Commit graph

77 commits

Author SHA1 Message Date
Marc 'risson' Schmitt c2f5f993b2
Merge branch 'main' into multi-tenant-django-tenants 2024-01-10 17:57:40 +01:00
Marc 'risson' Schmitt 9c7600e1f2
Merge branch 'main' into multi-tenant-django-tenants 2024-01-09 16:38:09 +01:00
Marc 'risson' Schmitt f35f86442b
Merge branch 'main' into multi-tenant-django-tenants 2024-01-03 12:22:25 +01:00
Marc 'risson' Schmitt 2af782c023
Merge branch 'main' into multi-tenant-django-tenants 2023-12-27 11:56:50 +01:00
Marc 'risson' Schmitt 72fcaa92dd
Merge branch 'main' into multi-tenant-django-tenants 2023-12-20 09:45:34 +01:00
Marc 'risson' Schmitt 0b4622a0fd
Merge branch 'main' into multi-tenant-django-tenants 2023-12-18 10:57:09 +01:00
Marc 'risson' Schmitt 443dcc8ac6
Merge branch 'main' into multi-tenant-django-tenants 2023-12-11 11:17:04 +01:00
Marc 'risson' Schmitt 82d2ebaba3
i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-12-08 02:52:59 +01:00
Jens L 944368c4f2
events: add graph for event volume (#7639)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-12-06 19:06:07 +02:00
Jens L a0f607b5ac
web/flows: bottom-align about text on flows page (#7051)
* web/flows: bottom-align about text on flows page

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix a bunch of typos

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-03 14:10:10 +02:00
Jens L cb6dadbf94
stages/email: rework email templates (#7029)
rework email templates

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-02 16:04:40 +02:00
Jens L 1ae4ed55ae
web/admin: fix webauthn label order, add raw value (#6905)
* web/admin: fix webauthn label order, add raw value

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* revert codecov to v3

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-15 13:12:38 +02:00
Jens L 7f9e8f469d
web: replace ampersand (#6737)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-02 18:59:17 +02:00
Jens L 9d894528e3
website: fix reference to flow stage binding option (#6701)
the option name was changed a while back but the docs still used the old name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 20:10:36 +02:00
Jens L 168423a54e
enterprise: licensing fixes (#6601)
* enterprise: fix unique index for key, fix field names

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* enterprise: update UI to match

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-23 13:20:42 +02:00
Jens L 7b3d1a229f
stages/authenticator_static: make static token size adjustable (#6565)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-17 23:48:05 +02:00
Jens L 782d95b4a3
web: app icons v2 (#6410)
* fix more icons stuff

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* refactor app icon into separate component

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make app icon work correctly in admin list and app view page

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-28 14:25:56 +02:00
Jens L d50f92d8b4
enterprise: cleanup v2 (#6330)
* cleanup minor stuff

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* change default user type to internal to be more consistent

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-21 18:23:51 +02:00
Jens L 41af486006
enterprise: initial enterprise (#5721)
* initial

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add user type

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add external users

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add ui, add more logic, add public JWT validation key

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* revert to not use install_id as session jwt signing key

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* switch to PKI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more licensing stuff

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add install ID to form

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix bugs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start adding tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use x5c correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* license checks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use production CA

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* more UI stuff

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rename to summary

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale, improve ui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add direct button

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update link

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* format and such

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove old attributes from ldap

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove is_enterprise_licensed

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix admin interface styling issue

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Update authentik/core/models.py

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>

* fix default case

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-17 17:57:08 +02:00
Jens L f4e94bff1f
web/admin: fix admin overview layout (#6220)
* web/admin: fix admin overview layout

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-11 21:20:12 +02:00
Jens L 01311929d1
providers/ldap: improve password totp detection (#6006)
* providers/ldap: improve password totp detection

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add flag for totp mfa support

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep support for static tokens

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-20 12:09:13 +02:00
Jens L 16454af1c0
web/admin: theme adjustments (#5944)
* web/admin: theme adjustments

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-13 15:41:48 +02:00
ChandonPierre 029395d08b
sources/ldap: add support for cert based auth (#5850)
* ldap: support cert based auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ldap: default sni switch to off

* ldap: `get_info=NONE` on insufficient access error

* fix: Make file locale script

* ldap: add google ldap attribute mappings

* ldap: move google secure ldap blueprint to examples

Revert "ldap: add google ldap attribute mappings"

This reverts commit 8a861bb92c1bd763b6e7ec0513f73b3039a1adb4.

* ldap: remove `validate` for client cert auth

not strictly necessary

* ldap: write temp cert files more securely

* ldap: use first array value for sni when provided csv input

* don't specify tempdir

we set $TMPDIR in the dockerfile

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* limit API to only allow certificate key pairs with private key

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use maxsplit

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 15:41:44 +02:00
Jens L 44341f0224
lib: add tests for ak_create_event (#5710)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-22 00:18:54 +02:00
Jens L 5d5938c412
sources/saml: separate verification cert (#5699)
* sources/saml: allow separate verification certificate to be specified

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add migration to keep current behaviour

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update strings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keep testing verification

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-21 14:42:17 +02:00
Jens L 6cf7a72831
web/flows: improve UI for TOTP code input (#5676)
* web/flows: improve UI for TOTP code input

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update phrasing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-18 18:41:53 +02:00
Jens L c8e074c363
web/admin: add description to notification rule group field (#5568)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 21:00:51 +02:00
Michael OBrien eb071d4d90
providers/oauth2: add user UUID as subject option (#5556)
* providers/oauth2: add user UUID as subject option

* Added translations for new OAuth2 subject option
2023-05-10 17:50:13 +02:00
Jens L 99e2c6911c
web/admin: add example data for ldap property mapping (#5530)
* web/admin: add example data for ldap property mapping

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* correctly retry flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 17:18:07 +02:00
Jens L 9bddc9b577
web/admin: remove redundant markdown notice (#5525)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 15:33:00 +02:00
Jens L 95a679ab3b
web/flows: rework redirect logic (#5498)
* web/flows: rework redirect logic

always use redirect stage, remove special logic from flow executor

show better message when redirect target URL isn't http or https (show notice to close the page)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update strings

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-05 22:24:43 +02:00
Jens L 3f607ee2c8
policies: make policy engine modes consistent with database values (#5462)
* policies: make policy engine modes consistent with database values

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix in ui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing case

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-03 18:16:16 +03:00
Jens L cb0fa6beb9
web: fix API browser error (#5402)
* web: fix API browser error

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 12:21:46 +03:00
Jens L 3f5effb1bc
providers/radius: simple radius outpost (#1796)
* initial implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add migrations

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* minor fixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use search-select

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix ip with port being sent to delegated ip

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add radius tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 16:54:35 +01:00
Jens Langhammer f2386f126e
core: fix inconsistent branding in end_session view
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4586
2023-02-01 19:40:59 +01:00
Jens Langhammer 72168fae29
providers/oauth2: add user id as "sub" mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-29 16:15:03 +01:00
Jens Langhammer 1ce2a1b846
stages/email: update tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 10:43:49 +01:00
Jens Langhammer 89c4a7b4a4
web/admin: improve display of rule severity
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-19 12:09:53 +01:00
Jens L cd12e177ea
providers/proxy: add initial header token auth (#4421)
* initial implementation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* check for openid/profile claims

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* include jwks sources in proxy provider

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add web ui for jwks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only show sources with JWKS data configured

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix introspection tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start basic

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add basic auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs, update admonitions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add client_id to api, add tab for auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-13 16:22:03 +01:00
Jens Langhammer 81e9f2d608
web/admin: fix overflow in aggregate cards
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-11 14:12:02 +01:00
Jens L b424c5dd27
web/admin: rework admin dashboard, add more links, remove user and group graphs (#4399) 2023-01-10 23:47:55 +01:00
Jens L a960ce9454
stages/user_write: add more user creation options (#4367)
* add more user creation options

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update blueprints and docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 15:46:20 +01:00
Jens L e6b5810e03
polices/hibp: remove deprecated (#4363)
* remove hibp

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* don't save event matcher apps in migrations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup migrations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update docs, update some phrasing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 13:19:26 +01:00
Jens L dc1359a763
providers/saml: initial SLO implementation (#2346)
* providers/saml: initial SLO implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/saml: add logout request tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/saml: add tests for POST SLO

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* matrix e2e tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix import

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* set e2e matrix name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* separate oidc and oauth tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add basic saml slo e2e tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add better metadata download url

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* kinda prepare release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sort releases into folders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add slo urls to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix linking

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add api tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-04 19:45:31 +01:00
Jens Langhammer 0e6400bfea
web/admin: improve user/group UX for adding/removing users to and from groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 12:55:38 +01:00
Jens Langhammer dbaf03430e
web/admin: show stage binding form when creating stage in bound list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 15:09:22 +01:00
Jens Langhammer 3b61c6f9b9 web/admin: improve UI for removing users from groups and groups from users
no longer deletes users/groups when they are removed from the opposite

closes #4251 closes #3964

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 19:16:00 +01:00
Jens L 609f95ac97
providers: add preview for mappings (#4254)
* preview

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: show provider page on application page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use oauth2 end session url instead of direct interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dont show provider page on application page for now

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add UI for preview

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* translate and release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* separate saml api files

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add api tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-21 12:13:11 +01:00
Jens L ec925491b2
stages/captcha: customisable URLs (#3832)
* make api and js url customisable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use recaptcha.net domains

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* regen locale

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-18 14:18:43 +01:00
Jens Langhammer 4816b90378 root: update locales
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-12 16:23:30 +00:00