authentik

Author	SHA1	Message	Date
Jens L	93575a9966	core: prevent selecting a group as a parent of itself (#6016 ) * core: prevent selecting a group as a parent of itself Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api error when no parent is given Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-20 20:21:58 +02:00
Jens L	01311929d1	providers/ldap: improve password totp detection (#6006 ) * providers/ldap: improve password totp detection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add flag for totp mfa support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep support for static tokens Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-20 12:09:13 +02:00
Jens L	a5db60129d	*: use dataclass slots wherever applicable (#6005 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-19 18:31:07 +02:00
risson	0041cf88f4	providers/oauth2: launch url: if URL parsing fails, return no launch URL (#5918 ) * providers/oauth2: launch url: if URL parsing fails, return no launch URL Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only get provider launch URL when no url is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only catch value error Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-06-09 21:56:34 +02:00
Jens L	fd4c5f5ce7	providers/ldap: fix LDAP Outpost application selection (#5812 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-31 14:14:25 +02:00
Jens L	f0619814f9	blueprints: allow setting user's passwords from blueprints (#5797 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-29 21:28:44 +02:00
Jens L	0d0bb1a559	root: add install ID (#5717 ) * root: add install ID Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add fallback when no migrations table exists Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-22 17:24:12 +02:00
Jens L	bb64fb1130	core: make groups field for user optional (#5702 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-21 15:19:05 +02:00
Jens L	79dcc30778	providers/radius: add warning message when radius provider is not used with outpost (#5656 ) * providers/radius: add warning message when radius provider is not used with outpost same message as Proxy and LDAP provider have Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-17 16:19:33 +02:00
Jens L	f4b0d6e85c	providers/scim: default to None for fields instead of empty list (#5642 ) * providers/scim: default to None for fields instead of empty list Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make name of delete_none_keys clearer Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-17 00:25:28 +02:00
Jens L	92fd6a55db	blueprints: adjust wording on managed field (#5558 )	2023-05-09 23:41:42 +02:00
Jens L	eaa3d11df8	api: modular urls (#5551 ) * api: make API urls modular load API urls from app module's urls file instead of a single static file Signed-off-by: Jens Langhammer <jens@goauthentik.io> * refactor websocket url mounting Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-09 14:46:47 +02:00
Jens L	7acd0558f5	core: applications backchannel provider (#5449 ) * backchannel applications Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add webui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include assigned app in provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve backchannel provider list display Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make ldap provider compatible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show backchannel providers in app view Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make backchannel required for SCIM Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup api Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-05-08 15:29:12 +02:00
Jens L	9f4be4d150	blueprints: support setting file URLs in blueprints (#5510 ) * blueprints: support setting file URLs in blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make new fields not required Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include conditional fields in schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-08 15:07:00 +02:00
Jens L	5830781a5a	root: add websocket logging (#5408 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-28 20:34:34 +03:00
Jens L	54d508ae8c	ci: fix pyright errors (#5392 ) * ci: fix pyright errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix error in oauth 1 source Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove redundant blueprint fixtures Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-27 17:33:47 +03:00
Jens L	6a700cb376	core: fix user metrics for users which can't access events (#5252 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-14 11:20:26 +02:00
Jens L	977757f561	policies: provider raw result for better policy reusability (#5189 ) * policies: include raw_result in PolicyResult Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move ak_call_policy to base evaluator Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-06 09:42:29 +02:00
sdimovv	6192d01b7e	stages: Add ability to set user friendly names for MFA stages (#5005 ) * Added ability to name MFA stage * Schema * Changed Charfield to Textfield * Regenerated schema * Add explicit required * set null instead of blank so title check works Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add help text and adjust wording Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-04-02 16:52:44 +02:00
Jens L	75510ead84	core: fix app launch URL flow selection (#5113 )	2023-03-30 02:10:25 +02:00
Jens L	6437fbc814	web/admin: prompt preview (#5078 ) * add initial prompt preview Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't flood api with requests when fields are changeed Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-25 22:31:48 +01:00
risson	1957717160	providers: Add ability to choose a default authentication flow (#5070 ) * core: add ability to choose a default authentication flow for a provider Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * update web to use correct ak-search-select I don't think this element existed when the PR was initially created, lol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only use provider authentication flow for authentication designation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-03-24 13:26:00 +01:00
Jens L	da3222df07	core: fix websocket url path (#5019 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-21 00:20:48 +01:00
Jens L	54cacd784c	*: load websocket paths similarly to URLs (#5018 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-20 23:39:25 +01:00
sdimovv	16a03160d0	core: Add unique constraint to user UUID (#5004 )	2023-03-20 00:33:08 +01:00
Jens L	97df7848a5	blueprints: allow setting of token key in blueprint context (#4995 ) closes #4717 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-18 00:10:12 +01:00
Jens L	e2d3a95c80	web: full web components part 1 (#4964 ) * migrate loading Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate api browser Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate base css Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move tenant fetching to base interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * import pre-loaded stages in flow interface and not executor to strip down executor size Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix redirect and such Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-17 23:10:19 +01:00
Jens L	86f9056d3f	core: fix url validator (#4957 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-15 12:00:57 +01:00
Jens L	86bb2afd02	core: add validator which allows for URLs with formatting (#4890 )	2023-03-10 00:16:17 +01:00
Jens L	b6b820f6f1	web: toggle dark/light theme manually (#4876 )	2023-03-09 23:17:53 +01:00
Jens L	67f3db1e03	core: enforce unique on names where it makes sense (#4866 ) enforce unique on names where it makes sense Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 23:52:34 +01:00
Jens L	28ddeb124f	providers: SCIM (#4835 ) * basic user sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group sync and some refactor Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow null authorization flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task monitored Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing dependency Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make authorization_flow required for most providers via API Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make task result better readable, exclude anonymous user Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add task UI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scheduled task for all sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make scim errors more readable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mappings, migrate to mappings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mapping UI and more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim docs to web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start implementing membership Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate signals to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate fully to tasks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * strip none keys, fix lint errors Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix saml Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add scim schemas and validate against it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add group put support, add group tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * send correct application/scim+json headers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * stop sync if no mappings are confiugred Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for task sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add membership tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use decorator for tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make tests better Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-06 19:39:08 +01:00
Jens L	20e971f5ce	flows: planner error handling (#4812 ) * handle FlowNonApplicableException everywhere Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make flow planner check authentication when no pending user is in planning context Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add mailhog to e2e test services, remove local docker requirement Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-28 15:18:29 +01:00
Jens L	118765ab30	web: fetch custom.css via fetch and add stylesheet (#4804 ) * web: fetch custom.css via fetch and add stylesheet Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't hardcode path Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-27 19:54:19 +01:00
Jens L	596ff529c4	core: bootstrap email (#4788 )	2023-02-26 17:02:45 +01:00
Jens L	b7e4ad7234	web/user: fix source connections not being filtered (#4778 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-24 10:22:02 +00:00
Jens L	80f4fccd35	providers/oauth2: OpenID conformance (#4758 ) * don't open inspector by default when debug is enabled Signed-off-by: Jens Langhammer <jens@goauthentik.io> * encode error in fragment when using hybrid grant_type Signed-off-by: Jens Langhammer <jens@goauthentik.io> * require nonce for all response_types that get an id_token from the authorization endpoint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't set empty family_name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only set at_hash when response has token Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleaner way to get login time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove authentication requirement from authentication flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use wrapper Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix auth_time not being handled correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove USER_LOGIN_AUTHENTICATED Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework prompt=login handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also set last login uid for max_age check to prevent double login when max_age and prompt=login is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-23 15:26:41 +01:00
Jens L	122055b38b	stages/user_login: terminate others (#4754 ) * rework session list Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use sender filtering for signals when possible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add terminate_other_sessions Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:09:28 +01:00
sdimovv	c4e24c04f6	core: Improve service account creation (#4751 ) * Added ability to select service account token expiration on creation * Added call to user.set_unusable_password on service account creation * Added forgotten call to save() * Added and improved existsing tests * Added accidentally deleted help text * Fix lint	2023-02-22 13:19:01 +01:00
Jens Langhammer	b415e9b773	core: remove avatar from group user member list Signed-off-by: Jens Langhammer <jens@goauthentik.io> #4711	2023-02-20 12:40:42 +01:00
Jens Langhammer	1ac2e924a2	core: fix error when creating token without request in context closes #4716 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-19 17:31:20 +01:00
Jens Langhammer	0874574e5c	*: add additional prometheus metrics, remove unusable high entropy metrics Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-19 17:08:40 +01:00
Jens L	ec42b597ab	providers/proxy: send token request internally, with overwritten host header (#4675 ) * send token request internally, with overwritten host header Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-13 16:34:47 +01:00
Jens Langhammer	cefc1a57ee	core: handle error when cleaning up sessions and cached session can't be loaded Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-13 13:22:34 +01:00
sdimovv	b69e55eae9	core: Add support for auto generating unique avatars based on the user's initials (#4663 )	2023-02-12 16:35:17 +01:00
Jens Langhammer	c5870fcab2	core: fix missing uniqueness validator on user api closes #4665 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-11 21:08:51 +01:00
Jens Langhammer	00a16bee76	web/elements: add dropdown css to DOM directly instead of including Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-05 23:32:54 +01:00
Jens Langhammer	f2386f126e	core: fix inconsistent branding in end_session view Signed-off-by: Jens Langhammer <jens@goauthentik.io> #4586	2023-02-01 19:40:59 +01:00
dependabot[bot]	18cfe67719	core: bump black from 22.12.0 to 23.1.0 (#4584 ) * core: bump black from 22.12.0 to 23.1.0 Bumps [black](https://github.com/psf/black) from 22.12.0 to 23.1.0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * re-format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-01 11:31:32 +01:00
Jens Langhammer	ecb1ce8135	core: fix token's set_key accessing data incorrectly also add tests closes #4551 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-27 23:57:35 +01:00

1 2 3 4 5 ...

650 Commits