106 commits

Author	SHA1	Message	Date
Jens Langhammer	33d5cd2973	web: add notice for Certificate for LDAP Provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-21 18:48:02 +02:00
Jens Langhammer	d1403f6f7d	web: implement bulk-delete form ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-12 23:21:29 +02:00
Jens Langhammer	1a17ce24f9	web: use single delete button with checkbox and icon-based action buttons ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-05 12:30:43 +02:00
Jens Langhammer	ddd5047cc3	web: better label table actions ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-05 10:40:44 +02:00
Jens Langhammer	2c60ec50be	web: re-format with prettier ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-03 17:52:21 +02:00
Jens Langhammer	9c0f7e0018	web/admin: fix LDAP Provider bind flow list being empty ... closes #1192 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-28 21:01:10 +02:00
Jens Langhammer	64c8ca9b5d	web/admin: default to authentication flow for LDAP provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-26 18:47:59 +02:00
Jens Langhammer	902378af53	providers/oauth2: fix redirect_uris not having blank set ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 00:22:09 +02:00
Lukas Söder	7f39399c32	providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138) ... * Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. The starting number for uid/gid can be configured iva environtment variables and is by default 2000 which should work fine for most instances unless there are more than 999 local accounts on the server/computer. The uidNumber is just the users Pk + the starting number. The guidNumber is calculated by the last couple of bytes in the uuid of the group + the starting number, this should have a low enough chance for collisions that it's going to be fine for most use cases. I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases. * Add a 'fake' primary group for each user * First attempt att adding config to interface * Updated API to support new fields * Refactor code, update documentation and remove obsolete comment Simplify `GetRIDForGroup`, was a bit overcomplicated before. Add an additional class/struct `LDAPGroup` which is the new argument for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User Add proper support in the interface for changing gidNumber and uidNumber starting points * make lint-fix for the migration files	2021-07-14 09:17:01 +02:00
Jens L	7dfc621ae4	LDAP Provider: TLS support (#1137)	2021-07-13 18:24:18 +02:00
Jens Langhammer	90fe1c2ce8	providers/oauth2: allow blank redirect_uris to allow any redirect_uri ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-08 19:28:35 +02:00
Jens Langhammer	9bd613a31d	stages/authenticator_duo: fix component not being set in API ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-26 20:49:58 +02:00
Jens Langhammer	0832145a01	web: fix fields for new api schema ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-13 15:36:25 +02:00
Jens Langhammer	8ddcf99bf7	web: fix flow download link ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 21:47:40 +02:00
Jens Langhammer	d878d2140e	providers/saml: add metadata download link to api ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 14:06:44 +02:00
Jens L	34ae9e6dab	API: add endpoint to show by what objects an object is used (#995) ... * core: add used_by API to show what objects are affected before deletion Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add support for used_by API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add authentik_used_by_shadows to shadow other models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: implement used_by API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: fix duplicate imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add action field to used_by api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add UI for used_by action Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add notice to tenant form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: fix naming in used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: check length for used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: fix used_by for non-pk models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * *: improve __str__ on models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add support for many to many in used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 11:58:12 +02:00
Jens L	dad24c03ff	outposts: set cookies for a domain to authenticate an entire domain (#971) ... * outposts: initial cookie domain implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add cookie domain setting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: replace forward_auth_mode with general mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: rebuild proxy provider form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: re-add forward_auth_mode for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix data.mode not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * root: always set log level to debug when testing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: use new mode attribute Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only ingress /akprox on forward_domain Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: fix lint error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix error on ProxyProviderForm when not using proxy mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix default for outpost form's type missing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add additional desc for proxy modes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: fix service account permissions not always being updated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost/proxy: fix redirecting to incorrect host for domain mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: improve error handling for network errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: fix image naming not matching main imaeg Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/proxy: fix redirects for domain mode and traefik Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix colour for paragraphs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix consent stage not showing permissions correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add domain-level docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: fix broken links Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/proxy: remove dead code Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix missing id for #header-text Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-08 23:10:17 +02:00
Jens Langhammer	e295f18e78	web/admin: fix error when importing SAML Metadata ... closes #948 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-31 22:26:24 +02:00
Jens Langhammer	11607622a3	web/admin: fix proxy provider's certificate not being optional ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-30 00:22:58 +02:00
Jens Langhammer	8183a51b72	stages/authenticator_duo: add missing duo device ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 22:16:29 +02:00
Jens Langhammer	9b57f0b81d	Merge branch 'version-2021.5' into next ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/src/locales/en.po # web/src/locales/pseudo-LOCALE.po	2021-05-22 20:01:16 +02:00
Jens Langhammer	2c816e6162	providers/proxy: don't use https to communicate with outpost ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-22 18:56:38 +02:00
Jens Langhammer	ec8490e105	web: fix remaining API Calls ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 18:52:27 +02:00
Jens Langhammer	69668a2a05	web: fix designation for flow lookups ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 18:46:04 +02:00
Jens Langhammer	d38fd603dd	web: fix more special API Calls ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 18:41:02 +02:00
Jens Langhammer	ba5374f6e1	web: mass update API calls ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 18:24:15 +02:00
Jens Langhammer	dde1dabf97	web: pass 2 migration ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 17:53:59 +02:00
Jens Langhammer	99be97206b	web: fix enums ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 15:31:13 +02:00
Jens Langhammer	3ab7588b73	web: Read() to Retrieve() ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 14:43:42 +02:00
Jens Langhammer	2d9f216658	web/admin: add notice for LDAP Provider's group selection ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-14 11:44:01 +02:00
Jens Langhammer	fd4e8a59f4	web/admin: fix linting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 20:09:49 +02:00
Jens Langhammer	84dfbcaaae	providers/api: return redirect_uris for proxy provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 20:02:17 +02:00
Jens L	36f7cad23b	Merge pull request #862 from goauthentik/form-refresh-on-save ... Form refresh on save	2021-05-11 14:23:32 +02:00
Jens Langhammer	a6c6f22221	web/admin: add button to copy saml metadata download link ... closes #857 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 13:52:47 +02:00
Jens Langhammer	c99afe0ad4	web/admin: remove unused imports ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 12:12:31 +02:00
Jens Langhammer	b4d750174f	web/admin: add modelform as base, start migrating ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 11:48:34 +02:00
Jens Langhammer	5cad59a9f8	providers/proxy: fix being able to set empty internal_host ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-09 00:07:34 +02:00
Jens Langhammer	225099b1a1	web/admin: fix error when viewing ldap provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-05 21:57:13 +02:00
Jens Langhammer	99d161e212	Merge branch 'master' into outpost-ldap ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # authentik/core/api/users.py # authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py	2021-05-04 21:02:20 +02:00
Jens Langhammer	e6431593f7	web/admin: auto-select keypair in oauth provider creation when only 1 keypair exists ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-04 17:09:04 +02:00
Jens Langhammer	b55cb2b40c	Merge branch 'master' into outpost-ldap	2021-04-29 20:13:47 +02:00
Jens L	2a409215d3	outpost: forwardAuth mode (#790)	2021-04-29 18:17:10 +02:00
Jens L	c4e4e17f93	providers/oauth2: add access_code_validity (#795) ... closes #794 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-28 21:03:43 +02:00
Jens Langhammer	1d5958a78f	providers/ldap: add search_group to limit who can do search requests ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 23:25:03 +02:00
Jens Langhammer	b3c8ffb96c	outposts/ldap: use authorization_flow instead of separate field ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 15:09:41 +02:00
Jens Langhammer	dcd80c6d63	outposts/ldap: fix linting ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 12:24:46 +02:00
Jens Langhammer	d741ed430a	web/admin: add UI for LDAP Provider ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-26 12:12:02 +02:00
Jens Langhammer	1f49aea48d	web/admin: fix mismatched required tags ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-22 10:33:36 +02:00
Jens Langhammer	7346ccf2b7	web/admin: add description for fields in proxy provider form ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-21 10:18:00 +02:00
Jens Langhammer	dd2cd09637	web/admin: fix undefined being shown when viewing application ... Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-04-18 19:04:10 +02:00