Jens Langhammer
|
72168fae29
|
providers/oauth2: add user id as "sub" mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-29 16:15:03 +01:00 |
|
|
Jens Langhammer
|
96eeb91493
|
providers/oauth2: only set auth_time in ID token when a login event is stored in the session
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-29 16:00:19 +01:00 |
|
Jens L
|
627e8a250e
|
tests: run e2e tests in random order (#4550)
* run e2e tests randomly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix test_ldap_bind_search
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-27 23:57:53 +01:00 |
|
|
Jens Langhammer
|
ecb1ce8135
|
core: fix token's set_key accessing data incorrectly
also add tests
closes #4551
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-27 23:57:35 +01:00 |
|
|
Jens Langhammer
|
5631a99f00
|
stages/prompt: fallback to uuid for unique names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-25 23:29:26 +01:00 |
|
|
Jens Langhammer
|
36f8f8bae5
|
stages/prompt: fix mismatched name field in migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-25 14:46:40 +01:00 |
|
|
Jens Langhammer
|
68058fb2ae
|
stages/authenticator_validate: fix error with passwordless webauthn login, improve tests
closes #4527
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-25 14:45:00 +01:00 |
|
|
Jens L
|
53b65a9d1a
|
stages/prompt: field name (#4497)
* add prompt field name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove numerical prefix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use text field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add description label
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add migrate blueprint to remove old stages
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add task to remove unretrievable blueprints
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix blueprint test paths
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests even more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-24 12:23:22 +01:00 |
|
|
Jens Langhammer
|
16076cc46f
|
outposts: fallback to ghcr
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-24 10:47:30 +01:00 |
|
|
Jens Langhammer
|
b2d272bf6f
|
api: fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-23 20:19:03 +01:00 |
|
|
Jens Langhammer
|
31ef6fb6a6
|
core: delete session when user is set to inactive
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-23 16:24:30 +01:00 |
|
|
Jens Langhammer
|
c9c059a008
|
api: ensure user is active when authenticating
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-23 16:24:30 +01:00 |
|
|
Jens Langhammer
|
9397598376
|
release: 2023.1.2
|
2023-01-23 14:25:55 +01:00 |
|
|
Jens Langhammer
|
91ffe4e7f9
|
stages/user_write: fix migration setting wrong value, fix form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-23 14:05:41 +01:00 |
|
|
Jens Langhammer
|
430a207865
|
release: 2023.1.1
|
2023-01-23 11:34:58 +01:00 |
|
|
Jens Langhammer
|
1ce2a1b846
|
stages/email: update tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-23 10:43:49 +01:00 |
|
Loan J
|
4731ccfafe
|
stages/email: fix a typo in email template (#4485)
fix a typo in main content
Signed-off-by: Loan J <joliveau.loan@gmail.com>
Signed-off-by: Loan J <joliveau.loan@gmail.com>
|
2023-01-23 10:22:49 +01:00 |
|
jmptbl
|
c1b9b5c5e2
|
stages/authenticator_totp: url quote TOTP issuer instead of slugifying (#4482)
* Fix TOTP issuer mangling
* Fix OTP issuer mangling
* sort imports
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-22 16:37:47 +00:00 |
|
|
Jens Langhammer
|
b288393cd4
|
stages/invitation: handle incorrectly formatted token
closes #4481
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-22 00:03:39 +01:00 |
|
|
Jens Langhammer
|
5736a1542c
|
stages/authenticator_sms: fix code not being sent when phone_number is in context
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-19 20:19:23 +01:00 |
|
|
Jens Langhammer
|
fc8fe5317a
|
stages: always use get_pending_user instead of getting context user
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-19 17:57:21 +01:00 |
|
|
Jens L
|
c61529e4d4
|
sources/ldap: add e2e LDAP source tests (#4462)
* start adding more LDAP source tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve healthcheck
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* try local webdriver
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add full samba tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix locale types
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-19 15:03:56 +01:00 |
|
|
Jens Langhammer
|
a302a72379
|
crypto: fallback when no SAN values are given
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 19:40:24 +01:00 |
|
|
Jens L
|
e390f5b2d1
|
providers/oauth2: more x5c and ecdsa x/y tests (#4463)
* add option to exclude x5*
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
#4082
* cleanup jwks, add flaky test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add workaround based on https://github.com/jpadilla/pyjwt/issues/709
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't rstrip hashes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* keycloak seems to strip equals
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 18:11:36 +00:00 |
|
|
Jens Langhammer
|
60189ce9ca
|
add tests to prevent empty SAN
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 18:59:10 +01:00 |
|
|
Jens Langhammer
|
fdc445e6a1
|
ensure we don't generate an empty SAN certificate
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 18:44:41 +01:00 |
|
|
Jens Langhammer
|
49b6c71079
|
release: 2023.1.0
|
2023-01-18 15:49:45 +01:00 |
|
|
Jens Langhammer
|
6e0c9acb34
|
events: exclude base models from model audit log
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 15:11:33 +01:00 |
|
|
Jens L
|
23c69c456a
|
providers/proxy: add setting to intercept authorization header (#4457)
* add setting to intercept authorization header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to intercept_header_auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-17 18:56:48 +01:00 |
|
|
Jens L
|
c73fce4f58
|
sources/ldap: manual import (#4456)
* events: fix task UID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ldap sync command
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-17 12:21:33 +01:00 |
|
|
Jens L
|
9568f4dbd6
|
root: improve code style (#4436)
* cleanup pylint comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix url name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* *: use ExtractHour instead of ExtractDay
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-15 17:02:31 +01:00 |
|
|
Jens Langhammer
|
143309448e
|
policies: ensure user is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 20:24:46 +01:00 |
|
|
Jens Langhammer
|
1f038ecee2
|
providers/oauth2: fallback to anonymous user for policy engine
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 20:22:06 +01:00 |
|
|
Jens Langhammer
|
1b1f2ea72c
|
providers/oauth2: actually fix import order
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 19:58:24 +01:00 |
|
|
Jens Langhammer
|
6e1a54753e
|
providers/oauth2: fix import order
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 19:56:12 +01:00 |
|
|
Jens Langhammer
|
67d1f06c91
|
providers/oauth2: use guardian anonymous user to get claims for provider info
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 19:53:43 +01:00 |
|
|
Jens Langhammer
|
d37de6bc00
|
policies: log full stacktrace
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 19:53:21 +01:00 |
|
|
Jens L
|
cd12e177ea
|
providers/proxy: add initial header token auth (#4421)
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* check for openid/profile claims
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include jwks sources in proxy provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add web ui for jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only show sources with JWKS data configured
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix introspection tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start basic
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs, update admonitions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add client_id to api, add tab for auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-13 16:22:03 +01:00 |
|
|
Jens Langhammer
|
31c6ea9fda
|
providers/oauth2: don't allow spaces in scope_name
closes #4094
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-13 16:20:37 +01:00 |
|
|
Jens L
|
20931ccc1d
|
providers/oauth2: correctly fill claims_supported based on selected scopes (#4429)
* providers/oauth2: correctly fill claims_supported based on selected scopes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add nonce claim
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-13 14:14:25 +01:00 |
|
|
Jens L
|
36822c128c
|
admin: include task duration in API (#4428)
include task duration in API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-13 13:21:49 +01:00 |
|
|
Jens Langhammer
|
81e9f2d608
|
web/admin: fix overflow in aggregate cards
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-11 14:12:02 +01:00 |
|
|
Jens L
|
67a6fa6399
|
events: rework metrics (#4407)
* rework metrics
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* change graphs to be over last week
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix Apps with most usage card
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-11 12:21:07 +01:00 |
|
|
Jens L
|
1ed24a5eef
|
blueprints: internal storage (#4397)
* rework oci client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add blueprint content
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make path optional
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add validation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-10 22:00:34 +01:00 |
|
|
Jens Langhammer
|
b555ccd549
|
sources/ldap: don't run membership sync if group sync is disabled
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
#4392
|
2023-01-09 17:19:50 +01:00 |
|
|
Jens Langhammer
|
9445354b31
|
sources/ldap: only warn about missing groups when source is configured to sync groups
closes #4392
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-09 17:17:48 +01:00 |
|
|
Jens Langhammer
|
a1be924fa4
|
*: strip leading and trailing whitespace when reading config values from files
also add a debug endpoint that dumps the go parsed config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-09 15:29:22 +01:00 |
|
|
Jens Langhammer
|
47aba4a996
|
crypto: prevent creation of duplicate self-signed default certs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-06 16:51:07 +01:00 |
|
|
Jens Langhammer
|
001869641d
|
web: ensure img tags have alt attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-06 12:44:51 +01:00 |
|
|
Jens Langhammer
|
bec538c543
|
sources/ldap: make task timeout adjustable
closes #4375
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-06 12:37:59 +01:00 |
|