2090 commits

Author	SHA1	Message	Date
Jens Langhammer	91fd792f88	tests/e2e: use generated uid ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 19:19:13 +01:00
Jens Langhammer	9835785864	core: make test user's password optional ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 19:06:44 +01:00
Jens Langhammer	d785998c5a	Revert "root: disable random tests for now" ... This reverts commit 8ba9553220.	2021-11-23 18:46:51 +01:00
Jens Langhammer	8ba9553220	root: disable random tests for now ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 17:57:56 +01:00
Jens Langhammer	6eb132c48b	tests/e2e: fix ldap provider tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 17:28:35 +01:00
Jens Langhammer	355b832cc3	tests/e2e: fix email backend ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 13:22:28 +01:00
Jens Langhammer	e32d4f0095	tests/e2e: don't run e2e tests randomly for now ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 00:32:24 +01:00
Jens Langhammer	d3397c349f	stages/email: minify email css template ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-23 00:10:43 +01:00
Jens L	9bb0d04aeb	root: Random tests (#1825) ... * root: add pytest-randomly to randomise tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate flows for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: generate users for testing instead of relying on existing ones Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use generated certificate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: keep containers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: use websockets test case Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-22 22:56:02 +01:00
Jens Langhammer	61621e7d60	lifecycle: improve backup restore by dropping database before ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-20 00:32:24 +01:00
Jens Langhammer	431ba6b4ef	lib: add cli option for lib.config ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-19 23:52:10 +01:00
Jens Langhammer	bb6eed0db1	root: properly catch 404 errors for websocket connections ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-19 23:19:07 +01:00
Jens Langhammer	e831e4fb94	root: add lifespan shim to prevent errors ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-16 13:25:03 +01:00
Jens Langhammer	b0fac9c9f1	providers/saml: fix SessionNotOnOrAfter not being included ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-16 12:36:40 +01:00
Jens Langhammer	f4db09cd59	events: add gdpr_compliance option ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1551	2021-11-16 11:29:13 +01:00
Jens Langhammer	638e8d741f	*: fix multiple tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-16 10:38:21 +01:00
Jens Langhammer	425b87a6d0	outposts: add ack and disconnect tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-16 09:34:37 +01:00
Jens Langhammer	d12e24017e	outposts: add websocket tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 23:58:19 +01:00
Jens Langhammer	078633c2af	lib: drop all sentry exceptions when debug enabled ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 22:18:56 +01:00
Jens Langhammer	4b8b800648	stages/*: add more tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 20:58:34 +01:00
Jens Langhammer	6f9ed001a1	crypto: add more tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 20:38:03 +01:00
Jens Langhammer	e4095dfffe	admin: add more tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 20:10:09 +01:00
Jens Langhammer	d5341c2284	managed: add tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 19:53:08 +01:00
Jens Langhammer	867fb0dac0	root: fix settings for managed not loaded ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 19:49:03 +01:00
Jens Langhammer	2666aa2c73	root: add errorhandling in log middleware ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 17:11:44 +01:00
Jens Langhammer	f0e9bafa35	outposts: add tests for management commands ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 16:44:42 +01:00
Jens Langhammer	0d739f5c1a	recovery: add additional tests for commands ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 16:41:37 +01:00
Jens Langhammer	e08077c73a	root: replace asgi-based logger with middleware ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 16:32:56 +01:00
Jens Langhammer	c43049a981	website/docs: remove deprecated docker_image_base ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 15:58:17 +01:00
dependabot[bot]	f7044e41c6	build(deps-dev): bump bandit from 1.7.0 to 1.7.1 (#1793) ... * build(deps-dev): bump bandit from 1.7.0 to 1.7.1 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.0 to 1.7.1. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1) --- updated-dependencies: - dependency-name: bandit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * *: fix bandit false positives Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-15 09:16:16 +01:00
Jens Langhammer	59343ff441	stages/email: fix missing component in response when retrying email send ... closes #1791 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-14 17:52:31 +01:00
Jens Langhammer	cab564152d	lib: load json strings in config env variables ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-14 12:44:22 +01:00
Jens Langhammer	88516ba2ca	core: make defaults for _change_email and _change_username configurable ... closes #1789 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-13 22:33:03 +01:00
Jens Langhammer	2a3b049b01	release: 2021.10.4	2021-11-12 12:31:24 +01:00
Rizwan Ahmed	e4a5e86c93	sources/oauth: Fixed the incorrect padding issue in apple.py (#1773) ... * Fixed the incorrect padding issue in apple.py Fixed the incorrect padding issue in apple.py by adding proper padding to the raw_payload. * Fixed the incorrect encoding of client_secret in apple.py In the get_client_secret() method, the "sub" in the payload must be only the client ID. So I have changed self.source.consumer_key to parts[0] * Added the decode method for the id_token Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-12 12:10:29 +01:00
Jens Langhammer	1cfe81887b	stages/authenticator_validate: improve logging ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-11 23:33:41 +01:00
Jens Langhammer	53905d1a89	stages/authenticator_validate: enable all device classes by default ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-11 22:49:30 +01:00
Jens Langhammer	6db1c914ee	stages/authenticator_duo: fix devices created with name ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-11 22:16:47 +01:00
Jens Langhammer	c98bdbacc5	providers/proxy: return list of configured scope names so outpost requests custom scopes ... closes #1762 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 23:06:21 +01:00
Jens Langhammer	1e8d45dc15	web: write interfaces to different folders and remove custom chunk names ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 17:54:50 +01:00
Jens Langhammer	d5d8641b37	stages/*: disable trim_whitespace on important fields ... closes #1765 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 16:48:19 +01:00
Jens Langhammer	cc0832f487	core: force lowercase emails for gravatar usage ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 12:40:20 +01:00
Jens Langhammer	e73606b54d	root: catch error in analytics on startup ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 11:28:08 +01:00
Jens Langhammer	5d479a6c8f	root: set utm_source ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-09 23:23:47 +01:00
Jens Langhammer	4a773b2b4f	sources/ldap: set connect/receive timeout (default to 15s) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-09 22:27:58 +01:00
Jens Langhammer	8003d67844	sources/ldap: fix typo ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-09 22:24:33 +01:00
Jens Langhammer	51783c1cbb	sorces/ldap: fix user/group sync overwriting attributes instead of merging them ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-09 21:16:59 +01:00
Jens Langhammer	ab2b13938e	release: 2021.10.3	2021-11-08 20:52:11 +01:00
Jens Langhammer	9ca15983a2	root: keep last 30 backups ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-08 17:46:25 +01:00
Jens Langhammer	99ef94b7aa	stages/prompt: only set placeholder when in context ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-08 15:10:32 +01:00
Jens Langhammer	c3faa61ed9	stages/prompt: set field placeholder based on plan context ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-08 14:47:50 +01:00
Jens Langhammer	da74304221	stages/prompt: add text_read_only field ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-08 14:45:56 +01:00
Jens Langhammer	79db0ce4c1	stages/prompt: use initial instead of default ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-07 22:20:08 +01:00
Jens Langhammer	5e23b11764	stages/prompt: default prompts to the current value of the context ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-07 21:59:50 +01:00
Jens Langhammer	c4e029ffe2	recovery: add create_admin_group management command ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-07 21:53:21 +01:00
Jens Langhammer	61b5b36192	core: add command to output full config ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-07 21:45:52 +01:00
Jens Langhammer	c6cc1b1728	root: fix defaults for EMAIL_USE_TLS ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-07 21:37:14 +01:00
Jens Langhammer	90151a13ae	stages/identification: only allow limited challenges for login sources ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-06 14:53:38 +01:00
Jens Langhammer	f958aa6930	stages/identification: use random sleep ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-06 14:50:35 +01:00
Jens Langhammer	924a13e832	core: fix auth_method for tokens ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-06 13:04:41 +01:00
Jens Langhammer	ae83c35dfd	events: ignore creation/deletion of AuthenticatedSession objects ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-06 13:04:34 +01:00
Jens Langhammer	6424bf98da	admin: improve check to remove version notifications ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-06 12:15:05 +01:00
Jens Langhammer	2cef220a3e	providers/ldap: add/squash migrations ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 10:41:50 +01:00
Jens L	5a8c66d325	providers/ldap: memory Query (#1681) ... * outposts/ldap: modularise ldap outpost, to allow different searchers and binders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add basic in-memory searcher Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add search mode field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 10:37:30 +01:00
dependabot[bot]	8de13d3f67	build(deps): bump goauthentik.io/api from 0.2021102.2 to 0.2021102.4 (#1738) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 09:33:26 +01:00
Jens Langhammer	7798292aa8	sources/plex: use exception_to_string in tasks ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 01:16:36 +01:00
Jens Langhammer	3005ca17bd	web/admin: show warning on provider when not used with outpost ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 01:15:33 +01:00
Jens Langhammer	909461e533	providers/*: include list of outposts ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 01:06:04 +01:00
Jens Langhammer	a40c3aeb68	core: make group membership lookup respect parent groups (upwards) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 00:53:56 +01:00
Jens Langhammer	4a89be3048	core: include parent group name ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-05 00:11:17 +01:00
Jens Langhammer	023b97aa69	sources/ldap: remove deprecated default ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 22:13:47 +01:00
Jens Langhammer	738e4d5c74	web/admin: only show flows with an invitation stage configured instead of all enrollment flows ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1720	2021-11-04 20:54:55 +01:00
Jens Langhammer	5bc1301043	stages/authenticator_*: add default name for authenticators ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 15:34:51 +01:00
Jens Langhammer	8d766efecb	root: don't set signal on start when running in ci or dev ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 14:32:21 +01:00
Jens Langhammer	b362d2af03	lib: fix linting issue ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 13:43:09 +01:00
Jens Langhammer	bcd42fce13	root: further improve detection of environment we're running in ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 13:35:22 +01:00
Jens Langhammer	6deddd038f	internal: start embedded outpost directly after backend is healthy instead of waiting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 13:18:04 +01:00
Jens Langhammer	3b47cb64da	root: improve compose detection, add anonymous stats ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 13:16:21 +01:00
Jens Langhammer	cf5e70c759	lifecycle: revert to non-h11 worker ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-04 13:16:10 +01:00
Jens Langhammer	5374352411	sources/plex: allow users to connect their plex account without login flow ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-03 21:09:02 +01:00
Jens Langhammer	08eff4cc5d	sources/plex: fix missing ordering ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-03 20:21:33 +01:00
Jens Langhammer	8f6d700aa8	sources/oauth: set prompt=none for Discord provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-03 15:48:59 +01:00
Jens Langhammer	58c221e867	release: 2021.10.2	2021-11-03 10:07:28 +01:00
Jens Langhammer	5dc0f3b91b	website: remove static service account, use helm chart instead ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-03 00:14:01 +01:00
Jens Langhammer	f51515f3de	stages/invitation: don't throw 404 error in stage ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-03 00:07:13 +01:00
Jens Langhammer	f978575293	stages/invitation: remove invitation from plan context after deletion ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-02 23:50:12 +01:00
Jens Langhammer	0d02dbf55c	api: replace django sentry proxy with go proxy to prevent login issues ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-02 14:44:37 +01:00
Jens Langhammer	af83308fd4	stages/prompt: fix type in Prompt not having enum set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-01 20:44:48 +01:00
Jens Langhammer	6036d88392	providers/proxy: allow configuring of additional scope mappings for proxy ... closes #1255 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 22:25:51 +01:00
Jens Langhammer	bfc8a56a0b	*: fix tests for new field show_source_labels ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 18:18:21 +01:00
Jens Langhammer	5646141fe2	stages/identification: add show_source_labels option, to show labels for sources ... closes #1679 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 17:57:48 +01:00
Jens Langhammer	335d6edd11	providers/saml: fix error on missing AssertionConsumerServiceURL, fall back to default ACS ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 17:21:15 +01:00
Jens Langhammer	5d9bed130a	root: fix Detection of S3 settings for backups ... closes #1698 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-31 16:54:10 +01:00
Jens Langhammer	2788329880	release: 2021.10.1	2021-10-31 10:56:21 +01:00
Jens Langhammer	f5dc81907a	core: add created field to source connection ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-30 15:02:41 +02:00
Jens Langhammer	d70c8fbcc3	core: add API for all user-source connections ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-30 14:36:54 +02:00
Jens Langhammer	12b26e49ec	flows: optimise stage user_settings API ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-30 14:16:28 +02:00
Jens Langhammer	e771e1857f	core: add API to list all authenticator devices ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-29 09:08:48 +02:00
Jens Langhammer	72a93c0959	root: pin node images to v16 ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-28 10:29:48 +02:00
Jens Langhammer	381010600f	release: 2021.10.1-rc3	2021-10-27 18:57:07 +02:00
Jens Langhammer	1b21b50b77	providers/oauth2: fallback to uid if UPN was selected but isn't available ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 16:11:35 +02:00
Jens Langhammer	fa6324ab1d	sources/ldap: prevent key users from being set as this is an M2M relation ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 15:43:56 +02:00
Jens Langhammer	9e0daf2bcf	sources/ldap: skip values which are of type bytes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 15:43:38 +02:00
Jens Langhammer	0273ae16df	events: fix error when notification transport doesn't exist anymore ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 15:38:41 +02:00
Jens Langhammer	f2f12ef0ba	api: fix error when connection to websocket via secret_key ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 15:21:52 +02:00
Jens Langhammer	61d3df5f02	outposts: fix docker controller not using object_naming_template ... closes #1682 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-27 15:04:59 +02:00
Jens Langhammer	971de4fcb9	core: add USER_ATTRIBUTE_CHANGE_EMAIL ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1590 and #1677	2021-10-27 13:34:11 +02:00
Jens Langhammer	92085f1a3c	core: add toggle to completely disable backup mechanism ... closes #1671 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-26 17:04:33 +02:00
Jens Langhammer	8eb4d53810	providers/oauth2: fix events being created from /application/o/authorize/ ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-21 22:59:01 +02:00
Jens Langhammer	731f5d0199	release: 2021.10.1-rc2	2021-10-21 16:38:30 +02:00
Jens Langhammer	3647633232	core: cleanup embedded outpost logging, log user for http requests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 22:12:49 +02:00
Jens Langhammer	eba91c6b2b	root: add cookie domain setting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 18:26:22 +02:00
Jens Langhammer	ba9f8a5795	lib: add utm_source to default links ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 17:31:27 +02:00
Jens Langhammer	02b4173d30	root: add utm_source ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 16:34:39 +02:00
Jens Langhammer	61fab497cf	core: add user flag to prevent users from changing their usernames ... closes #1590 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 16:17:19 +02:00
Jens Langhammer	621e7f564a	flows: also clear cache when deleting bindings ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 15:25:38 +02:00
Jens Langhammer	2df4322ecf	sources/oauth: add choices to oauth provider_type ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-20 00:11:19 +02:00
Jens Langhammer	03369e2338	sources/ldap: check for existence of vendor fields before falling back ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1521	2021-10-19 15:40:40 +02:00
Jens Langhammer	5da7d9a573	release: 2021.10.1-rc1	2021-10-19 15:34:59 +02:00
Jens Langhammer	89bb27b95c	sources/ldap: fix missing arguments? ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 22:04:58 +02:00
Jens Langhammer	2b155964c2	sources/ldap: extract vendor-specific functions ... #1521 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 21:44:10 +02:00
Jens L	922fc9b8d5	sources/oauth: add Sign in with Apple (#1635) ... * sources/oauth: add apple sign in support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: apple sign in docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: fix missing apple in sidebar Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sources/oauth: add fallback values for name and slug Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 16:35:12 +02:00
Jens Langhammer	2c06eed8e7	events: don't prefill task if they already have a state ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 14:48:14 +02:00
Jens Langhammer	a1b3af401d	outposts: improve handling of recreate scenarios ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 14:29:37 +02:00
Jens Langhammer	92d38f62b5	outposts: handle k8s 422 response code by recreating objects ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 10:23:11 +02:00
Jens Langhammer	98a56c77e3	providers/proxy: update ingress controller to work with k8s 1.22 ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-18 10:00:24 +02:00
Jens Langhammer	ce812e14c7	core: improve detection for s3 settings to trigger backup ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-17 15:56:31 +02:00
Jens Langhammer	8d32a53126	outposts: add additional error checking for docker controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-17 15:54:57 +02:00
Jens Langhammer	0225bf9c99	stages/authenticator_validate: create a default authenticator validate stage with sensible defaults ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-16 00:28:56 +02:00
dependabot[bot]	8040e2b6e4	build(deps): bump webauthn from 0.4.7 to 1.0.0 (#1625) ... * build(deps): bump webauthn from 0.4.7 to 1.0.0 Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 0.4.7 to 1.0.0. - [Release notes](https://github.com/duo-labs/py_webauthn/releases) - [Commits](https://github.com/duo-labs/py_webauthn/compare/v0.4.7...v1.0.0) --- updated-dependencies: - dependency-name: webauthn dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * stages/authenticator_webauthn: migrate to new library version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_validate: migrate to new version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_webauthn: add bytes_to_base64url_dict for json encoding Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * actually don't do that Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing response on web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more double json Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more base64 stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * working Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: always sync Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-15 23:26:29 +02:00
Jens Langhammer	f62786e58b	policies: add additional filters to create flow charts on frontend ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-15 18:21:44 +02:00
Jens Langhammer	5f9dda2e58	outposts: rename docker_image_base to container_image_base, since its not docker specific ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 20:28:30 +02:00
Ilya Kogan	0c55eea678	outposts: Adding more flexibility to outposts in Kubernetes. (#1617) ... * outposts/ldap: Support hard coded `uidNumber` and `gidNumber`. * outposts: more options for image + labels - Set outpost docker image in config. - Set image pull secrets in outpost config. - Add additional labels for easier targeting from custom services. * Fix some linting errors. * outposts: Rename `docker_image` to `container_image	2021-10-14 19:54:56 +02:00
Jens Langhammer	dd9dc7e596	root: fix error with sentry proxy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 19:45:01 +02:00
Jens Langhammer	797e31696a	outposts: fix attribute error in docker controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 13:37:56 +02:00
Jens Langhammer	8eddb4b95b	admin: check for debug in worker count api ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 12:32:30 +02:00
Jens Langhammer	4b7399f454	*: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 12:21:28 +02:00
Jens Langhammer	9bc9568008	stages/authenticator_sms: make fields non-nullable ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 11:42:11 +02:00
Skyler Mäntysaari	634375c43f	stages/authenticator_sms: add generic provider (#1595) ... * stages/sms: New SMS provider, aka wrapper for outside API * web/pages/authenicator_sms: Conditionally show options based on provider. * stages/authenicator_sms: Fixing up the model. * Whoops * stages/authenicator_sms: Adding supported auth types for Generic provider. * web/pages/stages/authenicator_sms: Added auth type for generic provider * web/pages/stages/authenicator_sms: Fixing up my generic provider options. * stages/authenicator/sms: Working version of generic provider. * stages/authenicator/sms: Cleanup and creating an event on error. * web/ages/stages/authenicator_sms: Made a default for Auth Type and cleaned up the non-needed name attribute. * stages/authenicator_validate: Fixing up the migration as it had no SMS. * stages/authenicator_sms: Removd non-needed migration and better error code handling. * stages/authenicator_sms: Removd non-needed migration and better error code handling. * web/pages/stages/authenicator_sms: Provider default is not empty anymore. Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-14 10:24:15 +02:00
Jens Langhammer	98907ec889	root: remove structlog.processors.format_exc_info for new structlog version ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-13 09:42:49 +02:00
Jens Langhammer	3e5b05203b	Revert "root: handle liveness probe in router" ... This reverts commit d39dbc7287. Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 18:44:37 +02:00
Jens Langhammer	2b09d97522	core: fix squash migrations error when AK_ADMIN_TOKEN is set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 17:45:10 +02:00
Jens Langhammer	d39dbc7287	root: handle liveness probe in router ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 14:54:15 +02:00
Jens Langhammer	cc69311ec0	stages/authenticator_validate: add new class ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 13:13:31 +02:00
Jens Langhammer	ddb70a283e	managed: don't run managed reconciler in foreground on startup ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 12:10:46 +02:00
Jens Langhammer	ecfc3a6d93	*: migrate everything to goauthentik.io docker proxy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 11:04:47 +02:00
Jens L	e4f141c6c0	*: Squash Migrations (#1593) ... * *: first squash pass Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sources/saml: squash less Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: fix docker controller not correctly checking image Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: fix old migration reference Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-11 21:39:35 +02:00
Jens L	aef9d27706	stages/authenticator_sms: Add SMS Authenticator Stage (#1577) ... * stages/authenticator_sms: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add initial stage UI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: clear invalid state when old input was invalid but new input is correct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add more logic Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add basic SMS settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: initial working version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: optimise totp password manager entry on authenticator_validation stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add grouping support for table Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: allow sms class in authenticator stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add grouping to more pages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_validate: add SMS support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add throttling for flow executor based on session key and pending user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix style issues Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: add workflow to compile backend translations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-11 17:51:49 +02:00
Jens L	7bf587af24	ci: push dev images to ghcr (#1591) ... * ci: push dev images to ghcr Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: use new ghcr images Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: use ghcr proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-11 14:08:34 +02:00
Jens Langhammer	b80ecd4668	stages/prompt: fix wrong field type of field_key ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-10 18:54:56 +02:00
Jens Langhammer	d959b7a930	Merge branch 'version-2021.9'	2021-10-10 14:35:40 +02:00
Jens Langhammer	619203c177	release: 2021.9.8	2021-10-10 13:12:26 +02:00
Jens Langhammer	7d9251ce2f	root: fix linting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-09 20:56:49 +02:00
Jens Langhammer	846c971674	root: add translation for backend strings ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-09 20:07:28 +02:00
Jens Langhammer	5b7e1f97e0	stages/authenticator_duo: remove signals ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-09 19:29:35 +02:00
Jens Langhammer	dff0613b3d	crypto: add managed field, prepare managed JWT cert ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-09 19:14:39 +02:00
Jens Langhammer	8965451073	core: add default for user's settings attribute ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-09 16:01:22 +02:00
Jens Langhammer	b33ea9cc61	core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-09 15:35:18 +02:00
Jens Langhammer	f32d35b07c	policies/password: add extra sub_text field in tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 19:27:24 +02:00
Jens Langhammer	9e936e4436	outposts: fix lint error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 19:15:57 +02:00
Jens Langhammer	649abddea7	outposts: fallback to known-good outpost image if configured image cannot be pulled ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 19:10:39 +02:00
Jens Langhammer	67b88595ad	stages/prompt: fix sub_text not allowing blank ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 19:00:15 +02:00
Jens Langhammer	b4ee693a5c	stages/user_write: allow recursive writing to user.attributes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 18:57:19 +02:00
Jens Langhammer	57e5acaf2f	stages/prompt: add sub_text field to add HTML below prompt fields ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 18:34:37 +02:00
Jens Langhammer	050ec99c89	flows: fix inspector history not being cleared when executing from API ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 18:29:28 +02:00
dependabot[bot]	cbeee27fc1	build(deps): bump @sentry/tracing from 6.13.2 to 6.13.3 in /web (#1556) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-07 09:39:44 +02:00
Jens Langhammer	8c27616d0c	Merge branch 'version-2021.9'	2021-10-06 21:04:16 +02:00
Jens Langhammer	e444d0d640	release: 2021.9.7	2021-10-06 20:57:56 +02:00
Jens Langhammer	d75c63d38b	Merge branch 'version-2021.9' ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/src/locales/fr_FR.po	2021-10-06 00:04:09 +02:00
Jens Langhammer	2b730dec54	release: 2021.9.6	2021-10-05 22:22:54 +02:00
Jens Langhammer	62bf79ce32	root: add docker-native healthcheck for web and celery ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 20:45:38 +02:00
Jens Langhammer	d29d161ac6	admin: clear update notification when notification's version matches current version ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 20:45:38 +02:00
Jens Langhammer	aee58c8d53	root: add docker-native healthcheck for web and celery ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 20:45:18 +02:00
Jens Langhammer	fa6df84de2	admin: clear update notification when notification's version matches current version ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 20:36:38 +02:00
Jens Langhammer	79eec5a3a0	core: include group uuids in self serializer ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:49:14 +02:00
Jens Langhammer	c1f302fb7c	core: only return group names for user_self ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:48:53 +02:00
Jens Langhammer	782764ac73	api: ensure viewsets have default ordering ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:48:42 +02:00
Jens Langhammer	73d57d6f82	core: make user's name field fully options ... closes #1537 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:48:42 +02:00
Jens Langhammer	d1a1bfbbc5	web/user: don't show managed tokens in user interface ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:47:49 +02:00
Jens Langhammer	1ac4dacc3b	outposts: fix error when comparing ports in docker controller when port mapping is disabled ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:47:15 +02:00
Jens Langhammer	9e7e22367b	core: include group uuids in self serializer ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 13:10:44 +02:00
Jens Langhammer	f5761dc70d	core: only return group names for user_self ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 12:31:25 +02:00
Jens Langhammer	16380b3f7a	api: ensure viewsets have default ordering ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 11:26:41 +02:00
Jens Langhammer	16f2603130	core: make user's name field fully options ... closes #1537 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 11:23:27 +02:00
Jens Langhammer	847cfed73f	web/user: don't show managed tokens in user interface ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 11:11:34 +02:00
Jens Langhammer	05b587ae44	outposts: fix error when comparing ports in docker controller when port mapping is disabled ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 10:44:07 +02:00
Jens Langhammer	a515afae0b	recovery: handle error when user doesn't exist ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-05 10:40:59 +02:00
Jens Langhammer	1c340ddbbd	Merge branch 'version-2021.9' ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/package-lock.json # web/package.json	2021-10-04 22:02:56 +02:00
Jens Langhammer	bcf7e162a4	release: 2021.9.5	2021-10-04 20:08:46 +02:00
Jens Langhammer	cb37e5c10e	stages/email: add activate_user_on_success flag, add for all example flows ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/src/locales/fr_FR.po	2021-10-04 18:50:19 +02:00
Jens Langhammer	73bb778d62	stages/user_login: add check for user.is_active and tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:50:00 +02:00
Jens Langhammer	b612a82e16	outposts: don't always build permissions on outpost.user access, only in signals and tasks ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:49:57 +02:00
Jens Langhammer	09f43ca43b	events: add missing migration ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:49:50 +02:00
Steven Armstrong	1c91835a26	providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514) ... Use the RDN instead of the FDN when establishing group memberships based on posixGroup's 'memberUid' attribute. fixes #1436 Signed-off-by: Steven Armstrong <steven@armstrong.cc>	2021-10-04 18:49:45 +02:00
Jens Langhammer	3634bf4629	tests/integration: fix tests failing due to incorrect comparison ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:49:10 +02:00
Jens Langhammer	0692663537	stages/email: add activate_user_on_success flag, add for all example flows ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:47:51 +02:00
Jens Langhammer	b5649bdcc4	stages/user_login: add check for user.is_active and tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:37:05 +02:00
Jens Langhammer	fab9a10487	outposts: don't always build permissions on outpost.user access, only in signals and tasks ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 18:04:19 +02:00
Jens Langhammer	0f00b27384	events: add missing migration ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-04 17:51:31 +02:00
Steven Armstrong	ab5981836d	providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514) ... Use the RDN instead of the FDN when establishing group memberships based on posixGroup's 'memberUid' attribute. fixes #1436 Signed-off-by: Steven Armstrong <steven@armstrong.cc>	2021-10-04 10:56:06 +02:00
Jens Langhammer	036a4e86e2	tests/integration: fix tests failing due to incorrect comparison ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 22:54:07 +02:00
Jens Langhammer	45f99fbaf0	outposts: fix circular import in kubernetes controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:25:26 +02:00
Jens Langhammer	83150d9920	outposts: fix circular import in kubernetes controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:25:18 +02:00
Jens Langhammer	e31a3307b5	providers/proxy: always check ingress secret in kubernetes controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:14:42 +02:00
Jens Langhammer	d28fcca344	outposts: check ports of deployment in kubernetes outpost controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:14:42 +02:00
Jens Langhammer	c296e1214c	web: fix package lock ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:14:37 +02:00
Jens Langhammer	d30dcda814	providers/proxy: always check ingress secret in kubernetes controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:14:27 +02:00
Jens Langhammer	c720c9f41b	outposts: check ports of deployment in kubernetes outpost controller ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 19:09:52 +02:00
Jens Langhammer	39d87841d0	outposts/proxy: add new headers with unified naming ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 18:20:44 +02:00
Jens Langhammer	b285814e24	sources/ldap: fix logic error in Active Directory account disabled status ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 18:19:07 +02:00
Jens Langhammer	1c52836060	web: fix package lock ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 01:17:41 +02:00
Jens Langhammer	8dd77793a0	sources/ldap: fix logic error in Active Directory account disabled status ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-03 00:30:35 +02:00
Jens Langhammer	3c1ac4c7ec	outposts/proxy: add new headers with unified naming ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-02 22:00:23 +02:00
Jens Langhammer	faca127217	Merge branch 'version-2021.9' ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # Pipfile.lock	2021-10-01 12:19:11 +02:00
Jens Langhammer	1a6ea72c09	release: 2021.9.4	2021-10-01 09:51:51 +02:00
Jens Langhammer	c251b87f8c	sources/ldap: add support for Active Directory userAccountControl attribute ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-30 19:34:43 +02:00
Jens Langhammer	21a9aa229a	sources/ldap: don't sync ldap source when no property mappings are set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-30 19:34:43 +02:00
Jens Langhammer	53e15bfbca	sources/ldap: add support for Active Directory userAccountControl attribute ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-30 19:13:48 +02:00
Jens Langhammer	8bce16e6b4	sources/ldap: don't sync ldap source when no property mappings are set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-30 18:49:18 +02:00
Jens Langhammer	10b45d954e	outposts: allow disabling of docker controller port mapping ... closes #1474 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-30 00:11:50 +02:00
Jens Langhammer	4cb8ae760a	outposts: allow disabling of docker controller port mapping ... closes #1474 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-29 23:55:22 +02:00
Jens L	f9ad102915	flows: inspector (#1469) ... * flows: add initial inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: change naming a bit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flow: add inspector frame Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: don't use shadydom when inspecting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add current stage to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/*: fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: deep-copy plan instead of just adding Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: restrict inspector to admin Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add buttons to launch flow with inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: don't automatically follow redirects when inspector is open Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: make current_plan optional, only require historry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: handle error messages in inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: improve UI when flow is done Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add is_completed flag to inspector Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: fix monkeypatches for tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: add inspector tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: re-enable cache Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-28 09:36:48 +02:00
Jens Langhammer	941bc61b31	release: 2021.9.3	2021-09-27 17:31:50 +02:00
Jens Langhammer	282b364606	stages/prompt: fix inconsistent policy context for validation policies ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-27 17:05:26 +02:00
pemontto	674bd9e05c	web/admin: Fix typo 'username address' -> 'username' (#1473)	2021-09-26 12:53:37 +02:00
Jens Langhammer	b248f450dd	outposts: make AUTHENTIK_HOST_BROWSER configurable from central config ... closes #1471 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-26 12:00:51 +02:00
pemontto	aea1736f70	outposts/proxy: Fix failing traefik healtcheck (#1470)	2021-09-26 11:33:18 +02:00
Jens Langhammer	4f3583cd7e	providers/proxy: make token_validity float and optional for backwards compat ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 15:54:32 +02:00
Jens Langhammer	f7408626a8	providers/proxy: return token_validity as total seconds instead of expression ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 15:44:16 +02:00
Jens Langhammer	28eeb4798e	providers/proxy: add token_validity field for outpost configuration ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1462	2021-09-25 15:00:06 +02:00
Jens Langhammer	79b92e764e	*: fix typos in code ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 00:01:11 +02:00
Jens Langhammer	919336a519	outposts: ensure service is always re-created with mismatching ports ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-24 23:45:15 +02:00
Jens Langhammer	93bdea3769	core: fix api return code for user self-update ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-24 11:51:03 +02:00
Jens Langhammer	64b4e851ce	events: add additional validation for event transport ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-23 16:29:58 +02:00
Jens Langhammer	eddca478dc	release: 2021.9.2	2021-09-23 12:34:02 +02:00
Jens Langhammer	74169860cf	api: add logging to sentry proxy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-23 09:57:42 +02:00
Jens Langhammer	2fe6de0505	release: 2021.9.1	2021-09-22 19:11:20 +02:00
Jens Langhammer	ae07f13a87	outposts: don't map port 9300 on docker, only expose port ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-21 21:40:08 +02:00
Jens Langhammer	e6b275add3	stages/invitation: fix linting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 20:41:05 +02:00
Jens Langhammer	27016a5527	stages/invitation: fix tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 20:30:51 +02:00
Jens Langhammer	4c29d517f0	stages/email: use different query arguments for email and invitation tokens ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 19:55:53 +02:00
Jens Langhammer	180d27cc37	outposts: don't restart container when health checks are starting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 19:46:05 +02:00
Jens Langhammer	3195640776	stages/email: slugify token identifier ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 19:26:25 +02:00
Jens Langhammer	d900a2b6a9	*: fix lookup_fields ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 19:19:36 +02:00
Jens Langhammer	95a2fddfa8	policies/expression: add ak_user_has_authenticator ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 19:13:41 +02:00
Jens Langhammer	8f7d21b692	stages/email: don't throw 404 when token can't be found ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 19:01:25 +02:00
Jens Langhammer	3f84abec2f	core: fix token identifier not being slugified when created with user-controller input ... closes #1390 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 13:43:25 +02:00
Jens Langhammer	b5c857aff4	api: add explicit lookup_value_regex, disable include_format_suffixes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-20 13:42:56 +02:00
Jens Langhammer	ac52667327	release: 2021.9.1-rc3	2021-09-19 21:52:49 +02:00
Jens Langhammer	f6e0f0282d	core: fix tokens not being viewable but superusers ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-19 16:11:20 +02:00
Jens Langhammer	3f42067a8f	web: improve display of action buttons with non-primary classes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-19 15:57:12 +02:00
Jens Langhammer	ed6f5b98df	sources/ldap: improve messages of sync tasks in UI ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-19 15:54:22 +02:00
Jens Langhammer	c85484fc00	core: allow admins to create tokens with all parameters, re-add user to token form ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-19 15:25:48 +02:00
Jens Langhammer	8279690a8f	sources/ldap: prevent error when retrying old system task with no arguments ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-17 16:49:26 +02:00
Jens Langhammer	3d8d93ece5	root: log failed celery tasks to event log ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-17 12:42:42 +02:00
Jens Langhammer	06af306e8a	sources/ldap: bump timeout, run each sync component in its own task ... closes #1411 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-17 12:42:20 +02:00
dependabot[bot]	3e4ce62dfe	build(deps-dev): bump pylint from 2.10.2 to 2.11.1 (#1409) ... * build(deps-dev): bump pylint from 2.10.2 to 2.11.1 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.10.2 to 2.11.1. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/v2.10.2...v2.11.1) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * root: update pylint config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-17 09:46:39 +02:00
Jens Langhammer	28189bdddf	release: 2021.9.1-rc2	2021-09-16 23:23:36 +02:00
Jens L	13e2eea72f	web/user: new end-user interface (#1404) ... * web/user: migrate to top navbar Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: prepare config from server Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * re-sort Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove old interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update issue template Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use notification badge Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: re-add go-to-admin button Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: fix remaining redirects directly to admin Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * make settings better Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: ensure sources and stages are sorted Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add sessions and consent Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/oauth2: add post wrapper to stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add new interface to release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 22:17:05 +02:00
Jens L	9441be1ee2	interface split (#943)	2021-09-16 17:30:16 +02:00
Jens Langhammer	17503365f7	policies: improve error handling when using bindings without policy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 11:04:31 +02:00
Jens Langhammer	ebf9f0ca63	stages/email: don't crash when testing stage does not exist ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 11:04:08 +02:00
Jens Langhammer	ae26d2756f	providers/saml: improved error handling ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 10:58:51 +02:00
Jens Langhammer	124071f9be	root: remove python requirement from pipfile ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 10:37:43 +02:00
Jens Langhammer	341c58a722	core: fix token expiry for service accounts being only 30 minutes ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 09:57:34 +02:00
Jens Langhammer	bdd5e16db1	release: 2021.9.1-rc1	2021-09-15 20:20:54 +02:00
Jens Langhammer	d4672bfe79	events: log parsed query string instead of just full path ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 20:15:04 +02:00
Jens Langhammer	abd9fab41a	api: fix call of sentry proxy task ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 19:39:58 +02:00
Jens Langhammer	7c8bf42ef9	api: send proxied sentry events in background ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 19:12:20 +02:00
Jens Langhammer	274b555912	api: add timeout for sentry proxy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 18:59:27 +02:00
Jens Langhammer	916530f0d8	providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui ... closes #1369 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 17:14:53 +02:00
Jens Langhammer	95efd47f65	root: remove asgi error handler ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 12:23:14 +02:00
Jens Langhammer	90ecb1af7f	outposts: fix service account's permissions being checked twice ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 09:55:27 +02:00
Jens Langhammer	d7fdca1b44	stages/email: fix error when retrying email delivery after stage has been deleted ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 09:50:11 +02:00
Denis Teyssier	37346763dc	sources/oauth: Updating token url to new google url (#1397) ... the present url goes to a 404 google openid (https://accounts.google.com/.well-known/openid-configuration) says the new url is `https://oauth2.googleapis.com/token` not using the new url makes authentik fallback on the default auth flow	2021-09-15 09:15:19 +02:00
Jens Langhammer	ef341dd405	stages/user_write: add option to add newly created users to a group ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 21:45:34 +02:00
Jens Langhammer	3ddf2d6f85	sources/oauth: fix type lookup for openid not matching ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 14:38:35 +02:00
Jens Langhammer	ba6849f29c	*: remove string.format() ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 12:06:47 +02:00
Jens Langhammer	942170f902	Revert "sources/oauth: fix access_token being sent as query param and not authorization header" ... This reverts commit 248f993541.	2021-09-14 11:59:32 +02:00
Jens Langhammer	248f993541	sources/oauth: fix access_token being sent as query param and not authorization header ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 11:07:36 +02:00
Jens Langhammer	3a700a449a	sources/oauth: don't try to load azure AD user ID as UUID ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-14 09:33:44 +02:00
Jens Langhammer	23444f4df0	core: fix lint error ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-13 18:19:28 +02:00
Jens Langhammer	71e68b498e	core: optimise groups api by removing member superuser status ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-13 18:06:37 +02:00
Jens Langhammer	fb267ee223	tenants: optimise db queries in middleware ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-13 17:54:37 +02:00
Jens Langhammer	a4b3519428	api: fix possible error in sentry proxy ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-13 16:36:04 +02:00
Jens Langhammer	9a7fa39de4	events: allow setting a mapping for webhook transport to customise request payloads ... closes #1383 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-12 01:05:42 +02:00
Jens Langhammer	c779ad2e3b	*: use common user agent for all outgoing requests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-11 21:08:26 +02:00
Jens Langhammer	7e7ef289ba	admin: migrate to new update check, add option to disable update check ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-11 20:35:23 +02:00
Jens Langhammer	bf771f8b6c	release: 2021.8.5	2021-09-11 19:20:13 +02:00
Jens Langhammer	df4c8003b8	api: fix items of list fields having nullable set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 18:15:59 +02:00
Jens Langhammer	39b365c6ae	sources/oauth: don't cancel flow when redirecting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 16:36:10 +02:00
Jens Langhammer	e229eda96e	outposts/controllers/kubernetes: don't create service monitor for embedded outpost ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 15:59:39 +02:00
Jens Langhammer	4448145aa9	providers/proxy: use auth/traefik subpath ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 13:53:04 +02:00
Jens Langhammer	7dfbcdbb81	stages/authenticator_duo: add API to "import" devices from duo ... closes #1371 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 11:35:09 +02:00
Jens Langhammer	2862b4ecfb	core: remove ?v from static files ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 20:09:12 +02:00
Jens Langhammer	13d17dc729	lib: fix default listening port for metrics ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 16:40:39 +02:00
Jens Langhammer	5cf3a13ca8	flows: fix invalid parameter in tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 16:36:51 +02:00
Jens Langhammer	d0898a3869	flows: ensure all StageViews accept post, add tests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 16:30:14 +02:00
Jens L	7158c9d2ea	core: metrics v2 (#1370) ... * outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 15:52:24 +02:00
Jens Langhammer	da58796768	providers/proxy: fix defaults for old proxy providers (load providers directly) ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 13:54:24 +02:00