a5098364eb
events: unpack wrapped query from FlowExecutor ( #5244 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-14 00:07:41 +02:00
75510ead84
core: fix app launch URL flow selection ( #5113 )
2023-03-30 02:10:25 +02:00
1957717160
providers: Add ability to choose a default authentication flow ( #5070 )
...
* core: add ability to choose a default authentication flow for a provider
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update web to use correct ak-search-select
I don't think this element existed when the PR was initially created, lol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only use provider authentication flow for authentication designation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-03-24 13:26:00 +01:00
972dce1462
security: fix CVE-2023-26481 ( #4832 )
...
fix CVE-2023-26481
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-03-02 20:15:33 +01:00
20e971f5ce
flows: planner error handling ( #4812 )
...
* handle FlowNonApplicableException everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make flow planner check authentication when no pending user is in planning context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add mailhog to e2e test services, remove local docker requirement
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-02-28 15:18:29 +01:00
9568f4dbd6
root: improve code style ( #4436 )
...
* cleanup pylint comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix url name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* *: use ExtractHour instead of ExtractDay
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-15 17:02:31 +01:00
81e9f2d608
web/admin: fix overflow in aggregate cards
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-11 14:12:02 +01:00
3980eea7c6
web/flows: rework error display, always use ak-stage-flow-error instead of shell
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2023-01-01 21:43:44 +01:00
e52c964354
flows: fix redirect from plan context "redirect" not being wrapped in flow response
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-22 23:28:26 +01:00
c158ef80db
*: fix remaining old cache keys
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-11-18 16:18:32 +01:00
9d0a7578ec
flows: fix error due to not validating error challenge
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-10-27 20:04:00 +02:00
62f93c83d4
ci: update pyright ( #3546 )
2022-09-07 00:23:25 +02:00
60266b3345
flows: migrate FlowExecutor error handler to native challenge instead of shell
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-06 18:48:15 +02:00
14a4047bdd
flows: show messages from ak_message when flow is denied
...
fallback to same generic message
closes #3197
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-07-03 21:36:13 +02:00
17d33f4b19
flows: denied action ( #3194 )
2022-07-02 17:37:57 +02:00
c39a5933e1
core: create FlowToken instead of regular token for generated recovery links ( #3193 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#2749
2022-07-02 14:17:41 +02:00
2c6d82593e
root: cleanup session keys to use common format ( #3003 )
...
cleanup session keys to use common format
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-05-31 21:53:23 +02:00
34bcc2df1a
root: disable session_save_every_request as it overwrites the session with old data
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#2991
2022-05-31 20:46:27 +02:00
ddbe0aaf13
stages/user_delete: fix delete stage failing when pending user is not explicitly set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-05-01 13:59:33 +02:00
5861d41ad3
tenants: add tenant-level attributes, applied to users based on request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-04-06 10:41:35 +02:00
50e3d317b2
flows: use WithUserInfoChallenge for AccessDeniedChallenge
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#2039
2022-01-01 19:45:34 +01:00
46f12e62e8
flows: don't create EventAction.FLOW_EXECUTION
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-27 15:07:33 +01:00
0b00768b84
events: add flow_execution event type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-14 16:13:51 +01:00
ac9cf590bc
*: use prefixed span names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-13 16:18:42 +01:00
83c12ad483
flows: fix description for spans
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-12 21:51:51 +01:00
597ce1eb42
Revert "*: use cache.delete_pattern instead of getting keys and deleting them"
...
This reverts commit ff481ba6e7jens.langhammer@beryju.org >
# Conflicts:
# authentik/flows/views/executor.py
# authentik/policies/signals.py
2021-12-12 20:41:34 +01:00
cda4be3d47
flows: add additional tags
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-12 20:37:20 +01:00
6efc7578ef
flows: add additional sentry spans to flow executor
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-12 20:04:21 +01:00
ff481ba6e7
*: use cache.delete_pattern instead of getting keys and deleting them
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-10 21:35:28 +01:00
317e9ec605
core: add FlowToken which saves the pickled flow plan, replace standard token in email stage to allow finishing flows in different sessions
...
closes #1801
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-05 15:20:11 +01:00
4f54ce6afb
providers/saml: fix error when using post bindings and user freshly logged in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
#1873
2021-12-02 13:00:21 +01:00
8040e2b6e4
build(deps): bump webauthn from 0.4.7 to 1.0.0 ( #1625 )
...
* build(deps): bump webauthn from 0.4.7 to 1.0.0
Bumps [webauthn](https://github.com/duo-labs/py_webauthn ) from 0.4.7 to 1.0.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases )
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v0.4.7...v1.0.0 )
---
updated-dependencies:
- dependency-name: webauthn
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* stages/authenticator_webauthn: migrate to new library version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/authenticator_validate: migrate to new version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/authenticator_webauthn: add bytes_to_base64url_dict for json encoding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* actually don't do that
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix missing response on web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* more double json
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* more base64 stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* ci: always sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-10-15 23:26:29 +02:00
aef9d27706
stages/authenticator_sms: Add SMS Authenticator Stage ( #1577 )
...
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-10-11 17:51:49 +02:00
f9ad102915
flows: inspector ( #1469 )
...
* flows: add initial inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: change naming a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/flow: add inspector frame
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* core: don't use shadydom when inspecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: add current stage to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* stages/*: fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: deep-copy plan instead of just adding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/flows: ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: restrict inspector to admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/admin: add buttons to launch flow with inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/flows: don't automatically follow redirects when inspector is open
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: make current_plan optional, only require historry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/flows: handle error messages in inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web/flows: improve UI when flow is done
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: add is_completed flag to inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: fix monkeypatches for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: add inspector tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* ci: re-enable cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-28 09:36:48 +02:00
