Merge branch 'master' into outpost-ldap
This commit is contained in:
commit
b55cb2b40c
99
.github/workflows/release.yml
vendored
99
.github/workflows/release.yml
vendored
|
@ -10,21 +10,25 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v1
|
- uses: actions/checkout@v1
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
- name: Docker Login Registry
|
- name: Docker Login Registry
|
||||||
env:
|
uses: docker/login-action@v1
|
||||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
with:
|
||||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
username: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
|
password: ${{ secrets.DOCKER_USERNAME }}
|
||||||
- name: Building Docker Image
|
- name: Building Docker Image
|
||||||
run: docker build
|
uses: docker/build-push-action@v2
|
||||||
--no-cache
|
with:
|
||||||
-t beryju/authentik:2021.4.4
|
push: true
|
||||||
-t beryju/authentik:latest
|
tags: |
|
||||||
-f Dockerfile .
|
beryju/authentik-proxy:2021.4.4,
|
||||||
- name: Push Docker Container to Registry (versioned)
|
beryju/authentik-proxy:latest,
|
||||||
run: docker push beryju/authentik:2021.4.4
|
ghcr.io/goauthentik/authentik:2021.4.4,
|
||||||
- name: Push Docker Container to Registry (latest)
|
ghcr.io/goauthentik/authentik:latest
|
||||||
run: docker push beryju/authentik:latest
|
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v8
|
||||||
build-proxy:
|
build-proxy:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
|
@ -38,23 +42,27 @@ jobs:
|
||||||
go get -u github.com/go-swagger/go-swagger/cmd/swagger
|
go get -u github.com/go-swagger/go-swagger/cmd/swagger
|
||||||
swagger generate client -f ../swagger.yaml -A authentik -t pkg/
|
swagger generate client -f ../swagger.yaml -A authentik -t pkg/
|
||||||
go build -v .
|
go build -v .
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
- name: Docker Login Registry
|
- name: Docker Login Registry
|
||||||
env:
|
uses: docker/login-action@v1
|
||||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
with:
|
||||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
username: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
|
password: ${{ secrets.DOCKER_USERNAME }}
|
||||||
- name: Building Docker Image
|
- name: Building Docker Image
|
||||||
run: |
|
uses: docker/build-push-action@v2
|
||||||
cd outpost/
|
with:
|
||||||
docker build \
|
push: true
|
||||||
--no-cache \
|
tags: |
|
||||||
-t beryju/authentik-proxy:2021.4.4 \
|
beryju/authentik-proxy:2021.4.4,
|
||||||
-t beryju/authentik-proxy:latest \
|
beryju/authentik-proxy:latest,
|
||||||
-f proxy.Dockerfile .
|
ghcr.io/goauthentik/proxy:2021.4.4,
|
||||||
- name: Push Docker Container to Registry (versioned)
|
ghcr.io/goauthentik/proxy:latest
|
||||||
run: docker push beryju/authentik-proxy:2021.4.4
|
context: proxy/
|
||||||
- name: Push Docker Container to Registry (latest)
|
file: proxy/proxy.Dockerfile
|
||||||
run: docker push beryju/authentik-proxy:latest
|
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v8
|
||||||
build-static:
|
build-static:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
|
@ -62,23 +70,26 @@ jobs:
|
||||||
- name: prepare ts api client
|
- name: prepare ts api client
|
||||||
run: |
|
run: |
|
||||||
docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
|
docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
- name: Docker Login Registry
|
- name: Docker Login Registry
|
||||||
env:
|
uses: docker/login-action@v1
|
||||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
|
with:
|
||||||
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
username: ${{ secrets.DOCKER_PASSWORD }}
|
||||||
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
|
password: ${{ secrets.DOCKER_USERNAME }}
|
||||||
- name: Building Docker Image
|
- name: Building Docker Image
|
||||||
run: |
|
uses: docker/build-push-action@v2
|
||||||
cd web/
|
with:
|
||||||
docker build \
|
push: true
|
||||||
--no-cache \
|
tags: |
|
||||||
-t beryju/authentik-static:2021.4.4 \
|
beryju/authentik-static:2021.4.4,
|
||||||
-t beryju/authentik-static:latest \
|
beryju/authentik-static:latest,
|
||||||
-f Dockerfile .
|
ghcr.io/goauthentik/static:2021.4.4,
|
||||||
- name: Push Docker Container to Registry (versioned)
|
ghcr.io/goauthentik/static:latest
|
||||||
run: docker push beryju/authentik-static:2021.4.4
|
context: web/
|
||||||
- name: Push Docker Container to Registry (latest)
|
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v8
|
||||||
run: docker push beryju/authentik-static:latest
|
|
||||||
test-release:
|
test-release:
|
||||||
needs:
|
needs:
|
||||||
- build-server
|
- build-server
|
||||||
|
@ -103,7 +114,7 @@ jobs:
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v1
|
- uses: actions/checkout@v1
|
||||||
- name: Create a Sentry.io release
|
- name: Create a Sentry.io release
|
||||||
uses: tclindner/sentry-releases-action@v1.2.0
|
uses: getsentry/action-release@v1
|
||||||
env:
|
env:
|
||||||
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
|
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
|
||||||
SENTRY_ORG: beryjuorg
|
SENTRY_ORG: beryjuorg
|
||||||
|
|
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -202,3 +202,5 @@ selenium_screenshots/
|
||||||
backups/
|
backups/
|
||||||
media/
|
media/
|
||||||
*mmdb
|
*mmdb
|
||||||
|
|
||||||
|
.idea/
|
||||||
|
|
30
Pipfile.lock
generated
30
Pipfile.lock
generated
|
@ -116,25 +116,24 @@
|
||||||
},
|
},
|
||||||
"boto3": {
|
"boto3": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
"sha256:4caf01511a07e229855b964d43ddbc6b3db1fd88a3747a4a7ca6d398ce04f3d3",
|
"sha256:edd2f14f64e0afd2373cd9b2c839004c751afedc593ea3baca3ab36f7206644d"
|
||||||
"sha256:fcd1a0318919bddf4efd0a8858214ed07d08a870d79d20f9b2d6df5d3092b8d8"
|
|
||||||
],
|
],
|
||||||
"index": "pypi",
|
"index": "pypi",
|
||||||
"version": "==1.17.58"
|
"version": "==1.17.60"
|
||||||
},
|
},
|
||||||
"botocore": {
|
"botocore": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
"sha256:0de54af6af58d59237377f1bbe43edc4395d88848cddbe00f546703d4026c638",
|
"sha256:bb63a112ef415638328e4535b75dbc32ebd88f06b7937ce1d297aa5b5527335a",
|
||||||
"sha256:2830596e0d92d82abaf78a7926e49a3b7a80c93cdc75e95717a1dd4ea9027283"
|
"sha256:e19947a8978e99467e7b1843308d1adc8febaa4e221021d4befdaec83d993ee7"
|
||||||
],
|
],
|
||||||
"version": "==1.20.58"
|
"version": "==1.20.60"
|
||||||
},
|
},
|
||||||
"cachetools": {
|
"cachetools": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
"sha256:1d9d5f567be80f7c07d765e21b814326d78c61eb0c3a637dffc0e5d1796cb2e2",
|
"sha256:2cc0b89715337ab6dbba85b5b50effe2b0c74e035d83ee8ed637cf52f12ae001",
|
||||||
"sha256:f469e29e7aa4cff64d8de4aad95ce76de8ea1125a16c68e0d93f65c3c3dc92e9"
|
"sha256:61b5ed1e22a0924aed1d23b478f37e8d52549ff8a961de2909c69bf950020cff"
|
||||||
],
|
],
|
||||||
"version": "==4.2.1"
|
"version": "==4.2.2"
|
||||||
},
|
},
|
||||||
"cbor2": {
|
"cbor2": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
|
@ -351,11 +350,11 @@
|
||||||
},
|
},
|
||||||
"django-otp": {
|
"django-otp": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
"sha256:381a15e65293b8b06d47b7d6b306e0b7af2e104137ac92f6c566d3b9b90b6244",
|
"sha256:04852c5301befb02d1d8ba4a31d375eb08d7c2cb6fe86b5f840867435ab1309c",
|
||||||
"sha256:f4ab096b424c33ffe69453620356e1b7517f30dfb9ba13bfeaa1d1f20faddc13"
|
"sha256:3916fc7652c2f934b1cf3807dd8ed257ce7605c10dfefa27fadda5628d9a9c9e"
|
||||||
],
|
],
|
||||||
"index": "pypi",
|
"index": "pypi",
|
||||||
"version": "==1.0.3"
|
"version": "==1.0.4"
|
||||||
},
|
},
|
||||||
"django-prometheus": {
|
"django-prometheus": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
|
@ -444,6 +443,7 @@
|
||||||
},
|
},
|
||||||
"gunicorn": {
|
"gunicorn": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
|
"sha256:9dcc4547dbb1cb284accfb15ab5667a0e5d1881cc443e0677b4882a4067a807e",
|
||||||
"sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8"
|
"sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8"
|
||||||
],
|
],
|
||||||
"index": "pypi",
|
"index": "pypi",
|
||||||
|
@ -917,11 +917,11 @@
|
||||||
},
|
},
|
||||||
"pyjwt": {
|
"pyjwt": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
"sha256:a5c70a06e1f33d81ef25eecd50d50bd30e34de1ca8b2b9fa3fe0daaabcf69bf7",
|
"sha256:934d73fbba91b0483d3857d1aff50e96b2a892384ee2c17417ed3203f173fca1",
|
||||||
"sha256:b70b15f89dc69b993d8a8d32c299032d5355c82f9b5b7e851d1a6d706dffe847"
|
"sha256:fba44e7898bbca160a2b2b501f492824fc8382485d3a6f11ba5d0c1937ce6130"
|
||||||
],
|
],
|
||||||
"index": "pypi",
|
"index": "pypi",
|
||||||
"version": "==2.0.1"
|
"version": "==2.1.0"
|
||||||
},
|
},
|
||||||
"pyopenssl": {
|
"pyopenssl": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
{% block body %}
|
{% block body %}
|
||||||
<section class="pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
||||||
<div class="pf-c-empty-state">
|
<div class="pf-c-empty-state">
|
||||||
<div class="pf-c-empty-state__content">
|
<div class="pf-c-empty-state__content">
|
||||||
<i class="fas fa-exclamation-circle pf-c-empty-state__icon" aria-hidden="true"></i>
|
<i class="fas fa-exclamation-circle pf-c-empty-state__icon" aria-hidden="true"></i>
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
{% block body %}
|
{% block body %}
|
||||||
<ak-message-container></ak-message-container>
|
<ak-message-container></ak-message-container>
|
||||||
<ak-interface-admin>
|
<ak-interface-admin>
|
||||||
<section class="ak-initial-load pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
||||||
<div class="pf-c-empty-state" style="height: 100vh;">
|
<div class="pf-c-empty-state" style="height: 100vh;">
|
||||||
<div class="pf-c-empty-state__content">
|
<div class="pf-c-empty-state__content">
|
||||||
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="{% trans 'Loading...' %}">
|
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="{% trans 'Loading...' %}">
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
{% block body %}
|
{% block body %}
|
||||||
<ak-message-container></ak-message-container>
|
<ak-message-container></ak-message-container>
|
||||||
<ak-flow-executor>
|
<ak-flow-executor>
|
||||||
<section class="ak-initial-load pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
||||||
<div class="pf-c-empty-state" style="height: 100vh;">
|
<div class="pf-c-empty-state" style="height: 100vh;">
|
||||||
<div class="pf-c-empty-state__content">
|
<div class="pf-c-empty-state__content">
|
||||||
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="{% trans 'Loading...' %}">
|
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="{% trans 'Loading...' %}">
|
||||||
|
|
|
@ -34,7 +34,10 @@ email:
|
||||||
from: authentik@localhost
|
from: authentik@localhost
|
||||||
|
|
||||||
outposts:
|
outposts:
|
||||||
docker_image_base: "beryju/authentik" # this is prepended to -proxy:version
|
# Placeholders:
|
||||||
|
# %(type)s: Outpost type; proxy, ldap, etc
|
||||||
|
# %(version)s: Current version; 2021.4.1
|
||||||
|
docker_image_base: "beryju/authentik-%(type)s:%(version)s"
|
||||||
|
|
||||||
authentik:
|
authentik:
|
||||||
avatars: gravatar # gravatar or none
|
avatars: gravatar # gravatar or none
|
||||||
|
|
|
@ -9,6 +9,7 @@ from channels.middleware import BaseMiddleware
|
||||||
from channels_redis.core import ChannelFull
|
from channels_redis.core import ChannelFull
|
||||||
from django.core.exceptions import SuspiciousOperation, ValidationError
|
from django.core.exceptions import SuspiciousOperation, ValidationError
|
||||||
from django.db import InternalError, OperationalError, ProgrammingError
|
from django.db import InternalError, OperationalError, ProgrammingError
|
||||||
|
from django.http.response import Http404
|
||||||
from django_redis.exceptions import ConnectionInterrupted
|
from django_redis.exceptions import ConnectionInterrupted
|
||||||
from docker.errors import DockerException
|
from docker.errors import DockerException
|
||||||
from ldap3.core.exceptions import LDAPException
|
from ldap3.core.exceptions import LDAPException
|
||||||
|
@ -78,6 +79,8 @@ def before_send(event: dict, hint: dict) -> Optional[dict]:
|
||||||
LDAPException,
|
LDAPException,
|
||||||
# Docker errors
|
# Docker errors
|
||||||
DockerException,
|
DockerException,
|
||||||
|
# End-user errors
|
||||||
|
Http404,
|
||||||
)
|
)
|
||||||
if "exc_info" in hint:
|
if "exc_info" in hint:
|
||||||
_, exc_value, _ = hint["exc_info"]
|
_, exc_value, _ = hint["exc_info"]
|
||||||
|
|
|
@ -4,6 +4,8 @@ from dataclasses import dataclass
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
from structlog.testing import capture_logs
|
from structlog.testing import capture_logs
|
||||||
|
|
||||||
|
from authentik import __version__
|
||||||
|
from authentik.lib.config import CONFIG
|
||||||
from authentik.lib.sentry import SentryIgnoredException
|
from authentik.lib.sentry import SentryIgnoredException
|
||||||
from authentik.outposts.models import Outpost, OutpostServiceConnection
|
from authentik.outposts.models import Outpost, OutpostServiceConnection
|
||||||
|
|
||||||
|
@ -55,3 +57,10 @@ class BaseController:
|
||||||
def get_static_deployment(self) -> str:
|
def get_static_deployment(self) -> str:
|
||||||
"""Return a static deployment configuration"""
|
"""Return a static deployment configuration"""
|
||||||
raise NotImplementedError
|
raise NotImplementedError
|
||||||
|
|
||||||
|
def get_container_image(self) -> str:
|
||||||
|
"""Get container image to use for this outpost"""
|
||||||
|
image_name_template: str = CONFIG.y("outposts.docker_image_base")
|
||||||
|
return image_name_template.format(
|
||||||
|
{"type": self.outpost.type, "version": __version__}
|
||||||
|
)
|
||||||
|
|
|
@ -8,7 +8,6 @@ from docker.models.containers import Container
|
||||||
from yaml import safe_dump
|
from yaml import safe_dump
|
||||||
|
|
||||||
from authentik import __version__
|
from authentik import __version__
|
||||||
from authentik.lib.config import CONFIG
|
|
||||||
from authentik.outposts.controllers.base import BaseController, ControllerException
|
from authentik.outposts.controllers.base import BaseController, ControllerException
|
||||||
from authentik.outposts.models import (
|
from authentik.outposts.models import (
|
||||||
DockerServiceConnection,
|
DockerServiceConnection,
|
||||||
|
@ -60,8 +59,7 @@ class DockerController(BaseController):
|
||||||
return self.client.containers.get(container_name), False
|
return self.client.containers.get(container_name), False
|
||||||
except NotFound:
|
except NotFound:
|
||||||
self.logger.info("Container does not exist, creating")
|
self.logger.info("Container does not exist, creating")
|
||||||
image_prefix = CONFIG.y("outposts.docker_image_base")
|
image_name = self.get_container_image()
|
||||||
image_name = f"{image_prefix}-{self.outpost.type}:{__version__}"
|
|
||||||
self.client.images.pull(image_name)
|
self.client.images.pull(image_name)
|
||||||
container_args = {
|
container_args = {
|
||||||
"image": image_name,
|
"image": image_name,
|
||||||
|
@ -134,6 +132,7 @@ class DockerController(BaseController):
|
||||||
def down(self):
|
def down(self):
|
||||||
try:
|
try:
|
||||||
container, _ = self._get_container()
|
container, _ = self._get_container()
|
||||||
|
if container.status == "running":
|
||||||
container.kill()
|
container.kill()
|
||||||
container.remove()
|
container.remove()
|
||||||
except DockerException as exc:
|
except DockerException as exc:
|
||||||
|
@ -145,12 +144,12 @@ class DockerController(BaseController):
|
||||||
f"{port.port}:{port.port}/{port.protocol.lower()}"
|
f"{port.port}:{port.port}/{port.protocol.lower()}"
|
||||||
for port in self.deployment_ports
|
for port in self.deployment_ports
|
||||||
]
|
]
|
||||||
image_prefix = CONFIG.y("outposts.docker_image_base")
|
image_name = self.get_container_image()
|
||||||
compose = {
|
compose = {
|
||||||
"version": "3.5",
|
"version": "3.5",
|
||||||
"services": {
|
"services": {
|
||||||
f"authentik_{self.outpost.type}": {
|
f"authentik_{self.outpost.type}": {
|
||||||
"image": f"{image_prefix}-{self.outpost.type}:{__version__}",
|
"image": image_name,
|
||||||
"ports": ports,
|
"ports": ports,
|
||||||
"environment": {
|
"environment": {
|
||||||
"AUTHENTIK_HOST": self.outpost.config.authentik_host,
|
"AUTHENTIK_HOST": self.outpost.config.authentik_host,
|
||||||
|
|
|
@ -16,8 +16,6 @@ from kubernetes.client import (
|
||||||
V1SecretKeySelector,
|
V1SecretKeySelector,
|
||||||
)
|
)
|
||||||
|
|
||||||
from authentik import __version__
|
|
||||||
from authentik.lib.config import CONFIG
|
|
||||||
from authentik.outposts.controllers.base import FIELD_MANAGER
|
from authentik.outposts.controllers.base import FIELD_MANAGER
|
||||||
from authentik.outposts.controllers.k8s.base import (
|
from authentik.outposts.controllers.k8s.base import (
|
||||||
KubernetesObjectReconciler,
|
KubernetesObjectReconciler,
|
||||||
|
@ -75,7 +73,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
|
||||||
)
|
)
|
||||||
meta = self.get_object_meta(name=self.name)
|
meta = self.get_object_meta(name=self.name)
|
||||||
secret_name = f"authentik-outpost-{self.controller.outpost.uuid.hex}-api"
|
secret_name = f"authentik-outpost-{self.controller.outpost.uuid.hex}-api"
|
||||||
image_prefix = CONFIG.y("outposts.docker_image_base")
|
image_name = self.controller.get_container_image()
|
||||||
return V1Deployment(
|
return V1Deployment(
|
||||||
metadata=meta,
|
metadata=meta,
|
||||||
spec=V1DeploymentSpec(
|
spec=V1DeploymentSpec(
|
||||||
|
@ -87,7 +85,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
|
||||||
containers=[
|
containers=[
|
||||||
V1Container(
|
V1Container(
|
||||||
name=str(self.outpost.type),
|
name=str(self.outpost.type),
|
||||||
image=f"{image_prefix}-{self.outpost.type}:{__version__}",
|
image=image_name,
|
||||||
ports=container_ports,
|
ports=container_ports,
|
||||||
env=[
|
env=[
|
||||||
V1EnvVar(
|
V1EnvVar(
|
||||||
|
|
|
@ -38,6 +38,7 @@ class OAuth2ProviderSerializer(ProviderSerializer):
|
||||||
"client_type",
|
"client_type",
|
||||||
"client_id",
|
"client_id",
|
||||||
"client_secret",
|
"client_secret",
|
||||||
|
"access_code_validity",
|
||||||
"token_validity",
|
"token_validity",
|
||||||
"include_claims_in_id_token",
|
"include_claims_in_id_token",
|
||||||
"jwt_alg",
|
"jwt_alg",
|
||||||
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
# Generated by Django 3.2 on 2021-04-28 18:17
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
import authentik.lib.utils.time
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
("authentik_providers_oauth2", "0011_managed"),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name="oauth2provider",
|
||||||
|
name="access_code_validity",
|
||||||
|
field=models.TextField(
|
||||||
|
default="minutes=1",
|
||||||
|
help_text="Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3).",
|
||||||
|
validators=[authentik.lib.utils.time.timedelta_string_validator],
|
||||||
|
),
|
||||||
|
),
|
||||||
|
]
|
|
@ -175,6 +175,16 @@ class OAuth2Provider(Provider):
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
access_code_validity = models.TextField(
|
||||||
|
default="minutes=1",
|
||||||
|
validators=[timedelta_string_validator],
|
||||||
|
help_text=_(
|
||||||
|
(
|
||||||
|
"Access codes not valid on or after current time + this value "
|
||||||
|
"(Format: hours=1;minutes=2;seconds=3)."
|
||||||
|
)
|
||||||
|
),
|
||||||
|
)
|
||||||
token_validity = models.TextField(
|
token_validity = models.TextField(
|
||||||
default="minutes=10",
|
default="minutes=10",
|
||||||
validators=[timedelta_string_validator],
|
validators=[timedelta_string_validator],
|
||||||
|
|
|
@ -219,7 +219,7 @@ class OAuthAuthorizationParams:
|
||||||
code.code_challenge_method = self.code_challenge_method
|
code.code_challenge_method = self.code_challenge_method
|
||||||
|
|
||||||
code.expires_at = timezone.now() + timedelta_from_string(
|
code.expires_at = timezone.now() + timedelta_from_string(
|
||||||
self.provider.token_validity
|
self.provider.access_code_validity
|
||||||
)
|
)
|
||||||
code.scope = self.scope
|
code.scope = self.scope
|
||||||
code.nonce = self.nonce
|
code.nonce = self.nonce
|
||||||
|
|
|
@ -52,6 +52,7 @@ class ProxyProviderSerializer(ProviderSerializer):
|
||||||
"basic_auth_enabled",
|
"basic_auth_enabled",
|
||||||
"basic_auth_password_attribute",
|
"basic_auth_password_attribute",
|
||||||
"basic_auth_user_attribute",
|
"basic_auth_user_attribute",
|
||||||
|
"forward_auth_mode",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
@ -86,6 +87,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer):
|
||||||
"basic_auth_enabled",
|
"basic_auth_enabled",
|
||||||
"basic_auth_password_attribute",
|
"basic_auth_password_attribute",
|
||||||
"basic_auth_user_attribute",
|
"basic_auth_user_attribute",
|
||||||
|
"forward_auth_mode",
|
||||||
]
|
]
|
||||||
|
|
||||||
@swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)
|
@swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer)
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
# Generated by Django 3.2 on 2021-04-27 18:47
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
import authentik.lib.models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
("authentik_providers_proxy", "0010_auto_20201214_0942"),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name="proxyprovider",
|
||||||
|
name="forward_auth_mode",
|
||||||
|
field=models.BooleanField(
|
||||||
|
default=False,
|
||||||
|
help_text="Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.",
|
||||||
|
),
|
||||||
|
),
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name="proxyprovider",
|
||||||
|
name="internal_host",
|
||||||
|
field=models.TextField(
|
||||||
|
blank=True,
|
||||||
|
validators=[
|
||||||
|
authentik.lib.models.DomainlessURLValidator(
|
||||||
|
schemes=("http", "https")
|
||||||
|
)
|
||||||
|
],
|
||||||
|
),
|
||||||
|
),
|
||||||
|
]
|
|
@ -42,7 +42,8 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
|
||||||
Protocols by using a Reverse-Proxy."""
|
Protocols by using a Reverse-Proxy."""
|
||||||
|
|
||||||
internal_host = models.TextField(
|
internal_host = models.TextField(
|
||||||
validators=[DomainlessURLValidator(schemes=("http", "https"))]
|
validators=[DomainlessURLValidator(schemes=("http", "https"))],
|
||||||
|
blank=True,
|
||||||
)
|
)
|
||||||
external_host = models.TextField(
|
external_host = models.TextField(
|
||||||
validators=[DomainlessURLValidator(schemes=("http", "https"))]
|
validators=[DomainlessURLValidator(schemes=("http", "https"))]
|
||||||
|
@ -52,6 +53,13 @@ class ProxyProvider(OutpostModel, OAuth2Provider):
|
||||||
help_text=_("Validate SSL Certificates of upstream servers"),
|
help_text=_("Validate SSL Certificates of upstream servers"),
|
||||||
verbose_name=_("Internal host SSL Validation"),
|
verbose_name=_("Internal host SSL Validation"),
|
||||||
)
|
)
|
||||||
|
forward_auth_mode = models.BooleanField(
|
||||||
|
default=False,
|
||||||
|
help_text=_(
|
||||||
|
"Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with "
|
||||||
|
"internal_host."
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|
||||||
skip_path_regex = models.TextField(
|
skip_path_regex = models.TextField(
|
||||||
default="",
|
default="",
|
||||||
|
|
|
@ -1,8 +1,11 @@
|
||||||
"""invitation stage logic"""
|
"""invitation stage logic"""
|
||||||
|
from typing import Optional
|
||||||
|
|
||||||
from django.http import HttpRequest, HttpResponse
|
from django.http import HttpRequest, HttpResponse
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
|
|
||||||
from authentik.flows.stage import StageView
|
from authentik.flows.stage import StageView
|
||||||
|
from authentik.flows.views import SESSION_KEY_GET
|
||||||
from authentik.stages.invitation.models import Invitation, InvitationStage
|
from authentik.stages.invitation.models import Invitation, InvitationStage
|
||||||
from authentik.stages.invitation.signals import invitation_used
|
from authentik.stages.invitation.signals import invitation_used
|
||||||
from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT
|
from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT
|
||||||
|
@ -14,16 +17,26 @@ INVITATION_IN_EFFECT = "invitation_in_effect"
|
||||||
class InvitationStageView(StageView):
|
class InvitationStageView(StageView):
|
||||||
"""Finalise Authentication flow by logging the user in"""
|
"""Finalise Authentication flow by logging the user in"""
|
||||||
|
|
||||||
|
def get_token(self) -> Optional[str]:
|
||||||
|
"""Get token from saved get-arguments or prompt_data"""
|
||||||
|
if INVITATION_TOKEN_KEY in self.request.session.get(SESSION_KEY_GET, {}):
|
||||||
|
return self.request.session[SESSION_KEY_GET][INVITATION_TOKEN_KEY]
|
||||||
|
if INVITATION_TOKEN_KEY in self.executor.plan.context.get(
|
||||||
|
PLAN_CONTEXT_PROMPT, {}
|
||||||
|
):
|
||||||
|
return self.executor.plan.context[PLAN_CONTEXT_PROMPT][INVITATION_TOKEN_KEY]
|
||||||
|
return None
|
||||||
|
|
||||||
def get(self, request: HttpRequest) -> HttpResponse:
|
def get(self, request: HttpRequest) -> HttpResponse:
|
||||||
"""Apply data to the current flow based on a URL"""
|
"""Apply data to the current flow based on a URL"""
|
||||||
stage: InvitationStage = self.executor.current_stage
|
stage: InvitationStage = self.executor.current_stage
|
||||||
if INVITATION_TOKEN_KEY not in request.GET:
|
token = self.get_token()
|
||||||
|
if not token:
|
||||||
# No Invitation was given, raise error or continue
|
# No Invitation was given, raise error or continue
|
||||||
if stage.continue_flow_without_invitation:
|
if stage.continue_flow_without_invitation:
|
||||||
return self.executor.stage_ok()
|
return self.executor.stage_ok()
|
||||||
return self.executor.stage_invalid()
|
return self.executor.stage_invalid()
|
||||||
|
|
||||||
token = request.GET[INVITATION_TOKEN_KEY]
|
|
||||||
invite: Invitation = get_object_or_404(Invitation, pk=token)
|
invite: Invitation = get_object_or_404(Invitation, pk=token)
|
||||||
self.executor.plan.context[PLAN_CONTEXT_PROMPT] = invite.fixed_data
|
self.executor.plan.context[PLAN_CONTEXT_PROMPT] = invite.fixed_data
|
||||||
self.executor.plan.context[INVITATION_IN_EFFECT] = True
|
self.executor.plan.context[INVITATION_IN_EFFECT] = True
|
||||||
|
|
|
@ -4,6 +4,7 @@ from unittest.mock import MagicMock, patch
|
||||||
from django.test import Client, TestCase
|
from django.test import Client, TestCase
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
from django.utils.encoding import force_str
|
from django.utils.encoding import force_str
|
||||||
|
from django.utils.http import urlencode
|
||||||
from guardian.shortcuts import get_anonymous_user
|
from guardian.shortcuts import get_anonymous_user
|
||||||
from rest_framework.test import APITestCase
|
from rest_framework.test import APITestCase
|
||||||
|
|
||||||
|
@ -94,15 +95,11 @@ class TestUserLoginStage(TestCase):
|
||||||
self.stage.continue_flow_without_invitation = False
|
self.stage.continue_flow_without_invitation = False
|
||||||
self.stage.save()
|
self.stage.save()
|
||||||
|
|
||||||
def test_with_invitation(self):
|
def test_with_invitation_get(self):
|
||||||
"""Test with invitation, check data in session"""
|
"""Test with invitation, check data in session"""
|
||||||
plan = FlowPlan(
|
plan = FlowPlan(
|
||||||
flow_pk=self.flow.pk.hex, stages=[self.stage], markers=[StageMarker()]
|
flow_pk=self.flow.pk.hex, stages=[self.stage], markers=[StageMarker()]
|
||||||
)
|
)
|
||||||
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
|
||||||
plan.context[
|
|
||||||
PLAN_CONTEXT_AUTHENTICATION_BACKEND
|
|
||||||
] = "django.contrib.auth.backends.ModelBackend"
|
|
||||||
session = self.client.session
|
session = self.client.session
|
||||||
session[SESSION_KEY_PLAN] = plan
|
session[SESSION_KEY_PLAN] = plan
|
||||||
session.save()
|
session.save()
|
||||||
|
@ -116,10 +113,40 @@ class TestUserLoginStage(TestCase):
|
||||||
base_url = reverse(
|
base_url = reverse(
|
||||||
"authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}
|
"authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}
|
||||||
)
|
)
|
||||||
response = self.client.get(
|
args = urlencode({INVITATION_TOKEN_KEY: invite.pk.hex})
|
||||||
base_url + f"?{INVITATION_TOKEN_KEY}={invite.pk.hex}"
|
response = self.client.get(base_url + f"?query={args}")
|
||||||
|
|
||||||
|
session = self.client.session
|
||||||
|
plan: FlowPlan = session[SESSION_KEY_PLAN]
|
||||||
|
self.assertEqual(plan.context[PLAN_CONTEXT_PROMPT], data)
|
||||||
|
|
||||||
|
self.assertEqual(response.status_code, 200)
|
||||||
|
self.assertJSONEqual(
|
||||||
|
force_str(response.content),
|
||||||
|
{"to": reverse("authentik_core:root-redirect"), "type": "redirect"},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_with_invitation_prompt_data(self):
|
||||||
|
"""Test with invitation, check data in session"""
|
||||||
|
data = {"foo": "bar"}
|
||||||
|
invite = Invitation.objects.create(
|
||||||
|
created_by=get_anonymous_user(), fixed_data=data
|
||||||
|
)
|
||||||
|
|
||||||
|
plan = FlowPlan(
|
||||||
|
flow_pk=self.flow.pk.hex, stages=[self.stage], markers=[StageMarker()]
|
||||||
|
)
|
||||||
|
plan.context[PLAN_CONTEXT_PROMPT] = {INVITATION_TOKEN_KEY: invite.pk.hex}
|
||||||
|
session = self.client.session
|
||||||
|
session[SESSION_KEY_PLAN] = plan
|
||||||
|
session.save()
|
||||||
|
|
||||||
|
with patch("authentik.flows.views.FlowExecutorView.cancel", MagicMock()):
|
||||||
|
base_url = reverse(
|
||||||
|
"authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}
|
||||||
|
)
|
||||||
|
response = self.client.get(base_url)
|
||||||
|
|
||||||
session = self.client.session
|
session = self.client.session
|
||||||
plan: FlowPlan = session[SESSION_KEY_PLAN]
|
plan: FlowPlan = session[SESSION_KEY_PLAN]
|
||||||
self.assertEqual(plan.context[PLAN_CONTEXT_PROMPT], data)
|
self.assertEqual(plan.context[PLAN_CONTEXT_PROMPT], data)
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
|-----------------------------------|-------------------------|-------------|
|
|-----------------------------------|-------------------------|-------------|
|
||||||
| image.name | beryju/authentik | Image used to run the authentik server and worker |
|
| image.name | beryju/authentik | Image used to run the authentik server and worker |
|
||||||
| image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
|
| image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
|
||||||
|
| image.name_outposts | beryju/authentik-%(type)s:%(version)s | Image used for managed outposts. Placeholders: %(type)s: Outpost type; proxy, ldap, etc. %(version)s: Current version; 2021.4.1 |
|
||||||
| image.tag | 2021.4.4 | Image tag |
|
| image.tag | 2021.4.4 | Image tag |
|
||||||
| image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments |
|
| image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments |
|
||||||
| serverReplicas | 1 | Replicas for the Server deployment |
|
| serverReplicas | 1 | Replicas for the Server deployment |
|
||||||
|
|
|
@ -4,7 +4,10 @@
|
||||||
image:
|
image:
|
||||||
name: beryju/authentik
|
name: beryju/authentik
|
||||||
name_static: beryju/authentik-static
|
name_static: beryju/authentik-static
|
||||||
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
|
# Image used for managed outposts. Placeholders:
|
||||||
|
# %(type)s: Outpost type; proxy, ldap, etc
|
||||||
|
# %(version)s: Current version; 2021.4.1
|
||||||
|
name_outposts: "beryju/authentik-%(type)s:%(version)s"
|
||||||
tag: 2021.4.4
|
tag: 2021.4.4
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
all: clean generate build
|
all: clean generate
|
||||||
|
|
||||||
generate:
|
generate:
|
||||||
go get -u github.com/go-swagger/go-swagger/cmd/swagger
|
go get -u github.com/go-swagger/go-swagger/cmd/swagger
|
||||||
|
@ -11,5 +11,3 @@ clean:
|
||||||
go mod tidy
|
go mod tidy
|
||||||
go clean .
|
go clean .
|
||||||
|
|
||||||
build:
|
|
||||||
go build -v .
|
|
||||||
|
|
|
@ -31,6 +31,10 @@ type providerBundle struct {
|
||||||
log *log.Entry
|
log *log.Entry
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func intToPointer(i int) *int {
|
||||||
|
return &i
|
||||||
|
}
|
||||||
|
|
||||||
func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *options.Options {
|
func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *options.Options {
|
||||||
externalHost, err := url.Parse(*provider.ExternalHost)
|
externalHost, err := url.Parse(*provider.ExternalHost)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -61,14 +65,25 @@ func (pb *providerBundle) prepareOpts(provider *models.ProxyOutpostConfig) *opti
|
||||||
providerOpts.SkipAuthRegex = skipRegexes
|
providerOpts.SkipAuthRegex = skipRegexes
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if provider.ForwardAuthMode {
|
||||||
|
providerOpts.UpstreamServers = []options.Upstream{
|
||||||
|
{
|
||||||
|
ID: "static",
|
||||||
|
Static: true,
|
||||||
|
StaticCode: intToPointer(202),
|
||||||
|
Path: "/",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
} else {
|
||||||
providerOpts.UpstreamServers = []options.Upstream{
|
providerOpts.UpstreamServers = []options.Upstream{
|
||||||
{
|
{
|
||||||
ID: "default",
|
ID: "default",
|
||||||
URI: *provider.InternalHost,
|
URI: provider.InternalHost,
|
||||||
Path: "/",
|
Path: "/",
|
||||||
InsecureSkipTLSVerify: provider.InternalHostSslValidation,
|
InsecureSkipTLSVerify: provider.InternalHostSslValidation,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if provider.Certificate != nil {
|
if provider.Certificate != nil {
|
||||||
pb.log.WithField("provider", provider.ClientID).Debug("Enabling TLS")
|
pb.log.WithField("provider", provider.ClientID).Debug("Enabling TLS")
|
||||||
|
|
|
@ -63,6 +63,7 @@ type OAuthProxy struct {
|
||||||
AuthOnlyPath string
|
AuthOnlyPath string
|
||||||
UserInfoPath string
|
UserInfoPath string
|
||||||
|
|
||||||
|
forwardAuthMode bool
|
||||||
redirectURL *url.URL // the url to receive requests at
|
redirectURL *url.URL // the url to receive requests at
|
||||||
whitelistDomains []string
|
whitelistDomains []string
|
||||||
provider providers.Provider
|
provider providers.Provider
|
||||||
|
@ -132,6 +133,7 @@ func NewOAuthProxy(opts *options.Options, provider *models.ProxyOutpostConfig) (
|
||||||
CookieRefresh: opts.Cookie.Refresh,
|
CookieRefresh: opts.Cookie.Refresh,
|
||||||
CookieSameSite: opts.Cookie.SameSite,
|
CookieSameSite: opts.Cookie.SameSite,
|
||||||
|
|
||||||
|
forwardAuthMode: provider.ForwardAuthMode,
|
||||||
RobotsPath: "/robots.txt",
|
RobotsPath: "/robots.txt",
|
||||||
SignInPath: fmt.Sprintf("%s/sign_in", opts.ProxyPrefix),
|
SignInPath: fmt.Sprintf("%s/sign_in", opts.ProxyPrefix),
|
||||||
SignOutPath: fmt.Sprintf("%s/sign_out", opts.ProxyPrefix),
|
SignOutPath: fmt.Sprintf("%s/sign_out", opts.ProxyPrefix),
|
||||||
|
@ -335,12 +337,29 @@ func (p *OAuthProxy) SignOut(rw http.ResponseWriter, req *http.Request) {
|
||||||
func (p *OAuthProxy) AuthenticateOnly(rw http.ResponseWriter, req *http.Request) {
|
func (p *OAuthProxy) AuthenticateOnly(rw http.ResponseWriter, req *http.Request) {
|
||||||
session, err := p.getAuthenticatedSession(rw, req)
|
session, err := p.getAuthenticatedSession(rw, req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
if p.forwardAuthMode {
|
||||||
|
if _, ok := req.URL.Query()["nginx"]; ok {
|
||||||
|
rw.WriteHeader(401)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if _, ok := req.URL.Query()["traefik"]; ok {
|
||||||
|
host := getHost(req)
|
||||||
|
http.Redirect(rw, req, fmt.Sprintf("//%s%s", host, p.OAuthStartPath), http.StatusTemporaryRedirect)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
http.Error(rw, "unauthorized request", http.StatusUnauthorized)
|
http.Error(rw, "unauthorized request", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// we are authenticated
|
// we are authenticated
|
||||||
p.addHeadersForProxying(rw, req, session)
|
p.addHeadersForProxying(rw, req, session)
|
||||||
|
if p.forwardAuthMode {
|
||||||
|
for headerKey, headers := range req.Header {
|
||||||
|
for _, value := range headers {
|
||||||
|
rw.Header().Set(headerKey, value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
rw.WriteHeader(http.StatusAccepted)
|
rw.WriteHeader(http.StatusAccepted)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -435,7 +454,6 @@ func (p *OAuthProxy) addHeadersForProxying(rw http.ResponseWriter, req *http.Req
|
||||||
authVal := b64.StdEncoding.EncodeToString([]byte(username + ":" + password))
|
authVal := b64.StdEncoding.EncodeToString([]byte(username + ":" + password))
|
||||||
req.Header["Authorization"] = []string{fmt.Sprintf("Basic %s", authVal)}
|
req.Header["Authorization"] = []string{fmt.Sprintf("Basic %s", authVal)}
|
||||||
}
|
}
|
||||||
rw.Header().Set("GAP-Auth", session.PreferredUsername)
|
|
||||||
// Check if user has additional headers set that we should sent
|
// Check if user has additional headers set that we should sent
|
||||||
if additionalHeaders, ok := userAttributes["additionalHeaders"].(map[string]string); ok {
|
if additionalHeaders, ok := userAttributes["additionalHeaders"].(map[string]string); ok {
|
||||||
if additionalHeaders == nil {
|
if additionalHeaders == nil {
|
||||||
|
|
20
swagger.yaml
20
swagger.yaml
|
@ -15873,6 +15873,12 @@ definitions:
|
||||||
title: Client Secret
|
title: Client Secret
|
||||||
type: string
|
type: string
|
||||||
maxLength: 255
|
maxLength: 255
|
||||||
|
access_code_validity:
|
||||||
|
title: Access code validity
|
||||||
|
description: 'Access codes not valid on or after current time + this value
|
||||||
|
(Format: hours=1;minutes=2;seconds=3).'
|
||||||
|
type: string
|
||||||
|
minLength: 1
|
||||||
token_validity:
|
token_validity:
|
||||||
title: Token validity
|
title: Token validity
|
||||||
description: 'Tokens not valid on or after current time + this value (Format:
|
description: 'Tokens not valid on or after current time + this value (Format:
|
||||||
|
@ -16125,7 +16131,6 @@ definitions:
|
||||||
ProxyOutpostConfig:
|
ProxyOutpostConfig:
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
- internal_host
|
|
||||||
- external_host
|
- external_host
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
@ -16140,7 +16145,6 @@ definitions:
|
||||||
internal_host:
|
internal_host:
|
||||||
title: Internal host
|
title: Internal host
|
||||||
type: string
|
type: string
|
||||||
minLength: 1
|
|
||||||
external_host:
|
external_host:
|
||||||
title: External host
|
title: External host
|
||||||
type: string
|
type: string
|
||||||
|
@ -16189,6 +16193,11 @@ definitions:
|
||||||
description: User/Group Attribute used for the user part of the HTTP-Basic
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
||||||
Header. If not set, the user's Email address is used.
|
Header. If not set, the user's Email address is used.
|
||||||
type: string
|
type: string
|
||||||
|
forward_auth_mode:
|
||||||
|
title: Forward auth mode
|
||||||
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
||||||
|
Exclusive with internal_host.
|
||||||
|
type: boolean
|
||||||
ServiceConnection:
|
ServiceConnection:
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
@ -17156,7 +17165,6 @@ definitions:
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
- authorization_flow
|
- authorization_flow
|
||||||
- internal_host
|
|
||||||
- external_host
|
- external_host
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
@ -17202,7 +17210,6 @@ definitions:
|
||||||
internal_host:
|
internal_host:
|
||||||
title: Internal host
|
title: Internal host
|
||||||
type: string
|
type: string
|
||||||
minLength: 1
|
|
||||||
external_host:
|
external_host:
|
||||||
title: External host
|
title: External host
|
||||||
type: string
|
type: string
|
||||||
|
@ -17236,6 +17243,11 @@ definitions:
|
||||||
description: User/Group Attribute used for the user part of the HTTP-Basic
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
||||||
Header. If not set, the user's Email address is used.
|
Header. If not set, the user's Email address is used.
|
||||||
type: string
|
type: string
|
||||||
|
forward_auth_mode:
|
||||||
|
title: Forward auth mode
|
||||||
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
||||||
|
Exclusive with internal_host.
|
||||||
|
type: boolean
|
||||||
SAMLProvider:
|
SAMLProvider:
|
||||||
required:
|
required:
|
||||||
- name
|
- name
|
||||||
|
|
114
web/package-lock.json
generated
114
web/package-lock.json
generated
|
@ -1866,13 +1866,13 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"@sentry/browser": {
|
"@sentry/browser": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-6.3.3.tgz",
|
||||||
"integrity": "sha512-Ri4tYsyuJIeLQnvQUqbpGzailUYpbjFSYM0+yEM63gPsjiXdg+W8yKHluA6cs6FLWVN3oWfwHW7Kd61echlGuw==",
|
"integrity": "sha512-M3l4xdpU4fTNERnuXZ46ceMa+bAMdUOaSYbmflYt5GSkBuYS/eC8nAaCj//4CMT4JMwT3oUKYI5k6wDIKgyKMQ==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"@sentry/core": "6.3.1",
|
"@sentry/core": "6.3.3",
|
||||||
"@sentry/types": "6.3.1",
|
"@sentry/types": "6.3.3",
|
||||||
"@sentry/utils": "6.3.1",
|
"@sentry/utils": "6.3.3",
|
||||||
"tslib": "^1.9.3"
|
"tslib": "^1.9.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
@ -1884,14 +1884,14 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"@sentry/core": {
|
"@sentry/core": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-6.3.3.tgz",
|
||||||
"integrity": "sha512-aVuvVbaehGeN86jZlLDGGkhEtprdOtB6lvYLfGy40Dj1Tkh2mGWE550QsRXAXAqYvQzIYwQR23r6m3o8FujgVg==",
|
"integrity": "sha512-wbmXmhWHpbFLmXf9DBUOp9H5Ao+T8Ztn5KXoxDwBnsYXtgVIzQfdpRbtcNtvJJ/UPZ3H3rRHQ8zQTb5Ni99xYQ==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"@sentry/hub": "6.3.1",
|
"@sentry/hub": "6.3.3",
|
||||||
"@sentry/minimal": "6.3.1",
|
"@sentry/minimal": "6.3.3",
|
||||||
"@sentry/types": "6.3.1",
|
"@sentry/types": "6.3.3",
|
||||||
"@sentry/utils": "6.3.1",
|
"@sentry/utils": "6.3.3",
|
||||||
"tslib": "^1.9.3"
|
"tslib": "^1.9.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
@ -1903,12 +1903,12 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"@sentry/hub": {
|
"@sentry/hub": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/hub/-/hub-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/hub/-/hub-6.3.3.tgz",
|
||||||
"integrity": "sha512-2er+OeVlsdVZkhl9kXQAANwgjwoCdM1etK2iFuhzX8xkMaJlAuZLyQInv2U1BbXBlIfWjvzRM8B95hCWvVrR3Q==",
|
"integrity": "sha512-vrJHrDKTCAL63dkNNll18Q1c7YjuIYYv5jY56RNUQpm+7sX4v+iw9giOI+iLbPKaGpEyraa17FeF/xO0SqIp9Q==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"@sentry/types": "6.3.1",
|
"@sentry/types": "6.3.3",
|
||||||
"@sentry/utils": "6.3.1",
|
"@sentry/utils": "6.3.3",
|
||||||
"tslib": "^1.9.3"
|
"tslib": "^1.9.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
@ -1920,12 +1920,12 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"@sentry/minimal": {
|
"@sentry/minimal": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/minimal/-/minimal-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/minimal/-/minimal-6.3.3.tgz",
|
||||||
"integrity": "sha512-0eN9S7HvXsCQEjX/qXHTMgvSb3mwrnZEWS9Qz/Bz5ig9pEGXKgJ1om5NTTHVHhXqd3wFCjdvIo6slufLHoCtSw==",
|
"integrity": "sha512-MKspEQ5hhTMrbeiNvkRGgm/NX2gM/Mni0vDJjuqQFi2Cd3RwA4ZVO6yRr6XzFPtTGgDsrXg75lQ8rma96Qs8/g==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"@sentry/hub": "6.3.1",
|
"@sentry/hub": "6.3.3",
|
||||||
"@sentry/types": "6.3.1",
|
"@sentry/types": "6.3.3",
|
||||||
"tslib": "^1.9.3"
|
"tslib": "^1.9.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
@ -1937,51 +1937,17 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"@sentry/tracing": {
|
"@sentry/tracing": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-6.3.3.tgz",
|
||||||
"integrity": "sha512-qveDmoWsXy9qLEblZJwJ1OU/zZRlEd/q7Jhd0Hnwlob8Ci96huABEbYyGdJs18BKVHEFU3gSdVfvrikUE/W17g==",
|
"integrity": "sha512-xtiUfgxDnxgcmwVeZiwOwlwSfT0zCCQWVRRUz6YOnuageEkJpJAXqGgpTTkB5tDrmt7E7Ikq5XF4qzQGMGQLWw==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"@sentry/hub": "6.3.1",
|
"@sentry/hub": "6.3.3",
|
||||||
"@sentry/minimal": "6.3.1",
|
"@sentry/minimal": "6.3.3",
|
||||||
"@sentry/types": "6.3.1",
|
"@sentry/types": "6.3.3",
|
||||||
"@sentry/utils": "6.3.1",
|
"@sentry/utils": "6.3.3",
|
||||||
"tslib": "^1.9.3"
|
"tslib": "^1.9.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@sentry/hub": {
|
|
||||||
"version": "6.3.1",
|
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/hub/-/hub-6.3.1.tgz",
|
|
||||||
"integrity": "sha512-2er+OeVlsdVZkhl9kXQAANwgjwoCdM1etK2iFuhzX8xkMaJlAuZLyQInv2U1BbXBlIfWjvzRM8B95hCWvVrR3Q==",
|
|
||||||
"requires": {
|
|
||||||
"@sentry/types": "6.3.1",
|
|
||||||
"@sentry/utils": "6.3.1",
|
|
||||||
"tslib": "^1.9.3"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"@sentry/minimal": {
|
|
||||||
"version": "6.3.1",
|
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/minimal/-/minimal-6.3.1.tgz",
|
|
||||||
"integrity": "sha512-0eN9S7HvXsCQEjX/qXHTMgvSb3mwrnZEWS9Qz/Bz5ig9pEGXKgJ1om5NTTHVHhXqd3wFCjdvIo6slufLHoCtSw==",
|
|
||||||
"requires": {
|
|
||||||
"@sentry/hub": "6.3.1",
|
|
||||||
"@sentry/types": "6.3.1",
|
|
||||||
"tslib": "^1.9.3"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"@sentry/types": {
|
|
||||||
"version": "6.3.1",
|
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-6.3.1.tgz",
|
|
||||||
"integrity": "sha512-BEBn8JX1yaooCAuonbaMci9z0RjwwMbQ3Eny/eyDdd+rjXprZCZaStZnCvSThbNBqAJ8YaUqY2YBMnEwJxarAw=="
|
|
||||||
},
|
|
||||||
"@sentry/utils": {
|
|
||||||
"version": "6.3.1",
|
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-6.3.1.tgz",
|
|
||||||
"integrity": "sha512-cdtl/QWC9FtinAuW3w8QfvSfh/Q9ui5vwvjzVHiS1ga/U38edi2XX+cttY39ZYwz0SQG99cE10GOIhd1p7/mAA==",
|
|
||||||
"requires": {
|
|
||||||
"@sentry/types": "6.3.1",
|
|
||||||
"tslib": "^1.9.3"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"tslib": {
|
"tslib": {
|
||||||
"version": "1.14.1",
|
"version": "1.14.1",
|
||||||
"resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz",
|
"resolved": "https://registry.npmjs.org/tslib/-/tslib-1.14.1.tgz",
|
||||||
|
@ -1990,16 +1956,16 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"@sentry/types": {
|
"@sentry/types": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-6.3.3.tgz",
|
||||||
"integrity": "sha512-BEBn8JX1yaooCAuonbaMci9z0RjwwMbQ3Eny/eyDdd+rjXprZCZaStZnCvSThbNBqAJ8YaUqY2YBMnEwJxarAw=="
|
"integrity": "sha512-UPHzhwqdjta7LCFfqNvJ5g79lRiXOxtgnIp7zlBkHU6yZs4fPnlBadljyi2gGFguN+C+XAukrbXUAq2mb+Mhdw=="
|
||||||
},
|
},
|
||||||
"@sentry/utils": {
|
"@sentry/utils": {
|
||||||
"version": "6.3.1",
|
"version": "6.3.3",
|
||||||
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-6.3.1.tgz",
|
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-6.3.3.tgz",
|
||||||
"integrity": "sha512-cdtl/QWC9FtinAuW3w8QfvSfh/Q9ui5vwvjzVHiS1ga/U38edi2XX+cttY39ZYwz0SQG99cE10GOIhd1p7/mAA==",
|
"integrity": "sha512-Kz546LeF6Ff/FU53XUVaairMQYFc6sIHBvE5ReZmfDRpaR+qZnfIbWhfoIbSwyBbtF+T8/gcU7mcZpZQmM5jLw==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"@sentry/types": "6.3.1",
|
"@sentry/types": "6.3.3",
|
||||||
"tslib": "^1.9.3"
|
"tslib": "^1.9.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
@ -4482,9 +4448,9 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"lit-html": {
|
"lit-html": {
|
||||||
"version": "1.3.0",
|
"version": "1.4.0",
|
||||||
"resolved": "https://registry.npmjs.org/lit-html/-/lit-html-1.3.0.tgz",
|
"resolved": "https://registry.npmjs.org/lit-html/-/lit-html-1.4.0.tgz",
|
||||||
"integrity": "sha512-0Q1bwmaFH9O14vycPHw8C/IeHMk/uSDldVLIefu/kfbTBGIc44KGH6A8p1bDfxUfHdc8q6Ct7kQklWoHgr4t1Q=="
|
"integrity": "sha512-cgaqPSgqHRaTH/P1DnWD/dQxudtrHqD0xo1AoyOGJZir2rXgsvTg77z6Pitwk9B+kL23EakD62HV3x8sT01aWQ=="
|
||||||
},
|
},
|
||||||
"locate-path": {
|
"locate-path": {
|
||||||
"version": "5.0.0",
|
"version": "5.0.0",
|
||||||
|
|
|
@ -50,8 +50,8 @@
|
||||||
"@rollup/plugin-babel": "^5.3.0",
|
"@rollup/plugin-babel": "^5.3.0",
|
||||||
"@rollup/plugin-replace": "^2.4.2",
|
"@rollup/plugin-replace": "^2.4.2",
|
||||||
"@rollup/plugin-typescript": "^8.2.1",
|
"@rollup/plugin-typescript": "^8.2.1",
|
||||||
"@sentry/browser": "^6.3.1",
|
"@sentry/browser": "^6.3.3",
|
||||||
"@sentry/tracing": "^6.3.1",
|
"@sentry/tracing": "^6.3.3",
|
||||||
"@types/chart.js": "^2.9.32",
|
"@types/chart.js": "^2.9.32",
|
||||||
"@types/codemirror": "0.0.109",
|
"@types/codemirror": "0.0.109",
|
||||||
"@types/grecaptcha": "^3.0.1",
|
"@types/grecaptcha": "^3.0.1",
|
||||||
|
@ -70,7 +70,7 @@
|
||||||
"eslint-plugin-lit": "^1.3.0",
|
"eslint-plugin-lit": "^1.3.0",
|
||||||
"flowchart.js": "^1.15.0",
|
"flowchart.js": "^1.15.0",
|
||||||
"lit-element": "^2.4.0",
|
"lit-element": "^2.4.0",
|
||||||
"lit-html": "^1.3.0",
|
"lit-html": "^1.4.0",
|
||||||
"moment": "^2.29.1",
|
"moment": "^2.29.1",
|
||||||
"rapidoc": "^9.0.0",
|
"rapidoc": "^9.0.0",
|
||||||
"rollup": "^2.45.2",
|
"rollup": "^2.45.2",
|
||||||
|
|
|
@ -97,9 +97,12 @@ html > form > input {
|
||||||
body {
|
body {
|
||||||
background-color: var(--ak-dark-background) !important;
|
background-color: var(--ak-dark-background) !important;
|
||||||
}
|
}
|
||||||
.ak-initial-load h1 {
|
.ak-static-page h1 {
|
||||||
color: var(--ak-dark-foreground);
|
color: var(--ak-dark-foreground);
|
||||||
}
|
}
|
||||||
|
.form-help-text {
|
||||||
|
color: var(--pf-global--Color--100);
|
||||||
|
}
|
||||||
|
|
||||||
@media (prefers-color-scheme: dark) {
|
@media (prefers-color-scheme: dark) {
|
||||||
:root {
|
:root {
|
||||||
|
@ -239,6 +242,9 @@ body {
|
||||||
.pf-c-check__label {
|
.pf-c-check__label {
|
||||||
color: var(--ak-dark-foreground);
|
color: var(--ak-dark-foreground);
|
||||||
}
|
}
|
||||||
|
.form-help-text {
|
||||||
|
color: var(--ak-dark-foreground);
|
||||||
|
}
|
||||||
/* inputs help text */
|
/* inputs help text */
|
||||||
.pf-c-form__helper-text:not(.pf-m-error) {
|
.pf-c-form__helper-text:not(.pf-m-error) {
|
||||||
color: var(--ak-dark-foreground);
|
color: var(--ak-dark-foreground);
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
<body>
|
<body>
|
||||||
<ak-message-container></ak-message-container>
|
<ak-message-container></ak-message-container>
|
||||||
<ak-interface-admin>
|
<ak-interface-admin>
|
||||||
<section class="ak-initial-load pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
||||||
<div class="pf-c-empty-state" style="height: 100vh;">
|
<div class="pf-c-empty-state" style="height: 100vh;">
|
||||||
<div class="pf-c-empty-state__content">
|
<div class="pf-c-empty-state__content">
|
||||||
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="Loading...">
|
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="Loading...">
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
<body>
|
<body>
|
||||||
<ak-message-container></ak-message-container>
|
<ak-message-container></ak-message-container>
|
||||||
<ak-flow-executor>
|
<ak-flow-executor>
|
||||||
<section class="ak-initial-load pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
|
||||||
<div class="pf-c-empty-state" style="height: 100vh;">
|
<div class="pf-c-empty-state" style="height: 100vh;">
|
||||||
<div class="pf-c-empty-state__content">
|
<div class="pf-c-empty-state__content">
|
||||||
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="Loading...">
|
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="Loading...">
|
||||||
|
|
|
@ -13,6 +13,13 @@ msgstr ""
|
||||||
"Language-Team: \n"
|
"Language-Team: \n"
|
||||||
"Plural-Forms: \n"
|
"Plural-Forms: \n"
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:141
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:149
|
||||||
|
#: src/pages/providers/saml/SAMLProviderForm.ts:202
|
||||||
|
#: src/pages/stages/user_login/UserLoginStageForm.ts:71
|
||||||
|
msgid "(Format: hours=-1;minutes=-2;seconds=-3)."
|
||||||
|
msgstr "(Format: hours=-1;minutes=-2;seconds=-3)."
|
||||||
|
|
||||||
#: src/pages/policies/BoundPoliciesList.ts:59
|
#: src/pages/policies/BoundPoliciesList.ts:59
|
||||||
msgid "-"
|
msgid "-"
|
||||||
msgstr "-"
|
msgstr "-"
|
||||||
|
@ -68,6 +75,10 @@ msgstr "API request failed"
|
||||||
msgid "Access Key"
|
msgid "Access Key"
|
||||||
msgstr "Access Key"
|
msgstr "Access Key"
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:136
|
||||||
|
msgid "Access code validity"
|
||||||
|
msgstr "Access code validity"
|
||||||
|
|
||||||
#: src/pages/sources/oauth/OAuthSourceForm.ts:73
|
#: src/pages/sources/oauth/OAuthSourceForm.ts:73
|
||||||
msgid "Access token URL"
|
msgid "Access token URL"
|
||||||
msgstr "Access token URL"
|
msgstr "Access token URL"
|
||||||
|
@ -106,7 +117,7 @@ msgid "Additional user DN, prepended to the Base DN."
|
||||||
msgstr "Additional user DN, prepended to the Base DN."
|
msgstr "Additional user DN, prepended to the Base DN."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:132
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:132
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:130
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:153
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:117
|
#: src/pages/providers/saml/SAMLProviderForm.ts:117
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:134
|
#: src/pages/sources/saml/SAMLSourceForm.ts:134
|
||||||
msgid "Advanced protocol settings"
|
msgid "Advanced protocol settings"
|
||||||
|
@ -125,7 +136,7 @@ msgstr "Affected model:"
|
||||||
msgid "Alert"
|
msgid "Alert"
|
||||||
msgstr "Alert"
|
msgstr "Alert"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:153
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:163
|
||||||
msgid "Algorithm used to sign the JWT Tokens."
|
msgid "Algorithm used to sign the JWT Tokens."
|
||||||
msgstr "Algorithm used to sign the JWT Tokens."
|
msgstr "Algorithm used to sign the JWT Tokens."
|
||||||
|
|
||||||
|
@ -220,7 +231,7 @@ msgstr "Are you sure you want to delete {0} {objName} ?"
|
||||||
msgid "Are you sure you want to update {0} \"{1}\"?"
|
msgid "Are you sure you want to update {0} \"{1}\"?"
|
||||||
msgstr "Are you sure you want to update {0} \"{1}\"?"
|
msgstr "Are you sure you want to update {0} \"{1}\"?"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:208
|
#: src/pages/providers/saml/SAMLProviderForm.ts:209
|
||||||
msgid "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
msgid "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
||||||
msgstr "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
msgstr "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
||||||
|
|
||||||
|
@ -228,11 +239,7 @@ msgstr "Assertion not valid on or after current time + this value (Format: hours
|
||||||
msgid "Assertion valid not before"
|
msgid "Assertion valid not before"
|
||||||
msgstr "Assertion valid not before"
|
msgstr "Assertion valid not before"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:201
|
#: src/pages/providers/saml/SAMLProviderForm.ts:205
|
||||||
msgid "Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3)."
|
|
||||||
msgstr "Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3)."
|
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:204
|
|
||||||
msgid "Assertion valid not on or after"
|
msgid "Assertion valid not on or after"
|
||||||
msgstr "Assertion valid not on or after"
|
msgstr "Assertion valid not on or after"
|
||||||
|
|
||||||
|
@ -298,7 +305,7 @@ msgid "Authorization URL"
|
||||||
msgstr "Authorization URL"
|
msgstr "Authorization URL"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:62
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:62
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:80
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:104
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:59
|
#: src/pages/providers/saml/SAMLProviderForm.ts:59
|
||||||
#: src/pages/providers/saml/SAMLProviderImportForm.ts:44
|
#: src/pages/providers/saml/SAMLProviderImportForm.ts:44
|
||||||
msgid "Authorization flow"
|
msgid "Authorization flow"
|
||||||
|
@ -342,19 +349,19 @@ msgstr "Backup status"
|
||||||
msgid "Base DN"
|
msgid "Base DN"
|
||||||
msgstr "Base DN"
|
msgstr "Base DN"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:203
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:213
|
||||||
msgid "Based on the Hashed User ID"
|
msgid "Based on the Hashed User ID"
|
||||||
msgstr "Based on the Hashed User ID"
|
msgstr "Based on the Hashed User ID"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:209
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:219
|
||||||
msgid "Based on the User's Email. This is recommended over the UPN method."
|
msgid "Based on the User's Email. This is recommended over the UPN method."
|
||||||
msgstr "Based on the User's Email. This is recommended over the UPN method."
|
msgstr "Based on the User's Email. This is recommended over the UPN method."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:212
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:222
|
||||||
msgid "Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains."
|
msgid "Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains."
|
||||||
msgstr "Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains."
|
msgstr "Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:206
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:216
|
||||||
msgid "Based on the username"
|
msgid "Based on the username"
|
||||||
msgstr "Based on the username"
|
msgstr "Based on the username"
|
||||||
|
|
||||||
|
@ -393,7 +400,7 @@ msgstr "Build hash: {0}"
|
||||||
msgid "Built-in"
|
msgid "Built-in"
|
||||||
msgstr "Built-in"
|
msgstr "Built-in"
|
||||||
|
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:89
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:88
|
||||||
msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation."
|
msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation."
|
||||||
msgstr "CA which the endpoint's Certificate is verified against. Can be left empty for no validation."
|
msgstr "CA which the endpoint's Certificate is verified against. Can be left empty for no validation."
|
||||||
|
|
||||||
|
@ -426,7 +433,7 @@ msgid "Case insensitive matching"
|
||||||
msgstr "Case insensitive matching"
|
msgstr "Case insensitive matching"
|
||||||
|
|
||||||
#: src/pages/crypto/CertificateKeyPairForm.ts:51
|
#: src/pages/crypto/CertificateKeyPairForm.ts:51
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:134
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:157
|
||||||
msgid "Certificate"
|
msgid "Certificate"
|
||||||
msgstr "Certificate"
|
msgstr "Certificate"
|
||||||
|
|
||||||
|
@ -450,7 +457,7 @@ msgstr "Certificate-Key Pair"
|
||||||
msgid "Certificate-Key Pairs"
|
msgid "Certificate-Key Pairs"
|
||||||
msgstr "Certificate-Key Pairs"
|
msgstr "Certificate-Key Pairs"
|
||||||
|
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:106
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:104
|
||||||
msgid "Certificate/Key used for authentication. Can be left empty for no authentication."
|
msgid "Certificate/Key used for authentication. Can be left empty for no authentication."
|
||||||
msgstr "Certificate/Key used for authentication. Can be left empty for no authentication."
|
msgstr "Certificate/Key used for authentication. Can be left empty for no authentication."
|
||||||
|
|
||||||
|
@ -592,11 +599,19 @@ msgstr "Configuration flow"
|
||||||
msgid "Configure WebAuthn"
|
msgid "Configure WebAuthn"
|
||||||
msgstr "Configure WebAuthn"
|
msgstr "Configure WebAuthn"
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:140
|
||||||
|
msgid "Configure how long access codes are valid for."
|
||||||
|
msgstr "Configure how long access codes are valid for."
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:148
|
||||||
|
msgid "Configure how long refresh tokens and their id_tokens are valid for."
|
||||||
|
msgstr "Configure how long refresh tokens and their id_tokens are valid for."
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:193
|
#: src/pages/providers/saml/SAMLProviderForm.ts:193
|
||||||
msgid "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected."
|
msgid "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected."
|
||||||
msgstr "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected."
|
msgstr "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:241
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:251
|
||||||
msgid "Configure how the issuer field of the ID Token should be filled."
|
msgid "Configure how the issuer field of the ID Token should be filled."
|
||||||
msgstr "Configure how the issuer field of the ID Token should be filled."
|
msgstr "Configure how the issuer field of the ID Token should be filled."
|
||||||
|
|
||||||
|
@ -604,7 +619,11 @@ msgstr "Configure how the issuer field of the ID Token should be filled."
|
||||||
msgid "Configure settings relevant to your user profile."
|
msgid "Configure settings relevant to your user profile."
|
||||||
msgstr "Configure settings relevant to your user profile."
|
msgstr "Configure settings relevant to your user profile."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:216
|
#: src/pages/providers/saml/SAMLProviderForm.ts:201
|
||||||
|
msgid "Configure the maximum allowed time drift for an asseration."
|
||||||
|
msgstr "Configure the maximum allowed time drift for an asseration."
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:226
|
||||||
msgid "Configure what data should be used as unique User Identifier. For most cases, the default should be fine."
|
msgid "Configure what data should be used as unique User Identifier. For most cases, the default should be fine."
|
||||||
msgstr "Configure what data should be used as unique User Identifier. For most cases, the default should be fine."
|
msgstr "Configure what data should be used as unique User Identifier. For most cases, the default should be fine."
|
||||||
|
|
||||||
|
@ -846,7 +865,7 @@ msgstr "Creation Date"
|
||||||
msgid "Customisation"
|
msgid "Customisation"
|
||||||
msgstr "Customisation"
|
msgstr "Customisation"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:255
|
#: src/pages/providers/saml/SAMLProviderForm.ts:256
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:212
|
#: src/pages/sources/saml/SAMLSourceForm.ts:212
|
||||||
msgid "DSA-SHA1"
|
msgid "DSA-SHA1"
|
||||||
msgstr "DSA-SHA1"
|
msgstr "DSA-SHA1"
|
||||||
|
@ -956,8 +975,8 @@ msgid "Determines how authentik sends the response back to the Service Provider.
|
||||||
msgstr "Determines how authentik sends the response back to the Service Provider."
|
msgstr "Determines how authentik sends the response back to the Service Provider."
|
||||||
|
|
||||||
#: src/pages/stages/user_login/UserLoginStageForm.ts:70
|
#: src/pages/stages/user_login/UserLoginStageForm.ts:70
|
||||||
msgid "Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)."
|
msgid "Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed."
|
||||||
msgstr "Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)."
|
msgstr "Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed."
|
||||||
|
|
||||||
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:113
|
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:113
|
||||||
msgid "Device classes which can be used to authenticate."
|
msgid "Device classes which can be used to authenticate."
|
||||||
|
@ -967,7 +986,7 @@ msgstr "Device classes which can be used to authenticate."
|
||||||
msgid "Device name"
|
msgid "Device name"
|
||||||
msgstr "Device name"
|
msgstr "Device name"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:219
|
#: src/pages/providers/saml/SAMLProviderForm.ts:220
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:176
|
#: src/pages/sources/saml/SAMLSourceForm.ts:176
|
||||||
msgid "Digest algorithm"
|
msgid "Digest algorithm"
|
||||||
msgstr "Digest algorithm"
|
msgstr "Digest algorithm"
|
||||||
|
@ -1010,7 +1029,7 @@ msgstr "Download"
|
||||||
msgid "Dummy stage used for testing. Shows a simple continue button and always passes."
|
msgid "Dummy stage used for testing. Shows a simple continue button and always passes."
|
||||||
msgstr "Dummy stage used for testing. Shows a simple continue button and always passes."
|
msgstr "Dummy stage used for testing. Shows a simple continue button and always passes."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:234
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:244
|
||||||
msgid "Each provider has a different issuer, based on the application slug."
|
msgid "Each provider has a different issuer, based on the application slug."
|
||||||
msgstr "Each provider has a different issuer, based on the application slug."
|
msgstr "Each provider has a different issuer, based on the application slug."
|
||||||
|
|
||||||
|
@ -1104,6 +1123,14 @@ msgstr "Enable Static Tokens"
|
||||||
msgid "Enable TOTP"
|
msgid "Enable TOTP"
|
||||||
msgstr "Enable TOTP"
|
msgstr "Enable TOTP"
|
||||||
|
|
||||||
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:140
|
||||||
|
msgid "Enable forward-auth mode"
|
||||||
|
msgstr "Enable forward-auth mode"
|
||||||
|
|
||||||
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:144
|
||||||
|
msgid "Enable this if you don't want to use this provider as a proxy, and want to use it with Traefik's forwardAuth or nginx's auth_request."
|
||||||
|
msgstr "Enable this if you don't want to use this provider as a proxy, and want to use it with Traefik's forwardAuth or nginx's auth_request."
|
||||||
|
|
||||||
#: src/pages/policies/BoundPoliciesList.ts:41
|
#: src/pages/policies/BoundPoliciesList.ts:41
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:199
|
#: src/pages/policies/PolicyBindingForm.ts:199
|
||||||
#: src/pages/sources/ldap/LDAPSourceForm.ts:69
|
#: src/pages/sources/ldap/LDAPSourceForm.ts:69
|
||||||
|
@ -1262,7 +1289,7 @@ msgstr "External Applications which use authentik as Identity-Provider, utilizin
|
||||||
msgid "External Host"
|
msgid "External Host"
|
||||||
msgstr "External Host"
|
msgstr "External Host"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:119
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:127
|
||||||
msgid "External host"
|
msgid "External host"
|
||||||
msgstr "External host"
|
msgstr "External host"
|
||||||
|
|
||||||
|
@ -1357,7 +1384,7 @@ msgid "Flow used by an authenticated user to configure this Stage. If empty, use
|
||||||
msgstr "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage."
|
msgstr "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:76
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:76
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:94
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:118
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:73
|
#: src/pages/providers/saml/SAMLProviderForm.ts:73
|
||||||
#: src/pages/providers/saml/SAMLProviderImportForm.ts:57
|
#: src/pages/providers/saml/SAMLProviderImportForm.ts:57
|
||||||
msgid "Flow used when authorizing this provider."
|
msgid "Flow used when authorizing this provider."
|
||||||
|
@ -1451,15 +1478,15 @@ msgstr "Group {0}"
|
||||||
msgid "Groups"
|
msgid "Groups"
|
||||||
msgstr "Groups"
|
msgstr "Groups"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:150
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:160
|
||||||
msgid "HS256 (Symmetric Encryption)"
|
msgid "HS256 (Symmetric Encryption)"
|
||||||
msgstr "HS256 (Symmetric Encryption)"
|
msgstr "HS256 (Symmetric Encryption)"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:64
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:66
|
||||||
msgid "HTTP-Basic Password Key"
|
msgid "HTTP-Basic Password Key"
|
||||||
msgstr "HTTP-Basic Password Key"
|
msgstr "HTTP-Basic Password Key"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:58
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:60
|
||||||
msgid "HTTP-Basic Username Key"
|
msgid "HTTP-Basic Username Key"
|
||||||
msgstr "HTTP-Basic Username Key"
|
msgstr "HTTP-Basic Username Key"
|
||||||
|
|
||||||
|
@ -1478,7 +1505,7 @@ msgstr "Hide managed mappings"
|
||||||
#: src/pages/events/RuleForm.ts:93
|
#: src/pages/events/RuleForm.ts:93
|
||||||
#: src/pages/groups/GroupForm.ts:131
|
#: src/pages/groups/GroupForm.ts:131
|
||||||
#: src/pages/outposts/OutpostForm.ts:98
|
#: src/pages/outposts/OutpostForm.ts:98
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:178
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:188
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:177
|
#: src/pages/providers/saml/SAMLProviderForm.ts:177
|
||||||
#: src/pages/sources/ldap/LDAPSourceForm.ts:167
|
#: src/pages/sources/ldap/LDAPSourceForm.ts:167
|
||||||
#: src/pages/sources/ldap/LDAPSourceForm.ts:193
|
#: src/pages/sources/ldap/LDAPSourceForm.ts:193
|
||||||
|
@ -1552,11 +1579,11 @@ msgstr "Import certificates of external providers or create certificates to sign
|
||||||
msgid "In case you can't access any other method."
|
msgid "In case you can't access any other method."
|
||||||
msgstr "In case you can't access any other method."
|
msgstr "In case you can't access any other method."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:226
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:236
|
||||||
msgid "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint."
|
msgid "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint."
|
||||||
msgstr "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint."
|
msgstr "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:223
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:233
|
||||||
msgid "Include claims in id_token"
|
msgid "Include claims in id_token"
|
||||||
msgstr "Include claims in id_token"
|
msgstr "Include claims in id_token"
|
||||||
|
|
||||||
|
@ -1568,11 +1595,11 @@ msgstr "Internal Host"
|
||||||
msgid "Internal application name, used in URLs."
|
msgid "Internal application name, used in URLs."
|
||||||
msgstr "Internal application name, used in URLs."
|
msgstr "Internal application name, used in URLs."
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:103
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:78
|
||||||
msgid "Internal host"
|
msgid "Internal host"
|
||||||
msgstr "Internal host"
|
msgstr "Internal host"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:113
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:88
|
||||||
msgid "Internal host SSL Validation"
|
msgid "Internal host SSL Validation"
|
||||||
msgstr "Internal host SSL Validation"
|
msgstr "Internal host SSL Validation"
|
||||||
|
|
||||||
|
@ -1600,15 +1627,15 @@ msgstr "Is superuser"
|
||||||
msgid "Issuer"
|
msgid "Issuer"
|
||||||
msgstr "Issuer"
|
msgstr "Issuer"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:229
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:239
|
||||||
msgid "Issuer mode"
|
msgid "Issuer mode"
|
||||||
msgstr "Issuer mode"
|
msgstr "Issuer mode"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:142
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:152
|
||||||
msgid "JWT Algorithm"
|
msgid "JWT Algorithm"
|
||||||
msgstr "JWT Algorithm"
|
msgstr "JWT Algorithm"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:195
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:205
|
||||||
msgid "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
|
msgid "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
|
||||||
msgstr "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
|
msgstr "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
|
||||||
|
|
||||||
|
@ -1697,8 +1724,8 @@ msgstr "Loading"
|
||||||
#: src/pages/groups/GroupForm.ts:127
|
#: src/pages/groups/GroupForm.ts:127
|
||||||
#: src/pages/outposts/OutpostForm.ts:74
|
#: src/pages/outposts/OutpostForm.ts:74
|
||||||
#: src/pages/outposts/OutpostForm.ts:96
|
#: src/pages/outposts/OutpostForm.ts:96
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:87
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:86
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:104
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:102
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:157
|
#: src/pages/policies/PolicyBindingForm.ts:157
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:173
|
#: src/pages/policies/PolicyBindingForm.ts:173
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:189
|
#: src/pages/policies/PolicyBindingForm.ts:189
|
||||||
|
@ -1707,10 +1734,10 @@ msgstr "Loading"
|
||||||
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts:108
|
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts:108
|
||||||
#: src/pages/property-mappings/PropertyMappingTestForm.ts:61
|
#: src/pages/property-mappings/PropertyMappingTestForm.ts:61
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:74
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:74
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:175
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:185
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:193
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:203
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:92
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:116
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:145
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:168
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:71
|
#: src/pages/providers/saml/SAMLProviderForm.ts:71
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:133
|
#: src/pages/providers/saml/SAMLProviderForm.ts:133
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:149
|
#: src/pages/providers/saml/SAMLProviderForm.ts:149
|
||||||
|
@ -1880,7 +1907,7 @@ msgstr "Monitor"
|
||||||
#: src/pages/providers/ProviderListPage.ts:52
|
#: src/pages/providers/ProviderListPage.ts:52
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:56
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:56
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts:73
|
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts:73
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:74
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:98
|
||||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:64
|
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:64
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:53
|
#: src/pages/providers/saml/SAMLProviderForm.ts:53
|
||||||
#: src/pages/providers/saml/SAMLProviderImportForm.ts:38
|
#: src/pages/providers/saml/SAMLProviderImportForm.ts:38
|
||||||
|
@ -2381,7 +2408,7 @@ msgid "Property mappings used to user creation."
|
||||||
msgstr "Property mappings used to user creation."
|
msgstr "Property mappings used to user creation."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:99
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:123
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:78
|
#: src/pages/providers/saml/SAMLProviderForm.ts:78
|
||||||
#: src/pages/sources/oauth/OAuthSourceForm.ts:122
|
#: src/pages/sources/oauth/OAuthSourceForm.ts:122
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:76
|
#: src/pages/sources/saml/SAMLSourceForm.ts:76
|
||||||
|
@ -2440,30 +2467,30 @@ msgstr "Public key, acquired from https://www.google.com/recaptcha/intro/v3.html
|
||||||
msgid "Publisher"
|
msgid "Publisher"
|
||||||
msgstr "Publisher"
|
msgstr "Publisher"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:147
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:157
|
||||||
msgid "RS256 (Asymmetric Encryption)"
|
msgid "RS256 (Asymmetric Encryption)"
|
||||||
msgstr "RS256 (Asymmetric Encryption)"
|
msgstr "RS256 (Asymmetric Encryption)"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:181
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:191
|
||||||
msgid "RSA Key"
|
msgid "RSA Key"
|
||||||
msgstr "RSA Key"
|
msgstr "RSA Key"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:243
|
#: src/pages/providers/saml/SAMLProviderForm.ts:244
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:200
|
#: src/pages/sources/saml/SAMLSourceForm.ts:200
|
||||||
msgid "RSA-SHA1"
|
msgid "RSA-SHA1"
|
||||||
msgstr "RSA-SHA1"
|
msgstr "RSA-SHA1"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:246
|
#: src/pages/providers/saml/SAMLProviderForm.ts:247
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:203
|
#: src/pages/sources/saml/SAMLSourceForm.ts:203
|
||||||
msgid "RSA-SHA256"
|
msgid "RSA-SHA256"
|
||||||
msgstr "RSA-SHA256"
|
msgstr "RSA-SHA256"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:249
|
#: src/pages/providers/saml/SAMLProviderForm.ts:250
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:206
|
#: src/pages/sources/saml/SAMLSourceForm.ts:206
|
||||||
msgid "RSA-SHA384"
|
msgid "RSA-SHA384"
|
||||||
msgstr "RSA-SHA384"
|
msgstr "RSA-SHA384"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:252
|
#: src/pages/providers/saml/SAMLProviderForm.ts:253
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:209
|
#: src/pages/sources/saml/SAMLSourceForm.ts:209
|
||||||
msgid "RSA-SHA512"
|
msgid "RSA-SHA512"
|
||||||
msgstr "RSA-SHA512"
|
msgstr "RSA-SHA512"
|
||||||
|
@ -2512,7 +2539,7 @@ msgstr "Refresh Code"
|
||||||
msgid "Register device"
|
msgid "Register device"
|
||||||
msgstr "Register device"
|
msgstr "Register device"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:153
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:176
|
||||||
msgid "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression."
|
msgid "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression."
|
||||||
msgstr "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression."
|
msgstr "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression."
|
||||||
|
|
||||||
|
@ -2591,22 +2618,22 @@ msgstr "Return to device picker"
|
||||||
msgid "SAML Attribute Name"
|
msgid "SAML Attribute Name"
|
||||||
msgstr "SAML Attribute Name"
|
msgstr "SAML Attribute Name"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:224
|
#: src/pages/providers/saml/SAMLProviderForm.ts:225
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:181
|
#: src/pages/sources/saml/SAMLSourceForm.ts:181
|
||||||
msgid "SHA1"
|
msgid "SHA1"
|
||||||
msgstr "SHA1"
|
msgstr "SHA1"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:227
|
#: src/pages/providers/saml/SAMLProviderForm.ts:228
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:184
|
#: src/pages/sources/saml/SAMLSourceForm.ts:184
|
||||||
msgid "SHA256"
|
msgid "SHA256"
|
||||||
msgstr "SHA256"
|
msgstr "SHA256"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:230
|
#: src/pages/providers/saml/SAMLProviderForm.ts:231
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:187
|
#: src/pages/sources/saml/SAMLSourceForm.ts:187
|
||||||
msgid "SHA384"
|
msgid "SHA384"
|
||||||
msgstr "SHA384"
|
msgstr "SHA384"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:233
|
#: src/pages/providers/saml/SAMLProviderForm.ts:234
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:190
|
#: src/pages/sources/saml/SAMLSourceForm.ts:190
|
||||||
msgid "SHA512"
|
msgid "SHA512"
|
||||||
msgstr "SHA512"
|
msgstr "SHA512"
|
||||||
|
@ -2637,7 +2664,7 @@ msgstr "SMTP Username"
|
||||||
msgid "SSO URL"
|
msgid "SSO URL"
|
||||||
msgstr "SSO URL"
|
msgstr "SSO URL"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:237
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:247
|
||||||
msgid "Same identifier is used for all providers"
|
msgid "Same identifier is used for all providers"
|
||||||
msgstr "Same identifier is used for all providers"
|
msgstr "Same identifier is used for all providers"
|
||||||
|
|
||||||
|
@ -2651,7 +2678,7 @@ msgstr "Scope which the client can specify to access these properties."
|
||||||
|
|
||||||
#: src/elements/oauth/UserCodeList.ts:31
|
#: src/elements/oauth/UserCodeList.ts:31
|
||||||
#: src/elements/oauth/UserRefreshList.ts:31
|
#: src/elements/oauth/UserRefreshList.ts:31
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:156
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:166
|
||||||
msgid "Scopes"
|
msgid "Scopes"
|
||||||
msgstr "Scopes"
|
msgstr "Scopes"
|
||||||
|
|
||||||
|
@ -2686,7 +2713,7 @@ msgstr "Select an identification method."
|
||||||
msgid "Select users to add"
|
msgid "Select users to add"
|
||||||
msgstr "Select users to add"
|
msgstr "Select users to add"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:177
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:187
|
||||||
msgid "Select which scopes can be used by the client. The client stil has to specify the scope to access the data."
|
msgid "Select which scopes can be used by the client. The client stil has to specify the scope to access the data."
|
||||||
msgstr "Select which scopes can be used by the client. The client stil has to specify the scope to access the data."
|
msgstr "Select which scopes can be used by the client. The client stil has to specify the scope to access the data."
|
||||||
|
|
||||||
|
@ -2747,19 +2774,19 @@ msgstr "Service connection"
|
||||||
msgid "Session duration"
|
msgid "Session duration"
|
||||||
msgstr "Session duration"
|
msgstr "Session duration"
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:215
|
#: src/pages/providers/saml/SAMLProviderForm.ts:216
|
||||||
msgid "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
msgid "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
||||||
msgstr "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
msgstr "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:211
|
#: src/pages/providers/saml/SAMLProviderForm.ts:212
|
||||||
msgid "Session valid not on or after"
|
msgid "Session valid not on or after"
|
||||||
msgstr "Session valid not on or after"
|
msgstr "Session valid not on or after"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:163
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:186
|
||||||
msgid "Set HTTP-Basic Authentication"
|
msgid "Set HTTP-Basic Authentication"
|
||||||
msgstr "Set HTTP-Basic Authentication"
|
msgstr "Set HTTP-Basic Authentication"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:166
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:189
|
||||||
msgid "Set a custom HTTP-Basic Authentication header based on values from authentik."
|
msgid "Set a custom HTTP-Basic Authentication header based on values from authentik."
|
||||||
msgstr "Set a custom HTTP-Basic Authentication header based on values from authentik."
|
msgstr "Set a custom HTTP-Basic Authentication header based on values from authentik."
|
||||||
|
|
||||||
|
@ -2792,7 +2819,7 @@ msgstr "Shown as the Title in Flow pages."
|
||||||
msgid "Sign up."
|
msgid "Sign up."
|
||||||
msgstr "Sign up."
|
msgstr "Sign up."
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:238
|
#: src/pages/providers/saml/SAMLProviderForm.ts:239
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:195
|
#: src/pages/sources/saml/SAMLSourceForm.ts:195
|
||||||
msgid "Signature algorithm"
|
msgid "Signature algorithm"
|
||||||
msgstr "Signature algorithm"
|
msgstr "Signature algorithm"
|
||||||
|
@ -2809,7 +2836,7 @@ msgstr "Signing keypair"
|
||||||
msgid "Single Prompts that can be used for Prompt Stages."
|
msgid "Single Prompts that can be used for Prompt Stages."
|
||||||
msgstr "Single Prompts that can be used for Prompt Stages."
|
msgstr "Single Prompts that can be used for Prompt Stages."
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:150
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:173
|
||||||
msgid "Skip path regex"
|
msgid "Skip path regex"
|
||||||
msgstr "Skip path regex"
|
msgstr "Skip path regex"
|
||||||
|
|
||||||
|
@ -2947,7 +2974,7 @@ msgstr "Stop impersonation"
|
||||||
msgid "Subject"
|
msgid "Subject"
|
||||||
msgstr "Subject"
|
msgstr "Subject"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:198
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:208
|
||||||
msgid "Subject mode"
|
msgid "Subject mode"
|
||||||
msgstr "Subject mode"
|
msgstr "Subject mode"
|
||||||
|
|
||||||
|
@ -3021,7 +3048,7 @@ msgid "Successfully created prompt."
|
||||||
msgstr "Successfully created prompt."
|
msgstr "Successfully created prompt."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:49
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:49
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:49
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:51
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:46
|
#: src/pages/providers/saml/SAMLProviderForm.ts:46
|
||||||
msgid "Successfully created provider."
|
msgid "Successfully created provider."
|
||||||
msgstr "Successfully created provider."
|
msgstr "Successfully created provider."
|
||||||
|
@ -3157,7 +3184,7 @@ msgid "Successfully updated prompt."
|
||||||
msgstr "Successfully updated prompt."
|
msgstr "Successfully updated prompt."
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:46
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:46
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:46
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:48
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:43
|
#: src/pages/providers/saml/SAMLProviderForm.ts:43
|
||||||
msgid "Successfully updated provider."
|
msgid "Successfully updated provider."
|
||||||
msgstr "Successfully updated provider."
|
msgstr "Successfully updated provider."
|
||||||
|
@ -3254,7 +3281,7 @@ msgstr "System Overview"
|
||||||
msgid "System Tasks"
|
msgid "System Tasks"
|
||||||
msgstr "System Tasks"
|
msgstr "System Tasks"
|
||||||
|
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:92
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:91
|
||||||
msgid "TLS Authentication Certificate"
|
msgid "TLS Authentication Certificate"
|
||||||
msgstr "TLS Authentication Certificate"
|
msgstr "TLS Authentication Certificate"
|
||||||
|
|
||||||
|
@ -3306,7 +3333,7 @@ msgstr "Text: Simple Text input"
|
||||||
msgid "The URL \"{0}\" was not found."
|
msgid "The URL \"{0}\" was not found."
|
||||||
msgstr "The URL \"{0}\" was not found."
|
msgstr "The URL \"{0}\" was not found."
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:123
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:131
|
||||||
msgid "The external URL you'll access the outpost at."
|
msgid "The external URL you'll access the outpost at."
|
||||||
msgstr "The external URL you'll access the outpost at."
|
msgstr "The external URL you'll access the outpost at."
|
||||||
|
|
||||||
|
@ -3395,7 +3422,7 @@ msgstr "Token count"
|
||||||
msgid "Token expiry"
|
msgid "Token expiry"
|
||||||
msgstr "Token expiry"
|
msgstr "Token expiry"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:136
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:144
|
||||||
msgid "Token validity"
|
msgid "Token validity"
|
||||||
msgstr "Token validity"
|
msgstr "Token validity"
|
||||||
|
|
||||||
|
@ -3616,7 +3643,7 @@ msgstr "Update details"
|
||||||
msgid "Update {0}"
|
msgid "Update {0}"
|
||||||
msgstr "Update {0}"
|
msgstr "Update {0}"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:107
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:82
|
||||||
msgid "Upstream host that the requests are forwarded to."
|
msgid "Upstream host that the requests are forwarded to."
|
||||||
msgstr "Upstream host that the requests are forwarded to."
|
msgstr "Upstream host that the requests are forwarded to."
|
||||||
|
|
||||||
|
@ -3702,11 +3729,11 @@ msgstr "User's avatar"
|
||||||
msgid "User's display name."
|
msgid "User's display name."
|
||||||
msgstr "User's display name."
|
msgstr "User's display name."
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:67
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:69
|
||||||
msgid "User/Group Attribute used for the password part of the HTTP-Basic Header."
|
msgid "User/Group Attribute used for the password part of the HTTP-Basic Header."
|
||||||
msgstr "User/Group Attribute used for the password part of the HTTP-Basic Header."
|
msgstr "User/Group Attribute used for the password part of the HTTP-Basic Header."
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:61
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:63
|
||||||
msgid "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used."
|
msgid "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used."
|
||||||
msgstr "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used."
|
msgstr "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used."
|
||||||
|
|
||||||
|
@ -3747,7 +3774,7 @@ msgstr "Using source"
|
||||||
msgid "Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows."
|
msgid "Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows."
|
||||||
msgstr "Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows."
|
msgstr "Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows."
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:116
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:91
|
||||||
msgid "Validate SSL Certificates of upstream servers."
|
msgid "Validate SSL Certificates of upstream servers."
|
||||||
msgstr "Validate SSL Certificates of upstream servers."
|
msgstr "Validate SSL Certificates of upstream servers."
|
||||||
|
|
||||||
|
|
|
@ -13,6 +13,13 @@ msgstr ""
|
||||||
"Language-Team: \n"
|
"Language-Team: \n"
|
||||||
"Plural-Forms: \n"
|
"Plural-Forms: \n"
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:141
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:149
|
||||||
|
#: src/pages/providers/saml/SAMLProviderForm.ts:202
|
||||||
|
#: src/pages/stages/user_login/UserLoginStageForm.ts:71
|
||||||
|
msgid "(Format: hours=-1;minutes=-2;seconds=-3)."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/policies/BoundPoliciesList.ts:59
|
#: src/pages/policies/BoundPoliciesList.ts:59
|
||||||
msgid "-"
|
msgid "-"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -68,6 +75,10 @@ msgstr ""
|
||||||
msgid "Access Key"
|
msgid "Access Key"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:136
|
||||||
|
msgid "Access code validity"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/sources/oauth/OAuthSourceForm.ts:73
|
#: src/pages/sources/oauth/OAuthSourceForm.ts:73
|
||||||
msgid "Access token URL"
|
msgid "Access token URL"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -106,7 +117,7 @@ msgid "Additional user DN, prepended to the Base DN."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:132
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:132
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:130
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:153
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:117
|
#: src/pages/providers/saml/SAMLProviderForm.ts:117
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:134
|
#: src/pages/sources/saml/SAMLSourceForm.ts:134
|
||||||
msgid "Advanced protocol settings"
|
msgid "Advanced protocol settings"
|
||||||
|
@ -125,7 +136,7 @@ msgstr ""
|
||||||
msgid "Alert"
|
msgid "Alert"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:153
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:163
|
||||||
msgid "Algorithm used to sign the JWT Tokens."
|
msgid "Algorithm used to sign the JWT Tokens."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -216,7 +227,7 @@ msgstr ""
|
||||||
msgid "Are you sure you want to update {0} \"{1}\"?"
|
msgid "Are you sure you want to update {0} \"{1}\"?"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:208
|
#: src/pages/providers/saml/SAMLProviderForm.ts:209
|
||||||
msgid "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
msgid "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -224,11 +235,7 @@ msgstr ""
|
||||||
msgid "Assertion valid not before"
|
msgid "Assertion valid not before"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:201
|
#: src/pages/providers/saml/SAMLProviderForm.ts:205
|
||||||
msgid "Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3)."
|
|
||||||
msgstr ""
|
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:204
|
|
||||||
msgid "Assertion valid not on or after"
|
msgid "Assertion valid not on or after"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -294,7 +301,7 @@ msgid "Authorization URL"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:62
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:62
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:80
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:104
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:59
|
#: src/pages/providers/saml/SAMLProviderForm.ts:59
|
||||||
#: src/pages/providers/saml/SAMLProviderImportForm.ts:44
|
#: src/pages/providers/saml/SAMLProviderImportForm.ts:44
|
||||||
msgid "Authorization flow"
|
msgid "Authorization flow"
|
||||||
|
@ -338,19 +345,19 @@ msgstr ""
|
||||||
msgid "Base DN"
|
msgid "Base DN"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:203
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:213
|
||||||
msgid "Based on the Hashed User ID"
|
msgid "Based on the Hashed User ID"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:209
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:219
|
||||||
msgid "Based on the User's Email. This is recommended over the UPN method."
|
msgid "Based on the User's Email. This is recommended over the UPN method."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:212
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:222
|
||||||
msgid "Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains."
|
msgid "Based on the User's UPN, only works if user has a 'upn' attribute set. Use this method only if you have different UPN and Mail domains."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:206
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:216
|
||||||
msgid "Based on the username"
|
msgid "Based on the username"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -389,7 +396,7 @@ msgstr ""
|
||||||
msgid "Built-in"
|
msgid "Built-in"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:89
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:88
|
||||||
msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation."
|
msgid "CA which the endpoint's Certificate is verified against. Can be left empty for no validation."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -422,7 +429,7 @@ msgid "Case insensitive matching"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/crypto/CertificateKeyPairForm.ts:51
|
#: src/pages/crypto/CertificateKeyPairForm.ts:51
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:134
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:157
|
||||||
msgid "Certificate"
|
msgid "Certificate"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -446,7 +453,7 @@ msgstr ""
|
||||||
msgid "Certificate-Key Pairs"
|
msgid "Certificate-Key Pairs"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:106
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:104
|
||||||
msgid "Certificate/Key used for authentication. Can be left empty for no authentication."
|
msgid "Certificate/Key used for authentication. Can be left empty for no authentication."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -586,11 +593,19 @@ msgstr ""
|
||||||
msgid "Configure WebAuthn"
|
msgid "Configure WebAuthn"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:140
|
||||||
|
msgid "Configure how long access codes are valid for."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:148
|
||||||
|
msgid "Configure how long refresh tokens and their id_tokens are valid for."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:193
|
#: src/pages/providers/saml/SAMLProviderForm.ts:193
|
||||||
msgid "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected."
|
msgid "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be respected."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:241
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:251
|
||||||
msgid "Configure how the issuer field of the ID Token should be filled."
|
msgid "Configure how the issuer field of the ID Token should be filled."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -598,7 +613,11 @@ msgstr ""
|
||||||
msgid "Configure settings relevant to your user profile."
|
msgid "Configure settings relevant to your user profile."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:216
|
#: src/pages/providers/saml/SAMLProviderForm.ts:201
|
||||||
|
msgid "Configure the maximum allowed time drift for an asseration."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:226
|
||||||
msgid "Configure what data should be used as unique User Identifier. For most cases, the default should be fine."
|
msgid "Configure what data should be used as unique User Identifier. For most cases, the default should be fine."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -840,7 +859,7 @@ msgstr ""
|
||||||
msgid "Customisation"
|
msgid "Customisation"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:255
|
#: src/pages/providers/saml/SAMLProviderForm.ts:256
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:212
|
#: src/pages/sources/saml/SAMLSourceForm.ts:212
|
||||||
msgid "DSA-SHA1"
|
msgid "DSA-SHA1"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -948,7 +967,7 @@ msgid "Determines how authentik sends the response back to the Service Provider.
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/stages/user_login/UserLoginStageForm.ts:70
|
#: src/pages/stages/user_login/UserLoginStageForm.ts:70
|
||||||
msgid "Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)."
|
msgid "Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:113
|
#: src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:113
|
||||||
|
@ -959,7 +978,7 @@ msgstr ""
|
||||||
msgid "Device name"
|
msgid "Device name"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:219
|
#: src/pages/providers/saml/SAMLProviderForm.ts:220
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:176
|
#: src/pages/sources/saml/SAMLSourceForm.ts:176
|
||||||
msgid "Digest algorithm"
|
msgid "Digest algorithm"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -1002,7 +1021,7 @@ msgstr ""
|
||||||
msgid "Dummy stage used for testing. Shows a simple continue button and always passes."
|
msgid "Dummy stage used for testing. Shows a simple continue button and always passes."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:234
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:244
|
||||||
msgid "Each provider has a different issuer, based on the application slug."
|
msgid "Each provider has a different issuer, based on the application slug."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1096,6 +1115,14 @@ msgstr ""
|
||||||
msgid "Enable TOTP"
|
msgid "Enable TOTP"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:140
|
||||||
|
msgid "Enable forward-auth mode"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:144
|
||||||
|
msgid "Enable this if you don't want to use this provider as a proxy, and want to use it with Traefik's forwardAuth or nginx's auth_request."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/policies/BoundPoliciesList.ts:41
|
#: src/pages/policies/BoundPoliciesList.ts:41
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:199
|
#: src/pages/policies/PolicyBindingForm.ts:199
|
||||||
#: src/pages/sources/ldap/LDAPSourceForm.ts:69
|
#: src/pages/sources/ldap/LDAPSourceForm.ts:69
|
||||||
|
@ -1254,7 +1281,7 @@ msgstr ""
|
||||||
msgid "External Host"
|
msgid "External Host"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:119
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:127
|
||||||
msgid "External host"
|
msgid "External host"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1349,7 +1376,7 @@ msgid "Flow used by an authenticated user to configure this Stage. If empty, use
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:76
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:76
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:94
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:118
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:73
|
#: src/pages/providers/saml/SAMLProviderForm.ts:73
|
||||||
#: src/pages/providers/saml/SAMLProviderImportForm.ts:57
|
#: src/pages/providers/saml/SAMLProviderImportForm.ts:57
|
||||||
msgid "Flow used when authorizing this provider."
|
msgid "Flow used when authorizing this provider."
|
||||||
|
@ -1443,15 +1470,15 @@ msgstr ""
|
||||||
msgid "Groups"
|
msgid "Groups"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:150
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:160
|
||||||
msgid "HS256 (Symmetric Encryption)"
|
msgid "HS256 (Symmetric Encryption)"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:64
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:66
|
||||||
msgid "HTTP-Basic Password Key"
|
msgid "HTTP-Basic Password Key"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:58
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:60
|
||||||
msgid "HTTP-Basic Username Key"
|
msgid "HTTP-Basic Username Key"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1470,7 +1497,7 @@ msgstr ""
|
||||||
#: src/pages/events/RuleForm.ts:93
|
#: src/pages/events/RuleForm.ts:93
|
||||||
#: src/pages/groups/GroupForm.ts:131
|
#: src/pages/groups/GroupForm.ts:131
|
||||||
#: src/pages/outposts/OutpostForm.ts:98
|
#: src/pages/outposts/OutpostForm.ts:98
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:178
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:188
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:177
|
#: src/pages/providers/saml/SAMLProviderForm.ts:177
|
||||||
#: src/pages/sources/ldap/LDAPSourceForm.ts:167
|
#: src/pages/sources/ldap/LDAPSourceForm.ts:167
|
||||||
#: src/pages/sources/ldap/LDAPSourceForm.ts:193
|
#: src/pages/sources/ldap/LDAPSourceForm.ts:193
|
||||||
|
@ -1544,11 +1571,11 @@ msgstr ""
|
||||||
msgid "In case you can't access any other method."
|
msgid "In case you can't access any other method."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:226
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:236
|
||||||
msgid "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint."
|
msgid "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:223
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:233
|
||||||
msgid "Include claims in id_token"
|
msgid "Include claims in id_token"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1560,11 +1587,11 @@ msgstr ""
|
||||||
msgid "Internal application name, used in URLs."
|
msgid "Internal application name, used in URLs."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:103
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:78
|
||||||
msgid "Internal host"
|
msgid "Internal host"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:113
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:88
|
||||||
msgid "Internal host SSL Validation"
|
msgid "Internal host SSL Validation"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1592,15 +1619,15 @@ msgstr ""
|
||||||
msgid "Issuer"
|
msgid "Issuer"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:229
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:239
|
||||||
msgid "Issuer mode"
|
msgid "Issuer mode"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:142
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:152
|
||||||
msgid "JWT Algorithm"
|
msgid "JWT Algorithm"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:195
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:205
|
||||||
msgid "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
|
msgid "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1689,8 +1716,8 @@ msgstr ""
|
||||||
#: src/pages/groups/GroupForm.ts:127
|
#: src/pages/groups/GroupForm.ts:127
|
||||||
#: src/pages/outposts/OutpostForm.ts:74
|
#: src/pages/outposts/OutpostForm.ts:74
|
||||||
#: src/pages/outposts/OutpostForm.ts:96
|
#: src/pages/outposts/OutpostForm.ts:96
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:87
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:86
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:104
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:102
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:157
|
#: src/pages/policies/PolicyBindingForm.ts:157
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:173
|
#: src/pages/policies/PolicyBindingForm.ts:173
|
||||||
#: src/pages/policies/PolicyBindingForm.ts:189
|
#: src/pages/policies/PolicyBindingForm.ts:189
|
||||||
|
@ -1699,10 +1726,10 @@ msgstr ""
|
||||||
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts:108
|
#: src/pages/policies/event_matcher/EventMatcherPolicyForm.ts:108
|
||||||
#: src/pages/property-mappings/PropertyMappingTestForm.ts:61
|
#: src/pages/property-mappings/PropertyMappingTestForm.ts:61
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:74
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:74
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:175
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:185
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:193
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:203
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:92
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:116
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:145
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:168
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:71
|
#: src/pages/providers/saml/SAMLProviderForm.ts:71
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:133
|
#: src/pages/providers/saml/SAMLProviderForm.ts:133
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:149
|
#: src/pages/providers/saml/SAMLProviderForm.ts:149
|
||||||
|
@ -1872,7 +1899,7 @@ msgstr ""
|
||||||
#: src/pages/providers/ProviderListPage.ts:52
|
#: src/pages/providers/ProviderListPage.ts:52
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:56
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:56
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts:73
|
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts:73
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:74
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:98
|
||||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:64
|
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:64
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:53
|
#: src/pages/providers/saml/SAMLProviderForm.ts:53
|
||||||
#: src/pages/providers/saml/SAMLProviderImportForm.ts:38
|
#: src/pages/providers/saml/SAMLProviderImportForm.ts:38
|
||||||
|
@ -2373,7 +2400,7 @@ msgid "Property mappings used to user creation."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:81
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:99
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:123
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:78
|
#: src/pages/providers/saml/SAMLProviderForm.ts:78
|
||||||
#: src/pages/sources/oauth/OAuthSourceForm.ts:122
|
#: src/pages/sources/oauth/OAuthSourceForm.ts:122
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:76
|
#: src/pages/sources/saml/SAMLSourceForm.ts:76
|
||||||
|
@ -2432,30 +2459,30 @@ msgstr ""
|
||||||
msgid "Publisher"
|
msgid "Publisher"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:147
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:157
|
||||||
msgid "RS256 (Asymmetric Encryption)"
|
msgid "RS256 (Asymmetric Encryption)"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:181
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:191
|
||||||
msgid "RSA Key"
|
msgid "RSA Key"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:243
|
#: src/pages/providers/saml/SAMLProviderForm.ts:244
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:200
|
#: src/pages/sources/saml/SAMLSourceForm.ts:200
|
||||||
msgid "RSA-SHA1"
|
msgid "RSA-SHA1"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:246
|
#: src/pages/providers/saml/SAMLProviderForm.ts:247
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:203
|
#: src/pages/sources/saml/SAMLSourceForm.ts:203
|
||||||
msgid "RSA-SHA256"
|
msgid "RSA-SHA256"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:249
|
#: src/pages/providers/saml/SAMLProviderForm.ts:250
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:206
|
#: src/pages/sources/saml/SAMLSourceForm.ts:206
|
||||||
msgid "RSA-SHA384"
|
msgid "RSA-SHA384"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:252
|
#: src/pages/providers/saml/SAMLProviderForm.ts:253
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:209
|
#: src/pages/sources/saml/SAMLSourceForm.ts:209
|
||||||
msgid "RSA-SHA512"
|
msgid "RSA-SHA512"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -2504,7 +2531,7 @@ msgstr ""
|
||||||
msgid "Register device"
|
msgid "Register device"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:153
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:176
|
||||||
msgid "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression."
|
msgid "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -2583,22 +2610,22 @@ msgstr ""
|
||||||
msgid "SAML Attribute Name"
|
msgid "SAML Attribute Name"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:224
|
#: src/pages/providers/saml/SAMLProviderForm.ts:225
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:181
|
#: src/pages/sources/saml/SAMLSourceForm.ts:181
|
||||||
msgid "SHA1"
|
msgid "SHA1"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:227
|
#: src/pages/providers/saml/SAMLProviderForm.ts:228
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:184
|
#: src/pages/sources/saml/SAMLSourceForm.ts:184
|
||||||
msgid "SHA256"
|
msgid "SHA256"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:230
|
#: src/pages/providers/saml/SAMLProviderForm.ts:231
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:187
|
#: src/pages/sources/saml/SAMLSourceForm.ts:187
|
||||||
msgid "SHA384"
|
msgid "SHA384"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:233
|
#: src/pages/providers/saml/SAMLProviderForm.ts:234
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:190
|
#: src/pages/sources/saml/SAMLSourceForm.ts:190
|
||||||
msgid "SHA512"
|
msgid "SHA512"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -2629,7 +2656,7 @@ msgstr ""
|
||||||
msgid "SSO URL"
|
msgid "SSO URL"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:237
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:247
|
||||||
msgid "Same identifier is used for all providers"
|
msgid "Same identifier is used for all providers"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -2643,7 +2670,7 @@ msgstr ""
|
||||||
|
|
||||||
#: src/elements/oauth/UserCodeList.ts:31
|
#: src/elements/oauth/UserCodeList.ts:31
|
||||||
#: src/elements/oauth/UserRefreshList.ts:31
|
#: src/elements/oauth/UserRefreshList.ts:31
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:156
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:166
|
||||||
msgid "Scopes"
|
msgid "Scopes"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -2678,7 +2705,7 @@ msgstr ""
|
||||||
msgid "Select users to add"
|
msgid "Select users to add"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:177
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:187
|
||||||
msgid "Select which scopes can be used by the client. The client stil has to specify the scope to access the data."
|
msgid "Select which scopes can be used by the client. The client stil has to specify the scope to access the data."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -2739,19 +2766,19 @@ msgstr ""
|
||||||
msgid "Session duration"
|
msgid "Session duration"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:215
|
#: src/pages/providers/saml/SAMLProviderForm.ts:216
|
||||||
msgid "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
msgid "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:211
|
#: src/pages/providers/saml/SAMLProviderForm.ts:212
|
||||||
msgid "Session valid not on or after"
|
msgid "Session valid not on or after"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:163
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:186
|
||||||
msgid "Set HTTP-Basic Authentication"
|
msgid "Set HTTP-Basic Authentication"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:166
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:189
|
||||||
msgid "Set a custom HTTP-Basic Authentication header based on values from authentik."
|
msgid "Set a custom HTTP-Basic Authentication header based on values from authentik."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -2784,7 +2811,7 @@ msgstr ""
|
||||||
msgid "Sign up."
|
msgid "Sign up."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:238
|
#: src/pages/providers/saml/SAMLProviderForm.ts:239
|
||||||
#: src/pages/sources/saml/SAMLSourceForm.ts:195
|
#: src/pages/sources/saml/SAMLSourceForm.ts:195
|
||||||
msgid "Signature algorithm"
|
msgid "Signature algorithm"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -2801,7 +2828,7 @@ msgstr ""
|
||||||
msgid "Single Prompts that can be used for Prompt Stages."
|
msgid "Single Prompts that can be used for Prompt Stages."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:150
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:173
|
||||||
msgid "Skip path regex"
|
msgid "Skip path regex"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -2939,7 +2966,7 @@ msgstr ""
|
||||||
msgid "Subject"
|
msgid "Subject"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:198
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:208
|
||||||
msgid "Subject mode"
|
msgid "Subject mode"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -3013,7 +3040,7 @@ msgid "Successfully created prompt."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:49
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:49
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:49
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:51
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:46
|
#: src/pages/providers/saml/SAMLProviderForm.ts:46
|
||||||
msgid "Successfully created provider."
|
msgid "Successfully created provider."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -3149,7 +3176,7 @@ msgid "Successfully updated prompt."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:46
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:46
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:46
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:48
|
||||||
#: src/pages/providers/saml/SAMLProviderForm.ts:43
|
#: src/pages/providers/saml/SAMLProviderForm.ts:43
|
||||||
msgid "Successfully updated provider."
|
msgid "Successfully updated provider."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -3246,7 +3273,7 @@ msgstr ""
|
||||||
msgid "System Tasks"
|
msgid "System Tasks"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/outposts/ServiceConnectionDockerForm.ts:92
|
#: src/pages/outposts/ServiceConnectionDockerForm.ts:91
|
||||||
msgid "TLS Authentication Certificate"
|
msgid "TLS Authentication Certificate"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -3298,7 +3325,7 @@ msgstr ""
|
||||||
msgid "The URL \"{0}\" was not found."
|
msgid "The URL \"{0}\" was not found."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:123
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:131
|
||||||
msgid "The external URL you'll access the outpost at."
|
msgid "The external URL you'll access the outpost at."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -3383,7 +3410,7 @@ msgstr ""
|
||||||
msgid "Token expiry"
|
msgid "Token expiry"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:136
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts:144
|
||||||
msgid "Token validity"
|
msgid "Token validity"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -3604,7 +3631,7 @@ msgstr ""
|
||||||
msgid "Update {0}"
|
msgid "Update {0}"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:107
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:82
|
||||||
msgid "Upstream host that the requests are forwarded to."
|
msgid "Upstream host that the requests are forwarded to."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -3690,11 +3717,11 @@ msgstr ""
|
||||||
msgid "User's display name."
|
msgid "User's display name."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:67
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:69
|
||||||
msgid "User/Group Attribute used for the password part of the HTTP-Basic Header."
|
msgid "User/Group Attribute used for the password part of the HTTP-Basic Header."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:61
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:63
|
||||||
msgid "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used."
|
msgid "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -3735,7 +3762,7 @@ msgstr ""
|
||||||
msgid "Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows."
|
msgid "Valid redirect URLs after a successful authorization flow. Also specify any origins here for Implicit flows."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderForm.ts:116
|
#: src/pages/providers/proxy/ProxyProviderForm.ts:91
|
||||||
msgid "Validate SSL Certificates of upstream servers."
|
msgid "Validate SSL Certificates of upstream servers."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
|
|
@ -129,11 +129,21 @@ export class OAuth2ProviderFormPage extends Form<OAuth2Provider> {
|
||||||
${t`Advanced protocol settings`}
|
${t`Advanced protocol settings`}
|
||||||
</span>
|
</span>
|
||||||
<div slot="body" class="pf-c-form">
|
<div slot="body" class="pf-c-form">
|
||||||
|
<ak-form-element-horizontal
|
||||||
|
label=${t`Access code validity`}
|
||||||
|
?required=${true}
|
||||||
|
name="accessCodeValidity">
|
||||||
|
<input type="text" value="${first(this.provider?.accessCodeValidity, "minutes=1")}" class="pf-c-form-control" required>
|
||||||
|
<p class="pf-c-form__helper-text">${t`Configure how long access codes are valid for.`}</p>
|
||||||
|
<p class="pf-c-form__helper-text">${t`(Format: hours=-1;minutes=-2;seconds=-3).`}</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`Token validity`}
|
label=${t`Token validity`}
|
||||||
?required=${true}
|
?required=${true}
|
||||||
name="tokenValidity">
|
name="tokenValidity">
|
||||||
<input type="text" value="${this.provider?.tokenValidity || "minutes=10"}" class="pf-c-form-control" required>
|
<input type="text" value="${first(this.provider?.tokenValidity, "minutes=10")}" class="pf-c-form-control" required>
|
||||||
|
<p class="pf-c-form__helper-text">${t`Configure how long refresh tokens and their id_tokens are valid for.`}</p>
|
||||||
|
<p class="pf-c-form__helper-text">${t`(Format: hours=-1;minutes=-2;seconds=-3).`}</p>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`JWT Algorithm`}
|
label=${t`JWT Algorithm`}
|
||||||
|
|
|
@ -19,6 +19,7 @@ export class ProxyProviderFormPage extends Form<ProxyProvider> {
|
||||||
}).then(provider => {
|
}).then(provider => {
|
||||||
this.provider = provider;
|
this.provider = provider;
|
||||||
this.showHttpBasic = first(provider.basicAuthEnabled, true);
|
this.showHttpBasic = first(provider.basicAuthEnabled, true);
|
||||||
|
this.showInternalServer = first(!provider.forwardAuthMode, true);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -28,6 +29,9 @@ export class ProxyProviderFormPage extends Form<ProxyProvider> {
|
||||||
@property({type: Boolean})
|
@property({type: Boolean})
|
||||||
showHttpBasic = true;
|
showHttpBasic = true;
|
||||||
|
|
||||||
|
@property({type: Boolean})
|
||||||
|
showInternalServer = true;
|
||||||
|
|
||||||
getSuccessMessage(): string {
|
getSuccessMessage(): string {
|
||||||
if (this.provider) {
|
if (this.provider) {
|
||||||
return t`Successfully updated provider.`;
|
return t`Successfully updated provider.`;
|
||||||
|
@ -67,6 +71,28 @@ export class ProxyProviderFormPage extends Form<ProxyProvider> {
|
||||||
</ak-form-element-horizontal>`;
|
</ak-form-element-horizontal>`;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
renderInternalServer(): TemplateResult {
|
||||||
|
if (!this.showInternalServer) {
|
||||||
|
return html``;
|
||||||
|
}
|
||||||
|
return html`<ak-form-element-horizontal
|
||||||
|
label=${t`Internal host`}
|
||||||
|
?required=${true}
|
||||||
|
name="internalHost">
|
||||||
|
<input type="text" value="${ifDefined(this.provider?.internalHost)}" class="pf-c-form-control" required>
|
||||||
|
<p class="pf-c-form__helper-text">${t`Upstream host that the requests are forwarded to.`}</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-element-horizontal name="internalHostSslValidation">
|
||||||
|
<div class="pf-c-check">
|
||||||
|
<input type="checkbox" class="pf-c-check__input" ?checked=${first(this.provider?.internalHostSslValidation, true)}>
|
||||||
|
<label class="pf-c-check__label">
|
||||||
|
${t`Internal host SSL Validation`}
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<p class="pf-c-form__helper-text">${t`Validate SSL Certificates of upstream servers.`}</p>
|
||||||
|
</ak-form-element-horizontal>`;
|
||||||
|
}
|
||||||
|
|
||||||
renderForm(): TemplateResult {
|
renderForm(): TemplateResult {
|
||||||
return html`<form class="pf-c-form pf-m-horizontal">
|
return html`<form class="pf-c-form pf-m-horizontal">
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
|
@ -97,22 +123,6 @@ export class ProxyProviderFormPage extends Form<ProxyProvider> {
|
||||||
${t`Protocol settings`}
|
${t`Protocol settings`}
|
||||||
</span>
|
</span>
|
||||||
<div slot="body" class="pf-c-form">
|
<div slot="body" class="pf-c-form">
|
||||||
<ak-form-element-horizontal
|
|
||||||
label=${t`Internal host`}
|
|
||||||
?required=${true}
|
|
||||||
name="internalHost">
|
|
||||||
<input type="text" value="${ifDefined(this.provider?.internalHost)}" class="pf-c-form-control" required>
|
|
||||||
<p class="pf-c-form__helper-text">${t`Upstream host that the requests are forwarded to.`}</p>
|
|
||||||
</ak-form-element-horizontal>
|
|
||||||
<ak-form-element-horizontal name="internalHostSslValidation">
|
|
||||||
<div class="pf-c-check">
|
|
||||||
<input type="checkbox" class="pf-c-check__input" ?checked=${first(this.provider?.internalHostSslValidation, true)}>
|
|
||||||
<label class="pf-c-check__label">
|
|
||||||
${t`Internal host SSL Validation`}
|
|
||||||
</label>
|
|
||||||
</div>
|
|
||||||
<p class="pf-c-form__helper-text">${t`Validate SSL Certificates of upstream servers.`}</p>
|
|
||||||
</ak-form-element-horizontal>
|
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`External host`}
|
label=${t`External host`}
|
||||||
?required=${true}
|
?required=${true}
|
||||||
|
@ -120,6 +130,21 @@ export class ProxyProviderFormPage extends Form<ProxyProvider> {
|
||||||
<input type="text" value="${ifDefined(this.provider?.externalHost)}" class="pf-c-form-control" required>
|
<input type="text" value="${ifDefined(this.provider?.externalHost)}" class="pf-c-form-control" required>
|
||||||
<p class="pf-c-form__helper-text">${t`The external URL you'll access the outpost at.`}</p>
|
<p class="pf-c-form__helper-text">${t`The external URL you'll access the outpost at.`}</p>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-element-horizontal name="forwardAuthMode">
|
||||||
|
<div class="pf-c-check">
|
||||||
|
<input type="checkbox" class="pf-c-check__input" ?checked=${first(this.provider?.forwardAuthMode, false)} @change=${(ev: Event) => {
|
||||||
|
const el = ev.target as HTMLInputElement;
|
||||||
|
this.showInternalServer = !el.checked;
|
||||||
|
}}>
|
||||||
|
<label class="pf-c-check__label">
|
||||||
|
${t`Enable forward-auth mode`}
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<p class="pf-c-form__helper-text">
|
||||||
|
${t`Enable this if you don't want to use this provider as a proxy, and want to use it with Traefik's forwardAuth or nginx's auth_request.`}
|
||||||
|
</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
${this.renderInternalServer()}
|
||||||
</div>
|
</div>
|
||||||
</ak-form-group>
|
</ak-form-group>
|
||||||
|
|
||||||
|
|
|
@ -189,7 +189,8 @@ export class SAMLProviderFormPage extends Form<SAMLProvider> {
|
||||||
?required=${true}
|
?required=${true}
|
||||||
name="assertionValidNotBefore">
|
name="assertionValidNotBefore">
|
||||||
<input type="text" value="${this.provider?.assertionValidNotBefore || "minutes=-5"}" class="pf-c-form-control" required>
|
<input type="text" value="${this.provider?.assertionValidNotBefore || "minutes=-5"}" class="pf-c-form-control" required>
|
||||||
<p class="pf-c-form__helper-text">${t`Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3).`}</p>
|
<p class="pf-c-form__helper-text">${t`Configure the maximum allowed time drift for an asseration.`}</p>
|
||||||
|
<p class="pf-c-form__helper-text">${t`(Format: hours=-1;minutes=-2;seconds=-3).`}</p>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`Assertion valid not on or after`}
|
label=${t`Assertion valid not on or after`}
|
||||||
|
|
|
@ -4,9 +4,9 @@ import { customElement, property } from "lit-element";
|
||||||
import { html, TemplateResult } from "lit-html";
|
import { html, TemplateResult } from "lit-html";
|
||||||
import { DEFAULT_CONFIG } from "../../../api/Config";
|
import { DEFAULT_CONFIG } from "../../../api/Config";
|
||||||
import { Form } from "../../../elements/forms/Form";
|
import { Form } from "../../../elements/forms/Form";
|
||||||
import { ifDefined } from "lit-html/directives/if-defined";
|
|
||||||
import "../../../elements/forms/HorizontalFormElement";
|
import "../../../elements/forms/HorizontalFormElement";
|
||||||
import "../../../elements/forms/FormGroup";
|
import "../../../elements/forms/FormGroup";
|
||||||
|
import { first } from "../../../utils";
|
||||||
|
|
||||||
@customElement("ak-stage-user-login-form")
|
@customElement("ak-stage-user-login-form")
|
||||||
export class UserLoginStageForm extends Form<UserLoginStage> {
|
export class UserLoginStageForm extends Form<UserLoginStage> {
|
||||||
|
@ -52,7 +52,7 @@ export class UserLoginStageForm extends Form<UserLoginStage> {
|
||||||
label=${t`Name`}
|
label=${t`Name`}
|
||||||
?required=${true}
|
?required=${true}
|
||||||
name="name">
|
name="name">
|
||||||
<input type="text" value="${ifDefined(this.stage?.name || "")}" class="pf-c-form-control" required>
|
<input type="text" value="${first(this.stage?.name, "")}" class="pf-c-form-control" required>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
<ak-form-group .expanded=${true}>
|
<ak-form-group .expanded=${true}>
|
||||||
<span slot="header">
|
<span slot="header">
|
||||||
|
@ -62,9 +62,10 @@ export class UserLoginStageForm extends Form<UserLoginStage> {
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`Session duration`}
|
label=${t`Session duration`}
|
||||||
?required=${true}
|
?required=${true}
|
||||||
name="privateKey">
|
name="sessionDuration">
|
||||||
<input type="text" value="${ifDefined(this.stage?.sessionDuration || "seconds=0")}" class="pf-c-form-control" required>
|
<input type="text" value="${first(this.stage?.sessionDuration, "seconds=0")}" class="pf-c-form-control" required>
|
||||||
<p class="pf-c-form__helper-text">${t`Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3).`}</p>
|
<p class="pf-c-form__helper-text">${t`Determines how long a session lasts. Default of 0 seconds means that the sessions lasts until the browser is closed.`}</p>
|
||||||
|
<p class="pf-c-form__helper-text">${t`(Format: hours=-1;minutes=-2;seconds=-3).`}</p>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
</div>
|
</div>
|
||||||
</ak-form-group>
|
</ak-form-group>
|
||||||
|
|
|
@ -20,7 +20,7 @@ Add the following block to your `.env` file:
|
||||||
AUTHENTIK_IMAGE=docker.beryju.org/authentik/server
|
AUTHENTIK_IMAGE=docker.beryju.org/authentik/server
|
||||||
AUTHENTIK_IMAGE_STATIC=docker.beryju.org/authentik/static
|
AUTHENTIK_IMAGE_STATIC=docker.beryju.org/authentik/static
|
||||||
AUTHENTIK_TAG=gh-next
|
AUTHENTIK_TAG=gh-next
|
||||||
AUTHENTIK_OUTPOSTS__DOCKER_IMAGE_BASE=docker.beryju.org/authentik/outpost
|
AUTHENTIK_OUTPOSTS__DOCKER_IMAGE_BASE=docker.beryju.org/authentik/outpost-%(type)s:gh-next
|
||||||
```
|
```
|
||||||
|
|
||||||
Afterwards, run the upgrade commands from the latest releasae notes.
|
Afterwards, run the upgrade commands from the latest releasae notes.
|
||||||
|
@ -32,7 +32,7 @@ Add the following block to your `values.yml` file:
|
||||||
image:
|
image:
|
||||||
name: docker.beryju.org/authentik/server
|
name: docker.beryju.org/authentik/server
|
||||||
name_static: docker.beryju.org/authentik/static
|
name_static: docker.beryju.org/authentik/static
|
||||||
name_outposts: docker.beryju.org/authentik/outpost
|
name_outposts: docker.beryju.org/authentik/outpost-%(type)s:gh-next
|
||||||
tag: gh-next
|
tag: gh-next
|
||||||
# pullPolicy: Always to ensure you always get the latest version
|
# pullPolicy: Always to ensure you always get the latest version
|
||||||
pullPolicy: Always
|
pullPolicy: Always
|
||||||
|
|
|
@ -37,7 +37,10 @@ It is also recommended to configure global email credentials. These are used by
|
||||||
image:
|
image:
|
||||||
name: beryju/authentik
|
name: beryju/authentik
|
||||||
name_static: beryju/authentik-static
|
name_static: beryju/authentik-static
|
||||||
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
|
# Image used for managed outposts. Placeholders:
|
||||||
|
# %(type)s: Outpost type; proxy, ldap, etc
|
||||||
|
# %(version)s: Current version; 2021.4.1
|
||||||
|
name_outposts: "beryju/authentik-%(type)s:%(version)s"
|
||||||
tag: 2021.4.4
|
tag: 2021.4.4
|
||||||
|
|
||||||
serverReplicas: 1
|
serverReplicas: 1
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
title: Proxy Outpost
|
|
||||||
---
|
|
||||||
|
|
||||||
The proxy outpost sets the following headers:
|
|
||||||
|
|
||||||
```
|
|
||||||
X-Auth-Username: akadmin # The username of the currently logged in user
|
|
||||||
X-Forwarded-Email: root@localhost # The email address of the currently logged in user
|
|
||||||
X-Forwarded-Preferred-Username: akadmin # The username of the currently logged in user
|
|
||||||
X-Forwarded-User: 900347b8a29876b45ca6f75722635ecfedf0e931c6022e3a29a8aa13fb5516fb # The hashed identifier of the currently logged in user.
|
|
||||||
```
|
|
||||||
|
|
||||||
Additionally, you can set `additionalHeaders` on groups or users to set additional headers.
|
|
||||||
|
|
||||||
If you enable *Set HTTP-Basic Authentication* option, the HTTP Authorization header is being set.
|
|
229
website/docs/outposts/proxy.mdx
Normal file
229
website/docs/outposts/proxy.mdx
Normal file
|
@ -0,0 +1,229 @@
|
||||||
|
---
|
||||||
|
title: Proxy Outpost
|
||||||
|
---
|
||||||
|
|
||||||
|
The proxy outpost sets the following headers:
|
||||||
|
|
||||||
|
```
|
||||||
|
X-Auth-Username: akadmin # The username of the currently logged in user
|
||||||
|
X-Forwarded-Email: root@localhost # The email address of the currently logged in user
|
||||||
|
X-Forwarded-Preferred-Username: akadmin # The username of the currently logged in user
|
||||||
|
X-Forwarded-User: 900347b8a29876b45ca6f75722635ecfedf0e931c6022e3a29a8aa13fb5516fb # The hashed identifier of the currently logged in user.
|
||||||
|
```
|
||||||
|
|
||||||
|
Additionally, you can set `additionalHeaders` on groups or users to set additional headers.
|
||||||
|
|
||||||
|
If you enable *Set HTTP-Basic Authentication* option, the HTTP Authorization header is being set.
|
||||||
|
|
||||||
|
# Forward auth
|
||||||
|
|
||||||
|
To use forward auth instead of proxying, you have to change a couple of settings. In the Proxy Provider, make sure to enable `Enable forward-auth mode` on the provider.
|
||||||
|
|
||||||
|
## Nginx
|
||||||
|
|
||||||
|
import Tabs from '@theme/Tabs';
|
||||||
|
import TabItem from '@theme/TabItem';
|
||||||
|
|
||||||
|
<Tabs
|
||||||
|
defaultValue="standalone-nginx"
|
||||||
|
values={[
|
||||||
|
{label: 'Standalone nginx', value: 'standalone-nginx'},
|
||||||
|
{label: 'Ingress', value: 'ingress'},
|
||||||
|
]}>
|
||||||
|
<TabItem value="standalone-nginx">
|
||||||
|
|
||||||
|
```
|
||||||
|
location /akprox {
|
||||||
|
proxy_pass http://*ip of your outpost*:4180;
|
||||||
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
error_page 401 = @akprox_signin;
|
||||||
|
}
|
||||||
|
|
||||||
|
location @akprox_signin {
|
||||||
|
internal;
|
||||||
|
add_header Set-Cookie $auth_cookie;
|
||||||
|
return 302 /akprox/start?rd=$escaped_request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
auth_request /akprox/auth?nginx;
|
||||||
|
# All your other options...
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
</TabItem>
|
||||||
|
<TabItem value="ingress">
|
||||||
|
Create a new ingress for the outpost
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: networking.k8s.io/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: authentik-outpost
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: *external host that you configured in authentik*
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- backend:
|
||||||
|
serviceName: authentik-outpost-*uuid of the service generated by authentik*
|
||||||
|
servicePort: 4180
|
||||||
|
path: /akprox
|
||||||
|
```
|
||||||
|
|
||||||
|
This ingress handles authentication requests, and the sign-in flow.
|
||||||
|
|
||||||
|
Add these annotations to the ingress you want to protect
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
metadata:
|
||||||
|
annotations:
|
||||||
|
nginx.ingress.kubernetes.io/auth-url: http://*external host that you configured in authentik*:4180/akprox/auth?nginx
|
||||||
|
nginx.ingress.kubernetes.io/auth-signin: http://*external host that you configured in authentik*:4180/akprox/start?rd=$escaped_request_uri
|
||||||
|
nginx.ingress.kubernetes.io/auth-snippet: |
|
||||||
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
```
|
||||||
|
</TabItem>
|
||||||
|
</Tabs>
|
||||||
|
|
||||||
|
## Traefik
|
||||||
|
|
||||||
|
<Tabs
|
||||||
|
defaultValue="standalone-traefik"
|
||||||
|
values={[
|
||||||
|
{label: 'Standalone traefik', value: 'standalone-traefik'},
|
||||||
|
{label: 'docker-compose', value: 'docker-compose'},
|
||||||
|
{label: 'Ingress', value: 'ingress'},
|
||||||
|
]}>
|
||||||
|
<TabItem value="standalone-traefik">
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
http:
|
||||||
|
middlewares:
|
||||||
|
authentik:
|
||||||
|
forwardAuth:
|
||||||
|
address: http://authentik-outpost-*uuid of the service generated by authentik*:4180/akprox/auth?traefik
|
||||||
|
trustForwardHeader: true
|
||||||
|
authResponseHeaders:
|
||||||
|
- Set-Cookie
|
||||||
|
- X-Auth-Username
|
||||||
|
- X-Forwarded-Email
|
||||||
|
- X-Forwarded-Preferred-Username
|
||||||
|
- X-Forwarded-User
|
||||||
|
routers:
|
||||||
|
default-router:
|
||||||
|
rule: "Host(`*external host that you configured in authentik*`)"
|
||||||
|
middlewares:
|
||||||
|
- name: authentik
|
||||||
|
priority: 10
|
||||||
|
services: # Unchanged
|
||||||
|
default-router-auth
|
||||||
|
match: "Host(`*external host that you configured in authentik*`) && PathPrefix(`/akprox/`)"
|
||||||
|
priority: 15
|
||||||
|
services: http://*ip of your outpost*:4180/akprox
|
||||||
|
```
|
||||||
|
</TabItem>
|
||||||
|
<TabItem value="docker-compose">
|
||||||
|
```yaml
|
||||||
|
version: '3.7'
|
||||||
|
services:
|
||||||
|
traefik:
|
||||||
|
image: traefik:v2.2
|
||||||
|
container_name: traefik
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
labels:
|
||||||
|
traefik.enable: true
|
||||||
|
traefik.http.routers.api.rule: Host(`traefik.example.com`)
|
||||||
|
traefik.http.routers.api.entrypoints: https
|
||||||
|
traefik.http.routers.api.service: api@internal
|
||||||
|
traefik.http.routers.api.tls: true
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
command:
|
||||||
|
- '--api'
|
||||||
|
- '--log=true'
|
||||||
|
- '--log.level=DEBUG'
|
||||||
|
- '--log.filepath=/var/log/traefik.log'
|
||||||
|
- '--providers.docker=true'
|
||||||
|
- '--providers.docker.exposedByDefault=false'
|
||||||
|
- '--entrypoints.http=true'
|
||||||
|
- '--entrypoints.http.address=:80'
|
||||||
|
- '--entrypoints.http.http.redirections.entrypoint.to=https'
|
||||||
|
- '--entrypoints.http.http.redirections.entrypoint.scheme=https'
|
||||||
|
- '--entrypoints.https=true'
|
||||||
|
- '--entrypoints.https.address=:443'
|
||||||
|
|
||||||
|
authentik_proxy:
|
||||||
|
image: beryju/authentik-proxy:2021.4.4
|
||||||
|
ports:
|
||||||
|
- 4180:4180
|
||||||
|
- 4443:4443
|
||||||
|
environment:
|
||||||
|
AUTHENTIK_HOST: https://your-authentik.tld
|
||||||
|
AUTHENTIK_INSECURE: "false"
|
||||||
|
AUTHENTIK_TOKEN: token-generated-by-authentik
|
||||||
|
labels:
|
||||||
|
traefik.enable: true
|
||||||
|
traefik.port: 4180
|
||||||
|
traefik.http.routers.authentik.rule: Host(`*external host that you configured in authentik*`) && PathPrefix(`/akprox/`)
|
||||||
|
traefik.http.routers.authentik.entrypoints: https
|
||||||
|
traefik.http.routers.authentik.tls: true
|
||||||
|
traefik.http.middlewares.authentik.forwardauth.address: http://authentik_proxy:4180/akprox/auth?traefik
|
||||||
|
traefik.http.middlewares.authentik.forwardauth.trustForwardHeader: true
|
||||||
|
traefik.http.middlewares.authentik.forwardauth.authResponseHeaders: Set-Cookie,X-Auth-Username,X-Forwarded-Email,X-Forwarded-Preferred-Username,X-Forwarded-User
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
whoami:
|
||||||
|
image: containous/whoami
|
||||||
|
labels:
|
||||||
|
traefik.enable: true
|
||||||
|
traefik.http.routers.whoami.rule: Host(`*external host that you configured in authentik*`)
|
||||||
|
traefik.http.routers.whoami.entrypoints: https
|
||||||
|
traefik.http.routers.whoami.tls: true
|
||||||
|
traefik.http.routers.whoami.middlewares: authentik@docker
|
||||||
|
restart: unless-stopped
|
||||||
|
```
|
||||||
|
</TabItem>
|
||||||
|
<TabItem value="ingress">
|
||||||
|
Create a middleware:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: traefik.containo.us/v1alpha1
|
||||||
|
kind: Middleware
|
||||||
|
metadata:
|
||||||
|
name: authentik
|
||||||
|
spec:
|
||||||
|
forwardAuth:
|
||||||
|
address: http://authentik-outpost-*uuid of the service generated by authentik*:4180/akprox/auth?traefik
|
||||||
|
trustForwardHeader: true
|
||||||
|
authResponseHeaders:
|
||||||
|
- Set-Cookie
|
||||||
|
- X-Auth-Username
|
||||||
|
- X-Forwarded-Email
|
||||||
|
- X-Forwarded-Preferred-Username
|
||||||
|
- X-Forwarded-User
|
||||||
|
```
|
||||||
|
|
||||||
|
Add the following settings to your IngressRoute
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
spec:
|
||||||
|
routes:
|
||||||
|
- kind: Rule
|
||||||
|
match: "Host(`*external host that you configured in authentik*`)"
|
||||||
|
middlewares:
|
||||||
|
- name: authentik
|
||||||
|
priority: 10
|
||||||
|
services: # Unchanged
|
||||||
|
- kind: Rule
|
||||||
|
match: "Host(`*external host that you configured in authentik*`) && PathPrefix(`/akprox/`)"
|
||||||
|
priority: 15
|
||||||
|
services:
|
||||||
|
- kind: Service
|
||||||
|
name: authentik-outpost-*uuid of the service generated by authentik*
|
||||||
|
port: 4180
|
||||||
|
```
|
||||||
|
</TabItem>
|
||||||
|
</Tabs>
|
|
@ -112,6 +112,22 @@ slug: "2021.4"
|
||||||
- web/admin: only pre-select items when creating a new object
|
- web/admin: only pre-select items when creating a new object
|
||||||
- web/flows: fix Sentry not being loaded correctly
|
- web/flows: fix Sentry not being loaded correctly
|
||||||
|
|
||||||
|
## Fixed in 2021.4.5
|
||||||
|
|
||||||
|
- core: fix text on error pages being hard to read
|
||||||
|
- outposts: only kill docker container if its running
|
||||||
|
- root: add middleware to properly report websocket connection to sentry
|
||||||
|
- root: don't use .error of structlog to not send to sentry
|
||||||
|
- stages/email: catch ValueError when global email settings are invalid
|
||||||
|
- stages/invitation: accept token from prompt_data
|
||||||
|
- stages/invitation: fix token not being loaded correctly from query string
|
||||||
|
- web: fix text-colour for form help text
|
||||||
|
- web: ignore network errors for sentry
|
||||||
|
- web/admin: don't show docker certs as required
|
||||||
|
- web/flows: fix redirect loop when sentry is enabled on flow views
|
||||||
|
- web/flows: include ShadyDOM, always enable ShadyDOM for flow interface, improve compatibility with password
|
||||||
|
- web/flows/identification: fix phrasing account recovery
|
||||||
|
|
||||||
## Upgrading
|
## Upgrading
|
||||||
|
|
||||||
This release does not introduce any new requirements.
|
This release does not introduce any new requirements.
|
||||||
|
|
4353
website/package-lock.json
generated
4353
website/package-lock.json
generated
File diff suppressed because it is too large
Load diff
|
@ -11,7 +11,7 @@
|
||||||
"serve": "docusaurus serve"
|
"serve": "docusaurus serve"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@docusaurus/preset-classic": "2.0.0-alpha.73",
|
"@docusaurus/preset-classic": "2.0.0-alpha.74",
|
||||||
"@mdx-js/react": "^1.6.22",
|
"@mdx-js/react": "^1.6.22",
|
||||||
"clsx": "^1.1.1",
|
"clsx": "^1.1.1",
|
||||||
"postcss": "^8.2.13",
|
"postcss": "^8.2.13",
|
||||||
|
|
Reference in a new issue