trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
6249 commits 95 branches 330 tags 336 MiB
Commit graph

162 commits

Author SHA1 Message Date
Jens Langhammer 55c24de8c7 policies: fix error when viewing/clearing cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 19:57:50 +02:00
Jens Langhammer eeb9449c11 lib: remove templatetags 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 12:37:32 +02:00
Jens Langhammer 42cb55d78a *: rename objectType to component to get rid of lookup tables 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 11:32:17 +02:00
Jens Langhammer 448dd7ed54 core: change TypeCreateSerializer to component 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:17:30 +02:00
Jens Langhammer 0f76e80341 admin: remove policies views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 17:15:48 +02:00
Jens Langhammer 6acfbb7d66 policies/reputation: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 17:09:30 +02:00
Jens Langhammer fcdc064cac policies/password: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 17:09:19 +02:00
Jens Langhammer 0c92f4a74d policies/hibp: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:57:55 +02:00
Jens Langhammer ac136ec5f6 policies/expiry: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:49:37 +02:00
Jens Langhammer f75f6a8404 policies/expression: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:42:30 +02:00
Jens Langhammer 415bb4cc88 policies/event_matcher: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:37:51 +02:00
Jens Langhammer 6a3e1da986 policies/dummy: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:31:53 +02:00
Jens Langhammer 83fc22005c *: remove swagger parameters from functions that don't accept them 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 13:39:22 +02:00
Jens Langhammer d3f2f987e0 providers/saml: migrate saml property mappings to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:38:40 +02:00
Jens Langhammer af438af8ac stages/invitation: add API tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 20:52:46 +02:00
Jens Langhammer 041b51a7f8 policies: add tests for bindings API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 20:37:24 +02:00
Jens Langhammer e476186cbc web/admin: migrate policybinding form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 19:41:42 +02:00
Jens Langhammer 3124b0f39c web/elements: add support for non-field errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 19:13:56 +02:00
Jens Langhammer 55f68a9197 policies: fix api updating issues 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 18:54:36 +02:00
Jens Langhammer d248b30eb3 policies: fix serializers for bindings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 16:26:52 +02:00
Jens L 46f4493f04
policies: configurable engine mode (#682) 
* policies: add policy_engine_mode field, defaults to MODE_ALL

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to forms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: update default for new objects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* docs: add to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 14:14:56 +02:00
Jens Langhammer 6916c59483 policies: fix test API not working, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 17:22:47 +02:00
Jens Langhammer b1214f6c35 *: add new base class for non-model serializers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 15:50:00 +02:00
Jens Langhammer 69ee18e13d Merge branch 'master' into new-forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
 2021-03-30 10:26:18 +02:00
Jens Langhammer 7e85524e51 *: simplify API permissions checking, add API for user recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 09:45:48 +02:00
Jens Langhammer 54c50f6446 policies: add test API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 23:40:36 +02:00
Jens Langhammer 7d74e1d2c4 *: revert to drf-yasg upstream 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 21:04:54 +02:00
Jens Langhammer 464a56ad52 Merge branch 'master' into new-forms 2021-03-29 15:37:12 +02:00
Jens Langhammer 0793fff222 *: simplify API permissions checking, add API for user recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 15:36:35 +02:00
Jens Langhammer 3cc7d54cc1 policies: use GroupSerializer for PolicyBinding API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 12:28:06 +02:00
Jens Langhammer 533a719914 sources/oauth: migrate to webcomponents 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 20:35:00 +01:00
Jens Langhammer 3f6174e8cc ci: fix missing isort 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 18:28:23 +01:00
Jens Langhammer de6fa63d21 web: detect deep links in flow interface and redirect locally 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 18:04:21 +01:00
Jens Langhammer c6c4636b9b policies: show messages of root result 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 17:14:54 +01:00
Jens Langhammer 0671d712fa policies: remove deprecated group_membership policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 14:43:24 +01:00
Jens Langhammer 6961089425 flows: add API to clear cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 10:37:41 +01:00
Jens Langhammer 3157bf63a6 root: upgrade to pylint 2.7 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 20:03:33 +01:00
Jens Langhammer e202fd988b root: update to isort 5 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 19:53:10 +01:00
Jens Langhammer dae60b5a08 *: replace ReadOnlyModelViewSet with List/Retrieve/Delete viewsets 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 12:11:07 +01:00
Jens Langhammer 9d339d8b11 policies: fix error when clearing policy cache when no policies are cached 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-13 21:10:13 +01:00
Jens Langhammer 373793ce9a policies: show more information when provider fails to resolve application 2021-03-02 16:58:55 +01:00
Jens Langhammer 743aaea15e policies: improve logging 2021-03-02 15:04:31 +01:00
Jens Langhammer 7538af5e09 docs: fix download links for compose 2021-03-02 10:07:46 +01:00
Jens Langhammer c65b2944b3 stages/reputation: add API for user and IP Score 2021-03-01 20:22:37 +01:00
Jens Langhammer 644a03e40e lib: don't order_by on widget because PolicyBindingModel, order in form 2021-03-01 19:23:09 +01:00
Jens Langhammer 88ce93ab04 policies: fix tests creating policies with empty names 2021-03-01 19:22:35 +01:00
Jens Langhammer 03d38557e5 stages/*: simplify __str__ of classes 2021-03-01 18:30:47 +01:00
Jens Langhammer ca4ead8fd8 events: fix event creation with anonymous user 2021-03-01 12:04:27 +01:00
Jens Langhammer d2dfc6d63b Merge branch 'master' into stage-challenge 2021-02-27 16:04:57 +01:00
Jens Langhammer 5c652c1f79 policies: sort groups in groupmembership policy and binding 
closes #595
 2021-02-27 13:19:38 +01:00
Jens Langhammer 451c117ea4 stages/authenticator_webauthn: fix incorrect response being sent 2021-02-22 19:54:05 +01:00
Jens Langhammer bdb86d7119 *: replace shortcuts.reverse with urls.reverse 2021-02-20 19:13:50 +01:00
Jens Langhammer 6597d5bd28 web: migrate Token List to web 2021-02-19 19:09:30 +01:00
Jens Langhammer 79089d8981 policies: add bound count to api 2021-02-19 16:53:30 +01:00
Jens Langhammer 47bde052ca policies: add types action to policy API, use MetaNameSerializer 2021-02-19 16:34:33 +01:00
Jens Langhammer ecff810021 *: replace List from typing with normal list 2021-02-18 13:45:46 +01:00
Jens Langhammer fdde97cbbf *: replace Dict from typing with normal dict 2021-02-18 13:41:03 +01:00
Jens L 8708e487ae
stages: add WebAuthn stage (#550) 
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
 2021-02-17 20:49:58 +01:00
Jens Langhammer 099197ba8c providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly 2021-02-16 21:30:15 +01:00
Jens Langhammer f8ba623fc1 web: add more related links, add policy/user/group support for bindings 2021-02-16 20:52:59 +01:00
Jens Langhammer 5417d0a90c *: bump pyright version 2021-02-12 10:19:38 +01:00
Jens Langhammer 417b5d61a4 root: add initial geoip implementation 2021-02-12 09:52:14 +01:00
Jens Langhammer 1afb4a7a76 policies: add ability to directly assign groups in bindings 2021-02-11 20:36:48 +01:00
Jens Langhammer aa0f5df218 policies/*: cleanup api and forms, use correct inheritance 2021-02-11 19:50:02 +01:00
Jens Langhammer 71c9108f89 events: rename token_view to secret_view 2021-02-09 18:20:28 +01:00
Jens Langhammer 52016e0806 policies: skip cache on debug request 2021-02-08 22:14:23 +01:00
Jens Langhammer e555bdd42b lib: fix stacktrace for general expressions 2021-02-08 22:14:13 +01:00
Jens Langhammer ec42869e00 policies: add debug flag to PolicyRequest to prevent alerts from testing policies 2021-02-06 21:45:38 +01:00
Jens L e25d03d8f4
Managed objects (#519) 
* managed: add base manager and Ops

* core: use ManagedModel for Token and PropertyMapping

* providers/saml: implement managed objects for SAML Provider

* sources/ldap: migrate to managed

* providers/oauth2: migrate to managed

* providers/proxy: migrate to managed

* *: load .managed in apps

* managed: add reconcile task, run on startup

* providers/oauth2: fix import path for managed

* providers/saml: don't set FriendlyName when mapping is none

* *: use ObjectManager in tests to ensure objects exist

* ci: use vmImage ubuntu-latest

* providers/saml: add new mapping for username and user id

* tests: remove docker proxy

* tests/e2e: use updated attribute names

* docs: update SAML docs

* tests/e2e: fix remaining saml cases

* outposts: make tokens as managed

* *: make PropertyMapping SerializerModel

* web: add page for property-mappings

* web: add codemirror to common_styles because codemirror

* docs: fix member-of in nextcloud

* docs: nextcloud add admin

* web: fix refresh reloading data two times

* web: add loading lock to table to prevent double loads

* web: add ability to use null in QueryArgs (value will be skipped)

* web: add hide option to property mappings

* web: fix linting
 2021-02-03 21:18:31 +01:00
Jens Langhammer cfed41439e events: add send_once flag to send webhooks only once 2021-02-02 19:34:55 +01:00
Jens Langhammer 624206281e policies: optimise logging 2021-02-02 16:12:41 +01:00
Jens Langhammer 7fbf915e0a policies: fix application cached not being cleared correctly 2021-01-30 18:12:01 +01:00
Jens Langhammer 3d3a0cd9e3 events: create event when system task fails 2021-01-18 10:09:14 +01:00
Jens Langhammer 8ffa3e5885 policies: fix logic error for sync mode 2021-01-17 23:31:34 +01:00
Jens Langhammer d19bfebce3 policies: detect when running in a daemon process and run policies sync 2021-01-17 19:59:58 +01:00
Jens Langhammer b86d4a455d policies: use custom context for fork instead of changing global context 2021-01-17 19:59:19 +01:00
Jens Langhammer aad3b43ac3 core: cache applications API 2021-01-16 22:38:09 +01:00
Jens Langhammer 4baf9e4a22 web: fix unread count, use white-space pre 2021-01-16 18:04:09 +01:00
Jens Langhammer 4f28a89e63 policies: improve recording of error messages during policy process 2021-01-16 16:38:57 +01:00
Jens Langhammer f8b4b92e8d policies: pass direct exception from expression policies 2021-01-16 15:41:59 +01:00
Jens Langhammer a2bddc6d91 policies: fix engine tests checking wrong key 2021-01-15 11:27:07 +01:00
Jens Langhammer 2e42da11ea policies/event_matcher: simplify validity checking 2021-01-15 11:26:55 +01:00
Jens Langhammer da59e7c4a7 events: fix infinite loop in unittests 2021-01-15 00:32:59 +01:00
Jens Langhammer 7f5caf901d expressions: set exception as message field 2021-01-14 21:58:10 +01:00
Jens Langhammer 1c686e19b5 policies: set message instead of error for Event 2021-01-14 20:17:21 +01:00
Jens Langhammer 4447345345 policies: fix display of stacktrace in events 2021-01-14 18:07:41 +01:00
Jens Langhammer 7ff679b1a3 policies: fix error when error occurs during policy process with no target 2021-01-14 17:22:02 +01:00
Jens Langhammer b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
Jens L c727c845df
policies: add and/or mode (#463) 
* policies: add mode to PolicyEngine for AND and OR modes

* events: use PolicyEngine in OR mode
 2021-01-12 18:22:25 +01:00
Jens L 1ccf6dcf6f
events: Notifications (#418) 
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
 2021-01-11 18:43:59 +01:00
Jens Langhammer 4743e72e18 policies: ensure binding has a target during unittests 2021-01-05 12:37:52 +01:00
Jens Langhammer 9fb5ce2a1a policies: add binding to policy_execution context 2021-01-05 11:51:05 +01:00
dependabot[bot] bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 (#445) 
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-01-01 15:39:43 +01:00
Jens Langhammer be54ba4fe2 policies: catch error in process to not hang requests 2020-12-31 11:16:17 +01:00
Jens Langhammer 68b9c34f78 policies: fix obj not being set 2020-12-31 11:16:01 +01:00
Jens Langhammer a20ca9136b providers/oauth2: use in for prompt check 2020-12-26 18:53:47 +01:00
Jens Langhammer 3759e96e7d providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in 2020-12-26 18:45:23 +01:00
Jens Langhammer 480d882a82 policies: add pre_permission_check to PolicyAccessView for request validity checks 2020-12-26 18:43:45 +01:00
Jens Langhammer 001de38d85 docs: add nextcloud docs 2020-12-22 20:09:15 +01:00
Jens Langhammer db135a6dbc policies/expression: fix missing ak_logger 2020-12-20 22:18:13 +01:00