authentik

Commit Graph

Author	SHA1	Message	Date
Jens Langhammer	90fe1c2ce8	providers/oauth2: allow blank redirect_uris to allow any redirect_uri Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-08 19:28:35 +02:00
Jens Langhammer	40428f5a82	providers/saml: fix parsing of POST bindings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-06 16:54:58 +02:00
Jens Langhammer	77a507d2f8	providers/oauth2: add revoked field, create suspicious event when previous token is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-03 15:59:01 +02:00
Jens Langhammer	3e60e956f4	providers/oauth2: fix CORS headers not being set for unsuccessful requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-03 15:49:00 +02:00
Jens Langhammer	84ec70c2a2	providers/oauth2: use self.expires for exp field instead of calculating it again Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-03 15:32:58 +02:00
Jens Langhammer	3e26170f4b	providers/oauth2: deepmerge claims Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-01 17:33:46 +02:00
dependabot[bot]	d102c59654	build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095 ) * build(deps-dev): bump pylint from 2.8.3 to 2.9.0 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * *: update source for new pylint version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-30 10:37:28 +02:00
Jens Langhammer	ba9edd6c44	flows: handle possible errors with FlowPlans received from cache Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-27 22:03:48 +02:00
Jens Langhammer	3b2b3262d7	flows: add FlowStageBinding to flow plan instead of just stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-27 18:47:04 +02:00
Jens Langhammer	a3ff7cea23	providers/oauth2: fix usage of timedelta.seconds Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-25 11:55:00 +02:00
Jens Langhammer	9b5e3921cb	providers/saml: better handle decoding errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-21 22:48:34 +02:00
Jens Langhammer	831b32c279	core: fix PropertyMapping's globals not matching Expression policy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-21 15:54:43 +02:00
Jens Langhammer	19cac4bf43	providers/saml: fix error when getting transient user identifier Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-17 13:52:10 +02:00
Jens Langhammer	4ca564490e	providers/saml: add support for NameID type unspecified Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-17 12:45:53 +02:00
Jens Langhammer	fcb795c273	providers/saml: fix NameIDPolicy not being parsed correctly, improve error handling Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-17 12:22:40 +02:00
Jens Langhammer	0e02925a3d	stages/authenticator_validate: add tests for authenticator validation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-14 16:32:36 +02:00
Jens Langhammer	5b837c3ccc	providers/saml: improve error handling for signature errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-14 12:51:42 +02:00
Jens Langhammer	31d2ea65fd	provider/proxy: mark forward_auth flag as deprecated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-13 12:39:25 +02:00
Jens Langhammer	d878d2140e	providers/saml: add metadata download link to api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 14:06:44 +02:00
Jens L	34ae9e6dab	API: add endpoint to show by what objects an object is used (#995 ) * core: add used_by API to show what objects are affected before deletion Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add support for used_by API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add authentik_used_by_shadows to shadow other models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: implement used_by API Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : fix duplicate imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> core: add action field to used_by api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add UI for used_by action Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: add notice to tenant form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: fix naming in used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: check length for used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: fix used_by for non-pk models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * : improve __str__ on models Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> core: add support for many to many in used_by Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-10 11:58:12 +02:00
Jens L	dad24c03ff	outposts: set cookies for a domain to authenticate an entire domain (#971 ) * outposts: initial cookie domain implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add cookie domain setting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: replace forward_auth_mode with general mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: rebuild proxy provider form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: re-add forward_auth_mode for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix data.mode not being set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * root: always set log level to debug when testing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: use new mode attribute Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only ingress /akprox on forward_domain Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: fix lint error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix error on ProxyProviderForm when not using proxy mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix default for outpost form's type missing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add additional desc for proxy modes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: fix service account permissions not always being updated Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost/proxy: fix redirecting to incorrect host for domain mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: improve error handling for network errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: fix image naming not matching main imaeg Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/proxy: fix redirects for domain mode and traefik Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix colour for paragraphs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix consent stage not showing permissions correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: add domain-level docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * website/docs: fix broken links Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/proxy: remove dead code Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: fix missing id for #header-text Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-08 23:10:17 +02:00
Jens Langhammer	029d58191e	sources/saml: include metadata download link in API response Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-08 17:22:03 +02:00
Jens Langhammer	9180d448df	core: move end-session to core Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-06 13:56:38 +02:00
Jens Langhammer	cec47c3cfc	providers/oauth2: show id_token issues for refresh token Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-02 22:05:04 +02:00
Jens Langhammer	b50ac96605	providers/oauth2: remove size limit on Access code nonce Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-06-02 20:20:07 +02:00
Jens Langhammer	14f85ec980	tenants: migrate context_processor to tenants Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-29 18:01:48 +02:00
Jens Langhammer	58a4b20297	outposts: handle disconnects without outpost better Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-25 12:06:55 +02:00
Jens Langhammer	c6bb6709fd	flows: add default challenge response Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 20:27:50 +02:00
Jens Langhammer	fb4e0723ee	stages: fix stage unittests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 17:12:48 +02:00
Jens Langhammer	6f6ae7831e	flows: make use of oneOf OpenAPI to annotate all challenge types Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-24 14:11:23 +02:00
Jens Langhammer	9b57f0b81d	Merge branch 'version-2021.5' into next Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # web/src/locales/en.po # web/src/locales/pseudo-LOCALE.po	2021-05-22 20:01:16 +02:00
Jens Langhammer	2c816e6162	providers/proxy: don't use https to communicate with outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-22 18:56:38 +02:00
Jens Langhammer	bb89b9b572	Merge branch 'version-2021.5' into next	2021-05-21 23:50:43 +02:00
Jens Langhammer	6600da7d98	providers/oauth2: add missing kid header to JWT Tokens Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-21 23:40:00 +02:00
Jens Langhammer	92f2a82c03	providers/oauth2: fix double login required when prompt=login Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-20 01:10:08 +02:00
Jens Langhammer	dcf074650e	providers/proxy: fix redirect_uris not always being set on save Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-20 01:10:04 +02:00
Jens Langhammer	acf1ad91d9	providers/oauth2: fix double login required when prompt=login Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-19 23:34:27 +02:00
Jens Langhammer	a74419214c	providers/proxy: fix redirect_uris not always being set on save Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-19 23:10:00 +02:00
Jens Langhammer	3cf0f07baf	*: fix API Schema for file uploads Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-17 23:12:52 +02:00
Jens Langhammer	ef9f08553c	*: linting pass, rename from swagger to schema Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 15:22:57 +02:00
Jens Langhammer	4fb71a6bdd	api: fix pagination schema Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 15:08:51 +02:00
Jens Langhammer	0bac738090	*: fix static response descriptions Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-16 14:07:29 +02:00
Jens Langhammer	1324d03815	*: initial migration to openapi v3 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-15 23:57:28 +02:00
Jens Langhammer	6600d5bf69	providers/oauth2: use user.uid Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-15 14:08:49 +02:00
Jens Langhammer	a4278833d8	providers/proxy: fix ingress not being created with full https Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-15 13:45:41 +02:00
Jens Langhammer	942905b9b1	providers/proxy: fix formatting issue Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-14 16:24:35 +02:00
Jens Langhammer	8d7bb7da17	providers/proxy: connect ingress to https instead of http Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #882	2021-05-14 11:42:03 +02:00
Jens Langhammer	0620324702	root: bump version of psf black Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-12 00:42:46 +02:00
Jens Langhammer	84dfbcaaae	providers/api: return redirect_uris for proxy provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-05-11 20:02:17 +02:00
Jens Langhammer	24f2932777	crypto: add ?download flag Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #861	2021-05-11 14:21:35 +02:00

1 2 3 4 5

221 Commits