authentik

Commit Graph

Author	SHA1	Message	Date
Jens Langhammer	8e7a456f74	providers/proxy: fix routing based on signature in traefik and caddy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-09-02 22:03:08 +02:00
Jens Langhammer	8ffae4505f	internal: set Host on url in envoy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-18 23:20:12 +01:00
Jens L	393d7ec486	providers/proxy: no exposed urls (#3151 ) * test any callback Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * dont detect callback in per-server handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use full redirect uri with both path and query param Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * correctly route to embedded outpost for callback signature Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix allowed redirects Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-30 17:51:01 +02:00
Jens L	b41acebf5b	providers/proxy: add caddy endpoint (#3330 ) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-29 10:58:53 +02:00
Jens Langhammer	e30103aa9f	providers/proxy: use same redirect-save code for all modes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-06-04 23:25:47 +02:00
Jens L	8447e9b9c2	providers/proxy: envoy v2 (#3029 ) * add path prefix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use prefix correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * only set redirect if session doesn't have a redirect yet Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-06-03 10:32:52 +02:00
Jens L	f9a419107a	outposts/proxyv2: add basic envoy support (#3026 ) * outposts/proxyv2: add basic envoy support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * don't crash when backend is not available Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add envoy tests and docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-06-03 00:06:09 +02:00
Jens L	a286f999e2	api: migrate to openapi generator v6 (#2968 ) * migrate to openapi generator v6 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * bump api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-26 15:15:30 +02:00
Jens Langhammer	a52638d898	internal: fix typo in session name constant Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-20 10:10:29 +02:00
Jens Langhammer	62a939b91d	internal: bump api client to v3 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-03 10:40:07 +01:00
Jens L	4343246a41	*: rename akprox to outpost.goauthentik.io (#2266 ) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-08 20:25:38 +01:00
Jens Langhammer	ebb5711c32	providers/proxy: add support for X-Original-URI in nginx, better handle missing headers and report errors to authentik Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-27 18:14:02 +01:00
Jens Langhammer	b32800ea71	outposts/proxy: trace full headers to debug Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-24 22:08:31 +01:00
Jens Langhammer	ef335ec083	outposts/proxy: add more test cases for domain-level auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-24 21:41:15 +01:00
Jens Langhammer	07b09df3fe	internal: add more outpost tests, add support for X-Original-URL Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-24 20:50:13 +01:00
Jens Langhammer	1dce408c72	internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-24 09:30:33 +01:00
Jens Langhammer	3bfb8b2cb2	outposts/proxyv2: allow access to /akprox urls in forward auth mode to make routing in nginx/traefik easier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-21 13:43:16 +01:00
Jens Langhammer	ba55538a34	outposts/proxy: cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 19:16:06 +01:00
Jens Langhammer	f10b57ba0b	outposts/proxy: handle redirect loop in start handler, show error message Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 10:07:08 +01:00
Jens Langhammer	eca2ef20d0	outposts/proxy: add initial redirect-loop prevention Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-20 22:21:53 +01:00
Jens Langhammer	e42ad8db93	outposts/proxy: copy user-agent header from upstream request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-02 10:01:54 +01:00
Jens Langhammer	3b068610b9	outposts/proxy: clean up header setting (don't copy all headers) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-01 20:05:56 +01:00
Jens Langhammer	2462d58135	outposts/proxy: fix duplicate protocol in domain auth mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-27 20:49:00 +02:00
Jens Langhammer	3d042e708a	outposts/proxy: always redirect on forward_auth for traefik Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-10 12:43:57 +02:00
Jens Langhammer	d296c12d01	outposts/proxy: fix redirect when using forward_auth mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:56:20 +02:00
Jens L	3c1b70c355	outposts/proxyv2 (#1365 ) * outposts/proxyv2: initial commit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> more stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add forward auth an sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> match cookie name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> re-add support for rs256 for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> ensure unique user-agent is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> set cookie duration based on id_token expiry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> build proxy v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add ssl Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add basic auth and custom header support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add application cert loading Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> implement whitelist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> migrate embedded outpost to v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> remove old proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> providers/proxy: make token expiration configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only allow one redirect URI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix docker build for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove default port offset Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add AUTHENTIK_HOST_BROWSER Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix e2e/integration tests not using proper tags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove references of old port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix user_attributes not being loaded correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 18:04:56 +00:00

26 Commits