50e3d317b2
flows: use WithUserInfoChallenge for AccessDeniedChallenge
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2039
2022-01-01 19:45:34 +01:00
3eed7bb010
lib: dont send any sentry events when testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 18:56:14 +01:00
9154b9b85d
web/user: rework user source connection UI
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:59:41 +01:00
fc19372709
flows: fix migration removing flow titles
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:00:00 +01:00
d03b0b8152
outposts: include outposts build hash in state
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 15:16:34 +01:00
c249b55ff5
*: use py3.10 syntax for unions, remove old Type[] import when possible
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 14:59:01 +01:00
fc7a452b0c
flows: update default flow titles
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 22:04:35 +01:00
46f12e62e8
flows: don't create EventAction.FLOW_EXECUTION
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 15:07:33 +01:00
53b10e64f8
outposts: fix error when client hasn't be initialised
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:26:48 +01:00
abe38bb16a
outposts: fix __exit__ being called without params
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 17:52:20 +01:00
b19da6d774
crypto: return private key's type (required for some oauth2 providers)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:51:28 +01:00
7c55616e29
outposts: fix creation of from_env docker client
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:48:23 +01:00
6510b97c1e
outposts: add remote docker integration via SSH
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:31:34 +01:00
22d1dd801c
root: also use analytics uuid for sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 15:13:27 +01:00
e7e0e6d213
lib: strip values for timedelta from string
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:49:35 +01:00
ca0250e19f
core: add meta theme-color
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:49:24 +01:00
5c5634830f
stages/identification: add field for passwordless flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:27:00 +01:00
9c42b75567
release: 2021.12.4
2021-12-23 10:32:48 +01:00
457e17fec3
website/docs: add small let's encrypt docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 00:59:06 +01:00
846006f2e3
events: create test notification with event with data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:32:29 +01:00
f557b2129f
*: fix random typos
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:13:18 +01:00
6dc2003e34
providers/oauth2: fix tests validating JWT incorrectly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:00:57 +01:00
0149c89003
providers/oauth2: fix invalid assignments in JWKS view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:41:28 +01:00
f458cae954
providers/proxy: add error handing when field is already gone
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:31:53 +01:00
f01d117ce6
providers/proxy: fix imports in migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:25:02 +01:00
2bde43e5dc
crypto: use older syntax for type union
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:22:45 +01:00
2f3026084e
providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:09:49 +01:00
c1f0833c09
crypto: improve support for non-rsa private keys (discovery)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:22 +01:00
8e83209631
stages/authenticator_validate: fix lint error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:14:35 +01:00
2e48e0cc2f
stages/authenticator_validate: fix prompt not triggering when using in non-authentication context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:03:02 +01:00
e72f0ab160
stages/authenticator_validation: refuse passwordless flow if flow is not for authentication
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:02:43 +01:00
5b3a9e29fb
stages/authenticator_validate: add passwordless login
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 17:34:46 +01:00
34b11524f1
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
16b6c17305
Revert "policies: don't always clear application cache on post_save"
...
This reverts commit 5ef385f0bb
2021-12-22 00:23:19 +01:00
cf4b4030aa
release: 2021.12.3
2021-12-21 20:52:08 +01:00
7fb939f97b
core: fix error when getting launch URL for application with non-existent Provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:40:29 +01:00
c78236a2a2
root: don't set secure cross opener policy
...
closes #1977
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:22 +01:00
ca314c262c
*: revert to using GHCR directly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:54:49 +01:00
8a60a7e26f
providers/proxy: revert to static list of forwarded headers
...
wildcard is not usable for this since the regular expression doesn't support negative lookahead, meaning we would always forward all headers, including Connection and others
closes #1969
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 12:04:54 +01:00
92b4244e81
providers/proxy: update traefik regex
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1969
2021-12-20 22:43:58 +01:00
dfbf7027bc
providers/proxy: add traefik.ingress.kubernetes.io/router.tls annotation for ingress
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:24:42 +01:00
4658018a90
Revert "outposts: rename outpost"
...
This reverts commit a5c30fd9c7
2021-12-20 21:37:31 +01:00
577b7ee515
providers/proxy: include auth headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:37:22 +01:00
3da526f20e
root: allow trace log level to work for core/embedded
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:11:47 +01:00
c843f18743
lib: add additional celery logger to sentry ignore
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:04:45 +01:00
80d0b14bb8
outposts: fix error when getting state for non-existent outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:44:47 +01:00
a5c30fd9c7
outposts: rename outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:28:05 +01:00
ef23a0da52
outposts/proxy: fix traefik header regex to only match Remote- and X- headers to prevent websocket errors
...
closes #1969
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 13:30:19 +01:00
ba527e7141
root: drop redis cache sentry errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 13:12:14 +01:00
602573f83f
ci: fix label
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:44:34 +01:00
8599d9efe0
web/admin: auto set the embedded outpost's authentik_host on first view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:27:04 +01:00
8e6fcfe350
root: fix inconsistent URL quoting of redis URLs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 22:24:41 +01:00
e9910732bc
release: 2021.12.2
2021-12-18 21:03:50 +01:00
b6ff04694f
providers/oauth2: don't rely on expiry task for access codes and refresh tokens
...
closes #1911
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 17:42:41 +01:00
61097b9400
policies/password: add minimum digits
...
closes #1952
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 16:15:56 +01:00
4c5537ddfe
sources/oauth: allow writing to user in SourceConnection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1888
2021-12-18 15:33:46 +01:00
a95779157d
tests/integration: add rename and full update tests for k8s controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:32:16 +01:00
ac6afb2b82
stages/email: add test for non-existent directory
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:05:40 +01:00
71a22c2a34
outposts: add unittests for docker controller
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-17 13:42:33 +01:00
273f5211a0
providers/saml: Fix typo ( #1950 )
2021-12-17 11:00:20 +00:00
2ca115285c
crypto: fix private keys not being imported correctly
...
closes #1945
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 21:14:15 +01:00
14c159500d
core: don't rotate non-api tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 19:32:39 +01:00
f33190caa5
release: 2021.12.1
2021-12-16 15:48:59 +01:00
741822424a
Merge branch 'master' into version-2021.12
2021-12-16 15:48:53 +01:00
a105760123
events: improve app lookup for event creation
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 16:46:02 +01:00
6ff8fdcc49
root: enable threading integration in sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 15:49:08 +01:00
50ca3dc772
core: fix error when attempting to provider from cached application
...
closes #1940
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 15:11:13 +01:00
2a09fc0ae2
release: 2021.12.1-rc5
2021-12-15 10:21:29 +01:00
fbb6756488
Merge branch 'master' into version-2021.12
2021-12-15 10:16:05 +01:00
6e83467481
web/flows: fix error when attempting to enroll new webauthn device
...
closes #1936
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 00:24:46 +01:00
72db17f23b
stages/identification: fix miscalculated sleep
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 23:31:08 +01:00
e18e681c2b
events: dont store full backtrace in systemtask
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:55:38 +01:00
10fe67e08d
sources/ldap: fix incorrect task names being referenced, use source native slug
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:53:14 +01:00
3740e65906
web/admin: add dashboard with user creation/login statistics
...
closes #1867
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:08:41 +01:00
30386cd899
events: add custom manager with helpers for metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 21:49:33 +01:00
64a10e9a46
events: fix schema for top_per_user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 21:08:15 +01:00
0b00768b84
events: add flow_execution event type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:13:51 +01:00
d162c79373
flows: fix wrong exception being caught in flow inspector
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:06:00 +01:00
8c16dfc478
stages/invitation: use GroupMemberSerializer serializer to prevent all of the user's groups and their users from being returned
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:56:13 +01:00
32ace1bece
crypto: add additional validation before importing a certificate
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 14:49:25 +01:00
54f893b84f
flows: add additional sentry spans
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:59:36 +01:00
5854833240
stages/authenticator_webauthn: fix migrations for different choices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:06:46 +01:00
4b2437a6f1
stages/authenticator_webauthn: use correct choices
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:51:34 +01:00
59a51c859a
stages/authenticator_webauthn: add migration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:09:35 +01:00
4e6714fffe
stages/authenticator_webauthn: make user_verification configurable
...
closes #1921
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:58:20 +01:00
0131b1f6cc
sources/oauth: fix wrong redirect URL being generated
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:34:47 +01:00
2993f506a7
sources/oauth: implement apple native sign-in using the apple JS SDK
...
closes #1881
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 00:40:29 +01:00
e4841d54a1
*: migrate ui_* properties to functions to allow context being passed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:56:35 +01:00
4f05dcec89
sources/oauth: allow oauth types to override their login button challenge
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:45:11 +01:00
ede6bcd31e
*: remove debug statements from tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:41:08 +01:00
728c8e994d
sources/oauth: strip parts of custom apple client_id
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:26:00 +01:00
fec6de1ba2
providers/oauth2: add additional logging to show with token path is taken
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:49:42 +01:00
69678dcfa6
providers/oauth2: use generate_key instead of uuid4
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:13:20 +01:00
4911a243ff
sources/oauth: add initial okta type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1910
2021-12-13 21:48:59 +01:00
4e63f0f215
core: add fallback for missing sentry trace
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 18:06:01 +01:00
29241cc287
core: always inject sentry trace into template
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 17:41:00 +01:00
f2b3a2ec91
providers/saml: optimise excessive queries to user when evaluating attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:38:38 +01:00
69780c67a9
lib: set evaluation span's description based on filename
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:32:01 +01:00
ac9cf590bc
*: use prefixed span names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:18:42 +01:00
cb6edcb198
core: set tag with request ID
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:15:27 +01:00
8eecc28c3c
events: add sentry for geoip
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:15:20 +01:00
09b02e1aec
release: 2021.12.1-rc4
2021-12-13 12:53:58 +01:00
5914bbf173
Merge branch 'master' into version-2021.12
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
2021-12-13 10:54:21 +01:00
83c12ad483
flows: fix description for spans
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 21:51:51 +01:00
4224fd5c6f
lib: correctly report "faked" IPs to sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:54:29 +01:00
597ce1eb42
Revert "*: use cache.delete_pattern instead of getting keys and deleting them"
...
This reverts commit ff481ba6e7
2021-12-12 20:41:34 +01:00
5ef385f0bb
policies: don't always clear application cache on post_save
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:39:04 +01:00
cda4be3d47
flows: add additional tags
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:37:20 +01:00
8cdf22fc94
root: set default redis iter to 1000
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:24:43 +01:00
6efc7578ef
flows: add additional sentry spans to flow executor
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:04:21 +01:00
7859145138
outposts: don't try to create docker client for embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:13:26 +01:00
8a8aafec81
root: enable boto3 sentry integration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 14:38:24 +01:00
534689895c
lib: remove old load_local_files setting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:03:06 +01:00
8a0dd6be24
outposts: handle RuntimeError during websocket connect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:01:55 +01:00
65d2eed82d
stagse/authenticator_webauthn: remove pydantic import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 20:32:25 +01:00
bafeff7306
outposts: improve logging for outpost controllers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 15:35:20 +01:00
7eda794070
outposts: fix docker controller not stopping containers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1859
2021-12-11 14:00:15 +01:00
e3129c1067
root: bump celery messages to info
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 13:59:56 +01:00
ff481ba6e7
*: use cache.delete_pattern instead of getting keys and deleting them
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 21:35:28 +01:00
b761659227
root: use ghcr for containers during testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 20:57:09 +01:00
2ee48cd039
outposts: set display name for outpost service account
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 19:59:38 +01:00
340a9bc8ee
core: fix error when using invalid key-values in attributes query
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 19:53:47 +01:00
4ba55aa8e9
flows: fix error when trying to print FlowToken objects
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:55:43 +01:00
bab6f501ec
flows: fix error in inspector view
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:52:46 +01:00
ffb0135f06
release: 2021.12.1-rc3
2021-12-09 13:23:41 +01:00
ee0ddc3d17
Merge branch 'master' into version-2021.12
2021-12-09 13:23:28 +01:00
a9bd34f3c5
events: revert to @prefill_task decorator since base class doesn't get executed until task runs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 10:18:00 +01:00
db316b59c5
stages/prompt: use policyenginemode all
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:40 +01:00
6209714f87
policies/expression: add ak_call_policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:28 +01:00
1ed2bddba7
root: fix celery task ID not being included in log
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:36:52 +01:00
26b35c9b7b
root: fix name conflict in threadlocal
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:42:48 +01:00
86a9271f75
root: add request_id to celery tasks, prefixed with "task-"
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:34:20 +01:00
402ed9bd20
root: allow usage of --randomly-seed for testing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:33:41 +01:00
326b574d54
root: update dependencies
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-07 16:25:10 +01:00
a91204e5b9
web/user: allow custom font-awesome icons for applications
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1189
2021-12-06 21:20:15 +01:00
873aa4bb22
providers/saml: remove SESSION_KEY_POST from session after using it
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1873
2021-12-06 12:47:25 +01:00
c1ea78c422
core: fix missing permission check for group creating when creating service account
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 12:33:29 +01:00
3c8bbc2621
sources/*: only allow superusers to directly create source connections
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 12:22:40 +01:00
4143d3fe28
events: don't set metrics on import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:13:48 +01:00
e3e9178ccc
web/admin: show outpost warning on application page too
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:10:44 +01:00
b694816e7b
sources/*: Allow creation of source connections via API
...
closes #1888
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:05:42 +01:00
317e9ec605
core: add FlowToken which saves the pickled flow plan, replace standard token in email stage to allow finishing flows in different sessions
...
closes #1801
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 15:20:11 +01:00
ada2a16412
tests/e2e: add post binding test
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:18:01 +01:00
6a3f7e45cf
providers/saml: add ?force_binding to limit bindings for metadata endpoint
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:42 +01:00
2b78c4ba86
*: use request.query_params instead of accessing the django request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:20 +01:00
680ef641fb
providers/saml: fix error when propertymapping returns invalid data in list
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 10:31:16 +01:00
2b5504ff63
release: 2021.12.1-rc2
2021-12-04 20:06:41 +01:00
639c2f5c2e
Merge branch 'master' into version-2021.12
2021-12-04 19:55:37 +01:00
426cef998f
sources/ldap: make task names more consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:39:42 +01:00
8ddb62ed0f
sources/plex: fix plex token being included in event log
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:37:40 +01:00
572f6d4ea0
crypto: add certificate discovery to automatically import certificates from lets encrypt
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1835
2021-12-03 18:27:36 +01:00
f1b9021e3e
sources/ldap: add optional tls verification certificate
...
closes #1875
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:09:13 +01:00
8ae50814fe
*: add missing migrations
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:04:54 +01:00
2e2b491ec7
source/ldap: fix hanging unittests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 09:41:13 +01:00
ac432e78e2
sources/ldap: don't cache LDAP Connection, use random server
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 21:18:20 +01:00
83ac42ac43
stages/prompt: fix error when both default and required are set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 21:11:22 +01:00
4bd1cd127b
providers/saml: fix IndexError in signature check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:30:03 +01:00
2eb5a5cc76
sources/ldap: handle typeerror during creation of objects when using wrong kwargs params
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:24:24 +01:00
75051687e6
sources/ldap: allow multiple server URIs for loadbalancing and failover
...
closes #1874
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:15:11 +01:00
7e316b5fc2
root: add missing sample_rate default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:54:37 +01:00
66c530ea06
outposts: always trigger outpost reconcile on startup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:06:14 +01:00
cf78c89830
events: replace @prefill_task with custom base class to prefill
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:47:35 +01:00
20c738c384
crypto: fix default API not having an ordering
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:00:41 +01:00
4f54ce6afb
providers/saml: fix error when using post bindings and user freshly logged in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1873
2021-12-02 13:00:21 +01:00
f0d7edb963
*: fix @prefill_task
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 10:05:51 +01:00
b4963bec76
providers/proxy: fix defaults for traefik integration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 21:47:13 +01:00
7aa8e35f87
providers/proxy: use wildcard for traefik headers copy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:35 +01:00
60b95271eb
outposts/proxy: add additional headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:09 +01:00
e6818c1f6a
release: 2021.12.1-rc1
2021-12-01 13:08:13 +01:00
917eef96fb
lib: add improved log to sentry events being sent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 21:37:29 +01:00
9a393848b2
outpost: configure error reporting based off of main instance config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:42:19 +01:00
7d2f622f4b
web: Update Web API Client version ( #1857 )
...
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:17:12 +01:00
e3a5ef1907
root: make sentry sample rate configurable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 13:52:34 +01:00
e597bb4542
policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type ( #1849 )
...
* Fix ak_user_has_authenticator evaluation when not specifying optional device_type
* Simpler patch
2021-11-29 10:35:17 +01:00
5c54de66fc
*: add meta_model_name field to all models with inheritance
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:32:39 +01:00
2c0d8d8943
core: add meta_model_name to MetaNameSerializer to easily show relevant events
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:27:08 +01:00
0a0eee138a
stages/authenticator_validate: catch error when attempting to configure user without flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:44:48 +01:00
de8cf65503
stages/email: prevent error with duplicate token
...
closes #1827
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:17:37 +01:00
121b36f35f
lib: log error for file:// in config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 19:21:40 +01:00
363aed2a47
root: url quote redis passwords for connection string
...
closes https://github.com/goauthentik/helm/issues/39
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 18:05:36 +01:00
e1ef196283
core: remove dump_config, handle directly in config loader without booting django, don't check database
2021-11-25 13:38:31 +01:00
0b8cfd437b
*: fix typo'd signing pair name
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 09:55:10 +01:00
75724b6f8d
root: make testing output more consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:46:27 +01:00
5b9e6bed6c
lib: fix custom URL schemes being overwritten
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:23:09 +01:00
0e3602d7eb
lib: improve probability of symbols in generated key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:01:30 +01:00
2b94e9a687
tests/e2e: bump retries
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:54:08 +01:00
6ed7d842e4
*: allow URLs without domain and custom schemas
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:51:04 +01:00
8794c840cf
web: only show applications with http link
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:40:31 +01:00
9c9c00755a
core: fix test user not having password set properly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:30:09 +01:00
b2d2e7cbc8
tests/e2e: remove logger
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 21:19:33 +01:00
91fd792f88
tests/e2e: use generated uid
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:19:13 +01:00
9835785864
core: make test user's password optional
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:06:44 +01:00
d785998c5a
Revert "root: disable random tests for now"
...
This reverts commit 8ba9553220
2021-11-23 18:46:51 +01:00
8ba9553220
root: disable random tests for now
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:57:56 +01:00
6eb132c48b
tests/e2e: fix ldap provider tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:28:35 +01:00
355b832cc3
tests/e2e: fix email backend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 13:22:28 +01:00
e32d4f0095
tests/e2e: don't run e2e tests randomly for now
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:32:24 +01:00
d3397c349f
stages/email: minify email css template
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:10:43 +01:00
9bb0d04aeb
root: Random tests ( #1825 )
...
* root: add pytest-randomly to randomise tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate flows for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: generate users for testing instead of relying on existing ones
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: use generated certificate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: keep containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: use websockets test case
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 22:56:02 +01:00
61621e7d60
lifecycle: improve backup restore by dropping database before
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-20 00:32:24 +01:00
Jens Langhammer
NeroPcStation
github-actions[bot]
Matthew R. McDougal
Jens L