a62cca36ad
website/docs: Improve example nginx reverse proxy config ( #8160 )
...
Signed-off-by: Daniel Lo Nigro <d@d.sb >
2024-01-23 21:09:55 +01:00
abc0c2d2a2
root: Multi-tenancy ( #7590 )
...
* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "fix oauth source type import"
This reverts commit d015fd0244marc.schmitt@risson.space >
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try with connection_created signal"
This reverts commit 764a999db832b40a3bbbmarc.schmitt@risson.space >
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a614bffb19704marc.schmitt@risson.space >
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447jens@goauthentik.io >
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-23 14:28:06 +01:00
73ddaf48be
website/docs: add helm chart 2024.1 breaking changes
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-01-23 13:36:37 +01:00
97c421f34b
Update applications.md
...
Signed-off-by: Lázaro Blanc <40198445+lazaroblanc@users.noreply.github.com >
2024-01-22 10:41:06 +01:00
2bc865b024
website/docs: fix nginx ingress proxy example ( #8245 )
2024-01-22 08:13:58 +00:00
86bf75fe54
website: bump the docusaurus group in /website with 9 updates ( #8087 )
...
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ignore broken links sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-bump
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix broken link
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-18 15:00:01 +01:00
c46cd5e7e5
website/docs: embed install video directly ( #8215 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-18 12:17:23 +01:00
b0e74d348a
root: fix listen trusted_proxy_cidrs config loading from environment ( #8075 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-10 22:39:27 +00:00
c78bb979ec
website: update changelog for 2023.10.6 and 2023.8.6
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-09 19:02:19 +01:00
6649f7ab72
providers/oauth2: fix CVE-2024-21637 ( #8104 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-09 18:14:12 +01:00
827591d376
website/docs: add link to our example flows ( #8052 )
...
add link to our example flows
Co-authored-by: Tana Berry <tana@goauthentik.io >
2024-01-04 13:32:44 -06:00
509b502d3c
providers/oauth2: offline access ( #8026 )
...
* improve scope check (log when application requests non-configured scopes)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add offline_access special scope
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ensure scope is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update tests for refresh tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* special handling of scopes for github compat
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix spec
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* attempt to fix oidc tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove hardcoded slug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check scope from authorization code instead of request
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix injection for consent stage checking incorrectly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-04 19:57:11 +01:00
b778c35396
website/docs: fix typo ( #8015 )
...
Update kubernetes.md
Signed-off-by: Bryan J. <132493975+chkpwd@users.noreply.github.com >
2023-12-31 21:32:13 +01:00
240cf6dd94
enterprise/providers: Add RAC [AUTH-15] ( #7291 )
...
* add basic guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make everything mostly work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add rac build to CI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix resize, fix web lint, sendSize correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* pre-send connection from client, format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve throughput
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework TokenOutpostConsumer into middleware
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some layout issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add outpost controllers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start testing audio things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix to work with outpost group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple loadbalancing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple reconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show reconnecting text
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when checking ports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move to providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flow check to interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix rac app label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix audio
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow overriding all settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate keyboard, debug high DPI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing __init__.py breaking model loading
I love python
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump successful ws connection to info
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* hide cursor since guac draws that
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add clipboard support (bidirectional)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make codespell not want to break the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* run pr comment in separate task
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start endpoint and property mapping stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more endpoint things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix event model_pk filtering with ints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: improve event display for changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rebuild endpoint stuff again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk special url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stuff, connect token with session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add disconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework disconnect
cleanly disconnect from guacd instead of just letting the connection timeout
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clear cache when creating outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support host:port and fix protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* center smaller viewport
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework connection to wait more and stop after some time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add policy control to endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove provider protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't switch to different outpost connection when already chosen
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start using property mappings, add static settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some RAC mapping settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for event changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and fix issues found by said tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview banner, move endpoints to main page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* auto-select endpoint if only one is available
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport https://github.com/goauthentik/authentik/pull/7831 to rac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont select property mappings on endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make table modal only load when opened
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only auto-redirect when open
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for token expiry and terminate session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add endpoint name to title
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disconnect connection when token is manually deleted
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial RAC docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add connection expiry setting to provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-30 21:33:14 +01:00
cb8a91170d
website/docs: Updated url to flows-enrollment-2-stage.yaml ( #7992 )
...
* Updated url to flows-enrollment-2-stage.yaml
Signed-off-by: Dennis Denk <dennis@denk.jetzt >
* Update website/docs/user-group-role/user/invitations.md
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Dennis Denk <dennis@denk.jetzt >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Jens L <jens@beryju.org >
2023-12-26 14:01:38 +01:00
02869d8173
stages/user_login: session binding ( #7881 )
...
* start with user_login stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# authentik/root/settings.py
* fix and improve logout event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* lint pass
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update authenticated session when IP changes and binding doesn't break
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs, always keep old and new IP in event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-gen api schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-23 01:20:23 +01:00
ec8f2d4bf9
stages/email: prevent authentik emails from being marked as spam (also add text template support) ( #7949 )
...
* use <> style email address with name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for text templates
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix icon display in event log
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add text email templates
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs, update email screenshot
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent prettier from breaking example template
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Optimised images with calibre/image-actions
* Apply suggestions from code review
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens L. <jens@beryju.org >
* reword docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-12-21 14:32:05 +01:00
218d61648b
website/docs: prepare 2023.10.5 ( #7947 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-21 14:24:34 +01:00
50860d7ffe
events: add ASN Database reader ( #7793 )
...
* events: add ASN Database reader
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix test config generator
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* de-duplicate code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add enrich_context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename to context processors?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix cache
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use config deprecation system, update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update more docs and tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test asn db
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-build schema with latest versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-20 22:16:50 +01:00
256187ebc6
website/docs: add expression example for geoip ( #7739 )
...
* Update expression.mdx
Added example for GeoIP
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
* Update website/docs/policies/expression.mdx
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
---------
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-12-20 15:33:58 +01:00
cb906e1913
website/integrations: add Jenkins docs ( #7882 )
...
* website/integrations: add Jenkins docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* prettier pass
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-12-14 20:38:34 +01:00
14fb34f492
website/docs: expand Identification stage docs ( #7869 )
...
* website/docs: expand Identification stage docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also (unrelated) add blurb to application docs to hide an application
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-12-14 20:37:48 +01:00
333d781f92
documentation: Improve explanation of kubernetes_json_patches ( #7832 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-12-12 00:24:35 +00:00
f2aa83a731
root: update security policy to include link to cure53 report ( #7853 )
...
* add links to the cure53 audit results
* fix link
* link
* fighting with Docu
* removed link for now
* use absolute link
---------
Co-authored-by: Tana Berry <tana@goauthentik.io >
2023-12-11 15:26:36 -06:00
1d003c1c0c
website/docs: change links to point to our YouTube ( #7794 )
...
change links to point to our YouTube
Co-authored-by: Tana Berry <tana@goauthentik.io >
2023-12-06 13:38:33 +02:00
067b156336
website/docs: add link to install video ( #7728 )
...
* add link to install video
* 2nd try change links
* link
---------
Co-authored-by: Tana Berry <tana@goauthentik.io >
2023-11-28 19:46:52 -06:00
49df3cb3c4
Documentation: Added note for necessary unigue base DNs ( #7717 )
...
* Added note for necessary unigue base DNs
Added information, that every LDAP provider needs to have a unique base DN. Related to #7714
Signed-off-by: tedstriker <github@meins.org >
* Update website/docs/providers/ldap/index.md
Thank's for fixing the grammar ;)
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: tedstriker <github@meins.org >
---------
Signed-off-by: tedstriker <github@meins.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-11-28 14:56:56 -06:00
2814a8e951
website/docs: add CVE-2023-48228 to release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-11-21 18:13:41 +01:00
b88e39411c
security: fix CVE-2023-48228 ( #7666 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-11-21 18:10:07 +01:00
6a43721524
website/docs: prepare 2023.10.4 release notes ( #7641 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-11-21 18:01:55 +01:00
44fc9ee80c
stages/identification: add option to pretend user exists ( #7610 )
...
* stages/identification: add option to pretend user exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test CI permission fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-11-18 01:55:48 +01:00
aecd4b52ef
website/docs: fixed formatting on tabs ( #7609 )
...
* fixed formatting on tabs
* sync tabs and use same code blocks for both
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-11-17 12:23:05 -06:00
f728bbb14b
sources/ldap: add check command to verify ldap connectivity ( #7263 )
...
* sources/ldap: add check command to verify ldap connectivity
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* default to checking all sources
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding an API for ldap connectivity
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add webui for ldap source connection status
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better show sync status, clear previous tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set timeout on redis lock for ldap sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix py lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-11-13 15:01:40 +01:00
4080080acd
internal: remove deprecated metrics ( #7540 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-11-13 14:48:37 +01:00
9db9ad3d66
root: Restructure broker / cache / channel / result configuration ( #7097 )
...
* Initial commit
* Remove any remaining mentions of Redis URL
This is handled in https://github.com/goauthentik/authentik/pull/5395
* Allow setting broker transport options
This enables usage of other brokers that require additional settings
* Remove remaining reference to Redis URL
This functionality is not part of this PR
* Reset default TLS requirements to none
* Fix linter errors
* Move dict from base64 encoded json to config.py
Additionally add tests
* Replace ast.literal_eval with json.loads
* Use default channel and cache backend configuration
If more customization is desired users shall look at goauthentik.io/docs/installation/configuration#custom-python-settings
* Send config deprecation notification to all superusers
* Remove duplicate method
* Add configuration explanation
For channel layer settings
* Use Event for deprecation warning
* Fix remove duplicated method
* Add missing comma
* Update authentik/lib/config.py
Signed-off-by: Jens L. <jens@beryju.org >
* Fix Event deprecation handling
---------
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Jens L <jens@beryju.org >
2023-11-10 15:44:37 +01:00
d8b1a59dad
website/docs: update release notes for 2023.10.3
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-11-09 18:43:00 +01:00
d5871fef4e
website/docs: update release notes for 2023.10.3
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-11-09 18:24:02 +01:00
7f4fa70a41
website/docs: fix anchor link ( #7492 )
2023-11-08 18:57:00 +01:00
9680106b45
website/docs: Fix a small grammar issue ( #7490 )
2023-11-08 15:10:21 +01:00
823e7dbe1a
website: bump the docusaurus group in /website with 3 updates ( #7400 )
...
* website: bump the docusaurus group in /website with 3 updates
Bumps the docusaurus group in /website with 3 updates: [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects ), [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic ) and [@docusaurus/theme-mermaid](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-theme-mermaid ).
Updates `@docusaurus/plugin-client-redirects` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-plugin-client-redirects )
Updates `@docusaurus/preset-classic` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-preset-classic )
Updates `@docusaurus/theme-mermaid` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-theme-mermaid )
---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
- dependency-name: "@docusaurus/preset-classic"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
- dependency-name: "@docusaurus/theme-mermaid"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
...
Signed-off-by: dependabot[bot] <support@github.com >
* update
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate docusaurus config to ts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix docs-only build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-11-06 15:12:23 +01:00
a43b2fb17c
website/docs: add 2023.8.4 release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-28 22:04:46 +02:00
261879022d
security: fix oobe-flow reuse when akadmin is deleted ( #7361 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-28 21:24:06 +02:00
2a47ff2977
website/docs: prepare 2023.10.2 release notes ( #7362 )
...
website/docs: prepare 2023.10.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-28 21:07:57 +02:00
c3a81a1cce
website/docs: add missing breaking change due to APPEND_SLASH ( #7360 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-28 18:13:56 +02:00
ac2bbd7e2f
website/docs: add warning about Helm breaking change in 2024.x ( #7351 )
...
Co-authored-by: Jens L. <jens@goauthentik.io >
2023-10-27 17:22:02 +00:00
f22daca091
website/docs: add warning about upgrading to 2023.10 ( #7340 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-27 12:51:49 +02:00
eb53c28352
website/docs: update release notes for 2023.10.1 ( #7316 )
...
website/docs: update for 2023.10.1
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-26 20:16:07 +02:00
d9b3e307e3
website/docs: add 2023.10 release notes ( #7309 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-26 15:10:17 +02:00
28053059ff
stages/user_write: allow setting user type when creating new user ( #7293 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-26 14:33:29 +02:00
84fdd3c750
website/docs: RBAC docs ( #7191 )
...
* draft rbac docs
* tweaks
* add a permissions topic
* tweaks
* more changes
* draft permissions topic
* more content on roles
* links
* typo
* more conceptual info
* Optimised images with calibre/image-actions
* more content on roles
* add more x-ref links
* fix links
* more content
* links
* typos
* polishing
* Update website/docs/user-group-role/access-control/permissions.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* separwate conceptual vs procedural in permissions
* finished groups procedurals
* new page
* added link
* Update website/docs/user-group-role/access-control/permissions.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* polish
* edits from PR review
* restructured view section to remove repetition
* rest of edits from PR review
* polished flows and stages
* polish
* typo
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens L. <jens@goauthentik.io >
2023-10-26 12:31:32 +02:00
