habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' into dev

Browse Source 
* main: (66 commits)
  rbac: filters: fix missing attribute for unauthenticated requests (#10061)
  tests/e2e: docker-compose.yml: remove version element forgotten last time (#10067)
  providers/microsoft_entra: fix error when updating connection attributes (#10039)
  website/integrations: aws: fix about service link (#10062)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#10060)
  core: bump github.com/redis/go-redis/v9 from 9.5.2 to 9.5.3 (#10046)
  core: bump github.com/gorilla/websocket from 1.5.1 to 1.5.2 (#10047)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#10058)
  core: bump sentry-sdk from 2.5.0 to 2.5.1 (#10048)
  core: bump django-cte from 1.3.2 to 1.3.3 (#10049)
  core: bump packaging from 24.0 to 24.1 (#10050)
  web: bump yaml from 2.4.3 to 2.4.5 in /web (#10054)
  web: bump @sentry/browser from 8.7.0 to 8.8.0 in /web in the sentry group (#10051)
  web: bump esbuild from 0.21.4 to 0.21.5 in /web (#10053)
  crypto: update fingerprint at same time as certificate (#10036)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#10056)
  website/integrations: gitea: fix helm values (#10043)
  core, web: update translations (#10038)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#10040)
  docs/troubleshooting: upgrade docker: erroneous command (#10044)
  ...
This commit is contained in:
Ken Sternberg
2024-06-11 08:25:49 -07:00
parent 312f364e0c 837a0325ca
commit fcab99027b
81 changed files with 8407 additions and 2848 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
authentik/blueprints/v1/importer.py
View File

@ -58,7 +58,7 @@ from authentik.outposts.models import OutpostServiceConnection
from authentik.policies.models import Policy, PolicyBindingModel
from authentik.policies.reputation.models import Reputation
from authentik.providers.oauth2.models import AccessToken, AuthorizationCode, RefreshToken
from authentik.providers.scim.models import SCIMGroup, SCIMUser
from authentik.providers.scim.models import SCIMProviderGroup, SCIMProviderUser
from authentik.sources.scim.models import SCIMSourceGroup, SCIMSourceUser
from authentik.stages.authenticator_webauthn.models import WebAuthnDeviceType
from authentik.tenants.models import Tenant
@ -97,8 +97,8 @@ def excluded_models() -> list[type[Model]]:
# FIXME: these shouldn't need to be explicitly listed, but rather based off of a mixin
FlowToken,
LicenseUsage,
SCIMGroup,
SCIMUser,
SCIMProviderGroup,
SCIMProviderUser,
Tenant,
SystemTask,
ConnectionToken,

7
authentik/core/api/groups.py
View File

@ -2,6 +2,7 @@
from json import loads
from django.db.models import Prefetch
from django.http import Http404
from django_filters.filters import CharFilter, ModelMultipleChoiceFilter
from django_filters.filterset import FilterSet
@ -166,8 +167,14 @@ class GroupViewSet(UsedByMixin, ModelViewSet):
def get_queryset(self):
base_qs = Group.objects.all().select_related("parent").prefetch_related("roles")
if self.serializer_class(context={"request": self.request})._should_include_users:
base_qs = base_qs.prefetch_related("users")
else:
base_qs = base_qs.prefetch_related(
Prefetch("users", queryset=User.objects.all().only("id"))
)
return base_qs
@extend_schema(

6
authentik/core/api/property_mappings.py
View File

@ -80,8 +80,10 @@ class PropertyMappingViewSet(
class PropertyMappingTestSerializer(PolicyTestSerializer):
"""Test property mapping execution for a user/group with context"""
user = PrimaryKeyRelatedField(queryset=User.objects.all(), required=False)
group = PrimaryKeyRelatedField(queryset=Group.objects.all(), required=False)
user = PrimaryKeyRelatedField(queryset=User.objects.all(), required=False, allow_null=True)
group = PrimaryKeyRelatedField(
queryset=Group.objects.all(), required=False, allow_null=True
)
queryset = PropertyMapping.objects.select_subclasses()
serializer_class = PropertyMappingSerializer

1
authentik/enterprise/providers/google_workspace/api/groups.py
View File

@ -19,6 +19,7 @@ class GoogleWorkspaceProviderGroupSerializer(ModelSerializer):
model = GoogleWorkspaceProviderGroup
fields = [
"id",
"google_id",
"group",
"group_obj",
"provider",

1
authentik/enterprise/providers/google_workspace/api/users.py
View File

@ -19,6 +19,7 @@ class GoogleWorkspaceProviderUserSerializer(ModelSerializer):
model = GoogleWorkspaceProviderUser
fields = [
"id",
"google_id",
"user",
"user_obj",
"provider",

4
authentik/enterprise/providers/google_workspace/clients/groups.py
View File

@ -92,12 +92,14 @@ class GoogleWorkspaceGroupClient(
google_group = self.to_schema(group, connection)
self.check_email_valid(google_group["email"])
try:
return self._request(
response = self._request(
self.directory_service.groups().update(
groupKey=connection.google_id,
body=google_group,
)
)
connection.attributes = response
connection.save()
except NotFoundSyncException:
# Resource missing is handled by self.write, which will re-create the group
raise

4
authentik/enterprise/providers/google_workspace/clients/users.py
View File

@ -88,9 +88,11 @@ class GoogleWorkspaceUserClient(GoogleWorkspaceSyncClient[User, GoogleWorkspaceP
self.check_email_valid(
google_user["primaryEmail"], *[x["address"] for x in google_user.get("emails", [])]
)
self._request(
response = self._request(
self.directory_service.users().update(userKey=connection.google_id, body=google_user)
)
connection.attributes = response
connection.save()
def discover(self):
"""Iterate through all users and connect them with authentik users if possible"""

1
authentik/enterprise/providers/microsoft_entra/api/groups.py
View File

@ -19,6 +19,7 @@ class MicrosoftEntraProviderGroupSerializer(ModelSerializer):
model = MicrosoftEntraProviderGroup
fields = [
"id",
"microsoft_id",
"group",
"group_obj",
"provider",

1
authentik/enterprise/providers/microsoft_entra/api/users.py
View File

@ -19,6 +19,7 @@ class MicrosoftEntraProviderUserSerializer(ModelSerializer):
model = MicrosoftEntraProviderUser
fields = [
"id",
"microsoft_id",
"user",
"user_obj",
"provider",

3
authentik/enterprise/providers/microsoft_entra/clients/base.py
View File

@ -23,6 +23,7 @@ from msgraph.graph_service_client import GraphServiceClient
from msgraph_core import GraphClientFactory
from authentik.enterprise.providers.microsoft_entra.models import MicrosoftEntraProvider
from authentik.events.utils import sanitize_item
from authentik.lib.sync.outgoing import HTTP_CONFLICT
from authentik.lib.sync.outgoing.base import BaseOutgoingSyncClient
from authentik.lib.sync.outgoing.exceptions import (
@ -106,4 +107,4 @@ class MicrosoftEntraSyncClient[TModel: Model, TConnection: Model, TSchema: dict]
we can't JSON serialize"""
raw_data = asdict(entity)
raw_data.pop("backing_store", None)
return raw_data
return sanitize_item(raw_data)

6
authentik/enterprise/providers/microsoft_entra/clients/groups.py
View File

@ -1,3 +1,4 @@
from deepmerge import always_merger
from django.db import transaction
from msgraph.generated.groups.groups_request_builder import GroupsRequestBuilder
from msgraph.generated.models.group import Group as MSGroup
@ -104,9 +105,12 @@ class MicrosoftEntraGroupClient(
microsoft_group = self.to_schema(group, connection)
microsoft_group.id = connection.microsoft_id
try:
return self._request(
response = self._request(
self.client.groups.by_group_id(connection.microsoft_id).patch(microsoft_group)
)
if response:
always_merger.merge(connection.attributes, self.entity_as_dict(response))
connection.save()
except NotFoundSyncException:
# Resource missing is handled by self.write, which will re-create the group
raise

8
authentik/enterprise/providers/microsoft_entra/clients/users.py
View File

@ -1,3 +1,4 @@
from deepmerge import always_merger
from django.db import transaction
from msgraph.generated.models.user import User as MSUser
from msgraph.generated.users.users_request_builder import UsersRequestBuilder
@ -110,7 +111,12 @@ class MicrosoftEntraUserClient(MicrosoftEntraSyncClient[User, MicrosoftEntraProv
"""Update existing user"""
microsoft_user = self.to_schema(user, connection)
self.check_email_valid(microsoft_user.user_principal_name)
self._request(self.client.users.by_user_id(connection.microsoft_id).patch(microsoft_user))
response = self._request(
self.client.users.by_user_id(connection.microsoft_id).patch(microsoft_user)
)
if response:
always_merger.merge(connection.attributes, self.entity_as_dict(response))
connection.save()
def discover(self):
"""Iterate through all users and connect them with authentik users if possible"""

2
authentik/lib/logging.py
View File

@ -102,6 +102,8 @@ def get_logger_config():
"gunicorn": "INFO",
"requests_mock": "WARNING",
"hpack": "WARNING",
"httpx": "WARNING",
"azure": "WARNING",
}
for handler_name, level in handler_level_map.items():
base_config["loggers"][handler_name] = {

2
authentik/lib/sync/mapper.py
View File

@ -57,6 +57,8 @@ class PropertyMappingManager:
mapping.set_context(user, request, **kwargs)
try:
value = mapping.evaluate(mapping.model.expression)
except PropertyMappingExpressionException as exc:
raise exc from exc
except Exception as exc:
raise PropertyMappingExpressionException(exc, mapping.model) from exc
if value is None:

9
authentik/lib/sync/outgoing/base.py
View File

@ -91,10 +91,9 @@ class BaseOutgoingSyncClient[
}
eval_kwargs.setdefault("user", None)
for value in self.mapper.iter_eval(**eval_kwargs):
try:
always_merger.merge(raw_final_object, value)
except SkipObjectException as exc:
raise exc from exc
always_merger.merge(raw_final_object, value)
except SkipObjectException as exc:
raise exc from exc
except PropertyMappingExpressionException as exc:
# Value error can be raised when assigning invalid data to an attribute
Event.new(
@ -104,7 +103,7 @@ class BaseOutgoingSyncClient[
).save()
raise StopSync(exc, obj, exc.mapping) from exc
if not raw_final_object:
raise StopSync(ValueError("No user mappings configured"), obj)
raise StopSync(ValueError("No mappings configured"), obj)
for key, value in defaults.items():
raw_final_object.setdefault(key, value)
return raw_final_object

12
authentik/lib/sync/outgoing/tasks.py
View File

@ -14,6 +14,7 @@ from authentik.core.models import Group, User
from authentik.events.logs import LogEvent
from authentik.events.models import TaskStatus
from authentik.events.system_tasks import SystemTask
from authentik.events.utils import sanitize_item
from authentik.lib.sync.outgoing import PAGE_SIZE, PAGE_TIMEOUT
from authentik.lib.sync.outgoing.base import Direction
from authentik.lib.sync.outgoing.exceptions import (
@ -125,6 +126,7 @@ class SyncTasks:
try:
client.write(obj)
except SkipObjectException:
self.logger.debug("skipping object due to SkipObject", obj=obj)
continue
except BadRequestSyncException as exc:
self.logger.warning("failed to sync object", exc=exc, obj=obj)
@ -144,8 +146,8 @@ class SyncTasks:
)
),
log_level="warning",
logger="",
attributes={"arguments": exc.args[1:]},
logger=f"{provider._meta.verbose_name}@{object_type}",
attributes={"arguments": exc.args[1:], "obj": sanitize_item(obj)},
)
)
)
@ -167,7 +169,8 @@ class SyncTasks:
)
),
log_level="warning",
logger="",
logger=f"{provider._meta.verbose_name}@{object_type}",
attributes={"obj": sanitize_item(obj)},
)
)
)
@ -184,7 +187,8 @@ class SyncTasks:
)
),
log_level="warning",
logger="",
logger=f"{provider._meta.verbose_name}@{object_type}",
attributes={"obj": sanitize_item(obj)},
)
)
)

2
authentik/policies/event_matcher/models.py
View File

@ -102,7 +102,7 @@ class EventMatcherPolicy(Policy):
result = checker(request, event)
if result is None:
continue
LOGGER.info(
LOGGER.debug(
"Event matcher check result",
checker=checker.__name__,
result=result,

43
authentik/providers/scim/api/groups.py Normal file
View File

@ -0,0 +1,43 @@
"""SCIMProviderGroup API Views"""
from rest_framework import mixins
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import GenericViewSet
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.users import UserGroupSerializer
from authentik.providers.scim.models import SCIMProviderGroup
class SCIMProviderGroupSerializer(ModelSerializer):
"""SCIMProviderGroup Serializer"""
group_obj = UserGroupSerializer(source="group", read_only=True)
class Meta:
model = SCIMProviderGroup
fields = [
"id",
"scim_id",
"group",
"group_obj",
"provider",
]
class SCIMProviderGroupViewSet(
mixins.CreateModelMixin,
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""SCIMProviderGroup Viewset"""
queryset = SCIMProviderGroup.objects.all().select_related("group")
serializer_class = SCIMProviderGroupSerializer
filterset_fields = ["provider__id", "group__name", "group__group_uuid"]
search_fields = ["provider__name", "group__name"]
ordering = ["group__name"]

43
authentik/providers/scim/api/users.py Normal file
View File

@ -0,0 +1,43 @@
"""SCIMProviderUser API Views"""
from rest_framework import mixins
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import GenericViewSet
from authentik.core.api.groups import GroupMemberSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.providers.scim.models import SCIMProviderUser
class SCIMProviderUserSerializer(ModelSerializer):
"""SCIMProviderUser Serializer"""
user_obj = GroupMemberSerializer(source="user", read_only=True)
class Meta:
model = SCIMProviderUser
fields = [
"id",
"scim_id",
"user",
"user_obj",
"provider",
]
class SCIMProviderUserViewSet(
mixins.CreateModelMixin,
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""SCIMProviderUser Viewset"""
queryset = SCIMProviderUser.objects.all().select_related("user")
serializer_class = SCIMProviderUserSerializer
filterset_fields = ["provider__id", "user__username", "user__id"]
search_fields = ["provider__name", "user__username"]
ordering = ["user__username"]

39
authentik/providers/scim/clients/groups.py
View File

@ -19,13 +19,18 @@ from authentik.providers.scim.clients.exceptions import (
)
from authentik.providers.scim.clients.schema import SCIM_GROUP_SCHEMA, PatchRequest
from authentik.providers.scim.clients.schema import Group as SCIMGroupSchema
from authentik.providers.scim.models import SCIMGroup, SCIMMapping, SCIMProvider, SCIMUser
from authentik.providers.scim.models import (
SCIMMapping,
SCIMProvider,
SCIMProviderGroup,
SCIMProviderUser,
)
class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
class SCIMGroupClient(SCIMClient[Group, SCIMProviderGroup, SCIMGroupSchema]):
"""SCIM client for groups"""
connection_type = SCIMGroup
connection_type = SCIMProviderGroup
connection_type_query = "group"
mapper: PropertyMappingManager
@ -37,7 +42,7 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
["group", "provider", "connection"],
)
def to_schema(self, obj: Group, connection: SCIMGroup) -> SCIMGroupSchema:
def to_schema(self, obj: Group, connection: SCIMProviderGroup) -> SCIMGroupSchema:
"""Convert authentik user into SCIM"""
raw_scim_group = super().to_schema(
obj,
@ -52,7 +57,7 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
scim_group.externalId = str(obj.pk)
users = list(obj.users.order_by("id").values_list("id", flat=True))
connections = SCIMUser.objects.filter(provider=self.provider, user__pk__in=users)
connections = SCIMProviderUser.objects.filter(provider=self.provider, user__pk__in=users)
members = []
for user in connections:
members.append(
@ -66,7 +71,7 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
def delete(self, obj: Group):
"""Delete group"""
scim_group = SCIMGroup.objects.filter(provider=self.provider, group=obj).first()
scim_group = SCIMProviderGroup.objects.filter(provider=self.provider, group=obj).first()
if not scim_group:
self.logger.debug("Group does not exist in SCIM, skipping")
return None
@ -88,9 +93,11 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
scim_id = response.get("id")
if not scim_id or scim_id == "":
raise StopSync("SCIM Response with missing or invalid `id`")
return SCIMGroup.objects.create(provider=self.provider, group=group, scim_id=scim_id)
return SCIMProviderGroup.objects.create(
provider=self.provider, group=group, scim_id=scim_id
)
def update(self, group: Group, connection: SCIMGroup):
def update(self, group: Group, connection: SCIMProviderGroup):
"""Update existing group"""
scim_group = self.to_schema(group, connection)
scim_group.id = connection.scim_id
@ -158,16 +165,16 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
"""Add users in users_set to group"""
if len(users_set) < 1:
return
scim_group = SCIMGroup.objects.filter(provider=self.provider, group=group).first()
scim_group = SCIMProviderGroup.objects.filter(provider=self.provider, group=group).first()
if not scim_group:
self.logger.warning(
"could not sync group membership, group does not exist", group=group
)
return
user_ids = list(
SCIMUser.objects.filter(user__pk__in=users_set, provider=self.provider).values_list(
"scim_id", flat=True
)
SCIMProviderUser.objects.filter(
user__pk__in=users_set, provider=self.provider
).values_list("scim_id", flat=True)
)
if len(user_ids) < 1:
return
@ -184,16 +191,16 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroup, SCIMGroupSchema]):
"""Remove users in users_set from group"""
if len(users_set) < 1:
return
scim_group = SCIMGroup.objects.filter(provider=self.provider, group=group).first()
scim_group = SCIMProviderGroup.objects.filter(provider=self.provider, group=group).first()
if not scim_group:
self.logger.warning(
"could not sync group membership, group does not exist", group=group
)
return
user_ids = list(
SCIMUser.objects.filter(user__pk__in=users_set, provider=self.provider).values_list(
"scim_id", flat=True
)
SCIMProviderUser.objects.filter(
user__pk__in=users_set, provider=self.provider
).values_list("scim_id", flat=True)
)
if len(user_ids) < 1:
return

14
authentik/providers/scim/clients/users.py
View File

@ -9,13 +9,13 @@ from authentik.policies.utils import delete_none_values
from authentik.providers.scim.clients.base import SCIMClient
from authentik.providers.scim.clients.schema import SCIM_USER_SCHEMA
from authentik.providers.scim.clients.schema import User as SCIMUserSchema
from authentik.providers.scim.models import SCIMMapping, SCIMProvider, SCIMUser
from authentik.providers.scim.models import SCIMMapping, SCIMProvider, SCIMProviderUser
class SCIMUserClient(SCIMClient[User, SCIMUser, SCIMUserSchema]):
class SCIMUserClient(SCIMClient[User, SCIMProviderUser, SCIMUserSchema]):
"""SCIM client for users"""
connection_type = SCIMUser
connection_type = SCIMProviderUser
connection_type_query = "user"
mapper: PropertyMappingManager
@ -27,7 +27,7 @@ class SCIMUserClient(SCIMClient[User, SCIMUser, SCIMUserSchema]):
["provider", "connection"],
)
def to_schema(self, obj: User, connection: SCIMUser) -> SCIMUserSchema:
def to_schema(self, obj: User, connection: SCIMProviderUser) -> SCIMUserSchema:
"""Convert authentik user into SCIM"""
raw_scim_user = super().to_schema(
obj,
@ -44,7 +44,7 @@ class SCIMUserClient(SCIMClient[User, SCIMUser, SCIMUserSchema]):
def delete(self, obj: User):
"""Delete user"""
scim_user = SCIMUser.objects.filter(provider=self.provider, user=obj).first()
scim_user = SCIMProviderUser.objects.filter(provider=self.provider, user=obj).first()
if not scim_user:
self.logger.debug("User does not exist in SCIM, skipping")
return None
@ -66,9 +66,9 @@ class SCIMUserClient(SCIMClient[User, SCIMUser, SCIMUserSchema]):
scim_id = response.get("id")
if not scim_id or scim_id == "":
raise StopSync("SCIM Response with missing or invalid `id`")
return SCIMUser.objects.create(provider=self.provider, user=user, scim_id=scim_id)
return SCIMProviderUser.objects.create(provider=self.provider, user=user, scim_id=scim_id)
def update(self, user: User, connection: SCIMUser):
def update(self, user: User, connection: SCIMProviderUser):
"""Update existing user"""
scim_user = self.to_schema(user, connection)
scim_user.id = connection.scim_id

24
authentik/providers/scim/migrations/0008_rename_scimgroup_scimprovidergroup_and_more.py Normal file
View File

@ -0,0 +1,24 @@
# Generated by Django 5.0.6 on 2024-06-04 07:45
from django.conf import settings
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0035_alter_group_options_and_more"),
("authentik_providers_scim", "0007_scimgroup_scim_id_scimuser_scim_id_and_more"),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
operations = [
migrations.RenameModel(
old_name="SCIMGroup",
new_name="SCIMProviderGroup",
),
migrations.RenameModel(
old_name="SCIMUser",
new_name="SCIMProviderUser",
),
]

21
authentik/providers/scim/models.py
View File

@ -10,6 +10,7 @@ from django.utils.translation import gettext_lazy as _
from rest_framework.serializers import Serializer
from authentik.core.models import BackchannelProvider, Group, PropertyMapping, User, UserTypes
from authentik.lib.models import SerializerModel
from authentik.lib.sync.outgoing.base import BaseOutgoingSyncClient
from authentik.lib.sync.outgoing.models import OutgoingSyncProvider
@ -106,7 +107,7 @@ class SCIMMapping(PropertyMapping):
verbose_name_plural = _("SCIM Mappings")
class SCIMUser(models.Model):
class SCIMProviderUser(SerializerModel):
"""Mapping of a user and provider to a SCIM user ID"""
id = models.UUIDField(primary_key=True, editable=False, default=uuid4)
@ -114,14 +115,20 @@ class SCIMUser(models.Model):
user = models.ForeignKey(User, on_delete=models.CASCADE)
provider = models.ForeignKey(SCIMProvider, on_delete=models.CASCADE)
@property
def serializer(self) -> type[Serializer]:
from authentik.providers.scim.api.users import SCIMProviderUserSerializer
return SCIMProviderUserSerializer
class Meta:
unique_together = (("scim_id", "user", "provider"),)
def __str__(self) -> str:
return f"SCIM User {self.user_id} to {self.provider_id}"
return f"SCIM Provider User {self.user_id} to {self.provider_id}"
class SCIMGroup(models.Model):
class SCIMProviderGroup(SerializerModel):
"""Mapping of a group and provider to a SCIM user ID"""
id = models.UUIDField(primary_key=True, editable=False, default=uuid4)
@ -129,8 +136,14 @@ class SCIMGroup(models.Model):
group = models.ForeignKey(Group, on_delete=models.CASCADE)
provider = models.ForeignKey(SCIMProvider, on_delete=models.CASCADE)
@property
def serializer(self) -> type[Serializer]:
from authentik.providers.scim.api.groups import SCIMProviderGroupSerializer
return SCIMProviderGroupSerializer
class Meta:
unique_together = (("scim_id", "group", "provider"),)
def __str__(self) -> str:
return f"SCIM Group {self.group_id} to {self.provider_id}"
return f"SCIM Provider Group {self.group_id} to {self.provider_id}"

8
authentik/providers/scim/urls.py
View File

@ -1,9 +1,17 @@
"""API URLs"""
from authentik.providers.scim.api.groups import (
SCIMProviderGroupViewSet,
)
from authentik.providers.scim.api.property_mappings import SCIMMappingViewSet
from authentik.providers.scim.api.providers import SCIMProviderViewSet
from authentik.providers.scim.api.users import (
SCIMProviderUserViewSet,
)
api_urlpatterns = [
("providers/scim", SCIMProviderViewSet),
("providers/scim_users", SCIMProviderUserViewSet),
("providers/scim_groups", SCIMProviderGroupViewSet),
("propertymappings/scim", SCIMMappingViewSet),
]

2
authentik/rbac/filters.py
View File

@ -25,7 +25,7 @@ class ObjectFilter(ObjectPermissionsFilter):
# Outposts (which are the only objects using internal service accounts)
# except requests to return an empty list when they have no objects
# assigned
if request.user.type == UserTypes.INTERNAL_SERVICE_ACCOUNT:
if getattr(request.user, "type", None) == UserTypes.INTERNAL_SERVICE_ACCOUNT:
return queryset
if not queryset.exists():
# User doesn't have direct permission to all objects

8
authentik/rbac/tests/test_api_filters.py
View File

@ -147,3 +147,11 @@ class TestAPIPerms(APITestCase):
},
)
self.assertEqual(res.status_code, 403)
def test_anonymous_user_denied(self):
"""Test anonymous user denied"""
res = self.client.get(reverse("authentik_api:invitation-list"))
self.assertEqual(res.status_code, 403)
res = self.client.get(reverse("authentik_api:user-detail", kwargs={"pk": self.user.pk}))
self.assertEqual(res.status_code, 403)

25
authentik/sources/ldap/sync/base.py
View File

@ -161,19 +161,18 @@ class BaseLDAPSynchronizer:
dn=object_dn,
source=self._source,
):
try:
if isinstance(value, (bytes)):
self._logger.warning("property mapping returned bytes", mapping=mapping)
continue
object_field = mapping.object_field
if object_field.startswith("attributes."):
# Because returning a list might desired, we can't
# rely on flatten here. Instead, just save the result as-is
set_path_in_dict(properties, object_field, value)
else:
properties[object_field] = flatten(value)
except SkipObjectException as exc:
raise exc from exc
if isinstance(value, (bytes)):
self._logger.warning("property mapping returned bytes", mapping=mapping)
continue
object_field = mapping.object_field
if object_field.startswith("attributes."):
# Because returning a list might desired, we can't
# rely on flatten here. Instead, just save the result as-is
set_path_in_dict(properties, object_field, value)
else:
properties[object_field] = flatten(value)
except SkipObjectException as exc:
raise exc from exc
except PropertyMappingExpressionException as exc:
# Value error can be raised when assigning invalid data to an attribute
Event.new(

5
authentik/stages/authenticator_webauthn/mds/aaguid.json
View File

File diff suppressed because one or more lines are too long

2
authentik/stages/authenticator_webauthn/mds/blob.jwt
View File

File diff suppressed because one or more lines are too long

2
authentik/stages/email/tests/test_templates.py
View File

@ -96,7 +96,7 @@ class TestEmailStageTemplates(FlowTestCase):
"""Test addresses are correctly parsed"""
message = TemplateEmailMessage(to=[("foo@bar.baz", "foo@bar.baz")])
[sanitize_address(addr, "utf-8") for addr in message.recipients()]
self.assertEqual(message.recipients(), ["foo@bar.baz"])
self.assertEqual(message.recipients(), ['"foo@bar.baz" <foo@bar.baz>'])
message = TemplateEmailMessage(to=[("some-name", "foo@bar.baz")])
[sanitize_address(addr, "utf-8") for addr in message.recipients()]
self.assertEqual(message.recipients(), ["some-name <foo@bar.baz>"])

6
authentik/stages/email/utils.py
View File

@ -5,6 +5,7 @@ from functools import lru_cache
from pathlib import Path
from django.core.mail import EmailMultiAlternatives
from django.core.mail.message import sanitize_address
from django.template.exceptions import TemplateDoesNotExist
from django.template.loader import render_to_string
from django.utils import translation
@ -31,10 +32,7 @@ class TemplateEmailMessage(EmailMultiAlternatives):
sanitized_to = []
# Ensure that all recipients are valid
for recipient_name, recipient_email in to:
if recipient_name == recipient_email:
sanitized_to.append(recipient_email)
else:
sanitized_to.append(f"{recipient_name} <{recipient_email}>")
sanitized_to.append(sanitize_address((recipient_name, recipient_email), "utf-8"))
super().__init__(to=sanitized_to, **kwargs)
if not template_name:
return

12
blueprints/system/providers-google-workspace.yaml
View File

@ -9,8 +9,9 @@ entries:
model: authentik_providers_google_workspace.googleworkspaceprovidermapping
attrs:
name: "authentik default Google Workspace Mapping: User"
# https://developers.google.com/admin-sdk/directory/reference/rest/v1/users#User
expression: |
# Field reference:
# https://developers.google.com/admin-sdk/directory/reference/rest/v1/users#User
# Google require givenName and familyName to be set
givenName, familyName = request.user.name, " "
formatted = request.user.name + " "
@ -20,23 +21,26 @@ entries:
if " " in request.user.name:
givenName, _, familyName = request.user.name.partition(" ")
formatted = request.user.name
return {
user = {
"name": {
"fullName": formatted,
"familyName": familyName.strip(),
"givenName": givenName.strip(),
"displayName": formatted,
},
"password": request.user.password,
"suspended": not request.user.is_active,
}
if not connection:
user["password"] = request.user.password
return user
- identifiers:
managed: goauthentik.io/providers/google_workspace/group
model: authentik_providers_google_workspace.googleworkspaceprovidermapping
attrs:
name: "authentik default Google Workspace Mapping: Group"
# https://developers.google.com/admin-sdk/directory/reference/rest/v1/groups#Group
expression: |
# Field reference:
# https://developers.google.com/admin-sdk/directory/reference/rest/v1/groups#Group
return {
"name": group.name,
}

6
blueprints/system/providers-microsoft-entra.yaml
View File

@ -9,8 +9,9 @@ entries:
model: authentik_providers_microsoft_entra.microsoftentraprovidermapping
attrs:
name: "authentik default Microsoft Entra Mapping: User"
# https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0
expression: |
# Field reference: (note that keys have to converted to snake_case)
# https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0
from msgraph.generated.models.password_profile import PasswordProfile
user = {
@ -35,8 +36,9 @@ entries:
model: authentik_providers_microsoft_entra.microsoftentraprovidermapping
attrs:
name: "authentik default Microsoft Entra Mapping: Group"
# https://learn.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0&tabs=http#request-body
expression: |
# Field reference: (note that keys have to converted to snake_case)
# https://learn.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0&tabs=http#request-body
return {
"display_name": group.name,
"mail_enabled": False,

8
go.mod
View File

@ -16,21 +16,21 @@ require (
github.com/gorilla/mux v1.8.1
github.com/gorilla/securecookie v1.1.2
github.com/gorilla/sessions v1.2.2
github.com/gorilla/websocket v1.5.1
github.com/gorilla/websocket v1.5.2
github.com/jellydator/ttlcache/v3 v3.2.0
github.com/mitchellh/mapstructure v1.5.0
github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484
github.com/pires/go-proxyproto v0.7.0
github.com/prometheus/client_golang v1.19.1
github.com/redis/go-redis/v9 v9.5.2
github.com/redis/go-redis/v9 v9.5.3
github.com/sethvargo/go-envconfig v1.0.3
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.8.0
github.com/stretchr/testify v1.9.0
github.com/wwt/guac v1.3.2
goauthentik.io/api/v3 v3.2024042.9
goauthentik.io/api/v3 v3.2024042.11
golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
golang.org/x/oauth2 v0.20.0
golang.org/x/oauth2 v0.21.0
golang.org/x/sync v0.7.0
gopkg.in/yaml.v2 v2.4.0
layeh.com/radius v0.0.0-20210819152912-ad72663a72ab

16
go.sum
View File

@ -176,8 +176,8 @@ github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/z
github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY=
github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ=
github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
github.com/gorilla/websocket v1.5.2 h1:qoW6V1GT3aZxybsbC6oLnailWnB+qTMVwMreOso9XUw=
github.com/gorilla/websocket v1.5.2/go.mod h1:0n9H61RBAcf5/38py2MCYbxzPIY9rOkpvvMT24Rqs30=
github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8=
github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
@ -242,8 +242,8 @@ github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSz
github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
github.com/redis/go-redis/v9 v9.5.2 h1:L0L3fcSNReTRGyZ6AqAEN0K56wYeYAwapBIhkvh0f3E=
github.com/redis/go-redis/v9 v9.5.2/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M=
github.com/redis/go-redis/v9 v9.5.3 h1:fOAp1/uJG+ZtcITgZOfYFmTKPE7n4Vclj1wZFgRciUU=
github.com/redis/go-redis/v9 v9.5.3/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
@ -294,8 +294,8 @@ go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y
go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
goauthentik.io/api/v3 v3.2024042.9 h1:zj3nqmOEHNBsfANTv7Ec4yLZA755GKHU+WLz2t+nfaI=
goauthentik.io/api/v3 v3.2024042.9/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
goauthentik.io/api/v3 v3.2024042.11 h1:cGgUz1E8rlMphGvv04VI7i+MgT8eidZbxTpza5zd96I=
goauthentik.io/api/v3 v3.2024042.11/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@ -382,8 +382,8 @@ golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4Iltr
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo=
golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

2
internal/outpost/ak/crypto.go
View File

@ -38,7 +38,6 @@ func (cs *CryptoStore) AddKeypair(uuid string) error {
if err != nil {
return err
}
cs.fingerprints[uuid] = cs.getFingerprint(uuid)
return nil
}
@ -73,6 +72,7 @@ func (cs *CryptoStore) Fetch(uuid string) error {
return err
}
cs.certificates[uuid] = &x509cert
cs.fingerprints[uuid] = cfp
return nil
}

27
locale/en/LC_MESSAGES/django.po
View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-06-03 00:08+0000\n"
"POT-Creation-Date: 2024-06-05 00:07+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -2363,6 +2363,14 @@ msgstr ""
msgid "Private key, acquired your captcha Provider."
msgstr ""
#: authentik/stages/captcha/models.py
msgid ""
"When enabled and the received captcha score is outside of the given "
"threshold, the stage will show an error message. When not enabled, the flow "
"will continue, but the data from the captcha will be available in the "
"context for policy decisions"
msgstr ""
#: authentik/stages/captcha/models.py
msgid "Captcha Stage"
msgstr ""
@ -2371,6 +2379,23 @@ msgstr ""
msgid "Captcha Stages"
msgstr ""
#: authentik/stages/captcha/stage.py
msgid "Unknown error"
msgstr ""
#: authentik/stages/captcha/stage.py
#, python-brace-format
msgid "Failed to validate token: {error}"
msgstr ""
#: authentik/stages/captcha/stage.py
msgid "Invalid captcha response"
msgstr ""
#: authentik/stages/captcha/stage.py
msgid "Failed to validate token"
msgstr ""
#: authentik/stages/consent/models.py
msgid ""
"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."

BIN
locale/fr/LC_MESSAGES/django.mo
View File

Binary file not shown.

191
locale/fr/LC_MESSAGES/django.po
View File

@ -19,7 +19,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-05-03 00:08+0000\n"
"POT-Creation-Date: 2024-06-05 00:07+0000\n"
"PO-Revision-Date: 2022-09-26 16:47+0000\n"
"Last-Translator: Marc Schmitt, 2024\n"
"Language-Team: French (https://app.transifex.com/authentik/teams/119923/fr/)\n"
@ -106,12 +106,14 @@ msgid "Brands"
msgstr "Marques"
#: authentik/core/api/providers.py
msgid "SAML Provider from Metadata"
msgstr "Fournisseur SAML depuis métadonnées"
#: authentik/core/api/providers.py
msgid "Create a SAML Provider by importing its Metadata."
msgstr "Créer un fournisseur SAML en important ses métadonnées."
msgid ""
"When not set all providers are returned. When set to true, only backchannel "
"providers are returned. When set to false, backchannel providers are "
"excluded"
msgstr ""
"Si non défini, tous les fournisseurs sont retournés. Si vrai, seul les "
"fournisseurs backchannels sont retournés. Si faux, les fournisseurs "
"backchannels sont exclus"
#: authentik/core/api/users.py
msgid "No leading or trailing slashes allowed."
@ -466,6 +468,74 @@ msgstr "Entreprise est requis pour accéder à cette fonctionnalité."
msgid "Feature only accessible for internal users."
msgstr "Fonctionnalité accessible aux utilisateurs internes uniquement."
#: authentik/enterprise/providers/google_workspace/models.py
#: authentik/enterprise/providers/microsoft_entra/models.py
#: authentik/providers/scim/models.py authentik/sources/ldap/models.py
msgid "Property mappings used for group creation/updating."
msgstr ""
"Mappages de propriétés utilisés lors de la création et de la mise à jour des"
" groupes."
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider"
msgstr "Fournisseur Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Providers"
msgstr "Fournisseurs Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider Mapping"
msgstr "Mappage de propriété Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider Mappings"
msgstr "Mappages de propriété Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider User"
msgstr "Utilisateur du fournisseur Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider Users"
msgstr "Utilisateurs du fournisseur Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider Group"
msgstr "Groupe du fournisseur Google Workspace"
#: authentik/enterprise/providers/google_workspace/models.py
msgid "Google Workspace Provider Groups"
msgstr "Groupes du fournisseur Google Workspace"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Provider"
msgstr "Fournisseur Microsoft Entra"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Providers"
msgstr "Fournisseurs Microsoft Entra"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Provider Mapping"
msgstr "Mappage de propriété Microsoft Entra"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Provider Mappings"
msgstr "Mappages de propriété Microsoft Entra"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Provider User"
msgstr "Utilisateur du fournisseur Microsoft Entra"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Provider Group"
msgstr "Groupe du fournisseur Microsoft Entra"
#: authentik/enterprise/providers/microsoft_entra/models.py
msgid "Microsoft Entra Provider Groups"
msgstr "Groupes du fournisseur Microsoft Entra"
#: authentik/enterprise/providers/rac/models.py
#: authentik/stages/user_login/models.py
msgid ""
@ -838,6 +908,25 @@ msgstr "Jetons du flux"
msgid "Invalid next URL"
msgstr "URL suivante invalide"
#: authentik/lib/sync/outgoing/tasks.py
msgid "Starting full provider sync"
msgstr "Démarrage d'une synchronisation complète du fournisseur"
#: authentik/lib/sync/outgoing/tasks.py
#, python-format
msgid "Syncing page %(page)d of users"
msgstr "Synchronisation de la page %(page)d d'utilisateurs"
#: authentik/lib/sync/outgoing/tasks.py
#, python-format
msgid "Syncing page %(page)d of groups"
msgstr "Synchronisation de la page %(page)d de groupes"
#: authentik/lib/sync/outgoing/tasks.py
#, python-brace-format
msgid "Stopping sync due to error: {error}"
msgstr "Arrêt de la synchronisation due à l'erreur : {error}"
#: authentik/lib/utils/time.py
#, python-format
msgid "%(value)s is not in the correct format of 'hours=3;minutes=1'."
@ -1526,10 +1615,6 @@ msgstr "Compatibilité GitHub : accès aux adresses email"
msgid "GitHub Compatibility: Access your Groups"
msgstr "Compatibilité GitHub : accès aux groupes"
#: authentik/providers/oauth2/views/userinfo.py
msgid "authentik API Access on behalf of your user"
msgstr "Accès à l'API authentik au nom des utilisateurs"
#: authentik/providers/proxy/api.py
msgid "User and password attributes must be set when basic auth is enabled."
msgstr ""
@ -1811,6 +1896,14 @@ msgstr "Mappages de propriétés SAML"
msgid "SAML Property Mappings"
msgstr "Mappages de propriétés SAML"
#: authentik/providers/saml/models.py
msgid "SAML Provider from Metadata"
msgstr "Fournisseur SAML depuis métadonnées"
#: authentik/providers/saml/models.py
msgid "SAML Providers from Metadata"
msgstr "Fournisseurs SAML depuis métadonnées"
#: authentik/providers/scim/models.py
msgid "Base URL to SCIM requests, usually ends in /v2"
msgstr "URL de base pour les requêtes SCIM, se terminant généralement par /v2"
@ -1819,12 +1912,6 @@ msgstr "URL de base pour les requêtes SCIM, se terminant généralement par /v2
msgid "Authentication token"
msgstr "Jeton d'authentification"
#: authentik/providers/scim/models.py authentik/sources/ldap/models.py
msgid "Property mappings used for group creation/updating."
msgstr ""
"Mappages de propriétés utilisés lors de la création et de la mise à jour des"
" groupes."
#: authentik/providers/scim/models.py
msgid "SCIM Provider"
msgstr "Fournisseur SCIM"
@ -1841,39 +1928,6 @@ msgstr "Mappage SCIM"
msgid "SCIM Mappings"
msgstr "Mappages SCIM"
#: authentik/providers/scim/tasks.py
msgid "Starting full SCIM sync"
msgstr "Démarrage d'une synchronisation SCIM complète"
#: authentik/providers/scim/tasks.py
#, python-format
msgid "Syncing page %(page)d of users"
msgstr "Synchronisation de la page %(page)d d'utilisateurs"
#: authentik/providers/scim/tasks.py
#, python-format
msgid "Syncing page %(page)d of groups"
msgstr "Synchronisation de la page %(page)d de groupes"
#: authentik/providers/scim/tasks.py
#, python-brace-format
msgid "Failed to sync user {user_name} due to remote error: {error}"
msgstr ""
"Échec de synchronisation de l'utilisateur {user_name} dû à une erreur "
"distante : {error}"
#: authentik/providers/scim/tasks.py
#, python-brace-format
msgid "Stopping sync due to error: {error}"
msgstr "Arrêt de la synchronisation due à l'erreur : {error}"
#: authentik/providers/scim/tasks.py
#, python-brace-format
msgid "Failed to sync group {group_name} due to remote error: {error}"
msgstr ""
"Échec de synchronisation du groupe {group_name} dû à une erreur distante : "
"{error}"
#: authentik/rbac/models.py
msgid "Role"
msgstr "Rôle"
@ -1894,14 +1948,6 @@ msgstr "Permissions système"
msgid "Can view system info"
msgstr "Peut voir les informations du système"
#: authentik/rbac/models.py
msgid "Can view system tasks"
msgstr "Peut voir les tâches du système"
#: authentik/rbac/models.py
msgid "Can run system tasks"
msgstr "Peut lancer des tâches système"
#: authentik/rbac/models.py
msgid "Can access admin interface"
msgstr "Peut accéder à l'interface d'administration"
@ -2562,6 +2608,18 @@ msgstr "Clé publique, acquise auprès de votre fournisseur captcha."
msgid "Private key, acquired your captcha Provider."
msgstr "Clé privée, acquise auprès de votre fournisseur captcha."
#: authentik/stages/captcha/models.py
msgid ""
"When enabled and the received captcha score is outside of the given "
"threshold, the stage will show an error message. When not enabled, the flow "
"will continue, but the data from the captcha will be available in the "
"context for policy decisions"
msgstr ""
"Si activé et le score captcha reçu est hors de la limite donnée, l'étape "
"affichera un message d'erreur. Si désactivé, le flux continuera, mais la "
"donnée du captcha sera disponible dans le contexte pour décision dans une "
"politique."
#: authentik/stages/captcha/models.py
msgid "Captcha Stage"
msgstr "Étape de Captcha"
@ -2570,6 +2628,23 @@ msgstr "Étape de Captcha"
msgid "Captcha Stages"
msgstr "Étapes de Captcha"
#: authentik/stages/captcha/stage.py
msgid "Unknown error"
msgstr "Erreur inconnue"
#: authentik/stages/captcha/stage.py
#, python-brace-format
msgid "Failed to validate token: {error}"
msgstr "Échec de validation du jeton : {error}"
#: authentik/stages/captcha/stage.py
msgid "Invalid captcha response"
msgstr "Réponse captcha invalide"
#: authentik/stages/captcha/stage.py
msgid "Failed to validate token"
msgstr "Échec de validation du jeton"
#: authentik/stages/consent/models.py
msgid ""
"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."

1839
locale/it/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/pl/LC_MESSAGES/django.mo
View File

Binary file not shown.

2661
locale/pl/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/ru/LC_MESSAGES/django.mo
View File

Binary file not shown.

41
locale/ru/LC_MESSAGES/django.po
View File

@ -9,16 +9,16 @@
# Nicholas Winterhalter, 2023
# Ренат Шарафутдинов, 2023
# Stepan Karavaev, 2024
# Anton Babenko, 2024
# Anton, 2024
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-06-03 00:08+0000\n"
"POT-Creation-Date: 2024-06-05 00:07+0000\n"
"PO-Revision-Date: 2022-09-26 16:47+0000\n"
"Last-Translator: Anton Babenko, 2024\n"
"Last-Translator: Anton, 2024\n"
"Language-Team: Russian (https://app.transifex.com/authentik/teams/119923/ru/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@ -162,7 +162,7 @@ msgstr "Сбросить пароль"
#: authentik/core/models.py
msgid "Can impersonate other users"
msgstr "Может выдавать себя за других пользователей"
msgstr "Может имитировать других пользователей"
#: authentik/core/models.py authentik/rbac/models.py
msgid "Can assign permissions to users"
@ -2589,6 +2589,18 @@ msgstr "Открытый ключ, полученный от вашего про
msgid "Private key, acquired your captcha Provider."
msgstr "Закрытый ключ, полученный от вашего провайдера капчи."
#: authentik/stages/captcha/models.py
msgid ""
"When enabled and the received captcha score is outside of the given "
"threshold, the stage will show an error message. When not enabled, the flow "
"will continue, but the data from the captcha will be available in the "
"context for policy decisions"
msgstr ""
"Когда эта опция включена, и полученная оценка капчи находится за пределами "
"заданного порогового значения, на этом этапе будет показано сообщение об "
"ошибке. Когда эта опция не включена, поток будет продолжаться, но данные "
"капчи будут доступны в контексте для принятия решений политики"
#: authentik/stages/captcha/models.py
msgid "Captcha Stage"
msgstr "Этап с каптчей"
@ -2597,6 +2609,23 @@ msgstr "Этап с каптчей"
msgid "Captcha Stages"
msgstr "Этапы с каптчей"
#: authentik/stages/captcha/stage.py
msgid "Unknown error"
msgstr "Неизвестная ошибка"
#: authentik/stages/captcha/stage.py
#, python-brace-format
msgid "Failed to validate token: {error}"
msgstr "Ошибка валидации токена: {error}"
#: authentik/stages/captcha/stage.py
msgid "Invalid captcha response"
msgstr "Неверный ответ на капчу"
#: authentik/stages/captcha/stage.py
msgid "Failed to validate token"
msgstr "Ошибка валидации токена"
#: authentik/stages/consent/models.py
msgid ""
"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."
@ -3054,7 +3083,7 @@ msgstr "Разделитель: Статическая разделительн
#: authentik/stages/prompt/models.py
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr ""
"Скрытый: Скрытое поле, может быть использовано для вставки данных в форму."
"Скрыто: Скрытое поле, может быть использовано для вставки данных в форму."
#: authentik/stages/prompt/models.py
msgid "Static: Static value, displayed as-is."
@ -3086,7 +3115,7 @@ msgid ""
msgstr ""
"По желанию предварительно заполните поле ввода начальным значением. При "
"создании поля с фиксированным выбором включите интерпретацию как выражение и"
" возврат списка, чтобы вернуть несколько вариантов по умолчанию."
" возвращайте список, чтобы вернуть несколько вариантов по умолчанию."
#: authentik/stages/prompt/models.py
msgid "Prompt"

31
locale/zh-Hans/LC_MESSAGES/django.po
View File

@ -7,17 +7,17 @@
# Chen Zhikai, 2022
# 刘松, 2022
# Jens L. <jens@goauthentik.io>, 2024
# deluxghost, 2024
# Tianhao Chai <cth451@gmail.com>, 2024
# deluxghost, 2024
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-06-03 00:08+0000\n"
"POT-Creation-Date: 2024-06-05 00:07+0000\n"
"PO-Revision-Date: 2022-09-26 16:47+0000\n"
"Last-Translator: Tianhao Chai <cth451@gmail.com>, 2024\n"
"Last-Translator: deluxghost, 2024\n"
"Language-Team: Chinese Simplified (https://app.transifex.com/authentik/teams/119923/zh-Hans/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@ -2401,6 +2401,14 @@ msgstr "公钥,从您的验证码提供商处取得。"
msgid "Private key, acquired your captcha Provider."
msgstr "私钥,从您的验证码提供商处取得。"
#: authentik/stages/captcha/models.py
msgid ""
"When enabled and the received captcha score is outside of the given "
"threshold, the stage will show an error message. When not enabled, the flow "
"will continue, but the data from the captcha will be available in the "
"context for policy decisions"
msgstr "启用时,如果接收到的验证码分数超出给定的阈值,此阶段将显示错误信息。未启用时,流程会继续,但来自验证码的数据可在上下文中用于策略决定。"
#: authentik/stages/captcha/models.py
msgid "Captcha Stage"
msgstr "验证码阶段"
@ -2409,6 +2417,23 @@ msgstr "验证码阶段"
msgid "Captcha Stages"
msgstr "验证码阶段"
#: authentik/stages/captcha/stage.py
msgid "Unknown error"
msgstr "未知错误"
#: authentik/stages/captcha/stage.py
#, python-brace-format
msgid "Failed to validate token: {error}"
msgstr "验证令牌失败:{error}"
#: authentik/stages/captcha/stage.py
msgid "Invalid captcha response"
msgstr "验证码响应无效"
#: authentik/stages/captcha/stage.py
msgid "Failed to validate token"
msgstr "验证令牌失败"
#: authentik/stages/consent/models.py
msgid ""
"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."

27
locale/zh_CN/LC_MESSAGES/django.po
View File

@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-06-03 00:08+0000\n"
"POT-Creation-Date: 2024-06-05 00:07+0000\n"
"PO-Revision-Date: 2022-09-26 16:47+0000\n"
"Last-Translator: deluxghost, 2024\n"
"Language-Team: Chinese (China) (https://app.transifex.com/authentik/teams/119923/zh_CN/)\n"
@ -2400,6 +2400,14 @@ msgstr "公钥,从您的验证码提供商处取得。"
msgid "Private key, acquired your captcha Provider."
msgstr "私钥,从您的验证码提供商处取得。"
#: authentik/stages/captcha/models.py
msgid ""
"When enabled and the received captcha score is outside of the given "
"threshold, the stage will show an error message. When not enabled, the flow "
"will continue, but the data from the captcha will be available in the "
"context for policy decisions"
msgstr "启用时,如果接收到的验证码分数超出给定的阈值,此阶段将显示错误信息。未启用时,流程会继续,但来自验证码的数据可在上下文中用于策略决定。"
#: authentik/stages/captcha/models.py
msgid "Captcha Stage"
msgstr "验证码阶段"
@ -2408,6 +2416,23 @@ msgstr "验证码阶段"
msgid "Captcha Stages"
msgstr "验证码阶段"
#: authentik/stages/captcha/stage.py
msgid "Unknown error"
msgstr "未知错误"
#: authentik/stages/captcha/stage.py
#, python-brace-format
msgid "Failed to validate token: {error}"
msgstr "验证令牌失败:{error}"
#: authentik/stages/captcha/stage.py
msgid "Invalid captcha response"
msgstr "验证码响应无效"
#: authentik/stages/captcha/stage.py
msgid "Failed to validate token"
msgstr "验证令牌失败"
#: authentik/stages/consent/models.py
msgid ""
"Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)."

172
poetry.lock generated
View File

@ -1020,43 +1020,43 @@ toml = ["tomli"]
[[package]]
name = "cryptography"
version = "42.0.7"
version = "42.0.8"
description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
optional = false
python-versions = ">=3.7"
files = [
{file = "cryptography-42.0.7-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:a987f840718078212fdf4504d0fd4c6effe34a7e4740378e59d47696e8dfb477"},
{file = "cryptography-42.0.7-cp37-abi3-macosx_10_12_x86_64.whl", hash = "sha256:bd13b5e9b543532453de08bcdc3cc7cebec6f9883e886fd20a92f26940fd3e7a"},
{file = "cryptography-42.0.7-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a79165431551042cc9d1d90e6145d5d0d3ab0f2d66326c201d9b0e7f5bf43604"},
{file = "cryptography-42.0.7-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a47787a5e3649008a1102d3df55424e86606c9bae6fb77ac59afe06d234605f8"},
{file = "cryptography-42.0.7-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:02c0eee2d7133bdbbc5e24441258d5d2244beb31da5ed19fbb80315f4bbbff55"},
{file = "cryptography-42.0.7-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:5e44507bf8d14b36b8389b226665d597bc0f18ea035d75b4e53c7b1ea84583cc"},
{file = "cryptography-42.0.7-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:7f8b25fa616d8b846aef64b15c606bb0828dbc35faf90566eb139aa9cff67af2"},
{file = "cryptography-42.0.7-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:93a3209f6bb2b33e725ed08ee0991b92976dfdcf4e8b38646540674fc7508e13"},
{file = "cryptography-42.0.7-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:e6b8f1881dac458c34778d0a424ae5769de30544fc678eac51c1c8bb2183e9da"},
{file = "cryptography-42.0.7-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:3de9a45d3b2b7d8088c3fbf1ed4395dfeff79d07842217b38df14ef09ce1d8d7"},
{file = "cryptography-42.0.7-cp37-abi3-win32.whl", hash = "sha256:789caea816c6704f63f6241a519bfa347f72fbd67ba28d04636b7c6b7da94b0b"},
{file = "cryptography-42.0.7-cp37-abi3-win_amd64.whl", hash = "sha256:8cb8ce7c3347fcf9446f201dc30e2d5a3c898d009126010cbd1f443f28b52678"},
{file = "cryptography-42.0.7-cp39-abi3-macosx_10_12_universal2.whl", hash = "sha256:a3a5ac8b56fe37f3125e5b72b61dcde43283e5370827f5233893d461b7360cd4"},
{file = "cryptography-42.0.7-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:779245e13b9a6638df14641d029add5dc17edbef6ec915688f3acb9e720a5858"},
{file = "cryptography-42.0.7-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0d563795db98b4cd57742a78a288cdbdc9daedac29f2239793071fe114f13785"},
{file = "cryptography-42.0.7-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:31adb7d06fe4383226c3e963471f6837742889b3c4caa55aac20ad951bc8ffda"},
{file = "cryptography-42.0.7-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:efd0bf5205240182e0f13bcaea41be4fdf5c22c5129fc7ced4a0282ac86998c9"},
{file = "cryptography-42.0.7-cp39-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:a9bc127cdc4ecf87a5ea22a2556cab6c7eda2923f84e4f3cc588e8470ce4e42e"},
{file = "cryptography-42.0.7-cp39-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:3577d029bc3f4827dd5bf8bf7710cac13527b470bbf1820a3f394adb38ed7d5f"},
{file = "cryptography-42.0.7-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:2e47577f9b18723fa294b0ea9a17d5e53a227867a0a4904a1a076d1646d45ca1"},
{file = "cryptography-42.0.7-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:1a58839984d9cb34c855197043eaae2c187d930ca6d644612843b4fe8513c886"},
{file = "cryptography-42.0.7-cp39-abi3-win32.whl", hash = "sha256:e6b79d0adb01aae87e8a44c2b64bc3f3fe59515280e00fb6d57a7267a2583cda"},
{file = "cryptography-42.0.7-cp39-abi3-win_amd64.whl", hash = "sha256:16268d46086bb8ad5bf0a2b5544d8a9ed87a0e33f5e77dd3c3301e63d941a83b"},
{file = "cryptography-42.0.7-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:2954fccea107026512b15afb4aa664a5640cd0af630e2ee3962f2602693f0c82"},
{file = "cryptography-42.0.7-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:362e7197754c231797ec45ee081f3088a27a47c6c01eff2ac83f60f85a50fe60"},
{file = "cryptography-42.0.7-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:4f698edacf9c9e0371112792558d2f705b5645076cc0aaae02f816a0171770fd"},
{file = "cryptography-42.0.7-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:5482e789294854c28237bba77c4c83be698be740e31a3ae5e879ee5444166582"},
{file = "cryptography-42.0.7-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:e9b2a6309f14c0497f348d08a065d52f3020656f675819fc405fb63bbcd26562"},
{file = "cryptography-42.0.7-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:d8e3098721b84392ee45af2dd554c947c32cc52f862b6a3ae982dbb90f577f14"},
{file = "cryptography-42.0.7-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c65f96dad14f8528a447414125e1fc8feb2ad5a272b8f68477abbcc1ea7d94b9"},
{file = "cryptography-42.0.7-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:36017400817987670037fbb0324d71489b6ead6231c9604f8fc1f7d008087c68"},
{file = "cryptography-42.0.7.tar.gz", hash = "sha256:ecbfbc00bf55888edda9868a4cf927205de8499e7fabe6c050322298382953f2"},
{file = "cryptography-42.0.8-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:81d8a521705787afe7a18d5bfb47ea9d9cc068206270aad0b96a725022e18d2e"},
{file = "cryptography-42.0.8-cp37-abi3-macosx_10_12_x86_64.whl", hash = "sha256:961e61cefdcb06e0c6d7e3a1b22ebe8b996eb2bf50614e89384be54c48c6b63d"},
{file = "cryptography-42.0.8-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e3ec3672626e1b9e55afd0df6d774ff0e953452886e06e0f1eb7eb0c832e8902"},
{file = "cryptography-42.0.8-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e599b53fd95357d92304510fb7bda8523ed1f79ca98dce2f43c115950aa78801"},
{file = "cryptography-42.0.8-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:5226d5d21ab681f432a9c1cf8b658c0cb02533eece706b155e5fbd8a0cdd3949"},
{file = "cryptography-42.0.8-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:6b7c4f03ce01afd3b76cf69a5455caa9cfa3de8c8f493e0d3ab7d20611c8dae9"},
{file = "cryptography-42.0.8-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:2346b911eb349ab547076f47f2e035fc8ff2c02380a7cbbf8d87114fa0f1c583"},
{file = "cryptography-42.0.8-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:ad803773e9df0b92e0a817d22fd8a3675493f690b96130a5e24f1b8fabbea9c7"},
{file = "cryptography-42.0.8-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:2f66d9cd9147ee495a8374a45ca445819f8929a3efcd2e3df6428e46c3cbb10b"},
{file = "cryptography-42.0.8-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:d45b940883a03e19e944456a558b67a41160e367a719833c53de6911cabba2b7"},
{file = "cryptography-42.0.8-cp37-abi3-win32.whl", hash = "sha256:a0c5b2b0585b6af82d7e385f55a8bc568abff8923af147ee3c07bd8b42cda8b2"},
{file = "cryptography-42.0.8-cp37-abi3-win_amd64.whl", hash = "sha256:57080dee41209e556a9a4ce60d229244f7a66ef52750f813bfbe18959770cfba"},
{file = "cryptography-42.0.8-cp39-abi3-macosx_10_12_universal2.whl", hash = "sha256:dea567d1b0e8bc5764b9443858b673b734100c2871dc93163f58c46a97a83d28"},
{file = "cryptography-42.0.8-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c4783183f7cb757b73b2ae9aed6599b96338eb957233c58ca8f49a49cc32fd5e"},
{file = "cryptography-42.0.8-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a0608251135d0e03111152e41f0cc2392d1e74e35703960d4190b2e0f4ca9c70"},
{file = "cryptography-42.0.8-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:dc0fdf6787f37b1c6b08e6dfc892d9d068b5bdb671198c72072828b80bd5fe4c"},
{file = "cryptography-42.0.8-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:9c0c1716c8447ee7dbf08d6db2e5c41c688544c61074b54fc4564196f55c25a7"},
{file = "cryptography-42.0.8-cp39-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:fff12c88a672ab9c9c1cf7b0c80e3ad9e2ebd9d828d955c126be4fd3e5578c9e"},
{file = "cryptography-42.0.8-cp39-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:cafb92b2bc622cd1aa6a1dce4b93307792633f4c5fe1f46c6b97cf67073ec961"},
{file = "cryptography-42.0.8-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:31f721658a29331f895a5a54e7e82075554ccfb8b163a18719d342f5ffe5ecb1"},
{file = "cryptography-42.0.8-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:b297f90c5723d04bcc8265fc2a0f86d4ea2e0f7ab4b6994459548d3a6b992a14"},
{file = "cryptography-42.0.8-cp39-abi3-win32.whl", hash = "sha256:2f88d197e66c65be5e42cd72e5c18afbfae3f741742070e3019ac8f4ac57262c"},
{file = "cryptography-42.0.8-cp39-abi3-win_amd64.whl", hash = "sha256:fa76fbb7596cc5839320000cdd5d0955313696d9511debab7ee7278fc8b5c84a"},
{file = "cryptography-42.0.8-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:ba4f0a211697362e89ad822e667d8d340b4d8d55fae72cdd619389fb5912eefe"},
{file = "cryptography-42.0.8-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:81884c4d096c272f00aeb1f11cf62ccd39763581645b0812e99a91505fa48e0c"},
{file = "cryptography-42.0.8-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c9bb2ae11bfbab395bdd072985abde58ea9860ed84e59dbc0463a5d0159f5b71"},
{file = "cryptography-42.0.8-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:7016f837e15b0a1c119d27ecd89b3515f01f90a8615ed5e9427e30d9cdbfed3d"},
{file = "cryptography-42.0.8-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:5a94eccb2a81a309806027e1670a358b99b8fe8bfe9f8d329f27d72c094dde8c"},
{file = "cryptography-42.0.8-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:dec9b018df185f08483f294cae6ccac29e7a6e0678996587363dc352dc65c842"},
{file = "cryptography-42.0.8-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:343728aac38decfdeecf55ecab3264b015be68fc2816ca800db649607aeee648"},
{file = "cryptography-42.0.8-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:013629ae70b40af70c9a7a5db40abe5d9054e6f4380e50ce769947b73bf3caad"},
{file = "cryptography-42.0.8.tar.gz", hash = "sha256:8d09d05439ce7baa8e9e95b07ec5b6c886f548deb7e0f69ef25f64b3bce842f2"},
]
[package.dependencies]
@ -1196,13 +1196,13 @@ bcrypt = ["bcrypt"]
[[package]]
name = "django-cte"
version = "1.3.2"
version = "1.3.3"
description = "Common Table Expressions (CTE) for Django"
optional = false
python-versions = "*"
files = [
{file = "django-cte-1.3.2.tar.gz", hash = "sha256:841b264f83417d421393c8c4644f76300962c6c3ddbc37339cf99672eb3696a2"},
{file = "django_cte-1.3.2-py2.py3-none-any.whl", hash = "sha256:9ca0a900df4819bbe86447a594f27272d67069f3ef13da61e905b0ace67704e9"},
{file = "django-cte-1.3.3.tar.gz", hash = "sha256:0c1aeef067278a22886151c1d27f6f665a303952d058900e5ca82a24cde40697"},
{file = "django_cte-1.3.3-py2.py3-none-any.whl", hash = "sha256:85bbc3efb30c2f8c9ae3080ca6f0b9570e43d2cb4b6be10846c8ef9f046873fa"},
]
[[package]]
@ -1707,13 +1707,13 @@ grpcio-gcp = ["grpcio-gcp (>=0.2.2,<1.0.dev0)"]
[[package]]
name = "google-api-python-client"
version = "2.131.0"
version = "2.132.0"
description = "Google API Client Library for Python"
optional = false
python-versions = ">=3.7"
files = [
{file = "google-api-python-client-2.131.0.tar.gz", hash = "sha256:1c03e24af62238a8817ecc24e9d4c32ddd4cb1f323b08413652d9a9a592fc00d"},
{file = "google_api_python_client-2.131.0-py2.py3-none-any.whl", hash = "sha256:e325409bdcef4604d505d9246ce7199960a010a0569ac503b9f319db8dbdc217"},
{file = "google-api-python-client-2.132.0.tar.gz", hash = "sha256:d6340dc83b72d72333cee5d50f7dcfecbff66a8783164090e945f985ec4c374d"},
{file = "google_api_python_client-2.132.0-py2.py3-none-any.whl", hash = "sha256:cde87700bd4d37f39f5e940292c1c6cd0910990b5b01f50b1332a8cea38e8595"},
]
[package.dependencies]
@ -2172,13 +2172,13 @@ zookeeper = ["kazoo (>=2.8.0)"]
[[package]]
name = "kubernetes"
version = "29.0.0"
version = "30.1.0"
description = "Kubernetes python client"
optional = false
python-versions = ">=3.6"
files = [
{file = "kubernetes-29.0.0-py2.py3-none-any.whl", hash = "sha256:ab8cb0e0576ccdfb71886366efb102c6a20f268d817be065ce7f9909c631e43e"},
{file = "kubernetes-29.0.0.tar.gz", hash = "sha256:c4812e227ae74d07d53c88293e564e54b850452715a59a927e7e1bc6b9a60459"},
{file = "kubernetes-30.1.0-py2.py3-none-any.whl", hash = "sha256:e212e8b7579031dd2e512168b617373bc1e03888d41ac4e04039240a292d478d"},
{file = "kubernetes-30.1.0.tar.gz", hash = "sha256:41e4c77af9f28e7a6c314e3bd06a8c6229ddd787cad684e0ab9f69b498e98ebc"},
]
[package.dependencies]
@ -3019,13 +3019,13 @@ attrs = ">=19.2.0"
[[package]]
name = "packaging"
version = "24.0"
version = "24.1"
description = "Core utilities for Python packages"
optional = false
python-versions = ">=3.7"
python-versions = ">=3.8"
files = [
{file = "packaging-24.0-py3-none-any.whl", hash = "sha256:2ddfb553fdf02fb784c234c7ba6ccc288296ceabec964ad2eae3777778130bc5"},
{file = "packaging-24.0.tar.gz", hash = "sha256:eb82c5e3e56209074766e6885bb04b8c38a0c015d0a30036ebe7ece34c9989e9"},
{file = "packaging-24.1-py3-none-any.whl", hash = "sha256:5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124"},
{file = "packaging-24.1.tar.gz", hash = "sha256:026ed72c8ed3fcce5bf8950572258698927fd1dbda10a5e981cdf0ac37f4f002"},
]
[[package]]
@ -3624,13 +3624,13 @@ files = [
[[package]]
name = "pytest"
version = "8.2.1"
version = "8.2.2"
description = "pytest: simple powerful testing with Python"
optional = false
python-versions = ">=3.8"
files = [
{file = "pytest-8.2.1-py3-none-any.whl", hash = "sha256:faccc5d332b8c3719f40283d0d44aa5cf101cec36f88cde9ed8f2bc0538612b1"},
{file = "pytest-8.2.1.tar.gz", hash = "sha256:5046e5b46d8e4cac199c373041f26be56fdb81eb4e67dc11d4e10811fc3408fd"},
{file = "pytest-8.2.2-py3-none-any.whl", hash = "sha256:c434598117762e2bd304e526244f67bf66bbd7b5d6cf22138be51ff661980343"},
{file = "pytest-8.2.2.tar.gz", hash = "sha256:de4bb8104e201939ccdc688b27a89a7be2079b22e2bd2b07f806b6ba71117977"},
]
[package.dependencies]
@ -4052,28 +4052,28 @@ pyasn1 = ">=0.1.3"
[[package]]
name = "ruff"
version = "0.4.7"
version = "0.4.8"
description = "An extremely fast Python linter and code formatter, written in Rust."
optional = false
python-versions = ">=3.7"
files = [
{file = "ruff-0.4.7-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:e089371c67892a73b6bb1525608e89a2aca1b77b5440acf7a71dda5dac958f9e"},
{file = "ruff-0.4.7-py3-none-macosx_11_0_arm64.whl", hash = "sha256:10f973d521d910e5f9c72ab27e409e839089f955be8a4c8826601a6323a89753"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:59c3d110970001dfa494bcd95478e62286c751126dfb15c3c46e7915fc49694f"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:fa9773c6c00f4958f73b317bc0fd125295110c3776089f6ef318f4b775f0abe4"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:07fc80bbb61e42b3b23b10fda6a2a0f5a067f810180a3760c5ef1b456c21b9db"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:fa4dafe3fe66d90e2e2b63fa1591dd6e3f090ca2128daa0be33db894e6c18648"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:a7c0083febdec17571455903b184a10026603a1de078428ba155e7ce9358c5f6"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:ad1b20e66a44057c326168437d680a2166c177c939346b19c0d6b08a62a37589"},
{file = "ruff-0.4.7-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cbf5d818553add7511c38b05532d94a407f499d1a76ebb0cad0374e32bc67202"},
{file = "ruff-0.4.7-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:50e9651578b629baec3d1513b2534de0ac7ed7753e1382272b8d609997e27e83"},
{file = "ruff-0.4.7-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:8874a9df7766cb956b218a0a239e0a5d23d9e843e4da1e113ae1d27ee420877a"},
{file = "ruff-0.4.7-py3-none-musllinux_1_2_i686.whl", hash = "sha256:b9de9a6e49f7d529decd09381c0860c3f82fa0b0ea00ea78409b785d2308a567"},
{file = "ruff-0.4.7-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:13a1768b0691619822ae6d446132dbdfd568b700ecd3652b20d4e8bc1e498f78"},
{file = "ruff-0.4.7-py3-none-win32.whl", hash = "sha256:769e5a51df61e07e887b81e6f039e7ed3573316ab7dd9f635c5afaa310e4030e"},
{file = "ruff-0.4.7-py3-none-win_amd64.whl", hash = "sha256:9e3ab684ad403a9ed1226894c32c3ab9c2e0718440f6f50c7c5829932bc9e054"},
{file = "ruff-0.4.7-py3-none-win_arm64.whl", hash = "sha256:10f2204b9a613988e3484194c2c9e96a22079206b22b787605c255f130db5ed7"},
{file = "ruff-0.4.7.tar.gz", hash = "sha256:2331d2b051dc77a289a653fcc6a42cce357087c5975738157cd966590b18b5e1"},
{file = "ruff-0.4.8-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:7663a6d78f6adb0eab270fa9cf1ff2d28618ca3a652b60f2a234d92b9ec89066"},
{file = "ruff-0.4.8-py3-none-macosx_11_0_arm64.whl", hash = "sha256:eeceb78da8afb6de0ddada93112869852d04f1cd0f6b80fe464fd4e35c330913"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:aad360893e92486662ef3be0a339c5ca3c1b109e0134fcd37d534d4be9fb8de3"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:284c2e3f3396fb05f5f803c9fffb53ebbe09a3ebe7dda2929ed8d73ded736deb"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a7354f921e3fbe04d2a62d46707e569f9315e1a613307f7311a935743c51a764"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:72584676164e15a68a15778fd1b17c28a519e7a0622161eb2debdcdabdc71883"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:9678d5c9b43315f323af2233a04d747409d1e3aa6789620083a82d1066a35199"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:704977a658131651a22b5ebeb28b717ef42ac6ee3b11e91dc87b633b5d83142b"},
{file = "ruff-0.4.8-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d05f8d6f0c3cce5026cecd83b7a143dcad503045857bc49662f736437380ad45"},
{file = "ruff-0.4.8-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:6ea874950daca5697309d976c9afba830d3bf0ed66887481d6bca1673fc5b66a"},
{file = "ruff-0.4.8-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:fc95aac2943ddf360376be9aa3107c8cf9640083940a8c5bd824be692d2216dc"},
{file = "ruff-0.4.8-py3-none-musllinux_1_2_i686.whl", hash = "sha256:384154a1c3f4bf537bac69f33720957ee49ac8d484bfc91720cc94172026ceed"},
{file = "ruff-0.4.8-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:e9d5ce97cacc99878aa0d084c626a15cd21e6b3d53fd6f9112b7fc485918e1fa"},
{file = "ruff-0.4.8-py3-none-win32.whl", hash = "sha256:6d795d7639212c2dfd01991259460101c22aabf420d9b943f153ab9d9706e6a9"},
{file = "ruff-0.4.8-py3-none-win_amd64.whl", hash = "sha256:e14a3a095d07560a9d6769a72f781d73259655919d9b396c650fc98a8157555d"},
{file = "ruff-0.4.8-py3-none-win_arm64.whl", hash = "sha256:14019a06dbe29b608f6b7cbcec300e3170a8d86efaddb7b23405cb7f7dcaf780"},
{file = "ruff-0.4.8.tar.gz", hash = "sha256:16d717b1d57b2e2fd68bd0bf80fb43931b79d05a7131aa477d66fc40fbd86268"},
]
[[package]]
@ -4130,13 +4130,13 @@ urllib3 = {version = ">=1.26,<3", extras = ["socks"]}
[[package]]
name = "sentry-sdk"
version = "2.3.1"
version = "2.5.1"
description = "Python client for Sentry (https://sentry.io)"
optional = false
python-versions = ">=3.6"
files = [
{file = "sentry_sdk-2.3.1-py2.py3-none-any.whl", hash = "sha256:c5aeb095ba226391d337dd42a6f9470d86c9fc236ecc71cfc7cd1942b45010c6"},
{file = "sentry_sdk-2.3.1.tar.gz", hash = "sha256:139a71a19f5e9eb5d3623942491ce03cf8ebc14ea2e39ba3e6fe79560d8a5b1f"},
{file = "sentry_sdk-2.5.1-py2.py3-none-any.whl", hash = "sha256:1f87acdce4a43a523ae5aa21a3fc37522d73ebd9ec04b1dbf01aa3d173852def"},
{file = "sentry_sdk-2.5.1.tar.gz", hash = "sha256:fbc40a78a8a9c6675133031116144f0d0940376fa6e4e1acd5624c90b0aaf58b"},
]
[package.dependencies]
@ -4451,22 +4451,22 @@ celery = "*"
[[package]]
name = "tornado"
version = "6.4"
version = "6.4.1"
description = "Tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed."
optional = false
python-versions = ">= 3.8"
python-versions = ">=3.8"
files = [
{file = "tornado-6.4-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:02ccefc7d8211e5a7f9e8bc3f9e5b0ad6262ba2fbb683a6443ecc804e5224ce0"},
{file = "tornado-6.4-cp38-abi3-macosx_10_9_x86_64.whl", hash = "sha256:27787de946a9cffd63ce5814c33f734c627a87072ec7eed71f7fc4417bb16263"},
{file = "tornado-6.4-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f7894c581ecdcf91666a0912f18ce5e757213999e183ebfc2c3fdbf4d5bd764e"},
{file = "tornado-6.4-cp38-abi3-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e43bc2e5370a6a8e413e1e1cd0c91bedc5bd62a74a532371042a18ef19e10579"},
{file = "tornado-6.4-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f0251554cdd50b4b44362f73ad5ba7126fc5b2c2895cc62b14a1c2d7ea32f212"},
{file = "tornado-6.4-cp38-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:fd03192e287fbd0899dd8f81c6fb9cbbc69194d2074b38f384cb6fa72b80e9c2"},
{file = "tornado-6.4-cp38-abi3-musllinux_1_1_i686.whl", hash = "sha256:88b84956273fbd73420e6d4b8d5ccbe913c65d31351b4c004ae362eba06e1f78"},
{file = "tornado-6.4-cp38-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:71ddfc23a0e03ef2df1c1397d859868d158c8276a0603b96cf86892bff58149f"},
{file = "tornado-6.4-cp38-abi3-win32.whl", hash = "sha256:6f8a6c77900f5ae93d8b4ae1196472d0ccc2775cc1dfdc9e7727889145c45052"},
{file = "tornado-6.4-cp38-abi3-win_amd64.whl", hash = "sha256:10aeaa8006333433da48dec9fe417877f8bcc21f48dda8d661ae79da357b2a63"},
{file = "tornado-6.4.tar.gz", hash = "sha256:72291fa6e6bc84e626589f1c29d90a5a6d593ef5ae68052ee2ef000dfd273dee"},
{file = "tornado-6.4.1-cp38-abi3-macosx_10_9_universal2.whl", hash = "sha256:163b0aafc8e23d8cdc3c9dfb24c5368af84a81e3364745ccb4427669bf84aec8"},
{file = "tornado-6.4.1-cp38-abi3-macosx_10_9_x86_64.whl", hash = "sha256:6d5ce3437e18a2b66fbadb183c1d3364fb03f2be71299e7d10dbeeb69f4b2a14"},
{file = "tornado-6.4.1-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e2e20b9113cd7293f164dc46fffb13535266e713cdb87bd2d15ddb336e96cfc4"},
{file = "tornado-6.4.1-cp38-abi3-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:8ae50a504a740365267b2a8d1a90c9fbc86b780a39170feca9bcc1787ff80842"},
{file = "tornado-6.4.1-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:613bf4ddf5c7a95509218b149b555621497a6cc0d46ac341b30bd9ec19eac7f3"},
{file = "tornado-6.4.1-cp38-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:25486eb223babe3eed4b8aecbac33b37e3dd6d776bc730ca14e1bf93888b979f"},
{file = "tornado-6.4.1-cp38-abi3-musllinux_1_2_i686.whl", hash = "sha256:454db8a7ecfcf2ff6042dde58404164d969b6f5d58b926da15e6b23817950fc4"},
{file = "tornado-6.4.1-cp38-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:a02a08cc7a9314b006f653ce40483b9b3c12cda222d6a46d4ac63bb6c9057698"},
{file = "tornado-6.4.1-cp38-abi3-win32.whl", hash = "sha256:d9a566c40b89757c9aa8e6f032bcdb8ca8795d7c1a9762910c722b1635c9de4d"},
{file = "tornado-6.4.1-cp38-abi3-win_amd64.whl", hash = "sha256:b24b8982ed444378d7f21d563f4180a2de31ced9d8d84443907a0a64da2072e7"},
{file = "tornado-6.4.1.tar.gz", hash = "sha256:92d3ab53183d8c50f8204a51e6f91d18a15d5ef261e84d452800d4ff6fc504e9"},
]
[[package]]
@ -4505,13 +4505,13 @@ wsproto = ">=0.14"
[[package]]
name = "twilio"
version = "9.1.0"
version = "9.1.1"
description = "Twilio API client and TwiML generator"
optional = false
python-versions = ">=3.7.0"
files = [
{file = "twilio-9.1.0-py2.py3-none-any.whl", hash = "sha256:eb4687a9f81dc3118e8981c5a46d9f8184baee135c79afed47c714c759c31bbc"},
{file = "twilio-9.1.0.tar.gz", hash = "sha256:ab2eb19c779855bf02cdca8a7e02ebaa64feee47da7b591ac9088ec07a6962e2"},
{file = "twilio-9.1.1-py2.py3-none-any.whl", hash = "sha256:cc3e090c3884db7d70e7c647358b9cf1f4d30fd3fbe0412adcae0df8459d29b0"},
{file = "twilio-9.1.1.tar.gz", hash = "sha256:cfe72b12cabac2f0997f1060d53cea14bd1196e2cbda14789e53c7dd762c4349"},
]
[package.dependencies]

531
schema.yml
View File

@ -19726,6 +19726,403 @@ paths:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_groups/:
get:
operationId: providers_scim_groups_list
description: SCIMProviderGroup Viewset
parameters:
- in: query
name: group__group_uuid
schema:
type: string
format: uuid
- in: query
name: group__name
schema:
type: string
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMProviderGroupList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_scim_groups_create
description: SCIMProviderGroup Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderGroupRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_groups/{id}/:
get:
operationId: providers_scim_groups_retrieve
description: SCIMProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderGroup'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_scim_groups_destroy
description: SCIMProviderGroup Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_groups/{id}/used_by/:
get:
operationId: providers_scim_groups_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider group.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_users/:
get:
operationId: providers_scim_users_list
description: SCIMProviderUser Viewset
parameters:
- name: ordering
required: false
in: query
description: Which field to use when ordering the results.
schema:
type: string
- name: page
required: false
in: query
description: A page number within the paginated result set.
schema:
type: integer
- name: page_size
required: false
in: query
description: Number of results to return per page.
schema:
type: integer
- in: query
name: provider__id
schema:
type: integer
- name: search
required: false
in: query
description: A search term.
schema:
type: string
- in: query
name: user__id
schema:
type: integer
- in: query
name: user__username
schema:
type: string
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/PaginatedSCIMProviderUserList'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
post:
operationId: providers_scim_users_create
description: SCIMProviderUser Viewset
tags:
- providers
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderUserRequest'
required: true
security:
- authentik: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_users/{id}/:
get:
operationId: providers_scim_users_retrieve
description: SCIMProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider user.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/SCIMProviderUser'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
delete:
operationId: providers_scim_users_destroy
description: SCIMProviderUser Viewset
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider user.
required: true
tags:
- providers
security:
- authentik: []
responses:
'204':
description: No response body
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/providers/scim_users/{id}/used_by/:
get:
operationId: providers_scim_users_used_by_list
description: Get a list of all objects that use this object
parameters:
- in: path
name: id
schema:
type: string
format: uuid
description: A UUID string identifying this scim provider user.
required: true
tags:
- providers
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UsedBy'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/rac/connection_tokens/:
get:
operationId: rac_connection_tokens_list
@ -36335,6 +36732,8 @@ components:
type: string
format: uuid
readOnly: true
google_id:
type: string
group:
type: string
format: uuid
@ -36348,6 +36747,7 @@ components:
readOnly: true
required:
- attributes
- google_id
- group
- group_obj
- id
@ -36356,12 +36756,16 @@ components:
type: object
description: GoogleWorkspaceProviderGroup Serializer
properties:
google_id:
type: string
minLength: 1
group:
type: string
format: uuid
provider:
type: integer
required:
- google_id
- group
- provider
GoogleWorkspaceProviderMapping:
@ -36484,6 +36888,8 @@ components:
type: string
format: uuid
readOnly: true
google_id:
type: string
user:
type: integer
user_obj:
@ -36496,6 +36902,7 @@ components:
readOnly: true
required:
- attributes
- google_id
- id
- provider
- user
@ -36504,11 +36911,15 @@ components:
type: object
description: GoogleWorkspaceProviderUser Serializer
properties:
google_id:
type: string
minLength: 1
user:
type: integer
provider:
type: integer
required:
- google_id
- provider
- user
Group:
@ -38003,6 +38414,8 @@ components:
type: string
format: uuid
readOnly: true
microsoft_id:
type: string
group:
type: string
format: uuid
@ -38019,11 +38432,15 @@ components:
- group
- group_obj
- id
- microsoft_id
- provider
MicrosoftEntraProviderGroupRequest:
type: object
description: MicrosoftEntraProviderGroup Serializer
properties:
microsoft_id:
type: string
minLength: 1
group:
type: string
format: uuid
@ -38031,6 +38448,7 @@ components:
type: integer
required:
- group
- microsoft_id
- provider
MicrosoftEntraProviderMapping:
type: object
@ -38149,6 +38567,8 @@ components:
type: string
format: uuid
readOnly: true
microsoft_id:
type: string
user:
type: integer
user_obj:
@ -38162,6 +38582,7 @@ components:
required:
- attributes
- id
- microsoft_id
- provider
- user
- user_obj
@ -38169,11 +38590,15 @@ components:
type: object
description: MicrosoftEntraProviderUser Serializer
properties:
microsoft_id:
type: string
minLength: 1
user:
type: integer
provider:
type: integer
required:
- microsoft_id
- provider
- user
ModelEnum:
@ -40166,6 +40591,18 @@ components:
required:
- pagination
- results
PaginatedSCIMProviderGroupList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMProviderGroup'
required:
- pagination
- results
PaginatedSCIMProviderList:
type: object
properties:
@ -40178,6 +40615,18 @@ components:
required:
- pagination
- results
PaginatedSCIMProviderUserList:
type: object
properties:
pagination:
$ref: '#/components/schemas/Pagination'
results:
type: array
items:
$ref: '#/components/schemas/SCIMProviderUser'
required:
- pagination
- results
PaginatedSCIMSourceGroupList:
type: object
properties:
@ -44147,12 +44596,14 @@ components:
properties:
user:
type: integer
nullable: true
context:
type: object
additionalProperties: {}
group:
type: string
format: uuid
nullable: true
PropertyMappingTestResult:
type: object
description: Result of a Property-mapping test
@ -45906,6 +46357,47 @@ components:
- url
- verbose_name
- verbose_name_plural
SCIMProviderGroup:
type: object
description: SCIMProviderGroup Serializer
properties:
id:
type: string
format: uuid
readOnly: true
scim_id:
type: string
group:
type: string
format: uuid
group_obj:
allOf:
- $ref: '#/components/schemas/UserGroup'
readOnly: true
provider:
type: integer
required:
- group
- group_obj
- id
- provider
- scim_id
SCIMProviderGroupRequest:
type: object
description: SCIMProviderGroup Serializer
properties:
scim_id:
type: string
minLength: 1
group:
type: string
format: uuid
provider:
type: integer
required:
- group
- provider
- scim_id
SCIMProviderRequest:
type: object
description: SCIMProvider Serializer
@ -45942,6 +46434,45 @@ components:
- name
- token
- url
SCIMProviderUser:
type: object
description: SCIMProviderUser Serializer
properties:
id:
type: string
format: uuid
readOnly: true
scim_id:
type: string
user:
type: integer
user_obj:
allOf:
- $ref: '#/components/schemas/GroupMember'
readOnly: true
provider:
type: integer
required:
- id
- provider
- scim_id
- user
- user_obj
SCIMProviderUserRequest:
type: object
description: SCIMProviderUser Serializer
properties:
scim_id:
type: string
minLength: 1
user:
type: integer
provider:
type: integer
required:
- provider
- scim_id
- user
SCIMSource:
type: object
description: SCIMSource Serializer

2
tests/e2e/docker-compose.yml
View File

@ -1,5 +1,3 @@
version: '3.7'
services:
chrome:
image: docker.io/selenium/standalone-chrome:122.0

8
tests/wdio/package-lock.json generated
View File

@ -20,7 +20,7 @@
"eslint-config-google": "^0.14.0",
"eslint-plugin-sonarjs": "^0.25.1",
"npm-run-all": "^4.1.5",
"prettier": "^3.3.0",
"prettier": "^3.3.1",
"ts-node": "^10.9.2",
"typescript": "^5.4.5",
"wdio-wait-for": "^3.0.11"
@ -6908,9 +6908,9 @@
}
},
"node_modules/prettier": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.0.tgz",
"integrity": "sha512-J9odKxERhCQ10OC2yb93583f6UnYutOeiV5i0zEDS7UGTdUt0u+y8erxl3lBKvwo/JHyyoEdXjwp4dke9oyZ/g==",
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.1.tgz",
"integrity": "sha512-7CAwy5dRsxs8PHXT3twixW9/OEll8MLE0VRPCJyl7CkS6VHGPSlsVaWTiASPTyGyYRyApxlaWTzwUxVNrhcwDg==",
"dev": true,
"bin": {
"prettier": "bin/prettier.cjs"

2
tests/wdio/package.json
View File

@ -14,7 +14,7 @@
"eslint-config-google": "^0.14.0",
"eslint-plugin-sonarjs": "^0.25.1",
"npm-run-all": "^4.1.5",
"prettier": "^3.3.0",
"prettier": "^3.3.1",
"ts-node": "^10.9.2",
"typescript": "^5.4.5",
"wdio-wait-for": "^3.0.11"

2408
web/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

46
web/package.json
View File

@ -38,15 +38,15 @@
"@codemirror/theme-one-dark": "^6.1.2",
"@formatjs/intl-listformat": "^7.5.7",
"@fortawesome/fontawesome-free": "^6.5.2",
"@goauthentik/api": "^2024.4.2-1717493155",
"@goauthentik/api": "^2024.4.2-1717645682",
"@lit-labs/task": "^3.1.0",
"@lit/context": "^1.1.1",
"@lit/context": "^1.1.2",
"@lit/localize": "^0.12.1",
"@lit/reactive-element": "^2.0.4",
"@open-wc/lit-helpers": "^0.7.0",
"@patternfly/elements": "^3.0.1",
"@patternfly/patternfly": "^4.224.2",
"@sentry/browser": "^8.7.0",
"@sentry/browser": "^8.8.0",
"@webcomponents/webcomponentsjs": "^2.8.0",
"base64-js": "^1.5.1",
"chart.js": "^4.4.3",
@ -54,10 +54,10 @@
"codemirror": "^6.0.1",
"construct-style-sheets-polyfill": "^3.1.0",
"core-js": "^3.37.1",
"country-flag-icons": "^1.5.11",
"country-flag-icons": "^1.5.12",
"fuse.js": "^7.0.0",
"guacamole-common-js": "^1.5.0",
"lit": "^3.1.3",
"lit": "^3.1.4",
"md-front-matter": "^1.0.4",
"mermaid": "^10.9.1",
"rapidoc": "^9.3.4",
@ -65,29 +65,29 @@
"style-mod": "^4.1.2",
"ts-pattern": "^5.1.2",
"webcomponent-qr-code": "^1.2.0",
"yaml": "^2.4.3"
"yaml": "^2.4.5"
},
"devDependencies": {
"@babel/core": "^7.24.6",
"@babel/core": "^7.24.7",
"@babel/plugin-proposal-class-properties": "^7.18.6",
"@babel/plugin-proposal-decorators": "^7.24.6",
"@babel/plugin-transform-private-methods": "^7.24.6",
"@babel/plugin-transform-private-property-in-object": "^7.24.6",
"@babel/plugin-transform-runtime": "^7.24.6",
"@babel/preset-env": "^7.24.6",
"@babel/preset-typescript": "^7.24.6",
"@babel/plugin-proposal-decorators": "^7.24.7",
"@babel/plugin-transform-private-methods": "^7.24.7",
"@babel/plugin-transform-private-property-in-object": "^7.24.7",
"@babel/plugin-transform-runtime": "^7.24.7",
"@babel/preset-env": "^7.24.7",
"@babel/preset-typescript": "^7.24.7",
"@hcaptcha/types": "^1.0.3",
"@jeysal/storybook-addon-css-user-preferences": "^0.2.0",
"@lit/localize-tools": "^0.7.2",
"@rollup/plugin-replace": "^5.0.5",
"@rollup/plugin-replace": "^5.0.7",
"@spotlightjs/spotlight": "^1.2.17",
"@storybook/addon-essentials": "^8.1.5",
"@storybook/addon-links": "^8.1.5",
"@storybook/addon-essentials": "^8.1.6",
"@storybook/addon-links": "^8.1.6",
"@storybook/api": "^7.6.17",
"@storybook/blocks": "^8.0.8",
"@storybook/manager-api": "^8.1.5",
"@storybook/web-components": "^8.1.5",
"@storybook/web-components-vite": "^8.1.5",
"@storybook/manager-api": "^8.1.6",
"@storybook/web-components": "^8.1.6",
"@storybook/web-components-vite": "^8.1.6",
"@trivago/prettier-plugin-sort-imports": "^4.3.0",
"@types/chart.js": "^2.9.41",
"@types/codemirror": "5.60.15",
@ -100,7 +100,7 @@
"babel-plugin-tsconfig-paths": "^1.0.3",
"chokidar": "^3.6.0",
"cross-env": "^7.0.3",
"esbuild": "^0.21.4",
"esbuild": "^0.21.5",
"eslint": "^8.57.0",
"eslint-config-google": "^0.14.0",
"eslint-plugin-custom-elements": "0.0.8",
@ -111,16 +111,16 @@
"glob": "^10.4.1",
"lit-analyzer": "^2.0.3",
"npm-run-all": "^4.1.5",
"prettier": "^3.3.0",
"prettier": "^3.3.1",
"pseudolocale": "^2.0.0",
"react": "^18.2.0",
"react-dom": "^18.3.1",
"rollup-plugin-modify": "^3.0.0",
"rollup-plugin-postcss-lit": "^2.1.0",
"storybook": "^8.1.5",
"storybook": "^8.1.6",
"storybook-addon-mock": "^5.0.0",
"ts-lit-plugin": "^2.0.2",
"tslib": "^2.6.2",
"tslib": "^2.6.3",
"turnstile-types": "^1.2.1",
"typescript": "^5.4.5",
"vite-tsconfig-paths": "^4.3.2"

2
web/src/admin/property-mappings/PropertyMappingTestForm.ts
View File

@ -126,6 +126,7 @@ export class PolicyTestForm extends Form<PropertyMappingTestRequest> {
renderForm(): TemplateResult {
return html`<ak-form-element-horizontal label=${msg("User")} name="user">
<ak-search-select
blankable
.fetchObjects=${async (query?: string): Promise<User[]> => {
const args: CoreUsersListRequest = {
ordering: "username",
@ -153,6 +154,7 @@ export class PolicyTestForm extends Form<PropertyMappingTestRequest> {
</ak-form-element-horizontal>
<ak-form-element-horizontal label=${msg("Group")} name="group">
<ak-search-select
blankable
.fetchObjects=${async (query?: string): Promise<Group[]> => {
const args: CoreGroupsListRequest = {
ordering: "name",

21
web/src/admin/providers/google_workspace/GoogleWorkspaceProviderGroupList.ts
View File

@ -1,5 +1,6 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { uiConfig } from "@goauthentik/common/ui/config";
import "@goauthentik/elements/forms/DeleteBulkForm";
import { PaginatedResponse, Table, TableColumn } from "@goauthentik/elements/table/Table";
import { msg } from "@lit/localize";
@ -19,6 +20,26 @@ export class GoogleWorkspaceProviderGroupList extends Table<GoogleWorkspaceProvi
return true;
}
checkbox = true;
clearOnRefresh = true;
renderToolbarSelected(): TemplateResult {
const disabled = this.selectedElements.length < 1;
return html`<ak-forms-delete-bulk
objectLabel=${msg("Google Workspace Group(s)")}
.objects=${this.selectedElements}
.delete=${(item: GoogleWorkspaceProviderGroup) => {
return new ProvidersApi(DEFAULT_CONFIG).providersGoogleWorkspaceGroupsDestroy({
id: item.id,
});
}}
>
<button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
${msg("Delete")}
</button>
</ak-forms-delete-bulk>`;
}
async apiEndpoint(page: number): Promise<PaginatedResponse<GoogleWorkspaceProviderGroup>> {
return new ProvidersApi(DEFAULT_CONFIG).providersGoogleWorkspaceGroupsList({
page: page,

21
web/src/admin/providers/google_workspace/GoogleWorkspaceProviderUserList.ts
View File

@ -1,5 +1,6 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { uiConfig } from "@goauthentik/common/ui/config";
import "@goauthentik/elements/forms/DeleteBulkForm";
import { PaginatedResponse, Table, TableColumn } from "@goauthentik/elements/table/Table";
import { msg } from "@lit/localize";
@ -19,6 +20,26 @@ export class GoogleWorkspaceProviderUserList extends Table<GoogleWorkspaceProvid
expandable = true;
checkbox = true;
clearOnRefresh = true;
renderToolbarSelected(): TemplateResult {
const disabled = this.selectedElements.length < 1;
return html`<ak-forms-delete-bulk
objectLabel=${msg("Google Workspace User(s)")}
.objects=${this.selectedElements}
.delete=${(item: GoogleWorkspaceProviderUser) => {
return new ProvidersApi(DEFAULT_CONFIG).providersGoogleWorkspaceUsersDestroy({
id: item.id,
});
}}
>
<button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
${msg("Delete")}
</button>
</ak-forms-delete-bulk>`;
}
async apiEndpoint(page: number): Promise<PaginatedResponse<GoogleWorkspaceProviderUser>> {
return new ProvidersApi(DEFAULT_CONFIG).providersGoogleWorkspaceUsersList({
page: page,

18
web/src/admin/providers/microsoft_entra/MicrosoftEntraProviderGroupList.ts
View File

@ -1,5 +1,6 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { uiConfig } from "@goauthentik/common/ui/config";
import "@goauthentik/elements/forms/DeleteBulkForm";
import { PaginatedResponse, Table, TableColumn } from "@goauthentik/elements/table/Table";
import { msg } from "@lit/localize";
@ -19,6 +20,23 @@ export class MicrosoftEntraProviderGroupList extends Table<MicrosoftEntraProvide
return true;
}
renderToolbarSelected(): TemplateResult {
const disabled = this.selectedElements.length < 1;
return html`<ak-forms-delete-bulk
objectLabel=${msg("Microsoft Entra Group(s)")}
.objects=${this.selectedElements}
.delete=${(item: MicrosoftEntraProviderGroup) => {
return new ProvidersApi(DEFAULT_CONFIG).providersMicrosoftEntraGroupsDestroy({
id: item.id,
});
}}
>
<button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
${msg("Delete")}
</button>
</ak-forms-delete-bulk>`;
}
async apiEndpoint(page: number): Promise<PaginatedResponse<MicrosoftEntraProviderGroup>> {
return new ProvidersApi(DEFAULT_CONFIG).providersMicrosoftEntraGroupsList({
page: page,

21
web/src/admin/providers/microsoft_entra/MicrosoftEntraProviderUserList.ts
View File

@ -1,5 +1,6 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { uiConfig } from "@goauthentik/common/ui/config";
import "@goauthentik/elements/forms/DeleteBulkForm";
import { PaginatedResponse, Table, TableColumn } from "@goauthentik/elements/table/Table";
import { msg } from "@lit/localize";
@ -19,6 +20,26 @@ export class MicrosoftEntraProviderUserList extends Table<MicrosoftEntraProvider
return true;
}
checkbox = true;
clearOnRefresh = true;
renderToolbarSelected(): TemplateResult {
const disabled = this.selectedElements.length < 1;
return html`<ak-forms-delete-bulk
objectLabel=${msg("Microsoft Entra User(s)")}
.objects=${this.selectedElements}
.delete=${(item: MicrosoftEntraProviderUser) => {
return new ProvidersApi(DEFAULT_CONFIG).providersMicrosoftEntraUsersDestroy({
id: item.id,
});
}}
>
<button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
${msg("Delete")}
</button>
</ak-forms-delete-bulk>`;
}
async apiEndpoint(page: number): Promise<PaginatedResponse<MicrosoftEntraProviderUser>> {
return new ProvidersApi(DEFAULT_CONFIG).providersMicrosoftEntraUsersList({
page: page,

63
web/src/admin/providers/scim/SCIMProviderGroupList.ts Normal file
View File

@ -0,0 +1,63 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { uiConfig } from "@goauthentik/common/ui/config";
import "@goauthentik/elements/forms/DeleteBulkForm";
import { PaginatedResponse, Table, TableColumn } from "@goauthentik/elements/table/Table";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
import { customElement, property } from "lit/decorators.js";
import { ProvidersApi, SCIMProviderGroup } from "@goauthentik/api";
@customElement("ak-provider-scim-groups-list")
export class SCIMProviderGroupList extends Table<SCIMProviderGroup> {
@property({ type: Number })
providerId?: number;
searchEnabled(): boolean {
return true;
}
checkbox = true;
clearOnRefresh = true;
renderToolbarSelected(): TemplateResult {
const disabled = this.selectedElements.length < 1;
return html`<ak-forms-delete-bulk
objectLabel=${msg("SCIM Group(s)")}
.objects=${this.selectedElements}
.delete=${(item: SCIMProviderGroup) => {
return new ProvidersApi(DEFAULT_CONFIG).providersScimGroupsDestroy({
id: item.id,
});
}}
>
<button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
${msg("Delete")}
</button>
</ak-forms-delete-bulk>`;
}
async apiEndpoint(page: number): Promise<PaginatedResponse<SCIMProviderGroup>> {
return new ProvidersApi(DEFAULT_CONFIG).providersScimGroupsList({
page: page,
pageSize: (await uiConfig()).pagination.perPage,
ordering: this.order,
search: this.search || "",
providerId: this.providerId,
});
}
columns(): TableColumn[] {
return [new TableColumn(msg("Name")), new TableColumn(msg("ID"))];
}
row(item: SCIMProviderGroup): TemplateResult[] {
return [
html`<a href="#/identity/groups/${item.groupObj.pk}">
<div>${item.groupObj.name}</div>
</a>`,
html`${item.id}`,
];
}
}

64
web/src/admin/providers/scim/SCIMProviderUserList.ts Normal file
View File

@ -0,0 +1,64 @@
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { uiConfig } from "@goauthentik/common/ui/config";
import "@goauthentik/elements/forms/DeleteBulkForm";
import { PaginatedResponse, Table, TableColumn } from "@goauthentik/elements/table/Table";
import { msg } from "@lit/localize";
import { TemplateResult, html } from "lit";
import { customElement, property } from "lit/decorators.js";
import { ProvidersApi, SCIMProviderUser } from "@goauthentik/api";
@customElement("ak-provider-scim-users-list")
export class SCIMProviderUserList extends Table<SCIMProviderUser> {
@property({ type: Number })
providerId?: number;
searchEnabled(): boolean {
return true;
}
checkbox = true;
clearOnRefresh = true;
renderToolbarSelected(): TemplateResult {
const disabled = this.selectedElements.length < 1;
return html`<ak-forms-delete-bulk
objectLabel=${msg("SCIM User(s)")}
.objects=${this.selectedElements}
.delete=${(item: SCIMProviderUser) => {
return new ProvidersApi(DEFAULT_CONFIG).providersScimUsersDestroy({
id: item.id,
});
}}
>
<button ?disabled=${disabled} slot="trigger" class="pf-c-button pf-m-danger">
${msg("Delete")}
</button>
</ak-forms-delete-bulk>`;
}
async apiEndpoint(page: number): Promise<PaginatedResponse<SCIMProviderUser>> {
return new ProvidersApi(DEFAULT_CONFIG).providersScimUsersList({
page: page,
pageSize: (await uiConfig()).pagination.perPage,
ordering: this.order,
search: this.search || "",
providerId: this.providerId,
});
}
columns(): TableColumn[] {
return [new TableColumn(msg("Username")), new TableColumn(msg("ID"))];
}
row(item: SCIMProviderUser): TemplateResult[] {
return [
html`<a href="#/identity/users/${item.userObj.pk}">
<div>${item.userObj.username}</div>
<small>${item.userObj.name}</small>
</a>`,
html`${item.id}`,
];
}
}

24
web/src/admin/providers/scim/SCIMProviderViewPage.ts
View File

@ -1,4 +1,6 @@
import "@goauthentik/admin/providers/scim/SCIMProviderForm";
import "@goauthentik/admin/providers/scim/SCIMProviderGroupList";
import "@goauthentik/admin/providers/scim/SCIMProviderUserList";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { EVENT_REFRESH } from "@goauthentik/common/constants";
import "@goauthentik/components/events/ObjectChangelog";
@ -102,6 +104,28 @@ export class SCIMProviderViewPage extends AKElement {
</div>
</div>
</section>
<section
slot="page-users"
data-tab-title="${msg("Provisioned Users")}"
class="pf-c-page__main-section pf-m-no-padding-mobile"
>
<div class="pf-l-grid pf-m-gutter">
<ak-provider-scim-users-list
providerId=${this.provider.pk}
></ak-provider-scim-users-list>
</div>
</section>
<section
slot="page-groups"
data-tab-title="${msg("Provisioned Groups")}"
class="pf-c-page__main-section pf-m-no-padding-mobile"
>
<div class="pf-l-grid pf-m-gutter">
<ak-provider-scim-groups-list
providerId=${this.provider.pk}
></ak-provider-scim-groups-list>
</div>
</section>
<ak-rbac-object-permission-page
slot="page-permissions"
data-tab-title="${msg("Permissions")}"

7
web/src/flow/FlowInspector.ts
View File

@ -15,7 +15,7 @@ import PFProgressStepper from "@patternfly/patternfly/components/ProgressStepper
import PFStack from "@patternfly/patternfly/layouts/Stack/stack.css";
import PFBase from "@patternfly/patternfly/patternfly-base.css";
import { FlowInspection, FlowsApi, Stage } from "@goauthentik/api";
import { FlowInspection, FlowsApi, ResponseError, Stage } from "@goauthentik/api";
@customElement("ak-flow-inspector")
export class FlowInspector extends AKElement {
@ -25,7 +25,7 @@ export class FlowInspector extends AKElement {
state?: FlowInspection;
@property({ attribute: false })
error?: Response;
error?: ResponseError;
static get styles(): CSSResult[] {
return [
@ -70,6 +70,7 @@ export class FlowInspector extends AKElement {
flowSlug: this.flowSlug,
})
.then((state) => {
this.error = undefined;
this.state = state;
})
.catch((exc) => {
@ -100,7 +101,7 @@ export class FlowInspector extends AKElement {
<div class="pf-l-stack pf-m-gutter">
<div class="pf-l-stack__item">
<div class="pf-c-card">
<div class="pf-c-card__body">${this.error?.statusText}</div>
<div class="pf-c-card__body">${this.error?.message}</div>
</div>
</div>
</div>

36
web/xliff/de.xlf
View File

@ -6641,6 +6641,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

36
web/xliff/en.xlf
View File

@ -6907,6 +6907,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

36
web/xliff/es.xlf
View File

@ -6558,6 +6558,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

83
web/xliff/fr.xlf
View File

@ -8604,108 +8604,191 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
</trans-unit>
<trans-unit id="s8cfd29891b2c93f0">
<source>Google Workspace Provider</source>
<target>Fournisseur Google Workspace</target>
</trans-unit>
<trans-unit id="sa817aa9f6f88a991">
<source>Credentials</source>
<target>Identifiants</target>
</trans-unit>
<trans-unit id="sc668815044e218c2">
<source>Delegated Subject</source>
<target>Sujet délégué</target>
</trans-unit>
<trans-unit id="se89a9ecf275e4343">
<source>Default group email domain</source>
<target>Domaine de courriel de groupe par défaut</target>
</trans-unit>
<trans-unit id="s64a0a6da6ed6d680">
<source>Default domain that is used to generate a group's email address. Can be customized using property mappings.</source>
<target>Domain par défaut utilisé pour générer le courriel d'un groupe. Peut être personnalisé avec des mappages de propriété.</target>
</trans-unit>
<trans-unit id="sd061e65955e036ca">
<source>User deletion action</source>
<target>Action de suppression d'un utilisateur</target>
</trans-unit>
<trans-unit id="s87f86f65b5e19ea7">
<source>User is deleted</source>
<target>L'utilisateur est supprimé</target>
</trans-unit>
<trans-unit id="s3906cd4a102867a3">
<source>Suspend</source>
<target>Suspendre</target>
</trans-unit>
<trans-unit id="s0bf5b364e2c79392">
<source>User is suspended, and connection to user in authentik is removed.</source>
<target>L'utilisateur est suspendu, et la connection à authentik est supprimée.</target>
</trans-unit>
<trans-unit id="s4acb0250d735c2a9">
<source>Do Nothing</source>
<target>Ne rien faire</target>
</trans-unit>
<trans-unit id="s5fe525d19499ed47">
<source>The connection is removed but the user is not modified</source>
<target>La connexion est supprimée mais l'utilisateur n'est pas modifié</target>
</trans-unit>
<trans-unit id="s676a0127c35d240a">
<source>Determines what authentik will do when a User is deleted.</source>
<target>Détermine ce qu'authentik fera si un utilisateur est supprimé.</target>
</trans-unit>
<trans-unit id="sd1aa04cc32caf2b0">
<source>Group deletion action</source>
<target>Action de suppression d'un groupe</target>
</trans-unit>
<trans-unit id="s874c788479481131">
<source>Group is deleted</source>
<target>Le groupe est supprimé</target>
</trans-unit>
<trans-unit id="s0983fa9b84e4a9f7">
<source>The connection is removed but the group is not modified</source>
<target>La connexion est supprimée mais le groupe n'est pas modifié</target>
</trans-unit>
<trans-unit id="sdb872a9f425937fa">
<source>Determines what authentik will do when a Group is deleted.</source>
<target>Détermine ce qu'authentik fera si un groupe est supprimé.</target>
</trans-unit>
<trans-unit id="sa5f28f1ad0bee45b">
<source>Google Workspace Provider is in preview.</source>
<target>Le fournisseur Google Workspace est en aperçu technique.</target>
</trans-unit>
<trans-unit id="s958928ab6208d748">
<source>Microsoft Entra Provider</source>
<target>Fournisseur Microsoft Entra</target>
</trans-unit>
<trans-unit id="sc7d6bc4aebb58fe9">
<source>Google Cloud credentials file.</source>
<target>Fichier d'identifiants Google Cloud.</target>
</trans-unit>
<trans-unit id="s2e707072d5a9615d">
<source>Email address of the user the actions of authentik will be delegated to.</source>
<target>Courriel de l'utilisateur auquel les actions d'authentik seront déléguées.</target>
</trans-unit>
<trans-unit id="s03a759e65ceb722d">
<source>Client ID for the app registration.</source>
<target>Client ID pour l'enregistrement de l'application.</target>
</trans-unit>
<trans-unit id="s479980cf9252628c">
<source>Client secret for the app registration.</source>
<target>Client secret pour l'enregistrement de l'application.</target>
</trans-unit>
<trans-unit id="s25c2392ffcb78df2">
<source>Tenant ID</source>
<target>Tenant ID</target>
</trans-unit>
<trans-unit id="s89e4e698cdb1187f">
<source>ID of the tenant accounts will be synced into.</source>
<target>ID du tenant dans lequel les comptes seront synchronisés.</target>
</trans-unit>
<trans-unit id="sf341f5dfc7a11633">
<source>Microsoft Entra Provider is in preview.</source>
<target>Le fournisseur Microsoft Entra est en aperçu technique.</target>
</trans-unit>
<trans-unit id="s79dd6df244c05ae9">
<source>Update Microsoft Entra Provider</source>
<target>Mettre à jour le fournisseur Microsoft Entra</target>
</trans-unit>
<trans-unit id="saf4b498d81141878">
<source>Finished successfully</source>
<target>Fini avec succès</target>
</trans-unit>
<trans-unit id="s46f1d86ffec6223c">
<source>Finished with errors</source>
<target>Fini avec erreurs</target>
</trans-unit>
<trans-unit id="sbd12ed8a1053a108">
<source>Finished <x id="0" equiv-text="${getRelativeTime(task.finishTimestamp)}"/> (<x id="1" equiv-text="${task.finishTimestamp.toLocaleString()}"/>)</source>
<target>Fini <x id="0" equiv-text="${getRelativeTime(task.finishTimestamp)}"/> (<x id="1" equiv-text="${task.finishTimestamp.toLocaleString()}"/>)</target>
</trans-unit>
<trans-unit id="sc3c334d642866997">
<source>Sync currently running</source>
<target>Synchronisation en cours</target>
</trans-unit>
<trans-unit id="sd520a4089006ca93">
<source>Update Google Workspace Provider</source>
<target>Mettre à jour le fournisseur Google Workspace</target>
</trans-unit>
<trans-unit id="sfdfa5bb4ddd99d70">
<source>Enterprise only</source>
<target>Entreprise uniquement</target>
</trans-unit>
<trans-unit id="scffa59cfac1951f2">
<source><x id="0" equiv-text="${type.name}"/> Icon</source>
<target>Icône <x id="0" equiv-text="${type.name}"/></target>
</trans-unit>
<trans-unit id="s1da3499258024860">
<source><x id="0" equiv-text="${versionString}"/> (build <x id="1" equiv-text="${this.outpostHealth.buildHash.substring(0, 8)}"/>)</source>
<target><x id="0" equiv-text="${versionString}"/> (build <x id="1" equiv-text="${this.outpostHealth.buildHash.substring(0, 8)}"/>)</target>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
<target><x id="0" equiv-text="${versionString}"/> (FIPS)</target>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
<target>Seuil minimum du score</target>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
<target>Score minimum requis pour continuer</target>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
<target>Seuil maximum du score</target>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
<target>Score maximum requis pour continuer</target>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
<target>Erreur sur score invalide</target>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
<target>Si activé et que le score résultant est hors des seuils, l'utilisateur ne pourra pas continuer. Si désactivé, l'utilisateur pourra continuer et le score pourra être utilisé dans des politiques pour configurer les étapes suivantes.</target>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
<target>Groupe(s) du fournisseur Microsoft Entra</target>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
<target>Utilisateur(s) du fournisseur Microsoft Entra</target>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
<target>Groupe(s) du fournisseur Google Workspace</target>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
<target>Utilisateur(s) du fournisseur Google Workspace</target>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
<target>Groupe(s) du fournisseur SCIM</target>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
<target>Utilisateur(s) du fournisseur SCIM</target>
</trans-unit>
</body>
</file>

36
web/xliff/ko.xlf
View File

@ -8487,6 +8487,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

36
web/xliff/nl.xlf
View File

@ -8331,6 +8331,42 @@ Bindingen naar groepen/gebruikers worden gecontroleerd tegen de gebruiker van de
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

2110
web/xliff/pl.xlf
View File

File diff suppressed because it is too large Load Diff

36
web/xliff/pseudo-LOCALE.xlf
View File

@ -8602,4 +8602,40 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body></file></xliff>

36
web/xliff/tr.xlf
View File

@ -6551,6 +6551,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

36
web/xliff/zh-CN.xlf
View File

@ -5473,6 +5473,42 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>
</xliff>

48
web/xliff/zh-Hans.xlf
View File

@ -8743,6 +8743,54 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
<target><x id="0" equiv-text="${versionString}"/>FIPS</target>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
<target>分数最小阈值</target>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
<target>允许继续所需的最小分数</target>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
<target>分数最大阈值</target>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
<target>允许继续所需的最大分数</target>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
<target>分数无效时报错</target>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
<target>启用时,如果结果分数超出阈值,用户将无法继续。禁用时,用户可以继续,分数可用于自定义下一阶段的策略。</target>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
<target>Microsoft Entra 组</target>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
<target>Microsoft Entra 用户</target>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
<target>Google Workspace 组</target>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
<target>Google Workspace 用户</target>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
<target>SCIM 组</target>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
<target>SCIM 用户</target>
</trans-unit>
</body>
</file>

36
web/xliff/zh-Hant.xlf
View File

@ -6599,6 +6599,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

48
web/xliff/zh_CN.xlf
View File

@ -8743,6 +8743,54 @@ Bindings to groups/users are checked against the user of the event.</source>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
<target><x id="0" equiv-text="${versionString}"/>FIPS</target>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
<target>分数最小阈值</target>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
<target>允许继续所需的最小分数</target>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
<target>分数最大阈值</target>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
<target>允许继续所需的最大分数</target>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
<target>分数无效时报错</target>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
<target>启用时,如果结果分数超出阈值,用户将无法继续。禁用时,用户可以继续,分数可用于自定义下一阶段的策略。</target>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
<target>Microsoft Entra 组</target>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
<target>Microsoft Entra 用户</target>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
<target>Google Workspace 组</target>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
<target>Google Workspace 用户</target>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
<target>SCIM 组</target>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
<target>SCIM 用户</target>
</trans-unit>
</body>
</file>

36
web/xliff/zh_TW.xlf
View File

@ -8448,6 +8448,42 @@ Bindings to groups/users are checked against the user of the event.</source>
</trans-unit>
<trans-unit id="s001fd928369d4ddc">
<source><x id="0" equiv-text="${versionString}"/> (FIPS)</source>
</trans-unit>
<trans-unit id="sce17c2bdea3e6ace">
<source>Score minimum threshold</source>
</trans-unit>
<trans-unit id="sf2fcb974c62625fc">
<source>Minimum required score to allow continuing</source>
</trans-unit>
<trans-unit id="s7452199a73ce8b78">
<source>Score maximum threshold</source>
</trans-unit>
<trans-unit id="s2d3a6cd50b46b44d">
<source>Maximum allowed score to allow continuing</source>
</trans-unit>
<trans-unit id="s9d6e40d9a9a58fbf">
<source>Error on invalid score</source>
</trans-unit>
<trans-unit id="s2af59e2f9f12847a">
<source>When enabled and the resultant score is outside the threshold, the user will not be able to continue. When disabled, the user will be able to continue and the score can be used in policies to customize further stages.</source>
</trans-unit>
<trans-unit id="s10092327ad833090">
<source>Microsoft Entra Group(s)</source>
</trans-unit>
<trans-unit id="s811c45ad24a5feae">
<source>Microsoft Entra User(s)</source>
</trans-unit>
<trans-unit id="s7d2d3d298fdccfc8">
<source>Google Workspace Group(s)</source>
</trans-unit>
<trans-unit id="s8c9cf2c004755526">
<source>Google Workspace User(s)</source>
</trans-unit>
<trans-unit id="sd000b42fea07c34a">
<source>SCIM Group(s)</source>
</trans-unit>
<trans-unit id="s146769fb55f1ee50">
<source>SCIM User(s)</source>
</trans-unit>
</body>
</file>

2
website/docs/troubleshooting/postgres/upgrade_docker.md
View File

@ -36,7 +36,7 @@ Add `network_mode: none` to prevent connections being established to the databas
Pull new images and re-create the PostgreSQL container: `docker compose pull && docker compose up --force-recreate -d postgresql`
Apply your backup to the new database: `cat upgrade_backup_12.sql | docker compose exec postgresql psql -U authentik`
Apply your backup to the new database: `cat upgrade_backup_12.sql | docker compose exec -T postgresql psql -U authentik`
Remove the network configuration setting `network_mode: none` that you added to the Compose file in the previous step.

2
website/integrations/services/aws/index.md
View File

@ -8,7 +8,7 @@ title: Amazon Web Services
> Amazon Web Services (AWS) is the worlds most comprehensive and broadly adopted cloud, with more than 200 fully featured services available from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, increase security, become more agile, and innovate faster.
>
> -- https://www.aboutamazon.com/what-we-do/amazon-web-
> -- https://www.aboutamazon.com/what-we-do/amazon-web-services
## Select your method

4
website/integrations/services/gitea/index.md
View File

@ -168,7 +168,7 @@ gitea:
provider: "openidConnect"
key: "CLIENT_ID_FROM_AUTHENTIK" #Step 1
secret: "CLIENT_SECRET_FROM_AUTHENTIK" #Step 1
autoDiscoveryUrl: "https://authentik.company/application/o/gitea-slug/.well-known/openid-configuration"
autoDiscoverUrl: "https://authentik.company/application/o/gitea-slug/.well-known/openid-configuration"
iconUrl: "https://goauthentik.io/img/icon.png"
scopes: "email profile"
```
@ -198,7 +198,7 @@ gitea:
- name: "authentik"
provider: "openidConnect"
existingSecret: gitea-authentik-secret
autoDiscoveryUrl: "https://authentik.company/application/o/gitea-slug/.well-known/openid-configuration"
autoDiscoverUrl: "https://authentik.company/application/o/gitea-slug/.well-known/openid-configuration"
iconUrl: "https://goauthentik.io/img/icon.png"
scopes: "email profile"
```

8
website/package-lock.json generated
View File

@ -35,7 +35,7 @@
"@docusaurus/tsconfig": "^3.4.0",
"@docusaurus/types": "^3.3.2",
"@types/react": "^18.3.3",
"prettier": "3.3.0",
"prettier": "3.3.1",
"typescript": "~5.4.5"
},
"engines": {
@ -15002,9 +15002,9 @@
}
},
"node_modules/prettier": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.0.tgz",
"integrity": "sha512-J9odKxERhCQ10OC2yb93583f6UnYutOeiV5i0zEDS7UGTdUt0u+y8erxl3lBKvwo/JHyyoEdXjwp4dke9oyZ/g==",
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.1.tgz",
"integrity": "sha512-7CAwy5dRsxs8PHXT3twixW9/OEll8MLE0VRPCJyl7CkS6VHGPSlsVaWTiASPTyGyYRyApxlaWTzwUxVNrhcwDg==",
"dev": true,
"bin": {
"prettier": "bin/prettier.cjs"

2
website/package.json
View File

@ -54,7 +54,7 @@
"@docusaurus/tsconfig": "^3.4.0",
"@docusaurus/types": "^3.3.2",
"@types/react": "^18.3.3",
"prettier": "3.3.0",
"prettier": "3.3.1",
"typescript": "~5.4.5"
},
"engines": {