authentik

Author	SHA1	Message	Date
Marc 'risson' Schmitt	5d87eb97be	outposts/ldap: fix race condition when refreshing the provider Fixes the race condition causing the crash found in #4138, which doesn't actually have anything to do with the issue itself. As far as I can work out, when the outpost refreshes its list of providers, it copies over its `boundUsers`, probably to avoid having to fetch them all again, and does so by making a shallow copy of that `map`, but not the mutex associated with it. It now has multiple references to the same map, each protected by a different mutex, which under certain conditions can cause a `concurrent map read and map write` error. This fix copies the map contents instead of make a shallow copy. Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2023-06-02 15:42:19 +02:00
Jens Langhammer	be85eecac5	release: 2023.5.3	2023-06-01 19:35:13 +02:00
Jens Langhammer	5e5a74eebf	release: 2023.5.2	2023-05-26 23:54:12 +02:00
Jens Langhammer	6900ffffd8	release: 2023.5.1	2023-05-18 21:33:38 +02:00
Jens Langhammer	8faec99bd6	release: 2023.5.0	2023-05-16 14:00:48 +02:00
Jens L	906faf9cce	providers/proxy: fix panic when claims in session were nil (#5569 ) * providers/proxy: fix panic when claims in session were nil Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add new options Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-10 20:58:44 +02:00
dependabot[bot]	4d58eba027	core: bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 (#5548 ) * core: bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.20.0 to 0.21.0. - [Release notes](https://github.com/getsentry/sentry-go/releases) - [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-go/compare/v0.20.0...v0.21.0) --- updated-dependencies: - dependency-name: github.com/getsentry/sentry-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-09 11:22:57 +02:00
authentik-db-cooper	ab795e6642	internal: ignore insecure TLS certs (#5483 ) * servers: ignore insecure TLS certs * slight refactor to have a single place for tls config Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-05 15:57:52 +03:00
Jens L	b7b62ba089	providers/ldap: correctly use pagination in search results in both modes (#5492 ) closes #4292 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-05 15:51:02 +03:00
Bardi Harborow	5c8f024d12	website: add documentation for AUTHENTIK_REDIS__TLS (#5349 ) * website: add documentation for AUTHENTIK_REDIS__TLS Signed-off-by: Bardi Harborow <bardi@bardiharborow.com> * add tls reqs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Bardi Harborow <bardi@bardiharborow.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-04-23 11:37:53 +03:00
Jens L	bb92c4a967	providers/ldap: remove deprecated fields (#5154 ) * providers/ldap: remove deprecated fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 14:10:24 +03:00
Jens L	367f86ecfb	root: optimise healthchecks (#5337 ) * tests: remove redundant healthchecks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * internal: do healthcheck within proxy instead of wget to use correct port Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tags Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 13:32:48 +03:00
Jens L	ce5f6d5d43	release: Version 2023.4 (#5283 ) * release: 2023.4.0 * release: 2023.4.1	2023-04-18 10:45:17 +02:00
Jens L	8160663214	release: 2023.4.0 (#5254 )	2023-04-14 13:20:22 +02:00
Jens L	fd2677af1f	root: bump api generator (#5139 ) * root: bump api generator Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump api diff too Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump go api client Signed-off-by: Jens Langhammer <jens@goauthentik.io> * simplify go api generation Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-01 18:10:52 +02:00
Jens L	32840d3909	web/admin: fix error adding users to groups (#5016 ) * web/admin: fix error adding users to groups and vice versa Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove seed Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 18:15:36 +01:00
Jens L	3f5effb1bc	providers/radius: simple radius outpost (#1796 ) * initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use search-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix ip with port being sent to delegated ip Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add radius tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 16:54:35 +01:00
Jens L	ef028af7d1	providers/proxy: rework endpoints logic (#4993 ) * providers/proxy: rework endpoints logic again...this time with tests and better logic Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-18 18:51:20 +01:00
Jens L	8363016982	version: 2023.3 (#4980 ) * release: 2023.3.0 * providers/ldap: fix duplicate attributes (#4972) closes #4971 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * providers/oauth2: fix response for response_type code and response_mode fragment (#4975) * web/flows: fix authenticator selector in dark mode (#4974) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * release: 2023.3.1 --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-16 22:43:57 +01:00
Jens L	345fa1bed6	providers/ldap: fix duplicate attributes (#4972 ) closes #4971 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-16 12:14:17 +01:00
Jens L	eaf56f4f3f	stages/user_login: stay logged in (#4958 ) * add initial remember me offset Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to go executor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ui for user login stage Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 20:21:05 +01:00
Jens L	6f6d22da13	release: 2023.3.0 (#4925 )	2023-03-13 19:10:48 +01:00
Jens L	41d17dc543	internal: fix crash when port 9000 is in use (#4863 ) fix crash when port 9000 is in use Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 13:27:46 +01:00
roche-quentin	cd99b6e48f	providers/ldap: making ldap compatible with synology (#4694 ) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 15:26:41 +01:00
sdimovv	51c6a14786	providers/ldap: Improve compatibility with LDAP clients (#4750 ) * Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-' * Leave old fields for now for backward compatibility * Add forgotten depreceated field * Fix tests * Fix tests * use shorter attribute names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sanitize attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep both sanitized and unsanitized user fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sanitized fields to test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:18:22 +01:00
Jens Langhammer	f70be86ddc	providers/proxy: strip scheme when comparing redirect URL Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-20 21:22:26 +01:00
Jens Langhammer	9f431396c0	providers/proxy: ensure issuer is correct when browser url override is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> #4715	2023-02-19 17:35:29 +01:00
Jens Langhammer	0874574e5c	*: add additional prometheus metrics, remove unusable high entropy metrics Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-19 17:08:40 +01:00
Jens Langhammer	d842fc4958	release: 2023.2.2	2023-02-15 19:53:42 +01:00
Jens Langhammer	acfa9c76d1	providers/ldap: check MFA password on password stage Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 16:27:08 +01:00
Jens Langhammer	d945d30cda	providers/proxy: fix value is too long with filesystem sessions closes #4693 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 10:50:01 +01:00
Jens Langhammer	b6c120f555	providers/proxy: fix client credential flows not using http interceptor Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-15 00:22:56 +01:00
Jens Langhammer	80de3ee853	release: 2023.2.1	2023-02-14 18:52:36 +01:00
Jens Langhammer	58e001c3d5	internal: fix scheme not being forwarded correctly for host intercepted requests Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-14 14:31:04 +01:00
Jens Langhammer	81d70e5d41	release: 2023.2.0	2023-02-14 13:15:47 +01:00
Jens L	ec42b597ab	providers/proxy: send token request internally, with overwritten host header (#4675 ) * send token request internally, with overwritten host header Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-13 16:34:47 +01:00
[information redacted]	d4dce5b250	root: fix config load order to include /etc/authentik/config.yml (#4669 )	2023-02-12 23:52:13 +01:00
Jens Langhammer	8f70354e3c	internal: remove debug remnant from cookie testing Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-12 17:29:18 +01:00
Jens L	21e29744c2	providers/proxy: different cookie name based on hashed client id (#4666 )	2023-02-12 16:34:57 +01:00
Jens L	af43330fd6	providers/oauth2: rework OAuth2 Provider (#4652 ) * always treat flow as openid flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve issuer URL generation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactoring Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update introspection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refinement Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more things, update api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * regen migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start updating tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix implicit flow, auto set exp Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix timeozone not used correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix revoke Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more timezone shenanigans Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix userinfo tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing at_hash for implicit flows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-include at_hash in implicit auth flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use folder context for outpost build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-09 20:19:48 +01:00
Jens Langhammer	5aa43eeb04	internal: better error message when outpost API controller couldn't fetch outposts closes #4642 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-08 14:13:17 +01:00
Jens Langhammer	3170b2f92c	providers/proxy: add token support for basic auth Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-07 22:50:49 +01:00
Jens Langhammer	61b06eff06	providers/proxy: better log outpost token errors Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-06 20:26:43 +01:00
Jens Langhammer	146d54813c	providers/ldap: fix error not being checked correctly when fetching users Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-03 18:10:06 +01:00
Jens Langhammer	388367785d	*/saml: disable pretty_print, add signature tests closes #4536 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-03 15:42:09 +01:00
Jens L	7d4ce41e12	providers/proxy: outpost wide logout implementation (#4605 ) * initial outpost wide logout implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle deserialize error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix file cleanup, add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 21:18:59 +01:00
Jens Langhammer	5ea9595c9c	internal: fix cache-control header Signed-off-by: Jens Langhammer <jens@goauthentik.io> #4525	2023-01-25 21:18:20 +01:00
Jens L	a9b32e2f97	providers/ldap: add unbind flow execution (#4484 ) add unbind flow execution Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-23 20:36:30 +01:00
Jens Langhammer	9397598376	release: 2023.1.2	2023-01-23 14:25:55 +01:00
Jens Langhammer	430a207865	release: 2023.1.1	2023-01-23 11:34:58 +01:00

1 2 3 4 5 ...

530 Commits