Commit Graph

68 Commits

Author SHA1 Message Date
dependabot[bot] 7eb97cd2bc
build(deps): bump twisted from 20.3.0 to 21.7.0 (#1198)
Bumps [twisted](https://github.com/twisted/twisted) from 20.3.0 to 21.7.0.
- [Release notes](https://github.com/twisted/twisted/releases)
- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
- [Commits](https://github.com/twisted/twisted/compare/twisted-20.3.0...twisted-21.7.0)

---
updated-dependencies:
- dependency-name: twisted
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:22:44 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138)
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
2021-07-14 09:17:01 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 19:52:55 +02:00
Jens Langhammer 73338bdf32 core: add geo_ip to authenticated sessions if enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:01:20 +02:00
Jens Langhammer 9f5a3c396d stages/authenticator_duo: initial duo stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 21:10:39 +02:00
Jens Langhammer 0db17b9729 root: remove yasg
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:18:04 +02:00
Jens Langhammer 1324d03815 *: initial migration to openapi v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 23:57:28 +02:00
Jens Langhammer c7f0ea8a4b root: update dbbackup to git version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 01:20:31 +02:00
Jens Langhammer 0620324702 root: bump version of psf black
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 00:42:46 +02:00
Jens Langhammer be21a5d172 sources/plex: add general tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:55:55 +02:00
Jens Langhammer f8d6daa928 root: unlock pylint again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:55:36 +02:00
Jens Langhammer afc5dc5543 root: lock pylint to < 2.8
https://github.com/PyCQA/pylint-django/issues/323
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 09:24:18 +02:00
Jens Langhammer 9341787fe7 providers/oauth2: replace deprecated jwkest with pyjwt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 00:02:13 +02:00
Jens Langhammer 69ee18e13d Merge branch 'master' into new-forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
2021-03-30 10:26:18 +02:00
Jens Langhammer 59f5846d1a root: replace bumpversion with bump2version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 09:54:10 +02:00
Jens Langhammer 7d74e1d2c4 *: revert to drf-yasg upstream
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:04:54 +02:00
Jens Langhammer 8155d88db7 root: update linters, remove prospector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 19:52:51 +01:00
Jens Langhammer 919debdd13 root: lock twisted to 20.3.0 whilst its causing issues with uvloop 2021-03-01 16:26:05 +01:00
Jens Langhammer bfc69562d8 root: remove qr and captcha from backend dependencies 2021-02-25 20:06:20 +01:00
Jens Langhammer 20e0fe3941 web: move ak-form-element to separate file 2021-02-21 23:09:08 +01:00
Jens L 8708e487ae
stages: add WebAuthn stage (#550)
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
Jens Langhammer 417b5d61a4 root: add initial geoip implementation 2021-02-12 09:52:14 +01:00
Jens Langhammer 50531b8a36 root: upgrade to python3.9 2020-11-15 16:15:01 +01:00
Jens Langhammer e5e4824920 */saml: fully migrate to xmlsec, remove signxml dependency 2020-11-15 15:20:56 +01:00
Jens Langhammer 9877ef99c4 */saml: fix creation and validation of detached signatures 2020-11-12 11:59:07 +01:00
Jens Langhammer dd0d7e7481 root: switch from drf-yasg to drf_yasg2 and up rest_framework 2020-10-16 23:32:35 +02:00
Jens Langhammer ae125dd1f0 root: fix missing docker dependency 2020-10-04 15:04:07 +02:00
Jens Langhammer 9ef39f1e04 root: update black version 2020-09-30 16:39:15 +02:00
Jens Langhammer 9099dc5713 root: fix missing dependencies of uvicorn 2020-09-30 16:11:28 +02:00
Jens Langhammer 815ad26b91 root: add hard uvloop and httptools dependency 2020-09-30 15:37:15 +02:00
Jens Langhammer acb2b825f3 root: fix pipfile not referencing djangorestframework 2020-09-30 09:23:00 +02:00
Jens Langhammer e956b86649 root: lock rest-framework to 3.11.1 to prevent drf-yasg
See https://github.com/axnsan12/drf-yasg/issues/641
2020-09-30 09:15:48 +02:00
Jens L 23cccebb96
pytest (#209) 2020-09-11 23:21:11 +02:00
Jens L 268de20872
Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
Jens L 0e0898c3cf
Flow exporting/importing (#187)
* stages/*: Add SerializerModel as base model, implement serializer property

* flows: add initial flow exporter and importer

* policies/*: implement .serializer for all policies

* root: fix missing dacite requirement
2020-08-22 00:42:15 +02:00
Jens L ff810c689f
Replace Elastic APM with Sentry APM (#183) 2020-08-20 20:39:21 +02:00
Jens L c7a2410b1d
OAuth Provider Rewrite (#182) 2020-08-19 10:32:44 +02:00
Jens Langhammer 0715cac39b root: remove psutil as we have external monitoring for CPU 2020-07-07 18:24:24 +02:00
Jens Langhammer 9021bbd5de root: implement APM support 2020-07-07 17:43:10 +02:00
Jens Langhammer 57a7bed99d sources/oauth: fix facebook provider 2020-06-25 10:24:53 +02:00
Jens Langhammer 01f004cec6 root: move all e2e dependencies into pipfile 2020-06-19 20:25:45 +02:00
Jens Langhammer 16c6e29801 root: add missing selenium 2020-06-07 19:44:28 +02:00
Jens L 73116b9d1a
policies/expression: migrate to raw python instead of jinja2 (#49)
* policies/expression: migrate to raw python instead of jinja2

* lib/expression: create base evaluator, custom subclass for policies

* core: rewrite propertymappings to use python

* providers/saml: update to new PropertyMappings

* sources/ldap: update to new PropertyMappings

* docs: update docs for new propertymappings

* root: remove jinja2

* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
Jens Langhammer a08bdfdbcd root: remove prospector from Pipfile as it causes lock issues, install in CI 2020-02-17 17:48:18 +01:00
Jens Langhammer ba74a3213d *: upgrade python 3.7 to 3.8 2020-01-19 21:03:01 +01:00
Jens Langhammer 3bd1eadd51 all: implement black as code formatter 2019-12-31 12:51:16 +01:00
Jens Langhammer 8eb3f0f708 ci: upgrade pylint to latest version
core: also upgrade kombu as https://github.com/celery/kombu/issues/1101 is fixed now
2019-12-31 12:45:29 +01:00
Jens Langhammer b08ec0477e all(minor): replace django-ipware with custom implementation 2019-12-05 14:33:55 +01:00
Langhammer, Jens 97290755e7 root(major): re-add missing dependencies 2019-11-08 14:26:49 +01:00
Langhammer, Jens dfcfd87644 root(minor): remove old deps from pipfile 2019-11-08 13:55:58 +01:00