Commit graph

10453 commits

Author SHA1 Message Date
dependabot[bot] 4da370b458
web: bump @typescript-eslint/parser from 5.45.1 to 5.46.0 in /web (#4186)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.45.1 to 5.46.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:07:27 +01:00
dependabot[bot] aa3e085536
web: bump @sentry/browser from 7.23.0 to 7.24.2 in /web (#4174)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.23.0 to 7.24.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.23.0...7.24.2)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:06:18 +01:00
dependabot[bot] 253b676f7d
website: bump prettier from 2.8.0 to 2.8.1 in /website (#4172)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.0...2.8.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:06:07 +01:00
dependabot[bot] 9f4f911fd3
web: bump prettier from 2.8.0 to 2.8.1 in /web (#4178)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.0...2.8.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:05:40 +01:00
dependabot[bot] 6ebfb5138c
core: bump python from 3.11.0-slim-bullseye to 3.11.1-slim-bullseye (#4185)
Bumps python from 3.11.0-slim-bullseye to 3.11.1-slim-bullseye.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:05:18 +01:00
dependabot[bot] ab8ed8599e
web: bump @typescript-eslint/eslint-plugin from 5.45.1 to 5.46.0 in /web (#4187)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.45.1 to 5.46.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.46.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:05:03 +01:00
dependabot[bot] c76fb2eed0
web: bump lit from 2.4.1 to 2.5.0 in /web (#4188)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.5.0/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-09 12:04:53 +01:00
Jens Langhammer 4d8978ea90 bleuprints: fix flaky test
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-09 11:04:44 +00:00
dependabot[bot] 64540cc870
core: bump certifi from 2022.9.24 to 2022.12.7 (#4184) 2022-12-08 21:44:08 +02:00
dependabot[bot] 5b05884a2b
web: bump typescript from 4.9.3 to 4.9.4 in /web (#4180) 2022-12-08 20:53:53 +02:00
dependabot[bot] eef3ef2165
core: bump golang from 1.19.3-bullseye to 1.19.4-bullseye (#4168) 2022-12-07 12:50:03 +02:00
dependabot[bot] 235296c749
core: bump django from 4.1.3 to 4.1.4 (#4170) 2022-12-07 12:49:18 +02:00
sdimovv 8d13235b74
blueprints: fixed bug causing filtering with an empty query (#4106)
* Fixed bug causing filtering with an empty query

Fixed bug allowing blueprint import to filter for existing models using an empty query.

The code only checks if the `identifiers` dict is empty, but `__query_from_identifier` skips identifier member values of type `dict` or keys == `pk`, so it is possible to produce an empty query if an `identifier` consists of just `dict` type members or "pk" key. 

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>

* Added test case

* Added support for using dict fields as blueprint entry identifiers

* Disabled pylint too-many-locals for _validate_single

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
2022-12-06 12:06:25 +01:00
dependabot[bot] 5ef5c70490
web: bump @typescript-eslint/eslint-plugin from 5.45.0 to 5.45.1 in /web (#4159)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.45.0 to 5.45.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 11:44:33 +01:00
dependabot[bot] 3fe627528e
website: bump react-before-after-slider-component from 1.1.5 to 1.1.6 in /website (#4160)
website: bump react-before-after-slider-component in /website

Bumps [react-before-after-slider-component](https://github.com/smeleshkin/react-before-after-slider-component) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/smeleshkin/react-before-after-slider-component/releases)
- [Commits](https://github.com/smeleshkin/react-before-after-slider-component/compare/v.1.1.5...v.1.1.6)

---
updated-dependencies:
- dependency-name: react-before-after-slider-component
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 11:39:33 +01:00
dependabot[bot] 674eeed763
web: bump eslint-plugin-lit from 1.6.1 to 1.7.0 in /web (#4161)
Bumps [eslint-plugin-lit](https://github.com/43081j/eslint-plugin-lit) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/43081j/eslint-plugin-lit/releases)
- [Commits](https://github.com/43081j/eslint-plugin-lit/compare/v1.6.1...v1.7.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-lit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 11:39:23 +01:00
dependabot[bot] 4bd91180df
web: bump @typescript-eslint/parser from 5.45.0 to 5.45.1 in /web (#4162)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.45.0 to 5.45.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 11:39:03 +01:00
dependabot[bot] 0af4824fa6
core: bump pylint from 2.15.7 to 2.15.8 (#4163)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.15.7 to 2.15.8.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.15.7...v2.15.8)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 11:38:51 +01:00
dependabot[bot] 64eb953593
web: bump @formatjs/intl-listformat from 7.1.6 to 7.1.7 in /web (#4151)
Bumps [@formatjs/intl-listformat](https://github.com/formatjs/formatjs) from 7.1.6 to 7.1.7.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/@formatjs/intl-listformat@7.1.6...@formatjs/intl-listformat@7.1.7)

---
updated-dependencies:
- dependency-name: "@formatjs/intl-listformat"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 13:32:04 +01:00
dependabot[bot] 45704cf20a
web: bump eslint from 8.28.0 to 8.29.0 in /web (#4150)
Bumps [eslint](https://github.com/eslint/eslint) from 8.28.0 to 8.29.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.28.0...v8.29.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 13:31:54 +01:00
dependabot[bot] b5714afac7
core: bump goauthentik.io/api/v3 from 3.2022111.1 to 3.2022112.1 (#4152)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022111.1 to 3.2022112.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022111.1...v3.2022112.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 13:31:30 +01:00
dependabot[bot] ff109206fd
core: bump selenium from 4.7.0 to 4.7.2 (#4153)
Bumps [selenium](https://github.com/SeleniumHQ/Selenium) from 4.7.0 to 4.7.2.
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/commits)

---
updated-dependencies:
- dependency-name: selenium
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 13:31:16 +01:00
Jens Langhammer 49bd028363 website/docs: update release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-03 13:10:16 +02:00
Jens Langhammer 44bf9a890e release: 2022.11.3 2022-12-02 23:00:59 +02:00
Jens Langhammer b60c6d4144 web: bump API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 23:00:45 +02:00
github-actions[bot] ef239e6430
web: bump API Client version (#4142) 2022-12-02 17:29:09 +01:00
Jens Langhammer 58cd6007b2 Merge branch 'version-2022.11' 2022-12-02 18:12:38 +02:00
github-actions[bot] 1dcf6e8962
web: bump API Client version (#4141)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-12-02 16:17:37 +01:00
Jens L db95dfe38d
security: fix CVE 2022 46145 (#4140)
* add flow authentication requirement

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add website for cve

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: handle FlowNonApplicableException without policy result

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 16:14:25 +01:00
Avsynthe 860c85d012
website/integrations: Update Bookstack SAML settings Documentation (#4137)
Update Bookstack SAML settings

Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed.

Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims. Additionally, this will use the user's authentik username rather than real/full name.

Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims

Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>

Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
2022-12-02 11:46:44 +01:00
Jens Langhammer 6ca1654129 lifecycle: don't set user/group in gunicorn
closes #4098 closes #3236

the user and group are inherited from the parent process so this isnt required

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 12:42:55 +02:00
dependabot[bot] a2dc594a44
web: bump @sentry/browser from 7.22.0 to 7.23.0 in /web (#4131)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.22.0 to 7.23.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.22.0...7.23.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 09:52:53 +01:00
dependabot[bot] c6bc8e2ddf
web: bump decode-uri-component from 0.2.0 to 0.2.2 in /web (#4136)
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 09:52:23 +01:00
dependabot[bot] 48a234e86f
web: bump @sentry/tracing from 7.22.0 to 7.23.0 in /web (#4132) 2022-12-02 09:48:14 +01:00
dependabot[bot] cf521eba5a
web: bump @formatjs/intl-listformat from 7.1.4 to 7.1.6 in /web (#4133) 2022-12-02 09:48:04 +01:00
dependabot[bot] 52ebc78aaa
core: bump selenium from 4.6.1 to 4.7.0 (#4134) 2022-12-02 09:47:53 +01:00
sdimovv 1f7d52c5ce
blueprints: Support nested custom tags in !Find and !Format tags (#4127)
* Added support for nested tags to !Find and !Format

* Added tests

* Fix variable names

* Added docs

* Fixed small mistake in tests

* Fixed variable names

* Broke example into multiple lines
2022-12-01 16:10:26 +01:00
Jens Langhammer 3251bdc220 events: improve handling creation of events with non-pickleable objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 15:56:28 +02:00
Bastien Rivière 93fee5f0e5
web: fix authentification with Plex on iOS (#4095)
* web: fix authentification with Plex on iOS

Fixes issue #3822

* fixup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add fallback button

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 13:32:00 +01:00
dependabot[bot] 46c8db7f4b
web: bump @codemirror/lang-html from 6.2.0 to 6.4.0 in /web (#4129)
Bumps [@codemirror/lang-html](https://github.com/codemirror/lang-html) from 6.2.0 to 6.4.0.
- [Release notes](https://github.com/codemirror/lang-html/releases)
- [Changelog](https://github.com/codemirror/lang-html/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-html/compare/6.2.0...6.4.0)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-html"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 09:57:20 +01:00
dependabot[bot] fc74c0209a
web: bump pyright from 1.1.281 to 1.1.282 in /web (#4128)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.281 to 1.1.282.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.282/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 09:53:23 +01:00
dependabot[bot] 07bfc3da1e
core: bump twilio from 7.15.3 to 7.15.4 (#4130)
Bumps [twilio](https://github.com/twilio/twilio-python) from 7.15.3 to 7.15.4.
- [Release notes](https://github.com/twilio/twilio-python/releases)
- [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md)
- [Commits](https://github.com/twilio/twilio-python/compare/7.15.3...7.15.4)

---
updated-dependencies:
- dependency-name: twilio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 09:50:14 +01:00
Jens Langhammer 2a4daa5360 release: 2022.11.2 2022-12-01 10:41:29 +02:00
Jens Langhammer e1a6dede54 *: backport CVE-2022-46145 fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 10:41:26 +02:00
Jens Langhammer cf40e5047e policies: don't log context when policy returns None
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 14:43:47 +02:00
Jens Langhammer 17ee076f3d root: include security policy in website container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 13:05:38 +02:00
Jens Langhammer 4d12a98c5d root: rework and expand security policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 13:05:35 +02:00
Jens Langhammer d5329432fe lib: fix uploaded files not being saved correctly, add tests
closes #4110 #4109 #4107

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 12:48:33 +02:00
Jens Langhammer 8a926aaa73 Revert "web: bump @codemirror/lang-html from 6.2.0 to 6.3.1 in /web (#4122)"
This reverts commit 17fc775fd3.
2022-11-30 10:42:28 +02:00
sdimovv 5156aeee0f
policies/password: Always add generic message to failing zxcvbn check (#4100)
* Always add generic message to failing zxcvbn password policy

Depending on the settings, sometimes a password policy that checks a password with the zxcvbn tool can fail without any message.

For example:
```
$ echo  'Awdccdw1234' | zxcvbn | jq | grep "feedback" -A 5 -B 1
Password: 
  "score": 3,
  "feedback": {
    "warning": "",
    "suggestions": []
  }
}
```

As seen above the tool does not produce any warnings or suggestions for the given password, but if the password policy is set to have a zxcvbn threshold of 3, the policy will silently fail without communicating the reason to the user. 

There are two ways to handle this:
1. Always add a generic "password is too weak" message when the policy fails.
2. Check if there are any suggestions or warnings from the zxcvbn tool and only add the generic message if not.

I personally prefer 1. This way the generic message will  be shown whenever the policy fails, and will get combined with extra "tips" whenever zxcvbn has some.



Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>

* Update authentik/policies/password/models.py

Co-authored-by: Jens L. <jens@beryju.org>
Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>

* Added test case

* fix black formatting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens L. <jens@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 07:58:16 +00:00