web/flow/table-driven-executor

# What - Replaces the *massive* switch/case block for stages with a lookup table. # Why - Because it was a massive switch/case block calling 22 different functions with the *exact same* signatures, and that created both a ton of duplication in the code as well as introduced last-line risks.
Merge branch 'main' into web/flow/table-driven-executor
2024-11-21 14:25:02 -08:00 · 2024-11-21 13:57:01 -08:00 · 2024-11-21 09:59:52 -08:00 · 2024-11-20 10:23:54 -08:00 · 2024-11-15 12:47:17 -08:00 · 2024-11-14 11:29:13 -08:00
2 changed files with 118 additions and 160 deletions
--- a/web/src/flow/FlowExecutor.ts
+++ b/web/src/flow/FlowExecutor.ts
@ -5,15 +5,14 @@ import {
    TITLE_DEFAULT,
 } from "@goauthentik/common/constants";
 import { globalAK } from "@goauthentik/common/global";
-import { purify } from "@goauthentik/common/purify";
 import { configureSentry } from "@goauthentik/common/sentry";
-import { first } from "@goauthentik/common/utils";
 import { WebsocketClient } from "@goauthentik/common/ws";
 import { Interface } from "@goauthentik/elements/Interface";
 import "@goauthentik/elements/LoadingOverlay";
 import "@goauthentik/elements/ak-locale-context";
 import { DefaultBrand } from "@goauthentik/elements/sidebar/SidebarBrand";
 import { themeImage } from "@goauthentik/elements/utils/images";
+import "@goauthentik/flow/components/ak-brand-footer";
 import "@goauthentik/flow/sources/apple/AppleLoginInit";
 import "@goauthentik/flow/sources/plex/PlexLoginInit";
 import "@goauthentik/flow/stages/FlowErrorStage";
@ -26,6 +25,7 @@ import { CSSResult, PropertyValues, TemplateResult, css, html, nothing } from "l
 import { customElement, property, state } from "lit/decorators.js";
 import { unsafeHTML } from "lit/directives/unsafe-html.js";
 import { until } from "lit/directives/until.js";
+import { html as staticHtml, unsafeStatic } from "lit/static-html.js";

 import PFBackgroundImage from "@patternfly/patternfly/components/BackgroundImage/background-image.css";
 import PFButton from "@patternfly/patternfly/components/Button/button.css";
@ -49,6 +49,52 @@ import {
    UiThemeEnum,
 } from "@goauthentik/api";

+type StageRenderer = {
+    // Provide the lit-element tag if it's different from the challenge.component name
+    tag?: string;
+    // Provide a dynamic import whenever possible; otherwise, make sure you include it in the
+    // build-time imports above.
+    import?: () => Promise<unknown>;
+};
+type StageRenderers = { [key: string]: StageRenderer };
+
+// authentik's standard stages and the Lit components that handle them. A "standard stage" conforms
+// to an API that takes two properties:
+// `.host=${host: StageHost} .challenge=${challenge: ChallengeTypes}`
+// Exceptions are handled in a switch/case statement below the renderer for these.
+
+// All of that `async () => await import("@goauthentik/flow/...")` boilerplate cannot be abstracted
+// away because [import is not a function](https://v8.dev/features/dynamic-import), it is a
+// _statement_, and its contents are statically analyzed by bundlers, compilers, and the V8
+// interpreter.
+
+// Prettier ignore to keep the table looking like a table:
+// prettier-ignore
+const allStages: StageRenderers = {
+    "ak-stage-access-denied": { import: async () => await import("@goauthentik/flow/stages/access_denied/AccessDeniedStage") },
+    "ak-stage-identification": { import: async () => await import("@goauthentik/flow/stages/identification/IdentificationStage") },
+    "ak-stage-password": { import: async () => await import("@goauthentik/flow/stages/password/PasswordStage") },
+    "ak-stage-captcha": { import: async () => await import("@goauthentik/flow/stages/captcha/CaptchaStage") },
+    "ak-stage-consent": { import: async () => await import("@goauthentik/flow/stages/consent/ConsentStage") },
+    "ak-stage-dummy": { import: async () => await import("@goauthentik/flow/stages/dummy/DummyStage") },
+    "ak-stage-email": { import: async () => await import("@goauthentik/flow/stages/email/EmailStage") },
+    "ak-stage-autosubmit": { import: async () => await import("@goauthentik/flow/stages/autosubmit/AutosubmitStage") },
+    "ak-stage-prompt": { import: async () => await import("@goauthentik/flow/stages/prompt/PromptStage") },
+    "ak-stage-authenticator-totp": { import: async () => await import("@goauthentik/flow/stages/authenticator_totp/AuthenticatorTOTPStage") },
+    "ak-stage-authenticator-duo": { import: async () => await import("@goauthentik/flow/stages/authenticator_duo/AuthenticatorDuoStage") },
+    "ak-stage-authenticator-static": { import: async () => await import("@goauthentik/flow/stages/authenticator_static/AuthenticatorStaticStage") },
+    "ak-stage-authenticator-webauthn": { },
+    "ak-stage-authenticator-sms": { import: async () => await import("@goauthentik/flow/stages/authenticator_sms/AuthenticatorSMSStage") },
+    "ak-stage-authenticator-validate": { import: async () => await import("@goauthentik/flow/stages/authenticator_validate/AuthenticatorValidateStage") },
+    "ak-stage-user-login": { import: async () => await import("@goauthentik/flow/stages/user_login/UserLoginStage") },
+    "ak-source-plex": { tag: "ak-flow-source-plex" },
+    "ak-source-oauth-apple": { tag: "ak-flow-source-oauth-apple" },
+    "ak-provider-oauth2-device-code": { tag: "ak-flow-provider-oauth2-code", import: async () => await import("@goauthentik/flow/providers/oauth2/DeviceCode") },
+    "ak-provider-oauth2-device-code-finish": { tag: "ak-flow-provider-oauth2-code-finish", import: async () => await import("@goauthentik/flow/providers/oauth2/DeviceCodeFinish") },
+    "ak-stage-session-end": { import: async () => await import("@goauthentik/flow/providers/SessionEnd") },
+    "ak-stage-flow-error": { },
+} as const;
+
@customElement("ak-flow-executor")
 export class FlowExecutor extends Interface implements StageHost {
    @property()
@ -299,142 +345,21 @@ export class FlowExecutor extends Interface implements StageHost {
        if (!this.challenge) {
            return html`<ak-empty-state loading> </ak-empty-state>`;
        }
+        const stage = allStages[this.challenge.component];
+        if (stage) {
+            if (stage.import) {
+                await stage.import();
+            }
+            const tag = stage.tag ?? this.challenge.component;
+            // Prettier doesn't know what `staticHTML` is, will try to format it by
+            // prettier-ignore
+            return staticHtml`<${unsafeStatic(tag)}
+                .host=${this as StageHost}
+                .challenge=${this.challenge}
+            ></${unsafeStatic(tag)}>`;
+        }
+
        switch (this.challenge?.component) {
-            case "ak-stage-access-denied":
-                await import("@goauthentik/flow/stages/access_denied/AccessDeniedStage");
-                return html`<ak-stage-access-denied
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-access-denied>`;
-            case "ak-stage-identification":
-                await import("@goauthentik/flow/stages/identification/IdentificationStage");
-                return html`<ak-stage-identification
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-identification>`;
-            case "ak-stage-password":
-                await import("@goauthentik/flow/stages/password/PasswordStage");
-                return html`<ak-stage-password
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-password>`;
-            case "ak-stage-captcha":
-                await import("@goauthentik/flow/stages/captcha/CaptchaStage");
-                return html`<ak-stage-captcha
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-captcha>`;
-            case "ak-stage-consent":
-                await import("@goauthentik/flow/stages/consent/ConsentStage");
-                return html`<ak-stage-consent
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-consent>`;
-            case "ak-stage-dummy":
-                await import("@goauthentik/flow/stages/dummy/DummyStage");
-                return html`<ak-stage-dummy
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-dummy>`;
-            case "ak-stage-email":
-                await import("@goauthentik/flow/stages/email/EmailStage");
-                return html`<ak-stage-email
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-email>`;
-            case "ak-stage-autosubmit":
-                await import("@goauthentik/flow/stages/autosubmit/AutosubmitStage");
-                return html`<ak-stage-autosubmit
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-autosubmit>`;
-            case "ak-stage-prompt":
-                await import("@goauthentik/flow/stages/prompt/PromptStage");
-                return html`<ak-stage-prompt
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-prompt>`;
-            case "ak-stage-authenticator-totp":
-                await import("@goauthentik/flow/stages/authenticator_totp/AuthenticatorTOTPStage");
-                return html`<ak-stage-authenticator-totp
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-authenticator-totp>`;
-            case "ak-stage-authenticator-duo":
-                await import("@goauthentik/flow/stages/authenticator_duo/AuthenticatorDuoStage");
-                return html`<ak-stage-authenticator-duo
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-authenticator-duo>`;
-            case "ak-stage-authenticator-static":
-                await import(
-                    "@goauthentik/flow/stages/authenticator_static/AuthenticatorStaticStage"
-                );
-                return html`<ak-stage-authenticator-static
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-authenticator-static>`;
-            case "ak-stage-authenticator-webauthn":
-                return html`<ak-stage-authenticator-webauthn
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-authenticator-webauthn>`;
-            case "ak-stage-authenticator-sms":
-                await import("@goauthentik/flow/stages/authenticator_sms/AuthenticatorSMSStage");
-                return html`<ak-stage-authenticator-sms
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-authenticator-sms>`;
-            case "ak-stage-authenticator-validate":
-                await import(
-                    "@goauthentik/flow/stages/authenticator_validate/AuthenticatorValidateStage"
-                );
-                return html`<ak-stage-authenticator-validate
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-authenticator-validate>`;
-            case "ak-stage-user-login":
-                await import("@goauthentik/flow/stages/user_login/UserLoginStage");
-                return html`<ak-stage-user-login
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-user-login>`;
-            // Sources
-            case "ak-source-plex":
-                return html`<ak-flow-source-plex
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-flow-source-plex>`;
-            case "ak-source-oauth-apple":
-                return html`<ak-flow-source-oauth-apple
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-flow-source-oauth-apple>`;
-            // Providers
-            case "ak-provider-oauth2-device-code":
-                await import("@goauthentik/flow/providers/oauth2/DeviceCode");
-                return html`<ak-flow-provider-oauth2-code
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-flow-provider-oauth2-code>`;
-            case "ak-provider-oauth2-device-code-finish":
-                await import("@goauthentik/flow/providers/oauth2/DeviceCodeFinish");
-                return html`<ak-flow-provider-oauth2-code-finish
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-flow-provider-oauth2-code-finish>`;
-            case "ak-stage-session-end":
-                await import("@goauthentik/flow/providers/SessionEnd");
-                return html`<ak-stage-session-end
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-session-end>`;
-            // Internal stages
-            case "ak-stage-flow-error":
-                return html`<ak-stage-flow-error
-                    .host=${this as StageHost}
-                    .challenge=${this.challenge}
-                ></ak-stage-flow-error>`;
            case "xak-flow-redirect":
                return html`<ak-stage-redirect
                    .host=${this as StageHost}
@ -504,11 +429,9 @@ export class FlowExecutor extends Interface implements StageHost {
                                            >
                                                <img
                                                    src="${themeImage(
-                                                        first(
-                                                            this.brand?.brandingLogo,
-                                                            globalAK()?.brand.brandingLogo,
+                                                        this.brand?.brandingLogo ??
+                                                            globalAK()?.brand.brandingLogo ??
                                                            DefaultBrand.brandingLogo,
-                                                        ),
                                                    )}"
                                                    alt="authentik Logo"
                                                />
@ -516,25 +439,9 @@ export class FlowExecutor extends Interface implements StageHost {
                                            ${until(this.renderChallenge())}
                                        </div>
                                        <footer class="pf-c-login__footer">
-                                            <ul class="pf-c-list pf-m-inline">
-                                                ${this.brand?.uiFooterLinks?.map((link) => {
-                                                    if (link.href) {
-                                                        return html`${purify(
-                                                            html`<li>
-                                                                <a href="${link.href}"
-                                                                    >${link.name}</a
-                                                                >
-                                                            </li>`,
-                                                        )}`;
-                                                    }
-                                                    return html`<li>
-                                                        <span>${link.name}</span>
-                                                    </li>`;
-                                                })}
-                                                <li>
-                                                    <span>${msg("Powered by authentik")}</span>
-                                                </li>
-                                            </ul>
+                                            <ak-brand-links
+                                                .links=${this.brand?.uiFooterLinks ?? []}
+                                            ></ak-brand-links>
                                        </footer>
                                    </div>
                                </div>
--- a/web/src/flow/components/ak-brand-footer.ts
+++ b/web/src/flow/components/ak-brand-footer.ts
@ -0,0 +1,51 @@
+import { purify } from "@goauthentik/common/purify";
+import { AKElement } from "@goauthentik/elements/Base.js";
+
+import { msg } from "@lit/localize";
+import { css, html } from "lit";
+import { customElement, property } from "lit/decorators.js";
+import { map } from "lit/directives/map.js";
+
+import PFList from "@patternfly/patternfly/components/List/list.css";
+import PFBase from "@patternfly/patternfly/patternfly-base.css";
+
+import { FooterLink } from "@goauthentik/api";
+
+const styles = css`
+    .pf-c-list a {
+        color: unset;
+    }
+    ul.pf-c-list.pf-m-inline {
+        justify-content: center;
+        padding: calc(var(--pf-global--spacer--xs) / 2) 0px;
+    }
+`;
+
+const salesMark: FooterLink = { name: msg("Powered by authentik"), href: "" };
+
+@customElement("ak-brand-links")
+export class BrandLinks extends AKElement {
+    static get styles() {
+        return [PFBase, PFList, styles];
+    }
+
+    @property({ type: Array, attribute: false })
+    links: FooterLink[] = [];
+
+    render() {
+        const links = [...(this.links ?? []), salesMark];
+        return html` <ul class="pf-c-list pf-m-inline">
+            ${map(links, (link) =>
+                link.href
+                    ? purify(html`<li><a href="${link.href}">${link.name}</a></li>`)
+                    : html`<li><span>${link.name}</span></li>`,
+            )}
+        </ul>`;
+    }
+}
+
+declare global {
+    interface HTMLElementTagNameMap {
+        "ak-brand-links": BrandLinks;
+    }
+}
Author	SHA1	Message	Date
Ken Sternberg	1a340eb437	web/flow/table-driven-executor # What - Replaces the massive switch/case block for stages with a lookup table. # Why - Because it was a massive switch/case block calling 22 different functions with the exact same signatures, and that created both a ton of duplication in the code as well as introduced last-line risks.	2024-11-21 14:25:02 -08:00
Ken Sternberg	8982798c95	Merge branch 'main' into web/flow/table-driven-executor * main: (23 commits) website/docs: update info about footer links to match new UI (#12120) website/docs: prepare release notes (#12142) providers/oauth2: fix migration (#12138) providers/oauth2: fix migration dependencies (#12123) web: bump API Client version (#12129) providers/oauth2: fix redirect uri input (#12122) providers/proxy: fix redirect_uri (#12121) website/docs: prepare release notes (#12119) web: bump API Client version (#12118) security: fix CVE 2024 52289 (#12113) security: fix CVE 2024 52307 (#12115) security: fix CVE 2024 52287 (#12114) website/docs: add CSP to hardening (#11970) core: bump uvicorn from 0.32.0 to 0.32.1 (#12103) core: bump google-api-python-client from 2.153.0 to 2.154.0 (#12104) core: bump pydantic from 2.9.2 to 2.10.0 (#12105) translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#12110) internal: add CSP header to files in `/media` (#12092) core, web: update translations (#12101) web: fix bug that prevented error reporting in current wizard. (#12033) ...	2024-11-21 13:57:01 -08:00
Ken Sternberg	c3b33fdb07	web/legible/disambiguate-footer-links # What - Replaces the "brand links" box at the bottom of FlowExecutor with a component for showing brand links. # Why - Confusion arose about what "footer links" mean in any given context, and breaking this out, labeling it "brand-links," reduces that confusion. It also isolates and reduces the testable surface area of the Executor.	2024-11-21 09:59:52 -08:00
Ken Sternberg	9809b94030	Merge branch 'main' into dev * main: (28 commits) providers/scim: accept string and int for SCIM IDs (#12093) website: bump the docusaurus group in /website with 9 updates (#12086) core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#12079) scripts: remove read_replicas from generated dev config (#12078) core: bump geoip2 from 4.8.0 to 4.8.1 (#12071) core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2 (#12072) core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0 (#12073) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12074) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12075) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12076) translate: Updates for file web/xliff/en.xlf in zh_CN (#12077) web/admin: auto-prefill user path for new users based on selected path (#12070) core: bump aiohttp from 3.10.2 to 3.10.11 (#12069) web/admin: fix brand title not respected in application list (#12068) core: bump pyjwt from 2.9.0 to 2.10.0 (#12063) web: add italian locale (#11958) web/admin: better footer links (#12004) core, web: update translations (#12052) core: bump twilio from 9.3.6 to 9.3.7 (#12061) ...	2024-11-20 10:23:54 -08:00
Ken Sternberg	e7527c551b	Merge branch 'main' into dev * main: translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12045) translate: Updates for file web/xliff/en.xlf in zh_CN (#12047) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12044) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12046) web/flows: fix invisible captcha call (#12048) rbac: fix incorrect object_description for object-level permissions (#12029) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#12036) core: bump coverage from 7.6.4 to 7.6.5 (#12037) ci: bump codecov/codecov-action from 4 to 5 (#12038) release: 2024.10.2 (#12031)	2024-11-15 12:47:17 -08:00
Ken Sternberg	36b10b434a	:wqge branch 'main' into dev * main: providers/ldap: fix global search_full_directory permission not being sufficient (#12028) website/docs: 2024.10.2 release notes (#12025) lifecycle: fix ak exit status not being passed (#12024) core: use versioned_script for path only (#12003) core, web: update translations (#12020) core: bump google-api-python-client from 2.152.0 to 2.153.0 (#12021) providers/oauth2: fix manual device code entry (#12017) crypto: validate that generated certificate's name is unique (#12015) core, web: update translations (#12006) core: bump google-api-python-client from 2.151.0 to 2.152.0 (#12007) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12011) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12010) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12012) translate: Updates for file web/xliff/en.xlf in zh_CN (#12013) providers/proxy: fix Issuer when AUTHENTIK_HOST_BROWSER is set (#11968) website/docs: move S3 ad GeoIP to System Management/Operations (#11998) website/integrations: nextcloud: add SSE warning (#11976)	2024-11-14 11:29:13 -08:00
Ken Sternberg	831797b871	Merge branch 'main' into dev * main: (21 commits) web: bump API Client version (#11997) sources/kerberos: use new python-kadmin implementation (#11932) core: add ability to provide reason for impersonation (#11951) website/integrations: update vcenter integration docs (#11768) core, web: update translations (#11995) website: bump postcss from 8.4.48 to 8.4.49 in /website (#11996) web: bump API Client version (#11992) blueprints: add default Password policy (#11793) stages/captcha: Run interactive captcha in Frame (#11857) core, web: update translations (#11979) core: bump packaging from 24.1 to 24.2 (#11985) core: bump ruff from 0.7.2 to 0.7.3 (#11986) core: bump msgraph-sdk from 1.11.0 to 1.12.0 (#11987) website: bump the docusaurus group in /website with 9 updates (#11988) website: bump postcss from 8.4.47 to 8.4.48 in /website (#11989) stages/password: use recovery flow from brand (#11953) core: bump golang.org/x/sync from 0.8.0 to 0.9.0 (#11962) web: bump cookie, swagger-client and express in /web (#11966) core, web: update translations (#11959) core: bump debugpy from 1.8.7 to 1.8.8 (#11961) ...	2024-11-12 10:08:48 -08:00
Ken Sternberg	5cc2c0f45f	Merge branch 'main' into dev * main: ci: fix dockerfile warning (#11956)	2024-11-07 12:58:15 -08:00
Ken Sternberg	32442766f4	Merge branch 'main' into dev * main: website/docs: fix slug matching redirect URI causing broken refresh (#11950) website/integrations: jellyfin: update plugin catalog location (#11948) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#11942) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#11946) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#11947) website/docs: clarify traefik ingress setup (#11938) core: bump importlib-metadata from 8.4.0 to 8.5.0 (#11934) web: bump API Client version (#11930) root: backport version bump `2024.10.1` (#11929) website/docs: `2024.10.1` Release Notes (#11926) website: bump path-to-regexp from 1.8.0 to 1.9.0 in /website (#11924) core: bump sentry-sdk from 2.17.0 to 2.18.0 (#11918) website: bump the docusaurus group in /website with 9 updates (#11917) core: bump goauthentik.io/api/v3 from 3.2024100.1 to 3.2024100.2 (#11915) core, web: update translations (#11914)	2024-11-07 08:08:46 -08:00
Ken Sternberg	75790909a8	Merge branch 'main' into dev * main: web: bump API Client version (#11909) enterprise/rac: fix API Schema for invalidation_flow (#11907)	2024-11-04 13:20:15 -08:00
Ken Sternberg	e0d5df89ca	Merge branch 'main' into dev * main: core: add `None` check to a device's `extra_description` (#11904) providers/oauth2: fix size limited index for tokens (#11879) web: fix missing status code on failed build (#11903) website: bump docusaurus-theme-openapi-docs from 4.1.0 to 4.2.0 in /website (#11897) translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#11891) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#11884) translate: Updates for file web/xliff/en.xlf in tr (#11878) translate: Updates for file locale/en/LC_MESSAGES/django.po in tr (#11866) core: bump google-api-python-client from 2.149.0 to 2.151.0 (#11885) core: bump selenium from 4.26.0 to 4.26.1 (#11886) core, web: update translations (#11896) website: bump docusaurus-plugin-openapi-docs from 4.1.0 to 4.2.0 in /website (#11898) core: bump watchdog from 5.0.3 to 6.0.0 (#11899) core: bump ruff from 0.7.1 to 0.7.2 (#11900) core: bump django-pglock from 1.6.2 to 1.7.0 (#11901) website/docs: fix release notes to say Federation (#11889)	2024-11-04 10:25:52 -08:00
Ken Sternberg	f25a9c624e	Merge branch 'main' into dev * main: website: bump elliptic from 6.5.7 to 6.6.0 in /website (#11869) core: bump selenium from 4.25.0 to 4.26.0 (#11875) core: bump goauthentik.io/api/v3 from 3.2024083.14 to 3.2024100.1 (#11876) website/docs: add info about invalidation flow, default flows in general (#11800) website: fix docs redirect (#11873) website: remove RC disclaimer for version 2024.10 (#11871) website: update supported versions (#11841) web: bump API Client version (#11870) root: backport version bump 2024.10.0 (#11868) website/docs: 2024.8.4 release notes (#11862) web/admin: provide default invalidation flows for LDAP and Radius (#11861)	2024-11-04 10:25:45 -08:00
Ken Sternberg	914993a788	Merge branch 'main' into dev * main: (43 commits) core, web: update translations (#11858) web/admin: fix code-based MFA toggle not working in wizard (#11854) sources/kerberos: add kiprop to ignored system principals (#11852) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#11846) translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#11845) translate: Updates for file web/xliff/en.xlf in zh_CN (#11847) translate: Updates for file web/xliff/en.xlf in zh-Hans (#11848) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#11849) translate: Updates for file web/xliff/en.xlf in it (#11850) website: 2024.10 Release Notes (#11839) translate: Updates for file web/xliff/en.xlf in zh-Hans (#11814) core, web: update translations (#11821) core: bump goauthentik.io/api/v3 from 3.2024083.13 to 3.2024083.14 (#11830) core: bump service-identity from 24.1.0 to 24.2.0 (#11831) core: bump twilio from 9.3.5 to 9.3.6 (#11832) core: bump pytest-randomly from 3.15.0 to 3.16.0 (#11833) website/docs: Update social-logins github (#11822) website/docs: remove � (#11823) lifecycle: fix kdc5-config missing (#11826) website/docs: update preview status of different features (#11817) ...	2024-10-30 10:04:59 -07:00
Ken Sternberg	89dad07a66	web: Add InvalidationFlow to Radius Provider dialogues ## What - Bugfix: adds the InvalidationFlow to the Radius Provider dialogues - Repairs: `{"invalidation_flow":["This field is required."]}` message, which was not propagated to the Notification. - Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/` ## Note Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the Property Mappings to the wizard, and yes, I know I'm going to have pain with the new version of the wizard. But this is a serious bug; you can't make Radius servers with either of the current dialogues at the moment.	2024-10-23 14:17:30 -07:00