e76d388ce4
release: 2025.4.0 ( #14299 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-04-30 13:15:38 +00:00
e4d2a53ccc
release: 2025.2.4 ( #13830 )
...
* release: 2025.2.4
* bump version in uv.lock
2025-04-08 19:16:00 +00:00
7826e7a605
core: bump oss/go/microsoft/golang from 1.23-fips-bookworm to 1.24-fips-bookworm ( #13027 )
...
* core: bump oss/go/microsoft/golang
Bumps oss/go/microsoft/golang from 1.23-fips-bookworm to 1.24-fips-bookworm.
---
updated-dependencies:
- dependency-name: oss/go/microsoft/golang
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
* upstream docker image, use native fips
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump go version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-03-30 03:26:30 +02:00
bcfd6fefa7
release: 2025.2.3 ( #13705 )
...
* release: 2025.2.3
* fix uv lock not being bumped
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-28 17:08:57 +01:00
5bcf501842
outposts/ldap: fix paginator going into infinite loop ( #13677 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-27 00:05:43 +01:00
84b5992e55
ci: bump golangci/golangci-lint-action from 6 to 7 ( #13661 )
...
* ci: bump golangci/golangci-lint-action from 6 to 7
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 6 to 7.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix v2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix v3
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-03-26 18:03:20 +01:00
f37e1ca642
brands: migrate custom CSS to brands ( #13172 )
...
* brands: migrate custom CSS to brands
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* simpler migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add css to brand form
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-19 22:52:38 +00:00
2e3624ea82
release: 2025.2.2 ( #13554 )
2025-03-17 22:10:22 +01:00
989d39b154
release: 2025.2.1 ( #13278 )
2025-02-27 10:55:18 +00:00
2b39748c84
root: Backport version 2025.2 ( #13225 )
...
* release: 2025.2.0-rc1
* release: 2025.2.0-rc2
* release: 2025.2.0-rc3
* release: 2025.2.0
2025-02-24 18:35:13 +01:00
334e2c466f
lifecycle: much improved debugging experience ( #12804 )
...
* lifecycle: much improved debugging experience
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add start debug launch configs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only install dev deps in container
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add pathMappings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use debugger variable to enable only debugger without debug mode enabled
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix path map
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-01 03:35:56 +01:00
8cad66536c
release: 2024.12.3 ( #12883 )
...
* release: 2024.12.3
* ci: fix permissions for release-publish pipeline
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ci: fix missing dockerhub login
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-01-29 23:35:06 +01:00
94eff50306
root: redis, make sure tlscacert isn't an empty string ( #12407 )
...
* root: redis, make sure tlscacert isn't an empty string
* make TLSCaCert a string instead of pointer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-01-13 20:14:26 +01:00
6c0d462410
release: 2024.12.2 ( #12615 )
2025-01-09 20:38:27 +01:00
ffd5234396
web: only load version context when authenticated ( #12482 )
...
* only add version context for authz interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename enterprise aware interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont log startup error
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-25 16:58:18 +01:00
40b0f7df8d
root: fix dev build version being invalid semver ( #12472 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-24 01:21:18 +01:00
ee6fcdfbd8
internal: fix missing trailing slash in outpost websocket ( #12470 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-23 23:42:42 +01:00
3eaaa35a4c
release: 2024.12.1 ( #12466 )
2024-12-23 20:51:05 +01:00
15be3f2461
internal: fix URL generation for websocket connection ( #12439 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-20 19:18:50 +01:00
3367ac0e08
root: backport version bump ( #12426 )
2024-12-19 21:27:13 +01:00
40a7135c0c
core: app entitlements ( #12090 )
...
* core: initial app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* base off of pbm
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and oauth2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to proxy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rewrite to use bindings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make policy bindings form and list more customizable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* double fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refine permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing rbac modal to app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* separate scope for app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include entitlements mapping in proxy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add API validation to prevent policies from being bound to entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove duplicate docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-18 14:32:44 +01:00
e5dd923333
release: 2024.10.5 ( #12319 )
...
* release: 2024.10.5
* manually bump aws version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-10 19:20:01 +01:00
1623885dc6
root: fix health status code ( #12255 )
2024-12-03 17:59:16 +02:00
5e72ec9c0c
root: support running authentik in subpath ( #8675 )
...
* initial subpath support
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make outpost compatible
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix static files somewhat
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix most static stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix most web links
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix URL for static files
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add root redirect for subpath
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set cookie path
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update internal/config/struct.go
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens L. <jens@beryju.org >
* fix sfe
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump required version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flow background
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint and some more links
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix impersonate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens L. <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-11-26 15:38:23 +01:00
520148bba4
root: Backport version change ( #12146 )
...
* release: 2024.10.3
* release: 2024.10.4
2024-11-22 01:51:30 +01:00
5ea4580884
security: fix CVE 2024 52307 ( #12115 )
...
* security: fix CVE-2024-52307
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-21 14:24:28 +01:00
4189981995
internal: add CSP header to files in /media ( #12092 )
...
add CSP header to files in `/media`
This fixes a security issue of stored cross-site scripting via embedding
JavaScript in SVG files by a malicious user with `can_save_media`
capability.
This can be exploited if:
- the uploaded file is served from the same origin as authentik, and
- the user opens the uploaded file directly in their browser
Co-authored-by: Jens L. <jens@goauthentik.io >
2024-11-21 09:16:07 +01:00
d4bf3b7068
root: check remote IP for proxy protocol same as HTTP/etc ( #12094 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-20 21:33:35 +01:00
6702f34b40
release: 2024.10.2 ( #12031 )
2024-11-15 00:53:40 +01:00
a892d4afd8
providers/proxy: fix Issuer when AUTHENTIK_HOST_BROWSER is set ( #11968 )
...
correctly use host_browser's hostname as host header for token requests to ensure Issuer is identical
2024-11-13 00:54:40 +01:00
0a862e4fff
root: backport version bump 2024.10.1 ( #11929 )
...
release: 2024.10.1
2024-11-05 20:29:31 +01:00
8245d08ddb
root: backport version bump 2024.10.0 ( #11868 )
...
* release: 2024.10.0-rc1
* root: `bumpversion` 2024.10 (#11865 )
release: 2024.10.0
2024-10-31 00:39:41 +01:00
f482937474
providers/proxy: fix handling of AUTHENTIK_HOST_BROWSER ( #11722 )
...
* providers/proxy: fix handling of AUTHENTIK_HOST_BROWSER (#9622/#4688/#6476)
* chore: fix tests
2024-10-24 16:34:45 +02:00
5b66dbe890
flows: provider invalidation ( #5048 )
...
* add initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add web stage for session end
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate saml and tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* group flow settings when providers have multiple flows
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* adjust name for default provider invalidation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-make migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add invalidation_flow to saml importer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-do migrations again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update web stuff to get rid of old libraries
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make unbind flow for ldap configurable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix flow inspector
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* handle invalidation_flow as optional, as it should be
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also fix ldap outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't generate URL in client
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually make it work???
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migration breaking things...?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start fixing tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix fallback
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate flow setting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix race condition with brand
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix oauth test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix SAML tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to wizard, fix required
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make required, start release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-10-14 15:35:12 +02:00
dc1562a7de
internal: restore /ping behaviour for embedded outpost ( #11568 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-30 18:44:03 +02:00
975b6e53a6
release: 2024.8.3 ( #11542 )
2024-09-27 16:58:04 +02:00
ad3820c11c
providers/proxy: fix panic, keep session storages open ( #11439 )
...
* fix panic when redis connection fails
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-use session when refreshing apps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-19 23:05:58 +02:00
5822653155
release: 2024.8.2 ( #11395 )
2024-09-16 15:02:51 +02:00
171d0f55cb
providers/proxy: fix URL path getting lost when partial URL is given to rd= ( #11354 )
...
* providers/proxy: fix URL path getting lost when partial URL is given to rd=
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better fallback + tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-12 18:02:08 +02:00
b8ae028d4d
root: backport release 2024.8.1 ( #11273 )
...
release: 2024.8.1
2024-09-08 01:35:15 +02:00
5be49a8e80
internal: fix go paginator not setting page correctly ( #11253 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-06 18:38:00 +02:00
8886532ed6
providers/ldap: fix incorrect permission check for search access ( #11217 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-05 01:19:11 +02:00
02ae099bdf
root: version 2024.8 backport ( #11166 )
...
* schemas: fix XML Schema loading...for some reason?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* release: 2024.8.0-rc1
* release: 2024.8.0
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# .bumpversion.cfg
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-03 14:41:40 +02:00
a6225ad7a7
root: backport version bump ( #11045 )
...
* fix outpost form not loading apps for correct type
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix bug from previous pr
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* release: 2024.6.4
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-08-23 16:33:07 +02:00
d75cdfeaf1
internal: Use loop instead of recursion in NewAPIController ( #10745 )
...
use loop instead of recursion
2024-08-16 15:04:07 +02:00
8f53d0b9f3
providers/ldap: Remove search group ( #10639 )
...
* remove search_group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make api operations cleaerer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually use get
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use correct api client for ldap
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix migration warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix styling issue in dark mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated-ish fix button order in wizard
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix missing css import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Optimised images with calibre/image-actions
* Update index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* Update index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* update release notes based on new template
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-08-14 16:31:11 +02:00
bb9e679b9a
outposts: add better UI for showing mismatched versions ( #10885 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-08-12 23:17:15 +02:00
4363c899ac
release: 2024.6.3
2024-08-05 20:08:28 +02:00
e60c36b889
release: 2024.6.2
2024-08-01 01:13:29 +02:00
9b595b2031
outposts: ensure minimum refresh interval ( #10701 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-07-31 14:43:03 +02:00
