Jens L
db95dfe38d
security: fix CVE 2022 46145 ( #4140 )
...
* add flow authentication requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add website for cve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: handle FlowNonApplicableException without policy result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 16:14:25 +01:00
Avsynthe
860c85d012
website/integrations: Update Bookstack SAML settings Documentation ( #4137 )
...
Update Bookstack SAML settings
Enabled AUTH_AUTO_INITIATE=true to reduce amount of clicks needed to proceed to Bookstack and give a propper SSO experience. If user is not logged in elsewhere already, authentik's login page will still be displayed.
Edited SAML2_DISPLAY_NAME_ATTRIBUTES so it actually works. The previous "Name" entry is non-functional and does not parse. When this is the case, or the field is empty, usernames in Bookstack default to user's email address. Entries here need to be in line with Active Directory Federation Services' Role of Claims found here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/technical-reference/the-role-of-claims . Additionally, this will use the user's authentik username rather than real/full name.
Enabled Group Sync by default for easier administration for sysadmins. SAML2_GROUP_ATTRIBUTE also needed to be in line with Active Directory Federation Services' Role of Claims
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
Signed-off-by: Avsynthe <102600593+Avsynthe@users.noreply.github.com>
2022-12-02 11:46:44 +01:00
Jens Langhammer
6ca1654129
lifecycle: don't set user/group in gunicorn
...
closes #4098 closes #3236
the user and group are inherited from the parent process so this isnt required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 12:42:55 +02:00
dependabot[bot]
a2dc594a44
web: bump @sentry/browser from 7.22.0 to 7.23.0 in /web ( #4131 )
...
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript ) from 7.22.0 to 7.23.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.22.0...7.23.0 )
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 09:52:53 +01:00
dependabot[bot]
c6bc8e2ddf
web: bump decode-uri-component from 0.2.0 to 0.2.2 in /web ( #4136 )
...
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component ) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases )
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2 )
---
updated-dependencies:
- dependency-name: decode-uri-component
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 09:52:23 +01:00
dependabot[bot]
48a234e86f
web: bump @sentry/tracing from 7.22.0 to 7.23.0 in /web ( #4132 )
2022-12-02 09:48:14 +01:00
dependabot[bot]
cf521eba5a
web: bump @formatjs/intl-listformat from 7.1.4 to 7.1.6 in /web ( #4133 )
2022-12-02 09:48:04 +01:00
dependabot[bot]
52ebc78aaa
core: bump selenium from 4.6.1 to 4.7.0 ( #4134 )
2022-12-02 09:47:53 +01:00
sdimovv
1f7d52c5ce
blueprints: Support nested custom tags in `!Find` and `!Format` tags ( #4127 )
...
* Added support for nested tags to !Find and !Format
* Added tests
* Fix variable names
* Added docs
* Fixed small mistake in tests
* Fixed variable names
* Broke example into multiple lines
2022-12-01 16:10:26 +01:00
Jens Langhammer
3251bdc220
events: improve handling creation of events with non-pickleable objects
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 15:56:28 +02:00
Bastien Rivière
93fee5f0e5
web: fix authentification with Plex on iOS ( #4095 )
...
* web: fix authentification with Plex on iOS
Fixes issue #3822
* fixup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add fallback button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 13:32:00 +01:00
dependabot[bot]
46c8db7f4b
web: bump @codemirror/lang-html from 6.2.0 to 6.4.0 in /web ( #4129 )
...
Bumps [@codemirror/lang-html](https://github.com/codemirror/lang-html ) from 6.2.0 to 6.4.0.
- [Release notes](https://github.com/codemirror/lang-html/releases )
- [Changelog](https://github.com/codemirror/lang-html/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-html/compare/6.2.0...6.4.0 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-html"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 09:57:20 +01:00
dependabot[bot]
fc74c0209a
web: bump pyright from 1.1.281 to 1.1.282 in /web ( #4128 )
...
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright ) from 1.1.281 to 1.1.282.
- [Release notes](https://github.com/Microsoft/pyright/releases )
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.282/packages/pyright )
---
updated-dependencies:
- dependency-name: pyright
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 09:53:23 +01:00
dependabot[bot]
07bfc3da1e
core: bump twilio from 7.15.3 to 7.15.4 ( #4130 )
...
Bumps [twilio](https://github.com/twilio/twilio-python ) from 7.15.3 to 7.15.4.
- [Release notes](https://github.com/twilio/twilio-python/releases )
- [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md )
- [Commits](https://github.com/twilio/twilio-python/compare/7.15.3...7.15.4 )
---
updated-dependencies:
- dependency-name: twilio
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 09:50:14 +01:00
Jens Langhammer
2a4daa5360
release: 2022.11.2
2022-12-01 10:41:29 +02:00
Jens Langhammer
e1a6dede54
*: backport CVE-2022-46145 fix
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 10:41:26 +02:00
Jens Langhammer
cf40e5047e
policies: don't log context when policy returns None
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 14:43:47 +02:00
Jens Langhammer
17ee076f3d
root: include security policy in website container
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 13:05:38 +02:00
Jens Langhammer
4d12a98c5d
root: rework and expand security policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 13:05:35 +02:00
Jens Langhammer
d5329432fe
lib: fix uploaded files not being saved correctly, add tests
...
closes #4110 #4109 #4107
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 12:48:33 +02:00
Jens Langhammer
8a926aaa73
Revert "web: bump @codemirror/lang-html from 6.2.0 to 6.3.1 in /web ( #4122 )"
...
This reverts commit 17fc775fd3
.
2022-11-30 10:42:28 +02:00
sdimovv
5156aeee0f
policies/password: Always add generic message to failing zxcvbn check ( #4100 )
...
* Always add generic message to failing zxcvbn password policy
Depending on the settings, sometimes a password policy that checks a password with the zxcvbn tool can fail without any message.
For example:
```
$ echo 'Awdccdw1234' | zxcvbn | jq | grep "feedback" -A 5 -B 1
Password:
"score": 3,
"feedback": {
"warning": "",
"suggestions": []
}
}
```
As seen above the tool does not produce any warnings or suggestions for the given password, but if the password policy is set to have a zxcvbn threshold of 3, the policy will silently fail without communicating the reason to the user.
There are two ways to handle this:
1. Always add a generic "password is too weak" message when the policy fails.
2. Check if there are any suggestions or warnings from the zxcvbn tool and only add the generic message if not.
I personally prefer 1. This way the generic message will be shown whenever the policy fails, and will get combined with extra "tips" whenever zxcvbn has some.
Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
* Update authentik/policies/password/models.py
Co-authored-by: Jens L. <jens@beryju.org>
Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
* Added test case
* fix black formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens L. <jens@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-30 07:58:16 +00:00
dependabot[bot]
1690812936
web: bump @sentry/browser from 7.21.1 to 7.22.0 in /web ( #4120 )
...
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript ) from 7.21.1 to 7.22.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.21.1...7.22.0 )
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:46:22 +01:00
dependabot[bot]
c693a2c3f4
web: bump @babel/core from 7.20.2 to 7.20.5 in /web ( #4112 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.20.2 to 7.20.5.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.20.5/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:46:13 +01:00
dependabot[bot]
d6cac5c765
web: bump @typescript-eslint/eslint-plugin from 5.44.0 to 5.45.0 in /web ( #4116 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.44.0 to 5.45.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:46:01 +01:00
dependabot[bot]
2722b9b7ea
web: bump @rollup/plugin-typescript from 10.0.0 to 10.0.1 in /web ( #4115 )
...
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript ) from 10.0.0 to 10.0.1.
- [Release notes](https://github.com/rollup/plugins/releases )
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md )
- [Commits](https://github.com/rollup/plugins/commits/typescript-v10.0.1/packages/typescript )
---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:38:15 +01:00
dependabot[bot]
014fc6169a
core: bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 ( #4118 )
...
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime ) from 0.24.2 to 0.25.0.
- [Release notes](https://github.com/go-openapi/runtime/releases )
- [Commits](https://github.com/go-openapi/runtime/compare/v0.24.2...v0.25.0 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:37:48 +01:00
dependabot[bot]
a7a722c9c0
web: bump @typescript-eslint/parser from 5.44.0 to 5.45.0 in /web ( #4114 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.44.0 to 5.45.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.45.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:37:39 +01:00
dependabot[bot]
da581dde70
web: bump @babel/plugin-proposal-decorators from 7.20.2 to 7.20.5 in /web ( #4117 )
...
web: bump @babel/plugin-proposal-decorators in /web
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators ) from 7.20.2 to 7.20.5.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.20.5/packages/babel-plugin-proposal-decorators )
---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:37:29 +01:00
dependabot[bot]
17fc775fd3
web: bump @codemirror/lang-html from 6.2.0 to 6.3.1 in /web ( #4122 )
...
Bumps [@codemirror/lang-html](https://github.com/codemirror/lang-html ) from 6.2.0 to 6.3.1.
- [Release notes](https://github.com/codemirror/lang-html/releases )
- [Changelog](https://github.com/codemirror/lang-html/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-html/compare/6.2.0...6.3.1 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-html"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:36:42 +01:00
dependabot[bot]
eb57c787f3
web: bump @sentry/tracing from 7.21.1 to 7.22.0 in /web ( #4123 )
...
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript ) from 7.21.1 to 7.22.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.21.1...7.22.0 )
---
updated-dependencies:
- dependency-name: "@sentry/tracing"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:36:31 +01:00
dependabot[bot]
97e789323a
web: bump @formatjs/intl-listformat from 7.1.3 to 7.1.4 in /web ( #4121 )
...
Bumps [@formatjs/intl-listformat](https://github.com/formatjs/formatjs ) from 7.1.3 to 7.1.4.
- [Release notes](https://github.com/formatjs/formatjs/releases )
- [Commits](https://github.com/formatjs/formatjs/compare/@formatjs/intl-listformat@7.1.3...@formatjs/intl-listformat@7.1.4 )
---
updated-dependencies:
- dependency-name: "@formatjs/intl-listformat"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:36:23 +01:00
dependabot[bot]
290f576641
core: bump pylint from 2.15.6 to 2.15.7 ( #4124 )
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.15.6 to 2.15.7.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.15.6...v2.15.7 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 08:36:14 +01:00
Jens Langhammer
9723aa11df
root: include security policy in website container
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-29 00:05:42 +01:00
Alex Wigen
4e04461820
website/docs: Change Kubernetes ingress apiVersion out of beta ( #4099 )
...
* Change Kubernetes ingress apiVersion out of beta
* fix lint
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 16:42:59 +01:00
Jens Langhammer
147ebf1a5e
root: rework and expand security policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 12:10:53 +01:00
Jens Langhammer
e22fce02f8
stages/authenticator_validate: improve validation for not_configured_action
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 10:52:51 +01:00
Jens Langhammer
3b8cb9e525
web/flows: fix display for long redirect URLs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-28 10:30:27 +01:00
dependabot[bot]
beffb72e3b
web: bump @rollup/plugin-babel from 6.0.2 to 6.0.3 in /web ( #4103 )
...
Bumps [@rollup/plugin-babel](https://github.com/rollup/plugins/tree/HEAD/packages/babel ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/rollup/plugins/releases )
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/babel/CHANGELOG.md )
- [Commits](https://github.com/rollup/plugins/commits/babel-v6.0.3/packages/babel )
---
updated-dependencies:
- dependency-name: "@rollup/plugin-babel"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-28 10:25:06 +01:00
dependabot[bot]
b5c53d5e40
web: bump @rollup/plugin-typescript from 9.0.2 to 10.0.0 in /web ( #4101 )
...
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript ) from 9.0.2 to 10.0.0.
- [Release notes](https://github.com/rollup/plugins/releases )
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md )
- [Commits](https://github.com/rollup/plugins/commits/typescript-v10.0.0/packages/typescript )
---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-28 10:24:45 +01:00
dependabot[bot]
477dbc6daf
web: bump @rollup/plugin-commonjs from 23.0.2 to 23.0.3 in /web ( #4102 )
2022-11-28 10:06:26 +01:00
dependabot[bot]
3aaabdcc9d
core: bump pycryptodome from 3.15.0 to 3.16.0 ( #4104 )
2022-11-28 10:06:17 +01:00
dependabot[bot]
d045b0be1a
core: bump selenium from 4.6.0 to 4.6.1 ( #4105 )
2022-11-28 10:06:06 +01:00
Jens Langhammer
e2bd96c5de
stages/authenticator_validate: fix validation to ensure configuration stage is set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 21:37:52 +01:00
Daniel
be9790ef8a
internal: reuse http transport to prevent leaking connections ( #3996 )
...
* Fix: Using the same http transport as the api
* fix: Using global tlsTransport instead of newly created one
2022-11-25 18:24:01 +01:00
Jens Langhammer
f8ef2b666f
events: fix incorrect EventAction being used
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 11:53:05 +01:00
Jens Langhammer
7bc63791c9
root: update deprecation warnings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 11:47:28 +01:00
Jens Langhammer
a9909fcf6d
providers/oauth2: set amr values based on login event
...
closes #4070
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-11-25 11:21:59 +01:00
Jens Langhammer
1fa9b3a996
providers/saml: set AuthnContextClassRef based on login event
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#4070
2022-11-25 11:21:45 +01:00
Jens Langhammer
5019346ab6
events: save login event in session after login
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#4070
2022-11-25 11:21:00 +01:00