Commit graph

12378 commits

Author SHA1 Message Date
gcp-cherry-pick-bot[bot] d9aab79c62
providers/oauth2: fix CVE-2024-21637 (cherry-pick #8104) (#8106)
* providers/oauth2: fix CVE-2024-21637 (#8104)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update changelog

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2024-01-09 18:43:56 +01:00
Jens Langhammer 1516fe86da
release: 2023.8.5 2023-11-21 19:51:16 +01:00
gcp-cherry-pick-bot[bot] abad6c181f
ci: fix permissions for release pipeline to publish binaries (cherry-pick #7512) (#7621)
ci: fix permissions for release pipeline to publish binaries (#7512)

ci: fix permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2023-11-21 19:51:11 +01:00
gcp-cherry-pick-bot[bot] 312eb70349
ci: explicitly give write permissions to packages (cherry-pick #7428) (#7430)
ci: explicitly give write permissions to packages (#7428)

* ci: explicitly give write permissions to packages



* run full CI on cherry-picks



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2023-11-21 19:51:06 +01:00
gcp-cherry-pick-bot[bot] 3af77ab382
security: fix CVE-2023-48228 (cherry-pick #7666) (#7669)
security: fix CVE-2023-48228 (#7666)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2023-11-21 18:13:50 +01:00
Jens Langhammer 72d67f65e5
release: 2023.8.4 2023-10-28 21:44:15 +02:00
Jens L ea75741ec2
security: fix oobe-flow reuse when akadmin is deleted (#7361)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
#	website/docs/releases/2023/v2023.10.md
2023-10-28 21:26:53 +02:00
gcp-cherry-pick-bot[bot] aaa9b398f4
sources/ldap: fix inverted interpretation of FreeIPA nsaccountlock (cherry-pick #6877) (#6879)
sources/ldap: fix inverted interpretation of FreeIPA nsaccountlock (#6877)

sources/ldap: fix inverted interpretation of nsaccountlock

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2023-09-13 19:50:48 +02:00
gcp-cherry-pick-bot[bot] d54d01b118
providers/saml: set WantAuthnRequestsSigned in metadata (cherry-pick #6851) (#6880)
providers/saml: set WantAuthnRequestsSigned in metadata (#6851)

Co-authored-by: Jens L <jens@goauthentik.io>
2023-09-13 19:50:41 +02:00
Jens Langhammer f885f8c039
release: 2023.8.3 2023-09-11 18:55:08 +02:00
Jens L b5b33ce8e9
website/docs: prepare 2023.8.3 release notes (#6843)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:54:58 +02:00
Jens L ec5bd550c7
core: remove celery's duplicate max_tasks_per_child (#6840)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:15:17 +02:00
Jens L fe02720f8d
providers/scim: check that a provider exists before starting scim task (#6841)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:15:12 +02:00
Jens L 67bd622aa4
web/admin: fix flow-search not being able to unset (#6838)
similar to https://github.com/goauthentik/authentik/pull/6767

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 14:16:52 +02:00
Alissa Gerhard dd18f9cd30
sources/ldap: dont prefetch useless items (#6812)
sources/ldap: Fixed fetching of useless data into redis
2023-09-11 12:44:49 +02:00
Alissa Gerhard d36574fc1a
sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single (#6809)
* sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single

* ldap_sync_all runs tasks async so doesn't need longer timeouts

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* bump time more as we run some tasks in serial and add more leeway

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 12:44:40 +02:00
Jens L f2754d278f
root: lock node to 20.5 (#6776)
* root: lock node to 20.5

there are apparently some breaking issues in 20.6 with babel https://github.com/babel/babel/issues/15927

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use same version of setup-node everywhere

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
#	.github/workflows/ci-web.yml
#	.github/workflows/ci-website.yml
2023-09-06 14:01:05 +02:00
Ken Sternberg 25ac04f4e5
web/admin: fix not being able to unset certificates (#6767)
* web: fix 6742: empty web certificate request needs to return null, not undefined

This replaces the `undefined` setting of the certificate search wrapper to
`null` when the admin requests no certificate.

* only set singleton if we don't have an instance

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 14:00:32 +02:00
Jens L ae91689fd8
policies/reputation: require either check to be enabled (#6764)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 14:00:29 +02:00
Jens L aa209efa90
stages/password: fix failed_attempts_before_cancel allowing one too m… (#6763)
* stages/password: fix failed_attempts_before_cancel allowing one too many tries

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 14:00:24 +02:00
Jens L 7e9e2ec53d
web: don't import entire SourceViewPage in flow and user interface (#6761)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 14:00:16 +02:00
dependabot[bot] 77e7c31567
core: bump django from 4.2.4 to 4.2.5 (#6751)
Bumps [django](https://github.com/django/django) from 4.2.4 to 4.2.5.
- [Commits](https://github.com/django/django/compare/4.2.4...4.2.5)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-06 13:59:54 +02:00
Jens L 4b20409a91
sources/ldap: fix FreeIPA nsaccountlock sync (#6745)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 13:59:36 +02:00
dependabot[bot] 19e04d7837
core: bump celery from 5.3.1 to 5.3.4
Bumps [celery](https://github.com/celery/celery) from 5.3.1 to 5.3.4.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.3.1...v5.3.4)

---
updated-dependencies:
- dependency-name: celery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-06 13:59:32 +02:00
Jens L 352ec55729
root: fix broken celery dependency (#6744)
celery 5.3.3 was yanked so downgrade

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 13:59:28 +02:00
authentik-automation[bot] 5333050e5d
core: compile backend translations (#6739)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2023-09-06 13:59:23 +02:00
Jens L 9c448d74f7
web/admin: fix application icon size (#6738)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 13:59:19 +02:00
Jens L 05a4649282
web: replace ampersand (#6737)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 13:59:02 +02:00
Jens Langhammer 97e4c8d5e2
release: 2023.8.2 2023-09-01 17:27:16 +02:00
Jens L 9681ccd90f
website: update subtext (#6733)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 16:52:13 +02:00
Tana M Berry b63420c069
website/blog: Blog about enterprise release (#6721)
* blog about Ent release

* add image and tweaks

* removed breaking link

* typo

* minor fixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 16:11:37 +02:00
Jens L 3d1bf85587
website/docs: prepare 2023.8.2 release (#6731)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 16:09:42 +02:00
authentik-automation[bot] caad5a888a
web: bump API Client version (#6730) 2023-09-01 13:06:20 +02:00
Jens L a39fef11b8
providers/saml: fix SAML metadata import API requiring flow slug inst… (#6729)
* providers/saml: fix SAML metadata import API requiring flow slug instead of pk

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* replace format_exc_info with dict_tracebacks, and only for json logger

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 12:59:25 +02:00
Jens L 8f219a813b
website: fix sidebar text color on smaller viewports (#6728)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 11:51:51 +02:00
Jens L 0772756eef
crypto: fix has_key filter (#6727)
* crypto: fix has_key certificate filter

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 11:51:41 +02:00
dependabot[bot] d485a04153
core: bump goauthentik.io/api/v3 from 3.2023081.2 to 3.2023081.3 (#6723)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023081.2 to 3.2023081.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023081.2...v3.2023081.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-01 11:26:44 +02:00
dependabot[bot] 252e1e8e5d
core: bump selenium from 4.11.2 to 4.12.0 (#6724)
Bumps [selenium](https://github.com/SeleniumHQ/Selenium) from 4.11.2 to 4.12.0.
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/commits/selenium-4.12.0)

---
updated-dependencies:
- dependency-name: selenium
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-01 11:26:37 +02:00
dependabot[bot] e6a2b12686
core: bump celery from 5.3.1 to 5.3.3 (#6725)
Bumps [celery](https://github.com/celery/celery) from 5.3.1 to 5.3.3.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.3.1...v5.3.3)

---
updated-dependencies:
- dependency-name: celery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-01 11:26:29 +02:00
transifex-integration[bot] e2af75e8fa
translate: Updates for file web/xliff/en.xlf in nl on branch main (#6716)
* Translate web/xliff/en.xlf in nl

100% translated source file: 'web/xliff/en.xlf'
on 'nl'.

* also auto enable squash merge after approval

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 15:18:15 +02:00
Jens L 1c1c1cf5da
root: expand exception logging (#6690)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 14:17:57 +02:00
authentik-automation[bot] a8cd70cb63
web: bump API Client version (#6715)
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2023-08-31 12:04:26 +00:00
Jens L f57b3efcaa
policies/reputation: fix reputation not expiring (#6714)
* policies/reputation: fix reputation not expiring

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix some verbose names for models

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 13:46:00 +02:00
transifex-integration[bot] 6163f29aa0
translate: Updates for file web/xliff/en.xlf in zh-Hans on branch main (#6710)
Translate web/xliff/en.xlf in zh-Hans

100% translated source file: 'web/xliff/en.xlf'
on 'zh-Hans'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-08-31 11:31:19 +02:00
transifex-integration[bot] 969c733b07
translate: Updates for file web/xliff/en.xlf in zh_CN on branch main (#6709)
Translate web/xliff/en.xlf in zh_CN

100% translated source file: 'web/xliff/en.xlf'
on 'zh_CN'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2023-08-31 11:31:09 +02:00
dependabot[bot] da25bedc8d
core: bump goauthentik.io/api/v3 from 3.2023081.1 to 3.2023081.2 (#6711)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023081.1 to 3.2023081.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023081.1...v3.2023081.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-31 11:30:58 +02:00
dependabot[bot] 41ed04af6c
web: bump @lit-labs/task from 3.0.1 to 3.0.2 in /web (#6707)
Bumps [@lit-labs/task](https://github.com/lit/lit/tree/HEAD/packages/labs/task) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/labs/task/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/@lit-labs/task@3.0.2/packages/labs/task)

---
updated-dependencies:
- dependency-name: "@lit-labs/task"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-30 22:13:05 +00:00
dependabot[bot] 32d95b6169
web: bump the babel group in /web with 1 update (#6706)
Bumps the babel group in /web with 1 update: [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env).

- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.22.14/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-30 23:55:04 +02:00
dependabot[bot] d4a993d7b7
web: bump the sentry group in /web with 2 updates (#6705)
Bumps the sentry group in /web with 2 updates: [@sentry/browser](https://github.com/getsentry/sentry-javascript) and [@sentry/tracing](https://github.com/getsentry/sentry-javascript).


Updates `@sentry/browser` from 7.65.0 to 7.66.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.65.0...7.66.0)

Updates `@sentry/tracing` from 7.65.0 to 7.66.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.65.0...7.66.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: sentry
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-30 23:54:51 +02:00
Jens L f8489387ee
web/admin: clear other options depending on what the binding targets (#6703)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 21:15:36 +02:00