Jens Langhammer
c07a48a3ec
security: fix CVE-2023-36456
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# website/sidebars.js
2023-07-06 18:13:19 +02:00
Jens Langhammer
e1bae1240f
release: 2023.4.2
2023-06-22 22:21:53 +02:00
risson
37bd62d291
ci: replace github bot account with github app ( #5819 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:21:48 +02:00
Jens Langhammer
ac63db0136
bump web api client
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 21:27:30 +02:00
Jens Langhammer
5cdf3a09a9
ATH-01-012: escape quotation marks
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:45:47 +02:00
Jens Langhammer
3e17adf33f
ATH-01-014: save authenticator validation state in flow context
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:45:47 +02:00
Jens Langhammer
8392916c84
ATH-01-010: rework
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:45:18 +02:00
Jens Langhammer
7e75a48fd0
ATH-01-009: migrate impersonation to use API
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# authentik/core/urls.py
# web/src/admin/AdminInterface.ts
# web/src/admin/users/RelatedUserList.ts
# web/src/admin/users/UserListPage.ts
# web/src/admin/users/UserViewPage.ts
# web/src/user/UserInterface.ts
2023-06-19 13:45:07 +02:00
Jens Langhammer
d69d84e48c
ATH-01-005: use hmac.compare_digest for secret_key authentication
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:43:09 +02:00
Jens Langhammer
78cc8fa498
ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:43:07 +02:00
Jens Langhammer
0fcdf5e968
ATH-01-004: remove env from admin system endpoint
...
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:43:03 +02:00
Jens Langhammer
f05997740f
ATH-01-008: fix web forms not submitting correctly when pressing enter
...
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# web/src/admin/applications/ApplicationCheckAccessForm.ts
# web/src/admin/crypto/CertificateGenerateForm.ts
# web/src/admin/flows/FlowImportForm.ts
# web/src/admin/groups/RelatedGroupList.ts
# web/src/admin/policies/PolicyTestForm.ts
# web/src/admin/property-mappings/PropertyMappingTestForm.ts
# web/src/admin/providers/saml/SAMLProviderImportForm.ts
# web/src/admin/users/RelatedUserList.ts
# web/src/admin/users/ServiceAccountForm.ts
# web/src/admin/users/UserPasswordForm.ts
# web/src/admin/users/UserResetEmailForm.ts
2023-06-19 13:42:51 +02:00
Jens Langhammer
1aff300171
ATH-01-010: fix missing user filter for webauthn device
...
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
2023-06-19 13:38:31 +02:00
Jens Langhammer
ffb98eaa75
ATH-01-001: resolve path and check start before loading blueprints
...
This is even less of an issue since 411ef239f6
, since with that commit we only allow files that the listing returns
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:38:19 +02:00
Jens Langhammer
5c1db432f0
release: 2023.4.1
2023-04-18 10:50:44 +03:00
Jens Langhammer
07fd4daa3e
Merge branch 'main' into version-2023.4
2023-04-17 22:46:09 +03:00
dependabot[bot]
9faad8a055
web: bump @sentry/browser from 7.47.0 to 7.48.0 in /web ( #5268 )
...
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript ) from 7.47.0 to 7.48.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.47.0...7.48.0 )
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:16:44 +02:00
dependabot[bot]
a94392808f
core: bump goauthentik.io/api/v3 from 3.2023031.17 to 3.2023040.1 ( #5269 )
...
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go ) from 3.2023031.17 to 3.2023040.1.
- [Release notes](https://github.com/goauthentik/client-go/releases )
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023031.17...v3.2023040.1 )
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:13:37 +02:00
dependabot[bot]
c4998e7dd4
web: bump @sentry/tracing from 7.47.0 to 7.48.0 in /web ( #5266 )
...
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript ) from 7.47.0 to 7.48.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.47.0...7.48.0 )
---
updated-dependencies:
- dependency-name: "@sentry/tracing"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:12:32 +02:00
dependabot[bot]
1ab587d80e
website: bump react-before-after-slider-component from 1.1.6 to 1.1.8 in /website ( #5267 )
...
website: bump react-before-after-slider-component in /website
Bumps [react-before-after-slider-component](https://github.com/smeleshkin/react-before-after-slider-component ) from 1.1.6 to 1.1.8.
- [Release notes](https://github.com/smeleshkin/react-before-after-slider-component/releases )
- [Commits](https://github.com/smeleshkin/react-before-after-slider-component/compare/v.1.1.6...v.1.1.8 )
---
updated-dependencies:
- dependency-name: react-before-after-slider-component
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:12:11 +02:00
dependabot[bot]
5715ffd845
website: bump postcss from 8.4.21 to 8.4.22 in /website ( #5265 )
...
Bumps [postcss](https://github.com/postcss/postcss ) from 8.4.21 to 8.4.22.
- [Release notes](https://github.com/postcss/postcss/releases )
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md )
- [Commits](https://github.com/postcss/postcss/compare/8.4.21...8.4.22 )
---
updated-dependencies:
- dependency-name: postcss
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:11:53 +02:00
dependabot[bot]
8c3834e6b2
core: bump pytest from 7.3.0 to 7.3.1 ( #5270 )
...
Bumps [pytest](https://github.com/pytest-dev/pytest ) from 7.3.0 to 7.3.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases )
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pytest-dev/pytest/compare/7.3.0...7.3.1 )
---
updated-dependencies:
- dependency-name: pytest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:11:29 +02:00
dependabot[bot]
f841586153
core: bump importlib-metadata from 6.3.0 to 6.4.1 ( #5271 )
...
Bumps [importlib-metadata](https://github.com/python/importlib_metadata ) from 6.3.0 to 6.4.1.
- [Release notes](https://github.com/python/importlib_metadata/releases )
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst )
- [Commits](https://github.com/python/importlib_metadata/compare/v6.3.0...v6.4.1 )
---
updated-dependencies:
- dependency-name: importlib-metadata
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:11:11 +02:00
dependabot[bot]
b8b681250f
core: bump drf-spectacular from 0.26.1 to 0.26.2 ( #5272 )
...
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular ) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases )
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.26.1...0.26.2 )
---
updated-dependencies:
- dependency-name: drf-spectacular
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:09:08 +02:00
Tana M Berry
3ab9ee5acc
website/docs: separate docker steps ( #5246 )
...
* separated steps for macs
* fixed formatting
* fixed formatting harder
* two passwords
* tweaks
* separated error logging step
* comments in wrong place
---------
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-04-14 17:04:09 -05:00
Jens L
1a4c640835
lifecycle: fix worker healthcheck ( #5259 )
...
closes #5258
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 14:39:31 +02:00
Jens L
38bf0ee740
lifecycle: re-add exec to ak wrapper ( #5253 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 13:52:11 +02:00
Jens L
520fb2fac1
ci: fix tag lookup for previous stable version ( #5257 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 13:51:57 +02:00
authentik Bot
95adc38ff4
web: bump API Client version ( #5256 )
...
Signed-off-by: GitHub <noreply@github.com>
2023-04-14 11:34:14 +00:00
Jens L
55ad2d7eab
website/docs: add helm RBAC notice ( #5255 )
...
website/docs: add helm notice
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 13:21:05 +02:00
Jens L
8160663214
release: 2023.4.0 ( #5254 )
2023-04-14 13:20:22 +02:00
Jens Langhammer
aa80babfff
release: 2023.4.0
2023-04-14 13:28:57 +03:00
Jens L
6a700cb376
core: fix user metrics for users which can't access events ( #5252 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 11:20:26 +02:00
Jens L
e123afd9ee
web/admin: fix impersonate button layout ( #5251 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 11:20:07 +02:00
dependabot[bot]
96e732e45b
web: bump @codemirror/lang-javascript from 6.1.5 to 6.1.6 in /web ( #5247 )
...
Bumps [@codemirror/lang-javascript](https://github.com/codemirror/lang-javascript ) from 6.1.5 to 6.1.6.
- [Release notes](https://github.com/codemirror/lang-javascript/releases )
- [Changelog](https://github.com/codemirror/lang-javascript/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-javascript/compare/6.1.5...6.1.6 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-javascript"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 10:35:25 +02:00
dependabot[bot]
6349ab60e7
web: bump core-js from 3.30.0 to 3.30.1 in /web ( #5248 )
...
Bumps [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js ) from 3.30.0 to 3.30.1.
- [Release notes](https://github.com/zloirock/core-js/releases )
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md )
- [Commits](https://github.com/zloirock/core-js/commits/v3.30.1/packages/core-js )
---
updated-dependencies:
- dependency-name: core-js
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 10:35:12 +02:00
dependabot[bot]
2b0749af6b
core: bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 ( #5249 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 10:34:56 +02:00
Jens L
a5098364eb
events: unpack wrapped query from FlowExecutor ( #5244 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 00:07:41 +02:00
Lars Lehmann
71820191a3
root: fix contributing List points ( #5245 )
2023-04-13 22:48:13 +02:00
Jens L
c08c849fec
website: fix doc build ( #5242 )
...
* ci: run both builds
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 17:20:44 +02:00
Jens L
6a74fa11c6
providers/oauth2: inconsistent client secret generation ( #5241 )
...
* use simpler char set for client secret
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* also adjust radius
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use similar logic in web to generate ids and secrets
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dont use math.random
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 15:06:28 +02:00
dependabot[bot]
7841720acf
core: bump gitpython from 3.1.29 to 3.1.30 ( #5239 )
...
Bumps [gitpython](https://github.com/gitpython-developers/GitPython ) from 3.1.29 to 3.1.30.
- [Release notes](https://github.com/gitpython-developers/GitPython/releases )
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES )
- [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.29...3.1.30 )
---
updated-dependencies:
- dependency-name: gitpython
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 14:15:00 +02:00
Jens L
67644ace87
website/docs: prepare 2023.4 release notes ( #5223 )
...
* website/docs: prepare 2023.4 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add prompt preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* Update website/docs/releases/2023/v2023.4.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* add new release to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-04-13 14:11:46 +02:00
Jens L
f84a10b59b
core: revert django update ( #5236 )
...
* Revert "core: bump django from 4.1.7 to 4.2 (#5151 )"
This reverts commit 18a4eac527
.
* run unittests with postgres 11 and 12
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 14:10:12 +02:00
Jens L
200d6d6adf
website: bump docusaurus ( #5235 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 13:45:51 +02:00
dependabot[bot]
d0f1ebfad3
core: bump packaging from 23.0 to 23.1 ( #5234 )
...
Bumps [packaging](https://github.com/pypa/packaging ) from 23.0 to 23.1.
- [Release notes](https://github.com/pypa/packaging/releases )
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/packaging/compare/23.0...23.1 )
---
updated-dependencies:
- dependency-name: packaging
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 11:31:19 +02:00
dependabot[bot]
7d849d7bd7
core: bump maxmindinc/geoipupdate from v4.11 to v5.0 ( #5233 )
...
Bumps maxmindinc/geoipupdate from v4.11 to v5.0.
---
updated-dependencies:
- dependency-name: maxmindinc/geoipupdate
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 11:30:57 +02:00
Aaron
f1dfe04786
website/integrations: Addition of phpIPAM SAML integration documentation ( #5221 )
...
* website/integrations: Addition of phpIPAM SAML integration documentation
* website/integrations: Addition of phpIPAM SAML integration documentation
* website/integrations: Fix formatting to pass npm prettier checks of new phpIPAM documentation
* website/integrations: Fix typo in certificate for codespell linting.
* website/integrations: Change => to ->. Fix indentation on python expressions. Fix copy/paste error on modules SAML attribute.
---------
Co-authored-by: Aaron Naden <aaron@DESKTOP-H5LSEU8>
2023-04-12 17:28:58 -05:00
dependabot[bot]
4d7d2b8d3a
web: bump pyright from 1.1.302 to 1.1.303 in /web ( #5229 )
...
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright ) from 1.1.302 to 1.1.303.
- [Release notes](https://github.com/Microsoft/pyright/releases )
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.303/packages/pyright )
---
updated-dependencies:
- dependency-name: pyright
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-12 11:21:39 +02:00
dependabot[bot]
a6cc0f189c
web: bump @rollup/plugin-commonjs from 24.0.1 to 24.1.0 in /web ( #5230 )
...
Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs ) from 24.0.1 to 24.1.0.
- [Release notes](https://github.com/rollup/plugins/releases )
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md )
- [Commits](https://github.com/rollup/plugins/commits/commonjs-v24.1.0/packages/commonjs )
---
updated-dependencies:
- dependency-name: "@rollup/plugin-commonjs"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-12 11:20:55 +02:00