve user/group UX for adding/removing users to and from groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 12:55:38 +01:00
Jens Langhammer b16d1134ea
core: add endpoints to add/remove users from group atomically
closes #4252

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 10:50:30 +01:00
Jens Langhammer 1615723f10
website/docs: update release notes for 2022.12
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 14:10:38 +01:00
sev f9b46145de
website/docs: Clarify request.user and add link to Django docs (#4287)
* Clarify request.user and add link to doc

Signed-off-by: sev <git@sev.monster>

* rephrase a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: sev <git@sev.monster>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 14:10:30 +01:00
Jens Langhammer 20a4dfd13d
stages/invitation: fix incorrect pk check for invitation's flow
closes #4278

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 13:55:51 +01:00
sdimovv 8f3579ba45
blueprints: add `!If` tag (#4264)
* Added \!If tag

* Fix typo

* Removed trailing whitespace

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>

* format blueprint fixtures

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-26 16:20:22 +01:00
Jens Langhammer 7046944bf6
website: link CVE and attribute reporter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:17:17 +01:00
Jens L 8195e6d4ff
website/integrations: add hcp docs (#4281)
add hcp docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 22:27:33 +01:00
Jens Langhammer 94b9ebb0bb
blueprints: add Env tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 20:41:51 +01:00
Jens Langhammer fe1e2aa8af
website: fix missing integrations in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 00:50:12 +01:00
Jens Langhammer 283c93c57b
website: copy static files instead of linking them to prevent cache issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 15:18:21 +01:00
Jens Langhammer 716584bbae
website: update release notes for CVEs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:21:02 +01:00
Jens L 9f846d94be
security: fix CVE 2022 23555 (#4274)
* add flow to invitation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* show warning on invitation page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add security advisory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:13:49 +01:00
Jens L 84fbeb5721
security: fix CVE 2022 46172 (#4275)
* fallback to current user in user_write, add flag to disable user creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update api and web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add cve post to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:12:58 +01:00
Jens Langhammer 6a3a3e5f8d
website: fix duplicate platforms in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:23:41 +01:00
Jens Langhammer 42c278b4f8
root: migrate to hosted sentry with rate-limited DSN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:18:26 +01:00