Jens Langhammer
58cd6007b2
Merge branch 'version-2022.11'
2022-12-02 18:12:38 +02:00
Jens L
db95dfe38d
security: fix CVE 2022 46145 ( #4140 )
...
* add flow authentication requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add website for cve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: handle FlowNonApplicableException without policy result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 16:14:25 +01:00
Bastien Rivière
93fee5f0e5
web: fix authentification with Plex on iOS ( #4095 )
...
* web: fix authentification with Plex on iOS
Fixes issue #3822
* fixup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add fallback button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 13:32:00 +01:00
Jens Langhammer
2a4daa5360
release: 2022.11.2
2022-12-01 10:41:29 +02:00
Jens Langhammer
e1a6dede54
*: backport CVE-2022-46145 fix
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 10:41:26 +02:00
Jens Langhammer
3b8cb9e525
web/flows: fix display for long redirect URLs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 10:30:27 +01:00
Jens Langhammer
1c2cdfe06a
web/flows: improve error messages for failed duo push
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 13:42:13 +01:00
Jens Langhammer
474677017f
web/admin: fix empty request being sent due to multiple forms in duo import modal
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 12:08:06 +01:00
Jens Langhammer
0813a49ca5
web/admin: clarify phrasing that user ID is required
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 11:37:54 +01:00
Jens Langhammer
3a13d19695
release: 2022.11.1
2022-11-22 21:42:10 +01:00
Jens Langhammer
94833dd1e7
web/admin: reset cookie_domain when setting non-domain forward auth
...
closes #4063
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 20:46:20 +01:00
Jens Langhammer
5b8223808e
Merge branch 'version-2022.11'
2022-11-21 22:14:33 +01:00
Jens Langhammer
14f341f504
web/admin: fix error when importing duo devices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-21 21:36:10 +01:00
Jens Langhammer
c30aa90888
web: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-21 20:54:02 +01:00
Jens Langhammer
20c1770ec4
release: 2022.11.0
2022-11-21 20:12:02 +01:00
Jens Langhammer
a2e512c36c
stages/authenticator_validate: add flag to configure user_verification for webauthn devices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-21 17:52:37 +01:00
Jens Langhammer
71d144a67e
web/flows: always hide static user info when its not set in the flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-18 21:19:06 +01:00
Jens Langhammer
d785edbbe3
web/flows: only show user info when applicable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-18 16:13:21 +01:00
Jens L
9f5fb692ba
sources: add custom icon support ( #4022 )
...
* add source icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add to oauth form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add to other browser sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add migration, return icon in UI challenges
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* deduplicate file upload
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-16 14:10:10 +01:00
Jens L
276af8457d
root: make sentry DSN configurable ( #4016 )
...
* make sentry DSN configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make proxy smarter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix typo in config struct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 16:05:29 +01:00
Jens Langhammer
a9111bd3fd
web/flows: update flow background
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 16:05:07 +01:00
Jens L
88594075b2
policies/password: merge hibp add zxcvbn ( #4001 )
...
* initial zxcvbn
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api and port tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api diff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-14 14:42:43 +01:00
Jens L
ffe6f65af5
outposts/kubernetes: ingress class ( #4002 )
...
* add support for ingressClassName
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add option to disable ssl verification for k8s controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-14 14:24:11 +01:00
Jens Langhammer
88153cd490
web/admin: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-31 20:30:11 +01:00
Jens Langhammer
f3a72761c0
release: 2022.10.1
2022-10-29 17:24:55 +02:00
Jens Langhammer
3da7fcfc1d
web/common: disable API Drawer by default in user interface
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-24 22:08:47 +02:00
Jens Langhammer
89dc46a7ff
release: 2022.10.0
2022-10-21 19:42:38 +02:00
Jens Langhammer
f1b143606e
web/admin: fix scrolling in remaning modals
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-20 10:20:32 +02:00
Jens Langhammer
0b6dd49f36
web/admin: show oauth2 docs on oauth2 provider view page
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 10:11:15 +02:00
Jens L
b06a3a8f9f
admin: add authorisations metric ( #3811 )
...
add authorizations metric
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 00:06:45 +02:00
Jens Langhammer
a8bca5edd0
web: fix linting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 22:29:28 +02:00
Jens L
0efee2a660
flows: improved import ( #3807 )
...
* return logs when importing flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* improve error handling, show logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 22:01:42 +02:00
Jens Langhammer
96a30af0eb
sources/oauth: allow overriding of all scopes
...
closes #3747
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 21:21:43 +02:00
Jens Langhammer
d6a14019c6
web/admin: rework scrolling in modals, ensure overlay covers everything
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 16:02:51 +02:00
Jens Langhammer
b515126061
web: use drawSelection to workaround cursor bug when using CodeMirror with ShadowDOM in firefox
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 13:55:53 +02:00
Jens L
363872715d
sources/saml: revamp SAML Source ( #3785 )
...
* update saml source to use user connections, add all attributes to flow context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* check for SAML Status in response, add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* package apple icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add webui for connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 17:04:47 +02:00
Jens L
79e8b72569
flows: always show flow inspector in debug mode, don't require admin in debug ( #3786 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 15:44:59 +02:00
Jens Langhammer
884f5249d1
web/flows: update flow background
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 15:42:45 +02:00
Jens L
217e145d23
stages/authenticator_sms: make sms stage payload customisable ( #3780 )
...
* make sms stage payload customisable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update phrasing for webhook mapping
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-14 11:53:01 +02:00
Jens Langhammer
83d303ba9a
web/flows: improve display for action-showing stages
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-13 17:02:01 +02:00
Jens L
8ed2f7fe9e
providers/oauth2: add device flow ( #3334 )
...
* start device flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix inconsistent app filtering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tenant device code flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add throttling to device code view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* somewhat unrelated changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add initial device code entry flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add finish stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* it works
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add support for verification_uri_complete
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add some tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-11 12:42:10 +02:00
Jens Langhammer
239092b872
core: fix messages not being shown when no client is connected
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-10 13:27:41 +03:00
Jens Langhammer
52e0566695
web: fix blank api drawer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-10 12:52:14 +03:00
Jens L
44e4f2e561
crypto: make certificate parsing optional for crypto api ( #3711 )
2022-10-01 00:06:00 +02:00
Jens Langhammer
c0270cc3b3
web: fix linting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-29 10:13:27 +02:00
Jens Langhammer
0c48b40848
web/admin: allow web-based sources to have empty enrollment/authentication flow
...
closes #3683
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-28 18:45:50 +02:00
transifex-integration[bot]
d6e38d330d
Translate '/web/src/locales/en.po' in 'de' [manual sync] ( #3663 )
...
Translate /web/src/locales/en.po in de
at least 80% translated for the source file '/web/src/locales/en.po'
on the 'de' language.
Manual sync of partially translated files: untranslated content is included with an empty translation or source language content depending on file format
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-09-26 20:09:57 +02:00
transifex-integration[bot]
8b8eae4b49
Translate '/web/src/locales/en.po' in 'es' [manual sync] ( #3664 )
...
Translate /web/src/locales/en.po in es
at least 80% translated for the source file '/web/src/locales/en.po'
on the 'es' language.
Manual sync of partially translated files: untranslated content is included with an empty translation or source language content depending on file format
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-09-26 20:09:45 +02:00
transifex-integration[bot]
d7372858ed
Translate '/web/src/locales/en.po' in 'fr_FR' [manual sync] ( #3670 )
...
Translate /web/src/locales/en.po in fr_FR
at least 80% translated for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.
Manual sync of partially translated files: untranslated content is included with an empty translation or source language content depending on file format
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-09-26 20:09:37 +02:00
transifex-integration[bot]
d1493e1d51
Translate '/web/src/locales/en.po' in 'fr' [manual sync] ( #3665 )
...
Translate /web/src/locales/en.po in fr
at least 80% translated for the source file '/web/src/locales/en.po'
on the 'fr' language.
Manual sync of partially translated files: untranslated content is included with an empty translation or source language content depending on file format
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-09-26 20:09:10 +02:00