authentik

Author	SHA1	Message	Date
Jens L	41af486006	enterprise: initial enterprise (#5721 ) * initial Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add user type Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add external users Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ui, add more logic, add public JWT validation key Signed-off-by: Jens Langhammer <jens@goauthentik.io> * revert to not use install_id as session jwt signing key Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * switch to PKI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more licensing stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add install ID to form Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use x5c correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * license checks Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use production CA Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more UI stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rename to summary Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale, improve ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add direct button Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update link Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format and such Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove old attributes from ldap Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove is_enterprise_licensed Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix admin interface styling issue Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update authentik/core/models.py Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> * fix default case Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2023-07-17 17:57:08 +02:00
Jens L	ae7ea4dd11	outposts/ldap: add more tests (#6188 ) * outposts/ldap: add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing posixAccount Signed-off-by: Jens Langhammer <jens@goauthentik.io> * attempt to expand attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix routing without base DN Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove our custom attribute filtering since this is done by the ldap library Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add test for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-07-08 20:51:05 +02:00
Daniel	ad81ee2740	providers/ldap: fix inconsistent saving of user flags on failed cached binds (#6096 ) * feat: assign invalid pk and check * fix: only set flags if they don't exist * fix: userinfo not being set if data is available * minor cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-06-29 16:57:46 +02:00
Jens L	01311929d1	providers/ldap: improve password totp detection (#6006 ) * providers/ldap: improve password totp detection Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add flag for totp mfa support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep support for static tokens Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-20 12:09:13 +02:00
Jens L	54ef88a6fa	providers/ldap: rework Schema and DSE (#5838 ) * rework Root DSE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * always parse filter objectClass Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding LDAP Schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update schema more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix cn for schema Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only include main DN in namingContexts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use schema from gh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix response filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't return rootDSE entry when searching for singleLevel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove currentTime Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix attribute filtering Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set SINGLE-VALUE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix numbers Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-08 15:16:40 +02:00
Jens L	0ce41a1b2d	providers/ldap: add StartTLS support (#5861 ) * providers/ldap: add StartTLS support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add starttls test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update form and docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add tls server name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-06-06 21:40:19 +02:00
Marc 'risson' Schmitt	5d87eb97be	outposts/ldap: fix race condition when refreshing the provider Fixes the race condition causing the crash found in #4138, which doesn't actually have anything to do with the issue itself. As far as I can work out, when the outpost refreshes its list of providers, it copies over its `boundUsers`, probably to avoid having to fetch them all again, and does so by making a shallow copy of that `map`, but not the mutex associated with it. It now has multiple references to the same map, each protected by a different mutex, which under certain conditions can cause a `concurrent map read and map write` error. This fix copies the map contents instead of make a shallow copy. Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2023-06-02 15:42:19 +02:00
dependabot[bot]	4d58eba027	core: bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 (#5548 ) * core: bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.20.0 to 0.21.0. - [Release notes](https://github.com/getsentry/sentry-go/releases) - [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-go/compare/v0.20.0...v0.21.0) --- updated-dependencies: - dependency-name: github.com/getsentry/sentry-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-09 11:22:57 +02:00
authentik-db-cooper	ab795e6642	internal: ignore insecure TLS certs (#5483 ) * servers: ignore insecure TLS certs * slight refactor to have a single place for tls config Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-05-05 15:57:52 +03:00
Jens L	b7b62ba089	providers/ldap: correctly use pagination in search results in both modes (#5492 ) closes #4292 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-05-05 15:51:02 +03:00
Jens L	bb92c4a967	providers/ldap: remove deprecated fields (#5154 ) * providers/ldap: remove deprecated fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-04-21 14:10:24 +03:00
Jens L	345fa1bed6	providers/ldap: fix duplicate attributes (#4972 ) closes #4971 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-16 12:14:17 +01:00
Jens L	41d17dc543	internal: fix crash when port 9000 is in use (#4863 ) fix crash when port 9000 is in use Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-03-07 13:27:46 +01:00
roche-quentin	cd99b6e48f	providers/ldap: making ldap compatible with synology (#4694 ) * internal/outpost/ldap: making ldap compatible with synology * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs about homedirectory Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add substitution to values Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 15:26:41 +01:00
sdimovv	51c6a14786	providers/ldap: Improve compatibility with LDAP clients (#4750 ) * Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-' * Leave old fields for now for backward compatibility * Add forgotten depreceated field * Fix tests * Fix tests * use shorter attribute names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sanitize attributes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * keep both sanitized and unsanitized user fields Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sanitized fields to test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2023-02-22 14:18:22 +01:00
Jens Langhammer	146d54813c	providers/ldap: fix error not being checked correctly when fetching users Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-02-03 18:10:06 +01:00
Jens L	a9b32e2f97	providers/ldap: add unbind flow execution (#4484 ) add unbind flow execution Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-23 20:36:30 +01:00
Jens Langhammer	8deac81364	outposts/ldap: fix queries filtering objectClass with non-lowercase values closes #2756 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-20 11:42:23 +01:00
Jens Langhammer	bd0ef69ece	outposts/ldap: decrease verbosity Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-01-17 11:12:31 +01:00
Jens Langhammer	39424839c5	outposts/ldap: only use common cert if cert is configured, correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-28 22:50:50 +01:00
Jens Langhammer	2d03bd5c89	outposts/ldap: only use common cert if cert is configured Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-28 21:29:36 +01:00
Jens Langhammer	ff13b4bb46	outposts/ldap: use configured certificate for LDAPS when all providers' certificates are identical Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-28 19:15:29 +01:00
Jens Langhammer	107f2745c8	providers/ldap: improve mapping of LDAP filters to authentik queries Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 18:30:52 +00:00
Jens Langhammer	b864de7721	outposts/ldap: increase compatibility with different types in user and group attributes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-16 22:32:18 +02:00
Jens Langhammer	50819ae0f0	*: improve error handling in ldap outpost, ignore additional errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-09-23 22:11:47 +02:00
Jens Langhammer	14a7c9f967	internal: fix outposts not logging flow execution errors correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-31 23:03:57 +02:00
Jens L	89fef0ae72	blueprints: docs (#3376 ) * further blueprint cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * make group users and parent optional Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix api client usage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-06 00:52:12 +02:00
Jens L	2ce8e18bab	internal: centralise config for listeners to use same config system everywhere (#3367 ) * centralise config for listeners to use same config system everywhere Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #3360 * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-08-03 21:33:27 +02:00
Jens Langhammer	eb633c607e	internal: fix nil pointer reference Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-07-01 17:02:53 +02:00
Jens Langhammer	bdf76bb4b7	internal: skip tracing for go healthcheck and metrics endpoints Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-06-10 22:21:11 +02:00
Jens Langhammer	8d3275817b	providers/ldap: fix existing binder not being carried forward correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-06-05 18:51:01 +02:00
Jens Langhammer	bb244b8338	providers/ldap: fix session cache being lost on provider refresh Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-06-04 18:03:00 +02:00
Jens L	8f0572d11e	outposts/ldap: add correct group objectClass (#3023 ) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2861	2022-06-02 18:48:07 +02:00
Jens L	3eb466ff4b	lifecycle: cleanup prometheus (#2972 ) * remove high cardinality labels Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * retry worker number for prometheus multiprocess id Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * revert to pid, use subdirectories Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup more Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use worker id based off of https://github.com/benoitc/gunicorn/issues/1352 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix missing app label Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: remove static names Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-29 21:45:25 +02:00
Jens Langhammer	a03dde8a90	outposts/ldap: fix type assertion after upgrading to new API Client Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-27 16:36:15 +02:00
Jens L	a286f999e2	api: migrate to openapi generator v6 (#2968 ) * migrate to openapi generator v6 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * bump api Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-26 15:15:30 +02:00
Jens Langhammer	5c91658484	internal: fix nil pointer dereference in ldap outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-21 15:48:50 +02:00
Jens Langhammer	25a4310bb1	internal: use Expires not MaxAge for LDAP session Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-11 10:04:32 +02:00
dependabot[bot]	4d755dc0f6	build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 (#2843 ) * build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.4 to 3.2022041.5. - [Release notes](https://github.com/goauthentik/client-go/releases) - [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5) --- updated-dependencies: - dependency-name: goauthentik.io/api/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-10 20:33:19 +02:00
Jens L	ab2299ba1e	outposts/ldap: cached bind (#2824 ) * initial cached ldap bind support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * clean up api generation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use gh action for golangci-lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-05-08 16:48:53 +02:00
Jens Langhammer	9b6e47e6b8	outposts/ldap: fix panic in type conversion when value is nil Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-04-11 15:52:58 +02:00
Jens Langhammer	51194cbf42	outposts/ldap: use backend group num_pk Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-22 23:54:50 +01:00
Jens Langhammer	b45a442447	outposts/ldap: fix contexts Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-19 18:28:27 +01:00
Simon Siebert	75a720ead1	outposts/ldap: prevent operations error from nil dereference (#2447 ) closes #2526	2022-03-19 18:26:26 +01:00
Jens Langhammer	62a939b91d	internal: bump api client to v3 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-03-03 10:40:07 +01:00
Jens Langhammer	fb33906637	internal/ldap: fix panic when parsing lists with mixed types closes #2355 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-22 19:56:55 +01:00
Jens L	4343246a41	*: rename akprox to outpost.goauthentik.io (#2266 ) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-02-08 20:25:38 +01:00
Ilya Kogan	947ecec02b	outposts/ldap: Fix more case sensitivity issues. (#2144 )	2022-01-25 11:27:27 +01:00
Jens Langhammer	819af78e2b	internal: make internal go version match python version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-14 10:45:37 +01:00
Jens Langhammer	bf347730b3	outposts/ldap: remove deprecated fields Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-01-07 09:52:19 +01:00

1 2 3

113 Commits