trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,106 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

10106 Commits

Author SHA1 Message Date
Jens L 47d79ac28c
security: fix CVE 2022 46172 (#4275) 
* fallback to current user in user_write, add flag to disable user creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update api and web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add cve post to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-23 14:16:26 +01:00
Jens Langhammer 44bf9a890e release: 2022.11.3 2022-12-02 23:00:59 +02:00
Jens Langhammer b60c6d4144 web: bump API Client 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-02 23:00:45 +02:00
Jens Langhammer 2a4daa5360 release: 2022.11.2 2022-12-01 10:41:29 +02:00
Jens Langhammer e1a6dede54 *: backport CVE-2022-46145 fix 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-01 10:41:26 +02:00
Jens Langhammer 17ee076f3d root: include security policy in website container 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-30 13:05:38 +02:00
Jens Langhammer 4d12a98c5d root: rework and expand security policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-30 13:05:35 +02:00
Jens Langhammer 3a13d19695 release: 2022.11.1 2022-11-22 21:42:10 +01:00
Jens Langhammer ed7bef9dbf blueprints: open fixtures in read only mode 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 21:39:30 +01:00
Jens Langhammer 4a17795df9 root: fix locales not being included in docker image 
closes #3885

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 21:39:26 +01:00
Jens Langhammer 07b1aea767 root: bump security info 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 21:18:02 +01:00
Jens Langhammer ab0f8d027d website/docs: add 2022.11.1 release notes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 21:17:05 +01:00
Jens Langhammer b9fdb63a57 core: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 21:02:18 +01:00
Jens Langhammer 94833dd1e7 web/admin: reset cookie_domain when setting non-domain forward auth 
closes #4063

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 20:46:20 +01:00
Jens Langhammer 5262d89505 core: fix tab-complete in shell 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 20:30:00 +01:00
Jens L ab3d47c437
blueprints: add desired state attribute to objects (#4061) 
* add state attribute to delete objects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests, move yaml from block to files

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add state to docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* only try to format

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 14:27:20 +01:00
Jens Langhammer 14cd52686d stages/email: add test for email translation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3885
 2022-11-22 14:14:42 +01:00
Jens Langhammer 1a39754fe9 *: don't return values in test suites 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-22 11:38:34 +01:00
dependabot[bot] 8599eba863
web: bump @sentry/browser from 7.20.0 to 7.20.1 in /web (#4058) 
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.20.0 to 7.20.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.20.0...7.20.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-22 10:09:00 +01:00
dependabot[bot] 4c6d21820e
web: bump @typescript-eslint/parser from 5.43.0 to 5.44.0 in /web (#4056) 
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.43.0 to 5.44.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.44.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-22 10:07:11 +01:00
GrahamSH ddee1c9a8c
website: Fix installations link in footer (#4053) 
/index 404s this fixes it

Signed-off-by: GrahamSH <grahamshllk@gmail.com>

Signed-off-by: GrahamSH <grahamshllk@gmail.com>
 2022-11-22 10:06:56 +01:00
dependabot[bot] 84678c41a8
web: bump chartjs-adapter-moment from 1.0.0 to 1.0.1 in /web (#4057) 
Bumps [chartjs-adapter-moment](https://github.com/chartjs/chartjs-adapter-moment) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/chartjs/chartjs-adapter-moment/releases)
- [Commits](https://github.com/chartjs/chartjs-adapter-moment/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: chartjs-adapter-moment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-22 10:05:23 +01:00
dependabot[bot] 7e1059dd43
web: bump @typescript-eslint/eslint-plugin from 5.43.0 to 5.44.0 in /web (#4055) 
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.43.0 to 5.44.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.44.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-22 10:05:14 +01:00
dependabot[bot] bc56ea6822
web: bump @sentry/tracing from 7.20.0 to 7.20.1 in /web (#4054) 
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.20.0 to 7.20.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.20.0...7.20.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-22 10:05:03 +01:00
dependabot[bot] 768dc55a71
core: bump goauthentik.io/api/v3 from 3.2022101.8 to 3.2022110.1 (#4060) 
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022101.8 to 3.2022110.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022101.8...v3.2022110.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-22 10:02:25 +01:00
Jens Langhammer a0719ca65e root: fix build on arm64 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 22:38:25 +01:00
github-actions[bot] 38c8555f36
web: bump API Client version (#4052) 
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
 2022-11-21 22:37:39 +01:00
Jens Langhammer 5b8223808e Merge branch 'version-2022.11' 2022-11-21 22:14:33 +01:00
Jens Langhammer 14f341f504 web/admin: fix error when importing duo devices 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 21:36:10 +01:00
Jens Langhammer c30aa90888 web: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 20:54:02 +01:00
Jens Langhammer 20c1770ec4 release: 2022.11.0 2022-11-21 20:12:02 +01:00
Jens Langhammer 1efc0c1242 website/docs: update changelog 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 19:37:28 +01:00
github-actions[bot] 4467546464
web: bump API Client version (#4051) 
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
 2022-11-21 18:17:56 +01:00
Jens Langhammer a2e512c36c stages/authenticator_validate: add flag to configure user_verification for webauthn devices 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 17:52:37 +01:00
Jens Langhammer 91897b0ac6 Revert "core: bump structlog from 22.1.0 to 22.2.0 (#4046)" 
This reverts commit d5c463947e.
 2022-11-21 15:08:39 +01:00
Jens Langhammer 3c2da8138d stages/invitation: directly delete invitation now that flow plan is saved in email token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 14:55:49 +01:00
Jens Langhammer e80df03819 website: fix greenhouse page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 13:37:52 +01:00
Jens Langhammer 426f0bc9dd events: deepcopy event kwargs to prevent objects being removed, remove workaround 
closes #4041

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 12:31:17 +01:00
dependabot[bot] 2e2a4aaa78
web: bump eslint from 8.27.0 to 8.28.0 in /web (#4042) 
Bumps [eslint](https://github.com/eslint/eslint) from 8.27.0 to 8.28.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.27.0...v8.28.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-21 10:26:09 +01:00
dependabot[bot] 90c2d94e69
web: bump @codemirror/legacy-modes from 6.2.0 to 6.3.0 in /web (#4044) 
Bumps [@codemirror/legacy-modes](https://github.com/codemirror/legacy-modes) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/codemirror/legacy-modes/releases)
- [Changelog](https://github.com/codemirror/legacy-modes/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/legacy-modes/compare/6.2.0...6.3.0)

---
updated-dependencies:
- dependency-name: "@codemirror/legacy-modes"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-21 10:25:58 +01:00
dependabot[bot] d5c463947e
core: bump structlog from 22.1.0 to 22.2.0 (#4046) 
Bumps [structlog](https://github.com/hynek/structlog) from 22.1.0 to 22.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hynek/structlog/compare/22.1.0...22.2.0)

---
updated-dependencies:
- dependency-name: structlog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-21 10:25:10 +01:00
dependabot[bot] e4bd4e23e5
web: bump @codemirror/lang-python from 6.0.4 to 6.1.0 in /web (#4043) 
Bumps [@codemirror/lang-python](https://github.com/codemirror/lang-python) from 6.0.4 to 6.1.0.
- [Release notes](https://github.com/codemirror/lang-python/releases)
- [Changelog](https://github.com/codemirror/lang-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-python/compare/6.0.4...6.1.0)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-python"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-21 10:24:58 +01:00
dependabot[bot] b9ad02781c
core: bump uvicorn from 0.19.0 to 0.20.0 (#4045) 
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.19.0 to 0.20.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.19.0...0.20.0)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-21 10:24:49 +01:00
dependabot[bot] 29ab5b4000
core: bump pylint from 2.15.5 to 2.15.6 (#4047) 
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.15.5 to 2.15.6.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.15.5...v2.15.6)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-21 10:24:38 +01:00
Jens Langhammer 71d144a67e web/flows: always hide static user info when its not set in the flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-18 21:19:06 +01:00
Jens Langhammer cc3ab141e5 policies: only cache policies for authenticated users 
closes #4033

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-18 21:06:53 +01:00
Jens Langhammer c158ef80db *: fix remaining old cache keys 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-18 16:18:32 +01:00
Jens Langhammer d785edbbe3 web/flows: only show user info when applicable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-18 16:13:21 +01:00
dependabot[bot] 3f30ef624e
web: bump @sentry/browser from 7.19.0 to 7.20.0 in /web (#4035) 
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.19.0...7.20.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-18 10:46:01 +01:00
dependabot[bot] ca1ee3e3f7
web: bump @sentry/tracing from 7.19.0 to 7.20.0 in /web (#4034) 
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.19.0...7.20.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-18 10:42:40 +01:00