Jens L
|
3eb466ff4b
|
lifecycle: cleanup prometheus (#2972)
* remove high cardinality labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* retry worker number for prometheus multiprocess id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* revert to pid, use subdirectories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing app label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: remove static names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-29 21:45:25 +02:00 |
Jens Langhammer
|
a03dde8a90
|
outposts/ldap: fix type assertion after upgrading to new API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-27 16:36:15 +02:00 |
Jens L
|
a286f999e2
|
api: migrate to openapi generator v6 (#2968)
* migrate to openapi generator v6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-26 15:15:30 +02:00 |
Jens Langhammer
|
5c91658484
|
internal: fix nil pointer dereference in ldap outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 15:48:50 +02:00 |
Jens Langhammer
|
25a4310bb1
|
internal: use Expires not MaxAge for LDAP session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-11 10:04:32 +02:00 |
dependabot[bot]
|
4d755dc0f6
|
build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 (#2843)
* build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.4 to 3.2022041.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5)
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-10 20:33:19 +02:00 |
Jens L
|
ab2299ba1e
|
outposts/ldap: cached bind (#2824)
* initial cached ldap bind support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* clean up api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use gh action for golangci-lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-08 16:48:53 +02:00 |
Jens Langhammer
|
9b6e47e6b8
|
outposts/ldap: fix panic in type conversion when value is nil
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-11 15:52:58 +02:00 |
Jens Langhammer
|
51194cbf42
|
outposts/ldap: use backend group num_pk
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-22 23:54:50 +01:00 |
Jens Langhammer
|
b45a442447
|
outposts/ldap: fix contexts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-19 18:28:27 +01:00 |
Simon Siebert
|
75a720ead1
|
outposts/ldap: prevent operations error from nil dereference (#2447)
closes #2526
|
2022-03-19 18:26:26 +01:00 |
Jens Langhammer
|
62a939b91d
|
internal: bump api client to v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-03 10:40:07 +01:00 |
Jens Langhammer
|
fb33906637
|
internal/ldap: fix panic when parsing lists with mixed types
closes #2355
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-22 19:56:55 +01:00 |
Jens L
|
4343246a41
|
*: rename akprox to outpost.goauthentik.io (#2266)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-08 20:25:38 +01:00 |
Ilya Kogan
|
947ecec02b
|
outposts/ldap: Fix more case sensitivity issues. (#2144)
|
2022-01-25 11:27:27 +01:00 |
Jens Langhammer
|
819af78e2b
|
internal: make internal go version match python version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-14 10:45:37 +01:00 |
Jens Langhammer
|
bf347730b3
|
outposts/ldap: remove deprecated fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-07 09:52:19 +01:00 |
Jens Langhammer
|
ececfc3a30
|
internal: fix comment formatting for TODOs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-07 09:51:41 +01:00 |
Jens Langhammer
|
884c546f32
|
outposts: clean up flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-24 19:52:19 +01:00 |
Jens Langhammer
|
b3ba083ff0
|
internal: cleanup logging, remove duplicate code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 10:33:21 +01:00 |
Jens Langhammer
|
fc9d270992
|
outposts/ldap: fix log formatter and level not being set correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-20 21:46:01 +01:00 |
Jens Langhammer
|
7d6e88061f
|
outposts: check if hub from context is set and fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-16 11:19:57 +01:00 |
Jens Langhammer
|
f8aab40e3e
|
internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-16 11:00:19 +01:00 |
Jens Langhammer
|
8abc9cc031
|
outposts: cleanup logs for failed binds
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-11 22:09:18 +01:00 |
Jens Langhammer
|
63a19a1381
|
outposts/ldap: fix searches with mixed casing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-09 20:55:51 +01:00 |
Ilya Kogan
|
bd2e453218
|
outposts/ldap: Fix search case sensitivity. (#1897)
|
2021-12-08 20:11:56 +01:00 |
Ilya Kogan
|
40404ff41d
|
outposts/ldap: Rework/improve LDAP search logic. (#1687)
* outposts/ldap: Refactor searching so we key primarily off base dn
* docs: Updating guides on sssd and the ldap outpost.
|
2021-12-02 15:28:58 +01:00 |
Jens Langhammer
|
2ac9f5426d
|
outposts: don't panic when listening for metrics fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-19 10:37:13 +01:00 |
Jens Langhammer
|
ae9f1c1063
|
outpost/ldap: fix panic when attempting to update without locked users mutex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-18 19:36:27 +01:00 |
Jens Langhammer
|
f069cfb643
|
outposts/ldap: copy boundUsers map when running refresh instead of using blank map
closes #1651
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-13 00:26:01 +01:00 |
Jens Langhammer
|
e7b4363d21
|
outposts/ldap: fix logic error in cached ldap searcher
closes #1779
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-11 23:18:32 +01:00 |
Jens Langhammer
|
ed6659a46d
|
outpost/ldap: don't cleanup user info as it is overwritten on bind
closes #1651
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-08 14:41:38 +01:00 |
Jens Langhammer
|
4d36699b78
|
outpost/ldap: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-06 19:32:11 +01:00 |
Jens L
|
5a8c66d325
|
providers/ldap: memory Query (#1681)
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/ldap: add basic in-memory searcher
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/ldap: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-05 10:37:30 +01:00 |
Jens Langhammer
|
2e06786869
|
outpost/ldap: fix logging for mismatched provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-20 19:49:17 +02:00 |
Ilya Kogan
|
9ed236f7ab
|
outposts/ldap: Support hard coded `uidNumber` and `gidNumber`. (#1582)
|
2021-10-10 23:43:36 +02:00 |
Jens Langhammer
|
75ef4ce596
|
tests/e2e: add new ldap object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:57:42 +02:00 |
Jens Langhammer
|
c2f3ce11b0
|
outposts/ldap: fix potential panic when converting attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:52:25 +02:00 |
Jens Langhammer
|
3c256fecc6
|
outposts/ldap: add groupofuniquenames
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:49:11 +02:00 |
Jens Langhammer
|
0285b84133
|
outposts/ldap: add query support for all supported object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:42:26 +02:00 |
Jens Langhammer
|
c7e6eb8896
|
outposts/ldap: add support for base scope and domain info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 14:01:22 +02:00 |
Jens Langhammer
|
ebc06f1abe
|
outposts/ldap: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-22 13:19:50 +02:00 |
Jens Langhammer
|
0f8880ab0a
|
outposts: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-22 13:14:28 +02:00 |
Jens Langhammer
|
1f97420207
|
outposts/ldap: allow custom attributes to shadow built-in attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-21 21:59:39 +02:00 |
Jens Langhammer
|
471f7d9c62
|
outposts: add consistent name and type to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 10:14:51 +02:00 |
Jens Langhammer
|
a6a6b3bd06
|
outposts: add outpost_name label to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 10:04:17 +02:00 |
Jens L
|
7158c9d2ea
|
core: metrics v2 (#1370)
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 15:52:24 +02:00 |
Jens L
|
3c1b70c355
|
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 18:04:56 +00:00 |
Jens Langhammer
|
9ad4cf1db9
|
outposts/ldap: improve logging of client IPs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-05 19:47:30 +02:00 |
Jens Langhammer
|
048467e97d
|
outpost/ldap: delay user information removal upon closing of connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-08-29 21:13:46 +02:00 |