Commit graph

10600 commits

Author SHA1 Message Date
Jens L e390f5b2d1
providers/oauth2: more x5c and ecdsa x/y tests (#4463)
* add option to exclude x5*

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4082

* cleanup jwks, add flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add workaround based on https://github.com/jpadilla/pyjwt/issues/709

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't rstrip hashes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* keycloak seems to strip equals

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 18:11:36 +00:00
Jens Langhammer f09305a444
root: don't specify bind IP in compose file
closes #4470

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 19:03:36 +01:00
Jens Langhammer 60189ce9ca
add tests to prevent empty SAN
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 18:59:10 +01:00
Jens Langhammer fdc445e6a1
ensure we don't generate an empty SAN certificate
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 18:44:41 +01:00
authentik Bot e3f8afcf80
web: bump API Client version (#4469)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
2023-01-18 16:27:20 +00:00
Jens Langhammer 9e2e8132a6
Merge branch 'version-2023.1' 2023-01-18 17:14:10 +01:00
Jens Langhammer 26f9bbeefa
website/docs: add 2023.1 to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 16:36:03 +01:00
Jens Langhammer 49b6c71079
release: 2023.1.0 2023-01-18 15:49:45 +01:00
Jens Langhammer 97acc77e0a
website/docs: update 2023.1 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:25:58 +01:00
Jens Langhammer eb1e0427c1
website/docs: add missing user uid field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:22:06 +01:00
Jens Langhammer 6e0c9acb34
events: exclude base models from model audit log
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 15:11:33 +01:00
Jens Langhammer b75d659707
ci: bump cleanup action
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 10:59:39 +01:00
Jens Langhammer 8894861a59
ci: use bot token for image cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 10:50:12 +01:00
dependabot[bot] 7878755acd
web: bump @sentry/browser from 7.31.0 to 7.31.1 in /web (#4466)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.31.0 to 7.31.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.31.0...7.31.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-18 10:37:53 +01:00
dependabot[bot] 2b62d6646e
web: bump @sentry/tracing from 7.31.0 to 7.31.1 in /web (#4467)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.31.0 to 7.31.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.31.0...7.31.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-18 10:35:49 +01:00
dependabot[bot] 4f81f750ce
web: bump pyright from 1.1.289 to 1.1.290 in /web (#4465)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.289 to 1.1.290.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.290/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-18 10:35:22 +01:00
dependabot[bot] fa216e2e93
core: bump goauthentik.io/api/v3 from 3.2022122.7 to 3.2022122.8 (#4461)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022122.7 to 3.2022122.8.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022122.7...v3.2022122.8)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 19:42:45 +01:00
authentik Bot 181bd903be
web: bump API Client version (#4460)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
2023-01-17 18:10:10 +00:00
Jens L 23c69c456a
providers/proxy: add setting to intercept authorization header (#4457)
* add setting to intercept authorization header

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rename to intercept_header_auth

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 18:56:48 +01:00
Jens L c73fce4f58
sources/ldap: manual import (#4456)
* events: fix task UID

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add ldap sync command

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 12:21:33 +01:00
Jens Langhammer bd0ef69ece
outposts/ldap: decrease verbosity
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 11:12:31 +01:00
Jens Langhammer 19ee98b36d
outposts/proxy: allow setting no-redirect via header or query param
closes #4455

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-17 10:56:43 +01:00
dependabot[bot] 75d4246b79
web: bump @sentry/tracing from 7.30.0 to 7.31.0 in /web (#4451)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.30.0 to 7.31.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.30.0...7.31.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 10:48:29 +01:00
dependabot[bot] d2fd84d98c
web: bump @sentry/browser from 7.30.0 to 7.31.0 in /web (#4454)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.30.0 to 7.31.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.30.0...7.31.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 10:47:13 +01:00
dependabot[bot] 678378403b
web: bump @typescript-eslint/eslint-plugin from 5.48.1 to 5.48.2 in /web (#4453)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.48.1 to 5.48.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.48.2/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 10:46:57 +01:00
dependabot[bot] 7f32d0eb9a
web: bump @typescript-eslint/parser from 5.48.1 to 5.48.2 in /web (#4452)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.48.1 to 5.48.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.48.2/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-17 10:44:28 +01:00
Jens L f1b3598a0f
blueprints: don't set session_duration in default and example flows (#4448)
closes #3944

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-16 13:18:25 +01:00
Jens Langhammer 07767c9376
website/docs: add disclaimer to beta page that downgrade isn't supported
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-16 10:44:42 +01:00
dependabot[bot] 5a3f9d1417
web: bump prettier from 2.8.2 to 2.8.3 in /web (#4441)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.2...2.8.3)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:19:42 +01:00
dependabot[bot] 44a6303c91
web: bump eslint from 8.31.0 to 8.32.0 in /web (#4442)
Bumps [eslint](https://github.com/eslint/eslint) from 8.31.0 to 8.32.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.31.0...v8.32.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:15:30 +01:00
dependabot[bot] 5f7f80fdee
website: bump rapidoc from 9.3.3 to 9.3.4 in /website (#4438)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.3.3 to 9.3.4.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.3.3...v9.3.4)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:14:11 +01:00
dependabot[bot] a332a465ef
web: bump eslint-plugin-lit from 1.8.0 to 1.8.2 in /web (#4443)
Bumps [eslint-plugin-lit](https://github.com/43081j/eslint-plugin-lit) from 1.8.0 to 1.8.2.
- [Release notes](https://github.com/43081j/eslint-plugin-lit/releases)
- [Commits](https://github.com/43081j/eslint-plugin-lit/compare/v1.8.0...v1.8.2)

---
updated-dependencies:
- dependency-name: eslint-plugin-lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:13:46 +01:00
dependabot[bot] 8b16fed926
web: bump pyright from 1.1.288 to 1.1.289 in /web (#4440)
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright) from 1.1.288 to 1.1.289.
- [Release notes](https://github.com/Microsoft/pyright/releases)
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.289/packages/pyright)

---
updated-dependencies:
- dependency-name: pyright
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:10:13 +01:00
dependabot[bot] be10dd629b
website: bump prettier from 2.8.2 to 2.8.3 in /website (#4439)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.2...2.8.3)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-16 10:09:58 +01:00
dependabot[bot] a6a868cbc1
web: bump rapidoc from 9.3.3 to 9.3.4 in /web (#4444) 2023-01-16 10:00:06 +01:00
dependabot[bot] a9ed275f4e
core: bump pytest from 7.2.0 to 7.2.1 (#4445) 2023-01-16 09:59:36 +01:00
dependabot[bot] fbc5378158
core: bump django-silk from 5.0.2 to 5.0.3 (#4446) 2023-01-16 09:59:26 +01:00
dependabot[bot] 20210b614d
core: bump goauthentik.io/api/v3 from 3.2022122.5 to 3.2022122.7 (#4447) 2023-01-16 09:59:16 +01:00
Jens Langhammer 063877a615
website: fix version dropdown and generated subdomains
Signed-off-by: Jens Langhammer <jens@goauthentik.io>

#4437
2023-01-15 17:23:33 +01:00
Jens Langhammer a73d50d379
Merge branch 'next' 2023-01-15 17:03:01 +01:00
Jens L 9568f4dbd6
root: improve code style (#4436)
* cleanup pylint comments

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix url name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* *: use ExtractHour instead of ExtractDay

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-15 17:02:31 +01:00
Jens Langhammer 9b2ceb0d44
outposts/proxy: make logged user more consistent, set FlushInterval
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 23:58:15 +01:00
Jens Langhammer 2deb185550
internal: fix empty scheme field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 23:27:34 +01:00
Jens Langhammer 69d4719687
outposts/proxy: set http code when no redirect header is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:20:52 +01:00
Jens Langhammer d31e566873
outposts/proxy: add header to prevent redirects
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:18:25 +01:00
Jens Langhammer 0ddcefce80
outposts/proxy: cache basic and bearer credentials for one minute
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:12:48 +01:00
Jens Langhammer 4c45d35507
outposts/proxy: fix error handling, remove requirement for profile/etc scopes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 21:44:28 +01:00
Jens Langhammer 829e49275d
outposts/proxy: fix proxy's TokenIntrospection potentially not being set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 20:54:34 +01:00
Jens Langhammer 143309448e
policies: ensure user is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 20:24:46 +01:00
Jens Langhammer 1f038ecee2
providers/oauth2: fallback to anonymous user for policy engine
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 20:22:06 +01:00