authentik

Commit Graph

Author	SHA1	Message	Date
Jens Langhammer	14c7d8c4f4	internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2079	2022-01-18 23:19:43 +01:00
Jens Langhammer	c07b8d95d0	outposts/proxy: remove deprecated headers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-07 17:01:23 +01:00
Jens Langhammer	ececfc3a30	internal: fix comment formatting for TODOs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-07 09:51:41 +01:00
Jens Langhammer	f246da6b73	outposts/proxy: fix error checking for type assertion Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-26 14:57:32 +01:00
Jens Langhammer	410d1b97cd	outposts/proxy: add support for multiple states, when multiple requests are redirect at once Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-26 14:16:02 +01:00
Jens Langhammer	ba55538a34	outposts/proxy: cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 19:16:06 +01:00
Jens Langhammer	f742c73e24	outposts/proxy: fix allowlist for forward_auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1970	2021-12-21 15:49:25 +01:00
Jens Langhammer	b932b6c963	website/docs: update log levels Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 13:15:17 +01:00
Jens Langhammer	3c048a1921	outposts/proxy: fix session not expiring correctly due to miscalculation closes #1976 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 13:10:57 +01:00
Jens Langhammer	f10b57ba0b	outposts/proxy: handle redirect loop in start handler, show error message Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 10:07:08 +01:00
Jens Langhammer	eca2ef20d0	outposts/proxy: add initial redirect-loop prevention Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 22:21:53 +01:00
Jens Langhammer	cac5c7b3ea	outposts/proxy: make templates more re-usable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 22:20:23 +01:00
Jens Langhammer	c843f18743	lib: add additional celery logger to sentry ignore Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 21:04:45 +01:00
Jens Langhammer	68637cf7cf	outposts: handle/ignore http Abort handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 19:42:45 +01:00
Jens Langhammer	7a73ddfb60	outposts/proxy: match skipPathRegex against full URL on domain auth closes #1955 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-18 15:50:42 +01:00
Jens Langhammer	7d6e88061f	outposts: check if hub from context is set and fallback Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-16 11:19:57 +01:00
Jens Langhammer	f8aab40e3e	internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-16 11:00:19 +01:00
Jens Langhammer	5f0f4284a2	web/admin: fix rendering for applications on view page Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-13 15:27:28 +01:00
Jens Langhammer	c11be2284d	outposts/proxy: also set max length for redis backend Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-13 15:05:55 +01:00
Jens Langhammer	aa321196d7	outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-13 13:33:20 +01:00
Jens Langhammer	4e2457560d	outposts/proxy: use filesystem storage for non-embedded outposts Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-12 17:59:31 +01:00
Jens Langhammer	2ddf122d27	Revert "outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long" This reverts commit `b3e40c6aed`.	2021-12-12 17:58:19 +01:00
Jens Langhammer	deebdf2bcc	outposts: fix unlabeled transaction Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-12 13:46:31 +01:00
Jens Langhammer	b3e40c6aed	outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-06 13:54:59 +01:00
Jens Langhammer	85a417d22e	outposts/proxy: re-add rs256 support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-02 15:17:32 +01:00
Jens Langhammer	347c3793fc	outposts/proxy: add additional headers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-02 14:19:57 +01:00
Jens Langhammer	e42ad8db93	outposts/proxy: copy user-agent header from upstream request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-02 10:01:54 +01:00
Jens Langhammer	e917e756cc	outposts/proxy: make logging fields more consistent Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-02 09:58:50 +01:00
Jens Langhammer	d0ceafe79e	outposts/proxy: add X-authentik-meta-version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 20:59:45 +01:00
Jens Langhammer	60b95271eb	outposts/proxy: add additional headers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 20:19:09 +01:00
Jens Langhammer	3b068610b9	outposts/proxy: clean up header setting (don't copy all headers) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 20:05:56 +01:00
Jens Langhammer	8b7f698c7b	outposts/proxy: continue compiling additional regexes even when one fails Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-28 15:06:26 +01:00
Jens Langhammer	c98bdbacc5	providers/proxy: return list of configured scope names so outpost requests custom scopes closes #1762 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-11-10 23:06:21 +01:00
Jens Langhammer	4d51ec906d	internal/proxyv2: improve error handling when configuring app Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-13 21:48:11 +02:00
Jens Langhammer	22a7c25526	internal: call GetStore on application to improve logging Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 13:33:20 +02:00
Jens Langhammer	f6e8dbfb5e	outposts/proxy: show full error message when user is authenticated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-02 22:00:37 +02:00
Jens Langhammer	3c1ac4c7ec	outposts/proxy: add new headers with unified naming Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-02 22:00:23 +02:00
Jens Langhammer	52bbf454e3	outpost/proxy: fix missing negation for internal host ssl verification Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-02 21:17:15 +02:00
Jens Langhammer	2462d58135	outposts/proxy: fix duplicate protocol in domain auth mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-27 20:49:00 +02:00
Jens Langhammer	b248f450dd	outposts: make AUTHENTIK_HOST_BROWSER configurable from central config closes #1471 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-26 12:00:51 +02:00
Jens Langhammer	9f4a4449f5	outposts/proxy: ensure cookies only last as long as tokens closes #1462 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 16:12:59 +02:00
Jens Langhammer	a6a6b3bd06	outposts: add outpost_name label to metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 10:04:17 +02:00
Jens Langhammer	48ad3dccda	outposts/proxy: remove deprecated rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-16 09:57:47 +02:00
Jens Langhammer	95efd47f65	root: remove asgi error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-15 12:23:14 +02:00
Jens Langhammer	223d9ad414	outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-11 19:30:21 +02:00
Jens Langhammer	9a79bab43d	outposts/proxy: fix redirect URL error due to callback url not being joined correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 16:19:29 +02:00
Jens Langhammer	3d042e708a	outposts/proxy: always redirect on forward_auth for traefik Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 12:43:57 +02:00
Jens Langhammer	e5944567e8	outposts/proxy: fix url not being substituted for sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 11:00:58 +02:00
Jens Langhammer	d296c12d01	outposts/proxy: fix redirect when using forward_auth mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:56:20 +02:00
Jens Langhammer	4c3a9e69f2	outposts/proxy: fix securecookie: no codecs provided error with redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:23:46 +02:00
Jens Langhammer	8ca29f6d49	Revert "outpost/proxy: set samesite none" This reverts commit `f7afb60c1f`.	2021-09-08 22:56:24 +02:00
Jens Langhammer	f7afb60c1f	outpost/proxy: set samesite none Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 22:06:44 +02:00
Jens Langhammer	b9c605bf1a	outpost/proxy: fix double slash when trailing slash in authentik_host Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 22:03:41 +02:00
Jens Langhammer	2983adc719	outpost/proxyv2: fix redirect to localhost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 21:07:16 +02:00
Jens L	3c1b70c355	outposts/proxyv2 (#1365 ) * outposts/proxyv2: initial commit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> more stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add forward auth an sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> match cookie name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> re-add support for rs256 for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> ensure unique user-agent is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> set cookie duration based on id_token expiry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> build proxy v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add ssl Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add basic auth and custom header support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add application cert loading Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> implement whitelist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> migrate embedded outpost to v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> remove old proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> providers/proxy: make token expiration configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only allow one redirect URI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix docker build for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove default port offset Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add AUTHENTIK_HOST_BROWSER Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix e2e/integration tests not using proper tags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove references of old port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix user_attributes not being loaded correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 18:04:56 +00:00

1 2 3 4

155 Commits