trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/releases/v2022.12.md

7.3 KiB
Raw Blame History

title slug
Release 2022.12 2022.12

Breaking changes

  • Blueprints fetched via OCI require oci:// schema

    To better detect if a blueprint should be fetched locally or via OCI, all OCI sourced blueprints require an oci:// protocol.

New features

  • Bundled GeoIP City database

    authentik now comes with a bundled MaxMind GeoLite2 City database. This allows everyone to take advantage of the extra data provided by GeoIP. The default docker-compose file removes the GeoIP update container as it is no longer needed. See more here

  • Customisable Captcha stage

    The captcha stage now supports alternate compatible providers, like hCaptcha and Turnstile.

  • Preview for OAuth2 and SAML providers

    OAuth2 and SAML providers can now preview what the currently selected property/scope mappings's outcome will look like. This helps with seeing what data is sent to the client and implementing and testing custom mappings.

Upgrading

This release does not introduce any new requirements.

docker-compose

Download the docker-compose file for 2022.12 from here. Afterwards, simply run docker-compose up -d.

Kubernetes

Update your values to use the new images:

image:
    repository: ghcr.io/goauthentik/server
    tag: 2022.12.0

Minor changes/fixes

  • blueprints: Added conditional entry application (#4167)
  • blueprints: don't require auth on invalidation flow
  • blueprints: fixed bug causing filtering with an empty query (#4106)
  • blueprints: Support nested custom tags in !Find and !Format tags (#4127)
  • core: bundle geoip (#4250)
  • events: fix incorrect EventAction being used
  • events: improve handling creation of events with non-pickleable objects
  • events: remove legacy logger declaration
  • events: save login event in session after login
  • flows: set stage name and verbose_name for in_memory stages
  • internal: dont error if environment config isn't found
  • internal: remove sentry proxy
  • internal: reuse http transport to prevent leaking connections (#3996)
  • lib: enable sentry profiles_sample_rate
  • lib: fix uploaded files not being saved correctly, add tests
  • lifecycle: don't set user/group in gunicorn
  • lifecycle: improve explanation for user: root and docket socket mount
  • policies: don't log context when policy returns None
  • policies: log correct cache state
  • policies/password: Always add generic message to failing zxcvbn check (#4100)
  • providers: add preview for mappings (#4254)
  • providers/ldap: improve mapping of LDAP filters to authentik queries
  • providers/oauth2: set amr values based on login event
  • providers/proxy: correctly set id_token_hint if possible
  • providers/saml: set AuthnContextClassRef based on login event
  • root: allow custom settings via python module
  • stages/authenticator_duo: fix imported duo devices not being confirmed
  • stages/authenticator_validate: fix validation to ensure configuration stage is set
  • stages/authenticator_validate: improve validation for not_configured_action
  • stages/authenticator_validate: save used mfa devices in login event
  • stages/captcha: customisable URLs (#3832)
  • stages/user_login: prevent double success message when logging in via source
  • stages/user_write: always ignore component field and prevent warning
  • web: fix authentication with Plex on iOS (#4095)
  • web/admin: better show metadata download for saml provider
  • web/admin: fix action button order for blueprints
  • web/admin: fix alignment in tables with multiple elements in cell
  • web/admin: fix empty request being sent due to multiple forms in duo import modal
  • web/admin: improve UI for removing users from groups and groups from users
  • web/admin: rework markdown, correctly render Admonitions, fix links
  • web/admin: show bound policies order first to match stages
  • web/flows: improve error messages for failed duo push

API Changes

What's Changed

GET /stages/captcha/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property js_url (string)

    • Added property api_url (string)

    • Changed property public_key (string)

      Public key, acquired your captcha Provider.

PUT /stages/captcha/{stage_uuid}/
Request:

Changed content type : application/json

  • Added property js_url (string)

  • Added property api_url (string)

  • Changed property public_key (string)

    Public key, acquired your captcha Provider.

  • Changed property private_key (string)

    Private key, acquired your captcha Provider.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property js_url (string)

    • Added property api_url (string)

    • Changed property public_key (string)

      Public key, acquired your captcha Provider.

PATCH /stages/captcha/{stage_uuid}/
Request:

Changed content type : application/json

  • Added property js_url (string)

  • Added property api_url (string)

  • Changed property public_key (string)

    Public key, acquired your captcha Provider.

  • Changed property private_key (string)

    Private key, acquired your captcha Provider.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property js_url (string)

    • Added property api_url (string)

    • Changed property public_key (string)

      Public key, acquired your captcha Provider.

GET /flows/executor/{flow_slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Updated ak-stage-captcha component: New required properties:

    • js_url
    • Added property js_url (string)
POST /flows/executor/{flow_slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Updated ak-stage-captcha component: New required properties:

    • js_url
    • Added property js_url (string)
POST /stages/captcha/
Request:

Changed content type : application/json

  • Added property js_url (string)

  • Added property api_url (string)

  • Changed property public_key (string)

    Public key, acquired your captcha Provider.

  • Changed property private_key (string)

    Private key, acquired your captcha Provider.

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Added property js_url (string)

    • Added property api_url (string)

    • Changed property public_key (string)

      Public key, acquired your captcha Provider.

GET /stages/captcha/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > CaptchaStage Serializer

      • Added property js_url (string)

      • Added property api_url (string)

      • Changed property public_key (string)

        Public key, acquired your captcha Provider.