trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
5719 commits 95 branches 330 tags 336 MiB
Commit graph

978 commits

Author SHA1 Message Date
Jens Langhammer add7a80fdc release: 2021.7.2 2021-08-01 19:11:50 +02:00
Jens Langhammer fe629f8b51 web/admin: fix empty column when no invitation expiry was set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:22:02 +02:00
Jens Langhammer 16e6e4c3b7 web/admin: add re-authenticate button for plex 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1205
 2021-08-01 12:33:21 +02:00
Jens Langhammer dc0d715885 web/admin: add UI to copy invitation link 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:33:20 +02:00
Jens Langhammer c8c7202c61 web/admin: fix LDAP Provider bind flow list being empty 
closes #1192

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:35:54 +02:00
Jens Langhammer 602aed674b web/admin: fully remove response cloning due to errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:35:44 +02:00
Jens Langhammer e6b515e3f7 release: 2021.7.1 2021-07-27 10:35:45 +02:00
Jens Langhammer 577aa7ba79 web/admin: add status card for https and timedrift 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 19:58:26 +02:00
Jens Langhammer 64c8ca9b5d web/admin: default to authentication flow for LDAP provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 18:47:59 +02:00
Jens Langhammer 5552e0ffa7 web/admin: add notice for event_retention 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 18:47:46 +02:00
Jens Langhammer 0587ab26e8 web/admin: fix ApplicationView's CheckAccess not sending UserID correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 21:03:32 +02:00
Jens Langhammer 3c9cc9d421 Merge branch 'version-2021.7' 2021-07-24 20:07:42 +02:00
Jens Langhammer 1972464a20 tenants: make event retention configurable on tenant level 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-24 20:07:12 +02:00
Jens Langhammer 3041a30193 release: 2021.7.1-rc2 2021-07-24 18:32:05 +02:00
Jens Langhammer 5a1b912b76 web: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 22:42:45 +02:00
Jens Langhammer 464c27ef17 web: improve UI for event actions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 22:27:51 +02:00
Jens Langhammer 0b34f70205 web/admin: fix missing dark theme for notifications 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 21:27:56 +02:00
Jens Langhammer a4b051fcc1 web: fix icon flashing in header, fix notification header icon in dark mode 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 20:57:06 +02:00
Jens Langhammer ff64814f40 web/admin: improve UI for notification toggle 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 14:17:56 +02:00
Jens Langhammer cbeb6e58ac web: separate websocket connection from messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 13:47:27 +02:00
Jens Langhammer 7f25b6311d web/admin: fix negative count for policies when more cached than total policies 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 00:01:28 +02:00
Jens Langhammer 39ad9d7c9d release: 2021.7.1-rc1 2021-07-21 10:44:40 +02:00
Jens Langhammer 902378af53 providers/oauth2: fix redirect_uris not having blank set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:22:09 +02:00
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:15:14 +02:00
Jens Langhammer 7c2decf5ec providers/ldap: squash migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 09:22:25 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138) 
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
 2021-07-14 09:17:01 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 2036827f04 api: add sentry tunnel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-13 10:58:14 +02:00
Jens Langhammer b7a929d304 web/flows: update background for 2021.7 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 23:12:46 +02:00
Jens Langhammer 7ddb459030 web: fix error when showing error message of request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:06:30 +02:00
Jens Langhammer 90fe1c2ce8 providers/oauth2: allow blank redirect_uris to allow any redirect_uri 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-08 19:28:35 +02:00
Jens Langhammer adc4cd9c0d release: 2021.6.4 2021-07-05 16:59:29 +02:00
Jens Langhammer abed254ca1 web/admin: make table dispatch refresh event on refresh button instead of just fetching 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-05 09:48:14 +02:00
Jens Langhammer 320dab3425 core: only show Reset password link when recovery flow is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:59:41 +02:00
Jens Langhammer ca44f8bd60 web: log response when >= http 400 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:39:10 +02:00
Jens Langhammer d07704fdf1 crypto: show both sha1 and sha256 fingerprints 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:25:27 +02:00
Jens Langhammer 6a4ddcaba7 web/admin: don't use form.reset() for ModelForms, reset instance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 18:26:50 +02:00
Jens Langhammer 2c9b596f01 web/admin: run explicit update after loading instance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:41:42 +02:00
Jens Langhammer 91f7b289cc web/admin: show oauth2 token revoked status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:04:24 +02:00
Jens Langhammer dd53e7e9b1 web/admin: fix ModelForm not re-loading after being reset 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-02 21:21:11 +02:00
Jens Langhammer 680b182d95 release: 2021.6.3 2021-06-29 16:19:07 +02:00
Jens Langhammer c19da839b1 stages/user_write: add create_users_as_inactive flag 
close #1086

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 23:24:54 +02:00
Jens Langhammer 2b1356bb91 flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses 
closes #1079

Default value of `retry` behaves like previous version.

`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 00:22:09 +02:00
Jens Langhammer 7d9c74ce04 tenants: include all default flows in current_tenant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 23:47:49 +02:00
Jens Langhammer 4ec5df6b12 web/admin: fix linting error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 22:30:33 +02:00
Jens Langhammer 0403f6d373 web/admin: add flow export button on flow view page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 22:03:19 +02:00
Jens Langhammer b7f4d15a94 web/admin: fix deletion of authenticator not reloading the state correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 21:22:10 +02:00
Jens Langhammer 56450887ca web/admin: cleanup imports 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 21:14:23 +02:00
Jens Langhammer 9bd613a31d stages/authenticator_duo: fix component not being set in API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:49:58 +02:00
Jens Langhammer 63a28ca1e9 web/admin: fix only recovery flows being selectable for unenrollment flow in tenant form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 19:33:20 +02:00