a184240855
website/docs: move Applications docs up a level, other edits ( #8712 )
...
* redirect Apps docs
* add new wizard and video link
* move in sidebar
* remove link to providers
* tweaks
* tweak
* improve wording
* kens edits
* removed duplicate content
* reworded
* further explain apps and providers
* more intro words
* more word tweaks
* ill stop now
* capitalization
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* final surely
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-02-29 15:55:06 -06:00
1f733b04f7
website/docs: s3: fix migration docs ( #8735 )
2024-02-28 16:48:24 +00:00
05fb11b1f0
website/docs: s3: fix environment variables ( #8722 )
2024-02-28 12:27:19 +01:00
5991b82cde
website/docs: 2024.2: update comment about upgrading to mention breaking changes ( #8667 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-02-23 11:59:37 -06:00
3c1c44bda1
website/docs: prepare 2024.2.1 release notes ( #8649 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-22 16:34:50 +01:00
ffbfbd43cb
website/docs: fix link to helm chart release notes ( #8624 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-21 19:00:58 +01:00
cb24fe5c5d
website/blog: Blog about release 2024.2 ( #8580 )
...
* add image and first draft
* tweak
* remove mention of multi-tenancy
* fighting links
* still fighting links
* remove link
* ending
* tweak
* more word polishing
* tweak
* added truncate
* add jens' use cases
* oops
* more of kens edits
* moved truncate
2024-02-21 09:41:45 -06:00
aa81d8f12d
website/docs: also remove 2024.2 rc note
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-21 16:18:56 +01:00
89bc7a037d
website/docs: remove unreleased from release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-21 16:12:09 +01:00
f6f997525f
web: spell customization with a Z ( #8596 )
...
Co-authored-by: Fletcher Heisler <fletcher@goauthentik.io >
2024-02-20 15:21:23 -06:00
fc65d3f43a
website/docs: edit RN to remove tenants ( #8578 )
...
remove tenants
2024-02-19 13:26:30 -06:00
c3fb84397a
providers/oauth2: improve conformance with client_credentials standard ( #8471 )
...
* allow using username:password base64 encoded as client_secret
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support standard method by generating a user
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-19 16:11:20 +01:00
8d78cd97d0
website/docs: remove outdated info ( #8552 )
...
* remove outdated info
* Update website/docs/outposts/embedded/embedded.mdx
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
2024-02-19 16:10:41 +01:00
24d2c4089c
website/docs: edited Docs about tenants ( #8549 )
...
* add info
* more usage deets
* add steps
* polish procedurals
* comma tweak
* Update website/docs/advanced/tenancy.md
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
* marc's edits
* comma tweak
* kens edits
* typo
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-02-19 08:16:55 -06:00
38f47c65a1
website/docs: kubernetes installation: update values ( #8575 )
2024-02-19 14:10:36 +00:00
2abcc9ce8f
website/docs: release notes 2024.2: add note about RC ( #8517 )
2024-02-15 06:09:02 +01:00
5b0e92f034
website/docs: release notes 2024.2: fix API changes titles ( #8516 )
2024-02-14 20:19:24 +00:00
a3bfb3d25c
website/docs: 2024.2 release notes ( #8468 )
...
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-02-14 20:52:56 +01:00
e0db9f3ea1
website/docs: applications: add reference to S3 for icon URLs ( #8488 )
2024-02-14 19:10:33 +00:00
e48f6bbec4
website/docs: changes to text and new screenshots for new Permissions tabs ( #8490 )
...
* update screenshots and docs about perms
* tweaks to procedurals
* tweak links
* typo on akadmin
* Optimised images with calibre/image-actions
---------
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2024-02-14 18:33:45 +00:00
0413afc2a8
website: add note to use compose v2 ( #8352 )
2024-01-29 21:17:58 +01:00
f79054fe8c
website: update release notes ( #8348 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-29 17:50:22 +01:00
1db322b42f
security: fix CVE-2024-23647 ( #8345 )
...
* security: fix CVE-2024-23647
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add website
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-29 17:40:24 +01:00
11ca358242
web/admin: revamped rbac and user settings tabs ( #8299 )
...
* web/admin: fix duplicate RBAC preview banner on permission modal
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* switch non-embedded permission page to use vertical tabs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some leftover html?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move stuff into vertical subtab
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show all of users permission tabs on one main tab
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework role page to match user page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use separate tabs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename role permission tables to match user tables
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename to credentials and tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add country icon to session list
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add oauth access token list
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add helper to get relative time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use pfdivider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace plain hr with pf-c-divider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use new logic for showing relative time in charts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use consistent relative time for event display
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove more leftovers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some alignment issues on the admin dashboard
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update storybook map
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add sanity check to event app lookup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make api drawer header fixed
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix table padding for toggle
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix notification drawer for user interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* enable system task search
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix formatting, exclude generated script from formatting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* web: minor fixes
There's a renderer (it's not a component, not yet) for producing definition lists without
the risk of missing a class or tag.
Breaking conditionally rendered components out to make their use easier to identify.
* fix prettier
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix outpost form
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix more flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-create locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some description for different permission views
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix system task search
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Ken Sternberg <ken@goauthentik.io >
2024-01-26 18:01:03 +01:00
85a8768424
website/docs: fix mention of system settings ( #8325 )
2024-01-26 16:49:37 +00:00
7af35b56c1
website/docs: mention system settings ( #8323 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-01-26 17:11:32 +01:00
4eceebaad8
website/docs: remove references to legacy Docker Compose v1 ( #8138 )
2024-01-25 15:53:30 -06:00
4184f8a770
enterprise: add full audit log [AUTH-458] ( #8177 )
...
* enterprise: add full audit log
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* delegate enabled check to apps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move audit middleware to separate app
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanse before diff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make cleanse include a hash of the values
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix sentry error during lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only use start of hash
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't use deepdiff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add diff ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix info for dict
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* enable audit logging for tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix startup with tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include first 4 chars of raw value?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only log asterisks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-24 11:36:06 +01:00
a62cca36ad
website/docs: Improve example nginx reverse proxy config ( #8160 )
...
Signed-off-by: Daniel Lo Nigro <d@d.sb >
2024-01-23 21:09:55 +01:00
abc0c2d2a2
root: Multi-tenancy ( #7590 )
...
* tenants -> brands, init new tenant model, migrate some config to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* setup logging for tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* configure celery and cache
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes, runs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* task fixes, creation of tenant now works by cloning a template schema, some other small stuff
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* upstream fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix-pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix avatar tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate config reputation_expiry as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web rebase
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations for template schema 3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* revert reputation expiry migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* website: tenants -> brands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* start frontend :help:
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add ability to disable tenants api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* delete embedded outpost if it is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure embedded outpost is disabled when tenants are enabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* management commands: add --schema option where relevant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* store files per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost deletion
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tenant api tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add domain tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add settings tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make --schema-name default to public in mgmt commands
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: make sure lock is per-tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix stuff I broke
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix remaining failing tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try fixing e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* much better frontend, but save does not refresh form properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with latest fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* i18n-extract
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* review comments
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move event_retention from brands to tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* root: add support for storing media files in S3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use permissions for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: disable tenants management
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix embedded outpost create/delete logic
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure prometheus metrics are correctly served
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* makefile: don't delete the go api client when not regenerating it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* tenants api: add recovery group and token creation endpoints
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix startup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix prometheus metrics
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migrations from stable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix oauth source type import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "fix oauth source type import"
This reverts commit d015fd0244marc.schmitt@risson.space >
* try with connection_created signal
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix scim tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix enterprise settings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try with connection_created signal"
This reverts commit 764a999db832b40a3bbbmarc.schmitt@risson.space >
* fix django version
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web after merge
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* relock poetry
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reconcile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* try running tenant save in a transaction
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* black
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* test: export postgres logs for debugging and use failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test: fix container name for logs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* do not copy tenant data
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "try running tenant save in a transaction"
This reverts commit da6dec5a614bffb19704marc.schmitt@risson.space >
* why not
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove failfast
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove postgres query logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix reconcile app decorator
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* enable django checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually nodata was unnecessary as we're cloning from template and not from public
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* pylint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update django-tenants with sequence fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix e2e tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for settings api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add tests for recovery api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* recovery tests: do them on a new tenant
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web: fix system status being degraded when embedded outpost is disabled
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix recovery tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add management command to create a tenant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* checklist
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* spelling
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make web after upgrading
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove extra xlif file
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* prettier
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "add management command to create a tenant"
This reverts commit 39d13c0447jens@goauthentik.io >
* rewite some things on the release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* root: make sure install_id comes from public schema
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* require a license to use tenants
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tenants tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix files migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* release notes: add warning about user sessions being invalidated
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove api disabled test, we can't test for it
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-23 14:28:06 +01:00
73ddaf48be
website/docs: add helm chart 2024.1 breaking changes
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-01-23 13:36:37 +01:00
97c421f34b
Update applications.md
...
Signed-off-by: Lázaro Blanc <40198445+lazaroblanc@users.noreply.github.com >
2024-01-22 10:41:06 +01:00
2bc865b024
website/docs: fix nginx ingress proxy example ( #8245 )
2024-01-22 08:13:58 +00:00
86bf75fe54
website: bump the docusaurus group in /website with 9 updates ( #8087 )
...
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ignore broken links sigh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-bump
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix broken link
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-18 15:00:01 +01:00
c46cd5e7e5
website/docs: embed install video directly ( #8215 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-18 12:17:23 +01:00
b0e74d348a
root: fix listen trusted_proxy_cidrs config loading from environment ( #8075 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-01-10 22:39:27 +00:00
c78bb979ec
website: update changelog for 2023.10.6 and 2023.8.6
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-09 19:02:19 +01:00
6649f7ab72
providers/oauth2: fix CVE-2024-21637 ( #8104 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-09 18:14:12 +01:00
827591d376
website/docs: add link to our example flows ( #8052 )
...
add link to our example flows
Co-authored-by: Tana Berry <tana@goauthentik.io >
2024-01-04 13:32:44 -06:00
509b502d3c
providers/oauth2: offline access ( #8026 )
...
* improve scope check (log when application requests non-configured scopes)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add offline_access special scope
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ensure scope is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update tests for refresh tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* special handling of scopes for github compat
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix spec
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* attempt to fix oidc tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove hardcoded slug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check scope from authorization code instead of request
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix injection for consent stage checking incorrectly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-01-04 19:57:11 +01:00
b778c35396
website/docs: fix typo ( #8015 )
...
Update kubernetes.md
Signed-off-by: Bryan J. <132493975+chkpwd@users.noreply.github.com >
2023-12-31 21:32:13 +01:00
240cf6dd94
enterprise/providers: Add RAC [AUTH-15] ( #7291 )
...
* add basic guacamole
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make everything mostly work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add rac build to CI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix resize, fix web lint, sendSize correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* pre-send connection from client, format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve throughput
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework TokenOutpostConsumer into middleware
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some layout issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add outpost controllers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start testing audio things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix to work with outpost group
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple loadbalancing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add simple reconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* show reconnecting text
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when checking ports
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* move to providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flow check to interface
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix rac app label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix audio
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* allow overriding all settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate keyboard, debug high DPI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing __init__.py breaking model loading
I love python
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* bump successful ws connection to info
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* hide cursor since guac draws that
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add clipboard support (bidirectional)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make codespell not want to break the code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* run pr comment in separate task
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start endpoint and property mapping stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more endpoint things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix event model_pk filtering with ints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: improve event display for changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rebuild endpoint stuff again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* idk special url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stuff, connect token with session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add disconnect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework disconnect
cleanly disconnect from guacd instead of just letting the connection timeout
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* clear cache when creating outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* support host:port and fix protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* center smaller viewport
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework connection to wait more and stop after some time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add policy control to endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove provider protocol
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't switch to different outpost connection when already chosen
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start using property mappings, add static settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some RAC mapping settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests for event changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and fix issues found by said tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview banner, move endpoints to main page
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* auto-select endpoint if only one is available
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* backport https://github.com/goauthentik/authentik/pull/7831 to rac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont select property mappings on endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make table modal only load when opened
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only auto-redirect when open
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web deps
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check for token expiry and terminate session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add endpoint name to title
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* disconnect connection when token is manually deleted
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial RAC docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add connection expiry setting to provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix flaky tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-30 21:33:14 +01:00
cb8a91170d
website/docs: Updated url to flows-enrollment-2-stage.yaml ( #7992 )
...
* Updated url to flows-enrollment-2-stage.yaml
Signed-off-by: Dennis Denk <dennis@denk.jetzt >
* Update website/docs/user-group-role/user/invitations.md
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Dennis Denk <dennis@denk.jetzt >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Jens L <jens@beryju.org >
2023-12-26 14:01:38 +01:00
02869d8173
stages/user_login: session binding ( #7881 )
...
* start with user_login stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# authentik/root/settings.py
* fix and improve logout event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* lint pass
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update authenticated session when IP changes and binding doesn't break
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs, always keep old and new IP in event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-gen api schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-23 01:20:23 +01:00
ec8f2d4bf9
stages/email: prevent authentik emails from being marked as spam (also add text template support) ( #7949 )
...
* use <> style email address with name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for text templates
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix icon display in event log
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add text email templates
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs, update email screenshot
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent prettier from breaking example template
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Optimised images with calibre/image-actions
* Apply suggestions from code review
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens L. <jens@beryju.org >
* reword docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-12-21 14:32:05 +01:00
218d61648b
website/docs: prepare 2023.10.5 ( #7947 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-21 14:24:34 +01:00
50860d7ffe
events: add ASN Database reader ( #7793 )
...
* events: add ASN Database reader
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix test config generator
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* de-duplicate code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add enrich_context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rename to context processors?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix cache
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use config deprecation system, update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update more docs and tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test asn db
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-build schema with latest versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-12-20 22:16:50 +01:00
256187ebc6
website/docs: add expression example for geoip ( #7739 )
...
* Update expression.mdx
Added example for GeoIP
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
* Update website/docs/policies/expression.mdx
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
---------
Signed-off-by: Rukk385 <39340512+Rukk385@users.noreply.github.com >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2023-12-20 15:33:58 +01:00
cb906e1913
website/integrations: add Jenkins docs ( #7882 )
...
* website/integrations: add Jenkins docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* prettier pass
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-12-14 20:38:34 +01:00
14fb34f492
website/docs: expand Identification stage docs ( #7869 )
...
* website/docs: expand Identification stage docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also (unrelated) add blurb to application docs to hide an application
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2023-12-14 20:37:48 +01:00
