authentik

Author	SHA1	Message	Date
Jens Langhammer	3925f5a208	release: 2023.5.6 version/2023.5.6	2023-08-29 19:36:52 +02:00
Jens Langhammer	6add4a62b9	include cure53 report Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-08-29 19:35:50 +02:00
Jens L	54d5aa20ba	security: fix CVE-2023-39522 (#6665 ) * stages/email: don't disclose whether a user exists or not when recovering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update website Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # website/docs/releases/2023/v2023.5.md # website/docs/releases/2023/v2023.6.md	2023-08-29 19:08:47 +02:00
Jens Langhammer	b99ac01228	release: 2023.5.5 version/2023.5.5	2023-07-06 18:15:56 +02:00
Jens Langhammer	15026748d1	security: fix CVE-2023-36456 Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # website/sidebars.js	2023-07-06 18:15:46 +02:00
Jens Langhammer	2739376a2a	release: 2023.5.4 version/2023.5.4	2023-06-22 21:45:33 +02:00
Jens Langhammer	152121175b	bump web api client Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-22 21:33:02 +02:00
Jens Langhammer	1d57a258f3	ATH-01-012: escape quotation marks Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:48:08 +02:00
Jens Langhammer	f15cac39c8	ATH-01-014: save authenticator validation state in flow context Signed-off-by: Jens Langhammer <jens@goauthentik.io> bugfixes Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:48:05 +02:00
Jens Langhammer	ce77d82b24	ATH-01-010: rework Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:48:03 +02:00
Jens Langhammer	c3fe57197d	ATH-01-009: migrate impersonation to use API Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # authentik/core/urls.py # web/src/admin/AdminInterface.ts # web/src/admin/users/RelatedUserList.ts # web/src/admin/users/UserListPage.ts # web/src/admin/users/UserViewPage.ts # web/src/user/UserInterface.ts # Conflicts: # authentik/core/urls.py	2023-06-19 13:47:53 +02:00
Jens Langhammer	267938d435	ATH-01-005: use hmac.compare_digest for secret_key authentication Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:47:11 +02:00
Jens Langhammer	6a7c2e0662	ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:47:09 +02:00
Jens Langhammer	5336afb1b4	ATH-01-004: remove env from admin system endpoint this endpoint already required admin access, but for debugging the env variables are used very little Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:47:06 +02:00
Jens Langhammer	9bb44055a3	ATH-01-008: fix web forms not submitting correctly when pressing enter When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user. Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # web/src/admin/applications/ApplicationCheckAccessForm.ts # web/src/admin/crypto/CertificateGenerateForm.ts # web/src/admin/flows/FlowImportForm.ts # web/src/admin/groups/RelatedGroupList.ts # web/src/admin/policies/PolicyTestForm.ts # web/src/admin/property-mappings/PropertyMappingTestForm.ts # web/src/admin/providers/saml/SAMLProviderImportForm.ts # web/src/admin/users/RelatedUserList.ts # web/src/admin/users/ServiceAccountForm.ts # web/src/admin/users/UserPasswordForm.ts # web/src/admin/users/UserResetEmailForm.ts # Conflicts: # web/src/admin/property-mappings/PropertyMappingTestForm.ts	2023-06-19 13:46:52 +02:00
Jens Langhammer	143663d293	ATH-01-010: fix missing user filter for webauthn device This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.	2023-06-19 13:46:16 +02:00
Jens Langhammer	bd54d034e1	ATH-01-001: resolve path and check start before loading blueprints This is even less of an issue since `411ef239f6`, since with that commit we only allow files that the listing returns Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 13:46:13 +02:00
Jens Langhammer	be85eecac5	release: 2023.5.3 version/2023.5.3	2023-06-01 19:35:13 +02:00
Jens L	24385c9c68	ci: build outpost binaries statically linked (#5823 )	2023-05-31 16:58:10 +02:00
Jens L	e141a11475	blueprints: fix API validation with OCI blueprint path (#5822 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-31 14:52:12 +02:00
risson	b055adec2a	ci: replace github bot account with github app (#5819 ) Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-31 14:52:09 +02:00
Jens L	772acb10d6	providers/ldap: fix LDAP Outpost application selection (#5812 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-31 14:51:46 +02:00
rlew-is	a7bf963409	stages/deny: fix typos (#5800 ) * Fix typo in stage.py Fix typo in "Cancells the current flow" Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com> * Fix typo in models.py Fix typo in "Cancells the current flow" Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com> --------- Signed-off-by: rlew-is <96594816+rlew-is@users.noreply.github.com>	2023-05-30 10:54:24 +02:00
Saeverix	317afc932a	web/flows: fix RedirectStage not detecting absolute URLs correctly (#5781 ) * web: getURL() method in RedirectStage.ts now actually detects URLs (#5732) Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com> * use native API to build full URL Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Saeverix <1863379+Saeverix@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-30 10:54:12 +02:00
Jens Langhammer	5e5a74eebf	release: 2023.5.2 version/2023.5.2	2023-05-26 23:54:12 +02:00
dependabot[bot]	fa87519536	core: bump coverage from 7.2.5 to 7.2.6 (#5738 ) * core: bump coverage from 7.2.5 to 7.2.6 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.2.5 to 7.2.6. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/7.2.5...7.2.6) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * use tagged oauth1 server Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-26 23:33:05 +02:00
Jens L	0deaf25b1f	web/user: fix MFA enroll dropdown broken when password stage has no configuration flow (#5744 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-24 21:52:21 +02:00
Jens L	47d5fc26cc	events: fix ak_create_event using wrong request for event creation (#5731 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-24 21:52:14 +02:00
Jens L	9a996e7176	outposts: fix missing radius outpost controller (#5730 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-24 21:52:11 +02:00
Jens L	554a26442d	blueprints: support custom ports for OCI blueprints (#5727 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-24 21:52:07 +02:00
Jens L	573517bf0a	lib: add tests for ak_create_event (#5710 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # locale/en/LC_MESSAGES/django.po	2023-05-24 21:51:52 +02:00
Jens L	2cd68dfa87	blueprints: fix check for file path not being run on worker (#5703 )	2023-05-24 21:51:30 +02:00
Jens L	8029a13be1	core: make groups field for user optional (#5702 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-24 21:51:23 +02:00
Jens Langhammer	6900ffffd8	release: 2023.5.1 version/2023.5.1	2023-05-18 21:33:38 +02:00
Jens L	873aaf85f9	website/docs: prepare 2023.5.1 release notes (#5679 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-18 20:34:33 +02:00
Jens L	9c69f67778	sources/ldap: log full exception when user password set fails (#5678 ) * sources/ldap: log full exception when user password set fails Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update authentik/sources/ldap/auth.py Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-05-18 19:00:17 +02:00
Jens L	6cf7a72831	web/flows: improve UI for TOTP code input (#5676 ) * web/flows: improve UI for TOTP code input Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update phrasing Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-18 18:41:53 +02:00
Sem	7e3b325929	website/integrations: Updated AWS docs for the new IAM Center and SCIM (#5643 ) * Updated AWS Integration docs Updated the AWS Integration docs to match the new IAM Centre's method. This includes SCIM. Signed-off-by: Sem <86064734+justSem@users.noreply.github.com> * website/docs: Updated AWS Docs * website/docs: AWS - Updated AWS docs to allow for both methods * format, cleanup mapping, follow guidelines Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Looks good to me! Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Sem <86064734+justSem@users.noreply.github.com> * final formatting pass Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Sem <86064734+justSem@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-05-18 11:45:26 +02:00
dependabot[bot]	b916b612c7	core: bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 (#5670 ) Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.1 to 1.9.2. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.9.1...v1.9.2) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-18 11:05:42 +02:00
dependabot[bot]	b7c5fc3f1e	ci: bump helm/kind-action from 1.6.0 to 1.7.0 (#5667 ) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.6.0 to 1.7.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.6.0...v1.7.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-18 10:51:48 +02:00
dependabot[bot]	a3ac5ec183	web: bump tslib from 2.5.0 to 2.5.1 in /web (#5668 ) Bumps [tslib](https://github.com/Microsoft/tslib) from 2.5.0 to 2.5.1. - [Release notes](https://github.com/Microsoft/tslib/releases) - [Commits](https://github.com/Microsoft/tslib/compare/2.5.0...2.5.1) --- updated-dependencies: - dependency-name: tslib dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-18 10:50:26 +02:00
dependabot[bot]	d30379ba93	core: bump sentry-sdk from 1.23.0 to 1.23.1 (#5669 ) Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.23.0 to 1.23.1. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-python/compare/1.23.0...1.23.1) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-18 10:49:36 +02:00
dependabot[bot]	12815526c1	core: bump goauthentik.io/api/v3 from 3.2023050.1 to 3.2023050.2 (#5671 ) Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023050.1 to 3.2023050.2. - [Release notes](https://github.com/goauthentik/client-go/releases) - [Commits](https://github.com/goauthentik/client-go/compare/v3.2023050.1...v3.2023050.2) --- updated-dependencies: - dependency-name: goauthentik.io/api/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-18 10:48:46 +02:00
Tana M Berry	ed2f0a2d5e	website/docs: edits to full dev env (#5636 ) * edits to install full dev env * remove json files * Update website/developer-docs/setup/full-dev-environment.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/developer-docs/setup/full-dev-environment.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/developer-docs/setup/full-dev-environment.md Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/developer-docs/setup/full-dev-environment.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/developer-docs/setup/full-dev-environment.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * few tweaks per review --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana Berry <tana@goauthentik.io> Co-authored-by: Jens L. <jens@goauthentik.io>	2023-05-17 15:44:47 -05:00
Tana M Berry	536d776d02	website/blog: flex-hours-blog-draft-for-review (#5598 ) * blog-draft-for-review * tweaks * delete swp file * further tweaks * quote marks for title * edits * linter --------- Co-authored-by: Tana Berry <tana@goauthentik.io>	2023-05-17 20:21:11 +02:00
authentik Bot	f70d6432e7	web: bump API Client version (#5664 )	2023-05-17 16:33:55 +02:00
dependabot[bot]	cc08bfb18b	web: bump @lingui/core from 4.1.0 to 4.1.2 in /web (#5658 ) * web: bump @lingui/core from 4.1.0 to 4.1.2 in /web Bumps [@lingui/core](https://github.com/lingui/js-lingui) from 4.1.0 to 4.1.2. - [Release notes](https://github.com/lingui/js-lingui/releases) - [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md) - [Commits](https://github.com/lingui/js-lingui/compare/v4.1.0...v4.1.2) --- updated-dependencies: - dependency-name: "@lingui/core" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * update all of lingui Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-17 16:20:59 +02:00
Jens L	79dcc30778	providers/radius: add warning message when radius provider is not used with outpost (#5656 ) * providers/radius: add warning message when radius provider is not used with outpost same message as Proxy and LDAP provider have Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-17 16:19:33 +02:00
Jens L	68a1bcf233	providers/SCIM: improve backchannel signalling (#5657 ) * providers/scim: add warning when provider is not used as backchannel provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * providers/scim: don't sync SCIM provider that isn't used as backchannel at all Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-17 16:19:18 +02:00
Jens L	cd7de4c0b9	sources/ldap: improve error message (#5653 ) * sources/ldap: improve ldap password change error message Signed-off-by: Jens Langhammer <jens@goauthentik.io> * stages/user_write: handle validation error when updating user Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-17 15:26:46 +02:00

1 2 3 4 5 ...

11603 Commits