ae161c1ba9
web/admin: fix actions column on ip reputation page
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 21:14:52 +01:00
03e0eecb1d
web/admin: redesign provider pages to provide more info
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 14:08:45 +01:00
0ee9b07172
web/admin: show changelog on user info page
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:59:04 +01:00
8d1fd48003
web/admin: allow flow edit on flow view page
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:20:31 +01:00
fe0d3a64c8
web/admin: fix typo in events action
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 20:32:59 +01:00
357bd65028
web/flows: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:52:17 +01:00
9ae69866bd
web/admin: fix display issues with flow execute buttons
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 13:51:33 +01:00
da74304221
stages/prompt: add text_read_only field
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:45:56 +01:00
5a8c66d325
providers/ldap: memory Query ( #1681 )
...
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/ldap: add basic in-memory searcher
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/ldap: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:37:30 +01:00
abcf515a69
web/admin: also show note for SAML provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:21:10 +01:00
3005ca17bd
web/admin: show warning on provider when not used with outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:15:33 +01:00
2a21ebf7b0
web/flows: fix authenticator_validate not allowing alpha-numeric codes due to empty pattern
...
closes #1663
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:39:10 +01:00
e0e4bf6972
web/user: fix device type for static tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:28:55 +01:00
337677ad12
web/flows: improve display of static tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:21:04 +01:00
3712d5aee2
web/user: fix empty page when no sources to connect exist
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:16:08 +01:00
5374352411
sources/plex: allow users to connect their plex account without login flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 21:09:02 +01:00
a92bce322d
web/flows: fix sub_text not rendering for static fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 20:54:43 +01:00
5646141fe2
stages/identification: add show_source_labels option, to show labels for sources
...
closes #1679
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 17:57:48 +01:00
06766bdb25
web/user: update form to update mfa devices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 15:19:17 +02:00
40f8ce3c4c
web/user: rework MFA Device UI to support multiple devices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 14:56:14 +02:00
8296d0c94c
web/admin: fix SMS Authenticator stage not loading state correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 11:49:55 +02:00
aef9d27706
stages/authenticator_sms: Add SMS Authenticator Stage ( #1577 )
...
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
57e5acaf2f
stages/prompt: add sub_text field to add HTML below prompt fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 18:34:37 +02:00
097a42bb7b
web/admin: fix description for flow import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 20:50:43 +02:00
4f57dfda93
web/flows: adjust message for email stage
...
closes #1538
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:28:11 +02:00
19247accd9
web: fix rendering of token copy button in dark mode
...
closes #1528
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:11:13 +02:00
0692663537
stages/email: add activate_user_on_success flag, add for all example flows
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:47:51 +02:00
e9bb8c896b
web/admin: fix LDAP Source form not exposing syncParentGroup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 18:10:56 +02:00
94ae52b576
web/admin: don't require username nor name for activate/deactivate toggles
...
closes #1491
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 09:42:59 +02:00
f9ad102915
flows: inspector ( #1469 )
...
* flows: add initial inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: change naming a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flow: add inspector frame
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: don't use shadydom when inspecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add current stage to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/*: fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: deep-copy plan instead of just adding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: restrict inspector to admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add buttons to launch flow with inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: don't automatically follow redirects when inspector is open
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: make current_plan optional, only require historry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: handle error messages in inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: improve UI when flow is done
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add is_completed flag to inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: fix monkeypatches for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add inspector tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: re-enable cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:36:48 +02:00
674bd9e05c
web/admin: Fix typo 'username address' -> 'username' ( #1473 )
2021-09-26 12:53:37 +02:00
05db9e5c40
web/admin: handle error correctly when creating user recovery link
...
closes #1472
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 11:49:40 +02:00
79b92e764e
*: fix typos in code
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 00:01:11 +02:00
73e3d19384
web/user: add auto-focus search for applications
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 21:07:18 +02:00
f6e0f0282d
core: fix tokens not being viewable but superusers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 16:11:20 +02:00
06af306e8a
sources/ldap: bump timeout, run each sync component in its own task
...
closes #1411
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 12:42:20 +02:00
9257f3c919
web/user: add missing stop impersonation button
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 10:04:47 +02:00
13e2eea72f
web/user: new end-user interface ( #1404 )
...
* web/user: migrate to top navbar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: prepare config from server
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* re-sort
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove old interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update issue template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use notification badge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: re-add go-to-admin button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: fix remaining redirects directly to admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make settings better
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: ensure sources and stages are sorted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add sessions and consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/oauth2: add post wrapper to stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add new interface to release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 22:17:05 +02:00
9441be1ee2
interface split ( #943 )
2021-09-16 17:30:16 +02:00
916530f0d8
providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui
...
closes #1369
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 17:14:53 +02:00
ef341dd405
stages/user_write: add option to add newly created users to a group
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 21:45:34 +02:00
9a7fa39de4
events: allow setting a mapping for webhook transport to customise request payloads
...
closes #1383
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-12 01:05:42 +02:00
3c1b70c355
outposts/proxyv2 ( #1365 )
...
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
2db8b07578
events: add mark_all_seen
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 22:08:12 +02:00
4fc8e61f8c
stages/authenticator_validate: show single button for multiple webauthn authenticators
...
tested with browser + yubikey 5
closes #1096
The order of allowCredentials doesn't seem to matter, chrome seems to always choose the internal authenticator first.
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:28:52 +02:00
78578c6c9d
web/admin: allow admins to create tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:23:32 +02:00
16cfa8cae2
web/admin: add ServiceAccount creation form
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 20:13:08 +02:00
a9af40f85c
web/admin: improve delete modal for stage bindings and policy bindings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:46:51 +02:00
00e9b91f56
web/admin: fix missing app passwords backend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:47:38 +02:00
c4832206fa
web/admin: display token's intents
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:33:12 +02:00
Jens Langhammer
Jens L
pemontto