security: fix CVE 2022 46145 (#4140)

* add flow authentication requirement Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add website for cve Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: handle FlowNonApplicableException without policy result Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 16:14:25 +01:00
parent 860c85d012
commit db95dfe38d
30 changed files with 215 additions and 8 deletions
--- a/blueprints/default/20-flow-default-source-authentication.yaml
+++ b/blueprints/default/20-flow-default-source-authentication.yaml
@ -6,6 +6,7 @@ entries:
    designation: authentication
    name: Welcome to authentik!
    title: Welcome to authentik!
+    authentication: require_unauthenticated
  identifiers:
    slug: default-source-authentication
  model: authentik_flows.flow