6a411d7960
policies/hibp: ensure password is encodable
...
closes AUTHENTIK-1SA
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:23:24 +01:00
111fbf119b
*: refactor prometheus gauges to directly updating metrics view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 13:57:07 +01:00
91dd33cee6
policies/reputation: trigger save on update
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 22:06:20 +01:00
5a2c367e89
policies/reputation: fix test
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:44:15 +01:00
6e53f1689d
policies/reputation: rework reputation to use a single entry, include geo_ip data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:02:33 +01:00
90c31c2214
flows: add test helpers to simplify and improve checking of stages, remove force_str
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 20:25:32 +01:00
16b6c17305
Revert "policies: don't always clear application cache on post_save"
...
This reverts commit 5ef385f0bb
2021-12-22 00:23:19 +01:00
61097b9400
policies/password: add minimum digits
...
closes #1952
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 16:15:56 +01:00
0b00768b84
events: add flow_execution event type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:13:51 +01:00
ede6bcd31e
*: remove debug statements from tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:41:08 +01:00
ac9cf590bc
*: use prefixed span names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:18:42 +01:00
83c12ad483
flows: fix description for spans
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 21:51:51 +01:00
597ce1eb42
Revert "*: use cache.delete_pattern instead of getting keys and deleting them"
...
This reverts commit ff481ba6e7
2021-12-12 20:41:34 +01:00
5ef385f0bb
policies: don't always clear application cache on post_save
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:39:04 +01:00
ff481ba6e7
*: use cache.delete_pattern instead of getting keys and deleting them
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 21:35:28 +01:00
a9bd34f3c5
events: revert to @prefill_task decorator since base class doesn't get executed until task runs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 10:18:00 +01:00
6209714f87
policies/expression: add ak_call_policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:28 +01:00
8ae50814fe
*: add missing migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:04:54 +01:00
cf78c89830
events: replace @prefill_task with custom base class to prefill
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:47:35 +01:00
4f54ce6afb
providers/saml: fix error when using post bindings and user freshly logged in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1873
2021-12-02 13:00:21 +01:00
f0d7edb963
*: fix @prefill_task
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 10:05:51 +01:00
e597bb4542
policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type ( #1849 )
...
* Fix ak_user_has_authenticator evaluation when not specifying optional device_type
* Simpler patch
2021-11-29 10:35:17 +01:00
5c54de66fc
*: add meta_model_name field to all models with inheritance
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:32:39 +01:00
9bb0d04aeb
root: Random tests ( #1825 )
...
* root: add pytest-randomly to randomise tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate flows for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate users for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: use generated certificate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: keep containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: use websockets test case
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 22:56:02 +01:00
f7044e41c6
build(deps-dev): bump bandit from 1.7.0 to 1.7.1 ( #1793 )
...
* build(deps-dev): bump bandit from 1.7.0 to 1.7.1
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1 )
---
updated-dependencies:
- dependency-name: bandit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* *: fix bandit false positives
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 09:16:16 +01:00
a40c3aeb68
core: make group membership lookup respect parent groups (upwards)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:53:56 +01:00
f62786e58b
policies: add additional filters to create flow charts on frontend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-15 18:21:44 +02:00
4b7399f454
*: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:21:28 +02:00
e4f141c6c0
*: Squash Migrations ( #1593 )
...
* *: first squash pass
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* sources/saml: squash less
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix docker controller not correctly checking image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix old migration reference
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 21:39:35 +02:00
aef9d27706
stages/authenticator_sms: Add SMS Authenticator Stage ( #1577 )
...
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
f32d35b07c
policies/password: add extra sub_text field in tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:27:24 +02:00
16380b3f7a
api: ensure viewsets have default ordering
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:26:41 +02:00
f9ad102915
flows: inspector ( #1469 )
...
* flows: add initial inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: change naming a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flow: add inspector frame
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: don't use shadydom when inspecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add current stage to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/*: fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: deep-copy plan instead of just adding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: restrict inspector to admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add buttons to launch flow with inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: don't automatically follow redirects when inspector is open
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: make current_plan optional, only require historry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: handle error messages in inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: improve UI when flow is done
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add is_completed flag to inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: fix monkeypatches for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add inspector tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: re-enable cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:36:48 +02:00
79b92e764e
*: fix typos in code
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 00:01:11 +02:00
95a2fddfa8
policies/expression: add ak_user_has_authenticator
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:13:41 +02:00
17503365f7
policies: improve error handling when using bindings without policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 11:04:31 +02:00
c779ad2e3b
*: use common user agent for all outgoing requests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-11 21:08:26 +02:00
37c29a073e
policies/password: fix symbols not being checked correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 15:21:48 +02:00
6ec8432217
policies/password: don't use regex for symbol detection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:36:01 +02:00
7fea20375f
*: fix tests not using APITestCase
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 19:14:21 +02:00
b1ed2154ac
policies/password: fix PasswordStage not being usable with prompt stages, rework validation logic
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 00:40:36 +02:00
859cf2bd8f
lib: move id and key generators to lib ( #1286 )
...
* lib: move generators to lib
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: bump default token key size
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: fix split being used for http basic auth instead of partition
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: don't rethrow error in ActionButton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 20:27:38 +02:00
9c9addb0ce
*: ensure all resources can be filtered
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 16:34:14 +02:00
77ed25ae34
root: reformat to 100 line width
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 17:45:16 +02:00
aa701c5725
core: don't delete expired tokens, rotate their key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 21:47:32 +02:00
84e9748340
policies/reputation: handle cache error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-13 18:47:32 +02:00
d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 ( #1095 )
...
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* *: update source for new pylint version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-30 10:37:28 +02:00
2b1356bb91
flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses
...
closes #1079
Default value of `retry` behaves like previous version.
`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-28 00:22:09 +02:00
de954250e5
root: make general cache timeouts configurable
...
closes #974
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:18:49 +02:00
f268bd4c69
policies: make policy result cache timeout configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:17:58 +02:00
Jens Langhammer
Matthew R. McDougal
Jens L
dependabot[bot]