use oci:// prefix to detect oci blueprint, add UI support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
7.3 KiB
title | slug |
---|---|
Release 2022.12 | 2022.12 |
Breaking changes
-
Blueprints fetched via OCI require oci:// schema
To better detect if a blueprint should be fetched locally or via OCI, all OCI sourced blueprints require an
oci://
protocol.
New features
-
Bundled GeoIP City database
authentik now comes with a bundled MaxMind GeoLite2 City database. This allows everyone to take advantage of the extra data provided by GeoIP. The default docker-compose file removes the GeoIP update container as it is no longer needed. See more here
-
Customisable Captcha stage
The captcha stage now supports alternate compatible providers, like hCaptcha and Turnstile.
-
Preview for OAuth2 and SAML providers
OAuth2 and SAML providers can now preview what the currently selected property/scope mappings's outcome will look like. This helps with seeing what data is sent to the client and implementing and testing custom mappings.
Upgrading
This release does not introduce any new requirements.
docker-compose
Download the docker-compose file for 2022.12 from here. Afterwards, simply run docker-compose up -d
.
Kubernetes
Update your values to use the new images:
image:
repository: ghcr.io/goauthentik/server
tag: 2022.12.0
Minor changes/fixes
- blueprints: Added conditional entry application (#4167)
- blueprints: don't require auth on invalidation flow
- blueprints: fixed bug causing filtering with an empty query (#4106)
- blueprints: Support nested custom tags in
!Find
and!Format
tags (#4127) - core: bundle geoip (#4250)
- events: fix incorrect EventAction being used
- events: improve handling creation of events with non-pickleable objects
- events: remove legacy logger declaration
- events: save login event in session after login
- flows: set stage name and verbose_name for in_memory stages
- internal: dont error if environment config isn't found
- internal: remove sentry proxy
- internal: reuse http transport to prevent leaking connections (#3996)
- lib: enable sentry profiles_sample_rate
- lib: fix uploaded files not being saved correctly, add tests
- lifecycle: don't set user/group in gunicorn
- lifecycle: improve explanation for user: root and docket socket mount
- policies: don't log context when policy returns None
- policies: log correct cache state
- policies/password: Always add generic message to failing zxcvbn check (#4100)
- providers: add preview for mappings (#4254)
- providers/ldap: improve mapping of LDAP filters to authentik queries
- providers/oauth2: set amr values based on login event
- providers/proxy: correctly set id_token_hint if possible
- providers/saml: set AuthnContextClassRef based on login event
- root: allow custom settings via python module
- stages/authenticator_duo: fix imported duo devices not being confirmed
- stages/authenticator_validate: fix validation to ensure configuration stage is set
- stages/authenticator_validate: improve validation for not_configured_action
- stages/authenticator_validate: save used mfa devices in login event
- stages/captcha: customisable URLs (#3832)
- stages/user_login: prevent double success message when logging in via source
- stages/user_write: always ignore
component
field and prevent warning - web: fix authentication with Plex on iOS (#4095)
- web/admin: better show metadata download for saml provider
- web/admin: fix action button order for blueprints
- web/admin: fix alignment in tables with multiple elements in cell
- web/admin: fix empty request being sent due to multiple forms in duo import modal
- web/admin: improve UI for removing users from groups and groups from users
- web/admin: rework markdown, correctly render Admonitions, fix links
- web/admin: show bound policies order first to match stages
- web/flows: improve error messages for failed duo push
API Changes
What's Changed
GET
/stages/captcha/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
PUT
/stages/captcha/{stage_uuid}/
Request:
Changed content type : application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
Changed property
private_key
(string)Private key, acquired your captcha Provider.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
PATCH
/stages/captcha/{stage_uuid}/
Request:
Changed content type : application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
Changed property
private_key
(string)Private key, acquired your captcha Provider.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
GET
/flows/executor/{flow_slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Updated
ak-stage-captcha
component: New required properties:js_url
- Added property
js_url
(string)
POST
/flows/executor/{flow_slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Updated
ak-stage-captcha
component: New required properties:js_url
- Added property
js_url
(string)
POST
/stages/captcha/
Request:
Changed content type : application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
Changed property
private_key
(string)Private key, acquired your captcha Provider.
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
GET
/stages/captcha/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > CaptchaStage Serializer
-
Added property
js_url
(string) -
Added property
api_url
(string) -
Changed property
public_key
(string)Public key, acquired your captcha Provider.
-
-