Commit graph

1116 commits

Author SHA1 Message Date
Jens Langhammer 916530f0d8 providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui
closes #1369

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 17:14:53 +02:00
Jens Langhammer ef341dd405 stages/user_write: add option to add newly created users to a group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 21:45:34 +02:00
Jens Langhammer 5f28c7ace7 web: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 14:44:57 +02:00
Jens Langhammer d96c96006f web/admin: open URLs group when urls are customisable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 14:38:52 +02:00
Jens Langhammer 56d40bddd0 web/admin: make token list more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 10:04:15 +02:00
Jens Langhammer a20f552bcf web/flows: fix alignment for duo authenticator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 09:23:10 +02:00
Jens Langhammer 9a7fa39de4 events: allow setting a mapping for webhook transport to customise request payloads
closes #1383

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-12 01:05:42 +02:00
Jens Langhammer bf771f8b6c release: 2021.8.5 2021-09-11 19:20:13 +02:00
Jens Langhammer b923d85f6a web: allow duplicate messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 20:09:31 +02:00
Jens Langhammer 094acc62f0 web: ignore network error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 19:58:43 +02:00
Jens L 3c1b70c355
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add rs256

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

more stuff

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add forward auth an sign_out

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

match cookie name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

re-add support for rs256 for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add error handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

ensure unique user-agent is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

set cookie duration based on id_token expiry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

build proxy v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add ssl

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add basic auth and custom header support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add application cert loading

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

implement whitelist

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add redis

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

migrate embedded outpost to v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

remove old proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

providers/proxy: make token expiration configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only allow one redirect URI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix docker build for proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove default port offset

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add AUTHENTIK_HOST_BROWSER

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix e2e/integration tests not using proper tags

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove references of old port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix user_attributes not being loaded correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
Jens Langhammer 3cf5794b96 web/admin: increase default expiry for refresh tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 00:12:18 +02:00
Jens Langhammer 073dd8b560 web/admin: fix notification clear all not triggering render
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 10:23:55 +02:00
Jens Langhammer 2db8b07578 events: add mark_all_seen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 22:08:12 +02:00
Jens Langhammer 7a12c0e4d1 web/admin: fix user selection in token form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:33:40 +02:00
Jens Langhammer f725009530 web/flows: fix display error when using IdentificationStage without input fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:06:37 +02:00
Jens Langhammer 6b6748b1c7 web/admin: show applications instead of providers in outpost form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:43:21 +02:00
Jens Langhammer 276d8fe5cf release: 2021.8.4 2021-09-02 20:21:21 +02:00
Jens Langhammer 92ce5f0931 web: improve error display when only {'detail'} is returned
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 19:55:37 +02:00
Jens Langhammer f0db408699 api: add v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 17:40:02 +02:00
Jens Langhammer d5d1f2a645 web: show version in logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 17:10:43 +02:00
Jens Langhammer 4fc8e61f8c stages/authenticator_validate: show single button for multiple webauthn authenticators
tested with browser + yubikey 5

closes #1096

The order of allowCredentials doesn't seem to matter, chrome seems to always choose the internal authenticator first.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:28:52 +02:00
Jens Langhammer 7d26ea1a9c web/admin: fix list of webauthn devices not updating after rename
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:05:18 +02:00
Jens Langhammer 88f0dfc8cc web/admin: fallback for invitation list on first load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 13:33:05 +02:00
Jens Langhammer f82aada23b web/admin: fix flow executor not opening in new tab
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 13:19:09 +02:00
Jens Langhammer 1b8271d767 flows: disable compatibility_mode by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 17:18:43 +02:00
Jens Langhammer a016f99450 core: fix user_obj being empty on token API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 12:51:17 +02:00
Jens Langhammer 08e8cf850a web/flows: fix FlowExecutor not updating when challenge changes from outside
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 13:49:57 +02:00
Jens Langhammer 160139813d release: 2021.8.3 2021-08-28 16:58:44 +02:00
Jens Langhammer 6237352e25 web/flows: fix checkboxes not being rendered correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 23:09:53 +02:00
Jens Langhammer c55b63337c web/flows: fix post-challenge updates not always being called by using setter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:45:23 +02:00
Jens Langhammer 3323b50036 web/flows: also check for redirects as result of posting challenge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 10:08:15 +02:00
Jens Langhammer f601e04b38 web/flows: assign location from redirect challenge in request handler not render
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 09:43:00 +02:00
Jens Langhammer c4f72c2bc1 release: 2021.8.2 2021-08-26 17:58:20 +02:00
Jens Langhammer 897f6f3473 release: 2021.8.1 2021-08-26 16:03:45 +02:00
Jens Langhammer 2ae164df78 *: cleanup api schema warnings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-26 09:36:41 +02:00
Jens Langhammer 78578c6c9d web/admin: allow admins to create tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:23:32 +02:00
Jens Langhammer 0ccec96490 core: make user optional in token creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:21:51 +02:00
Jens Langhammer 8022d0801d web/elements: add support for datetime-local
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:14:32 +02:00
Jens Langhammer 4d27694706 release: 2021.8.1-rc2 2021-08-24 21:29:29 +02:00
Jens Langhammer 16cfa8cae2 web/admin: add ServiceAccount creation form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 20:13:08 +02:00
Jens Langhammer cc6d5765f2 web/admin: fix inconsistent ordering for ldap property mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 13:04:19 +02:00
Jens Langhammer cba255eaaa Merge branch 'master' into app-passwords
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/tests/test_source_flow_manager.py
#	authentik/stages/authenticator_validate/tests.py
#	authentik/stages/password/tests.py
#	scripts/generate_ci_config.py
2021-08-23 21:21:12 +02:00
Jens L 859cf2bd8f
lib: move id and key generators to lib (#1286)
* lib: move generators to lib

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: bump default token key size

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix split being used for http basic auth instead of partition

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: don't rethrow error in ActionButton

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 20:27:38 +02:00
Jens Langhammer b2f077645a web: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 18:38:35 +02:00
Jens Langhammer 5face5410f web/admin: select all password stage backends by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 18:08:29 +02:00
Jens Langhammer a9af40f85c web/admin: improve delete modal for stage bindings and policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:46:51 +02:00
Jens Langhammer 07a4f474f4 website/docs: add docs for auth_method and auth_method_args fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:23:55 +02:00
Jens Langhammer 00e9b91f56 web/admin: fix missing app passwords backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:47:38 +02:00
Jens Langhammer c4832206fa web/admin: display token's intents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:33:12 +02:00