Commit Graph

12113 Commits

Author SHA1 Message Date
Jens L 84fbeb5721
security: fix CVE 2022 46172 (#4275)
* fallback to current user in user_write, add flag to disable user creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update api and web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add cve post to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:12:58 +01:00
Jens Langhammer 01da8e1792
providers/oauth2: optimise and cache signing key, prevent key being loaded multiple times
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 12:04:31 +01:00
Jens Langhammer 6a3a3e5f8d
website: fix duplicate platforms in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:23:41 +01:00
Jens Langhammer 42c278b4f8
root: migrate to hosted sentry with rate-limited DSN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:18:26 +01:00
dependabot[bot] e49bc83266
web: bump @sentry/browser from 7.28.0 to 7.28.1 in /web (#4267)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.28.0 to 7.28.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.28.0...7.28.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:29:03 +01:00
dependabot[bot] 98b7ebec74
web: bump @sentry/tracing from 7.28.0 to 7.28.1 in /web (#4268)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.28.0 to 7.28.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.28.0...7.28.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:26:45 +01:00
dependabot[bot] ccb43a3dfb
web: bump @babel/plugin-proposal-decorators from 7.20.5 to 7.20.7 in /web (#4270)
web: bump @babel/plugin-proposal-decorators in /web

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.20.5 to 7.20.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.7/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:26:32 +01:00
dependabot[bot] c92b2620f5
web: bump @babel/core from 7.20.5 to 7.20.7 in /web (#4269)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.20.5 to 7.20.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.7/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:25:20 +01:00
dependabot[bot] e2bfeefc8b
core: bump dacite from 1.6.0 to 1.7.0 (#4271)
Bumps [dacite](https://github.com/konradhalas/dacite) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/konradhalas/dacite/releases)
- [Changelog](https://github.com/konradhalas/dacite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/konradhalas/dacite/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: dacite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:19:57 +01:00
Jens Langhammer e52c964354
flows: fix redirect from plan context "redirect" not being wrapped in flow response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 23:28:26 +01:00
Jens L c635487210
blueprints: better OCI support in UI (#4263)
use oci:// prefix to detect oci blueprint, add UI support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 18:49:25 +01:00
Jens Langhammer ca6cd8a4d3
website/developer-docs: update release procedure to include CVEs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 18:07:59 +01:00
Jens Langhammer fb09df26c9
core: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 17:56:05 +01:00
Jens Langhammer 30f4a09a88
web/elements: fix alignment for checkboxes in table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 17:31:06 +01:00
Jens Langhammer 7143ea08e6
web/admin: improve i18n for documentation link in outpost form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 17:30:54 +01:00
Jens Langhammer e4e7a112e3
web: use version family subdomain for in-app doc links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 17:03:08 +01:00
Jens Langhammer 4c133b957c
web/user: fix styling for clear all button in notification drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 16:37:49 +01:00
Jens Langhammer 28eb7c03fa
website/developer-docs: add templates for announcing fixed security release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 16:13:21 +01:00
Jens Langhammer 7b01a208a2
web/elements: unselect top checkbox in table when not all elements are selected
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 16:02:04 +01:00
Jens Langhammer db0af3763b web/elements: fix alignment with checkbox in table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 15:12:47 +01:00
Jens Langhammer ab9efcea77 web/elements: fix log level for diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 15:12:30 +01:00
Jens Langhammer d280577830 website: migrate to hosted plausible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 14:47:49 +01:00
Jens Langhammer 36da29aaa2 website/developer-docs: add release procedure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 12:01:34 +01:00
Jens Langhammer 9e1204b645 root: add security mailing list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 11:14:03 +01:00
dependabot[bot] ea2f69a8f8
web: bump yaml from 2.1.3 to 2.2.0 in /web (#4258)
Bumps [yaml](https://github.com/eemeli/yaml) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.3...v2.2.0)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 11:01:29 +01:00
dependabot[bot] 55a705e777
web: bump pyright from 1.1.284 to 1.1.285 in /web (#4259)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.284 to 1.1.285.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.285/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 11:01:20 +01:00
dependabot[bot] cb10289b68
core: bump goauthentik.io/api/v3 from 3.2022113.2 to 3.2022113.3 (#4260)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022113.2 to 3.2022113.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022113.2...v3.2022113.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 11:01:10 +01:00
Jens Langhammer 423776c7a2 website/docs: prepare 2022.12 release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 21:58:57 +01:00
Jens Langhammer e5cfddfc57 web: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 20:25:42 +01:00
Jens Langhammer 1564b898db web/admin: fix alignment in tables with multiple elements in cell
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 20:06:36 +01:00
Jens Langhammer 3b61c6f9b9 web/admin: improve UI for removing users from groups and groups from users
no longer deletes users/groups when they are removed from the opposite

closes #4251 closes #3964

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 19:16:00 +01:00
Jens Langhammer 042865c606 blueprints: add conditions to blueprint schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 18:59:17 +01:00
sdimovv 7f662ac2f3
blueprints: Added conditional entry application (#4167)
* blueprints: Added !AsBool tag

* Renamed AsBool tag to Condition

* Added conditions attributed to BlueprintEntry

* Added docs for the conditions attribute of a blueprint entry

* Website linting fix

* add new tag to vscode settings

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 17:04:00 +00:00
github-actions[bot] e9f5d7aefe
web: bump API Client version (#4257)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-12-21 12:15:29 +01:00
Jens L 609f95ac97
providers: add preview for mappings (#4254)
* preview

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: show provider page on application page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use oauth2 end session url instead of direct interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dont show provider page on application page for now

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add UI for preview

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* translate and release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* separate saml api files

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add api tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 12:13:11 +01:00
dependabot[bot] 0181a90d98
web: bump @sentry/tracing from 7.27.0 to 7.28.0 in /web (#4255)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.27.0 to 7.28.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.27.0...7.28.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-21 10:25:21 +01:00
dependabot[bot] 243f335718
web: bump @sentry/browser from 7.27.0 to 7.28.0 in /web (#4256)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.27.0 to 7.28.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.27.0...7.28.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-21 10:23:17 +01:00
Jens L f4990bb5da
core: bundle geoip (#4250)
* bundle geoip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* correctly pass secrets

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add geoip docs and release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-20 22:09:30 +01:00
Jens Langhammer 980d2a022c web/admin: show bound policies order first to match stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-20 14:59:17 +01:00
Skyler Mäntysaari 81fdd097c6
website/integrations: add note for nextcloud index.php (#4210)
* feat(docs/nextcloud): Updated docs

It was missing the proper syntax for urls with index.php in between.

* feat(docs/nextcloud): Address PR suggestion

* fix formatting, use identical casing for nextcloud

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-20 11:12:15 +01:00
dependabot[bot] 2b4c9657a6
web: bump @typescript-eslint/eslint-plugin from 5.46.1 to 5.47.0 in /web (#4245)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.46.1 to 5.47.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 10:14:30 +01:00
dependabot[bot] 45d30213b3
web: bump @typescript-eslint/parser from 5.46.1 to 5.47.0 in /web (#4246)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.46.1 to 5.47.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 10:07:15 +01:00
dependabot[bot] 7884ff07bb
core: bump sentry-sdk from 1.12.0 to 1.12.1 (#4247)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.12.0...1.12.1)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 10:07:02 +01:00
Jens Langhammer bacf2afed1 internal: remove sentry proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 17:52:07 +01:00
Jens Langhammer 67b45fc4e3 web/admin: break all in code blocks in event info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 13:00:55 +01:00
Jens Langhammer c28f3ab225 web/elements: fix flaky formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 12:58:22 +01:00
Jens Langhammer 027ca88d83 lib: enable sentry profiles_sample_rate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 12:51:22 +01:00
Jens Langhammer 9d5b9204fc web/admin: rework markdown, correctly render Admonitions, fix links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 12:48:02 +01:00
Jens Langhammer 39e0ed2962 web/admin: better show metadata download for saml provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 10:54:51 +01:00
Jens Langhammer 3b973e12a4 blueprints: don't require auth on invalidation flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 10:33:54 +01:00