|
|
201bea6d30
|
internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-07 18:50:24 +02:00 |
|
|
|
89fef0ae72
|
blueprints: docs (#3376)
* further blueprint cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make group users and parent optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix api client usage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-06 00:52:12 +02:00 |
|
|
|
2ce8e18bab
|
internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3360
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-03 21:33:27 +02:00 |
|
|
|
fcf4657833
|
providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser
closes #3314
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-30 20:29:23 +02:00 |
|
|
|
393d7ec486
|
providers/proxy: no exposed urls (#3151)
* test any callback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dont detect callback in per-server handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use full redirect uri with both path and query param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* correctly route to embedded outpost for callback signature
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix allowed redirects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-30 17:51:01 +02:00 |
|
|
|
b41acebf5b
|
providers/proxy: add caddy endpoint (#3330)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-29 10:58:53 +02:00 |
|
|
|
10b48b27b0
|
internal: walk config in go, check, parse and load from scheme like in python
closes #2719
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-26 11:33:37 +02:00 |
|
|
|
41eb44137e
|
internal: remove pkg/errors
|
2022-07-05 20:26:33 +00:00 |
|
|
|
eb633c607e
|
internal: fix nil pointer reference
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-01 17:02:53 +02:00 |
|
|
|
b6267fdf28
|
*: add versioned user agent to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-20 11:54:10 +02:00 |
|
|
|
79bec6f6b2
|
providers/proxy: only send misconfiguration event once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-16 10:32:34 +02:00 |
|
|
|
bdf76bb4b7
|
internal: skip tracing for go healthcheck and metrics endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-10 22:21:11 +02:00 |
|
|
|
8d3275817b
|
providers/ldap: fix existing binder not being carried forward correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-05 18:51:01 +02:00 |
|
|
|
e30103aa9f
|
providers/proxy: use same redirect-save code for all modes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-04 23:25:47 +02:00 |
|
|
|
bb244b8338
|
providers/ldap: fix session cache being lost on provider refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-04 18:03:00 +02:00 |
|
|
|
8447e9b9c2
|
providers/proxy: envoy v2 (#3029)
* add path prefix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use prefix correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only set redirect if session doesn't have a redirect yet
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-03 10:32:52 +02:00 |
|
|
|
f9a419107a
|
outposts/proxyv2: add basic envoy support (#3026)
* outposts/proxyv2: add basic envoy support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't crash when backend is not available
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add envoy tests and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-03 00:06:09 +02:00 |
|
|
|
8f0572d11e
|
outposts/ldap: add correct group objectClass (#3023)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2861
|
2022-06-02 18:48:07 +02:00 |
|
|
|
eba339ba27
|
core: improve loading speed of flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-02 14:20:23 +02:00 |
|
|
|
3eb466ff4b
|
lifecycle: cleanup prometheus (#2972)
* remove high cardinality labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* retry worker number for prometheus multiprocess id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* revert to pid, use subdirectories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing app label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: remove static names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-29 21:45:25 +02:00 |
|
|
|
a03dde8a90
|
outposts/ldap: fix type assertion after upgrading to new API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-27 16:36:15 +02:00 |
|
|
|
a286f999e2
|
api: migrate to openapi generator v6 (#2968)
* migrate to openapi generator v6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-26 15:15:30 +02:00 |
|
|
|
646d174dd2
|
internal: revert cookie path on proxy causing redirect loops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 16:26:12 +02:00 |
|
|
|
5c91658484
|
internal: fix nil pointer dereference in ldap outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 15:48:50 +02:00 |
|
|
|
ebb44c992b
|
Revert "internal: set SameSite for outpost"
This reverts commit 7e95c756b9.
|
2022-05-21 14:08:40 +02:00 |
|
|
|
7e95c756b9
|
internal: set SameSite for outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:21:45 +02:00 |
|
|
|
be26b92927
|
internal: cleanup outpost logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:18:06 +02:00 |
|
|
|
6f56a61a64
|
website/docs: add docs for advanced SSH config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2916
|
2022-05-21 13:06:54 +02:00 |
|
|
|
a52638d898
|
internal: fix typo in session name constant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-20 10:10:29 +02:00 |
|
|
|
421b003218
|
internal: set path on cookie for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2305
|
2022-05-11 10:08:38 +02:00 |
|
|
|
25a4310bb1
|
internal: use Expires not MaxAge for LDAP session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-11 10:04:32 +02:00 |
|
|
|
4d755dc0f6
|
build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 (#2843)
* build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.4 to 3.2022041.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5)
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-10 20:33:19 +02:00 |
|
|
|
ab2299ba1e
|
outposts/ldap: cached bind (#2824)
* initial cached ldap bind support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* clean up api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use gh action for golangci-lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-08 16:48:53 +02:00 |
|
|
|
9b6e47e6b8
|
outposts/ldap: fix panic in type conversion when value is nil
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-11 15:52:58 +02:00 |
|
|
|
b46eb7198b
|
internal: handle log level not being set in config
closes #2650
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-03 13:23:55 +02:00 |
|
|
|
51194cbf42
|
outposts/ldap: use backend group num_pk
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-22 23:54:50 +01:00 |
|
|
|
b45a442447
|
outposts/ldap: fix contexts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-19 18:28:27 +01:00 |
|
|
|
75a720ead1
|
outposts/ldap: prevent operations error from nil dereference (#2447)
closes #2526
|
2022-03-19 18:26:26 +01:00 |
|
|
|
76660e4666
|
internal: add tests with querystring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-07 22:03:36 +01:00 |
|
|
|
62a939b91d
|
internal: bump api client to v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-03 10:40:07 +01:00 |
|
|
|
6fdf3ad3e5
|
internal/outpost: improve logging and add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2393
|
2022-02-26 22:29:56 +01:00 |
|
|
|
fb33906637
|
internal/ldap: fix panic when parsing lists with mixed types
closes #2355
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-22 19:56:55 +01:00 |
|
|
|
744f250d05
|
providers/proxy: always set rd param in addition to session to prevent wrong url in session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-18 10:32:22 +01:00 |
|
|
|
19b1f3a8c1
|
internal/outpost: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-17 20:50:47 +01:00 |
|
|
|
45f2c5bae7
|
web/admin: fix invalid URLs in example proxy config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-15 23:24:27 +01:00 |
|
|
|
5d8c1aa0b0
|
outposts/proxy: correctly check host in forward domain redirect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
|
2022-02-15 14:58:19 +01:00 |
|
|
|
0101368369
|
outposts/proxy: fix logic error in rd argument
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
|
2022-02-15 13:43:55 +01:00 |
|
|
|
4854f81592
|
outposts/proxy: correctly handle ?rd= param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1997
|
2022-02-15 11:05:03 +01:00 |
|
|
|
908f123d0e
|
website/docs: update nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-15 10:24:08 +01:00 |
|
|
|
3d577cf15e
|
*: add placeholder custom.css to easily allow user customisation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-14 20:05:00 +01:00 |
|
