Commit Graph

81 Commits

Author SHA1 Message Date
Jens Langhammer c4f985f542 Revert "root: use custom sentry-sdk"
This reverts commit 302dee7ab2.
2021-12-12 23:52:11 +01:00
Jens Langhammer 302dee7ab2 root: use custom sentry-sdk
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 22:11:20 +01:00
Jens Langhammer e450e7b107 root: add wsproto to default packages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 20:20:28 +01:00
Jens Langhammer 5dd979d66c root: add flower entrypoint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 11:38:57 +01:00
Jens Langhammer d785998c5a Revert "root: disable random tests for now"
This reverts commit 8ba9553220.
2021-11-23 18:46:51 +01:00
Jens Langhammer 8ba9553220 root: disable random tests for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:57:56 +01:00
Jens Langhammer fb70769358 root: add missing importlib-metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 10:11:47 +01:00
Jens L 9bb0d04aeb
root: Random tests (#1825)
* root: add pytest-randomly to randomise tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate flows for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate users for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: use generated certificate

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: keep containers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: use websockets test case

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 22:56:02 +01:00
dependabot[bot] 7a70726d57
build(deps): bump kubernetes from v19.15.0b1 to 19.15.0 (#1675) 2021-10-26 13:24:12 +02:00
Jens Langhammer 98a56c77e3 providers/proxy: update ingress controller to work with k8s 1.22
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 10:00:24 +02:00
Jens Langhammer 36b23c4624 root: coverage with toml support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 09:17:31 +02:00
Jens Langhammer 79b92e764e *: fix typos in code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 00:01:11 +02:00
Jens Langhammer 124071f9be root: remove python requirement from pipfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:37:43 +02:00
dependabot[bot] 7eb97cd2bc
build(deps): bump twisted from 20.3.0 to 21.7.0 (#1198)
Bumps [twisted](https://github.com/twisted/twisted) from 20.3.0 to 21.7.0.
- [Release notes](https://github.com/twisted/twisted/releases)
- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
- [Commits](https://github.com/twisted/twisted/compare/twisted-20.3.0...twisted-21.7.0)

---
updated-dependencies:
- dependency-name: twisted
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:22:44 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138)
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 19:52:55 +02:00
Jens Langhammer 73338bdf32 core: add geo_ip to authenticated sessions if enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:01:20 +02:00
Jens Langhammer 9f5a3c396d stages/authenticator_duo: initial duo stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 21:10:39 +02:00
Jens Langhammer 0db17b9729 root: remove yasg
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:18:04 +02:00
Jens Langhammer 1324d03815 *: initial migration to openapi v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 23:57:28 +02:00
Jens Langhammer c7f0ea8a4b root: update dbbackup to git version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 01:20:31 +02:00
Jens Langhammer 0620324702 root: bump version of psf black
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 00:42:46 +02:00
Jens Langhammer be21a5d172 sources/plex: add general tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:55:55 +02:00
Jens Langhammer f8d6daa928 root: unlock pylint again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:55:36 +02:00
Jens Langhammer afc5dc5543 root: lock pylint to < 2.8
https://github.com/PyCQA/pylint-django/issues/323
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 09:24:18 +02:00
Jens Langhammer 9341787fe7 providers/oauth2: replace deprecated jwkest with pyjwt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 00:02:13 +02:00
Jens Langhammer 69ee18e13d Merge branch 'master' into new-forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
2021-03-30 10:26:18 +02:00
Jens Langhammer 59f5846d1a root: replace bumpversion with bump2version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 09:54:10 +02:00
Jens Langhammer 7d74e1d2c4 *: revert to drf-yasg upstream
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:04:54 +02:00
Jens Langhammer 8155d88db7 root: update linters, remove prospector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 19:52:51 +01:00
Jens Langhammer 919debdd13 root: lock twisted to 20.3.0 whilst its causing issues with uvloop 2021-03-01 16:26:05 +01:00
Jens Langhammer bfc69562d8 root: remove qr and captcha from backend dependencies 2021-02-25 20:06:20 +01:00
Jens Langhammer 20e0fe3941 web: move ak-form-element to separate file 2021-02-21 23:09:08 +01:00
Jens L 8708e487ae
stages: add WebAuthn stage (#550)
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
Jens Langhammer 417b5d61a4 root: add initial geoip implementation 2021-02-12 09:52:14 +01:00
Jens Langhammer 50531b8a36 root: upgrade to python3.9 2020-11-15 16:15:01 +01:00
Jens Langhammer e5e4824920 */saml: fully migrate to xmlsec, remove signxml dependency 2020-11-15 15:20:56 +01:00
Jens Langhammer 9877ef99c4 */saml: fix creation and validation of detached signatures 2020-11-12 11:59:07 +01:00
Jens Langhammer dd0d7e7481 root: switch from drf-yasg to drf_yasg2 and up rest_framework 2020-10-16 23:32:35 +02:00
Jens Langhammer ae125dd1f0 root: fix missing docker dependency 2020-10-04 15:04:07 +02:00
Jens Langhammer 9ef39f1e04 root: update black version 2020-09-30 16:39:15 +02:00
Jens Langhammer 9099dc5713 root: fix missing dependencies of uvicorn 2020-09-30 16:11:28 +02:00
Jens Langhammer 815ad26b91 root: add hard uvloop and httptools dependency 2020-09-30 15:37:15 +02:00
Jens Langhammer acb2b825f3 root: fix pipfile not referencing djangorestframework 2020-09-30 09:23:00 +02:00
Jens Langhammer e956b86649 root: lock rest-framework to 3.11.1 to prevent drf-yasg
See https://github.com/axnsan12/drf-yasg/issues/641
2020-09-30 09:15:48 +02:00
Jens L 23cccebb96
pytest (#209) 2020-09-11 23:21:11 +02:00
Jens L 268de20872
Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
Jens L 0e0898c3cf
Flow exporting/importing (#187)
* stages/*: Add SerializerModel as base model, implement serializer property

* flows: add initial flow exporter and importer

* policies/*: implement .serializer for all policies

* root: fix missing dacite requirement
2020-08-22 00:42:15 +02:00
Jens L ff810c689f
Replace Elastic APM with Sentry APM (#183) 2020-08-20 20:39:21 +02:00
Jens L c7a2410b1d
OAuth Provider Rewrite (#182) 2020-08-19 10:32:44 +02:00