798 Commits

Author	SHA1	Message	Date
Jens L	972dce1462	security: fix CVE-2023-26481 (#4832) ... fix CVE-2023-26481 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-02 20:15:33 +01:00
sdimovv	a6eba37d5a	core: Add `resolve_dns` and `reverse_dns` functions to evaluator (#4769) ... * Add resolve_dns * Add reverse_dns * Fix lint * add caching, small optimisation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Added time-aware LRU cache --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-01 22:15:13 +01:00
Jens L	5e60db8593	providers/oauth2: fix typo (#4803)	2023-02-27 17:17:48 +01:00
Jens L	39d0893303	flows: change default flow stage binding settings (#4784) ... * flows: change default flow stage binding settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fallback to correct value Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-27 15:21:26 +01:00
Jens L	596ff529c4	core: bootstrap email (#4788)	2023-02-26 17:02:45 +01:00
roche-quentin	cd99b6e48f	providers/ldap: making ldap compatible with synology (#4694) ... * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 15:26:41 +01:00
sdimovv	51c6a14786	providers/ldap: Improve compatibility with LDAP clients (#4750) ... * Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-' * Leave old fields for now for backward compatibility * Add forgotten depreceated field * Fix tests * Fix tests * use shorter attribute names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sanitize attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep both sanitized and unsanitized user fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sanitized fields to test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:18:22 +01:00
Jens L	122055b38b	stages/user_login: terminate others (#4754) ... * rework session list Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use sender filtering for signals when possible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add terminate_other_sessions Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:09:28 +01:00
Jens L	b61d181ec7	website/docs: add better explanation for goauthentik.io/user/token-ex… (#4755) ... website/docs: add better explanation for goauthentik.io/user/token-expires closes #4727	2023-02-22 13:24:04 +01:00
Jens Langhammer	2c78053631	website/docs: add release note titles ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-21 12:27:24 +01:00
Jens Langhammer	17364c3bd8	website/docs: add 2023.2.2 release notes ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 20:34:25 +01:00
Jens Langhammer	19f5e6e07e	website/docs: update events page ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 16:44:13 +01:00
Jens Langhammer	7d6b573f8b	website: migrate to mermaid charts, rework proxy page ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 12:14:17 +01:00
Jens Langhammer	c340830b37	website/docs: prepare 2023.2.1 ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-14 18:19:02 +01:00
Jens Langhammer	cf36da2e5d	website/docs: prepare 2023.2 release notes ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-12 17:44:53 +01:00
sdimovv	b69e55eae9	core: Add support for auto generating unique avatars based on the user's initials (#4663)	2023-02-12 16:35:17 +01:00
Jens L	af43330fd6	providers/oauth2: rework OAuth2 Provider (#4652) ... * always treat flow as openid flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve issuer URL generation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactoring Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update introspection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refinement Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more things, update api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * regen migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start updating tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix implicit flow, auto set exp Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix timeozone not used correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix revoke Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more timezone shenanigans Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix userinfo tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing at_hash for implicit flows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-include at_hash in implicit auth flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use folder context for outpost build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-09 20:19:48 +01:00
Jens Langhammer	a7cf454760	web/admin: add notice for user_login stage session cookie behaviour ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-08 14:18:52 +01:00
Jens Langhammer	7a85038c11	website/docs: prepare 2023.2 release notes ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-07 22:52:29 +01:00
Jens Langhammer	3170b2f92c	providers/proxy: add token support for basic auth ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-07 22:50:49 +01:00
Melvin Snijders	547c01f481	website/docs: update Caddy docs to include HTTPS proxying (#4316) ... Update Caddy documentation to include HTTPS proxying Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>	2023-02-03 14:43:13 +01:00
Jens L	7d4ce41e12	providers/proxy: outpost wide logout implementation (#4605) ... * initial outpost wide logout implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle deserialize error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix file cleanup, add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 21:18:59 +01:00
Jens Langhammer	cadb710c38	website/docs: add troubleshooting for CSRF ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 11:09:03 +01:00
Skyler Mäntysaari	c2b4d14af5	website/docs: Add note for firefox about FIDO and TouchID (#4552) ... * docs(passwordless): Make sure to include a warning Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com> * add notice for firefox touchID Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-01-28 22:45:51 +01:00
Jens Langhammer	b99afd82b2	stages/user_write: fix migration setting wrong value, fix form ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-23 14:38:26 +01:00
Jens Langhammer	446dc0a17b	website/docs: prepare 2023.1.1 ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-20 14:25:20 +01:00
Jens Langhammer	3a59b75f4a	website/docs: update ldap provider docs ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-20 11:46:57 +01:00
Jens L	98485c528e	ci: build beta for amd64 and arm64 (#4468) ... * ci: build for arm64, but independently Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add notice to beta Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-19 21:41:56 +01:00
Jens Langhammer	59be3c7746	website/docs: add docs for validating phone numbers before SMS enrollment ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-19 17:57:52 +01:00
Jens Langhammer	97acc77e0a	website/docs: update 2023.1 release notes ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-18 15:25:58 +01:00
Jens Langhammer	eb1e0427c1	website/docs: add missing user uid field ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-18 15:22:06 +01:00
Jens L	23c69c456a	providers/proxy: add setting to intercept authorization header (#4457) ... * add setting to intercept authorization header Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to intercept_header_auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 18:56:48 +01:00
Jens L	c73fce4f58	sources/ldap: manual import (#4456) ... * events: fix task UID Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ldap sync command Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 12:21:33 +01:00
Jens Langhammer	19ee98b36d	outposts/proxy: allow setting no-redirect via header or query param ... closes #4455 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 10:56:43 +01:00
Jens Langhammer	07767c9376	website/docs: add disclaimer to beta page that downgrade isn't supported ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-16 10:44:42 +01:00
Jens Langhammer	d31e566873	outposts/proxy: add header to prevent redirects ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 22:18:25 +01:00
Jens Langhammer	b6b97f4706	website/docs: update 2023.1 release notes ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:32:34 +01:00
Jens L	cd12e177ea	providers/proxy: add initial header token auth (#4421) ... * initial implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for openid/profile claims Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include jwks sources in proxy provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add web ui for jwks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only show sources with JWKS data configured Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix introspection tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start basic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs, update admonitions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add client_id to api, add tab for auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:22:03 +01:00
Jens Langhammer	d3e2f41561	website/docs: fix typo ... Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-09 13:13:41 +01:00
Jens Langhammer	bec538c543	sources/ldap: make task timeout adjustable ... closes #4375 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-06 12:37:59 +01:00
Jens L	2604dc14fe	providers/ldap: add code-MFA support for ldap provider (#4354) ... * add code support for ldap provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * only try to extract code when auth validator stage is encountered Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use parseint instead Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 18:32:06 +01:00
Jens L	a960ce9454	stages/user_write: add more user creation options (#4367) ... * add more user creation options Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update blueprints and docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 15:46:20 +01:00
Jens L	e6b5810e03	polices/hibp: remove deprecated (#4363) ... * remove hibp Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * don't save event matcher apps in migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs, update some phrasing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 13:19:26 +01:00
Jens Langhammer	ed3f36e72a	website/docs: update redirect docs ... closes #4248 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 12:38:38 +01:00
Jens Langhammer	1efc7eecbf	website/docs: add metrics for monitoring and metrics ... closes #4308 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 20:49:35 +01:00
Jens L	dc1359a763	providers/saml: initial SLO implementation (#2346) ... * providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 19:45:31 +01:00
Jens Langhammer	c4bb51469b	website/docs: prepare 2022.12.2 ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 10:15:15 +01:00
Jens Langhammer	82184b2882	web/flows: fix alternate captchas not loading ... closes #4321 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-01 18:49:41 +01:00
Jens Langhammer	c8bd0fbb1c	website/docs: prepare 2022.12.1 release ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-29 23:59:05 +01:00
Jens Langhammer	c99798b1f2	website/docs: update release notes, remove duplicate files ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-29 23:28:15 +01:00