habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,544 Commits 205 Branches 395 Tags
e0b06bc4decd338820c85db03e6ea97b6449bb55
Commit Graph

150 Commits

Author SHA1 Message Date
Jens Langhammer
affbf85699 internal: don't attempt to lookup SNI Certificate if no SNI is sent 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-09 12:33:25 +01:00
Jens L
4343246a41 *: rename akprox to outpost.goauthentik.io (#2266) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 20:25:38 +01:00
Jens Langhammer
7088a6b0e6 providers/proxy: fix Host/:Authority not being modified 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-08 16:30:26 +01:00
Jens Langhammer
e758995458 providers/proxy: improve error handling for invalid backend_override 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-07 19:59:06 +01:00
Jens Langhammer
654e0d6245 providers/proxy: fix nil error in claims 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-03 17:58:38 +01:00
Jens Langhammer
f5cc6c67ec providers/proxy: fix routing for external_host when using forward_auth_domain 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2180
 2022-02-01 10:14:46 +01:00
Jens Langhammer
6021fc0f52 providers/proxy: fix backend override persisting for other users 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-30 22:29:34 +01:00
Jens Langhammer
7fd6be5abb providers/proxy: add backend_override 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-30 21:35:08 +01:00
Jens Langhammer
67d550a80d providers/proxy: don't include hostname and scheme in redirect when we only got a path and not a full URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-27 18:23:08 +01:00
Jens Langhammer
ebb5711c32 providers/proxy: add support for X-Original-URI in nginx, better handle missing headers and report errors to authentik 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-27 18:14:02 +01:00
Jens Langhammer
96ae68cf09 internal: make error message less confusing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-25 15:45:21 +01:00
Jens Langhammer
63b3434b6f website/docs: improve nginx examples 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-25 14:25:21 +01:00
Jens Langhammer
1c2b452406 outposts/proxy: fix potential empty redirect, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2141
 2022-01-25 10:57:53 +01:00
Jens Langhammer
650e2cbc38 internal: remove duplicate log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:25:35 +01:00
Jens Langhammer
b32800ea71 outposts/proxy: trace full headers to debug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:08:31 +01:00
Jens Langhammer
e1c0c0b20c internal: don't override server header 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 22:05:11 +01:00
Jens Langhammer
ef335ec083 outposts/proxy: add more test cases for domain-level auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 21:41:15 +01:00
Jens Langhammer
07b09df3fe internal: add more outpost tests, add support for X-Original-URL 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 20:50:13 +01:00
Jens Langhammer
e70e031a1f internal: start adding tests to outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 20:12:25 +01:00
Jens Langhammer
1dce408c72 internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-24 09:30:33 +01:00
Jens Langhammer
af3fb5c2cd internal: use math.MaxInt for compatibility 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1819
 2022-01-21 23:11:17 +01:00
Jens Langhammer
3bfb8b2cb2 outposts/proxyv2: allow access to /akprox urls in forward auth mode to make routing in nginx/traefik easier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 13:43:16 +01:00
Jens Langhammer
9fc5ff4b77 outposts/proxyv2: fix JWKS url pointing to localhost on embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-21 13:29:51 +01:00
Jens Langhammer
41e7b9b73f outposts/proxyv2: fix before-redirect url not being saved in proxy mode 
closes #2109

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-19 19:16:30 +01:00
Jens Langhammer
7f47f93e4e internal: cleanup log messages 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-19 19:01:24 +01:00
Jens Langhammer
14c7d8c4f4 internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2079
 2022-01-18 23:19:43 +01:00
Jens Langhammer
c07b8d95d0 outposts/proxy: remove deprecated headers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 17:01:23 +01:00
Jens Langhammer
ececfc3a30 internal: fix comment formatting for TODOs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-07 09:51:41 +01:00
Jens Langhammer
c741c13132 internal: fix listen attempt on shutdown 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-03 12:36:11 +01:00
Jens Langhammer
f246da6b73 outposts/proxy: fix error checking for type assertion 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-26 14:57:32 +01:00
Jens Langhammer
410d1b97cd outposts/proxy: add support for multiple states, when multiple requests are redirect at once 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-26 14:16:02 +01:00
Jens Langhammer
b3ba083ff0 internal: cleanup logging, remove duplicate code 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 10:33:21 +01:00
Jens Langhammer
22a8603892 internal: add custom proxy certificates support to embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-22 10:16:01 +01:00
Jens Langhammer
ba55538a34 outposts/proxy: cleanup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 19:16:06 +01:00
Jens Langhammer
f742c73e24 outposts/proxy: fix allowlist for forward_auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1970
 2021-12-21 15:49:25 +01:00
Jens Langhammer
b932b6c963 website/docs: update log levels 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 13:15:17 +01:00
Jens Langhammer
3c048a1921 outposts/proxy: fix session not expiring correctly due to miscalculation 
closes #1976

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 13:10:57 +01:00
Jens Langhammer
f10b57ba0b outposts/proxy: handle redirect loop in start handler, show error message 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-21 10:07:08 +01:00
Jens Langhammer
eca2ef20d0 outposts/proxy: add initial redirect-loop prevention 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 22:21:53 +01:00
Jens Langhammer
cac5c7b3ea outposts/proxy: make templates more re-usable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 22:20:23 +01:00
Jens Langhammer
37ee555c8e outposts/proxy: fix ping URI not being routed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 22:12:02 +01:00
Jens Langhammer
c843f18743 lib: add additional celery logger to sentry ignore 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 21:04:45 +01:00
Jens Langhammer
68637cf7cf outposts: handle/ignore http Abort handler 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-20 19:42:45 +01:00
Jens Langhammer
7a73ddfb60 outposts/proxy: match skipPathRegex against full URL on domain auth 
closes #1955

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-18 15:50:42 +01:00
Jens L
95bce9c9e7 outposts: release binary outposts (#1954) 
* outposts/proxy: always embed static assets, still check local

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: add initial ci to build outpost as binary

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: fix typo, build web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: upload to release on publish, only run linux on ci

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: ensure latest go is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: split e2e tests into two halves

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-17 19:49:32 +00:00
Jens Langhammer
7d6e88061f outposts: check if hub from context is set and fallback 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-16 11:19:57 +01:00
Jens Langhammer
f8aab40e3e internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-16 11:00:19 +01:00
Jens Langhammer
5f0f4284a2 web/admin: fix rendering for applications on view page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 15:27:28 +01:00
Jens Langhammer
c11be2284d outposts/proxy: also set max length for redis backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 15:05:55 +01:00
Jens Langhammer
aa321196d7 outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-13 13:33:20 +01:00