Commit Graph

1228 Commits

Author SHA1 Message Date
Jens L 972dce1462
security: fix CVE-2023-26481 (#4832)
fix CVE-2023-26481

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-02 20:15:33 +01:00
sdimovv a6eba37d5a
core: Add `resolve_dns` and `reverse_dns` functions to evaluator (#4769)
* Add resolve_dns

* Add reverse_dns

* Fix lint

* add caching, small optimisation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Added time-aware LRU cache

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-01 22:15:13 +01:00
Jens L 5e60db8593
providers/oauth2: fix typo (#4803) 2023-02-27 17:17:48 +01:00
Jens L 39d0893303
flows: change default flow stage binding settings (#4784)
* flows: change default flow stage binding settings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fallback to correct value

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 15:21:26 +01:00
Jens L 99ddbf553c
website: add X-Frame-Options (#4800)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-27 13:40:33 +01:00
Jens L 596ff529c4
core: bootstrap email (#4788) 2023-02-26 17:02:45 +01:00
Tealk 7503b32c74
website/integrations: Zammad instructions (#4644)
* add zammad

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* some improvements

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* add navi-item

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* fix mappings

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* typo

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* personalized link removed

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder & fix SAML

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
2023-02-22 16:55:32 +00:00
Tealk 383b6a38ba
website/integrations: Mastodon integration (#4733)
* init mastodon integration

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace username with sub

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
2023-02-22 17:23:38 +01:00
Tealk 7d9eef37ed
website/integrations: Mobilizon instructions (#4747)
* add mobilizonintegration

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* replace inventory placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* Replace placeholder

Signed-off-by: Tealk <tealk@rollenspiel.monster>

* text improvement

Signed-off-by: Tealk <tealk@rollenspiel.monster>

---------

Signed-off-by: Tealk <tealk@rollenspiel.monster>
2023-02-22 16:20:47 +00:00
kolaente 60d3da20f3
website/integrations: fix Vikunja setup instructions (#4730)
* fix: Vikunja setup instructions

Signed-off-by: kolaente <k@knt.li>

* fix: clarify what needs restarting after config change

---------

Signed-off-by: kolaente <k@knt.li>
2023-02-22 15:31:18 +00:00
roche-quentin cd99b6e48f
providers/ldap: making ldap compatible with synology (#4694)
* internal/outpost/ldap: making ldap compatible with synology

* fix duplicate attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs about homedirectory

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix duplicate attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add substitution to values

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 15:26:41 +01:00
sdimovv 51c6a14786
providers/ldap: Improve compatibility with LDAP clients (#4750)
* Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-'

* Leave old fields for now for backward compatibility

* Add forgotten depreceated field

* Fix tests

* Fix tests

* use shorter attribute names

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* sanitize attributes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep both sanitized and unsanitized user fields

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add sanitized fields to test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:18:22 +01:00
Jens L 122055b38b
stages/user_login: terminate others (#4754)
* rework session list

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use sender filtering for signals when possible

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add terminate_other_sessions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:09:28 +01:00
Jens L b61d181ec7
website/docs: add better explanation for goauthentik.io/user/token-ex… (#4755)
website/docs: add better explanation for goauthentik.io/user/token-expires

closes #4727
2023-02-22 13:24:04 +01:00
Jens Langhammer 2c78053631
website/docs: add release note titles
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-21 12:27:24 +01:00
Jens Langhammer 8de4471322
website: update blog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-17 19:35:39 +01:00
Jens Langhammer e5dfe7dafe
website: always show build version in version dropdown
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#3940
2023-02-16 14:38:58 +01:00
Jens Langhammer 17364c3bd8
website/docs: add 2023.2.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 20:34:25 +01:00
Jens Langhammer 19f5e6e07e
website/docs: update events page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 16:44:13 +01:00
Jens Langhammer 7d6b573f8b
website: migrate to mermaid charts, rework proxy page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 12:14:17 +01:00
Jens Langhammer 859b6cc60e
website: adjust padding on hero header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 00:28:45 +01:00
Jens Langhammer c340830b37
website/docs: prepare 2023.2.1
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 18:19:02 +01:00
Jens Langhammer fc9ae9e938
website: include 2023.2 in sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 13:17:55 +01:00
Jens Langhammer 6bb809fd82
website/integrations: remove exclude_x5 from guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 11:55:11 +01:00
Jens Langhammer cf36da2e5d
website/docs: prepare 2023.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-12 17:44:53 +01:00
sdimovv b69e55eae9
core: Add support for auto generating unique avatars based on the user's initials (#4663) 2023-02-12 16:35:17 +01:00
sdimovv e490d25791
website/integrations: Add danger annotation for using username as Nextcloud UID (#4667)
* Add danger annotation for using username as Nextcloud UID

* fix lint
2023-02-12 14:13:32 +01:00
sdimovv a2947975e4
website/integrations: Fix Nextcloud SAM UID value setting (#4656)
Fix SAM UID value setting

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
2023-02-10 14:58:11 +01:00
Jens Langhammer 99bb4c2cf8
website/sources: update mailcow docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-10 11:45:29 +01:00
Jens Langhammer b225f6f3ff
website: add sidebar item tests, bump node version to latest LTS
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 22:06:07 +01:00
barrelltitor ecd5fab082
website/integrations: add Gravitee integration (#4564)
* Add documentation on using Authentik with Gravitee

Adds documentation on using Authentik with Gravitee

Signed-off-by: barrelltitor <108460132+barrelltitor@users.noreply.github.com>

* Update sidebarsIntegrations.js

Signed-off-by: barrelltitor <108460132+barrelltitor@users.noreply.github.com>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: barrelltitor <108460132+barrelltitor@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 22:04:53 +01:00
Jens L af43330fd6
providers/oauth2: rework OAuth2 Provider (#4652)
* always treat flow as openid flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve issuer URL generation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more refactoring

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update introspection

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more refinement

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix more things, update api

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* regen migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix a bunch of things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start updating tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix implicit flow, auto set exp

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix timeozone not used correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix revoke

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more timezone shenanigans

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix userinfo tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix proxy outpost

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing at_hash for implicit flows

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-include at_hash in implicit auth flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use folder context for outpost build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 20:19:48 +01:00
dependabot[bot] cae04b8198
website: bump @sideway/formula from 3.0.0 to 3.0.1 in /website (#4647) 2023-02-09 03:26:08 +01:00
Jens Langhammer a7cf454760
web/admin: add notice for user_login stage session cookie behaviour
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-08 14:18:52 +01:00
dependabot[bot] 91db046978
website: bump prettier from 2.8.3 to 2.8.4 in /website (#4632)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.3 to 2.8.4.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.3...2.8.4)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 11:34:43 +01:00
Jens Langhammer 7a85038c11
website/docs: prepare 2023.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:52:29 +01:00
Jens Langhammer 3170b2f92c
providers/proxy: add token support for basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:50:49 +01:00
Jens Langhammer 555b33c252
website/blog: fix formatting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 17:40:16 +01:00
Jens Langhammer f5047e3ab0
website/blog: publish new blog post
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 17:35:39 +01:00
dependabot[bot] ed01a844ef
website: bump @docusaurus/preset-classic from 2.2.0 to 2.3.1 in /website (#4619)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.3.1/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-06 11:25:28 +01:00
dependabot[bot] c6843a1307
website: bump @docusaurus/plugin-client-redirects from 2.2.0 to 2.3.1 in /website (#4620)
website: bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.3.1/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-06 11:20:47 +01:00
Antoine a890b93869
website/integrations: Update pgAdmin documentation (#4319)
* Update index.md

Signed-off-by: Antoine <antoine+github@jiveoff.fr>

* doc: quick update

* Update index.md

Signed-off-by: Antoine <antoine+github@jiveoff.fr>

---------

Signed-off-by: Antoine <antoine+github@jiveoff.fr>
2023-02-03 14:54:04 +01:00
bjk525 8cf0a5dace
website/integrations: update pfSense integration details (#4337)
* Update index.md

Removed need to enable ExtendedQuery, changed format of Authentication Containers to use semi-colons per note in pfSense, and added setting for Group member attribute (to allow users to not have to create pfsense users individually)

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>

* Update index.md

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>

* Update index.md

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>

* revert Authentication containers

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: bjk525 <34558980+bjk525@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 13:45:13 +00:00
Melvin Snijders 547c01f481
website/docs: update Caddy docs to include HTTPS proxying (#4316)
Update Caddy documentation to include HTTPS proxying

Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>
2023-02-03 14:43:13 +01:00
Abdullah Alhazmy fabb03ca69
website/integrations: update NextCloud integration details (#4346)
* Update nextcloud Documentation

Signed-off-by: Abdullah Alhazmy <me@alhazmy13.net>

* Update nextcloud Documentation

Signed-off-by: Abdullah Alhazmy <me@alhazmy13.net>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Abdullah Alhazmy <me@alhazmy13.net>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 13:39:05 +00:00
Zakaria aourzag 352a2057dd
website/integrations: change default portainer user identifier (#3945)
* change email to username

change the current settings from username as email to username.

Signed-off-by: Zakaria aourzag <z.aourzag@gmail.com>

* update

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Zakaria aourzag <z.aourzag@gmail.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 14:37:31 +01:00
Jens L 7d4ce41e12
providers/proxy: outpost wide logout implementation (#4605)
* initial outpost wide logout implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* handle deserialize error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix file cleanup, add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 21:18:59 +01:00
Jens Langhammer ccf956d5c6
website/integrations: update pgadmin docs
closes #4603

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 15:51:49 +01:00
Jens Langhammer cadb710c38
website/docs: add troubleshooting for CSRF
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 11:09:03 +01:00
dependabot[bot] 3f108a0ed8
website: bump http-cache-semantics from 4.1.0 to 4.1.1 in /website (#4602)
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases)
- [Commits](https://github.com/kornelski/http-cache-semantics/commits)

---
updated-dependencies:
- dependency-name: http-cache-semantics
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-02 10:47:37 +01:00