trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
8492 commits 95 branches 330 tags 336 MiB
Commit graph

2156 commits

Author SHA1 Message Date
Jens Langhammer 0da043a9fe outposts: make local discovery configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-12 17:27:41 +01:00
Jens Langhammer f336f204cb stages/authenticator_validate: fix handling when single configuration stage is selected 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-12 17:27:33 +01:00
Jens Langhammer b5d43b15f8 providers/oauth2: add support for explicit response_mode 
closes #1953

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-12 16:56:47 +01:00
Jens Langhammer 2ccab75021 stages/authenticator_validate: add ability to select multiple configuration stages which the user can choose 
closes #1843

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-12 16:55:50 +01:00
Jens Langhammer 8bc3db7c90 release: 2022.1.5 2022-02-09 22:42:34 +01:00
Jens Langhammer e741caa6b3 core: allow formatting strings to be used for applications' launch URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 23:46:23 +01:00
Jens L 4343246a41
*: rename akprox to outpost.goauthentik.io (#2266) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 20:25:38 +01:00
Jens Langhammer c63e1c9b87 outposts: fix compare_ports to support both service and container ports 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 17:40:49 +01:00
Jens Langhammer f44cf06d22 outposts: fix service reconciler re-creating services 
closes #2095

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 17:23:00 +01:00
Jens Langhammer 15e2032493 stages/authenticator_validate: handle non-existent device_challenges 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-07 20:31:49 +01:00
Jens Langhammer c87f6cd9d9 outposts: remove node_port on V1ServicePort checks to prevent service creation loops 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2095
 2022-02-07 20:26:14 +01:00
Jens Langhammer b0936ea8f3 sources/ldap: log entire exception 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-07 19:37:39 +01:00
Jens L d5e04a2301
*: remove deprecated backup (#2129) 
* *: remove backup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: final cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: use correct pyproject when migrating from stable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-05 18:54:15 +01:00
Jens Langhammer 4e4e2b36b6 sources/saml: fix server error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-05 15:41:26 +01:00
Jens Langhammer eaba8006e6 sources/saml: fix incorrect ProtocolBinding being sent 
closes #2213

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-03 18:20:06 +01:00
Jens Langhammer 39ff202f8c outposts: fix channel not always having a logger attribute 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-03 17:58:54 +01:00
Jens Langhammer 49dfb4756e release: 2022.1.4 2022-02-01 20:12:55 +01:00
Jens Langhammer 88603fa4f7 providers/proxy: set traefik labels using object_naming_template instead of UUID 2022-02-01 17:13:27 +00:00
Jens Langhammer 0232c4e162 lifecycle: send analytics in gunicorn config to decrease outgoing requests when workers get restarted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-01 15:01:43 +01:00
Jens Langhammer e93be0de9a sources/ldap: add list_flatten function to property mappings, enable on managed LDAP mappings 
closes #2199

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-31 23:07:32 +01:00
Jens Langhammer a5adc4f8ed core: fix view_token permission not being assigned on token creation for non-admin user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-31 20:00:30 +01:00
Jens Langhammer ceaf832e63 root: remove boto integration in sentry to ease backup removal 2022-01-31 13:47:18 +00:00
Jens Langhammer c55f503b9b release: 2022.1.3 2022-01-26 22:15:28 +01:00
Jens Langhammer c2586557d8 root: fix redis passwords not being encoded correctly 
closes #2130

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-26 20:45:45 +01:00
Jens Langhammer 0d47654651 root: add max-requests for gunicorn and max tasks for celery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-26 10:04:58 +01:00
Jens Langhammer 2f4c92deb9 Merge branch 'version-2022.1' 2022-01-24 21:42:12 +01:00
Jens Langhammer c7ba183dc0 providers/proxy: fix traefik label 
closes #2128

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 17:45:09 +01:00
Jens Langhammer 3d724db0e3 release: 2022.1.2 2022-01-24 11:28:00 +01:00
Jens Langhammer 2997542114 lib: disable backup by default, add note to configuration 2022-01-24 10:00:15 +00:00
Jens Langhammer 42f5cf8c93 outposts: allow custom label for docker containers 
closes #2128

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-23 21:55:58 +01:00
Jens Langhammer 82cc1d536a providers/proxy: add PathPrefix to auto-traefik labels 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2128
 2022-01-23 21:55:46 +01:00
Jens Langhammer 6a411d7960 policies/hibp: ensure password is encodable 
closes AUTHENTIK-1SA

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-23 21:23:24 +01:00
Jens Langhammer f4a6c70e98 release: 2022.1.1 2022-01-22 18:28:40 +01:00
Jens Langhammer dd8b579dd6 lib: ignore paramiko logger 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 10:46:33 +01:00
Jens Langhammer 994c5882ab root: fix error if secret_key is purely numerical 
closes #2099

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-18 09:17:33 +01:00
Jens Langhammer 0db0a12ef3 root: rename csrf header 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-16 16:17:44 +01:00
Jens Langhammer eaeab27004 lib: add support for custom env 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-16 14:56:02 +01:00
Jens Langhammer 111fbf119b *: refactor prometheus gauges to directly updating metrics view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-16 13:57:07 +01:00
Jens Langhammer 92cc0c9c64 root: decrease to 10 backup history 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-14 19:59:50 +01:00
Jens Langhammer 18ff803370 outposts: trigger service update on k8s when selector doesnt match 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-14 11:42:57 +01:00
Jens Langhammer 6338785ce1 outposts: change label app.kubernetes.io/name to include outpost type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-14 10:34:54 +01:00
Jens Langhammer 973e151dff outposts: add Additional version labels to managed k8s deployments 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-13 17:48:01 +01:00
Jens Langhammer fae6d83f27 *: simplify extracting current version info 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-13 17:47:31 +01:00
Jens Langhammer ed84fe0b8d root: set samesite for csrf cookie 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 23:14:14 +01:00
Jens Langhammer 7db7b7cc4d stages/authenticator_validate: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 23:00:28 +01:00
Jens Langhammer e758db5727 stages/authenticator_webauthn: make more WebAuthn options configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 22:57:49 +01:00
Jens Langhammer 4d7d700afa providers/oauth2: change default redirect uri behaviour; set first used url when blank and use star for wildcard 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 22:44:57 +01:00
Jens Langhammer f9a5add01d root: include build in analytics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 22:18:52 +01:00
Jens Langhammer 2986b56389 root: fix backups running every minute instead of once 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-12 22:09:44 +01:00
Jens Langhammer 11e25617bd crypto: fully parse certificate on validation in serializer to prevent invalid certificates from being saved 
closes #2082

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-10 20:36:50 +01:00
Jens Langhammer 19d5902a92 flows: handle error if flow title contains invalid format string 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-10 19:49:27 +01:00
Jens Langhammer 71dffb21a9 outposts: improve error handling for outpost service connection state 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-10 19:44:13 +01:00
Jens Langhammer 2543224c7c core: dont return 404 when trying to view key of expired token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-10 17:53:09 +01:00
Jens Langhammer 6b6702521f api: don't return error reporting enabled when debug is enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 21:53:22 +01:00
Jens Langhammer c07b8d95d0 outposts/proxy: remove deprecated headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 17:01:23 +01:00
Jens Langhammer 0027dbc0e5 root: remove old api path 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-06 22:21:21 +01:00
Jens Langhammer c15e4b24a1 release: 2021.12.5 2022-01-06 21:29:12 +01:00
Jens Langhammer 03503363e5 core: fix UserSelfSerializer's save() overwriting other user attributes 
closes #2070

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-06 18:23:06 +01:00
Jens Langhammer 22d6621b02 root run backup every 24 hours 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-06 15:29:11 +01:00
Jens Langhammer 91dd33cee6 policies/reputation: trigger save on update 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-05 22:06:20 +01:00
Jens Langhammer 5a2c367e89 policies/reputation: fix test 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-05 21:44:15 +01:00
Jens Langhammer 6e53f1689d policies/reputation: rework reputation to use a single entry, include geo_ip data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-05 21:02:33 +01:00
Jens Langhammer 7b1373e8d6 core: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 23:17:37 +01:00
Jens Langhammer e70b486f20 outposts: handle error in certificate cleanup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 22:53:37 +01:00
Jens Langhammer 5769ff45b5 core: add goauthentik.io/user/can-change-name 
closes #2054

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 19:03:12 +01:00
Jens Langhammer 9d6f79558f tenants: forbid creation of multiple default tenants 
closes #2059

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-04 19:01:20 +01:00
Jens Langhammer 935a8f4d58 core: add tests for non-applicable flows with flow manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 22:14:52 +01:00
Jens Langhammer 7d3d17acb9 core: add error handling in source flow manager when flow isn't applicable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 21:57:55 +01:00
Jens Langhammer ebd476be14 sources/oauth: fix sources not allowing blank values 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
 2022-01-03 21:36:14 +01:00
Jens Langhammer 31ba543c62 *: don't use exception keyword with structlog 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 21:33:52 +01:00
Jens Langhammer a101d48b5a core: passthrough connection and additional data to FlowManager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
 2022-01-03 21:31:26 +01:00
Jens Langhammer 8f44c792ac sources/oauth: fix github provider not including correct base scopes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
 2022-01-03 21:04:18 +01:00
Jens Langhammer 212220554f sources/oauth: add additional scopes field to get additional data from provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
 2022-01-03 16:43:52 +01:00
Jens Langhammer 3e22740eac core: add API endpoint to directly set user's password 
closes #2040

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 13:31:58 +01:00
Jens Langhammer d18a691f63 core: prevent LDAP password being set for internal hash upgrades 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 13:23:42 +01:00
Jens Langhammer 90c31c2214 flows: add test helpers to simplify and improve checking of stages, remove force_str 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-01 20:25:32 +01:00
Jens Langhammer 50e3d317b2 flows: use WithUserInfoChallenge for AccessDeniedChallenge 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2039
 2022-01-01 19:45:34 +01:00
Jens Langhammer 3eed7bb010 lib: dont send any sentry events when testing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-01 18:56:14 +01:00
Jens Langhammer 9154b9b85d web/user: rework user source connection UI 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 21:59:41 +01:00
Jens Langhammer fc19372709 flows: fix migration removing flow titles 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 21:00:00 +01:00
Jens Langhammer d03b0b8152 outposts: include outposts build hash in state 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 15:16:34 +01:00
Jens Langhammer c249b55ff5 *: use py3.10 syntax for unions, remove old Type[] import when possible 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-30 14:59:01 +01:00
Jens Langhammer fc7a452b0c flows: update default flow titles 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-27 22:04:35 +01:00
Jens Langhammer 46f12e62e8 flows: don't create EventAction.FLOW_EXECUTION 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-27 15:07:33 +01:00
Jens Langhammer 53b10e64f8 outposts: fix error when client hasn't be initialised 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-26 14:26:48 +01:00
Jens Langhammer abe38bb16a outposts: fix __exit__ being called without params 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-25 17:52:20 +01:00
Jens Langhammer b19da6d774 crypto: return private key's type (required for some oauth2 providers) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-25 16:51:28 +01:00
Jens Langhammer 7c55616e29 outposts: fix creation of from_env docker client 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-25 16:48:23 +01:00
Jens Langhammer 6510b97c1e outposts: add remote docker integration via SSH 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-25 16:31:34 +01:00
Jens Langhammer 22d1dd801c root: also use analytics uuid for sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-24 15:13:27 +01:00
Jens Langhammer e7e0e6d213 lib: strip values for timedelta from string 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-23 18:49:35 +01:00
Jens Langhammer ca0250e19f core: add meta theme-color 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-23 18:49:24 +01:00
Jens Langhammer 5c5634830f stages/identification: add field for passwordless flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-23 18:27:00 +01:00
Jens Langhammer 9c42b75567 release: 2021.12.4 2021-12-23 10:32:48 +01:00
Jens Langhammer 457e17fec3 website/docs: add small let's encrypt docs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-23 00:59:06 +01:00
Jens Langhammer 846006f2e3 events: create test notification with event with data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 23:32:29 +01:00
Jens Langhammer f557b2129f *: fix random typos 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 23:13:18 +01:00
Jens Langhammer 6dc2003e34 providers/oauth2: fix tests validating JWT incorrectly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 23:00:57 +01:00
Jens Langhammer 0149c89003 providers/oauth2: fix invalid assignments in JWKS view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:41:28 +01:00
Jens Langhammer f458cae954 providers/proxy: add error handing when field is already gone 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 22:31:53 +01:00