trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
12898 commits 95 branches 330 tags 336 MiB
Commit graph

246 commits

Author SHA1 Message Date
Jens L fcd6dc1d60
events: fix lint (#7700) 
* events: fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* test without explicit poetry env use?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* delete previous poetry env

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* prevent invalid cached poetry envs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* run test-from-stable as matrix and make required

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing postgres version

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* sigh

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* idk

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
#	.github/actions/setup/action.yml
#	.github/workflows/ci-main.yml
 2023-12-19 18:40:14 +01:00
gcp-cherry-pick-bot[bot] acc3b59869
events: add better fallback for sanitize_item to ensure everything can be saved as JSON (cherry-pick #7694) (#7937) 
events: add better fallback for sanitize_item to ensure everything can be saved as JSON (#7694)

* events: fix events sanitizing not handling all types



* remove some leftover prints



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
 2023-12-19 18:31:20 +01:00
gcp-cherry-pick-bot[bot] d9d5ac10e6
events: include user agent in events (cherry-pick #7693) (#7938) 
events: include user agent in events (#7693)

* events: include user agent in events



* fix tests



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
 2023-12-19 18:31:06 +01:00
gcp-cherry-pick-bot[bot] 7c3d60ec3a
events: don't update internal service accounts unless needed (cherry-pick #7611) (#7640) 
events: stop spam (#7611)

* events: don't log updates to internal service accounts



* dont log reputation updates



* don't actually ignore things, stop updating outpost user when not required



* prevent updating internal service account users



* fix setattr call



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
 2023-11-20 19:43:30 +01:00
gcp-cherry-pick-bot[bot] ea6cf6eabf
events: fix missing model_* events when not directly authenticated (cherry-pick #7588) (#7597) 
events: fix missing model_* events when not directly authenticated (#7588)

* events: fix missing model_* events when not directly authenticated



* defer accessing database



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
 2023-11-16 12:59:41 +01:00
gcp-cherry-pick-bot[bot] 3891fb3fa8
events: sanitize functions (cherry-pick #7587) (#7589) 
events: sanitize functions (#7587)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
 2023-11-15 23:24:13 +01:00
gcp-cherry-pick-bot[bot] 3809400e93
events: fix gdpr compliance always running (cherry-pick #7491) (#7505) 
events: fix gdpr compliance always running

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2023-11-09 17:57:25 +01:00
Jens L 83f9eae654
root: extended flow and policy metrics (#7067) 2023-10-05 01:04:55 +02:00
Jens L cb6dadbf94
stages/email: rework email templates (#7029) 
rework email templates

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-02 16:04:40 +02:00
Jens L 29de5d34d6
events: fix error when storing events with date/time/datetime/etc (#7028) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-02 12:44:17 +02:00
Jens L 6612f729ec
stages/authenticator: vendor otp (#6741) 
* initial import

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update imports

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove email and hotp for now

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove things we don't need and clean up

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* initial merge static

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* initial merge totp

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more fixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update webui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add system migration

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more cleanup, add doctests to test_runner

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixup more lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup last tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docstrings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* implement SerializerModel

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix web format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-09-04 11:45:14 +02:00
Jens L b6a57ffd4f
events: fix missing application names from most used applications (#6689) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-08-30 12:46:42 +02:00
Jens L ccfd45774e
*: fix api errors raised in general validate() to specify a field (#6663) 
* *: fix api errors raised in general validate() to specify a field

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove required flag for tls server name for ldap provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* attempt to make timing test less flaky

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-08-29 14:41:48 +02:00
Jens L f272d14fcf
events: fix monitored task not removing state (#6386) 
when `save_on_success` is set, a task failure saves state. when it succeeds afterwards, that state should be removed

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-07-26 16:00:50 +02:00
Jens L 2f469d2709
root: partial Live-updating config (#5959) 
* stages/email: directly use email credentials from config

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use custom database backend that supports dynamic credentials

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add crude config reloader

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make method names for CONFIG clearer

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* replace config.set with environ

Not sure if this is the cleanest way, but it persists through a config reload

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-add set for @patch

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* even more crudeness

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* clean up some old stuff?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup old things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix flow e2e

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-07-19 23:13:22 +02:00
Jens L 5ca65003f1
events: fix authentik_system_tasks metric status label (#6252) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-07-13 16:24:13 +02:00
Jens L e712225ced
sources/ldap: improve scalability (#6056) 
* sources/ldap: improve scalability

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use cache instead of call signature for page data

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-06-28 17:13:42 +02:00
Jens L a987846c76
root: celery refactor (#6095) 
* root: celery refactor

cleanup deprecation messages by configuring celery with a single object

run celery as django management command

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve debug experience

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add debugpy to dev dependencies

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix task_always_eager

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-06-28 16:44:50 +02:00
Jens L 44341f0224
lib: add tests for ak_create_event (#5710) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-22 00:18:54 +02:00
Jens L ff1510dedc
events: sanitize enums (#5610) 
when importing a flow and returning logs, sometimes an enum might be included which is currently not sanitized and hence causes an exception

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-15 14:39:58 +02:00
Jens L a032fd529b
events: don't include task uid in task metric (#5595) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-12 20:03:52 +02:00
Jens L eaa3d11df8
api: modular urls (#5551) 
* api: make API urls modular

load API urls from app module's urls file instead of a single static file

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* refactor websocket url mounting

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-09 14:46:47 +02:00
Jens L 8215ee19c6
events: include event user in webhook notification (#5524) 
* events: include event user in webhook notification

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update other transports

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-08 15:34:21 +02:00
Jens L 7df0e88b9d
events: cleanse http query string in events (#5508) 
* events: cleanse http query string in events

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-07 20:11:36 +02:00
Jens L 54d508ae8c
ci: fix pyright errors (#5392) 
* ci: fix pyright errors

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix error in oauth 1 source

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove redundant blueprint fixtures

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-04-27 17:33:47 +03:00
Jens L 5970a6e2a2
events: always run policies for notification rules even if no group is selected (#5353) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-04-23 19:10:22 +03:00
Jens L dfa80543b5
root: add ruff linter (#5240) 
* root: add ruff linter

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* actually add ruff

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-04-18 13:28:19 +02:00
Jens L a5098364eb
events: unpack wrapped query from FlowExecutor (#5244) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-04-14 00:07:41 +02:00
Jens L 9310d4cdc0
*: fix mismatched task names for discovery, make output service connection task monitored (#4956) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-03-15 12:12:08 +01:00
Jens L 10b7d78825
events: set task start time before start not on init (#4908) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-03-12 15:13:04 +01:00
Jens L 67f3db1e03
core: enforce unique on names where it makes sense (#4866) 
enforce unique on names where it makes sense

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-03-07 23:52:34 +01:00
Jens L 28ddeb124f
providers: SCIM (#4835) 
* basic user sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add group sync and some refactor

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* allow null authorization flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make task monitored

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add missing dependency

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make authorization_flow required for most providers via API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make task result better readable, exclude anonymous user

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add task UI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add scheduled task for all sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make scim errors more readable

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add mappings, migrate to mappings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add mapping UI and more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add scim docs to web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start implementing membership

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate signals to tasks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate fully to tasks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* strip none keys, fix lint errors

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start adding tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix saml

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add scim schemas and validate against it

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve error handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add group put support, add group tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* send correct application/scim+json headers

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* stop sync if no mappings are confiugred

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add test for task sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add membership tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use decorator for tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make tests better

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-03-06 19:39:08 +01:00
Jens Langhammer 069e9c015b
events: fix m2m_change events not being logged 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-19 16:28:30 +01:00
Jens Langhammer 925477b3a2
policies: raise sentry-ignored error for invalid PolicyEngine parameters 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-13 13:23:07 +01:00
Jens Langhammer 53b25d61f7
events: use colon as separator for task name and task UID 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-13 12:06:29 +01:00
Jens Langhammer 4f868c2ef2
events: dont log oauth temporary model creation 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-12 16:55:45 +01:00
Jens Langhammer ffc97905f3
events: prevent error when request fails without response 
closes #4589

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-01 19:40:02 +01:00
dependabot[bot] 18cfe67719
core: bump black from 22.12.0 to 23.1.0 (#4584) 
* core: bump black from 22.12.0 to 23.1.0

Bumps [black](https://github.com/psf/black) from 22.12.0 to 23.1.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0)

---
updated-dependencies:
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* re-format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-01 11:31:32 +01:00
Jens Langhammer e5ba5d51fe
events: improve sanitising for tuples and sets 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-31 19:19:22 +01:00
Jens L c61529e4d4
sources/ldap: add e2e LDAP source tests (#4462) 
* start adding more LDAP source tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve healthcheck

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* try local webdriver

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add full samba tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix locale types

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-19 15:03:56 +01:00
Jens Langhammer 6e0c9acb34
events: exclude base models from model audit log 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-18 15:11:33 +01:00
Jens L c73fce4f58
sources/ldap: manual import (#4456) 
* events: fix task UID

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add ldap sync command

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-17 12:21:33 +01:00
Jens L 9568f4dbd6
root: improve code style (#4436) 
* cleanup pylint comments

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix url name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* *: use ExtractHour instead of ExtractDay

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-15 17:02:31 +01:00
Jens L 67a6fa6399
events: rework metrics (#4407) 
* rework metrics

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* change graphs to be over last week

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix  Apps with most usage card

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-11 12:21:07 +01:00
Jens Langhammer 4b93f40c5e
providers/oauth2: fix null amr value not being removed from id_token 
closes #4339

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2023-01-03 00:41:18 +01:00
Jens Langhammer fddcb3a835 events: remove legacy logger declaration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-12 15:32:06 +00:00
Jens Langhammer 3251bdc220 events: improve handling creation of events with non-pickleable objects 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-01 15:56:28 +02:00
Jens Langhammer f8ef2b666f events: fix incorrect EventAction being used 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-25 11:53:05 +01:00
Jens Langhammer 5019346ab6 events: save login event in session after login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#4070
 2022-11-25 11:21:00 +01:00
Jens Langhammer 426f0bc9dd events: deepcopy event kwargs to prevent objects being removed, remove workaround 
closes #4041

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-21 12:31:17 +01:00