authentik

Archived

Author	SHA1	Message	Date
Jens L	da3222df07	core: fix websocket url path (#5019 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-21 00:20:48 +01:00
Jens L	54cacd784c	*: load websocket paths similarly to URLs (#5018 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 23:39:25 +01:00
Jens L	3f5effb1bc	providers/radius: simple radius outpost (#1796 ) * initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use search-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ip with port being sent to delegated ip Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add radius tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 16:54:35 +01:00
sdimovv	16a03160d0	core: Add unique constraint to user UUID (#5004 )	2023-03-20 00:33:08 +01:00
sdimovv	8b52d711e8	stages/prompt: Add Radio Button Group, Dropdown and Text Area prompt fields (#4822 ) * Added radio-button prompt type in model * Add radio-button prompt * Refactored radio-button prompt; Added dropdown prompt * Added tests * Fixed unrelated to choice fields bug causing validation errors; Added more tests * Added description for new prompts * Added docs * Fix lint * Add forgotten file changes * Fix lint * Small fix * Add text-area prompts * Update authentik/stages/prompt/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Update authentik/stages/prompt/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Fix inline css * remove AKGlobal, update schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L. <jens@beryju.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-19 18:56:17 +01:00
Jens L	97df7848a5	blueprints: allow setting of token key in blueprint context (#4995 ) closes #4717 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-18 00:10:12 +01:00
Jens L	e2d3a95c80	web: full web components part 1 (#4964 ) * migrate loading Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate api browser Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate base css Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move tenant fetching to base interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * import pre-loaded stages in flow interface and not executor to strip down executor size Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix redirect and such Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-17 23:10:19 +01:00
Jens L	8363016982	version: 2023.3 (#4980 ) * release: 2023.3.0 * providers/ldap: fix duplicate attributes (#4972) closes #4971 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * providers/oauth2: fix response for response_type code and response_mode fragment (#4975) * web/flows: fix authenticator selector in dark mode (#4974) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * release: 2023.3.1 --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-16 22:43:57 +01:00
Jens L	2a399cf8e8	providers/oauth2: fix response for response_type code and response_mode fragment (#4975 )	2023-03-16 15:58:38 +01:00
Jens L	eaf56f4f3f	stages/user_login: stay logged in (#4958 ) * add initial remember me offset Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to go executor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ui for user login stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 20:21:05 +01:00
Jens L	9310d4cdc0	*: fix mismatched task names for discovery, make output service connection task monitored (#4956 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 12:12:08 +01:00
Jens L	86f9056d3f	core: fix url validator (#4957 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 12:00:57 +01:00
Jens L	73d7b5f110	root: add common fixture loader (#4946 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-14 17:13:03 +01:00
Jens L	4b1440944e	providers: fix authorization_flow not required in API (#4932 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-13 23:36:24 +01:00
Jens L	59a92dbacd	stages/authenticator_webauthn: remove credential_id size limit (#4931 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-13 21:24:10 +01:00
Jens L	6f6d22da13	release: 2023.3.0 (#4925 )	2023-03-13 19:10:48 +01:00
Jens L	fab6a8f8c9	stages/user_login: expiry before login (#4920 ) * stages/user_write: run set_expiry before login, so that session used in Signal has correct expiry Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-13 15:31:06 +01:00
Jens L	178bfe1d44	providers/scim: handle ServiceProviderConfig 404 (#4915 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-13 13:44:29 +01:00
Jens L	94f22cffba	root: fix session middleware for websocket connections (#4909 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-12 16:47:19 +01:00
Jens L	10b7d78825	events: set task start time before start not on init (#4908 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-12 15:13:04 +01:00
dependabot[bot]	0ef333f8ea	core: bump bandit from 1.7.4 to 1.7.5 (#4896 ) * core: bump bandit from 1.7.4 to 1.7.5 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.7.4...1.7.5) --- updated-dependencies: - dependency-name: bandit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-10 12:06:59 +01:00
Jens L	86bb2afd02	core: add validator which allows for URLs with formatting (#4890 )	2023-03-10 00:16:17 +01:00
Jens L	b6b820f6f1	web: toggle dark/light theme manually (#4876 )	2023-03-09 23:17:53 +01:00
Jens L	6ae2fc9668	providers/SCIM: customizable externalId, document behavior (#4868 ) * only set externalId if mapping hasn't set it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better document use of SCIM in conjunction with OAuth/SAML Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-08 00:15:16 +01:00
Jens L	67f3db1e03	core: enforce unique on names where it makes sense (#4866 ) enforce unique on names where it makes sense Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 23:52:34 +01:00
Jens L	9559bc2e1e	providers/scim: add option to filter out service accounts, parent group (#4862 ) * add option to filter out service accounts, parent group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to filter group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework sync card to show scim sync status Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 15:39:48 +01:00
Jens L	28ddeb124f	providers: SCIM (#4835 ) * basic user sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group sync and some refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow null authorization flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task monitored Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing dependency Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make authorization_flow required for most providers via API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task result better readable, exclude anonymous user Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add task UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scheduled task for all sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make scim errors more readable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mappings, migrate to mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mapping UI and more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim docs to web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start implementing membership Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate signals to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate fully to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * strip none keys, fix lint errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix saml Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim schemas and validate against it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group put support, add group tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * send correct application/scim+json headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * stop sync if no mappings are confiugred Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for task sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add membership tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use decorator for tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make tests better Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-06 19:39:08 +01:00
dependabot[bot]	e08536af33	web: bump mermaid from 10.0.1 to 10.0.2 in /web (#4837 ) * web: bump mermaid from 10.0.1 to 10.0.2 in /web Bumps [mermaid](https://github.com/mermaid-js/mermaid) from 10.0.1 to 10.0.2. - [Release notes](https://github.com/mermaid-js/mermaid/releases) - [Changelog](https://github.com/mermaid-js/mermaid/blob/develop/CHANGELOG.md) - [Commits](https://github.com/mermaid-js/mermaid/compare/v10.0.1...v10.0.2) --- updated-dependencies: - dependency-name: mermaid dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix failing bandit check Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-03 10:27:16 +01:00
Jens L	9370d155f8	sources/plex: fix check_token error unusable if token is empty (#4834 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-02 22:21:54 +00:00
Jens L	972dce1462	security: fix CVE-2023-26481 (#4832 ) fix CVE-2023-26481 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-02 20:15:33 +01:00
Jens L	7b44d8972f	stages/authenticator_sms: fix twilio sending, add test (#4829 ) closes #4823 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-02 14:39:28 +01:00
sdimovv	a6eba37d5a	core: Add `resolve_dns` and `reverse_dns` functions to evaluator (#4769 ) * Add resolve_dns * Add reverse_dns * Fix lint * add caching, small optimisation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Added time-aware LRU cache --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-01 22:15:13 +01:00
Jens L	20e971f5ce	flows: planner error handling (#4812 ) * handle FlowNonApplicableException everywhere Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make flow planner check authentication when no pending user is in planning context Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mailhog to e2e test services, remove local docker requirement Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-28 15:18:29 +01:00
Jens L	118765ab30	web: fetch custom.css via fetch and add stylesheet (#4804 ) * web: fetch custom.css via fetch and add stylesheet Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't hardcode path Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-27 19:54:19 +01:00
Jens L	5e60db8593	providers/oauth2: fix typo (#4803 )	2023-02-27 17:17:48 +01:00
Jens L	39d0893303	flows: change default flow stage binding settings (#4784 ) * flows: change default flow stage binding settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fallback to correct value Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-27 15:21:26 +01:00
Jens L	596ff529c4	core: bootstrap email (#4788 )	2023-02-26 17:02:45 +01:00
Jens L	26f3275361	sources/ldap: improve error handling for password complexity (#4780 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-24 10:39:43 +00:00
Jens L	b7e4ad7234	web/user: fix source connections not being filtered (#4778 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-24 10:22:02 +00:00
Jens L	80f4fccd35	providers/oauth2: OpenID conformance (#4758 ) * don't open inspector by default when debug is enabled Signed-off-by: Jens Langhammer <jens@goauthentik.io> * encode error in fragment when using hybrid grant_type Signed-off-by: Jens Langhammer <jens@goauthentik.io> * require nonce for all response_types that get an id_token from the authorization endpoint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't set empty family_name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only set at_hash when response has token Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleaner way to get login time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove authentication requirement from authentication flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use wrapper Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix auth_time not being handled correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove USER_LOGIN_AUTHENTICATED Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework prompt=login handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also set last login uid for max_age check to prevent double login when max_age and prompt=login is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-23 15:26:41 +01:00
Jens L	122055b38b	stages/user_login: terminate others (#4754 ) * rework session list Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use sender filtering for signals when possible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add terminate_other_sessions Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:09:28 +01:00
sdimovv	c4e24c04f6	core: Improve service account creation (#4751 ) * Added ability to select service account token expiration on creation * Added call to user.set_unusable_password on service account creation * Added forgotten call to save() * Added and improved existsing tests * Added accidentally deleted help text * Fix lint	2023-02-22 13:19:01 +01:00
Jens Langhammer	1f7178c3a8	providers/oauth2: remove unused import Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 11:11:20 +01:00
Jens Langhammer	cfa2edebcf	providers/oauth2: revert PKCE requirement for public clients Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-21 23:51:27 +01:00
sdimovv	175502b053	core: Fix bug causing whitespace only names to raise exception when generating avatars (#4746 ) Fix bug causing whitespace only names to raise exception when generating avatars Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>	2023-02-21 16:19:19 +01:00
Jens Langhammer	9e82de33e6	lib: remove unused imports Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-21 11:00:54 +01:00
Jens Langhammer	d2cfb76a7c	root: don't trace websockets to sentry Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-20 21:32:35 +01:00
Jens Langhammer	327d87355d	lib: improve caching of gravatar status closes #4711 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-20 12:41:09 +01:00
Jens Langhammer	b415e9b773	core: remove avatar from group user member list Signed-off-by: Jens Langhammer <jens@goauthentik.io> #4711	2023-02-20 12:40:42 +01:00
Jens Langhammer	1ac2e924a2	core: fix error when creating token without request in context closes #4716 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-19 17:31:20 +01:00

1 2 3 4 5 ...

2795 commits