authentik

Author	SHA1	Message	Date
gcp-cherry-pick-bot[bot]	c16317d7cf	providers/proxy: fix closed redis client (cherry-pick #7385 ) (#7429 ) providers/proxy: fix closed redis client (#7385) Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io>	2023-11-03 15:46:17 +01:00
Jens L	7d91842e8a	providers/proxy: attempt to fix duplicate cookie (#7324 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-10-27 00:41:13 +02:00
Jens L	dd7d3bf738	providers/proxy: fix redis cookies missing strict path (#7135 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-10-10 12:17:35 +02:00
Jens L	4db365c947	providers/proxy: improve SLO by backchannel logging out sessions (#7099 ) * outposts: add support for provider-specific websocket messages Signed-off-by: Jens Langhammer <jens@goauthentik.io> * providers/proxy: add custom signal on logout to logout in provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-10-09 01:06:52 +02:00
Jens L	efb2823391	internal: fix redis session store (#7011 )	2023-09-28 21:06:27 +02:00
Jens L	c93c6ee6f9	root: replace boj/redistore with vendored version of rbcervilla/redisstore (#6988 ) * root: replace boj/redistore with vendored version of rbcervilla/redisstore Signed-off-by: Jens Langhammer <jens@goauthentik.io> * setup env for go tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-09-26 18:56:37 +02:00
Jens L	9e29789c09	root: fix config loading for outposts (#6640 ) * root: fix config loading for outposts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve check to see if outpost is embedded or not Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also fix oauth url fetching Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-08-26 19:40:48 +02:00
Jens L	0782b3b0fa	providers/proxy: set outpost session cookie to httponly and secure wh… (#6482 ) * providers/proxy: set outpost session cookie to httponly and secure when possible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set samesite too Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-08-05 22:09:27 +02:00
Jens L	906faf9cce	providers/proxy: fix panic when claims in session were nil (#5569 ) * providers/proxy: fix panic when claims in session were nil Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add new options Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-10 20:58:44 +02:00
Jens Langhammer	8f70354e3c	internal: remove debug remnant from cookie testing Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-12 17:29:18 +01:00
Jens L	21e29744c2	providers/proxy: different cookie name based on hashed client id (#4666 )	2023-02-12 16:34:57 +01:00
Jens L	af43330fd6	providers/oauth2: rework OAuth2 Provider (#4652 ) * always treat flow as openid flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve issuer URL generation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refactoring Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update introspection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more refinement Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more things, update api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * regen migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start updating tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix implicit flow, auto set exp Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix timeozone not used correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix revoke Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more timezone shenanigans Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix userinfo tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix proxy outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing at_hash for implicit flows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-include at_hash in implicit auth flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use folder context for outpost build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-09 20:19:48 +01:00
Jens Langhammer	388367785d	*/saml: disable pretty_print, add signature tests closes #4536 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-03 15:42:09 +01:00
Jens L	7d4ce41e12	providers/proxy: outpost wide logout implementation (#4605 ) * initial outpost wide logout implementation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle deserialize error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix file cleanup, add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-02 21:18:59 +01:00
Jens L	55aa1897af	root: use single redis db (#4009 ) * use single redis db Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ensure __str__ always returns string Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix remaining old prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 14:31:29 +01:00
Jens Langhammer	10b48b27b0	internal: walk config in go, check, parse and load from scheme like in python closes #2719 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-26 11:33:37 +02:00
Jens Langhammer	646d174dd2	internal: revert cookie path on proxy causing redirect loops Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-21 16:26:12 +02:00
Jens Langhammer	ebb44c992b	Revert "internal: set SameSite for outpost" This reverts commit `7e95c756b9`.	2022-05-21 14:08:40 +02:00
Jens Langhammer	7e95c756b9	internal: set SameSite for outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-21 13:21:45 +02:00
Jens Langhammer	be26b92927	internal: cleanup outpost logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-21 13:18:06 +02:00
Jens Langhammer	421b003218	internal: set path on cookie for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2305	2022-05-11 10:08:38 +02:00
Jens Langhammer	76660e4666	internal: add tests with querystring Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-07 22:03:36 +01:00
Jens Langhammer	62a939b91d	internal: bump api client to v3 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-03 10:40:07 +01:00
Jens Langhammer	af3fb5c2cd	internal: use math.MaxInt for compatibility Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #1819	2022-01-21 23:11:17 +01:00
Jens Langhammer	b932b6c963	website/docs: update log levels Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 13:15:17 +01:00
Jens Langhammer	3c048a1921	outposts/proxy: fix session not expiring correctly due to miscalculation closes #1976 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-21 13:10:57 +01:00
Jens Langhammer	c11be2284d	outposts/proxy: also set max length for redis backend Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-13 15:05:55 +01:00
Jens Langhammer	aa321196d7	outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-13 13:33:20 +01:00
Jens Langhammer	4e2457560d	outposts/proxy: use filesystem storage for non-embedded outposts Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-12-12 17:59:31 +01:00
Jens Langhammer	22a7c25526	internal: call GetStore on application to improve logging Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-10-12 13:33:20 +02:00
Jens Langhammer	9f4a4449f5	outposts/proxy: ensure cookies only last as long as tokens closes #1462 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-25 16:12:59 +02:00
Jens Langhammer	4c3a9e69f2	outposts/proxy: fix securecookie: no codecs provided error with redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:23:46 +02:00
Jens Langhammer	8ca29f6d49	Revert "outpost/proxy: set samesite none" This reverts commit `f7afb60c1f`.	2021-09-08 22:56:24 +02:00
Jens Langhammer	f7afb60c1f	outpost/proxy: set samesite none Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 22:06:44 +02:00
Jens L	3c1b70c355	outposts/proxyv2 (#1365 ) * outposts/proxyv2: initial commit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> more stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add forward auth an sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> match cookie name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> re-add support for rs256 for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> ensure unique user-agent is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> set cookie duration based on id_token expiry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> build proxy v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add ssl Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add basic auth and custom header support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add application cert loading Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> implement whitelist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> migrate embedded outpost to v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> remove old proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> providers/proxy: make token expiration configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only allow one redirect URI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix docker build for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove default port offset Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add AUTHENTIK_HOST_BROWSER Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix e2e/integration tests not using proper tags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove references of old port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix user_attributes not being loaded correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 18:04:56 +00:00

35 Commits