* providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2.4 KiB
title | slug |
---|---|
Release 0.14 | /releases/0.14 |
Headline features
-
Flows are now graphically shown as diagrams, to visualise which stages and policies are bound.
This diagram makes it significantly easier to understand how a flow works, as well as helping you design a flow that does exactly what you need.
-
Events now have a more general purpose, rather than just logging audit actions.
The following new events are now logged:
- Policy Execution (Has to be enabled on a per-policy basis)
- Policy Exceptions
- Property Mapping Exceptions
- Configuration Errors (currently these events are created by incorrectly configured providers, but will be used further in the future.)
- Update availability
-
The OAuth2 Provider has been updated to closer match the OpenID Connect Specifications
Response type no longer has to be configured manually. The issuer field can be configured now (the default behaviour is the same as pre-0.14)
Authorization Codes are now generated as a JWT Token, which is not specified as spec, but seems to be a quasi-standard.
-
SAML Providers can now be created from SAML Metadata
-
The authentik proxy is now using the currently latest version of oauth2_proxy (6.1.1)
-
The license has been changed to GNU/GPL 3.0
Fixes
- admin: fix policy test button in dark theme
- core: fix anonymous user being included in User API
- core: fix token update/delete not working
- core: fix User's token creation not working
- core: make application's provider not required
- core: show multi-select notice for SelectMultiple Widgets
- outposts: allow blank kubeconfig
- outposts: validate kubeconfig before saving
- proxy: update to latest stable oauth2_proxy version
- root: update license
- web: fix sidebar being overlaid over modal backdrop
- web: fix table styling on mobile
- web: use displyname in sidebar for user
Upgrading
This release does not introduce any new requirements.
docker-compose
Download the docker-compose file for 0.14 from here. Afterwards, simply run docker-compose up -d
and then the standard upgrade command of docker-compose run --rm server migrate
.
Kubernetes
Run helm repo update
and then upgrade your release with helm upgrade authentik authentik/authentik --devel -f values.yaml
.