--- title: Release 2022.12 slug: "2022.12" --- ## Breaking changes - Blueprints fetched via OCI require oci:// schema To better detect if a blueprint should be fetched locally or via OCI, all OCI sourced blueprints require an `oci://` protocol. ## New features - Bundled GeoIP City database authentik now comes with a bundled MaxMind GeoLite2 City database. This allows everyone to take advantage of the extra data provided by GeoIP. The default docker-compose file removes the GeoIP update container as it is no longer needed. See more [here](../core/geoip) - Customisable Captcha stage The captcha stage now supports alternate compatible providers, like [hCaptcha](https://docs.hcaptcha.com/switch/) and [Turnstile](https://developers.cloudflare.com/turnstile/get-started/migrating-from-recaptcha/). - Preview for OAuth2 and SAML providers OAuth2 and SAML providers can now preview what the currently selected property/scope mappings's outcome will look like. This helps with seeing what data is sent to the client and implementing and testing custom mappings. ## Upgrading This release does not introduce any new requirements. ### docker-compose Download the docker-compose file for 2022.12 from [here](https://goauthentik.io/version/2022.12/docker-compose.yml). Afterwards, simply run `docker-compose up -d`. ### Kubernetes Update your values to use the new images: ```yaml image: repository: ghcr.io/goauthentik/server tag: 2022.12.0 ``` ## Minor changes/fixes - blueprints: Added conditional entry application (#4167) - blueprints: don't require auth on invalidation flow - blueprints: fixed bug causing filtering with an empty query (#4106) - blueprints: Support nested custom tags in `!Find` and `!Format` tags (#4127) - core: bundle geoip (#4250) - events: fix incorrect EventAction being used - events: improve handling creation of events with non-pickleable objects - events: remove legacy logger declaration - events: save login event in session after login - flows: set stage name and verbose_name for in_memory stages - internal: dont error if environment config isn't found - internal: remove sentry proxy - internal: reuse http transport to prevent leaking connections (#3996) - lib: enable sentry profiles_sample_rate - lib: fix uploaded files not being saved correctly, add tests - lifecycle: don't set user/group in gunicorn - lifecycle: improve explanation for user: root and docket socket mount - policies: don't log context when policy returns None - policies: log correct cache state - policies/password: Always add generic message to failing zxcvbn check (#4100) - providers: add preview for mappings (#4254) - providers/ldap: improve mapping of LDAP filters to authentik queries - providers/oauth2: set amr values based on login event - providers/proxy: correctly set id_token_hint if possible - providers/saml: set AuthnContextClassRef based on login event - root: allow custom settings via python module - stages/authenticator_duo: fix imported duo devices not being confirmed - stages/authenticator_validate: fix validation to ensure configuration stage is set - stages/authenticator_validate: improve validation for not_configured_action - stages/authenticator_validate: save used mfa devices in login event - stages/captcha: customisable URLs (#3832) - stages/user_login: prevent double success message when logging in via source - stages/user_write: always ignore `component` field and prevent warning - web: fix authentication with Plex on iOS (#4095) - web/admin: better show metadata download for saml provider - web/admin: fix action button order for blueprints - web/admin: fix alignment in tables with multiple elements in cell - web/admin: fix empty request being sent due to multiple forms in duo import modal - web/admin: improve UI for removing users from groups and groups from users - web/admin: rework markdown, correctly render Admonitions, fix links - web/admin: show bound policies order first to match stages - web/flows: improve error messages for failed duo push ## API Changes #### What's Changed --- ##### `GET` /stages/captcha/{stage_uuid}/ ###### Return Type: Changed response : **200 OK** - Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. ##### `PUT` /stages/captcha/{stage_uuid}/ ###### Request: Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. - Changed property `private_key` (string) > Private key, acquired your captcha Provider. ###### Return Type: Changed response : **200 OK** - Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. ##### `PATCH` /stages/captcha/{stage_uuid}/ ###### Request: Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. - Changed property `private_key` (string) > Private key, acquired your captcha Provider. ###### Return Type: Changed response : **200 OK** - Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. ##### `GET` /flows/executor/{flow_slug}/ ###### Return Type: Changed response : **200 OK** - Changed content type : `application/json` Updated `ak-stage-captcha` component: New required properties: - `js_url` * Added property `js_url` (string) ##### `POST` /flows/executor/{flow_slug}/ ###### Return Type: Changed response : **200 OK** - Changed content type : `application/json` Updated `ak-stage-captcha` component: New required properties: - `js_url` * Added property `js_url` (string) ##### `POST` /stages/captcha/ ###### Request: Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. - Changed property `private_key` (string) > Private key, acquired your captcha Provider. ###### Return Type: Changed response : **201 Created** - Changed content type : `application/json` - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider. ##### `GET` /stages/captcha/ ###### Return Type: Changed response : **200 OK** - Changed content type : `application/json` - Changed property `results` (array) Changed items (object): > CaptchaStage Serializer - Added property `js_url` (string) - Added property `api_url` (string) - Changed property `public_key` (string) > Public key, acquired your captcha Provider.