8cd1a42fb9
*: fix linting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-02 11:50:10 +02:00
c0cb891078
stages/authenticator_sms: verify-only ( #3011 )
2022-06-01 23:16:28 +02:00
fc1c1a849a
stages/*: use bound logger ( #3012 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-01 23:01:58 +02:00
2c6d82593e
root: cleanup session keys to use common format ( #3003 )
...
cleanup session keys to use common format
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-31 21:53:23 +02:00
34bcc2df1a
root: disable session_save_every_request as it overwrites the session with old data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2991
2022-05-31 20:46:27 +02:00
b4d528a789
policies: fix incorrect bound_to count
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-31 10:16:09 +02:00
a0397fdcf4
events: set default transport mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 21:32:48 +02:00
8faa1bf865
events: add local transport mode ( #2992 )
...
* events: add local transport mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add default local transport
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 20:55:05 +02:00
fc75867218
events: ignore session model
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 20:23:07 +02:00
3eb466ff4b
lifecycle: cleanup prometheus ( #2972 )
...
* remove high cardinality labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* retry worker number for prometheus multiprocess id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* revert to pid, use subdirectories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing app label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: remove static names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 21:45:25 +02:00
9f2529c886
stages/authentiactor_validate: cookies ( #2978 )
...
* stages/authenticator_validate: rewrite to use signed jwt cookie + expiry as MFA threshold
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 19:47:34 +02:00
fb25b28976
core: db sessions ( #2979 )
...
* use db session backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: wrap session cookie in JWT and add useful claims
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix compatibility with tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use standard session key for writing in sessions too
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 18:58:54 +02:00
fb69f67f47
*: cleanup vendor
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 21:26:33 +02:00
18b48684eb
providers/oauth2: add configuration error event when wrong redirect uri is used in token request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 21:15:58 +02:00
098b0aef6e
*: use create_test_admin_user for all unittests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 21:13:16 +02:00
082df0ec51
Merge branch 'version-2022.5'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# authentik/providers/oauth2/views/token.py
# web/src/locales/zh-Hans.po
2022-05-28 13:19:58 +02:00
1883402b3d
release: 2022.5.3
2022-05-28 12:04:26 +02:00
1b3aacfa1d
providers/oauth2: add migration from "*" to ".*"
...
closes #2970
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 21:43:51 +02:00
2b68363452
providers/oauth2: add migration from "*" to ".*"
...
closes #2970
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 10:23:13 +02:00
6105956847
providers/oauth2: regex-escape URLs when set to blank
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:17:34 +02:00
4ff32af343
flows: fix flakiness in tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:17:03 +02:00
972868c15c
providers/oauth2: only set expiry on user when it was freshly created
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:55 +02:00
0bc57f571b
api: update API browser to match admin UI and auto-switch theme
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:34 +02:00
a81d5a3d41
providers/oauth2: regex-escape URLs when set to blank
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 12:52:56 +02:00
34ef4af799
flows: fix flakiness in tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 09:53:40 +02:00
5da47b69dd
providers/oauth2: only set expiry on user when it was freshly created
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 23:02:33 +02:00
0e0dd2437b
providers/oauth2: handle attribute errors when validation JWK contains private key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 22:23:05 +02:00
e42386b150
api: update API browser to match admin UI and auto-switch theme
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 20:09:29 +02:00
ef219198d4
flows: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 00:05:04 +02:00
cc744dc581
flows: fix lint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 00:04:58 +02:00
816b0c7d83
flows: fix re-imports of entries with identical PK re-creating objects
...
closes #2941
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:35:06 +02:00
56babb2649
flows: fix re-imports of entries with identical PK re-creating objects
...
closes #2941
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:32:08 +02:00
b8fdda50ec
ensure all viewsets have filter and search and add tests ( #2946 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:13:59 +02:00
4a9b788703
providers/oauth2: set related_name for many-to-many so used by detects the connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:12:35 +02:00
80c1dbdfbb
ensure all viewsets have filter and search and add tests ( #2946 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:01:18 +02:00
b4e75218f5
sources/oauth: OIDC well-known and JWKS ( #2936 )
...
* add initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* include source and jwk key id in event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests for source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix web formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add provider tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 21:02:50 +02:00
482491e93c
core: fix username validator not allowing changes that can be done via flows
...
closes #2755
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 19:40:54 +02:00
61a876b582
providers/saml: handle parse error
...
AUTHENTIK-1K5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 22:03:12 +02:00
8c9748e4a0
providers/oauth2: improve error handling for invalid regular expressions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:47:36 +02:00
b7979ad48e
Revert "events: ignore silk SQLQuery object"
...
This reverts commit a26f25ccd6
2022-05-23 20:29:05 +02:00
4704de937a
stages/user_write: fix typo in request context variable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:18:37 +02:00
394d8e99a4
policies: improve error logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:18:00 +02:00
a26f25ccd6
events: ignore silk SQLQuery object
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:17:52 +02:00
63dc8fe7dc
crypto: set SAN in default generated Certificate to semi-random domain
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2462
2022-05-22 23:22:06 +02:00
cfe2648b62
events: fix transport not allowing blank values
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-22 19:32:58 +02:00
3d4a45c93f
release: 2022.5.2
2022-05-21 17:17:21 +02:00
75d6cd1674
outposts: ensure the user and token are created on initial outpost save
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 15:55:19 +02:00
2dee8034d3
outposts: allow externally managed SSH Config for outposts ( #2917 )
2022-05-21 12:10:08 +02:00
220d21c3e0
release: 2022.5.1
2022-05-20 19:34:45 +02:00
b43df2ae27
stages/identification: redirect with QS to keep next parameters ( #2909 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 16:10:10 +02:00
Jens Langhammer