Jens Langhammer
61b5714652
docs: update release notes
2021-02-10 20:47:06 +01:00
Jens Langhammer
d2df426489
core: fix tokens using wrong lookup
2021-02-10 20:32:54 +01:00
Jens Langhammer
a367d8515f
core: add source endpoint
2021-02-10 20:12:07 +01:00
Jens Langhammer
2b7a22a29a
core: add providers/types endpoint
2021-02-10 20:11:54 +01:00
Jens Langhammer
c621f62d92
release: 2021.2.2-stable
2021-02-10 13:33:23 +01:00
Jens Langhammer
d15e50025c
root: log runtime in milliseconds
2021-02-09 23:33:25 +01:00
Jens Langhammer
0af66a26ab
crypto: move certificate and key data to separate api calls to create events
2021-02-09 21:47:00 +01:00
Jens Langhammer
bf754369d9
providers/proxy: fix certificates without key being selectable
2021-02-09 21:11:44 +01:00
Jens Langhammer
02dc112f8f
outposts: fix ProxyProvider update not triggering outpost update
2021-02-09 20:59:39 +01:00
Jens Langhammer
2d4e7ebab5
admin: remove unnecessary success_urls
2021-02-09 20:58:46 +01:00
Jens Langhammer
a7d0a50859
events: rename context.token to context.secret
2021-02-09 20:10:43 +01:00
Jens Langhammer
71c9108f89
events: rename token_view to secret_view
2021-02-09 18:20:28 +01:00
Jens Langhammer
45f1d95bf9
sources/oauth: add callback URL to api
2021-02-09 16:58:19 +01:00
Jens Langhammer
5dab198c47
web: add new sources view
2021-02-09 16:24:27 +01:00
Jens Langhammer
ad91abe9de
admin: remove old sources view
2021-02-09 16:17:48 +01:00
Jens Langhammer
fa30755241
web: make ActionButton's method configurable
2021-02-09 16:14:51 +01:00
Jens Langhammer
552f8c6a9a
sources/*: switch API to use slug in URL
2021-02-09 16:08:30 +01:00
Jens Langhammer
2acdcf74e1
sources/ldap: add API for sync status
2021-02-09 10:21:59 +01:00
Jens Langhammer
52016e0806
policies: skip cache on debug request
2021-02-08 22:14:23 +01:00
Jens Langhammer
e555bdd42b
lib: fix stacktrace for general expressions
2021-02-08 22:14:13 +01:00
Jens Langhammer
b3bd979ecd
release: 2021.2.1-stable
2021-02-08 21:34:05 +01:00
Jens Langhammer
db113c5e8f
Merge branch 'master' into version-2021.2
2021-02-08 21:33:58 +01:00
Jens Langhammer
78bcb90a1e
outposts: ensure Outpost API is backwards compatible
2021-02-08 19:51:46 +01:00
Jens Langhammer
43bab840ec
web: fix sidebar being active when stage prompts is selected
2021-02-08 19:08:39 +01:00
Jens Langhammer
f020b79384
admin: remove old code
2021-02-08 19:07:25 +01:00
Jens Langhammer
820f658b49
web: add outpost list page
2021-02-08 19:04:19 +01:00
Jens Langhammer
5d460a2537
admin: remove outposts list
2021-02-08 19:02:39 +01:00
Jens Langhammer
efc46f52e6
outposts: move health to API
2021-02-08 19:01:10 +01:00
Jens Langhammer
fe4b2d1a34
providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event
2021-02-08 11:51:38 +01:00
Jens Langhammer
f8abe3e210
providers/oauth2: add unofficial groups attribute to default profile claim
2021-02-08 11:50:26 +01:00
Jens Langhammer
3ced67b151
sources/*: simplify source api
2021-02-08 10:25:59 +01:00
Jens Langhammer
cd5631ec76
admin: fix link in source list
2021-02-08 10:25:59 +01:00
Jens Langhammer
1e934aa5d5
release: 2021.2.1-rc2
2021-02-07 19:04:43 +01:00
Jens Langhammer
d93927755a
Merge branch 'master' into version-2021.2
2021-02-07 19:04:37 +01:00
Jens Langhammer
bf9826873e
web: fix outpost item in sidebar being active on service connection views
2021-02-07 18:21:13 +01:00
Jens Langhammer
6869b3c16a
admin: add button to generate certificate-key pair
2021-02-07 16:15:55 +01:00
Jens Langhammer
bfc8e9200f
providers/saml: split views into separate files
2021-02-07 13:39:33 +01:00
Jens Langhammer
c4311abc9f
web: fix link to provider list on overview page
2021-02-06 22:46:09 +01:00
Jens Langhammer
ec42869e00
policies: add debug flag to PolicyRequest to prevent alerts from testing policies
2021-02-06 21:45:38 +01:00
Jens Langhammer
45963c2ffc
admin: improve layout for policy testing
2021-02-06 21:43:14 +01:00
Jens Langhammer
7af883d80c
root: add dedicated live and readiness views
2021-02-06 21:07:05 +01:00
Jens Langhammer
4a5374d03f
admin: remove provider list view
2021-02-06 20:54:50 +01:00
Jens Langhammer
3b536f6e55
admin: fix property-mapping views redirecting to invalid URL
2021-02-06 20:54:12 +01:00
Jens Langhammer
6aa13a8666
providers/saml: force-set friendly_name to empty string for managed mappings
2021-02-06 20:52:52 +01:00
Jens Langhammer
33cdbd7776
release: 2021.2.1-rc1
2021-02-06 20:10:50 +01:00
Jens Langhammer
db7e9f9b95
sources/ldap: set default group property mapping
2021-02-06 19:17:39 +01:00
Jens Langhammer
91282c7bd8
web: add page for Proxy Provider
2021-02-06 18:57:25 +01:00
Jens Langhammer
830b8bcd5b
web: add page for OAuth2 Provider
2021-02-06 18:39:15 +01:00
Jens Langhammer
0f5e6d0d8c
api: add dark theme for API Browser
2021-02-06 18:09:24 +01:00
Jens Langhammer
6aa6615608
web: add view page for SAML Provider
2021-02-06 18:07:13 +01:00
Jens Langhammer
91d6a3c8c7
providers/*: simplify provider API
2021-02-06 17:31:29 +01:00
Jens L
a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid ( #533 )
2021-02-06 15:56:21 +00:00
Jens Langhammer
32cf960053
sources/ldap: add property_mappings_group to make group mapping more customisable
2021-02-06 15:27:07 +01:00
Jens Langhammer
83bf639926
sources/ldap: use both entryDN and dn (for active-directory)
2021-02-05 15:17:57 +01:00
Jens Langhammer
2717742bd2
sources/ldap: don't remove users from group which were not synced from AD
2021-02-05 15:17:20 +01:00
Jens Langhammer
ef70e93bbd
Merge branch 'master' into ldap-groupOfNames
2021-02-05 14:52:39 +01:00
Jens Langhammer
478d3430eb
sources/ldap: use openldap tests for entire sync
2021-02-05 14:29:22 +01:00
Jens Langhammer
9c1ade59e9
sources/ldap: add more flatten to user sync, start adding tests for OpenLDAP
2021-02-05 13:36:27 +01:00
Jens Langhammer
fadf746234
managed: allow for matching on multiple interfaces
2021-02-05 13:18:44 +01:00
Jens Langhammer
397dfc29f1
sources/ldap: change default object filters to use objectClass= instead of objectCategory
2021-02-05 11:43:39 +01:00
Jens Langhammer
b0e3b8b39d
sources/ldap: use entryDN attribute from ldap3 as opposed to implicit DN attribute
2021-02-05 11:43:13 +01:00
Jens Langhammer
1f8130e685
events: improve information sent in notification emails
2021-02-04 21:44:59 +01:00
Jens Langhammer
e639d8ab56
sources/ldap: add case when group does not have uniqueness attribute
2021-02-04 21:18:49 +01:00
Jens Langhammer
005b4d8dda
sources/ldap: fix linting issues
2021-02-04 20:36:05 +01:00
Jens Langhammer
de2d8b2d85
providers/oauth2: pass application to configuration error event
2021-02-04 20:35:37 +01:00
Jens Langhammer
7d107991a2
sources/ldap: fix count for membership, fix wrong attribute being searched
2021-02-04 20:22:28 +01:00
Jens Langhammer
14dc420747
sources/ldap: rewrite group membership syncing
2021-02-04 20:06:42 +01:00
Jens L
89dc4db30b
sources/ldap: load operational attributes ( #526 )
2021-02-04 12:37:55 +01:00
Jens Langhammer
cc3fccb27e
sources/ldap: use dn attribute for distinguishedName, ignore users with no distinguishedName
...
closes #527
2021-02-04 12:10:57 +01:00
Jens Langhammer
add20de8de
providers/*: fix api linting issues
2021-02-04 10:27:55 +01:00
Jens Langhammer
53f002a123
events: allow searching by event id
2021-02-04 10:09:19 +01:00
Jens Langhammer
c7c387eb38
providers/*: add assigned application name and slug
2021-02-04 10:09:19 +01:00
Jens Langhammer
1b3760a4b7
events: don't log successful system tasks
2021-02-04 10:09:18 +01:00
Jens Langhammer
1101810fea
admin: show more details for policy testing
2021-02-03 22:09:46 +01:00
Jens Langhammer
1ab5289e2e
admin: add test view for property mappings
2021-02-03 21:58:56 +01:00
Jens Langhammer
4b24b185f2
admin: fix context not being passed correctly to policy test view
2021-02-03 21:40:03 +01:00
Jens Langhammer
ea0ba5ae30
stages/password: use form.add_error
2021-02-03 21:39:03 +01:00
Jens Langhammer
b74c08620a
admin: add link to changelog to update events
2021-02-03 21:19:51 +01:00
Jens L
e25d03d8f4
Managed objects ( #519 )
...
* managed: add base manager and Ops
* core: use ManagedModel for Token and PropertyMapping
* providers/saml: implement managed objects for SAML Provider
* sources/ldap: migrate to managed
* providers/oauth2: migrate to managed
* providers/proxy: migrate to managed
* *: load .managed in apps
* managed: add reconcile task, run on startup
* providers/oauth2: fix import path for managed
* providers/saml: don't set FriendlyName when mapping is none
* *: use ObjectManager in tests to ensure objects exist
* ci: use vmImage ubuntu-latest
* providers/saml: add new mapping for username and user id
* tests: remove docker proxy
* tests/e2e: use updated attribute names
* docs: update SAML docs
* tests/e2e: fix remaining saml cases
* outposts: make tokens as managed
* *: make PropertyMapping SerializerModel
* web: add page for property-mappings
* web: add codemirror to common_styles because codemirror
* docs: fix member-of in nextcloud
* docs: nextcloud add admin
* web: fix refresh reloading data two times
* web: add loading lock to table to prevent double loads
* web: add ability to use null in QueryArgs (value will be skipped)
* web: add hide option to property mappings
* web: fix linting
2021-02-03 21:18:31 +01:00
Jens Langhammer
cfed41439e
events: add send_once flag to send webhooks only once
2021-02-02 19:34:55 +01:00
Jens Langhammer
3ac148d01c
events: only title for slack webhook
2021-02-02 19:18:51 +01:00
Jens Langhammer
3e696d6ac8
flows: use global logger for stored plans
2021-02-02 17:29:03 +01:00
Jens Langhammer
0114bc0d6a
flows: fix lint errors
2021-02-02 17:02:02 +01:00
Jens Langhammer
c60934f9b1
flows: fix benchmark using wrong context
2021-02-02 16:27:21 +01:00
Jens Langhammer
09bdcfaab0
flows: optimise logging
2021-02-02 16:27:03 +01:00
Jens Langhammer
624206281e
policies: optimise logging
2021-02-02 16:12:41 +01:00
Jens Langhammer
3d112e7688
root: use filtering_bound_logger for speed improvements
2021-02-02 15:43:44 +01:00
Jens Langhammer
3c4ff65a01
stages/consent: fix wrong widget for expire
2021-02-02 15:01:33 +01:00
Jens Langhammer
3926ee9eb6
core: clear application cache upon application creation
2021-01-30 18:12:14 +01:00
Jens Langhammer
7fbf915e0a
policies: fix application cached not being cleared correctly
2021-01-30 18:12:01 +01:00
Jens Langhammer
5af9e8c05d
core: improve application caching
2021-01-30 18:03:44 +01:00
Jens Langhammer
d8ae56ed19
providers/saml: fix imported provider not saving properties correctly
2021-01-30 12:33:27 +01:00
Jens Langhammer
3e3f29973b
release: 2021.1.4-stable
2021-01-29 10:29:06 +01:00
Jens Langhammer
2f3a086f29
docs: update veeam docs for group mapping
2021-01-28 23:34:51 +01:00
Jens Langhammer
239af7048a
providers/saml: import SAML Provider with all autogenerated mappings
2021-01-28 23:32:36 +01:00
Jens Langhammer
188ef0f58f
core: only cache Applications API when no filtering is done
2021-01-28 23:16:51 +01:00
Jens Langhammer
5ef4354723
providers/saml: make NameID configurable using a Property Mapping
2021-01-28 22:50:13 +01:00
Jens Langhammer
66a8b52c7c
providers/saml: update default OIDs for default property mappings
2021-01-28 22:44:44 +01:00
Jens Langhammer
c1563f4cff
lib: fix ak_is_group_member checking wrong groups
2021-01-28 22:30:59 +01:00
Jens Langhammer
da37b42bcf
admin: fix providers not showing SAML Import on empty state
2021-01-28 22:16:50 +01:00
Jens Langhammer
f4bb22138c
providers/saml: add support for WindowsDomainQualifiedName, add docs for NameID
2021-01-28 22:00:40 +01:00
Jens Langhammer
c0199933c8
events: fix email template for notifications
2021-01-27 13:22:43 +01:00
Jens Langhammer
5c3f410016
release: 2021.1.3-stable
2021-01-27 10:50:48 +01:00
Jens Langhammer
b1591618ae
admin: handle FlowNonApplicableException during flow plan
2021-01-27 09:57:26 +01:00
Jens Langhammer
55bcc254c1
flows: fix FlowNonApplicableException not being Sentry Ignored
2021-01-27 09:57:18 +01:00
Jens Langhammer
7d844d1821
release: 2021.1.2-stable
2021-01-18 11:15:11 +01:00
Jens Langhammer
3d3a0cd9e3
events: create event when system task fails
2021-01-18 10:09:14 +01:00
Jens Langhammer
204792b750
stages/email: fix email task not falling back to use_global_settings
2021-01-17 23:31:58 +01:00
Jens Langhammer
8ffa3e5885
policies: fix logic error for sync mode
2021-01-17 23:31:34 +01:00
Jens Langhammer
677a181b9c
release: 2021.1.1-stable
2021-01-17 22:36:16 +01:00
Jens Langhammer
4b551add1a
stages/password: catch importerror during authentic()
2021-01-17 20:23:22 +01:00
Jens Langhammer
e6f897c7e6
policies: detect when running in a daemon process and run policies sync
2021-01-17 20:09:53 +01:00
Jens Langhammer
65c9d4bf4c
policies: use custom context for fork instead of changing global context
2021-01-17 20:09:53 +01:00
Jens Langhammer
6e88e52d78
outposts: add message to outpost_service_connection_monitor task
2021-01-17 20:09:53 +01:00
Jens Langhammer
6e69edf1af
core: increase application cache duration
...
# Conflicts:
# authentik/core/api/applications.py
2021-01-17 19:17:47 +01:00
Jens Langhammer
08e7ef3c1e
core: increase application cache duration
2021-01-17 19:04:54 +01:00
Jens Langhammer
cf76652a4c
release: 2021.1.1-rc2
2021-01-17 17:40:43 +01:00
Jens Langhammer
49d40d4337
admin: fix linting
2021-01-17 17:35:00 +01:00
Jens Langhammer
94182f88a4
release: 2021.1.1-rc1
2021-01-17 17:25:47 +01:00
Jens Langhammer
1c25f4f09b
core: use tabs for user settings
2021-01-17 17:25:15 +01:00
Jens Langhammer
aad3b43ac3
core: cache applications API
2021-01-16 22:38:09 +01:00
Jens Langhammer
60f52f102a
outposts: optimise signals to not always trigger
2021-01-16 22:14:37 +01:00
Jens Langhammer
f3ccb5341d
outpost: improve logging
2021-01-16 22:13:57 +01:00
Jens Langhammer
cb73210447
events: don't log permission creation
2021-01-16 22:03:06 +01:00
Jens Langhammer
f959212692
events: make notifications filterable
2021-01-16 19:08:07 +01:00
Jens Langhammer
2d2a404028
providers/oauth2: improve error handling and event creation
2021-01-16 18:27:10 +01:00
Jens Langhammer
4baf9e4a22
web: fix unread count, use white-space pre
2021-01-16 18:04:09 +01:00
Jens Langhammer
4f28a89e63
policies: improve recording of error messages during policy process
2021-01-16 16:38:57 +01:00
Jens Langhammer
f8b4b92e8d
policies: pass direct exception from expression policies
2021-01-16 15:41:59 +01:00
Jens Langhammer
c1fbfc63ab
core: use version in qs for static files to ensure latest are loaded
2021-01-16 14:15:42 +01:00
Jens Langhammer
192dbe05c4
events: triggers -> rules
2021-01-16 14:15:23 +01:00
Jens Langhammer
d637bd0bf9
events: improve infinite loop detection
2021-01-15 11:27:18 +01:00
Jens Langhammer
a2bddc6d91
policies: fix engine tests checking wrong key
2021-01-15 11:27:07 +01:00
Jens Langhammer
2e42da11ea
policies/event_matcher: simplify validity checking
2021-01-15 11:26:55 +01:00
Jens Langhammer
f297d1256d
events: fix linting
2021-01-15 11:19:56 +01:00
Jens Langhammer
da59e7c4a7
events: fix infinite loop in unittests
2021-01-15 00:32:59 +01:00
Jens Langhammer
8684d106d5
events: fix default transport for successive migrations
2021-01-14 23:50:18 +01:00
Jens Langhammer
7f5caf901d
expressions: set exception as message field
2021-01-14 21:58:10 +01:00
Jens Langhammer
1c686e19b5
policies: set message instead of error for Event
2021-01-14 20:17:21 +01:00
Jens Langhammer
3cc92f6c97
events: ensure created field is timestamp
2021-01-14 20:16:54 +01:00
Jens Langhammer
4447345345
policies: fix display of stacktrace in events
2021-01-14 18:07:41 +01:00
Jens Langhammer
42c6401ba7
events: add event context to slack webhook
2021-01-14 17:40:19 +01:00
Jens Langhammer
eef111bcfd
events: disable policy cache for trigger
2021-01-14 17:39:59 +01:00
Jens Langhammer
6192b2787f
events: notifications: send entire event in API
2021-01-14 17:22:02 +01:00
Jens Langhammer
c7d28f8ca9
events: attach default transport to default triggers
2021-01-14 17:22:02 +01:00
Jens Langhammer
1342266368
events: include full group in event notification
2021-01-14 17:22:02 +01:00
Jens Langhammer
7ff679b1a3
policies: fix error when error occurs during policy process with no target
2021-01-14 17:22:02 +01:00
Jens Langhammer
8beddcddb0
events: set severity for default triggers
2021-01-14 17:22:02 +01:00
Jens Langhammer
9fe8554f28
events: make notification read/update only
2021-01-14 17:22:02 +01:00
Jens Langhammer
308896719d
docs: add docs for events and notifications
2021-01-13 00:26:33 +01:00
Jens Langhammer
95c1473dd2
events: assign default triggers to default admin group, create default transport
2021-01-12 23:28:17 +01:00
Jens Langhammer
b14c5039ed
events: set default admin group to receive default triggers
2021-01-12 23:06:42 +01:00
Jens Langhammer
b6948334f2
policies/event_matcher: fix verbose_name
2021-01-12 23:06:24 +01:00
Jens Langhammer
29e08e7477
stages/otp_*: fix app's verbose_name
2021-01-12 22:59:46 +01:00
Jens Langhammer
36bc1dc020
events: record source when user is using source to authenticate
2021-01-12 22:48:55 +01:00
Jens Langhammer
61d1407804
sources/*: Set PLAN_CONTEXT_SOURCE when logging in with a source
2021-01-12 22:37:33 +01:00
Jens Langhammer
47ddf0d7f2
web: add UI for notification triggers
2021-01-12 22:26:57 +01:00
Jens Langhammer
cac94792fa
admin: add event transport forms
2021-01-12 22:03:33 +01:00
Jens Langhammer
8369fa16ae
events: add mode_verbose to transport, return string on send error
2021-01-12 21:51:55 +01:00
Jens Langhammer
f30bdbecd6
events: catch errors during send and re-raise as custom type
2021-01-12 21:48:16 +01:00
Jens L
c727c845df
policies: add and/or mode ( #463 )
...
* policies: add mode to PolicyEngine for AND and OR modes
* events: use PolicyEngine in OR mode
2021-01-12 18:22:25 +01:00
Jens L
1ccf6dcf6f
events: Notifications ( #418 )
...
* events: initial alerting implementation
* policies: move error handling to process, ensure policy UUID is saved
* policies: add tests for error handling in PolicyProcess
* events: improve loop detection
* events: add API for action and trigger
* policies: ensure http_request is not used in context
* events: adjust unittests for user handling
* policies/event_matcher: add policy type
* events: add API tests
* events: add middleware tests
* core: make application's provider not required
* outposts: allow blank kubeconfig
* outposts: validate kubeconfig before saving
* api: fix formatting
* stages/invitation: remove invitation_created signal as model_created functions the same
* stages/invitation: ensure created_by is set when creating from API
* events: rebase migrations on master
* events: fix missing Alerts from API
* policies: fix unittests
* events: add tests for alerts
* events: rename from alerting to notifications
* events: add ability to specify severity of notification created
* policies/event_matcher: Add app field to match on event app
* policies/event_matcher: fix EventMatcher not being included in API
* core: use objects.none() when get_queryset is used
* events: use m2m for multiple transports, create notification object in task
* events: add default triggers
* events: fix migrations return value
* events: fix notification_transport not being in the correct queue
* stages/email: allow sending of email without backend
* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
Jens Langhammer
4743e72e18
policies: ensure binding has a target during unittests
2021-01-05 12:37:52 +01:00
Jens Langhammer
9fb5ce2a1a
policies: add binding to policy_execution context
2021-01-05 11:51:05 +01:00
Jens L
82bb179bc2
root: global email settings ( #448 )
...
* root: make global email settings configurable
* stages/email: add use_global_settings
* stages/email: add test_email command to test email sending
* stages/email: update email template
* stages/email: simplify email template path
* stages/email: add support for user-supplied email templates
* stages/email: add tests for sending and templates
* stages/email: only add custom template if permissions are correct
* docs: add custom email template docs
* root: add /templates volume in docker-compose by default
* stages/email: fix form not allowing custom templates
* stages/email: use relative path for custom templates
* stages/email: check if all templates exist on startup, reset
* docs: add global email docs for docker-compose
* helm: add email config to helm chart
* helm: load all secrets with env prefix
* helm: move s3 and smtp secret to secret
* stages/email: fix test for relative name
* stages/email: add argument to send email from existing stage
* stages/email: set uid using slug of message id
* stages/email: ensure template validation ignores migration runs
* docs: add email troubleshooting docs
* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
Jens Langhammer
6ed78830a0
providers/proxy: check ingress annotations we manage
2021-01-02 01:48:39 +01:00
Jens Langhammer
6fe323f1a7
outposts: by default only check labels
2021-01-02 01:08:05 +01:00
Jens Langhammer
85c2db018e
outposts: ensure field_manager is also used for updates
2021-01-02 00:52:42 +01:00
dependabot[bot]
bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 ( #445 )
...
* build(deps): bump structlog from 20.1.0 to 20.2.0
Bumps [structlog](https://github.com/hynek/structlog ) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases )
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
* *: use structlog.stdlib instead of structlog for type-hints
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-01-01 15:39:43 +01:00
Jens Langhammer
2e69efe699
providers/saml: sign metadata when signing is enabled
2020-12-31 15:02:21 +01:00
Jens Langhammer
a85b8a65c0
release: 0.14.2-stable
2020-12-31 12:00:31 +01:00
Jens Langhammer
be54ba4fe2
policies: catch error in process to not hang requests
2020-12-31 11:16:17 +01:00
Jens Langhammer
68b9c34f78
policies: fix obj not being set
2020-12-31 11:16:01 +01:00
Jens Langhammer
3584bdf530
events: fix error when creating an even from policyrequests
2020-12-31 11:15:42 +01:00
Jens Langhammer
e712719333
admin: fix reverse urls for application forms
2020-12-31 10:13:06 +01:00
Jens Langhammer
4fde1b7365
providers/saml: allow audience to be empty
2020-12-30 22:15:28 +01:00
Jens Langhammer
412f5b9210
providers/saml: fix signing and verification kp not being set correctly
2020-12-30 22:11:24 +01:00
Jens Langhammer
a9e53cd52a
providers/saml: fix string being passed to lxml
2020-12-30 22:03:01 +01:00
Jens Langhammer
d0ee7908ab
providers/saml: force user to select authz flow for import
2020-12-30 22:02:41 +01:00
Jens Langhammer
e69834dec4
providers/saml: show error message why import failed
2020-12-30 22:02:28 +01:00
Jens Langhammer
16d5e1d9ff
release: 0.14.1-stable
2020-12-29 21:25:49 +01:00
Jens Langhammer
765ae80698
providers/oauth2: fix error when creating RefreshToken
2020-12-29 21:22:49 +01:00
Jens Langhammer
540c22ce15
release: 0.14.0-stable
2020-12-28 17:49:45 +01:00
Jens Langhammer
8c3008abce
release: 0.14.0-rc2
2020-12-28 17:49:39 +01:00
Jens Langhammer
8a22c86aaa
release: 0.14.0-rc1
2020-12-28 17:49:35 +01:00
Jens Langhammer
22ce142cb8
outposts: include protocol in outpost deployment ports
2020-12-28 17:21:02 +01:00
Jens Langhammer
1a292feebb
outposts: always check metadata on reconcile
2020-12-28 17:11:37 +01:00
Jens Langhammer
09f4d812b3
outposts: set field_manager
2020-12-28 17:11:33 +01:00
Jens Langhammer
2bab4ebfe8
core: fix library url pattern not matching SPA
2020-12-28 15:06:25 +01:00
Jens Langhammer
590597caf6
events: replace list view with SPA Page
2020-12-28 14:32:34 +01:00
Jens Langhammer
5f9c1e229c
root: return API dates as timestamp
2020-12-28 13:07:49 +01:00
Jens Langhammer
0e1587bc1a
providers/oauth2: don't write authorization code to event log
2020-12-28 01:07:18 +01:00
Jens Langhammer
dc16a8a4c9
providers/proxy: set proxy-size for nginx for larger response
2020-12-28 00:45:58 +01:00
Jens L
a6d0c8c26c
providers/saml: Metadata Import ( #432 )
...
* providers/saml: add basic metadata parser
* providers/saml: add importer for Singing certificate, validate signature, add tests
* providers/saml: add provider name to form,
* web: don't use trailing slash for spa URLs
* providers/saml: formatting fixes
* sources/*: add verbose_name to source serializers
* admin: add button launch import modal
2020-12-27 22:38:04 +01:00
Jens Langhammer
e216efb6ec
providers/oauth2: create access tokens as JWT
2020-12-27 19:36:17 +01:00
Jens Langhammer
378fe38b12
providers/oauth2: ensure response is URL fragment only when implicit or hybrid
2020-12-27 19:07:42 +01:00
Jens Langhammer
ce9fb8801c
providers/oauth2: ensure nonce is validated on all OIDC flows
2020-12-27 18:13:41 +01:00
Jens Langhammer
67ca83c228
providers/oauth2: add c_hash field
2020-12-27 18:13:13 +01:00
Jens Langhammer
ee2e737782
providers/oauth2: remove response_type field as spec doesn't require validation
2020-12-27 18:12:47 +01:00
Jens Langhammer
b04c9a2098
providers/oauth2: check redirect_uri before request object
2020-12-27 17:15:36 +01:00
Jens Langhammer
e7c96eb70d
providers/oauth2: Make AuthorizeError's state parameter requireed
2020-12-27 15:33:29 +01:00
Jens Langhammer
e8debce9c8
providers/oauth2: fix infinite loops when prompt=login
2020-12-27 15:23:26 +01:00
Jens Langhammer
bcd0686a33
providers/oauth2: redirect back correctly with state on AuthorizationError
2020-12-27 15:22:53 +01:00
Jens Langhammer
55322995a1
providers/oauth2: make iss field configurable
2020-12-27 15:02:12 +01:00
Jens Langhammer
dff5eb69c8
providers/oauth2: fix token endpoint creating invalid token when no scopes are passed
2020-12-27 14:48:44 +01:00
Jens Langhammer
b747022bc1
providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token
2020-12-27 14:33:51 +01:00
Jens Langhammer
885fcff495
providers/oauth2: add grant_types_supported to discovery endpoint
2020-12-27 14:17:40 +01:00
Jens Langhammer
5b18e28753
providers/oauth2: fix include_claims_in_id_token not being shown in form/API
2020-12-27 14:05:10 +01:00
Jens Langhammer
9848c5f3eb
providers/oauth2: implement discovery's scopes_supported better
2020-12-27 13:36:14 +01:00
Jens Langhammer
fc98c3934a
providers/*: implement configuration_error
2020-12-27 13:15:31 +01:00
Jens Langhammer
7964061466
events: add configuration_error action
2020-12-27 13:11:38 +01:00
Jens Langhammer
5f90f54195
stages/invitation: ensure created_by is set when creating from API
2020-12-27 13:11:28 +01:00
Jens Langhammer
49eb568d3c
stages/invitation: remove invitation_created signal as model_created functions the same
2020-12-27 13:00:52 +01:00
Jens Langhammer
d17b2b0d1b
providers/oauth2: add request_parameter_supported
2020-12-27 12:18:23 +01:00
Jens Langhammer
f17d809219
providers/oauth2: add scopes_supported to discovery endpoint
2020-12-26 21:18:16 +01:00
Jens Langhammer
6c8e9fb553
providers/oauth2: add ACR support
2020-12-26 20:16:50 +01:00
Jens Langhammer
43bb29e16a
providers/oauth2: implement max_age param
2020-12-26 20:05:31 +01:00
Jens Langhammer
29edbb0357
providers/oauth2: use auth_time from LOGIN event
2020-12-26 19:05:02 +01:00
Jens Langhammer
12ae867759
providers/oauth2: redirect back on prompt=none error instead of showing message
2020-12-26 18:58:18 +01:00
Jens Langhammer
a20ca9136b
providers/oauth2: use in for prompt check
2020-12-26 18:53:47 +01:00
Jens Langhammer
3759e96e7d
providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in
2020-12-26 18:45:23 +01:00
Jens Langhammer
480d882a82
policies: add pre_permission_check to PolicyAccessView for request validity checks
2020-12-26 18:43:45 +01:00
Jens Langhammer
e5e1e3737d
providers/oauth2: fix query using user model not dict
2020-12-26 18:20:34 +01:00
Jens Langhammer
8dddcf891e
providers/oauth2: fix "auth_time" being based on user.last_login
2020-12-26 18:11:29 +01:00
Jens Langhammer
319104c39b
providers/oauth2: improve error handling, ensure correct message is shown to user
2020-12-26 17:50:16 +01:00
Jens L
a9336f069c
flows: add diagrams ( #415 )
...
* flows: initial diagram implementation
* web: install flowchart.js, add flow diagram page
* web: adjust diagram colours for dark mode
* flows: add permission checks for diagram
* flows: fix formatting
* web: fix formatting for web
* flows: add fix when last stage has policy
* flows: add test for diagram
* web: flows/diagram: add support for light mode
* flows: make Flows's Diagram API return json, add more tests and fix swagger response
2020-12-26 17:05:11 +01:00
Jens Langhammer
33f5169f36
core: fix formatting
2020-12-26 15:28:29 +01:00
Jens Langhammer
4c690a20ef
core: fix token update/delete not working
2020-12-26 01:23:34 +01:00
Jens Langhammer
f68c8f7d90
core: fix User's token creation not working
2020-12-26 01:23:18 +01:00
Jens Langhammer
95b56a0005
release: 0.13.5-stable
2020-12-26 00:52:42 +01:00
Jens Langhammer
811c569b54
core: show multi-select notice for SelectMultiple Widgets
2020-12-26 00:43:40 +01:00
Jens Langhammer
3ac3a8eebe
core: fix error during migrations
2020-12-25 23:51:40 +01:00
Jens Langhammer
6a5a243dac
stages/invitation: fix optional field being required
2020-12-25 23:41:34 +01:00
Jens Langhammer
ee916a68a4
stages/password: fix PasswordStageForm not showing backends
2020-12-25 23:34:26 +01:00
Jens Langhammer
f192ee5052
core: fix anonymous user being included in User API
2020-12-25 22:42:53 +01:00
Jens Langhammer
c95f8e8418
api: fix formatting
2020-12-24 16:26:01 +01:00
Jens Langhammer
4998ccbe41
root: update license
2020-12-24 16:01:55 +01:00
Jens Langhammer
a56ddb2b8e
release: 0.13.4-stable
2020-12-24 15:46:08 +01:00
Jens Langhammer
927ab509a1
outposts: validate kubeconfig before saving
2020-12-24 13:23:19 +01:00
Jens Langhammer
c85506f43c
outposts: allow blank kubeconfig
2020-12-24 13:23:14 +01:00
Jens Langhammer
4157a0780d
core: make application's provider not required
2020-12-24 13:23:10 +01:00
Jens L
79da2bf698
web: Table parity ( #427 )
...
* core: fix application API always being sorted by name
* web: add sorting to tables
* web: add search to TablePage
* core: add search to applications API
* core: add MetaNameSerializer
* *: fix signature for non-modal serializers
* providers/*: implement MetaNameSerializer
* web: implement full app list page, use as default in sidebar
* web: fix linting errors
* admin: remove old application list
* web: fix default sorting for application list
* web: fix spacing for search element in toolbar
2020-12-24 09:56:05 +01:00
Jens Langhammer
001de38d85
docs: add nextcloud docs
2020-12-22 20:09:15 +01:00
Jens Langhammer
23f61e6b4f
admin: fix policy test button in dark theme
2020-12-20 22:29:20 +01:00
Jens Langhammer
db135a6dbc
policies/expression: fix missing ak_logger
2020-12-20 22:18:13 +01:00
Jens L
a4dc6d13b5
events: rename audit to events and use for more metrics ( #397 )
...
* events: rename audit to events
* policies/expression: log expression exceptions as event
* policies/expression: add ExpressionPolicy Model to event when possible
* lib/expressions: ensure syntax errors are logged too
* lib: fix lint error
* policies: add execution_logging field
* core: add property mapping tests
* policies/expression: add full test
* policies/expression: fix attribute name
* policies: add execution_logging
* web: fix imports
* root: update swagger
* policies: use dataclass instead of dict for types
* events: add support for dataclass as event param
* events: add special keys which are never cleaned
* policies: add tests for process, don't clean full cache
* admin: create event when new version is seen
* events: move utils to separate file
* admin: add tests for admin tasks
* events: add .set_user method to ensure users have correct attributes set
* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
Jens Langhammer
6a835ad192
policies: add simple test-case
2020-12-19 23:41:24 +01:00
Jens Langhammer
efc849e760
policies/engine: Add sanity test to ensure result count matches policy count
2020-12-19 23:40:55 +01:00
Jens Langhammer
e23afd18e4
release: 0.13.3-stable
2020-12-19 16:55:07 +01:00
Jens L
6e24856d45
flows: fix redirect when un-authenticated user uses external authentication ( #416 )
...
* flows: add PLAN_CONTEXT_REDIRECT so final redirect can be set from within flow
* sources/*: use PLAN_CONTEXT_REDIRECT
* flows: fallback when flow plan is empty
2020-12-19 16:42:39 +01:00