authentik

Author	SHA1	Message	Date
Jens Langhammer	d296c12d01	outposts/proxy: fix redirect when using forward_auth mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:56:20 +02:00
Jens Langhammer	4c3a9e69f2	outposts/proxy: fix securecookie: no codecs provided error with redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-09 10:23:46 +02:00
Jens Langhammer	8ca29f6d49	Revert "outpost/proxy: set samesite none" This reverts commit `f7afb60c1f`.	2021-09-08 22:56:24 +02:00
Jens Langhammer	0a33d38adf	outpost/proxy: fix prometheus errors Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 22:41:41 +02:00
Jens Langhammer	f7afb60c1f	outpost/proxy: set samesite none Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 22:06:44 +02:00
Jens Langhammer	b9c605bf1a	outpost/proxy: fix double slash when trailing slash in authentik_host Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 22:03:41 +02:00
Jens Langhammer	2983adc719	outpost/proxyv2: fix redirect to localhost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 21:07:16 +02:00
Jens Langhammer	502393ee56	outpost/proxyv2: allow port offset via yaml Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 21:07:06 +02:00
Jens L	3c1b70c355	outposts/proxyv2 (#1365 ) * outposts/proxyv2: initial commit Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add rs256 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> more stuff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add forward auth an sign_out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> match cookie name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> re-add support for rs256 for backwards compat Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add error handler Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> ensure unique user-agent is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> set cookie duration based on id_token expiry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> build proxy v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add ssl Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add basic auth and custom header support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add application cert loading Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> implement whitelist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add redis Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> migrate embedded outpost to v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> remove old proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> providers/proxy: make token expiration configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> add metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/proxy: only allow one redirect URI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix docker build for proxy Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove default port offset Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add AUTHENTIK_HOST_BROWSER Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests: fix e2e/integration tests not using proper tags Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * remove references of old port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix user_attributes not being loaded correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup dependencies Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-08 18:04:56 +00:00
Jens Langhammer	631b0a1819	outpost/proxy: improve error logging Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-07 23:33:48 +02:00
Jens Langhammer	bc7d5042df	outpost/proxy: use common template for proxy error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-07 16:44:15 +02:00
Jens Langhammer	70d0dd51a5	sources/oauth: cancel currently active flows before redirecting out Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-07 11:03:45 +02:00
Jens Langhammer	9ad4cf1db9	outposts/ldap: improve logging of client IPs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-05 19:47:30 +02:00
Jens Langhammer	70d1e3a0cb	outpost: fix spans being sent without parent context Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-03 18:17:08 +02:00
Jens Langhammer	a15571bd3e	outposts/proxy: detect empty authentik_host Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-09-01 22:09:07 +02:00
Jens Langhammer	b1eec5a7d2	outposts/proxy: add more logging Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-30 17:18:52 +02:00
Jens Langhammer	048467e97d	outpost/ldap: delay user information removal upon closing of connection Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-29 21:13:46 +02:00
Jens Langhammer	cc2cd6919f	outpost/embedded: only send requests for non-akprox paths when we're doing proxy mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-29 21:13:28 +02:00
Jens Langhammer	8acb15a7fd	outpost: fix flow executor not sending password for identification stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-27 09:43:07 +02:00
Jens Langhammer	ffbab2cd68	outpost/ldap: set request_id in sentry Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-25 22:36:08 +02:00
Jens Langhammer	294d70ae4d	outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-21 17:53:09 +02:00
Jens Langhammer	23fd257624	outposts/ldap: fix nil pointer dereference when search self Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-21 16:51:47 +02:00
Jens Langhammer	3e909ae6bb	core: allow filtering users by the groups they are in Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-21 16:27:48 +02:00
Jens Langhammer	ff24bc8cb8	outpost/ldap: regularly pre-heat flow executor cache to increase bind performance Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-21 16:17:30 +02:00
Jens Langhammer	2015d91484	outpost: load global config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-21 14:14:18 +02:00
Jens Langhammer	54b7ef42f5	outpost/ldap: add sAMAccountName on groups for compatibility Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-15 15:59:24 +02:00
Jens Langhammer	7e62b82d56	outpost/embedded: fix login URL not being set correctly from outpost config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-11 12:39:27 +02:00
Jens Langhammer	93de363c86	website/developer-docs: add notice for translation requirements Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-10 21:42:59 +02:00
Jens Langhammer	80df444067	outposts/ldap: add sAMAccountName field for compatibility Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-09 21:00:02 +02:00
Jens Langhammer	fe91bff854	outpost/embedded: fix schema Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-08 23:09:35 +02:00
Jens Langhammer	03958d170b	outpost/proxy: fix string substitution for internal Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-08 22:24:10 +02:00
Jens Langhammer	16f0f89a9d	outpost/embedded: fix embedded outpost redirecting to localhost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-08 15:39:52 +02:00
Jens Langhammer	e02207f38d	outpost/embedded: use redis session backend Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-07 22:12:22 +02:00
Jens Langhammer	6af2c6a014	outpost/ldap: fix errors with new UserSelf serializer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-08-05 18:20:24 +02:00
Jens Langhammer	66c3535bcb	outpost: bump timer for periodic config reloads Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-31 21:57:33 +02:00
Jens L	f01bc20d44	Embedded outpost (#1193 ) * api: allow API requests as managed outpost's account when using secret_key Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * root: load secret key from env Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: make listener IP configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost/proxy: run outpost in background and pass requests conditionally Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: unify branding to embedded Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: fix embedded outpost not being editable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix mismatched host detection Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: fix LDAP test not including user for embedded outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * tests/e2e: fix user matching Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add tests for secret_key auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * root: load environment variables using github.com/Netflix/go-env Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-29 11:30:30 +02:00
Jens Langhammer	5ff3e9b418	outposts/ldap: add support for member query Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-23 20:00:23 +02:00
Jens Langhammer	f6e1bfdfc8	outpost: fix 100% CPU Usage when not connected to websocket Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-23 18:57:26 +02:00
Jens Langhammer	aca3a5c458	outpost: add tracing for http client Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-23 17:37:06 +02:00
Jens Langhammer	6a8be0dc71	outposts/ldap: improve parsing of LDAP filters Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-23 15:41:09 +02:00
Jens Langhammer	34189fcc06	outposts/ldap: search users and group in parallel Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-22 22:55:23 +02:00
Jens Langhammer	0d0dcf8de0	outposts/ldap: optimise backend Search API requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-22 20:38:30 +02:00
Jens Langhammer	1b4654bb1d	outposts/ldap: add tracing for LDAP bind and search Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-22 19:23:56 +02:00
Jens Langhammer	66bfa6879d	outposts/proxy: add X-Auth-Groups header to pass groups Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-22 10:47:58 +02:00
Jens Langhammer	253f345fc4	outposts: save certificate fingerprint and check before re-fetching to cleanup logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-21 23:53:43 +02:00
Jens Langhammer	d89266a9d2	outposts/ldap: fix order of Listeners TCP -> PROXY -> TLS Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-20 15:25:11 +02:00
Jens Langhammer	d678d33756	root: add support for PROXY protocol on listeners closes #1161 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-20 11:03:09 +02:00
Jens Langhammer	de4710ea71	outpost: minor cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-19 17:19:48 +02:00
Jens Langhammer	d55b31dd82	outposts/proxy: set server header Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-19 17:11:11 +02:00
Jens Langhammer	d87871f806	outposts/ldap: improve logging, add request ID Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2021-07-19 13:41:29 +02:00

... 4 5 6 7 8

364 Commits