Commit graph

112 commits

Author SHA1 Message Date
Jens Langhammer 97b814ab33 outpost/proxy: show better error when hostname isn't configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 22:45:37 +01:00
Jens Langhammer f069cfb643 outposts/ldap: copy boundUsers map when running refresh instead of using blank map
closes #1651

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 00:26:01 +01:00
Jens Langhammer e7b4363d21 outposts/ldap: fix logic error in cached ldap searcher
closes #1779

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:18:32 +01:00
Jens Langhammer 00324f922d outposts: send SelectedChallenge when using MFA with Go FlowExecutor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 21:27:06 +01:00
Jens Langhammer c98bdbacc5 providers/proxy: return list of configured scope names so outpost requests custom scopes
closes #1762

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 23:06:21 +01:00
Jens Langhammer 202b057ce9 outposts/proxy: fix static files not being served in proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 17:16:13 +01:00
Jens Langhammer e6963c543d outpost: remove analytics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 19:35:53 +01:00
Jens Langhammer ed6659a46d outpost/ldap: don't cleanup user info as it is overwritten on bind
closes #1651

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:41:38 +01:00
Jens Langhammer 4d36699b78 outpost/ldap: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 19:32:11 +01:00
Jens L 5a8c66d325
providers/ldap: memory Query (#1681)
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add basic in-memory searcher

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:37:30 +01:00
Jens Langhammer dd82d55725 outposts: also send outpost type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:08:31 +01:00
Jens Langhammer 8d766efecb root: don't set signal on start when running in ci or dev
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:32:21 +01:00
Jens Langhammer 9ac3b29418 outpost: add lightweight, anonymous metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:10:43 +01:00
Jens Langhammer 8d5460a132 outposts: separate websocket re-connection logic to decrease requests on reconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 21:33:50 +02:00
Jens Langhammer 2e06786869 outpost/ldap: fix logging for mismatched provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 19:49:17 +02:00
Jens Langhammer 02b4173d30 root: add utm_source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 16:34:39 +02:00
Jens Langhammer 4d51ec906d internal/proxyv2: improve error handling when configuring app
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 21:48:11 +02:00
Jens Langhammer 22a7c25526 internal: call GetStore on application to improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 13:33:20 +02:00
Ilya Kogan 9ed236f7ab
outposts/ldap: Support hard coded uidNumber and gidNumber. (#1582) 2021-10-10 23:43:36 +02:00
Jens Langhammer f6e8dbfb5e outposts/proxy: show full error message when user is authenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-02 22:00:37 +02:00
Jens Langhammer 3c1ac4c7ec outposts/proxy: add new headers with unified naming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-02 22:00:23 +02:00
Jens Langhammer 52bbf454e3 outpost/proxy: fix missing negation for internal host ssl verification
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-02 21:17:15 +02:00
Jens Langhammer 2462d58135 outposts/proxy: fix duplicate protocol in domain auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 20:49:00 +02:00
Jens Langhammer 75ef4ce596 tests/e2e: add new ldap object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:57:42 +02:00
Jens Langhammer c2f3ce11b0 outposts/ldap: fix potential panic when converting attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:52:25 +02:00
Jens Langhammer 3c256fecc6 outposts/ldap: add groupofuniquenames
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:49:11 +02:00
Jens Langhammer 0285b84133 outposts/ldap: add query support for all supported object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:42:26 +02:00
Jens Langhammer c7e6eb8896 outposts/ldap: add support for base scope and domain info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:01:22 +02:00
Jens Langhammer b248f450dd outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
closes #1471

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 12:00:51 +02:00
Jens Langhammer 234a5e2b66 outposts: fix outposts not correctly updating central state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 11:40:21 +02:00
Jens Langhammer 9f4a4449f5 outposts/proxy: ensure cookies only last as long as tokens
closes #1462

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 16:12:59 +02:00
Jens Langhammer 27e04589c1 outposts/proxyv2: fix routing not working correctly for domain auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 23:32:16 +02:00
Jens Langhammer ebc06f1abe outposts/ldap: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 13:19:50 +02:00
Jens Langhammer 0f8880ab0a outposts: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 13:14:28 +02:00
Jens Langhammer 1f97420207 outposts/ldap: allow custom attributes to shadow built-in attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 21:59:39 +02:00
Jens Langhammer a92a0fb60a web: migrate to lit 2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 11:19:26 +02:00
Jens Langhammer f771383c4b cmd: fix outpost metrics not being set in embedded mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 12:09:12 +02:00
Jens Langhammer 471f7d9c62 outposts: add consistent name and type to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:14:51 +02:00
Jens Langhammer a6a6b3bd06 outposts: add outpost_name label to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:04:17 +02:00
Jens Langhammer 48ad3dccda outposts/proxy: remove deprecated rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 09:57:47 +02:00
Jens Langhammer 95efd47f65 root: remove asgi error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 12:23:14 +02:00
Jens Langhammer 198e5ce642 outpost: fix crash when common keys are not defined in config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 17:40:48 +02:00
Jens Langhammer 223d9ad414 outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-11 19:30:21 +02:00
Jens Langhammer 9a79bab43d outposts/proxy: fix redirect URL error due to callback url not being joined correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 16:19:29 +02:00
Jens Langhammer 3d042e708a outposts/proxy: always redirect on forward_auth for traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 12:43:57 +02:00
Jens Langhammer 2428d5f1c2 outpost: update global outpost config on refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 12:18:19 +02:00
Jens L 7158c9d2ea
core: metrics v2 (#1370)
* outposts: add ldap metrics, move ping to 9100

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add flow_executor metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use port 9300 for metrics, add core metrics port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/controllers/k8s: add service monitor creation support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:52:24 +02:00
Jens Langhammer e5944567e8 outposts/proxy: fix url not being substituted for sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 11:00:58 +02:00
Jens Langhammer d296c12d01 outposts/proxy: fix redirect when using forward_auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 10:56:20 +02:00
Jens Langhammer 4c3a9e69f2 outposts/proxy: fix securecookie: no codecs provided error with redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 10:23:46 +02:00