Commit graph

723 commits

Author SHA1 Message Date
Jens Langhammer 9d392931df root: fix lint errors from re-format
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 18:09:16 +02:00
Jens Langhammer 2c60ec50be web: re-format with prettier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 17:52:21 +02:00
Jens Langhammer 96d7a5a27f web/admin: fix empty column when no invitation expiry was set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:44:10 +02:00
Jens Langhammer ac77291b6d web/admin: add re-authenticate button for plex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1205
2021-08-01 11:47:39 +02:00
Jens Langhammer 5571aa32b6 web/admin: add UI to copy invitation link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 11:47:22 +02:00
Jens Langhammer f9382b8458 web/admin: fix embedded outpost showing version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 14:59:16 +02:00
Jens Langhammer 8bb57a1283 web/admin: re-name service connection to integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 13:48:26 +02:00
Jens L f01bc20d44
Embedded outpost (#1193)
* api: allow API requests as managed outpost's account when using secret_key

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load secret key from env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: make listener IP configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: run outpost in background and pass requests conditionally

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: unify branding to embedded

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix embedded outpost not being editable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix mismatched host detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix LDAP test not including user for embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix user matching

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add tests for secret_key auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load environment variables using github.com/Netflix/go-env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 11:30:30 +02:00
Jens Langhammer 9c0f7e0018 web/admin: fix LDAP Provider bind flow list being empty
closes #1192

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-28 21:01:10 +02:00
Jens Langhammer 577aa7ba79 web/admin: add status card for https and timedrift
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-26 19:58:26 +02:00
Jens Langhammer 64c8ca9b5d web/admin: default to authentication flow for LDAP provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-26 18:47:59 +02:00
Jens Langhammer 5552e0ffa7 web/admin: add notice for event_retention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-26 18:47:46 +02:00
Jens Langhammer 0587ab26e8 web/admin: fix ApplicationView's CheckAccess not sending UserID correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-25 21:03:32 +02:00
Jens Langhammer 1972464a20 tenants: make event retention configurable on tenant level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-24 20:07:12 +02:00
Jens Langhammer 464c27ef17 web: improve UI for event actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 22:27:51 +02:00
Jens Langhammer 7f25b6311d web/admin: fix negative count for policies when more cached than total policies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 00:01:28 +02:00
Jens Langhammer 902378af53 providers/oauth2: fix redirect_uris not having blank set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-21 00:22:09 +02:00
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 21:15:14 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138)
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 90fe1c2ce8 providers/oauth2: allow blank redirect_uris to allow any redirect_uri
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-08 19:28:35 +02:00
Jens Langhammer abed254ca1 web/admin: make table dispatch refresh event on refresh button instead of just fetching
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-05 09:48:14 +02:00
Jens Langhammer 320dab3425 core: only show Reset password link when recovery flow is configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-04 12:59:41 +02:00
Jens Langhammer d07704fdf1 crypto: show both sha1 and sha256 fingerprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 19:25:27 +02:00
Jens Langhammer c19da839b1 stages/user_write: add create_users_as_inactive flag
close #1086

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-28 23:24:54 +02:00
Jens Langhammer 2b1356bb91 flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses
closes #1079

Default value of `retry` behaves like previous version.

`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-28 00:22:09 +02:00
Jens Langhammer 7d9c74ce04 tenants: include all default flows in current_tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 23:47:49 +02:00
Jens Langhammer 4ec5df6b12 web/admin: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 22:30:33 +02:00
Jens Langhammer 0403f6d373 web/admin: add flow export button on flow view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 22:03:19 +02:00
Jens Langhammer b7f4d15a94 web/admin: fix deletion of authenticator not reloading the state correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 21:22:10 +02:00
Jens Langhammer 9bd613a31d stages/authenticator_duo: fix component not being set in API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 20:49:58 +02:00
Jens Langhammer 63a28ca1e9 web/admin: fix only recovery flows being selectable for unenrollment flow in tenant form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 19:33:20 +02:00
Jens Langhammer 0d81eaffff web/admin: fix text color on pf-c-card
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-24 19:30:16 +02:00
Jens Langhammer e7d36c095d web/admin: sort inputs on authenticator validation stage form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 15:35:39 +02:00
Jens Langhammer 641872a33a web/admin: fix tenant's default flag not being saved
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1044
2021-06-19 12:42:29 +02:00
Jens Langhammer 4de927ba5b web/admin: fix link for github issue creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 18:55:43 +02:00
Jens Langhammer 74e578c2bf events: add tenant to event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 18:43:29 +02:00
Jens Langhammer e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 17:22:58 +02:00
Jens Langhammer 4e9be85353 website/docs: add docs for outpost configuration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 09:21:35 +02:00
Jens Langhammer 09cd8f8f63 web/admin: fix ak-application-check-access-form for get api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 22:40:51 +02:00
Jens Langhammer c9dda17c68 web/admin: select service connection by default when only one exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 20:12:01 +02:00
Jens Langhammer 0832145a01 web: fix fields for new api schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 15:36:25 +02:00
Jens Langhammer 4e18f47f28 web/flows: fix expiry not shown on consent stage when loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 12:21:11 +02:00
Jens Langhammer 715a71427e web/admin: fix user enable/disable modal not matching other modals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 20:31:02 +02:00
Jens Langhammer 676b77aa7c stages/identification: add UPN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:48:39 +02:00
Jens Langhammer 8d6db0fabf flows: fix configuration URL being set when no flow is configure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:07:26 +02:00
Jens Langhammer 8ddcf99bf7 web: fix flow download link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 21:47:40 +02:00
Jens Langhammer d878d2140e providers/saml: add metadata download link to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 14:06:44 +02:00
Jens Langhammer 4766d6ff3d flows: add export URL to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 13:52:50 +02:00
Jens Langhammer 3a64d97040 crypto: add download links as API fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 13:46:12 +02:00
Jens Langhammer 9f7c941426 Merge branch 'master' into next 2021-06-10 11:59:10 +02:00
Jens L 34ae9e6dab
API: add endpoint to show by what objects an object is used (#995)
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 11:58:12 +02:00
Jens Langhammer 7834146efc web/admin: fix authenticatior_valiation stage not setting correct fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 19:38:54 +02:00
Jens Langhammer d4379ecd31 flows: fix configure_url not being set correctly User settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 19:25:27 +02:00
Jens Langhammer 2210497569 events: add EMAIL_SENT event, show sent emails in event log
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 10:28:32 +02:00
Jens Langhammer 2addf71f37 outposts: add service connection to outpost API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 09:45:14 +02:00
Jens Langhammer de11181890 web/admin: fix outpost/ldap charts when no healthy objects exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 09:31:30 +02:00
Jens L dad24c03ff
outposts: set cookies for a domain to authenticate an entire domain (#971)
* outposts: initial cookie domain implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add cookie domain setting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: replace forward_auth_mode with general mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: rebuild proxy provider form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: re-add forward_auth_mode for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix data.mode not being set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: always set log level to debug when testing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: use new mode attribute

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only ingress /akprox on forward_domain

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix error on ProxyProviderForm when not using proxy mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix default for outpost form's type missing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add additional desc for proxy modes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix service account permissions not always being updated

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: fix redirecting to incorrect host for domain mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: improve error handling for network errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: fix image naming not matching main imaeg

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: fix redirects for domain mode and traefik

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix colour for paragraphs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix consent stage not showing permissions correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add domain-level docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken links

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: remove dead code

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix missing id for #header-text

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 23:10:17 +02:00
Jens Langhammer fb8d67a9d9 core: add configure_url to UserSettings for both stages and sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 19:21:27 +02:00
Jens Langhammer 029d58191e sources/saml: include metadata download link in API response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 17:22:03 +02:00
Jens Langhammer 75404f1345 web/admin: pass full configure flow URL instead of just boolean
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 17:14:54 +02:00
Jens Langhammer d9ffb23a80 web/admin: improve ldap form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 09:31:36 +02:00
Jens Langhammer d55d44d664 web/user: fix deletion of authenticator not refreshing page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 19:09:29 +02:00
Jens Langhammer b55c3a687d web/admin: fix default for policy binding negate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 14:04:20 +02:00
Jens Langhammer bedf7fbcaa web/admin: don't show backup error when server can't backup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:51:23 +02:00
Jens Langhammer 8ea02e4cc9 web/admin: fix charts not showing with null values
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:40:32 +02:00
Jens Langhammer f5dbdbd48b *: add clear param to file upload API to delete stored file and reset field
closes #949

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 21:33:03 +02:00
Jens Langhammer 277c2f4aad core: make application.meta_icon nullable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#949
2021-06-05 21:06:52 +02:00
Jens Langhammer 86b450c6d1 flows: add compatibility_mode to toggle ShadyDOM
closes #894

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 20:04:30 +02:00
Jens Langhammer 24da24b5d5 stages/identification: allow setting of a password stage to check password and identity in a single step
closes #970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 16:05:03 +02:00
Jens Langhammer 7c300f0858 web/admin: fix flow export button not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 00:40:07 +02:00
Jens Langhammer cec47c3cfc providers/oauth2: show id_token issues for refresh token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 22:05:04 +02:00
Jens Langhammer 4d773274d4 web: fix missing default favicon and not updating correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:47:56 +02:00
Jens Langhammer 3ea2b16a12 tenants: add separate field for favicon url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:31:04 +02:00
Jens Langhammer a113778ca7 web/admin: fix css for dropdown toggles which are secondary
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 20:42:31 +02:00
Jens Langhammer 06caaa7c80 web/admin: fix BoundPoliciesList's policy edit button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 20:29:34 +02:00
Jens Langhammer 166b98fa34 web/admin: fix BoundPoliciesList's edit policy button not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 18:00:26 +02:00
Jens Langhammer 770316a49f web/admin: fix oauth source not creatable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:36:21 +02:00
Jens Langhammer 85d349e776 web/admin: only allow outpost providers matching outpost type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:35:36 +02:00
Jens Langhammer 9900cc5c81 web/admin: fix urls not showing when pre-selected provider is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:33:59 +02:00
Jens Langhammer 3af48a81e2 web/admin: fix source type not always matching modelname
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:30:04 +02:00
Jens Langhammer 5bebf26908 web/admin: fix CanSaveMedia -> SaveMedia
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:16:21 +02:00
Jens Langhammer e295f18e78 web/admin: fix error when importing SAML Metadata
closes #948

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 22:26:24 +02:00
Jens Langhammer e24a9e3119 policies: fix missing negate flag of policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 11:50:29 +02:00
Jens Langhammer cf57660772 web/admin: add basic session management UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:02:20 +02:00
Jens Langhammer 11607622a3 web/admin: fix proxy provider's certificate not being optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 00:22:58 +02:00
Jens Langhammer c89b8a5f7c web/admin: add UI for reputations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 23:01:45 +02:00
Jens Langhammer 8427fb87f6 tenants: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:47:55 +02:00
Jens Langhammer 3b31b7ce83 core: add http host in log messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:07:54 +02:00
Jens Langhammer 7bd93ed18e web/admin: add webui for tenants
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:55:08 +02:00
Jens Langhammer 477ff85109 flows: migrate flow_unenrollment to tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:44:02 +02:00
Jens Langhammer 3a9f081e1b web/admin: improve persistence for test forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-26 12:08:11 +02:00
Jens Langhammer a237ae3363 web/admin: add Modal to check application access for any user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-26 12:05:17 +02:00
Jens Langhammer c4453f38a2 stages/identification: make shown sources configurable
closes #918

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 16:37:53 +02:00
Jens Langhammer bc39320f86 tests/e2e: fix flow titles not being set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 09:50:03 +02:00
Jens Langhammer af504e13a2 web/admin: fix enable buttons missing on stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:25:38 +02:00
Jens Langhammer 8183a51b72 stages/authenticator_duo: add missing duo device
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:16:29 +02:00
Jens Langhammer ab25610643 website/docs: add duo docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:11:16 +02:00
Jens Langhammer 3b41c662ed stages/authenticator_validate: add Duo support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 22:31:12 +02:00
Jens Langhammer 9f5a3c396d stages/authenticator_duo: initial duo stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 21:10:39 +02:00
Jens Langhammer 9b57f0b81d Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/en.po
#	web/src/locales/pseudo-LOCALE.po
2021-05-22 20:01:16 +02:00
Jens Langhammer 2c816e6162 providers/proxy: don't use https to communicate with outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 18:56:38 +02:00
Jens Langhammer 50308510b4 Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/en.po
#	web/src/locales/pseudo-LOCALE.po
2021-05-22 13:10:04 +02:00
Jens Langhammer dbcb4d46ba web: fix missing flow and policy cache UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 13:04:13 +02:00
Jens Langhammer a603f42cc0 api: add OwnerFilter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 20:46:59 +02:00
Jens Langhammer b3390f0ab4 website/docs: update nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 22:06:55 +02:00
Jens Langhammer be5a6c0310 api: add set_*_url method for Application and Flow to set icon/background to URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 17:18:40 +02:00
Jens Langhammer 349a5b2d00 web/admin: fix flow form not loading data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:19 +02:00
Jens Langhammer 1324ec5146 web/admin: fix flow form not loading data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:09:50 +02:00
Jens Langhammer 07dc648470 web: fix mixed Static/TOTP pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:59:33 +02:00
Jens Langhammer ec8490e105 web: fix remaining API Calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:52:27 +02:00
Jens Langhammer 69668a2a05 web: fix designation for flow lookups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:46:04 +02:00
Jens Langhammer d0f1daf025 admin: make tasks's retry api not ask for a body
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:43:47 +02:00
Jens Langhammer d38fd603dd web: fix more special API Calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:41:02 +02:00
Jens Langhammer ba5374f6e1 web: mass update API calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:24:15 +02:00
Jens Langhammer 7152d7ee01 outposts: fix schema for outposts health
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:10:11 +02:00
Jens Langhammer dde1dabf97 web: pass 2 migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:53:59 +02:00
Jens Langhammer 1f05484e3c web/admin: migrate more components
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:51:58 +02:00
Jens Langhammer 10cb60f48e api: fix pagination not being required in schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:32:13 +02:00
Jens Langhammer 99be97206b web: fix enums
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 15:31:13 +02:00
Jens Langhammer 3ab7588b73 web: Read() to Retrieve()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 14:43:42 +02:00
Jens Langhammer 2d9f216658 web/admin: add notice for LDAP Provider's group selection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:44:01 +02:00
Jens Langhammer 03e134b296 web/admin: fix propertymappings not loading correctly
closes #879

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 10:58:33 +02:00
Jens Langhammer 40503d06b7 web/admin: improve UI for plex source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:12:07 +02:00
Jens Langhammer 3c23ad340f web/admin: improve diagram api for flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:01:40 +02:00
Jens Langhammer 9a0aa4c79b outposts/ldap: add infinite loop prevention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:31:44 +02:00
Jens Langhammer 2190fa555b events/api: fix error when updating transports
closes #866

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:41:30 +02:00
Jens Langhammer 3ad1c3f212 web/admin: fix AuthenticatorValidationStage's form not setting notConfiguredAction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#802
2021-05-12 16:28:14 +02:00
Jens Langhammer 5a802bcf83 web/admin: fix list of outpost status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 22:59:45 +02:00
Jens Langhammer dc2538f59d web/admin: fix outpost health not updating on refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 21:53:19 +02:00
Jens Langhammer fd4e8a59f4 web/admin: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:09:49 +02:00
Jens Langhammer 84dfbcaaae providers/api: return redirect_uris for proxy provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:02:17 +02:00
Jens L 36f7cad23b
Merge pull request #862 from goauthentik/form-refresh-on-save
Form refresh on save
2021-05-11 14:23:32 +02:00
Jens Langhammer e441ac1e43 web/admin: add download links for certificates
closes #861

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 14:21:48 +02:00
Jens Langhammer a6c6f22221 web/admin: add button to copy saml metadata download link
closes #857

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:52:47 +02:00
Jens Langhammer 4352960f83 web/admin: fix error when updating oauth source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:31:33 +02:00
Jens Langhammer 6f8d129dea web/admin: migrate remaining forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:44:50 +02:00
Jens Langhammer 59f339beda web/admin: migrate stage forms to ModelForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:35:53 +02:00
Jens Langhammer ce1c400022 web/admin: migrate policy forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:19:35 +02:00
Jens Langhammer c99afe0ad4 web/admin: remove unused imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:12:31 +02:00
Jens Langhammer ff9ff18c11 web/admin: migrate more forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:05:30 +02:00
Jens Langhammer 4d11d82c6e web/admin: migrate more forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 11:55:25 +02:00
Jens Langhammer b4d750174f web/admin: add modelform as base, start migrating
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 11:48:34 +02:00
Jens Langhammer cd629dfbaa outposts: improve API validation for config attribute, ensure all required attributes are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:24:42 +02:00
Jens Langhammer 5cad59a9f8 providers/proxy: fix being able to set empty internal_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 00:07:34 +02:00
Jens Langhammer d751a7fc4c lib: add user attribute "goauthentik.io/user/override-ips" to allow overriding of client ips
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:42:31 +02:00
Jens Langhammer 1b87375661 lib: add default to config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 17:13:13 +02:00
Jens Langhammer db5279f952 web/admin: default to user active to true
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:17 +02:00
Jens Langhammer 20c1f15dc0 web/admin: fix color-scheme for charts and flow diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 16:25:29 +02:00
Jens Langhammer 979a5f800e web/admin: show callback URL when creating/updating source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:40:02 +02:00
Jens Langhammer e401b4e74e web/admin: fix naming of charts on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:51:54 +02:00
Jens Langhammer 9538ad5710 web/admin: show users and groups as chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:44:53 +02:00
Jens Langhammer 303b847cdc web/admin: rewrite overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:15:27 +02:00
Jens Langhammer 225099b1a1 web/admin: fix error when viewing ldap provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:57:13 +02:00
Jens Langhammer c71d415456 web/admin: load plex servers on load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:15:26 +02:00
Jens Langhammer fa2ff5fc2b sources/plex: save user's plex token, add option to allow friends
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:37:59 +02:00
Jens Langhammer 2cad9a3d07 website/docs: add LDAP Outpost docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 11:48:07 +02:00
Jens Langhammer 0f8dbfcc9c web/admin: hide oauth client secret if not updating
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:58:52 +02:00
Jens Langhammer 99d161e212 Merge branch 'master' into outpost-ldap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
2021-05-04 21:02:20 +02:00
Jens Langhammer 0d370ef0a9 web/admin: filter out service accounts by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:23:13 +02:00
Jens Langhammer e6431593f7 web/admin: auto-select keypair in oauth provider creation when only 1 keypair exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:09:04 +02:00
Jens Langhammer 928c2bf0d6 web/admin: add launch button to application view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:08:46 +02:00
Jens Langhammer 0440ad7c09 web/admin: add missing plex source view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 12:09:35 +02:00
Jens Langhammer 3ebc531ae2 web/admin/sources: fix userMatchingMode not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 12:02:16 +02:00
Jens Langhammer e56c3fc54c Merge branch 'master' into plex-auth 2021-05-03 18:28:53 +02:00
Jens Langhammer 4523550422 stages/invitation: add single_use flag to delete invitation after use
closes #821

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:52:38 +02:00
Jens Langhammer 01d29134b9 sources/plex: add API to redeem token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 16:47:20 +02:00
Jens Langhammer f1b100c8a5 sources/plex: initial plex source implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 14:43:51 +02:00
Jens Langhammer c317efa14c Merge branch 'master' into outpost-ldap 2021-05-01 00:26:55 +02:00
Jens Langhammer 34c45900c2 stages/identification: allow selection of no user fields to only allow login via sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 01:07:37 +02:00
Jens Langhammer b55cb2b40c Merge branch 'master' into outpost-ldap 2021-04-29 20:13:47 +02:00
Jens L 2a409215d3
outpost: forwardAuth mode (#790) 2021-04-29 18:17:10 +02:00
Jens L c4e4e17f93
providers/oauth2: add access_code_validity (#795)
closes #794

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:03:43 +02:00
Jens Langhammer 5769eb277c website/admin: fix sessionDuration not updated on UserLoginStageForm
closes #793

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 09:16:04 +02:00
Jens Langhammer 4d858c64e0 Merge branch 'master' into outpost-ldap 2021-04-27 17:08:26 +02:00
Jens Langhammer ceace0282b web/admin: don't show docker certs as required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:40 +02:00
Jens Langhammer 1d5958a78f providers/ldap: add search_group to limit who can do search requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:25:03 +02:00
Jens Langhammer b3c8ffb96c outposts/ldap: use authorization_flow instead of separate field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:09:41 +02:00
Jens Langhammer b35d9ae8b0 outposts: fix type not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:45:14 +02:00
Jens Langhammer dcd80c6d63 outposts/ldap: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 12:24:46 +02:00
Jens Langhammer d741ed430a web/admin: add UI for LDAP Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 12:12:02 +02:00
Jens Langhammer 5112ef9331 web/admin: fix error when updating identification stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 14:27:23 +02:00
Jens Langhammer 003df44a34 web/admin: adjust phrasing of cards on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 14:07:30 +02:00
Jens Langhammer 0891e43040 web/admin: fix invalid group member count
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 10:36:10 +02:00
Jens Langhammer 1f49aea48d web/admin: fix mismatched required tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 10:33:36 +02:00
Jens Langhammer 499b52df6a root: update urls to github org
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 22:46:48 +02:00
Jens Langhammer 0e35bb18c7 web/admin: fix display for user supseruser status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:18:55 +02:00
Jens Langhammer 7346ccf2b7 web/admin: add description for fields in proxy provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:18:00 +02:00
Jens Langhammer fec098a823 web/admin: only allow policies to be bound to sources as users/groups cannot be checked
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 23:30:37 +02:00
Jens Langhammer 73950b72e5 web/admin: improve phrasing for Policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 23:16:17 +02:00
Jens Langhammer 7ccf8bcdc8 web/admin: only pre-select items when creating a new object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:32:47 +02:00
Jens Langhammer dc75d7b7f0 sources/oauth: fix error whilst fetching user profile when source uses fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:25:59 +02:00
Jens Langhammer 34a191f216 web/admin: fix link to providers on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 16:35:21 +02:00
Jens Langhammer 14d702450a core: add parameter to output property mapping test formatted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:32:36 +02:00
Jens Langhammer 0a1a2a035e web/admin: fix *Test Forms not having a default for codemirrors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:25:16 +02:00
Jens Langhammer 8a6879afa5 core: add superuser_full_list to applications list, shows all applications when superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 16:07:30 +02:00
Jens Langhammer dd2cd09637 web/admin: fix undefined being shown when viewing application
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 19:04:10 +02:00
Jens Langhammer caa5dc1d14 web/admin: improve default selection for property-mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:21:05 +02:00
Jens Langhammer f328b21e89 providers/oauth2: Set CORS Headers for token endpoint, check Origin header against redirect URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:20:50 +02:00
Jens Langhammer 52abd959eb sources/oauth: save null instead of empty string for sources without configurable URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 21:15:06 +02:00