trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,565 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

955 Commits

Author SHA1 Message Date
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:15:14 +02:00
Jens Langhammer 7c2decf5ec providers/ldap: squash migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 09:22:25 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138) 
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
 2021-07-14 09:17:01 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 2036827f04 api: add sentry tunnel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-13 10:58:14 +02:00
Jens Langhammer b7a929d304 web/flows: update background for 2021.7 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 23:12:46 +02:00
Jens Langhammer 7ddb459030 web: fix error when showing error message of request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:06:30 +02:00
Jens Langhammer 90fe1c2ce8 providers/oauth2: allow blank redirect_uris to allow any redirect_uri 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-08 19:28:35 +02:00
Jens Langhammer adc4cd9c0d release: 2021.6.4 2021-07-05 16:59:29 +02:00
Jens Langhammer abed254ca1 web/admin: make table dispatch refresh event on refresh button instead of just fetching 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-05 09:48:14 +02:00
Jens Langhammer 320dab3425 core: only show `Reset password` link when recovery flow is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:59:41 +02:00
Jens Langhammer ca44f8bd60 web: log response when >= http 400 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:39:10 +02:00
Jens Langhammer d07704fdf1 crypto: show both sha1 and sha256 fingerprints 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:25:27 +02:00
Jens Langhammer 6a4ddcaba7 web/admin: don't use form.reset() for ModelForms, reset instance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 18:26:50 +02:00
Jens Langhammer 2c9b596f01 web/admin: run explicit update after loading instance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:41:42 +02:00
Jens Langhammer 91f7b289cc web/admin: show oauth2 token revoked status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:04:24 +02:00
Jens Langhammer dd53e7e9b1 web/admin: fix ModelForm not re-loading after being reset 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-02 21:21:11 +02:00
Jens Langhammer 680b182d95 release: 2021.6.3 2021-06-29 16:19:07 +02:00
Jens Langhammer c19da839b1 stages/user_write: add create_users_as_inactive flag 
close #1086

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 23:24:54 +02:00
Jens Langhammer 2b1356bb91 flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses 
closes #1079

Default value of `retry` behaves like previous version.

`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 00:22:09 +02:00
Jens Langhammer 7d9c74ce04 tenants: include all default flows in current_tenant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 23:47:49 +02:00
Jens Langhammer 4ec5df6b12 web/admin: fix linting error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 22:30:33 +02:00
Jens Langhammer 0403f6d373 web/admin: add flow export button on flow view page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 22:03:19 +02:00
Jens Langhammer b7f4d15a94 web/admin: fix deletion of authenticator not reloading the state correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 21:22:10 +02:00
Jens Langhammer 56450887ca web/admin: cleanup imports 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 21:14:23 +02:00
Jens Langhammer 9bd613a31d stages/authenticator_duo: fix component not being set in API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:49:58 +02:00
Jens Langhammer 63a28ca1e9 web/admin: fix only recovery flows being selectable for unenrollment flow in tenant form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 19:33:20 +02:00
Jens Langhammer 0d81eaffff web/admin: fix text color on pf-c-card 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-24 19:30:16 +02:00
Jens Langhammer 31a58e2c25 release: 2021.6.2 2021-06-22 23:35:10 +02:00
Jens Langhammer 04e52d8ba6 web/admin: handle elements in slot=form not being forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 22:48:47 +02:00
Jens Langhammer 70ccc63702 core: remove default flow background from default css, set static in base_full and dynamically in if/flow 
closes #1056

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:37:34 +02:00
Jens Langhammer e7d36c095d web/admin: sort inputs on authenticator validation stage form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 15:35:39 +02:00
Jens Langhammer 641872a33a web/admin: fix tenant's default flag not being saved 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1044
 2021-06-19 12:42:29 +02:00
Jens Langhammer fe6963c428 release: 2021.6.1 2021-06-17 22:14:52 +02:00
Jens Langhammer e0f48a30b7 release: 2021.6.1-rc6 2021-06-15 21:18:33 +02:00
Jens Langhammer 53100a72fe stages/identification: fix challenges not being annotated correctly and API client not loading data correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:28:11 +02:00
Jens Langhammer 4de927ba5b web/admin: fix link for github issue creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 18:55:43 +02:00
Jens Langhammer 74e578c2bf events: add tenant to event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 18:43:29 +02:00
Jens Langhammer e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 17:22:58 +02:00
Jens Langhammer 4e9be85353 website/docs: add docs for outpost configuration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 09:21:35 +02:00
Jens Langhammer 3a88dde545 web: fix declaration of Intl 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:13:43 +02:00
Jens Langhammer 31fc4d1cb9 web: migrate banner to sidebar 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 22:55:41 +02:00
Jens Langhammer 09cd8f8f63 web/admin: fix ak-application-check-access-form for get api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 22:40:51 +02:00
Jens Langhammer c9dda17c68 web/admin: select service connection by default when only one exists 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 20:12:01 +02:00
Jens Langhammer bb8559ee18 web: remove base interface 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 19:54:27 +02:00
Jens Langhammer 5ae32e525c web/flows: improve display of allowed fields for identification stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 16:30:03 +02:00
Jens Langhammer 0832145a01 web: fix fields for new api schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 15:36:25 +02:00
Jens Langhammer 82b2c7e3f0 web: add capabilities to sentry event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 14:08:39 +02:00
Jens Langhammer 4e18f47f28 web/flows: fix expiry not shown on consent stage when loading 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:21:11 +02:00
Jens Langhammer f10286edf8 Merge branch 'version-2021.6' into next 2021-06-12 20:43:12 +02:00