authentik fork
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
Find a file
Jens L 80f4fccd35
providers/oauth2: OpenID conformance (#4758)
* don't open inspector by default when debug is enabled

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* encode error in fragment when using hybrid grant_type

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* require nonce for all response_types that get an id_token from the authorization endpoint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't set empty family_name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only set at_hash when response has token

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleaner way to get login time

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove authentication requirement from authentication flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use wrapper

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix auth_time not being handled correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* minor cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add test files

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove USER_LOGIN_AUTHENTICATED

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rework prompt=login handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also set last login uid for max_age check to prevent double login when max_age and prompt=login is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-23 15:26:41 +01:00
.github ci: bump snok/container-retention-policy from 1 to 2 (#4710) 2023-02-17 09:44:04 +01:00
.vscode providers/proxy: outpost wide logout implementation (#4605) 2023-02-02 21:18:59 +01:00
authentik providers/oauth2: OpenID conformance (#4758) 2023-02-23 15:26:41 +01:00
blueprints providers/oauth2: OpenID conformance (#4758) 2023-02-23 15:26:41 +01:00
cmd internal: fix race condition with config loading on startup, add index on debug server 2023-01-08 20:33:04 +01:00
internal providers/ldap: making ldap compatible with synology (#4694) 2023-02-22 15:26:41 +01:00
lifecycle core: bump black from 22.12.0 to 23.1.0 (#4584) 2023-02-01 11:31:32 +01:00
locale core: fix inconsistent branding in end_session view 2023-02-01 19:40:59 +01:00
scripts root: update options for generating TS API (#3833) 2022-10-21 09:08:25 +02:00
tests providers/oauth2: OpenID conformance (#4758) 2023-02-23 15:26:41 +01:00
web providers/oauth2: OpenID conformance (#4758) 2023-02-23 15:26:41 +01:00
website website/integrations: Zammad instructions (#4644) 2023-02-22 16:55:32 +00:00
xml */saml: test against SAML Schema 2020-12-13 19:53:16 +01:00
.bumpversion.cfg release: 2023.2.2 2023-02-15 19:53:42 +01:00
.dockerignore core: bundle geoip (#4250) 2022-12-20 22:09:30 +01:00
.editorconfig repo cleanup, switch to new docker registry 2019-04-29 17:05:39 +02:00
.gitignore root: allow custom settings via python module 2022-12-15 10:59:14 +01:00
CODE_OF_CONDUCT.md root: rework and expand security policy 2022-11-28 12:10:53 +01:00
CONTRIBUTING.md polices/hibp: remove deprecated (#4363) 2023-01-05 13:19:26 +01:00
docker-compose.yml release: 2023.2.2 2023-02-15 19:53:42 +01:00
Dockerfile core: bump golang from 1.20.0-bullseye to 1.20.1-bullseye (#4691) 2023-02-15 10:46:02 +01:00
go.mod core: bump goauthentik.io/api/v3 from 3.2023022.2 to 3.2023022.4 (#4762) 2023-02-23 10:35:33 +01:00
go.sum core: bump goauthentik.io/api/v3 from 3.2023022.2 to 3.2023022.4 (#4762) 2023-02-23 10:35:33 +01:00
ldap.Dockerfile core: bump golang from 1.20.0-bullseye to 1.20.1-bullseye (#4691) 2023-02-15 10:46:02 +01:00
LICENSE root: relicense and launch blog post 2022-11-03 16:00:00 +01:00
Makefile providers/saml: initial SLO implementation (#2346) 2023-01-04 19:45:31 +01:00
manage.py root: update deprecation warnings 2022-11-25 11:47:28 +01:00
poetry.lock core: bump twilio from 7.16.3 to 7.16.4 (#4763) 2023-02-23 10:34:28 +01:00
proxy.Dockerfile core: bump golang from 1.20.0-bullseye to 1.20.1-bullseye (#4691) 2023-02-15 10:46:02 +01:00
pyproject.toml release: 2023.2.2 2023-02-15 19:53:42 +01:00
README.md root: add support/shoutout section to readme 2023-02-13 20:56:44 +01:00
schema.yml stages/user_login: terminate others (#4754) 2023-02-22 14:09:28 +01:00
SECURITY.md root: update supported versions 2023-01-20 14:23:21 +01:00

authentik logo


Join Discord GitHub Workflow Status GitHub Workflow Status GitHub Workflow Status Code Coverage Docker pulls Latest version

What is authentik?

authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.

Installation

For small/test setups it is recommended to use docker-compose, see the documentation

For bigger setups, there is a Helm Chart here. This is documented here

Screenshots

Light Dark

Development

See Development Documentation

Security

See SECURITY.md

Support

Your organization uses authentik? We'd love to add your logo to the readme and our website! Email us @ hello@goauthentik.io or open a GitHub Issue/PR!

Sponsors

This project is proudly sponsored by:

DigitalOcean provides development and testing resources for authentik.