Jens Langhammer
|
b3e40c6aed
|
outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-06 13:54:59 +01:00 |
|
Jens Langhammer
|
2b5504ff63
|
release: 2021.12.1-rc2
|
2021-12-04 20:06:41 +01:00 |
|
Jens Langhammer
|
639c2f5c2e
|
Merge branch 'master' into version-2021.12
|
2021-12-04 19:55:37 +01:00 |
|
Jens Langhammer
|
ea097afeae
|
outposts/proxy: fix path prefix in static handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 19:21:40 +01:00 |
|
Jens Langhammer
|
f8dc7f48f2
|
outposts/proxy: fix path for media
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 18:47:36 +01:00 |
|
Ilya Kogan
|
40404ff41d
|
outposts/ldap: Rework/improve LDAP search logic. (#1687)
* outposts/ldap: Refactor searching so we key primarily off base dn
* docs: Updating guides on sssd and the ldap outpost.
|
2021-12-02 15:28:58 +01:00 |
|
Jens Langhammer
|
85a417d22e
|
outposts/proxy: re-add rs256 support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 15:17:32 +01:00 |
|
Jens Langhammer
|
347c3793fc
|
outposts/proxy: add additional headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 14:19:57 +01:00 |
|
Jens Langhammer
|
e42ad8db93
|
outposts/proxy: copy user-agent header from upstream request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 10:01:54 +01:00 |
|
Jens Langhammer
|
e917e756cc
|
outposts/proxy: make logging fields more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 09:58:50 +01:00 |
|
Jens Langhammer
|
d0ceafe79e
|
outposts/proxy: add X-authentik-meta-version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:59:45 +01:00 |
|
Jens Langhammer
|
f2023a7af2
|
*: don't use go embed to make using custom files easier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:35:28 +01:00 |
|
Jens Langhammer
|
60b95271eb
|
outposts/proxy: add additional headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:19:09 +01:00 |
|
Jens Langhammer
|
3b068610b9
|
outposts/proxy: clean up header setting (don't copy all headers)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:05:56 +01:00 |
|
Jens Langhammer
|
e6818c1f6a
|
release: 2021.12.1-rc1
|
2021-12-01 13:08:13 +01:00 |
|
Jens Langhammer
|
9a393848b2
|
outpost: configure error reporting based off of main instance config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-29 14:42:19 +01:00 |
|
Jens Langhammer
|
8b7f698c7b
|
outposts/proxy: continue compiling additional regexes even when one fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-28 15:06:26 +01:00 |
|
Jens Langhammer
|
c7681dde32
|
outposts: reload on signal USR1, fix display of reload offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-24 22:45:27 +01:00 |
|
Jens Langhammer
|
d1bd8f333b
|
outposts/proxy: use disableIndex for static files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-19 10:50:56 +01:00 |
|
Jens Langhammer
|
2ac9f5426d
|
outposts: don't panic when listening for metrics fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-19 10:37:13 +01:00 |
|
Jens Langhammer
|
ae9f1c1063
|
outpost/ldap: fix panic when attempting to update without locked users mutex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-18 19:36:27 +01:00 |
|
Jens Langhammer
|
e08077c73a
|
root: replace asgi-based logger with middleware
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-15 16:32:56 +01:00 |
|
Jens Langhammer
|
7cf8a31057
|
internal: fix integrated docs not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-15 16:13:02 +01:00 |
|
Jens Langhammer
|
1a9ace6f9d
|
internal: use runserver when debug for code reload
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-15 14:04:10 +01:00 |
|
Jens Langhammer
|
97b814ab33
|
outpost/proxy: show better error when hostname isn't configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-13 22:45:37 +01:00 |
|
Jens Langhammer
|
f069cfb643
|
outposts/ldap: copy boundUsers map when running refresh instead of using blank map
closes #1651
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-13 00:26:01 +01:00 |
|
Jens Langhammer
|
2a3b049b01
|
release: 2021.10.4
|
2021-11-12 12:31:24 +01:00 |
|
Jens Langhammer
|
e7b4363d21
|
outposts/ldap: fix logic error in cached ldap searcher
closes #1779
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-11 23:18:32 +01:00 |
|
Jens Langhammer
|
00324f922d
|
outposts: send SelectedChallenge when using MFA with Go FlowExecutor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-11 21:27:06 +01:00 |
|
Jens Langhammer
|
c98bdbacc5
|
providers/proxy: return list of configured scope names so outpost requests custom scopes
closes #1762
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-10 23:06:21 +01:00 |
|
Jens Langhammer
|
202b057ce9
|
outposts/proxy: fix static files not being served in proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-10 17:16:13 +01:00 |
|
Jens Langhammer
|
ab2b13938e
|
release: 2021.10.3
|
2021-11-08 20:52:11 +01:00 |
|
Jens Langhammer
|
e6963c543d
|
outpost: remove analytics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-08 19:35:53 +01:00 |
|
Jens Langhammer
|
ed6659a46d
|
outpost/ldap: don't cleanup user info as it is overwritten on bind
closes #1651
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-08 14:41:38 +01:00 |
|
Jens Langhammer
|
4d36699b78
|
outpost/ldap: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-06 19:32:11 +01:00 |
|
Jens Langhammer
|
13fbac30a2
|
cmd/server: improve cleanup on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-06 13:54:59 +01:00 |
|
Jens L
|
5a8c66d325
|
providers/ldap: memory Query (#1681)
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/ldap: add basic in-memory searcher
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/ldap: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-05 10:37:30 +01:00 |
|
Jens Langhammer
|
dd82d55725
|
outposts: also send outpost type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-04 15:08:31 +01:00 |
|
Jens Langhammer
|
8d766efecb
|
root: don't set signal on start when running in ci or dev
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-04 14:32:21 +01:00 |
|
Jens Langhammer
|
9ac3b29418
|
outpost: add lightweight, anonymous metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-04 14:10:43 +01:00 |
|
Jens Langhammer
|
6deddd038f
|
internal: start embedded outpost directly after backend is healthy instead of waiting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-04 13:18:04 +01:00 |
|
Jens Langhammer
|
c87a9f9489
|
web: remove debug entry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-03 20:19:37 +01:00 |
|
Jens Langhammer
|
58c221e867
|
release: 2021.10.2
|
2021-11-03 10:07:28 +01:00 |
|
Jens Langhammer
|
0d02dbf55c
|
api: replace django sentry proxy with go proxy to prevent login issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-02 14:44:37 +01:00 |
|
Jens Langhammer
|
2788329880
|
release: 2021.10.1
|
2021-10-31 10:56:21 +01:00 |
|
Jens Langhammer
|
8d5460a132
|
outposts: separate websocket re-connection logic to decrease requests on reconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-30 21:33:50 +02:00 |
|
Jens Langhammer
|
381010600f
|
release: 2021.10.1-rc3
|
2021-10-27 18:57:07 +02:00 |
|
Jens Langhammer
|
731f5d0199
|
release: 2021.10.1-rc2
|
2021-10-21 16:38:30 +02:00 |
|
Jens Langhammer
|
2e06786869
|
outpost/ldap: fix logging for mismatched provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-20 19:49:17 +02:00 |
|
Jens Langhammer
|
02b4173d30
|
root: add utm_source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-20 16:34:39 +02:00 |
|
Jens Langhammer
|
5da7d9a573
|
release: 2021.10.1-rc1
|
2021-10-19 15:34:59 +02:00 |
|
Jens Langhammer
|
4d51ec906d
|
internal/proxyv2: improve error handling when configuring app
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-13 21:48:11 +02:00 |
|
Jens Langhammer
|
57e86582d1
|
Revert "root: handle liveness probe in router (also keep internal one)"
This reverts commit dd7cb45733 .
|
2021-10-12 18:44:08 +02:00 |
|
Jens Langhammer
|
dd7cb45733
|
root: handle liveness probe in router (also keep internal one)
This reverts commit d39dbc7287 .
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 18:43:39 +02:00 |
|
Jens Langhammer
|
d39dbc7287
|
root: handle liveness probe in router
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 14:54:15 +02:00 |
|
Jens Langhammer
|
22a7c25526
|
internal: call GetStore on application to improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 13:33:20 +02:00 |
|
Jens L
|
aef9d27706
|
stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-11 17:51:49 +02:00 |
|
Ilya Kogan
|
9ed236f7ab
|
outposts/ldap: Support hard coded uidNumber and gidNumber . (#1582)
|
2021-10-10 23:43:36 +02:00 |
|
Jens Langhammer
|
619203c177
|
release: 2021.9.8
|
2021-10-10 13:12:26 +02:00 |
|
Jens Langhammer
|
e444d0d640
|
release: 2021.9.7
|
2021-10-06 20:57:56 +02:00 |
|
Jens Langhammer
|
2b730dec54
|
release: 2021.9.6
|
2021-10-05 22:22:54 +02:00 |
|
Jens Langhammer
|
2aacb311bc
|
internal: add internal healthchecking to prevent websocket errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-05 22:22:38 +02:00 |
|
Jens Langhammer
|
bcf7e162a4
|
release: 2021.9.5
|
2021-10-04 20:08:46 +02:00 |
|
Jens Langhammer
|
d676cf6e3f
|
outposts/proxy: show full error message when user is authenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-03 18:20:44 +02:00 |
|
Jens Langhammer
|
39d87841d0
|
outposts/proxy: add new headers with unified naming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-03 18:20:44 +02:00 |
|
Jens Langhammer
|
fcd879034c
|
outpost/proxy: fix missing negation for internal host ssl verification
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-03 18:20:44 +02:00 |
|
Jens Langhammer
|
1a6ea72c09
|
release: 2021.9.4
|
2021-10-01 09:51:51 +02:00 |
|
Jens Langhammer
|
c19afa4f16
|
outposts/proxy: fix duplicate protocol in domain auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-29 10:02:01 +02:00 |
|
Jens Langhammer
|
941bc61b31
|
release: 2021.9.3
|
2021-09-27 17:31:50 +02:00 |
|
Jens Langhammer
|
75ef4ce596
|
tests/e2e: add new ldap object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:57:42 +02:00 |
|
Jens Langhammer
|
c2f3ce11b0
|
outposts/ldap: fix potential panic when converting attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:52:25 +02:00 |
|
Jens Langhammer
|
3c256fecc6
|
outposts/ldap: add groupofuniquenames
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:49:11 +02:00 |
|
Jens Langhammer
|
0285b84133
|
outposts/ldap: add query support for all supported object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:42:26 +02:00 |
|
Jens Langhammer
|
c7e6eb8896
|
outposts/ldap: add support for base scope and domain info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:01:22 +02:00 |
|
Jens Langhammer
|
b248f450dd
|
outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
closes #1471
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 12:00:51 +02:00 |
|
Jens Langhammer
|
234a5e2b66
|
outposts: fix outposts not correctly updating central state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 11:40:21 +02:00 |
|
Jens Langhammer
|
9f4a4449f5
|
outposts/proxy: ensure cookies only last as long as tokens
closes #1462
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-25 16:12:59 +02:00 |
|
Jens Langhammer
|
27e04589c1
|
outposts/proxyv2: fix routing not working correctly for domain auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-24 23:32:16 +02:00 |
|
Jens Langhammer
|
8d72b3498d
|
internal: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-24 10:44:28 +02:00 |
|
Jens Langhammer
|
eddca478dc
|
release: 2021.9.2
|
2021-09-23 12:34:02 +02:00 |
|
Jens Langhammer
|
52bb774f73
|
internal: add asset paths for user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-23 09:57:24 +02:00 |
|
Jens Langhammer
|
2fe6de0505
|
release: 2021.9.1
|
2021-09-22 19:11:20 +02:00 |
|
Jens Langhammer
|
ebc06f1abe
|
outposts/ldap: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-22 13:19:50 +02:00 |
|
Jens Langhammer
|
0f8880ab0a
|
outposts: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-22 13:14:28 +02:00 |
|
Jens Langhammer
|
1f97420207
|
outposts/ldap: allow custom attributes to shadow built-in attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-21 21:59:39 +02:00 |
|
Jens Langhammer
|
a92a0fb60a
|
web: migrate to lit 2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-21 11:19:26 +02:00 |
|
Jens Langhammer
|
ac52667327
|
release: 2021.9.1-rc3
|
2021-09-19 21:52:49 +02:00 |
|
Jens Langhammer
|
28189bdddf
|
release: 2021.9.1-rc2
|
2021-09-16 23:23:36 +02:00 |
|
Jens Langhammer
|
f771383c4b
|
cmd: fix outpost metrics not being set in embedded mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 12:09:12 +02:00 |
|
Jens Langhammer
|
471f7d9c62
|
outposts: add consistent name and type to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 10:14:51 +02:00 |
|
Jens Langhammer
|
a6a6b3bd06
|
outposts: add outpost_name label to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 10:04:17 +02:00 |
|
Jens Langhammer
|
48ad3dccda
|
outposts/proxy: remove deprecated rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 09:57:47 +02:00 |
|
Jens Langhammer
|
bdd5e16db1
|
release: 2021.9.1-rc1
|
2021-09-15 20:20:54 +02:00 |
|
Jens Langhammer
|
95efd47f65
|
root: remove asgi error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-15 12:23:14 +02:00 |
|
Jens Langhammer
|
198e5ce642
|
outpost: fix crash when common keys are not defined in config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-14 17:40:48 +02:00 |
|
Jens Langhammer
|
8e59b06611
|
lifecycle: migrate to gunicorn instead of runserver
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-13 17:54:23 +02:00 |
|
Jens Langhammer
|
223d9ad414
|
outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-11 19:30:21 +02:00 |
|
Jens Langhammer
|
bf771f8b6c
|
release: 2021.8.5
|
2021-09-11 19:20:13 +02:00 |
|
Jens Langhammer
|
9a79bab43d
|
outposts/proxy: fix redirect URL error due to callback url not being joined correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-10 16:19:29 +02:00 |
|
Jens Langhammer
|
3d042e708a
|
outposts/proxy: always redirect on forward_auth for traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-10 12:43:57 +02:00 |
|