Compare commits
17 Commits
trustchain
...
version-0.
| Author | SHA1 | Date |
|---|---|---|
Jens Langhammer
|
897e0f90fe | |
|
Jens Langhammer
|
ecbcd86f05 | |
|
Jens Langhammer
|
65d9f690cd | |
|
Jens Langhammer
|
f96c2db5df | |
|
Jens Langhammer
|
5647f53140 | |
|
Jens Langhammer
|
4e20cd0fee | |
|
Jens Langhammer
|
49636f8fa0 | |
|
Jens Langhammer
|
cd8157ea08 | |
|
Jens Langhammer
|
2a94ad7782 | |
|
Jens Langhammer
|
07eb5ffb4b | |
|
Jens Langhammer
|
8cc68928b8 | |
|
Jens Langhammer
|
221db12f85 | |
|
Jens Langhammer
|
34166d3c20 | |
|
Jens Langhammer
|
94972d64e6 | |
|
Jens Langhammer
|
253eaa382c | |
|
Jens Langhammer
|
fc4f9733d1 | |
|
Jens Langhammer
|
8d784afcd1 |
|
|
@ -1,5 +1,5 @@
|
|||
[bumpversion]
|
||||
current_version = 0.13.3-stable
|
||||
current_version = 0.13.5-stable
|
||||
tag = True
|
||||
commit = True
|
||||
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
|
||||
|
|
|
|||
|
|
@ -18,11 +18,11 @@ jobs:
|
|||
- name: Building Docker Image
|
||||
run: docker build
|
||||
--no-cache
|
||||
-t beryju/authentik:0.13.3-stable
|
||||
-t beryju/authentik:0.13.5-stable
|
||||
-t beryju/authentik:latest
|
||||
-f Dockerfile .
|
||||
- name: Push Docker Container to Registry (versioned)
|
||||
run: docker push beryju/authentik:0.13.3-stable
|
||||
run: docker push beryju/authentik:0.13.5-stable
|
||||
- name: Push Docker Container to Registry (latest)
|
||||
run: docker push beryju/authentik:latest
|
||||
build-proxy:
|
||||
|
|
@ -48,11 +48,11 @@ jobs:
|
|||
cd proxy/
|
||||
docker build \
|
||||
--no-cache \
|
||||
-t beryju/authentik-proxy:0.13.3-stable \
|
||||
-t beryju/authentik-proxy:0.13.5-stable \
|
||||
-t beryju/authentik-proxy:latest \
|
||||
-f Dockerfile .
|
||||
- name: Push Docker Container to Registry (versioned)
|
||||
run: docker push beryju/authentik-proxy:0.13.3-stable
|
||||
run: docker push beryju/authentik-proxy:0.13.5-stable
|
||||
- name: Push Docker Container to Registry (latest)
|
||||
run: docker push beryju/authentik-proxy:latest
|
||||
build-static:
|
||||
|
|
@ -69,11 +69,11 @@ jobs:
|
|||
cd web/
|
||||
docker build \
|
||||
--no-cache \
|
||||
-t beryju/authentik-static:0.13.3-stable \
|
||||
-t beryju/authentik-static:0.13.5-stable \
|
||||
-t beryju/authentik-static:latest \
|
||||
-f Dockerfile .
|
||||
- name: Push Docker Container to Registry (versioned)
|
||||
run: docker push beryju/authentik-static:0.13.3-stable
|
||||
run: docker push beryju/authentik-static:0.13.5-stable
|
||||
- name: Push Docker Container to Registry (latest)
|
||||
run: docker push beryju/authentik-static:latest
|
||||
test-release:
|
||||
|
|
@ -107,5 +107,5 @@ jobs:
|
|||
SENTRY_PROJECT: authentik
|
||||
SENTRY_URL: https://sentry.beryju.org
|
||||
with:
|
||||
tagName: 0.13.3-stable
|
||||
tagName: 0.13.5-stable
|
||||
environment: beryjuorg-prod
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
"""authentik"""
|
||||
__version__ = "0.13.3-stable"
|
||||
__version__ = "0.13.5-stable"
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@
|
|||
<div slot="modal"></div>
|
||||
</ak-modal-button>
|
||||
<ak-modal-button href="{% url 'authentik_admin:policy-test' pk=policy.pk %}">
|
||||
<ak-spinner-button slot="trigger" class="pf-m-tertiary">
|
||||
<ak-spinner-button slot="trigger" class="pf-m-secondary">
|
||||
{% trans 'Test' %}
|
||||
</ak-spinner-button>
|
||||
<div slot="modal"></div>
|
||||
|
|
|
|||
|
|
@ -37,8 +37,9 @@
|
|||
<table class="pf-c-table pf-m-compact pf-m-grid-xl" role="grid">
|
||||
<thead>
|
||||
<tr role="row">
|
||||
<th role="columnheader" scope="col">{% trans 'ID' %}</th>
|
||||
<th role="columnheader" scope="col">{% trans 'Created by' %}</th>
|
||||
<th role="columnheader" scope="col">{% trans 'Expiry' %}</th>
|
||||
<th role="columnheader" scope="col">{% trans 'Link' %}</th>
|
||||
<th role="cell"></th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
|
@ -47,12 +48,17 @@
|
|||
<tr role="row">
|
||||
<td role="cell">
|
||||
<span>
|
||||
{{ invitation.expiry }}
|
||||
{{ invitation.invite_uuid }}
|
||||
</span>
|
||||
</td>
|
||||
<td role="cell">
|
||||
<span>
|
||||
{{ invitation.Link }}
|
||||
{{ invitation.created_by }}
|
||||
</span>
|
||||
</td>
|
||||
<td role="cell">
|
||||
<span>
|
||||
{{ invitation.expiry|default:"-" }}
|
||||
</span>
|
||||
</td>
|
||||
<td>
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ from rest_framework_guardian.filters import ObjectPermissionsFilter
|
|||
|
||||
from authentik.admin.api.metrics import get_events_per_1h
|
||||
from authentik.audit.models import EventAction
|
||||
from authentik.core.api.providers import ProviderSerializer
|
||||
from authentik.core.models import Application
|
||||
from authentik.policies.engine import PolicyEngine
|
||||
|
||||
|
|
@ -21,6 +22,7 @@ class ApplicationSerializer(ModelSerializer):
|
|||
"""Application Serializer"""
|
||||
|
||||
launch_url = SerializerMethodField()
|
||||
provider = ProviderSerializer(source="get_provider", required=False)
|
||||
|
||||
def get_launch_url(self, instance: Application) -> str:
|
||||
"""Get generated launch URL"""
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
"""User API Views"""
|
||||
from drf_yasg2.utils import swagger_auto_schema
|
||||
from guardian.utils import get_anonymous_user
|
||||
from rest_framework.decorators import action
|
||||
from rest_framework.request import Request
|
||||
from rest_framework.response import Response
|
||||
|
|
@ -33,9 +34,12 @@ class UserSerializer(ModelSerializer):
|
|||
class UserViewSet(ModelViewSet):
|
||||
"""User Viewset"""
|
||||
|
||||
queryset = User.objects.all()
|
||||
queryset = User.objects.all().exclude(pk=get_anonymous_user().pk)
|
||||
serializer_class = UserSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
return User.objects.all().exclude(pk=get_anonymous_user().pk)
|
||||
|
||||
@swagger_auto_schema(responses={200: UserSerializer(many=False)})
|
||||
@action(detail=False)
|
||||
# pylint: disable=invalid-name
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@
|
|||
<p class="pf-c-form__helper-text">{{ field.help_text }}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% elif field.field.widget|fieldtype == 'Select' %}
|
||||
{% elif field.field.widget|fieldtype == 'Select' or field.field.widget|fieldtype == "SelectMultiple" %}
|
||||
<div class="pf-c-form__group-label">
|
||||
<label class="pf-c-form__label" for="{{ field.name }}-{{ forloop.counter0 }}">
|
||||
<span class="pf-c-form__label-text">{{ field.label }}</span>
|
||||
|
|
@ -46,6 +46,9 @@
|
|||
{% if field.help_text %}
|
||||
<p class="pf-c-form__helper-text">{{ field.help_text|safe }}</p>
|
||||
{% endif %}
|
||||
{% if field.field.widget|fieldtype == 'SelectMultiple' %}
|
||||
<p class="pf-c-form__helper-text">{% trans 'Hold control/command to select multiple items.' %}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
{% elif field.field.widget|fieldtype == 'CheckboxInput' %}
|
||||
|
|
|
|||
|
|
@ -94,11 +94,6 @@ class TokenCreateView(
|
|||
success_url = reverse_lazy("authentik_core:user-tokens")
|
||||
success_message = _("Successfully created Token")
|
||||
|
||||
def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:
|
||||
kwargs = super().get_context_data(**kwargs)
|
||||
kwargs["container_template"] = "user/base.html"
|
||||
return kwargs
|
||||
|
||||
def form_valid(self, form: UserTokenForm) -> HttpResponse:
|
||||
form.instance.user = self.request.user
|
||||
form.instance.intent = TokenIntents.INTENT_API
|
||||
|
|
@ -112,21 +107,16 @@ class TokenUpdateView(
|
|||
|
||||
model = Token
|
||||
form_class = UserTokenForm
|
||||
permission_required = "authentik_core.update_token"
|
||||
permission_required = "authentik_core.change_token"
|
||||
template_name = "generic/update.html"
|
||||
success_url = reverse_lazy("authentik_core:user-tokens")
|
||||
success_message = _("Successfully updated Token")
|
||||
|
||||
def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:
|
||||
kwargs = super().get_context_data(**kwargs)
|
||||
kwargs["container_template"] = "user/base.html"
|
||||
return kwargs
|
||||
|
||||
def get_object(self) -> Token:
|
||||
identifier = self.kwargs.get("identifier")
|
||||
return get_objects_for_user(
|
||||
self.request.user, "authentik_core.update_token", self.model
|
||||
).filter(intent=TokenIntents.INTENT_API, identifier=identifier)
|
||||
self.request.user, self.permission_required, self.model
|
||||
).filter(intent=TokenIntents.INTENT_API, identifier=identifier).first()
|
||||
|
||||
|
||||
class TokenDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageView):
|
||||
|
|
@ -138,7 +128,8 @@ class TokenDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessage
|
|||
success_url = reverse_lazy("authentik_core:user-tokens")
|
||||
success_message = _("Successfully deleted Token")
|
||||
|
||||
def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:
|
||||
kwargs = super().get_context_data(**kwargs)
|
||||
kwargs["container_template"] = "user/base.html"
|
||||
return kwargs
|
||||
def get_object(self) -> Token:
|
||||
identifier = self.kwargs.get("identifier")
|
||||
return get_objects_for_user(
|
||||
self.request.user, self.permission_required, self.model
|
||||
).filter(intent=TokenIntents.INTENT_API, identifier=identifier).first()
|
||||
|
|
|
|||
|
|
@ -1,7 +1,11 @@
|
|||
"""Outpost forms"""
|
||||
|
||||
from django import forms
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from kubernetes.client.configuration import Configuration
|
||||
from kubernetes.config.config_exception import ConfigException
|
||||
from kubernetes.config.kube_config import load_kube_config_from_dict
|
||||
|
||||
from authentik.admin.fields import CodeMirrorWidget, YAMLField
|
||||
from authentik.crypto.models import CertificateKeyPair
|
||||
|
|
@ -71,6 +75,23 @@ class DockerServiceConnectionForm(forms.ModelForm):
|
|||
class KubernetesServiceConnectionForm(forms.ModelForm):
|
||||
"""Kubernetes service-connection form"""
|
||||
|
||||
def clean_kubeconfig(self):
|
||||
"""Validate kubeconfig by attempting to load it"""
|
||||
kubeconfig = self.cleaned_data["kubeconfig"]
|
||||
if kubeconfig == {}:
|
||||
if not self.cleaned_data["local"]:
|
||||
raise ValidationError(
|
||||
_("You can only use an empty kubeconfig when local is enabled.")
|
||||
)
|
||||
# Empty kubeconfig is valid
|
||||
return kubeconfig
|
||||
config = Configuration()
|
||||
try:
|
||||
load_kube_config_from_dict(kubeconfig, client_configuration=config)
|
||||
except ConfigException:
|
||||
raise ValidationError(_("Invalid kubeconfig"))
|
||||
return kubeconfig
|
||||
|
||||
class Meta:
|
||||
|
||||
model = KubernetesServiceConnection
|
||||
|
|
|
|||
|
|
@ -0,0 +1,21 @@
|
|||
# Generated by Django 3.1.4 on 2020-12-24 12:06
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("authentik_outposts", "0014_auto_20201213_1407"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="kubernetesserviceconnection",
|
||||
name="kubeconfig",
|
||||
field=models.JSONField(
|
||||
blank=True,
|
||||
help_text="Paste your kubeconfig here. authentik will automatically use the currently selected context.",
|
||||
),
|
||||
),
|
||||
]
|
||||
|
|
@ -234,7 +234,8 @@ class KubernetesServiceConnection(OutpostServiceConnection):
|
|||
"Paste your kubeconfig here. authentik will automatically use "
|
||||
"the currently selected context."
|
||||
)
|
||||
)
|
||||
),
|
||||
blank=True,
|
||||
)
|
||||
|
||||
@property
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ class PolicyEvaluator(BaseEvaluator):
|
|||
def __init__(self, policy_name: str):
|
||||
super().__init__()
|
||||
self._messages = []
|
||||
self._context["ak_logger"] = get_logger(policy_name)
|
||||
self._context["ak_message"] = self.expr_func_message
|
||||
self._context["ip_address"] = ip_address
|
||||
self._context["ip_network"] = ip_network
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
"""authentik flows invitation forms"""
|
||||
from django import forms
|
||||
from django.utils.translation import gettext as _
|
||||
|
||||
from authentik.admin.fields import CodeMirrorWidget, YAMLField
|
||||
from authentik.stages.invitation.models import Invitation, InvitationStage
|
||||
|
|
@ -25,8 +24,5 @@ class InvitationForm(forms.ModelForm):
|
|||
|
||||
model = Invitation
|
||||
fields = ["expires", "fixed_data"]
|
||||
labels = {
|
||||
"fixed_data": _("Optional fixed data to enforce on user enrollment."),
|
||||
}
|
||||
widgets = {"fixed_data": CodeMirrorWidget()}
|
||||
field_classes = {"fixed_data": YAMLField}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,18 @@
|
|||
# Generated by Django 3.1.4 on 2020-12-25 21:43
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
("authentik_stages_invitation", "0001_initial"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="invitation",
|
||||
name="fixed_data",
|
||||
field=models.JSONField(blank=True, default=dict),
|
||||
),
|
||||
]
|
||||
|
|
@ -61,7 +61,11 @@ class Invitation(models.Model):
|
|||
|
||||
created_by = models.ForeignKey(User, on_delete=models.CASCADE)
|
||||
expires = models.DateTimeField(default=None, blank=True, null=True)
|
||||
fixed_data = models.JSONField(default=dict)
|
||||
fixed_data = models.JSONField(
|
||||
default=dict,
|
||||
blank=True,
|
||||
help_text=_("Optional fixed data to enforce on user enrollment."),
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return f"Invitation {self.invite_uuid.hex} created by {self.created_by}"
|
||||
|
|
|
|||
|
|
@ -53,5 +53,5 @@ class PasswordStageForm(forms.ModelForm):
|
|||
fields = ["name", "backends", "configure_flow", "failed_attempts_before_cancel"]
|
||||
widgets = {
|
||||
"name": forms.TextInput(),
|
||||
"backends": forms.SelectMultiple(get_authentication_backends()),
|
||||
"backends": forms.SelectMultiple(choices=get_authentication_backends()),
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ services:
|
|||
networks:
|
||||
- internal
|
||||
server:
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-0.13.3-stable}
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-0.13.5-stable}
|
||||
command: server
|
||||
environment:
|
||||
AUTHENTIK_REDIS__HOST: redis
|
||||
|
|
@ -44,7 +44,7 @@ services:
|
|||
env_file:
|
||||
- .env
|
||||
worker:
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-0.13.3-stable}
|
||||
image: beryju/authentik:${AUTHENTIK_TAG:-0.13.5-stable}
|
||||
command: worker
|
||||
networks:
|
||||
- internal
|
||||
|
|
@ -60,7 +60,7 @@ services:
|
|||
env_file:
|
||||
- .env
|
||||
static:
|
||||
image: beryju/authentik-static:${AUTHENTIK_TAG:-0.13.3-stable}
|
||||
image: beryju/authentik-static:${AUTHENTIK_TAG:-0.13.5-stable}
|
||||
networks:
|
||||
- internal
|
||||
labels:
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ name: authentik
|
|||
home: https://goauthentik.io
|
||||
sources:
|
||||
- https://github.com/BeryJu/authentik
|
||||
version: "0.13.3-stable"
|
||||
version: "0.13.5-stable"
|
||||
icon: https://raw.githubusercontent.com/BeryJu/authentik/master/web/icons/icon.svg
|
||||
dependencies:
|
||||
- name: postgresql
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|-----------------------------------|-------------------------|-------------|
|
||||
| image.name | beryju/authentik | Image used to run the authentik server and worker |
|
||||
| image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
|
||||
| image.tag | 0.13.3-stable | Image tag |
|
||||
| image.tag | 0.13.5-stable | Image tag |
|
||||
| image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments |
|
||||
| serverReplicas | 1 | Replicas for the Server deployment |
|
||||
| workerReplicas | 1 | Replicas for the Worker deployment |
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ image:
|
|||
name: beryju/authentik
|
||||
name_static: beryju/authentik-static
|
||||
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
|
||||
tag: 0.13.3-stable
|
||||
tag: 0.13.5-stable
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
serverReplicas: 1
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
package pkg
|
||||
|
||||
const VERSION = "0.13.3-stable"
|
||||
const VERSION = "0.13.5-stable"
|
||||
|
|
|
|||
|
|
@ -7345,7 +7345,6 @@ definitions:
|
|||
description: KubernetesServiceConnection Serializer
|
||||
required:
|
||||
- name
|
||||
- kubeconfig
|
||||
type: object
|
||||
properties:
|
||||
pk:
|
||||
|
|
@ -8596,6 +8595,7 @@ definitions:
|
|||
x-nullable: true
|
||||
fixed_data:
|
||||
title: Fixed data
|
||||
description: Optional fixed data to enforce on user enrollment.
|
||||
type: object
|
||||
OTPStaticStage:
|
||||
description: OTPStaticStage Serializer
|
||||
|
|
|
|||
|
|
@ -81,6 +81,10 @@ select[multiple] {
|
|||
font-size: var(--pf-global--FontSize--sm);
|
||||
}
|
||||
|
||||
.pf-c-page__main {
|
||||
z-index: auto !important;
|
||||
}
|
||||
|
||||
@media (prefers-color-scheme: dark) {
|
||||
:root {
|
||||
--ak-dark-foreground: #fafafa;
|
||||
|
|
|
|||
|
|
@ -28,4 +28,4 @@ export const ColorStyles = css`
|
|||
background-color: var(--pf-global--danger-color--100);
|
||||
}
|
||||
`;
|
||||
export const VERSION = "0.13.3-stable";
|
||||
export const VERSION = "0.13.5-stable";
|
||||
|
|
|
|||
|
|
@ -18,6 +18,10 @@ export abstract class Interface extends LitElement {
|
|||
|
||||
constructor() {
|
||||
super();
|
||||
this.sidebarOpen = window.outerWidth >= 1280;
|
||||
window.addEventListener("resize", () => {
|
||||
this.sidebarOpen = window.outerWidth >= 1280;
|
||||
});
|
||||
window.addEventListener("ak-sidebar-toggle", () => {
|
||||
this.sidebarOpen = !this.sidebarOpen;
|
||||
});
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ Download the latest `docker-compose.yml` from [here](https://raw.githubuserconte
|
|||
|
||||
To optionally enable error-reporting, run `echo AUTHENTIK_ERROR_REPORTING__ENABLED=true >> .env`
|
||||
|
||||
To optionally deploy a different version run `echo AUTHENTIK_TAG=0.13.3-stable >> .env`
|
||||
To optionally deploy a different version run `echo AUTHENTIK_TAG=0.13.5-stable >> .env`
|
||||
|
||||
If this is a fresh authentik install run the following commands to generate a password:
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ image:
|
|||
name: beryju/authentik
|
||||
name_static: beryju/authentik-static
|
||||
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
|
||||
tag: 0.13.3-stable
|
||||
tag: 0.13.5-stable
|
||||
|
||||
serverReplicas: 1
|
||||
workerReplicas: 1
|
||||
|
|
|
|||
Reference in New Issue