ee6edec1d8
stages/prompt: Add initial_data prompt field and ability to select a default choice for choice fields ( #5095 )
...
* Added initial_value to model
* Added initial_value to admin panel
* Added initial_value support to flows; updated tests
* Updated default blueprints
* update docs
* Fix test
* Fix another test
* Fix yet another test
* Add placeholder migration
* Remove unused import
2023-04-19 12:27:51 +02:00
80f4fccd35
providers/oauth2: OpenID conformance ( #4758 )
...
* don't open inspector by default when debug is enabled
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* encode error in fragment when using hybrid grant_type
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* require nonce for all response_types that get an id_token from the authorization endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't set empty family_name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only set at_hash when response has token
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleaner way to get login time
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove authentication requirement from authentication flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use wrapper
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix auth_time not being handled correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* minor cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test files
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove USER_LOGIN_AUTHENTICATED
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework prompt=login handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also set last login uid for max_age check to prevent double login when max_age and prompt=login is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-02-23 15:26:41 +01:00
55782d3929
blueprints: don't update default tenant
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-31 15:17:05 +01:00
53b65a9d1a
stages/prompt: field name ( #4497 )
...
* add prompt field name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove numerical prefix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use text field
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add description label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add migrate blueprint to remove old stages
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add task to remove unretrievable blueprints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix blueprint test paths
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests even more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-24 12:23:22 +01:00
813f70b806
blueprints: fix OOB email field overwriting user settings email field
...
closes #4317
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-18 19:40:47 +01:00
f1b3598a0f
blueprints: don't set session_duration in default and example flows ( #4448 )
...
closes #3944
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2023-01-16 13:18:25 +01:00
a960ce9454
stages/user_write: add more user creation options ( #4367 )
...
* add more user creation options
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update blueprints and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2023-01-05 15:46:20 +01:00
84fbeb5721
security: fix CVE 2022 46172 ( #4275 )
...
* fallback to current user in user_write, add flag to disable user creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update api and web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add cve post to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-23 14:12:58 +01:00
3b973e12a4
blueprints: don't require auth on invalidation flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-19 10:33:54 +01:00
db95dfe38d
security: fix CVE 2022 46145 ( #4140 )
...
* add flow authentication requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add website for cve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* flows: handle FlowNonApplicableException without policy result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-12-02 16:14:25 +01:00
5026cebf02
stages/consent: default to expiring consent instead of always_require
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-09-10 13:25:28 +02:00
54ba3e9616
blueprints: add meta model to apply blueprint within blueprint for dependencies ( #3486 )
...
* add meta model to apply blueprint within blueprint for dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* use custom registry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* move ManagedAppConfig to apps.py
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* rename manager to registry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* ci: use full tag in comment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-08-29 21:20:58 +02:00
0ab8f4eed7
blueprints: add required password stage backends
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-08-19 15:59:41 +01:00
070714abe4
website/docs: add more blueprint docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-08-19 12:16:02 +01:00
89fef0ae72
blueprints: docs ( #3376 )
...
* further blueprint cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* make group users and parent optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix api client usage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-08-06 00:52:12 +02:00
ec42d378ab
blueprints/cleanup ( #3369 )
2022-08-05 08:39:00 +02:00
d1004e3798
blueprints: webui ( #3356 )
2022-08-03 00:05:49 +02:00
a023eee9bf
blueprints: migrate from managed ( #3338 )
...
* test all bundled blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix empty title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix default blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add script to generate dev config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* migrate managed to blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add more to blueprint instance
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* migrated away from ObjectManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix lint errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* migrate things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* migrate tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix some tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix a bit more
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* whops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix missing name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* *sigh*
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* scheduled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* run discovery on start
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* oops this test should stay
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-08-01 23:05:58 +02:00
89c84f10d0
blueprints: v1 ( #1573 )
...
* managed: move flowexporter to managed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* *: implement SerializerModel in all models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* managed: add initial api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* managed: start blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* managed: spec
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* version blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* yep
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* remove v2, improve v1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* start custom tag, more rebrand
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* move blueprints out of website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* try new things
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add !lookup, fix web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* update and cleanup default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix tags in lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* don't save field if its set to default value
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* more flow cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* format web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix missing serializer for sms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* ignore _set fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* remove custom file extension
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* migrate default flow to tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* include blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2022-07-31 17:11:44 +02:00
