44d7e81a93
providers/scim: optimize PropertyMapping fetching and execution ( #9689 )
...
* add helper to mass-compile and re-use mappings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement for scim
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually make it even simpler
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate google
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate microsoft too
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove sleeps in tests with freezegun
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate ldap to propertymapping helper
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move mapper to generic sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* apparently that doesn't work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* forgot a sleep
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport fixes from #9783
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-05-20 15:37:22 +02:00
aeb1b450eb
enterprise/providers/google: initial account sync to google workspace ( #9384 )
...
* providers/google: initial account sync to google workspace
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start separating scim sync client
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* generalize more...ish
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set dispatch_uid
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start generalizing task
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fully separate tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix signals...?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start google dedupe
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* drawing the rest of the owl
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* juse use a whole lot less magic
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* member sync, better implement conflict/retry-able exceptions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* max wizards taller
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* gen api, basic UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch more bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* generalize sync status API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework sync chart
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add slugify to evaluator
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test property mappings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename to google workspace
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* handle existing objects
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix credential render
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* verify email has correct domain before syncing user
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing docstring
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lock not being used
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* abstract more common stuff away
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport time limit fix
https://github.com/goauthentik/authentik/pull/9546
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start discovery
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement discover for google
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent same issue as with https://github.com/goauthentik/authentik/pull/9557
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix sync status
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make group name unique in API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reference to old wrapper
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
man this api client is awful
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add SkipObject
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont use weak ref
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add group tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add user and group delete options
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set user agent
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* if the api's testing tools are awful, let's just make our own
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more tests and already fix some more bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add discover
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview banner
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add group import test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only import users/groups in the correct parent group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix conflicting args
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing schedule
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add default_group_email_domain
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-05-07 19:52:20 +02:00
b225b0200e
root: early spring clean for linting ( #8498 )
...
* remove pyright
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove pylint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace pylint with ruff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ruff fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix UP038
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix DJ012
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix default arg
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix UP031
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename stage type to view
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix DJ008
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix remaining upgrade
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix PLR2004
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix B904
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix PLW2901
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix remaining issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent ruff from breaking the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* stages/prompt: refactor field building
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fully remove isort
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-02-24 18:13:35 +01:00
8949464294
root: reformat with latest black version and fix tests ( #8376 )
...
* format files
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix pyright
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* revert #8367
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-31 15:24:45 +01:00
abc0c2d2a2
root: Multi-tenancy ( #7590 )
...
* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "fix oauth source type import"
This reverts commit d015fd0244marc.schmitt@risson.space >
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try with connection_created signal"
This reverts commit 764a999db832b40a3bbbmarc.schmitt@risson.space >
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a614bffb19704marc.schmitt@risson.space >
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447jens@goauthentik.io >
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-23 14:28:06 +01:00
a0f607b5ac
web/flows: bottom-align about text on flows page ( #7051 )
...
* web/flows: bottom-align about text on flows page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of typos
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-10-03 14:10:10 +02:00
6612f729ec
stages/authenticator: vendor otp ( #6741 )
...
* initial import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update imports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove email and hotp for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove things we don't need and clean up
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial merge static
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial merge totp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add system migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup, add doctests to test_runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup more lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup last tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docstrings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement SerializerModel
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-09-04 11:45:14 +02:00
8bba3c0a9b
core: rework recursive group membership ( #6017 )
...
* rework checking group membership and add `user.all_groups` to get full list of groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor some more for better performance
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate things to use all_groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix for django 4.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-08-18 17:31:39 +02:00
6766b12bd1
events: fix ak_create_event using wrong request for event creation ( #5731 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-05-24 00:51:16 +02:00
44341f0224
lib: add tests for ak_create_event ( #5710 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-05-22 00:18:54 +02:00
977757f561
policies: provider raw result for better policy reusability ( #5189 )
...
* policies: include raw_result in PolicyResult
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move ak_call_policy to base evaluator
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-04-06 09:42:29 +02:00
a6eba37d5a
core: Add resolve_dns and reverse_dns functions to evaluator ( #4769 )
...
* Add resolve_dns
* Add reverse_dns
* Fix lint
* add caching, small optimisation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Added time-aware LRU cache
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2023-03-01 22:15:13 +01:00
9568f4dbd6
root: improve code style ( #4436 )
...
* cleanup pylint comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix url name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* *: use ExtractHour instead of ExtractDay
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-15 17:02:31 +01:00
9ffc720f48
policies: log correct cache state
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-12 15:31:41 +00:00
d67ec1b62f
lib: fix complex objects being included in event context for ak_create_event
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-11-15 16:51:02 +01:00
9f5c019daa
core: add helper function to create events from expressions, move ak_user_has_authenticator to base evaluator
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-14 21:52:41 +02:00
e93be0de9a
sources/ldap: add list_flatten function to property mappings, enable on managed LDAP mappings
...
closes #2199
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-01-31 23:07:32 +01:00
69780c67a9
lib: set evaluation span's description based on filename
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-13 16:32:01 +01:00
ac9cf590bc
*: use prefixed span names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-12-13 16:18:42 +01:00
c779ad2e3b
*: use common user agent for all outgoing requests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-11 21:08:26 +02:00
2b98637ca5
lib: fix regex_match result being inverted, add tests
...
closes #1073
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-23 20:06:43 +02:00
a4c28a28b4
website/docs: improve docs for expressions
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-05-29 21:47:35 +02:00
d3f2f987e0
providers/saml: migrate saml property mappings to web
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-03-31 23:38:40 +02:00
fdde97cbbf
*: replace Dict from typing with normal dict
2021-02-18 13:41:03 +01:00
e555bdd42b
lib: fix stacktrace for general expressions
2021-02-08 22:14:13 +01:00
c1563f4cff
lib: fix ak_is_group_member checking wrong groups
2021-01-28 22:30:59 +01:00
bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 ( #445 )
...
* build(deps): bump structlog from 20.1.0 to 20.2.0
Bumps [structlog](https://github.com/hynek/structlog ) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases )
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0 )
Signed-off-by: dependabot[bot] <support@github.com >
* *: use structlog.stdlib instead of structlog for type-hints
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-01-01 15:39:43 +01:00
a4dc6d13b5
events: rename audit to events and use for more metrics ( #397 )
...
* events: rename audit to events
* policies/expression: log expression exceptions as event
* policies/expression: add ExpressionPolicy Model to event when possible
* lib/expressions: ensure syntax errors are logged too
* lib: fix lint error
* policies: add execution_logging field
* core: add property mapping tests
* policies/expression: add full test
* policies/expression: fix attribute name
* policies: add execution_logging
* web: fix imports
* root: update swagger
* policies: use dataclass instead of dict for types
* events: add support for dataclass as event param
* events: add special keys which are never cleaned
* policies: add tests for process, don't clean full cache
* admin: create event when new version is seen
* events: move utils to separate file
* admin: add tests for admin tasks
* events: add .set_user method to ensure users have correct attributes set
* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
1cfe1aff13
wip: rename to authentik ( #361 )
...
* root: initial rename
* web: rename custom element prefix
* root: rename external functions with pb_ prefix
* root: fix formatting
* root: replace domain with goauthentik.io
* proxy: update path
* root: rename remaining prefixes
* flows: rename file extension
* root: pbadmin -> akadmin
* docs: fix image filenames
* lifecycle: ignore migration files
* ci: copy default config from current source before loading last tagged
* *: new sentry dsn
* tests: fix missing python3.9-dev package
* root: add additional migrations for service accounts created by outposts
* core: mark system-created service accounts with attribute
* policies/expression: fix pb_ replacement not working
* web: fix last linting errors, add lit-analyse
* policies/expressions: fix lint errors
* web: fix sidebar display on screens where not all items fit
* proxy: attempt to fix proxy pipeline
* proxy: use go env GOPATH to get gopath
* lib: fix user_default naming inconsistency
* docs: add upgrade docs
* docs: update screenshots to use authentik
* admin: fix create button on empty-state of outpost
* web: fix modal submit not refreshing SiteShell and Table
* web: fix height of app-card and height of generic icon
* web: fix rendering of subtext
* admin: fix version check error not being caught
* web: fix worker count not being shown
* docs: update screenshots
* root: new icon
* web: fix lint error
* admin: fix linting error
* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00
