authentik

Author	SHA1	Message	Date
Marc 'risson' Schmitt	92a33a408f	remove go worker stuff Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-06-19 19:10:38 +02:00
Marc 'risson' Schmitt	0ac854458a	Merge branch 'main' into celery-2-dramatiq Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-06-18 13:28:02 +02:00
Simonyi Gergő	da6d4ede51	root: backport version bump `2025.6.2` (#15078 ) release: 2025.6.2	2025-06-17 00:21:39 +02:00
Marc 'risson' Schmitt	8f399bba3f	Merge branch 'main' into celery-2-dramatiq Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-06-12 14:22:40 +02:00
Dominic R	5af2378738	outposts/ldap: Handle comma-separated attributes in LDAP search requests (#15000 ) Closes https://github.com/goauthentik/authentik/issues/13539 When LDAP clients like Jira submit search requests with comma-separated attributes (e.g., ["uid,cn,sn"] instead of ["uid", "cn", "sn"]), the LDAP outpost would return an "Operations Error". Ths fix adds attribute normalization to properly handle both formats by splitting comma separated attributes into individual entries. Tests pass: ``` === RUN TestNormalizeAttributes === RUN TestNormalizeAttributes/Empty_input === RUN TestNormalizeAttributes/No_commas === RUN TestNormalizeAttributes/Single_comma-separated_string === RUN TestNormalizeAttributes/Mixed_input === RUN TestNormalizeAttributes/With_spaces === RUN TestNormalizeAttributes/Empty_parts === RUN TestNormalizeAttributes/Single_element === RUN TestNormalizeAttributes/Only_commas === RUN TestNormalizeAttributes/Multiple_comma-separated_attributes === RUN TestNormalizeAttributes/Case_preservation === RUN TestNormalizeAttributes/Leading_and_trailing_spaces === RUN TestNormalizeAttributes/Real-world_LDAP_attribute_examples === RUN TestNormalizeAttributes/Jira-style_attribute_format === RUN TestNormalizeAttributes/Single_string_with_single_attribute === RUN TestNormalizeAttributes/Mix_of_standard_and_operational_attributes --- PASS: TestNormalizeAttributes (0.00s) --- PASS: TestNormalizeAttributes/Empty_input (0.00s) --- PASS: TestNormalizeAttributes/No_commas (0.00s) --- PASS: TestNormalizeAttributes/Single_comma-separated_string (0.00s) --- PASS: TestNormalizeAttributes/Mixed_input (0.00s) --- PASS: TestNormalizeAttributes/With_spaces (0.00s) --- PASS: TestNormalizeAttributes/Empty_parts (0.00s) --- PASS: TestNormalizeAttributes/Single_element (0.00s) --- PASS: TestNormalizeAttributes/Only_commas (0.00s) --- PASS: TestNormalizeAttributes/Multiple_comma-separated_attributes (0.00s) --- PASS: TestNormalizeAttributes/Case_preservation (0.00s) --- PASS: TestNormalizeAttributes/Leading_and_trailing_spaces (0.00s) --- PASS: TestNormalizeAttributes/Real-world_LDAP_attribute_examples (0.00s) --- PASS: TestNormalizeAttributes/Jira-style_attribute_format (0.00s) --- PASS: TestNormalizeAttributes/Single_string_with_single_attribute (0.00s) --- PASS: TestNormalizeAttributes/Mix_of_standard_and_operational_attributes (0.00s) PASS ok goauthentik.io/internal/outpost/ldap/search 0.194s ```	2025-06-11 18:16:40 +02:00
Marc 'risson' Schmitt	3f33519ec0	Merge branch 'main' into celery-2-dramatiq Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-06-10 14:49:45 +02:00
Jens L.	88fa7e37dc	outposts: Refactor session end signal and add LDAP support (#14539 ) * outpost: promote session end signal to non-provider specific Signed-off-by: Jens Langhammer <jens@goauthentik.io> * implement server-side logout in ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix previous import Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use better retry logic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * log Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make more generic if we switch from ws to something else Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make it possible to e2e test WS Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ldap session id Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok I actually need to go to bed this took me an hour to fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format; add ldap test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix leftover state Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove thread Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use ws base for radius Signed-off-by: Jens Langhammer <jens@goauthentik.io> * separate test utils Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing super calls Signed-off-by: Jens Langhammer <jens@goauthentik.io> * websocket tests with browser 🎉 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add proxy test for sign out Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix install_id issue with channels tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy basic auth test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * big code dedupe Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow passing go build args Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve waiting for outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite ldap tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok actually fix the tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * undo a couple things that need more time to cook Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove unused lockfile-lint dependency since we use a shell script and SFE does not have a lockfile Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix session id for ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing createTimestamp and modifyTimestamp ldap attributes closes #10474 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-10 12:11:21 +02:00
Jens L.	dea2d67ceb	internal/outpost: fix incorrect usage of golang SHA API (#14981 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-09 20:57:36 +02:00
Jens L.	c60a145f95	root: backport 2025.6.1 bump (#14970 ) release: 2025.6.1 Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-06-09 04:15:33 +02:00
Jens L.	b7417e77c7	outposts: remove duplicate startup/setup code, add pyroscope, make sentry not reconfigure every time (#14724 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-07 03:01:00 +02:00
Marc 'risson' Schmitt	969fa82b7f	root: remove /if/help (#14929 ) Co-authored-by: Teffen Ellis <teffen@sister.software> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-06-06 17:21:07 +02:00
Marc 'risson' Schmitt	5acdd67cba	wip: go embedded worker Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-06-06 16:16:29 +02:00
Marc 'risson' Schmitt	1b4ed02959	Merge branch 'main' into celery-2-dramatiq	2025-06-06 14:55:50 +02:00
Jens L.	a306cecb73	providers/proxy: add option to override host header with property mappings (#14927 )	2025-06-06 14:54:59 +02:00
Marc 'risson' Schmitt	3140325493	Merge branch 'main' into celery-2-dramatiq	2025-06-04 18:54:58 +02:00
Simonyi Gergő	7a8c2e7ad9	root: backport version bump `2025.6.0` (#14904 ) * release: 2025.6.0-rc1 * release: 2025.6.0	2025-06-04 18:28:52 +02:00
Marc 'risson' Schmitt	9b556cf4c4	Merge branch 'main' into celery-2-dramatiq	2025-06-03 15:34:31 +02:00
Jens L.	57f25a97c9	providers/ldap: retain binder and update users instead of re-creating (#14735 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-05-28 13:43:35 +02:00
Jens L.	0d18c1d797	web: fix regression in subpath support (#14646 ) * web: fix regression in subpath support, part 1 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix media path in subpath Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-05-27 18:42:47 +02:00
Marc 'risson' Schmitt	7118219544	Merge branch 'main' into celery-2-dramatiq	2025-05-26 18:29:26 +02:00
Jens L.	65517f3b7f	enterprise/stages: Add MTLS stage (#14296 ) * prepare client auth with inbuilt server Signed-off-by: Jens Langhammer <jens@goauthentik.io> * introduce better IPC auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * init Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only allow trusted proxies to set MTLS headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more stage progress Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont fail if ipc_key doesn't exist Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually install app Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix unquote Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix int serial number not jsonable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * init ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix git pull in makefile Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix parse helper Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more tests and improvements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve labels Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for multiple CAs on brand Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for multiple CAs to MTLS stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont log ipcuser secret views Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go mod Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-05-19 22:48:17 +02:00
Jens L.	75a0ac9588	release: 2025.4.1 (#14527 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # package.json	2025-05-15 20:12:41 +02:00
Marcelo Elizeche Landó	e76d388ce4	release: 2025.4.0 (#14299 ) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-04-30 13:15:38 +00:00
Marc 'risson' Schmitt	475600ea87	Merge branch 'main' into celery-2-dramatiq	2025-04-22 16:11:42 +02:00
Marcelo Elizeche Landó	e4d2a53ccc	release: 2025.2.4 (#13830 ) * release: 2025.2.4 * bump version in uv.lock	2025-04-08 19:16:00 +00:00
Marc 'risson' Schmitt	c5a40fced3	Merge branch 'main' into celery-2-dramatiq	2025-04-03 15:03:50 +02:00
Marc 'risson' Schmitt	e89659fe71	wip Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-04-02 17:52:10 +02:00
dependabot[bot]	7826e7a605	core: bump oss/go/microsoft/golang from 1.23-fips-bookworm to 1.24-fips-bookworm (#13027 ) * core: bump oss/go/microsoft/golang Bumps oss/go/microsoft/golang from 1.23-fips-bookworm to 1.24-fips-bookworm. --- updated-dependencies: - dependency-name: oss/go/microsoft/golang dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * upstream docker image, use native fips Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump go version Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-03-30 03:26:30 +02:00
Marc 'risson' Schmitt	781704fa38	Merge branch 'main' into celery-2-dramatiq	2025-03-28 17:35:05 +01:00
Jens L.	bcfd6fefa7	release: 2025.2.3 (#13705 ) * release: 2025.2.3 * fix uv lock not being bumped Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-28 17:08:57 +01:00
Marc 'risson' Schmitt	9465dafd7d	wip Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-03-27 18:54:38 +01:00
Jens L.	5bcf501842	outposts/ldap: fix paginator going into infinite loop (#13677 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-27 00:05:43 +01:00
dependabot[bot]	84b5992e55	ci: bump golangci/golangci-lint-action from 6 to 7 (#13661 ) * ci: bump golangci/golangci-lint-action from 6 to 7 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6 to 7. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v6...v7) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix v2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix v3 Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-03-26 18:03:20 +01:00
Marc 'risson' Schmitt	0d0aeab4ee	wip Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2025-03-24 21:01:34 +01:00
Jens L.	f37e1ca642	brands: migrate custom CSS to brands (#13172 ) * brands: migrate custom CSS to brands Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing default Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * simpler migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add css to brand form Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-19 22:52:38 +00:00
Simonyi Gergő	2e3624ea82	release: 2025.2.2 (#13554 )	2025-03-17 22:10:22 +01:00
Marc 'risson' Schmitt	989d39b154	release: 2025.2.1 (#13278 )	2025-02-27 10:55:18 +00:00
Jens L.	2b39748c84	root: Backport version 2025.2 (#13225 ) * release: 2025.2.0-rc1 * release: 2025.2.0-rc2 * release: 2025.2.0-rc3 * release: 2025.2.0	2025-02-24 18:35:13 +01:00
Jens L.	334e2c466f	lifecycle: much improved debugging experience (#12804 ) * lifecycle: much improved debugging experience Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add start debug launch configs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only install dev deps in container Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add pathMappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use debugger variable to enable only debugger without debug mode enabled Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix path map Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-02-01 03:35:56 +01:00
Marc 'risson' Schmitt	8cad66536c	release: 2024.12.3 (#12883 ) * release: 2024.12.3 * ci: fix permissions for release-publish pipeline Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ci: fix missing dockerhub login Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-01-29 23:35:06 +01:00
Andrea Scarpino	94eff50306	root: redis, make sure tlscacert isn't an empty string (#12407 ) * root: redis, make sure tlscacert isn't an empty string * make TLSCaCert a string instead of pointer Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2025-01-13 20:14:26 +01:00
Jens L.	6c0d462410	release: 2024.12.2 (#12615 )	2025-01-09 20:38:27 +01:00
Jens L.	ffd5234396	web: only load version context when authenticated (#12482 ) * only add version context for authz interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename enterprise aware interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont log startup error Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-25 16:58:18 +01:00
Jens L.	40b0f7df8d	root: fix dev build version being invalid semver (#12472 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-24 01:21:18 +01:00
Jens L.	ee6fcdfbd8	internal: fix missing trailing slash in outpost websocket (#12470 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-23 23:42:42 +01:00
Jens L.	3eaaa35a4c	release: 2024.12.1 (#12466 )	2024-12-23 20:51:05 +01:00
Jens L.	15be3f2461	internal: fix URL generation for websocket connection (#12439 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-20 19:18:50 +01:00
Marc 'risson' Schmitt	3367ac0e08	root: backport version bump (#12426 )	2024-12-19 21:27:13 +01:00
Jens L.	40a7135c0c	core: app entitlements (#12090 ) * core: initial app entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * base off of pbm Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests and oauth2 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to proxy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite to use bindings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make policy bindings form and list more customizable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * double fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refine permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing rbac modal to app entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * separate scope for app entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include entitlements mapping in proxy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add API validation to prevent policies from being bound to entitlements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make preview Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add initial docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove duplicate docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-18 14:32:44 +01:00
Jens L.	e5dd923333	release: 2024.10.5 (#12319 ) * release: 2024.10.5 * manually bump aws version Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-12-10 19:20:01 +01:00

1 2 3 4 5 ...

695 Commits