Commit graph

551 commits

Author SHA1 Message Date
Jens Langhammer acfa9c76d1
providers/ldap: check MFA password on password stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 16:27:08 +01:00
Jens Langhammer d945d30cda
providers/proxy: fix value is too long with filesystem sessions
closes #4693

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 10:50:01 +01:00
Jens Langhammer b6c120f555
providers/proxy: fix client credential flows not using http interceptor
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 00:22:56 +01:00
Jens Langhammer 80de3ee853
release: 2023.2.1 2023-02-14 18:52:36 +01:00
Jens Langhammer 58e001c3d5
internal: fix scheme not being forwarded correctly for host intercepted requests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 14:31:04 +01:00
Jens Langhammer 81d70e5d41
release: 2023.2.0 2023-02-14 13:15:47 +01:00
Jens L ec42b597ab
providers/proxy: send token request internally, with overwritten host header (#4675)
* send token request internally, with overwritten host header

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-13 16:34:47 +01:00
[information redacted] d4dce5b250
root: fix config load order to include /etc/authentik/config.yml (#4669) 2023-02-12 23:52:13 +01:00
Jens Langhammer 8f70354e3c
internal: remove debug remnant from cookie testing
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-12 17:29:18 +01:00
Jens L 21e29744c2
providers/proxy: different cookie name based on hashed client id (#4666) 2023-02-12 16:34:57 +01:00
Jens L af43330fd6
providers/oauth2: rework OAuth2 Provider (#4652)
* always treat flow as openid flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve issuer URL generation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more refactoring

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update introspection

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more refinement

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix more things, update api

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* regen migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix a bunch of things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start updating tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix implicit flow, auto set exp

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix timeozone not used correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix revoke

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more timezone shenanigans

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix userinfo tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix proxy outpost

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing at_hash for implicit flows

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-include at_hash in implicit auth flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use folder context for outpost build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 20:19:48 +01:00
Jens Langhammer 5aa43eeb04
internal: better error message when outpost API controller couldn't fetch outposts
closes #4642

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-08 14:13:17 +01:00
Jens Langhammer 3170b2f92c
providers/proxy: add token support for basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:50:49 +01:00
Jens Langhammer 61b06eff06
providers/proxy: better log outpost token errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-06 20:26:43 +01:00
Jens Langhammer 146d54813c
providers/ldap: fix error not being checked correctly when fetching users
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 18:10:06 +01:00
Jens Langhammer 388367785d
*/saml: disable pretty_print, add signature tests
closes #4536

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 15:42:09 +01:00
Jens L 7d4ce41e12
providers/proxy: outpost wide logout implementation (#4605)
* initial outpost wide logout implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* handle deserialize error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix file cleanup, add tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 21:18:59 +01:00
Jens Langhammer 5ea9595c9c
internal: fix cache-control header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4525
2023-01-25 21:18:20 +01:00
Jens L a9b32e2f97
providers/ldap: add unbind flow execution (#4484)
add unbind flow execution

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 20:36:30 +01:00
Jens Langhammer 9397598376
release: 2023.1.2 2023-01-23 14:25:55 +01:00
Jens Langhammer 430a207865
release: 2023.1.1 2023-01-23 11:34:58 +01:00
Jens Langhammer 8deac81364
outposts/ldap: fix queries filtering objectClass with non-lowercase values
closes #2756

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-20 11:42:23 +01:00
Jens Langhammer 43854dc828
outposts/proxy: fix panic due to IsSet misbehaving
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 18:22:55 +01:00
Jens L c11367553e
providers/proxy: fix issuer for embedded outpost (#4480)
fix issuer for embedded outpost

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 15:39:30 +01:00
Jens Langhammer 49b6c71079
release: 2023.1.0 2023-01-18 15:49:45 +01:00
Jens L 23c69c456a
providers/proxy: add setting to intercept authorization header (#4457)
* add setting to intercept authorization header

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rename to intercept_header_auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 18:56:48 +01:00
Jens Langhammer bd0ef69ece
outposts/ldap: decrease verbosity
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 11:12:31 +01:00
Jens Langhammer 19ee98b36d
outposts/proxy: allow setting no-redirect via header or query param
closes #4455

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 10:56:43 +01:00
Jens Langhammer 9b2ceb0d44
outposts/proxy: make logged user more consistent, set FlushInterval
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 23:58:15 +01:00
Jens Langhammer 2deb185550
internal: fix empty scheme field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 23:27:34 +01:00
Jens Langhammer 69d4719687
outposts/proxy: set http code when no redirect header is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:20:52 +01:00
Jens Langhammer d31e566873
outposts/proxy: add header to prevent redirects
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:18:25 +01:00
Jens Langhammer 0ddcefce80
outposts/proxy: cache basic and bearer credentials for one minute
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:12:48 +01:00
Jens Langhammer 4c45d35507
outposts/proxy: fix error handling, remove requirement for profile/etc scopes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 21:44:28 +01:00
Jens Langhammer 829e49275d
outposts/proxy: fix proxy's TokenIntrospection potentially not being set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 20:54:34 +01:00
Jens L cd12e177ea
providers/proxy: add initial header token auth (#4421)
* initial implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* check for openid/profile claims

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* include jwks sources in proxy provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add web ui for jwks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only show sources with JWKS data configured

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix introspection tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start basic

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add basic auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs, update admonitions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add client_id to api, add tab for auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:22:03 +01:00
Jens Langhammer a42f2f7217
internal: fix linting error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 17:17:27 +01:00
Jens Langhammer a1be924fa4
*: strip leading and trailing whitespace when reading config values from files
also add a debug endpoint that dumps the go parsed config

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-09 15:29:22 +01:00
Jens Langhammer 98876df5c5
internal: improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-08 20:35:25 +01:00
Jens Langhammer a9680d6088
internal: fix race condition with config loading on startup, add index on debug server
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-08 20:33:04 +01:00
Jens Langhammer 7eb6320d74
outposts: use common config loader for outposts to support loading values from file
closes #4383

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-08 14:19:16 +01:00
Jens Langhammer 001869641d
web: ensure img tags have alt attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-06 12:44:51 +01:00
Jens L 2604dc14fe
providers/ldap: add code-MFA support for ldap provider (#4354)
* add code support for ldap provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* only try to extract code when auth validator stage is encountered

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use parseint instead

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 18:32:06 +01:00
Jens Langhammer 06f67c738c
internal: check certificate value and not IsSet
closes #4369

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 18:30:11 +01:00
Jens Langhammer ac07833688
release: 2022.12.2 2023-01-05 10:01:30 +01:00
Jens Langhammer 2c42c87689
release: 2022.12.1 2022-12-30 13:43:42 +01:00
Jens Langhammer 39424839c5
outposts/ldap: only use common cert if cert is configured, correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 22:50:50 +01:00
Jens Langhammer 2d03bd5c89
outposts/ldap: only use common cert if cert is configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 21:29:36 +01:00
Jens Langhammer ff13b4bb46
outposts/ldap: use configured certificate for LDAPS when all providers' certificates are identical
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 19:15:29 +01:00
Jens Langhammer 2b2323fae7
outposts: include hostname in outpost heartbeat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 16:07:52 +01:00
Jens Langhammer 24eb4ed963
release: 2022.12.0 2022-12-28 13:00:49 +01:00
Jens Langhammer 1b86a3d5d6
Merge branch 'version-2022.11' 2022-12-23 14:39:52 +01:00
Jens Langhammer 9dc0bb2a77
release: 2022.11.4 2022-12-23 14:17:48 +01:00
Jens Langhammer bacf2afed1 internal: remove sentry proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-19 17:52:07 +01:00
Jens Langhammer b3da1d223c providers/proxy: correctly set id_token_hint if possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 19:02:37 +00:00
Jens Langhammer 107f2745c8 providers/ldap: improve mapping of LDAP filters to authentik queries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 18:30:52 +00:00
Jens Langhammer 8d169a8bd9 Merge branch 'version-2022.11' 2022-12-12 17:05:39 +00:00
Jens Langhammer b6b72e389d internal: dont error if environment config isn't found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 10:38:38 +00:00
dependabot[bot] c21c1757de
core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 (#4179)
* core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0

Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update custom tracer

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-09 12:20:41 +01:00
Jens Langhammer 44bf9a890e release: 2022.11.3 2022-12-02 23:00:59 +02:00
Jens Langhammer 58cd6007b2 Merge branch 'version-2022.11' 2022-12-02 18:12:38 +02:00
Jens Langhammer 2a4daa5360 release: 2022.11.2 2022-12-01 10:41:29 +02:00
Daniel be9790ef8a
internal: reuse http transport to prevent leaking connections (#3996)
* Fix: Using the same http transport as the api

* fix: Using global tlsTransport instead of newly created one
2022-11-25 18:24:01 +01:00
Jens Langhammer 3a13d19695 release: 2022.11.1 2022-11-22 21:42:10 +01:00
Jens Langhammer 20c1770ec4 release: 2022.11.0 2022-11-21 20:12:02 +01:00
Jens L 276af8457d
root: make sentry DSN configurable (#4016)
* make sentry DSN configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make proxy smarter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix typo in config struct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 16:05:29 +01:00
Jens L 55aa1897af
root: use single redis db (#4009)
* use single redis db

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup prefixes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ensure __str__ always returns string

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix remaining old prefixes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-15 14:31:29 +01:00
Jens Langhammer f3a72761c0 release: 2022.10.1 2022-10-29 17:24:55 +02:00
Jens Langhammer 89dc46a7ff release: 2022.10.0 2022-10-21 19:42:38 +02:00
Jens L d53733b6fc
outposts/proxy: reduce possibility for redirect loops, keep single state (#3831)
use single state, redirect when start url is hit with active session

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-20 21:27:34 +02:00
Jens Langhammer 56181a45a1 internal: limit body size
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-17 18:52:16 +02:00
Jens Langhammer b864de7721 outposts/ldap: increase compatibility with different types in user and group attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 22:32:18 +02:00
Jens Langhammer 26adf3f774 cmd: always stop gunicorn before exiting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-15 11:54:11 +02:00
Jens L 44e4f2e561
crypto: make certificate parsing optional for crypto api (#3711) 2022-10-01 00:06:00 +02:00
Jens Langhammer 50819ae0f0 *: improve error handling in ldap outpost, ignore additional errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-23 22:11:47 +02:00
Jens Langhammer 2cfba36cb7 release: 2022.9.0 2022-09-23 12:33:01 +02:00
Jens L 49b6aabb02
outposts/proxy: fix redirect path when external host is a subdirectory (#3628)
fix redirect path when external host is a subdirectory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-22 10:10:29 +02:00
Jens L 47daaf969a
outposts: fix oauth state when using signature routing (#3616)
* fix oauth state when using signature routing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more retires

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-19 21:38:34 +02:00
Jens Langhammer 53f224300b internal: set ETag header on static resources to reduce cache issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3456
2022-09-11 23:18:34 +02:00
Jens Langhammer 220f123b29 internal: add more tracing for states
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-07 09:53:10 +02:00
Jens Langhammer 621245aece internal: optimise outpost's flow executor to use less requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-03 21:29:58 +02:00
Jens Langhammer 242423cf3c internal: remove sentryhttp from main server mux to prevent double traces
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-03 16:41:47 +02:00
Jens Langhammer 8e7a456f74 providers/proxy: fix routing based on signature in traefik and caddy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-09-02 22:03:08 +02:00
Jens Langhammer 14a7c9f967 internal: fix outposts not logging flow execution errors correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-31 23:03:57 +02:00
Jens Langhammer 15c34c6f1f release: 2022.8.2 2022-08-19 15:59:53 +01:00
Jens Langhammer 8ffae4505f internal: set Host on url in envoy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 23:20:12 +01:00
Jens Langhammer 0cc83c23c4 providers/proxy: fix duplicate proxy set default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 21:13:45 +01:00
Jens Langhammer 514c48a986 internal: fix routing for requests with querystring signature to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-18 20:43:01 +02:00
Jens Langhammer 846b63a17b *: remove some very verbose logging messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-17 13:36:56 +02:00
Jens Langhammer 435d126a1c release: 2022.8.1 2022-08-16 16:23:36 +02:00
Jens Langhammer 4c9878313c sources/oauth: correctly concatenate URLs to allow custom parameters to be included
closes #3374

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 21:17:32 +02:00
Jens Langhammer 6356ddd9f3 internal: replace ioutils
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 21:00:45 +02:00
Jens Langhammer 201bea6d30 internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 18:50:24 +02:00
Jens L 89fef0ae72
blueprints: docs (#3376)
* further blueprint cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make group users and parent optional

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix api client usage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 00:52:12 +02:00
Jens Langhammer 85640d402f internal: fix race conditions when accessing settings before bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 00:24:55 +02:00
Jens L 2ce8e18bab
internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3360

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-03 21:33:27 +02:00
Jens Langhammer fcf4657833 providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser
closes #3314

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 20:29:23 +02:00
Jens L 393d7ec486
providers/proxy: no exposed urls (#3151)
* test any callback

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dont detect callback in per-server handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use full redirect uri with both path and query param

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* correctly route to embedded outpost for callback signature

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix allowed redirects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 17:51:01 +02:00
Jens L b41acebf5b
providers/proxy: add caddy endpoint (#3330)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 10:58:53 +02:00
Jens Langhammer 55739ee982 internal: add additional error handling in config loader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:48:57 +02:00