Commit Graph

1501 Commits

Author SHA1 Message Date
Jens Langhammer cf76652a4c release: 2021.1.1-rc2 2021-01-17 17:40:43 +01:00
Jens Langhammer 49d40d4337 admin: fix linting 2021-01-17 17:35:00 +01:00
Jens Langhammer 94182f88a4 release: 2021.1.1-rc1 2021-01-17 17:25:47 +01:00
Jens Langhammer 1c25f4f09b core: use tabs for user settings 2021-01-17 17:25:15 +01:00
Jens Langhammer aad3b43ac3 core: cache applications API 2021-01-16 22:38:09 +01:00
Jens Langhammer 60f52f102a outposts: optimise signals to not always trigger 2021-01-16 22:14:37 +01:00
Jens Langhammer f3ccb5341d outpost: improve logging 2021-01-16 22:13:57 +01:00
Jens Langhammer cb73210447 events: don't log permission creation 2021-01-16 22:03:06 +01:00
Jens Langhammer f959212692 events: make notifications filterable 2021-01-16 19:08:07 +01:00
Jens Langhammer 2d2a404028 providers/oauth2: improve error handling and event creation 2021-01-16 18:27:10 +01:00
Jens Langhammer 4baf9e4a22 web: fix unread count, use white-space pre 2021-01-16 18:04:09 +01:00
Jens Langhammer 4f28a89e63 policies: improve recording of error messages during policy process 2021-01-16 16:38:57 +01:00
Jens Langhammer f8b4b92e8d policies: pass direct exception from expression policies 2021-01-16 15:41:59 +01:00
Jens Langhammer c1fbfc63ab core: use version in qs for static files to ensure latest are loaded 2021-01-16 14:15:42 +01:00
Jens Langhammer 192dbe05c4 events: triggers -> rules 2021-01-16 14:15:23 +01:00
Jens Langhammer d637bd0bf9 events: improve infinite loop detection 2021-01-15 11:27:18 +01:00
Jens Langhammer a2bddc6d91 policies: fix engine tests checking wrong key 2021-01-15 11:27:07 +01:00
Jens Langhammer 2e42da11ea policies/event_matcher: simplify validity checking 2021-01-15 11:26:55 +01:00
Jens Langhammer f297d1256d events: fix linting 2021-01-15 11:19:56 +01:00
Jens Langhammer da59e7c4a7 events: fix infinite loop in unittests 2021-01-15 00:32:59 +01:00
Jens Langhammer 8684d106d5 events: fix default transport for successive migrations 2021-01-14 23:50:18 +01:00
Jens Langhammer 7f5caf901d expressions: set exception as message field 2021-01-14 21:58:10 +01:00
Jens Langhammer 1c686e19b5 policies: set message instead of error for Event 2021-01-14 20:17:21 +01:00
Jens Langhammer 3cc92f6c97 events: ensure created field is timestamp 2021-01-14 20:16:54 +01:00
Jens Langhammer 4447345345 policies: fix display of stacktrace in events 2021-01-14 18:07:41 +01:00
Jens Langhammer 42c6401ba7 events: add event context to slack webhook 2021-01-14 17:40:19 +01:00
Jens Langhammer eef111bcfd events: disable policy cache for trigger 2021-01-14 17:39:59 +01:00
Jens Langhammer 6192b2787f events: notifications: send entire event in API 2021-01-14 17:22:02 +01:00
Jens Langhammer c7d28f8ca9 events: attach default transport to default triggers 2021-01-14 17:22:02 +01:00
Jens Langhammer 1342266368 events: include full group in event notification 2021-01-14 17:22:02 +01:00
Jens Langhammer 7ff679b1a3 policies: fix error when error occurs during policy process with no target 2021-01-14 17:22:02 +01:00
Jens Langhammer 8beddcddb0 events: set severity for default triggers 2021-01-14 17:22:02 +01:00
Jens Langhammer 9fe8554f28 events: make notification read/update only 2021-01-14 17:22:02 +01:00
Jens Langhammer 308896719d docs: add docs for events and notifications 2021-01-13 00:26:33 +01:00
Jens Langhammer 95c1473dd2 events: assign default triggers to default admin group, create default transport 2021-01-12 23:28:17 +01:00
Jens Langhammer b14c5039ed events: set default admin group to receive default triggers 2021-01-12 23:06:42 +01:00
Jens Langhammer b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
Jens Langhammer 29e08e7477 stages/otp_*: fix app's verbose_name 2021-01-12 22:59:46 +01:00
Jens Langhammer 36bc1dc020 events: record source when user is using source to authenticate 2021-01-12 22:48:55 +01:00
Jens Langhammer 61d1407804 sources/*: Set PLAN_CONTEXT_SOURCE when logging in with a source 2021-01-12 22:37:33 +01:00
Jens Langhammer 47ddf0d7f2 web: add UI for notification triggers 2021-01-12 22:26:57 +01:00
Jens Langhammer cac94792fa admin: add event transport forms 2021-01-12 22:03:33 +01:00
Jens Langhammer 8369fa16ae events: add mode_verbose to transport, return string on send error 2021-01-12 21:51:55 +01:00
Jens Langhammer f30bdbecd6 events: catch errors during send and re-raise as custom type 2021-01-12 21:48:16 +01:00
Jens L c727c845df
policies: add and/or mode (#463)
* policies: add mode to PolicyEngine for AND and OR modes

* events: use PolicyEngine in OR mode
2021-01-12 18:22:25 +01:00
Jens L 1ccf6dcf6f
events: Notifications (#418)
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
Jens Langhammer 4743e72e18 policies: ensure binding has a target during unittests 2021-01-05 12:37:52 +01:00
Jens Langhammer 9fb5ce2a1a policies: add binding to policy_execution context 2021-01-05 11:51:05 +01:00
Jens L 82bb179bc2
root: global email settings (#448)
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
Jens Langhammer 6ed78830a0 providers/proxy: check ingress annotations we manage 2021-01-02 01:48:39 +01:00
Jens Langhammer 6fe323f1a7 outposts: by default only check labels 2021-01-02 01:08:05 +01:00
Jens Langhammer 85c2db018e outposts: ensure field_manager is also used for updates 2021-01-02 00:52:42 +01:00
dependabot[bot] bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 (#445)
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-01-01 15:39:43 +01:00
Jens Langhammer 2e69efe699 providers/saml: sign metadata when signing is enabled 2020-12-31 15:02:21 +01:00
Jens Langhammer a85b8a65c0 release: 0.14.2-stable 2020-12-31 12:00:31 +01:00
Jens Langhammer be54ba4fe2 policies: catch error in process to not hang requests 2020-12-31 11:16:17 +01:00
Jens Langhammer 68b9c34f78 policies: fix obj not being set 2020-12-31 11:16:01 +01:00
Jens Langhammer 3584bdf530 events: fix error when creating an even from policyrequests 2020-12-31 11:15:42 +01:00
Jens Langhammer e712719333 admin: fix reverse urls for application forms 2020-12-31 10:13:06 +01:00
Jens Langhammer 4fde1b7365 providers/saml: allow audience to be empty 2020-12-30 22:15:28 +01:00
Jens Langhammer 412f5b9210 providers/saml: fix signing and verification kp not being set correctly 2020-12-30 22:11:24 +01:00
Jens Langhammer a9e53cd52a providers/saml: fix string being passed to lxml 2020-12-30 22:03:01 +01:00
Jens Langhammer d0ee7908ab providers/saml: force user to select authz flow for import 2020-12-30 22:02:41 +01:00
Jens Langhammer e69834dec4 providers/saml: show error message why import failed 2020-12-30 22:02:28 +01:00
Jens Langhammer 16d5e1d9ff release: 0.14.1-stable 2020-12-29 21:25:49 +01:00
Jens Langhammer 765ae80698 providers/oauth2: fix error when creating RefreshToken 2020-12-29 21:22:49 +01:00
Jens Langhammer 540c22ce15 release: 0.14.0-stable 2020-12-28 17:49:45 +01:00
Jens Langhammer 8c3008abce release: 0.14.0-rc2 2020-12-28 17:49:39 +01:00
Jens Langhammer 8a22c86aaa release: 0.14.0-rc1 2020-12-28 17:49:35 +01:00
Jens Langhammer 22ce142cb8 outposts: include protocol in outpost deployment ports 2020-12-28 17:21:02 +01:00
Jens Langhammer 1a292feebb outposts: always check metadata on reconcile 2020-12-28 17:11:37 +01:00
Jens Langhammer 09f4d812b3 outposts: set field_manager 2020-12-28 17:11:33 +01:00
Jens Langhammer 2bab4ebfe8 core: fix library url pattern not matching SPA 2020-12-28 15:06:25 +01:00
Jens Langhammer 590597caf6 events: replace list view with SPA Page 2020-12-28 14:32:34 +01:00
Jens Langhammer 5f9c1e229c root: return API dates as timestamp 2020-12-28 13:07:49 +01:00
Jens Langhammer 0e1587bc1a providers/oauth2: don't write authorization code to event log 2020-12-28 01:07:18 +01:00
Jens Langhammer dc16a8a4c9 providers/proxy: set proxy-size for nginx for larger response 2020-12-28 00:45:58 +01:00
Jens L a6d0c8c26c
providers/saml: Metadata Import (#432)
* providers/saml: add basic metadata parser

* providers/saml: add importer for Singing certificate, validate signature, add tests

* providers/saml: add provider name to form,

* web: don't use trailing slash for spa URLs

* providers/saml: formatting fixes

* sources/*: add verbose_name to source serializers

* admin: add button launch import modal
2020-12-27 22:38:04 +01:00
Jens Langhammer e216efb6ec providers/oauth2: create access tokens as JWT 2020-12-27 19:36:17 +01:00
Jens Langhammer 378fe38b12 providers/oauth2: ensure response is URL fragment only when implicit or hybrid 2020-12-27 19:07:42 +01:00
Jens Langhammer ce9fb8801c providers/oauth2: ensure nonce is validated on all OIDC flows 2020-12-27 18:13:41 +01:00
Jens Langhammer 67ca83c228 providers/oauth2: add c_hash field 2020-12-27 18:13:13 +01:00
Jens Langhammer ee2e737782 providers/oauth2: remove response_type field as spec doesn't require validation 2020-12-27 18:12:47 +01:00
Jens Langhammer b04c9a2098 providers/oauth2: check redirect_uri before request object 2020-12-27 17:15:36 +01:00
Jens Langhammer e7c96eb70d providers/oauth2: Make AuthorizeError's state parameter requireed 2020-12-27 15:33:29 +01:00
Jens Langhammer e8debce9c8 providers/oauth2: fix infinite loops when prompt=login 2020-12-27 15:23:26 +01:00
Jens Langhammer bcd0686a33 providers/oauth2: redirect back correctly with state on AuthorizationError 2020-12-27 15:22:53 +01:00
Jens Langhammer 55322995a1 providers/oauth2: make iss field configurable 2020-12-27 15:02:12 +01:00
Jens Langhammer dff5eb69c8 providers/oauth2: fix token endpoint creating invalid token when no scopes are passed 2020-12-27 14:48:44 +01:00
Jens Langhammer b747022bc1 providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token 2020-12-27 14:33:51 +01:00
Jens Langhammer 885fcff495 providers/oauth2: add grant_types_supported to discovery endpoint 2020-12-27 14:17:40 +01:00
Jens Langhammer 5b18e28753 providers/oauth2: fix include_claims_in_id_token not being shown in form/API 2020-12-27 14:05:10 +01:00
Jens Langhammer 9848c5f3eb providers/oauth2: implement discovery's scopes_supported better 2020-12-27 13:36:14 +01:00
Jens Langhammer fc98c3934a providers/*: implement configuration_error 2020-12-27 13:15:31 +01:00
Jens Langhammer 7964061466 events: add configuration_error action 2020-12-27 13:11:38 +01:00
Jens Langhammer 5f90f54195 stages/invitation: ensure created_by is set when creating from API 2020-12-27 13:11:28 +01:00
Jens Langhammer 49eb568d3c stages/invitation: remove invitation_created signal as model_created functions the same 2020-12-27 13:00:52 +01:00
Jens Langhammer d17b2b0d1b providers/oauth2: add request_parameter_supported 2020-12-27 12:18:23 +01:00
Jens Langhammer f17d809219 providers/oauth2: add scopes_supported to discovery endpoint 2020-12-26 21:18:16 +01:00
Jens Langhammer 6c8e9fb553 providers/oauth2: add ACR support 2020-12-26 20:16:50 +01:00
Jens Langhammer 43bb29e16a providers/oauth2: implement max_age param 2020-12-26 20:05:31 +01:00
Jens Langhammer 29edbb0357 providers/oauth2: use auth_time from LOGIN event 2020-12-26 19:05:02 +01:00
Jens Langhammer 12ae867759 providers/oauth2: redirect back on prompt=none error instead of showing message 2020-12-26 18:58:18 +01:00
Jens Langhammer a20ca9136b providers/oauth2: use in for prompt check 2020-12-26 18:53:47 +01:00
Jens Langhammer 3759e96e7d providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in 2020-12-26 18:45:23 +01:00
Jens Langhammer 480d882a82 policies: add pre_permission_check to PolicyAccessView for request validity checks 2020-12-26 18:43:45 +01:00
Jens Langhammer e5e1e3737d providers/oauth2: fix query using user model not dict 2020-12-26 18:20:34 +01:00
Jens Langhammer 8dddcf891e providers/oauth2: fix "auth_time" being based on user.last_login 2020-12-26 18:11:29 +01:00
Jens Langhammer 319104c39b providers/oauth2: improve error handling, ensure correct message is shown to user 2020-12-26 17:50:16 +01:00
Jens L a9336f069c
flows: add diagrams (#415)
* flows: initial diagram implementation

* web: install flowchart.js, add flow diagram page

* web: adjust diagram colours for dark mode

* flows: add permission checks for diagram

* flows: fix formatting

* web: fix formatting for web

* flows: add fix when last stage has policy

* flows: add test for diagram

* web: flows/diagram: add support for light mode

* flows: make Flows's Diagram API return json, add more tests and fix swagger response
2020-12-26 17:05:11 +01:00
Jens Langhammer 33f5169f36 core: fix formatting 2020-12-26 15:28:29 +01:00
Jens Langhammer 4c690a20ef core: fix token update/delete not working 2020-12-26 01:23:34 +01:00
Jens Langhammer f68c8f7d90 core: fix User's token creation not working 2020-12-26 01:23:18 +01:00
Jens Langhammer 95b56a0005 release: 0.13.5-stable 2020-12-26 00:52:42 +01:00
Jens Langhammer 811c569b54 core: show multi-select notice for SelectMultiple Widgets 2020-12-26 00:43:40 +01:00
Jens Langhammer 3ac3a8eebe core: fix error during migrations 2020-12-25 23:51:40 +01:00
Jens Langhammer 6a5a243dac stages/invitation: fix optional field being required 2020-12-25 23:41:34 +01:00
Jens Langhammer ee916a68a4 stages/password: fix PasswordStageForm not showing backends 2020-12-25 23:34:26 +01:00
Jens Langhammer f192ee5052 core: fix anonymous user being included in User API 2020-12-25 22:42:53 +01:00
Jens Langhammer c95f8e8418 api: fix formatting 2020-12-24 16:26:01 +01:00
Jens Langhammer 4998ccbe41 root: update license 2020-12-24 16:01:55 +01:00
Jens Langhammer a56ddb2b8e release: 0.13.4-stable 2020-12-24 15:46:08 +01:00
Jens Langhammer 927ab509a1 outposts: validate kubeconfig before saving 2020-12-24 13:23:19 +01:00
Jens Langhammer c85506f43c outposts: allow blank kubeconfig 2020-12-24 13:23:14 +01:00
Jens Langhammer 4157a0780d core: make application's provider not required 2020-12-24 13:23:10 +01:00
Jens L 79da2bf698
web: Table parity (#427)
* core: fix application API always being sorted by name

* web: add sorting to tables

* web: add search to TablePage

* core: add search to applications API

* core: add MetaNameSerializer

* *: fix signature for non-modal serializers

* providers/*: implement MetaNameSerializer

* web: implement full app list page, use as default in sidebar

* web: fix linting errors

* admin: remove old application list

* web: fix default sorting for application list

* web: fix spacing for search element in toolbar
2020-12-24 09:56:05 +01:00
Jens Langhammer 001de38d85 docs: add nextcloud docs 2020-12-22 20:09:15 +01:00
Jens Langhammer 23f61e6b4f admin: fix policy test button in dark theme 2020-12-20 22:29:20 +01:00
Jens Langhammer db135a6dbc policies/expression: fix missing ak_logger 2020-12-20 22:18:13 +01:00
Jens L a4dc6d13b5
events: rename audit to events and use for more metrics (#397)
* events: rename audit to events

* policies/expression: log expression exceptions as event

* policies/expression: add ExpressionPolicy Model to event when possible

* lib/expressions: ensure syntax errors are logged too

* lib: fix lint error

* policies: add execution_logging field

* core: add property mapping tests

* policies/expression: add full test

* policies/expression: fix attribute name

* policies: add execution_logging

* web: fix imports

* root: update swagger

* policies: use dataclass instead of dict for types

* events: add support for dataclass as event param

* events: add special keys which are never cleaned

* policies: add tests for process, don't clean full cache

* admin: create event when new version is seen

* events: move utils to separate file

* admin: add tests for admin tasks

* events: add .set_user method to ensure users have correct attributes set

* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
Jens Langhammer 6a835ad192 policies: add simple test-case 2020-12-19 23:41:24 +01:00
Jens Langhammer efc849e760 policies/engine: Add sanity test to ensure result count matches policy count 2020-12-19 23:40:55 +01:00
Jens Langhammer e23afd18e4 release: 0.13.3-stable 2020-12-19 16:55:07 +01:00
Jens L 6e24856d45
flows: fix redirect when un-authenticated user uses external authentication (#416)
* flows: add PLAN_CONTEXT_REDIRECT so final redirect can be set from within flow

* sources/*: use PLAN_CONTEXT_REDIRECT

* flows: fallback when flow plan is empty
2020-12-19 16:42:39 +01:00
Jens Langhammer 98a58b74e3 core: ensure generic error template fills screen 2020-12-19 14:28:20 +01:00
Jens Langhammer 5f3ab22bea providers/oauth2: fix incorrect background set on end session screen 2020-12-19 14:24:28 +01:00
Jens Langhammer e4b66d991c release: 0.13.2-stable 2020-12-17 20:20:47 +01:00
Jens Langhammer 68adc2d5a5 admin: fix warning during swagger generation 2020-12-17 19:49:35 +01:00
Jens Langhammer 349a3a67d5 flows: use to_stage_response in _flow_done() 2020-12-17 19:34:15 +01:00
Jens Langhammer e1394207e7 flows: fix inconsistent behaviour when flow is empty 2020-12-17 19:22:24 +01:00
Jens Langhammer f265c1f10b admin: fix cache clean views erroring 2020-12-17 19:03:32 +01:00
Jens Langhammer 0b36aad5c8 admin: ensure clean_expired_models is called during tests 2020-12-17 00:17:20 +01:00
Jens Langhammer a5e5e140d6 admin: add full api tests 2020-12-16 23:42:44 +01:00
Jens Langhammer 29f98abd00 root: update swagger 2020-12-16 23:32:14 +01:00
Jens Langhammer d7fa52ebf3 admin: remove old admin overview 2020-12-16 23:21:38 +01:00
Jens Langhammer 48438e28fd admin: separate overview API into WorkerAPI and VersionAPI 2020-12-16 22:53:53 +01:00
Jens Langhammer 885a2f0a58 web: add flow and policy cache card 2020-12-16 22:30:37 +01:00
Jens Langhammer cf46ee06b7 api: create dedicated api for cached flows and policies 2020-12-16 22:18:36 +01:00
Jens Langhammer 1179ba4ef2 api: remove counters from overview api and allow filtering on object apis 2020-12-16 22:00:29 +01:00
Jens Langhammer 3c12c8b3ff core: make Provider SerializerModel 2020-12-16 21:38:40 +01:00
Jens Langhammer c24d1b6b84 outposts: fix incorrect timeout for state cache 2020-12-16 12:14:34 +01:00
Jens Langhammer 040e148a73 release: 0.13.1-stable 2020-12-16 11:26:15 +01:00
Jens Langhammer 835a9aaaf2 outposts: fix circular import 2020-12-16 00:00:36 +01:00
Jens Langhammer 42005e7def outposts: ensure all Service Connection state updates are done by the task 2020-12-15 23:39:52 +01:00
Jens Langhammer d9956e1e9c outpost: fix invalid incluster config causing Outpost Service Connection list to fail 2020-12-15 21:17:33 +01:00
Jens Langhammer 4b1e73251a root: fix messages showing for all sessions of a user 2020-12-15 15:19:15 +01:00
Jens Langhammer 9f2e9e8444 release: 0.13.0-stable 2020-12-14 11:20:47 +01:00
Jens Langhammer a3d361f500 outposts: fix controller not using token.key 2020-12-14 11:03:49 +01:00
Jens Langhammer e9bb583b32 providers/proxy: ensure pb_proxy is deleted and ak_proxy is created 2020-12-14 10:47:49 +01:00
dependabot[bot] 078d648551
build(deps): bump uvicorn from 0.13.0 to 0.13.1 (#390)
* build(deps): bump uvicorn from 0.13.0 to 0.13.1

Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.0...0.13.1)

Signed-off-by: dependabot[bot] <support@github.com>

* root: remove asgi workaround when websocket is closed during connect

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-14 10:05:07 +01:00
Jens Langhammer f0f3245388 root: fix links to docs 2020-12-14 00:45:02 +01:00
Jens Langhammer c9f0d048a8 release: 0.13.0-rc4 2020-12-13 23:40:07 +01:00
Jens Langhammer ae1a8842db providers/oauth2: start adding tests for OAuthAuthorizationParams 2020-12-13 23:14:35 +01:00
Jens Langhammer a3b17d1ed4 admin: add tests for hidden form fields 2020-12-13 23:14:18 +01:00
Jens Langhammer 07082cb3aa tests/integration: add tests for Docker outpost using TLS connection 2020-12-13 21:30:33 +01:00
Jens Langhammer 426cb33fab outposts: remove unused views 2020-12-13 21:25:05 +01:00
Jens Langhammer 9e4f840d2d api: add token tests 2020-12-13 20:38:56 +01:00
Jens Langhammer e120d274e9 lib: fix sentry tests not running 2020-12-13 20:38:50 +01:00
Jens Langhammer 977d3f6ef9 stages/user_write: add test that attributes without prefix are ignored 2020-12-13 20:38:43 +01:00
Jens Langhammer ecdbc917a5 admin: add api tests 2020-12-13 20:38:21 +01:00
Jens Langhammer 0083cd55df sources/oauth: start adding tests for types 2020-12-13 20:03:34 +01:00
Jens Langhammer d380194e13 */saml: test against SAML Schema 2020-12-13 19:53:16 +01:00
Jens Langhammer 32f5d5ba72 recovery: add test for invalid key 2020-12-13 18:46:36 +01:00
Jens Langhammer e818416863 policies/password: add invalid test case 2020-12-13 18:43:17 +01:00
Jens Langhammer 7eed70cfe9 policies/hibp: add invalid test case 2020-12-13 18:42:59 +01:00
Jens Langhammer ea6ca23f57 lib: add tests for sentry integration 2020-12-13 18:41:47 +01:00
Jens Langhammer f056b026d6 lib: test edgecase for timedelta_from_string 2020-12-13 18:35:51 +01:00
Jens Langhammer 1c0a6efeb1 flows/exporter: remove dead code since no stage is PolicyBindingModel 2020-12-13 18:25:30 +01:00
Jens Langhammer 17732eea08 flows: add test for PLAN_CONTEXT_PENDING_USER_IDENTIFIER 2020-12-13 18:23:19 +01:00
Jens Langhammer aa5381fd59 flows: add tests case for reevaluate marker that keeps the stage 2020-12-13 18:07:11 +01:00
Jens Langhammer ffee86fcf3 crypto: simplify api/forms key validation 2020-12-13 18:06:52 +01:00
Jens Langhammer 7ff7398aff admin: add tests for binding creation forms with invalid target 2020-12-13 18:06:34 +01:00
Jens Langhammer 3b5e1c7b34 core: cleanup channels code, fix error when server side close 2020-12-13 17:46:34 +01:00
Jens Langhammer 3e49acf7ae outposts: regularly ensure that all outposts have a valid service account and token 2020-12-13 17:10:56 +01:00
Jens Langhammer 9f6f8e1b55 outposts: update keys in outpost config 2020-12-13 15:15:20 +01:00
Jens Langhammer aef5c60a7b release: 0.13.0-rc3 2020-12-13 00:57:36 +01:00
Jens Langhammer d4c9c667c9 tests: fix URLs to use user-details instead of user-settings 2020-12-13 00:48:46 +01:00
Jens Langhammer 96f0d582f0 core: load user detail form in an inner SiteShell so update doesn't reload entire page 2020-12-13 00:18:36 +01:00
Jens Langhammer 6e55431d4c stages/*: fix redirects not pointing to user_settings 2020-12-12 23:14:07 +01:00
Jens Langhammer 01548c5e9c stages/*: fix links opening in SiteShell 2020-12-12 23:14:02 +01:00
Jens Langhammer 59c93defcf release: 0.13.0-rc2 2020-12-12 21:50:10 +01:00
Jens Langhammer e3227e7d54 core: remove remaining references to old font 2020-12-12 21:41:12 +01:00
Jens Langhammer 19824d693c core: fix permission check for applications API 2020-12-12 21:00:35 +01:00
Jens Langhammer 71e7a03f71 release: 0.13.0-rc1 2020-12-12 20:47:10 +01:00
Jens L 0a874c98cb
web: cleanup messages implementation (#386)
* web: rebuild messages without template objects

* web: show error message when ws connection fails

* web: show error message when siteshell page not found

* web: fix spinner size for loading

* web: fix linting error
2020-12-12 20:46:02 +01:00
Jens L 488e8f769a
web: remove policy bindings page (#370)
* admin: accept ?target for PolicyBindingCreateView

* core: fix rendering of hidden fields in horizontal form

* web: add create button for application's bound policies

* admin: fix delete form not working

* web: fix ak-refresh event not being dispatched correctly

* web: fix linting errors

* admin: fix tests not loading

* build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)

Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)

Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)

Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for new bandit version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add header to bound-policies

* web: fix spacing between bulk_select buttons

* web: add separate ak-bound-policies-list, add flow view page

* web: fix flows' policies not loading

* Squashed commit of the following:

commit e535cb0ec8
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Dec 10 09:58:07 2020 +0100

    build(deps): bump boto3 from 1.16.32 to 1.16.33 (#383)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.32 to 1.16.33.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.32...1.16.33)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 8c1f55d3e3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 09:06:45 2020 +0100

    build(deps): bump boto3 from 1.16.31 to 1.16.32 (#382)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.31 to 1.16.32.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.31...1.16.32)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit c3a2cb44cd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 09:06:29 2020 +0100

    build(deps): bump celery from 5.0.3 to 5.0.4 (#380)

    Bumps [celery](https://github.com/celery/celery) from 5.0.3 to 5.0.4.
    - [Release notes](https://github.com/celery/celery/releases)
    - [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
    - [Commits](https://github.com/celery/celery/compare/v5.0.3...v5.0.4)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 682401bbf2
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 07:20:45 2020 +0100

    build(deps): bump uvicorn from 0.12.3 to 0.13.0 (#381)

    Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.3 to 0.13.0.
    - [Release notes](https://github.com/encode/uvicorn/releases)
    - [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/encode/uvicorn/compare/0.12.3...0.13.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 3e6e167348
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 10:32:00 2020 +0100

    build(deps-dev): bump @typescript-eslint/parser in /web (#377)

    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.0 to 4.9.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/parser)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit d08c1b7b02
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 10:31:47 2020 +0100

    build(deps): bump @sentry/browser from 5.28.0 to 5.29.0 in /web (#378)

    Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
    - [Release notes](https://github.com/getsentry/sentry-javascript/releases)
    - [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 94d70d252c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:37 2020 +0100

    build(deps): bump boto3 from 1.16.30 to 1.16.31 (#375)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.30 to 1.16.31.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.30...1.16.31)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ccfe746dd5
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:28 2020 +0100

    build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#376)

    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.0 to 4.9.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/eslint-plugin)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ef5dffa96a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:16 2020 +0100

    build(deps): bump @sentry/tracing from 5.28.0 to 5.29.0 in /web (#379)

    Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
    - [Release notes](https://github.com/getsentry/sentry-javascript/releases)
    - [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2caa1e7650
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 11:21:07 2020 +0100

    build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

    * build(deps-dev): bump bandit from 1.6.2 to 1.6.3

    Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
    - [Release notes](https://github.com/PyCQA/bandit/releases)
    - [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

    Signed-off-by: dependabot[bot] <support@github.com>

    * root: update for new bandit version

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>

commit 2246f3a534
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 10:26:01 2020 +0100

    build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)

    Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
    - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
    - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 95ba00cb79
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 09:09:49 2020 +0100

    build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)

    Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
    - [Release notes](https://github.com/rollup/rollup/releases)
    - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2ab4d6620f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 09:09:24 2020 +0100

    build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)

    Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
    - [Release notes](https://github.com/eslint/eslint/releases)
    - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* web: fix linting error

* web: simplify sidebar logic

* web: add support for multiple active matchers per sidebar item

* web: move router to elements

* flows: add stage_obj to flows api

* sources/*: make all sources implement SerializerModel

* web: improve listing of stages

* web: implement expandable table

* web/table: use TemplateResult as return value for row()

* web: add empty state, fix link for BoundStageList

* admin: make stage binding form accept ?target like policy binding

* web: fix styles in dark mode for expanding tables

* flows: add policybindingmodel_ptr_id to FlowStageBinding API

* web: improve wording for policies

* web: fix dark theme for tertiary buttons and static modals

* web: implement SourceViewPage

* web: add empty state for BoundPoliciesList

* web: cleanup URLs for FlowStageBindings

* root: remove url attribute from ak-messages

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-12 19:39:09 +01:00
dependabot[bot] 2caa1e7650
build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for new bandit version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-07 11:21:07 +01:00
Jens L c03754abec
web: dark mode (#368)
* web: initial dark mode

* web: re-fix sidebar colour in dark mode

* web: fix dark mode for user settings

* web: fix dark mode for flows

* core: match delete template's footer with generic form

* admin: show app icon in app list
2020-12-06 18:02:04 +01:00
Jens Langhammer ff15514d5b stages/identification: add show_matched_user to optionally hide user details 2020-12-06 13:12:32 +01:00
Jens Langhammer e0bc4f1da5 lifecycle: fix outpost service connections not being migrated 2020-12-06 12:22:51 +01:00
Jens L 1cfe1aff13
wip: rename to authentik (#361)
* root: initial rename

* web: rename custom element prefix

* root: rename external functions with pb_ prefix

* root: fix formatting

* root: replace domain with goauthentik.io

* proxy: update path

* root: rename remaining prefixes

* flows: rename file extension

* root: pbadmin -> akadmin

* docs: fix image filenames

* lifecycle: ignore migration files

* ci: copy default config from current source before loading last tagged

* *: new sentry dsn

* tests: fix missing python3.9-dev package

* root: add additional migrations for service accounts created by outposts

* core: mark system-created service accounts with attribute

* policies/expression: fix pb_ replacement not working

* web: fix last linting errors, add lit-analyse

* policies/expressions: fix lint errors

* web: fix sidebar display on screens where not all items fit

* proxy: attempt to fix proxy pipeline

* proxy: use go env GOPATH to get gopath

* lib: fix user_default naming inconsistency

* docs: add upgrade docs

* docs: update screenshots to use authentik

* admin: fix create button on empty-state of outpost

* web: fix modal submit not refreshing SiteShell and Table

* web: fix height of app-card and height of generic icon

* web: fix rendering of subtext

* admin: fix version check error not being caught

* web: fix worker count not being shown

* docs: update screenshots

* root: new icon

* web: fix lint error

* admin: fix linting error

* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00