Jens Langhammer
b99ac01228
release: 2023.5.5
2023-07-06 18:15:56 +02:00
Jens Langhammer
15026748d1
security: fix CVE-2023-36456
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# website/sidebars.js
2023-07-06 18:15:46 +02:00
Jens Langhammer
2739376a2a
release: 2023.5.4
2023-06-22 21:45:33 +02:00
Jens Langhammer
152121175b
bump web api client
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 21:33:02 +02:00
Jens Langhammer
1d57a258f3
ATH-01-012: escape quotation marks
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:48:08 +02:00
Jens Langhammer
f15cac39c8
ATH-01-014: save authenticator validation state in flow context
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:48:05 +02:00
Jens Langhammer
ce77d82b24
ATH-01-010: rework
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:48:03 +02:00
Jens Langhammer
c3fe57197d
ATH-01-009: migrate impersonation to use API
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# authentik/core/urls.py
# web/src/admin/AdminInterface.ts
# web/src/admin/users/RelatedUserList.ts
# web/src/admin/users/UserListPage.ts
# web/src/admin/users/UserViewPage.ts
# web/src/user/UserInterface.ts
# Conflicts:
# authentik/core/urls.py
2023-06-19 13:47:53 +02:00
Jens Langhammer
267938d435
ATH-01-005: use hmac.compare_digest for secret_key authentication
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:47:11 +02:00
Jens Langhammer
6a7c2e0662
ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:47:09 +02:00
Jens Langhammer
5336afb1b4
ATH-01-004: remove env from admin system endpoint
...
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:47:06 +02:00
Jens Langhammer
9bb44055a3
ATH-01-008: fix web forms not submitting correctly when pressing enter
...
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# web/src/admin/applications/ApplicationCheckAccessForm.ts
# web/src/admin/crypto/CertificateGenerateForm.ts
# web/src/admin/flows/FlowImportForm.ts
# web/src/admin/groups/RelatedGroupList.ts
# web/src/admin/policies/PolicyTestForm.ts
# web/src/admin/property-mappings/PropertyMappingTestForm.ts
# web/src/admin/providers/saml/SAMLProviderImportForm.ts
# web/src/admin/users/RelatedUserList.ts
# web/src/admin/users/ServiceAccountForm.ts
# web/src/admin/users/UserPasswordForm.ts
# web/src/admin/users/UserResetEmailForm.ts
# Conflicts:
# web/src/admin/property-mappings/PropertyMappingTestForm.ts
2023-06-19 13:46:52 +02:00
Jens Langhammer
143663d293
ATH-01-010: fix missing user filter for webauthn device
...
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
2023-06-19 13:46:16 +02:00
Jens Langhammer
bd54d034e1
ATH-01-001: resolve path and check start before loading blueprints
...
This is even less of an issue since 411ef239f6
, since with that commit we only allow files that the listing returns
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:46:13 +02:00
Jens Langhammer
be85eecac5
release: 2023.5.3
2023-06-01 19:35:13 +02:00
Jens L
24385c9c68
ci: build outpost binaries statically linked ( #5823 )
2023-05-31 16:58:10 +02:00
Jens L
e141a11475
blueprints: fix API validation with OCI blueprint path ( #5822 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:52:12 +02:00
risson
b055adec2a
ci: replace github bot account with github app ( #5819 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:52:09 +02:00
Jens L
772acb10d6
providers/ldap: fix LDAP Outpost application selection ( #5812 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-31 14:51:46 +02:00
rlew-is
a7bf963409
stages/deny: fix typos ( #5800 )
...
* Fix typo in stage.py
Fix typo in "Cancells the current flow"
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
* Fix typo in models.py
Fix typo in "Cancells the current flow"
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
---------
Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>
2023-05-30 10:54:24 +02:00
Saeverix
317afc932a
web/flows: fix RedirectStage not detecting absolute URLs correctly ( #5781 )
...
* web: getURL() method in RedirectStage.ts now actually detects URLs (#5732 )
Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com>
* use native API to build full URL
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-30 10:54:12 +02:00
Jens Langhammer
5e5a74eebf
release: 2023.5.2
2023-05-26 23:54:12 +02:00
dependabot[bot]
fa87519536
core: bump coverage from 7.2.5 to 7.2.6 ( #5738 )
...
* core: bump coverage from 7.2.5 to 7.2.6
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.5 to 7.2.6.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.5...7.2.6 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* use tagged oauth1 server
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-26 23:33:05 +02:00
Jens L
0deaf25b1f
web/user: fix MFA enroll dropdown broken when password stage has no configuration flow ( #5744 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:21 +02:00
Jens L
47d5fc26cc
events: fix ak_create_event using wrong request for event creation ( #5731 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:14 +02:00
Jens L
9a996e7176
outposts: fix missing radius outpost controller ( #5730 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:11 +02:00
Jens L
554a26442d
blueprints: support custom ports for OCI blueprints ( #5727 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:52:07 +02:00
Jens L
573517bf0a
lib: add tests for ak_create_event ( #5710 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# locale/en/LC_MESSAGES/django.po
2023-05-24 21:51:52 +02:00
Jens L
2cd68dfa87
blueprints: fix check for file path not being run on worker ( #5703 )
2023-05-24 21:51:30 +02:00
Jens L
8029a13be1
core: make groups field for user optional ( #5702 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-24 21:51:23 +02:00
Jens Langhammer
6900ffffd8
release: 2023.5.1
2023-05-18 21:33:38 +02:00
Jens L
873aaf85f9
website/docs: prepare 2023.5.1 release notes ( #5679 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-18 20:34:33 +02:00
Jens L
9c69f67778
sources/ldap: log full exception when user password set fails ( #5678 )
...
* sources/ldap: log full exception when user password set fails
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update authentik/sources/ldap/auth.py
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-18 19:00:17 +02:00
Jens L
6cf7a72831
web/flows: improve UI for TOTP code input ( #5676 )
...
* web/flows: improve UI for TOTP code input
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update phrasing
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-18 18:41:53 +02:00
Sem
7e3b325929
website/integrations: Updated AWS docs for the new IAM Center and SCIM ( #5643 )
...
* Updated AWS Integration docs
Updated the AWS Integration docs to match the new IAM Centre's method.
This includes SCIM.
Signed-off-by: Sem <86064734+justSem@users.noreply.github.com>
* website/docs: Updated AWS Docs
* website/docs: AWS - Updated AWS docs to allow for both methods
* format, cleanup mapping, follow guidelines
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Looks good to me!
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sem <86064734+justSem@users.noreply.github.com>
* final formatting pass
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Sem <86064734+justSem@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-18 11:45:26 +02:00
dependabot[bot]
b916b612c7
core: bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 ( #5670 )
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.1...v1.9.2 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 11:05:42 +02:00
dependabot[bot]
b7c5fc3f1e
ci: bump helm/kind-action from 1.6.0 to 1.7.0 ( #5667 )
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](https://github.com/helm/kind-action/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: helm/kind-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 10:51:48 +02:00
dependabot[bot]
a3ac5ec183
web: bump tslib from 2.5.0 to 2.5.1 in /web ( #5668 )
...
Bumps [tslib](https://github.com/Microsoft/tslib ) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/Microsoft/tslib/releases )
- [Commits](https://github.com/Microsoft/tslib/compare/2.5.0...2.5.1 )
---
updated-dependencies:
- dependency-name: tslib
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 10:50:26 +02:00
dependabot[bot]
d30379ba93
core: bump sentry-sdk from 1.23.0 to 1.23.1 ( #5669 )
...
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python ) from 1.23.0 to 1.23.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases )
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-python/compare/1.23.0...1.23.1 )
---
updated-dependencies:
- dependency-name: sentry-sdk
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 10:49:36 +02:00
dependabot[bot]
12815526c1
core: bump goauthentik.io/api/v3 from 3.2023050.1 to 3.2023050.2 ( #5671 )
...
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go ) from 3.2023050.1 to 3.2023050.2.
- [Release notes](https://github.com/goauthentik/client-go/releases )
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023050.1...v3.2023050.2 )
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 10:48:46 +02:00
Tana M Berry
ed2f0a2d5e
website/docs: edits to full dev env ( #5636 )
...
* edits to install full dev env
* remove json files
* Update website/developer-docs/setup/full-dev-environment.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/developer-docs/setup/full-dev-environment.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/developer-docs/setup/full-dev-environment.md
Co-authored-by: Jens L. <jens@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/developer-docs/setup/full-dev-environment.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/developer-docs/setup/full-dev-environment.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* few tweaks per review
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
2023-05-17 15:44:47 -05:00
Tana M Berry
536d776d02
website/blog: flex-hours-blog-draft-for-review ( #5598 )
...
* blog-draft-for-review
* tweaks
* delete swp file
* further tweaks
* quote marks for title
* edits
* linter
---------
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-05-17 20:21:11 +02:00
authentik Bot
f70d6432e7
web: bump API Client version ( #5664 )
2023-05-17 16:33:55 +02:00
dependabot[bot]
cc08bfb18b
web: bump @lingui/core from 4.1.0 to 4.1.2 in /web ( #5658 )
...
* web: bump @lingui/core from 4.1.0 to 4.1.2 in /web
Bumps [@lingui/core](https://github.com/lingui/js-lingui ) from 4.1.0 to 4.1.2.
- [Release notes](https://github.com/lingui/js-lingui/releases )
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md )
- [Commits](https://github.com/lingui/js-lingui/compare/v4.1.0...v4.1.2 )
---
updated-dependencies:
- dependency-name: "@lingui/core"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* update all of lingui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:20:59 +02:00
Jens L
79dcc30778
providers/radius: add warning message when radius provider is not used with outpost ( #5656 )
...
* providers/radius: add warning message when radius provider is not used with outpost
same message as Proxy and LDAP provider have
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:19:33 +02:00
Jens L
68a1bcf233
providers/SCIM: improve backchannel signalling ( #5657 )
...
* providers/scim: add warning when provider is not used as backchannel provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* providers/scim: don't sync SCIM provider that isn't used as backchannel at all
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 16:19:18 +02:00
Jens L
cd7de4c0b9
sources/ldap: improve error message ( #5653 )
...
* sources/ldap: improve ldap password change error message
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* stages/user_write: handle validation error when updating user
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 15:26:46 +02:00
Jens L
3195a75b9a
web/admin: fix radius provider page ( #5651 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-17 10:56:24 +02:00
dependabot[bot]
886d7832df
ci: bump helm/kind-action from 1.5.0 to 1.6.0 ( #5646 )
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](https://github.com/helm/kind-action/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: helm/kind-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-17 10:30:34 +02:00
dependabot[bot]
a3595a36d2
core: bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 ( #5648 )
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.1 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-17 10:29:49 +02:00