Commit graph

10142 commits

Author SHA1 Message Date
Jens Langhammer 9723aa11df root: include security policy in website container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-29 00:05:42 +01:00
Alex Wigen 4e04461820
website/docs: Change Kubernetes ingress apiVersion out of beta (#4099)
* Change Kubernetes ingress apiVersion out of beta

* fix lint

Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 16:42:59 +01:00
Jens Langhammer 147ebf1a5e root: rework and expand security policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 12:10:53 +01:00
Jens Langhammer e22fce02f8 stages/authenticator_validate: improve validation for not_configured_action
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 10:52:51 +01:00
Jens Langhammer 3b8cb9e525 web/flows: fix display for long redirect URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 10:30:27 +01:00
dependabot[bot] beffb72e3b
web: bump @rollup/plugin-babel from 6.0.2 to 6.0.3 in /web (#4103)
Bumps [@rollup/plugin-babel](https://github.com/rollup/plugins/tree/HEAD/packages/babel) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/babel/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/babel-v6.0.3/packages/babel)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-babel"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-28 10:25:06 +01:00
dependabot[bot] b5c53d5e40
web: bump @rollup/plugin-typescript from 9.0.2 to 10.0.0 in /web (#4101)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript) from 9.0.2 to 10.0.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/typescript-v10.0.0/packages/typescript)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-28 10:24:45 +01:00
dependabot[bot] 477dbc6daf
web: bump @rollup/plugin-commonjs from 23.0.2 to 23.0.3 in /web (#4102) 2022-11-28 10:06:26 +01:00
dependabot[bot] 3aaabdcc9d
core: bump pycryptodome from 3.15.0 to 3.16.0 (#4104) 2022-11-28 10:06:17 +01:00
dependabot[bot] d045b0be1a
core: bump selenium from 4.6.0 to 4.6.1 (#4105) 2022-11-28 10:06:06 +01:00
Jens Langhammer e2bd96c5de stages/authenticator_validate: fix validation to ensure configuration stage is set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 21:37:52 +01:00
Daniel be9790ef8a
internal: reuse http transport to prevent leaking connections (#3996)
* Fix: Using the same http transport as the api

* fix: Using global tlsTransport instead of newly created one
2022-11-25 18:24:01 +01:00
Jens Langhammer f8ef2b666f events: fix incorrect EventAction being used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 11:53:05 +01:00
Jens Langhammer 7bc63791c9 root: update deprecation warnings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 11:47:28 +01:00
Jens Langhammer a9909fcf6d providers/oauth2: set amr values based on login event
closes #4070

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 11:21:59 +01:00
Jens Langhammer 1fa9b3a996 providers/saml: set AuthnContextClassRef based on login event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#4070
2022-11-25 11:21:45 +01:00
Jens Langhammer 5019346ab6 events: save login event in session after login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#4070
2022-11-25 11:21:00 +01:00
Jens Langhammer f22f1ebcde stages/authenticator_validate: save used mfa devices in login event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 10:47:49 +01:00
dependabot[bot] 1e328436d8
web: bump @codemirror/legacy-modes from 6.3.0 to 6.3.1 in /web (#4084)
Bumps [@codemirror/legacy-modes](https://github.com/codemirror/legacy-modes) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/codemirror/legacy-modes/releases)
- [Changelog](https://github.com/codemirror/legacy-modes/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/legacy-modes/compare/6.3.0...6.3.1)

---
updated-dependencies:
- dependency-name: "@codemirror/legacy-modes"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-25 10:47:30 +01:00
dependabot[bot] cb9a759aa0
web: bump @trivago/prettier-plugin-sort-imports from 3.4.0 to 4.0.0 in /web (#4085)
web: bump @trivago/prettier-plugin-sort-imports in /web

Bumps [@trivago/prettier-plugin-sort-imports](https://github.com/trivago/prettier-plugin-sort-imports) from 3.4.0 to 4.0.0.
- [Release notes](https://github.com/trivago/prettier-plugin-sort-imports/releases)
- [Changelog](https://github.com/trivago/prettier-plugin-sort-imports/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trivago/prettier-plugin-sort-imports/compare/v3.4.0...v4.0.0)

---
updated-dependencies:
- dependency-name: "@trivago/prettier-plugin-sort-imports"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-25 10:47:09 +01:00
dependabot[bot] b80c528531
core: bump importlib-metadata from 5.0.0 to 5.1.0 (#4086)
Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v5.0.0...v5.1.0)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-25 10:46:49 +01:00
dependabot[bot] e03d2c06a8
core: bump structlog from 22.1.0 to 22.3.0 (#4087)
Bumps [structlog](https://github.com/hynek/structlog) from 22.1.0 to 22.3.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hynek/structlog/compare/22.1.0...22.3.0)

---
updated-dependencies:
- dependency-name: structlog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-25 10:46:09 +01:00
John Arrandale 501d63b3aa
website/docs: add notice for unique Base DN (#4073)
* providers/ldap: updates documentation related to issue #4038

Signed-off-by: John Arrandale <bootsie227@gmail.com>

* providers/ldap: adheres to the CI prettier-check

Signed-off-by: John Arrandale <bootsie227@gmail.com>
2022-11-24 20:52:13 +01:00
Jens Langhammer 1c2cdfe06a web/flows: improve error messages for failed duo push
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 13:42:13 +01:00
dependabot[bot] 118555c97a
web: bump @sentry/tracing from 7.21.0 to 7.21.1 in /web (#4078)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.21.0 to 7.21.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.21.0...7.21.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:18:12 +01:00
dependabot[bot] 6af9fbc94e
web: bump prettier from 2.7.1 to 2.8.0 in /web (#4075)
Bumps [prettier](https://github.com/prettier/prettier) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.7.1...2.8.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:17:57 +01:00
dependabot[bot] 3020f9506e
web: bump @types/mermaid from 9.1.0 to 9.2.0 in /web (#4076)
Bumps [@types/mermaid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mermaid) from 9.1.0 to 9.2.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mermaid)

---
updated-dependencies:
- dependency-name: "@types/mermaid"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:11:21 +01:00
dependabot[bot] ce9c6a9689
website: bump prettier from 2.7.1 to 2.8.0 in /website (#4074)
Bumps [prettier](https://github.com/prettier/prettier) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.7.1...2.8.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:11:11 +01:00
dependabot[bot] 8f2d573721
web: bump pyright from 1.1.280 to 1.1.281 in /web (#4077)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.280 to 1.1.281.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.281/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:10:57 +01:00
dependabot[bot] 97c31d0a21
web: bump @sentry/browser from 7.21.0 to 7.21.1 in /web (#4079)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.21.0 to 7.21.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.21.0...7.21.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:10:49 +01:00
dependabot[bot] 46d28d8082
core: bump goauthentik.io/api/v3 from 3.2022110.1 to 3.2022111.1 (#4080)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022110.1 to 3.2022111.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022110.1...v3.2022111.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:10:36 +01:00
dependabot[bot] d248dd5b1b
core: bump urllib3 from 1.26.12 to 1.26.13 (#4081)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.12 to 1.26.13.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.13/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.12...1.26.13)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 12:10:27 +01:00
Jens Langhammer 474677017f web/admin: fix empty request being sent due to multiple forms in duo import modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 12:08:06 +01:00
Jens Langhammer 0813a49ca5 web/admin: clarify phrasing that user ID is required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 11:37:54 +01:00
Jens Langhammer d0308a8239 stages/authenticator_validate: log duo error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 11:36:43 +01:00
Jens Langhammer 6843c8389b stages/authenticator_duo: fix imported duo devices not being confirmed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-24 11:36:34 +01:00
github-actions[bot] 7b0f89398d
web: bump API Client version (#4071)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-11-23 11:18:38 +01:00
Jens Langhammer 97b867298a Merge branch 'version-2022.11' 2022-11-23 10:38:49 +01:00
dependabot[bot] 76d5cbcea9
web: bump @sentry/tracing from 7.20.1 to 7.21.0 in /web (#4068)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.20.1 to 7.21.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.20.1...7.21.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 10:38:28 +01:00
dependabot[bot] 2b925536d3
web: bump @patternfly/patternfly from 4.219.2 to 4.221.2 in /web (#4067)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.219.2 to 4.221.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.219.2...prerelease-v4.221.2)

---
updated-dependencies:
- dependency-name: "@patternfly/patternfly"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 10:37:39 +01:00
dependabot[bot] 4baa5ae7a2
web: bump chart.js from 3.9.1 to 4.0.1 in /web (#4066)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.9.1 to 4.0.1.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.9.1...v4.0.1)

---
updated-dependencies:
- dependency-name: chart.js
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 10:37:31 +01:00
dependabot[bot] 3f9d4f7083
web: bump @sentry/browser from 7.20.1 to 7.21.0 in /web (#4065)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.20.1 to 7.21.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.20.1...7.21.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 10:37:23 +01:00
dependabot[bot] 10186a2e67
core: bump sentry-sdk from 1.11.0 to 1.11.1 (#4069)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.11.0...1.11.1)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 10:35:03 +01:00
Jens Langhammer 3a13d19695 release: 2022.11.1 2022-11-22 21:42:10 +01:00
Jens Langhammer ed7bef9dbf blueprints: open fixtures in read only mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 21:39:30 +01:00
Jens Langhammer 4a17795df9 root: fix locales not being included in docker image
closes #3885

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 21:39:26 +01:00
Jens Langhammer 07b1aea767 root: bump security info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 21:18:02 +01:00
Jens Langhammer ab0f8d027d website/docs: add 2022.11.1 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 21:17:05 +01:00
Jens Langhammer b9fdb63a57 core: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 21:02:18 +01:00
Jens Langhammer 94833dd1e7 web/admin: reset cookie_domain when setting non-domain forward auth
closes #4063

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-22 20:46:20 +01:00