* main:
website/docs: add more info and links about enforciing unique email addresses (#9154)
core: bump goauthentik.io/api/v3 from 3.2024022.7 to 3.2024022.8 (#9215)
web: bump API Client version (#9214)
stages/authenticator_validate: add ability to limit webauthn device types (#9180)
web: bump API Client version (#9213)
core: add user settable token durations (#7410)
core, web: update translations (#9205)
web: bump typescript from 5.4.4 to 5.4.5 in /tests/wdio (#9206)
web: bump chromedriver from 123.0.2 to 123.0.3 in /tests/wdio (#9207)
core: bump sentry-sdk from 1.44.1 to 1.45.0 (#9208)
web: bump typescript from 5.4.4 to 5.4.5 in /web (#9209)
website: bump typescript from 5.4.4 to 5.4.5 in /website (#9210)
core: bump python from 3.12.2-slim-bookworm to 3.12.3-slim-bookworm (#9211)
* main:
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9194)
translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9197)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9196)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9198)
web: preserve selected list when provider updates (#9200)
web: bump API Client version (#9195)
sources/oauth: make URLs not required, only check when no OIDC URLs are defined (#9182)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: preserve selected list when provider updates
The impulse to preserve the functionality of the system given a change of provider was... admirable,
but unnecessary in this case. A premature optimization that doesn't make a difference. Observations:
1. change from the client will bring a new `selected`. But changes from the outside shouldn't happen
once the interactive experience is "settled."
2. the client is perfectly capable of listening to the `change` event and reading the content of the
value list for selecteds. If the client is going to change the provider, it should provide the
most up-to-date copy of selecteds as well.
3. We set the selecteds from two locations: from the client on start-up, and from the "selected"
pane during user interaction. Anything more is risk. I shouldn't have taken that risk.
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: fix application display length and capability
The User Application Library only shows the top 100 applications. This patch
strips what is passed out of the API fetch down to the bare minimum: the list of
applications. No pagination, no search strings, none of the items returned by
the API other than the application. It then fetches multiple pages of 100
until the user's Application list is exhausted, presenting the entire list to
the user.
The fetches are done simultaneously; a user with a thousand applications, if one
should exist, would start 9 downloads in parallel. The first fetch analyzes the
page count to determine how many *more* must be started, then starts them. This
should make an interesting stress-test.
Failures at the Django end are not well-handled, but then they have never been
well-handled. At best, the page is blank and the browser console will contain a
cryptic error message. That isn't fixed this time around, but it probably should
be.
This patch will have no effect until the [application pagination
bug](https://github.com/goauthentik/authentik/issues/9093) is fixed.
* Prettier has opinions.
* attempt to fix backend pagination
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make page_number optional
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* main: (25 commits)
root: fix readme (#9178)
enterprise: fix audit middleware import (#9177)
web: bump @spotlightjs/spotlight from 1.2.16 to 1.2.17 in /web in the sentry group (#9162)
web: bump API Client version (#9174)
stages/authenticator_webauthn: add MDS support (#9114)
website/integrations: Update Nextcloud OIDC secret size limitation (#9139)
translate: Updates for file web/xliff/en.xlf in zh_CN (#9170)
translate: Updates for file web/xliff/en.xlf in zh-Hans (#9171)
web: bump the rollup group in /web with 3 updates (#9164)
web: bump @codemirror/legacy-modes from 6.3.3 to 6.4.0 in /web (#9166)
web: bump ts-pattern from 5.1.0 to 5.1.1 in /web (#9167)
core: bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 (#9168)
core, web: update translations (#9156)
root: fix redis username in lifecycle (#9158)
web: ak-checkbox-group for short, static, multi-select events (#9138)
root: fix startup (#9151)
core: Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#9146)
core: Bump twilio from 9.0.3 to 9.0.4 (#9143)
web: Bump country-flag-icons from 1.5.10 to 1.5.11 in /web (#9144)
web: Bump typescript from 5.4.3 to 5.4.4 in /web (#9145)
...
web: bump @spotlightjs/spotlight in /web in the sentry group
Bumps the sentry group in /web with 1 update: @spotlightjs/spotlight.
Updates `@spotlightjs/spotlight` from 1.2.16 to 1.2.17
---
updated-dependencies:
- dependency-name: "@spotlightjs/spotlight"
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: sentry
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
