Commit Graph

7865 Commits

Author SHA1 Message Date
Jens Langhammer 2f3026084e providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:09:49 +01:00
Jens Langhammer 89696edbee website/integrations: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:46 +01:00
Jens Langhammer c1f0833c09 crypto: improve support for non-rsa private keys (discovery)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:22 +01:00
Jens Langhammer c77f804b77 web/user: fix user details not rendering when loading to a different user settings tab and then switching
closes #1664

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 20:13:52 +01:00
Jens Langhammer 8e83209631 stages/authenticator_validate: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:14:35 +01:00
Jens Langhammer 2e48e0cc2f stages/authenticator_validate: fix prompt not triggering when using in non-authentication context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:03:02 +01:00
Jens Langhammer e72f0ab160 stages/authenticator_validation: refuse passwordless flow if flow is not for authentication
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:02:43 +01:00
Jens Langhammer a3c681cc44 website/docs: cleanup old image names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 17:38:09 +01:00
Jens Langhammer 5b3a9e29fb stages/authenticator_validate: add passwordless login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 17:34:46 +01:00
Jens Langhammer 15803dc67d website/docs: revert traefik to not use header regex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 15:30:01 +01:00
dependabot[bot] ff37e064c9
build(deps): bump goauthentik.io/api from 0.2021123.1 to 0.2021123.2 (#1983)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021123.1 to 0.2021123.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021123.1...v0.2021123.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-22 11:58:06 +01:00
github-actions[bot] ef8e922e2a
web: Update Web API Client version (#1982)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-22 11:51:15 +01:00
Jens Langhammer 34b11524f1 tenants: add web certificate field, make authentik's core certificate configurable based on keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
Jens Langhammer 9e2492be5c web/elements: fix link from notification drawer not working in user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:49:10 +01:00
Jens Langhammer b3ba083ff0 internal: cleanup logging, remove duplicate code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:33:21 +01:00
Jens Langhammer 22a8603892 internal: add custom proxy certificates support to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:16:01 +01:00
dependabot[bot] d83d058a4b
build(deps): bump @docusaurus/plugin-client-redirects in /website (#1980) 2021-12-22 09:47:58 +01:00
dependabot[bot] ec3fd4a3ab
build(deps): bump @docusaurus/preset-classic in /website (#1979) 2021-12-22 09:41:01 +01:00
dependabot[bot] 0764668b14
build(deps): bump goauthentik.io/api from 0.2021122.2 to 0.2021123.1 (#1981) 2021-12-22 09:40:00 +01:00
Jens Langhammer 16b6c17305 Revert "policies: don't always clear application cache on post_save"
This reverts commit 5ef385f0bb.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/policies/signals.py
2021-12-22 00:23:19 +01:00
Jens Langhammer e60509697a web/admin: fix explore integration not opening in new tab
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 00:03:28 +01:00
github-actions[bot] 85364af9e9
web: Update Web API Client version (#1978)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-21 21:28:01 +01:00
Jens Langhammer cf4b4030aa release: 2021.12.3 2021-12-21 20:52:08 +01:00
Jens Langhammer 74dc025869 ci: sentry release even when tests fail
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 20:52:03 +01:00
Jens Langhammer cabdc53553 root: fix compose docker image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 20:51:39 +01:00
Jens Langhammer 29e9f399bd website/docs: prepare 2021.12.3 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:50:24 +01:00
Jens Langhammer dad43017a0 web/admin: use SentryIgnoredError for user errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:44:44 +01:00
Jens Langhammer 7fb939f97b core: fix error when getting launch URL for application with non-existent Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:40:29 +01:00
Sem 88859b1c26
website/integrations: Updated Gitea Integration (#1972)
* Updated Gitea Integration

Described a fix to a situation where Gitea might require an additional OIDC mapping in order to make the authentication flow function properly.

* Update index.md

Updated as discussed in PR

* Update index.md

Implementing requested changes
2021-12-21 19:39:27 +01:00
Jens Langhammer c78236a2a2 root: don't set secure cross opener policy
closes #1977

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:22 +01:00
Jens Langhammer ba55538a34 outposts/proxy: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:06 +01:00
Jens Langhammer f742c73e24 outposts/proxy: fix allowlist for forward_auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1970
2021-12-21 15:49:25 +01:00
Jens Langhammer ca314c262c *: revert to using GHCR directly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:54:49 +01:00
Jens Langhammer b932b6c963 website/docs: update log levels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:15:17 +01:00
Jens Langhammer 3c048a1921 outposts/proxy: fix session not expiring correctly due to miscalculation
closes #1976

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:10:57 +01:00
Jens Langhammer 8a60a7e26f providers/proxy: revert to static list of forwarded headers
wildcard is not usable for this since the regular expression doesn't support negative lookahead, meaning we would always forward all headers, including Connection and others

closes #1969

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 12:04:54 +01:00
Jens Langhammer f10b57ba0b outposts/proxy: handle redirect loop in start handler, show error message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 10:07:08 +01:00
dependabot[bot] e53114a645
build(deps): bump @typescript-eslint/eslint-plugin in /web (#1974)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.7.0 to 5.8.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.8.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-21 09:27:57 +01:00
dependabot[bot] 2e50532518
build(deps): bump codemirror from 5.64.0 to 5.65.0 in /web (#1973) 2021-12-21 09:14:27 +01:00
dependabot[bot] 1936ddfecb
build(deps): bump @typescript-eslint/parser from 5.7.0 to 5.8.0 in /web (#1975) 2021-12-21 09:13:50 +01:00
Jens Langhammer 4afef46cb8 ci: improve restore after switching to stable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:47:06 +01:00
Jens Langhammer 92b4244e81 providers/proxy: update traefik regex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1969
2021-12-20 22:43:58 +01:00
Jens Langhammer dfbf7027bc providers/proxy: add traefik.ingress.kubernetes.io/router.tls annotation for ingress
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:24:42 +01:00
Jens Langhammer eca2ef20d0 outposts/proxy: add initial redirect-loop prevention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:21:53 +01:00
Jens Langhammer cac5c7b3ea outposts/proxy: make templates more re-usable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:20:23 +01:00
Jens Langhammer 37ee555c8e outposts/proxy: fix ping URI not being routed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:12:02 +01:00
Jens Langhammer f910da0f8a outposts: fix initial refresh not calling Server.Refresh()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:47:32 +01:00
Jens Langhammer fc9d270992 outposts/ldap: fix log formatter and level not being set correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:46:01 +01:00
Jens Langhammer dcbc3d788a web/admin: fix border for outpost health status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:40:26 +01:00
Jens Langhammer 4658018a90 Revert "outposts: rename outpost"
This reverts commit a5c30fd9c7.
2021-12-20 21:37:31 +01:00