6649f7ab72 
					 
					
						
						
							
							providers/oauth2: fix CVE-2024-21637 ( #8104 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2024-01-09 18:14:12 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						240cf6dd94 
					 
					
						
						
							
							enterprise/providers: Add RAC [AUTH-15] ( #7291 )  
						
						... 
						
						
						
						* add basic guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make everything mostly work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add rac build to CI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix resize, fix web lint, sendSize correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* pre-send connection from client, format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve throughput
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework TokenOutpostConsumer into middleware
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some layout issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add outpost controllers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start testing audio things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix to work with outpost group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple loadbalancing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple reconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show reconnecting text
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when checking ports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move to providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flow check to interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix rac app label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix audio
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow overriding all settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate keyboard, debug high DPI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing __init__.py breaking model loading
I love python
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump successful ws connection to info
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* hide cursor since guac draws that
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add clipboard support (bidirectional)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make codespell not want to break the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* run pr comment in separate task
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start endpoint and property mapping stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more endpoint things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix event model_pk filtering with ints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: improve event display for changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rebuild endpoint stuff again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk special url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stuff, connect token with session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add disconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework disconnect
cleanly disconnect from guacd instead of just letting the connection timeout
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clear cache when creating outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support host:port and fix protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* center smaller viewport
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework connection to wait more and stop after some time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add policy control to endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove provider protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't switch to different outpost connection when already chosen
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start using property mappings, add static settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some RAC mapping settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for event changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and fix issues found by said tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview banner, move endpoints to main page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* auto-select endpoint if only one is available
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport https://github.com/goauthentik/authentik/pull/7831  to rac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont select property mappings on endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make table modal only load when opened
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only auto-redirect when open
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for token expiry and terminate session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add endpoint name to title
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disconnect connection when token is manually deleted
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial RAC docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add connection expiry setting to provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-12-30 21:33:14 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b88e39411c 
					 
					
						
						
							
							security: fix CVE-2023-48228 ( #7666 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-11-21 18:10:07 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						261879022d 
					 
					
						
						
							
							security: fix oobe-flow reuse when akadmin is deleted ( #7361 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-10-28 21:24:06 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d9b3e307e3 
					 
					
						
						
							
							website/docs: add 2023.10 release notes ( #7309 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-10-26 15:10:17 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						84fdd3c750 
					 
					
						
						
							
							website/docs: RBAC docs ( #7191 )  
						
						... 
						
						
						
						* draft rbac docs
* tweaks
* add a permissions topic
* tweaks
* more changes
* draft permissions topic
* more content on roles
* links
* typo
* more conceptual info
* Optimised images with calibre/image-actions
* more content on roles
* add more x-ref links
* fix links
* more content
* links
* typos
* polishing
* Update website/docs/user-group-role/access-control/permissions.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* separwate conceptual vs procedural in permissions
* finished groups procedurals
* new page
* added link
* Update website/docs/user-group-role/access-control/permissions.md
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* polish
* edits from PR review
* restructured view section to remove repetition
* rest of edits from PR review
* polished flows and stages
* polish
* typo
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens L. <jens@goauthentik.io > 
						
						
					 
					
						2023-10-26 12:31:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						78af350610 
					 
					
						
						
							
							website/docs: Balok pr for User docs ( #7139 )  
						
						... 
						
						
						
						* procedrual docs
* restructure
* new image, edit tweaks
* more tweaks
* edits
* edits for new button labels
* more content in invitations
* tweaks
* Optimised images with calibre/image-actions
* fixed link
* links
* ken's edits
* changed label name
* spelling checks
* fix links
* links again
* fighting with imports
* ugh
* add extensions back
* fix link
* tweak
* rename file again
* more links
* added punctuation
* use generated index
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-10-12 21:45:21 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						782341441a 
					 
					
						
						
							
							website: update 2023.8 release notes ( #6666 )  
						
						... 
						
						
						
						* update main release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-08-29 19:57:14 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						aa874dd92a 
					 
					
						
						
							
							security: fix CVE-2023-39522 ( #6665 )  
						
						... 
						
						
						
						* stages/email: don't disclose whether a user exists or not when recovering
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update website
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-08-29 19:07:49 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						87f65526e1 
					 
					
						
						
							
							website/docs: Enterprise docs ( #6632 )  
						
						... 
						
						
						
						* new ent docs
* first drafts WIP
* Optimised images with calibre/image-actions
* more details added
* further updates
* tweaks
* better image
* Optimised images with calibre/image-actions
* fix typos
* final edits
* fixed formatting fail
---------
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> 
						
						
					 
					
						2023-08-29 16:57:29 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d9f13e89c6 
					 
					
						
						
							
							website: update release notes ( #6590 )  
						
						... 
						
						
						
						* move 2023.7 to 2023.8
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move version dropdown from navbar to sidebar, and only have it on applicable sites
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove title instead of just hiding it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some styling for the mobile navbar sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add social image
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Optimised images with calibre/image-actions
* fix website tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> 
						
						
					 
					
						2023-08-22 13:03:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4693c50701 
					 
					
						
						
							
							website/docs: Troubleshooting Whitelist Email and Web-Dev Setup Docs ( #6426 )  
						
						... 
						
						
						
						* Whitelist email troubleshooting docs
* update preview website command
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com >
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com >
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com >
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com >
* Update website/docs/troubleshooting/whitelist_email.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com >
* refactor policies section
* refactor policies section
---------
Signed-off-by: Sandeep Gadhiya <sandeepgadhiya22@gmail.com >
Co-authored-by: sandeepgadhiya <sandeep.gadhiya@turtlemint.com >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-08-09 10:06:41 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cc6824fd7c 
					 
					
						
						
							
							core: bump django from 4.1.7 to 4.2 ( #5238 )  
						
						... 
						
						
						
						* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350 
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-08-01 19:30:28 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						33e7903699 
					 
					
						
						
							
							website/docs: add architecture and persistence ( #6250 )  
						
						... 
						
						
						
						* website/docs: add architecture and persistence
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* add note about kubernetes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* link to relevant parts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-07-31 11:21:33 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						87cc649e17 
					 
					
						
						
							
							website: finalise 2023.6 release notes ( #6177 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-07-07 12:17:15 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d22d147c8e 
					 
					
						
						
							
							security: fix CVE-2023-36456 ( #6171 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-07-06 18:16:26 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b0fbd576fc 
					 
					
						
						
							
							security: cure53 fix ( #6039 )  
						
						... 
						
						
						
						* ATH-01-001: resolve path and check start before loading blueprints
This is even less of an issue since 411ef239f6jens@goauthentik.io >
* ATH-01-010: fix missing user filter for webauthn device
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
* ATH-01-008: fix web forms not submitting correctly when pressing enter
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
* ATH-01-004: remove env from admin system endpoint
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ATH-01-005: use hmac.compare_digest for secret_key authentication
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ATH-01-009: migrate impersonation to use API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ATH-01-010: rework
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ATH-01-014: save authenticator validation state in flow context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ATH-01-012: escape quotation marks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add website
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update release ntoes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update with all notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-06-22 22:25:04 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b4a3b266b3 
					 
					
						
						
							
							website/docs: clarify troubleshooting headlines and order ( #5696 )  
						
						... 
						
						
						
						* website/docs: clarify troubleshooting headlines and order
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/troubleshooting/login.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-05-19 15:54:04 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a58374f065 
					 
					
						
						
							
							website/docs: add 2023.5 to release sidebar ( #5631 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-05-16 14:12:30 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8356ceaead 
					 
					
						
						
							
							website/docs: added info about how to upgrade ( #5589 )  
						
						... 
						
						
						
						added info about how to upgrade
Co-authored-by: Tana Berry <tana@goauthentik.io > 
						
						
					 
					
						2023-05-12 10:25:26 -05:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e75e2cf324 
					 
					
						
						
							
							website/docs: flow context docs ( #5243 )  
						
						... 
						
						
						
						* add flow context docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup some redundant things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* added more section headers
* tweaked new headings
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* add more keys, use dedicated prefix for internal keys
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set toc_max_heading_level: 5
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update datatypes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more consistent header
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/flow/context/index.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/flow/context/index.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* Update website/docs/flow/context/index.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana Berry <tana@goauthentik.io >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-04-20 17:31:34 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						67644ace87 
					 
					
						
						
							
							website/docs: prepare 2023.4 release notes ( #5223 )  
						
						... 
						
						
						
						* website/docs: prepare 2023.4 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add prompt preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* Update website/docs/releases/2023/v2023.4.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* add new release to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-04-13 14:11:46 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3f5effb1bc 
					 
					
						
						
							
							providers/radius: simple radius outpost ( #1796 )  
						
						... 
						
						
						
						* initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* minor fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use search-select
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix ip with port being sent to delegated ip
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add radius tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-20 16:54:35 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						eaf56f4f3f 
					 
					
						
						
							
							stages/user_login: stay logged in ( #4958 )  
						
						... 
						
						
						
						* add initial remember me offset
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to go executor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ui for user login stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-15 20:21:05 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						095850f038 
					 
					
						
						
							
							website/docs: add new release to sidebar, cleanup ( #4926 )  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-13 19:04:25 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bf7dc5df78 
					 
					
						
						
							
							website/docs: separate pages for each webserver ( #4911 )  
						
						... 
						
						
						
						* website/docs: separate pages for each webserver
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com > 
						
						
					 
					
						2023-03-13 17:29:51 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b6b820f6f1 
					 
					
						
						
							
							web: toggle dark/light theme manually ( #4876 )  
						
						
						
						
					 
					
						2023-03-09 23:17:53 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						28ddeb124f 
					 
					
						
						
							
							providers: SCIM ( #4835 )  
						
						... 
						
						
						
						* basic user sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add group sync and some refactor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow null authorization flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make task monitored
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing dependency
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make authorization_flow required for most providers via API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make task result better readable, exclude anonymous user
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add task UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add scheduled task for all sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make scim errors more readable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add mappings, migrate to mappings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add mapping UI and more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add scim docs to web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start implementing membership
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate signals to tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate fully to tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* strip none keys, fix lint errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix saml
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add scim schemas and validate against it
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add group put support, add group tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* send correct application/scim+json headers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* stop sync if no mappings are confiugred
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test for task sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add membership tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use decorator for tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make tests better
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-06 19:39:08 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						972dce1462 
					 
					
						
						
							
							security: fix CVE-2023-26481 ( #4832 )  
						
						... 
						
						
						
						fix CVE-2023-26481
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-03-02 20:15:33 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						fc9ae9e938 
					 
					
						
						
							
							website: include 2023.2 in sidebar  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-14 13:17:55 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cadb710c38 
					 
					
						
						
							
							website/docs: add troubleshooting for CSRF  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-02-02 11:09:03 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						26f9bbeefa 
					 
					
						
						
							
							website/docs: add 2023.1 to sidebar  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-01-18 16:36:03 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c73fce4f58 
					 
					
						
						
							
							sources/ldap: manual import ( #4456 )  
						
						... 
						
						
						
						* events: fix task UID
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ldap sync command
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-01-17 12:21:33 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cd12e177ea 
					 
					
						
						
							
							providers/proxy: add initial header token auth ( #4421 )  
						
						... 
						
						
						
						* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for openid/profile claims
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include jwks sources in proxy provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add web ui for jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only show sources with JWKS data configured
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix introspection tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start basic
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs, update admonitions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add client_id to api, add tab for auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io > 
						
						
					 
					
						2023-01-13 16:22:03 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1efc7eecbf 
					 
					
						
						
							
							website/docs: add metrics for monitoring and metrics  
						
						... 
						
						
						
						closes  #4308 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
					
						2023-01-04 20:49:35 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						dc1359a763 
					 
					
						
						
							
							providers/saml: initial SLO implementation ( #2346 )  
						
						... 
						
						
						
						* providers/saml: initial SLO implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* providers/saml: add logout request tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* providers/saml: add tests for POST SLO
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* matrix e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* set e2e matrix name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* separate oidc and oauth tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add basic saml slo e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add better metadata download url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* kinda prepare release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* sort releases into folders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add slo urls to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix linking
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2023-01-04 19:45:31 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9f846d94be 
					 
					
						
						
							
							security: fix CVE 2022 23555 ( #4274 )  
						
						... 
						
						
						
						* add flow to invitation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* show warning on invitation page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add security advisory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-12-23 14:13:49 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						84fbeb5721 
					 
					
						
						
							
							security: fix CVE 2022 46172 ( #4275 )  
						
						... 
						
						
						
						* fallback to current user in user_write, add flag to disable user creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update api and web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add cve post to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-12-23 14:12:58 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f4990bb5da 
					 
					
						
						
							
							core: bundle geoip ( #4250 )  
						
						... 
						
						
						
						* bundle geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* correctly pass secrets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add geoip docs and release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-12-20 22:09:30 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						db95dfe38d 
					 
					
						
						
							
							security: fix CVE 2022 46145 ( #4140 )  
						
						... 
						
						
						
						* add flow authentication requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add website for cve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: handle FlowNonApplicableException without policy result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-12-02 16:14:25 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						147ebf1a5e 
					 
					
						
						
							
							root: rework and expand security policy  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-11-28 12:10:53 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1efc0c1242 
					 
					
						
						
							
							website/docs: update changelog  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-11-21 19:37:28 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a359184f29 
					 
					
						
						
							
							website/docs: add 2022.10 to sidebar  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-10-21 19:42:22 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						10cfccd999 
					 
					
						
						
							
							website/docs: add General Setup instructions for LDAP Provider ( #3680 )  
						
						... 
						
						
						
						* Added General Setup instructions for LDAP Provider
* Added General Setup instructions for LDAP Provider and updated relative links
* updated LDAP Outpost note verbiage
* Corrected the case for LDAP and renamed to Generic Setup
* removed ldapsearch example from index page
* updated verbiage around multifactor authentication
* removed note about local LDAP provider
* updated sidebar to reflect generic_setup
* updated logging info
* corrected typo
* updated stage creation instructions and screenshot
* corrected another typo
* corrected another typo
* reword some things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-10-16 14:57:57 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8ed2f7fe9e 
					 
					
						
						
							
							providers/oauth2: add device flow ( #3334 )  
						
						... 
						
						
						
						* start device flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* web: fix inconsistent app filtering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tenant device code flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add throttling to device code view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* somewhat unrelated changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add initial device code entry flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add finish stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* it works
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add support for verification_uri_complete
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add some tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-10-11 12:42:10 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b16a3d5697 
					 
					
						
						
							
							internal: use config system for workers/threads, document the settings ( #3626 )  
						
						... 
						
						
						
						use config system for workers/threads, document the settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-09-21 09:59:03 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						067166d420 
					 
					
						
						
							
							website: update 2022.9 release notes  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-09-17 14:28:04 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1c569c79f3 
					 
					
						
						
							
							website: add more blueprint docs, 2022.8 release notes  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-08-07 19:27:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b733930745 
					 
					
						
						
							
							website/docs: add 2022.7 to sidebar  
						
						... 
						
						
						
						Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org > 
						
						
					 
					
						2022-07-04 21:14:49 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5e3f44dd87 
					 
					
						
						
							
							flows: add shortcut to redirect current flow ( #3192 )  
						
						
						
						
					 
					
						2022-07-01 23:19:41 +02:00