|
|
65517f3b7f
|
enterprise/stages: Add MTLS stage (#14296)
* prepare client auth with inbuilt server
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* introduce better IPC auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* init
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only allow trusted proxies to set MTLS headers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more stage progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dont fail if ipc_key doesn't exist
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually install app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add some tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix unquote
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix int serial number not jsonable
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* init ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* unrelated: fix git pull in makefile
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix parse helper
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add test for outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more tests and improvements
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve labels
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add support for multiple CAs on brand
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add support for multiple CAs to MTLS stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dont log ipcuser secret views
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix go mod
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2025-05-19 22:48:17 +02:00 |
|
|
|
ad3820c11c
|
providers/proxy: fix panic, keep session storages open (#11439)
* fix panic when redis connection fails
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-use session when refreshing apps
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2024-09-19 23:05:58 +02:00 |
|
|
|
1b285f85c0
|
outposts: implement general paginator for list API requests (#10619)
* outposts: implement general paginator
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate LDAP
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* change main outpost refresh logic to use paginator everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add comments to understand anything
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually use paginator everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2024-07-29 22:14:18 +02:00 |
|
|
|
21e29744c2
|
providers/proxy: different cookie name based on hashed client id (#4666)
|
2023-02-12 16:34:57 +01:00 |
|
|
|
0ddcefce80
|
outposts/proxy: cache basic and bearer credentials for one minute
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-01-14 22:12:48 +01:00 |
|
|
|
b6267fdf28
|
*: add versioned user agent to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-06-20 11:54:10 +02:00 |
|
|
|
deebdf2bcc
|
outposts: fix unlabeled transaction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-12-12 13:46:31 +01:00 |
|
|
|
4d51ec906d
|
internal/proxyv2: improve error handling when configuring app
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-10-13 21:48:11 +02:00 |
|
|
|
a6a6b3bd06
|
outposts: add outpost_name label to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-16 10:04:17 +02:00 |
|
|
|
2983adc719
|
outpost/proxyv2: fix redirect to localhost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 21:07:16 +02:00 |
|
|
|
3c1b70c355
|
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-09-08 18:04:56 +00:00 |
|
