authentik fork
This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
Jens L ca89201bd8
Outpost LDAP (#784)
* outposts: initial ldap outpost implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add LDAP Binding using flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add API to check access to single application by slug

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: check application access

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add LDAP provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add ability to use multiple providers on the same outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add UI for LDAP Provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: fix linting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add controllers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix type not being configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: use authorization_flow instead of separate field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add dockerfile

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add groups to users

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search_group to limit who can do search requests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: improve logging,return success for empty DN

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: allow outposts to have non-object specific permissions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: use forked version of ldap library

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: save user DN to determine who can search

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* */api: fix lookups per user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: only show plex servers you own

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* lib: add support for file:// protocol in config file

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: hide oauth client secret if not updating

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/ldap: check access based on Group Membership

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: show users and groups when user has overall user permissions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* lib: handle errors when reading config from file://

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix package json failing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: bump node spec to 16x for npm version and lockfile v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 10:40:56 +02:00
.github Merge branch 'version-2021.4' 2021-04-29 23:50:52 +02:00
authentik lib: handle errors when reading config from file:// 2021-05-05 01:03:00 +02:00
cmd/server gproxy: add sentry integration 2021-05-04 14:28:48 +02:00
helm helm: fix typo 2021-05-04 16:27:05 +02:00
internal core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed 2021-05-04 18:49:27 +02:00
lifecycle website/docs: update container explanation 2021-05-04 17:49:21 +02:00
outpost outpost/ldap: check access based on Group Membership 2021-05-05 00:03:19 +02:00
scripts root: fix branch Name extraction to work on non PRs 2021-02-28 14:24:16 +01:00
tests sources/plex: add general tests 2021-05-03 21:55:55 +02:00
web Outpost LDAP (#784) 2021-05-05 10:40:56 +02:00
website website/docs: fix formatting for release notes 2021-05-04 20:13:38 +02:00
xml */saml: test against SAML Schema 2020-12-13 19:53:16 +01:00
.bumpversion.cfg gproxy: add sentry integration 2021-05-04 14:28:48 +02:00
.dockerignore root: attempt to build static image without django's collectstatic (#360) 2020-12-02 21:23:07 +01:00
.editorconfig repo cleanup, switch to new docker registry 2019-04-29 17:05:39 +02:00
.gitignore outposts: allow better configuration of outpost image name 2021-04-29 20:07:53 +02:00
Dockerfile root: initial go proxy, update compose and helm 2021-05-03 09:39:09 +02:00
LICENSE root: update license 2020-12-24 16:01:55 +01:00
Makefile core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed 2021-05-04 18:49:27 +02:00
Pipfile sources/plex: add general tests 2021-05-03 21:55:55 +02:00
Pipfile.lock build(deps): bump boto3 from 1.17.65 to 1.17.66 (#831) 2021-05-05 10:12:48 +02:00
README.md root: fix transifex link 2021-04-26 11:56:10 +02:00
SECURITY.md web/elements: add PageHeader element to replace page 2021-04-10 17:09:40 +02:00
azure-pipelines.yml ci: bump node spec to 16x for npm version and lockfile v2 2021-05-05 09:44:15 +02:00
docker-compose.yml website/docs: update container explanation 2021-05-04 17:49:21 +02:00
go.mod gproxy: load default config file for debug and listen statements 2021-05-04 14:10:34 +02:00
go.sum gproxy: load default config file for debug and listen statements 2021-05-04 14:10:34 +02:00
manage.py wip: rename to authentik (#361) 2020-12-05 22:08:42 +01:00
pyproject.toml stages/email: add tests for API 2021-04-04 14:14:58 +02:00
pyrightconfig.json Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
swagger.yaml Merge branch 'master' into outpost-ldap 2021-05-04 21:02:20 +02:00

README.md

authentik logo


CI Build status Tests Code Coverage Docker pulls Latest version LGTM Grade Transifex

What is authentik?

authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.

Installation

For small/test setups it is recommended to use docker-compose, see the documentation

For bigger setups, there is a Helm Chart in the helm/ directory. This is documented here

Screenshots

Light Dark

Development

See Development Documentation

Security

See SECURITY.md