bcb91d2812
website/docs: 2024.10.2 release notes ( #12025 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-14 16:59:24 +01:00
1f6ae73e6e
website/docs: move S3 ad GeoIP to System Management/Operations ( #11998 )
...
* first pass
* fix links
* oops redirects wrong
* fixed syntax
* Apply suggestions from code review
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
2024-11-12 18:40:34 +00:00
6b155621fe
blueprints: add default Password policy ( #11793 )
...
* add password policy to default password change flow
This change complies with the minimal compositional requirements by
NIST SP 800-63 Digital Identity Guidelines. See
https://pages.nist.gov/800-63-4/sp800-63b.html#password
More work is needed to comply with other parts of the Guidelines,
specifically
> If the chosen password is found on the blocklist, the CSP or verifier
> [...] SHALL provide the reason for rejection.
and
> Verifiers SHALL offer guidance to the subscriber to assist the user in
> choosing a strong password. This is particularly important following
> the rejection of a password on the blocklist as it discourages trivial
> modification of listed weak passwords.
* add docs for default Password policy
* remove HIBP from default Password policy
* add zxcvbn to default Password policy
* add fallback password error message to password policy, fix validation policy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* reword docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* add HIBP caveat
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* separate policy into separate blueprint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use password policy for oobe flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* kiss
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-11-11 13:31:30 +01:00
4f1ddc5779
stages/captcha: Run interactive captcha in Frame ( #11857 )
...
* initial turnstile frame
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add interactive flag
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add interactive support for all
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't hide in identification stage if interactive
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* require less hacky css
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-11 13:20:49 +01:00
556eca2665
website/docs: fix slug matching redirect URI causing broken refresh ( #11950 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-11-07 13:31:43 +01:00
dfb4f86c25
website/docs: clarify traefik ingress setup ( #11938 )
2024-11-06 18:01:20 +00:00
821e296c7e
website/docs: 2024.10.1 Release Notes ( #11926 )
...
* fix API Changes in `2024.10` changelog
* add `2024.10.1` API Changes to changelog
* add changes in `2024.10.1` to changelog
* change `details` to `h3` in changelog
2024-11-05 18:04:14 +01:00
c24b619fb6
website/docs: fix release notes to say Federation ( #11889 )
...
* fix Federation
* typo
* added back should
* slooooow down
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-11-01 13:55:54 -05:00
712e5084c1
website/docs: add info about invalidation flow, default flows in general ( #11800 )
...
* restructure
* tweak
* fix header
* added more definitions
* jens excellent idea
* restructure the Layouts content
* tweaks
* links fix
* links still
* fighting links and cache
* argh links
* ditto
* remove link
* anothe link
* Jens' edit
* listed default flows set by brand
* add links back
* tweaks
* used import for list
* tweak
* rewrite some stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* mangled rebase, fixed
* bump
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-10-31 08:26:51 -05:00
d43940d5d6
website: remove RC disclaimer for version 2024.10 ( #11871 )
2024-10-31 01:31:41 +01:00
f452617f29
website/docs: 2024.8.4 release notes ( #11862 )
...
* website/docs: 2024.8.4 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* typo
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-10-30 20:05:02 +01:00
cace69d6f8
website: 2024.10 Release Notes ( #11839 )
...
* generate diffs and changelog
* add 2024.10 release notes
* reorder release note highlights
* lint website
* reorder release note new features
* reword Kerberos
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* extend JWE description
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
---------
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
Co-authored-by: Jens L. <jens@goauthentik.io >
2024-10-28 16:13:31 +00:00
b533f416b8
website/docs: Update social-logins github ( #11822 )
...
Update index.md
Signed-off-by: Tobias <5702338+T0biii@users.noreply.github.com >
2024-10-28 13:04:54 +01:00
57dc595cfb
website/docs: remove � ( #11823 )
...
remove �
Signed-off-by: Tobias <5702338+T0biii@users.noreply.github.com >
2024-10-28 13:04:38 +01:00
eac3e88126
website/docs: update preview status of different features ( #11817 )
...
* remove preview from RAC
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview page instead of info box
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove preview from rbac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview to gdtc
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add preview to kerberos source
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-10-25 21:37:20 +02:00
9ee0ba141c
stages/identification: add captcha to identification stage ( #11711 )
...
* add captcha to identification stage
* simplify component invocations
* fail fast on `onTokenChange` default behavior
* reword docs
* rename `token` to `captcha_token` in Identification stage contexts
(In Captcha stage contexts the name `token` seems well-scoped.)
* use `nothing` instead of ``` html`` ```
* remove rendered Captcha component from document flow on Identification stages
Note: this doesn't remove the captcha itself, if interactive, only the loading
indicator.
* add invisible requirement to captcha on Identification stage
* stylize docs
* add friendlier error messages to Captcha stage
* fix tests
* make captcha error messages even friendlier
* add test case to retriable captcha
* use default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-10-25 08:13:35 +02:00
70075e6f0a
stages/authenticator_validate: autoselect last used 2fa device ( #11087 )
...
* authenticator_validate: autoselect last used device class
* improve usability of `AuthenticatorValidationStage`
* don't automatically offer the recovery key authenticator validation
I believe this could confuse users more than help them
* web: move mutator block into the `willUpdate` override
Removed the section of code from the renderer that updates the state of the component;
Mutating in the middle of a render is strongly discouraged. This block contains an
algorithm for determining if the selectedDeviceChallenge should be set and how; since
`selectedDeviceChallenge` is a state, we don't want to be changing it outside of those
lifecycle methods that do not trigger a rerender.
* web: move styles() to top of class, extract custom CSS to a named block.
* lint: collapse multiple early returns, missing curly brace.
* autoselect device only once even if the user only has 1 device
* make `DeviceChallenge.last_used` nullable instead of optional
* clarify button text
* fix typo
* add docs for automatic device selection
* update docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
* fix punctuation
---------
Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com >
Co-authored-by: Ken Sternberg <ken@goauthentik.io >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-10-24 09:04:40 +02:00
d817c646bd
sources: add Kerberos ( #10815 )
...
* sources: introduce new property mappings per-user and group
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* sources/ldap: migrate to new property mappings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix and make gen
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* web changes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* remove flatten for generic implem
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* rework migration
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* re-add field migration to property mappings
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix migrations
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more migrations fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* easy fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrate to propertymappingmanager
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* ruff and small fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* move mapping things into a separate class
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrations: use using(db_alias)
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* migrations: use built-in variable
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add release notes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix login reverse
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* refactor source flow manager matching
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* kerberos sync with mode matching
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fixup
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* finish frontend
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Optimised images with calibre/image-actions
* make web
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add test for internal password update
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix sync tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix filter
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* switch to blueprints property mappings, improvements to frontend
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* some more small fixes
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix reverse
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* properly deal with password changes signals
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* actually deal with it properly
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint-fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* blueprints: realm as group: make it non default
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* small fixes and improvements
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix title
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add password backend to default flow
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* link docs page properly, add in admin interface, add suggestions for how to apply changes to a fleet of machines
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add troubleshooting
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix default flow pass backend
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix flaky spnego tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* properly convert gssapi name to python str
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix unpickable types
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* make sure the last server token is returned to the client
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/developer-docs/setup/full-dev-environment.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/browser.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update website/docs/users-sources/sources/protocols/kerberos/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* more docs review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix missing library
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix missing library again
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix web import
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix sync
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix sync v2
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix sync v3
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-10-23 17:58:29 +02:00
cec3fdb612
stages: authenticator_endpoint_gdtc ( #10477 )
...
* rework
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add loading overlay for chrome
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
* save data
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web ui, prevent deletion
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* text fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-10-22 22:46:46 +02:00
1932993b2c
website/docs: fix some broken links ( #11742 )
...
* Update security-hardening.md broken links
Signed-off-by: Norbert Takács <bokker11@hotmail.com >
* Removed extra link
Signed-off-by: Norbert Takács <bokker11@hotmail.com >
* added space back
Signed-off-by: Norbert Takács <bokker11@hotmail.com >
* fix netlify redirects
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* use relative links
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Norbert Takács <bokker11@hotmail.com >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-10-21 09:54:14 -05:00
47206d3328
providers/oauth2: add initial JWE support ( #11344 )
...
* providers/oauth2: add initial JWE support
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate, only set id_token_encryption_* when encryption key is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add jwks test with encryption
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-10-17 14:04:19 +02:00
89f251d559
tests/e2e: add forward auth e2e test ( #11374 )
...
* add nginx forward_auth e2e tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add envoy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove even more duplicate code
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add traefik static config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more cleanup, don't generate dex config cause they support env variables
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use default dex entrypoint to use templating
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove options that are always set as default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix compose flag
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add caddy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* merge python files
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use whoami api to check better
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix envoy config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set invalidation flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix logout checks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-10-16 18:01:59 +02:00
f531dd9520
website/docs: Fix websocket default config for nginx proxy manager ( #11621 )
...
* Comment out problematic config at _nginx_proxy_manager.md
Resolves:
- https://github.com/goauthentik/authentik/issues/10010
- https://github.com/goauthentik/authentik/discussions/7323
- https://github.com/goauthentik/authentik/issues/11453
- https://www.reddit.com/r/Authentik/comments/1c5sf6l/authentik_with_nginx_proxy_manager_not_possible/
Signed-off-by: Mahmoud AlyuDeen <mahmoudalyudeen@gmail.com >
* Add working websocket configuration for nginx-proxy-manager.
Signed-off-by: Mahmoud AlyuDeen <mahmoudalyudeen@gmail.com >
* remove commented out settings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Mahmoud AlyuDeen <mahmoudalyudeen@gmail.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-10-16 17:02:02 +02:00
2897c2313d
website/docs: rewrote too long sentence ( #11696 )
...
rewrote too long sentence
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-10-16 15:52:52 +02:00
752796a6d7
website/docs: fix SkipObject exception ( #11632 )
2024-10-14 15:46:36 +02:00
5b66dbe890
flows: provider invalidation ( #5048 )
...
* add initial
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add web stage for session end
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* migrate saml and tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* group flow settings when providers have multiple flows
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* adjust name for default provider invalidation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-make migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add invalidation_flow to saml importer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-do migrations again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update web stuff to get rid of old libraries
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make unbind flow for ldap configurable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix flow inspector
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* handle invalidation_flow as optional, as it should be
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also fix ldap outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't generate URL in client
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually make it work???
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migration breaking things...?
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start fixing tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix fallback
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix duplicate flow setting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix race condition with brand
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix oauth test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix SAML tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to wizard, fix required
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make required, start release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-10-14 15:35:12 +02:00
dec1014eb1
website/docs: upgrade: make it clear downgrading is not support ( #11523 )
2024-10-10 17:58:33 +02:00
6d5172d18a
website: latest PR for new Docs structure ( #11639 )
...
* first pass
* dependency shenanigans
* move blueprints
* few broken links
* change config the throw errors
* internal file edits
* fighting links
* remove sidebarDev
* fix subdomain
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix relative URL
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix mismatched package versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix api reference build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test tweak
* links hell
* more links hell
* links hell2
* yep last of the links
* last broken link fixed
* re-add cves
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add devdocs redirects
* add dir
* tweak netlify.toml
* move latest 2 CVES into dir
* fix links to moved cves
* typoed title fix
* fix link
* remove banner
* remove committed api docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* integrations: remove version dropdown
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update Makefile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* change doc links in web as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* ci: require ci-web.build for merging
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "ci: require ci-web.build for merging"
This reverts commit b99a4842a9jens@goauthentik.io >
* remove explicit index.md
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove mdx first
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* then remove .md
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing prefix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-10-09 09:33:40 -05:00
6b2fced1b9
Revert "website: latest migration to new structure" ( #11634 )
...
Revert "website: latest migration to new structure (#11522 )"
This reverts commit 9a89a5f94b
2024-10-09 00:30:50 +02:00
9a89a5f94b
website: latest migration to new structure ( #11522 )
...
* first pass
* dependency shenanigans
* move blueprints
* few broken links
* change config the throw errors
* internal file edits
* fighting links
* remove sidebarDev
* fix subdomain
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix relative URL
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix mismatched package versions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix api reference build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test tweak
* links hell
* more links hell
* links hell2
* yep last of the links
* last broken link fixed
* re-add cves
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add devdocs redirects
* add dir
* tweak netlify.toml
* move latest 2 CVES into dir
* fix links to moved cves
* typoed title fix
* fix link
* remove banner
* remove committed api docs
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* integrations: remove version dropdown
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Update Makefile
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* change doc links in web as well
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix some more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix more docs paths
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* ci: require ci-web.build for merging
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Revert "ci: require ci-web.build for merging"
This reverts commit b99a4842a9jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Tana M Berry <tana@goauthentik.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-10-08 14:07:19 -05:00
17d666670a
website/docs: update wording for events that occur when too many users exist ( #11547 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-28 20:33:27 -04:00
384ca87aad
website: update release notes for 2024.8.3 and 2024.6.5 ( #11541 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-27 16:27:11 +02:00
ba28e6de41
security: fix CVE-2024-47070 ( #11536 )
...
* security: fix CVE-2024-47070
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/security/CVE-2024-47070.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-09-27 16:18:37 +02:00
97a36b6c4e
security: fix CVE-2024-47077 ( #11535 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-27 16:17:07 +02:00
4fd8b3c532
sources/ldap: fix mapping check, fix debug endpoint ( #11442 )
...
* run connectivity check always
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't run sync if either sync_ option is enabled and no mappings are set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* misc label fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* misc writing changse
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add api validation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix debug endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-24 18:39:05 +02:00
27380e9903
website/docs: use a more consistent version requirement notice ( #11400 )
...
* website/docs: use a more consistent version requirement notice
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* adjust colours
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some anchors
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-23 17:42:17 +02:00
bb56c4fa49
website/docs: upgrade: fix helm command ( #11403 )
2024-09-17 12:56:40 +02:00
f0ec7511cf
website/docs: prepare release notes for 2024.8.2 ( #11394 )
2024-09-16 14:11:09 +02:00
aa1277f700
website/docs: added info about creating super-users ( #11356 )
...
added info about super-users
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-09-12 15:33:00 -05:00
dbff42a338
flows: include Outpost instance in flow context and save in login event ( #11318 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-11 12:56:13 +02:00
dee7e12669
website/docs: prepare 2024.8.1 release notes ( #11265 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-07 18:03:35 +02:00
710809a9ef
core: fix missing argument name escaping for property mapping ( #11231 )
...
* escape property mapping args
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve display of error
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error handling, missing dry_run argument
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use different sanitisation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-06 16:42:24 +02:00
2cceec66fa
website/docs: add note about terraform provider ( #11206 )
...
* website/docs: add note about terraform provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update website/docs/releases/2024/v2024.8.md
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-09-04 19:49:39 +02:00
6bc4877702
website/docs: update release notes ( #11151 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-09-02 15:01:33 +02:00
141cfe75d8
websites/docs: minor tweaks to rel notes ( #11123 )
...
* minor tweaks to rel notes
* tweak
* again
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-08-29 21:28:18 +02:00
a3a13d265b
website/docs: fix outdated docs and typos ( #11020 )
...
* fix typo
* fix out of date docs on Go client
* remove completed issue from known issues list
* fix typo
2024-08-29 16:12:31 +02:00
6faa250574
website/docs: 2024.8 release notes: reword group sync disable and fix… ( #11103 )
2024-08-29 01:22:29 +02:00
c8e4b187b8
website/docs: add info about external users ( #11106 )
...
* add info about external users
* Ken edit
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com >
2024-08-28 17:37:34 -05:00
98acca896a
website/docs: a couple of minor rewrite things ( #11099 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-08-28 12:38:43 -05:00
17fb90e0af
website/docs: fix nginx ingress auth-signin example ( #11096 )
...
Signed-off-by: Diego Monti <diegmonti@users.noreply.github.com >
2024-08-28 08:52:54 -05:00
