trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
12868 commits 95 branches 330 tags 336 MiB
Commit graph

632 commits

Author SHA1 Message Date
Jens Langhammer 2f8dbe9b97 core: handle all exceptions for applications listing 
closes #2382

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-26 16:08:38 +01:00
Jens L 677bcaadd7
core: add initial app launch url (#2367) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-23 22:48:55 +01:00
Jens Langhammer 80f218a6bf core: also handle TypeError for invalid app URL formatting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-17 18:23:11 +01:00
Jens Langhammer 3d577cf15e *: add placeholder custom.css to easily allow user customisation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-14 20:05:00 +01:00
Jens L df362dd9ea
core: handle error when formatting launch URL fails closes #2304 2022-02-14 12:02:51 +01:00
Jens Langhammer e741caa6b3 core: allow formatting strings to be used for applications' launch URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 23:46:23 +01:00
Jens L d5e04a2301
*: remove deprecated backup (#2129) 
* *: remove backup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: final cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: use correct pyproject when migrating from stable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-05 18:54:15 +01:00
Jens Langhammer a5adc4f8ed core: fix view_token permission not being assigned on token creation for non-admin user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-31 20:00:30 +01:00
Jens Langhammer 111fbf119b *: refactor prometheus gauges to directly updating metrics view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-16 13:57:07 +01:00
Jens Langhammer 2543224c7c core: dont return 404 when trying to view key of expired token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-10 17:53:09 +01:00
Jens Langhammer 03503363e5 core: fix UserSelfSerializer's save() overwriting other user attributes 
closes #2070

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-06 18:23:06 +01:00
Jens Langhammer 7b1373e8d6 core: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 23:17:37 +01:00
Jens Langhammer e70b486f20 outposts: handle error in certificate cleanup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 22:53:37 +01:00
Jens Langhammer 5769ff45b5 core: add goauthentik.io/user/can-change-name 
closes #2054

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 19:03:12 +01:00
Jens Langhammer 935a8f4d58 core: add tests for non-applicable flows with flow manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 22:14:52 +01:00
Jens Langhammer 7d3d17acb9 core: add error handling in source flow manager when flow isn't applicable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 21:57:55 +01:00
Jens Langhammer a101d48b5a core: passthrough connection and additional data to FlowManager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
 2022-01-03 21:31:26 +01:00
Jens Langhammer 3e22740eac core: add API endpoint to directly set user's password 
closes #2040

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 13:31:58 +01:00
Jens Langhammer d18a691f63 core: prevent LDAP password being set for internal hash upgrades 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 13:23:42 +01:00
Jens Langhammer 90c31c2214 flows: add test helpers to simplify and improve checking of stages, remove force_str 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-01 20:25:32 +01:00
Jens Langhammer 9154b9b85d web/user: rework user source connection UI 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 21:59:41 +01:00
Jens Langhammer c249b55ff5 *: use py3.10 syntax for unions, remove old Type[] import when possible 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 14:59:01 +01:00
Jens Langhammer ca0250e19f core: add meta theme-color 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-23 18:49:24 +01:00
Jens Langhammer 7fb939f97b core: fix error when getting launch URL for application with non-existent Provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 19:40:29 +01:00
Jens Langhammer 14c159500d core: don't rotate non-api tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-16 19:32:39 +01:00
Jens Langhammer 50ca3dc772 core: fix error when attempting to provider from cached application 
closes #1940

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-15 15:11:13 +01:00
Jens Langhammer 3740e65906 web/admin: add dashboard with user creation/login statistics 
closes #1867

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-14 22:08:41 +01:00
Jens Langhammer 30386cd899 events: add custom manager with helpers for metrics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-14 21:49:33 +01:00
Jens Langhammer e4841d54a1 *: migrate ui_* properties to functions to allow context being passed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 23:56:35 +01:00
Jens Langhammer ede6bcd31e *: remove debug statements from tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 23:41:08 +01:00
Jens Langhammer 29241cc287 core: always inject sentry trace into template 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 17:41:00 +01:00
Jens Langhammer cb6edcb198 core: set tag with request ID 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 16:15:27 +01:00
Jens Langhammer 597ce1eb42 Revert "*: use cache.delete_pattern instead of getting keys and deleting them" 
This reverts commit ff481ba6e7.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/flows/views/executor.py
#	authentik/policies/signals.py
 2021-12-12 20:41:34 +01:00
Jens Langhammer ff481ba6e7 *: use cache.delete_pattern instead of getting keys and deleting them 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-10 21:35:28 +01:00
Jens Langhammer 340a9bc8ee core: fix error when using invalid key-values in attributes query 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-09 19:53:47 +01:00
Jens Langhammer a9bd34f3c5 events: revert to @prefill_task decorator since base class doesn't get executed until task runs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-09 10:18:00 +01:00
Jens Langhammer 1ed2bddba7 root: fix celery task ID not being included in log 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-09 09:36:52 +01:00
Jens Langhammer a91204e5b9 web/user: allow custom font-awesome icons for applications 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1189
 2021-12-06 21:20:15 +01:00
Jens Langhammer c1ea78c422 core: fix missing permission check for group creating when creating service account 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-06 12:33:29 +01:00
Jens Langhammer 317e9ec605 core: add FlowToken which saves the pickled flow plan, replace standard token in email stage to allow finishing flows in different sessions 
closes #1801

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-05 15:20:11 +01:00
Jens Langhammer cf78c89830 events: replace @prefill_task with custom base class to prefill 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 13:47:35 +01:00
Jens Langhammer f0d7edb963 *: fix @prefill_task 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 10:05:51 +01:00
Jens Langhammer 5c54de66fc *: add meta_model_name field to all models with inheritance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-26 10:32:39 +01:00
Jens Langhammer 2c0d8d8943 core: add meta_model_name to MetaNameSerializer to easily show relevant events 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-26 10:27:08 +01:00
Jens L e1ef196283 core: remove dump_config, handle directly in config loader without booting django, don't check database 2021-11-25 13:38:31 +01:00
Jens Langhammer 6ed7d842e4 *: allow URLs without domain and custom schemas 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 22:51:04 +01:00
Jens Langhammer 8794c840cf web: only show applications with http link 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 22:40:31 +01:00
Jens Langhammer 9c9c00755a core: fix test user not having password set properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 22:30:09 +01:00
Jens Langhammer b2d2e7cbc8 tests/e2e: remove logger 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 21:19:33 +01:00
Jens Langhammer 9835785864 core: make test user's password optional 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 19:06:44 +01:00
Jens Langhammer d785998c5a Revert "root: disable random tests for now" 
This reverts commit 8ba9553220.
 2021-11-23 18:46:51 +01:00
Jens Langhammer 8ba9553220 root: disable random tests for now 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 17:57:56 +01:00
Jens Langhammer 6eb132c48b tests/e2e: fix ldap provider tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-23 17:28:35 +01:00
Jens L 9bb0d04aeb
root: Random tests (#1825) 
* root: add pytest-randomly to randomise tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate flows for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate users for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: use generated certificate

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: keep containers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: use websockets test case

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-22 22:56:02 +01:00
Jens Langhammer 638e8d741f *: fix multiple tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-16 10:38:21 +01:00
Jens Langhammer 4b8b800648 stages/*: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 20:58:34 +01:00
Jens Langhammer 6f9ed001a1 crypto: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 20:38:03 +01:00
Jens Langhammer e08077c73a root: replace asgi-based logger with middleware 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 16:32:56 +01:00
Jens Langhammer 88516ba2ca core: make defaults for _change_email and _change_username configurable 
closes #1789

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-13 22:33:03 +01:00
Jens Langhammer 1e8d45dc15 web: write interfaces to different folders and remove custom chunk names 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-10 17:54:50 +01:00
Jens Langhammer cc0832f487 core: force lowercase emails for gravatar usage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-10 12:40:20 +01:00
Jens Langhammer 61b5b36192 core: add command to output full config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-07 21:45:52 +01:00
Jens Langhammer 924a13e832 core: fix auth_method for tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-06 13:04:41 +01:00
dependabot[bot] 8de13d3f67 build(deps): bump goauthentik.io/api from 0.2021102.2 to 0.2021102.4 (#1738) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 09:33:26 +01:00
Jens Langhammer a40c3aeb68 core: make group membership lookup respect parent groups (upwards) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 00:53:56 +01:00
Jens Langhammer 4a89be3048 core: include parent group name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 00:11:17 +01:00
Jens Langhammer f5dc81907a core: add created field to source connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-30 15:02:41 +02:00
Jens Langhammer d70c8fbcc3 core: add API for all user-source connections 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-30 14:36:54 +02:00
Jens Langhammer e771e1857f core: add API to list all authenticator devices 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-29 09:08:48 +02:00
Jens Langhammer 971de4fcb9 core: add USER_ATTRIBUTE_CHANGE_EMAIL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1590 and #1677
 2021-10-27 13:34:11 +02:00
Jens Langhammer 92085f1a3c core: add toggle to completely disable backup mechanism 
closes #1671

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-26 17:04:33 +02:00
Jens Langhammer 3647633232 core: cleanup embedded outpost logging, log user for http requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-20 22:12:49 +02:00
Jens Langhammer 02b4173d30 root: add utm_source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-20 16:34:39 +02:00
Jens Langhammer 61fab497cf core: add user flag to prevent users from changing their usernames 
closes #1590

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-20 16:17:19 +02:00
Jens Langhammer ce812e14c7 core: improve detection for s3 settings to trigger backup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-17 15:56:31 +02:00
Jens Langhammer 4b7399f454 *: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-14 12:21:28 +02:00
Jens Langhammer 2b09d97522 core: fix squash migrations error when AK_ADMIN_TOKEN is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-12 17:45:10 +02:00
Jens L e4f141c6c0
*: Squash Migrations (#1593) 
* *: first squash pass

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/saml: squash less

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix docker controller not correctly checking image

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix old migration reference

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-11 21:39:35 +02:00
Jens Langhammer 8965451073 core: add default for user's settings attribute 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-09 16:01:22 +02:00
Jens Langhammer b33ea9cc61 core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-09 15:35:18 +02:00
Jens Langhammer 9e7e22367b core: include group uuids in self serializer 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 13:10:44 +02:00
Jens Langhammer f5761dc70d core: only return group names for user_self 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 12:31:25 +02:00
Jens Langhammer 16380b3f7a api: ensure viewsets have default ordering 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 11:26:41 +02:00
Jens Langhammer 16f2603130 core: make user's name field fully options 
closes #1537

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 11:23:27 +02:00
Jens Langhammer 847cfed73f web/user: don't show managed tokens in user interface 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 11:11:34 +02:00
Jens L f9ad102915
flows: inspector (#1469) 
* flows: add initial inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: change naming a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flow: add inspector frame

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: don't use shadydom when inspecting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add current stage to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/*: fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: deep-copy plan instead of just adding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: restrict inspector to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add buttons to launch flow with inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: don't automatically follow redirects when inspector is open

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make current_plan optional, only require historry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: handle error messages in inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve UI when flow is done

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add is_completed flag to inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix monkeypatches for tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add inspector tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: re-enable cache

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-28 09:36:48 +02:00
pemontto 674bd9e05c
web/admin: Fix typo 'username address' -> 'username' (#1473) 2021-09-26 12:53:37 +02:00
Jens Langhammer 93bdea3769 core: fix api return code for user self-update 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-24 11:51:03 +02:00
Jens Langhammer d900a2b6a9 *: fix lookup_fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:19:36 +02:00
Jens Langhammer 3f84abec2f core: fix token identifier not being slugified when created with user-controller input 
closes #1390

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 13:43:25 +02:00
Jens Langhammer b5c857aff4 api: add explicit lookup_value_regex, disable include_format_suffixes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 13:42:56 +02:00
Jens Langhammer f6e0f0282d core: fix tokens not being viewable but superusers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 16:11:20 +02:00
Jens Langhammer c85484fc00 core: allow admins to create tokens with all parameters, re-add user to token form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 15:25:48 +02:00
Jens L 13e2eea72f
web/user: new end-user interface (#1404) 
* web/user: migrate to top navbar

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: prepare config from server

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* re-sort

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove old interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update issue template

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use notification badge

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: re-add go-to-admin button

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix remaining redirects directly to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make settings better

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: ensure sources and stages are sorted

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add sessions and consent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/oauth2: add post wrapper to stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add new interface to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 22:17:05 +02:00
Jens L 9441be1ee2
interface split (#943) 2021-09-16 17:30:16 +02:00
Jens Langhammer 341c58a722 core: fix token expiry for service accounts being only 30 minutes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 09:57:34 +02:00
Jens Langhammer 23444f4df0 core: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 18:19:28 +02:00
Jens Langhammer 71e68b498e core: optimise groups api by removing member superuser status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 18:06:37 +02:00
Jens Langhammer 2862b4ecfb core: remove ?v from static files 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 20:09:12 +02:00
Jens Langhammer d0898a3869 flows: ensure all StageViews accept post, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:30:14 +02:00
Jens Langhammer 200e409d91 core: minor query optimization 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 14:02:57 +02:00
Jens Langhammer a016f99450 core: fix user_obj being empty on token API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 12:51:17 +02:00
Jens Langhammer 2ae164df78 *: cleanup api schema warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-26 09:36:41 +02:00
Jens Langhammer 0ccec96490 core: make user optional in token creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 21:21:51 +02:00
Jens Langhammer d79975c409 core: fix user object for token not be setable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 20:43:34 +02:00
Jens Langhammer 20d65035d5 core: fix error when user updates themselves 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 17:52:50 +02:00
Jens Langhammer d7ad5f6a16 core: add API to create service account with token for app password 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 20:09:22 +02:00
Jens Langhammer c60ba91fee core: fix auth saving entire models into session 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 23:59:43 +02:00
Jens Langhammer cba255eaaa Merge branch 'master' into app-passwords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/tests/test_source_flow_manager.py
#	authentik/stages/authenticator_validate/tests.py
#	authentik/stages/password/tests.py
#	scripts/generate_ci_config.py
 2021-08-23 21:21:12 +02:00
Jens L 859cf2bd8f
lib: move id and key generators to lib (#1286) 
* lib: move generators to lib

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: bump default token key size

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix split being used for http basic auth instead of partition

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: don't rethrow error in ActionButton

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:27:38 +02:00
Jens Langhammer a2578ffaad core: add token tests for invalid intent and token auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:21:54 +02:00
Jens Langhammer 27cc5d7138 core: fix authentication error when no request is given 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 19:09:53 +02:00
Jens Langhammer 5face5410f web/admin: select all password stage backends by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 18:08:29 +02:00
Jens Langhammer e27a6fdeeb events: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:48:28 +02:00
Jens Langhammer 033c9a3bd3 core: fix token intent not defaulting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:33:35 +02:00
Jens Langhammer 69a0153619 core: use custom inbuilt backend, set backend login information in flow plan for events 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:09:53 +02:00
Jens Langhammer 00e9b91f56 web/admin: fix missing app passwords backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:47:38 +02:00
Jens Langhammer 4cf76fdcda stages/password: auto-enable app password backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:39:39 +02:00
Jens Langhammer f217d34a98 web/admin: allow users to create app password tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:27:39 +02:00
Jens Langhammer 9a6a3e66b8 root: update schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:14:33 +02:00
Jens Langhammer 20572c728d core: add new token intent and auth backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:05:29 +02:00
Jens Langhammer e4790f9060 core: handle error when ?for_user is not numberical 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:25:18 +02:00
Jens Langhammer 294d70ae4d outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 17:53:09 +02:00
Jens Langhammer 3e909ae6bb core: allow filtering users by the groups they are in 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 16:27:48 +02:00
Jens Langhammer b4f738492d sources/oauth: improve UI with prefilled urls (when customizable) and hiding provider type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:52:41 +02:00
Jens Langhammer d9ece98bbc core: fix token expiration not being updated upon key rotation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:22:42 +02:00
Jens Langhammer 1524efcf51 core: fix expired tokens not being returned by API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:21:53 +02:00
Jens Langhammer c6dddc97f0 core: fix error when migrating with AK_ADMIN_TOKEN set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 22:36:52 +02:00
Jens Langhammer 38292a588b website/docs: add docs for automated installs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:57:58 +02:00
Jens Langhammer e90da9283e core: add support to bootstrap token on initial install using AK_ADMIN_TOKEN in environment 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:45:49 +02:00
Jens Langhammer e0e0f4fa6c core: fix users's group list not allowing blank values 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 20:16:45 +02:00
Jens Langhammer ec95a2bddc core: allow changing of groups a user is in from user api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:31:30 +02:00
Jens Langhammer 557724768a core: add API to directly send recovery link to user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 13:54:59 +02:00
Jens Langhammer 2d5094fdf7 root: fix formatting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-06 00:11:24 +02:00
Jens Langhammer 8044818a4d core: add additional cleanup for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 23:25:40 +02:00
Jens Langhammer 6fe5175f21 core: add UserSelfSerializer and separate method for users to update themselves with limited fields 
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 17:42:19 +02:00
Jens Langhammer 77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00
Jens L f01bc20d44
Embedded outpost (#1193) 
* api: allow API requests as managed outpost's account when using secret_key

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load secret key from env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: make listener IP configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: run outpost in background and pass requests conditionally

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: unify branding to embedded

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix embedded outpost not being editable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix mismatched host detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix LDAP test not including user for embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix user matching

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add tests for secret_key auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load environment variables using github.com/Netflix/go-env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:30:30 +02:00
Jens Langhammer b752540800 core: fix pagination not working correctly with applications API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 19:12:23 +02:00
Jens Langhammer f21ebf5488 core: add tests for flow_manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 23:20:38 +02:00
Jens Langhammer 5615613ed1 core: fix CheckApplication's for_user flag not being checked correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 22:29:15 +02:00
Jens Langhammer 8ae7403abc core: add group filter by member username and pk 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 19:35:41 +02:00
Jens Langhammer f6e1bfdfc8 outpost: fix 100% CPU Usage when not connected to websocket 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 18:57:26 +02:00
Jens Langhammer 8cd1223081 core: add email filter for user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 20:10:42 +02:00
Jens Langhammer b3da94bbb8 core: broaden error catching for propertymappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 22:50:39 +02:00
Jens Langhammer a2c587be43 outposts: don't authenticate as service user for flows to set remote-ip 
set outpost token as additional header and check that token (user) if they can override remote-ip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-19 13:17:13 +02:00
Jens Langhammer aa701c5725 core: don't delete expired tokens, rotate their key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:47:32 +02:00
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:15:14 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 92ba77e9e5 core: fix error when setting icon/background to url longer than 100 chars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:31:32 +02:00
Jens Langhammer 320dab3425 core: only show Reset password link when recovery flow is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:59:41 +02:00
Jens Langhammer becb9e34b5 outposts: fix docker controller not checking env correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 22:17:29 +02:00
Jens Langhammer bd92505bc2 core: add notice about duplicate keys 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 21:52:28 +02:00
dependabot[bot] d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095) 
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: update source for new pylint version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-30 10:37:28 +02:00
Jens Langhammer ba9edd6c44 flows: handle possible errors with FlowPlans received from cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 22:03:48 +02:00
Jens Langhammer 3fe0483dbf core: fix flow background not correctly loading on initial draw 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:29:45 +02:00
Jens Langhammer c6ede78fba core: add support for custom urls for avatars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 12:25:24 +02:00
Jens Langhammer 831b32c279 core: fix PropertyMapping's globals not matching Expression policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 15:54:43 +02:00
Jens Langhammer 70ccc63702 core: remove default flow background from default css, set static in base_full and dynamically in if/flow 
closes #1056

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:37:34 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings 
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 19:52:55 +02:00
Jens Langhammer d4419d66c1 core: fix error when creating AuthenticatedSession without key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:51:48 +02:00
Jens Langhammer 79044368d2 core: fix error getting stages when enrollment flow isn't set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:45:42 +02:00
Jens Langhammer 16c194d2dc core: fix upload api not checking clear properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:34:47 +02:00
Jens Langhammer 53100a72fe stages/identification: fix challenges not being annotated correctly and API client not loading data correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:28:11 +02:00
Jens Langhammer 79508e1965 core: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:41:50 +02:00
Jens Langhammer 3a88dde545 web: fix declaration of Intl 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:13:43 +02:00
Jens Langhammer cabbd18880 core: revert check_access API to get to prevent CSRF errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 21:47:49 +02:00
Jens Langhammer afb84c7bc5 flows: fix error clearing flow background when no files have been uploaded 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 14:14:41 +02:00
Jens Langhammer d789dcc28f core: fix impersonation not working with inactive users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 20:41:02 +02:00
Jens Langhammer 74e4e8f6aa core: delete real session when AuthenticatedSession is deleted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 17:37:32 +02:00
Jens Langhammer 10d949f7a9 stages/password: add constants for password backends 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 12:14:55 +02:00
Jens Langhammer 8d6db0fabf flows: fix configuration URL being set when no flow is configure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 22:07:26 +02:00
Jens L 34ae9e6dab
API: add endpoint to show by what objects an object is used (#995) 
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 11:58:12 +02:00
Jens Langhammer fb8d67a9d9 core: add configure_url to UserSettings for both stages and sources 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 19:21:27 +02:00
Jens Langhammer 90a5c84ac8 core: make EndSessionView inherit PolicyAccessView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 14:07:50 +02:00
Jens Langhammer 9180d448df core: move end-session to core 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 13:56:38 +02:00
Jens Langhammer 0032f535da core: add minor tests for users api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 01:23:04 +02:00
Jens Langhammer 17326615b7 events: rewrite GeoIP to a wrapper, reload file every 8 hours 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 00:42:41 +02:00
Jens Langhammer f5dbdbd48b *: add clear param to file upload API to delete stored file and reset field 
closes #949

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 21:33:03 +02:00
Jens Langhammer 277c2f4aad core: make application.meta_icon nullable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#949
 2021-06-05 21:06:52 +02:00
Jens Langhammer ba3e0a0586 core: fix flow query 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:30:56 +02:00
Jens Langhammer 86b450c6d1 flows: add compatibility_mode to toggle ShadyDOM 
closes #894

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:04:30 +02:00
Jens Langhammer 5e3628bea6 core: add fallback URLs for websocket to cleanup test logs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:26:18 +02:00
Jens Langhammer 290ebef8e3 core: instead of migrating sessions, clear cache on initial upgrade 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:20:25 +02:00
Jens Langhammer 48e68d6852 core: fix token identifier not being set to unique 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 11:45:48 +02:00
Jens Langhammer ed3859800c core: improve API validation for Application's set_icon_url (fix JSON Syntax Error) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 00:39:56 +02:00
Jens Langhammer 06b7f62a40 core: make app's meta_launch_url textfield 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 00:21:20 +02:00
Jens Langhammer 974ddc07f7 web: improve loading of custom favicon 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 21:19:39 +02:00
Jens Langhammer b9773d39c0 core: add tests for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 14:43:00 +02:00
Jens Langhammer fc45d35699 core: add migration for sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 13:08:29 +02:00
Jens Langhammer 73338bdf32 core: add geo_ip to authenticated sessions if enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 01:01:20 +02:00
Jens Langhammer 059da74d1c core: add current attribute to authenticated_session API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:31:41 +02:00
Jens Langhammer 45b8b1e198 core: delete AuthenticatedSession on logout 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:27:33 +02:00
Jens Langhammer 133fc38c05 core: initial authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:15:16 +02:00
Jens Langhammer 3b31b7ce83 core: add http host in log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 19:07:54 +02:00
Jens Langhammer fae8b80ceb core: fix usage of config on templates 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:31:05 +02:00
Jens Langhammer df92f01719 flows: remove default-recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:30:55 +02:00
Jens Langhammer 14f85ec980 tenants: migrate context_processor to tenants 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:01:48 +02:00
Jens Langhammer 523621daa2 core: make application's check_access API return a PolicyResult and accept for_user as superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-26 11:47:23 +02:00
Jens L 53e2b2c784
Prometheus metrics (#914) 
* admin: add worker metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* admin: add version metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add gauge for system tasks

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add gauge for last hello and connection status

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: re-add prometheus metrics to database

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: allow access to metrics without credentials when debug is on

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: add UpdatingGauge to auto-set value on load

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add metrics for cache and building

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: add metrics for policy engine

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add histogram for task durations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: revert to gauge because values are updated on export view

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add gauge to count all models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add metrics for events

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 20:29:34 +02:00
Jens Langhammer 1a0f72d0a8 Merge branch 'version-2021.5' into next 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/stages/authenticator_static/api.py
#	swagger.yaml
 2021-05-21 21:33:18 +02:00
Jens Langhammer a265dd54cc stages/authenticator_*: fix Permission Error when disabling Authenticator as non-superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 21:25:03 +02:00
Jens Langhammer d9a788aac8 api: rename auth to authentication, add authorization for rest_framework permission class 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 20:14:03 +02:00
Jens Langhammer be5a6c0310 api: add set_*_url method for Application and Flow to set icon/background to URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 17:18:40 +02:00
Jens Langhammer 92f2a82c03 providers/oauth2: fix double login required when prompt=login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 01:10:08 +02:00
Jens Langhammer acf1ad91d9 providers/oauth2: fix double login required when prompt=login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-19 23:34:27 +02:00
Jens Langhammer 3cf0f07baf *: fix API Schema for file uploads 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-17 23:12:52 +02:00
Jens Langhammer 759bf59780 core: make filefields readonly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 17:34:55 +02:00
Jens Langhammer 0bac738090 *: fix static response descriptions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 14:07:29 +02:00
Jens Langhammer 1324d03815 *: initial migration to openapi v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 23:57:28 +02:00
Jens Langhammer 465750276c core: fix application's slug field not being set to unique 
closes #881

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 10:49:42 +02:00
Jens Langhammer f9f2e00913 core: improve error handling for backups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 17:56:49 +02:00
Jens Langhammer 0620324702 root: bump version of psf black 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 00:42:46 +02:00
Jens Langhammer e649e9fb03 core: don't use self.get_object for application permission check to prevent 404 when view permission is missing 
closes #864

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 17:35:11 +02:00
Jens Langhammer e33a5528f7 core: catch IntegrityError in flow_manager and deny request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 23:31:39 +02:00
Jens Langhammer dda1d4e0fb core: add more logs to flow_manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 20:27:37 +02:00
Jens Langhammer 55ea9afeec core: fix dark mode on server-side rendered pages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 11:53:53 +02:00
Jens Langhammer 241d790e69 stages/user_write: if any connection is being sent in the plan context, save it to the user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 22:10:20 +02:00
Jens Langhammer 83e08f12ae core: fix arguments not being passed in FlowManager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 22:07:48 +02:00
Jens Langhammer 6526659b51 sources/plex: allow auth for owner (when identifier of source plex token matches) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 21:50:15 +02:00
Jens Langhammer d85e0593f1 core: set attributes on users which are enrolled via source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 19:35:05 +02:00
Jens Langhammer b3a3852a54 core: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 13:58:58 +02:00
Jens Langhammer 49bf82a0a4 core: add user filter by superuser status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 13:44:42 +02:00
Jens Langhammer 446f104c90 core: add user UID to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 11:54:28 +02:00
Jens Langhammer 1a02049104 core: show users and groups when user has overall user permissions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 01:02:47 +02:00
Jens Langhammer d84d7c26ca Merge branch 'master' into outpost-ldap 2021-05-04 23:34:31 +02:00
Jens Langhammer 2f6e6a3123 core: improve messaging when flow manager denied request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 23:30:21 +02:00
Jens Langhammer 99d161e212 Merge branch 'master' into outpost-ldap 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
 2021-05-04 21:02:20 +02:00
Jens Langhammer 4acbda2b77 core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 18:49:27 +02:00
Jens Langhammer 0d370ef0a9 web/admin: filter out service accounts by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 18:23:13 +02:00
Jens Langhammer 6fc38436f4 sources/plex: set better defaults on model 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 21:23:13 +02:00
Jens Langhammer 35faf269db sources: rewrite onboarding 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 20:27:52 +02:00
Jens Langhammer 55250e88e5 sources/*: rewrite UILoginButton to return challenge instead 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 16:46:27 +02:00
Jens Langhammer 19708bc67b core: add additional_data to UILoginButton to pass additional data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 14:43:26 +02:00
Jens Langhammer b55cb2b40c Merge branch 'master' into outpost-ldap 2021-04-29 20:13:47 +02:00
Jens Langhammer bb2c4423b0 core: fix text color of error pages not being white 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-29 15:17:10 +02:00
Jens Langhammer 4d858c64e0 Merge branch 'master' into outpost-ldap 2021-04-27 17:08:26 +02:00
Jens Langhammer 776c3128b8 flows: add tests for stage type, component and ui_user_settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 16:52:50 +02:00
Jens Langhammer 1d5958a78f providers/ldap: add search_group to limit who can do search requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 23:25:03 +02:00
Jens Langhammer 2a122845d9 core: add groups to users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 19:51:24 +02:00
Jens Langhammer fae4d34131 Merge branch 'master' into outpost-ldap 2021-04-26 17:11:50 +02:00
Jens Langhammer 7ff7bfeb58 core: fix incorrect styling for bse_full template 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 16:44:13 +02:00
Jens Langhammer 5fb07acf54 core: add API to check access to single application by slug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 10:08:35 +02:00
Jens Langhammer 502ac51fa7 web: don't enable ShadyDOM on selenium 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-25 01:29:01 +02:00
Jens Langhammer 4bc6fd28d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface 
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-24 23:32:46 +02:00
Jens Langhammer 464a1c0536 api: make 401 messages clearer 
closes #755

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 20:46:57 +02:00
Jens Langhammer 14d702450a core: add parameter to output property mapping test formatted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 18:32:36 +02:00
Jens Langhammer 8a6879afa5 core: add superuser_full_list to applications list, shows all applications when superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 16:07:30 +02:00
Jens Langhammer fdc7f14056 core: fix Tokens being created with incorrect intent by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 15:43:16 +02:00
Jens Langhammer 32c5bf04b8 *: fix linting errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 20:08:49 +02:00