e2dbab5bca
security: fix CVE-2024-37905 (cherry-pick #10230 ) ( #10238 )
...
security: fix CVE-2024-37905 (#10230 )
Co-authored-by: Jens L <jens@goauthentik.io >
2024-06-26 19:28:55 +09:00
3a6c42fefb
security: fix CVE-2024-38371 (cherry-pick #10229 ) ( #10235 )
...
* security: fix CVE-2024-38371 (#10229 )
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-06-26 19:02:30 +09:00
6bb180f94e
release: 2024.2.3
2024-04-17 13:19:15 +02:00
03dea17519
events: fix incorrect user logged when using API token authentication ( #9302 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# authentik/events/middleware.py
# authentik/events/tests/test_middleware.py
2024-04-17 00:21:26 +02:00
49d83f11bd
lifecycle: migrate: ensure template schema exists before migrating (cherry-pick #8952 ) ( #9022 )
...
lifecycle: migrate: ensure template schema exists before migrating (#8952 )
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-03-25 13:41:50 +01:00
5f0af81e4d
website/docs: config: remove options moved to tenants (cherry-pick #8976 ) ( #8977 )
...
website/docs: config: remove options moved to tenants (#8976 )
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-03-20 14:28:43 +00:00
63591e1710
events: discard notification if user has empty email (cherry-pick #8938 ) ( #8951 )
...
events: discard notification if user has empty email (#8938 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-18 12:01:46 +01:00
6503a7b048
stages/user_write: ensure user data is json-serializable (cherry-pick #8926 ) ( #8928 )
...
stages/user_write: ensure user data is json-serializable (#8926 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-15 18:06:31 +01:00
7e244e0679
enterprise/rac: fix connection token management (cherry-pick #8909 ) ( #8912 )
...
enterprise/rac: fix connection token management (#8909 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-14 20:10:42 +01:00
c1998bf3f2
api: capabilities: properly set can_save_media when s3 is enabled (cherry-pick #8896 ) ( #8897 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-03-13 17:13:52 +00:00
83372618a8
tenants: really ensure default tenant cannot be deleted (cherry-pick #8875 ) ( #8876 )
...
tenants: really ensure default tenant cannot be deleted (#8875 )
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-03-11 18:00:30 +01:00
89a876e141
stages/email: fix issue when sending emails to users with same display as email (cherry-pick #8850 ) ( #8852 )
...
stages/email: fix issue when sending emails to users with same display as email (#8850 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-08 16:07:30 +01:00
26d6e8bc5c
stages/email: Disable autoescape for text templates (cherry-pick #8812 ) ( #8824 )
...
stages/email: Disable autoescape for text templates (#8812 )
* Disable autoescape for text templates
* Re-add trailing whitespace after seperator
Co-authored-by: Chasethechicken <neuringe1234@gmail.com >
2024-03-06 17:53:53 +01:00
d9dc373170
enterprise: only check for valid license existing for creating Enterprise objects (cherry-pick #8813 ) ( #8822 )
...
enterprise: only check for valid license existing for creating Enterprise objects (#8813 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-06 12:08:54 +01:00
4ec37c5239
release: 2024.2.2
2024-03-04 20:20:25 +01:00
a9cfa6fe35
root: enable virtualenv for test-all command
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-03-04 20:20:21 +01:00
5ac5084149
flows: fix mismatched redirect behaviour for invalid and valid flows (cherry-pick #8794 ) ( #8796 )
...
flows: fix mismatched redirect behaviour for invalid and valid flows (#8794 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-04 18:56:50 +01:00
eda38a30b1
providers/oauth2: fix validation ordering (cherry-pick #8793 ) ( #8795 )
...
providers/oauth2: fix validation ordering (#8793 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-04 18:56:43 +01:00
9b84bf7174
website/docs: installation: kubernetes: fix values (cherry-pick #8783 ) ( #8792 )
...
website/docs: installation: kubernetes: fix values (#8783 )
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-03-04 13:56:24 +01:00
f74549be6d
root: ensure consistent install_id (cherry-pick #8775 ) ( #8776 )
...
Co-authored-by: Jens L <jens@goauthentik.io >
2024-03-01 18:39:44 +01:00
76f4d7fb0a
web/admin: don't mark remaining property mappings as required (cherry-pick #8772 ) ( #8773 )
...
web/admin: don't mark LDAP group property mappings as required (#8772 )
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-03-01 13:57:47 +01:00
d1cf1dd083
web/admin: don't mark property mappings as required anywhere (cherry-pick #8752 ) ( #8755 )
...
web/admin: don't mark property mappings as required anywhere (#8752 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-29 18:35:40 +01:00
2835fbd390
ci: fix missing output on composite action (cherry-pick #8741 ) ( #8742 )
...
ci: fix missing output on composite action (#8741 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-28 23:14:08 +01:00
76ad2c8925
stages/authenticator_webauthn: fix error when enrolling new device (cherry-pick #8738 ) ( #8740 )
...
stages/authenticator_webauthn: fix error when enrolling new device (#8738 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-28 22:48:24 +01:00
2270629fdc
website/docs: s3: fix migration docs (cherry-pick #8735 ) ( #8737 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
fix migration docs (#8735 )
2024-02-28 17:03:38 +00:00
43a629efc1
providers/oauth2: fix offline_access requests when prompt doesn't include consent (cherry-pick #8731 ) ( #8732 )
...
Co-authored-by: Jens L <jens@goauthentik.io >
fix offline_access requests when prompt doesn't include consent (#8731 )
2024-02-28 17:09:18 +01:00
4044e52403
ci: fix missing DOCKER_USERNAME secret (cherry-pick #8730 ) ( #8733 )
...
Co-authored-by: Jens L <jens@goauthentik.io >
fix missing DOCKER_USERNAME secret (#8730 )
2024-02-28 14:46:50 +00:00
aa7c846467
ci: fix missing DOCKER_USERNAME secret ( #8730 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-02-28 15:26:58 +01:00
8ab7f4073b
ci: do not push docker image if fork ( #8724 )
2024-02-28 15:26:53 +01:00
a05856c2ef
root: fix container build (cherry-pick #8727 ) ( #8728 )
...
Co-authored-by: Jens L <jens@goauthentik.io >
fix container build (#8727 )
2024-02-28 13:30:12 +00:00
9e9154e04a
enterprise: force license usage update after change to license (cherry-pick #8723 ) ( #8725 )
...
enterprise: force license usage update after change to license (#8723 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-28 13:06:40 +01:00
32549066c0
website/docs: s3: fix environment variables (cherry-pick #8722 ) ( #8726 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
fix environment variables (#8722 )
2024-02-28 11:42:26 +00:00
5ed3e879a2
enterprise: fix read_only activating when no license is installed (cherry-pick #8697 ) ( #8698 )
...
enterprise: fix read_only activating when no license is installed (#8697 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-26 18:59:18 +01:00
4e4923ad0e
core: fix blueprint export (cherry-pick #8695 ) ( #8696 )
...
core: fix blueprint export (#8695 )
* core: fix error when exporting blueprint
* also slightly reword source selection
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-26 13:04:54 +01:00
0302d147e9
providers/oauth2: fix inconsistent sub value when setting via mapping (cherry-pick #8677 ) ( #8682 )
2024-02-25 18:32:16 +01:00
8256f1897d
release: 2024.2.1
2024-02-22 15:26:14 +01:00
16d321835d
brands: fix context processor when request doesn't have a tenant (cherry-pick #8643 ) ( #8646 )
...
brands: fix context processor when request doesn't have a tenant (#8643 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-22 12:47:39 +01:00
f34612efe6
events: sanitize args and kwargs saved in system tasks (cherry-pick #8644 ) ( #8648 )
...
events: sanitize args and kwargs saved in system tasks (#8644 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-22 12:47:30 +01:00
e82f147130
ci: fix missing tags from release (cherry-pick #8645 ) ( #8647 )
...
Co-authored-by: Jens L <jens@goauthentik.io >
fix missing tags from release (#8645 )
2024-02-22 11:10:37 +00:00
0ea6ad8eea
core: bump cryptography from 42.0.2 to 42.0.4 ( #8629 )
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 42.0.2 to 42.0.4.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/42.0.2...42.0.4 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-22 11:50:30 +01:00
f731443220
core: bump cryptography from 42.0.0 to 42.0.2 ( #8553 )
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 42.0.0 to 42.0.2.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/42.0.0...42.0.2 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-22 11:50:25 +01:00
b70a66cde5
core: bump black from 24.1.1 to 24.2.0 ( #8524 )
...
Bumps [black](https://github.com/psf/black ) from 24.1.1 to 24.2.0.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/24.1.1...24.2.0 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-22 11:49:54 +01:00
b733dbbcb0
core: bump cbor2 from 5.5.1 to 5.6.2 ( #8607 )
...
Bumps [cbor2](https://github.com/agronholm/cbor2 ) from 5.5.1 to 5.6.2.
- [Release notes](https://github.com/agronholm/cbor2/releases )
- [Changelog](https://github.com/agronholm/cbor2/blob/master/docs/versionhistory.rst )
- [Commits](https://github.com/agronholm/cbor2/compare/5.5.1...5.6.2 )
---
updated-dependencies:
- dependency-name: cbor2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-22 11:48:34 +01:00
e34d4c0669
stages/authenticator_validate: fix error with get_webauthn_challenge_without_user (cherry-pick #8625 ) ( #8626 )
...
stages/authenticator_validate: fix error with get_webauthn_challenge_without_user (#8625 )
* stages/authenticator_validate: fix error with get_webauthn_challenge_without_user
* fix tests
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-21 19:19:53 +01:00
310983a4d0
release: 2024.2.0
2024-02-21 15:34:56 +01:00
47b0fc86f7
web/flows: fix webauthn retry (cherry-pick #8599 ) ( #8603 )
...
web/flows: fix webauthn retry (#8599 )
* web/flows: fix retry button on webauthn device stage
* web/flows: rework webauth register design to match
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-21 15:01:05 +01:00
b6e961b1f3
web: spell customization with a Z (cherry-pick #8596 ) ( #8602 )
...
web: spell customization with a Z (#8596 )
Co-authored-by: Fletcher Heisler <fheisler@users.noreply.github.com >
Co-authored-by: Fletcher Heisler <fletcher@goauthentik.io >
2024-02-21 15:00:54 +01:00
874d7ff320
rbac: fix permission decorator for global permissions (cherry-pick #8591 ) ( #8597 )
...
rbac: fix permission decorator for global permissions (#8591 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens L <jens@goauthentik.io >
2024-02-20 18:31:29 +01:00
e4a5bc9df6
website/docs: kubernetes installation: update values (cherry-pick #8575 ) ( #8576 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2024-02-19 15:27:13 +01:00
318e0cf9f8
release: 2024.2.0-rc2
2024-02-19 14:10:53 +01:00
