Commit graph

9716 commits

Author SHA1 Message Date
Jens Langhammer fcf4657833 providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser
closes #3314

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 20:29:23 +02:00
Jens L 393d7ec486
providers/proxy: no exposed urls (#3151)
* test any callback

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dont detect callback in per-server handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use full redirect uri with both path and query param

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* correctly route to embedded outpost for callback signature

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix allowed redirects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 17:51:01 +02:00
l-with b7b5168910
sources/oauth: use mailcow full_name as username for mailcow source (#3299)
use mailcow full_name as username
2022-07-29 20:34:17 +00:00
Jens Langhammer 1dcec17a58 sources/oauth: only send header authentication for OIDC source
closes #3327

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 18:20:44 +02:00
Jens L b41acebf5b
providers/proxy: add caddy endpoint (#3330)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 10:58:53 +02:00
dependabot[bot] e0478e1775
core: bump goauthentik.io/api/v3 from 3.2022073.1 to 3.2022073.2 (#3331)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022073.1 to 3.2022073.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022073.1...v3.2022073.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-29 10:35:23 +02:00
Jens Langhammer d6b1a22563 core: fix import order
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 00:18:42 +02:00
Jens Langhammer cada292e00 core: pre-hydrate config into templates to directly load correct assets
closes #3228

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 00:04:44 +02:00
github-actions[bot] d4af47f576
web: Update Web API Client version (#3329)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-28 23:59:04 +02:00
Jens Langhammer 83eba36f8d core: add API Endpoint to get all MFA devices, add web ui to delete MFA devices of any user
closes #3237

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 23:50:25 +02:00
Jens Langhammer b82a142745 stages/authenticator_sms: use twilio SDK, improve docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3237
2022-07-28 22:17:59 +02:00
Jens Langhammer 2a42c203b2 stages/authenticator_totp: remove single device per user limit
closes #3281

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:39:46 +02:00
Jens Langhammer ade2d4879c stages/authenticator_duo: fix imported Duo Device not having a name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:20:32 +02:00
Jens Langhammer e14798dcdc core: import all models into shell
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:19:04 +02:00
Jens Langhammer e49050af19 web/flows: improve layout for TOTP QR stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:16:42 +02:00
Jens Langhammer 0248755cda stages/authentiactor_validate: improve error handling for duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:11:58 +02:00
Jens Langhammer 1f90359310 root: fix broken traceback logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 20:56:39 +02:00
Jens Langhammer 008fc19f0d root: fix log fields being overwritten in celery task logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 20:48:05 +02:00
dependabot[bot] 5cd5b71b18
web: bump @sentry/tracing from 7.7.0 to 7.8.0 in /web (#3324) 2022-07-28 09:46:29 +02:00
dependabot[bot] 253d98ba73
web: bump @rollup/plugin-typescript from 8.3.3 to 8.3.4 in /web (#3323) 2022-07-28 09:46:18 +02:00
dependabot[bot] 3e2c04d029
web: bump rollup from 2.77.1 to 2.77.2 in /web (#3322) 2022-07-28 09:45:29 +02:00
dependabot[bot] 32d3e33c83
web: bump @sentry/browser from 7.7.0 to 7.8.0 in /web (#3325) 2022-07-28 09:45:07 +02:00
dependabot[bot] 282ebeb38b
core: bump drf-spectacular from 0.22.1 to 0.23.1 (#3319)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.22.1 to 0.23.1.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.22.1...0.23.1)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 09:48:43 +02:00
dependabot[bot] 81f4d86e6d
core: bump github.com/go-ldap/ldap/v3 from 3.4.3 to 3.4.4 (#3318)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.3 to 3.4.4.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 09:48:34 +02:00
dependabot[bot] bcb90997bb
web: bump rollup from 2.77.0 to 2.77.1 in /web (#3317)
Bumps [rollup](https://github.com/rollup/rollup) from 2.77.0 to 2.77.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.77.0...v2.77.1)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 09:48:23 +02:00
Jens Langhammer 277df4f04f stages/prompt: fix tests for file field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-27 09:48:11 +02:00
Jens Langhammer de26c65fa0 core: add attributes. avatar method to allow custom uploaded avatars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2631
2022-07-26 21:42:41 +02:00
Jens Langhammer 55739ee982 internal: add additional error handling in config loader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:48:57 +02:00
Jens Langhammer 10b48b27b0 internal: walk config in go, check, parse and load from scheme like in python
closes #2719

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:33:37 +02:00
dependabot[bot] d08856c1fe
web: bump @typescript-eslint/eslint-plugin from 5.30.7 to 5.31.0 in /web (#3311)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.30.7 to 5.31.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.31.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:47:28 +02:00
dependabot[bot] 0d108b043d
web: bump @fortawesome/fontawesome-free from 6.1.1 to 6.1.2 in /web (#3310)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/6.1.1...6.1.2)

---
updated-dependencies:
- dependency-name: "@fortawesome/fontawesome-free"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:41:33 +02:00
dependabot[bot] a37245b7c8
web: bump @typescript-eslint/parser from 5.30.7 to 5.31.0 in /web (#3312)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.30.7 to 5.31.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.31.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:41:24 +02:00
dependabot[bot] 19c4ebdda9
core: bump urllib3 from 1.26.9 to 1.26.11 (#3313)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.9 to 1.26.11.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.11/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.9...1.26.11)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:41:03 +02:00
dependabot[bot] 34d4b71f59
web: bump chart.js from 3.8.0 to 3.8.2 in /web (#3307)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.8.0 to 3.8.2.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.8.0...v3.8.2)

---
updated-dependencies:
- dependency-name: chart.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-25 09:22:45 +02:00
dependabot[bot] bd8794f646
core: bump structlog from 21.5.0 to 22.1.0 (#3294)
* core: bump structlog from 21.5.0 to 22.1.0

Bumps [structlog](https://github.com/hynek/structlog) from 21.5.0 to 22.1.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hynek/structlog/compare/21.5.0...22.1.0)

---
updated-dependencies:
- dependency-name: structlog
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* migrate threaedlocal to contextvars

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-23 22:40:56 +02:00
dependabot[bot] e0adcd3277
web: bump @codemirror/lang-javascript from 6.0.1 to 6.0.2 in /web (#3300)
Bumps [@codemirror/lang-javascript](https://github.com/codemirror/lang-javascript) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/codemirror/lang-javascript/releases)
- [Changelog](https://github.com/codemirror/lang-javascript/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-javascript/compare/6.0.1...6.0.2)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-javascript"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 11:15:40 +02:00
dependabot[bot] e2fe615a31
web: bump lit from 2.2.7 to 2.2.8 in /web (#3301)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.8/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 10:52:56 +02:00
dependabot[bot] 0d2536fdfd
web: bump @codemirror/lang-python from 6.0.0 to 6.0.1 in /web (#3302)
Bumps [@codemirror/lang-python](https://github.com/codemirror/lang-python) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/codemirror/lang-python/releases)
- [Changelog](https://github.com/codemirror/lang-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-python/compare/6.0.0...6.0.1)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-python"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 10:52:49 +02:00
dependabot[bot] c5813204d5
core: bump sentry-sdk from 1.7.2 to 1.8.0 (#3303)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.7.2 to 1.8.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.7.2...1.8.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 10:52:40 +02:00
dependabot[bot] 5064c39a94
core: bump goauthentik.io/api/v3 from 3.2022072.1 to 3.2022073.1 (#3295) 2022-07-21 08:45:41 +02:00
Jens Langhammer 1880f98fa1 sources/oauth: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-20 19:10:26 +02:00
Jens Langhammer d3c360d9e5 root: remove 2022.5 from supported list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-20 18:49:38 +02:00
github-actions[bot] 388c4b9653
web: Update Web API Client version (#3293) 2022-07-20 18:43:24 +02:00
Jens Langhammer 87f1cf17c4 Merge branch 'version-2022.7' 2022-07-20 18:39:48 +02:00
Jens Langhammer dae6493a3e release: 2022.7.3 2022-07-20 09:37:43 +02:00
dependabot[bot] fc0275314d
website: bump terser from 5.10.0 to 5.14.2 in /website (#3289)
Bumps [terser](https://github.com/terser/terser) from 5.10.0 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 09:37:22 +02:00
dependabot[bot] c6fa19155b
web: bump terser from 5.7.1 to 5.14.2 in /web (#3285)
Bumps [terser](https://github.com/terser/terser) from 5.7.1 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 09:32:26 +02:00
dependabot[bot] 2fa0191d65
core: bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#3286)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 09:32:16 +02:00
Jens Langhammer ad07984158 website/docs: prepare 2022.7.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-19 21:40:56 +02:00
Jens Langhammer f909b86338 stages/consent: fix permimssions for consent API (allow owner to delete) 2022-07-19 16:41:34 +00:00