|
|
b69e55eae9
|
core: Add support for auto generating unique avatars based on the user's initials (#4663)
|
2023-02-12 16:35:17 +01:00 |
|
|
|
af43330fd6
|
providers/oauth2: rework OAuth2 Provider (#4652)
* always treat flow as openid flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve issuer URL generation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refactoring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update introspection
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refinement
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more things, update api
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* regen migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start updating tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix implicit flow, auto set exp
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix timeozone not used correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix revoke
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more timezone shenanigans
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix userinfo tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix proxy outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix api tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing at_hash for implicit flows
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-include at_hash in implicit auth flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use folder context for outpost build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-09 20:19:48 +01:00 |
|
|
|
a7cf454760
|
web/admin: add notice for user_login stage session cookie behaviour
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-08 14:18:52 +01:00 |
|
|
|
7a85038c11
|
website/docs: prepare 2023.2 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-07 22:52:29 +01:00 |
|
|
|
3170b2f92c
|
providers/proxy: add token support for basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-07 22:50:49 +01:00 |
|
|
|
547c01f481
|
website/docs: update Caddy docs to include HTTPS proxying (#4316)
Update Caddy documentation to include HTTPS proxying
Signed-off-by: Melvin Snijders <mail@melvinsnijders.nl>
|
2023-02-03 14:43:13 +01:00 |
|
|
|
7d4ce41e12
|
providers/proxy: outpost wide logout implementation (#4605)
* initial outpost wide logout implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* handle deserialize error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix file cleanup, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-02 21:18:59 +01:00 |
|
|
|
cadb710c38
|
website/docs: add troubleshooting for CSRF
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-02-02 11:09:03 +01:00 |
|
|
|
c2b4d14af5
|
website/docs: Add note for firefox about FIDO and TouchID (#4552)
* docs(passwordless): Make sure to include a warning
Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com>
* add notice for firefox touchID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Skyler Mäntysaari <samip5@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-28 22:45:51 +01:00 |
|
|
|
b99afd82b2
|
stages/user_write: fix migration setting wrong value, fix form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-23 14:38:26 +01:00 |
|
|
|
446dc0a17b
|
website/docs: prepare 2023.1.1
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-20 14:25:20 +01:00 |
|
|
|
3a59b75f4a
|
website/docs: update ldap provider docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-20 11:46:57 +01:00 |
|
|
|
98485c528e
|
ci: build beta for amd64 and arm64 (#4468)
* ci: build for arm64, but independently
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add notice to beta
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-19 21:41:56 +01:00 |
|
|
|
59be3c7746
|
website/docs: add docs for validating phone numbers before SMS enrollment
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-19 17:57:52 +01:00 |
|
|
|
97acc77e0a
|
website/docs: update 2023.1 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 15:25:58 +01:00 |
|
|
|
eb1e0427c1
|
website/docs: add missing user uid field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-18 15:22:06 +01:00 |
|
|
|
23c69c456a
|
providers/proxy: add setting to intercept authorization header (#4457)
* add setting to intercept authorization header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to intercept_header_auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-17 18:56:48 +01:00 |
|
|
|
c73fce4f58
|
sources/ldap: manual import (#4456)
* events: fix task UID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ldap sync command
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-17 12:21:33 +01:00 |
|
|
|
19ee98b36d
|
outposts/proxy: allow setting no-redirect via header or query param
closes #4455
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-17 10:56:43 +01:00 |
|
|
|
07767c9376
|
website/docs: add disclaimer to beta page that downgrade isn't supported
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-16 10:44:42 +01:00 |
|
|
|
d31e566873
|
outposts/proxy: add header to prevent redirects
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 22:18:25 +01:00 |
|
|
|
b6b97f4706
|
website/docs: update 2023.1 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-13 16:32:34 +01:00 |
|
|
|
cd12e177ea
|
providers/proxy: add initial header token auth (#4421)
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* check for openid/profile claims
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include jwks sources in proxy provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add web ui for jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only show sources with JWKS data configured
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix introspection tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start basic
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add basic auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs, update admonitions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add client_id to api, add tab for auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-13 16:22:03 +01:00 |
|
|
|
d3e2f41561
|
website/docs: fix typo
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-09 13:13:41 +01:00 |
|
|
|
bec538c543
|
sources/ldap: make task timeout adjustable
closes #4375
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-06 12:37:59 +01:00 |
|
|
|
2604dc14fe
|
providers/ldap: add code-MFA support for ldap provider (#4354)
* add code support for ldap provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* only try to extract code when auth validator stage is encountered
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use parseint instead
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-05 18:32:06 +01:00 |
|
|
|
a960ce9454
|
stages/user_write: add more user creation options (#4367)
* add more user creation options
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update blueprints and docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-05 15:46:20 +01:00 |
|
|
|
e6b5810e03
|
polices/hibp: remove deprecated (#4363)
* remove hibp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't save event matcher apps in migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs, update some phrasing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-05 13:19:26 +01:00 |
|
|
|
ed3f36e72a
|
website/docs: update redirect docs
closes #4248
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-05 12:38:38 +01:00 |
|
|
|
1efc7eecbf
|
website/docs: add metrics for monitoring and metrics
closes #4308
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-04 20:49:35 +01:00 |
|
|
|
dc1359a763
|
providers/saml: initial SLO implementation (#2346)
* providers/saml: initial SLO implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/saml: add logout request tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/saml: add tests for POST SLO
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* matrix e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* set e2e matrix name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* separate oidc and oauth tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add basic saml slo e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add better metadata download url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* kinda prepare release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* sort releases into folders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add slo urls to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix linking
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-04 19:45:31 +01:00 |
|
|
|
c4bb51469b
|
website/docs: prepare 2022.12.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-04 10:15:15 +01:00 |
|
|
|
82184b2882
|
web/flows: fix alternate captchas not loading
closes #4321
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2023-01-01 18:49:41 +01:00 |
|
|
|
c8bd0fbb1c
|
website/docs: prepare 2022.12.1 release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-29 23:59:05 +01:00 |
|
|
|
c99798b1f2
|
website/docs: update release notes, remove duplicate files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-29 23:28:15 +01:00 |
|
|
|
0e6400bfea
|
web/admin: improve user/group UX for adding/removing users to and from groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-28 12:55:38 +01:00 |
|
|
|
b16d1134ea
|
core: add endpoints to add/remove users from group atomically
closes #4252
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-28 10:50:30 +01:00 |
|
|
|
1615723f10
|
website/docs: update release notes for 2022.12
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-27 14:10:38 +01:00 |
|
|
|
f9b46145de
|
website/docs: Clarify request.user and add link to Django docs (#4287)
* Clarify request.user and add link to doc
Signed-off-by: sev <git@sev.monster>
* rephrase a bit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: sev <git@sev.monster>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-27 14:10:30 +01:00 |
|
|
|
7046944bf6
|
website: link CVE and attribute reporter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-25 14:17:17 +01:00 |
|
|
|
716584bbae
|
website: update release notes for CVEs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-23 14:21:02 +01:00 |
|
|
|
9f846d94be
|
security: fix CVE 2022 23555 (#4274)
* add flow to invitation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* show warning on invitation page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add security advisory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-23 14:13:49 +01:00 |
|
|
|
84fbeb5721
|
security: fix CVE 2022 46172 (#4275)
* fallback to current user in user_write, add flag to disable user creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update api and web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add cve post to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-23 14:12:58 +01:00 |
|
|
|
42c278b4f8
|
root: migrate to hosted sentry with rate-limited DSN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-23 11:18:26 +01:00 |
|
|
|
c635487210
|
blueprints: better OCI support in UI (#4263)
use oci:// prefix to detect oci blueprint, add UI support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-22 18:49:25 +01:00 |
|
|
|
28eb7c03fa
|
website/developer-docs: add templates for announcing fixed security release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-22 16:13:21 +01:00 |
|
|
|
423776c7a2
|
website/docs: prepare 2022.12 release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-21 21:58:57 +01:00 |
|
|
|
609f95ac97
|
providers: add preview for mappings (#4254)
* preview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: show provider page on application page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use oauth2 end session url instead of direct interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* dont show provider page on application page for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add UI for preview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* translate and release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* separate saml api files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-21 12:13:11 +01:00 |
|
|
|
f4990bb5da
|
core: bundle geoip (#4250)
* bundle geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* correctly pass secrets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add geoip docs and release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-20 22:09:30 +01:00 |
|
|
|
9d5b9204fc
|
web/admin: rework markdown, correctly render Admonitions, fix links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-19 12:48:02 +01:00 |
|
