|
|
1370c32aea
|
cmd: set version in outposts (#13116)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2025-02-19 17:56:57 +01:00 |
|
|
|
5e72ec9c0c
|
root: support running authentik in subpath (#8675)
* initial subpath support
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make outpost compatible
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix static files somewhat
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix most static stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix most web links
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix URL for static files
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add root redirect for subpath
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* set cookie path
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update internal/config/struct.go
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens L. <jens@beryju.org>
* fix sfe
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* bump required version
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flow background
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint and some more links
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix impersonate
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
|
2024-11-26 15:38:23 +01:00 |
|
|
|
abc0c2d2a2
|
root: Multi-tenancy (#7590)
* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Revert "fix oauth source type import"
This reverts commit d015fd0244.
* try with setting_changed signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* Revert "try with connection_created signal"
This reverts commit 764a999db8.
* Revert "try with setting_changed signal"
This reverts commit 32b40a3bbb.
* lib/expression: refactor expression compilation
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a61.
* Revert "do not copy tenant data"
This reverts commit d07ae9423672f068b0bd8be409ff9b58452a80f2.
* Revert "Revert "do not copy tenant data""
This reverts commit 4bffb19704.
* fix clone with nodata
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447.
* split api into smaller files, only import urls when tenants is enabled
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
|
2024-01-23 14:28:06 +01:00 |
|
|
|
240cf6dd94
|
enterprise/providers: Add RAC [AUTH-15] (#7291)
* add basic guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make everything mostly work
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add rac build to CI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix resize, fix web lint, sendSize correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* pre-send connection from client, format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve throughput
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rework TokenOutpostConsumer into middleware
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some layout issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add outpost controllers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start testing audio things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix to work with outpost group
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add simple loadbalancing
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add simple reconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* show reconnecting text
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix error when checking ports
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* move to providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add flow check to interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix go lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix rac app label
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix audio
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow overriding all settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix duplicate keyboard, debug high DPI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing __init__.py breaking model loading
I love python
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* bump successful ws connection to info
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* hide cursor since guac draws that
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add clipboard support (bidirectional)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make codespell not want to break the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* run pr comment in separate task
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start endpoint and property mapping stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more endpoint things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* unrelated: fix event model_pk filtering with ints
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* unrelated: improve event display for changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rebuild endpoint stuff again
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* idk special url
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more stuff, connect token with session
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add disconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rework disconnect
cleanly disconnect from guacd instead of just letting the connection timeout
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clear cache when creating outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* support host:port and fix protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* center smaller viewport
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rework connection to wait more and stop after some time
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add policy control to endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove provider protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't switch to different outpost connection when already chosen
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start using property mappings, add static settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add some RAC mapping settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests for event changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests and fix issues found by said tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add preview banner, move endpoints to main page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* auto-select endpoint if only one is available
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* backport https://github.com/goauthentik/authentik/pull/7831 to rac
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dont select property mappings on endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make table modal only load when opened
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only auto-redirect when open
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* check for token expiry and terminate session
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add endpoint name to title
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* disconnect connection when token is manually deleted
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add initial RAC docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add connection expiry setting to provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-12-30 21:33:14 +01:00 |
|
|
|
729ef4d786
|
root: bump python deps (django 5) (#7862)
* bump python deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* vendor pickle serializer for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
#7761
* cleanup some things and re-build api scheme
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web and go
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually fix go...?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* better annotate json fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use jsondictfield wherever
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove all virtualenvs?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* final version bump
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-12-18 22:07:59 +01:00 |
|
|
|
a0f607b5ac
|
web/flows: bottom-align about text on flows page (#7051)
* web/flows: bottom-align about text on flows page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of typos
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-10-03 14:10:10 +02:00 |
|
|
|
4a434d581d
|
root: handle SIGHUP and SIGUSR2, healthcheck gunicorn (#6630)
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
|
2023-09-27 11:34:29 +00:00 |
|
|
|
fd561ac802
|
root: connect to backend via socket (#6720)
* root: connect to gunicorn via socket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* put socket in temp folder
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use non-socket connection for debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't hardcode local url
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix dev_server missing websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dedupe logging config between gunicorn and main app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* slight refactor for proxy errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-09-02 17:58:37 +02:00 |
|
|
|
9d9616138f
|
cmd: use live endpoint instead of ready for inbuild healthcheck
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-05-08 22:04:18 +02:00 |
|
|
|
367f86ecfb
|
root: optimise healthchecks (#5337)
* tests: remove redundant healthchecks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* internal: do healthcheck within proxy instead of wget to use correct port
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tags
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-04-21 13:32:48 +03:00 |
|
|
|
94ae490284
|
lifecycle: migrate internal healthcheck to use go (#5322)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-04-20 19:46:49 +03:00 |
|
|
|
3f5effb1bc
|
providers/radius: simple radius outpost (#1796)
* initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* minor fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use search-select
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix ip with port being sent to delegated ip
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add radius tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-03-20 16:54:35 +01:00 |
|
|
|
a9680d6088
|
internal: fix race condition with config loading on startup, add index on debug server
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-08 20:33:04 +01:00 |
|
|
|
7eb6320d74
|
outposts: use common config loader for outposts to support loading values from file
closes #4383
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-08 14:19:16 +01:00 |
|
|
|
c21c1757de
|
core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0 (#4179)
* core: bump github.com/getsentry/sentry-go from 0.15.0 to 0.16.0
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.15.0...v0.16.0)
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* update custom tracer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-09 12:20:41 +01:00 |
|
|
|
276af8457d
|
root: make sentry DSN configurable (#4016)
* make sentry DSN configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* make proxy smarter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix typo in config struct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-11-15 16:05:29 +01:00 |
|
|
|
26adf3f774
|
cmd: always stop gunicorn before exiting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-10-15 11:54:11 +02:00 |
|
|
|
85640d402f
|
internal: fix race conditions when accessing settings before bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-06 00:24:55 +02:00 |
|
|
|
d5703dce39
|
internal: fix outposts not reacting to signals while starting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-05 18:13:09 +02:00 |
|
|
|
2ce8e18bab
|
internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#3360
* add docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-08-03 21:33:27 +02:00 |
|
|
|
10b48b27b0
|
internal: walk config in go, check, parse and load from scheme like in python
closes #2719
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-07-26 11:33:37 +02:00 |
|
|
|
b6267fdf28
|
*: add versioned user agent to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-20 11:54:10 +02:00 |
|
|
|
bdf76bb4b7
|
internal: skip tracing for go healthcheck and metrics endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-10 22:21:11 +02:00 |
|
|
|
a286f999e2
|
api: migrate to openapi generator v6 (#2968)
* migrate to openapi generator v6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* bump api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-05-26 15:15:30 +02:00 |
|
|
|
82a999f95d
|
internal: disable HTML encoding in logrus
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-04-04 22:57:55 +02:00 |
|
|
|
f47c936295
|
internal: add optional debug server listening on 9900
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-25 17:18:53 +01:00 |
|
|
|
c741c13132
|
internal: fix listen attempt on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-01-03 12:36:11 +01:00 |
|
|
|
87e99625e6
|
internal: update tenant certificates on outpost refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-23 00:38:49 +01:00 |
|
|
|
34b11524f1
|
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-22 11:43:45 +01:00 |
|
|
|
fc9d270992
|
outposts/ldap: fix log formatter and level not being set correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-20 21:46:01 +01:00 |
|
|
|
621773c1ea
|
internal: rework global logging settings, embedded outpost no longer overwrites core, clean up double init
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-20 21:23:19 +01:00 |
|
|
|
68637cf7cf
|
outposts: handle/ignore http Abort handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-20 19:42:45 +01:00 |
|
|
|
82acba26af
|
internal: fix sentry sample rate not applying to proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-20 19:42:26 +01:00 |
|
|
|
74382c6287
|
cmd/server: improve cleanup on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-07 18:03:29 +01:00 |
|
|
|
6deddd038f
|
internal: start embedded outpost directly after backend is healthy instead of waiting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-04 13:18:04 +01:00 |
|
|
|
0d02dbf55c
|
api: replace django sentry proxy with go proxy to prevent login issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-11-02 14:44:37 +01:00 |
|
|
|
aef9d27706
|
stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-11 17:51:49 +02:00 |
|
|
|
6c603cdf80
|
internal: add internal healthchecking to prevent websocket errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-05 22:21:14 +02:00 |
|
|
|
5f4a1417b2
|
cmd: prevent outposts from panicking when failing to get their config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-05 22:19:05 +02:00 |
|
|
|
f771383c4b
|
cmd: fix outpost metrics not being set in embedded mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 12:09:12 +02:00 |
|
|
|
7158c9d2ea
|
core: metrics v2 (#1370)
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 15:52:24 +02:00 |
|
|
|
4c3a9e69f2
|
outposts/proxy: fix securecookie: no codecs provided error with redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-09 10:23:46 +02:00 |
|
|
|
3c1b70c355
|
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 18:04:56 +00:00 |
|
|
|
45731d8069
|
cmd: add option to disable embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-08-29 19:19:13 +02:00 |
|
|
|
5b57d67b5f
|
cmd: improve error message for local config loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-08-09 00:28:08 +02:00 |
|
|
|
f01bc20d44
|
Embedded outpost (#1193)
* api: allow API requests as managed outpost's account when using secret_key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: load secret key from env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: make listener IP configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost/proxy: run outpost in background and pass requests conditionally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: unify branding to embedded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix embedded outpost not being editable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix mismatched host detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix LDAP test not including user for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix user matching
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add tests for secret_key auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: load environment variables using github.com/Netflix/go-env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-07-29 11:30:30 +02:00 |
|
|
|
6ddd6bfa72
|
root: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-07-18 20:54:34 +02:00 |
|
|
|
05161db458
|
cmd: fix shutdown not being signaled properl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-07-17 18:04:09 +02:00 |
|
|
|
311ffa9f79
|
internal: don't send kill signal to child as we mange it
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-07-17 17:07:35 +02:00 |
|
|
|
be9ca48de0
|
root: fix docker stage name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-07-17 16:40:55 +02:00 |
|
