Jens L
|
af43330fd6
|
providers/oauth2: rework OAuth2 Provider (#4652)
* always treat flow as openid flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve issuer URL generation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refactoring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update introspection
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refinement
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more things, update api
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* regen migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start updating tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix implicit flow, auto set exp
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix timeozone not used correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix revoke
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more timezone shenanigans
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix userinfo tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix proxy outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix api tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing at_hash for implicit flows
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-include at_hash in implicit auth flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use folder context for outpost build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-09 20:19:48 +01:00 |
Jens Langhammer
|
388367785d
|
*/saml: disable pretty_print, add signature tests
closes #4536
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-03 15:42:09 +01:00 |
Jens L
|
7d4ce41e12
|
providers/proxy: outpost wide logout implementation (#4605)
* initial outpost wide logout implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* handle deserialize error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix file cleanup, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-02 21:18:59 +01:00 |
Jens L
|
55aa1897af
|
root: use single redis db (#4009)
* use single redis db
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure __str__ always returns string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix remaining old prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-11-15 14:31:29 +01:00 |
Jens Langhammer
|
10b48b27b0
|
internal: walk config in go, check, parse and load from scheme like in python
closes #2719
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-26 11:33:37 +02:00 |
Jens Langhammer
|
646d174dd2
|
internal: revert cookie path on proxy causing redirect loops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 16:26:12 +02:00 |
Jens Langhammer
|
ebb44c992b
|
Revert "internal: set SameSite for outpost"
This reverts commit 7e95c756b9 .
|
2022-05-21 14:08:40 +02:00 |
Jens Langhammer
|
7e95c756b9
|
internal: set SameSite for outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:21:45 +02:00 |
Jens Langhammer
|
be26b92927
|
internal: cleanup outpost logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:18:06 +02:00 |
Jens Langhammer
|
421b003218
|
internal: set path on cookie for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2305
|
2022-05-11 10:08:38 +02:00 |
Jens Langhammer
|
76660e4666
|
internal: add tests with querystring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-07 22:03:36 +01:00 |
Jens Langhammer
|
62a939b91d
|
internal: bump api client to v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-03 10:40:07 +01:00 |
Jens Langhammer
|
af3fb5c2cd
|
internal: use math.MaxInt for compatibility
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1819
|
2022-01-21 23:11:17 +01:00 |
Jens Langhammer
|
b932b6c963
|
website/docs: update log levels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-21 13:15:17 +01:00 |
Jens Langhammer
|
3c048a1921
|
outposts/proxy: fix session not expiring correctly due to miscalculation
closes #1976
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-21 13:10:57 +01:00 |
Jens Langhammer
|
c11be2284d
|
outposts/proxy: also set max length for redis backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 15:05:55 +01:00 |
Jens Langhammer
|
aa321196d7
|
outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 13:33:20 +01:00 |
Jens Langhammer
|
4e2457560d
|
outposts/proxy: use filesystem storage for non-embedded outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-12 17:59:31 +01:00 |
Jens Langhammer
|
22a7c25526
|
internal: call GetStore on application to improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 13:33:20 +02:00 |
Jens Langhammer
|
9f4a4449f5
|
outposts/proxy: ensure cookies only last as long as tokens
closes #1462
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-25 16:12:59 +02:00 |
Jens Langhammer
|
4c3a9e69f2
|
outposts/proxy: fix securecookie: no codecs provided error with redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 10:23:46 +02:00 |
Jens Langhammer
|
8ca29f6d49
|
Revert "outpost/proxy: set samesite none"
This reverts commit f7afb60c1f .
|
2021-09-08 22:56:24 +02:00 |
Jens Langhammer
|
f7afb60c1f
|
outpost/proxy: set samesite none
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 22:06:44 +02:00 |
Jens L
|
3c1b70c355
|
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 18:04:56 +00:00 |