Jens Langhammer
|
7a73ddfb60
|
outposts/proxy: match skipPathRegex against full URL on domain auth
closes #1955
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-18 15:50:42 +01:00 |
Jens Langhammer
|
7d6e88061f
|
outposts: check if hub from context is set and fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-16 11:19:57 +01:00 |
Jens Langhammer
|
f8aab40e3e
|
internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-16 11:00:19 +01:00 |
Jens Langhammer
|
5f0f4284a2
|
web/admin: fix rendering for applications on view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 15:27:28 +01:00 |
Jens Langhammer
|
c11be2284d
|
outposts/proxy: also set max length for redis backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 15:05:55 +01:00 |
Jens Langhammer
|
aa321196d7
|
outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-13 13:33:20 +01:00 |
Jens Langhammer
|
4e2457560d
|
outposts/proxy: use filesystem storage for non-embedded outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-12 17:59:31 +01:00 |
Jens Langhammer
|
2ddf122d27
|
Revert "outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long"
This reverts commit b3e40c6aed .
|
2021-12-12 17:58:19 +01:00 |
Jens Langhammer
|
deebdf2bcc
|
outposts: fix unlabeled transaction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-12 13:46:31 +01:00 |
Jens Langhammer
|
b3e40c6aed
|
outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-06 13:54:59 +01:00 |
Jens Langhammer
|
85a417d22e
|
outposts/proxy: re-add rs256 support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 15:17:32 +01:00 |
Jens Langhammer
|
347c3793fc
|
outposts/proxy: add additional headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 14:19:57 +01:00 |
Jens Langhammer
|
e42ad8db93
|
outposts/proxy: copy user-agent header from upstream request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 10:01:54 +01:00 |
Jens Langhammer
|
e917e756cc
|
outposts/proxy: make logging fields more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-02 09:58:50 +01:00 |
Jens Langhammer
|
d0ceafe79e
|
outposts/proxy: add X-authentik-meta-version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:59:45 +01:00 |
Jens Langhammer
|
60b95271eb
|
outposts/proxy: add additional headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:19:09 +01:00 |
Jens Langhammer
|
3b068610b9
|
outposts/proxy: clean up header setting (don't copy all headers)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:05:56 +01:00 |
Jens Langhammer
|
8b7f698c7b
|
outposts/proxy: continue compiling additional regexes even when one fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-28 15:06:26 +01:00 |
Jens Langhammer
|
c98bdbacc5
|
providers/proxy: return list of configured scope names so outpost requests custom scopes
closes #1762
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-10 23:06:21 +01:00 |
Jens Langhammer
|
4d51ec906d
|
internal/proxyv2: improve error handling when configuring app
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-13 21:48:11 +02:00 |
Jens Langhammer
|
22a7c25526
|
internal: call GetStore on application to improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 13:33:20 +02:00 |
Jens Langhammer
|
f6e8dbfb5e
|
outposts/proxy: show full error message when user is authenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-02 22:00:37 +02:00 |
Jens Langhammer
|
3c1ac4c7ec
|
outposts/proxy: add new headers with unified naming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-02 22:00:23 +02:00 |
Jens Langhammer
|
52bbf454e3
|
outpost/proxy: fix missing negation for internal host ssl verification
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-02 21:17:15 +02:00 |
Jens Langhammer
|
2462d58135
|
outposts/proxy: fix duplicate protocol in domain auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-27 20:49:00 +02:00 |
Jens Langhammer
|
b248f450dd
|
outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
closes #1471
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-26 12:00:51 +02:00 |
Jens Langhammer
|
9f4a4449f5
|
outposts/proxy: ensure cookies only last as long as tokens
closes #1462
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-25 16:12:59 +02:00 |
Jens Langhammer
|
a6a6b3bd06
|
outposts: add outpost_name label to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 10:04:17 +02:00 |
Jens Langhammer
|
48ad3dccda
|
outposts/proxy: remove deprecated rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 09:57:47 +02:00 |
Jens Langhammer
|
95efd47f65
|
root: remove asgi error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-15 12:23:14 +02:00 |
Jens Langhammer
|
223d9ad414
|
outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-11 19:30:21 +02:00 |
Jens Langhammer
|
9a79bab43d
|
outposts/proxy: fix redirect URL error due to callback url not being joined correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-10 16:19:29 +02:00 |
Jens Langhammer
|
3d042e708a
|
outposts/proxy: always redirect on forward_auth for traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-10 12:43:57 +02:00 |
Jens Langhammer
|
e5944567e8
|
outposts/proxy: fix url not being substituted for sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 11:00:58 +02:00 |
Jens Langhammer
|
d296c12d01
|
outposts/proxy: fix redirect when using forward_auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 10:56:20 +02:00 |
Jens Langhammer
|
4c3a9e69f2
|
outposts/proxy: fix securecookie: no codecs provided error with redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 10:23:46 +02:00 |
Jens Langhammer
|
8ca29f6d49
|
Revert "outpost/proxy: set samesite none"
This reverts commit f7afb60c1f .
|
2021-09-08 22:56:24 +02:00 |
Jens Langhammer
|
f7afb60c1f
|
outpost/proxy: set samesite none
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 22:06:44 +02:00 |
Jens Langhammer
|
b9c605bf1a
|
outpost/proxy: fix double slash when trailing slash in authentik_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 22:03:41 +02:00 |
Jens Langhammer
|
2983adc719
|
outpost/proxyv2: fix redirect to localhost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 21:07:16 +02:00 |
Jens L
|
3c1b70c355
|
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 18:04:56 +00:00 |