Jens Langhammer
|
7e95c756b9
|
internal: set SameSite for outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:21:45 +02:00 |
Jens Langhammer
|
be26b92927
|
internal: cleanup outpost logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:18:06 +02:00 |
Jens Langhammer
|
6f56a61a64
|
website/docs: add docs for advanced SSH config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2916
|
2022-05-21 13:06:54 +02:00 |
Jens Langhammer
|
220d21c3e0
|
release: 2022.5.1
|
2022-05-20 19:34:45 +02:00 |
Jens Langhammer
|
a52638d898
|
internal: fix typo in session name constant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-20 10:10:29 +02:00 |
Jens Langhammer
|
421b003218
|
internal: set path on cookie for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2305
|
2022-05-11 10:08:38 +02:00 |
Jens Langhammer
|
25a4310bb1
|
internal: use Expires not MaxAge for LDAP session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-11 10:04:32 +02:00 |
dependabot[bot]
|
4d755dc0f6
|
build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 (#2843)
* build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.4 to 3.2022041.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5)
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-10 20:33:19 +02:00 |
Jens Langhammer
|
9e1a518689
|
internal: add signal handler for SIGTERM
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-08 23:05:47 +02:00 |
Jens L
|
ab2299ba1e
|
outposts/ldap: cached bind (#2824)
* initial cached ldap bind support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* clean up api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use gh action for golangci-lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-08 16:48:53 +02:00 |
Jens Langhammer
|
84930b4924
|
Revert "internal: fix high cpu when backend isnt healthy"
This reverts commit eb6cfd22a7 .
Revert "root: handle JSON error in metrics too"
This reverts commit 1ede972222 .
Revert "root: don't force multiprocess prometheus registry"
This reverts commit cd1d1b4402 .
Revert "root: add error handling for prometheus view"
This reverts commit c0a883f76f .
|
2022-04-29 18:13:26 +02:00 |
Jens Langhammer
|
eb6cfd22a7
|
internal: fix high cpu when backend isnt healthy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-29 10:03:40 +02:00 |
Jens Langhammer
|
9b9c0fe663
|
release: 2022.4.1
|
2022-04-12 22:07:34 +02:00 |
Jens Langhammer
|
9b6e47e6b8
|
outposts/ldap: fix panic in type conversion when value is nil
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-11 15:52:58 +02:00 |
Jens Langhammer
|
82a999f95d
|
internal: disable HTML encoding in logrus
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-04 22:57:55 +02:00 |
Jens Langhammer
|
b46eb7198b
|
internal: handle log level not being set in config
closes #2650
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-03 13:23:55 +02:00 |
Jens L
|
508cec2fd5
|
web: migrate dropdowns to wizards (#2633)
* web/admin: add basic wizards for providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add dark mode for wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: migrate policies to wizard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* Revert "web/admin: migrate policies to wizard"
This reverts commit d8b7f62d3e .
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# web/src/locales/zh-Hans.po
# web/src/locales/zh-Hant.po
# web/src/locales/zh_TW.po
* web: rewrite wizard to be element based
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* further cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: migrate property mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate misc dropdowns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate outpost integrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-02 19:48:17 +02:00 |
Jens Langhammer
|
51194cbf42
|
outposts/ldap: use backend group num_pk
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-22 23:54:50 +01:00 |
Jens Langhammer
|
86a4a7dcee
|
release: 2022.3.3
|
2022-03-21 22:37:13 +01:00 |
Jens Langhammer
|
b45a442447
|
outposts/ldap: fix contexts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-19 18:28:27 +01:00 |
Simon Siebert
|
75a720ead1
|
outposts/ldap: prevent operations error from nil dereference (#2447)
closes #2526
|
2022-03-19 18:26:26 +01:00 |
Jens Langhammer
|
260a7aac63
|
release: 2022.3.2
|
2022-03-15 00:01:01 +01:00 |
Jens Langhammer
|
fedb81571d
|
release: 2022.3.1
|
2022-03-10 19:12:29 +01:00 |
Jens Langhammer
|
76660e4666
|
internal: add tests with querystring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-07 22:03:36 +01:00 |
Jens Langhammer
|
62a939b91d
|
internal: bump api client to v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-03 10:40:07 +01:00 |
Jens Langhammer
|
6fdf3ad3e5
|
internal/outpost: improve logging and add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2393
|
2022-02-26 22:29:56 +01:00 |
Jens Langhammer
|
fb33906637
|
internal/ldap: fix panic when parsing lists with mixed types
closes #2355
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-22 19:56:55 +01:00 |
Jens Langhammer
|
744f250d05
|
providers/proxy: always set rd param in addition to session to prevent wrong url in session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-18 10:32:22 +01:00 |
Jens Langhammer
|
19b1f3a8c1
|
internal/outpost: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-17 20:50:47 +01:00 |
Jens Langhammer
|
4a1acd377b
|
release: 2022.2.1
|
2022-02-16 10:51:55 +01:00 |
Jens Langhammer
|
45f2c5bae7
|
web/admin: fix invalid URLs in example proxy config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-15 23:24:27 +01:00 |
Jens Langhammer
|
5d8c1aa0b0
|
outposts/proxy: correctly check host in forward domain redirect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
|
2022-02-15 14:58:19 +01:00 |
Jens Langhammer
|
0101368369
|
outposts/proxy: fix logic error in rd argument
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
|
2022-02-15 13:43:55 +01:00 |
Jens Langhammer
|
4854f81592
|
outposts/proxy: correctly handle ?rd= param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
|
2022-02-15 11:05:03 +01:00 |
Jens Langhammer
|
908f123d0e
|
website/docs: update nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-15 10:24:08 +01:00 |
Jens Langhammer
|
3d577cf15e
|
*: add placeholder custom.css to easily allow user customisation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-14 20:05:00 +01:00 |
Jens Langhammer
|
4915e980c5
|
providers/proxy: revert Host header behaviour
closes #2284
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-14 12:39:16 +01:00 |
Jens Langhammer
|
e5a393c534
|
internal: increase logging for no hostname found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-13 14:36:56 +01:00 |
Jens Langhammer
|
1f838bb2aa
|
outposts/proxy: add X-Forwarded-Host since Host now gets changed by the proxy
closes #2284
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-10 23:09:55 +01:00 |
Jens Langhammer
|
8bc3db7c90
|
release: 2022.1.5
|
2022-02-09 22:42:34 +01:00 |
Jens Langhammer
|
e194715c3e
|
internal: fix CSRF error caused by Host header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 14:34:55 +01:00 |
Jens Langhammer
|
02ba493759
|
internal: trace headers and url for backend requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:48:17 +01:00 |
Jens Langhammer
|
a7fea5434d
|
internal: remove uvicorn server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:38:47 +01:00 |
Jens Langhammer
|
4fb783e953
|
internal: improve error handling for internal reverse proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:33:37 +01:00 |
Jens Langhammer
|
affbf85699
|
internal: don't attempt to lookup SNI Certificate if no SNI is sent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:33:25 +01:00 |
Jens L
|
4343246a41
|
*: rename akprox to outpost.goauthentik.io (#2266)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-08 20:25:38 +01:00 |
Jens Langhammer
|
7088a6b0e6
|
providers/proxy: fix Host/:Authority not being modified
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-08 16:30:26 +01:00 |
Jens Langhammer
|
e758995458
|
providers/proxy: improve error handling for invalid backend_override
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-07 19:59:06 +01:00 |
Jens Langhammer
|
654e0d6245
|
providers/proxy: fix nil error in claims
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-03 17:58:38 +01:00 |
Jens Langhammer
|
49dfb4756e
|
release: 2022.1.4
|
2022-02-01 20:12:55 +01:00 |
Jens Langhammer
|
f5cc6c67ec
|
providers/proxy: fix routing for external_host when using forward_auth_domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2180
|
2022-02-01 10:14:46 +01:00 |
Jens Langhammer
|
6021fc0f52
|
providers/proxy: fix backend override persisting for other users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-30 22:29:34 +01:00 |
Jens Langhammer
|
7fd6be5abb
|
providers/proxy: add backend_override
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-30 21:35:08 +01:00 |
Jens Langhammer
|
67d550a80d
|
providers/proxy: don't include hostname and scheme in redirect when we only got a path and not a full URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-27 18:23:08 +01:00 |
Jens Langhammer
|
ebb5711c32
|
providers/proxy: add support for X-Original-URI in nginx, better handle missing headers and report errors to authentik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-27 18:14:02 +01:00 |
Jens Langhammer
|
c55f503b9b
|
release: 2022.1.3
|
2022-01-26 22:15:28 +01:00 |
Jens Langhammer
|
f47c936295
|
internal: add optional debug server listening on 9900
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-25 17:18:53 +01:00 |
Jens Langhammer
|
96ae68cf09
|
internal: make error message less confusing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-25 15:45:21 +01:00 |
Jens Langhammer
|
63b3434b6f
|
website/docs: improve nginx examples
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-25 14:25:21 +01:00 |
Ilya Kogan
|
947ecec02b
|
outposts/ldap: Fix more case sensitivity issues. (#2144)
|
2022-01-25 11:27:27 +01:00 |
Jens Langhammer
|
1c2b452406
|
outposts/proxy: fix potential empty redirect, add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2141
|
2022-01-25 10:57:53 +01:00 |
Jens Langhammer
|
650e2cbc38
|
internal: remove duplicate log messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 22:25:35 +01:00 |
Jens Langhammer
|
b32800ea71
|
outposts/proxy: trace full headers to debug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 22:08:31 +01:00 |
Jens Langhammer
|
e1c0c0b20c
|
internal: don't override server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 22:05:11 +01:00 |
Jens Langhammer
|
2f4c92deb9
|
Merge branch 'version-2022.1'
|
2022-01-24 21:42:12 +01:00 |
Jens Langhammer
|
ef335ec083
|
outposts/proxy: add more test cases for domain-level auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 21:41:15 +01:00 |
Jens Langhammer
|
07b09df3fe
|
internal: add more outpost tests, add support for X-Original-URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 20:50:13 +01:00 |
Jens Langhammer
|
e70e031a1f
|
internal: start adding tests to outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 20:12:25 +01:00 |
Jens Langhammer
|
3d724db0e3
|
release: 2022.1.2
|
2022-01-24 11:28:00 +01:00 |
Jens Langhammer
|
1dce408c72
|
internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 09:30:33 +01:00 |
Jens Langhammer
|
f4a6c70e98
|
release: 2022.1.1
|
2022-01-22 18:28:40 +01:00 |
Jens Langhammer
|
af3fb5c2cd
|
internal: use math.MaxInt for compatibility
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1819
|
2022-01-21 23:11:17 +01:00 |
Jens Langhammer
|
3bfb8b2cb2
|
outposts/proxyv2: allow access to /akprox urls in forward auth mode to make routing in nginx/traefik easier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-21 13:43:16 +01:00 |
Jens Langhammer
|
9fc5ff4b77
|
outposts/proxyv2: fix JWKS url pointing to localhost on embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-21 13:29:51 +01:00 |
Jens Langhammer
|
41e7b9b73f
|
outposts/proxyv2: fix before-redirect url not being saved in proxy mode
closes #2109
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-19 19:16:30 +01:00 |
Jens Langhammer
|
7f47f93e4e
|
internal: cleanup log messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-19 19:01:24 +01:00 |
Jens Langhammer
|
14c7d8c4f4
|
internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2079
|
2022-01-18 23:19:43 +01:00 |
Jens Langhammer
|
819af78e2b
|
internal: make internal go version match python version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-14 10:45:37 +01:00 |
Jens Langhammer
|
c07b8d95d0
|
outposts/proxy: remove deprecated headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-07 17:01:23 +01:00 |
Jens Langhammer
|
bf347730b3
|
outposts/ldap: remove deprecated fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-07 09:52:19 +01:00 |
Jens Langhammer
|
ececfc3a30
|
internal: fix comment formatting for TODOs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-07 09:51:41 +01:00 |
Jens Langhammer
|
c15e4b24a1
|
release: 2021.12.5
|
2022-01-06 21:29:12 +01:00 |
Jens Langhammer
|
c741c13132
|
internal: fix listen attempt on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-03 12:36:11 +01:00 |
Jens Langhammer
|
f246da6b73
|
outposts/proxy: fix error checking for type assertion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-26 14:57:32 +01:00 |
Jens Langhammer
|
27e4c7027c
|
web: fix potential panic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-26 14:24:44 +01:00 |
Jens Langhammer
|
410d1b97cd
|
outposts/proxy: add support for multiple states, when multiple requests are redirect at once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-26 14:16:02 +01:00 |
Jens Langhammer
|
884c546f32
|
outposts: clean up flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-24 19:52:19 +01:00 |
Jens Langhammer
|
47356915b1
|
outposts: fix outpost's sentry not sending release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-23 19:01:32 +01:00 |
Jens Langhammer
|
9c42b75567
|
release: 2021.12.4
|
2021-12-23 10:32:48 +01:00 |
Jens Langhammer
|
87e99625e6
|
internal: update tenant certificates on outpost refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-23 00:38:49 +01:00 |
Jens Langhammer
|
34b11524f1
|
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 11:43:45 +01:00 |
Jens Langhammer
|
b3ba083ff0
|
internal: cleanup logging, remove duplicate code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 10:33:21 +01:00 |
Jens Langhammer
|
22a8603892
|
internal: add custom proxy certificates support to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 10:16:01 +01:00 |
Jens Langhammer
|
cf4b4030aa
|
release: 2021.12.3
|
2021-12-21 20:52:08 +01:00 |
Jens Langhammer
|
ba55538a34
|
outposts/proxy: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-21 19:16:06 +01:00 |
Jens Langhammer
|
f742c73e24
|
outposts/proxy: fix allowlist for forward_auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1970
|
2021-12-21 15:49:25 +01:00 |
Jens Langhammer
|
b932b6c963
|
website/docs: update log levels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-21 13:15:17 +01:00 |
Jens Langhammer
|
3c048a1921
|
outposts/proxy: fix session not expiring correctly due to miscalculation
closes #1976
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-21 13:10:57 +01:00 |
Jens Langhammer
|
f10b57ba0b
|
outposts/proxy: handle redirect loop in start handler, show error message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-21 10:07:08 +01:00 |
Jens Langhammer
|
92b4244e81
|
providers/proxy: update traefik regex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1969
|
2021-12-20 22:43:58 +01:00 |