authentik

Author	SHA1	Message	Date
Eliott Bouhana	2bc865b024	website/docs: fix nginx ingress proxy example (#8245 )	2024-01-22 08:13:58 +00:00
Jens L	509b502d3c	providers/oauth2: offline access (#8026 ) * improve scope check (log when application requests non-configured scopes) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add offline_access special scope Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ensure scope is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update tests for refresh tokens Signed-off-by: Jens Langhammer <jens@goauthentik.io> * special handling of scopes for github compat Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix spec Signed-off-by: Jens Langhammer <jens@goauthentik.io> * attempt to fix oidc tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove hardcoded slug Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check scope from authorization code instead of request Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix injection for consent stage checking incorrectly Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-01-04 19:57:11 +01:00
Jens L	240cf6dd94	enterprise/providers: Add RAC [AUTH-15] (#7291 ) * add basic guacamole Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make everything mostly work Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add rac build to CI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix resize, fix web lint, sendSize correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * pre-send connection from client, format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve throughput Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework TokenOutpostConsumer into middleware Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix some layout issues Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add outpost controllers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start testing audio things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix to work with outpost group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add simple loadbalancing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add simple reconnect Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show reconnecting text Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix error when checking ports Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move to providers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add flow check to interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix rac app label Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix audio Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow overriding all settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate keyboard, debug high DPI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing __init__.py breaking model loading I love python Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump successful ws connection to info Signed-off-by: Jens Langhammer <jens@goauthentik.io> * hide cursor since guac draws that Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add clipboard support (bidirectional) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make codespell not want to break the code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * run pr comment in separate task Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start endpoint and property mapping stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more endpoint things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix event model_pk filtering with ints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: improve event display for changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rebuild endpoint stuff again Signed-off-by: Jens Langhammer <jens@goauthentik.io> * idk special url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more stuff, connect token with session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add disconnect Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework disconnect cleanly disconnect from guacd instead of just letting the connection timeout Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clear cache when creating outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * support host:port and fix protocol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * center smaller viewport Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework connection to wait more and stop after some time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add policy control to endpoints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove provider protocol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't switch to different outpost connection when already chosen Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start using property mappings, add static settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some RAC mapping settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for event changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests and fix issues found by said tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add preview banner, move endpoints to main page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * auto-select endpoint if only one is available Signed-off-by: Jens Langhammer <jens@goauthentik.io> * backport https://github.com/goauthentik/authentik/pull/7831 to rac Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont select property mappings on endpoints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make table modal only load when opened Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only auto-redirect when open Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for token expiry and terminate session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add endpoint name to title Signed-off-by: Jens Langhammer <jens@goauthentik.io> * disconnect connection when token is manually deleted Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add initial RAC docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add connection expiry setting to provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flaky tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-12-30 21:33:14 +01:00
tedstriker	49df3cb3c4	Documentation: Added note for necessary unigue base DNs (#7717 ) * Added note for necessary unigue base DNs Added information, that every LDAP provider needs to have a unique base DN. Related to #7714 Signed-off-by: tedstriker <github@meins.org> * Update website/docs/providers/ldap/index.md Thank's for fixing the grammar ;) Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: tedstriker <github@meins.org> --------- Signed-off-by: tedstriker <github@meins.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-11-28 14:56:56 -06:00
Jens L	41bb1ca707	providers/scim: remove preview (#7166 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-10-13 19:03:13 +02:00
jon r	9860ac983c	website/docs: fix typo in providers/scim (#7076 ) chore(docs): typo in providers/scim Signed-off-by: jon r <jon@allmende.io>	2023-10-06 17:43:03 +02:00
Jens L	e40a0b1f8b	website/docs: add notice for nginx ingress configuration requirement (#7027 ) * website/docs: add notice for nginx ingress configuration requirement https://github.com/goauthentik/infrastructure/pull/574 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/providers/proxy/_nginx_ingress.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-10-02 16:04:26 +02:00
risson	c7537f9f32	web, website: compress images (#6121 ) Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-08-02 12:06:03 +00:00
Thomas Moschny	f2293c0f5b	website/docs: Update syntax in traefik standalone example (#6303 ) * Update syntax in traefik standalone example Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de> * One more syntax update Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de> --------- Signed-off-by: Thomas Moschny <thomas.moschny@gmx.de>	2023-07-26 10:56:31 +02:00
Jens L	01311929d1	providers/ldap: improve password totp detection (#6006 ) * providers/ldap: improve password totp detection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add flag for totp mfa support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep support for static tokens Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-20 12:09:13 +02:00
Jens L	a2de6194e4	website/docs: correct LDAP StartTLS documentation (#5886 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-08 11:00:20 +02:00
Jens L	0ce41a1b2d	providers/ldap: add StartTLS support (#5861 ) * providers/ldap: add StartTLS support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add starttls test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update form and docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add tls server name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-06 21:40:19 +02:00
Jens L	c68a42f63b	website/docs: improve docs for OAuth2 device code flow (#5570 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-10 20:58:31 +02:00
Jens L	bb92c4a967	providers/ldap: remove deprecated fields (#5154 ) * providers/ldap: remove deprecated fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 14:10:24 +03:00
Jens L	34e9af57fe	website/integrations: switch default gitlab name identifier (#5321 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io> #5312	2023-04-20 19:47:41 +03:00
Jens L	1893626e04	website/docs: clear up radius provider (#5263 ) * website/docs: clear up radius provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/providers/radius/index.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-04-18 10:42:42 +02:00
Jens L	67644ace87	website/docs: prepare 2023.4 release notes (#5223 ) * website/docs: prepare 2023.4 release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add prompt preview Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * Update website/docs/releases/2023/v2023.4.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * add new release to sidebar Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-04-13 14:11:46 +02:00
Jens L	3f5effb1bc	providers/radius: simple radius outpost (#1796 ) * initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use search-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ip with port being sent to delegated ip Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add radius tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 16:54:35 +01:00
Jens L	eaf56f4f3f	stages/user_login: stay logged in (#4958 ) * add initial remember me offset Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to go executor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ui for user login stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 20:21:05 +01:00
Tana M Berry	8b7a92068b	website/docs: forward-auth page, add list of links (#4937 ) * add list of links * added commas * fix build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana Berry <tanaberry@Tanas-MacBook-Pro-authentik.local> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-14 07:45:49 -05:00
Jens L	bf7dc5df78	website/docs: separate pages for each webserver (#4911 ) * website/docs: separate pages for each webserver Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-03-13 17:29:51 +01:00
support-tt	7618c2e45f	website/docs: improve traefik standalone docs (#4493 ) * Create _traefik_standalone_single_application.md Example for Authentik Single Application Proxy with Service example because this was unclear for many users and if you dont create a middleware for every application you get the error "no app for hostname". Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com> * Update _traefik_standalone_single_application.md Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com> * rename to old file Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: support-tt <61587422+support-tt@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-10 13:45:41 -06:00
Jens L	6ae2fc9668	providers/SCIM: customizable externalId, document behavior (#4868 ) * only set externalId if mapping hasn't set it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better document use of SCIM in conjunction with OAuth/SAML Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-08 00:15:16 +01:00
Jens L	9559bc2e1e	providers/scim: add option to filter out service accounts, parent group (#4862 ) * add option to filter out service accounts, parent group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to filter group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework sync card to show scim sync status Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 15:39:48 +01:00
Tana M Berry	f6a8b3d568	website/docs: Corrected typo and added Note about port number if using Istio/Kubern… (#4851 ) * Corrected typo and added Note about port number if using Istio/Kubernetes @BeryJu I was reading [this article](https://prevue.ch/news/2022-10-11-istio-authentik/) about a fellow setting up authentik, using Istio and Kubernetes. I wanted to somehow add a heads up about the port number, but I am not confident that I got it right. Is it only if there are custom decisions being made that the port number has to be for the cluster? Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/providers/proxy/forward_auth.mdx Signed-off-by: Jens L. <jens@beryju.org> * fix lint error Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-06 19:28:40 +00:00
Jens L	28ddeb124f	providers: SCIM (#4835 ) * basic user sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group sync and some refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow null authorization flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task monitored Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing dependency Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make authorization_flow required for most providers via API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task result better readable, exclude anonymous user Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add task UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scheduled task for all sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make scim errors more readable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mappings, migrate to mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mapping UI and more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim docs to web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start implementing membership Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate signals to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate fully to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * strip none keys, fix lint errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix saml Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim schemas and validate against it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group put support, add group tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * send correct application/scim+json headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * stop sync if no mappings are confiugred Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for task sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add membership tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use decorator for tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make tests better Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-06 19:39:08 +01:00
roche-quentin	cd99b6e48f	providers/ldap: making ldap compatible with synology (#4694 ) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 15:26:41 +01:00
sdimovv	51c6a14786	providers/ldap: Improve compatibility with LDAP clients (#4750 ) * Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-' * Leave old fields for now for backward compatibility * Add forgotten depreceated field * Fix tests * Fix tests * use shorter attribute names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sanitize attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep both sanitized and unsanitized user fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sanitized fields to test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:18:22 +01:00
Jens Langhammer	7d6b573f8b	website: migrate to mermaid charts, rework proxy page Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 12:14:17 +01:00
Jens Langhammer	3170b2f92c	providers/proxy: add token support for basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-07 22:50:49 +01:00
Melvin Snijders	547c01f481	website/docs: update Caddy docs to include HTTPS proxying (#4316 ) Update Caddy documentation to include HTTPS proxying Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>	2023-02-03 14:43:13 +01:00
Jens L	7d4ce41e12	providers/proxy: outpost wide logout implementation (#4605 ) * initial outpost wide logout implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle deserialize error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix file cleanup, add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 21:18:59 +01:00
Jens Langhammer	3a59b75f4a	website/docs: update ldap provider docs Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-20 11:46:57 +01:00
Jens L	23c69c456a	providers/proxy: add setting to intercept authorization header (#4457 ) * add setting to intercept authorization header Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to intercept_header_auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 18:56:48 +01:00
Jens Langhammer	19ee98b36d	outposts/proxy: allow setting no-redirect via header or query param closes #4455 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 10:56:43 +01:00
Jens Langhammer	d31e566873	outposts/proxy: add header to prevent redirects Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-14 22:18:25 +01:00
Jens L	cd12e177ea	providers/proxy: add initial header token auth (#4421 ) * initial implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for openid/profile claims Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include jwks sources in proxy provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add web ui for jwks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only show sources with JWKS data configured Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix introspection tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start basic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs, update admonitions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add client_id to api, add tab for auth Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-13 16:22:03 +01:00
Jens L	2604dc14fe	providers/ldap: add code-MFA support for ldap provider (#4354 ) * add code support for ldap provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * only try to extract code when auth validator stage is encountered Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use parseint instead Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-05 18:32:06 +01:00
Jens L	dc1359a763	providers/saml: initial SLO implementation (#2346 ) * providers/saml: initial SLO implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add logout request tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/saml: add tests for POST SLO Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * matrix e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix import Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set e2e matrix name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix imports Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate oidc and oauth tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add basic saml slo e2e tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add better metadata download url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * kinda prepare release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * sort releases into folders Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add slo urls to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix linking Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2023-01-04 19:45:31 +01:00
Alex Wigen	4e04461820	website/docs: Change Kubernetes ingress apiVersion out of beta (#4099 ) * Change Kubernetes ingress apiVersion out of beta * fix lint Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-28 16:42:59 +01:00
John Arrandale	501d63b3aa	website/docs: add notice for unique Base DN (#4073 ) * providers/ldap: updates documentation related to issue #4038 Signed-off-by: John Arrandale <bootsie227@gmail.com> * providers/ldap: adheres to the CI prettier-check Signed-off-by: John Arrandale <bootsie227@gmail.com>	2022-11-24 20:52:13 +01:00
Jens Langhammer	ac2e85c003	website/docs: fix 404s on ldap provider docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-06 00:01:38 +01:00
Jens Langhammer	c157030905	website/docs: remove old banner, fix nginx formatting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-01 17:12:16 +01:00
Rob	895658e7a3	website/integrations: add Organizr integration (#3802 ) * Add new integration application category for Dashboard and initialize organizr service template * added images and additional info for organizr integration * alphabetized application integration categories * alphabetized integration federation and social login categories * forgot to make website-lint-fix :/ * revert mention of organizr in generic setup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 10:28:48 +02:00
Rob	10cfccd999	website/docs: add General Setup instructions for LDAP Provider (#3680 ) * Added General Setup instructions for LDAP Provider * Added General Setup instructions for LDAP Provider and updated relative links * updated LDAP Outpost note verbiage * Corrected the case for LDAP and renamed to Generic Setup * removed ldapsearch example from index page * updated verbiage around multifactor authentication * removed note about local LDAP provider * updated sidebar to reflect generic_setup * updated logging info * corrected typo * updated stage creation instructions and screenshot * corrected another typo * corrected another typo * reword some things Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-16 14:57:57 +00:00
Jens L	8ed2f7fe9e	providers/oauth2: add device flow (#3334 ) * start device flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix inconsistent app filtering Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tenant device code flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add throttling to device code view Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * somewhat unrelated changes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add initial device code entry flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add finish stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * it works Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add support for verification_uri_complete Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add some tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-11 12:42:10 +02:00
itsmesid	19c36d20b5	website/docs: improve nginx examples (#3372 ) * website/docs: improve nginx examples Signed-off-by: itsmesid <693151+arevindh@users.noreply.github.com> * website/docs: improve nginx examples Signed-off-by: itsmesid <693151+arevindh@users.noreply.github.com>	2022-08-30 21:19:25 +02:00
Zolo	c6bb41890e	website/docs: add port_in_redirect in nginx config to prevent invalid port in redirect (#3397 ) * Proposal and fix for issue #3359 By adding `port_in_redirect off` in the configuration for the NginxProxyManager (NPM), will avoid a redirect to port 4443. Credit to @adtwomey for the suggestions. https://github.com/goauthentik/authentik/issues/3359 Signed-off-by: Zolo <39656359+zolodev@users.noreply.github.com> * Adding a comment Signed-off-by: Zolo <39656359+zolodev@users.noreply.github.com> Signed-off-by: Zolo <39656359+zolodev@users.noreply.github.com>	2022-08-29 17:57:18 +02:00
Jens L	b41acebf5b	providers/proxy: add caddy endpoint (#3330 ) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-29 10:58:53 +02:00
Jens Langhammer	1c64616ebd	sources/ldap: add configuration for LDAP Source ciphers closes #3110 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-01 19:53:49 +02:00

1 2 3

125 Commits