Jens Langhammer
820f658b49
web: add outpost list page
2021-02-08 19:04:19 +01:00
Jens Langhammer
efc46f52e6
outposts: move health to API
2021-02-08 19:01:10 +01:00
Jens Langhammer
3ced67b151
sources/*: simplify source api
2021-02-08 10:25:59 +01:00
Jens Langhammer
830b8bcd5b
web: add page for OAuth2 Provider
2021-02-06 18:39:15 +01:00
Jens Langhammer
91d6a3c8c7
providers/*: simplify provider API
2021-02-06 17:31:29 +01:00
Jens L
a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid ( #533 )
2021-02-06 15:56:21 +00:00
Jens Langhammer
32cf960053
sources/ldap: add property_mappings_group to make group mapping more customisable
2021-02-06 15:27:07 +01:00
Jens Langhammer
14dc420747
sources/ldap: rewrite group membership syncing
2021-02-04 20:06:42 +01:00
Jens Langhammer
178417fe67
web: start implementing provider list
2021-02-04 10:09:19 +01:00
Jens L
e25d03d8f4
Managed objects ( #519 )
...
* managed: add base manager and Ops
* core: use ManagedModel for Token and PropertyMapping
* providers/saml: implement managed objects for SAML Provider
* sources/ldap: migrate to managed
* providers/oauth2: migrate to managed
* providers/proxy: migrate to managed
* *: load .managed in apps
* managed: add reconcile task, run on startup
* providers/oauth2: fix import path for managed
* providers/saml: don't set FriendlyName when mapping is none
* *: use ObjectManager in tests to ensure objects exist
* ci: use vmImage ubuntu-latest
* providers/saml: add new mapping for username and user id
* tests: remove docker proxy
* tests/e2e: use updated attribute names
* docs: update SAML docs
* tests/e2e: fix remaining saml cases
* outposts: make tokens as managed
* *: make PropertyMapping SerializerModel
* web: add page for property-mappings
* web: add codemirror to common_styles because codemirror
* docs: fix member-of in nextcloud
* docs: nextcloud add admin
* web: fix refresh reloading data two times
* web: add loading lock to table to prevent double loads
* web: add ability to use null in QueryArgs (value will be skipped)
* web: add hide option to property mappings
* web: fix linting
2021-02-03 21:18:31 +01:00
Jens Langhammer
cfed41439e
events: add send_once flag to send webhooks only once
2021-02-02 19:34:55 +01:00
Jens Langhammer
5ef4354723
providers/saml: make NameID configurable using a Property Mapping
2021-01-28 22:50:13 +01:00
Jens Langhammer
3d3a0cd9e3
events: create event when system task fails
2021-01-18 10:09:14 +01:00
Jens Langhammer
f959212692
events: make notifications filterable
2021-01-16 19:08:07 +01:00
Jens Langhammer
192dbe05c4
events: triggers -> rules
2021-01-16 14:15:23 +01:00
Jens Langhammer
2e42da11ea
policies/event_matcher: simplify validity checking
2021-01-15 11:26:55 +01:00
Jens Langhammer
6192b2787f
events: notifications: send entire event in API
2021-01-14 17:22:02 +01:00
Jens Langhammer
1342266368
events: include full group in event notification
2021-01-14 17:22:02 +01:00
Jens Langhammer
9fe8554f28
events: make notification read/update only
2021-01-14 17:22:02 +01:00
Jens Langhammer
b6948334f2
policies/event_matcher: fix verbose_name
2021-01-12 23:06:24 +01:00
Jens Langhammer
47ddf0d7f2
web: add UI for notification triggers
2021-01-12 22:26:57 +01:00
Jens Langhammer
8369fa16ae
events: add mode_verbose to transport, return string on send error
2021-01-12 21:51:55 +01:00
Jens L
1ccf6dcf6f
events: Notifications ( #418 )
...
* events: initial alerting implementation
* policies: move error handling to process, ensure policy UUID is saved
* policies: add tests for error handling in PolicyProcess
* events: improve loop detection
* events: add API for action and trigger
* policies: ensure http_request is not used in context
* events: adjust unittests for user handling
* policies/event_matcher: add policy type
* events: add API tests
* events: add middleware tests
* core: make application's provider not required
* outposts: allow blank kubeconfig
* outposts: validate kubeconfig before saving
* api: fix formatting
* stages/invitation: remove invitation_created signal as model_created functions the same
* stages/invitation: ensure created_by is set when creating from API
* events: rebase migrations on master
* events: fix missing Alerts from API
* policies: fix unittests
* events: add tests for alerts
* events: rename from alerting to notifications
* events: add ability to specify severity of notification created
* policies/event_matcher: Add app field to match on event app
* policies/event_matcher: fix EventMatcher not being included in API
* core: use objects.none() when get_queryset is used
* events: use m2m for multiple transports, create notification object in task
* events: add default triggers
* events: fix migrations return value
* events: fix notification_transport not being in the correct queue
* stages/email: allow sending of email without backend
* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
Jens L
82bb179bc2
root: global email settings ( #448 )
...
* root: make global email settings configurable
* stages/email: add use_global_settings
* stages/email: add test_email command to test email sending
* stages/email: update email template
* stages/email: simplify email template path
* stages/email: add support for user-supplied email templates
* stages/email: add tests for sending and templates
* stages/email: only add custom template if permissions are correct
* docs: add custom email template docs
* root: add /templates volume in docker-compose by default
* stages/email: fix form not allowing custom templates
* stages/email: use relative path for custom templates
* stages/email: check if all templates exist on startup, reset
* docs: add global email docs for docker-compose
* helm: add email config to helm chart
* helm: load all secrets with env prefix
* helm: move s3 and smtp secret to secret
* stages/email: fix test for relative name
* stages/email: add argument to send email from existing stage
* stages/email: set uid using slug of message id
* stages/email: ensure template validation ignores migration runs
* docs: add email troubleshooting docs
* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
Jens Langhammer
4fde1b7365
providers/saml: allow audience to be empty
2020-12-30 22:15:28 +01:00
Jens Langhammer
590597caf6
events: replace list view with SPA Page
2020-12-28 14:32:34 +01:00
Jens Langhammer
0e1587bc1a
providers/oauth2: don't write authorization code to event log
2020-12-28 01:07:18 +01:00
Jens Langhammer
ee2e737782
providers/oauth2: remove response_type field as spec doesn't require validation
2020-12-27 18:12:47 +01:00
Jens Langhammer
55322995a1
providers/oauth2: make iss field configurable
2020-12-27 15:02:12 +01:00
Jens Langhammer
5b18e28753
providers/oauth2: fix include_claims_in_id_token not being shown in form/API
2020-12-27 14:05:10 +01:00
Jens Langhammer
fc98c3934a
providers/*: implement configuration_error
2020-12-27 13:15:31 +01:00
Jens Langhammer
5f90f54195
stages/invitation: ensure created_by is set when creating from API
2020-12-27 13:11:28 +01:00
Jens L
a9336f069c
flows: add diagrams ( #415 )
...
* flows: initial diagram implementation
* web: install flowchart.js, add flow diagram page
* web: adjust diagram colours for dark mode
* flows: add permission checks for diagram
* flows: fix formatting
* web: fix formatting for web
* flows: add fix when last stage has policy
* flows: add test for diagram
* web: flows/diagram: add support for light mode
* flows: make Flows's Diagram API return json, add more tests and fix swagger response
2020-12-26 17:05:11 +01:00
Jens Langhammer
3ac3a8eebe
core: fix error during migrations
2020-12-25 23:51:40 +01:00
Jens Langhammer
4998ccbe41
root: update license
2020-12-24 16:01:55 +01:00
Jens Langhammer
c85506f43c
outposts: allow blank kubeconfig
2020-12-24 13:23:14 +01:00
Jens Langhammer
4157a0780d
core: make application's provider not required
2020-12-24 13:23:10 +01:00
Jens L
79da2bf698
web: Table parity ( #427 )
...
* core: fix application API always being sorted by name
* web: add sorting to tables
* web: add search to TablePage
* core: add search to applications API
* core: add MetaNameSerializer
* *: fix signature for non-modal serializers
* providers/*: implement MetaNameSerializer
* web: implement full app list page, use as default in sidebar
* web: fix linting errors
* admin: remove old application list
* web: fix default sorting for application list
* web: fix spacing for search element in toolbar
2020-12-24 09:56:05 +01:00
Jens L
a4dc6d13b5
events: rename audit to events and use for more metrics ( #397 )
...
* events: rename audit to events
* policies/expression: log expression exceptions as event
* policies/expression: add ExpressionPolicy Model to event when possible
* lib/expressions: ensure syntax errors are logged too
* lib: fix lint error
* policies: add execution_logging field
* core: add property mapping tests
* policies/expression: add full test
* policies/expression: fix attribute name
* policies: add execution_logging
* web: fix imports
* root: update swagger
* policies: use dataclass instead of dict for types
* events: add support for dataclass as event param
* events: add special keys which are never cleaned
* policies: add tests for process, don't clean full cache
* admin: create event when new version is seen
* events: move utils to separate file
* admin: add tests for admin tasks
* events: add .set_user method to ensure users have correct attributes set
* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
Jens Langhammer
29f98abd00
root: update swagger
2020-12-16 23:32:14 +01:00
Jens Langhammer
41576e27be
tests/integration: continue even if ssl can't be cleaned up
2020-12-13 21:51:59 +01:00
Jens L
488e8f769a
web: remove policy bindings page ( #370 )
...
* admin: accept ?target for PolicyBindingCreateView
* core: fix rendering of hidden fields in horizontal form
* web: add create button for application's bound policies
* admin: fix delete form not working
* web: fix ak-refresh event not being dispatched correctly
* web: fix linting errors
* admin: fix tests not loading
* build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372 )
Bumps [eslint](https://github.com/eslint/eslint ) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373 )
Bumps [rollup](https://github.com/rollup/rollup ) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374 )
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror ) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371 )
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3 )
Signed-off-by: dependabot[bot] <support@github.com>
* root: update for new bandit version
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add header to bound-policies
* web: fix spacing between bulk_select buttons
* web: add separate ak-bound-policies-list, add flow view page
* web: fix flows' policies not loading
* Squashed commit of the following:
commit e535cb0ec8
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu Dec 10 09:58:07 2020 +0100
build(deps): bump boto3 from 1.16.32 to 1.16.33 (#383 )
Bumps [boto3](https://github.com/boto/boto3 ) from 1.16.32 to 1.16.33.
- [Release notes](https://github.com/boto/boto3/releases )
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst )
- [Commits](https://github.com/boto/boto3/compare/1.16.32...1.16.33 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 8c1f55d3e3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed Dec 9 09:06:45 2020 +0100
build(deps): bump boto3 from 1.16.31 to 1.16.32 (#382 )
Bumps [boto3](https://github.com/boto/boto3 ) from 1.16.31 to 1.16.32.
- [Release notes](https://github.com/boto/boto3/releases )
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst )
- [Commits](https://github.com/boto/boto3/compare/1.16.31...1.16.32 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit c3a2cb44cd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed Dec 9 09:06:29 2020 +0100
build(deps): bump celery from 5.0.3 to 5.0.4 (#380 )
Bumps [celery](https://github.com/celery/celery ) from 5.0.3 to 5.0.4.
- [Release notes](https://github.com/celery/celery/releases )
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst )
- [Commits](https://github.com/celery/celery/compare/v5.0.3...v5.0.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 682401bbf2
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed Dec 9 07:20:45 2020 +0100
build(deps): bump uvicorn from 0.12.3 to 0.13.0 (#381 )
Bumps [uvicorn](https://github.com/encode/uvicorn ) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/encode/uvicorn/releases )
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md )
- [Commits](https://github.com/encode/uvicorn/compare/0.12.3...0.13.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 3e6e167348
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue Dec 8 10:32:00 2020 +0100
build(deps-dev): bump @typescript-eslint/parser in /web (#377 )
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/parser )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit d08c1b7b02
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue Dec 8 10:31:47 2020 +0100
build(deps): bump @sentry/browser from 5.28.0 to 5.29.0 in /web (#378 )
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript ) from 5.28.0 to 5.29.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 94d70d252c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue Dec 8 09:02:37 2020 +0100
build(deps): bump boto3 from 1.16.30 to 1.16.31 (#375 )
Bumps [boto3](https://github.com/boto/boto3 ) from 1.16.30 to 1.16.31.
- [Release notes](https://github.com/boto/boto3/releases )
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst )
- [Commits](https://github.com/boto/boto3/compare/1.16.30...1.16.31 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit ccfe746dd5
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue Dec 8 09:02:28 2020 +0100
build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#376 )
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/eslint-plugin )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit ef5dffa96a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue Dec 8 09:02:16 2020 +0100
build(deps): bump @sentry/tracing from 5.28.0 to 5.29.0 in /web (#379 )
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript ) from 5.28.0 to 5.29.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 2caa1e7650
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon Dec 7 11:21:07 2020 +0100
build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371 )
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3
Bumps [bandit](https://github.com/PyCQA/bandit ) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases )
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3 )
Signed-off-by: dependabot[bot] <support@github.com>
* root: update for new bandit version
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
commit 2246f3a534
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon Dec 7 10:26:01 2020 +0100
build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374 )
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror ) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 95ba00cb79
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon Dec 7 09:09:49 2020 +0100
build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373 )
Bumps [rollup](https://github.com/rollup/rollup ) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit 2ab4d6620f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon Dec 7 09:09:24 2020 +0100
build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372 )
Bumps [eslint](https://github.com/eslint/eslint ) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: fix linting error
* web: simplify sidebar logic
* web: add support for multiple active matchers per sidebar item
* web: move router to elements
* flows: add stage_obj to flows api
* sources/*: make all sources implement SerializerModel
* web: improve listing of stages
* web: implement expandable table
* web/table: use TemplateResult as return value for row()
* web: add empty state, fix link for BoundStageList
* admin: make stage binding form accept ?target like policy binding
* web: fix styles in dark mode for expanding tables
* flows: add policybindingmodel_ptr_id to FlowStageBinding API
* web: improve wording for policies
* web: fix dark theme for tertiary buttons and static modals
* web: implement SourceViewPage
* web: add empty state for BoundPoliciesList
* web: cleanup URLs for FlowStageBindings
* root: remove url attribute from ak-messages
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-12 19:39:09 +01:00
Jens Langhammer
ff15514d5b
stages/identification: add show_matched_user to optionally hide user details
2020-12-06 13:12:32 +01:00
Jens L
1cfe1aff13
wip: rename to authentik ( #361 )
...
* root: initial rename
* web: rename custom element prefix
* root: rename external functions with pb_ prefix
* root: fix formatting
* root: replace domain with goauthentik.io
* proxy: update path
* root: rename remaining prefixes
* flows: rename file extension
* root: pbadmin -> akadmin
* docs: fix image filenames
* lifecycle: ignore migration files
* ci: copy default config from current source before loading last tagged
* *: new sentry dsn
* tests: fix missing python3.9-dev package
* root: add additional migrations for service accounts created by outposts
* core: mark system-created service accounts with attribute
* policies/expression: fix pb_ replacement not working
* web: fix last linting errors, add lit-analyse
* policies/expressions: fix lint errors
* web: fix sidebar display on screens where not all items fit
* proxy: attempt to fix proxy pipeline
* proxy: use go env GOPATH to get gopath
* lib: fix user_default naming inconsistency
* docs: add upgrade docs
* docs: update screenshots to use authentik
* admin: fix create button on empty-state of outpost
* web: fix modal submit not refreshing SiteShell and Table
* web: fix height of app-card and height of generic icon
* web: fix rendering of subtext
* admin: fix version check error not being caught
* web: fix worker count not being shown
* docs: update screenshots
* root: new icon
* web: fix lint error
* admin: fix linting error
* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00
Jens Langhammer
cc5a0c23aa
flows: allow uploading of custom flow backgrounds, update default flow background
2020-12-02 14:40:05 +01:00
Jens Langhammer
1779b4d888
web: more admin overview components
2020-12-01 22:42:11 +01:00
Jens Langhammer
71fbb23a2f
web: add placeholder config, fix sizing of sidebar brand
2020-12-01 13:20:54 +01:00
Jens Langhammer
2a0b4c8f14
web: remove dist from git
2020-11-30 12:50:08 +01:00
Jens Langhammer
1193608631
web: port library page to clientside, router performance improvements
2020-11-30 12:34:26 +01:00
Jens Langhammer
2417d5a59e
policies: add policy_obj to Binding API
2020-11-29 13:57:40 +01:00
Jens Langhammer
2fbf06a1aa
root: fix formatting, update swagger
2020-11-27 18:42:22 +01:00
Jens L
665839133f
Application Icon upload ( #341 )
...
* core: add initial implementation for File Upload
* root: add volumes to docker-compose for file upload
* helm: add pvc for uploads
* core: allow meta_icon to be overwritten with static files
2020-11-23 20:50:19 +01:00
Jens Langhammer
bd9bce4c9b
api: add API for config used in SPA
2020-11-23 11:49:09 +01:00
Jens Langhammer
3c311ca527
core: add avatars to user api
2020-11-22 19:36:40 +01:00
Jens Langhammer
0a8d4eecae
outposts: add docker TLS authentication and verification
2020-11-19 13:10:18 +01:00
Jens Langhammer
e5e4824920
*/saml: fully migrate to xmlsec, remove signxml dependency
2020-11-15 15:20:56 +01:00
Jens Langhammer
9877ef99c4
*/saml: fix creation and validation of detached signatures
2020-11-12 11:59:07 +01:00
Jens Langhammer
e99f6e289b
outposts: fix kubernetes ApiClient not being used
2020-11-09 10:45:08 +01:00
Jens Langhammer
a202679bfb
crypto: fix "Could not deserialize key data." with empty private key
2020-11-08 22:43:35 +01:00
Jens Langhammer
c04d0a373a
admin: add views for outpost service-connections
2020-11-04 13:35:41 +01:00
Jens Langhammer
bd74e518a7
outposts: add *ServiceConnection API
2020-11-04 11:05:40 +01:00
dependabot[bot]
b775f2788c
build(deps): bump channels from 2.4.0 to 3.0.0 ( #309 )
...
* build(deps): bump channels from 2.4.0 to 3.0.0
Bumps [channels](https://github.com/django/channels ) from 2.4.0 to 3.0.0.
- [Release notes](https://github.com/django/channels/releases )
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt )
- [Commits](https://github.com/django/channels/compare/2.4.0...3.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
* root: update for channels 3
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-11-02 10:26:26 +01:00
Jens Langhammer
e805fb62fb
e2e: use docker proxy for test images
2020-10-27 09:50:06 +01:00
Jens Langhammer
a9f3118a7d
docs: add home-assistant integration docs
2020-10-26 22:14:51 +01:00
Jens Langhammer
aeee3ad7f9
e2e: add @retry decorator to make e2e tests more reliable
2020-10-20 18:51:17 +02:00
Jens Langhammer
ef021495ef
flows: revert evaluate_on_call rename for backwards compatibility
2020-10-20 15:41:50 +02:00
Jens Langhammer
870e01f836
flows: rename re_evaluate_policies to evaluate_on_call, add evaluate_on_plan
2020-10-20 15:06:36 +02:00
Jens Langhammer
c698ba37d9
core: add ability for users to create tokens
2020-10-18 15:42:16 +02:00
Jens Langhammer
ee670d5e19
core: add key field to token for easier rotation
2020-10-18 14:34:22 +02:00
Jens Langhammer
c4a30c50ac
stages/consent: add fallback template
2020-10-17 18:18:29 +02:00
Jens Langhammer
c5226fd0e8
admin: add API to list tasks and schedule retry
2020-10-16 14:10:11 +02:00
Jens Langhammer
610b6c7f70
policies: add PolicyAccessView, which does complete access checking
2020-10-11 19:26:20 +02:00
Jens Langhammer
c1eb8317f7
providers/proxy: update phrasing for basic_auth_* attributes
...
closes #265
2020-10-07 19:27:06 +02:00
Jens Langhammer
9df00e09a4
root: fix static docker's rollup build
2020-10-06 00:06:53 +02:00
Jens Langhammer
da9aaf69df
admin: add metrics and charts
2020-10-05 22:10:03 +02:00
Jens Langhammer
189b0ec324
admin: expose info as API
2020-10-04 00:28:58 +02:00
Jens Langhammer
c5a6b4961f
core: Add Token identifier as sudo-primary key
2020-10-04 00:28:43 +02:00
Jens Langhammer
195d8fe71f
core: move name field to base Provider
2020-10-03 20:05:16 +02:00
Jens Langhammer
6cd9edd38a
providers/oauth2: add missing token_validity field to Forms and API
2020-10-01 20:01:28 +02:00
Jens Langhammer
8f585eca70
stages/identification: replace buggy FilteredSelectMultiple with ArrayFieldSelectMultiple
2020-09-30 23:58:01 +02:00
Jens Langhammer
9d5dd896f3
providers/proxy: start implementing basic_auth_enabled
...
see #244
2020-09-30 11:15:22 +02:00
Jens Langhammer
502e43085f
lifecycle: update celery command for 5.0
2020-09-26 02:17:39 +02:00
Jens Langhammer
769ce1c642
e2e: add tests for TOTP Setup, static OTP Setup and otp validation
2020-09-25 20:21:49 +02:00
Jens Langhammer
52101007aa
e2e: bump chrome version
2020-09-25 17:39:25 +02:00
Jens Langhammer
6458b1dbf8
providers/proxy: make upstream SSL Validation configurable
2020-09-23 12:20:14 +02:00
Jens Langhammer
59e8dca499
sources/ldap: divide connector into password, sync and auth, add unittests for password
2020-09-21 21:40:41 +02:00
Jens Langhammer
74251a8883
audit: update swagger for event
2020-09-21 13:41:53 +02:00
Jens Langhammer
f99eaa85ac
sources/ldap: implement LDAP password validation and syncing
2020-09-21 11:46:35 +02:00
Jens Langhammer
a02fcb0a7a
providers/oauth2: use # as separate for code#adfs, check if # exists in response_type and trim
2020-09-19 18:37:50 +02:00
Jens Langhammer
5689f25c39
providers/proxy: add option to skip authentication for paths matching regular expressions
2020-09-19 11:32:04 +02:00
Jens Langhammer
a69c494feb
stages/password: update swagger
2020-09-19 02:20:38 +02:00
Jens Langhammer
fe4a0c3b44
core: add impersonation start/end to audit log
...
also add impersonated user as context to other logs
2020-09-18 23:39:37 +02:00
Jens Langhammer
e0c104ee5c
providers/oauth2: remove post_logout_redirect_uris
2020-09-18 23:37:40 +02:00
Jens Langhammer
4b39c71de0
providers/oauth2: accept token as post param
2020-09-16 23:38:55 +02:00
Jens Langhammer
0a5e14a352
core: make is_superuser a group property, remove from user
2020-09-15 23:10:31 +02:00
Jens Langhammer
5c622cd4d2
providers/oauth2: make sub configurable based on hash, username, email and upn
2020-09-15 20:54:42 +02:00
Jens Langhammer
ca0ba85023
providers/saml: disallow idp-initiated SSO by default and validate Request ID
2020-09-12 00:53:44 +02:00
Jens Langhammer
430905295d
root: automate system migrations, move docker to lifecycle folder
2020-09-10 00:18:39 +02:00
Jens Langhammer
9712be847c
policies/api: fix target returning pbm_uuid instead of proper primary key of the object
2020-09-08 18:05:50 +02:00
Jens Langhammer
28893b9695
flows/transfer: fix missing unique fields for PolicyBinding
2020-09-07 11:26:37 +02:00
Jens L
268de20872
Proxy v2 ( #189 )
2020-09-03 00:04:12 +02:00
Jens Langhammer
c39d136383
flows: add title field
2020-08-28 15:23:03 +02:00
Jens L
0e0898c3cf
Flow exporting/importing ( #187 )
...
* stages/*: Add SerializerModel as base model, implement serializer property
* flows: add initial flow exporter and importer
* policies/*: implement .serializer for all policies
* root: fix missing dacite requirement
2020-08-22 00:42:15 +02:00
Jens L
c7a2410b1d
OAuth Provider Rewrite ( #182 )
2020-08-19 10:32:44 +02:00
Jens Langhammer
7334599efd
*: update JSON fields to django 3.1
2020-08-15 21:04:22 +02:00
Jens Langhammer
ffff69ada0
stages/consent: add unittests for new modes
2020-07-20 18:47:52 +02:00
Jens Langhammer
50612991fa
stages/consent: start implementing user consent
2020-07-20 13:19:58 +02:00
Jens Langhammer
1b0c013d8e
providers/saml: remove processor_path field
2020-07-11 13:28:10 +02:00
Jens Langhammer
d74366f413
policies/hibp: update for flows, add unittests
2020-07-10 20:57:15 +02:00
Jens Langhammer
5bcf2aef8c
policies/password: Add Password Policy tests, update password policy for flows
2020-07-10 20:53:08 +02:00
Jens Langhammer
0e3e73989d
sources/saml: Add NameID Policy field, sent with AuthnRequest
2020-07-08 16:18:09 +02:00
Jens Langhammer
d831599608
core: make autosubmit_form generic template
2020-07-08 14:27:58 +02:00
Jens Langhammer
2e2c9f5287
api: add token authentication
2020-07-05 23:37:58 +02:00
Jens Langhammer
e5165abf04
stages/user_login: Allow changing of session duration
2020-07-04 15:20:45 +02:00
Jens Langhammer
16b966c16e
policies: Show grouped Dropdown for Target
2020-07-04 00:16:16 +02:00
Jens Langhammer
d3b0992456
flows: FlowStageBinding: rename .flow to .target to fix select_subclasses()
2020-07-04 00:14:21 +02:00
Jens Langhammer
6634cc2edf
root: add group_membership policy
2020-07-01 21:18:05 +02:00
Jens Langhammer
d2bf579ff6
stages/otp_static: start implementing static stage
2020-06-30 15:44:34 +02:00
Jens Langhammer
285a69d91f
Merge branch 'master' into otp-rework
2020-06-30 11:23:09 +02:00
Jens Langhammer
bf297b8593
admin: add info about latest version
2020-06-30 10:23:39 +02:00
Jens Langhammer
920858ff72
Merge branch 'master' into otp-rework
...
# Conflicts:
# passbook/flows/models.py
# passbook/stages/otp/models.py
# swagger.yaml
2020-06-29 22:54:18 +02:00
Jens Langhammer
b8654c06bf
flows: remove generic "password change" designation and add setup_stage
2020-06-29 11:12:51 +02:00
Jens Langhammer
8c36ab89e8
stages/otp: start separation into 3 stages, otp_time, otp_static and otp_validate
2020-06-28 10:30:35 +02:00
Jens Langhammer
831e228f80
api: fix SAMLSource missing from API
2020-06-24 22:28:40 +02:00
Jens Langhammer
5e8a1e3c0d
*: make email naming consistent
2020-06-18 19:35:59 +02:00
Jens Langhammer
feba3e2430
stages/prompt: Add username type field
...
add autocomplete attributes for username and password
2020-06-15 19:05:18 +02:00
Jens Langhammer
ee8313142f
Merge branch 'docs-flows'
...
# Conflicts:
# passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens L
4915205678
WIP Use Flows for Sources and Providers ( #32 )
...
* core: start migrating to flows for authorisation
* sources/oauth: start type-hinting
* core: create default user
* core: only show user delete button if an unenrollment flow exists
* flows: Correctly check initial policies on flow with context
* policies: add more verbosity to engine
* sources/oauth: migrate to flows
* sources/oauth: fix typing errors
* flows: add more tests
* sources/oauth: start implementing unittests
* sources/ldap: add option to disable user sync, move connection init to model
* sources/ldap: re-add default PropertyMappings
* providers/saml: re-add default PropertyMappings
* admin: fix missing stage count
* stages/identification: fix sources not being shown
* crypto: fix being unable to save with private key
* crypto: re-add default self-signed keypair
* policies: rewrite cache_key to prevent wrong cache
* sources/saml: migrate to flows for auth and enrollment
* stages/consent: add new stage
* admin: fix PropertyMapping widget not rendering properly
* core: provider.authorization_flow is mandatory
* flows: add support for "autosubmit" attribute on form
* flows: add InMemoryStage for dynamic stages
* flows: optionally allow empty flows from FlowPlanner
* providers/saml: update to authorization_flow
* sources/*: fix flow executor URL
* flows: fix pylint error
* flows: wrap responses in JSON object to easily handle redirects
* flow: dont cache plan's context
* providers/oauth: rewrite OAuth2 Provider to use flows
* providers/*: update docstrings of models
* core: fix forms not passing help_text through safe
* flows: fix HttpResponses not being converted to JSON
* providers/oidc: rewrite to use flows
* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer
0c5aff21bc
stages/identification: minor UI fixes
2020-06-05 17:02:50 +02:00
Jens Langhammer
ef913abc7a
sources/ldap: add option to disable user sync, move connection init to model
2020-06-02 17:15:59 +02:00
Jens Langhammer
4d1658b35e
stages/identification: explicitly define enrollment and recovery
2020-05-31 23:01:08 +02:00
Jens Langhammer
80a36a3441
stages/user_write: don't use create_user, create empty object and set attributes
2020-05-28 23:22:15 +02:00
Jens L
df8995deed
policies/*: remove Policy.negate, order, timeout ( #39 )
...
policies: rewrite engine to use PolicyBinding for order/negate/timeout
policies: rewrite engine to use PolicyResult instead of tuple
2020-05-28 21:45:54 +02:00
Jens L
beabba2890
flows: Load Stages without refreshing the whole page ( #33 )
...
* flows: initial implementation of FlowExecutorShell
* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens Langhammer
cafe2f1e1f
admin: fix linting
2020-05-20 13:59:56 +02:00
Jens L
24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel ( #26 )
...
* *: migrate to per-model UUID Primary key, remove UUIDModel
* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer
7bd65120b9
*: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies
2020-05-16 18:07:00 +02:00
Jens Langhammer
406f69080b
Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
...
This reverts commit 7ed3ceb960
.
2020-05-16 16:02:42 +02:00
Jens Langhammer
7ed3ceb960
*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through
2020-05-16 14:03:57 +02:00
Jens Langhammer
615cd7870d
stages/email: add field to select E-Mail and subject
2020-05-15 14:50:23 +02:00
Jens Langhammer
b907105f4a
policies/expression: expose python requests via expression, remove webhook policy
2020-05-15 12:02:41 +02:00
Jens Langhammer
a7a839a29c
stages/prompt: promptstage based on PolicyBindingModel
2020-05-14 13:51:35 +02:00
Jens Langhammer
fe503c8de0
root: add swagger to repository
2020-05-14 13:45:46 +02:00