trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,080 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

478 Commits

Author SHA1 Message Date
Jens Langhammer 638e8d741f *: fix multiple tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-16 10:38:21 +01:00
Jens Langhammer 4b8b800648 stages/*: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 20:58:34 +01:00
Jens Langhammer 6f9ed001a1 crypto: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 20:38:03 +01:00
Jens Langhammer e08077c73a root: replace asgi-based logger with middleware 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 16:32:56 +01:00
Jens Langhammer 88516ba2ca core: make defaults for _change_email and _change_username configurable 
closes #1789

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-13 22:33:03 +01:00
Jens Langhammer 1e8d45dc15 web: write interfaces to different folders and remove custom chunk names 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-10 17:54:50 +01:00
Jens Langhammer cc0832f487 core: force lowercase emails for gravatar usage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-10 12:40:20 +01:00
Jens Langhammer 61b5b36192 core: add command to output full config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-07 21:45:52 +01:00
Jens Langhammer 924a13e832 core: fix auth_method for tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-06 13:04:41 +01:00
dependabot[bot] 8de13d3f67 build(deps): bump goauthentik.io/api from 0.2021102.2 to 0.2021102.4 (#1738) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 09:33:26 +01:00
Jens Langhammer a40c3aeb68 core: make group membership lookup respect parent groups (upwards) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 00:53:56 +01:00
Jens Langhammer 4a89be3048 core: include parent group name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-05 00:11:17 +01:00
Jens Langhammer f5dc81907a core: add created field to source connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-30 15:02:41 +02:00
Jens Langhammer d70c8fbcc3 core: add API for all user-source connections 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-30 14:36:54 +02:00
Jens Langhammer e771e1857f core: add API to list all authenticator devices 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-29 09:08:48 +02:00
Jens Langhammer 971de4fcb9 core: add USER_ATTRIBUTE_CHANGE_EMAIL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1590 and #1677
 2021-10-27 13:34:11 +02:00
Jens Langhammer 92085f1a3c core: add toggle to completely disable backup mechanism 
closes #1671

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-26 17:04:33 +02:00
Jens Langhammer 3647633232 core: cleanup embedded outpost logging, log user for http requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-20 22:12:49 +02:00
Jens Langhammer 02b4173d30 root: add utm_source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-20 16:34:39 +02:00
Jens Langhammer 61fab497cf core: add user flag to prevent users from changing their usernames 
closes #1590

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-20 16:17:19 +02:00
Jens Langhammer ce812e14c7 core: improve detection for s3 settings to trigger backup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-17 15:56:31 +02:00
Jens Langhammer 4b7399f454 *: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-14 12:21:28 +02:00
Jens Langhammer 2b09d97522 core: fix squash migrations error when AK_ADMIN_TOKEN is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-12 17:45:10 +02:00
Jens L e4f141c6c0
*: Squash Migrations (#1593) 
* *: first squash pass

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/saml: squash less

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix docker controller not correctly checking image

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix old migration reference

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-11 21:39:35 +02:00
Jens Langhammer 8965451073 core: add default for user's settings attribute 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-09 16:01:22 +02:00
Jens Langhammer b33ea9cc61 core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-09 15:35:18 +02:00
Jens Langhammer 9e7e22367b core: include group uuids in self serializer 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 13:10:44 +02:00
Jens Langhammer f5761dc70d core: only return group names for user_self 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 12:31:25 +02:00
Jens Langhammer 16380b3f7a api: ensure viewsets have default ordering 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 11:26:41 +02:00
Jens Langhammer 16f2603130 core: make user's name field fully options 
closes #1537

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 11:23:27 +02:00
Jens Langhammer 847cfed73f web/user: don't show managed tokens in user interface 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 11:11:34 +02:00
Jens L f9ad102915
flows: inspector (#1469) 
* flows: add initial inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: change naming a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flow: add inspector frame

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: don't use shadydom when inspecting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add current stage to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/*: fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: deep-copy plan instead of just adding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: restrict inspector to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add buttons to launch flow with inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: don't automatically follow redirects when inspector is open

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make current_plan optional, only require historry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: handle error messages in inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve UI when flow is done

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add is_completed flag to inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix monkeypatches for tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add inspector tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: re-enable cache

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-28 09:36:48 +02:00
pemontto 674bd9e05c
web/admin: Fix typo 'username address' -> 'username' (#1473) 2021-09-26 12:53:37 +02:00
Jens Langhammer 93bdea3769 core: fix api return code for user self-update 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-24 11:51:03 +02:00
Jens Langhammer d900a2b6a9 *: fix lookup_fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 19:19:36 +02:00
Jens Langhammer 3f84abec2f core: fix token identifier not being slugified when created with user-controller input 
closes #1390

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 13:43:25 +02:00
Jens Langhammer b5c857aff4 api: add explicit lookup_value_regex, disable include_format_suffixes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-20 13:42:56 +02:00
Jens Langhammer f6e0f0282d core: fix tokens not being viewable but superusers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 16:11:20 +02:00
Jens Langhammer c85484fc00 core: allow admins to create tokens with all parameters, re-add user to token form 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-19 15:25:48 +02:00
Jens L 13e2eea72f
web/user: new end-user interface (#1404) 
* web/user: migrate to top navbar

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: prepare config from server

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* re-sort

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove old interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update issue template

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use notification badge

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: re-add go-to-admin button

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix remaining redirects directly to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make settings better

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: ensure sources and stages are sorted

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add sessions and consent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/oauth2: add post wrapper to stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add new interface to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 22:17:05 +02:00
Jens L 9441be1ee2
interface split (#943) 2021-09-16 17:30:16 +02:00
Jens Langhammer 341c58a722 core: fix token expiry for service accounts being only 30 minutes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-16 09:57:34 +02:00
Jens Langhammer 23444f4df0 core: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 18:19:28 +02:00
Jens Langhammer 71e68b498e core: optimise groups api by removing member superuser status 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 18:06:37 +02:00
Jens Langhammer 2862b4ecfb core: remove ?v from static files 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 20:09:12 +02:00
Jens Langhammer d0898a3869 flows: ensure all StageViews accept post, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:30:14 +02:00
Jens Langhammer 200e409d91 core: minor query optimization 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 14:02:57 +02:00
Jens Langhammer a016f99450 core: fix user_obj being empty on token API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 12:51:17 +02:00
Jens Langhammer 2ae164df78 *: cleanup api schema warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-26 09:36:41 +02:00
Jens Langhammer 0ccec96490 core: make user optional in token creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 21:21:51 +02:00
Jens Langhammer d79975c409 core: fix user object for token not be setable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 20:43:34 +02:00
Jens Langhammer 20d65035d5 core: fix error when user updates themselves 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 17:52:50 +02:00
Jens Langhammer d7ad5f6a16 core: add API to create service account with token for app password 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 20:09:22 +02:00
Jens Langhammer c60ba91fee core: fix auth saving entire models into session 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 23:59:43 +02:00
Jens Langhammer cba255eaaa Merge branch 'master' into app-passwords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/tests/test_source_flow_manager.py
#	authentik/stages/authenticator_validate/tests.py
#	authentik/stages/password/tests.py
#	scripts/generate_ci_config.py
 2021-08-23 21:21:12 +02:00
Jens L 859cf2bd8f
lib: move id and key generators to lib (#1286) 
* lib: move generators to lib

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: bump default token key size

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix split being used for http basic auth instead of partition

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: don't rethrow error in ActionButton

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:27:38 +02:00
Jens Langhammer a2578ffaad core: add token tests for invalid intent and token auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:21:54 +02:00
Jens Langhammer 27cc5d7138 core: fix authentication error when no request is given 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 19:09:53 +02:00
Jens Langhammer 5face5410f web/admin: select all password stage backends by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 18:08:29 +02:00
Jens Langhammer e27a6fdeeb events: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:48:28 +02:00
Jens Langhammer 033c9a3bd3 core: fix token intent not defaulting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:33:35 +02:00
Jens Langhammer 69a0153619 core: use custom inbuilt backend, set backend login information in flow plan for events 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:09:53 +02:00
Jens Langhammer 00e9b91f56 web/admin: fix missing app passwords backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:47:38 +02:00
Jens Langhammer 4cf76fdcda stages/password: auto-enable app password backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:39:39 +02:00
Jens Langhammer f217d34a98 web/admin: allow users to create app password tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:27:39 +02:00
Jens Langhammer 9a6a3e66b8 root: update schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:14:33 +02:00
Jens Langhammer 20572c728d core: add new token intent and auth backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:05:29 +02:00
Jens Langhammer e4790f9060 core: handle error when ?for_user is not numberical 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:25:18 +02:00
Jens Langhammer 294d70ae4d outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 17:53:09 +02:00
Jens Langhammer 3e909ae6bb core: allow filtering users by the groups they are in 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 16:27:48 +02:00
Jens Langhammer b4f738492d sources/oauth: improve UI with prefilled urls (when customizable) and hiding provider type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:52:41 +02:00
Jens Langhammer d9ece98bbc core: fix token expiration not being updated upon key rotation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:22:42 +02:00
Jens Langhammer 1524efcf51 core: fix expired tokens not being returned by API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:21:53 +02:00
Jens Langhammer c6dddc97f0 core: fix error when migrating with AK_ADMIN_TOKEN set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 22:36:52 +02:00
Jens Langhammer 38292a588b website/docs: add docs for automated installs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:57:58 +02:00
Jens Langhammer e90da9283e core: add support to bootstrap token on initial install using AK_ADMIN_TOKEN in environment 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:45:49 +02:00
Jens Langhammer e0e0f4fa6c core: fix users's group list not allowing blank values 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 20:16:45 +02:00
Jens Langhammer ec95a2bddc core: allow changing of groups a user is in from user api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:31:30 +02:00
Jens Langhammer 557724768a core: add API to directly send recovery link to user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 13:54:59 +02:00
Jens Langhammer 2d5094fdf7 root: fix formatting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-06 00:11:24 +02:00
Jens Langhammer 8044818a4d core: add additional cleanup for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 23:25:40 +02:00
Jens Langhammer 6fe5175f21 core: add UserSelfSerializer and separate method for users to update themselves with limited fields 
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 17:42:19 +02:00
Jens Langhammer 77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00
Jens L f01bc20d44
Embedded outpost (#1193) 
* api: allow API requests as managed outpost's account when using secret_key

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load secret key from env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: make listener IP configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: run outpost in background and pass requests conditionally

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: unify branding to embedded

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix embedded outpost not being editable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix mismatched host detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix LDAP test not including user for embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix user matching

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add tests for secret_key auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load environment variables using github.com/Netflix/go-env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:30:30 +02:00
Jens Langhammer b752540800 core: fix pagination not working correctly with applications API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 19:12:23 +02:00
Jens Langhammer f21ebf5488 core: add tests for flow_manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 23:20:38 +02:00
Jens Langhammer 5615613ed1 core: fix CheckApplication's for_user flag not being checked correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 22:29:15 +02:00
Jens Langhammer 8ae7403abc core: add group filter by member username and pk 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 19:35:41 +02:00
Jens Langhammer f6e1bfdfc8 outpost: fix 100% CPU Usage when not connected to websocket 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 18:57:26 +02:00
Jens Langhammer 8cd1223081 core: add email filter for user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 20:10:42 +02:00
Jens Langhammer b3da94bbb8 core: broaden error catching for propertymappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 22:50:39 +02:00
Jens Langhammer a2c587be43 outposts: don't authenticate as service user for flows to set remote-ip 
set outpost token as additional header and check that token (user) if they can override remote-ip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-19 13:17:13 +02:00
Jens Langhammer aa701c5725 core: don't delete expired tokens, rotate their key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:47:32 +02:00
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:15:14 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 92ba77e9e5 core: fix error when setting icon/background to url longer than 100 chars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:31:32 +02:00
Jens Langhammer 320dab3425 core: only show `Reset password` link when recovery flow is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:59:41 +02:00
Jens Langhammer becb9e34b5 outposts: fix docker controller not checking env correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 22:17:29 +02:00
Jens Langhammer bd92505bc2 core: add notice about duplicate keys 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 21:52:28 +02:00
dependabot[bot] d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095) 
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: update source for new pylint version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-30 10:37:28 +02:00
Jens Langhammer ba9edd6c44 flows: handle possible errors with FlowPlans received from cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 22:03:48 +02:00
Jens Langhammer 3fe0483dbf core: fix flow background not correctly loading on initial draw 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:29:45 +02:00
Jens Langhammer c6ede78fba core: add support for custom urls for avatars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 12:25:24 +02:00
Jens Langhammer 831b32c279 core: fix PropertyMapping's globals not matching Expression policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 15:54:43 +02:00
Jens Langhammer 70ccc63702 core: remove default flow background from default css, set static in base_full and dynamically in if/flow 
closes #1056

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:37:34 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings 
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 19:52:55 +02:00
Jens Langhammer d4419d66c1 core: fix error when creating AuthenticatedSession without key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:51:48 +02:00
Jens Langhammer 79044368d2 core: fix error getting stages when enrollment flow isn't set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:45:42 +02:00
Jens Langhammer 16c194d2dc core: fix upload api not checking clear properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:34:47 +02:00
Jens Langhammer 53100a72fe stages/identification: fix challenges not being annotated correctly and API client not loading data correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:28:11 +02:00
Jens Langhammer 79508e1965 core: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:41:50 +02:00
Jens Langhammer 3a88dde545 web: fix declaration of Intl 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:13:43 +02:00
Jens Langhammer cabbd18880 core: revert check_access API to get to prevent CSRF errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 21:47:49 +02:00
Jens Langhammer afb84c7bc5 flows: fix error clearing flow background when no files have been uploaded 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 14:14:41 +02:00
Jens Langhammer d789dcc28f core: fix impersonation not working with inactive users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 20:41:02 +02:00
Jens Langhammer 74e4e8f6aa core: delete real session when AuthenticatedSession is deleted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 17:37:32 +02:00
Jens Langhammer 10d949f7a9 stages/password: add constants for password backends 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-12 12:14:55 +02:00
Jens Langhammer 8d6db0fabf flows: fix configuration URL being set when no flow is configure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 22:07:26 +02:00
Jens L 34ae9e6dab
API: add endpoint to show by what objects an object is used (#995) 
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 11:58:12 +02:00
Jens Langhammer fb8d67a9d9 core: add configure_url to UserSettings for both stages and sources 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 19:21:27 +02:00
Jens Langhammer 90a5c84ac8 core: make EndSessionView inherit PolicyAccessView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 14:07:50 +02:00
Jens Langhammer 9180d448df core: move end-session to core 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 13:56:38 +02:00
Jens Langhammer 0032f535da core: add minor tests for users api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 01:23:04 +02:00
Jens Langhammer 17326615b7 events: rewrite GeoIP to a wrapper, reload file every 8 hours 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 00:42:41 +02:00
Jens Langhammer f5dbdbd48b *: add clear param to file upload API to delete stored file and reset field 
closes #949

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 21:33:03 +02:00
Jens Langhammer 277c2f4aad core: make application.meta_icon nullable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#949
 2021-06-05 21:06:52 +02:00
Jens Langhammer ba3e0a0586 core: fix flow query 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:30:56 +02:00
Jens Langhammer 86b450c6d1 flows: add compatibility_mode to toggle ShadyDOM 
closes #894

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-05 20:04:30 +02:00
Jens Langhammer 5e3628bea6 core: add fallback URLs for websocket to cleanup test logs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:26:18 +02:00
Jens Langhammer 290ebef8e3 core: instead of migrating sessions, clear cache on initial upgrade 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 17:20:25 +02:00
Jens Langhammer 48e68d6852 core: fix token identifier not being set to unique 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 11:45:48 +02:00
Jens Langhammer ed3859800c core: improve API validation for Application's set_icon_url (fix JSON Syntax Error) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 00:39:56 +02:00
Jens Langhammer 06b7f62a40 core: make app's meta_launch_url textfield 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-03 00:21:20 +02:00
Jens Langhammer 974ddc07f7 web: improve loading of custom favicon 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 21:19:39 +02:00
Jens Langhammer b9773d39c0 core: add tests for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 14:43:00 +02:00
Jens Langhammer fc45d35699 core: add migration for sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 13:08:29 +02:00
Jens Langhammer 73338bdf32 core: add geo_ip to authenticated sessions if enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 01:01:20 +02:00
Jens Langhammer 059da74d1c core: add current attribute to authenticated_session API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:31:41 +02:00
Jens Langhammer 45b8b1e198 core: delete AuthenticatedSession on logout 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:27:33 +02:00
Jens Langhammer 133fc38c05 core: initial authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-30 00:15:16 +02:00
Jens Langhammer 3b31b7ce83 core: add http host in log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 19:07:54 +02:00
Jens Langhammer fae8b80ceb core: fix usage of config on templates 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:31:05 +02:00
Jens Langhammer df92f01719 flows: remove default-recovery 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:30:55 +02:00
Jens Langhammer 14f85ec980 tenants: migrate context_processor to tenants 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:01:48 +02:00
Jens Langhammer 523621daa2 core: make application's check_access API return a PolicyResult and accept for_user as superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-26 11:47:23 +02:00
Jens L 53e2b2c784
Prometheus metrics (#914) 
* admin: add worker metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* admin: add version metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add gauge for system tasks

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add gauge for last hello and connection status

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: re-add prometheus metrics to database

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: allow access to metrics without credentials when debug is on

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: add UpdatingGauge to auto-set value on load

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add metrics for cache and building

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: add metrics for policy engine

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add histogram for task durations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: revert to gauge because values are updated on export view

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add gauge to count all models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add metrics for events

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-23 20:29:34 +02:00
Jens Langhammer 1a0f72d0a8 Merge branch 'version-2021.5' into next 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/stages/authenticator_static/api.py
#	swagger.yaml
 2021-05-21 21:33:18 +02:00
Jens Langhammer a265dd54cc stages/authenticator_*: fix Permission Error when disabling Authenticator as non-superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 21:25:03 +02:00
Jens Langhammer d9a788aac8 api: rename auth to authentication, add authorization for rest_framework permission class 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 20:14:03 +02:00
Jens Langhammer be5a6c0310 api: add set_*_url method for Application and Flow to set icon/background to URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 17:18:40 +02:00