gcp-cherry-pick-bot[bot]
d9aab79c62
providers/oauth2: fix CVE-2024-21637 (cherry-pick #8104 ) ( #8106 )
...
* providers/oauth2: fix CVE-2024-21637 (#8104 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2024-01-09 18:43:56 +01:00
gcp-cherry-pick-bot[bot]
3af77ab382
security: fix CVE-2023-48228 (cherry-pick #7666 ) ( #7669 )
...
security: fix CVE-2023-48228 (#7666 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
2023-11-21 18:13:50 +01:00
Jens L
ea75741ec2
security: fix oobe-flow reuse when akadmin is deleted ( #7361 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# website/docs/releases/2023/v2023.10.md
2023-10-28 21:26:53 +02:00
Jens L
b5b33ce8e9
website/docs: prepare 2023.8.3 release notes ( #6843 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:54:58 +02:00
Jens L
3d1bf85587
website/docs: prepare 2023.8.2 release ( #6731 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 16:09:42 +02:00
Jens L
f57b3efcaa
policies/reputation: fix reputation not expiring ( #6714 )
...
* policies/reputation: fix reputation not expiring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some verbose names for models
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 13:46:00 +02:00
Jens L
9d894528e3
website: fix reference to flow stage binding option ( #6701 )
...
the option name was changed a while back but the docs still used the old name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 20:10:36 +02:00
Jens L
6246537e17
website: bump 2023.8.1 release notes ( #6678 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 00:31:26 +02:00
Tana M Berry
d291d16aac
website/docs: fix typos ( #6672 )
...
fix typos
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-08-29 16:49:40 -05:00
Jens L
782341441a
website: update 2023.8 release notes ( #6666 )
...
* update main release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-29 19:57:14 +02:00
Jens L
aa874dd92a
security: fix CVE-2023-39522 ( #6665 )
...
* stages/email: don't disclose whether a user exists or not when recovering
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update website
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-29 19:07:49 +02:00
Tana M Berry
87f65526e1
website/docs: Enterprise docs ( #6632 )
...
* new ent docs
* first drafts WIP
* Optimised images with calibre/image-actions
* more details added
* further updates
* tweaks
* better image
* Optimised images with calibre/image-actions
* fix typos
* final edits
* fixed formatting fail
---------
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2023-08-29 16:57:29 +00:00
Marc 'risson' Schmitt
13e5495b55
website: resize images over 1080p
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-08-26 02:38:59 +02:00
Jens L
e467a91f44
website/docs: update 2023.8 actually ( #6591 )
...
* add actual changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix source docs credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-22 14:19:37 +02:00
Jens L
d9f13e89c6
website: update release notes ( #6590 )
...
* move 2023.7 to 2023.8
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* move version dropdown from navbar to sidebar, and only have it on applicable sites
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove title instead of just hiding it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some styling for the mobile navbar sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add social image
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Optimised images with calibre/image-actions
* fix website tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2023-08-22 13:03:11 +02:00
Jens L
8bba3c0a9b
core: rework recursive group membership ( #6017 )
...
* rework checking group membership and add `user.all_groups` to get full list of groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor some more for better performance
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate things to use all_groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix for django 4.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-18 17:31:39 +02:00
Sandeep Gadhiya
4693c50701
website/docs: Troubleshooting Whitelist Email and Web-Dev Setup Docs ( #6426 )
...
* Whitelist email troubleshooting docs
* update preview website command
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
* refactor policies section
* refactor policies section
---------
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com>
Co-authored-by: sandeepgadhiya <sandeep.gadhiya@turtlemint.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-09 10:06:41 -05:00
risson
c7537f9f32
web, website: compress images ( #6121 )
...
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-08-02 12:06:03 +00:00
Jens L
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 19:30:28 +02:00
Jens L
30d32022e5
website/docs: expand beta beta / install docs ( #6443 )
...
* website/docs: expand beta beta / install docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 18:02:31 +02:00
r.e.e.c.h.e.e
c0474a83d9
website/docs: update Docker Compose and Kubernetes installation guide ( #6429 )
...
* website/docs: Update docker-compose and beta install guide
* website/docs: Update kubernetes and beta install guide
* Update website/docs/installation/kubernetes.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-31 15:17:54 -05:00
Jens L
33e7903699
website/docs: add architecture and persistence ( #6250 )
...
* website/docs: add architecture and persistence
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* add note about kubernetes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* link to relevant parts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-31 11:21:33 +02:00
Thomas Moschny
f2293c0f5b
website/docs: Update syntax in traefik standalone example ( #6303 )
...
* Update syntax in traefik standalone example
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
* One more syntax update
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
---------
Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>
2023-07-26 10:56:31 +02:00
ChandonPierre
d435a65cfd
outposts: support json patch for Kubernetes ( #6319 )
2023-07-22 02:29:28 +02:00
Jens L
9b7c30d44c
sources/ldap: fix ldap_sync cli command not running in foreground ( #6325 )
...
closes #6317
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-21 13:03:06 +02:00
Jens L
77662c9a51
website/docs: re-add goauthentik.io/user/can-change-* ( #6251 )
...
* website/docs: re-add goauthentik.io/user/can-change-*
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update website/docs/user-group/user.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-14 16:28:37 +02:00
Jens L
57893e0125
website: update 2023.6.1 release notes ( #6204 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-10 12:55:35 +02:00
Jens L
8828eefbe4
sources/ldap: fix page size ( #6187 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-08 01:15:35 +02:00
Jens Langhammer
e2bfcf8a6d
website: update release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-06 18:47:24 +02:00
Jens L
d22d147c8e
security: fix CVE-2023-36456 ( #6171 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-06 18:16:26 +02:00
dependabot[bot]
d14a2906f5
website: bump prettier from 2.8.8 to 3.0.0 in /website ( #6155 )
...
* website: bump prettier from 2.8.8 to 3.0.0 in /website
Bumps [prettier](https://github.com/prettier/prettier ) from 2.8.8 to 3.0.0.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/2.8.8...3.0.0 )
---
updated-dependencies:
- dependency-name: prettier
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* prettier
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-06 12:00:54 +02:00
Jens L
fb8c4b97f4
website: update navbar, update 2023.6 changelog ( #6136 )
...
* website: update navbar, update 2023.6 changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-04 14:25:08 +02:00
Jens L
f7d21b3aba
website: update 2023.6 release notes ( #6053 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-23 15:32:49 +02:00
Jens L
b0fbd576fc
security: cure53 fix ( #6039 )
...
* ATH-01-001: resolve path and check start before loading blueprints
This is even less of an issue since 411ef239f6
, since with that commit we only allow files that the listing returns
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-010: fix missing user filter for webauthn device
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
* ATH-01-008: fix web forms not submitting correctly when pressing enter
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
* ATH-01-004: remove env from admin system endpoint
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-005: use hmac.compare_digest for secret_key authentication
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-009: migrate impersonation to use API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-010: rework
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-014: save authenticator validation state in flow context
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-012: escape quotation marks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add website
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release ntoes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update with all notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:25:04 +02:00
Jens L
01311929d1
providers/ldap: improve password totp detection ( #6006 )
...
* providers/ldap: improve password totp detection
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add flag for totp mfa support
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* keep support for static tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-20 12:09:13 +02:00
Jens L
a2de6194e4
website/docs: correct LDAP StartTLS documentation ( #5886 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-08 11:00:20 +02:00
Jens L
0ce41a1b2d
providers/ldap: add StartTLS support ( #5861 )
...
* providers/ldap: add StartTLS support
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add starttls test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update form and docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add tls server name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 21:40:19 +02:00
Tana M Berry
b1de9f8d93
website/docs: add Note about wget command ( #5770 )
...
* add Note about wget
* added info about -) flag
* add review edits
---------
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-06-06 02:21:27 -05:00
Thomas B
ea1f92cb05
website/docs: Update troubleshooting login.md ( #5814 )
...
Update login.md
Added instructions to recover the key via cli
Signed-off-by: Thomas B <toolboxes909@gmail.com>
2023-06-05 11:16:53 +02:00
Jens L
7daf89be05
website/docs: prepare 2023.5.3 ( #5824 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-01 19:34:56 +02:00
Jens L
e8c2aabad0
website/docs: prepare 2023.5.2 release notes ( #5777 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-28 12:45:50 +02:00
Tana M Berry
1ce482911b
website/docs: capitalize Beta and link to Rel Notes ( #5753 )
...
capitalize Beta and link to Rel Notes
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-05-25 11:18:27 -05:00
Jens L
b4a3b266b3
website/docs: clarify troubleshooting headlines and order ( #5696 )
...
* website/docs: clarify troubleshooting headlines and order
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update website/docs/troubleshooting/login.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-19 15:54:04 +02:00
Jens L
873aaf85f9
website/docs: prepare 2023.5.1 release notes ( #5679 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-18 20:34:33 +02:00
Tana M Berry
8356ceaead
website/docs: added info about how to upgrade ( #5589 )
...
added info about how to upgrade
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-05-12 10:25:26 -05:00
Jens L
228197ea5e
website/docs: update 2023.5 release notes ( #5526 )
...
* website/docs: update 2023.5 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-12 13:45:25 +02:00
Jens L
61434c807d
stages/identification: auto-redirect to source when no user fields are selected ( #5583 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-11 16:52:30 +02:00
risson
7265a56f05
root: switch sentry dsn to our relay ( #5494 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-05-11 15:24:38 +02:00
Jens L
c68a42f63b
website/docs: improve docs for OAuth2 device code flow ( #5570 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:58:31 +02:00
Jens L
3704f4ccf4
core: disallow username and email changes by default ( #5571 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:57:57 +02:00