authentik

Archived

Author	SHA1	Message	Date
Jens L	9568f4dbd6	root: improve code style (#4436 ) * cleanup pylint comments Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix url name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * *: use ExtractHour instead of ExtractDay Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-15 17:02:31 +01:00
Jens Langhammer	1f038ecee2	providers/oauth2: fallback to anonymous user for policy engine Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 20:22:06 +01:00
Jens Langhammer	1b1f2ea72c	providers/oauth2: actually fix import order Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 19:58:24 +01:00
Jens Langhammer	6e1a54753e	providers/oauth2: fix import order Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 19:56:12 +01:00
Jens Langhammer	67d1f06c91	providers/oauth2: use guardian anonymous user to get claims for provider info Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 19:53:43 +01:00
Jens L	cd12e177ea	providers/proxy: add initial header token auth (#4421 ) * initial implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for openid/profile claims Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include jwks sources in proxy provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add web ui for jwks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only show sources with JWKS data configured Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix introspection tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start basic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs, update admonitions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add client_id to api, add tab for auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:22:03 +01:00
Jens Langhammer	31c6ea9fda	providers/oauth2: don't allow spaces in scope_name closes #4094 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:20:37 +01:00
Jens L	20931ccc1d	providers/oauth2: correctly fill claims_supported based on selected scopes (#4429 ) * providers/oauth2: correctly fill claims_supported based on selected scopes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add nonce claim Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 14:14:25 +01:00
Jens L	e6b5810e03	polices/hibp: remove deprecated (#4363 ) * remove hibp Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * don't save event matcher apps in migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs, update some phrasing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 13:19:26 +01:00
Jens L	3131e557d9	providers/proxy: add tests for proxy basic auth (#4357 ) * add tests for proxy basic auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stop bandit from complaining Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add API tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 22:04:16 +01:00
Jens L	dc1359a763	providers/saml: initial SLO implementation (#2346 ) * providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 19:45:31 +01:00
Jens L	1e01e9813d	providers/saml: add prefix to entity descriptor (#4355 ) add prefix to entity descriptor Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 16:44:52 +01:00
Jens Langhammer	e887a315be	providers/oauth2: correctly advertise supported response_modes_supported Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 10:21:34 +01:00
Jens Langhammer	4b93f40c5e	providers/oauth2: fix null amr value not being removed from id_token closes #4339 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-03 00:41:18 +01:00
Jens Langhammer	57400925a4	providers/saml: don't error if no request in API serializer context Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-03 00:14:16 +01:00
Jens Langhammer	01da8e1792	providers/oauth2: optimise and cache signing key, prevent key being loaded multiple times Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 12:04:31 +01:00
Jens L	609f95ac97	providers: add preview for mappings (#4254 ) * preview Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: show provider page on application page Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use oauth2 end session url instead of direct interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * dont show provider page on application page for now Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add UI for preview Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * translate and release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate saml api files Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-21 12:13:11 +01:00
Jens Langhammer	f8ef2b666f	events: fix incorrect EventAction being used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-25 11:53:05 +01:00
Jens Langhammer	a9909fcf6d	providers/oauth2: set amr values based on login event closes #4070 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-25 11:21:59 +01:00
Jens Langhammer	1fa9b3a996	providers/saml: set AuthnContextClassRef based on login event Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #4070	2022-11-25 11:21:45 +01:00
Jens L	ffe6f65af5	outposts/kubernetes: ingress class (#4002 ) * add support for ingressClassName Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add option to disable ssl verification for k8s controller Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-14 14:24:11 +01:00
Jens Langhammer	3306003f0e	providers/oauth2: fix inconsistent expiry encoded in JWT - access token validity is used for JWTs issues in implicit flows - general cleanup of how times are set closes #2581 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-10 20:23:24 +01:00
Jens L	cfad472e1b	flows: optimise queries (#3818 ) * flows: optimise flow queries Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * index source on slug and name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * binding index Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add policy parent index Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup old migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release note to upgrade Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 22:53:07 +02:00
Jens Langhammer	3e1490dcac	providers/saml: don't attempt verification of SAML request when no verification certificate is configured Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:26:04 +02:00
Jens L	b85be12567	providers/oauth2: fix issues with es256 and add tests (#3808 ) fix issues with es256 and add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:01:29 +02:00
Jens L	363872715d	sources/saml: revamp SAML Source (#3785 ) * update saml source to use user connections, add all attributes to flow context Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * check for SAML Status in response, add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * package apple icon Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add webui for connections Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-14 17:04:47 +02:00
Jens L	217e145d23	stages/authenticator_sms: make sms stage payload customisable (#3780 ) * make sms stage payload customisable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update phrasing for webhook mapping Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-14 11:53:01 +02:00
Jens Langhammer	e5e6c33b2d	providers/oauth2: fix expires_in not being an int Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-11 14:25:30 +03:00
Jens L	8ed2f7fe9e	providers/oauth2: add device flow (#3334 ) * start device flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix inconsistent app filtering Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tenant device code flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add throttling to device code view Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * somewhat unrelated changes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add initial device code entry flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add finish stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * it works Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add support for verification_uri_complete Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add some tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-11 12:42:10 +02:00
Jens Langhammer	9bbe8e6c57	providers/oauth2: save full IDToken to database, only use to_dict for encoding final token Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-08 15:06:17 +03:00
Jens Langhammer	b2a658d091	providers/oauth2: remove c_hash and nonce claim if they're not set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-07 17:07:33 +03:00
Jens Langhammer	ce085a029d	providers/oauth2: exclude at_hash claim if not set instead of being null closes #3739 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-07 10:10:53 +03:00
Jens Langhammer	7c0754000c	providers/oauth2: add all hardcoded claims to claims_supported list closes #3702 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-09-29 10:27:46 +02:00
Jens Langhammer	a407334d3b	providers/oauth2: use @method_decorator instead of decorating in urls Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-09-10 13:26:17 +02:00
Jens L	7517d612d0	providers/oauth2: add x5c (#3556 ) * add x5c, x5t and x5t#S256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * strip trailing = to fix encoding issues Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-09-08 23:30:05 +02:00
Jens L	62f93c83d4	ci: update pyright (#3546 )	2022-09-07 00:23:25 +02:00
Jens L	f2f22719f8	core: improve error template (#3521 )	2022-09-03 19:46:37 +02:00
Jens L	54ba3e9616	blueprints: add meta model to apply blueprint within blueprint for dependencies (#3486 ) * add meta model to apply blueprint within blueprint for dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use custom registry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix again Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * move ManagedAppConfig to apps.py Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * rename manager to registry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: use full tag in comment Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-29 21:20:58 +02:00
Jens Langhammer	917c4ae835	ci: fix typos Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-23 18:49:23 +02:00
Jens Langhammer	0cc83c23c4	providers/proxy: fix duplicate proxy set default Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-18 21:13:45 +01:00
Jens Langhammer	fdb8fb4b4c	providers/oauth2: fix oauth2 requests being logged as unauthenticated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-18 20:26:12 +02:00
Jens Langhammer	f4441c9fcf	providers/proxy: trigger proxy set_defaults task on startup closes #3445 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-18 17:42:27 +02:00
Jens Langhammer	846b63a17b	*: remove some very verbose logging messages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-17 13:36:56 +02:00
Jens Langhammer	e9c1276634	blueprints: use relative path in @apply_blueprint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-16 14:20:45 +02:00
Jens Langhammer	f01f10c5e5	providers/oauth2: don't separate scopes by comma-space Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-07 13:15:12 +02:00
Jens Langhammer	e1249d3760	providers/oauth2: fix scopes without descriptions not being saved in consent Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-07 13:02:47 +02:00
Jens L	ec42d378ab	blueprints/cleanup (#3369 )	2022-08-05 08:39:00 +02:00
Jens L	d1004e3798	blueprints: webui (#3356 )	2022-08-03 00:05:49 +02:00
Jens Langhammer	2bd29e2fdd	*: improve error handling for startup tasks Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-01 23:31:47 +02:00
Jens L	a023eee9bf	blueprints: migrate from managed (#3338 ) * test all bundled blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix empty title Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix default blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add script to generate dev config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate managed to blueprints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add more to blueprint instance Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrated away from ObjectManager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix lint errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate things Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix some tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix a bit more Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * whops Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sigh Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tasks Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * scheduled Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * run discovery on start Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * oops this test should stay Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-01 23:05:58 +02:00

1 2 3 4 5 ...

448 commits