Jens L
|
ec67b60219
|
policies/hibp: check in prompt data (#2845)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-10 23:47:36 +02:00 |
|
Jens L
|
fd1d38f844
|
stages/authenticator_validate: remember (#2828)
* initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: cleanup timedelta help
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tooltip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* assert response code in self.assertStageResponse
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests, add duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-10 21:05:22 +02:00 |
|
Jens Langhammer
|
2399fa456b
|
policies: fix current user not being set in server-side policy deny
closes #2039
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-21 22:30:27 +02:00 |
|
Jens Langhammer
|
1a1434bfda
|
*: decrease frequency of background tasks, smear tasks based on name and fqdn
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2159
|
2022-04-20 18:43:40 +02:00 |
|
Jens Langhammer
|
5861d41ad3
|
tenants: add tenant-level attributes, applied to users based on request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-06 10:41:35 +02:00 |
|
Jens L
|
508cec2fd5
|
web: migrate dropdowns to wizards (#2633)
* web/admin: add basic wizards for providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add dark mode for wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: migrate policies to wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* Revert "web/admin: migrate policies to wizard"
This reverts commit d8b7f62d3e .
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# web/src/locales/zh-Hans.po
# web/src/locales/zh-Hant.po
# web/src/locales/zh_TW.po
* web: rewrite wizard to be element based
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* further cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: migrate property mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate misc dropdowns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate outpost integrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-02 19:48:17 +02:00 |
|
Jens Langhammer
|
7a93614e4b
|
policies: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-02 18:31:02 +02:00 |
|
Jens Langhammer
|
4f319eaa4f
|
policies/dummy: bump to info to always get message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-02 17:28:51 +02:00 |
|
Jens Langhammer
|
86a8d00b3f
|
policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-02 17:15:44 +02:00 |
|
Jens Langhammer
|
5fe8c1f3d7
|
policies: fix missing default for log_messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-02 16:44:49 +02:00 |
|
Jens Langhammer
|
d84ff2bbca
|
policies: add policy log messages to test endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-01 22:07:35 +02:00 |
|
Jens Langhammer
|
4be238018b
|
providers/oauth2: pass scope and other parameters to access policy request context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2641
|
2022-04-01 21:39:05 +02:00 |
|
Jens Langhammer
|
6a411d7960
|
policies/hibp: ensure password is encodable
closes AUTHENTIK-1SA
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-23 21:23:24 +01:00 |
|
Jens Langhammer
|
111fbf119b
|
*: refactor prometheus gauges to directly updating metrics view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-16 13:57:07 +01:00 |
|
Jens Langhammer
|
91dd33cee6
|
policies/reputation: trigger save on update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-05 22:06:20 +01:00 |
|
Jens Langhammer
|
5a2c367e89
|
policies/reputation: fix test
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-05 21:44:15 +01:00 |
|
Jens Langhammer
|
6e53f1689d
|
policies/reputation: rework reputation to use a single entry, include geo_ip data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-05 21:02:33 +01:00 |
|
Jens Langhammer
|
90c31c2214
|
flows: add test helpers to simplify and improve checking of stages, remove force_str
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-01 20:25:32 +01:00 |
|
Jens Langhammer
|
16b6c17305
|
Revert "policies: don't always clear application cache on post_save"
This reverts commit 5ef385f0bb .
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# authentik/policies/signals.py
|
2021-12-22 00:23:19 +01:00 |
|
Jens Langhammer
|
61097b9400
|
policies/password: add minimum digits
closes #1952
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-18 16:15:56 +01:00 |
|
Jens Langhammer
|
0b00768b84
|
events: add flow_execution event type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-14 16:13:51 +01:00 |
|
Jens Langhammer
|
ede6bcd31e
|
*: remove debug statements from tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 23:41:08 +01:00 |
|
Jens Langhammer
|
ac9cf590bc
|
*: use prefixed span names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 16:18:42 +01:00 |
|
Jens Langhammer
|
83c12ad483
|
flows: fix description for spans
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-12 21:51:51 +01:00 |
|
Jens Langhammer
|
597ce1eb42
|
Revert "*: use cache.delete_pattern instead of getting keys and deleting them"
This reverts commit ff481ba6e7 .
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# authentik/flows/views/executor.py
# authentik/policies/signals.py
|
2021-12-12 20:41:34 +01:00 |
|
Jens Langhammer
|
5ef385f0bb
|
policies: don't always clear application cache on post_save
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-12 20:39:04 +01:00 |
|
Jens Langhammer
|
ff481ba6e7
|
*: use cache.delete_pattern instead of getting keys and deleting them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-10 21:35:28 +01:00 |
|
Jens Langhammer
|
a9bd34f3c5
|
events: revert to @prefill_task decorator since base class doesn't get executed until task runs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-09 10:18:00 +01:00 |
|
Jens Langhammer
|
6209714f87
|
policies/expression: add ak_call_policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-09 09:39:28 +01:00 |
|
Jens Langhammer
|
8ae50814fe
|
*: add missing migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-03 10:04:54 +01:00 |
|
Jens Langhammer
|
cf78c89830
|
events: replace @prefill_task with custom base class to prefill
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 13:47:35 +01:00 |
|
Jens Langhammer
|
4f54ce6afb
|
providers/saml: fix error when using post bindings and user freshly logged in
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1873
|
2021-12-02 13:00:21 +01:00 |
|
Jens Langhammer
|
f0d7edb963
|
*: fix @prefill_task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 10:05:51 +01:00 |
|
Matthew R. McDougal
|
e597bb4542
|
policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type (#1849)
* Fix ak_user_has_authenticator evaluation when not specifying optional device_type
* Simpler patch
|
2021-11-29 10:35:17 +01:00 |
|
Jens Langhammer
|
5c54de66fc
|
*: add meta_model_name field to all models with inheritance
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-26 10:32:39 +01:00 |
|
Jens L
|
9bb0d04aeb
|
root: Random tests (#1825)
* root: add pytest-randomly to randomise tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate flows for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate users for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: use generated certificate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: keep containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: use websockets test case
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-22 22:56:02 +01:00 |
|
dependabot[bot]
|
f7044e41c6
|
build(deps-dev): bump bandit from 1.7.0 to 1.7.1 (#1793)
* build(deps-dev): bump bandit from 1.7.0 to 1.7.1
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1)
---
updated-dependencies:
- dependency-name: bandit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* *: fix bandit false positives
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-15 09:16:16 +01:00 |
|
Jens Langhammer
|
a40c3aeb68
|
core: make group membership lookup respect parent groups (upwards)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-05 00:53:56 +01:00 |
|
Jens Langhammer
|
f62786e58b
|
policies: add additional filters to create flow charts on frontend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-15 18:21:44 +02:00 |
|
Jens Langhammer
|
4b7399f454
|
*: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-14 12:21:28 +02:00 |
|
Jens L
|
e4f141c6c0
|
*: Squash Migrations (#1593)
* *: first squash pass
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* sources/saml: squash less
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix docker controller not correctly checking image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix old migration reference
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-11 21:39:35 +02:00 |
|
Jens L
|
aef9d27706
|
stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-11 17:51:49 +02:00 |
|
Jens Langhammer
|
f32d35b07c
|
policies/password: add extra sub_text field in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-07 19:27:24 +02:00 |
|
Jens Langhammer
|
16380b3f7a
|
api: ensure viewsets have default ordering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-05 11:26:41 +02:00 |
|
Jens L
|
f9ad102915
|
flows: inspector (#1469)
* flows: add initial inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: change naming a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flow: add inspector frame
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: don't use shadydom when inspecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add current stage to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/*: fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: deep-copy plan instead of just adding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: restrict inspector to admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add buttons to launch flow with inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: don't automatically follow redirects when inspector is open
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: make current_plan optional, only require historry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: handle error messages in inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: improve UI when flow is done
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add is_completed flag to inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: fix monkeypatches for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add inspector tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: re-enable cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-28 09:36:48 +02:00 |
|
Jens Langhammer
|
79b92e764e
|
*: fix typos in code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-25 00:01:11 +02:00 |
|
Jens Langhammer
|
95a2fddfa8
|
policies/expression: add ak_user_has_authenticator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-20 19:13:41 +02:00 |
|
Jens Langhammer
|
17503365f7
|
policies: improve error handling when using bindings without policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 11:04:31 +02:00 |
|
Jens Langhammer
|
c779ad2e3b
|
*: use common user agent for all outgoing requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-11 21:08:26 +02:00 |
|
Jens Langhammer
|
37c29a073e
|
policies/password: fix symbols not being checked correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-04 15:21:48 +02:00 |
|