|
|
39424839c5
|
outposts/ldap: only use common cert if cert is configured, correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-28 22:50:50 +01:00 |
|
|
|
2d03bd5c89
|
outposts/ldap: only use common cert if cert is configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-28 21:29:36 +01:00 |
|
|
|
ff13b4bb46
|
outposts/ldap: use configured certificate for LDAPS when all providers' certificates are identical
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-28 19:15:29 +01:00 |
|
|
|
2b2323fae7
|
outposts: include hostname in outpost heartbeat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-28 16:07:52 +01:00 |
|
|
|
b3da1d223c
|
providers/proxy: correctly set id_token_hint if possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-12 19:02:37 +00:00 |
|
|
|
107f2745c8
|
providers/ldap: improve mapping of LDAP filters to authentik queries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-12 18:30:52 +00:00 |
|
|
|
c21c1757de
|
core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 (#4179)
* core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0)
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* update custom tracer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-09 12:20:41 +01:00 |
|
|
|
be9790ef8a
|
internal: reuse http transport to prevent leaking connections (#3996)
* Fix: Using the same http transport as the api
* fix: Using global tlsTransport instead of newly created one
|
2022-11-25 18:24:01 +01:00 |
|
|
|
276af8457d
|
root: make sentry DSN configurable (#4016)
* make sentry DSN configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make proxy smarter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix typo in config struct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-11-15 16:05:29 +01:00 |
|
|
|
55aa1897af
|
root: use single redis db (#4009)
* use single redis db
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure __str__ always returns string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix remaining old prefixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-11-15 14:31:29 +01:00 |
|
|
|
d53733b6fc
|
outposts/proxy: reduce possibility for redirect loops, keep single state (#3831)
use single state, redirect when start url is hit with active session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-10-20 21:27:34 +02:00 |
|
|
|
b864de7721
|
outposts/ldap: increase compatibility with different types in user and group attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-10-16 22:32:18 +02:00 |
|
|
|
44e4f2e561
|
crypto: make certificate parsing optional for crypto api (#3711)
|
2022-10-01 00:06:00 +02:00 |
|
|
|
50819ae0f0
|
*: improve error handling in ldap outpost, ignore additional errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-23 22:11:47 +02:00 |
|
|
|
49b6aabb02
|
outposts/proxy: fix redirect path when external host is a subdirectory (#3628)
fix redirect path when external host is a subdirectory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-22 10:10:29 +02:00 |
|
|
|
47daaf969a
|
outposts: fix oauth state when using signature routing (#3616)
* fix oauth state when using signature routing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more retires
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-19 21:38:34 +02:00 |
|
|
|
220f123b29
|
internal: add more tracing for states
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-07 09:53:10 +02:00 |
|
|
|
621245aece
|
internal: optimise outpost's flow executor to use less requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-03 21:29:58 +02:00 |
|
|
|
8e7a456f74
|
providers/proxy: fix routing based on signature in traefik and caddy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-02 22:03:08 +02:00 |
|
|
|
14a7c9f967
|
internal: fix outposts not logging flow execution errors correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-31 23:03:57 +02:00 |
|
|
|
8ffae4505f
|
internal: set Host on url in envoy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-18 23:20:12 +01:00 |
|
|
|
0cc83c23c4
|
providers/proxy: fix duplicate proxy set default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-18 21:13:45 +01:00 |
|
|
|
514c48a986
|
internal: fix routing for requests with querystring signature to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-18 20:43:01 +02:00 |
|
|
|
846b63a17b
|
*: remove some very verbose logging messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-17 13:36:56 +02:00 |
|
|
|
201bea6d30
|
internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-07 18:50:24 +02:00 |
|
|
|
89fef0ae72
|
blueprints: docs (#3376)
* further blueprint cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make group users and parent optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix api client usage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-06 00:52:12 +02:00 |
|
|
|
2ce8e18bab
|
internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3360
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-03 21:33:27 +02:00 |
|
|
|
fcf4657833
|
providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser
closes #3314
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-30 20:29:23 +02:00 |
|
|
|
393d7ec486
|
providers/proxy: no exposed urls (#3151)
* test any callback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dont detect callback in per-server handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use full redirect uri with both path and query param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* correctly route to embedded outpost for callback signature
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix allowed redirects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-30 17:51:01 +02:00 |
|
|
|
b41acebf5b
|
providers/proxy: add caddy endpoint (#3330)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-29 10:58:53 +02:00 |
|
|
|
10b48b27b0
|
internal: walk config in go, check, parse and load from scheme like in python
closes #2719
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-26 11:33:37 +02:00 |
|
|
|
41eb44137e
|
internal: remove pkg/errors
|
2022-07-05 20:26:33 +00:00 |
|
|
|
eb633c607e
|
internal: fix nil pointer reference
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-01 17:02:53 +02:00 |
|
|
|
b6267fdf28
|
*: add versioned user agent to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-20 11:54:10 +02:00 |
|
|
|
79bec6f6b2
|
providers/proxy: only send misconfiguration event once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-16 10:32:34 +02:00 |
|
|
|
bdf76bb4b7
|
internal: skip tracing for go healthcheck and metrics endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-10 22:21:11 +02:00 |
|
|
|
8d3275817b
|
providers/ldap: fix existing binder not being carried forward correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-05 18:51:01 +02:00 |
|
|
|
e30103aa9f
|
providers/proxy: use same redirect-save code for all modes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-04 23:25:47 +02:00 |
|
|
|
bb244b8338
|
providers/ldap: fix session cache being lost on provider refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-04 18:03:00 +02:00 |
|
|
|
8447e9b9c2
|
providers/proxy: envoy v2 (#3029)
* add path prefix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use prefix correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only set redirect if session doesn't have a redirect yet
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-03 10:32:52 +02:00 |
|
|
|
f9a419107a
|
outposts/proxyv2: add basic envoy support (#3026)
* outposts/proxyv2: add basic envoy support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't crash when backend is not available
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add envoy tests and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-03 00:06:09 +02:00 |
|
|
|
8f0572d11e
|
outposts/ldap: add correct group objectClass (#3023)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2861
|
2022-06-02 18:48:07 +02:00 |
|
|
|
eba339ba27
|
core: improve loading speed of flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-02 14:20:23 +02:00 |
|
|
|
3eb466ff4b
|
lifecycle: cleanup prometheus (#2972)
* remove high cardinality labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* retry worker number for prometheus multiprocess id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* revert to pid, use subdirectories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix missing app label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: remove static names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-29 21:45:25 +02:00 |
|
|
|
a03dde8a90
|
outposts/ldap: fix type assertion after upgrading to new API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-27 16:36:15 +02:00 |
|
|
|
a286f999e2
|
api: migrate to openapi generator v6 (#2968)
* migrate to openapi generator v6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-26 15:15:30 +02:00 |
|
|
|
646d174dd2
|
internal: revert cookie path on proxy causing redirect loops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 16:26:12 +02:00 |
|
|
|
5c91658484
|
internal: fix nil pointer dereference in ldap outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 15:48:50 +02:00 |
|
|
|
ebb44c992b
|
Revert "internal: set SameSite for outpost"
This reverts commit 7e95c756b9.
|
2022-05-21 14:08:40 +02:00 |
|
|
|
7e95c756b9
|
internal: set SameSite for outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-21 13:21:45 +02:00 |
|
