ad9f500ad1
crypto: fix race conditions when creating self-signed certificates on startup ( #7344 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-27 16:29:10 +02:00
0772756eef
crypto: fix has_key filter ( #6727 )
...
* crypto: fix has_key certificate filter
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 11:51:41 +02:00
2f469d2709
root: partial Live-updating config ( #5959 )
...
* stages/email: directly use email credentials from config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use custom database backend that supports dynamic credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add crude config reloader
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make method names for CONFIG clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace config.set with environ
Not sure if this is the cleanest way, but it persists through a config reload
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add set for @patch
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* even more crudeness
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clean up some old stuff?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup old things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flow e2e
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-19 23:13:22 +02:00
69f0460f69
website: update translation docs ( #5875 )
...
* website/docs: remove lingui references
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace deprecated cryptography types
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* tell eslint to avoid escapes in strings when possible
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ignore generated locale code
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 12:32:32 +02:00
92fd6a55db
blueprints: adjust wording on managed field ( #5558 )
2023-05-09 23:41:42 +02:00
eaa3d11df8
api: modular urls ( #5551 )
...
* api: make API urls modular
load API urls from app module's urls file instead of a single static file
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor websocket url mounting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-09 14:46:47 +02:00
2a2e159a0d
blueprints: improve schema generation by including model schema ( #5503 )
...
* blueprints: improve schema generation by including model schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* unset required
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-07 12:32:01 +02:00
967a38b7ac
crypto: make name field unique to prevent double certs ( #5406 )
...
* crypto: make name field unique to prevent double certs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 14:35:59 +03:00
54d508ae8c
ci: fix pyright errors ( #5392 )
...
* ci: fix pyright errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix error in oauth 1 source
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove redundant blueprint fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-27 17:33:47 +03:00
dfa80543b5
root: add ruff linter ( #5240 )
...
* root: add ruff linter
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually add ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-18 13:28:19 +02:00
18cfe67719
core: bump black from 22.12.0 to 23.1.0 ( #4584 )
...
* core: bump black from 22.12.0 to 23.1.0
Bumps [black](https://github.com/psf/black ) from 22.12.0 to 23.1.0.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* re-format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-01 11:31:32 +01:00
a302a72379
crypto: fallback when no SAN values are given
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 19:40:24 +01:00
60189ce9ca
add tests to prevent empty SAN
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 18:59:10 +01:00
fdc445e6a1
ensure we don't generate an empty SAN certificate
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-18 18:44:41 +01:00
9568f4dbd6
root: improve code style ( #4436 )
...
* cleanup pylint comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix url name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* *: use ExtractHour instead of ExtractDay
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-15 17:02:31 +01:00
47aba4a996
crypto: prevent creation of duplicate self-signed default certs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-06 16:51:07 +01:00
960a2aab74
crypto: fix type for has_key
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-01 23:14:19 +01:00
f0e121c064
api: add filter backend for secret key to allow access to tenants and certificates
...
closes #4182
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 18:59:25 +01:00
b85be12567
providers/oauth2: fix issues with es256 and add tests ( #3808 )
...
fix issues with es256 and add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 22:01:29 +02:00
a3cc844e25
crypto: fix cert_expiry not having the correct format
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-15 23:32:02 +02:00
93e90f8f50
crypto: fix import_certificate checking private key as certificate
...
closes #3713
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-02 00:31:14 +02:00
44e4f2e561
crypto: make certificate parsing optional for crypto api ( #3711 )
2022-10-01 00:06:00 +02:00
62f93c83d4
ci: update pyright ( #3546 )
2022-09-07 00:23:25 +02:00
03a3f1bd6f
crypto: add command to import certificates
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3544
2022-09-06 19:39:10 +02:00
54ba3e9616
blueprints: add meta model to apply blueprint within blueprint for dependencies ( #3486 )
...
* add meta model to apply blueprint within blueprint for dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use custom registry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* move ManagedAppConfig to apps.py
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* rename manager to registry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: use full tag in comment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-29 21:20:58 +02:00
d1004e3798
blueprints: webui ( #3356 )
2022-08-03 00:05:49 +02:00
a023eee9bf
blueprints: migrate from managed ( #3338 )
...
* test all bundled blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix empty title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix default blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add script to generate dev config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate managed to blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add more to blueprint instance
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrated away from ObjectManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix some tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix a bit more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* whops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *sigh*
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* scheduled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* run discovery on start
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* oops this test should stay
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-01 23:05:58 +02:00
89c84f10d0
blueprints: v1 ( #1573 )
...
* managed: move flowexporter to managed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* *: implement SerializerModel in all models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* managed: add initial api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* managed: start blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* managed: spec
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* version blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* yep
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove v2, improve v1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* start custom tag, more rebrand
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* move blueprints out of website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* try new things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add !lookup, fix web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update and cleanup default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tags in lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't save field if its set to default value
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more flow cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* format web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing serializer for sms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ignore _set fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove custom file extension
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate default flow to tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* include blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-31 17:11:44 +02:00
0cad56ec73
providers/oauth2: if a redirect_uri cannot be parsed as regex, compare strict ( #3070 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 23:32:57 +02:00
63dc8fe7dc
crypto: set SAN in default generated Certificate to semi-random domain
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2462
2022-05-22 23:22:06 +02:00
0b4ac54363
*: default to max 60 for fqdn_rand
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-20 20:07:25 +02:00
1a1434bfda
*: decrease frequency of background tasks, smear tasks based on name and fqdn
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2159
2022-04-20 18:43:40 +02:00
993c6472db
crypto: only count discovered when cert was loaded successfully
2022-03-28 08:58:23 +00:00
8b95e9f97a
crypto: open files in read-only mode for importing ( #2536 )
...
closes #2535
2022-03-21 10:46:09 +01:00
11e25617bd
crypto: fully parse certificate on validation in serializer to prevent invalid certificates from being saved
...
closes #2082
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:36:50 +01:00
c249b55ff5
*: use py3.10 syntax for unions, remove old Type[] import when possible
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 14:59:01 +01:00
b19da6d774
crypto: return private key's type (required for some oauth2 providers)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:51:28 +01:00
457e17fec3
website/docs: add small let's encrypt docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 00:59:06 +01:00
f557b2129f
*: fix random typos
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:13:18 +01:00
2bde43e5dc
crypto: use older syntax for type union
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:22:45 +01:00
2f3026084e
providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:09:49 +01:00
c1f0833c09
crypto: improve support for non-rsa private keys (discovery)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:22 +01:00
34b11524f1
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
2ca115285c
crypto: fix private keys not being imported correctly
...
closes #1945
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 21:14:15 +01:00
32ace1bece
crypto: add additional validation before importing a certificate
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 14:49:25 +01:00
a9bd34f3c5
events: revert to @prefill_task decorator since base class doesn't get executed until task runs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 10:18:00 +01:00
2b78c4ba86
*: use request.query_params instead of accessing the django request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:20 +01:00
426cef998f
sources/ldap: make task names more consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:39:42 +01:00
572f6d4ea0
crypto: add certificate discovery to automatically import certificates from lets encrypt
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1835
2021-12-03 18:27:36 +01:00
20c738c384
crypto: fix default API not having an ordering
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:00:41 +01:00
Jens L
dependabot[bot]
Jens L
Angel Nunez Mencias