|
|
276af8457d
|
root: make sentry DSN configurable (#4016)
* make sentry DSN configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make proxy smarter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix typo in config struct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-11-15 16:05:29 +01:00 |
|
|
|
56181a45a1
|
internal: limit body size
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-10-17 18:52:16 +02:00 |
|
|
|
53f224300b
|
internal: set ETag header on static resources to reduce cache issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3456
|
2022-09-11 23:18:34 +02:00 |
|
|
|
242423cf3c
|
internal: remove sentryhttp from main server mux to prevent double traces
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-09-03 16:41:47 +02:00 |
|
|
|
514c48a986
|
internal: fix routing for requests with querystring signature to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-18 20:43:01 +02:00 |
|
|
|
846b63a17b
|
*: remove some very verbose logging messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-17 13:36:56 +02:00 |
|
|
|
4c9878313c
|
sources/oauth: correctly concatenate URLs to allow custom parameters to be included
closes #3374
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-08 21:17:32 +02:00 |
|
|
|
6356ddd9f3
|
internal: replace ioutils
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-08 21:00:45 +02:00 |
|
|
|
201bea6d30
|
internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-07 18:50:24 +02:00 |
|
|
|
2ce8e18bab
|
internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3360
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-03 21:33:27 +02:00 |
|
|
|
393d7ec486
|
providers/proxy: no exposed urls (#3151)
* test any callback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dont detect callback in per-server handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use full redirect uri with both path and query param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* correctly route to embedded outpost for callback signature
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix allowed redirects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-30 17:51:01 +02:00 |
|
|
|
10b48b27b0
|
internal: walk config in go, check, parse and load from scheme like in python
closes #2719
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-26 11:33:37 +02:00 |
|
|
|
ece0429ea8
|
internal: failback with self-signed cert if cert for tenant fails to load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-20 21:26:34 +02:00 |
|
|
|
0a83b04419
|
internal: fix routing to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-16 17:05:27 +02:00 |
|
|
|
2d48fe42f4
|
internal: dont sample gunicorn proxied requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-16 11:32:21 +02:00 |
|
|
|
bdf76bb4b7
|
internal: skip tracing for go healthcheck and metrics endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-10 22:21:11 +02:00 |
|
|
|
62a939b91d
|
internal: bump api client to v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-03-03 10:40:07 +01:00 |
|
|
|
e194715c3e
|
internal: fix CSRF error caused by Host header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 14:34:55 +01:00 |
|
|
|
02ba493759
|
internal: trace headers and url for backend requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:48:17 +01:00 |
|
|
|
a7fea5434d
|
internal: remove uvicorn server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:38:47 +01:00 |
|
|
|
4fb783e953
|
internal: improve error handling for internal reverse proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-09 12:33:37 +01:00 |
|
|
|
4343246a41
|
*: rename akprox to outpost.goauthentik.io (#2266)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-02-08 20:25:38 +01:00 |
|
|
|
e1c0c0b20c
|
internal: don't override server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-24 22:05:11 +01:00 |
|
|
|
14c7d8c4f4
|
internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2079
|
2022-01-18 23:19:43 +01:00 |
|
|
|
c741c13132
|
internal: fix listen attempt on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-03 12:36:11 +01:00 |
|
|
|
27e4c7027c
|
web: fix potential panic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-26 14:24:44 +01:00 |
|
|
|
87e99625e6
|
internal: update tenant certificates on outpost refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-23 00:38:49 +01:00 |
|
|
|
34b11524f1
|
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 11:43:45 +01:00 |
|
|
|
b3ba083ff0
|
internal: cleanup logging, remove duplicate code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 10:33:21 +01:00 |
|
|
|
22a8603892
|
internal: add custom proxy certificates support to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 10:16:01 +01:00 |
|
|
|
f8aab40e3e
|
internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-16 11:00:19 +01:00 |
|
|
|
d0ceafe79e
|
outposts/proxy: add X-authentik-meta-version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:59:45 +01:00 |
|
|
|
f2023a7af2
|
*: don't use go embed to make using custom files easier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-01 20:35:28 +01:00 |
|
|
|
d1bd8f333b
|
outposts/proxy: use disableIndex for static files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-19 10:50:56 +01:00 |
|
|
|
2ac9f5426d
|
outposts: don't panic when listening for metrics fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-19 10:37:13 +01:00 |
|
|
|
7cf8a31057
|
internal: fix integrated docs not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-15 16:13:02 +01:00 |
|
|
|
74382c6287
|
cmd/server: improve cleanup on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-07 18:03:29 +01:00 |
|
|
|
c87a9f9489
|
web: remove debug entry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-03 20:19:37 +01:00 |
|
|
|
0d02dbf55c
|
api: replace django sentry proxy with go proxy to prevent login issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-02 14:44:37 +01:00 |
|
|
|
57e86582d1
|
Revert "root: handle liveness probe in router (also keep internal one)"
This reverts commit dd7cb45733.
|
2021-10-12 18:44:08 +02:00 |
|
|
|
dd7cb45733
|
root: handle liveness probe in router (also keep internal one)
This reverts commit d39dbc7287.
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 18:43:39 +02:00 |
|
|
|
d39dbc7287
|
root: handle liveness probe in router
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-12 14:54:15 +02:00 |
|
|
|
aef9d27706
|
stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-11 17:51:49 +02:00 |
|
|
|
6c603cdf80
|
internal: add internal healthchecking to prevent websocket errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-05 22:21:14 +02:00 |
|
|
|
8d72b3498d
|
internal: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-24 10:44:28 +02:00 |
|
|
|
52bb774f73
|
internal: add asset paths for user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-23 09:57:24 +02:00 |
|
|
|
f771383c4b
|
cmd: fix outpost metrics not being set in embedded mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 12:09:12 +02:00 |
|
|
|
7158c9d2ea
|
core: metrics v2 (#1370)
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 15:52:24 +02:00 |
|
|
|
3c1b70c355
|
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 18:04:56 +00:00 |
|
|
|
75476217a0
|
internal: fix web requests not having a logger set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-04 13:52:47 +02:00 |
|
