trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
11141 commits 95 branches 330 tags 336 MiB
Commit graph

2795 commits

Author SHA1 Message Date
Jens Langhammer 0692663537 stages/email: add activate_user_on_success flag, add for all example flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 18:47:51 +02:00
Jens Langhammer b5649bdcc4 stages/user_login: add check for user.is_active and tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 18:37:05 +02:00
Jens Langhammer fab9a10487 outposts: don't always build permissions on outpost.user access, only in signals and tasks 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 18:04:19 +02:00
Jens Langhammer 0f00b27384 events: add missing migration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-04 17:51:31 +02:00
Steven Armstrong ab5981836d
providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514) 
Use the RDN instead of the FDN when establishing group memberships based on posixGroup's 'memberUid' attribute.

fixes #1436

Signed-off-by: Steven Armstrong <steven@armstrong.cc>
 2021-10-04 10:56:06 +02:00
Jens Langhammer 036a4e86e2 tests/integration: fix tests failing due to incorrect comparison 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 22:54:07 +02:00
Jens Langhammer 45f99fbaf0 outposts: fix circular import in kubernetes controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:25:26 +02:00
Jens Langhammer 83150d9920 outposts: fix circular import in kubernetes controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:25:18 +02:00
Jens Langhammer e31a3307b5 providers/proxy: always check ingress secret in kubernetes controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:14:42 +02:00
Jens Langhammer d28fcca344 outposts: check ports of deployment in kubernetes outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:14:42 +02:00
Jens Langhammer c296e1214c web: fix package lock 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:14:37 +02:00
Jens Langhammer d30dcda814 providers/proxy: always check ingress secret in kubernetes controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:14:27 +02:00
Jens Langhammer c720c9f41b outposts: check ports of deployment in kubernetes outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 19:09:52 +02:00
Jens Langhammer 39d87841d0 outposts/proxy: add new headers with unified naming 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 18:20:44 +02:00
Jens Langhammer b285814e24 sources/ldap: fix logic error in Active Directory account disabled status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 18:19:07 +02:00
Jens Langhammer 1c52836060 web: fix package lock 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 01:17:41 +02:00
Jens Langhammer 8dd77793a0 sources/ldap: fix logic error in Active Directory account disabled status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-03 00:30:35 +02:00
Jens Langhammer 3c1ac4c7ec outposts/proxy: add new headers with unified naming 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-02 22:00:23 +02:00
Jens Langhammer faca127217 Merge branch 'version-2021.9' 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
 2021-10-01 12:19:11 +02:00
Jens Langhammer 1a6ea72c09 release: 2021.9.4 2021-10-01 09:51:51 +02:00
Jens Langhammer c251b87f8c sources/ldap: add support for Active Directory userAccountControl attribute 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-30 19:34:43 +02:00
Jens Langhammer 21a9aa229a sources/ldap: don't sync ldap source when no property mappings are set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-30 19:34:43 +02:00
Jens Langhammer 53e15bfbca sources/ldap: add support for Active Directory userAccountControl attribute 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-30 19:13:48 +02:00
Jens Langhammer 8bce16e6b4 sources/ldap: don't sync ldap source when no property mappings are set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-30 18:49:18 +02:00
Jens Langhammer 10b45d954e outposts: allow disabling of docker controller port mapping 
closes #1474

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-30 00:11:50 +02:00
Jens Langhammer 4cb8ae760a outposts: allow disabling of docker controller port mapping 
closes #1474

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-29 23:55:22 +02:00
Jens L f9ad102915
flows: inspector (#1469) 
* flows: add initial inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: change naming a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flow: add inspector frame

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: don't use shadydom when inspecting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add current stage to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/*: fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: deep-copy plan instead of just adding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: restrict inspector to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add buttons to launch flow with inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: don't automatically follow redirects when inspector is open

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make current_plan optional, only require historry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: handle error messages in inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve UI when flow is done

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add is_completed flag to inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix monkeypatches for tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add inspector tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: re-enable cache

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-28 09:36:48 +02:00
Jens Langhammer 941bc61b31 release: 2021.9.3 2021-09-27 17:31:50 +02:00
Jens Langhammer 282b364606 stages/prompt: fix inconsistent policy context for validation policies 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-27 17:05:26 +02:00
pemontto 674bd9e05c
web/admin: Fix typo 'username address' -> 'username' (#1473) 2021-09-26 12:53:37 +02:00
Jens Langhammer b248f450dd outposts: make AUTHENTIK_HOST_BROWSER configurable from central config 
closes #1471

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-26 12:00:51 +02:00
pemontto aea1736f70
outposts/proxy: Fix failing traefik healtcheck (#1470) 2021-09-26 11:33:18 +02:00
Jens Langhammer 4f3583cd7e providers/proxy: make token_validity float and optional for backwards compat 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-25 15:54:32 +02:00
Jens Langhammer f7408626a8 providers/proxy: return token_validity as total seconds instead of expression 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-25 15:44:16 +02:00
Jens Langhammer 28eeb4798e providers/proxy: add token_validity field for outpost configuration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1462
 2021-09-25 15:00:06 +02:00
Jens Langhammer 79b92e764e *: fix typos in code 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-25 00:01:11 +02:00
Jens Langhammer 919336a519 outposts: ensure service is always re-created with mismatching ports 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-24 23:45:15 +02:00
Jens Langhammer 93bdea3769 core: fix api return code for user self-update 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-24 11:51:03 +02:00
Jens Langhammer 64b4e851ce events: add additional validation for event transport 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-23 16:29:58 +02:00
Jens Langhammer eddca478dc release: 2021.9.2 2021-09-23 12:34:02 +02:00
Jens Langhammer 74169860cf api: add logging to sentry proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-23 09:57:42 +02:00
Jens Langhammer 2fe6de0505 release: 2021.9.1 2021-09-22 19:11:20 +02:00
Jens Langhammer ae07f13a87 outposts: don't map port 9300 on docker, only expose port 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-21 21:40:08 +02:00
Jens Langhammer e6b275add3 stages/invitation: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 20:41:05 +02:00
Jens Langhammer 27016a5527 stages/invitation: fix tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 20:30:51 +02:00
Jens Langhammer 4c29d517f0 stages/email: use different query arguments for email and invitation tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:55:53 +02:00
Jens Langhammer 180d27cc37 outposts: don't restart container when health checks are starting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:46:05 +02:00
Jens Langhammer 3195640776 stages/email: slugify token identifier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:26:25 +02:00
Jens Langhammer d900a2b6a9 *: fix lookup_fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:19:36 +02:00
Jens Langhammer 95a2fddfa8 policies/expression: add ak_user_has_authenticator 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:13:41 +02:00
Jens Langhammer 8f7d21b692 stages/email: don't throw 404 when token can't be found 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:01:25 +02:00
Jens Langhammer 3f84abec2f core: fix token identifier not being slugified when created with user-controller input 
closes #1390

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 13:43:25 +02:00
Jens Langhammer b5c857aff4 api: add explicit lookup_value_regex, disable include_format_suffixes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 13:42:56 +02:00
Jens Langhammer ac52667327 release: 2021.9.1-rc3 2021-09-19 21:52:49 +02:00
Jens Langhammer f6e0f0282d core: fix tokens not being viewable but superusers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 16:11:20 +02:00
Jens Langhammer 3f42067a8f web: improve display of action buttons with non-primary classes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 15:57:12 +02:00
Jens Langhammer ed6f5b98df sources/ldap: improve messages of sync tasks in UI 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 15:54:22 +02:00
Jens Langhammer c85484fc00 core: allow admins to create tokens with all parameters, re-add user to token form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 15:25:48 +02:00
Jens Langhammer 8279690a8f sources/ldap: prevent error when retrying old system task with no arguments 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-17 16:49:26 +02:00
Jens Langhammer 3d8d93ece5 root: log failed celery tasks to event log 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-17 12:42:42 +02:00
Jens Langhammer 06af306e8a sources/ldap: bump timeout, run each sync component in its own task 
closes #1411

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-17 12:42:20 +02:00
dependabot[bot] 3e4ce62dfe
build(deps-dev): bump pylint from 2.10.2 to 2.11.1 (#1409) 
* build(deps-dev): bump pylint from 2.10.2 to 2.11.1

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.10.2 to 2.11.1.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.10.2...v2.11.1)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* root: update pylint config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-17 09:46:39 +02:00
Jens Langhammer 28189bdddf release: 2021.9.1-rc2 2021-09-16 23:23:36 +02:00
Jens L 13e2eea72f
web/user: new end-user interface (#1404) 
* web/user: migrate to top navbar

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: prepare config from server

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* re-sort

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove old interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update issue template

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use notification badge

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: re-add go-to-admin button

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix remaining redirects directly to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make settings better

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: ensure sources and stages are sorted

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add sessions and consent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/oauth2: add post wrapper to stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add new interface to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 22:17:05 +02:00
Jens L 9441be1ee2
interface split (#943) 2021-09-16 17:30:16 +02:00
Jens Langhammer 17503365f7 policies: improve error handling when using bindings without policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 11:04:31 +02:00
Jens Langhammer ebf9f0ca63 stages/email: don't crash when testing stage does not exist 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 11:04:08 +02:00
Jens Langhammer ae26d2756f providers/saml: improved error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 10:58:51 +02:00
Jens Langhammer 124071f9be root: remove python requirement from pipfile 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 10:37:43 +02:00
Jens Langhammer 341c58a722 core: fix token expiry for service accounts being only 30 minutes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 09:57:34 +02:00
Jens Langhammer bdd5e16db1 release: 2021.9.1-rc1 2021-09-15 20:20:54 +02:00
Jens Langhammer d4672bfe79 events: log parsed query string instead of just full path 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 20:15:04 +02:00
Jens Langhammer abd9fab41a api: fix call of sentry proxy task 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 19:39:58 +02:00
Jens Langhammer 7c8bf42ef9 api: send proxied sentry events in background 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 19:12:20 +02:00
Jens Langhammer 274b555912 api: add timeout for sentry proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 18:59:27 +02:00
Jens Langhammer 916530f0d8 providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui 
closes #1369

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 17:14:53 +02:00
Jens Langhammer 95efd47f65 root: remove asgi error handler 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 12:23:14 +02:00
Jens Langhammer 90ecb1af7f outposts: fix service account's permissions being checked twice 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 09:55:27 +02:00
Jens Langhammer d7fdca1b44 stages/email: fix error when retrying email delivery after stage has been deleted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-15 09:50:11 +02:00
Denis Teyssier 37346763dc
sources/oauth: Updating token url to new google url (#1397) 
the present url goes to a 404
google openid (https://accounts.google.com/.well-known/openid-configuration) says the new url is `https://oauth2.googleapis.com/token`

not using the new url makes authentik fallback on the default auth flow
 2021-09-15 09:15:19 +02:00
Jens Langhammer ef341dd405 stages/user_write: add option to add newly created users to a group 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-14 21:45:34 +02:00
Jens Langhammer 3ddf2d6f85 sources/oauth: fix type lookup for openid not matching 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-14 14:38:35 +02:00
Jens Langhammer ba6849f29c *: remove string.format() 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-14 12:06:47 +02:00
Jens Langhammer 942170f902 Revert "sources/oauth: fix access_token being sent as query param and not authorization header" 
This reverts commit 248f993541.
 2021-09-14 11:59:32 +02:00
Jens Langhammer 248f993541 sources/oauth: fix access_token being sent as query param and not authorization header 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-14 11:07:36 +02:00
Jens Langhammer 3a700a449a sources/oauth: don't try to load azure AD user ID as UUID 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-14 09:33:44 +02:00
Jens Langhammer 23444f4df0 core: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 18:19:28 +02:00
Jens Langhammer 71e68b498e core: optimise groups api by removing member superuser status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 18:06:37 +02:00
Jens Langhammer fb267ee223 tenants: optimise db queries in middleware 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 17:54:37 +02:00
Jens Langhammer a4b3519428 api: fix possible error in sentry proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 16:36:04 +02:00
Jens Langhammer 9a7fa39de4 events: allow setting a mapping for webhook transport to customise request payloads 
closes #1383

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-12 01:05:42 +02:00
Jens Langhammer c779ad2e3b *: use common user agent for all outgoing requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-11 21:08:26 +02:00
Jens Langhammer 7e7ef289ba admin: migrate to new update check, add option to disable update check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-11 20:35:23 +02:00
Jens Langhammer bf771f8b6c release: 2021.8.5 2021-09-11 19:20:13 +02:00
Jens Langhammer df4c8003b8 api: fix items of list fields having nullable set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 18:15:59 +02:00
Jens Langhammer 39b365c6ae sources/oauth: don't cancel flow when redirecting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 16:36:10 +02:00
Jens Langhammer e229eda96e outposts/controllers/kubernetes: don't create service monitor for embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 15:59:39 +02:00
Jens Langhammer 4448145aa9 providers/proxy: use auth/traefik subpath 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 13:53:04 +02:00
Jens Langhammer 7dfbcdbb81 stages/authenticator_duo: add API to "import" devices from duo 
closes #1371

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 11:35:09 +02:00
Jens Langhammer 2862b4ecfb core: remove ?v from static files 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 20:09:12 +02:00
Jens Langhammer 13d17dc729 lib: fix default listening port for metrics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:40:39 +02:00
Jens Langhammer 5cf3a13ca8 flows: fix invalid parameter in tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:36:51 +02:00
Jens Langhammer d0898a3869 flows: ensure all StageViews accept post, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:30:14 +02:00
Jens L 7158c9d2ea
core: metrics v2 (#1370) 
* outposts: add ldap metrics, move ping to 9100

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add flow_executor metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use port 9300 for metrics, add core metrics port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/controllers/k8s: add service monitor creation support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 15:52:24 +02:00
Jens Langhammer da58796768 providers/proxy: fix defaults for old proxy providers (load providers directly) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 13:54:24 +02:00
Jens Langhammer d98499a3fa providers/proxy: fix defaults for old proxy providers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 13:26:36 +02:00
Jens Langhammer f3ff398a44 providers/proxy: add metrics port to controllers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 23:01:22 +02:00
Jens Langhammer 533eb59a04 outposts/controllers: re-create service when mismatched ports to prevent errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 23:00:53 +02:00
Jens Langhammer 502393ee56 outpost/proxyv2: allow port offset via yaml 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 21:07:06 +02:00
Jens L 3c1b70c355
outposts/proxyv2 (#1365) 
* outposts/proxyv2: initial commit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add rs256

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

more stuff

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add forward auth an sign_out

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

match cookie name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

re-add support for rs256 for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add error handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

ensure unique user-agent is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

set cookie duration based on id_token expiry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

build proxy v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add ssl

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add basic auth and custom header support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add application cert loading

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

implement whitelist

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add redis

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

migrate embedded outpost to v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

remove old proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

providers/proxy: make token expiration configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only allow one redirect URI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix docker build for proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove default port offset

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add AUTHENTIK_HOST_BROWSER

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix e2e/integration tests not using proper tags

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove references of old port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix user_attributes not being loaded correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 18:04:56 +00:00
Jens Langhammer de3e1c3dbc sources/oauth: fix FlowExecutor view call 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:39:03 +02:00
Jens Langhammer 3c6aac5435 sources/oauth: prevent potentially confidential data from being logged 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:05:18 +02:00
Jens Langhammer eeb755ab7d root: show location header in logs when redirecting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:04:00 +02:00
Jens Langhammer 70d0dd51a5 sources/oauth: cancel currently active flows before redirecting out 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:03:45 +02:00
Jens Langhammer 0bae550520 root: include authentik version in backup naming 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-05 20:25:02 +02:00
github-actions[bot] 9dbafaaea2 web: Update Web API Client version (#1348) 
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 22:49:16 +02:00
Jens Langhammer 2db8b07578 events: add mark_all_seen 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 22:08:12 +02:00
Jens Langhammer b7ef076798 outposts: add expected outpost replica count to metrics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 15:56:57 +02:00
Jens Langhammer 37c29a073e policies/password: fix symbols not being checked correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 15:21:48 +02:00
Jens Langhammer 6ec8432217 policies/password: don't use regex for symbol detection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 14:36:01 +02:00
Jens Langhammer 3ba84a8e8b stages/identification: fix empty user_fields query returning first user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 14:07:14 +02:00
Jens Langhammer 3378e82ec7 root: fix is_secure with safari on debug environments 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 13:45:50 +02:00
Jens Langhammer e09a27cf87 events: remove authentik_events gauge 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 18:04:26 +02:00
Jens Langhammer 200e409d91 core: minor query optimization 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 14:02:57 +02:00
Jens Langhammer d92d8e6dbb api: add additional filters for ldap and proxy providers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 10:43:09 +02:00
Jens Langhammer c2b9dc5c75 api: cache schema, fix server urls 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 10:23:14 +02:00
Jens Langhammer 276d8fe5cf release: 2021.8.4 2021-09-02 20:21:21 +02:00
Jens Langhammer 7fea20375f *: fix tests not using APITestCase 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 19:14:21 +02:00
Jens Langhammer f0db408699 api: add v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 17:40:02 +02:00
Jens Langhammer cc5cc43baa api: fix sentry endpoint not working due to mime-media 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 16:56:53 +02:00
Jens Langhammer e512f085db root: allow enabling s3 backup ssl verification 
closes #1332

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 09:41:55 +02:00
Jens Langhammer 26fd66d831 stages/authenticator_validate: fix variable shadowing, optimization 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-01 19:54:54 +02:00
Jens Langhammer 4fc8e61f8c stages/authenticator_validate: show single button for multiple webauthn authenticators 
tested with browser + yubikey 5

closes #1096

The order of allowCredentials doesn't seem to matter, chrome seems to always choose the internal authenticator first.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-01 19:28:52 +02:00
Jens Langhammer 17cb76c334 stages/invitation: fix invitation not inheriting ExpiringModel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-01 14:25:19 +02:00
Jens Langhammer 5745ffa0a8 ci: don't login to docker on forks 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-31 09:31:10 +02:00
Jens Langhammer 1b8271d767 flows: disable compatibility_mode by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 17:18:43 +02:00
Jens Langhammer 3e9f5ec5ef providers/proxy: improve error handling for non-tls ingresses 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 14:43:57 +02:00
Jens Langhammer 63f57b6a77 events: improve logging for task exceptions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 14:43:44 +02:00
Jens Langhammer a016f99450 core: fix user_obj being empty on token API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 12:51:17 +02:00
Jens Langhammer 0c6e781e5b providers/proxy: fix traefik middleware being generated with wrong ports for embedded outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-29 20:49:11 +02:00
Jens Langhammer 523b96a6d2 api: add basic rate limiting for sentry endpoint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-29 19:33:18 +02:00
Jens Langhammer b1ed2154ac policies/password: fix PasswordStage not being usable with prompt stages, rework validation logic 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-29 00:40:36 +02:00
Jens Langhammer 160139813d release: 2021.8.3 2021-08-28 16:58:44 +02:00
Jens Langhammer 582ad92c76 outposts/k8s: improve error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-28 14:58:26 +02:00
Jens Langhammer f61736e3d1 stages/identification: add error handling when password isn't set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-28 12:54:10 +02:00
Jens Langhammer 2d8b4f543b providers/proxy: fix url parsing for traefik labels on docker containers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 22:21:16 +02:00
Jens Langhammer 8542dc10ab providers/proxy: fix docker container labels not being inherited correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 20:20:34 +02:00
Jens Langhammer 12ddee3bb6 outpost: add additional labels to docker container 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 19:26:27 +02:00
Jens Langhammer dc41d0af27 outposts: add configurable docker_network for outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 19:26:11 +02:00
Jens Langhammer c4f72c2bc1 release: 2021.8.2 2021-08-26 17:58:20 +02:00
Jens Langhammer e92f9836e3 root: allow django auth backend for upgrading users with cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-26 17:57:25 +02:00
Jens Langhammer 897f6f3473 release: 2021.8.1 2021-08-26 16:03:45 +02:00
Jens Langhammer 2ae164df78 *: cleanup api schema warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-26 09:36:41 +02:00
Jens Langhammer 0ccec96490 core: make user optional in token creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 21:21:51 +02:00
Jens Langhammer d79975c409 core: fix user object for token not be setable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 20:43:34 +02:00
Jens Langhammer 20d65035d5 core: fix error when user updates themselves 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 17:52:50 +02:00
Jens Langhammer 8d6227377f core: fix error for asgi error handler with websockets 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 10:24:01 +02:00
Jens Langhammer 4d27694706 release: 2021.8.1-rc2 2021-08-24 21:29:29 +02:00
Jens Langhammer d7ad5f6a16 core: add API to create service account with token for app password 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 20:09:22 +02:00
Jens Langhammer 5af9a3d3be sources/saml: fix error when getting metadata 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 16:51:08 +02:00
Jens Langhammer dec34bc948 stages/password: fix replace_inbuilt not being called 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 16:37:39 +02:00
Jens Langhammer cc6d5765f2 web/admin: fix inconsistent ordering for ldap property mappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 13:04:19 +02:00
Jens Langhammer 2ec1ff2ebb sources/ldap: fix error when modifying ldap source with password write-back 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 13:03:41 +02:00
Jens Langhammer 884c2bd0e9 root: fix missing ldap backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 13:03:19 +02:00
Jens Langhammer 2c938ec9dc stages/password: sort backends in migration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 12:44:45 +02:00
Jens Langhammer 9733caf3b7 admin: use copy for environ api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 11:39:49 +02:00
Jens Langhammer 10e50bc77f stages/user_login: improve logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:58:50 +02:00
Jens Langhammer 5be152e12d stages/password: fix migration error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:57:20 +02:00
Jens Langhammer b0efab6d6d admin: add env to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:55:46 +02:00
Jens Langhammer c60ba91fee core: fix auth saving entire models into session 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 23:59:43 +02:00
Jens Langhammer cba255eaaa Merge branch 'master' into app-passwords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/tests/test_source_flow_manager.py
#	authentik/stages/authenticator_validate/tests.py
#	authentik/stages/password/tests.py
#	scripts/generate_ci_config.py
 2021-08-23 21:21:12 +02:00
Jens L 859cf2bd8f
lib: move id and key generators to lib (#1286) 
* lib: move generators to lib

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: bump default token key size

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix split being used for http basic auth instead of partition

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: don't rethrow error in ActionButton

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:27:38 +02:00
Jens Langhammer a2578ffaad core: add token tests for invalid intent and token auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:21:54 +02:00
Jens Langhammer 888526a2a7 stages/user_write: fix wrong fallback authentication backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 19:31:23 +02:00
Jens Langhammer 27cc5d7138 core: fix authentication error when no request is given 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 19:09:53 +02:00
Jens Langhammer 5face5410f web/admin: select all password stage backends by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 18:08:29 +02:00
Jens Langhammer e27a6fdeeb events: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:48:28 +02:00
Jens Langhammer 033c9a3bd3 core: fix token intent not defaulting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:33:35 +02:00
Jens Langhammer 0b280c0a47 website: fix example flows using incorrect backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:26:07 +02:00
Jens Langhammer 07a4f474f4 website/docs: add docs for auth_method and auth_method_args fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:23:55 +02:00
Jens Langhammer 244dc671db Merge branch 'master' into app-passwords 2021-08-23 17:12:17 +02:00
Jens Langhammer 4308136108 root: fix error_handler for websocket 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:12:11 +02:00
Jens Langhammer 69a0153619 core: use custom inbuilt backend, set backend login information in flow plan for events 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:09:53 +02:00
Jens Langhammer 00e9b91f56 web/admin: fix missing app passwords backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:47:38 +02:00
Jens Langhammer 4cf76fdcda stages/password: auto-enable app password backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:39:39 +02:00
Jens Langhammer f217d34a98 web/admin: allow users to create app password tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:27:39 +02:00
Jens Langhammer 9a6a3e66b8 root: update schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:14:33 +02:00
Jens Langhammer 20572c728d core: add new token intent and auth backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:05:29 +02:00
Jens Langhammer f6953296d8 outposts: add recursion limit for docker controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:25:28 +02:00
Jens Langhammer e4790f9060 core: handle error when ?for_user is not numberical 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:25:18 +02:00
Jens Langhammer 58712047e1 root: add ASGI Error handler 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:15:12 +02:00
Jens Langhammer 85915905dc web/flows: fix error during error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:11:30 +02:00
Jens Langhammer 12e2f7b945 outposts: add repair_permissions command 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 14:53:53 +02:00
Jens Langhammer 45d47f828a outpost: handle non-existant permission 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 14:39:47 +02:00
dependabot[bot] 7efec281be
build(deps-dev): bump pylint from 2.9.6 to 2.10.2 (#1280) 
* build(deps-dev): bump pylint from 2.9.6 to 2.10.2

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.9.6 to 2.10.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.9.6...v2.10.2)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: add missing encoding to open() calls

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 10:10:31 +02:00
Jens Langhammer 7639cdad0a release: 2021.8.1-rc1 2021-08-22 20:17:35 +02:00
Jens Langhammer b003e8e1e8 sources/oauth: fix openidconnect provider name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 18:36:06 +02:00
Jens Langhammer 294d70ae4d outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 17:53:09 +02:00
Jens Langhammer 3e909ae6bb core: allow filtering users by the groups they are in 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 16:27:48 +02:00
Jens Langhammer b4f738492d sources/oauth: improve UI with prefilled urls (when customizable) and hiding provider type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:52:41 +02:00
Jens Langhammer bff7addb55 stages/password: adjust name of default prompt stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:16:18 +02:00
Jens Langhammer 2a90c0b35e sources/oauth2: migrate to microsoft graph instead of azure graph 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:15:29 +02:00
Jens Langhammer 93e27d1959 web: improve failed request handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 14:40:45 +02:00
Jens Langhammer 02c736d784 lib: ignore installation specific errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 14:14:18 +02:00
Jens Langhammer 6433b5982e api: add cache timeouts to config API for outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 14:14:18 +02:00
Jens Langhammer 18eccd995d sources/plex: fix linting error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-17 13:44:54 +02:00
Jens Langhammer 495b068be5 web: add plex connection deletion support 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-17 13:02:40 +02:00
Jens Langhammer 84c4547005 sources/plex: add API for user connections 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-17 13:02:40 +02:00
Jens Langhammer 8fe38b528b outposts: fix managed check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-16 09:36:01 +02:00
Jens Langhammer 0a6efab7cb outposts: fix syntax 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-15 20:59:37 +02:00
Jens Langhammer b35e62e5ae outposts: don't start docker container for embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-15 18:10:49 +02:00
Jens Langhammer 2592fc3826 sources/ldap: allow for anonymous binds, fix sync_users_password not working correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 19:09:29 +02:00
Jens Langhammer d9ece98bbc core: fix token expiration not being updated upon key rotation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:22:42 +02:00
Jens Langhammer 1524efcf51 core: fix expired tokens not being returned by API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:21:53 +02:00
Jens Langhammer c92c0102ca website/docs: add database port parameter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 02:24:36 +02:00
Jens Langhammer c6dddc97f0 core: fix error when migrating with AK_ADMIN_TOKEN set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 22:36:52 +02:00
Jens Langhammer 38292a588b website/docs: add docs for automated installs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:57:58 +02:00
Jens Langhammer e90da9283e core: add support to bootstrap token on initial install using AK_ADMIN_TOKEN in environment 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:45:49 +02:00
Jens Langhammer e0e0f4fa6c core: fix users's group list not allowing blank values 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 20:16:45 +02:00
Jens Langhammer ec95a2bddc core: allow changing of groups a user is in from user api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:31:30 +02:00
Jens Langhammer de9d483b9f admin: add API to show embedded outpost status, add notice when its not configured properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:16:11 +02:00
Jens Langhammer 557724768a core: add API to directly send recovery link to user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 13:54:59 +02:00
Jens Langhammer d18e829d80 providers/ldap: fix error in outpost when certificate is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 20:47:26 +02:00
Jens Langhammer 7a836e0d7e api: fix backup capability not being detected correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 00:32:29 +02:00
Jens Langhammer f496b8b5d7 providers/oauth2: add more test cases for token view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 00:20:32 +02:00
Jens Langhammer 837fa23af0 outpost: only set embedded outpost config on creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 22:23:33 +02:00
Jens Langhammer 665c1aa81b providers/proxy: don't create ingress when no hosts are defined 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 21:46:05 +02:00
Jens Langhammer ebc6afe015 outpost: fix detection of embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 21:39:08 +02:00
Jens Langhammer 45bee4b4dc outposts: fix test for config validation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 17:14:05 +02:00
Jens Langhammer c025d64ba3 outpost: revert managed config, make authentik_host field optional 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:58:01 +02:00
Jens Langhammer 2a53bc4330 outpost: add fallback for authentik_host when its not set in config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:32:26 +02:00
Jens Langhammer 8180d6f9e8 outposts: don't override authentik_host for embedded outpost authentik_host 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:29:33 +02:00
Jens Langhammer ccfc1dbcc2 *: make all PropertyMappings filterable by multiple managed attributes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:06:44 +02:00
Jens Langhammer 3367b83368 providers/saml: use idp-initiated sso flow as launch url 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 15:01:52 +02:00
Jens Langhammer f0a8c30ce9 outposts: create different service when using embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 14:01:39 +02:00
Jens Langhammer b36a3100e6 outposts: allow empty provider list for embedded provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 22:32:44 +02:00
Jens Langhammer e02207f38d outpost/embedded: use redis session backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 22:12:22 +02:00
Jens Langhammer 9a8240bdd1 proviers/saml: fix validation error not being raised 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 21:39:30 +02:00
Jens Langhammer f6ab241219 providers/oauth2: fix accessing undefined variable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 21:35:17 +02:00
Jens Langhammer b0f09eb2c4 web/admin: fix Table not updating selectedElements correctly after update 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 20:53:28 +02:00
Jens Langhammer 9c9addb0ce *: ensure all resources can be filtered 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 16:34:14 +02:00
Jens Langhammer 2d5094fdf7 root: fix formatting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-06 00:11:24 +02:00
Jens Langhammer 8044818a4d core: add additional cleanup for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 23:25:40 +02:00
Jens Langhammer a43fb026a0 Merge branch 'version-2021.7' 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/providers/saml/processors/metadata_parser.py
#	web/src/pages/sources/oauth/OAuthSourceForm.ts
#	web/src/pages/sources/plex/PlexSourceForm.ts
#	web/src/pages/users/UserForm.ts
 2021-08-05 20:23:32 +02:00
Jens Langhammer 18211a2033 release: 2021.7.3 2021-08-05 19:23:03 +02:00
Jens Langhammer 1b91543add core: add UserSelfSerializer and separate method for users to update themselves with limited fields 
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	web/src/elements/forms/ModelForm.ts
#	web/src/pages/user-settings/UserDetailsPage.ts
#	web/src/pages/user-settings/UserSettingsPage.ts
 2021-08-05 17:47:45 +02:00
Jens Langhammer 6fe5175f21 core: add UserSelfSerializer and separate method for users to update themselves with limited fields 
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 17:42:19 +02:00
Jens Langhammer aa4f7fb2b6 providers/saml: fix error when PropertyMapping return value isn't string 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-04 00:22:07 +02:00
Jens Langhammer 4f1c11c5ef providers/saml: add WantAssertionsSigned 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/providers/saml/processors/metadata_parser.py
 2021-08-04 00:21:54 +02:00
Jens Langhammer a449f9c69b providers/saml: fix error when PropertyMapping return value isn't string 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 22:40:56 +02:00
Jens Langhammer 36b346662c providers/saml: add WantAssertionsSigned 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 22:40:13 +02:00
Jens Langhammer 9d392931df root: fix lint errors from re-format 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 18:09:16 +02:00
Jens Langhammer 77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00
Jens Langhammer 9c9bcb7a01 Merge branch 'version-2021.7' 2021-08-01 19:23:22 +02:00
Jens Langhammer add7a80fdc release: 2021.7.2 2021-08-01 19:11:50 +02:00
Jens Langhammer aac91c2e9d stages/email: handle OSError 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 18:25:53 +02:00
Jens Langhammer 85e86351cd flows: fix flows not redirecting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 18:25:53 +02:00
Jens Langhammer a939e224fc stages/email: handle OSError 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 17:53:13 +02:00
Jens Langhammer 1fc2bcf02b flows: fix flows not redirecting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 17:50:43 +02:00
Jens Langhammer d767504474 flows: don't check redirect URL when set from flow plan (set from authentik or policy) 
closes #1203

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:23:46 +02:00
Jens Langhammer f84cd6208c flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:23:46 +02:00
Jens Langhammer 1ec540ea9a providers/saml: fix metadata being inaccessible without authentication 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:23:46 +02:00
Jens Langhammer 4e5dba1d0b flows: don't check redirect URL when set from flow plan (set from authentik or policy) 
closes #1203

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:10:45 +02:00
Jens Langhammer 92a448b677 flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 14:56:48 +02:00
Jens Langhammer f875149983 providers/saml: fix metadata being inaccessible without authentication 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 14:50:17 +02:00
Jens Langhammer 29fe731bbf providers/saml: fix Error when getting metadata for invalid ID 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 14:09:22 +02:00
Jens Langhammer d70b81fe43 providers/saml: fix Error when getting metadata for invalid ID 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:50:54 +02:00
Jens Langhammer 26e66969c9 stages/invitation: delete invite only after full enrollment flow is completed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:22:02 +02:00
Jens Langhammer b58c913618 stages/invitation: delete invite only after full enrollment flow is completed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:21:27 +02:00
Jens Langhammer 72b7642c5a outposts: catch invalid ServiceConnection error in outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:33:21 +02:00
Jens Langhammer a97f842112 sources/plex: add background task to monitor validity of plex token 
closes #1205

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:33:21 +02:00
Jens Langhammer 35c1476bbe outposts: catch invalid ServiceConnection error in outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:25:11 +02:00
Jens Langhammer 18bb4fd0bf sources/plex: add background task to monitor validity of plex token 
closes #1205

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:24:52 +02:00
Jens Langhammer 293c479364 outposts: ensure embedded outpost is created with integration selected 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-31 21:09:38 +02:00
Jens Langhammer 0cb4d64b57 stages/email: fix error when re-requesting email after token has expired 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:39:42 +02:00
Jens Langhammer a4fd58a0db events: ensure fallback result is set for on_failure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:39:42 +02:00
Jens Langhammer 8ceef82c55 stages/email: fix error when re-requesting email after token has expired 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:39:24 +02:00
Jens Langhammer f933cd99ad events: ensure fallback result is set for on_failure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:37:53 +02:00
Jens Langhammer fb6e8ca1eb events: remove default result for MonitoredTasks, only save when result was set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 22:43:29 +02:00
Jens Langhammer 7ac5091e5a events: remove default result for MonitoredTasks, only save when result was set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 22:42:56 +02:00
Jens Langhammer bc9ff792a8 outposts: manage config for embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 22:29:38 +02:00
Jens Langhammer a5c8caf909 providers/oauth2: fix error when requesting jwks keys with no rs256 aet 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 21:22:59 +02:00
Jens Langhammer 8495ff9fc0 providers/oauth2: fix error when requesting jwks keys with no rs256 aet 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 21:22:31 +02:00
Jens Langhammer a3981dd3cd providers/proxy: fix hosts for ingress not being compared correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:35:50 +02:00
Jens Langhammer affafc31cf sources/ldap: improve ms-ad password complexity checking 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:35:47 +02:00
Jens L f01bc20d44
Embedded outpost (#1193) 
* api: allow API requests as managed outpost's account when using secret_key

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load secret key from env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: make listener IP configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: run outpost in background and pass requests conditionally

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: unify branding to embedded

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix embedded outpost not being editable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix mismatched host detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix LDAP test not including user for embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix user matching

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add tests for secret_key auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load environment variables using github.com/Netflix/go-env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:30:30 +02:00
Jens Langhammer 75ff2480e2 providers/proxy: fix hosts for ingress not being compared correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-28 16:08:06 +02:00
Jens Langhammer bc7f84fff4 sources/ldap: improve ms-ad password complexity checking 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-28 12:47:52 +02:00
Jens Langhammer e6b515e3f7 release: 2021.7.1 2021-07-27 10:35:45 +02:00
Jens Langhammer b752540800 core: fix pagination not working correctly with applications API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 19:12:23 +02:00
Jens Langhammer e7b7bfddd6 providers/oauth2: fix blank redirect_uri not working with TokenView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 11:29:16 +02:00
Jens Langhammer f21ebf5488 core: add tests for flow_manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 23:20:38 +02:00
Jens Langhammer 5615613ed1 core: fix CheckApplication's for_user flag not being checked correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 22:29:15 +02:00
Jens Langhammer 669329e49c tenants: set tenant uuid in sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 22:28:09 +02:00
Jens Langhammer 3c9cc9d421 Merge branch 'version-2021.7' 2021-07-24 20:07:42 +02:00
Jens Langhammer 1972464a20 tenants: make event retention configurable on tenant level 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-24 20:07:12 +02:00
Jens Langhammer 3041a30193 release: 2021.7.1-rc2 2021-07-24 18:32:05 +02:00
Jens Langhammer 8ae7403abc core: add group filter by member username and pk 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 19:35:41 +02:00
Jens Langhammer f6e1bfdfc8 outpost: fix 100% CPU Usage when not connected to websocket 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 18:57:26 +02:00
Jens Langhammer 8cd1223081 core: add email filter for user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 20:10:42 +02:00
Jens Langhammer 0a3fade1fd providers/proxy: remove deprecated field 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 16:20:26 +02:00
Jens Langhammer ff64814f40 web/admin: improve UI for notification toggle 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 14:17:56 +02:00
Jens Langhammer 66bfa6879d outposts/proxy: add X-Auth-Groups header to pass groups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 10:47:58 +02:00
Jens Langhammer c05240afbf lib: fix outpost fake-ip not working, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 10:10:25 +02:00
Jens Langhammer 7370dd5f3f outposts: ensure outpost SAs always have permissions to fake IP 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 10:02:20 +02:00
Jens Langhammer 896e5adce2 sources/ldap: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 00:40:55 +02:00
Jens Langhammer a3abbcec6a sources/ldap: improve error handling for property mappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 23:49:09 +02:00
Jens Langhammer 70e000d327 providers/saml: improve error handling for property mappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 23:14:03 +02:00
Jens Langhammer a7467e6740 providers/oauth2: handler PropertyMapping exceptions and create event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 22:51:39 +02:00
Jens Langhammer b3da94bbb8 core: broaden error catching for propertymappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 22:50:39 +02:00
Jens Langhammer 39ad9d7c9d release: 2021.7.1-rc1 2021-07-21 10:44:40 +02:00
Jens Langhammer ba9a4efc9b providers/oauth2: fix nonce field not being optional 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:34:01 +02:00
Jens Langhammer 902378af53 providers/oauth2: fix redirect_uris not having blank set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:22:09 +02:00
Jens Langhammer 2352a7f4d6 providers/oauth2: nonce is only required for implicit flows, don't check or fallback for other flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:21:08 +02:00
Jens Langhammer a2c587be43 outposts: don't authenticate as service user for flows to set remote-ip 
set outpost token as additional header and check that token (user) if they can override remote-ip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-19 13:17:13 +02:00
Jens Langhammer 538a466090 root: fix middleware exception for outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-18 22:10:50 +02:00
Jens Langhammer 322a343c81 root: fix log level not being set to DEBUG for tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-18 21:45:08 +02:00
Jens Langhammer b3159a74e5 Merge branch 'master' into inbuilt-proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Dockerfile
#	internal/outpost/ak/api.go
#	internal/outpost/ak/api_uag.go
#	internal/outpost/ak/global.go
#	internal/outpost/ldap/api_tls.go
#	internal/outpost/ldap/instance_bind.go
#	internal/outpost/ldap/utils.go
#	internal/outpost/proxy/api_bundle.go
#	outpost/go.mod
#	outpost/go.sum
#	outpost/pkg/ak/cert.go
 2021-07-17 12:49:38 +02:00
Starz0r ae77c872a0
root: celery requires additional parameters when tls is enabled (#1148) 2021-07-16 08:51:09 +02:00
Starz0r a5bb583268
root: optional TLS support on redis connections (#1147) 
* root: optional TLS support on redis connections

* root: don't use f-strings when not interpolating variables

* root: use f-string in redis protocol prefix interpolation

* root: glaring typo

* formatting

* small formatting change I missed

* root: swap around default redis protocol prefixes
 2021-07-15 11:48:52 +02:00
Jens Langhammer 212ff11b6d api: fix Capabilities check for s3 backup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-15 09:58:07 +02:00
Jens Langhammer aa701c5725 core: don't delete expired tokens, rotate their key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:47:32 +02:00
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:15:14 +02:00
Jens Langhammer 7c2decf5ec providers/ldap: squash migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 09:22:25 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138) 
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
 2021-07-14 09:17:01 +02:00
Jens Langhammer 84e9748340 policies/reputation: handle cache error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-13 18:47:32 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 2036827f04 api: add sentry tunnel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-13 10:58:14 +02:00
Starz0r 5cfbb0993a
Allow for Configurable Redis Port (#1124) 
* root: make redis port configurable

* root: parse redis port from config as an integer

* code formatting

* lifecycle: truncate line under 100 chars

* lifecycle: incorrect indenting on newline
 2021-07-12 11:01:41 +02:00
Jens Langhammer 02f87032cc Merge branch 'master' into inbuilt-proxy 2021-07-11 12:41:16 +02:00
Jens Langhammer 3c0cc27ea1 events: fix error when slack notification request failed without a response 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:52:19 +02:00
Jens Langhammer ec254d5927 flows: allow variable substitution in flow titles 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:46:39 +02:00
Jens Langhammer 92ba77e9e5 core: fix error when setting icon/background to url longer than 100 chars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:31:32 +02:00
Jens Langhammer 90fe1c2ce8 providers/oauth2: allow blank redirect_uris to allow any redirect_uri 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-08 19:28:35 +02:00
Jens Langhammer 40428f5a82 providers/saml: fix parsing of POST bindings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-06 16:54:58 +02:00
Jens Langhammer 007838fcf2 root: subclass SessionMiddleware to set Secure and SameSite flag depending on context 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-06 14:48:36 +02:00
Jens Langhammer 7c51afa36c root: set samesite to None for SAML POST flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-06 12:39:51 +02:00
Jens Langhammer 948db46406 Merge branch 'master' into inbuilt-proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	internal/constants/constants.go
#	outpost/pkg/version.go
 2021-07-05 19:11:26 +02:00
Jens Langhammer adc4cd9c0d release: 2021.6.4 2021-07-05 16:59:29 +02:00
Jens Langhammer df92111296 outposts: update outpost permissions on m2m change 
closes #1105

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 19:37:12 +02:00
Jens Langhammer 5afe88a605 outposts: fix empty message when docker outpost controller has changed nothing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 13:48:43 +02:00
Jens Langhammer 320dab3425 core: only show Reset password link when recovery flow is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:59:41 +02:00
Jens Langhammer 5fd408ca82 outposts: fix docker controller not checking ports correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:32:55 +02:00
Jens Langhammer becb9e34b5 outposts: fix docker controller not checking env correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 22:17:29 +02:00
Jens Langhammer 4917ab9985 outposts: fix container not being started after creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 21:59:47 +02:00
Jens Langhammer bd92505bc2 core: add notice about duplicate keys 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 21:52:28 +02:00
Jens Langhammer bf0141acc6 crypto: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:57:25 +02:00
Jens Langhammer 0c8d513567 stages/user_write: add wrapper for post to user_write 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:25:37 +02:00
Jens Langhammer d07704fdf1 crypto: show both sha1 and sha256 fingerprints 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:25:27 +02:00
Jens Langhammer 086a8753c0 flows: handle old cached flow plans better 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:22:09 +02:00
Jens Langhammer 2c9b596f01 web/admin: run explicit update after loading instance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:41:42 +02:00
Jens Langhammer 7257108091 sources/oauth: create configuration error event when profile can't be parsed as json 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:11:49 +02:00
Jens Langhammer 77a507d2f8 providers/oauth2: add revoked field, create suspicious event when previous token is used 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 15:59:01 +02:00
Jens Langhammer 3e60e956f4 providers/oauth2: fix CORS headers not being set for unsuccessful requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 15:49:00 +02:00
Jens Langhammer 84ec70c2a2 providers/oauth2: use self.expires for exp field instead of calculating it again 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 15:32:58 +02:00
Jens Langhammer 3dc9e247d5 Merge branch 'master' into inbuilt-proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	internal/constants/constants.go
#	outpost/pkg/version.go
 2021-07-02 16:23:30 +02:00
Jens Langhammer 3e26170f4b providers/oauth2: deepmerge claims 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-01 17:33:46 +02:00
dependabot[bot] d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095) 
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: update source for new pylint version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-30 10:37:28 +02:00
Jens Langhammer 2a0bd50e23 outposts: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-29 17:08:12 +02:00
Jens Langhammer ce49d7ea5b outposts: make managed outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-29 16:20:44 +02:00
Jens Langhammer 8429dd19b2 Merge branch 'master' into inbuilt-proxy 2021-06-29 16:20:24 +02:00
Jens Langhammer 680b182d95 release: 2021.6.3 2021-06-29 16:19:07 +02:00
Jens Langhammer 621843c60c flows: fix migration dependency issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 23:55:07 +02:00
Jens Langhammer c19da839b1 stages/user_write: add create_users_as_inactive flag 
close #1086

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 23:24:54 +02:00
Jens Langhammer fea1f3be6f stages/prompt: ensure hidden and static fields keep the value they had set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 22:29:36 +02:00
Jens Langhammer 6f5ec7838f events: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 20:57:28 +02:00
Jens Langhammer 5d3931c128 events: ignore notification non-existent in transport 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 20:15:00 +02:00
Jens Langhammer 262a8b5ae8 api: use partition instead of split for token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 20:13:08 +02:00
Jens Langhammer 2b1356bb91 flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses 
closes #1079

Default value of `retry` behaves like previous version.

`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 00:22:09 +02:00
Jens Langhammer ba9edd6c44 flows: handle possible errors with FlowPlans received from cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 22:03:48 +02:00
Jens Langhammer 3b2b3262d7 flows: add FlowStageBinding to flow plan instead of just stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 18:47:04 +02:00
Jens Langhammer 5431e7fe9d tenants: fix tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 15:12:47 +02:00
Jens Langhammer 7d9c74ce04 tenants: include all default flows in current_tenant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 23:47:49 +02:00
Jens Langhammer 60c3cf890a events: add ability to create events via API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 23:37:03 +02:00
Jens Langhammer 0403f6d373 web/admin: add flow export button on flow view page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 22:03:19 +02:00
Jens Langhammer 9bd613a31d stages/authenticator_duo: fix component not being set in API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:49:58 +02:00
Jens Langhammer 3fe0483dbf core: fix flow background not correctly loading on initial draw 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:29:45 +02:00
Jens Langhammer b8bdf7a035 outposts: fix outpost being re-created when in host mode 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-25 15:15:18 +02:00
Jens Langhammer a3ff7cea23 providers/oauth2: fix usage of timedelta.seconds 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-25 11:55:00 +02:00
Jens Langhammer bb776c2710 outposts: check docker container ports match 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-25 11:54:35 +02:00
Jens Langhammer 6930c84425 events: only create SYSTEM_EXCEPTION event when error would've been sent to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-24 13:01:41 +02:00
Jens Langhammer 1554dc9feb outposts: make outpost managed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-23 21:26:24 +02:00
Jens Langhammer 2b98637ca5 lib: fix regex_match result being inverted, add tests 
closes #1073

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-23 20:06:43 +02:00
Jens Langhammer d1198fc6c1 sources/ldap: improve error handling when checking for password complexity on non-ad setups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1067
 2021-06-23 00:24:05 +02:00
Jens Langhammer 31a58e2c25 release: 2021.6.2 2021-06-22 23:35:10 +02:00
Jens Langhammer b69248dd55 stages/authenticator_validate: fix error when using not_configured_action=configure 
closes #1048

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 20:08:58 +02:00
Jens Langhammer 5ff5edf769 outposts: improve logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 18:51:02 +02:00
Jens Langhammer 939889e0ec tenants: fix footer_links for moved config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 15:48:17 +02:00
Jens Langhammer 19ae6585dc lib: add tests for config loader 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 13:12:07 +02:00
Jens Langhammer c6ede78fba core: add support for custom urls for avatars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 12:25:24 +02:00
Jens Langhammer 9b5e3921cb providers/saml: better handle decoding errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 22:48:34 +02:00
Jens Langhammer f6026fdb13 root: allow loading local /static files without debug flag 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 21:21:35 +02:00
Jens Langhammer a4856969f4 outposts: fix port and inner_port being mixed on docker controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 19:19:06 +02:00
Jens Langhammer 2aa7266688 crypto: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 16:24:03 +02:00
Jens Langhammer c0c246edab crypto: catch error when loading private key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 15:57:48 +02:00
Jens Langhammer 831b32c279 core: fix PropertyMapping's globals not matching Expression policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 15:54:43 +02:00
Jens Langhammer 70ccc63702 core: remove default flow background from default css, set static in base_full and dynamically in if/flow 
closes #1056

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:37:34 +02:00
Jens Langhammer de954250e5 root: make general cache timeouts configurable 
closes #974

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:18:49 +02:00
Jens Langhammer f268bd4c69 policies: make policy result cache timeout configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:17:58 +02:00
Jens Langhammer 57a48b6350 flows: make flow plan cache timeout configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:17:11 +02:00
Jens Langhammer 9aac114115 root: save temporary database dump in /tmp 
closes #1055

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 09:58:19 +02:00
Jens Langhammer 4327b35bc3 tenants: fix tenant not being queried correctly when using accessing over a child domain 
closes #1044

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-20 14:39:21 +02:00
Jens Langhammer f7047df40e policies: don't use policy cache when checking application access 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-20 13:30:07 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings 
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 19:52:55 +02:00
Jens Langhammer 9cb7e6c606 root: set outposts.docker_image_base to gh-master for tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 15:49:49 +02:00
Jens Langhammer fe6963c428 release: 2021.6.1 2021-06-17 22:14:52 +02:00
Jens Langhammer 19cac4bf43 providers/saml: fix error when getting transient user identifier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-17 13:52:10 +02:00
Jens Langhammer 4ca564490e providers/saml: add support for NameID type unspecified 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-17 12:45:53 +02:00
Jens Langhammer fcb795c273 providers/saml: fix NameIDPolicy not being parsed correctly, improve error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-17 12:22:40 +02:00
Jens Langhammer cbea51ae5b stages/authenticator_duo: make Duo-admin viewset writeable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 23:17:26 +02:00
Jens Langhammer e743f13f81 recovery: fix error when creating multiple keys for the same user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 23:04:35 +02:00
Jens Langhammer b20a8b7c17 stages/authenticator_duo: fix error when enrolling an existing user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 23:04:24 +02:00
Jens Langhammer b53c94d76a flows: fix error when stage has incorrect type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:52:00 +02:00
Jens Langhammer d4419d66c1 core: fix error when creating AuthenticatedSession without key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:51:48 +02:00
Jens Langhammer 79044368d2 core: fix error getting stages when enrollment flow isn't set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:45:42 +02:00
Jens Langhammer d9287d0c0e Merge branch 'next' 2021-06-15 23:43:44 +02:00
Jens Langhammer dec7a9cfb9 website/docs: add docs for flow executor 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-15 22:14:23 +02:00
Jens Langhammer e0f48a30b7 release: 2021.6.1-rc6 2021-06-15 21:18:33 +02:00
Jens Langhammer e8978adc1b outpost: fix syntax error when creating an outpost with connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-15 18:39:51 +02:00
Jens Langhammer 800df332b5 stages/authenticator_duo: don't create default duo stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:55:37 +02:00
Jens Langhammer 16c194d2dc core: fix upload api not checking clear properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:34:47 +02:00
Jens Langhammer 53100a72fe stages/identification: fix challenges not being annotated correctly and API client not loading data correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:28:11 +02:00
Jens Langhammer ec4c3f44cb events: don't create system exception event in debug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:16:27 +02:00
Jens Langhammer f10bd432b3 policies/reputation: fix race condition in tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 20:40:40 +02:00
Jens Langhammer 74e578c2bf events: add tenant to event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 18:43:29 +02:00
Jens Langhammer e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 17:22:58 +02:00
Jens Langhammer 0e02925a3d stages/authenticator_validate: add tests for authenticator validation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 16:32:36 +02:00
Jens Langhammer 5b837c3ccc providers/saml: improve error handling for signature errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 12:51:42 +02:00
Jens Langhammer 2580371f94 outposts: fix error when getting component for base service connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 12:38:29 +02:00
Jens Langhammer 4e9be85353 website/docs: add docs for outpost configuration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 09:21:35 +02:00
Jens Langhammer 79508e1965 core: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:41:50 +02:00
Jens Langhammer 3a88dde545 web: fix declaration of Intl 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:13:43 +02:00
Jens Langhammer cabbd18880 core: revert check_access API to get to prevent CSRF errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 21:47:49 +02:00
Jens Langhammer bb8559ee18 web: remove base interface 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 19:54:27 +02:00
Jens Langhammer afb84c7bc5 flows: fix error clearing flow background when no files have been uploaded 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 14:14:41 +02:00
Jens Langhammer fc8004db2b outposts: fix integrity error with tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 13:36:54 +02:00
Jens Langhammer ddfc943bba root: fix build_hash being set incorrectly for tagged versions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 13:32:18 +02:00
Jens Langhammer 572b8d87b5 api: fix import error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:59:28 +02:00
Jens Langhammer 31d2ea65fd provider/proxy: mark forward_auth flag as deprecated 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:39:25 +02:00
Jens Langhammer f4ac2f50e2 sources/saml: check sessions before deleting user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:39:10 +02:00
Jens Langhammer f10286edf8 Merge branch 'version-2021.6' into next 2021-06-12 20:43:12 +02:00
Jens Langhammer d789dcc28f core: fix impersonation not working with inactive users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 20:41:02 +02:00
Jens Langhammer 74e4e8f6aa core: delete real session when AuthenticatedSession is deleted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 17:37:32 +02:00
Jens Langhammer d78fda990a release: 2021.6.1-rc5 2021-06-12 15:19:24 +02:00
Jens Langhammer 10d949f7a9 stages/password: add constants for password backends 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 12:14:55 +02:00
Jens Langhammer 676b77aa7c stages/identification: add UPN 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 22:48:39 +02:00
Jens Langhammer e35e096266 stages/authenticator_webauthn: use tenant title as RP_NAME 
closes #1004

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 22:17:25 +02:00
Jens Langhammer 7af12d4fec stages/authenticator_totp: set TOTP issuer based on slug'd tenant title 
closes #1004

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 22:16:37 +02:00
Jens Langhammer 8d6db0fabf flows: fix configuration URL being set when no flow is configure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 22:07:26 +02:00
Jens Langhammer e25f6aea8c release: 2021.6.1-rc4 2021-06-10 18:59:00 +02:00
Jens Langhammer 2c15ab9995 release: 2021.6.1-rc3 2021-06-10 18:04:59 +02:00
Jens Langhammer 6c985acb36 release: 2021.6.1-rc2 2021-06-10 14:10:47 +02:00
Jens Langhammer d878d2140e providers/saml: add metadata download link to api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 14:06:44 +02:00
Jens Langhammer 4766d6ff3d flows: add export URL to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 13:52:50 +02:00
Jens Langhammer 3a64d97040 crypto: add download links as API fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 13:46:12 +02:00
Jens Langhammer 2275ba3add flows: fix get_pending_user returning in-memory user when PLAN_CONTEXT_PENDING_USER_IDENTIFIER is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 12:17:46 +02:00
Jens Langhammer 9f7c941426 Merge branch 'master' into next 2021-06-10 11:59:10 +02:00
Jens L 34ae9e6dab
API: add endpoint to show by what objects an object is used (#995) 
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 11:58:12 +02:00
Jens Langhammer 5235e00d3c stages/authenticator_validate: add more logging for challenges 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 23:58:08 +02:00
Jens Langhammer d4379ecd31 flows: fix configure_url not being set correctly User settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 19:25:27 +02:00
Jens Langhammer f4a53c89ef release: 2021.6.1-rc1 2021-06-09 11:01:14 +02:00
Jens Langhammer 2210497569 events: add EMAIL_SENT event, show sent emails in event log 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 10:28:32 +02:00
Jens Langhammer 2addf71f37 outposts: add service connection to outpost API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-09 09:45:14 +02:00
Jens L dad24c03ff
outposts: set cookies for a domain to authenticate an entire domain (#971) 
* outposts: initial cookie domain implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add cookie domain setting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: replace forward_auth_mode with general mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: rebuild proxy provider form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: re-add forward_auth_mode for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix data.mode not being set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: always set log level to debug when testing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: use new mode attribute

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only ingress /akprox on forward_domain

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix error on ProxyProviderForm when not using proxy mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix default for outpost form's type missing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add additional desc for proxy modes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix service account permissions not always being updated

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: fix redirecting to incorrect host for domain mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: improve error handling for network errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: fix image naming not matching main imaeg

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: fix redirects for domain mode and traefik

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix colour for paragraphs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix consent stage not showing permissions correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add domain-level docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken links

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: remove dead code

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix missing id for #header-text

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 23:10:17 +02:00
Jens Langhammer fb8d67a9d9 core: add configure_url to UserSettings for both stages and sources 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 19:21:27 +02:00
Jens Langhammer 029d58191e sources/saml: include metadata download link in API response 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 17:22:03 +02:00
Jens Langhammer 75404f1345 web/admin: pass full configure flow URL instead of just boolean 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 17:14:54 +02:00
Jens Langhammer ba1b23c879 flows: move flow relevant info into ContextualFlowInfo 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 16:53:28 +02:00
Jens Langhammer 25f987ba2b stages/prompt: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-07 17:40:06 +02:00
Jens Langhammer f23111beff stages/user_write: add tests for duplicate data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-07 16:42:01 +02:00
Jens Langhammer 0f693158b6 stages/email: add tests for inaccessible email templates 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-07 16:09:39 +02:00
Jens Langhammer fceab788d2 outposts: fix error during outpost disconnect 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 19:25:09 +02:00
Jens Langhammer 88cc38394e root: improve sentry tags to simplify queries 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 14:51:43 +02:00
Jens Langhammer 90a5c84ac8 core: make EndSessionView inherit PolicyAccessView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 14:07:50 +02:00
Jens Langhammer 9180d448df core: move end-session to core 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 13:56:38 +02:00
Jens Langhammer 1f35f73c66 api: add CAN_BACKUP capability 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 12:44:43 +02:00
Jens Langhammer 0032f535da core: add minor tests for users api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 01:23:04 +02:00
Jens Langhammer 17326615b7 events: rewrite GeoIP to a wrapper, reload file every 8 hours 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 00:42:41 +02:00
Jens Langhammer f5dbdbd48b *: add clear param to file upload API to delete stored file and reset field 
closes #949

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 21:33:03 +02:00
Jens Langhammer 277c2f4aad core: make application.meta_icon nullable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#949
 2021-06-05 21:06:52 +02:00
Jens Langhammer ba3e0a0586 core: fix flow query 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:30:56 +02:00
Jens Langhammer 7581c84a37 flows: fix tests using flow.background.url 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:29:31 +02:00
Jens Langhammer 86b450c6d1 flows: add compatibility_mode to toggle ShadyDOM 
closes #894

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:04:30 +02:00
Jens Langhammer 0b90cfcec4 flows: set default background in code not model 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 19:38:13 +02:00
Jens Langhammer cefe3fa6dd outposts: fix docker controller always replacing beta images 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 16:08:20 +02:00
Jens Langhammer 24da24b5d5 stages/identification: allow setting of a password stage to check password and identity in a single step 
closes #970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 16:05:03 +02:00
Jens Langhammer f996f9d4e3 tests/e2e: ensure outpost service account has correct permissions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-04 09:46:31 +02:00
Jens Langhammer 7b39718bd1 tenants: fix fallback for unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 22:40:01 +02:00
Jens Langhammer e9621bae06 tests: show logs for containers on failed e2e tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 22:17:18 +02:00
Jens Langhammer 0eaabbc0f3 admin: fix upgrading deletion of tasks when listing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:42:13 +02:00
Jens Langhammer 5e3628bea6 core: add fallback URLs for websocket to cleanup test logs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:26:18 +02:00
Jens Langhammer 290ebef8e3 core: instead of migrating sessions, clear cache on initial upgrade 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:20:25 +02:00
Jens Langhammer 46ab1d20df stages/email: fix token being created without identifier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 14:54:07 +02:00
Jens Langhammer 48e68d6852 core: fix token identifier not being set to unique 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 11:45:48 +02:00
Jens Langhammer ed3859800c core: improve API validation for Application's set_icon_url (fix JSON Syntax Error) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 00:39:56 +02:00
Jens Langhammer 06b7f62a40 core: make app's meta_launch_url textfield 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 00:21:20 +02:00
Jens Langhammer d32e40b1f8 tenants: fix unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 22:38:30 +02:00
Jens Langhammer cec47c3cfc providers/oauth2: show id_token issues for refresh token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 22:05:04 +02:00
Jens Langhammer 3ea2b16a12 tenants: add separate field for favicon url 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 21:31:04 +02:00
Jens Langhammer 974ddc07f7 web: improve loading of custom favicon 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 21:19:39 +02:00
Jens Langhammer 2f64b76eba flows: fix invalid background URL when using manually set static or http 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 21:09:54 +02:00
Jens Langhammer b50ac96605 providers/oauth2: remove size limit on Access code nonce 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 20:20:07 +02:00
Jens Langhammer 6d0e0cbe5a outposts: improve validation of providers (must match outpost type) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 16:04:41 +02:00
Jens Langhammer 4f04ab7a5f sources/oauth: fix azure AD get_profile_info not working 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 11:34:59 +02:00
Jens Langhammer 35bcd5d174 sources/oauth: improve debug logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 11:34:18 +02:00
Jens Langhammer 644ff4a90c outposts: fix error when validating kubeconfig 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 10:25:59 +02:00
Alex ef8b26db13
Fix typo in migrations for authenticator_webauthn (#950) 2021-06-01 00:24:20 +02:00
Jens Langhammer e24a9e3119 policies: fix missing negate flag of policy bindings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-31 11:50:29 +02:00
Jens Langhammer 80adafdb48 admin: fix attribute error when loading old taskinfo 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 16:22:13 +02:00
Jens Langhammer 72f5a4c460 outposts: fix possible recursion error in docker controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 16:22:02 +02:00
Jens L fb6242d2d3
Merge pull request #941 from goauthentik/authenticated-sessions 
Session management
 2021-05-30 15:12:49 +02:00
Jens Langhammer b9773d39c0 core: add tests for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 14:43:00 +02:00
Jens Langhammer 0e8d9aa45d api: add System info API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 14:01:20 +02:00
Jens Langhammer fc45d35699 core: add migration for sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 13:08:29 +02:00
Jens Langhammer 7e8044619c lib: return default IP if none could be extracted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 12:49:44 +02:00
Jens Langhammer 66a04aeec5 api: add can_geo_ip capability 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 01:02:03 +02:00
Jens Langhammer 73338bdf32 core: add geo_ip to authenticated sessions if enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 01:01:20 +02:00
Jens Langhammer 059da74d1c core: add current attribute to authenticated_session API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:31:41 +02:00
Jens Langhammer 45b8b1e198 core: delete AuthenticatedSession on logout 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:27:33 +02:00
Jens Langhammer 133fc38c05 core: initial authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:15:16 +02:00
Jens Langhammer f51ab7a878 policies/reputation: fix tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 23:46:13 +02:00
Jens Langhammer 31ad09c391 stages/identification: add signal which is sent upon identification failure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 22:58:32 +02:00
Jens Langhammer 05b3c4ddb3 policies/reputation: save username instead of user object 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 22:49:58 +02:00
Jens Langhammer a4c28a28b4 website/docs: improve docs for expressions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 21:47:35 +02:00
Jens Langhammer a1203cf4b2 flows: fix ToDefaultFlow not using tenants 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 20:32:42 +02:00
Jens Langhammer 8427fb87f6 tenants: add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 19:47:55 +02:00
Jens Langhammer e3578eb7ae Merge branch 'master' into tenant 2021-05-29 19:17:23 +02:00
Jens Langhammer 5990b8d4de outposts: fix docker container not being stopped correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 19:16:39 +02:00
Jens Langhammer 3b31b7ce83 core: add http host in log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 19:07:54 +02:00
Jens Langhammer 4d9b362dbf tenants: add migration to add default tenant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 19:06:35 +02:00
Jens Langhammer 477ff85109 flows: migrate flow_unenrollment to tenant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:44:02 +02:00
Jens Langhammer fae8b80ceb core: fix usage of config on templates 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:31:05 +02:00
Jens Langhammer df92f01719 flows: remove default-recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:30:55 +02:00
Jens Langhammer 9dd6b7d436 flows: remove default-enrollment 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:14:37 +02:00
Jens Langhammer 14f85ec980 tenants: migrate context_processor to tenants 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:01:48 +02:00
Jens Langhammer ff611f21cd tenants: initial implementation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 17:47:25 +02:00
Jens Langhammer a1b6e09e8a outposts: set restart-policy on docker container 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-28 17:18:11 +02:00
Jens Langhammer 02b5742228 stages/authenticator_duo: add default setup flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-28 16:47:39 +02:00
Jens Langhammer 523621daa2 core: make application's check_access API return a PolicyResult and accept for_user as superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-26 11:47:23 +02:00
Jens Langhammer c4453f38a2 stages/identification: make shown sources configurable 
closes #918

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 16:37:53 +02:00
Jens Langhammer 6f3eb4c068 flows: allow blank on WithUserInfo 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 12:53:48 +02:00
Jens Langhammer 58a4b20297 outposts: handle disconnects without outpost better 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 12:06:55 +02:00
Jens Langhammer 6d3e067a2b stages/user_write: handle integrity error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 11:46:15 +02:00
Jens Langhammer 6db2bf2a21 api: fix error when authorization header has no spaces 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 11:40:49 +02:00
Jens Langhammer 6893948fa0 tests/e2e: fix invalid flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 11:18:47 +02:00
Jens Langhammer 6317a8c5d0 Merge branch 'master' into duo 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
 2021-05-25 09:58:38 +02:00
Jens Langhammer 8ecac59eca stages/prompt: annotate PromptChallengeResponse's additionalProperties 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 22:55:24 +02:00
Jens Langhammer 8183a51b72 stages/authenticator_duo: add missing duo device 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 22:16:29 +02:00
Jens Langhammer 127ebed5c6 flows: fix mismatched names 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 21:09:18 +02:00
Jens Langhammer 716923e17a web/flows: update types 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 20:59:44 +02:00
Jens Langhammer c6bb6709fd flows: add default challenge response 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 20:27:50 +02:00
Jens Langhammer fb4e0723ee stages: fix stage unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 17:12:48 +02:00
Jens Langhammer 763c3fcfe0 outposts/ldap: fix client usage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 15:58:59 +02:00
Jens Langhammer 1b346866da Merge branch 'master' into duo 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
 2021-05-24 14:54:24 +02:00
Jens Langhammer 6f6ae7831e flows: make use of oneOf OpenAPI to annotate all challenge types 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 14:11:23 +02:00
Jens Langhammer 3b41c662ed stages/authenticator_validate: add Duo support 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 22:31:12 +02:00
Jens Langhammer 65522186f1 stages/authenticator_duo: improve setup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 21:44:52 +02:00
Jens Langhammer 9f5a3c396d stages/authenticator_duo: initial duo stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 21:10:39 +02:00
Jens L 53e2b2c784
Prometheus metrics (#914) 
* admin: add worker metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* admin: add version metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add gauge for system tasks

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add gauge for last hello and connection status

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: re-add prometheus metrics to database

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: allow access to metrics without credentials when debug is on

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: add UpdatingGauge to auto-set value on load

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add metrics for cache and building

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: add metrics for policy engine

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add histogram for task durations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: revert to gauge because values are updated on export view

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add gauge to count all models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add metrics for events

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 20:29:34 +02:00
Jens Langhammer a5cd9fa141 outposts: improve logging for docker controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 19:27:24 +02:00
Jens Langhammer 0768b201a7 Merge branch 'version-2021.5' 2021-05-22 20:47:48 +02:00
Jens Langhammer 2d5c45543b release: 2021.5.4 2021-05-22 20:15:23 +02:00
Jens Langhammer 9b57f0b81d Merge branch 'version-2021.5' into next 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/en.po
#	web/src/locales/pseudo-LOCALE.po
 2021-05-22 20:01:16 +02:00
Jens Langhammer 2c816e6162 providers/proxy: don't use https to communicate with outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-22 18:56:38 +02:00
Jens Langhammer bb89b9b572 Merge branch 'version-2021.5' into next 2021-05-21 23:50:43 +02:00
Jens Langhammer 6600da7d98 providers/oauth2: add missing kid header to JWT Tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 23:40:00 +02:00
Jens Langhammer 1a0f72d0a8 Merge branch 'version-2021.5' into next 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/stages/authenticator_static/api.py
#	swagger.yaml
 2021-05-21 21:33:18 +02:00
Jens Langhammer a265dd54cc stages/authenticator_*: fix Permission Error when disabling Authenticator as non-superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 21:25:03 +02:00
Jens Langhammer a603f42cc0 api: add OwnerFilter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 20:46:59 +02:00
Jens Langhammer d9a788aac8 api: rename auth to authentication, add authorization for rest_framework permission class 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 20:14:03 +02:00
Jens Langhammer 7c6185b581 api: fix URL names for admin Authenticator Views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 19:53:40 +02:00
Jens Langhammer 41a1305555 policies: improve debug logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 19:10:47 +02:00
Jens Langhammer 75f252b530 flows: rename oob to oobe 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 19:10:42 +02:00
Jens Langhammer c526e5fb9a policies: improve debug logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 19:10:15 +02:00
Jens Langhammer b826eb264e flows: rename oob to oobe 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 12:06:39 +02:00
Jens Langhammer 7666c246c3 Merge branch 'version-2021.5' 2021-05-20 20:46:18 +02:00
Jens Langhammer bf4cbb25fe release: 2021.5.3 2021-05-20 20:17:39 +02:00
Jens Langhammer a925418f60 lib: don't send ImproperlyConfigured to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 19:18:35 +02:00
Jens Langhammer 71d112bdcf sources/plex: remove default for plex_token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 19:13:54 +02:00
Jens Langhammer d2c06c40ea sources/plex: remove default for plex_token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 19:09:51 +02:00
Jens Langhammer 590c7f4c9d outposts: fix error on outpost disconnect 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 18:07:27 +02:00
Jens Langhammer 9a48c2fd9a outposts: fix error on outpost disconnect 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 18:07:07 +02:00
Jens Langhammer be5a6c0310 api: add set_*_url method for Application and Flow to set icon/background to URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 17:18:40 +02:00
Jens Langhammer 92106ca4bf api: add capabilities to API, add can_save_media 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 17:00:47 +02:00
Jens Langhammer 56f1204c9b outposts: fix update signal not being sent to correct instances 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 15:23:38 +02:00
Jens Langhammer f6f93640c5 outposts: fix update signal not being sent to correct instances 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 15:23:18 +02:00
Jens Langhammer 92f2a82c03 providers/oauth2: fix double login required when prompt=login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 01:10:08 +02:00
Jens Langhammer dcf074650e providers/proxy: fix redirect_uris not always being set on save 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 01:10:04 +02:00
Jens Langhammer acf1ad91d9 providers/oauth2: fix double login required when prompt=login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-19 23:34:27 +02:00
Jens Langhammer a74419214c providers/proxy: fix redirect_uris not always being set on save 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-19 23:10:00 +02:00
Jens Langhammer bc6aef7af2 lib: improve sentry integration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-18 11:29:36 +02:00
Jens Langhammer 788ea46d8c flows: fix formatting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-18 09:23:22 +02:00
Jens Langhammer 06dee5d5d8 flows: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-17 23:38:31 +02:00
Jens Langhammer 3cf0f07baf *: fix API Schema for file uploads 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-17 23:12:52 +02:00
Jens Langhammer f016095891 Merge branch 'master' into openapi-v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
 2021-05-17 20:37:18 +02:00
Jens Langhammer 5a465fbc36 release: 2021.5.2 2021-05-17 19:54:10 +02:00
Jens Langhammer 7f4bd27b85 Merge branch 'master' into openapi-v3 2021-05-16 23:51:45 +02:00
Jens Langhammer b66626f9c4 ci: generate secert_key for CI runs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 23:46:23 +02:00
Jens Langhammer f9ce41229d api: fix unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 22:36:26 +02:00
Jens Langhammer ae6a406b1d Merge branch 'master' into openapi-v3 2021-05-16 22:29:39 +02:00
Jens Langhammer 45c1a603e7 root: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 22:29:28 +02:00
Jens Langhammer 330219e76f Merge branch 'master' into openapi-v3 2021-05-16 22:26:07 +02:00
Jens Langhammer 583271d5ed root: only load debug secret key when debug is enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 22:25:55 +02:00
Jens Langhammer 0db17b9729 root: remove yasg 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 22:18:04 +02:00
Jens Langhammer 9f9ee66cc4 api: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 21:57:04 +02:00
Jens Langhammer ab2bd622a8 Merge branch 'master' into openapi-v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	outpost/pkg/ak/api.go
#	outpost/pkg/ak/global.go
#	outpost/pkg/ldap/instance_bind.go
 2021-05-16 21:36:24 +02:00
Tom Pansino 8d2a3b67b9
lib: Fix config loading of secrets from files (#887) 2021-05-16 21:10:31 +02:00
Jens Langhammer 8b6292b3de api: don't overwrite 400 and 403 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 20:54:58 +02:00
Jens Langhammer cbed5a6522 api: fix missing error definitions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 19:53:04 +02:00
Jens Langhammer 589f806b7c flows: fix schema for flow executor 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 19:13:31 +02:00
Jens Langhammer 07dc648470 web: fix mixed Static/TOTP pages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:59:33 +02:00
Jens Langhammer 41f6d3b6e7 stages/authenticator_static: add serializer for tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:55:47 +02:00
Jens Langhammer d0f1daf025 admin: make tasks's retry api not ask for a body 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:43:47 +02:00
Jens Langhammer d38fd603dd web: fix more special API Calls 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:41:02 +02:00
Jens Langhammer ba5374f6e1 web: mass update API calls 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:24:15 +02:00
Jens Langhammer 7152d7ee01 outposts: fix schema for outposts health 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:10:11 +02:00
Jens Langhammer ab07113530 admin: migrate WorkerViewSet to APIView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:06:46 +02:00
Jens Langhammer a7d7b46747 admin: migrate version view to APIView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 18:00:02 +02:00
Jens Langhammer 9a44088d2b admin: migrate metrics viewset to APIView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 17:49:37 +02:00
Jens Langhammer b351ae12c5 api: make config viewset single view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 17:44:19 +02:00
Jens Langhammer 759bf59780 core: make filefields readonly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 17:34:55 +02:00
Jens Langhammer 10cb60f48e api: fix pagination not being required in schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 17:32:13 +02:00
Jens Langhammer ef9f08553c *: linting pass, rename from swagger to schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 15:22:57 +02:00
Jens Langhammer 4fb71a6bdd api: fix pagination schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 15:08:51 +02:00
Jens Langhammer cac1f242dc *: replace swagger with openapi 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 14:23:05 +02:00
Jens Langhammer 0bac738090 *: fix static response descriptions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 14:07:29 +02:00
Jens Langhammer 1324d03815 *: initial migration to openapi v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 23:57:28 +02:00
Jens Langhammer c55f2ad10a root: set additional sentry tags 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 19:53:43 +02:00
Jens Langhammer a30b32fbbf outposts: fix missing default for OutpostState.for_channel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 17:46:53 +02:00
Jens Langhammer 1745306cc6 outposts: fix error when controller loads from cache but cache has expired 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 17:45:33 +02:00
Jens Langhammer 8925787a13 flows: fix error when using cancel flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 17:42:37 +02:00
Jens Langhammer 968b7ec17a lib: fix parsing of remote IP header when behind multiple reverse proxies 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 15:08:53 +02:00
Jens Langhammer 6600d5bf69 providers/oauth2: use user.uid 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 14:08:49 +02:00
Jens Langhammer a4278833d8 providers/proxy: fix ingress not being created with full https 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 13:45:41 +02:00
Jens Langhammer 942905b9b1 providers/proxy: fix formatting issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 16:24:35 +02:00
Jens Langhammer 8d7bb7da17 providers/proxy: connect ingress to https instead of http 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#882
 2021-05-14 11:42:03 +02:00
Jens Langhammer 9939db13c3 outposts: fix reload notification not working due to wrong ID being saved 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 11:13:04 +02:00
Jens Langhammer 465750276c core: fix application's slug field not being set to unique 
closes #881

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 10:49:42 +02:00
Jens Langhammer 0b7ebf0e07 release: 2021.5.1 2021-05-13 20:50:31 +02:00
Jens Langhammer 709581f5a8 root: use ghcr images by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 20:15:29 +02:00
Jens Langhammer 1df8790050 stages/authenticator_static: fix error when listing devices 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 18:09:55 +02:00
Jens Langhammer 3c23ad340f web/admin: improve diagram api for flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 18:01:40 +02:00
Jens Langhammer f9f2e00913 core: improve error handling for backups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-13 17:56:49 +02:00
Jens Langhammer 8f99891a9d release: 2021.5.1-rc10 2021-05-12 21:25:18 +02:00
Jens Langhammer 97a3c2d88b release: 2021.5.1-rc9 2021-05-12 20:50:29 +02:00
Jens Langhammer e91ff4566d Merge branch 'next' into version-2021.5 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	outpost/pkg/version.go
 2021-05-12 20:49:58 +02:00
Jens Langhammer a3fccbdaff outposts: add build_hash for docker image 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 20:36:18 +02:00
Jens Langhammer bdf9f26d07 outposts: compare build hash in outdated check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 19:05:29 +02:00
Jens Langhammer 9a0aa4c79b outposts/ldap: add infinite loop prevention 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 18:31:44 +02:00
Jens Langhammer 52cf4890cf root: remove servername from backup files 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 17:53:23 +02:00
Jens Langhammer 8e5d03cb86 outposts: remove legacy API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 16:41:54 +02:00
Jens Langhammer 2190fa555b events/api: fix error when updating transports 
closes #866

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 16:41:30 +02:00
Jens Langhammer 3665e2fefa release: 2021.5.1-rc8 2021-05-12 14:52:34 +02:00
Jens Langhammer 3dbe35cf9e stages/invitation: fix wrong serializer used for user model 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	swagger.yaml
 2021-05-12 14:22:16 +02:00
Jens Langhammer c7f0ea8a4b root: update dbbackup to git version 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 01:20:31 +02:00
Jens Langhammer 0620324702 root: bump version of psf black 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 00:42:46 +02:00
Jens Langhammer 5a0e78c698 outposts: fix issue with duplicate outpost health 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 21:46:30 +02:00
Jens Langhammer 84dfbcaaae providers/api: return redirect_uris for proxy provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 20:02:17 +02:00
Jens Langhammer e649e9fb03 core: don't use self.get_object for application permission check to prevent 404 when view permission is missing 
closes #864

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 17:35:11 +02:00
Jens Langhammer 266ef66a6f Merge branch 'master' into next 2021-05-11 14:57:52 +02:00
Andreas Egli 842fdb0b0c
fixed session durations of more than 1 day (#863) 2021-05-11 14:57:33 +02:00
Jens L 36f7cad23b
Merge pull request #862 from goauthentik/form-refresh-on-save 
Form refresh on save
 2021-05-11 14:23:32 +02:00
Jens Langhammer 24f2932777 crypto: add ?download flag 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#861
 2021-05-11 14:21:35 +02:00
Jens Langhammer 124ce80694 sources/plex: make plex_token readable from API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 13:32:28 +02:00
Jens Langhammer 4e2443d60b flows: make cancel link always logout user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 13:13:05 +02:00
Jens Langhammer 17b65adcc5 lib: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 13:07:47 +02:00
Jens Langhammer 96ea7ae09c root: allow configuration of s3 backup location 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 02:10:00 +02:00
Jens Langhammer 172bfceb31 root: fix db backup failing when password has special chars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 02:01:22 +02:00
Jens Langhammer 932b19999e providers/proxy: missing @property for noop 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 01:26:01 +02:00
Jens Langhammer 788fd00390 outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 00:27:29 +02:00
Jens Langhammer a293a14f2a outposts: re-add _config for backwards compat 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 22:28:46 +02:00
Jens Langhammer 51e3453dca admin: fix linting in api tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 20:14:21 +02:00
Jens Langhammer 6f58fdf158 api: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 19:51:29 +02:00
Jens Langhammer 219b8d1a57 outposts: allow individual components of managed outposts to be disabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 19:27:48 +02:00
Jens Langhammer c7d4e69669 root: make database port configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 19:25:15 +02:00
Jens Langhammer cd629dfbaa outposts: improve API validation for config attribute, ensure all required attributes are set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 19:24:42 +02:00
Jens Langhammer 3d0a853449 Merge branch 'version-2021.5' into next 2021-05-10 18:07:39 +02:00
Jens Langhammer c2f8ff55cf outposts: fix outpost delete hanging thread, run cleanup in async task with info from cache with ability to retry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 17:11:31 +02:00
Jens Langhammer 80fae44f47 release: 2021.5.1-rc7 2021-05-10 12:13:10 +02:00
Jens Langhammer 73eb97ca6e release: 2021.5.1-rc6 2021-05-10 11:44:23 +02:00
Jens Langhammer ebe90d8886 Merge branch 'next' into version-2021.5 2021-05-10 11:43:50 +02:00
Jens Langhammer a1a1b113b1 release: 2021.5.1-rc5 2021-05-10 11:34:00 +02:00
Jens Langhammer 1fb3642701 sources/oauth: fix google tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 00:27:37 +02:00
Jens Langhammer 847d97b813 sources/oauth: fix google tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 00:27:20 +02:00
Jens Langhammer 1f1d322958 *: fix api results when non-superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 00:01:35 +02:00
Jens Langhammer e4841ce1a4 Merge branch 'version-2021.5' into next 2021-05-09 23:41:23 +02:00
Jens Langhammer e33a5528f7 core: catch IntegrityError in flow_manager and deny request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 23:31:39 +02:00
Jens Langhammer b7d828702d sources/oauth: don't set username on google source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 22:56:44 +02:00
Jens Langhammer f7fd31cc84 release: 2021.5.1-rc4 2021-05-09 21:43:38 +02:00
Jens Langhammer 04aae8f584 sources/oauth: make secret write_only 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 21:40:25 +02:00
Jens Langhammer bbca90c93a Merge branch 'next' into version-2021.5 2021-05-09 20:57:23 +02:00
Jens Langhammer dda1d4e0fb core: add more logs to flow_manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 20:27:37 +02:00
Jens Langhammer f072c600cc lifecycle: use URl for redis on startup to prevent errors with no paswords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 20:13:58 +02:00
Jens Langhammer 92537a6c8d Merge branch 'next' into version-2021.5 2021-05-09 18:46:26 +02:00
Jens Langhammer 72836ecd9d outposts: default to currently running namespace if possible 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 18:44:32 +02:00
Jens Langhammer 251a97c77e Merge branch 'next' into version-2021.5 2021-05-09 18:13:52 +02:00
Jens Langhammer 7f7046f0e4 outposts: lowercase k8s object names 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 18:13:21 +02:00
Jens Langhammer cd3f02fd3b release: 2021.5.1-rc3 2021-05-09 17:25:48 +02:00
Jens Langhammer d3feab9463 release: 2021.5.1-rc2 2021-05-09 16:43:36 +02:00
Jens Langhammer 70c25692eb release: 2021.5.1-rc1 2021-05-09 16:07:50 +02:00
Jens Langhammer a6a8eddf7c providers/proxy: create ingress for forward_auth /akprox path 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 12:40:44 +02:00
Jens Langhammer 8c0a87b710 outposts: improve logging for outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 12:34:44 +02:00
Jens Langhammer 5cad59a9f8 providers/proxy: fix being able to set empty internal_host 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 00:07:34 +02:00
Jens Langhammer 5ac6a6910e outposts: check if traefik CRD exists before attempting to delete 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-08 21:59:13 +02:00
Jens Langhammer d751a7fc4c lib: add user attribute "goauthentik.io/user/override-ips" to allow overriding of client ips 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-08 21:42:31 +02:00
Jens Langhammer 1b87375661 lib: add default to config from file:// 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-08 17:13:13 +02:00
Jens Langhammer 6868b7722c outposts: delete old outpost deployment when name or namespace is changed 
closes #845

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-08 16:11:38 +02:00
Jens Langhammer 7a1935b4e2 outposts: fix error on k8s when name has spaces 
closes #846

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-08 14:09:21 +02:00
Jens Langhammer 5e7521915a stages/password: fix configure_flow not being set on initial setup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 14:08:43 +02:00
Jens Langhammer 9fc072e4df outposts: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 11:56:44 +02:00
Jens Langhammer 55ea9afeec core: fix dark mode on server-side rendered pages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 11:53:53 +02:00
Jens Langhammer 9485f0b8cc outpost/ldap: make users and groups OU instead of CN 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 11:46:26 +02:00
Jens Langhammer e6dfa8294e providers/proxy: use name.namespace for middleware service 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 10:07:30 +02:00
Jens Langhammer e5a5a5c603 outposts: fix k8s controller not handing Disabled() in static deployment 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 09:52:43 +02:00
Jens Langhammer ea7f9f291f outposts: create traefikmiddleware if forwardAuth is enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 00:01:35 +02:00
Jens Langhammer 241d790e69 stages/user_write: if any connection is being sent in the plan context, save it to the user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 22:10:20 +02:00
Jens Langhammer 83e08f12ae core: fix arguments not being passed in FlowManager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 22:07:48 +02:00
Jens Langhammer 6526659b51 sources/plex: allow auth for owner (when identifier of source plex token matches) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 21:50:15 +02:00
Jens Langhammer 6c3b7c8d3e events: handle error when notifications are triggered and no users exist 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 20:13:04 +02:00
Jens Langhammer d51ecc4554 sources/saml: handle internal error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 20:10:56 +02:00
Jens Langhammer ef63e35ad2 outposts: improve messaging from controller on k8s 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 20:07:29 +02:00
Jens Langhammer 4e9176ed2e outposts: support different port on container vs exposed port 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 19:59:49 +02:00
Jens Langhammer d1296e9cc7 outposts: fix deployments referencing the wrong secret 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 19:51:14 +02:00
Jens Langhammer d85e0593f1 core: set attributes on users which are enrolled via source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 19:35:05 +02:00
Jens Langhammer b3a3852a54 core: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 13:58:58 +02:00
Jens Langhammer 49bf82a0a4 core: add user filter by superuser status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 13:44:42 +02:00
Jens Langhammer 73b87a5e3d events: fix error in API when specifying max_n 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 13:15:54 +02:00
Jens Langhammer ac9cac302c outposts: fix outpost state showing last time without version 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 20:49:13 +02:00
Jens Langhammer 701c140cfd providers/proxy: fix logic error for ingress lookup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 20:28:13 +02:00
Jens Langhammer fa2ff5fc2b sources/plex: save user's plex token, add option to allow friends 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 19:37:59 +02:00
Jens Langhammer d5cab5d580 sources/plex: fix default for client_id 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 19:23:51 +02:00
Jens Langhammer be8b2bf6f6 providers/proxy: don't create ingress for domains which use forwardAuth, don't create ingress at all if all providers are forward auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 17:53:12 +02:00
Jens Langhammer b266a2cdfb outposts: make k8s service type configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 15:37:56 +02:00
Jens Langhammer 9a15a66d85 outposts: make k8s object naming configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 15:36:27 +02:00
Jens Langhammer 446f104c90 core: add user UID to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 11:54:28 +02:00
Jens Langhammer 86c2a5d69d lib: handle errors when reading config from file:// 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 01:03:00 +02:00
Jens Langhammer 1a02049104 core: show users and groups when user has overall user permissions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 01:02:47 +02:00
Jens Langhammer 32934fcd38 outpost/ldap: check access based on Group Membership 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 00:03:19 +02:00
Jens Langhammer d84d7c26ca Merge branch 'master' into outpost-ldap 2021-05-04 23:34:31 +02:00
Jens Langhammer 2f6e6a3123 core: improve messaging when flow manager denied request 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 23:30:21 +02:00
Jens Langhammer ba57bf4fa2 lib: add support for file:// protocol in config file 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 22:53:59 +02:00
Jens Langhammer e674f03064 */api: fix lookups per user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 21:58:20 +02:00
Jens Langhammer 08451c15f4 outposts/ldap: save user DN to determine who can search 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 21:49:15 +02:00
Jens Langhammer 99d161e212 Merge branch 'master' into outpost-ldap 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
 2021-05-04 21:02:20 +02:00
Jens Langhammer 4acbda2b77 core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 18:49:27 +02:00
Jens Langhammer 83cfb5f8c2 stages/email: improve error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 18:30:23 +02:00
Jens Langhammer 0d370ef0a9 web/admin: filter out service accounts by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 18:23:13 +02:00
Jens Langhammer 42f9ba8efe gproxy: load default config file for debug and listen statements 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 14:10:34 +02:00
Jens Langhammer 812be495a5 Merge branch 'master' into go-proxy 2021-05-03 22:53:33 +02:00
Jens Langhammer dbc3df1f63 events: handle error when notification rule doesn't exist during task 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 22:52:39 +02:00
Jens Langhammer d330e9ee7f web/flows: fix rendering for plex login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 22:08:25 +02:00
Jens Langhammer be21a5d172 sources/plex: add general tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 21:55:55 +02:00
Jens Langhammer 6fc38436f4 sources/plex: set better defaults on model 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 21:23:13 +02:00
Jens Langhammer 35faf269db sources: rewrite onboarding 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 20:27:52 +02:00
Jens Langhammer e56c3fc54c Merge branch 'master' into plex-auth 2021-05-03 18:28:53 +02:00
Jens Langhammer 1041718e27 sources/saml: fix redirect url dropping non-standard ports 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 14:51:46 +02:00
Jens Langhammer 2507c0eec9 stages/invitation: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 12:44:19 +02:00
Jens Langhammer 4523550422 stages/invitation: add single_use flag to delete invitation after use 
closes #821

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 09:52:38 +02:00
Jens Langhammer 988cf15b71 root: initial go proxy, update compose and helm 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-03 09:39:09 +02:00
Jens Langhammer 01d29134b9 sources/plex: add API to redeem token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 16:47:20 +02:00
Jens Langhammer 55250e88e5 sources/*: rewrite UILoginButton to return challenge instead 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 16:46:27 +02:00
Jens Langhammer f1b100c8a5 sources/plex: initial plex source implementation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 14:43:51 +02:00
Jens Langhammer 19708bc67b core: add additional_data to UILoginButton to pass additional data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 14:43:26 +02:00
Jens Langhammer c529340d6c *: fix title not being set correctly for server-side rendered views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 12:22:50 +02:00
Jens Langhammer c317efa14c Merge branch 'master' into outpost-ldap 2021-05-01 00:26:55 +02:00
Jens Langhammer 379fcf9c1f sources/saml: fix error ValueError while decoding XML 
closes #812

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-01 00:18:57 +02:00
Jens Langhammer e10a7b48b7 sources/saml: fix Redirect bindings when SSO Url already has query params 
related to #812

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-30 23:44:04 +02:00
Jens Langhammer 3e666de91d outposts: fix formatting of image name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-30 16:52:28 +02:00
Jens Langhammer 333758d91f crypto: handle encrypted private keys 
closes #811

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-30 15:25:42 +02:00
Jens Langhammer eb8f52b870 stages/identification: fix tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-30 10:15:27 +02:00
Jens Langhammer 9ce49c2089 stages/identification: fix unused import 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-30 09:34:33 +02:00
Jens Langhammer 34c45900c2 stages/identification: allow selection of no user fields to only allow login via sources 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-30 01:07:37 +02:00
Jens Langhammer bf7d110af3 Merge branch 'version-2021.4' 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	.github/workflows/release.yml
#	helm/README.md
#	helm/values.yaml
#	website/docs/installation/kubernetes.md
 2021-04-29 23:50:52 +02:00
Jens Langhammer 4e5eeacf0a release: 2021.4.5 2021-04-29 23:03:09 +02:00
Jens Langhammer b55cb2b40c Merge branch 'master' into outpost-ldap 2021-04-29 20:13:47 +02:00
Jens Langhammer 25c001f2cd outposts: allow better configuration of outpost image name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-29 20:07:53 +02:00
Jens L 2a409215d3
outpost: forwardAuth mode (#790) 2021-04-29 18:17:10 +02:00
Jens Langhammer d1d28722d2 lib: don't send 404 errors to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-29 15:27:41 +02:00
Jens Langhammer 35f0e6b88d lib: don't send 404 errors to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-29 15:25:54 +02:00
Jens Langhammer a6e528d209 core: fix text color of error pages not being white 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-29 15:18:28 +02:00
Jens Langhammer bb2c4423b0 core: fix text color of error pages not being white 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-29 15:17:10 +02:00
Jens Langhammer 2c70301f56 stages/invitation: accept token from prompt_data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:43:40 +02:00
Jens Langhammer 07b9923bf6 stages/invitation: fix token not being loaded correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:43:40 +02:00
Jens Langhammer 3dcd67c1a3 outposts: only kill docker container if its running 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:43:32 +02:00
Jens Langhammer 2a9feafb90 root: add middleware to properly report websocket connection to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:42:10 +02:00
Jens Langhammer 1af3357826 *: make logger not use .error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:41:44 +02:00
Jens Langhammer ed49d7824e stages/email: catch ValueError when global email settings are invalid 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:41:38 +02:00
Jens Langhammer 378402fcf0 stages/user_login: add tests for explicit session length 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:41:21 +02:00
Jens Langhammer b2b9093c95 web: don't enable ShadyDOM on selenium 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:40:16 +02:00
Jens Langhammer afa2afe1d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface 
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:40:16 +02:00
Jens Langhammer d7631e8af0 stages/invitation: accept token from prompt_data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:39:06 +02:00
Jens Langhammer 6e625f7400 stages/invitation: fix token not being loaded correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 22:13:54 +02:00
Jens L c4e4e17f93
providers/oauth2: add access_code_validity (#795) 
closes #794

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 21:03:43 +02:00
Jens Langhammer 9b70aaa717 outposts: only kill docker container if its running 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 18:32:16 +02:00
Jens Langhammer 4d858c64e0 Merge branch 'master' into outpost-ldap 2021-04-27 17:08:26 +02:00
Jens Langhammer 6f0792ccfe api: remove legacy basic auth for 2021.3 outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 17:06:47 +02:00
Jens Langhammer 04f06e00ff api: add tests for permission_required decorator 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 17:04:38 +02:00
Jens Langhammer 776c3128b8 flows: add tests for stage type, component and ui_user_settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 16:52:50 +02:00
Jens Langhammer e9e0992dce root: add middleware to properly report websocket connection to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 16:21:44 +02:00
Jens Langhammer ccef7b4233 *: make logger not use .error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 15:43:26 +02:00
Jens Langhammer cad6c42fdd lib: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 15:43:11 +02:00
Jens Langhammer d2abe6d455 stages/email: catch ValueError when global email settings are invalid 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 15:20:09 +02:00
Jens Langhammer 68d120b3b4 sources/oauth: add tests for google type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 15:19:54 +02:00
Jens Langhammer 48c0c0baca */api: simplify lookups for per-user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 14:53:01 +02:00
Jens Langhammer 7b29a1e485 stages/user_login: add tests for explicit session length 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 14:52:42 +02:00
Jens Langhammer fe28d216fe providers/oauth2: always test JWT keys in tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 14:07:04 +02:00
Jens Langhammer 3ce8b836dc outposts: allow outposts to have non-object specific permissions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 23:28:26 +02:00
Jens Langhammer 1d5958a78f providers/ldap: add search_group to limit who can do search requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 23:25:03 +02:00
Jens Langhammer 2a122845d9 core: add groups to users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 19:51:24 +02:00
Jens Langhammer fae4d34131 Merge branch 'master' into outpost-ldap 2021-04-26 17:11:50 +02:00
Jens Langhammer 7ff7bfeb58 core: fix incorrect styling for bse_full template 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 16:44:13 +02:00
Jens Langhammer 29da7dd8d6 providers/ldap: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 15:49:19 +02:00
Jens Langhammer b3c8ffb96c outposts/ldap: use authorization_flow instead of separate field 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 15:09:41 +02:00
Jens Langhammer b35d9ae8b0 outposts: fix type not being configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 14:45:14 +02:00
Jens Langhammer 302b047f1a outposts/ldap: add controllers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 14:26:31 +02:00
Jens Langhammer d741ed430a web/admin: add UI for LDAP Provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 12:12:02 +02:00
Jens Langhammer f89479caf3 providers/ldap: add LDAP provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 11:52:42 +02:00
Jens Langhammer 5fb07acf54 core: add API to check access to single application by slug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 10:08:35 +02:00
Jens Langhammer 99d0d4e8de Merge branch 'master' into outpost-ldap 2021-04-26 09:25:26 +02:00
Jens Langhammer 9341787fe7 providers/oauth2: replace deprecated jwkest with pyjwt 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 00:02:13 +02:00
Jens Langhammer a525d6c3a9 Merge branch 'master' into outpost-ldap 2021-04-25 20:46:02 +02:00
Jens Langhammer 502ac51fa7 web: don't enable ShadyDOM on selenium 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-25 01:29:01 +02:00
Jens Langhammer 4bc6fd28d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface 
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-24 23:32:46 +02:00
Jens Langhammer 820c9e7d06 Merge branch 'master' into outpost-ldap 2021-04-24 22:22:01 +02:00
Jens Langhammer 5f58a4566c release: 2021.4.4 2021-04-24 21:03:29 +02:00
Jens Langhammer d616bdd5d6 providers/oauth2: add proper support for non-http schemes as redirect URIs 
closes #772

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-23 16:34:52 +02:00
Jens Langhammer 3282b34431 providers/oauth2: fix TokenView not having CORS headers set even with proper Origin 
and added tests. closes #771

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 23:48:28 +02:00
Jens Langhammer 392d9bb10b providers/oauth2: fix misleading name of cors_allow_any 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#771
 2021-04-22 23:29:49 +02:00
Jens Langhammer 799d186510 web/flows: fix Sentry not being loaded correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 20:48:22 +02:00
Jens Langhammer 3983b7fbe4 lib: don't send SuspiciousOperation to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 20:17:00 +02:00
Jens Langhammer d75284a587 flows: fix errors which occur during flow execution being sent to sentry malformed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 20:14:37 +02:00
Jens Langhammer a7598c6ee5 *: fix more URLs for github org 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 11:06:56 +02:00
Jens Langhammer 499b52df6a root: update urls to github org 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-21 22:46:48 +02:00
Jens Langhammer b8a566f4a0 outposts: move local connection check to task, run every 60 minutes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-21 11:34:48 +02:00
Jens Langhammer aa0e8edb8b *: make tasks run every 60 minutes not :00 every hour 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-21 11:26:17 +02:00
Jens Langhammer 57072dd6ce stages/identification: fix query logic for user lookup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-21 10:09:38 +02:00
Jens Langhammer b40afb9b7d stages/identification: ignore inactive users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-20 21:45:14 +02:00
Jens Langhammer 1f783dfc01 stages/user_login: add default backend 
closes #763

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-20 20:53:07 +02:00
Jens Langhammer 76131e40ec tests/e2e: monkey patch OAuth1 test instead of setting URLs manually 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-20 20:03:20 +02:00
Jens Langhammer a8998a6356 sources/oauth: handle error in auzre_ad when ID Can't be extracted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-20 17:27:52 +02:00
Jens Langhammer dc75d7b7f0 sources/oauth: fix error whilst fetching user profile when source uses fixed URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-20 17:25:59 +02:00
Jens Langhammer e20bb7d636 release: 2021.4.3 2021-04-20 09:15:07 +02:00
Jens Langhammer 4f5e1fb86b outposts: initial ldap outpost implementation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-20 00:30:27 +02:00
Jens Langhammer 464a1c0536 api: make 401 messages clearer 
closes #755

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 20:46:57 +02:00
Jens Langhammer b75feab709 outposts: don't run outpost_controller when no service connection is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 19:23:26 +02:00
Jens Langhammer 10b45a8dea api: fix 401 responses which should be 403s 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 19:03:00 +02:00
Jens Langhammer c43ac1f704 api: mount outposts under outposts/instances to match flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 18:51:12 +02:00
Jens Langhammer 14d702450a core: add parameter to output property mapping test formatted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 18:32:36 +02:00
Jens Langhammer 8a6879afa5 core: add superuser_full_list to applications list, shows all applications when superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 16:07:30 +02:00
Jens Langhammer fdc7f14056 core: fix Tokens being created with incorrect intent by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 15:43:16 +02:00
Jens Langhammer 8be80aaf9d api: fix CSRF error when using POST/PATCH/PUT in API Browser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-19 15:31:32 +02:00
Jens Langhammer ce082ead5e providers/oauth2: add unittests for authorize and token views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-18 21:05:49 +02:00
Jens Langhammer f328b21e89 providers/oauth2: Set CORS Headers for token endpoint, check Origin header against redirect URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-18 14:20:50 +02:00
Jens Langhammer 52abd959eb sources/oauth: save null instead of empty string for sources without configurable URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 21:15:06 +02:00
Jens Langhammer 32c5bf04b8 *: fix linting errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 20:08:49 +02:00
Jens Langhammer 0021a93952 web/admin: fix non-matching provider type being selected when creating an OAuth Source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 19:17:08 +02:00
Jens Langhammer 67240fb9ad *: add model_name to TypeCreate API to pass to forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 19:12:00 +02:00
Jens Langhammer d2dd7d1366 sources/oauth: fix redirect loop for source with non-configurable URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 19:06:12 +02:00
Jens Langhammer 476e57daa2 Merge branch 'version-2021.4' 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	docker-compose.yml
#	website/docs/installation/kubernetes.md
 2021-04-17 16:01:35 +02:00
Jens Langhammer 60615c9f3e release: 2021.4.2 2021-04-17 15:26:59 +02:00
Jens Langhammer b5b8573d87 core: fix propertymapping API returning invalid value for components 
closes #746

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:05 +02:00
Jens Langhammer 2e44c1cdfc sources/ldap: improve error handling during sync 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:05 +02:00
Jens Langhammer 4a444e667a root: base Websocket message storage on Base not fallback 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:05 +02:00
Jens Langhammer f67b57e369 flows: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:04 +02:00
Jens Langhammer 262a9fa2a0 flows: annotate flows executor 404 error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:04 +02:00
Jens Langhammer e8ba159756 root: fix setting of EMAIL_USE_TLS and EMAIL_USE_SSL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:04 +02:00
Jens Langhammer 0b03d66a2f outposts: fix errors when creating multiple outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:04 +02:00
Jens Langhammer 71b6839d03 flows: include configure_flow in stages API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:04 +02:00
Jens Langhammer 2b48ba4103 sources/oauth: fix resolution of sources' provider type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:03 +02:00
Jens Langhammer 5e67f68f2b core: improve messaging when creating a recovery link for a user when no recovery flow exists 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:03 +02:00
Jens Langhammer 1992b89154 sources/oauth: fix error when creating an oauth source which has fixed URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 12:01:03 +02:00
Jens Langhammer de74f3ec1f core: fix propertymapping API returning invalid value for components 
closes #746

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 11:50:28 +02:00
Jens Langhammer ce98255607 sources/ldap: improve error handling during sync 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 11:29:51 +02:00
Jens Langhammer 5df9ad63cf root: base Websocket message storage on Base not fallback 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 23:46:03 +02:00
Jens Langhammer e4400476a2 flows: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 23:15:06 +02:00
Jens Langhammer b136d3bc69 flows: annotate flows executor 404 error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 22:56:44 +02:00
Jens Langhammer c34fcc73dc root: fix setting of EMAIL_USE_TLS and EMAIL_USE_SSL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 22:44:42 +02:00
Jens Langhammer 11b09c4ebd outposts: fix errors when creating multiple outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 22:43:35 +02:00
Jens Langhammer 33a8cea007 flows: include configure_flow in stages API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 17:19:48 +02:00
Jens Langhammer 1770e42cbf sources/oauth: add login with plex support 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 17:05:35 +02:00
Jens Langhammer 582d2eb5eb sources/oauth: fix resolution of sources' provider type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 11:29:23 +02:00
Jens Langhammer c5e2635903 core: improve messaging when creating a recovery link for a user when no recovery flow exists 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 10:09:46 +02:00
Jens Langhammer cfe0a7a694 sources/oauth: fix error when creating an oauth source which has fixed URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-16 09:49:25 +02:00
Jens Langhammer bd8447d5a7 release: 2021.4.1 2021-04-14 09:46:16 +02:00
Jens Langhammer 4f9f936a7f Merge branch 'master' into version-2021.4 2021-04-13 23:16:35 +02:00
Jens Langhammer 85c9fbe763 api: fix linting error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-13 21:49:47 +02:00
Jens Langhammer 3d9874be69 api: fix error when authorization is empty 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-13 21:41:26 +02:00
Jens Langhammer 9742d19729 Merge branch 'master' into version-2021.4 2021-04-13 21:07:20 +02:00
Jens Langhammer 5a25e6d697 api: add legacy support for older outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-13 21:06:04 +02:00
Jens Langhammer 7a562fe8c0 Merge branch 'master' into version-2021.4 2021-04-13 20:02:25 +02:00
Jens Langhammer 6821679fbc *: add support for bearer authentication on API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-13 20:01:30 +02:00
Jens Langhammer 55bb9b6643 web/admin: show banner when backend and frontend versions mismatch 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-13 16:52:02 +02:00
Jens Langhammer fd0ad20031 release: 2021.4.1-rc2 2021-04-12 20:03:21 +02:00
Jens Langhammer cd1b0c67ea web: fix text colour on initial load when not in dark mode 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-12 12:25:44 +02:00
dependabot[bot] a35f77c612
build(deps-dev): bump pylint-django from 2.4.2 to 2.4.3 (#729) 
* build(deps-dev): bump pylint-django from 2.4.2 to 2.4.3

Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.4.2...v2.4.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: fix pylint warning

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-12 09:33:56 +02:00
Jens Langhammer fae92f6bc8 *: fix JSONField overwriting required 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 23:20:45 +02:00
Jens Langhammer f9bf491240 stages/invitation: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 23:09:09 +02:00
Jens Langhammer 4f27a97e10 *: add validator to ensure JSON Fields only receive dicts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 23:05:19 +02:00
Jens Langhammer a0daaabfde web: replace full pf with components for loading animation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 22:02:48 +02:00
Jens Langhammer ea7ecb50c0 web: disable loading of roboto fonts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 21:52:01 +02:00
Jens Langhammer e7626d0716 Revert "release: 2021.4.1-rc1" 
This reverts commit 2397cb162a.
 2021-04-11 21:04:25 +02:00
Jens Langhammer 2397cb162a release: 2021.4.1-rc1 2021-04-11 16:18:20 +02:00
Jens Langhammer ab4569e5d6 web/admin: fix application form's provider selection not working 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:49:35 +02:00
Jens Langhammer 8df29235bb core: add provider_obj field to applications API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:31:31 +02:00
Jens Langhammer cb048764f4 providers/proxy: make outpost API readonly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:31:15 +02:00
Jens Langhammer d76db3caba *: add missing error codes as swagger annotations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-10 23:55:43 +02:00
Jens Langhammer 32d88c3a49 core: consider never consider expiring models with self.expiring set to false expired 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-10 23:42:42 +02:00
Jens Langhammer 19e73630ab lib: discard all log messages from dbbackup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-10 23:20:20 +02:00
Jens Langhammer 34b8a97ae9 web/admin: add custom rendering for inbuilt sources 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-09 16:30:53 +02:00
Jens Langhammer 5dd29d45d8 core: make Source model managed, add inbuilt source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-09 16:20:59 +02:00
Jens Langhammer 98318953cd sources/ldap: create event when user integrity error occurs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-09 12:17:27 +02:00
Jens Langhammer 232a5a8ad0 root: set default session age to expire on browser close 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-09 11:50:09 +02:00
Jens Langhammer 118f55d95c sources/ldap: fix error during event creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-09 11:29:32 +02:00
Jens Langhammer d37c33d941 sources/ldap: only save sync state in TaskInfo, return TaskInfo in API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-08 23:33:41 +02:00
Jens Langhammer 7b0005ac42 stages/password: handle authenticate() throwing a ValidationError 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-08 23:13:25 +02:00
Jens Langhammer aefeb5bacf sources/ldap: create Event when changing a user's password fails 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-08 23:13:11 +02:00
Jens Langhammer 7d0e7bcf75 core: return none when application has no launch URL and none could be guessed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-08 22:59:11 +02:00
Jens Langhammer ca35204e0c flows: ask for email address in oob flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-08 22:50:58 +02:00
Jens Langhammer 37632bd0c7 lib: don't send DockerException to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-08 22:03:10 +02:00
Jens Langhammer 4054e6da8c helm: don't automount Service token when integration is not enabled, improve k8s detection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-07 16:16:17 +02:00
Jens Langhammer 12b1f53948 root: monitor redis in readiness check, relax monitoring period 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-07 15:51:19 +02:00
Jens Langhammer 35232afa7e core: skip backup when running in k8s and s3 backup not configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-07 15:34:28 +02:00
dependabot[bot] 17de0ff24e
build(deps): bump django from 3.1.7 to 3.2 (#707) 
* build(deps): bump django from 3.1.7 to 3.2

Bumps [django](https://github.com/django/django) from 3.1.7 to 3.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.7...3.2)

Signed-off-by: dependabot[bot] <support@github.com>

* root: set DEFAULT_AUTO_FIELD and remove full app config paths

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: check parent class for component and serializer on abstract classes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-07 10:54:38 +02:00
Jens L a2a35e49a9
improved out-of-box experience (#704) 2021-04-06 20:25:22 +02:00
Jens Langhammer fb409a73a1 web/elements: Fix display in deleteform when object has no name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-06 17:36:42 +02:00
Jens Langhammer a31fc8319d policies: fix policybinding API returning wrong policy objects 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-06 17:24:32 +02:00
Jens Langhammer dcc873b88b admin: add API to get info for a single task 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-05 20:40:22 +02:00
Jens Langhammer f0ef2eea4f admin: sort tasks api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-05 19:21:19 +02:00
Jens Langhammer 61652406c7 events: add progress bar to event expiry migration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-05 13:33:01 +02:00
Jens Langhammer 16d989dbfa core: fix schema for Challenge's type enum 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 16:15:58 +02:00
Jens Langhammer 9517c890b5 if/*: show loading animation before full JS is loaded 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 16:10:08 +02:00
Jens Langhammer 8cae1f2ab5 stages/email: add tests for API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 14:14:58 +02:00
Jens Langhammer 37a14858ad policies: fix display of policy result source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 14:04:41 +02:00
Jens Langhammer b8c41f54c5 stages/email: update default email templates 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 13:40:52 +02:00
Jens Langhammer d1cde64214 stages/email: add support for custom template to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 13:19:22 +02:00
Jens Langhammer a2cfe9c2a7 admin: sort apps in meta api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-04 12:17:35 +02:00
Jens Langhammer a7f751f3b3 web/admin: fix expression info not being localised 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 20:53:52 +02:00
Jens Langhammer e246071aac core: fix user metrics not accepting detail 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 20:33:59 +02:00
Jens Langhammer 55c24de8c7 policies: fix error when viewing/clearing cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 19:57:50 +02:00
Jens Langhammer fc1caf1469 api: remove js i18n catalog 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 19:07:54 +02:00
Jens Langhammer 650b084c72 web: migrate to babel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 18:20:17 +02:00
Jens Langhammer eeb9449c11 lib: remove templatetags 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 12:37:32 +02:00
Jens Langhammer c17eb00e3b providers/oauth2: fix component for Scope 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 12:08:21 +02:00
Jens Langhammer 42cb55d78a *: rename objectType to component to get rid of lookup tables 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 11:32:17 +02:00
Jens Langhammer aaebd01058 admin: finalise migration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 01:20:20 +02:00
Jens Langhammer d7698343ae stages/authenticator_validate: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 01:15:32 +02:00
Jens Langhammer 0b057ccb34 stages/authenticator_webauthn: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 01:06:41 +02:00
Jens Langhammer 995f3a13d1 stages/authenticator_static: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 01:03:43 +02:00
Jens Langhammer ab7f4c5ba2 stages/authenticator_totp: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 01:01:59 +02:00
Jens Langhammer be4288fb46 stages/consent: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:55:17 +02:00
Jens Langhammer 75d8641a38 stages/dummy: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:49:15 +02:00
Jens Langhammer 1d72019645 stages/deny: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:48:15 +02:00
Jens Langhammer c1c47c5f30 stages/email: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:46:40 +02:00
Jens Langhammer fc47af12be stages/invitation: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:42:41 +02:00
Jens Langhammer a9bee998f2 stages/password: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:22:23 +02:00
Jens Langhammer 31226e3c75 stages/prompt: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:10:59 +02:00
Jens Langhammer f7aabe8ca9 stages/user_delete: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 00:04:20 +02:00
Jens Langhammer 8ac82b97d3 stages/user_write: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:54:00 +02:00
Jens Langhammer 128af67011 stages/user_logout: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:52:55 +02:00
Jens Langhammer fb9a4ec461 stages/user_login: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:51:39 +02:00
Jens Langhammer 2a261cfaf8 stages/identification: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:45:50 +02:00
Jens Langhammer 224ad46a21 stages/captcha: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:45:39 +02:00
Jens Langhammer ffe3ec0cb4 root: disable django admin 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:21:40 +02:00
Jens Langhammer 448dd7ed54 core: change TypeCreateSerializer to component 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:17:30 +02:00
Jens Langhammer 1dc01ef857 *: add API tests for types endpoints 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 23:11:53 +02:00
Jens Langhammer 0f76e80341 admin: remove policies views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 17:15:48 +02:00
Jens Langhammer 6acfbb7d66 policies/reputation: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 17:09:30 +02:00
Jens Langhammer fcdc064cac policies/password: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 17:09:19 +02:00
Jens Langhammer 0c92f4a74d policies/hibp: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:57:55 +02:00
Jens Langhammer ac136ec5f6 policies/expiry: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:49:37 +02:00
Jens Langhammer f75f6a8404 policies/expression: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:42:30 +02:00
Jens Langhammer 415bb4cc88 policies/event_matcher: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:37:51 +02:00
Jens Langhammer 6a3e1da986 policies/dummy: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:31:53 +02:00
Jens Langhammer 5a6b6c369e admin: add API to get all installed apps 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:13:09 +02:00
Jens Langhammer 66d342880c events: add API to get all event actions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 16:02:58 +02:00
Jens Langhammer 7fad2b6563 sources/oauth: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 15:42:07 +02:00
Jens Langhammer 22f50aae45 managed: fix ManagedSerializer interfering with other serializers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 15:00:15 +02:00
Jens Langhammer 1daba5db87 sources/oauth: revamp types system, move default URLs to type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 14:59:58 +02:00
Jens Langhammer 83fc22005c *: remove swagger parameters from functions that don't accept them 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 13:39:22 +02:00
Jens Langhammer 7eb7fc2e12 sources/oauth: add API to get provider types 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 13:26:42 +02:00
Jens Langhammer 07702afe68 sources/saml: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 13:12:31 +02:00
Jens Langhammer 70fc4c0d88 sources/ldap: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 12:12:14 +02:00
Jens Langhammer 742f570c4c managed: add API serializer, add managed field 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 12:03:33 +02:00
Jens Langhammer ed2e9b88e7 Merge branch 'master' into new-forms-part-3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 23:02:22 +02:00
Jens Langhammer dd88d9254e Merge branch 'next' 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/interfaces/AdminInterface.ts
 2021-04-01 20:46:06 +02:00
Jens Langhammer 509f21a9b4 providers/oauth2: add validation and tests to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 20:43:18 +02:00
Jens Langhammer b299451cab providers/saml: fix metadata download not being unauthenticated 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 20:16:07 +02:00
Jens Langhammer 7e63a18d37 providers/saml: fix unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 20:05:50 +02:00
Jens Langhammer b9e718f5b8 web: build polyfills into separate file, load first 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 19:55:32 +02:00
Jens Langhammer b4a6f8350b admin: remove provider views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 19:28:30 +02:00
Jens Langhammer 5eb9b95ab5 providers/saml: migrate import to API, add API tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 19:28:12 +02:00
Jens Langhammer 7a0ebbdc53 crypto: add filter for key-pairs with private key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 11:38:35 +02:00
Jens Langhammer d3f2f987e0 providers/saml: migrate saml property mappings to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:38:40 +02:00
Jens Langhammer 221e6190c8 sources/ldap: migrate property mappings to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:08:40 +02:00
Jens Langhammer 6a69425688 providers/oauth2: migrate scope mapping to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:07:57 +02:00
Jens Langhammer 656fe00302 outposts: migrate service connections to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 22:47:41 +02:00
Jens Langhammer af438af8ac stages/invitation: add API tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 20:52:46 +02:00
Jens Langhammer 041b51a7f8 policies: add tests for bindings API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 20:37:24 +02:00
Jens Langhammer 330d5047e7 core: add tests for token API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 20:36:28 +02:00
Jens Langhammer e476186cbc web/admin: migrate policybinding form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 19:41:42 +02:00
Jens Langhammer 3124b0f39c web/elements: add support for non-field errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 19:13:56 +02:00
Jens Langhammer 55f68a9197 policies: fix api updating issues 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 18:54:36 +02:00
Jens Langhammer c92a2ecbf5 web/admin: fix hideManaged toggle for propertymapping list 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 16:47:39 +02:00
Jens Langhammer d248b30eb3 policies: fix serializers for bindings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 16:26:52 +02:00
Jens Langhammer 25e043afea web/admin: migrate FlowStageBinding form to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 15:46:48 +02:00
Jens Langhammer 0395c84270 web/admin: fix flow execute button 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 15:00:54 +02:00
Jens Langhammer e66c46ff59 Merge branch 'master' into new-forms-part-2 2021-03-31 14:16:24 +02:00
Jens L 46f4493f04
policies: configurable engine mode (#682) 
* policies: add policy_engine_mode field, defaults to MODE_ALL

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to forms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: update default for new objects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* docs: add to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 14:14:56 +02:00
Jens Langhammer 64fa04306c core: overwrite user on token creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 22:46:19 +02:00
Jens Langhammer cb0b5f7146 web/admin: migrate prompts to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 22:12:06 +02:00
Jens Langhammer 8a3b1ae29d web/admin: migrate invitations to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 22:11:30 +02:00
Jens Langhammer 78a4a167ac outposts: remove outpost form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 18:45:26 +02:00
Jens Langhammer 23d7ef36d2 core: remove provider and outpostserviceconnection base model create operations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 18:35:06 +02:00
Jens Langhammer d1dd6b7a8f core: fix tests for property mapping API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 18:34:33 +02:00
Jens Langhammer 9c65fd814b web: fix saving for CodeMirror not returning an object 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 18:20:48 +02:00
Jens Langhammer 58a7d67922 web/admin: migrate property mapping test to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 17:53:43 +02:00
Jens Langhammer b1fb2982ef web/admin: port policy test form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 17:53:26 +02:00
Jens Langhammer f206baf3f0 core: add API to test property mapping 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 17:32:57 +02:00
Jens Langhammer 6916c59483 policies: fix test API not working, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 17:22:47 +02:00
Jens Langhammer 41914d9b7a crypto: add tests for builder 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 16:34:45 +02:00
Jens Langhammer 80b0aef210 core: add new permissions for tokens to view key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 15:50:41 +02:00
Jens Langhammer b1214f6c35 *: add new base class for non-model serializers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 15:50:00 +02:00
Jens Langhammer c7dcf92a2e api: add tests for swagger generation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 15:23:37 +02:00
Jens Langhammer 69ee18e13d Merge branch 'master' into new-forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
 2021-03-30 10:26:18 +02:00
dependabot[bot] c180a521ec
build(deps-dev): bump pylint from 2.7.2 to 2.7.3 (#674) 
* build(deps-dev): bump pylint from 2.7.2 to 2.7.3

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.7.2...pylint-2.7.3)

Signed-off-by: dependabot[bot] <support@github.com>

* sources/saml: fix linting for SAMLBindingTypes.Redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/oauth: Fix linting for RequestKind

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix linting for ChallengeTypes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 10:05:14 +02:00
Jens Langhammer 7e85524e51 *: simplify API permissions checking, add API for user recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 09:45:48 +02:00
Jens Langhammer 54c50f6446 policies: add test API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 23:40:36 +02:00
Jens Langhammer 09aa5d6350 web/admin: migrate outposts to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 23:12:31 +02:00
Jens Langhammer e5ff416c2d outposts: add API for default config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 22:52:08 +02:00
Jens Langhammer 21ea527623 api: fix invalid swagger schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 22:34:24 +02:00
Jens Langhammer 36c34e05f8 stages/authenticator_webuahtn: remove views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 22:31:29 +02:00
Jens Langhammer 3a2f285a87 flows: add API to debug-execute a flow and import flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 22:21:04 +02:00
Jens Langhammer a09481dea2 flows: add API to set background image 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 21:40:08 +02:00
Jens Langhammer 03ff495011 web/admin: migrate application form to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 21:39:53 +02:00
Jens Langhammer 657b0089b1 core: add set_icon operation to applications API to set icon 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 21:16:13 +02:00
Jens Langhammer 7d74e1d2c4 *: revert to drf-yasg upstream 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 21:04:54 +02:00
Jens Langhammer 81ac53ff0a web/admin: migrate events notification rules to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 19:22:22 +02:00
Jens Langhammer 1e58941323 web/admin: migrate Event Transport to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 19:06:00 +02:00
Jens Langhammer a52b57cc38 events: fix missing send_once param from api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 18:58:54 +02:00
Jens Langhammer 372cf4a8cb api: add error responses to swagger schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 18:09:45 +02:00
Jens Langhammer dfff2a1134 web/admin: migrate crypto/certificatekeypair to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 17:35:13 +02:00
Jens Langhammer b3d54b7620 api: cleanup args for @permission_required 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 17:33:55 +02:00
Jens Langhammer a445b03523 crypto: add API to generate keypair 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 17:33:27 +02:00
Jens Langhammer 5d37012075 api: allow @permission_required with no object permission 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 17:28:28 +02:00
Jens Langhammer 526af26536 web/admin: migrate user forms to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 16:16:27 +02:00
Jens Langhammer 464a56ad52 Merge branch 'master' into new-forms 2021-03-29 15:37:12 +02:00
Jens Langhammer 0793fff222 *: simplify API permissions checking, add API for user recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 15:36:35 +02:00
Jens Langhammer 583b6cc20b web/admin: remove site-shell 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 14:42:28 +02:00
Jens Langhammer 3cc7d54cc1 policies: use GroupSerializer for PolicyBinding API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 12:28:06 +02:00
Jens Langhammer e7c6ff9499 admin: remove group views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 12:03:11 +02:00
Jens Langhammer fbc33815a3 core: fix user view imports 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-28 22:33:27 +02:00
Jens Langhammer bd9c0efab7 core: use only user ids for group 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-28 22:03:48 +02:00
Jens Langhammer 0fcef494a6 Merge branch 'next' into new-forms 2021-03-27 23:48:04 +01:00
Jens Langhammer 6f6fe6ad06 flows: fully fix unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-27 23:47:00 +01:00
Jens Langhammer 95ecad8382 Merge branch 'next' into new-forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/api/legacy.ts
#	web/src/main.ts
#	web/src/pages/users/UserSettingsPage.ts
 2021-03-27 23:21:16 +01:00
Jens Langhammer e621eb7455 web: cleanup message API, use enum for level 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-27 23:11:44 +01:00
Jens Langhammer 261583cb92 flows: fix tests for dummy stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-27 22:58:41 +01:00
Jens Langhammer 1bc48d2bea stages/dummy: fix missing component 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-27 22:35:36 +01:00
Jens Langhammer 103e0f3b06 web: add default title 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-27 22:24:09 +01:00
Jens Langhammer 32fb90e056 core: include full users in group API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-27 15:53:54 +01:00
Jens Langhammer fe4791c216 web: initial implementation of new forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-25 00:05:11 +01:00
Jens Langhammer 6e46124c94 web/admin/user: fix user source connection lookups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 21:40:08 +01:00
Jens Langhammer 533a719914 sources/oauth: migrate to webcomponents 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 20:35:00 +01:00
Jens Langhammer a085632b8e stages/authenticator_*: migrate remaining stages to webcomponents 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 20:13:31 +01:00
Jens Langhammer 1ef5a8e6c5 stages/password: migrate settings to webcomponents 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 19:48:24 +01:00
Jens Langhammer ab5d6dbea1 sources/authenticator_webauthn: rewrite to webcomponent 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 18:00:37 +01:00
Jens Langhammer ffd8c59c8e api: use common skeleton in swagger template 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 17:46:41 +01:00
Jens Langhammer 83c3a116f3 core: add Serializer for UserSettings, used by stages and sources 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 17:46:31 +01:00
Jens Langhammer f695a3f40a stages/authenticator_*: fix missing fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 17:19:39 +01:00
Jens Langhammer f41f2bfdab sources/saml: use STAGE_CONFIGURATION for default-source-pre-authentication flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 17:12:41 +01:00
Jens Langhammer 17f7a97ef3 sources/oauth2: add API For UserSourceConnection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 14:46:08 +01:00
Jens Langhammer 3698c6431c flow: pass Query on FlowExecutorSolve to prevent redirect issues 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 14:12:49 +01:00
Jens Langhammer 4d88af4601 flows: fix RedirectChallenge wrapper being confused by querystrings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 12:47:12 +01:00
Jens Langhammer dce869b566 flows: fix post-email continuation not working 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 12:46:54 +01:00
Jens Langhammer 5a5539da97 sources/saml: fix failing unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 09:55:43 +01:00
Jens Langhammer 4612cea970 sources/saml: replace server-side pre-auth views for pre_auth flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 09:22:15 +01:00
Jens Langhammer da4fa96499 sources/oauth: simplify enrollment handler 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 09:22:15 +01:00
Jens Langhammer 4137266041 flows: revert to sever-side redirects for security, pass querystring from client during flow plan 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 09:22:15 +01:00
Jens Langhammer 62d0e020db stages/email: add wrapper view to accept queryargs and redirects to flow if 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 19:42:58 +01:00
Jens Langhammer 3f6174e8cc ci: fix missing isort 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 18:28:23 +01:00
Jens Langhammer 1fd949d4ec flows: remove FlowExecutorShellView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 18:09:13 +01:00
Jens Langhammer de6fa63d21 web: detect deep links in flow interface and redirect locally 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 18:04:21 +01:00
Jens Langhammer cfe7bc8155 flows: migrate access denied message to webcompoennts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 17:55:13 +01:00
Jens Langhammer c6c4636b9b policies: show messages of root result 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 17:14:54 +01:00
Jens Langhammer bd74e07ce1 flows: move <ak-message-container> outside of flow executor 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 16:18:00 +01:00
Jens Langhammer 33787d0685 web: remove pf-c-card-aggregate 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 16:05:37 +01:00
Jens Langhammer 56344cadeb web: add confirmation form for simple write-requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 15:07:45 +01:00
Jens Langhammer 0671d712fa policies: remove deprecated group_membership policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 14:43:24 +01:00
Jens Langhammer 6961089425 flows: add API to clear cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 10:37:41 +01:00
Jens Langhammer 3157bf63a6 root: upgrade to pylint 2.7 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 20:03:33 +01:00
Jens Langhammer e202fd988b root: update to isort 5 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 19:53:10 +01:00
Jens Langhammer 4f8b882554 web: copy static assets only once 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 14:54:12 +01:00
Jens L fe7f23238c
Static SPA (#648) 
* core: initial migration to /if

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: move jsi18n to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix static URLs in tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add new html files to rollup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix rollup config and nginx config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add Impersonation support to user API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add banner for impersonation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix test_user function for new User API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add background to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: set background from flow API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: make root view login_required for redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: redirect to root-redirect instead of if-admin direct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add header to prevent Authorization Basic prompt in browser

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: redirect to root when user/me request fails

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 13:44:17 +01:00
Jens Langhammer 25c82d80f5 flows: use full ShadowDom for flowContainer 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-21 17:51:23 +01:00
Jens Langhammer 7e47906475 api: add Footer links to config API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-21 17:35:00 +01:00
Jens Langhammer 24ac6d2c25 stages/authenticator_webauthn: prefer Biometrics over security key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-21 16:52:14 +01:00
Jens Langhammer bb9fbb55b6 core: use a single column for flow executor flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-21 14:53:02 +01:00
Jens Langhammer c834f0a372 stages/authenticator_webauthn: explicitly allow cross-platform devices for iOS/safari 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-21 00:10:07 +01:00
Jens Langhammer 43f19f78bb providers/oauth2: fix error when redirecting from an authorization error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 22:06:45 +01:00
Jens Langhammer 3d45956f15 web: fix display of scopes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 19:05:10 +01:00
Jens Langhammer fb20ae7e1a web: sort users by last_login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 18:39:12 +01:00
Jens Langhammer 4c49209f71 core: add user metrics API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 17:30:01 +01:00
Jens Langhammer 45a397bd77 web: fix card titles 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 15:38:09 +01:00
Jens Langhammer fe054136b1 website: add comparison based on vector.dev's site 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 22:09:54 +01:00
Jens Langhammer d82dfc65b7 api: replace rest_framework browser with rapi-doc 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 20:35:12 +01:00
Jens Langhammer 080282a0bc events: add better filters to event API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 18:11:38 +01:00
Jens Langhammer 8242c139c2 events: use ExpiringModel with delta of 1 year for events 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 17:10:59 +01:00
Jens Langhammer 5b4c5d0f31 stages/consent: add API to get user's given consent 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 16:07:33 +01:00
Jens Langhammer 9ad10863de providers/oauth2: add API for auth codes and refresh tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 15:59:38 +01:00
Jens Langhammer 14f2522c3e events: improve logging for geoip 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 15:16:43 +01:00
Jens Langhammer 01fc63fc98 web: set document title on navigation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 14:48:02 +01:00
Jens Langhammer a57d524273 flows: add API for flow export 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 14:36:00 +01:00
Jens Langhammer 93bd95436f admin: remove user enable/disable views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 13:09:00 +01:00
Jens Langhammer db9aa5d9dc admin: remove delete views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 12:40:28 +01:00
Jens Langhammer dae60b5a08 *: replace ReadOnlyModelViewSet with List/Retrieve/Delete viewsets 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 12:11:07 +01:00
Jens Langhammer ac78e3e2ec root: further cleanup in asgi logger 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 01:27:52 +01:00
Jens Langhammer 77a484e698 stages/*: fix warning for user settings API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 01:11:13 +01:00
Jens Langhammer f1f706dd0d web: migrate user settings to SPA 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 01:03:07 +01:00
Jens Langhammer a6123cfbe4 flows: add API for user's stage settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 00:33:12 +01:00
Jens Langhammer 07142cab8b core: add API for user source settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 00:32:40 +01:00
Jens Langhammer ef58020fd4 web: move MessageContainer to document 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 22:23:24 +01:00
Jens Langhammer a8d411a77b outposts: fix integration test failing occasionally 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 22:02:13 +01:00
Jens Langhammer 5f6f5dbfc4 web: revert to use full pf in skeleton to improve FMP 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 21:20:47 +01:00
Jens Langhammer 14d990df7f web: replace pf-icon-arrow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 19:51:52 +01:00
Jens Langhammer 5b0d875a42 admin: re-add property-mapping test template 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 19:28:45 +01:00
Jens Langhammer c70f6e3122 events: fix Schema for query params for top_per_user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 18:33:12 +01:00
Jens Langhammer 56260cd23f root: fix concurrency logging issues 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-17 18:20:00 +01:00
Jens Langhammer 4b33971155 release: 2021.3.4 2021-03-16 19:17:50 +01:00
Jens Langhammer e45bc3834a web: use ShadowDom for all elements, embed smaller CSS in skeleton 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-16 17:24:02 +01:00
Jens Langhammer 07ca82e599 admin: include git build hash in gh-* tags and show build hash in admin overview 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-16 14:42:01 +01:00
Jens Langhammer 9d339d8b11 policies: fix error when clearing policy cache when no policies are cached 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-13 21:10:13 +01:00
Jens Langhammer 4e86aa3f59 sources/oauth: fix error on user enrollment when no enrollment flow is defined 
fixes #636

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-13 21:08:31 +01:00
Jens Langhammer e67f235a9f website: add docs for compose configuration options 2021-03-12 16:43:31 +01:00
Jens Langhammer d99451b45c outposts: improve logs for outpost connection 2021-03-11 17:50:57 +01:00
Jens Langhammer f8dc32b387 events: don't fail on boot when geoip can't be opened 2021-03-11 16:38:14 +01:00
Jens Langhammer e0298141cf web: backport fix: add missing background filter 
# Conflicts:
#	authentik/core/templates/login/base_full.html
 2021-03-10 23:23:25 +01:00
Jens Langhammer d5de12b69e release: 2021.3.3 2021-03-09 18:03:53 +01:00
Jens Langhammer 34a3d81eff stages/authenticator_*: add API for authenticator devices 2021-03-09 10:38:07 +01:00
Jens Langhammer d150851ff5 root: fix date settings 2021-03-08 15:24:11 +01:00
Jens Langhammer ff276fcc58 web: fix layout for search 2021-03-08 12:55:13 +01:00
Jens L 2852fa3c5e
web: use generated API Client (#616) 
* api: fix types for config API

* api: remove broken swagger UI

* admin: re-fix system task enum

* events: make event optional

* events: fix Schema for notification transport test

* flows: use APIView for Flow Executor

* core: fix schema for Metrics APIs

* web: rewrite to use generated API client

* web: generate API Client in CI

* admin: use x_cord and y_cord to prevent yaml issues

* events: fix linting errors

* web: don't lint generated code

* core: fix fields not being required in TypeSerializer

* flows: fix missing permission_classes

* web: cleanup

* web: fix rendering of graph on Overview page

* web: cleanup imports

* core: fix missing background image filter

* flows: fix flows not advancing properly

* stages/*: fix warnings during get_challenge

* web: send Flow response as JSON instead of FormData

* web: fix styles for horizontal tabs

* web: add base chart class and custom chart for application view

* root: generate ts client for e2e tests

* web: don't attempt to connect to websocket in selenium tests

* web: fix UserTokenList not being included in the build

* web: fix styling for static token list

* web: fix CSRF Token missing

* stages/authenticator_static: fix error when disable static tokens

* core: fix display issue when updating user info

* web: fix Flow executor not showing spinner when redirecting
 2021-03-08 11:14:00 +01:00
Jens Langhammer 3f0e4bb654 stages/authenticator_static: fix error when disable static tokens 2021-03-08 10:26:03 +01:00
Jens Langhammer cbc86d674d web: fix Colours for user settings in dark mode 2021-03-06 23:00:29 +01:00
Jens Langhammer c6de4e47d7 providers/oauth2: allow protected_resource_view when method is OPTIONS 2021-03-05 16:57:37 +01:00
Jens Langhammer de4b3d6290 providers/oauth2: always set CORS headers on provider info view 2021-03-05 14:27:16 +01:00
Jens Langhammer 0fe009d37c stages/authenticator_webauthn: add missing migration 2021-03-05 14:14:37 +01:00
Jens Langhammer d53c82eee2 core: fix link on login template 2021-03-04 09:39:13 +01:00
Jens Langhammer e1e0b0cf7d release: 2021.3.2 2021-03-04 09:33:25 +01:00
Jens Langhammer 32655567da sources/ldap: fix sync for Users without pwdLastSet 2021-03-03 22:54:05 +01:00
Jens Langhammer ff5f5f65e8 web: fix date display issue 2021-03-03 21:53:30 +01:00
Jens Langhammer 32e5ebb8a3 release: 2021.3.1 2021-03-03 20:53:43 +01:00
Jens Langhammer dd31191845 Merge branch 'master' into version-2021.3 2021-03-03 20:48:02 +01:00
Jens Langhammer 3319547a0e outposts: improve error handling for kubernetes outpost 2021-03-03 20:27:38 +01:00
Jens Langhammer 1a00730cdd core: cleanup output for backup task 2021-03-03 20:11:55 +01:00
Jens Langhammer 466723573c api: fix types for config API 2021-03-03 20:05:43 +01:00
Jens Langhammer ea784d47f4 admin: fix mismatched Swagger schema 2021-03-03 17:44:47 +01:00
Jens Langhammer 77d5ba2862 events: fix typo in events API 2021-03-03 16:54:59 +01:00
Jens Langhammer f4580a1097 api: remove legacy messages API as its WS only 2021-03-03 15:02:20 +01:00
Jens Langhammer c002c4b610 api: make pagination required 2021-03-03 10:37:03 +01:00
Jens Langhammer 28cd08bbba core: make user settings use vertical tabs 2021-03-03 10:05:12 +01:00
Jens Langhammer 3cb0575a1e root: fix swagger pagination not matching API 2021-03-03 09:28:22 +01:00
Jens Langhammer e2a771bdaa docs: update screenshot in captcha stage 2021-03-02 22:25:00 +01:00
Jens Langhammer 23de9df2a5 stages/authenticator_validate: cleanup 2021-03-02 22:20:54 +01:00
Jens Langhammer d420719649 release: 2021.3.1-rc2 2021-03-02 21:41:30 +01:00
Jens Langhammer 0018fbacd3 Merge branch 'master' into version-2021.3 
# Conflicts:
#	web/src/constants.ts
 2021-03-02 21:39:30 +01:00
Jens Langhammer 8c41d2f4cb stages/authenticator_webauthn: add views to update and delete devices 2021-03-02 21:26:31 +01:00
Jens Langhammer dc4a7c35da core: fix errors on user token views 2021-03-02 21:16:03 +01:00
Jens Langhammer e8c9b70ae8 sources/ldap: check pwdLastSet when syncing Users 2021-03-02 21:05:02 +01:00
Jens Langhammer 74d240dfd4 admin: use spinner-button for modal forms 2021-03-02 20:37:23 +01:00
Jens Langhammer 373793ce9a policies: show more information when provider fails to resolve application 2021-03-02 16:58:55 +01:00
Jens Langhammer 792fa45dca providers/oauth2: add logout URL to Setup URLs API 2021-03-02 15:11:18 +01:00
Jens Langhammer 743aaea15e policies: improve logging 2021-03-02 15:04:31 +01:00
Jens Langhammer 38d9533afd root: update screenshots 2021-03-02 12:15:32 +01:00
Jens Langhammer 7538af5e09 docs: fix download links for compose 2021-03-02 10:07:46 +01:00
Jens Langhammer 2e659c1ab0 release: 2021.3.1-rc1 2021-03-02 09:41:09 +01:00
Jens Langhammer 7fb95dfabf stages/password: improve logging 2021-03-02 09:40:32 +01:00
Jens Langhammer 83cc5d24f2 stages/password: improve logging 2021-03-02 09:30:29 +01:00
Jens Langhammer 3045cf1aef web: make user password-reset button use action button 2021-03-01 20:41:54 +01:00
Jens Langhammer c65b2944b3 stages/reputation: add API for user and IP Score 2021-03-01 20:22:37 +01:00
Jens Langhammer 2ae5a81c15 stages/deny: add deny stage 2021-03-01 20:16:54 +01:00
Jens Langhammer ed8b78600e stages/authenticator_validate: add configuration stage to configure Authenticator 2021-03-01 19:23:59 +01:00
Jens Langhammer 644a03e40e lib: don't order_by on widget because PolicyBindingModel, order in form 2021-03-01 19:23:09 +01:00
Jens Langhammer 88ce93ab04 policies: fix tests creating policies with empty names 2021-03-01 19:22:35 +01:00
Jens Langhammer 03d38557e5 stages/*: simplify __str__ of classes 2021-03-01 18:30:47 +01:00
Jens Langhammer 37b59bb5b9 lib: sort GroupedModelChoiceField by name 
closes #602
 2021-03-01 18:30:27 +01:00
Jens Langhammer ce7aae16c9 stages/password: fix ?next param for password change 2021-03-01 17:17:44 +01:00
Jens Langhammer fd9ba97479 core: remove source's ui_additional_info 2021-03-01 16:57:51 +01:00
Jens Langhammer ca4ead8fd8 events: fix event creation with anonymous user 2021-03-01 12:04:27 +01:00
Jens Langhammer a81f981471 lib: fix being unable to set authentik. options 2021-03-01 11:11:00 +01:00
Jens Langhammer d6fd2b0afa sources/saml: add Metadata API 2021-03-01 10:50:45 +01:00
Jens Langhammer 1149a8d9a4 flows: fix tests for diagram 2021-02-28 11:01:34 +01:00
Jens Langhammer 9b3e94c7c8 flows: fix flow diagram showing policy after stage and not before 2021-02-28 10:28:37 +01:00
Jens Langhammer 7f65ae3f92 Merge branch 'master' into stage-challenge 
# Conflicts:
#	web/package-lock.json
 2021-02-28 00:47:18 +01:00
Jens Langhammer 0958740b51 providers/saml: fix Autosubmit Challenge 2021-02-28 00:09:08 +01:00
Jens Langhammer 05a5b5b675 stages/prompt: fix fields not being sorted correctly 2021-02-27 21:03:57 +01:00
Jens Langhammer ffcf064f83 Merge branch 'version-2021.2' 
# Conflicts:
#	authentik/policies/group_membership/forms.py
#	web/package.json
#	web/src/constants.ts
#	web/src/elements/buttons/TokenCopyButton.ts
 2021-02-27 18:29:30 +01:00
Jens Langhammer 5725e54334 release: 2021.2.6-stable 2021-02-27 18:16:46 +01:00
Jens Langhammer c20856ca17 web: fix colourstyles not being included in common_styles 
# Conflicts:
#	authentik/events/geo.py
#	web/src/elements/buttons/TokenCopyButton.ts
 2021-02-27 18:16:32 +01:00
Jens Langhammer 402afa1e85 Merge branch 'master' into stage-challenge 
# Conflicts:
#	web/src/elements/buttons/SpinnerButton.ts
 2021-02-27 18:10:08 +01:00
Jens Langhammer 5b4e75000b web: fix colourstyles not being included in common_styles 2021-02-27 17:38:21 +01:00