da1b252f3b
root: do not use /bin/bash directly ( #14698 )
2025-05-26 14:38:29 +02:00
c133ba9bd3
enterprise/stages/mtls: update go & web client, fix py client generation ( #14576 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-05-19 23:27:02 +02:00
65517f3b7f
enterprise/stages: Add MTLS stage ( #14296 )
...
* prepare client auth with inbuilt server
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* introduce better IPC auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* init
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only allow trusted proxies to set MTLS headers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stage progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont fail if ipc_key doesn't exist
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually install app
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix unquote
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix int serial number not jsonable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* init ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix git pull in makefile
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix parse helper
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test for outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more tests and improvements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve labels
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for multiple CAs on brand
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for multiple CAs to MTLS stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont log ipcuser secret views
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go mod
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-05-19 22:48:17 +02:00
fdb7b29d9a
root: replace raw.githubusercontent.com by checking out repo ( #14567 )
...
* root: replace raw.githubusercontent.com by checking out repo
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use make from client-go
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update instead of delete
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix py client install
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: use all absolute paths
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-05-19 13:18:44 +02:00
192ed8f494
root: fix uv lock file on macOS ( #13578 )
...
* root: fix uv lock on macOS
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add make run
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-19 20:38:27 +01:00
868261c883
root: replace poetry with uv ( #13388 )
2025-03-19 16:29:18 +00:00
ec9e815e7a
root: bump python client generator version ( #13467 )
...
* root: bump python client generator version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* run version generate without poetry
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-11 23:37:35 +00:00
cf58c5617a
core: Tidy contributor onboarding, fix typos. ( #12700 )
...
core: Tidy contributor onboarding.
- Fixes typos.
- Fixes stale links.
- Tidies Makefile so that Poetry env is optional for hygiene commands.
- Remove mismatched YAML naming.
- Uses shebang on Python scripts.
- Document semver usage.
- Redirect OpenAPI schema.
Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
2025-03-06 18:34:54 +00:00
67c22c1313
root: fix generated API docs not being excluded from codespell ( #13091 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-17 18:19:33 +01:00
b865e97973
ci: parallelize unit tests ( #13036 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-02-16 17:35:38 +01:00
6549b303d5
enterprise/providers: SSF ( #12327 )
...
* init
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some other stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make it work, send verification event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* save iss
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add signals for MFA devices
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-work auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add API to list ssf streams
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start rbac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ssf icon
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make events expire, rewrite sending logic
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add oidc token test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add stream list
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add jwks tests and fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update web ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix configuration endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace port number correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better log what went wrong
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* linter has opinions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix messages
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix set status
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more debug logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix issuer here too
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove port :443...removal
apparently apple's HTTP logic is wrong and includes the port in the Host header even if the default port is used (80 or 443), which then fails as the URL doesn't exactly match what the admin configured...so instead of trying to add magic about this we'll add it in the docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when no request in context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add signal for admin session revoke
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set txn based on request id
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* validate method and endpoint url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix request ID detection
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add timestamp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* temp migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix signal
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add signal tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* the final commit
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ok actually the last commit
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-05 17:52:14 +01:00
34ee29227a
ci: fix daily test ( #12909 )
...
* ci: fix daily container test fallback id generation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only attempt to build images when needed
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-01 03:36:30 +01:00
d3d6040e23
lifecycle: better pre release test ( #12806 )
...
* move pre-release docker test to script
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set pipefail in ak
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't reinstall wheels since they don't exist anymore
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix image
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix config error on startup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-01-25 01:38:47 +01:00
3253de73ec
web: update gen-client-ts to OpenAPI 7.11.0 ( #12756 )
...
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit dddde09be5
2025-01-22 08:15:22 -08:00
236455fc45
lifecycle: move AWS CFN generation to lifecycle and fix CI ( #12743 )
...
* fix missing min_healthy_percent which was causing an error on stdout...sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disable version reporting (replaces deleting BootstrapVersion)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont generate bootstrap thing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* aaand remove fix_template
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* always set CI to false so errors are sent to stderr
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move aws stuff to lifecycle
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing package-lock
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix package
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup website structure
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-01-21 14:48:11 +01:00
fda6054285
website/docs: install: add aws ( #12082 )
2024-12-01 15:43:14 +00:00
6d5172d18a
website: latest PR for new Docs structure ( #11639 )
...
* first pass
* dependency shenanigans
* move blueprints
* few broken links
* change config the throw errors
* internal file edits
* fighting links
* remove sidebarDev
* fix subdomain
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix relative URL
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix mismatched package versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix api reference build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test tweak
* links hell
* more links hell
* links hell2
* yep last of the links
* last broken link fixed
* re-add cves
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add devdocs redirects
* add dir
* tweak netlify.toml
* move latest 2 CVES into dir
* fix links to moved cves
* typoed title fix
* fix link
* remove banner
* remove committed api docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* integrations: remove version dropdown
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update Makefile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* change doc links in web as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* ci: require ci-web.build for merging
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "ci: require ci-web.build for merging"
This reverts commit b99a4842a9jens@goauthentik.io >
* remove explicit index.md
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove mdx first
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* then remove .md
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing prefix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-10-09 09:33:40 -05:00
6b2fced1b9
Revert "website: latest migration to new structure" ( #11634 )
...
Revert "website: latest migration to new structure (#11522 )"
This reverts commit 9a89a5f94b
2024-10-09 00:30:50 +02:00
9a89a5f94b
website: latest migration to new structure ( #11522 )
...
* first pass
* dependency shenanigans
* move blueprints
* few broken links
* change config the throw errors
* internal file edits
* fighting links
* remove sidebarDev
* fix subdomain
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix relative URL
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix mismatched package versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix api reference build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test tweak
* links hell
* more links hell
* links hell2
* yep last of the links
* last broken link fixed
* re-add cves
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add devdocs redirects
* add dir
* tweak netlify.toml
* move latest 2 CVES into dir
* fix links to moved cves
* typoed title fix
* fix link
* remove banner
* remove committed api docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* integrations: remove version dropdown
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update Makefile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* change doc links in web as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* ci: require ci-web.build for merging
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "ci: require ci-web.build for merging"
This reverts commit b99a4842a9jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-10-08 14:07:19 -05:00
30fcdbf05f
web/admin: fix misc dual select on different forms ( #11203 )
...
* fix prompt stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix identification stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix OAuth JWKS sources
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix oauth provider default scopes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix outpost form
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix webauthn
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix transport form
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-04 13:45:41 +02:00
811823e648
enterprise: fix license status progress bar ( #11048 )
...
* clamp width to 100% width
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add case for unlicensed and set to infinity when users of a type exists that dont have licenses
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework license status into separate component...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* enable coverage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove annoying disable-search-engine-choice-screen
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor percentage calculation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bug found by tests, yay
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for enterprise status card
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* upgrade vite-tsconfig-paths
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ...?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-08-24 14:23:32 +02:00
53a44435f8
website/docs: fix #9552 openssl rand base64 line wrap ( #10211 )
2024-06-24 21:19:47 +00:00
0cc853e272
root: makefile: add codespell to make-website ( #10116 )
2024-06-18 09:44:27 -07:00
95d26563e7
providers/oauth2: don't handle api scope as special scope ( #9910 )
...
* providers/oauth2: don't handle api scope as special scope
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make default scope selection less magic
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ensure missing folder exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-06-01 17:16:56 +09:00
0a312821ee
website/docs: fix api browser references ( #9577 )
...
* website/docs: fix api browser references
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't attempt to correct generated docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-05-06 12:30:43 +02:00
49cf10e9bd
website/docs: fix openssl rand commands ( #9554 )
...
* website/docs: fix openssl rand commands
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/integrations/sources/freeipa/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-05-03 14:24:04 +02:00
e769f7ee02
blueprints: fix schema generation for PrimaryKeyRelated fields with non-int PK ( #9140 )
...
* fix build error with bandit
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* blueprints: fix incorrect schema for primarykeyrelated fields with non-int PK
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* blueprints: fix export containing null ID
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include authentik version in blueprint schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-05 01:01:09 +02:00
bb1f18d973
root: generate python client ( #9107 )
...
* generate api client
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# authentik/lib/expression/evaluator.py
# poetry.lock
* don't attempt to pr upgrade api client
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# poetry.lock
# pyproject.toml
* use new generator
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* t
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use upstream generator since that one is v2 already 🤦
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing help to makefile
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-04-04 15:39:42 +02:00
70462c4c72
root: fix missing imports after #9081 ( #9106 )
2024-04-02 17:46:38 +02:00
b225b0200e
root: early spring clean for linting ( #8498 )
...
* remove pyright
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove pylint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace pylint with ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ruff fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix UP038
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix DJ012
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix default arg
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix UP031
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename stage type to view
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix DJ008
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix remaining upgrade
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix PLR2004
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix B904
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix PLW2901
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix remaining issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent ruff from breaking the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* stages/prompt: refactor field building
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fully remove isort
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-02-24 18:13:35 +01:00
55333ef1ac
ci: fix missing tags from release ( #8645 )
...
* ci: fix missing tags from release
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also format helper scripts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-22 11:55:11 +01:00
a3bfb3d25c
website/docs: 2024.2 release notes ( #8468 )
...
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-02-14 20:52:56 +01:00
4dadcc1dfd
web/admin: hide expiry time if item is set to not expire ( #8457 )
...
* web/admin: hide expiry time if item is set to not expire
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-08 22:51:41 +01:00
5fe2772567
core, web: update translations ( #8436 )
...
* core, web: update translations
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* exclude lines from generated po file
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-02-07 13:24:30 +01:00
a71948c9b7
ci: auto extract translation strings ( #8417 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-02-05 17:40:57 +00:00
abc0c2d2a2
root: Multi-tenancy ( #7590 )
...
* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "fix oauth source type import"
This reverts commit d015fd0244marc.schmitt@risson.space >
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try with connection_created signal"
This reverts commit 764a999db832b40a3bbbmarc.schmitt@risson.space >
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a614bffb19704marc.schmitt@risson.space >
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447jens@goauthentik.io >
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-23 14:28:06 +01:00
5be9d1fc6a
web/components: improve error handling in ak-search-select ( #8228 )
...
* unrelated: remove deprecated sentry tracing package since its in the main package
no of course this does not fix the circular import, sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix syntax error in group view page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve error handling in search-select
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove requiredness from flow input for invitation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix dark theme for date and datetime input fields' picker button
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-18 23:24:52 +01:00
240cf6dd94
enterprise/providers: Add RAC [AUTH-15] ( #7291 )
...
* add basic guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make everything mostly work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add rac build to CI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix resize, fix web lint, sendSize correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* pre-send connection from client, format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve throughput
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework TokenOutpostConsumer into middleware
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some layout issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add outpost controllers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start testing audio things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix to work with outpost group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple loadbalancing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple reconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show reconnecting text
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when checking ports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move to providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flow check to interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix rac app label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix audio
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow overriding all settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate keyboard, debug high DPI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing __init__.py breaking model loading
I love python
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump successful ws connection to info
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* hide cursor since guac draws that
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add clipboard support (bidirectional)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make codespell not want to break the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* run pr comment in separate task
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start endpoint and property mapping stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more endpoint things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix event model_pk filtering with ints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: improve event display for changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rebuild endpoint stuff again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk special url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stuff, connect token with session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add disconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework disconnect
cleanly disconnect from guacd instead of just letting the connection timeout
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clear cache when creating outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support host:port and fix protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* center smaller viewport
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework connection to wait more and stop after some time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add policy control to endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove provider protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't switch to different outpost connection when already chosen
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start using property mappings, add static settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some RAC mapping settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for event changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and fix issues found by said tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview banner, move endpoints to main page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* auto-select endpoint if only one is available
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport https://github.com/goauthentik/authentik/pull/7831 to rac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont select property mappings on endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make table modal only load when opened
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only auto-redirect when open
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for token expiry and terminate session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add endpoint name to title
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disconnect connection when token is manually deleted
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial RAC docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add connection expiry setting to provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-30 21:33:14 +01:00
729ef4d786
root: bump python deps (django 5) ( #7862 )
...
* bump python deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* vendor pickle serializer for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
#7761
* cleanup some things and re-build api scheme
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web and go
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually fix go...?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better annotate json fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use jsondictfield wherever
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove all virtualenvs?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* final version bump
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-18 22:07:59 +01:00
823e7dbe1a
website: bump the docusaurus group in /website with 3 updates ( #7400 )
...
* website: bump the docusaurus group in /website with 3 updates
Bumps the docusaurus group in /website with 3 updates: [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects ), [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic ) and [@docusaurus/theme-mermaid](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-theme-mermaid ).
Updates `@docusaurus/plugin-client-redirects` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-plugin-client-redirects )
Updates `@docusaurus/preset-classic` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-preset-classic )
Updates `@docusaurus/theme-mermaid` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-theme-mermaid )
---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
- dependency-name: "@docusaurus/preset-classic"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
- dependency-name: "@docusaurus/theme-mermaid"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
...
Signed-off-by: dependabot[bot] <support@github.com >
* update
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate docusaurus config to ts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix docs-only build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-11-06 15:12:23 +01:00
f036820fd8
stages/email: Fix query parameters getting lost in Email links ( #5376 )
...
* fix to email confirmation flow
* handled query keyerror
* rewrite using django's QueryDict, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix makefile
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove commented out code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Roney Dsilva <roney.dsilva@cdmx.in >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-10-19 17:52:27 +02:00
e28babb0b8
core: Initial RBAC ( #6806 )
...
* rename consent permission
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* the user version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
t
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial role
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start form
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* some minor table refactoring
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix user, add assign
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add roles ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix backend
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add assign API for roles
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding toggle buttons
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start view page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* exclude add_ permission for per-object perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* small cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add permission list for roles
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make sidebar update
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix page header not re-rendering?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add search
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show first category in table groupBy except when its empty
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make model and object PK optional but required together
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow for setting global perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* exclude non-authentik permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* exclude models which aren't allowed (base models etc)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ensure all models have verbose_name set, exclude some more internal objects
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* lint fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix role perm assign
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add unasign for global perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add meta changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clear modal state after submit
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add roles to our group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate url names
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make recursive group query more usable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add name field to role itself and move group creation to signal
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move rbac stuff to separate django app
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint and such
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start API changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more API tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make admin interface not require superuser for now, improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace some IsAdminUser where applicable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate flow inspector perms to actual permission
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix license not being a serializermodel
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add permission modal to models without view page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add additional permissions to assign/unassign permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add action to unassign user permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add permissions tab to remaining view pages
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flow inspector permission check
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix codecov config?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more API tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ensure viewsets have an order set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* hopefully the last api name change
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make perm modal less confusing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start user view permission page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only make delete bulk form expandable if usedBy is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* expand permission tables
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add user global permission table
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests' url names
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for assign perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add unassign tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rebuild permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent assigning/unassigning permissions to internal service accounts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only enable default api browser in debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix role object permissions showing duplicate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix role link on role object permissions table
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix object permission modal having duplicate close buttons
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* return error if user has no global perm and no object perms
also improve error display on table
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* small optimisation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* optimise even more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add system permission for non-object permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow access to admin interface based on perm
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clean
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't exclude base models
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-16 17:31:50 +02:00
83f9eae654
root: extended flow and policy metrics ( #7067 )
2023-10-05 01:04:55 +02:00
6792bf8876
web: package up horizontal elements into their own components ( #7053 )
...
* web: laying the groundwork for future expansion
This commit is a hodge-podge of updates and changes to the web. Functional changes:
- Makefile: Fixed a bug in the `help` section that prevented the WIDTH from being accurately
calculated if `help` was included rather than in-lined.
- ESLint: Modified the "unused vars" rule so that variables starting with an underline are not
considered by the rule. This allows for elided variables in event handlers. It's not a perfect
solution-- a better one would be to use Typescript's function-specialization typing, but there are
too many places where we elide or ignore some variables in a function's usage that switching over
to specialization would be a huge lift.
- locale: It turns out, lit-locale does its own context management. We don't need to have a context
at all in this space, and that's one less listener we need to attach t othe DOM.
- ModalButton: A small thing, but using `nothing` instead of "html``" allows lit better control over
rendering and reduces the number of actual renders of the page.
- FormGroup: Provided a means to modify the aria-label, rather than stick with the just the word
"Details." Specializing this field will both help users of screen readers in the future, and will
allow test suites to find specific form groups now.
- RadioButton: provide a more consistent interface to the RadioButton. First, we dispatch the
events to the outside world, and we set the value locally so that the current `Form.ts` continues
to behave as expected. We also prevent the "button lost value" event from propagating; this
presents a unified select-like interface to users of the RadioButtonGroup. The current value
semantics are preserved; other clients of the RadioButton do not see a change in behavior.
- EventEmitter: If the custom event detail is *not* an object, do not use the object-like semantics
for forwarding it; just send it as-is.
- Comments: In the course of laying the groundwork for the application wizard, I throw a LOT of
comments into the code, describing APIs, interfaces, class and function signatures, to better
document the behavior inside and as signposts for future work.
* web: permit arrays to be sent in custom events without interpolation.
* actually use assignValue or rather serializeFieldRecursive
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* web: package up horizontal elements into their own components.
This commit introduces a number of "components." Jens has this idiom:
```
<ak-form-element-horizontal label=${msg("Name")} name="name" ?required=${true}>
<input
type="text"
value="${ifDefined(this.instance?.name)}"
class="pf-c-form-control"
required
/>
</ak-form-element-horizontal>
```
It's a very web-oriented idiom in that it's built out of two building blocks, the "element-horizontal" descriptor,
and the input object itself. This idiom is repeated a lot throughout the code. As an alternative, let's wrap
everything into an inheritable interface:
```
<ak-text-input
name="name"
label=${msg("Name")}
value="${ifDefined(this.instance?.name)}
required
>
</ak-text-input>
```
This preserves all the information of the above, makes it much clearer what kind of interaction we're having
(sometimes the `type=` information in an input is lost or easily missed), and while it does require you know
that there are provided components rather than the pair of layout-behavior as in the original it also gives
the developer more precision over the look and feel of the components.
*Right now* these components are placed into the LightDOM, as they are in the existing source code, because
the Form handler has a need to be able to "peer into" the "element-horizontal" component to find the values
of the input objects. In a future revision I hope to place the burden of type/value processing onto the
input objects themselves such that the form handler will need only look for the `.value` of the associated
input control.
Other fixes:
- update the FlowSearch() such that it actually emits an input event when its value changes.
- Disable the storybook shortcuts; on Chrome, at least, they get confused with simple inputs
- Fix an issue with precommit to not scan any Python with ESLint! :-)
* web: provide storybook stories for the components
This commit provides storybook stories for the ak-horizontal-element wrappers. A few
bugs were found along the way, including one rather nasty one from Radio where we
were still getting the "set/unset" pair in the wrong order, so I had to knuckle down
and fix the event handler properly.
* web: test oauth2 provider "guinea pig" for new components
I used the Oauth2 provider page as my experiment in seeing if the
horizontal-element wrappers could be used instead of the raw wrappers
themselves, and I wanted to make sure a test existed that asserts
that filling out THAT form in the ProvidersList and ProvidersForm
didn't break anything.
This commit updates the WDIO tests to do just that; the test is
simple, but it does exercise the `name` field of the Provider,
something not needed in the Wizard because it's set automatically
based on the Application name, and it even asserts that the new
Provider exists in the list of available Providers when it's done.
* web: making sure ESlint and Prettier are happy
* "fix" lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-10-04 13:07:52 -07:00
3b171a02b7
web: laying the groundwork for future expansion ( #7045 )
...
* web: laying the groundwork for future expansion
This commit is a hodge-podge of updates and changes to the web. Functional changes:
- Makefile: Fixed a bug in the `help` section that prevented the WIDTH from being accurately
calculated if `help` was included rather than in-lined.
- ESLint: Modified the "unused vars" rule so that variables starting with an underline are not
considered by the rule. This allows for elided variables in event handlers. It's not a perfect
solution-- a better one would be to use Typescript's function-specialization typing, but there are
too many places where we elide or ignore some variables in a function's usage that switching over
to specialization would be a huge lift.
- locale: It turns out, lit-locale does its own context management. We don't need to have a context
at all in this space, and that's one less listener we need to attach t othe DOM.
- ModalButton: A small thing, but using `nothing` instead of "html``" allows lit better control over
rendering and reduces the number of actual renders of the page.
- FormGroup: Provided a means to modify the aria-label, rather than stick with the just the word
"Details." Specializing this field will both help users of screen readers in the future, and will
allow test suites to find specific form groups now.
- RadioButton: provide a more consistent interface to the RadioButton. First, we dispatch the
events to the outside world, and we set the value locally so that the current `Form.ts` continues
to behave as expected. We also prevent the "button lost value" event from propagating; this
presents a unified select-like interface to users of the RadioButtonGroup. The current value
semantics are preserved; other clients of the RadioButton do not see a change in behavior.
- EventEmitter: If the custom event detail is *not* an object, do not use the object-like semantics
for forwarding it; just send it as-is.
- Comments: In the course of laying the groundwork for the application wizard, I throw a LOT of
comments into the code, describing APIs, interfaces, class and function signatures, to better
document the behavior inside and as signposts for future work.
* web: permit arrays to be sent in custom events without interpolation.
* actually use assignValue or rather serializeFieldRecursive
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-10-02 13:33:27 -07:00
e807f9f12c
root: make postgres connection in makefile customizable ( #6977 )
...
* core/allow alternative postgres credentials
This commit allows the `dev-reset` command in the Makefile to pick up and use credentials from the
`.env` file if they are present, or fallback to the defaults provided if they are not. This is the
only place in the Makefile where the database credentials are used directly against postgresql
binaries. The syntax was tested with bash, zsh, and csh, and did not fail under those.
The `$${:-}` syntax is a combination of a Makefile idiom for "Pass a single `$` to the environment
where this command will be executed," and the shell expresion `${VARIABLE:-default}` means
"dereference the environment variable; if it is undefined, used the default value provided."
* Re-arrange sequence to avoid recursive make.
Nothing wrong with recursive make; it just wasn't essential
here. `migrate` is just a build target, not a task.
* Cleanup according to the Usage:
checkmake [options] <makefile>...
checkmake -h | --help
checkmake --version
checkmake --list-rules Makefile linting tool.
* core: added 'help' to the Makefile
* get postgres config from authentik config loader
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't set -x by default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sort help
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update help strings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-09-26 12:10:18 +02:00
80e86c52e7
web/flows: improve WebAuthn error messages ( #6957 )
...
* web/flows: improve WebAuthn error messages
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include localhost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-09-25 12:43:24 +02:00
0caa17623f
root: add docker recipe to Makefile
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-09-13 15:42:23 +02:00
bfd0fb66b3
web/admin: fix ak-toggle-group for policy and blueprint uses ( #6687 )
...
* web/admin: fix ak-toggle-group for policy and blueprint uses
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix and re-enable lit-analyse
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-08-30 12:46:58 +02:00
1451f3757d
web/flows: add more stories ( #6444 )
...
remove default example stories that were broken
currently only the dark theme works due to the way storybook includes CSS files in the iframe
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-08-03 17:27:58 +02:00
