trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,073 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

72 Commits

Author SHA1 Message Date
Jens Langhammer 654e0d6245 providers/proxy: fix nil error in claims 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-03 17:58:38 +01:00
Jens Langhammer 6021fc0f52 providers/proxy: fix backend override persisting for other users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-30 22:29:34 +01:00
Jens Langhammer 7fd6be5abb providers/proxy: add backend_override 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-30 21:35:08 +01:00
Jens Langhammer 67d550a80d providers/proxy: don't include hostname and scheme in redirect when we only got a path and not a full URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-27 18:23:08 +01:00
Jens Langhammer ebb5711c32 providers/proxy: add support for X-Original-URI in nginx, better handle missing headers and report errors to authentik 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-27 18:14:02 +01:00
Jens Langhammer 63b3434b6f website/docs: improve nginx examples 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-25 14:25:21 +01:00
Jens Langhammer 1c2b452406 outposts/proxy: fix potential empty redirect, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2141
 2022-01-25 10:57:53 +01:00
Jens Langhammer b32800ea71 outposts/proxy: trace full headers to debug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:08:31 +01:00
Jens Langhammer ef335ec083 outposts/proxy: add more test cases for domain-level auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 21:41:15 +01:00
Jens Langhammer 07b09df3fe internal: add more outpost tests, add support for X-Original-URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 20:50:13 +01:00
Jens Langhammer e70e031a1f internal: start adding tests to outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 20:12:25 +01:00
Jens Langhammer 1dce408c72 internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 09:30:33 +01:00
Jens Langhammer af3fb5c2cd internal: use math.MaxInt for compatibility 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1819
 2022-01-21 23:11:17 +01:00
Jens Langhammer 3bfb8b2cb2 outposts/proxyv2: allow access to /akprox urls in forward auth mode to make routing in nginx/traefik easier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 13:43:16 +01:00
Jens Langhammer 9fc5ff4b77 outposts/proxyv2: fix JWKS url pointing to localhost on embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 13:29:51 +01:00
Jens Langhammer 41e7b9b73f outposts/proxyv2: fix before-redirect url not being saved in proxy mode 
closes #2109

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-19 19:16:30 +01:00
Jens Langhammer 7f47f93e4e internal: cleanup log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-19 19:01:24 +01:00
Jens Langhammer 14c7d8c4f4 internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2079
 2022-01-18 23:19:43 +01:00
Jens Langhammer c07b8d95d0 outposts/proxy: remove deprecated headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 17:01:23 +01:00
Jens Langhammer ececfc3a30 internal: fix comment formatting for TODOs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 09:51:41 +01:00
Jens Langhammer f246da6b73 outposts/proxy: fix error checking for type assertion 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-26 14:57:32 +01:00
Jens Langhammer 410d1b97cd outposts/proxy: add support for multiple states, when multiple requests are redirect at once 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-26 14:16:02 +01:00
Jens Langhammer ba55538a34 outposts/proxy: cleanup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 19:16:06 +01:00
Jens Langhammer f742c73e24 outposts/proxy: fix allowlist for forward_auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1970
 2021-12-21 15:49:25 +01:00
Jens Langhammer b932b6c963 website/docs: update log levels 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 13:15:17 +01:00
Jens Langhammer 3c048a1921 outposts/proxy: fix session not expiring correctly due to miscalculation 
closes #1976

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 13:10:57 +01:00
Jens Langhammer f10b57ba0b outposts/proxy: handle redirect loop in start handler, show error message 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 10:07:08 +01:00
Jens Langhammer eca2ef20d0 outposts/proxy: add initial redirect-loop prevention 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 22:21:53 +01:00
Jens Langhammer cac5c7b3ea outposts/proxy: make templates more re-usable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 22:20:23 +01:00
Jens Langhammer c843f18743 lib: add additional celery logger to sentry ignore 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 21:04:45 +01:00
Jens Langhammer 68637cf7cf outposts: handle/ignore http Abort handler 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 19:42:45 +01:00
Jens Langhammer 7a73ddfb60 outposts/proxy: match skipPathRegex against full URL on domain auth 
closes #1955

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-18 15:50:42 +01:00
Jens Langhammer 7d6e88061f outposts: check if hub from context is set and fallback 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-16 11:19:57 +01:00
Jens Langhammer f8aab40e3e internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-16 11:00:19 +01:00
Jens Langhammer 5f0f4284a2 web/admin: fix rendering for applications on view page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 15:27:28 +01:00
Jens Langhammer c11be2284d outposts/proxy: also set max length for redis backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 15:05:55 +01:00
Jens Langhammer aa321196d7 outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 13:33:20 +01:00
Jens Langhammer 4e2457560d outposts/proxy: use filesystem storage for non-embedded outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-12 17:59:31 +01:00
Jens Langhammer 2ddf122d27 Revert "outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long" 
This reverts commit b3e40c6aed.
 2021-12-12 17:58:19 +01:00
Jens Langhammer deebdf2bcc outposts: fix unlabeled transaction 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-12 13:46:31 +01:00
Jens Langhammer b3e40c6aed outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-06 13:54:59 +01:00
Jens Langhammer 85a417d22e outposts/proxy: re-add rs256 support 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 15:17:32 +01:00
Jens Langhammer 347c3793fc outposts/proxy: add additional headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 14:19:57 +01:00
Jens Langhammer e42ad8db93 outposts/proxy: copy user-agent header from upstream request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 10:01:54 +01:00
Jens Langhammer e917e756cc outposts/proxy: make logging fields more consistent 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 09:58:50 +01:00
Jens Langhammer d0ceafe79e outposts/proxy: add X-authentik-meta-version 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-01 20:59:45 +01:00
Jens Langhammer 60b95271eb outposts/proxy: add additional headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-01 20:19:09 +01:00
Jens Langhammer 3b068610b9 outposts/proxy: clean up header setting (don't copy all headers) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-01 20:05:56 +01:00
Jens Langhammer 8b7f698c7b outposts/proxy: continue compiling additional regexes even when one fails 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-28 15:06:26 +01:00
Jens Langhammer c98bdbacc5 providers/proxy: return list of configured scope names so outpost requests custom scopes 
closes #1762

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-10 23:06:21 +01:00