9ed236f7ab
outposts/ldap: Support hard coded uidNumber and gidNumber. ( #1582 )
2021-10-10 23:43:36 +02:00
75ef4ce596
tests/e2e: add new ldap object classes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-26 14:57:42 +02:00
c2f3ce11b0
outposts/ldap: fix potential panic when converting attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-26 14:52:25 +02:00
3c256fecc6
outposts/ldap: add groupofuniquenames
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-26 14:49:11 +02:00
0285b84133
outposts/ldap: add query support for all supported object classes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-26 14:42:26 +02:00
c7e6eb8896
outposts/ldap: add support for base scope and domain info
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-26 14:01:22 +02:00
ebc06f1abe
outposts/ldap: fix logic error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-22 13:19:50 +02:00
0f8880ab0a
outposts: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-22 13:14:28 +02:00
1f97420207
outposts/ldap: allow custom attributes to shadow built-in attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-21 21:59:39 +02:00
471f7d9c62
outposts: add consistent name and type to metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-16 10:14:51 +02:00
a6a6b3bd06
outposts: add outpost_name label to metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-16 10:04:17 +02:00
7158c9d2ea
core: metrics v2 ( #1370 )
...
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-09 15:52:24 +02:00
3c1b70c355
outposts/proxyv2 ( #1365 )
...
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-08 18:04:56 +00:00
9ad4cf1db9
outposts/ldap: improve logging of client IPs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-09-05 19:47:30 +02:00
048467e97d
outpost/ldap: delay user information removal upon closing of connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-29 21:13:46 +02:00
ffbab2cd68
outpost/ldap: set request_id in sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-25 22:36:08 +02:00
294d70ae4d
outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-21 17:53:09 +02:00
23fd257624
outposts/ldap: fix nil pointer dereference when search self
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-21 16:51:47 +02:00
3e909ae6bb
core: allow filtering users by the groups they are in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-21 16:27:48 +02:00
ff24bc8cb8
outpost/ldap: regularly pre-heat flow executor cache to increase bind performance
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-21 16:17:30 +02:00
54b7ef42f5
outpost/ldap: add sAMAccountName on groups for compatibility
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-15 15:59:24 +02:00
93de363c86
website/developer-docs: add notice for translation requirements
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-10 21:42:59 +02:00
80df444067
outposts/ldap: add sAMAccountName field for compatibility
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-09 21:00:02 +02:00
6af2c6a014
outpost/ldap: fix errors with new UserSelf serializer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-08-05 18:20:24 +02:00
5ff3e9b418
outposts/ldap: add support for member query
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-23 20:00:23 +02:00
6a8be0dc71
outposts/ldap: improve parsing of LDAP filters
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-23 15:41:09 +02:00
34189fcc06
outposts/ldap: search users and group in parallel
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-22 22:55:23 +02:00
0d0dcf8de0
outposts/ldap: optimise backend Search API requests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-22 20:38:30 +02:00
1b4654bb1d
outposts/ldap: add tracing for LDAP bind and search
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-22 19:23:56 +02:00
253f345fc4
outposts: save certificate fingerprint and check before re-fetching to cleanup logs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-21 23:53:43 +02:00
d89266a9d2
outposts/ldap: fix order of Listeners
...
TCP -> PROXY -> TLS
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-20 15:25:11 +02:00
d678d33756
root: add support for PROXY protocol on listeners
...
closes #1161
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-20 11:03:09 +02:00
d87871f806
outposts/ldap: improve logging, add request ID
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-19 13:41:29 +02:00
a2c587be43
outposts: don't authenticate as service user for flows to set remote-ip
...
set outpost token as additional header and check that token (user) if they can override remote-ip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-19 13:17:13 +02:00
4029e19b72
outposts/ldap: fix order of flow check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-18 22:22:35 +02:00
36de302250
outposts: separate CLI flow executor from ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-18 15:51:48 +02:00
cffc6a1b88
outpost/ldap: fix import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-17 20:02:36 +02:00
a0b63f50bf
outposts: fix import for self-signed cert on ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-07-17 19:38:04 +02:00
b3159a74e5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
# Conflicts:
# Dockerfile
# internal/outpost/ak/api.go
# internal/outpost/ak/api_uag.go
# internal/outpost/ak/global.go
# internal/outpost/ldap/api_tls.go
# internal/outpost/ldap/instance_bind.go
# internal/outpost/ldap/utils.go
# internal/outpost/proxy/api_bundle.go
# outpost/go.mod
# outpost/go.sum
# outpost/pkg/ak/cert.go
2021-07-17 12:49:38 +02:00
948db46406
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-07-05 19:11:26 +02:00
3dc9e247d5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-07-02 16:23:30 +02:00
ff42663d3c
root: more code merging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-29 16:21:00 +02:00
8429dd19b2
Merge branch 'master' into inbuilt-proxy
2021-06-29 16:20:24 +02:00
6dc38b0132
root: start deduplicating code
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-16 12:41:34 +02:00
690b7be1d8
root: initial merging of outpost and main project
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org >
2021-06-16 12:02:02 +02:00
