Compare commits

..

3730 Commits

Author SHA1 Message Date
435d126a1c release: 2022.8.1 2022-08-16 16:23:36 +02:00
ef5407be33 tests/e2e: fix blueprint paths
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 16:12:21 +02:00
e8b30b75d2 root: override blueprints_dir for testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 15:50:58 +02:00
2c09ac4fd6 root: fix dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 14:32:45 +02:00
e9c1276634 blueprints: use relative path in @apply_blueprint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 14:20:45 +02:00
71d6304407 website: update 2022.8 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 13:47:48 +02:00
6000a33a8e *: fix type annotations for serializer model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 13:23:22 +02:00
54eeb7add6 web/user: fix user source settings not updating correctly after deletion
also optimise the amount of API requests sent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3411
2022-08-16 11:43:13 +02:00
d7e8ca1c8f ci: don't error when we cant add a PR comment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-16 11:02:58 +02:00
740f4c7d56 web: bump @typescript-eslint/parser from 5.33.0 to 5.33.1 in /web (#3424) 2022-08-16 10:52:17 +02:00
088eb716fc web: bump @typescript-eslint/eslint-plugin from 5.33.0 to 5.33.1 in /web (#3425) 2022-08-16 10:50:44 +02:00
fb08e1db2b web/flows: only show permission ids if we have to, hide them if permission list has permissions with description
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-15 16:42:54 +02:00
f1b167c134 web: bump eslint from 8.21.0 to 8.22.0 in /web (#3419) 2022-08-15 16:07:52 +02:00
36d0817579 web: bump rollup from 2.77.3 to 2.78.0 in /web (#3420) 2022-08-15 16:07:44 +02:00
d4c1ef36f9 web: bump @sentry/browser from 7.9.0 to 7.10.0 in /web (#3402) 2022-08-12 14:19:52 +02:00
102b191e94 web: bump rollup from 2.77.2 to 2.77.3 in /web (#3407) 2022-08-12 14:15:41 +02:00
c735267373 web: bump lit from 2.2.8 to 2.3.0 in /web (#3408) 2022-08-12 14:15:32 +02:00
55b5e9834d core: bump sentry-sdk from 1.9.3 to 1.9.4 (#3409) 2022-08-12 14:15:22 +02:00
4386ffb8d7 web: bump @sentry/tracing from 7.9.0 to 7.10.0 in /web (#3403) 2022-08-11 12:50:38 +02:00
ca2b1a9c3e core: bump twilio from 7.12.0 to 7.12.1 (#3404) 2022-08-11 12:50:25 +02:00
22d33bb796 core: bump selenium from 4.3.0 to 4.4.0 (#3400) 2022-08-10 08:28:35 +02:00
ab15846480 core: bump sentry-sdk from 1.9.2 to 1.9.3 (#3401) 2022-08-10 08:27:32 +02:00
61f4049e51 website: bump react-before-after-slider-component from 1.1.3 to 1.1.4 in /website (#3393)
website: bump react-before-after-slider-component in /website

Bumps [react-before-after-slider-component](https://github.com/smeleshkin/react-before-after-slider-component) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/smeleshkin/react-before-after-slider-component/releases)
- [Commits](https://github.com/smeleshkin/react-before-after-slider-component/compare/v.1.1.3...v.1.1.4)

---
updated-dependencies:
- dependency-name: react-before-after-slider-component
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-09 11:30:06 +02:00
5ac4542f37 web: bump @typescript-eslint/eslint-plugin from 5.32.0 to 5.33.0 in /web (#3394)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.32.0 to 5.33.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.33.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-09 11:29:10 +02:00
0bba536187 web: bump @typescript-eslint/parser from 5.32.0 to 5.33.0 in /web (#3395) 2022-08-09 09:32:26 +02:00
e48d5a5fda core: bump goauthentik.io/api/v3 from 3.2022073.7 to 3.2022073.8 (#3396) 2022-08-09 09:32:11 +02:00
4c9878313c sources/oauth: correctly concatenate URLs to allow custom parameters to be included
closes #3374

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 21:17:32 +02:00
6356ddd9f3 internal: replace ioutils
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 21:00:45 +02:00
7ea0b4b9e4 web: Update Web API Client version (#3391)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-08-08 20:42:26 +02:00
a520a60c82 blueprints: lowercase system blueprints' models
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-08 20:38:42 +02:00
54c16129ea stages/authenticator_duo: revamp duo enroll status API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3288
2022-08-08 20:38:06 +02:00
2858682866 web: bump @sentry/browser from 7.8.1 to 7.9.0 in /web (#3381) 2022-08-08 13:04:46 +02:00
b1f7dfaeb4 website: bump postcss from 8.4.14 to 8.4.16 in /website (#3380) 2022-08-08 13:03:10 +02:00
eb27be222f web: bump @sentry/tracing from 7.8.1 to 7.9.0 in /web (#3382) 2022-08-08 13:03:00 +02:00
bcbeaa8382 web: bump @rollup/plugin-commonjs from 22.0.1 to 22.0.2 in /web (#3383) 2022-08-08 13:02:12 +02:00
d5cb95fedd core: bump coverage from 6.4.2 to 6.4.3 (#3384) 2022-08-08 13:02:02 +02:00
fda0da4659 core: bump sentry-sdk from 1.9.0 to 1.9.2 (#3385) 2022-08-08 13:01:50 +02:00
1c569c79f3 website: add more blueprint docs, 2022.8 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 19:27:31 +02:00
872c18dddc blueprints: don't use example label, add more tags and tests for tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 19:27:03 +02:00
201bea6d30 internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 18:50:24 +02:00
7e3c21d77b web/flows: update flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 15:34:04 +02:00
d1a02cbc0c tests/e2e: bump chrome version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 14:50:08 +02:00
da666871dd stages/consent: simplify permission rendering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 14:50:00 +02:00
2fa6cf855d stages/consent: simplify logic, correctly update existing consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 14:38:40 +02:00
3b86144ae5 stages/*: use stage-bound logger when possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 13:41:53 +02:00
f01f10c5e5 providers/oauth2: don't separate scopes by comma-space
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 13:15:12 +02:00
e1249d3760 providers/oauth2: fix scopes without descriptions not being saved in consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-07 13:02:47 +02:00
dcbf106daa blueprints: add !Context to lookup things from instance context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 20:54:00 +02:00
0227ba90bb core: bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 (#3379)
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.12.2...v1.13.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-06 13:08:59 +02:00
b095d63b4d core: bump goauthentik.io/api/v3 from 3.2022073.6 to 3.2022073.7 (#3378)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022073.6 to 3.2022073.7.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022073.6...v3.2022073.7)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-06 12:57:30 +02:00
20648808bc web: Update Web API Client version (#3377) 2022-08-06 01:02:05 +02:00
89fef0ae72 blueprints: docs (#3376)
* further blueprint cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make group users and parent optional

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix api client usage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 00:52:12 +02:00
85640d402f internal: fix race conditions when accessing settings before bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-06 00:24:55 +02:00
d5703dce39 internal: fix outposts not reacting to signals while starting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-05 18:13:09 +02:00
ec42d378ab blueprints/cleanup (#3369) 2022-08-05 08:39:00 +02:00
2a5a975d9a core: bump python from 3.10.5-slim-bullseye to 3.10.6-slim-bullseye (#3375) 2022-08-05 08:37:14 +02:00
a398e2470b web: bump chart.js from 3.9.0 to 3.9.1 in /web (#3371)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.9.0...v3.9.1)

---
updated-dependencies:
- dependency-name: chart.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-04 10:10:19 +02:00
2ce8e18bab internal: centralise config for listeners to use same config system everywhere (#3367)
* centralise config for listeners to use same config system everywhere

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3360

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-03 21:33:27 +02:00
9a9c826c0b core: bump django from 4.0.6 to 4.1 (#3368)
* core: bump django from 4.0.6 to 4.1

Bumps [django](https://github.com/django/django) from 4.0.6 to 4.1.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/4.0.6...4.1)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-03 15:33:58 +02:00
612587dd34 core: bump golang from 1.18.5-bullseye to 1.19.0-bullseye (#3364) 2022-08-03 09:10:23 +02:00
506722587d web: bump chart.js from 3.8.2 to 3.9.0 in /web (#3365) 2022-08-03 09:09:53 +02:00
c158604424 core: bump goauthentik.io/api/v3 from 3.2022073.5 to 3.2022073.6 (#3366) 2022-08-03 09:09:35 +02:00
4af6f29025 web: Update Web API Client version (#3357) 2022-08-03 00:15:32 +02:00
d1004e3798 blueprints: webui (#3356) 2022-08-03 00:05:49 +02:00
20aeed139d web: bump @sentry/browser from 7.8.0 to 7.8.1 in /web (#3349)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.8.0 to 7.8.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.8.0...7.8.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:53:46 +02:00
b2dbc87a4f web: bump @babel/preset-env from 7.18.9 to 7.18.10 in /web (#3347)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.18.9 to 7.18.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.10/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:53:35 +02:00
11bd7c72e0 website: bump @docusaurus/plugin-client-redirects from 2.0.0-rc.1 to 2.0.1 in /website (#3346)
website: bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-rc.1 to 2.0.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.1/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:53:27 +02:00
896cf7594e website: bump @docusaurus/preset-classic from 2.0.0-rc.1 to 2.0.1 in /website (#3345)
website: bump @docusaurus/preset-classic in /website

Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-rc.1 to 2.0.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.1/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:51:56 +02:00
457eeb10ab web: bump @babel/plugin-transform-runtime from 7.18.9 to 7.18.10 in /web (#3350)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.18.9 to 7.18.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.10/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:51:40 +02:00
0d94ffb91b web: bump eslint from 8.20.0 to 8.21.0 in /web (#3348)
Bumps [eslint](https://github.com/eslint/eslint) from 8.20.0 to 8.21.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.20.0...v8.21.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:51:31 +02:00
bd4fccb97b web: bump @typescript-eslint/parser from 5.31.0 to 5.32.0 in /web (#3352)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.31.0 to 5.32.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.32.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:51:22 +02:00
0cfae088f5 web: bump @babel/core from 7.18.9 to 7.18.10 in /web (#3351)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.18.9 to 7.18.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.10/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:51:05 +02:00
b4e7663209 web: bump @sentry/tracing from 7.8.0 to 7.8.1 in /web (#3344)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.8.0 to 7.8.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.8.0...7.8.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:50:49 +02:00
bdca49b265 core: bump golang from 1.18.4-bullseye to 1.18.5-bullseye (#3343)
Bumps golang from 1.18.4-bullseye to 1.18.5-bullseye.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:50:36 +02:00
c22954b6a4 web: bump @typescript-eslint/eslint-plugin from 5.31.0 to 5.32.0 in /web (#3353)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.31.0 to 5.32.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.32.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:50:07 +02:00
dfe97625f0 web: bump @babel/plugin-proposal-decorators from 7.18.9 to 7.18.10 in /web (#3354)
web: bump @babel/plugin-proposal-decorators in /web

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.18.9 to 7.18.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.10/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:49:55 +02:00
74bc0a6301 core: bump goauthentik.io/api/v3 from 3.2022073.4 to 3.2022073.5 (#3355)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022073.4 to 3.2022073.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022073.4...v3.2022073.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-02 09:49:45 +02:00
2bd29e2fdd *: improve error handling for startup tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-01 23:31:47 +02:00
3cd0a782af blueprints: correctly load on fresh install
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-01 23:25:33 +02:00
d88ce7a43f web: Update Web API Client version (#3342)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-08-01 23:10:48 +02:00
a023eee9bf blueprints: migrate from managed (#3338)
* test all bundled blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix empty title

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix default blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add script to generate dev config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate managed to blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more to blueprint instance

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrated away from ObjectManager

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate things

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix some tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix a bit more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* whops

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *sigh*

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tasks

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* scheduled

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* run discovery on start

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* oops this test should stay

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-01 23:05:58 +02:00
7a05c6faef stages/consent: fix error when requests with identical empty permissions
closes #3280

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-08-01 20:58:49 +02:00
6ab85f7f18 core: bump goauthentik.io/api/v3 from 3.2022073.2 to 3.2022073.4 (#3341) 2022-08-01 09:28:08 +02:00
d12907b81f web: Update Web API Client version (#3340)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-31 23:52:48 +02:00
553989d17f flows/stages/consent: fix for post requests (#3339)
add unique token to consent stage to ensure it is shown

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-31 23:47:40 +02:00
475019202b root: fix dockerfile for blueprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-31 18:10:21 +02:00
a9bca55b95 web: Update Web API Client version (#3337)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-31 17:18:00 +02:00
89c84f10d0 blueprints: v1 (#1573)
* managed: move flowexporter to managed

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: implement SerializerModel in all models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* managed: add initial api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* managed: start blueprint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* managed: spec

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* version blueprint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* yep

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove v2, improve v1

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* start custom tag, more rebrand

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* move blueprints out of website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* try new things

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add !lookup, fix web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update and cleanup default

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix tags in lists

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* don't save field if its set to default value

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more flow cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* format web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing serializer for sms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ignore _set fields

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove custom file extension

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate default flow to tenant

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* include blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-31 17:11:44 +02:00
882250a85e flows: migrate flows to be yaml (#3335)
* flows: migrate flows to be yaml

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate flows to yaml

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 23:55:58 +02:00
db1dd196e0 lifecycle: optimise container lifecycle and process signals (#3332)
* add dumb-init, use exec in wrapper

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix exec?

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 22:41:29 +02:00
d4b8dd7fcc ci: comment on PR with instructions on how to use branch (#3333)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 21:22:27 +02:00
fcf4657833 providers/proxy: add is_superuser to ak_proxy object, only show full error when superuser
closes #3314

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 20:29:23 +02:00
393d7ec486 providers/proxy: no exposed urls (#3151)
* test any callback

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dont detect callback in per-server handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use full redirect uri with both path and query param

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* correctly route to embedded outpost for callback signature

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix allowed redirects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-30 17:51:01 +02:00
b7b5168910 sources/oauth: use mailcow full_name as username for mailcow source (#3299)
use mailcow full_name as username
2022-07-29 20:34:17 +00:00
1dcec17a58 sources/oauth: only send header authentication for OIDC source
closes #3327

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 18:20:44 +02:00
b41acebf5b providers/proxy: add caddy endpoint (#3330)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 10:58:53 +02:00
e0478e1775 core: bump goauthentik.io/api/v3 from 3.2022073.1 to 3.2022073.2 (#3331)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022073.1 to 3.2022073.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022073.1...v3.2022073.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-29 10:35:23 +02:00
d6b1a22563 core: fix import order
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 00:18:42 +02:00
cada292e00 core: pre-hydrate config into templates to directly load correct assets
closes #3228

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-29 00:04:44 +02:00
d4af47f576 web: Update Web API Client version (#3329)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-28 23:59:04 +02:00
83eba36f8d core: add API Endpoint to get all MFA devices, add web ui to delete MFA devices of any user
closes #3237

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 23:50:25 +02:00
b82a142745 stages/authenticator_sms: use twilio SDK, improve docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3237
2022-07-28 22:17:59 +02:00
2a42c203b2 stages/authenticator_totp: remove single device per user limit
closes #3281

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:39:46 +02:00
ade2d4879c stages/authenticator_duo: fix imported Duo Device not having a name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:20:32 +02:00
e14798dcdc core: import all models into shell
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:19:04 +02:00
e49050af19 web/flows: improve layout for TOTP QR stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:16:42 +02:00
0248755cda stages/authentiactor_validate: improve error handling for duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 21:11:58 +02:00
1f90359310 root: fix broken traceback logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 20:56:39 +02:00
008fc19f0d root: fix log fields being overwritten in celery task logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-28 20:48:05 +02:00
5cd5b71b18 web: bump @sentry/tracing from 7.7.0 to 7.8.0 in /web (#3324) 2022-07-28 09:46:29 +02:00
253d98ba73 web: bump @rollup/plugin-typescript from 8.3.3 to 8.3.4 in /web (#3323) 2022-07-28 09:46:18 +02:00
3e2c04d029 web: bump rollup from 2.77.1 to 2.77.2 in /web (#3322) 2022-07-28 09:45:29 +02:00
32d3e33c83 web: bump @sentry/browser from 7.7.0 to 7.8.0 in /web (#3325) 2022-07-28 09:45:07 +02:00
282ebeb38b core: bump drf-spectacular from 0.22.1 to 0.23.1 (#3319)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.22.1 to 0.23.1.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.22.1...0.23.1)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 09:48:43 +02:00
81f4d86e6d core: bump github.com/go-ldap/ldap/v3 from 3.4.3 to 3.4.4 (#3318)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.3 to 3.4.4.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 09:48:34 +02:00
bcb90997bb web: bump rollup from 2.77.0 to 2.77.1 in /web (#3317)
Bumps [rollup](https://github.com/rollup/rollup) from 2.77.0 to 2.77.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.77.0...v2.77.1)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-27 09:48:23 +02:00
277df4f04f stages/prompt: fix tests for file field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-27 09:48:11 +02:00
de26c65fa0 core: add attributes. avatar method to allow custom uploaded avatars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2631
2022-07-26 21:42:41 +02:00
55739ee982 internal: add additional error handling in config loader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:48:57 +02:00
10b48b27b0 internal: walk config in go, check, parse and load from scheme like in python
closes #2719

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-26 11:33:37 +02:00
d08856c1fe web: bump @typescript-eslint/eslint-plugin from 5.30.7 to 5.31.0 in /web (#3311)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.30.7 to 5.31.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.31.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:47:28 +02:00
0d108b043d web: bump @fortawesome/fontawesome-free from 6.1.1 to 6.1.2 in /web (#3310)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/6.1.1...6.1.2)

---
updated-dependencies:
- dependency-name: "@fortawesome/fontawesome-free"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:41:33 +02:00
a37245b7c8 web: bump @typescript-eslint/parser from 5.30.7 to 5.31.0 in /web (#3312)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.30.7 to 5.31.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.31.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:41:24 +02:00
19c4ebdda9 core: bump urllib3 from 1.26.9 to 1.26.11 (#3313)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.9 to 1.26.11.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.11/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.9...1.26.11)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-26 09:41:03 +02:00
34d4b71f59 web: bump chart.js from 3.8.0 to 3.8.2 in /web (#3307)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.8.0 to 3.8.2.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.8.0...v3.8.2)

---
updated-dependencies:
- dependency-name: chart.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-25 09:22:45 +02:00
bd8794f646 core: bump structlog from 21.5.0 to 22.1.0 (#3294)
* core: bump structlog from 21.5.0 to 22.1.0

Bumps [structlog](https://github.com/hynek/structlog) from 21.5.0 to 22.1.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hynek/structlog/compare/21.5.0...22.1.0)

---
updated-dependencies:
- dependency-name: structlog
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* migrate threaedlocal to contextvars

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-23 22:40:56 +02:00
e0adcd3277 web: bump @codemirror/lang-javascript from 6.0.1 to 6.0.2 in /web (#3300)
Bumps [@codemirror/lang-javascript](https://github.com/codemirror/lang-javascript) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/codemirror/lang-javascript/releases)
- [Changelog](https://github.com/codemirror/lang-javascript/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-javascript/compare/6.0.1...6.0.2)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-javascript"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 11:15:40 +02:00
e2fe615a31 web: bump lit from 2.2.7 to 2.2.8 in /web (#3301)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.8/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 10:52:56 +02:00
0d2536fdfd web: bump @codemirror/lang-python from 6.0.0 to 6.0.1 in /web (#3302)
Bumps [@codemirror/lang-python](https://github.com/codemirror/lang-python) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/codemirror/lang-python/releases)
- [Changelog](https://github.com/codemirror/lang-python/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/lang-python/compare/6.0.0...6.0.1)

---
updated-dependencies:
- dependency-name: "@codemirror/lang-python"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 10:52:49 +02:00
c5813204d5 core: bump sentry-sdk from 1.7.2 to 1.8.0 (#3303)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.7.2 to 1.8.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.7.2...1.8.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-22 10:52:40 +02:00
5064c39a94 core: bump goauthentik.io/api/v3 from 3.2022072.1 to 3.2022073.1 (#3295) 2022-07-21 08:45:41 +02:00
1880f98fa1 sources/oauth: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-20 19:10:26 +02:00
d3c360d9e5 root: remove 2022.5 from supported list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-20 18:49:38 +02:00
388c4b9653 web: Update Web API Client version (#3293) 2022-07-20 18:43:24 +02:00
87f1cf17c4 Merge branch 'version-2022.7' 2022-07-20 18:39:48 +02:00
dae6493a3e release: 2022.7.3 2022-07-20 09:37:43 +02:00
fc0275314d website: bump terser from 5.10.0 to 5.14.2 in /website (#3289)
Bumps [terser](https://github.com/terser/terser) from 5.10.0 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 09:37:22 +02:00
c6fa19155b web: bump terser from 5.7.1 to 5.14.2 in /web (#3285)
Bumps [terser](https://github.com/terser/terser) from 5.7.1 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 09:32:26 +02:00
2fa0191d65 core: bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#3286)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-20 09:32:16 +02:00
ad07984158 website/docs: prepare 2022.7.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-19 21:40:56 +02:00
f909b86338 stages/consent: fix permimssions for consent API (allow owner to delete) 2022-07-19 16:41:34 +00:00
327df6529b sources/oauth: use oidc preferred_username if set, otherwise nickname 2022-07-19 16:41:10 +00:00
658dc63c4c lifecycle: revert waiting for lock, launch managed reconcile on app import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-19 12:06:57 +02:00
4edec5f666 lifecycle: connect to database first
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-19 10:54:56 +02:00
d150a0c135 web: bump @typescript-eslint/eslint-plugin from 5.30.6 to 5.30.7 in /web (#3278) 2022-07-19 08:48:26 +02:00
d4242781a0 web: bump @babel/plugin-transform-runtime from 7.18.6 to 7.18.9 in /web (#3277) 2022-07-19 08:48:09 +02:00
7369ca0b25 web: bump @babel/plugin-proposal-decorators from 7.18.6 to 7.18.9 in /web (#3273) 2022-07-19 08:46:24 +02:00
561f427cc5 web: bump @typescript-eslint/parser from 5.30.6 to 5.30.7 in /web (#3274) 2022-07-19 08:46:14 +02:00
8049ab703a web: bump @trivago/prettier-plugin-sort-imports from 3.2.0 to 3.3.0 in /web (#3275) 2022-07-19 08:46:02 +02:00
9c2a97263a web: bump @babel/core from 7.18.6 to 7.18.9 in /web (#3276) 2022-07-19 08:45:35 +02:00
345504c1a4 web: bump @babel/preset-env from 7.18.6 to 7.18.9 in /web (#3279) 2022-07-19 08:45:00 +02:00
549f6f2077 providers/oauth2: correctly log authenticated user for OAuth views using protected_resource_view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-18 22:20:09 +02:00
35c6decc75 web: bump @sentry/tracing from 7.6.0 to 7.7.0 in /web (#3266)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.6.0 to 7.7.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.6.0...7.7.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 10:49:46 +02:00
b3abeb78ff website: bump react-toggle from 4.1.2 to 4.1.3 in /website (#3263)
Bumps [react-toggle](https://github.com/aaronshaf/react-toggle) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/aaronshaf/react-toggle/releases)
- [Changelog](https://github.com/aaronshaf/react-toggle/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aaronshaf/react-toggle/commits)

---
updated-dependencies:
- dependency-name: react-toggle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 10:48:59 +02:00
0562a1ad42 web: bump @sentry/browser from 7.6.0 to 7.7.0 in /web (#3264)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.6.0 to 7.7.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.6.0...7.7.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 10:48:50 +02:00
febb0920fd web: bump rollup from 2.76.0 to 2.77.0 in /web (#3265)
Bumps [rollup](https://github.com/rollup/rollup) from 2.76.0 to 2.77.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.76.0...v2.77.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 10:48:40 +02:00
549662beb0 web: bump eslint from 8.19.0 to 8.20.0 in /web (#3267)
Bumps [eslint](https://github.com/eslint/eslint) from 8.19.0 to 8.20.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.19.0...v8.20.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 10:48:28 +02:00
1ea4440c5d core: bump sentry-sdk from 1.7.1 to 1.7.2 (#3268)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.7.1...1.7.2)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 10:48:19 +02:00
787abdff5b core: bump pylint from 2.14.4 to 2.14.5 (#3269)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.14.4 to 2.14.5.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.4...v2.14.5)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 09:29:57 +02:00
2237807241 core: bump github.com/go-openapi/strfmt from 0.21.2 to 0.21.3 (#3270)
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.21.2 to 0.21.3.
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.21.2...v0.21.3)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-18 09:29:43 +02:00
e9d9d658c4 lifecycle: make worker wait for migrations to be done (#3254)
* lifecycle: make worker wait for migrations to be done

* retry managed reconcile task
2022-07-15 19:44:45 +02:00
e704092d19 website: bump @docusaurus/plugin-client-redirects from 2.0.0-beta.22 to 2.0.0-rc.1 in /website (#3260)
website: bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.22 to 2.0.0-rc.1.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-rc.1/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-15 09:16:08 +02:00
305f72c197 website: bump @docusaurus/preset-classic from 2.0.0-beta.22 to 2.0.0-rc.1 in /website (#3259) 2022-07-15 09:01:28 +02:00
fb6b6b4476 ci: bump actions/setup-node from 3.4.0 to 3.4.1 (#3261) 2022-07-15 09:00:44 +02:00
791cc74dbb core: bump golang from 1.18.3-bullseye to 1.18.4-bullseye (#3255)
Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-14 10:17:48 +02:00
41f139589c core: bump webauthn from 1.5.2 to 1.6.0 (#3256)
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v1.5.2...v1.6.0)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-14 10:16:14 +02:00
df24e3020b core: bump sentry-sdk from 1.7.0 to 1.7.1 (#3257) 2022-07-14 09:12:58 +02:00
e44c716cbe website/integrations: add note for rancher idp initiated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-13 23:14:01 +02:00
d35302923d core: bump coverage from 6.4.1 to 6.4.2 (#3251)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.4.1...6.4.2)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-13 21:06:06 +02:00
4d928368bc core: bump channels-redis from 3.4.0 to 3.4.1 (#3252)
Bumps [channels-redis](https://github.com/django/channels_redis) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/django/channels_redis/releases)
- [Changelog](https://github.com/django/channels_redis/blob/main/CHANGELOG.txt)
- [Commits](https://github.com/django/channels_redis/compare/3.4.0...3.4.1)

---
updated-dependencies:
- dependency-name: channels-redis
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-13 09:59:52 +02:00
c055d7a470 web: bump @typescript-eslint/parser from 5.30.5 to 5.30.6 in /web (#3244) 2022-07-12 09:22:46 +02:00
9e1b49e181 web: bump @typescript-eslint/eslint-plugin from 5.30.5 to 5.30.6 in /web (#3245) 2022-07-12 09:21:29 +02:00
db6a9ede1b ci: bump actions/setup-node from 3.3.0 to 3.4.0 (#3247) 2022-07-12 09:21:16 +02:00
86df0a448e core: bump sentry-sdk from 1.6.0 to 1.7.0 (#3246) 2022-07-12 09:20:42 +02:00
5ec052bd92 website/integrations: Node-Red integration with openidconnect (#3221)
* add Node-Red integration doc

* Node-Red Protocol settings + linting fixes
2022-07-11 10:59:57 +02:00
6f7984d05a website: bump @docusaurus/plugin-client-redirects from 2.0.0-beta.21 to 2.0.0-beta.22 in /website (#3239)
website: bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.21 to 2.0.0-beta.22.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.22/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-11 09:35:15 +02:00
f6d64d1d4b website: bump @docusaurus/preset-classic from 2.0.0-beta.21 to 2.0.0-beta.22 in /website (#3242)
website: bump @docusaurus/preset-classic in /website

Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.21 to 2.0.0-beta.22.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.22/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-11 09:34:12 +02:00
ef0c7a5a57 web: bump @sentry/browser from 7.5.1 to 7.6.0 in /web (#3238)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.5.1 to 7.6.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.5.1...7.6.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-11 09:33:52 +02:00
34dfbf8e9e web: bump @sentry/tracing from 7.5.1 to 7.6.0 in /web (#3240)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.5.1 to 7.6.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.5.1...7.6.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-11 09:31:41 +02:00
71d38e6fd0 web: bump rollup from 2.75.7 to 2.76.0 in /web (#3241) 2022-07-11 09:27:53 +02:00
9a9ba2560b core: delete expired models when filtering instead of excluding them
closes #3233

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-09 13:40:39 +02:00
2432e51970 web/elements: improve contrast for codemirror backgrounds
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-08 22:58:39 +02:00
47434cd62d stages/prompt: try to base64 decode file, fallback to keeping value as-is
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-08 22:45:31 +02:00
ff500b44a6 stages/prompt: force required to false when using readonlyfield
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-08 22:38:37 +02:00
4c14c7f3a4 web: bump @sentry/browser from 7.5.0 to 7.5.1 in /web (#3230) 2022-07-07 09:44:22 +02:00
019c4bf182 web: bump @sentry/tracing from 7.5.0 to 7.5.1 in /web (#3231) 2022-07-07 09:27:17 +02:00
2cbc291f04 core: bump goauthentik.io/api/v3 from 3.2022071.2 to 3.2022072.1 (#3232) 2022-07-07 09:27:01 +02:00
5197a3a461 web: bump moment from 2.29.3 to 2.29.4 in /web (#3226)
Bumps [moment](https://github.com/moment/moment) from 2.29.3 to 2.29.4.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.3...2.29.4)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-06 22:18:05 +02:00
52be87785f web: Update Web API Client version (#3227)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-06 22:07:21 +02:00
8e19fb3a8c release: 2022.7.2 2022-07-06 20:31:48 +02:00
0448dcf655 website/docs: prepare 2022.7.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-06 19:17:15 +02:00
b8f74ab9e7 website: bump clsx from 1.2.0 to 1.2.1 in /website (#3222)
Bumps [clsx](https://github.com/lukeed/clsx) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/lukeed/clsx/releases)
- [Commits](https://github.com/lukeed/clsx/compare/v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: clsx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-06 09:54:12 +02:00
501ce5cebb core: bump goauthentik.io/api/v3 from 3.2022071.1 to 3.2022071.2 (#3223)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022071.1 to 3.2022071.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022071.1...v3.2022071.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-06 09:54:02 +02:00
b896ca7ef6 web: fix locale erroring with no pre-hydrated locale setting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-06 09:53:46 +02:00
d497db3010 flows: fix OOB flow incorrectly setting pending user
closes #3224

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-06 09:51:20 +02:00
24f95fdeaa tenants: fix tests for current tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-05 23:47:49 +02:00
d1c4818724 policies: improve api test coverage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-05 23:20:48 +02:00
9f736a9d99 web: Update Web API Client version (#3220)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-05 23:13:56 +02:00
49cce6a968 stages/prompt: add basic file field (#3156)
add basic file field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-05 23:09:41 +02:00
713337130b web: Update Web API Client version (#3219)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-05 23:08:14 +02:00
0a73e7ac9f tenants: add default_locale read only field, pre-hydrate in flows and read in autodetect as first choice
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-05 23:04:25 +02:00
3344af72c2 outposts: cleanup user handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-05 22:41:19 +02:00
41eb44137e internal: remove pkg/errors 2022-07-05 20:26:33 +00:00
94a9667d86 web: bump @formatjs/intl-listformat from 7.0.2 to 7.0.3 in /web (#3216) 2022-07-05 09:09:49 +02:00
8b56a7defb core: bump django-silk from 5.0.0 to 5.0.1 (#3217) 2022-07-05 09:09:36 +02:00
5a4b9b4239 core: bump goauthentik.io/api/v3 from 3.2022063.5 to 3.2022071.1 (#3218) 2022-07-05 09:09:24 +02:00
f37308461c web: bump @typescript-eslint/eslint-plugin from 5.30.4 to 5.30.5 in /web (#3213)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.30.4 to 5.30.5.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.30.5/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 22:00:37 +02:00
9721098178 web: bump @sentry/browser from 7.4.1 to 7.5.0 in /web (#3215)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.4.1 to 7.5.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.4.1...7.5.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 22:00:24 +02:00
0ca5e67dad web: bump rapidoc from 9.3.2 to 9.3.3 in /web (#3212)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.3.2 to 9.3.3.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.3.2...v9.3.3)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 22:00:11 +02:00
da94564d5e web: bump @jackfranklin/rollup-plugin-markdown from 0.3.0 to 0.4.0 in /web (#3209)
web: bump @jackfranklin/rollup-plugin-markdown in /web

Bumps @jackfranklin/rollup-plugin-markdown from 0.3.0 to 0.4.0.

---
updated-dependencies:
- dependency-name: "@jackfranklin/rollup-plugin-markdown"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 21:59:57 +02:00
1f33237659 web: bump @typescript-eslint/parser from 5.30.4 to 5.30.5 in /web (#3214)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.30.4 to 5.30.5.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.30.5/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 21:59:27 +02:00
62e5979c13 web: bump @sentry/tracing from 7.4.1 to 7.5.0 in /web (#3208)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.4.1 to 7.5.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.4.1...7.5.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 21:59:10 +02:00
8a1e18e087 website: bump rapidoc from 9.3.2 to 9.3.3 in /website (#3210)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.3.2 to 9.3.3.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.3.2...v9.3.3)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 21:58:19 +02:00
a951daddce web: Update Web API Client version (#3211)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-04 21:58:06 +02:00
690f6d444a Merge branch 'version-2022.7' 2022-07-04 21:26:47 +02:00
b733930745 website/docs: add 2022.7 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-04 21:14:49 +02:00
f316a3000b release: 2022.7.1 2022-07-04 21:10:20 +02:00
ddae9dc6e1 Revert "web: manage version via package.json"
This reverts commit 022401b60e.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/api/Sentry.ts
#	web/src/api/Users.ts
2022-07-04 21:10:16 +02:00
0348d6558a web: Update Web API Client version (#3207)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-07-04 20:15:28 +02:00
6a497b32f6 core: use Exception for fallback case in flow_manager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-04 20:05:03 +02:00
47acc0ea90 core: bump django from 4.0.5 to 4.0.6 (#3206)
Bumps [django](https://github.com/django/django) from 4.0.5 to 4.0.6.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/4.0.5...4.0.6)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 12:47:58 +00:00
967c952a4a web: bump @typescript-eslint/eslint-plugin from 5.30.0 to 5.30.4 in /web (#3200)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.30.0 to 5.30.4.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.30.4/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 09:40:16 +02:00
b648d159dd website: bump clsx from 1.1.1 to 1.2.0 in /website (#3199)
Bumps [clsx](https://github.com/lukeed/clsx) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/lukeed/clsx/releases)
- [Commits](https://github.com/lukeed/clsx/compare/v1.1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: clsx
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 09:39:14 +02:00
aecd9387d9 web: bump @typescript-eslint/parser from 5.30.0 to 5.30.4 in /web (#3201)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.30.0 to 5.30.4.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.30.4/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 09:38:51 +02:00
6e8a5e1426 web: bump eslint from 8.18.0 to 8.19.0 in /web (#3202)
Bumps [eslint](https://github.com/eslint/eslint) from 8.18.0 to 8.19.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.18.0...v8.19.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 09:38:38 +02:00
607899be56 core: bump goauthentik.io/api/v3 from 3.2022063.4 to 3.2022063.5 (#3204)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022063.4 to 3.2022063.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022063.4...v3.2022063.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 09:38:30 +02:00
5a92a8639a core: bump lxml from 4.9.0 to 4.9.1 (#3203)
Bumps [lxml](https://github.com/lxml/lxml) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.9.0...lxml-4.9.1)

---
updated-dependencies:
- dependency-name: lxml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-04 09:38:14 +02:00
4cd629b5fc core: handle FlowNonApplicableException correctly in source flow_manager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-03 22:03:03 +02:00
6020736430 website/docs: update 2022.7
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-03 21:39:59 +02:00
14a4047bdd flows: show messages from ak_message when flow is denied
fallback to same generic message

closes #3197

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-03 21:36:13 +02:00
23c1e22a04 web/elements: auto-switch themes for codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 23:07:09 +02:00
2a2ae4bc4f web/admin: default to users path in sidebar link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 22:53:16 +02:00
5f4812e1d0 website/docs: fix Minor typo (#3196)
Signed-off-by: Stratos Gerakakis <stratos@gerakakis.net>
2022-07-02 19:48:53 +02:00
3ab475d916 website/docs: add snippet to skip authenticated flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 18:41:16 +02:00
453d64eea5 web: Update Web API Client version (#3195) 2022-07-02 17:44:59 +02:00
17d33f4b19 flows: denied action (#3194) 2022-07-02 17:37:57 +02:00
c39a5933e1 core: create FlowToken instead of regular token for generated recovery links (#3193)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2749
2022-07-02 14:17:41 +02:00
a9636b5727 website/docs: fix configuration item headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-02 13:01:40 +02:00
5e3f44dd87 flows: add shortcut to redirect current flow (#3192) 2022-07-01 23:19:41 +02:00
1c64616ebd sources/ldap: add configuration for LDAP Source ciphers
closes #3110

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:53:49 +02:00
23273f53cc providers/oauth2: if no scopes are sent in authorize request, select all configured scopes
closes #3112

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:45:26 +02:00
d11ce0a86e providers/proxy: set default scopes based on managed attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 18:26:49 +02:00
766ceda57a core: re-create anonymous user when repairing permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 17:20:06 +02:00
eb633c607e internal: fix nil pointer reference
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 17:02:53 +02:00
c72d56d02d web: use full import paths for dynamic imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 16:56:23 +02:00
e758c434ea web: ignore module load errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 16:49:37 +02:00
90e3ae9457 *: define prometheus metrics in apps to prevent re-import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 16:49:24 +02:00
0e825ffcfd root: add vscode tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 16:10:08 +02:00
8a19c71f62 web: bump @sentry/browser from 7.3.1 to 7.4.1 in /web (#3191)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.3.1 to 7.4.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.3.1...7.4.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-01 16:04:03 +02:00
5a7eff041a web: bump @sentry/tracing from 7.3.1 to 7.4.1 in /web (#3190)
* ci: add custom dependabot commit messages

* web: bump @sentry/tracing from 7.3.1 to 7.4.1 in /web

Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.3.1 to 7.4.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.3.1...7.4.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-01 16:02:23 +02:00
552459834a ci: add custom dependabot commit messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 15:50:37 +02:00
cc6325bf6a build(deps): bump codemirror from 5.65.6 to 6.0.1 in /web (#3188)
* build(deps): bump codemirror from 5.65.6 to 6.0.1 in /web

Bumps [codemirror](https://github.com/codemirror/basic-setup) from 5.65.6 to 6.0.1.
- [Release notes](https://github.com/codemirror/basic-setup/releases)
- [Changelog](https://github.com/codemirror/basic-setup/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codemirror/basic-setup/commits/6.0.1)

---
updated-dependencies:
- dependency-name: codemirror
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* upgrade

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 15:46:27 +02:00
9597ea9e1f build(deps): bump @patternfly/patternfly from 4.196.7 to 4.202.1 in /web (#3187)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 09:42:52 +02:00
69b5670659 build(deps): bump goauthentik.io/api/v3 from 3.2022063.3 to 3.2022063.4 (#3189) 2022-07-01 09:20:39 +02:00
56fd436e5d web: fix redirect when accessing authentik URLs authenticated
closes #3174

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-30 23:04:39 +02:00
b7558ae28c web: Update Web API Client version (#3186)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-30 22:26:52 +02:00
ea60c389be providers/saml: include SSO Binding URLs in Provider API
closes #3179

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-30 22:18:21 +02:00
f6042f29f6 website/docs: add notice to use in-cluster service for nginx forward auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-30 21:33:47 +02:00
983882f5a0 providers/oauth2: ensure refresh tokens are URL safe
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3185
2022-06-30 12:43:08 +02:00
a6d3fd92df web/elements: fix ak-wizard-page-form not setting valid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-30 12:37:10 +02:00
96f39904b8 build(deps): bump lit from 2.2.6 to 2.2.7 in /web (#3181)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.7/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-30 10:08:29 +02:00
ee347aa7ef build(deps-dev): bump pylint from 2.14.3 to 2.14.4 (#3182)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.14.3 to 2.14.4.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.3...v2.14.4)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-30 10:08:13 +02:00
6437334e67 build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (#3183)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-30 10:05:46 +02:00
2f57d7f427 web/admin: fix wizard type selection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-29 21:45:38 +02:00
sev
db07f564aa website/docs: expand nginx reverse-proxy setup (#3079)
* website/docs: expand nginx reverse-proxy setup

* website/docs: simplify reverse-proxy config

Combine location blocks and remove documentstion links, they were not doing much.
2022-06-29 15:02:59 +00:00
d1479a1b16 web: improve detection for locales
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3163
2022-06-29 11:15:44 +02:00
4d80e207da build(deps): bump @sentry/browser from 7.3.0 to 7.3.1 in /web (#3176) 2022-06-29 09:20:48 +02:00
e7be7ac9b4 build(deps): bump @sentry/tracing from 7.3.0 to 7.3.1 in /web (#3177) 2022-06-29 09:11:37 +02:00
e0954c0f89 build(deps): bump ua-parser from 0.10.0 to 0.15.0 (#3178) 2022-06-29 09:11:22 +02:00
7ae061909c build(deps): bump @babel/preset-env from 7.18.2 to 7.18.6 in /web (#3170)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.18.2 to 7.18.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.6/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 09:29:19 +02:00
45a806f46b build(deps): bump @babel/plugin-proposal-decorators from 7.18.2 to 7.18.6 in /web (#3166)
build(deps): bump @babel/plugin-proposal-decorators in /web

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.18.2 to 7.18.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.6/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 09:28:46 +02:00
feb6b07657 build(deps): bump @babel/plugin-transform-runtime from 7.18.5 to 7.18.6 in /web (#3169)
build(deps): bump @babel/plugin-transform-runtime in /web

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.18.5 to 7.18.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.6/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 09:28:05 +02:00
1d98582d29 build(deps): bump @babel/preset-typescript from 7.17.12 to 7.18.6 in /web (#3168)
build(deps): bump @babel/preset-typescript in /web

Bumps [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) from 7.17.12 to 7.18.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.6/packages/babel-preset-typescript)

---
updated-dependencies:
- dependency-name: "@babel/preset-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 09:27:57 +02:00
06663edba2 build(deps): bump @babel/core from 7.18.5 to 7.18.6 in /web (#3165)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.18.5 to 7.18.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.6/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 09:27:47 +02:00
de0d1dc94d build(deps): bump @typescript-eslint/parser from 5.29.0 to 5.30.0 in /web (#3167)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.29.0 to 5.30.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.30.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-28 09:27:37 +02:00
1652ea25e4 build(deps): bump @typescript-eslint/eslint-plugin from 5.29.0 to 5.30.0 in /web (#3164) 2022-06-28 09:00:22 +02:00
d794e3055c build(deps-dev): bump django-silk from 4.4.0 to 5.0.0 (#3171) 2022-06-28 08:58:47 +02:00
a92c68ac85 build(deps-dev): bump black from 22.3.0 to 22.6.0 (#3172) 2022-06-28 08:58:26 +02:00
dd41789230 build(deps): bump uvicorn from 0.18.1 to 0.18.2 (#3173) 2022-06-28 08:57:35 +02:00
022401b60e web: manage version via package.json
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-27 21:31:54 +02:00
ef218ff1ff website/docs: update 2022.7 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-27 21:12:36 +02:00
f933bf2f40 build(deps): bump @sentry/browser from 7.2.0 to 7.3.0 in /web (#3157) 2022-06-27 09:02:32 +02:00
4fc761adea build(deps): bump @rollup/plugin-commonjs from 22.0.0 to 22.0.1 in /web (#3159) 2022-06-27 09:01:52 +02:00
d11c214d32 build(deps): bump goauthentik.io/api/v3 from 3.2022063.1 to 3.2022063.3 (#3162) 2022-06-27 09:01:36 +02:00
ffbbe5ca5f build(deps): bump @sentry/tracing from 7.2.0 to 7.3.0 in /web (#3158) 2022-06-27 09:01:03 +02:00
8582091219 build(deps): bump channels from 3.0.4 to 3.0.5 (#3160) 2022-06-27 09:00:37 +02:00
28c8eb3ee6 build(deps-dev): bump importlib-metadata from 4.11.4 to 4.12.0 (#3161) 2022-06-27 09:00:26 +02:00
3a00a5ac3d website/docs: cleanup vikunja docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-26 18:29:17 +02:00
20035e0f1b ci: only hash web source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-26 18:18:36 +02:00
67021b0e7c web: Update Web API Client version (#3155)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-26 17:55:46 +02:00
c5a2831665 api: add basic jwt support with required scope (#2624)
* api: add basic jwt support with required scope

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: only set auth_via when actually authenticating via token

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* save consented permissions in user consent, re-prompt when new permissions are required

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update locale

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* translate special scope map

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more api auth tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* build web api in e2e tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* link generated client instead of copying

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-26 17:51:15 +02:00
768f073e49 web: Update Web API Client version (#3152)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-26 00:51:38 +02:00
504338ea66 web/admin: application wizard (part 1) (#2745)
* initial

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove log

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* start oauth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use form for all type wizard pages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more oauth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* basic wizard actions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make resets work

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add hint in provider wizard

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* render correct icon in empty state in table page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* improve empty state

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more pages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add group PK to service account creation response

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use wizard-level isValid prop

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* re-add old buttons

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-26 00:46:40 +02:00
a8c04f96d2 web: use absolute imports with path rewrite instead of relative imports (#3149) 2022-06-25 17:44:17 +02:00
340faf5341 lifecycle: Update postgres healthcheck for compose with user information (#3143)
Update postgres healthcheck with user information
2022-06-24 12:02:05 +02:00
a76c39aff9 build(deps-dev): bump selenium from 4.2.0 to 4.3.0 (#3144) 2022-06-24 08:19:42 +02:00
bb728a53cc build(deps): bump uvicorn from 0.17.6 to 0.18.1 (#3145) 2022-06-24 08:19:31 +02:00
5c28a7dd44 build(deps): bump github.com/stretchr/testify from 1.7.4 to 1.7.5 (#3146) 2022-06-24 07:59:51 +02:00
e1efb47543 web/flows: statically import webauthn-related stages for safari issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-23 19:26:31 +02:00
e50a296a18 build(deps): bump @lingui/core from 3.13.3 to 3.14.0 in /web (#3136)
Bumps [@lingui/core](https://github.com/lingui/js-lingui) from 3.13.3 to 3.14.0.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.3...v3.14.0)

---
updated-dependencies:
- dependency-name: "@lingui/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:48:02 +02:00
e211265c30 build(deps): bump @lingui/cli from 3.13.3 to 3.14.0 in /web (#3137)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.13.3 to 3.14.0.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.3...v3.14.0)

---
updated-dependencies:
- dependency-name: "@lingui/cli"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:46:23 +02:00
1f143a24db build(deps): bump @lingui/macro from 3.13.3 to 3.14.0 in /web (#3138)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.13.3 to 3.14.0.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.3...v3.14.0)

---
updated-dependencies:
- dependency-name: "@lingui/macro"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:46:07 +02:00
48f490b810 build(deps): bump sentry-sdk from 1.5.12 to 1.6.0 (#3140)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.12 to 1.6.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.12...1.6.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:45:39 +02:00
aed382de0c build(deps): bump pycryptodome from 3.14.1 to 3.15.0 (#3141)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.14.1 to 3.15.0.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.14.1...v3.15.0)

---
updated-dependencies:
- dependency-name: pycryptodome
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:45:27 +02:00
8ecf40a58b build(deps): bump kubernetes from 23.6.0 to 24.2.0 (#3142)
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 23.6.0 to 24.2.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-client/python/compare/v23.6.0...v24.2.0)

---
updated-dependencies:
- dependency-name: kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:45:10 +02:00
aca3c75e17 build(deps): bump @lingui/detect-locale from 3.13.3 to 3.14.0 in /web (#3139)
Bumps [@lingui/detect-locale](https://github.com/lingui/js-lingui) from 3.13.3 to 3.14.0.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.3...v3.14.0)

---
updated-dependencies:
- dependency-name: "@lingui/detect-locale"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-23 09:44:51 +02:00
f28509608b core: mark session as modified instead of saving it directly to bump expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-22 08:48:14 +02:00
ff6c508de7 build(deps): bump geoip2 from 4.5.0 to 4.6.0 (#3133)
Bumps [geoip2](https://github.com/maxmind/GeoIP2-python) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/maxmind/GeoIP2-python/releases)
- [Changelog](https://github.com/maxmind/GeoIP2-python/blob/v4.6.0/HISTORY.rst)
- [Commits](https://github.com/maxmind/GeoIP2-python/compare/v4.5.0...v4.6.0)

---
updated-dependencies:
- dependency-name: geoip2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-22 08:32:01 +02:00
7319ea2dcf ci: add version family (#3059)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-21 23:31:27 +02:00
6a4efaecb0 website/docs: start troubleshooting page for forward auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-21 22:26:17 +02:00
29b0eae43f web/admin: only pre-select oauth2 provider key if creating a new instance
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-21 19:51:24 +02:00
9f3e742fb1 build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.4 (#3132) 2022-06-21 06:51:55 +02:00
c8e09fea33 build(deps): bump @typescript-eslint/eslint-plugin from 5.28.0 to 5.29.0 in /web (#3128) 2022-06-21 06:45:13 +02:00
437e932471 build(deps): bump goauthentik.io/api/v3 from 3.2022062.3 to 3.2022063.1 (#3131) 2022-06-21 06:44:54 +02:00
ce07d71d23 build(deps): bump codemirror from 5.65.5 to 5.65.6 in /web (#3126) 2022-06-21 06:44:31 +02:00
9815c591e0 build(deps): bump rollup from 2.75.6 to 2.75.7 in /web (#3127) 2022-06-21 06:42:43 +02:00
db7a3ab630 build(deps): bump @typescript-eslint/parser from 5.28.0 to 5.29.0 in /web (#3129) 2022-06-21 06:42:27 +02:00
3fa772c32e build(deps-dev): bump django-silk from 4.3.0 to 4.4.0 (#3130) 2022-06-21 06:42:10 +02:00
6c9dc7a15b providers/oauth2: fix OAuth form_post response mode for code response_type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3113
2022-06-20 21:52:36 +02:00
ece0429ea8 internal: failback with self-signed cert if cert for tenant fails to load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 21:26:34 +02:00
d56ddb16b1 lifecycle: fix confusing success messages in startup healthiness check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 21:26:21 +02:00
b6267fdf28 *: add versioned user agent to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-20 11:54:10 +02:00
1f190a9255 web: Update Web API Client version (#3124)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-20 10:38:37 +02:00
1f0fc0a6a2 Merge branch 'version-2022.6' 2022-06-20 10:19:25 +02:00
3ba678851e build(deps): bump @sentry/browser from 7.1.1 to 7.2.0 in /web (#3118)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.1.1 to 7.2.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.1.1...7.2.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 10:18:52 +02:00
0869ef3d0d build(deps): bump @sentry/tracing from 7.1.1 to 7.2.0 in /web (#3119)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.1.1 to 7.2.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.1.1...7.2.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 10:11:28 +02:00
91100ce1e2 build(deps): bump eslint from 8.17.0 to 8.18.0 in /web (#3120)
Bumps [eslint](https://github.com/eslint/eslint) from 8.17.0 to 8.18.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.17.0...v8.18.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 10:06:34 +02:00
a65ce47736 build(deps): bump typescript from 4.7.3 to 4.7.4 in /web (#3121)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.7.3 to 4.7.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.7.3...v4.7.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 10:05:53 +02:00
def17bbc1e build(deps-dev): bump pylint from 2.14.2 to 2.14.3 (#3122)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.14.2 to 2.14.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.2...v2.14.3)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 10:05:43 +02:00
eb7da8f414 build(deps): bump django-filter from 21.1 to 22.1 (#3123)
Bumps [django-filter](https://github.com/carltongibson/django-filter) from 21.1 to 22.1.
- [Release notes](https://github.com/carltongibson/django-filter/releases)
- [Changelog](https://github.com/carltongibson/django-filter/blob/main/CHANGES.rst)
- [Commits](https://github.com/carltongibson/django-filter/compare/21.1...22.1)

---
updated-dependencies:
- dependency-name: django-filter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 10:05:26 +02:00
9201fc1834 release: 2022.6.3 2022-06-19 22:01:06 +02:00
5385feb428 website/docs: add 2022.6.3 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:41:36 +02:00
c6f29d9eb4 website/docs: add 2022.6.3 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:41:22 +02:00
db557401aa web/admin: lint bound group under policies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:37:28 +02:00
c824af5bc3 web/elements: add spinner when loading dynamic routes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:37:22 +02:00
1faba11a57 providers/oauth2: add test to ensure capitalised redirect_uri isn't changed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3114
2022-06-19 21:37:20 +02:00
9p4
f0c72e8536 providers/oauth2: dont lowercase URL for token requests (#3114)
this was a leftover from before the migration regex checking for redirect URIs

closes #3076 and #3083
2022-06-19 21:37:17 +02:00
91f91b08e5 core: fix migrations when creating bootstrap token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:37:14 +02:00
8faa909c32 internal: fix routing to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:37:03 +02:00
49142fa80b internal: dont sample gunicorn proxied requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:57 +02:00
2a6fccd22a providers/proxy: only send misconfiguration event once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:50 +02:00
1d10afa209 website/docs: add version dropdown for subdomains
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:45 +02:00
4b7c3c38cd website/docs: support levels (#3103)
* website/docs: add badges for integration level

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add badge for sources

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:42 +02:00
440cacbafe webiste/docs: use autogenerated pages and categories (#3102)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:39 +02:00
b33bff92ee web/flows: fix error when webauthn operations failed and user retries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:28 +02:00
caed306346 providers/oauth2: if a redirect_uri cannot be parsed as regex, compare strict (#3070)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:19 +02:00
d0eb6af7e9 web/admin: remove invalid requirement for usernames
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:15 +02:00
ec5ed67f6c web/flows: add divider to identification stage for security key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:36:08 +02:00
59b899ddff internal: skip tracing for go healthcheck and metrics endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:48 +02:00
85784f796c root: ignore healthcheck routes in sentry tracing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:46 +02:00
4c0e19cbea web/flows: remove autofocus from password field of identifications tage
closes #2561

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:43 +02:00
b42eb9464f lifecycle: run bootstrap tasks inline when using automated install
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:33 +02:00
6559fdee15 stages/authenticator_validate: add webauthn tests (#3069)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:23 +02:00
3455bf3d27 policies: consolidate log user and application
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:35:04 +02:00
0d96e68c1e core: add limit of 20 to group recursion
closes #3116

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:24:57 +02:00
29d3db5112 web/admin: lint bound group under policies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-19 21:22:47 +02:00
cdf88e4477 web/elements: add spinner when loading dynamic routes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-18 13:36:18 +02:00
7caac1d0c7 providers/oauth2: add test to ensure capitalised redirect_uri isn't changed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3114
2022-06-18 13:13:36 +02:00
9p4
45364d6553 providers/oauth2: dont lowercase URL for token requests (#3114)
this was a leftover from before the migration regex checking for redirect URIs

closes #3076 and #3083
2022-06-18 13:08:15 +02:00
2298eb124f core: fix migrations when creating bootstrap token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-17 10:10:04 +02:00
6dff1f8e5e build(deps-dev): bump prettier from 2.7.0 to 2.7.1 in /website (#3107)
Bumps [prettier](https://github.com/prettier/prettier) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.7.0...2.7.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-17 09:38:57 +02:00
a944701f3a build(deps): bump prettier from 2.7.0 to 2.7.1 in /web (#3108)
Bumps [prettier](https://github.com/prettier/prettier) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.7.0...2.7.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-17 09:38:46 +02:00
23866fe459 build(deps): bump colorama from 0.4.4 to 0.4.5 (#3109)
Bumps [colorama](https://github.com/tartley/colorama) from 0.4.4 to 0.4.5.
- [Release notes](https://github.com/tartley/colorama/releases)
- [Changelog](https://github.com/tartley/colorama/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tartley/colorama/compare/0.4.4...0.4.5)

---
updated-dependencies:
- dependency-name: colorama
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-17 09:38:37 +02:00
0a83b04419 internal: fix routing to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-16 17:05:27 +02:00
e6ecdf8b1d website/admin: add missing description for user_write path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-16 16:59:56 +02:00
2d48fe42f4 internal: dont sample gunicorn proxied requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-16 11:32:21 +02:00
5894ccdaf2 build(deps): bump goauthentik.io/api/v3 from 3.2022062.2 to 3.2022062.3 (#3106)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022062.2 to 3.2022062.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022062.2...v3.2022062.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-16 10:36:50 +02:00
79bec6f6b2 providers/proxy: only send misconfiguration event once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-16 10:32:34 +02:00
9610f96c11 build(deps-dev): bump pylint from 2.14.1 to 2.14.2 (#3105) 2022-06-16 09:58:29 +02:00
36a326cd81 website/docs: add version dropdown for subdomains
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 21:43:44 +02:00
c0c222a0b8 website/docs: support levels (#3103)
* website/docs: add badges for integration level

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add badge for sources

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 21:31:34 +02:00
e17f7020e6 webiste/docs: use autogenerated pages and categories (#3102)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 20:56:27 +02:00
6d9579d3e6 web/elements: rework treeview parents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 20:06:01 +02:00
9f15ee8cb8 web/elements: fix child items not having a parent set causing wrong paths
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 14:25:01 +02:00
e892ed14da providers/oauth2: include source's user path in M2M created users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 14:07:28 +02:00
093a67525a web: Update Web API Client version (#3101)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-15 12:24:22 +02:00
1c62a3db6e core: user paths (#3085)
* init

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add user_path_template

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add to sources and flow

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add outposts & api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* dark theme for treeview

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add search

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs and tests for validation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add to user write stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: improve error handling

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-15 12:12:26 +02:00
c4b4c7134d build(deps): bump lit from 2.2.5 to 2.2.6 in /web (#3095)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.6/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-15 09:45:27 +02:00
82cb6d41b8 build(deps): bump prettier from 2.6.2 to 2.7.0 in /web (#3097)
Bumps [prettier](https://github.com/prettier/prettier) from 2.6.2 to 2.7.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.6.2...2.7.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-15 09:45:18 +02:00
423380d987 build(deps-dev): bump prettier from 2.6.2 to 2.7.0 in /website (#3096)
Bumps [prettier](https://github.com/prettier/prettier) from 2.6.2 to 2.7.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.6.2...2.7.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-15 09:45:11 +02:00
175d97fdcf build(deps): bump helm/kind-action from 1.2.0 to 1.3.0 (#3098)
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](https://github.com/helm/kind-action/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: helm/kind-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-15 09:45:01 +02:00
5dbbf970b0 build(deps): bump @typescript-eslint/eslint-plugin from 5.27.1 to 5.28.0 in /web (#3089)
build(deps): bump @typescript-eslint/eslint-plugin in /web

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.27.1 to 5.28.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.28.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-14 09:50:03 +02:00
1541d477af build(deps): bump @babel/plugin-transform-runtime from 7.18.2 to 7.18.5 in /web (#3088)
build(deps): bump @babel/plugin-transform-runtime in /web

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.18.2 to 7.18.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.5/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-14 09:48:51 +02:00
d745331654 build(deps): bump @babel/core from 7.18.2 to 7.18.5 in /web (#3090)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.18.2 to 7.18.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.5/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-14 09:48:37 +02:00
defbdc5068 build(deps): bump @typescript-eslint/parser from 5.27.1 to 5.28.0 in /web (#3091)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.27.1 to 5.28.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.28.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-14 09:48:28 +02:00
350f0d8365 build(deps): bump goauthentik.io/api/v3 from 3.2022062.1 to 3.2022062.2 (#3082)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022062.1 to 3.2022062.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022062.1...v3.2022062.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 09:35:15 +02:00
b5c93fb3e3 build(deps): bump @rollup/plugin-typescript from 8.3.2 to 8.3.3 in /web (#3081)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript) from 8.3.2 to 8.3.3.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/typescript-v8.3.3/packages/typescript)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 09:35:05 +02:00
5be45ebf8e web/flows: fix error when webauthn operations failed and user retries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-12 17:42:23 +02:00
ad8fe9fe81 website/integrations: add Sonarr Proxy Setup (#3067)
I was stuck after setting up as the guide never actually mentions you need to make the change to your reverse proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-11 19:52:22 +02:00
c2f7edaa42 web: Update Web API Client version (#3078)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-11 19:51:05 +02:00
6821402fef providers/oauth2: remove deprecated verification_keys (#3071)
remove verification_keys

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-11 19:48:07 +02:00
8dbb0bd2c6 providers/oauth2: token revoke (#3077) 2022-06-11 18:49:16 +02:00
24a21c1761 web/flows: update default flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 23:33:17 +02:00
0cad56ec73 providers/oauth2: if a redirect_uri cannot be parsed as regex, compare strict (#3070)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 23:32:57 +02:00
4d8021c403 web/admin: remove invalid requirement for usernames
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 22:59:59 +02:00
6573cbb16c web/flows: add divider to identification stage for security key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 22:50:40 +02:00
bdf76bb4b7 internal: skip tracing for go healthcheck and metrics endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 22:21:11 +02:00
74ce9cc6fd root: ignore healthcheck routes in sentry tracing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 20:10:27 +02:00
070a6d866e web/flows: remove autofocus from password field of identifications tage
closes #2561

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-10 20:02:48 +02:00
5e2d647a6c core: trigger bootstrap tasks in server if we're debugging
closes #3040

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-09 20:21:31 +02:00
7beebe030d lifecycle: run bootstrap tasks inline when using automated install
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-09 20:09:55 +02:00
66f4a31b4c stages/authenticator_validate: add webauthn tests (#3069)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-08 20:50:48 +02:00
beddd6a460 web: update sentry and remove rollup-plugin-sourcemaps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-08 20:32:56 +02:00
faec866581 build(deps): bump python from 3.10.4-slim-bullseye to 3.10.5-slim-bullseye (#3062)
build(deps): bump python

Bumps python from 3.10.4-slim-bullseye to 3.10.5-slim-bullseye.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 09:46:58 +02:00
effed50cc1 build(deps): bump rollup from 2.75.5 to 2.75.6 in /web (#3064) 2022-06-08 09:29:15 +02:00
38ad6096ad build(deps): bump goauthentik.io/api/v3 from 3.2022061.3 to 3.2022062.1 (#3066) 2022-06-08 09:28:38 +02:00
bd53042553 web: Update Web API Client version (#3061)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-07 22:30:36 +02:00
039d896dee policies: consolidate log user and application
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-07 22:26:01 +02:00
ff2baf502b release: 2022.6.2 2022-06-07 21:36:18 +02:00
3b182ca223 website/docs: add 2022.6.2 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-07 20:37:34 +02:00
8da8890a8e web: Update Web API Client version (#3058)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-07 20:20:03 +02:00
23023ec727 providers/oauth2: add JWKS URL to OAuth2ProviderSetupURLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-07 20:17:06 +02:00
7d84a71a01 stages/authenticator_validate: fix double-negation of password-less check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-07 09:52:10 +02:00
192001f193 build(deps): bump @typescript-eslint/parser from 5.27.0 to 5.27.1 in /web (#3052)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.27.0 to 5.27.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.27.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 09:28:39 +02:00
63734682d2 build(deps): bump @typescript-eslint/eslint-plugin from 5.27.0 to 5.27.1 in /web (#3053)
build(deps): bump @typescript-eslint/eslint-plugin in /web

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.27.0 to 5.27.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.27.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 09:26:44 +02:00
a0cd2d55f8 build(deps): bump @patternfly/patternfly from 4.194.4 to 4.196.7 in /web (#3054)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.194.4 to 4.196.7.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.194.4...prerelease-v4.196.7)

---
updated-dependencies:
- dependency-name: "@patternfly/patternfly"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 09:23:15 +02:00
a72c7adfc0 build(deps): bump actions/setup-node from 3.2.0 to 3.3.0 (#3055)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 09:23:06 +02:00
e88e02ec85 build(deps-dev): bump pylint from 2.14.0 to 2.14.1 (#3056)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.14.0 to 2.14.1.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.0...v2.14.1)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 09:22:58 +02:00
f7661c8bbd build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (#3057)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 09:22:46 +02:00
9add8479ca stages/authenticator_validate: fix error in passwordless webauthn
closes #3050

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-06 13:50:11 +02:00
4c39e08dd4 website/docs: fix incorrect oauth end-session URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-06 12:48:06 +02:00
44ce2ebece build(deps): bump typescript from 4.7.2 to 4.7.3 in /web (#3046) 2022-06-06 10:55:42 +02:00
f5a8859d00 build(deps): bump @formatjs/intl-listformat from 7.0.1 to 7.0.2 in /web (#3047) 2022-06-06 10:55:29 +02:00
9ef0e8bc5f build(deps): bump eslint from 8.16.0 to 8.17.0 in /web (#3048) 2022-06-06 10:55:13 +02:00
60eeafd111 build(deps): bump goauthentik.io/api/v3 from 3.2022053.4 to 3.2022061.3 (#3049) 2022-06-06 10:54:57 +02:00
6f3d6efa22 webiste/docs: Improve clarity of dev environment setup doc (#3045)
* Improve clarity of dev environment setup doc

* Requested changes and further small improvements

* I actually read the makefile this time

* Add makefile entry for building ui

* Comments

* Add documentation setup

* Move documentation setup

* Formatting
2022-06-05 23:26:08 +02:00
8d3275817b providers/ldap: fix existing binder not being carried forward correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 18:51:01 +02:00
ca40d31dac *: make user logging more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 18:50:44 +02:00
438aac8879 web: Update Web API Client version (#3043)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-05 14:37:17 +02:00
2dfa6c2c82 core: add setting to open application launch URL in a new browser tab (#3037)
* core: add setting to open application launch URL in a new browser tab

* core: fix failing applications unit tests

* core: fix formatting

* core: include models only generated when debug mode is enabled
2022-06-05 14:32:22 +02:00
c11435780d sources/oauth: fix twitter client missing basic auth
closes #3038

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 14:21:32 +02:00
ee54328589 web: Update Web API Client version (#3042) 2022-06-05 01:01:30 +02:00
817d538b8f core: add additional filters to source viewset
https://github.com/goauthentik/terraform-provider-authentik/issues/184
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 00:56:46 +02:00
210775776f core: add slug to built-in source
https://github.com/goauthentik/terraform-provider-authentik/issues/184
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 00:50:10 +02:00
2a4ce75bc4 web/elements: add error handler when table fails to fetch objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 00:46:25 +02:00
b26111fb42 events: fix error when attempting to create event with GeoIP City in context
closes #2709

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-05 00:16:07 +02:00
e30103aa9f providers/proxy: use same redirect-save code for all modes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 23:25:47 +02:00
dc9203789e web: Update Web API Client version (#3041) 2022-06-04 22:54:07 +02:00
d70ce2776f Merge branch 'version-2022.6' 2022-06-04 22:43:48 +02:00
ad7d65e903 website/docs: add 2022.6 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 22:29:59 +02:00
67d54c5209 release: 2022.6.1 2022-06-04 21:23:33 +02:00
bb244b8338 providers/ldap: fix session cache being lost on provider refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 18:03:00 +02:00
fa04883ac1 events: use custom login failed signal, also send for mfa errors, add stage and more to context (#3039)
* use custom login failed signal, also send for mfa errors, add stage and more to context

closes #3027

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* include device class in event

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 15:30:56 +02:00
6739ded5a9 root: remove flower dependency
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-04 14:22:25 +02:00
9a7e5d934e root: always set AUTHENTIK_DEBUG when generating schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#3037
2022-06-04 14:18:04 +02:00
6dc6d19d2d web: Update Web API Client version (#3036)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-06-03 19:42:42 +02:00
36cbc44ed6 migrate to main (#3035)
closes #3032

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 19:40:09 +02:00
0c591a50e3 *: don't dispatch tasks on startup of server (#3033)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 18:29:24 +02:00
7ee655a318 core: add bootstrap variables with authentik prefix for helm charts (#3031)
https://github.com/goauthentik/helm/pull/72
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 15:22:56 +02:00
8447e9b9c2 providers/proxy: envoy v2 (#3029)
* add path prefix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use prefix correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* only set redirect if session doesn't have a redirect yet

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 10:32:52 +02:00
09f92e5bad build(deps-dev): bump coverage from 6.4 to 6.4.1 (#3028)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4 to 6.4.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.4...6.4.1)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-03 09:53:42 +02:00
f9a419107a outposts/proxyv2: add basic envoy support (#3026)
* outposts/proxyv2: add basic envoy support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* don't crash when backend is not available

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add envoy tests and docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-03 00:06:09 +02:00
8f0572d11e outposts/ldap: add correct group objectClass (#3023)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2861
2022-06-02 18:48:07 +02:00
7ebf793953 Translate '/web/src/locales/en.po' in 'zh_CN' (#3024)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-06-02 18:30:38 +02:00
63783ee77b Translate '/web/src/locales/en.po' in 'zh-Hans' (#3025)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-06-02 18:30:29 +02:00
eba339ba27 core: improve loading speed of flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-02 14:20:23 +02:00
0adb5a79f6 root: update supported versions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-02 14:08:02 +02:00
fa81adf254 website/docs: Add warning for timezone mounts (#3022)
Improve documentation: #3005
2022-06-02 14:02:01 +02:00
558c7bba2a lib: add lxml wrapper
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-02 13:25:24 +02:00
8cd1a42fb9 *: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-02 11:50:10 +02:00
8cf0e78aa0 Translate '/locale/en/LC_MESSAGES/django.po' in 'ko_KR' (#3014)
Apply translations in ko_KR

translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'ko_KR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-06-02 11:16:41 +02:00
3f69a57013 Translate '/web/src/locales/en.po' in 'zh_CN' (#3017)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-06-02 11:13:45 +02:00
f7f12cab10 Translate '/web/src/locales/en.po' in 'zh-Hans' (#3018)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-06-02 11:13:37 +02:00
cacaa378c8 build(deps): bump django from 4.0.4 to 4.0.5 (#3019)
Bumps [django](https://github.com/django/django) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/4.0.4...4.0.5)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 11:13:24 +02:00
33fe85eb96 build(deps): bump golang from 1.18.2-bullseye to 1.18.3-bullseye (#3015)
Bumps golang from 1.18.2-bullseye to 1.18.3-bullseye.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 11:13:17 +02:00
a9744cbf48 build(deps-dev): bump pylint from 2.13.9 to 2.14.0 (#3020)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.9 to 2.14.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.9...v2.14.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 11:12:56 +02:00
b91d8a676c build(deps): bump goauthentik.io/api/v3 from 3.2022053.3 to 3.2022053.4 (#3021)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022053.3 to 3.2022053.4.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022053.3...v3.2022053.4)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 11:12:45 +02:00
f19cd1c003 build(deps): bump rollup from 2.75.4 to 2.75.5 in /web (#3016)
Bumps [rollup](https://github.com/rollup/rollup) from 2.75.4 to 2.75.5.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.75.4...v2.75.5)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-02 11:11:22 +02:00
65341cecd0 web: Update Web API Client version (#3013) 2022-06-01 23:23:31 +02:00
c0cb891078 stages/authenticator_sms: verify-only (#3011) 2022-06-01 23:16:28 +02:00
fc1c1a849a stages/*: use bound logger (#3012)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-01 23:01:58 +02:00
5a81ae956f build(deps): bump @sentry/browser from 6.19.4 to 7.0.0 in /web (#3008) 2022-06-01 11:15:52 +02:00
0cac034512 build(deps): bump goauthentik.io/api/v3 from 3.2022053.2 to 3.2022053.3 (#3010) 2022-06-01 09:30:54 +02:00
5666995a15 build(deps): bump country-flag-icons from 1.5.4 to 1.5.5 in /web (#3004) 2022-06-01 09:29:05 +02:00
8d3059e4f3 build(deps): bump rollup from 2.75.3 to 2.75.4 in /web (#3007) 2022-06-01 09:28:53 +02:00
a90dc34494 build(deps): bump lxml from 4.8.0 to 4.9.0 (#3009) 2022-06-01 09:28:44 +02:00
2c6d82593e root: cleanup session keys to use common format (#3003)
cleanup session keys to use common format

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-31 21:53:23 +02:00
34bcc2df1a root: disable session_save_every_request as it overwrites the session with old data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2991
2022-05-31 20:46:27 +02:00
c00f2907ea web/elements: fix top-right dialog close button not resetting form
closes #2990

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-31 19:28:18 +02:00
b4d528a789 policies: fix incorrect bound_to count
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-31 10:16:09 +02:00
d9172cb296 Revert "build(deps): bump @sentry/browser from 6.19.4 to 7.0.0 in /web (#3002)"
This reverts commit 9c6be60ad9.
2022-05-31 10:10:57 +02:00
bee36cde59 Revert "build(deps): bump @sentry/tracing from 6.19.4 to 7.0.0 in /web (#2997)"
This reverts commit 7171706d7f.
2022-05-31 10:10:54 +02:00
d4e7d9d64a Translate '/web/src/locales/en.po' in 'zh_CN' (#2995)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-31 09:53:15 +02:00
7b0265207a Translate '/web/src/locales/en.po' in 'zh-Hans' (#2996)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-31 09:53:05 +02:00
7c076579fd build(deps): bump @typescript-eslint/parser from 5.26.0 to 5.27.0 in /web (#3000)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.26.0 to 5.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.27.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 09:50:32 +02:00
7171706d7f build(deps): bump @sentry/tracing from 6.19.4 to 7.0.0 in /web (#2997)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.19.4 to 7.0.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.4...7.0.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 09:50:20 +02:00
9cd46ecbeb build(deps): bump codemirror from 5.65.4 to 5.65.5 in /web (#2998)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.65.4 to 5.65.5.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.65.4...5.65.5)

---
updated-dependencies:
- dependency-name: codemirror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 09:50:06 +02:00
5f09ba675d build(deps): bump react-feather from 2.0.9 to 2.0.10 in /website (#2999)
Bumps [react-feather](https://github.com/feathericons/react-feather) from 2.0.9 to 2.0.10.
- [Release notes](https://github.com/feathericons/react-feather/releases)
- [Commits](https://github.com/feathericons/react-feather/commits)

---
updated-dependencies:
- dependency-name: react-feather
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 09:48:32 +02:00
630b926e2a build(deps): bump @typescript-eslint/eslint-plugin from 5.26.0 to 5.27.0 in /web (#3001)
build(deps): bump @typescript-eslint/eslint-plugin in /web

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.26.0 to 5.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.27.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 09:48:12 +02:00
9c6be60ad9 build(deps): bump @sentry/browser from 6.19.4 to 7.0.0 in /web (#3002)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.19.4 to 7.0.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.4...7.0.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-31 09:48:04 +02:00
a0397fdcf4 events: set default transport mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 21:32:48 +02:00
59e13e8026 website/docs: update docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 21:26:29 +02:00
374b51e956 web: Update Web API Client version (#2993)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-30 20:58:21 +02:00
8faa1bf865 events: add local transport mode (#2992)
* events: add local transport mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add default local transport

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 20:55:05 +02:00
fc75867218 events: ignore session model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-30 20:23:07 +02:00
6d94c2c925 build(deps): bump @docusaurus/preset-classic from 2.0.0-beta.20 to 2.0.0-beta.21 in /website (#2983)
build(deps): bump @docusaurus/preset-classic in /website

Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.20 to 2.0.0-beta.21.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.21/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:58:59 +02:00
eb51dd1379 build(deps): bump rollup from 2.74.1 to 2.75.3 in /web (#2981)
Bumps [rollup](https://github.com/rollup/rollup) from 2.74.1 to 2.75.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.74.1...v2.75.3)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:51:43 +02:00
13a4559c37 build(deps): bump yaml from 2.1.0 to 2.1.1 in /web (#2982)
Bumps [yaml](https://github.com/eemeli/yaml) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:51:33 +02:00
4fcf7285d7 build(deps): bump @docusaurus/plugin-client-redirects from 2.0.0-beta.20 to 2.0.0-beta.21 in /website (#2984)
build(deps): bump @docusaurus/plugin-client-redirects in /website

Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.20 to 2.0.0-beta.21.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.21/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:51:20 +02:00
0ba9f25155 build(deps-dev): bump selenium from 4.1.5 to 4.2.0 (#2985)
Bumps [selenium](https://github.com/SeleniumHQ/Selenium) from 4.1.5 to 4.2.0.
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/commits/selenium-4.2.0)

---
updated-dependencies:
- dependency-name: selenium
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:51:11 +02:00
453c751c7f build(deps): bump celery from 5.2.6 to 5.2.7 (#2986)
Bumps [celery](https://github.com/celery/celery) from 5.2.6 to 5.2.7.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.2.6...v5.2.7)

---
updated-dependencies:
- dependency-name: celery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:51:02 +02:00
d1eaaef254 build(deps): bump goauthentik.io/api/v3 from 3.2022052.6 to 3.2022053.2 (#2987)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022052.6 to 3.2022053.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022052.6...v3.2022053.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-30 09:49:18 +02:00
3eb466ff4b lifecycle: cleanup prometheus (#2972)
* remove high cardinality labels

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* retry worker number for prometheus multiprocess id

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* revert to pid, use subdirectories

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use worker id based off of https://github.com/benoitc/gunicorn/issues/1352

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing app label

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: remove static names

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 21:45:25 +02:00
9f2529c886 stages/authentiactor_validate: cookies (#2978)
* stages/authenticator_validate: rewrite to use signed jwt cookie + expiry as MFA threshold

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 19:47:34 +02:00
fb25b28976 core: db sessions (#2979)
* use db session backend

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: wrap session cookie in JWT and add useful claims

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix compatibility with tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use standard session key for writing in sessions too

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-29 18:58:54 +02:00
612163b82f Translate '/web/src/locales/en.po' in 'zh_CN' (#2976)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-28 23:27:58 +02:00
3c43690a96 Translate '/web/src/locales/en.po' in 'zh-Hans' (#2977)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-28 23:27:45 +02:00
dd74565c7b web: Update Web API Client version (#2975)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-28 21:32:01 +02:00
fb69f67f47 *: cleanup vendor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 21:26:33 +02:00
18b48684eb providers/oauth2: add configuration error event when wrong redirect uri is used in token request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 21:15:58 +02:00
098b0aef6e *: use create_test_admin_user for all unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 21:13:16 +02:00
4ed8171130 web/user: fix static prompt fields being rendered with label
closes #2584

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 20:05:43 +02:00
335131affc web/user: improve ux for restarting user settings flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-28 19:07:49 +02:00
bba17a8a67 web: Update Web API Client version (#2974)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-28 13:23:01 +02:00
082df0ec51 Merge branch 'version-2022.5'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/providers/oauth2/views/token.py
#	web/src/locales/zh-Hans.po
2022-05-28 13:19:58 +02:00
1883402b3d release: 2022.5.3 2022-05-28 12:04:26 +02:00
88a8b7d2fa outposts/ldap: fix type assertion after upgrading to new API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 21:43:58 +02:00
987f03c4be website/docs: Update flow to run only during Github logins (#2959) 2022-05-27 21:43:55 +02:00
1b3aacfa1d providers/oauth2: add migration from "*" to ".*"
closes #2970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 21:43:51 +02:00
a03dde8a90 outposts/ldap: fix type assertion after upgrading to new API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 16:36:15 +02:00
5f04a187ea website/docs: Update flow to run only during Github logins (#2959) 2022-05-27 16:07:33 +02:00
2b68363452 providers/oauth2: add migration from "*" to ".*"
closes #2970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 10:23:13 +02:00
3a994ab2a4 website/docs: prepare 2022.5.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:18:02 +02:00
d7713357f4 api: migrate to openapi generator v6 (#2968)
* migrate to openapi generator v6

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* bump api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
#	go.mod
#	go.sum
2022-05-26 22:17:57 +02:00
e7c03fdb14 web/admin: add note that regex is used for redirect URIs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:17:37 +02:00
6105956847 providers/oauth2: regex-escape URLs when set to blank
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:17:34 +02:00
89028f175a website/docs: Fix misconfiguration causing POST requests behing Nginx to timeout (#2967)
* Update _nginx_proxy_manager.md

* Update _nginx_standalone.md
2022-05-26 22:17:31 +02:00
f121098957 root: Add docker-compose postgresql and redis healthchecks (#2958)
* Add healthchecks to docker compose

Add healthchecks for postgresql and redis, see als #2519

* bump docker-compose version to 3.4
2022-05-26 22:17:10 +02:00
4ff32af343 flows: fix flakiness in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:17:03 +02:00
972868c15c providers/oauth2: only set expiry on user when it was freshly created
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:55 +02:00
0bc57f571b api: update API browser to match admin UI and auto-switch theme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:34 +02:00
9de5b6f93e build(deps): bump rapidoc from 9.2.0 to 9.3.2 in /web (#2957)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.2.0 to 9.3.2.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.2.0...v9.3.2)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 22:16:34 +02:00
acf1ded1d4 website/docs: prepare 2022.5.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 22:16:07 +02:00
a286f999e2 api: migrate to openapi generator v6 (#2968)
* migrate to openapi generator v6

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* bump api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 15:15:30 +02:00
4b6c1da51d web/admin: add note that regex is used for redirect URIs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 12:52:56 +02:00
a81d5a3d41 providers/oauth2: regex-escape URLs when set to blank
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 12:52:56 +02:00
4d17111233 website/docs: Fix misconfiguration causing POST requests behing Nginx to timeout (#2967)
* Update _nginx_proxy_manager.md

* Update _nginx_standalone.md
2022-05-26 11:52:57 +02:00
64cb9812e0 build(deps): bump @babel/plugin-transform-runtime from 7.18.0 to 7.18.2 in /web (#2962)
build(deps): bump @babel/plugin-transform-runtime in /web

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.18.0 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:56:20 +02:00
ed037b2e3a build(deps): bump @babel/core from 7.18.0 to 7.18.2 in /web (#2963)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.18.0 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:56:10 +02:00
d2be6a8e3a root: Add docker-compose postgresql and redis healthchecks (#2958)
* Add healthchecks to docker compose

Add healthchecks for postgresql and redis, see als #2519

* bump docker-compose version to 3.4
2022-05-26 09:56:00 +02:00
a9667eb0f4 build(deps): bump chart.js from 3.7.1 to 3.8.0 in /web (#2960)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.7.1 to 3.8.0.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.7.1...v3.8.0)

---
updated-dependencies:
- dependency-name: chart.js
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:54:33 +02:00
7f3988f3c9 build(deps): bump @babel/preset-env from 7.18.0 to 7.18.2 in /web (#2961)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.18.0 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:54:23 +02:00
4c095a6f2a build(deps): bump lit from 2.2.4 to 2.2.5 in /web (#2964)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.5/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:54:07 +02:00
c10b5c3c8c build(deps): bump @babel/plugin-proposal-decorators from 7.17.12 to 7.18.2 in /web (#2965)
build(deps): bump @babel/plugin-proposal-decorators in /web

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.17.12 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:54:00 +02:00
9d920580a1 build(deps): bump github.com/imdario/mergo from 0.3.12 to 0.3.13 (#2966)
Bumps [github.com/imdario/mergo](https://github.com/imdario/mergo) from 0.3.12 to 0.3.13.
- [Release notes](https://github.com/imdario/mergo/releases)
- [Commits](https://github.com/imdario/mergo/compare/0.3.12...v0.3.13)

---
updated-dependencies:
- dependency-name: github.com/imdario/mergo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:53:51 +02:00
34ef4af799 flows: fix flakiness in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-26 09:53:40 +02:00
5da47b69dd providers/oauth2: only set expiry on user when it was freshly created
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 23:02:33 +02:00
0e0dd2437b providers/oauth2: handle attribute errors when validation JWK contains private key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 22:23:05 +02:00
e42386b150 api: update API browser to match admin UI and auto-switch theme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 20:09:29 +02:00
f21f81022e build(deps): bump rapidoc from 9.2.0 to 9.3.2 in /web (#2957)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.2.0 to 9.3.2.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.2.0...v9.3.2)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-25 10:47:58 +02:00
e73a468921 build(deps): bump rapidoc from 9.2.0 to 9.3.2 in /website (#2956)
Bumps [rapidoc](https://github.com/rapi-doc/RapiDoc) from 9.2.0 to 9.3.2.
- [Release notes](https://github.com/rapi-doc/RapiDoc/releases)
- [Commits](https://github.com/rapi-doc/RapiDoc/compare/v9.2.0...v9.3.2)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-25 10:47:49 +02:00
c0ac053380 Translate '/web/src/locales/en.po' in 'zh_CN' (#2949)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-25 10:05:33 +02:00
4e670295d1 Translate '/web/src/locales/en.po' in 'zh-Hans' (#2950)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-25 10:05:24 +02:00
8d7d8d613c build(deps): bump typescript from 4.6.4 to 4.7.2 in /web (#2953)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.6.4 to 4.7.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.6.4...v4.7.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-25 10:04:22 +02:00
4d632a8679 build(deps): bump goauthentik.io/api/v3 from 3.2022052.2 to 3.2022052.5 (#2954)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022052.2 to 3.2022052.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022052.2...v3.2022052.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-25 10:04:11 +02:00
ef219198d4 flows: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 00:05:04 +02:00
cc744dc581 flows: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-25 00:04:58 +02:00
47006fc9d2 website/docs: fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:38:15 +02:00
ada53362d5 website/docs: fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:38:02 +02:00
a03e48c5ce website/docs: prepare 2022.5.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:35:09 +02:00
816b0c7d83 flows: fix re-imports of entries with identical PK re-creating objects
closes #2941

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:35:06 +02:00
a6398f46da website/docs: prepare 2022.5.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:34:51 +02:00
56babb2649 flows: fix re-imports of entries with identical PK re-creating objects
closes #2941

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 23:32:08 +02:00
0edf4296c4 web/elements: fix used_by refreshing for all elements when using DeleteBulkForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:14:29 +02:00
b8fdda50ec ensure all viewsets have filter and search and add tests (#2946)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:13:59 +02:00
d25a051eae web/elements: fix used_by refreshing for all elements when using DeleteBulkForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:12:35 +02:00
4a9b788703 providers/oauth2: set related_name for many-to-many so used by detects the connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:12:35 +02:00
d4ef321ac2 web: Update Web API Client version (#2948)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-24 22:03:17 +02:00
80c1dbdfbb ensure all viewsets have filter and search and add tests (#2946)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 22:01:18 +02:00
b0af062d74 web: Update Web API Client version (#2945)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-24 21:04:58 +02:00
b4e75218f5 sources/oauth: OIDC well-known and JWKS (#2936)
* add initial

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* include source and jwk key id in event

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests for source

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix web formatting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add provider tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 21:02:50 +02:00
ab1840dd66 web: Update Web API Client version (#2944) 2022-05-24 20:05:06 +02:00
482491e93c core: fix username validator not allowing changes that can be done via flows
closes #2755

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 19:40:54 +02:00
2ca991ba3d website/docs: fix grammar (#2943) 2022-05-24 13:56:19 +02:00
b20c384f5a build(deps): bump @typescript-eslint/parser from 5.25.0 to 5.26.0 in /web (#2937)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.25.0 to 5.26.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.26.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-24 10:29:21 +02:00
9ce8edbcd6 build(deps): bump country-flag-icons from 1.5.2 to 1.5.4 in /web (#2938)
Bumps [country-flag-icons](https://gitlab.com/catamphetamine/country-flag-icons) from 1.5.2 to 1.5.4.
- [Release notes](https://gitlab.com/catamphetamine/country-flag-icons/tags)
- [Changelog](https://gitlab.com/catamphetamine/country-flag-icons/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/country-flag-icons/compare/v1.5.2...v1.5.4)

---
updated-dependencies:
- dependency-name: country-flag-icons
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-24 10:27:25 +02:00
cb5b2148a3 build(deps): bump @typescript-eslint/eslint-plugin from 5.25.0 to 5.26.0 in /web (#2939)
build(deps): bump @typescript-eslint/eslint-plugin in /web

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.25.0 to 5.26.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.26.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-24 10:27:14 +02:00
d5702c6282 web/admin: fix broken flow execute link (#2940) 2022-05-24 10:26:58 +02:00
61a876b582 providers/saml: handle parse error
AUTHENTIK-1K5

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 22:03:12 +02:00
8c9748e4a0 providers/oauth2: improve error handling for invalid regular expressions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:47:36 +02:00
6460245d5e website/docs: add missing docs for #2828
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:42:00 +02:00
b7979ad48e Revert "events: ignore silk SQLQuery object"
This reverts commit a26f25ccd6.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:29:05 +02:00
cbd95848e7 web: decrease elements that refresh on global refresh signal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:26:33 +02:00
4704de937a stages/user_write: fix typo in request context variable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:18:37 +02:00
394d8e99a4 policies: improve error logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:18:00 +02:00
a26f25ccd6 events: ignore silk SQLQuery object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:17:52 +02:00
94257e0f50 web/admin: refactor table refresh to preserve selected/expanded elements correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 20:07:56 +02:00
b2a42a68a4 web/admin: fix flow diagram not updating on flow changes
closes #2932

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-23 19:48:33 +02:00
7895d59da3 Translate '/web/src/locales/en.po' in 'zh_CN' (#2934)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-23 14:13:17 +02:00
b54c60d7af Translate '/web/src/locales/en.po' in 'zh-Hans' (#2935)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-23 14:13:08 +02:00
6bab3bf68e web/elements: fix missing click handler on wizard close button
closes #2931
2022-05-23 09:33:16 +00:00
fdc09c658a web/admin: fix phrasing on LDAP provider form for bind mode 2022-05-23 09:28:22 +00:00
a690a02f99 web/admin: fix display of LDAP bind mode
closes #2930
2022-05-23 09:24:57 +00:00
0e912fd647 build(deps): bump codemirror from 5.65.3 to 5.65.4 in /web (#2923) 2022-05-23 09:11:23 +02:00
27af330932 build(deps): bump eslint from 8.15.0 to 8.16.0 in /web (#2924) 2022-05-23 09:11:12 +02:00
7187d28905 build(deps): bump country-flag-icons from 1.4.26 to 1.5.2 in /web (#2925) 2022-05-23 09:10:18 +02:00
ca832b6090 build(deps-dev): bump importlib-metadata from 4.11.3 to 4.11.4 (#2926) 2022-05-23 09:10:03 +02:00
53bd6bf06e build(deps-dev): bump coverage from 6.3.3 to 6.4 (#2927) 2022-05-23 09:09:49 +02:00
813f271bdd build(deps): bump goauthentik.io/api/v3 from 3.2022041.10 to 3.2022052.2 (#2928) 2022-05-23 09:09:31 +02:00
63dc8fe7dc crypto: set SAN in default generated Certificate to semi-random domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2462
2022-05-22 23:22:06 +02:00
383f4e4dcf root: exempt question for stale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-22 22:56:29 +02:00
2896652fef web: Update Web API Client version (#2922)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-22 19:36:17 +02:00
cfe2648b62 events: fix transport not allowing blank values
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-22 19:32:58 +02:00
8d49705c87 web/admin: add set password button to user view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-22 16:46:38 +02:00
c99e6d8f2c website: fix typo in title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 19:10:16 +02:00
0996bb500c web: Update Web API Client version (#2920) 2022-05-21 18:07:18 +02:00
3d4a45c93f release: 2022.5.2 2022-05-21 17:17:21 +02:00
0642af0b78 website/docs: add 2022.5.2 changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 17:16:43 +02:00
dce623dd7c web/user: fix use sub-pages not redirecting back to the subpage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 17:07:30 +02:00
646d174dd2 internal: revert cookie path on proxy causing redirect loops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 16:26:12 +02:00
b8fdb82adc web/admin: improve error handling in TokenCopyButton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 15:56:06 +02:00
75d6cd1674 outposts: ensure the user and token are created on initial outpost save
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 15:55:19 +02:00
5c91658484 internal: fix nil pointer dereference in ldap outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 15:48:50 +02:00
ebb44c992b Revert "internal: set SameSite for outpost"
This reverts commit 7e95c756b9.
2022-05-21 14:08:40 +02:00
233bb35ebe Translate '/web/src/locales/en.po' in 'zh_CN' (#2913)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-21 13:22:20 +02:00
f60d0b9753 Translate '/web/src/locales/en.po' in 'zh-Hans' (#2914)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-21 13:22:12 +02:00
7e95c756b9 internal: set SameSite for outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 13:21:45 +02:00
be26b92927 internal: cleanup outpost logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 13:18:06 +02:00
dd3ed1bfb9 web/admin: make external host clickable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 13:10:26 +02:00
6f56a61a64 website/docs: add docs for advanced SSH config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2916
2022-05-21 13:06:54 +02:00
2dee8034d3 outposts: allow externally managed SSH Config for outposts (#2917) 2022-05-21 12:10:08 +02:00
d9d42020cc root: fix missing curl in dockerfile
closes #2915

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 00:49:15 +02:00
90298a2b6c website/docs: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-21 00:15:40 +02:00
7c17e7d52f web: Update Web API Client version (#2912) 2022-05-20 19:53:05 +02:00
fbb3ca98c1 website: add 2022.5 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 19:47:46 +02:00
220d21c3e0 release: 2022.5.1 2022-05-20 19:34:45 +02:00
84e74bc21e website/docs: final 2022.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 19:34:43 +02:00
ec15060c84 web/admin: add button to empty state to clear search (#2911) 2022-05-20 18:01:26 +02:00
334898ae23 website/integrations: Fix Gitea integration manual steps (#2910) 2022-05-20 16:47:39 +02:00
b43df2ae27 stages/identification: redirect with QS to keep next parameters (#2909)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 16:10:10 +02:00
a52638d898 internal: fix typo in session name constant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-20 10:10:29 +02:00
5bc893b890 build(deps): bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.0 in /web (#2904) 2022-05-20 09:45:53 +02:00
fe5d9e4cd2 build(deps): bump @babel/core from 7.17.12 to 7.18.0 in /web (#2903) 2022-05-20 09:45:27 +02:00
a7442e0043 build(deps): bump @formatjs/intl-listformat from 6.5.3 to 7.0.1 in /web (#2905) 2022-05-20 09:45:06 +02:00
8103bbf9af build(deps): bump rollup from 2.73.0 to 2.74.1 in /web (#2906) 2022-05-20 09:44:50 +02:00
056b90b590 build(deps): bump @babel/preset-env from 7.17.12 to 7.18.0 in /web (#2907) 2022-05-20 09:44:37 +02:00
70221e3d14 web: fix labels in forms for dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 22:03:03 +02:00
d570feffac flows: add types to diagrams (#2902)
* add policy and stage types to diagram

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* show policies bound to the root flow

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix get_build_hash being empty

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:50:28 +02:00
3d52266773 flows: handle missing initial_data in challenge
AUTHENTIK-1HK

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:31:28 +02:00
7bdecd2ee6 stages/user_write: dynamic groups (#2901)
* stages/user_write: add dynamic groups

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* simplify functions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-19 20:28:16 +02:00
a500ff28ac website/integrations: update proxmox docs (#2899)
Signed-off-by: Victor Roest <victor@xirion.net>
2022-05-19 20:23:27 +02:00
263bcae050 web/admin: improve empty state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/elements/table/TablePage.ts
#	web/src/pages/applications/ApplicationListPage.ts
2022-05-19 10:21:46 +02:00
8691a79204 build(deps): bump postcss from 8.4.13 to 8.4.14 in /website (#2900)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.13 to 8.4.14.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.13...8.4.14)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-19 09:29:30 +02:00
3b0b6dcf29 web: fix display of radio buttons on wizard pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-18 23:09:02 +02:00
11f7935155 providers/oauth2: use regex to check redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2799
2022-05-18 21:22:27 +02:00
450a26d1b5 build(deps): bump @typescript-eslint/parser from 5.24.0 to 5.25.0 in /web (#2895)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.24.0 to 5.25.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.25.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 09:51:51 +02:00
3e42c1bad4 build(deps): bump @typescript-eslint/eslint-plugin from 5.24.0 to 5.25.0 in /web (#2896)
build(deps): bump @typescript-eslint/eslint-plugin in /web

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.24.0 to 5.25.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.25.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 09:50:15 +02:00
5abbb7657b build(deps): bump lit from 2.2.3 to 2.2.4 in /web (#2897)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.3 to 2.2.4.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.4/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-18 09:50:03 +02:00
75b0fb3393 sources/oauth: migrate twitter to oauth2 (#2893) 2022-05-18 00:03:02 +02:00
538c2ca4d3 stages/authenticator_*: directly save devices into db instead of session to prevent race conditions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-17 10:02:30 +02:00
5080840ed9 admin: ensure disable_update_check is set to false for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-17 10:00:26 +02:00
eded9bfb2d build(deps): bump @babel/preset-typescript from 7.16.7 to 7.17.12 in /web (#2885)
build(deps): bump @babel/preset-typescript in /web

Bumps [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) from 7.16.7 to 7.17.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-preset-typescript)

---
updated-dependencies:
- dependency-name: "@babel/preset-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:34:09 +02:00
b3a43ae37c build(deps): bump @typescript-eslint/parser from 5.23.0 to 5.24.0 in /web (#2884)
build(deps): bump @typescript-eslint/parser in /web

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.23.0 to 5.24.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.24.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:30:24 +02:00
dc78746825 build(deps): bump @babel/preset-env from 7.17.10 to 7.17.12 in /web (#2881)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.17.10 to 7.17.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:29:58 +02:00
3c6828cbba Translate '/web/src/locales/en.po' in 'zh_CN' (#2878)
Translate /web/src/locales/en.po in zh_CN

translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-17 09:29:45 +02:00
26646264dc Translate '/web/src/locales/en.po' in 'zh-Hans' (#2879)
Translate /web/src/locales/en.po in zh-Hans

translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-17 09:29:36 +02:00
f7ecfdd4b6 build(deps): bump @typescript-eslint/eslint-plugin from 5.23.0 to 5.24.0 in /web (#2883)
build(deps): bump @typescript-eslint/eslint-plugin in /web

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.23.0 to 5.24.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.24.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:29:20 +02:00
967c80069b build(deps): bump @babel/core from 7.17.10 to 7.17.12 in /web (#2882)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.10 to 7.17.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:28:57 +02:00
f8b0c071b7 build(deps): bump @babel/plugin-transform-runtime from 7.17.10 to 7.17.12 in /web (#2886)
build(deps): bump @babel/plugin-transform-runtime in /web

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.17.10 to 7.17.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:28:40 +02:00
221ab47410 build(deps): bump actions/setup-node from 3.1.1 to 3.2.0 (#2887)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:27:50 +02:00
ffe162214f build(deps): bump @babel/plugin-proposal-decorators from 7.17.9 to 7.17.12 in /web (#2888)
build(deps): bump @babel/plugin-proposal-decorators in /web

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.17.9 to 7.17.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:27:24 +02:00
ad9d8d26ed build(deps): bump paramiko from 2.10.4 to 2.11.0 (#2889)
Bumps [paramiko](https://github.com/paramiko/paramiko) from 2.10.4 to 2.11.0.
- [Release notes](https://github.com/paramiko/paramiko/releases)
- [Changelog](https://github.com/paramiko/paramiko/blob/main/NEWS)
- [Commits](https://github.com/paramiko/paramiko/compare/2.10.4...2.11.0)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-17 09:27:07 +02:00
35402ada17 website/docs: fix missing new name attribute for invitations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-16 20:40:24 +02:00
086a44bdbd web/user: add message upon source connection deletion
closes #2522

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-16 20:28:23 +02:00
6494a0352f Translate '/web/src/locales/en.po' in 'zh-Hans' (#2877) 2022-05-16 09:20:20 +02:00
ca1fb737a8 Translate '/web/src/locales/en.po' in 'zh_CN' (#2876) 2022-05-16 09:20:02 +02:00
9e91a0a85d build(deps): bump github.com/prometheus/client_golang from 1.12.1 to 1.12.2 (#2875) 2022-05-16 09:19:36 +02:00
4e68fe2fea build(deps): bump goauthentik.io/api/v3 from 3.2022041.6 to 3.2022041.10 (#2874) 2022-05-16 09:19:26 +02:00
a36eab81eb build(deps-dev): bump pylint from 2.13.8 to 2.13.9 (#2873) 2022-05-16 09:19:09 +02:00
215b2a3224 build(deps): bump @patternfly/patternfly from 4.192.1 to 4.194.4 in /web (#2872) 2022-05-16 09:17:43 +02:00
4c3f8e446f build(deps): bump yaml from 2.0.1 to 2.1.0 in /web (#2871) 2022-05-16 09:17:31 +02:00
4b9922e5b1 build(deps): bump rollup from 2.72.1 to 2.73.0 in /web (#2870) 2022-05-16 09:17:17 +02:00
6324521424 build(deps): bump react-before-after-slider-component from 1.1.2 to 1.1.3 in /website (#2869) 2022-05-16 09:17:02 +02:00
d6b18f2833 web: Update Web API Client version (#2868) 2022-05-16 01:13:29 +02:00
333e58ce2f flows/layouts (#2867) 2022-05-16 01:10:23 +02:00
699d3ca067 ci: exclude confirmed issues from stale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-15 23:16:52 +02:00
296779ddf1 providers/ldap: remove technical preview disclaimer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-15 17:33:03 +02:00
8669f498f1 web: Update Web API Client version (#2866)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-14 22:43:55 +02:00
4de2ac3248 events: add task to expire seen notifications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 22:41:50 +02:00
eb4dce91c3 events: add user filter to notifications
as superuser all notifications are returned regardless of permission so we need to filter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 22:31:13 +02:00
c64a99345b web: fix scrolling issue on library page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:58:42 +02:00
2e174a1be5 website/docs: update 2022.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:48:28 +02:00
11ef500475 web: Update Web API Client version (#2865)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-14 21:38:38 +02:00
d4fd6153c8 api: fix OwnerFilter filtering out objects for superusers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:36:00 +02:00
85b6bfbe5f sources: fix parent serializer for user connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 21:26:02 +02:00
5ddd138c97 web: update default flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 20:08:59 +02:00
5644d5f3f7 stages/authenticator_totp: fix key error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 19:57:00 +02:00
be06adcb59 web: lazy load parts of interfaces (#2864) 2022-05-14 17:07:37 +02:00
4da350ebfc web: fix dateTimeLocal() dropping local timezone
closes #2860

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:47:30 +02:00
f391c33bdf providers/oauth2: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:41:40 +02:00
18f450bd49 root: enable sentry for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:29:30 +02:00
ee36b7f3eb flows: move autosubmit stage into flows package
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 12:06:19 +02:00
f56d619243 web: Update Web API Client version (#2862) 2022-05-14 00:17:33 +02:00
a9a62bbfc8 providers/oauth2: use correct title based on flow context and translated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 00:08:29 +02:00
ddd785898b providers/saml: add title attribute to autosubmit stage and render correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 00:08:14 +02:00
8ba45a5f6a providers/oauth2: don't create events before client_id can be verified to prevent spam
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-14 00:02:01 +02:00
7d41e6227b providers/oauth2: add tests for form_post, fix attrs not being flattened
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-13 23:52:50 +02:00
1363226697 providers/saml: make SAML metadata generation consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-13 17:40:18 +02:00
25910bb577 build(deps-dev): bump coverage from 6.3.2 to 6.3.3 (#2857)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.2 to 6.3.3.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.3.2...6.3.3)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-13 09:44:07 +02:00
62e54a3a51 build(deps): bump pyjwt from 2.3.0 to 2.4.0 (#2858)
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0)

---
updated-dependencies:
- dependency-name: pyjwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-13 09:43:54 +02:00
5f5b4c962b ci: fix website mark
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-12 22:54:29 +02:00
4a9a19eacb website/integrations: clear up home-assistant integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-12 21:40:58 +02:00
d4abf5621e providers/oauth2: add support for form_post response mode (#2818)
* Added request verification and parameter generation

* response_mode added to OAuthAuthorizationParams return

* Added class OauthPostFulfillmentStage
Check response_mode in initialization

* Corrected typo

* Removed separate class
Added handling for FORM_POST in create_response_uri
Added handling for FORM_POST in return class

* Fixed pylint error (trailing-whitespace)
Removed comment

* Reformatted authorize.py with black
2022-05-12 21:36:31 +02:00
1cb71b5217 web: fix invalid import paths
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-12 13:22:22 +02:00
a884f23855 build(deps-dev): bump pytest-randomly from 3.11.0 to 3.12.0 (#2855)
Bumps [pytest-randomly](https://github.com/pytest-dev/pytest-randomly) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/pytest-dev/pytest-randomly/releases)
- [Changelog](https://github.com/pytest-dev/pytest-randomly/blob/main/HISTORY.rst)
- [Commits](https://github.com/pytest-dev/pytest-randomly/compare/3.11.0...3.12.0)

---
updated-dependencies:
- dependency-name: pytest-randomly
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-12 09:44:55 +02:00
421b003218 internal: set path on cookie for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2305
2022-05-11 10:08:38 +02:00
25a4310bb1 internal: use Expires not MaxAge for LDAP session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-11 10:04:32 +02:00
e897307548 Translate /web/src/locales/en.po in zh_CN (#2846)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-11 10:00:09 +02:00
0fd959c5c0 Translate /web/src/locales/en.po in zh-Hans (#2847)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-11 10:00:00 +02:00
ce7d18798f build(deps): bump golang from 1.18.1-bullseye to 1.18.2-bullseye (#2848)
Bumps golang from 1.18.1-bullseye to 1.18.2-bullseye.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-11 09:59:08 +02:00
be3b034cb8 build(deps): bump fuse.js from 6.6.1 to 6.6.2 in /web (#2849)
Bumps [fuse.js](https://github.com/krisk/Fuse) from 6.6.1 to 6.6.2.
- [Release notes](https://github.com/krisk/Fuse/releases)
- [Changelog](https://github.com/krisk/Fuse/blob/master/CHANGELOG.md)
- [Commits](https://github.com/krisk/Fuse/compare/v6.6.1...v6.6.2)

---
updated-dependencies:
- dependency-name: fuse.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-11 09:58:59 +02:00
9f674442d3 build(deps): bump goauthentik.io/api/v3 from 3.2022041.5 to 3.2022041.6 (#2850)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.5 to 3.2022041.6.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.5...v3.2022041.6)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-11 09:58:51 +02:00
c21793943d build(deps): bump sentry-sdk from 1.5.11 to 1.5.12 (#2851)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.11 to 1.5.12.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.11...1.5.12)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-11 09:57:50 +02:00
ec67b60219 policies/hibp: check in prompt data (#2845)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 23:47:36 +02:00
2fe553785e web: Update Web API Client version (#2844)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-10 21:08:47 +02:00
fd1d38f844 stages/authenticator_validate: remember (#2828)
* initial

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: cleanup timedelta help

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tooltip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* assert response code in self.assertStageResponse

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more tests, add duo

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 21:05:22 +02:00
4d755dc0f6 build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5 (#2843)
* build(deps): bump goauthentik.io/api/v3 from 3.2022041.4 to 3.2022041.5

Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.4 to 3.2022041.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.4...v3.2022041.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 20:33:19 +02:00
30c65f9e61 web: Update Web API Client version (#2840)
* web: Update Web API Client version

Signed-off-by: GitHub <noreply@github.com>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 10:37:50 +02:00
3554406aa5 root: fix duplicate enum in api scheme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 10:24:18 +02:00
5eeaac1ad9 ci: fix path for bumping web api client version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 10:19:15 +02:00
5a172abdb9 ci: allow manual triggering of web API release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 10:12:47 +02:00
8f861d8ecb website/docs: Expanded documentation for SAML Federation w/ examples. (#2822)
* Expanded documentation for SAML Federation w/ examples.

* Added short section for setup on IDP side

* Formatting according to guidelines
Changed example section to table instead of headings

* Escaped <> for formatting

* Fixed quotation on <>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-10 10:11:10 +02:00
f9fdcd2d07 build(deps): bump @typescript-eslint/parser in /web (#2837)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.22.0 to 5.23.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.23.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-10 09:35:03 +02:00
ed58f21a21 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2838)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.22.0 to 5.23.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.23.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-10 09:33:50 +02:00
45af8eb4be build(deps): bump @docusaurus/preset-classic in /website (#2834)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.18 to 2.0.0-beta.20.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.20/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-09 21:33:04 +02:00
88573105a0 build(deps): bump @docusaurus/plugin-client-redirects in /website (#2835)
Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.18 to 2.0.0-beta.20.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.20/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-09 21:31:03 +02:00
f9469e3f99 website: format docs with prettier (#2833)
* run prettier

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add scim to comparison

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-09 21:22:41 +02:00
26d92d9259 build(deps): bump kubernetes from 23.3.0 to 23.6.0 (#2832) 2022-05-09 09:11:28 +02:00
9cb0d37d51 build(deps): bump rollup from 2.72.0 to 2.72.1 in /web (#2831) 2022-05-09 09:11:23 +02:00
5a25e1524a build(deps): bump eslint from 8.14.0 to 8.15.0 in /web (#2830) 2022-05-09 09:11:17 +02:00
9e1a518689 internal: add signal handler for SIGTERM
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 23:05:47 +02:00
cf5771dad3 Translate /web/src/locales/en.po in zh-Hans (#2827)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-08 19:43:59 +02:00
db5aafed36 Translate /web/src/locales/en.po in zh_CN (#2826)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-08 19:43:49 +02:00
4b0324220a website/docs: prepare 2022.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 17:32:21 +02:00
0183d2c880 root: match client-go openapi generator version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 17:25:09 +02:00
c1fe18a261 ci: always generate Go API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 16:50:58 +02:00
ab2299ba1e outposts/ldap: cached bind (#2824)
* initial cached ldap bind support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* clean up api generation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use gh action for golangci-lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 16:48:53 +02:00
2678b381b9 web: Update Web API Client version (#2825)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-05-08 16:14:02 +02:00
d3ef7920cb root: add bind mode to schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-08 16:08:06 +02:00
860269acf0 root: set SESSION_SAVE_EVERY_REQUEST to enable sliding sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1878
2022-05-07 22:32:56 +02:00
d2bd177b8f Apply translations in zh_CN (#2735)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-07 21:33:08 +02:00
32cc03832a Apply translations in zh-Hans (#2736)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-05-07 21:32:59 +02:00
948d2cbdca web/user: add missing checkbox element in user settings (#2762) 2022-05-07 21:32:11 +02:00
22026f0755 website/integration: add Weblate integration with SAML (#2786)
* added weblate integration

* added missing entry in sidebarIntegrations
2022-05-07 21:26:10 +02:00
a7a7b5aacb root: export poetry deps to requirements.txt so we don't need poetry … (#2823)
* root: export poetry deps to requirements.txt so we don't need poetry installed, removed packages we don't need anymore

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-07 21:22:33 +02:00
03d5b9e7e9 build(deps): bump fuse.js from 6.6.0 to 6.6.1 in /web (#2810)
Bumps [fuse.js](https://github.com/krisk/Fuse) from 6.6.0 to 6.6.1.
- [Release notes](https://github.com/krisk/Fuse/releases)
- [Changelog](https://github.com/krisk/Fuse/blob/master/CHANGELOG.md)
- [Commits](https://github.com/krisk/Fuse/compare/v6.6.0...v6.6.1)

---
updated-dependencies:
- dependency-name: fuse.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 10:09:19 +02:00
30c7e6c94c providers/oauth2: fixed typo (PROMPT_CONSNET => PROMPT_CONSENT) (#2819) 2022-05-06 10:09:09 +02:00
1ba96586f7 build(deps): bump rollup from 2.71.1 to 2.72.0 in /web (#2811)
Bumps [rollup](https://github.com/rollup/rollup) from 2.71.1 to 2.72.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.71.1...v2.72.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:53:57 +02:00
607f632515 build(deps): bump docker/login-action from 1 to 2 (#2812)
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:53:49 +02:00
58b46fbfcd build(deps): bump docker/setup-buildx-action from 1 to 2 (#2813)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:53:40 +02:00
9b53e26ab0 build(deps): bump docker/setup-qemu-action from 1.2.0 to 2.0.0 (#2814)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:53:28 +02:00
832d3175aa build(deps): bump docker/build-push-action from 2 to 3 (#2815)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:53:18 +02:00
ebea8369d6 build(deps-dev): bump selenium from 4.1.3 to 4.1.5 (#2816)
Bumps [selenium](https://github.com/SeleniumHQ/Selenium) from 4.1.3 to 4.1.5.
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/commits)

---
updated-dependencies:
- dependency-name: selenium
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:53:07 +02:00
a8508aac99 build(deps): bump github.com/go-openapi/runtime from 0.24.0 to 0.24.1 (#2817)
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.24.0 to 0.24.1.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.24.0...v0.24.1)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-06 09:52:25 +02:00
59df02b3b8 root: disable stdout capturing for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-05 23:08:36 +02:00
f00657f217 website/integrations: update opnsense integration guidance (#2808)
* website/docs: update opnsense integration guidance

* website/docs: remove `-user` opnsense integration
2022-05-05 12:26:16 +02:00
110bc762a1 build(deps): bump sentry-sdk from 1.5.10 to 1.5.11 (#2806)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.10 to 1.5.11.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.10...1.5.11)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-04 10:16:57 +02:00
f35e5f79aa build(deps): bump fuse.js from 6.5.3 to 6.6.0 in /web (#2800)
Bumps [fuse.js](https://github.com/krisk/Fuse) from 6.5.3 to 6.6.0.
- [Release notes](https://github.com/krisk/Fuse/releases)
- [Changelog](https://github.com/krisk/Fuse/blob/master/CHANGELOG.md)
- [Commits](https://github.com/krisk/Fuse/compare/v6.5.3...v6.6.0)

---
updated-dependencies:
- dependency-name: fuse.js
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-03 12:31:32 +02:00
3f32109706 build(deps): bump @rollup/plugin-node-resolve in /web (#2801)
Bumps [@rollup/plugin-node-resolve](https://github.com/rollup/plugins/tree/HEAD/packages/node-resolve) from 13.2.1 to 13.3.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/node-resolve/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/node-resolve-v13.3.0/packages/node-resolve)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-node-resolve"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-03 12:31:14 +02:00
0f042f2e4a build(deps): bump @typescript-eslint/eslint-plugin in /web (#2802)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.21.0 to 5.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.22.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-03 12:31:02 +02:00
34d1eb140b build(deps): bump @typescript-eslint/parser in /web (#2803)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.21.0 to 5.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.22.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-03 12:28:13 +02:00
62f67aabe3 build(deps-dev): bump pylint from 2.13.7 to 2.13.8 (#2804)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.7 to 2.13.8.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.7...v2.13.8)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-03 10:49:18 +02:00
82c3eaa0f9 website/integrations: fix duplicate cn=
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-02 23:19:50 +02:00
31ede2ae1d build(deps): bump @babel/preset-env from 7.16.11 to 7.17.10 in /web (#2793) 2022-05-02 13:41:45 +02:00
54c672256f build(deps): bump postcss from 8.4.12 to 8.4.13 in /website (#2794) 2022-05-02 13:41:24 +02:00
5f47d46b6f build(deps): bump @babel/core from 7.17.9 to 7.17.10 in /web (#2795) 2022-05-02 13:40:57 +02:00
3f23bc0b85 build(deps): bump rollup from 2.70.2 to 2.71.1 in /web (#2796) 2022-05-02 13:40:44 +02:00
366142382b build(deps): bump @babel/plugin-transform-runtime in /web (#2797) 2022-05-02 13:40:23 +02:00
ddbe0aaf13 stages/user_delete: fix delete stage failing when pending user is not explicitly set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-01 13:59:33 +02:00
75320bf579 website/docs: add missing breaking change in prompt stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 21:19:51 +02:00
15d8988569 Revert "lifecycle: use worker nr instead of process id to keep number of prometheus database files low"
This reverts commit 254249e38b.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 18:14:04 +02:00
84930b4924 Revert "internal: fix high cpu when backend isnt healthy"
This reverts commit eb6cfd22a7.

Revert "root: handle JSON error in metrics too"

This reverts commit 1ede972222.

Revert "root: don't force multiprocess prometheus registry"

This reverts commit cd1d1b4402.

Revert "root: add error handling for prometheus view"

This reverts commit c0a883f76f.
2022-04-29 18:13:26 +02:00
1ede972222 root: handle JSON error in metrics too
this can happen when the worker is killed while writing metrics
2022-04-29 11:01:04 +00:00
cd1d1b4402 root: don't force multiprocess prometheus registry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 10:53:47 +02:00
79caba45cc build(deps): bump lit from 2.2.2 to 2.2.3 in /web (#2787)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.3/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-29 10:25:07 +02:00
c101357051 build(deps): bump typescript from 4.6.3 to 4.6.4 in /web (#2788)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.6.3 to 4.6.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.6.3...v4.6.4)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-29 10:24:57 +02:00
9bebb82bbf build(deps): bump webauthn from 1.5.0 to 1.5.2 (#2789)
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.5.0 to 1.5.2.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v1.5.0...v1.5.2)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-29 10:24:46 +02:00
d95d2ca7fe build(deps): bump github.com/go-openapi/runtime from 0.23.3 to 0.24.0 (#2790)
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.23.3 to 0.24.0.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.23.3...v0.24.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-29 10:24:30 +02:00
c0a883f76f root: add error handling for prometheus view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 10:17:53 +02:00
eb6cfd22a7 internal: fix high cpu when backend isnt healthy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-29 10:03:40 +02:00
254249e38b lifecycle: use worker nr instead of process id to keep number of prometheus database files low
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2784
2022-04-28 23:09:39 +02:00
da28bb7d3c build(deps): bump @typescript-eslint/parser in /web (#2774) 2022-04-26 14:42:41 +02:00
391c1ff911 build(deps): bump @patternfly/patternfly from 4.185.1 to 4.192.1 in /web (#2773) 2022-04-26 14:42:25 +02:00
1d475d0982 build(deps): bump paramiko from 2.10.3 to 2.10.4 (#2777) 2022-04-26 14:41:31 +02:00
f92fa61101 build(deps): bump drf-spectacular from 0.22.0 to 0.22.1 (#2778) 2022-04-26 14:41:24 +02:00
ccca397a77 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2775) 2022-04-26 14:41:11 +02:00
162fd26f32 build(deps): bump github/codeql-action from 1 to 2 (#2776) 2022-04-26 14:41:02 +02:00
1d7a235766 build(deps): bump node from 16 to 18 (#2753)
Bumps node from 16 to 18.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:30:08 +02:00
01a8deb77f build(deps): bump tslib from 2.3.1 to 2.4.0 in /web (#2754)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.3.1...2.4.0)

---
updated-dependencies:
- dependency-name: tslib
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:29:54 +02:00
cba770a551 build(deps): bump eslint from 8.13.0 to 8.14.0 in /web (#2764)
Bumps [eslint](https://github.com/eslint/eslint) from 8.13.0 to 8.14.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.13.0...v8.14.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:29:33 +02:00
c67afc4084 build(deps): bump @lingui/detect-locale from 3.13.2 to 3.13.3 in /web (#2765)
Bumps [@lingui/detect-locale](https://github.com/lingui/js-lingui) from 3.13.2 to 3.13.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.2...v3.13.3)

---
updated-dependencies:
- dependency-name: "@lingui/detect-locale"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:29:19 +02:00
4ed30fa61e build(deps): bump @lingui/cli from 3.13.2 to 3.13.3 in /web (#2768)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.13.2 to 3.13.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.2...v3.13.3)

---
updated-dependencies:
- dependency-name: "@lingui/cli"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:29:06 +02:00
db16a0ffbe build(deps): bump @lingui/macro from 3.13.2 to 3.13.3 in /web (#2763)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.13.2 to 3.13.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.2...v3.13.3)

---
updated-dependencies:
- dependency-name: "@lingui/macro"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:28:37 +02:00
99ec355710 build(deps): bump @rollup/plugin-commonjs from 21.1.0 to 22.0.0 in /web (#2766)
Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs) from 21.1.0 to 22.0.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/commonjs-v22.0.0/packages/commonjs)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-commonjs"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:27:53 +02:00
9e1882cebd build(deps): bump @types/chart.js from 2.9.36 to 2.9.37 in /web (#2767)
Bumps [@types/chart.js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chart.js) from 2.9.36 to 2.9.37.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chart.js)

---
updated-dependencies:
- dependency-name: "@types/chart.js"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:27:40 +02:00
80912cace0 build(deps): bump @lingui/core from 3.13.2 to 3.13.3 in /web (#2769)
Bumps [@lingui/core](https://github.com/lingui/js-lingui) from 3.13.2 to 3.13.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.13.2...v3.13.3)

---
updated-dependencies:
- dependency-name: "@lingui/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:27:20 +02:00
0882894dc3 build(deps): bump country-flag-icons from 1.4.25 to 1.4.26 in /web (#2770)
Bumps [country-flag-icons](https://gitlab.com/catamphetamine/country-flag-icons) from 1.4.25 to 1.4.26.
- [Release notes](https://gitlab.com/catamphetamine/country-flag-icons/tags)
- [Changelog](https://gitlab.com/catamphetamine/country-flag-icons/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/country-flag-icons/compare/v1.4.25...v1.4.26)

---
updated-dependencies:
- dependency-name: country-flag-icons
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:27:05 +02:00
c1582147d7 build(deps-dev): bump pytest from 7.1.1 to 7.1.2 (#2771)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.1 to 7.1.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.1.1...7.1.2)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 12:24:58 +02:00
ab8b37a899 events: fix ignored instances not being a tuple
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-25 11:19:58 +02:00
9077eff34d root: add silk and debugging views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-21 22:38:32 +02:00
2399fa456b policies: fix current user not being set in server-side policy deny
closes #2039

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-21 22:30:27 +02:00
c8c69a9a56 build(deps): bump codemirror from 5.65.2 to 5.65.3 in /web (#2750)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.65.2 to 5.65.3.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.65.2...5.65.3)

---
updated-dependencies:
- dependency-name: codemirror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-21 10:54:37 +02:00
1258f3bba2 build(deps-dev): bump pylint from 2.13.5 to 2.13.7 (#2751)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.5 to 2.13.7.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.5...v2.13.7)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-21 10:54:29 +02:00
5488120e84 build(deps): bump duo-client from 4.3.2 to 4.4.0 (#2752)
Bumps [duo-client](https://github.com/duosecurity/duo_client_python) from 4.3.2 to 4.4.0.
- [Release notes](https://github.com/duosecurity/duo_client_python/releases)
- [Commits](https://github.com/duosecurity/duo_client_python/compare/4.3.2...4.4.0)

---
updated-dependencies:
- dependency-name: duo-client
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-21 10:54:18 +02:00
0b4ac54363 *: default to max 60 for fqdn_rand
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-20 20:07:25 +02:00
1a1434bfda *: decrease frequency of background tasks, smear tasks based on name and fqdn
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2159
2022-04-20 18:43:40 +02:00
1328c3e62c build(deps): bump @typescript-eslint/eslint-plugin in /web (#2746)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.19.0 to 5.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.20.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-19 09:39:15 +02:00
1800b62cd6 build(deps): bump @typescript-eslint/parser in /web (#2747)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.19.0 to 5.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.20.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-19 09:36:48 +02:00
32fa4c9fcb build(deps): bump @rollup/plugin-commonjs from 21.0.3 to 21.1.0 in /web (#2740)
Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs) from 21.0.3 to 21.1.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/commonjs-v21.1.0/packages/commonjs)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-commonjs"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 13:23:22 +02:00
15f0045a00 build(deps): bump rollup from 2.70.1 to 2.70.2 in /web (#2738)
Bumps [rollup](https://github.com/rollup/rollup) from 2.70.1 to 2.70.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.70.1...v2.70.2)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 13:22:32 +02:00
ac2211d9da build(deps): bump moment from 2.29.2 to 2.29.3 in /web (#2737)
Bumps [moment](https://github.com/moment/moment) from 2.29.2 to 2.29.3.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/2.29.3/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.29.2...2.29.3)

---
updated-dependencies:
- dependency-name: moment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 13:22:24 +02:00
cbd5b0dbfd build(deps): bump yaml from 2.0.0 to 2.0.1 in /web (#2739)
Bumps [yaml](https://github.com/eemeli/yaml) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 13:22:16 +02:00
8e4896d261 build(deps): bump @rollup/plugin-node-resolve in /web (#2741)
Bumps [@rollup/plugin-node-resolve](https://github.com/rollup/plugins/tree/HEAD/packages/node-resolve) from 13.2.0 to 13.2.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/node-resolve/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/node-resolve-v13.2.1/packages/node-resolve)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-node-resolve"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 13:22:01 +02:00
9481df619a build(deps): bump sentry-sdk from 1.5.9 to 1.5.10 (#2742)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.9 to 1.5.10.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.9...1.5.10)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 13:21:52 +02:00
d283a5236c core: add custom shell command which imports all models and creates events for model events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 18:14:57 +02:00
6add88654e build(deps): bump goauthentik.io/api/v3 from 3.2022041.2 to 3.2022041.3 (#2734)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022041.2 to 3.2022041.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022041.2...v3.2022041.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-17 17:30:40 +02:00
e4486b98fc web: Update Web API Client version (#2733)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 17:05:43 +02:00
778065f468 core: add flag to globally disable impersonation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-17 16:52:55 +02:00
70794d79dd sources/oauth: Fix wording for OAuth source names (#2732) 2022-04-17 16:40:10 +02:00
6e5ac4bffc website/docs: add missing redis port to configuration page (#2731)
Added the `AUTHENTIK_REDIS__PORT` to the documentation.
2022-04-17 16:40:00 +02:00
4bab42fb58 Translate /locale/en/LC_MESSAGES/django.po in de (#2727) 2022-04-15 23:45:53 +02:00
c97823fe49 build(deps): bump goauthentik.io/api/v3 from 3.2022041.1 to 3.2022041.2 (#2726) 2022-04-15 11:09:56 +02:00
a3bb5d89cc events: fix created events only being logged as debug level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:37:30 +02:00
f4f9f525d7 providers/oauth2: include application in login event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:36:45 +02:00
555525ea9d build(deps): bump async from 2.6.3 to 2.6.4 in /website (#2725)
* root: use npm ci

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* build(deps): bump async from 2.6.3 to 2.6.4 in /website

Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 22:35:53 +02:00
e455e20312 root: use npm ci
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:33:36 +02:00
4c14e88a25 flows: pin dependency in migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-14 22:28:26 +02:00
7561ea15de providers/oauth2: add additional tracing to token view 2022-04-14 16:48:17 +00:00
8242b09394 flows: handle flow title formatting error better, add user to flow title context 2022-04-14 13:56:20 +00:00
6f0fa731c0 build(deps): bump golang from 1.18.0-bullseye to 1.18.1-bullseye (#2720)
Bumps golang from 1.18.0-bullseye to 1.18.1-bullseye.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 09:58:38 +02:00
576bb013ed build(deps): bump @rollup/plugin-typescript from 8.3.1 to 8.3.2 in /web (#2721)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript) from 8.3.1 to 8.3.2.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/typescript-v8.3.2/packages/typescript)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 09:58:24 +02:00
aefedfb836 build(deps): bump goauthentik.io/api/v3 from 3.2022033.11 to 3.2022041.1 (#2722)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022033.11 to 3.2022041.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022033.11...v3.2022041.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 09:57:46 +02:00
4295ddb671 web: Update Web API Client version (#2718)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-13 10:34:47 +02:00
9b9c0fe663 release: 2022.4.1 2022-04-12 22:07:34 +02:00
5a58f6ee64 providers/oauth2: remove test for non sa user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-12 20:35:13 +02:00
da83c3af53 ci: disable translation schedule 2022-04-12 16:27:34 +00:00
e84b17d550 providers/oauth2: don't force service accounts for client_credentials flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-12 10:23:25 +02:00
b4fb0190a3 build(deps): bump @typescript-eslint/parser in /web (#2711) 2022-04-12 09:12:02 +02:00
bb52b95e5b build(deps): bump @typescript-eslint/eslint-plugin in /web (#2712) 2022-04-12 09:09:21 +02:00
a2b5d667af build(deps): bump @rollup/plugin-node-resolve in /web (#2710) 2022-04-12 09:09:10 +02:00
2df9c0479d build(deps): bump goauthentik.io/api/v3 (#2716) 2022-04-12 09:08:59 +02:00
5c673dc7bb build(deps): bump actions/setup-node from 3.1.0 to 3.1.1 (#2715) 2022-04-12 09:07:09 +02:00
da2dd7daf4 build(deps): bump twisted from 22.2.0 to 22.4.0 (#2713) 2022-04-12 09:06:54 +02:00
f2a80030d7 build(deps): bump sentry-sdk from 1.5.8 to 1.5.9 (#2714) 2022-04-12 09:06:40 +02:00
918183f472 core: compile backend translations (#2706)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-11 22:27:32 +02:00
9da439623b stages/authenticator_duo: fix bad request being sent to duo when calling enrollment_status outside a flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2666
2022-04-11 21:02:32 +02:00
957bb1c5ef core: make generated token length configurable
closes #2574

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:57:16 +02:00
677d46d7fd website/docs: prepare 2022.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:54:16 +02:00
5af7baf36c web: Update Web API Client version (#2705)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-11 20:46:22 +02:00
8b2ca822f5 core: compile backend translations (#2704)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-11 20:46:10 +02:00
2303a97bb9 core: add method to set key of token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2574
2022-04-11 20:43:39 +02:00
8be04cc013 providers/oauth2: fix elliptic curve keys attempting to use EC256 instead of ES256
closes #2703

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 20:05:58 +02:00
9b6e47e6b8 outposts/ldap: fix panic in type conversion when value is nil
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-11 15:52:58 +02:00
677621989a build(deps): bump django from 4.0.3 to 4.0.4 (#2702)
Bumps [django](https://github.com/django/django) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/4.0.3...4.0.4)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 10:39:51 +02:00
0d5125db76 build(deps): bump @patternfly/patternfly from 4.183.1 to 4.185.1 in /web (#2699)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.183.1 to 4.185.1.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.183.1...prerelease-v4.185.1)

---
updated-dependencies:
- dependency-name: "@patternfly/patternfly"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 09:51:41 +02:00
ed88f6594c build(deps): bump actions/upload-artifact from 2 to 3 (#2700)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 09:51:28 +02:00
b1816f2101 build(deps): bump eslint from 8.12.0 to 8.13.0 in /web (#2698)
Bumps [eslint](https://github.com/eslint/eslint) from 8.12.0 to 8.13.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.12.0...v8.13.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 09:51:12 +02:00
fe60c26e11 build(deps): bump actions/setup-go from 2 to 3 (#2701)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 09:49:51 +02:00
cca33a74b6 core: fix error when checking generated users with no expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-10 17:53:46 +02:00
f977bf61eb providers/oauth2: make exp optional on jwt client_credentials flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-10 17:25:35 +02:00
f8f8a9bbb9 providers/oauth2: give keypairs private key preference over certificate in client_credentials jwt flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-10 16:27:53 +02:00
7a44d5768a web/flows: fix focus being continuously forced to the input
closes #2692

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-08 18:26:39 +02:00
d9e4219d70 Revert "build(deps): bump @sentry/tracing from 6.19.4 to 6.19.6 in /web (#2690)"
This reverts commit dfe3394d4e.
2022-04-08 10:38:58 +02:00
6db5df1b31 Revert "build(deps): bump @sentry/browser from 6.19.4 to 6.19.6 in /web (#2689)"
This reverts commit 0e59ed62f5.
2022-04-08 10:38:56 +02:00
e64ca4ab04 core: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-08 10:10:30 +02:00
0e59ed62f5 build(deps): bump @sentry/browser from 6.19.4 to 6.19.6 in /web (#2689)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.19.4 to 6.19.6.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.4...6.19.6)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 10:08:34 +02:00
dfe3394d4e build(deps): bump @sentry/tracing from 6.19.4 to 6.19.6 in /web (#2690)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.19.4 to 6.19.6.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.4...6.19.6)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 10:07:16 +02:00
9d4fb8048c build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.3 (#2691)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.2 to 3.4.3.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.4.2...v3.4.3)

---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-08 10:07:06 +02:00
a7a517733e web: enable rollup cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-07 21:06:18 +02:00
e2f0a76309 outposts: check if docker ports should be mapped before comparing ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-07 17:30:33 +02:00
07267ac425 build(deps): bump yaml from 1.10.2 to 2.0.0 in /web (#2682)
Bumps [yaml](https://github.com/eemeli/yaml) from 1.10.2 to 2.0.0.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](https://github.com/eemeli/yaml/compare/v1.10.2...v2.0.0)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 10:02:52 +02:00
8fb7620004 build(deps): bump @babel/core from 7.17.8 to 7.17.9 in /web (#2681)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.8 to 7.17.9.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.9/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 10:02:35 +02:00
2ef85c4447 build(deps): bump lit from 2.2.1 to 2.2.2 in /web (#2683)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.2/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 10:02:22 +02:00
c3174ac044 build(deps): bump @babel/plugin-proposal-decorators in /web (#2684)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.17.8 to 7.17.9.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.9/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-07 10:01:06 +02:00
952b48541c build(deps): bump goauthentik.io/api/v3 from 3.2022033.9 to 3.2022033.10 (#2687) 2022-04-07 09:54:55 +02:00
a97ffce5f9 build(deps): bump webauthn from 1.4.0 to 1.5.0 (#2685) 2022-04-07 09:54:38 +02:00
5d514bd8c4 build(deps-dev): bump pylint from 2.13.4 to 2.13.5 (#2686) 2022-04-07 09:53:42 +02:00
128234324d Translate /web/src/locales/en.po in zh-Hans (#2680)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-06 17:38:54 +02:00
2d1bc2efcc Translate /web/src/locales/en.po in zh_CN (#2679)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-06 17:38:48 +02:00
2a1af96838 web/admin: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-06 10:46:08 +02:00
a6674440e6 web: Update Web API Client version (#2678)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-06 10:45:34 +02:00
5861d41ad3 tenants: add tenant-level attributes, applied to users based on request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-06 10:41:35 +02:00
fcd9c58a73 web/user: fix minor style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-06 10:22:36 +02:00
4bf2878cf7 build(deps): bump @sentry/browser from 6.19.3 to 6.19.4 in /web (#2674) 2022-04-06 10:06:42 +02:00
79d508a020 build(deps): bump @sentry/tracing from 6.19.3 to 6.19.4 in /web (#2675) 2022-04-06 09:51:08 +02:00
03916b0b25 build(deps): bump codecov/codecov-action from 2 to 3 (#2676) 2022-04-06 09:50:54 +02:00
263964865c build(deps): bump celery from 5.2.5 to 5.2.6 (#2677) 2022-04-06 09:50:41 +02:00
21f92b4a65 website/docs: add docs for customisation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-06 00:06:28 +02:00
e38d03b304 web/user: make more themable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-05 23:47:15 +02:00
f2b540ed8a web/user: add column layouts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-05 23:28:00 +02:00
79ad356d90 web/elements: insert spaces instead of tabs in codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-05 23:10:51 +02:00
e70490481d build(deps): bump minimist from 1.2.5 to 1.2.6 in /website (#2670)
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:28:52 +02:00
66ab9504e9 build(deps): bump minimist from 1.2.5 to 1.2.6 in /web (#2671)
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:28:31 +02:00
009173fe23 build(deps): bump @typescript-eslint/parser in /web (#2667)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.17.0 to 5.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.18.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:15:29 +02:00
75a5335f0f build(deps): bump @typescript-eslint/eslint-plugin in /web (#2668)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.17.0 to 5.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.18.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:11:15 +02:00
7a9452c66a build(deps): bump goauthentik.io/api/v3 from 3.2022033.8 to 3.2022033.9 (#2669)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022033.8 to 3.2022033.9.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022033.8...v3.2022033.9)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:11:04 +02:00
82a999f95d internal: disable HTML encoding in logrus
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 22:57:55 +02:00
0c2e9234bf ci: use native caching (#2665)
* ci: use native caching

* migrate to actions

* cleanup

* migrate more
2022-04-04 14:02:10 +02:00
964a3276a1 ci: bump cache 2022-04-04 09:58:05 +00:00
5185b027dc ci: remove unneeded tools 2022-04-04 09:28:57 +00:00
d690296120 ci: use go install 2022-04-04 09:21:33 +00:00
9252a1f9d3 ci: fix broken GHA cache again...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 10:45:30 +02:00
fc6742a17e web/admin: trigger update when provider wizard finishes
closes #2599

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 10:38:30 +02:00
31546da796 web: Update Web API Client version (#2664)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-04 10:25:41 +02:00
4a6c46a5c9 root: upgrade to openapi generator v6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 10:20:05 +02:00
20262f3f4b core: mark provider_obj as read_only
closes #2637

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-04 10:17:59 +02:00
dea61ef35e build(deps): bump moment from 2.29.1 to 2.29.2 in /web (#2657) 2022-04-04 09:49:11 +02:00
edda644e28 build(deps): bump react-before-after-slider-component in /website (#2656) 2022-04-04 09:48:44 +02:00
ee13ec1dca build(deps-dev): bump prettier from 2.6.1 to 2.6.2 in /website (#2658) 2022-04-04 09:48:18 +02:00
39bea1d5d0 build(deps): bump prettier from 2.6.1 to 2.6.2 in /web (#2659) 2022-04-04 09:48:07 +02:00
453dcd790f build(deps): bump actions/setup-node from 3.0.0 to 3.1.0 (#2661) 2022-04-04 09:47:44 +02:00
bb70e6c81d build(deps): bump celery from 5.2.3 to 5.2.5 (#2662) 2022-04-04 09:47:19 +02:00
4ff9db9d7e build(deps): bump goauthentik.io/api/v3 from 3.2022033.6 to 3.2022033.8 (#2663) 2022-04-04 09:47:04 +02:00
8b2e70d15d web/user: fix column size
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-03 18:19:14 +02:00
8e2f929933 Translate /web/src/locales/en.po in zh_CN (#2652)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-03 13:58:44 +02:00
ae2d86096b Translate /web/src/locales/en.po in zh-Hans (#2653)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-03 13:58:33 +02:00
849c347e8c Translate /web/src/locales/en.po in zh_TW (#2654)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-03 13:58:24 +02:00
c974298836 Translate /web/src/locales/en.po in zh-Hant (#2655)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-03 13:58:14 +02:00
b46eb7198b internal: handle log level not being set in config
closes #2650

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-03 13:23:55 +02:00
37db6764ab web: Update Web API Client version (#2649)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-02 23:12:00 +02:00
633296503d core: add grouping to applications (#2648)
* core: add grouping to applications

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add new field to tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 23:08:58 +02:00
508cec2fd5 web: migrate dropdowns to wizards (#2633)
* web/admin: add basic wizards for providers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add dark mode for wizard

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: migrate policies to wizard

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* start source

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: sanitze_dict when returning log messages during tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* Revert "web/admin: migrate policies to wizard"

This reverts commit d8b7f62d3e.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/zh-Hans.po
#	web/src/locales/zh-Hant.po
#	web/src/locales/zh_TW.po

* web: rewrite wizard to be element based

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* further cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update sources

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: migrate property mappings

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate stages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate misc dropdowns

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate outpost integrations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 19:48:17 +02:00
7a93614e4b policies: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 18:31:02 +02:00
4f319eaa4f policies/dummy: bump to info to always get message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 17:28:51 +02:00
86a8d00b3f policies: sanitze_dict when returning log messages during tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 17:15:44 +02:00
5fe8c1f3d7 policies: fix missing default for log_messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 16:44:49 +02:00
be91d893fb Translate /web/src/locales/en.po in zh_CN (#2644)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-02 16:39:38 +02:00
1fc6aa5a02 Translate /web/src/locales/en.po in zh-Hans (#2645)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-02 16:39:30 +02:00
2256baced5 Translate /web/src/locales/en.po in zh-Hant (#2646)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-02 16:39:22 +02:00
f2af904aeb Translate /web/src/locales/en.po in zh_TW (#2647)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-04-02 16:39:15 +02:00
030f612c38 web: Update Web API Client version (#2642)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-04-01 22:10:45 +02:00
d84ff2bbca policies: add policy log messages to test endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-01 22:07:35 +02:00
4be238018b providers/oauth2: pass scope and other parameters to access policy request context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2641
2022-04-01 21:39:05 +02:00
71c6313c46 Revert "build(deps): bump @mdx-js/react from 1.6.22 to 2.1.1 in /website (#2634)" (#2639)
This reverts commit f7daa7723d.
2022-04-01 10:45:26 +02:00
f7daa7723d build(deps): bump @mdx-js/react from 1.6.22 to 2.1.1 in /website (#2634)
Bumps [@mdx-js/react](https://github.com/mdx-js/mdx/tree/HEAD/packages/react) from 1.6.22 to 2.1.1.
- [Release notes](https://github.com/mdx-js/mdx/releases)
- [Changelog](https://github.com/mdx-js/mdx/blob/main/changelog.md)
- [Commits](https://github.com/mdx-js/mdx/commits/2.1.1/packages/react)

---
updated-dependencies:
- dependency-name: "@mdx-js/react"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-01 10:06:30 +02:00
1ff35eef4c build(deps-dev): bump pylint from 2.13.3 to 2.13.4 (#2635)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.3 to 2.13.4.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.3...v2.13.4)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-01 10:06:10 +02:00
743bb3e98f build(deps): bump goauthentik.io/api/v3 from 3.2022033.5 to 3.2022033.6 (#2636) 2022-04-01 10:04:25 +02:00
83c4d5393c web: Update Web API Client version (#2632)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-31 20:24:11 +02:00
99008252f8 providers/oauth2: fix verification_keys being required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 20:19:13 +02:00
4cf00ed5cf lifecycle: fix password and hostname not properly quoted
#2623
2022-03-31 16:37:54 +00:00
8689444954 providers/oauth2: add password grant support (treated as client_credentials)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 18:02:17 +02:00
4210f692ff Translate /web/src/locales/en.po in zh_CN (#2626)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-31 09:33:18 +02:00
85a3578092 Translate /web/src/locales/en.po in zh-Hant (#2627)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-31 09:33:09 +02:00
6b05d44d1f Translate /web/src/locales/en.po in zh-Hans (#2628)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-31 09:33:00 +02:00
49b221ed68 Translate /web/src/locales/en.po in zh_TW (#2629)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-31 09:32:48 +02:00
67b43c223c build(deps): bump goauthentik.io/api/v3 from 3.2022033.4 to 3.2022033.5 (#2630) 2022-03-31 08:59:31 +02:00
5f9dc4395a web: Update Web API Client version (#2625) 2022-03-31 01:03:08 +02:00
bb8af2f19b providers/oauth2: add client_assertion_type jwt bearer support (#2618) 2022-03-31 00:30:55 +02:00
996bd05ba6 api: fix API header auth not passing to next auth method
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 00:06:01 +02:00
ac03f5a97d website/docs: prepare 2022.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-30 23:43:36 +02:00
a1a64e25ee api: remove legacy http basic auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-30 23:39:08 +02:00
53851efacb Revert "web/elements: fix chart not rendering if update events happens before initial render"
This reverts commit f53343141e.
2022-03-30 10:36:50 +02:00
afea262e14 build(deps): bump @sentry/tracing from 6.19.2 to 6.19.3 in /web (#2619)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.19.2 to 6.19.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.2...6.19.3)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-30 10:36:05 +02:00
53f92f01da build(deps): bump @sentry/browser from 6.19.2 to 6.19.3 in /web (#2620)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.19.2 to 6.19.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.2...6.19.3)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-30 10:34:57 +02:00
a267686098 build(deps): bump @types/chart.js from 2.9.35 to 2.9.36 in /web (#2621)
Bumps [@types/chart.js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chart.js) from 2.9.35 to 2.9.36.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chart.js)

---
updated-dependencies:
- dependency-name: "@types/chart.js"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-30 10:34:44 +02:00
9ee06b7d1f build(deps-dev): bump pylint from 2.13.2 to 2.13.3 (#2622)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.2 to 2.13.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.2...v2.13.3)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-30 10:34:35 +02:00
f53343141e web/elements: fix chart not rendering if update events happens before initial render
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-29 11:33:40 +02:00
62250f4ec6 build(deps): bump @typescript-eslint/parser in /web (#2615)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.16.0 to 5.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.17.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-29 10:29:27 +02:00
485329130b build(deps): bump @typescript-eslint/eslint-plugin in /web (#2616)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.16.0 to 5.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.17.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-29 10:10:58 +02:00
6891c239e2 build(deps-dev): bump black from 22.1.0 to 22.3.0 (#2617)
Bumps [black](https://github.com/psf/black) from 22.1.0 to 22.3.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/22.1.0...22.3.0)

---
updated-dependencies:
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-29 10:10:34 +02:00
993c6472db crypto: only count discovered when cert was loaded successfully 2022-03-28 08:58:23 +00:00
123b0b2f05 core: fix pylint renamed variable 2022-03-28 08:58:13 +00:00
487b1e4f34 build(deps): bump @docusaurus/plugin-client-redirects in /website (#2606)
Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.17 to 2.0.0-beta.18.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.18/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-28 09:47:27 +02:00
b308cfa8d7 build(deps): bump @formatjs/intl-listformat from 6.5.2 to 6.5.3 in /web (#2603)
Bumps [@formatjs/intl-listformat](https://github.com/formatjs/formatjs) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/@formatjs/intl-listformat@6.5.2...@formatjs/intl-listformat@6.5.3)

---
updated-dependencies:
- dependency-name: "@formatjs/intl-listformat"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-28 09:46:17 +02:00
839884c65c build(deps-dev): bump pylint from 2.12.2 to 2.13.2 (#2612)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.12.2 to 2.13.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.12.2...v2.13.2)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-28 09:45:21 +02:00
dc93f5d4c9 build(deps): bump @docusaurus/preset-classic in /website (#2602)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.17 to 2.0.0-beta.18.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.18/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-28 09:45:02 +02:00
735af9aaad build(deps-dev): bump prettier from 2.6.0 to 2.6.1 in /website (#2604) 2022-03-28 09:43:03 +02:00
9c52ee585f build(deps): bump @rollup/plugin-commonjs from 21.0.2 to 21.0.3 in /web (#2605) 2022-03-28 09:42:40 +02:00
4c5f01020e build(deps): bump eslint from 8.11.0 to 8.12.0 in /web (#2607) 2022-03-28 09:42:28 +02:00
fc315eb8da build(deps): bump eslint-plugin-custom-elements in /web (#2608) 2022-03-28 09:41:52 +02:00
b90d8b14d6 build(deps): bump prettier from 2.6.0 to 2.6.1 in /web (#2609) 2022-03-28 09:41:39 +02:00
1af49c930c build(deps): bump goauthentik.io/api/v3 from 3.2022033.3 to 3.2022033.4 (#2610) 2022-03-28 09:41:17 +02:00
624ae67b50 build(deps-dev): bump pylint-django from 2.5.2 to 2.5.3 (#2611) 2022-03-28 09:41:04 +02:00
cd2fb49f9b web: update api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-27 19:06:12 +02:00
3da531ede3 Translate /web/src/locales/en.po in zh_CN (#2595)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-27 15:52:24 +02:00
e3e4b2f818 Translate /web/src/locales/en.po in zh_TW (#2596)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-27 15:52:14 +02:00
98391da0d0 Translate /web/src/locales/en.po in zh-Hans (#2598)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-27 15:52:00 +02:00
1555aed02f Translate /web/src/locales/en.po in zh-Hant (#2597)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-27 15:51:49 +02:00
7a01529511 root: lock openapi image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 23:25:04 +01:00
bc3e6b3962 web/admin: fix missing protocols on generated nginx config
closes #2585

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 19:18:52 +01:00
7cbd5174f0 stages/invitation: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 19:12:22 +01:00
788cd401f6 build(deps): bump ansi-regex from 4.1.0 to 4.1.1 in /web (#2593)
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](https://github.com/chalk/ansi-regex/compare/v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: ansi-regex
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-26 19:09:01 +01:00
bec8c8fe0a web: Update Web API Client version (#2592)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-26 18:51:29 +01:00
3184a64482 web: live-convert to slug in fields where only slugs are allowed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 18:49:08 +01:00
c7a83e6182 stages/invitation: add invitation name
closes #2583

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-26 18:32:59 +01:00
933919c647 web/admin: allow editing of invitations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2583
2022-03-26 18:21:14 +01:00
7d3841e85f build(deps): bump python (#2586)
Bumps python from 3.10.3-slim-bullseye to 3.10.4-slim-bullseye.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-25 09:44:53 +01:00
21e54d803f build(deps): bump typescript from 4.6.2 to 4.6.3 in /web (#2587)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.6.2 to 4.6.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.6.2...v4.6.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-25 09:44:42 +01:00
883af97148 build(deps): bump @sentry/tracing from 6.19.1 to 6.19.2 in /web (#2578)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.19.1 to 6.19.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.1...6.19.2)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-24 10:15:07 +01:00
3184019996 build(deps): bump @sentry/browser from 6.19.1 to 6.19.2 in /web (#2579)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.19.1 to 6.19.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.19.1...6.19.2)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-24 10:14:08 +01:00
c0edaaf821 build(deps): bump peter-evans/create-pull-request from 3 to 4 (#2580)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-24 10:13:58 +01:00
74ff9d04dd stages/prompt: set field default based on placeholder, fix duplicate fields
closes #2572

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-23 22:26:06 +01:00
969902f503 stages/prompt: filter rest_framework.fields.empty when field is not required
closes #2572

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-23 20:21:12 +01:00
04372e21dd events: handle types in event contexts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2572
2022-03-23 19:49:55 +01:00
0c53650216 website/docs: terminology clear unneeded sentence. (#2577)
certificates: minor improvements
2022-03-23 17:38:36 +01:00
8e028c2feb website/docs: added missing client_id in client_credential grant type (#2576) 2022-03-23 15:07:09 +01:00
d75a864f0e providers/oauth2: map internal groups to GitHub teams in GHE OAuth emulation (#2497)
* providers/oauth2: impl `/user/teams` endpoint for Github OAuth2

This commit adds a functional `/user/teams` endpoint for the emulated Github OAuth2 service.
The teams a user is part of are based on the user's groups in Authentik.

* providers/oauth2: Move org template inside loop; Change slug to use Django slugify

* providers/oauth2: Remove placeholder replacement

* Possibly fix complaints from the linters

* Update github.py

* Change organization name

* Update github.py
2022-03-23 12:05:20 +01:00
81f3b133f6 web/user: dont show flow title in user settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2572
2022-03-23 10:18:53 +01:00
b887916f5b web/flows: fix styling for access denied stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2572
2022-03-23 10:16:43 +01:00
2a354aa64f website/integrations: Fix Kimai Group mapping attribute (#2565)
* Fix: Group mapping attribute

Missed it before, sorry.
Now it works properly

* Fix: branding

Co-authored-by: hexx.one <dominics.pc@gmail.com>
2022-03-23 10:08:31 +01:00
d9724e6885 build(deps): bump @fortawesome/fontawesome-free in /web (#2568) 2022-03-23 09:27:07 +01:00
d092e8e4bc build(deps): bump eslint-plugin-custom-elements in /web (#2569) 2022-03-23 09:26:51 +01:00
e5b8975459 build(deps): bump country-flag-icons from 1.4.24 to 1.4.25 in /web (#2570) 2022-03-23 09:26:30 +01:00
4f4784f4d8 build(deps): bump peter-evans/enable-pull-request-automerge from 1 to 2 (#2571) 2022-03-23 09:26:16 +01:00
51194cbf42 outposts/ldap: use backend group num_pk
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 23:54:50 +01:00
4d5a619cc0 build(deps): bump goauthentik.io/api/v3 from 3.2022033.2 to 3.2022033.3 (#2566)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022033.2 to 3.2022033.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022033.2...v3.2022033.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 23:47:43 +01:00
2314340823 build(deps): bump goauthentik.io/api/v3 from 3.2022033.1 to 3.2022033.2 (#2562)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022033.1 to 3.2022033.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022033.1...v3.2022033.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 21:41:54 +01:00
7c6b2c843b web: Update Web API Client version (#2563)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-22 21:41:44 +01:00
0c2b32da31 core: add num_pk to group for applications that need a numerical group id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2497
2022-03-22 21:37:11 +01:00
9ad4c736f1 stages/email: allow overriding of destination email in plan context
closes #2445

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 21:19:34 +01:00
0c0b9ca84a build(deps): bump node-forge from 1.2.1 to 1.3.0 in /website (#2560)
Bumps [node-forge](https://github.com/digitalbazaar/forge) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/digitalbazaar/forge/releases)
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](https://github.com/digitalbazaar/forge/compare/v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: node-forge
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 20:49:35 +01:00
4154b62565 stages/prompt: fix non-required fields not allowing blank values, add more tests
closes #2544

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 20:38:04 +01:00
5a07d4ec66 web/admin: fix typo in flow launch URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 20:20:38 +01:00
64b758c8fa web: Update Web API Client version (#2558)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-22 20:19:53 +01:00
a0e29d42a6 web/user: fix success popup showing after each flow stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

closes #2547

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 20:17:16 +01:00
0bbea79c64 root: update schema with latest drf-spectacular
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-22 20:15:15 +01:00
467ad29656 website/integrations: Add service documentation for "Kimai" timetracker (#2548)
* Add documentation for Kimai

* website: fix kimai application slug

* Add kimai sidebar integration

Co-authored-by: hexx.one <dominics.pc@gmail.com>
2022-03-22 18:20:04 +01:00
d2fc1226f8 website/integrations: Add service documentation for pgAdmin (#2556) 2022-03-22 18:19:27 +01:00
5c50a18b6f build(deps): bump @typescript-eslint/parser in /web (#2549)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.15.0 to 5.16.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.16.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:07:02 +01:00
75505a2077 build(deps): bump @sentry/tracing from 6.18.2 to 6.19.1 in /web (#2552)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.18.2 to 6.19.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.18.2...6.19.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:05:45 +01:00
6d7525b5a1 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2550)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.15.0 to 5.16.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.16.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:04:53 +01:00
4ca7ba427a build(deps): bump @sentry/browser from 6.18.2 to 6.19.1 in /web (#2551)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.18.2 to 6.19.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.18.2...6.19.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:04:43 +01:00
740fafa86d build(deps): bump actions/cache from 2.1.7 to 3 (#2553)
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.7...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:04:35 +01:00
4b80f52e11 build(deps): bump drf-spectacular from 0.21.2 to 0.22.0 (#2554)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.21.2 to 0.22.0.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.21.2...0.22.0)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:04:25 +01:00
7ae2bdc35f build(deps): bump goauthentik.io/api/v3 from 3.2022032.1 to 3.2022033.1 (#2555)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022032.1 to 3.2022033.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022032.1...v3.2022033.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 10:03:43 +01:00
34473903dd web: Update Web API Client version (#2545)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-22 00:20:25 +01:00
86a4a7dcee release: 2022.3.3 2022-03-21 22:37:13 +01:00
73fe866cb6 website/docs: prepare 2022.3.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-21 22:37:01 +01:00
8b95e9f97a crypto: open files in read-only mode for importing (#2536)
closes #2535
2022-03-21 10:46:09 +01:00
a3eb72d160 website/integrations: Document using pfSense as Provider Integration (#2534)
* Add pfSense documentation

* add pfSense to sidebar

* Add pfsense secure setup

* rearrangement of sections for better clarity

* Add port value in unsecure setup

* change admonitions type for unsecure setup

* add `Test you setup` section

* add `Change pfSense default authentication backend` section

* Minor corrections

Co-authored-by: Danaël Giordana <danael@giordana.cc>
2022-03-21 10:45:30 +01:00
b418db6ecf build(deps): bump @babel/plugin-proposal-decorators in /web (#2537)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.17.2 to 7.17.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.8/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 10:02:15 +01:00
6cb1ab1d2b build(deps): bump country-flag-icons from 1.4.22 to 1.4.24 in /web (#2538)
Bumps [country-flag-icons](https://gitlab.com/catamphetamine/country-flag-icons) from 1.4.22 to 1.4.24.
- [Release notes](https://gitlab.com/catamphetamine/country-flag-icons/tags)
- [Changelog](https://gitlab.com/catamphetamine/country-flag-icons/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/country-flag-icons/compare/v1.4.22...v1.4.24)

---
updated-dependencies:
- dependency-name: country-flag-icons
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 10:01:09 +01:00
ae09dac720 build(deps): bump @babel/core from 7.17.7 to 7.17.8 in /web (#2539)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.7 to 7.17.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.8/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 10:00:53 +01:00
44c9ad19a7 build(deps): bump sentry-sdk from 1.5.7 to 1.5.8 (#2540)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.7 to 1.5.8.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.7...1.5.8)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 10:00:40 +01:00
554272a927 build(deps): bump paramiko from 2.10.2 to 2.10.3 (#2541)
Bumps [paramiko](https://github.com/paramiko/paramiko) from 2.10.2 to 2.10.3.
- [Release notes](https://github.com/paramiko/paramiko/releases)
- [Changelog](https://github.com/paramiko/paramiko/blob/main/NEWS)
- [Commits](https://github.com/paramiko/paramiko/compare/2.10.2...2.10.3)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 10:00:26 +01:00
acf2af8f66 build(deps): bump github.com/go-openapi/runtime from 0.23.2 to 0.23.3 (#2542)
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.23.2 to 0.23.3.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.23.2...v0.23.3)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 09:59:19 +01:00
b45a442447 outposts/ldap: fix contexts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-19 18:28:27 +01:00
75a720ead1 outposts/ldap: prevent operations error from nil dereference (#2447)
closes #2526
2022-03-19 18:26:26 +01:00
615ce287ce Translate /web/src/locales/en.po in zh_CN (#2529)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-19 17:46:55 +01:00
aa8d97249a Translate /web/src/locales/en.po in zh-Hans (#2530)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-19 17:46:46 +01:00
2390df17f1 Translate /web/src/locales/en.po in zh_TW (#2532)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-19 17:46:34 +01:00
c022052539 Translate /web/src/locales/en.po in zh-Hant (#2531)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-19 17:46:21 +01:00
13c050e2a6 web: fix style for selected item in select in dark mode
closes #2528

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-18 21:20:11 +01:00
ef371b3750 web/admin: default to not include current session in flow play, add option to start with current session
closes #2527

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-18 19:41:11 +01:00
bb1f79347b build(deps): bump python (#2524)
Bumps python from 3.10.2-slim-bullseye to 3.10.3-slim-bullseye.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-18 10:14:07 +01:00
6ed0d6d124 build(deps-dev): bump pytest from 7.1.0 to 7.1.1 (#2525)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.0 to 7.1.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.1.0...7.1.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-18 10:13:54 +01:00
4ed60fe36b build(deps): bump postcss from 8.4.11 to 8.4.12 in /website (#2512) 2022-03-17 09:46:38 +01:00
ca9fa79095 build(deps): bump @types/grecaptcha from 3.0.3 to 3.0.4 in /web (#2513) 2022-03-17 09:46:23 +01:00
a2408cefcf build(deps): bump golang from 1.17.8-bullseye to 1.18.0-bullseye (#2511) 2022-03-17 09:45:44 +01:00
145eaa5de3 build(deps): bump prettier from 2.5.1 to 2.6.0 in /web (#2515) 2022-03-17 09:45:15 +01:00
1991c930f2 build(deps-dev): bump prettier from 2.5.1 to 2.6.0 in /website (#2516) 2022-03-17 09:44:55 +01:00
736f84b670 build(deps): bump country-flag-icons from 1.4.21 to 1.4.22 in /web (#2517) 2022-03-17 09:44:41 +01:00
d4d5c2675b build(deps): bump urllib3 from 1.26.8 to 1.26.9 (#2518) 2022-03-17 09:44:25 +01:00
be232e2b77 core: fix provider launch URL being prioritised over manually configured launch URL
closes #2493

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-16 10:26:55 +01:00
42389188ad web/elements: make SearchSelect optionally blankable
closes #2504

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-16 10:12:47 +01:00
1f6af8c221 web/admin: fix user defaulting to 0 when not set in PolicyBindingForm
closes #2496

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-16 10:12:47 +01:00
f4955e3e62 build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#2502) 2022-03-16 09:31:14 +01:00
a8ef3096c1 build(deps): bump postcss from 8.4.8 to 8.4.11 in /website (#2498) 2022-03-16 09:29:05 +01:00
14f76b2575 build(deps): bump webcomponent-qr-code from 1.0.5 to 1.0.6 in /web (#2499) 2022-03-16 09:28:51 +01:00
50065d37b9 build(deps): bump @fortawesome/fontawesome-free in /web (#2500) 2022-03-16 09:28:40 +01:00
a54670fb91 build(deps): bump lit from 2.2.0 to 2.2.1 in /web (#2501) 2022-03-16 09:28:28 +01:00
51fda51cbf build(deps): bump goauthentik.io/api/v3 from 3.2022031.2 to 3.2022032.1 (#2503) 2022-03-16 09:27:22 +01:00
53d0205e86 outposts/proxy: use Prefix in ingress for k8s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-15 19:01:08 +01:00
0f56d00959 website/docs: added example for custom user attributes (#2406)
* added example for custom user attributes

* simplified example

Co-authored-by: croudsarabi <constantin.roudsarabi@andrena.de>
2022-03-15 18:12:02 +01:00
b7a6fccdf9 web: Update Web API Client version (#2491)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-15 10:28:36 +01:00
522f49f48c Merge branch 'version-2022.3' 2022-03-15 10:07:40 +01:00
e685f11514 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2486) 2022-03-15 09:35:36 +01:00
1841b9b4c6 build(deps): bump rollup from 2.70.0 to 2.70.1 in /web (#2485) 2022-03-15 09:32:23 +01:00
40e37a5c2c build(deps): bump @typescript-eslint/parser in /web (#2487) 2022-03-15 09:31:27 +01:00
ac838645a9 build(deps): bump @babel/core from 7.17.5 to 7.17.7 in /web (#2488) 2022-03-15 09:31:06 +01:00
be40d67c4d build(deps): bump paramiko from 2.10.1 to 2.10.2 (#2489) 2022-03-15 09:30:46 +01:00
700cc06f45 build(deps): bump goauthentik.io/api/v3 from 3.2022031.1 to 3.2022031.2 (#2490) 2022-03-15 09:30:30 +01:00
260a7aac63 release: 2022.3.2 2022-03-15 00:01:01 +01:00
37df054f4c website/docs: prepare 2022.3.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 23:59:38 +01:00
a3df414f24 sources/ldap: fix parent_group not being applied
closes #2464

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 22:13:20 +01:00
dcaa8d6322 flows: revert default flow user change
closes #2483

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 22:05:30 +01:00
e03dd70f2f web/user: filter applications by launch URL lto show empty state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 21:15:47 +01:00
ceb894039e stages/authenticator_validate: fix passwordless flows not working
closes #2484

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 21:15:47 +01:00
a77616e942 website/integrations: add rocket.chat (#2470)
* Add files via upload

* Revert "Add Rocket.chat Instructions to Integrations Page"

* Adding Rocket.chat Integration documentation

* Adding Rocketchat to integrations/services

* Fix authentik name in 2 screenshots
2022-03-14 15:13:54 +01:00
47601a767b website/docs: fix invalid queries in docs
closes #2482
2022-03-14 12:38:22 +00:00
c7a825c393 lib: lower default sample rate 2022-03-14 12:38:14 +00:00
181c55aef1 website/docs: add http-basic to sonarr docs 2022-03-14 12:19:53 +01:00
631b1fcc29 web: Update Web API Client version (#2481)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-14 10:42:29 +01:00
54f170650a core: replace uid with uuid search
uid can't be searched it as its a computed field

closes #2480

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 10:35:55 +01:00
3bdb551e74 root: add make target for server and web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-14 10:32:14 +01:00
96b2631ec4 build(deps): bump paramiko from 2.9.2 to 2.10.1 (#2475)
Bumps [paramiko](https://github.com/paramiko/paramiko) from 2.9.2 to 2.10.1.
- [Release notes](https://github.com/paramiko/paramiko/releases)
- [Changelog](https://github.com/paramiko/paramiko/blob/main/NEWS)
- [Commits](https://github.com/paramiko/paramiko/compare/2.9.2...2.10.1)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:02:34 +01:00
4fffa6d2cc build(deps-dev): bump importlib-metadata from 4.11.2 to 4.11.3 (#2476)
Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.11.2 to 4.11.3.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v4.11.2...v4.11.3)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:02:24 +01:00
e46c70e13d build(deps): bump @patternfly/patternfly from 4.179.1 to 4.183.1 in /web (#2474)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.179.1 to 4.183.1.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.179.1...prerelease-v4.183.1)

---
updated-dependencies:
- dependency-name: "@patternfly/patternfly"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:02:09 +01:00
7d4e7f84f4 build(deps): bump eslint from 8.10.0 to 8.11.0 in /web (#2473)
Bumps [eslint](https://github.com/eslint/eslint) from 8.10.0 to 8.11.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.10.0...v8.11.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:01:58 +01:00
d49640ca9b build(deps): bump goauthentik.io/api/v3 from 3.2022021.4 to 3.2022031.1 (#2477)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2022021.4 to 3.2022031.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2022021.4...v3.2022031.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:00:52 +01:00
ed2cf44471 build(deps-dev): bump pytest from 7.0.1 to 7.1.0 (#2478)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.0.1 to 7.1.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.0.1...7.1.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:00:30 +01:00
5b1d15276a build(deps): bump uvicorn from 0.17.5 to 0.17.6 (#2479)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.17.5 to 0.17.6.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.17.5...0.17.6)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 10:00:09 +01:00
d9275a3350 web/elements: fix search-select hover background
closes #2471

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-13 01:58:40 +01:00
2e81dddc1d web/elements: fix search select background in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2471
2022-03-13 01:53:42 +01:00
abc73deda0 web/elements: fix error with blank SearchSelect elements in forms
closes #2469

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-11 20:36:54 +01:00
becec6b7d8 web: Update Web API Client version (#2468)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-11 19:10:27 +01:00
ab516f782b website/user: fix duplicate help text in prompts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-11 19:05:41 +01:00
d7b3c545aa Merge branch 'version-2022.3' 2022-03-11 11:02:51 +01:00
81550d9d1d website/docs: add release notes to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-11 10:59:19 +01:00
72e5768c2f build(deps): bump channels-redis from 3.3.1 to 3.4.0 (#2465) 2022-03-11 09:17:27 +01:00
11cf5fc472 build(deps): bump github.com/getsentry/sentry-go from 0.12.0 to 0.13.0 (#2466) 2022-03-11 09:17:05 +01:00
fedb81571d release: 2022.3.1 2022-03-10 19:12:29 +01:00
37528e1bba stages/authenticator_validate: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-10 09:56:04 +01:00
97ef2a6f5f build(deps-dev): bump selenium from 4.1.2 to 4.1.3 (#2461) 2022-03-10 09:33:34 +01:00
cc1509cf57 stages/authenticator_validate: fix logic error when multiple authenticator devices can be selected
closes #2290

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-10 00:46:42 +01:00
0dfecc6ae2 stages/authenticator_*: fix device.confirmed being set incorrectly
closes #2330

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-10 00:19:49 +01:00
c1e4d78672 root: deprecate :stable tag
#2439

we haven't released an -rc release in a while and I don't really see a need for them anymore, so lets simplify the release process

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 23:48:32 +01:00
0ab427b5bb website/docs: prepare 2022.3 release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 23:42:25 +01:00
a9f095d1d9 website/docs: add docs for different flow executors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 23:36:09 +01:00
de17207c68 lib: fix default geoip path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2453
2022-03-09 21:57:29 +01:00
d9675695fe root: remove backup remainders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-09 21:56:18 +01:00
ec7f372fa9 build(deps): bump @sentry/browser from 6.18.1 to 6.18.2 in /web (#2455)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.18.1 to 6.18.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.18.1...6.18.2)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 09:27:16 +01:00
8a675152e6 build(deps): bump @sentry/tracing from 6.18.1 to 6.18.2 in /web (#2456)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.18.1 to 6.18.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.18.1...6.18.2)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 09:24:34 +01:00
228fe01f92 build(deps): bump sentry-sdk from 1.5.6 to 1.5.7 (#2457)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.6 to 1.5.7.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.6...1.5.7)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 09:23:35 +01:00
b9547ece49 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2448)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.13.0 to 5.14.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.14.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-08 09:41:17 +01:00
6e9bc143bd build(deps): bump @typescript-eslint/parser in /web (#2449)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.13.0 to 5.14.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.14.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-08 09:40:28 +01:00
8cd4bf1be8 build(deps): bump rollup from 2.69.2 to 2.70.0 in /web (#2450)
Bumps [rollup](https://github.com/rollup/rollup) from 2.69.2 to 2.70.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.69.2...v2.70.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-08 09:38:55 +01:00
76660e4666 internal: add tests with querystring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-07 22:03:36 +01:00
73b2e2cb82 build(deps): bump golang from 1.17.7-bullseye to 1.17.8-bullseye (#2440) 2022-03-07 09:30:47 +01:00
d741d6dcf1 build(deps): bump postcss from 8.4.7 to 8.4.8 in /website (#2441) 2022-03-07 09:30:28 +01:00
2575fa6db7 build(deps): bump rollup from 2.69.0 to 2.69.2 in /web (#2442) 2022-03-07 09:30:12 +01:00
7512c57a2e build(deps-dev): bump bandit from 1.7.3 to 1.7.4 (#2443) 2022-03-07 09:30:02 +01:00
e6e2dfd757 build(deps): bump github.com/go-openapi/runtime from 0.23.1 to 0.23.2 (#2444) 2022-03-07 09:29:40 +01:00
920d1f1b0e providers/oauth2: initial client_credentials grant support (#2437)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-05 23:24:55 +01:00
680d4fc20d website/integrations: Remove extra trailing bracket in matrix config (#2435)
In the sample code, there was an extra training "}" in the localpart_template causing all usernames to be appended with "=7D" before the server designation, such as:

@[Username]=7D:[ServerName]
2022-03-04 21:31:25 +01:00
4d3b25ea66 web: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-04 09:52:19 +01:00
5106c0d0c1 build(deps): bump twisted from 22.1.0 to 22.2.0 (#2431) 2022-03-04 09:36:08 +01:00
fd09ade054 build(deps): bump @docusaurus/preset-classic in /website (#2433) 2022-03-04 09:34:29 +01:00
01629fe9e3 build(deps): bump @docusaurus/plugin-client-redirects in /website (#2434) 2022-03-04 09:31:50 +01:00
5be97e98e4 web: update flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 20:00:53 +01:00
b1fd801ceb tenants: fix syntax error in expression for locale 2022-03-03 11:50:46 +00:00
62a939b91d internal: bump api client to v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 10:40:07 +01:00
257ac04be4 website: fix go-get repo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 10:32:23 +01:00
ec5e6c14a2 web: Update Web API Client version (#2429)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-03 10:22:49 +01:00
1e1d9f1bdd core/api: allow filtering users by uid, add uid to search
closes #2428

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 10:19:56 +01:00
da1ea51dad Translate /web/src/locales/en.po in zh_CN (#2421)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-03 09:45:47 +01:00
6ee3b8d644 web: Update Web API Client version (#2420)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-03-03 09:45:37 +01:00
6155c69b7c Translate /web/src/locales/en.po in zh_TW (#2423)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-03 09:45:20 +01:00
136d40d919 Translate /web/src/locales/en.po in zh-Hans (#2422)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-03 09:45:08 +01:00
bb1bb9e22a Translate /web/src/locales/en.po in zh-Hant (#2424)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-03-03 09:44:57 +01:00
05e84b63a2 build(deps): bump rollup from 2.68.0 to 2.69.0 in /web (#2426) 2022-03-03 09:29:43 +01:00
7ab55f7afa build(deps): bump @goauthentik/api in /web (#2425) 2022-03-03 09:24:23 +01:00
f5ec5245c5 build(deps): bump github.com/pires/go-proxyproto from 0.6.1 to 0.6.2 (#2427) 2022-03-03 09:24:03 +01:00
4f4f954693 core: customisable user settings (#2397)
* tenants: add user_settings flow, add basic flow and basic new executor

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: use flow PromptStage instead of custom stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: add tenant to StageHost interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: fix form missing component

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: re-add success message

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: improve support for multiple error messages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/prompt: allow expressions in prompt placeholders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/prompt: add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: always set pending user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: never cache stage configuration flow plans

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/user_write: fix error when pending user is anonymous user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add checkbox for prompt placeholder expression

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add prompt expression docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/prompt: add ak-locale field type

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tenants: fix default policy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add function to do global refresh

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix rendering of ak-locale

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tenants: fix default policy, add error handling to placeholder, fix locale attribute

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-03 00:13:06 +01:00
c57fbcfd89 sources/oauth: log body when get_profile fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-02 20:37:42 +01:00
025fc3fe96 build(deps): bump actions/checkout from 2 to 3 (#2415)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-02 09:56:53 +01:00
4d079522c4 build(deps): bump django from 4.0.2 to 4.0.3 (#2416)
Bumps [django](https://github.com/django/django) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/4.0.2...4.0.3)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-02 09:56:32 +01:00
08acc7ba41 providers/oauth2: fix invalid launch URL being generated 2022-03-01 15:29:21 +00:00
7bdd32506e web: cleanup default footer links 2022-03-01 15:27:21 +00:00
6283fedcd9 build(deps): bump @typescript-eslint/parser in /web (#2409) 2022-03-01 09:20:29 +01:00
7a0badc81b build(deps): bump @sentry/browser from 6.18.0 to 6.18.1 in /web (#2410) 2022-03-01 09:20:15 +01:00
1e134aa446 build(deps): bump typescript from 4.5.5 to 4.6.2 in /web (#2408) 2022-03-01 09:19:34 +01:00
27bc5489c5 build(deps): bump @sentry/tracing from 6.18.0 to 6.18.1 in /web (#2411) 2022-03-01 09:18:40 +01:00
2dca45917c build(deps): bump @typescript-eslint/eslint-plugin in /web (#2412) 2022-03-01 09:18:28 +01:00
66a4338b48 build(deps): bump actions/setup-python from 2 to 3 (#2413) 2022-03-01 09:18:14 +01:00
a4dfc7e068 build(deps): bump kubernetes from 22.6.0 to 23.3.0 (#2414) 2022-03-01 09:17:55 +01:00
f98a9bed9f build(deps-dev): bump bandit from 1.7.2 to 1.7.3 (#2403)
* build(deps-dev): bump bandit from 1.7.2 to 1.7.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.2 to 1.7.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.2...1.7.3)

---
updated-dependencies:
- dependency-name: bandit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* sigh

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-28 10:13:51 +01:00
5d1bf4a0af website: update search config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-28 09:54:47 +01:00
34635ab928 build(deps): bump @docusaurus/preset-classic in /website (#2400) 2022-02-28 09:16:48 +01:00
fabe1130c1 build(deps): bump @docusaurus/plugin-client-redirects in /website (#2401) 2022-02-28 09:14:22 +01:00
8feda9c2b1 build(deps): bump eslint from 8.9.0 to 8.10.0 in /web (#2399) 2022-02-28 09:14:03 +01:00
074928cac1 build(deps): bump wsproto from 1.0.0 to 1.1.0 (#2402) 2022-02-28 09:13:50 +01:00
2308f90270 build(deps-dev): bump importlib-metadata from 4.11.1 to 4.11.2 (#2404) 2022-02-28 09:13:10 +01:00
13adca0763 website/integrations: add hashicorp vault integration to website (#2363)
* add hashicorp vault

basic instructions for hashicorp vault

* removed auth0, updated redirect_uri's

removed auth0, updated redirect_uri's to include localhost

* Add hashicorp vault to app list

Add hashicorp-vault to the applications sidebar
2022-02-28 00:03:18 +01:00
50ded723d1 web: Update Web API Client version (#2398)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-27 15:17:11 +01:00
e9064509fe sources/oauth: Add Mailcow oauth source (#2380)
* Feat: Add Mailcow oauth source

* Feat: Add mailcow icon

* Run make

* Feat: Add tests

* Fix: Remainder from discord test

* Docs: Add mailcow oauth source docs

* Docs: add mailcow source to menu

* Fix: Mailcow provider type in test

* Fix: Formatting

* Fix: Doc file name
2022-02-27 15:06:02 +01:00
6fdf3ad3e5 internal/outpost: improve logging and add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2393
2022-02-26 22:29:56 +01:00
fb60cefb72 web/flows: fix rendering of help text on prompt stages
closes #2310

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 17:56:08 +01:00
61f7db314a web/admin: use searchable select field for users and groups in policy binding form
closes #2285

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 17:49:04 +01:00
ef7952cab3 web/admin: improve user and group management by showing related objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2391
2022-02-26 17:48:25 +01:00
7e5d8624c8 web: fix locale change not updating all elements
closes #2365

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 16:29:12 +01:00
2c54be85be web: prioritise ?locale parameter over saved locale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 16:24:29 +01:00
2f8dbe9b97 core: handle all exceptions for applications listing
closes #2382

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-26 16:08:38 +01:00
cebe44403c build(deps): bump prismjs from 1.26.0 to 1.27.0 in /web (#2394)
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/PrismJS/prism/releases)
- [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PrismJS/prism/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: prismjs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-26 15:18:37 +01:00
7261017e13 build(deps): bump prismjs from 1.26.0 to 1.27.0 in /website (#2395)
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/PrismJS/prism/releases)
- [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md)
- [Commits](https://github.com/PrismJS/prism/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: prismjs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-26 15:18:26 +01:00
0b3d33f428 build(deps): bump @sentry/tracing from 6.17.9 to 6.18.0 in /web (#2385) 2022-02-25 09:58:43 +01:00
6f0cbd5fa6 build(deps): bump rapidoc from 9.1.8 to 9.2.0 in /website (#2383) 2022-02-25 09:58:02 +01:00
fb94aefd2f build(deps): bump postcss from 8.4.6 to 8.4.7 in /website (#2384) 2022-02-25 09:57:27 +01:00
c4c8390eff build(deps): bump rapidoc from 9.1.8 to 9.2.0 in /web (#2386) 2022-02-25 09:57:08 +01:00
8c2e4478fd build(deps): bump @sentry/browser from 6.17.9 to 6.18.0 in /web (#2387) 2022-02-25 09:56:58 +01:00
94029ee612 build(deps): bump actions/setup-node from 2 to 3.0.0 (#2388) 2022-02-25 09:56:20 +01:00
8db49f9eca build(deps-dev): bump selenium from 4.1.1 to 4.1.2 (#2389) 2022-02-25 09:56:06 +01:00
7bd25d90f4 core: compile backend translations (#2381) 2022-02-24 11:31:12 +01:00
133528ee90 website/docs: add email sender name explanation
closes #2378

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-24 10:39:33 +01:00
578bd8fcb3 Translate /web/src/locales/en.po in zh-Hans (#2370)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-24 10:12:10 +01:00
4c2ef95253 Translate /web/src/locales/en.po in zh_CN (#2371)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-24 10:11:54 +01:00
702a59222d Apply translations in zh_CN (#2372)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'zh_CN' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-24 10:11:43 +01:00
48e2121a75 Translate /web/src/locales/en.po in zh_TW (#2373)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-24 10:11:32 +01:00
61249786ff Translate /web/src/locales/en.po in zh-Hant (#2374)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-24 10:11:20 +01:00
008af4ccce build(deps): bump @rollup/plugin-typescript from 8.3.0 to 8.3.1 in /web (#2375)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript) from 8.3.0 to 8.3.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/typescript-v8.3.1/packages/typescript)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-24 10:10:43 +01:00
02e3010efe build(deps): bump @patternfly/patternfly from 4.171.1 to 4.179.1 in /web (#2376)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.171.1 to 4.179.1.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.171.1...prerelease-v4.179.1)

---
updated-dependencies:
- dependency-name: "@patternfly/patternfly"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-24 10:10:29 +01:00
aca4795e0c build(deps): bump @rollup/plugin-commonjs from 21.0.1 to 21.0.2 in /web (#2377)
Bumps [@rollup/plugin-commonjs](https://github.com/rollup/plugins/tree/HEAD/packages/commonjs) from 21.0.1 to 21.0.2.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/commonjs/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/commonjs-v21.0.2/packages/commonjs)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-commonjs"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-24 10:10:04 +01:00
ff0febfecd build(deps-dev): bump selenium from 4.1.0 to 4.1.1 (#2379)
Bumps [selenium](https://github.com/SeleniumHQ/Selenium) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/commits)

---
updated-dependencies:
- dependency-name: selenium
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-24 10:09:53 +01:00
4daad4b514 web/admin: always show group/user policy options and display disclaimer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-23 23:31:03 +01:00
677bcaadd7 core: add initial app launch url (#2367)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-23 22:48:55 +01:00
c6e9ecdd37 build(deps): bump rollup from 2.67.3 to 2.68.0 in /web (#2358) 2022-02-23 09:50:51 +01:00
c9ecad6262 build(deps): bump @rollup/plugin-replace from 3.1.0 to 4.0.0 in /web (#2359) 2022-02-23 09:50:41 +01:00
e545b3b401 build(deps): bump @rollup/plugin-babel from 5.3.0 to 5.3.1 in /web (#2360) 2022-02-23 09:50:29 +01:00
fec96ea013 build(deps): bump sentry-sdk from 1.5.4 to 1.5.6 (#2361) 2022-02-23 09:50:16 +01:00
1ac1c50b67 build(deps): bump github.com/go-openapi/runtime from 0.23.0 to 0.23.1 (#2362) 2022-02-23 09:49:40 +01:00
d2f189c1d0 root: exempt enhancement issues from stale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-22 20:34:39 +01:00
fb33906637 internal/ldap: fix panic when parsing lists with mixed types
closes #2355

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-22 19:56:55 +01:00
6d3a94f24f build(deps): bump @typescript-eslint/eslint-plugin in /web (#2352) 2022-02-22 09:45:12 +01:00
84f594e658 build(deps): bump codemirror from 5.65.1 to 5.65.2 in /web (#2353) 2022-02-22 09:43:58 +01:00
1486bd5ab2 build(deps): bump @typescript-eslint/parser in /web (#2354) 2022-02-22 09:43:36 +01:00
2c00f4da2d build(deps): bump rollup from 2.67.2 to 2.67.3 in /web (#2347)
Bumps [rollup](https://github.com/rollup/rollup) from 2.67.2 to 2.67.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.67.2...v2.67.3)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 09:40:51 +01:00
c10a23220b build(deps): bump rapidoc from 9.1.4 to 9.1.8 in /website (#2348)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.1.4 to 9.1.8.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/v9.1.4...v9.1.8)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 09:39:45 +01:00
f20243d545 build(deps): bump rapidoc from 9.1.4 to 9.1.8 in /web (#2349)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.1.4 to 9.1.8.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/v9.1.4...v9.1.8)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 09:39:32 +01:00
903c6422ad build(deps-dev): bump pylint-django from 2.5.1 to 2.5.2 (#2350)
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.5.1 to 2.5.2.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.5.1...v2.5.2)

---
updated-dependencies:
- dependency-name: pylint-django
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 09:39:19 +01:00
f5ab955536 build(deps-dev): bump coverage from 6.3.1 to 6.3.2 (#2351)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.1 to 6.3.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.3.1...6.3.2)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 09:39:03 +01:00
3a861f0497 Translate /web/src/locales/en.po in de (#2343)
translation completed for the source file '/web/src/locales/en.po'
on the 'de' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-18 12:43:41 +01:00
744f250d05 providers/proxy: always set rd param in addition to session to prevent wrong url in session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-18 10:32:22 +01:00
83d435bd3b build(deps): bump lit from 2.1.4 to 2.2.0 in /web (#2339)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.1.4 to 2.2.0.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.2.0/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 09:58:56 +01:00
945cdfe212 build(deps): bump @babel/core from 7.17.4 to 7.17.5 in /web (#2340)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.4 to 7.17.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.5/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 09:58:21 +01:00
fcc0963fab build(deps): bump lxml from 4.7.1 to 4.8.0 (#2341)
Bumps [lxml](https://github.com/lxml/lxml) from 4.7.1 to 4.8.0.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.7.1...lxml-4.8.0)

---
updated-dependencies:
- dependency-name: lxml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 09:58:07 +01:00
2ab4fcd757 build(deps): bump webauthn from 1.3.0 to 1.4.0 (#2342)
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-18 09:57:53 +01:00
bfe31b15ad web: fix locale codes
closes #2332

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-17 22:37:54 +01:00
49c4b43f32 website/docs: better explain icon URL behaviour
closes #2337

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-17 22:37:17 +01:00
19b1f3a8c1 internal/outpost: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-17 20:50:47 +01:00
80f218a6bf core: also handle TypeError for invalid app URL formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-17 18:23:11 +01:00
61aaa90226 build(deps): bump @sentry/browser from 6.17.8 to 6.17.9 in /web (#2331)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.17.8 to 6.17.9.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.17.8...6.17.9)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-17 10:24:21 +01:00
7fdda5a387 build(deps): bump @sentry/tracing from 6.17.8 to 6.17.9 in /web (#2333)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.17.8 to 6.17.9.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.17.8...6.17.9)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-17 10:18:49 +01:00
94597fd2ad build(deps): bump uvicorn from 0.17.4 to 0.17.5 (#2334)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.17.4 to 0.17.5.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.17.4...0.17.5)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-17 10:18:29 +01:00
09808883f4 build(deps-dev): bump pylint-django from 2.5.0 to 2.5.1 (#2335)
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.5.0...v2.5.1)

---
updated-dependencies:
- dependency-name: pylint-django
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-17 10:17:51 +01:00
81ecb85a55 Translate /web/src/locales/en.po in zh-Hans (#2326)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-16 13:41:44 +01:00
21bfaa3927 Translate /web/src/locales/en.po in zh_TW (#2327)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-16 13:41:36 +01:00
1c9c7be1c0 Translate /web/src/locales/en.po in zh-Hant (#2328)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-16 13:41:28 +01:00
5a11dc567e web: Update Web API Client version (#2325)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-16 11:33:54 +01:00
4a1acd377b release: 2022.2.1 2022-02-16 10:51:55 +01:00
c5b84a91d1 website/docs: add 2022.2 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-16 10:27:25 +01:00
e77ecda3b8 root: update security
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-16 10:20:32 +01:00
4e317c10c5 Revert "website/docs: revert to akprox for now"
This reverts commit 9070df6c26.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	website/docs/providers/proxy/_nginx_ingress.md
#	website/docs/providers/proxy/_nginx_proxy_manager.md
#	website/docs/providers/proxy/_nginx_standalone.md
2022-02-16 10:19:33 +01:00
eb05a3ddb8 build(deps): bump @sentry/browser from 6.17.7 to 6.17.8 in /web (#2318) 2022-02-16 09:13:04 +01:00
a22d6a0924 build(deps): bump @sentry/tracing from 6.17.7 to 6.17.8 in /web (#2319) 2022-02-16 09:10:54 +01:00
3f0d67779a build(deps): bump lit from 2.1.3 to 2.1.4 in /web (#2320) 2022-02-16 09:10:38 +01:00
0a937ae8e9 build(deps): bump @babel/core from 7.17.2 to 7.17.4 in /web (#2321) 2022-02-16 09:10:23 +01:00
f8d94f3039 build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.1 to 3.4.2 (#2323) 2022-02-16 09:10:04 +01:00
6bb261ac62 build(deps): bump github.com/gorilla/websocket from 1.4.2 to 1.5.0 (#2324) 2022-02-16 09:09:39 +01:00
45f2c5bae7 web/admin: fix invalid URLs in example proxy config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-15 23:24:27 +01:00
5d8c1aa0b0 outposts/proxy: correctly check host in forward domain redirect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
2022-02-15 14:58:19 +01:00
0101368369 outposts/proxy: fix logic error in rd argument
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
2022-02-15 13:43:55 +01:00
4854f81592 outposts/proxy: correctly handle ?rd= param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
2022-02-15 11:05:03 +01:00
4bed6e02e5 Revert "build(deps): bump sentry-sdk from 1.5.4 to 1.5.5 (#2315)"
This reverts commit b6edf990e0.
2022-02-15 10:24:11 +01:00
908f123d0e website/docs: update nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-15 10:24:08 +01:00
256dd24a1e build(deps): bump @typescript-eslint/parser in /web (#2312)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.12.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 10:06:18 +01:00
d4284407f9 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2313)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.12.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 10:04:33 +01:00
80da5dfc52 build(deps): bump webauthn from 1.2.1 to 1.3.0 (#2314)
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 10:04:17 +01:00
b6edf990e0 build(deps): bump sentry-sdk from 1.5.4 to 1.5.5 (#2315)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.5.4...1.5.5)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 09:56:32 +01:00
a66dcf9382 build(deps): bump kubernetes from 21.7.0 to 22.6.0 (#2316)
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 21.7.0 to 22.6.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-client/python/compare/v21.7.0...v22.6.0)

---
updated-dependencies:
- dependency-name: kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 09:56:22 +01:00
9095a840d5 build(deps-dev): bump importlib-metadata from 4.11.0 to 4.11.1 (#2317)
Bumps [importlib-metadata](https://github.com/python/importlib_metadata) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/python/importlib_metadata/releases)
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst)
- [Commits](https://github.com/python/importlib_metadata/compare/v4.11.0...v4.11.1)

---
updated-dependencies:
- dependency-name: importlib-metadata
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-15 09:56:12 +01:00
72259f6479 events: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 23:15:45 +01:00
0973c74b9d providers/oauth2: fix redirect_uri being lowercased on successful validation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 23:04:00 +01:00
c7ed4f7ac1 events: check mtime on geoip database
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 22:42:46 +01:00
3d577cf15e *: add placeholder custom.css to easily allow user customisation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 20:05:00 +01:00
5474a32573 Translate /web/src/locales/en.po in zh_TW (#2308) 2022-02-14 15:36:54 +01:00
a5940b88e3 Translate /web/src/locales/en.po in zh-Hant (#2307) 2022-02-14 15:36:37 +01:00
ff15716012 Translate /web/src/locales/en.po in zh-Hans (#2306) 2022-02-14 15:36:27 +01:00
c040b13b29 providers/proxy: remove leading slash to allow subdirectories in proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2305
2022-02-14 12:51:04 +01:00
4915e980c5 providers/proxy: revert Host header behaviour
closes #2284

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 12:39:16 +01:00
df362dd9ea core: handle error when formatting launch URL fails closes #2304 2022-02-14 12:02:51 +01:00
d4e4f93cb4 Revert "build(deps): bump sentry-sdk from 1.5.4 to 1.5.5 (#2303)"
This reverts commit 3de224690a.
2022-02-14 09:55:39 +01:00
3af0de6a00 Revert "root: disable sentry's auto_session_tracking"
This reverts commit 4f24d61290.
2022-02-14 09:55:35 +01:00
4f24d61290 root: disable sentry's auto_session_tracking
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-14 09:44:12 +01:00
4c5c4dcf2c build(deps): bump @sentry/tracing from 6.17.6 to 6.17.7 in /web (#2296) 2022-02-14 08:57:12 +01:00
660b5cb6c6 build(deps): bump chart.js from 3.7.0 to 3.7.1 in /web (#2297) 2022-02-14 08:56:52 +01:00
6ff1ea73a9 build(deps): bump @sentry/browser from 6.17.6 to 6.17.7 in /web (#2298) 2022-02-14 08:56:13 +01:00
3de224690a build(deps): bump sentry-sdk from 1.5.4 to 1.5.5 (#2303) 2022-02-14 08:56:02 +01:00
d4624b510a build(deps): bump eslint from 8.8.0 to 8.9.0 in /web (#2299) 2022-02-14 08:55:42 +01:00
8856d762d0 build(deps): bump @rollup/plugin-replace from 3.0.1 to 3.1.0 in /web (#2300) 2022-02-14 08:55:27 +01:00
5d1cbf14d1 build(deps): bump actions/github-script from 5 to 6 (#2301) 2022-02-14 08:55:11 +01:00
6d5207f644 build(deps-dev): bump pytest from 7.0.0 to 7.0.1 (#2302) 2022-02-14 08:54:53 +01:00
3b6497cd51 outposts: ensure keypair is set for SSH connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-13 15:39:37 +01:00
ff7320b0f8 website/docs: update nginx ingress docs again
closes #2235

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-13 14:48:47 +01:00
e5a393c534 internal: increase logging for no hostname found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-13 14:36:56 +01:00
bb4be944dc sources/ldap: use merger that only appends unique items to list
closes #2211

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-13 14:20:13 +01:00
21efee8f44 admin: add additional logging when restarting a task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 18:40:21 +01:00
f61549a60f providers/proxy: enable TLS in ingress via traefik annotation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1997
2022-02-12 18:35:24 +01:00
0a7bafd1b2 website/docs: add nginx note for domain auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 18:14:14 +01:00
b3987c5fa0 website/docs: update nginx ingress docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2235
2022-02-12 18:06:04 +01:00
0da043a9fe outposts: make local discovery configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 17:27:41 +01:00
f336f204cb stages/authenticator_validate: fix handling when single configuration stage is selected
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 17:27:33 +01:00
3bfcf18492 build(deps): bump follow-redirects from 1.14.6 to 1.14.8 in /website (#2293)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.6...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-12 16:59:10 +01:00
dfafe8b43d web: Update Web API Client version (#2292)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-12 16:58:10 +01:00
b5d43b15f8 providers/oauth2: add support for explicit response_mode
closes #1953

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 16:56:47 +01:00
2ccab75021 stages/authenticator_validate: add ability to select multiple configuration stages which the user can choose
closes #1843

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-12 16:55:50 +01:00
9070df6c26 website/docs: revert to akprox for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-11 23:37:46 +01:00
a1c8ad55ad web: add german locale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-11 22:09:05 +01:00
872c05c690 Translate /web/src/locales/en.po in de (#2291)
translation completed for the source file '/web/src/locales/en.po'
on the 'de' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-11 20:16:47 +01:00
a9528dc1b5 build(deps): bump golang from 1.17.6-bullseye to 1.17.7-bullseye (#2286) 2022-02-11 09:45:53 +01:00
0e59ade1f2 build(deps): bump rollup from 2.67.1 to 2.67.2 in /web (#2287) 2022-02-11 09:45:35 +01:00
5ac49c695d build(deps): bump country-flag-icons from 1.4.20 to 1.4.21 in /web (#2288) 2022-02-11 09:45:22 +01:00
3a30ecbe76 build(deps-dev): bump importlib-metadata from 4.10.1 to 4.11.0 (#2289) 2022-02-11 09:45:03 +01:00
1f838bb2aa outposts/proxy: add X-Forwarded-Host since Host now gets changed by the proxy
closes #2284

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-10 23:09:55 +01:00
cc42830e23 website/integrations: add Paperless-ng instructions (#2225)
* Update instructions

I've updated the steps to provide some clarity around certain areas that tripped me up as a newcomer to authentik trying to follow these instructions.

* Added Paperless

Added authentik instructions for Paperless-ng

* Moved to paperless-ng directory

* Minor update to remove redundant part

Removed example authentik.company as these instructions do not require referencing authentik host name directly.

* Added Paperless-ng

* Typo fix

* Formatting changes

Updated changes based on feedback
2022-02-10 09:45:22 +01:00
593eb959ca Translate /web/src/locales/en.po in zh-Hans (#2278)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-10 09:44:55 +01:00
5bb6785ad6 Translate /web/src/locales/en.po in zh-Hant (#2279)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-10 09:44:47 +01:00
535c11a729 Translate /web/src/locales/en.po in zh_TW (#2280)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-10 09:44:39 +01:00
a0fa8d8524 web: Update Web API Client version (#2277)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-09 22:46:16 +01:00
c14025c579 Merge branch 'version-2022.1'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	poetry.lock
2022-02-09 22:45:26 +01:00
8bc3db7c90 release: 2022.1.5 2022-02-09 22:42:34 +01:00
eaad564e23 release: 2022.1.5 2022-02-09 22:31:26 +01:00
511a94975b website/docs: add 2022.1.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:31:14 +01:00
015810a2fd internal: fix CSRF error caused by Host header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:53 +01:00
e70e6b84c2 internal: trace headers and url for backend requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:50 +01:00
d0b9c9a26f internal: remove uvicorn server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:46 +01:00
3e403fa348 internal: improve error handling for internal reverse proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:41 +01:00
48f4a971ef internal: don't attempt to lookup SNI Certificate if no SNI is sent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:39 +01:00
6314be14ad core: allow formatting strings to be used for applications' launch URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:29 +01:00
1a072c6c39 web/admin: fix mismatched icons in overview and lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:26 +01:00
ef2eed0bdf outposts: fix compare_ports to support both service and container ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:20 +01:00
91227b1e96 outposts: fix service reconciler re-creating services
closes #2095

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:16 +01:00
67d68629da providers/proxy: fix Host/:Authority not being modified
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:08 +01:00
e875db8f66 stages/authenticator_validate: handle non-existent device_challenges
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:22:02 +01:00
055a76393d outposts: remove node_port on V1ServicePort checks to prevent service creation loops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2095
2022-02-09 22:21:58 +01:00
0754821628 providers/proxy: improve error handling for invalid backend_override
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:21:55 +01:00
fca88d9896 sources/ldap: log entire exception
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:21:48 +01:00
dfe0404c51 sources/saml: fix server error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:21:24 +01:00
fa61696b46 sources/saml: fix incorrect ProtocolBinding being sent
closes #2213

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:21:15 +01:00
e5773738f4 outposts: fix channel not always having a logger attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:21:12 +01:00
cac8539d79 providers/proxy: fix nil error in claims
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 22:21:08 +01:00
cf600f6f26 build(deps): bump uvicorn from 0.17.1 to 0.17.3 (#2229)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.17.1 to 0.17.3.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.17.1...0.17.3)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-09 17:56:53 +01:00
e194715c3e internal: fix CSRF error caused by Host header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 14:34:55 +01:00
787f02d5dc Translate /web/src/locales/en.po in pl (#2274)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-09 14:07:05 +01:00
a0ed01a610 Translate /web/src/locales/en.po in pl_PL (#2275)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl_PL' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-09 14:06:41 +01:00
02ba493759 internal: trace headers and url for backend requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 12:48:17 +01:00
a7fea5434d internal: remove uvicorn server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 12:38:47 +01:00
4fb783e953 internal: improve error handling for internal reverse proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 12:33:37 +01:00
affbf85699 internal: don't attempt to lookup SNI Certificate if no SNI is sent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 12:33:25 +01:00
0d92112a3f website/docs: add backend_override docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 10:41:42 +01:00
b1ad3ec9db website/docs: highlight breaking nginx header change
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 10:33:04 +01:00
c0601baca6 web: add additional locales
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-09 10:09:07 +01:00
057c5c5e9a build(deps): bump @sentry/tracing from 6.17.5 to 6.17.6 in /web (#2270) 2022-02-09 09:04:15 +01:00
05429ab848 build(deps): bump @babel/plugin-proposal-decorators in /web (#2272) 2022-02-09 09:04:02 +01:00
b66d51a699 Translate /web/src/locales/en.po in zh-Hans (#2267) 2022-02-09 09:03:51 +01:00
f834bc0ff2 Translate /web/src/locales/en.po in zh-Hant (#2269) 2022-02-09 09:03:29 +01:00
93fd883d7a Translate /web/src/locales/en.po in zh_TW (#2268) 2022-02-09 09:03:16 +01:00
7e080d4d68 build(deps): bump @babel/core from 7.17.0 to 7.17.2 in /web (#2271) 2022-02-09 09:02:34 +01:00
3e3ca22d04 build(deps): bump @sentry/browser from 6.17.5 to 6.17.6 in /web (#2273) 2022-02-09 09:02:15 +01:00
e741caa6b3 core: allow formatting strings to be used for applications' launch URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 23:46:23 +01:00
4343246a41 *: rename akprox to outpost.goauthentik.io (#2266)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 20:25:38 +01:00
3f6f83b4b6 web/admin: fix mismatched icons in overview and lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 19:03:57 +01:00
c63e1c9b87 outposts: fix compare_ports to support both service and container ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 17:40:49 +01:00
f44cf06d22 outposts: fix service reconciler re-creating services
closes #2095

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 17:23:00 +01:00
3f609b8601 Translate /web/src/locales/en.po in zh_TW (#2263)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-08 16:36:25 +01:00
edd89b44a4 Translate /web/src/locales/en.po in zh-Hans (#2262)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-08 16:36:12 +01:00
3e58748862 Translate /web/src/locales/en.po in zh-Hant (#2261)
translation completed for the source file '/web/src/locales/en.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-08 16:36:02 +01:00
7088a6b0e6 providers/proxy: fix Host/:Authority not being modified
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-08 16:30:26 +01:00
6c880e0e62 website/docs: Enable 'secure' option for pwgen (#2260)
* Enable 'secure' option for pwgen

As per the [pwgen manual](https://linux.die.net/man/1/pwgen, "pwgen manual"), the "-s"(secure) option instructs pwgen to generate completely random passwords, where as the default for pwgen is to generate more memorable passwords. Since, the passwords generated in this part of the installation process are to be "remembered" by the dot env file, I believe that users may benefit from the additional entropy provided by the "-s" option in pwgen.

* Enable 'secure' option for pwgen
2022-02-08 12:24:29 +01:00
cb1e70be7f website/integrations: add documentation for roundcube webmail client (#2104)
* Add documentation for roundcube webmail client

Includes required dovecot configuration snippet.

* added roundcube to sidebar links

* fixed typo

* clean up formatting 

Tighten up extra info and match format to other integration documents

* fix roundcube wiki url display
2022-02-08 12:24:14 +01:00
6ba150f737 build(deps): bump @sentry/browser from 6.17.4 to 6.17.5 in /web (#2252)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.17.4 to 6.17.5.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.17.4...6.17.5)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:49:33 +01:00
131769ea73 build(deps): bump @typescript-eslint/parser in /web (#2253)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.10.2 to 5.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.11.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:49:15 +01:00
e68adbb30d build(deps): bump rollup from 2.67.0 to 2.67.1 in /web (#2254)
Bumps [rollup](https://github.com/rollup/rollup) from 2.67.0 to 2.67.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.67.0...v2.67.1)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:48:54 +01:00
f1eef09099 build(deps): bump @sentry/tracing from 6.17.4 to 6.17.5 in /web (#2255)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.17.4 to 6.17.5.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.17.4...6.17.5)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:48:46 +01:00
5ab3c7fa9f build(deps): bump lit from 2.1.2 to 2.1.3 in /web (#2256)
Bumps [lit](https://github.com/lit/lit/tree/HEAD/packages/lit) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/lit/lit/releases)
- [Changelog](https://github.com/lit/lit/blob/main/packages/lit/CHANGELOG.md)
- [Commits](https://github.com/lit/lit/commits/lit@2.1.3/packages/lit)

---
updated-dependencies:
- dependency-name: lit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:48:41 +01:00
d0cec39a0f build(deps): bump @typescript-eslint/eslint-plugin in /web (#2257)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.10.2 to 5.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.11.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:48:00 +01:00
e15f53a39a build(deps): bump @fortawesome/fontawesome-free in /web (#2258)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.4 to 6.0.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.4...6.0.0)

---
updated-dependencies:
- dependency-name: "@fortawesome/fontawesome-free"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:47:44 +01:00
25fb995663 build(deps): bump twisted from 21.7.0 to 22.1.0 (#2259)
Bumps [twisted](https://github.com/twisted/twisted) from 21.7.0 to 22.1.0.
- [Release notes](https://github.com/twisted/twisted/releases)
- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
- [Commits](https://github.com/twisted/twisted/compare/twisted-21.7.0...twisted-22.1.0)

---
updated-dependencies:
- dependency-name: twisted
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-08 09:44:32 +01:00
eac658c64f web: update background image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 20:46:47 +01:00
15e2032493 stages/authenticator_validate: handle non-existent device_challenges
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 20:31:49 +01:00
c87f6cd9d9 outposts: remove node_port on V1ServicePort checks to prevent service creation loops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2095
2022-02-07 20:26:14 +01:00
e758995458 providers/proxy: improve error handling for invalid backend_override
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 19:59:06 +01:00
20c284a188 website/docs: improve docs for application access
closes #2245

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 19:42:42 +01:00
b0936ea8f3 sources/ldap: log entire exception
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-07 19:37:39 +01:00
bfc0f4a413 build(deps): bump github.com/go-openapi/runtime from 0.22.0 to 0.23.0 (#2249)
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 10:04:05 +01:00
1a9a90cf6a build(deps): bump @formatjs/intl-listformat from 6.5.1 to 6.5.2 in /web (#2248)
Bumps [@formatjs/intl-listformat](https://github.com/formatjs/formatjs) from 6.5.1 to 6.5.2.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/@formatjs/intl-listformat@6.5.1...@formatjs/intl-listformat@6.5.2)

---
updated-dependencies:
- dependency-name: "@formatjs/intl-listformat"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 10:03:36 +01:00
00f1a6fa48 build(deps): bump github.com/go-openapi/strfmt from 0.21.1 to 0.21.2 (#2250)
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.21.1...v0.21.2)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 10:03:20 +01:00
33754a06d2 website/integrations: update gitea integration documentation (#2182)
Newer gitea versions now expose "additional OIDC mapping" to admin GUI.
The configuration file change required in previous versions can now be
done in the GUI.
2022-02-06 15:17:52 +01:00
69b838e1cf web: Update Web API Client version (#2244)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-05 18:56:13 +01:00
d5e04a2301 *: remove deprecated backup (#2129)
* *: remove backup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: final cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: use correct pyproject when migrating from stable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-05 18:54:15 +01:00
fbf251280f core: compile backend translations (#2243)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-05 16:52:38 +01:00
eaadf62f01 Apply translations in zh-Hant (#2242)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'zh-Hant' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-05 16:23:51 +01:00
8c33e7a7c1 Apply translations in zh_TW (#2241)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'zh_TW' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-05 16:23:43 +01:00
a7d9a80a28 Apply translations in zh-Hans (#2240)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'zh-Hans' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-05 16:23:36 +01:00
2ea5dce8d3 build(deps): bump uvicorn from 0.17.3 to 0.17.4 (#2238)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.17.3 to 0.17.4.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.17.3...0.17.4)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 16:23:27 +01:00
14bf01efe4 build(deps-dev): bump pytest from 6.2.5 to 7.0.0 (#2237)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.5 to 7.0.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.5...7.0.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 16:23:19 +01:00
67b24a60e4 build(deps): bump boto3 from 1.20.48 to 1.20.49 (#2236)
Bumps [boto3](https://github.com/boto/boto3) from 1.20.48 to 1.20.49.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.20.48...1.20.49)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 16:23:03 +01:00
e6775297cb build(deps): bump pycryptodome from 3.14.0 to 3.14.1 (#2239)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.14.0 to 3.14.1.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.14.0...v3.14.1)

---
updated-dependencies:
- dependency-name: pycryptodome
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 16:22:51 +01:00
4e4e2b36b6 sources/saml: fix server error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-05 15:41:26 +01:00
3189c56fc3 website/docs: default to upgrade with install flag set (#2234) 2022-02-04 22:36:34 +01:00
5b5ea47b7a Translate /web/src/locales/en.po in pl_PL (#2233)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl_PL' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-02-04 21:59:00 +01:00
caa382f898 build(deps): bump @trivago/prettier-plugin-sort-imports in /web (#2227)
Bumps [@trivago/prettier-plugin-sort-imports](https://github.com/trivago/prettier-plugin-sort-imports) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/trivago/prettier-plugin-sort-imports/releases)
- [Changelog](https://github.com/trivago/prettier-plugin-sort-imports/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trivago/prettier-plugin-sort-imports/compare/v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: "@trivago/prettier-plugin-sort-imports"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-04 10:17:21 +01:00
2d63488197 build(deps): bump boto3 from 1.20.47 to 1.20.48 (#2228)
Bumps [boto3](https://github.com/boto/boto3) from 1.20.47 to 1.20.48.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.20.47...1.20.48)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-04 10:16:52 +01:00
c1c8e4c8d4 build(deps): bump uvicorn from 0.17.1 to 0.17.3 (#2229)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.17.1 to 0.17.3.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.17.1...0.17.3)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-04 10:16:37 +01:00
a0e451c5e5 website/integrations: clarify some steps Nextcloud SAML (#2222)
I've updated the steps to provide some clarity around certain areas that tripped me up as a newcomer to authentik trying to follow these instructions.
2022-02-03 23:15:57 +01:00
eaba8006e6 sources/saml: fix incorrect ProtocolBinding being sent
closes #2213

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-03 18:20:06 +01:00
39ff202f8c outposts: fix channel not always having a logger attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-03 17:58:54 +01:00
654e0d6245 providers/proxy: fix nil error in claims
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-03 17:58:38 +01:00
ec04443493 build(deps): bump @babel/plugin-proposal-decorators in /web (#2215)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.16.7 to 7.17.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.0/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:40:17 +01:00
d247c262af build(deps): bump @sentry/tracing from 6.17.3 to 6.17.4 in /web (#2214)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.17.3 to 6.17.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.17.3...6.17.4)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:39:32 +01:00
dff49b2bef build(deps): bump @sentry/browser from 6.17.3 to 6.17.4 in /web (#2216)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.17.3 to 6.17.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.17.3...6.17.4)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:38:53 +01:00
50666a76fb build(deps): bump flowchart.js from 1.17.0 to 1.17.1 in /web (#2217)
Bumps [flowchart.js](https://github.com/adrai/flowchart.js) from 1.17.0 to 1.17.1.
- [Release notes](https://github.com/adrai/flowchart.js/releases)
- [Changelog](https://github.com/adrai/flowchart.js/blob/master/releasenotes.md)
- [Commits](https://github.com/adrai/flowchart.js/compare/v1.17.0...v1.17.1)

---
updated-dependencies:
- dependency-name: flowchart.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:38:43 +01:00
b51a7f9746 build(deps): bump @babel/plugin-transform-runtime in /web (#2218)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.16.10 to 7.17.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.0/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:38:32 +01:00
001dfd9f6c build(deps): bump @babel/core from 7.16.12 to 7.17.0 in /web (#2219)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.16.12 to 7.17.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.0/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:38:21 +01:00
5e4fbeeb25 build(deps): bump rollup from 2.66.1 to 2.67.0 in /web (#2220)
Bumps [rollup](https://github.com/rollup/rollup) from 2.66.1 to 2.67.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.66.1...v2.67.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:38:03 +01:00
2c910bf6ca build(deps): bump boto3 from 1.20.46 to 1.20.47 (#2221)
Bumps [boto3](https://github.com/boto/boto3) from 1.20.46 to 1.20.47.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.20.46...1.20.47)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 09:37:26 +01:00
9b11319e81 build(deps-dev): bump coverage from 6.3 to 6.3.1 (#2209)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3 to 6.3.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.3...6.3.1)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-02 09:49:44 +01:00
40dc4b3fb8 build(deps): bump postcss from 8.4.5 to 8.4.6 in /website (#2207) 2022-02-02 09:41:37 +01:00
0e37b98968 build(deps): bump drf-spectacular from 0.21.1 to 0.21.2 (#2210) 2022-02-02 09:40:22 +01:00
7e132eb014 web: Update Web API Client version (#2206)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-02-01 21:04:47 +01:00
49dfb4756e release: 2022.1.4 2022-02-01 20:12:55 +01:00
814758e2aa website/docs: prepare 2022.1.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-01 19:27:25 +01:00
5c42dac5e2 web/user: include locale code in locale selection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-01 19:19:37 +01:00
88603fa4f7 providers/proxy: set traefik labels using object_naming_template instead of UUID 2022-02-01 17:13:27 +00:00
0232c4e162 lifecycle: send analytics in gunicorn config to decrease outgoing requests when workers get restarted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-01 15:01:43 +01:00
11753c1fe1 build(deps): bump django from 4.0.1 to 4.0.2 (#2204)
Bumps [django](https://github.com/django/django) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/4.0.1...4.0.2)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-01 10:59:04 +01:00
f5cc6c67ec providers/proxy: fix routing for external_host when using forward_auth_domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2180
2022-02-01 10:14:46 +01:00
8b8ed3527a build(deps): bump @typescript-eslint/parser in /web (#2200) 2022-02-01 09:11:41 +01:00
1aa0274e7c build(deps): bump @typescript-eslint/eslint-plugin in /web (#2201) 2022-02-01 09:09:34 +01:00
ecd33ca0c1 build(deps): bump github.com/go-openapi/runtime from 0.21.1 to 0.22.0 (#2202) 2022-02-01 09:09:18 +01:00
e93be0de9a sources/ldap: add list_flatten function to property mappings, enable on managed LDAP mappings
closes #2199

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-31 23:07:32 +01:00
a5adc4f8ed core: fix view_token permission not being assigned on token creation for non-admin user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-31 20:00:30 +01:00
a6baed9753 web/flows: fix width on flow container 2022-01-31 14:11:25 +00:00
ceaf832e63 root: remove boto integration in sentry to ease backup removal 2022-01-31 13:47:18 +00:00
a6b0b14685 Translate /web/src/locales/en.po in pl (#2197)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-31 14:17:26 +01:00
f679250edd lifecycle: remove gunicorn reload option
should help with #2159
2022-01-31 12:06:08 +00:00
acc4de2235 web: add pl locale 2022-01-31 11:50:05 +00:00
56a8276dbf website/integrations: update active directory docs (#2177) 2022-01-31 12:11:01 +01:00
6dfe6edbef website/integrations: add zulip (#2106)
* add zulip to sidebar links

* added Zulip chat integration documentation

* fix markdown typo

* add note about using Post for saml binding

* added missing ACS info and cleaned up

format matches other integration documents
2022-01-31 12:10:30 +01:00
6af4bd0d9a build(deps): bump construct-style-sheets-polyfill in /web (#2189)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/construct-style-sheets) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/calebdwilliams/construct-style-sheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/main/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/construct-style-sheets/commits)

---
updated-dependencies:
- dependency-name: construct-style-sheets-polyfill
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-31 12:09:13 +01:00
7ee7f6bd6a Translate /web/src/locales/en.po in pl (#2196)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-31 10:00:37 +01:00
f8b8334010 build(deps): bump @patternfly/patternfly from 4.164.2 to 4.171.1 in /web (#2192) 2022-01-31 09:05:17 +01:00
d4b65dc4b4 build(deps): bump @sentry/browser from 6.17.2 to 6.17.3 in /web (#2191) 2022-01-31 09:04:40 +01:00
e4bbd3b1c0 build(deps): bump eslint from 8.7.0 to 8.8.0 in /web (#2190) 2022-01-31 09:03:47 +01:00
87de5e625d build(deps): bump @sentry/tracing from 6.17.2 to 6.17.3 in /web (#2193) 2022-01-31 09:03:32 +01:00
efbe51673e build(deps): bump pycryptodome from 3.13.0 to 3.14.0 (#2194) 2022-01-31 09:03:10 +01:00
a95bea53ea build(deps): bump github.com/prometheus/client_golang (#2195) 2022-01-31 09:02:56 +01:00
6021fc0f52 providers/proxy: fix backend override persisting for other users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-30 22:29:34 +01:00
1415b68ff4 web: add es locale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-30 21:43:55 +01:00
be6853ac52 Translate /web/src/locales/en.po in es (#2188)
translation completed for the source file '/web/src/locales/en.po'
on the 'es' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-30 21:38:30 +01:00
7fd6be5abb providers/proxy: add backend_override
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-30 21:35:08 +01:00
91d6f572a5 scripts: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-30 21:34:37 +01:00
016a9ce34e build(deps): bump boto3 from 1.20.45 to 1.20.46 (#2187) 2022-01-30 00:52:25 +01:00
8adb95af7f build(deps): bump uvicorn from 0.17.0.post1 to 0.17.1 (#2186) 2022-01-30 00:52:08 +01:00
1dc54775d8 build(deps): bump requests-oauthlib from 1.3.0 to 1.3.1 (#2185) 2022-01-30 00:51:59 +01:00
370ef716b5 build(deps-dev): bump black from 21.12b0 to 22.1.0 (#2184) 2022-01-30 00:51:49 +01:00
16e56ad9ca website/docs: add rough documentation style guide
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-29 23:52:03 +01:00
b5b5a9eed3 web/admin: only check first half of locale when detecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2178
2022-01-28 12:35:37 +01:00
8b22e7bcc3 core: compile backend translations (#2179) 2022-01-28 11:09:29 +01:00
d48b5b9511 Translate /locale/en/LC_MESSAGES/django.po in es (#2175)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'es' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-28 09:55:56 +01:00
0eccaa3f1e build(deps): bump boto3 from 1.20.44 to 1.20.45 (#2176)
Bumps [boto3](https://github.com/boto/boto3) from 1.20.44 to 1.20.45.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.20.44...1.20.45)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-28 09:55:16 +01:00
67d550a80d providers/proxy: don't include hostname and scheme in redirect when we only got a path and not a full URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-27 18:23:08 +01:00
ebb5711c32 providers/proxy: add support for X-Original-URI in nginx, better handle missing headers and report errors to authentik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-27 18:14:02 +01:00
79ec872232 build(deps): bump @docusaurus/plugin-client-redirects in /website (#2173)
Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.14 to 2.0.0-beta.15.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.15/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-27 10:14:14 +01:00
4284e14ff7 build(deps): bump @docusaurus/preset-classic in /website (#2172)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.14 to 2.0.0-beta.15.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.15/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-27 10:12:06 +01:00
92a09779d0 build(deps): bump boto3 from 1.20.43 to 1.20.44 (#2174) 2022-01-27 09:28:02 +01:00
14c621631d web: Update Web API Client version (#2170)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-26 23:30:56 +01:00
c55f503b9b release: 2022.1.3 2022-01-26 22:15:28 +01:00
a908cad976 website/docs: add release notes for 2022.1.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-26 21:41:15 +01:00
c2586557d8 root: fix redis passwords not being encoded correctly
closes #2130

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-26 20:45:45 +01:00
01c80a82e2 web/admin: fix SMS Stage form not working
closes #2127

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-26 20:39:38 +01:00
0d47654651 root: add max-requests for gunicorn and max tasks for celery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-26 10:04:58 +01:00
1183095833 build(deps): bump @sentry/tracing from 6.17.1 to 6.17.2 in /web (#2162) 2022-01-26 09:35:10 +01:00
c281b11bdc build(deps): bump lit from 2.1.1 to 2.1.2 in /web (#2161) 2022-01-26 09:22:05 +01:00
61fe45a58c build(deps): bump @sentry/browser from 6.17.1 to 6.17.2 in /web (#2163) 2022-01-26 09:21:52 +01:00
d43aab479c build(deps): bump rollup from 2.66.0 to 2.66.1 in /web (#2164) 2022-01-26 09:21:43 +01:00
7f8383427a build(deps): bump sentry-sdk from 1.5.3 to 1.5.4 (#2165) 2022-01-26 09:21:24 +01:00
a06d6cf33d build(deps-dev): bump bandit from 1.7.1 to 1.7.2 (#2166) 2022-01-26 09:21:09 +01:00
5b7cb205c9 build(deps): bump boto3 from 1.20.42 to 1.20.43 (#2167) 2022-01-26 09:20:50 +01:00
293a932d20 build(deps-dev): bump coverage from 6.2 to 6.3 (#2168) 2022-01-26 09:20:34 +01:00
fff901ff03 rootL Fix goauthentik.io URL in Readme (#2158) 2022-01-25 20:36:44 +01:00
f47c936295 internal: add optional debug server listening on 9900
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-25 17:18:53 +01:00
88d5aec618 web/admin: fix links which look like labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-25 16:13:30 +01:00
96ae68cf09 internal: make error message less confusing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-25 15:45:21 +01:00
63b3434b6f website/docs: improve nginx examples
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-25 14:25:21 +01:00
947ecec02b outposts/ldap: Fix more case sensitivity issues. (#2144) 2022-01-25 11:27:27 +01:00
1c2b452406 outposts/proxy: fix potential empty redirect, add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2141
2022-01-25 10:57:53 +01:00
47777529ac build(deps): bump @formatjs/intl-listformat from 6.5.0 to 6.5.1 in /web (#2154) 2022-01-25 09:50:29 +01:00
949095c376 build(deps): bump @lingui/macro from 3.13.1 to 3.13.2 in /web (#2152) 2022-01-25 09:49:59 +01:00
4b112c2799 build(deps): bump @sentry/browser from 6.16.1 to 6.17.1 in /web (#2146) 2022-01-25 09:49:48 +01:00
291a2516b1 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2149) 2022-01-25 09:49:29 +01:00
4dcfd021e2 build(deps): bump @lingui/detect-locale from 3.13.1 to 3.13.2 in /web (#2147) 2022-01-25 09:49:13 +01:00
ca50848db3 build(deps): bump boto3 from 1.20.41 to 1.20.42 (#2156) 2022-01-25 09:49:01 +01:00
0bb3e3c558 build(deps): bump @lingui/cli from 3.13.1 to 3.13.2 in /web (#2148) 2022-01-25 09:48:50 +01:00
e4b25809ab build(deps): bump @typescript-eslint/parser in /web (#2150) 2022-01-25 09:48:03 +01:00
7bf932f8e2 build(deps): bump @sentry/tracing from 6.16.1 to 6.17.1 in /web (#2151) 2022-01-25 09:47:52 +01:00
99d04528b0 build(deps): bump country-flag-icons from 1.4.19 to 1.4.20 in /web (#2153) 2022-01-25 09:47:43 +01:00
e48d172036 build(deps): bump @lingui/core from 3.13.1 to 3.13.2 in /web (#2155) 2022-01-25 09:47:34 +01:00
c2388137a8 build(deps): bump uvicorn from 0.17.0 to 0.17.0.post1 (#2157) 2022-01-25 09:47:05 +01:00
650e2cbc38 internal: remove duplicate log messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 22:25:35 +01:00
b32800ea71 outposts/proxy: trace full headers to debug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 22:08:31 +01:00
e1c0c0b20c internal: don't override server header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 22:05:11 +01:00
fe39e39dcd lifecycle: make secret_key warning more prominent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2131
2022-01-24 21:52:16 +01:00
883f213b03 lifecycle: wait for db in worker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 21:51:57 +01:00
538996f617 web: Update Web API Client version (#2143)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-24 21:46:39 +01:00
2f4c92deb9 Merge branch 'version-2022.1' 2022-01-24 21:42:12 +01:00
ef335ec083 outposts/proxy: add more test cases for domain-level auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 21:41:15 +01:00
07b09df3fe internal: add more outpost tests, add support for X-Original-URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 20:50:13 +01:00
e70e031a1f internal: start adding tests to outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 20:12:25 +01:00
c7ba183dc0 providers/proxy: fix traefik label
closes #2128

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 17:45:09 +01:00
3ed23a37ea website/docs: add 2022.1.2 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 11:34:13 +01:00
3d724db0e3 release: 2022.1.2 2022-01-24 11:28:00 +01:00
2997542114 lib: disable backup by default, add note to configuration 2022-01-24 10:00:15 +00:00
84b18fff96 ci: cache-v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 09:37:04 +01:00
1dce408c72 internal/proxyv2: only allow access to /akprox in nginx mode when forward url could be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-24 09:30:33 +01:00
e5ff47bf14 build(deps): bump @lingui/cli from 3.13.0 to 3.13.1 in /web (#2133) 2022-01-24 08:49:03 +01:00
b53bf331c3 build(deps): bump @lingui/macro from 3.13.0 to 3.13.1 in /web (#2135) 2022-01-24 08:48:51 +01:00
90e9a8b34c build(deps): bump rollup from 2.64.0 to 2.66.0 in /web (#2139) 2022-01-24 08:48:26 +01:00
845f842783 build(deps): bump @lingui/core from 3.13.0 to 3.13.1 in /web (#2136) 2022-01-24 08:48:17 +01:00
7397849c60 build(deps): bump rapidoc from 9.1.3 to 9.1.4 in /website (#2132) 2022-01-24 08:47:45 +01:00
6dd46b5fc5 build(deps): bump @babel/core from 7.16.10 to 7.16.12 in /web (#2134) 2022-01-24 08:47:35 +01:00
89ca79ed10 build(deps): bump @lingui/detect-locale from 3.13.0 to 3.13.1 in /web (#2137) 2022-01-24 08:47:15 +01:00
713bef895c build(deps): bump rapidoc from 9.1.3 to 9.1.4 in /web (#2138) 2022-01-24 08:46:37 +01:00
925115e9ce build(deps): bump github.com/go-openapi/runtime from 0.21.0 to 0.21.1 (#2140) 2022-01-24 08:46:17 +01:00
42f5cf8c93 outposts: allow custom label for docker containers
closes #2128

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:55:58 +01:00
82cc1d536a providers/proxy: add PathPrefix to auto-traefik labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2128
2022-01-23 21:55:46 +01:00
08af2fd46b website/docs: deprecate inbuilt backup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:51:22 +01:00
70e3b27a4d root: upgrade python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:27:16 +01:00
6a411d7960 policies/hibp: ensure password is encodable
closes AUTHENTIK-1SA

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:23:24 +01:00
33567b56d7 lifecycle: replace lowercase, deprecated prometheus_multiproc_dir
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-23 21:21:06 +01:00
0c1954aeb7 web: Update Web API Client version (#2126)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-22 19:06:20 +01:00
f4a6c70e98 release: 2022.1.1 2022-01-22 18:28:40 +01:00
5f198e7fe4 website/docs: update 2022.1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-22 12:29:20 +01:00
d172d32817 ci: bump golangci
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 23:22:59 +01:00
af3fb5c2cd internal: use math.MaxInt for compatibility
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1819
2022-01-21 23:11:17 +01:00
885efb526e web/admin: also set embedded outpost host when it doesn't include scheme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 13:51:34 +01:00
3bfb8b2cb2 outposts/proxyv2: allow access to /akprox urls in forward auth mode to make routing in nginx/traefik easier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 13:43:16 +01:00
9fc5ff4b77 outposts/proxyv2: fix JWKS url pointing to localhost on embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 13:29:51 +01:00
dd8b579dd6 lib: ignore paramiko logger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 10:46:33 +01:00
e12cbd8711 website/docs: add 2022.1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-21 09:47:49 +01:00
62d35f8f8c build(deps): bump codemirror from 5.65.0 to 5.65.1 in /web (#2122) 2022-01-21 09:06:27 +01:00
49be504c13 build(deps): bump @babel/preset-env from 7.16.10 to 7.16.11 in /web (#2123) 2022-01-21 09:06:04 +01:00
edad55e51d build(deps): bump typescript from 4.5.4 to 4.5.5 in /web (#2124) 2022-01-21 09:05:51 +01:00
38086fa8bb build(deps): bump boto3 from 1.20.39 to 1.20.40 (#2125) 2022-01-21 09:05:32 +01:00
c4f9a3e9a7 build(deps): bump @babel/preset-env from 7.16.8 to 7.16.10 in /web (#2114) 2022-01-20 08:45:49 +01:00
930df791bd build(deps): bump python (#2113) 2022-01-20 08:45:28 +01:00
9a6086634c build(deps): bump boto3 from 1.20.38 to 1.20.39 (#2117) 2022-01-20 08:45:03 +01:00
b68e65355a build(deps): bump @babel/core from 7.16.7 to 7.16.10 in /web (#2115) 2022-01-20 08:44:47 +01:00
72d33a91dd build(deps): bump @babel/plugin-transform-runtime in /web (#2116) 2022-01-20 08:44:28 +01:00
7067e3d69a build(deps): bump github.com/prometheus/client_golang (#2118) 2022-01-20 08:44:01 +01:00
4db370d24e website/docs: add flow inspector docs
closes #2105

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-19 19:31:21 +01:00
41e7b9b73f outposts/proxyv2: fix before-redirect url not being saved in proxy mode
closes #2109

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-19 19:16:30 +01:00
7f47f93e4e internal: cleanup log messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-19 19:01:24 +01:00
89abd44b76 lifecycle: add early check for missing/invalid secret key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-19 09:53:53 +01:00
14c7d8c4f4 internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2079
2022-01-18 23:19:43 +01:00
525976a81b root: upgrade python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-18 21:35:07 +01:00
64a2126ea4 website/docs: fix typo in port mapping in manifest (#2103)
Otherwise it causes:

```
error: error validating "outpost.yaml": error validating data: ValidationError(Service.spec.ports[1].port): invalid type for io.k8s.api.core.v1.ServicePort.port: got "string", expected "integer"; if you choose to ignore these errors, turn validation off with --validate=false
```
2022-01-18 19:57:55 +01:00
994c5882ab root: fix error if secret_key is purely numerical
closes #2099

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-18 09:17:33 +01:00
ad64d51e85 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2100)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.9.1 to 5.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.10.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-18 09:16:54 +01:00
a184a7518a build(deps): bump @typescript-eslint/parser from 5.9.1 to 5.10.0 in /web (#2101)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.9.1 to 5.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.10.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-18 09:14:58 +01:00
943fd80920 web: ignore additional error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-17 22:05:23 +01:00
01bb18b8c4 root: allow customisation of ports in compose without override
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-17 14:48:02 +01:00
94baaaa5a5 build(deps): bump eslint from 8.6.0 to 8.7.0 in /web (#2096) 2022-01-17 09:19:59 +01:00
40b164ce94 build(deps): bump rollup from 2.63.0 to 2.64.0 in /web (#2097) 2022-01-17 09:18:30 +01:00
1d7c7801e7 website/docs: prepare 2022.1 release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 18:22:25 +01:00
0db0a12ef3 root: rename csrf header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 16:17:44 +01:00
8008aba450 web: directly read csrf token before injecting into request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 16:10:55 +01:00
eaeab27004 lib: add support for custom env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 14:56:02 +01:00
111fbf119b *: refactor prometheus gauges to directly updating metrics view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-16 13:57:07 +01:00
300ad88447 web: add polyfill for Intl.ListFormat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-15 14:56:18 +01:00
92cc0c9c64 root: decrease to 10 backup history
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 19:59:50 +01:00
18ff803370 outposts: trigger service update on k8s when selector doesnt match
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 11:42:57 +01:00
819af78e2b internal: make internal go version match python version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 10:45:37 +01:00
6338785ce1 outposts: change label app.kubernetes.io/name to include outpost type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 10:34:54 +01:00
973e151dff outposts: add Additional version labels to managed k8s deployments
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-13 17:48:01 +01:00
fae6d83f27 *: simplify extracting current version info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-13 17:47:31 +01:00
ed84fe0b8d root: set samesite for csrf cookie
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 23:14:14 +01:00
1ee603403e root: upgrade python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 23:02:39 +01:00
7db7b7cc4d stages/authenticator_validate: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 23:00:28 +01:00
68a98cd86c web: Update Web API Client version (#2091)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-12 22:59:59 +01:00
e758db5727 stages/authenticator_webauthn: make more WebAuthn options configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:57:49 +01:00
4d7d700afa providers/oauth2: change default redirect uri behaviour; set first used url when blank and use star for wildcard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:44:57 +01:00
f9a5add01d root: include build in analytics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:18:52 +01:00
2986b56389 root: fix backups running every minute instead of once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:09:44 +01:00
58f79b525d web/admin: fix invalid build due to wrong import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-11 11:40:59 +01:00
0a1c0dae05 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2085) 2022-01-11 08:59:13 +01:00
e18ef8dab6 build(deps): bump @babel/preset-env from 7.16.7 to 7.16.8 in /web (#2087) 2022-01-11 08:58:45 +01:00
3cacc59bec build(deps): bump @typescript-eslint/parser from 5.9.0 to 5.9.1 in /web (#2086) 2022-01-11 08:57:51 +01:00
4eea46d399 build(deps): bump @babel/plugin-transform-runtime in /web (#2088) 2022-01-11 08:57:28 +01:00
11e25617bd crypto: fully parse certificate on validation in serializer to prevent invalid certificates from being saved
closes #2082

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:36:50 +01:00
4817126811 website/integrations: fix synapse docs based on upstream docs
closes #2080

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:19:56 +01:00
0181361efa website/integrations: use Signing Key instead of RSA Key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:18:05 +01:00
8ff8e1d5f7 web/admin: fix missing configure flow setting on webuahtn setup stage form
closes #2084

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:15:34 +01:00
19d5902a92 flows: handle error if flow title contains invalid format string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 19:49:27 +01:00
71dffb21a9 outposts: improve error handling for outpost service connection state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 19:44:13 +01:00
bd283c506d web/flows: remove node directly instead of using removeChild()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 19:37:51 +01:00
ef564e5f1a web: fix double plural in label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 18:58:56 +01:00
2543224c7c core: dont return 404 when trying to view key of expired token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 17:53:09 +01:00
077eee9310 Revert "build(deps): bump goauthentik.io/api from 0.2021125.1 to 1.2021.9 (#2083)"
This reverts commit d894eeaa67.
2022-01-10 10:03:48 +01:00
d894eeaa67 build(deps): bump goauthentik.io/api from 0.2021125.1 to 1.2021.9 (#2083)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021125.1 to 1.2021.9.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/commits)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-10 09:39:30 +01:00
452bfb39bf Revert "web/elements: re-enable codemirror line numbers (fixed on firefox)"
This reverts commit 4c166dcf52.

closes #2081

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-09 22:24:32 +01:00
6b6702521f api: don't return error reporting enabled when debug is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 21:53:22 +01:00
c07b8d95d0 outposts/proxy: remove deprecated headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 17:01:23 +01:00
bf347730b3 outposts/ldap: remove deprecated fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 09:52:19 +01:00
ececfc3a30 internal: fix comment formatting for TODOs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 09:51:41 +01:00
b76546de0c Translate /web/src/locales/en.po in tr (#2074) 2022-01-07 09:16:02 +01:00
424d490a60 build(deps): bump golang from 1.17.5-bullseye to 1.17.6-bullseye (#2075) 2022-01-07 09:14:44 +01:00
127dd85214 build(deps): bump lit from 2.1.0 to 2.1.1 in /web (#2076) 2022-01-07 09:14:23 +01:00
10570ac7f8 build(deps): bump goauthentik.io/api from 0.2021124.9 to 0.2021125.1 (#2077) 2022-01-07 09:14:07 +01:00
dc5667b0b8 web: Update Web API Client version (#2073)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-06 22:23:23 +01:00
ec9cacb610 ci: post-release cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 22:22:50 +01:00
0027dbc0e5 root: remove old api path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 22:21:21 +01:00
c15e4b24a1 release: 2021.12.5 2022-01-06 21:29:12 +01:00
b6f518ffe6 lifecycle: fix tests in container not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 21:29:08 +01:00
4e476fd4e9 website/docs: update 2021.12.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 21:15:27 +01:00
03503363e5 core: fix UserSelfSerializer's save() overwriting other user attributes
closes #2070

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 18:23:06 +01:00
22d6621b02 root run backup every 24 hours
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 15:29:11 +01:00
0023df64c8 root: bump python packages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-06 14:31:54 +01:00
59a259e43a build(deps): bump @rollup/plugin-node-resolve in /web (#2066) 2022-01-06 08:48:54 +01:00
c6f39f5eb4 build(deps): bump lit from 2.0.2 to 2.1.0 in /web (#2067) 2022-01-06 08:48:27 +01:00
e3c0aad48a build(deps): bump goauthentik.io/api from 0.2021124.8 to 0.2021124.9 (#2068) 2022-01-06 08:48:07 +01:00
91dd33cee6 policies/reputation: trigger save on update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 22:06:20 +01:00
5a2c367e89 policies/reputation: fix test
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:44:15 +01:00
3b05c9cb1a web: Update Web API Client version (#2065)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-05 21:18:19 +01:00
6e53f1689d policies/reputation: rework reputation to use a single entry, include geo_ip data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:02:33 +01:00
e3be0f2550 Merge branch 'next' 2022-01-05 10:00:52 +01:00
294f2243c1 build(deps): bump rollup from 2.62.0 to 2.63.0 in /web (#2064) 2022-01-05 08:47:09 +01:00
7b1373e8d6 core: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 23:17:37 +01:00
e70b486f20 outposts: handle error in certificate cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 22:53:37 +01:00
b90174f153 root: use django-dbbackup 4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 22:17:07 +01:00
7d7acd8494 root: add ak wrapper script to be installed with poetry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 22:17:07 +01:00
4d9d7c5efb Translate /web/src/locales/en.po in tr (#2063)
translation completed for the source file '/web/src/locales/en.po'
on the 'tr' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-04 22:17:02 +01:00
d614b3608d root: use packaged version of django-dbbackup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 22:06:12 +01:00
beb2715fa7 root: bump python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 22:05:12 +01:00
5769ff45b5 core: add goauthentik.io/user/can-change-name
closes #2054

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 19:03:12 +01:00
9d6f79558f tenants: forbid creation of multiple default tenants
closes #2059

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 19:01:20 +01:00
41d5bff9d3 web/admin: fix delete form for tenants missing columns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 18:54:56 +01:00
ec84ba9b6d website/docs: prepare 2021.12.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 18:35:45 +01:00
042a62f99e build(deps): bump @typescript-eslint/parser from 5.8.1 to 5.9.0 in /web (#2055) 2022-01-04 05:44:30 +01:00
907f02cfee core: compile backend translations (#2057) 2022-01-04 05:43:59 +01:00
53fe412bf9 build(deps): bump @typescript-eslint/eslint-plugin in /web (#2056) 2022-01-04 05:43:27 +01:00
ef9e177fe9 build(deps): bump goauthentik.io/api from 0.2021124.6 to 0.2021124.8 (#2058) 2022-01-04 05:42:52 +01:00
28e675596b web/flows: only add helper username input if using native shadow dom to prevent browser confusion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 22:30:56 +01:00
9b7f57cc75 web/flows: add workaround for autofocus not working in password stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 22:25:28 +01:00
935a8f4d58 core: add tests for non-applicable flows with flow manager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 22:14:52 +01:00
01fcbb325b website/integrations: add github org checking policy example
closes #2047

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 22:06:24 +01:00
7d3d17acb9 core: add error handling in source flow manager when flow isn't applicable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:57:55 +01:00
e434321f7c website/integrations: remove github url as they are auto-managed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:38:19 +01:00
ebd476be14 sources/oauth: fix sources not allowing blank values
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
2022-01-03 21:36:14 +01:00
31ba543c62 *: don't use exception keyword with structlog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:33:52 +01:00
a101d48b5a core: passthrough connection and additional data to FlowManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
2022-01-03 21:31:26 +01:00
4c166dcf52 web/elements: re-enable codemirror line numbers (fixed on firefox)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:30:28 +01:00
47b1f025e1 web/admin: move additional scopes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 21:30:15 +01:00
8f44c792ac sources/oauth: fix github provider not including correct base scopes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
2022-01-03 21:04:18 +01:00
e57b6f2347 web/admin: mark additional scopes as non-required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
2022-01-03 20:59:20 +01:00
275d0dfd03 web: Update Web API Client version (#2053)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-03 16:46:09 +01:00
f18cbace7a Translate /locale/en/LC_MESSAGES/django.po in de (#2052)
translation completed for the source file '/locale/en/LC_MESSAGES/django.po'
on the 'de' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-03 16:45:57 +01:00
212220554f sources/oauth: add additional scopes field to get additional data from provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
2022-01-03 16:43:52 +01:00
a596392bc3 web: Update Web API Client version (#2051)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-03 13:35:51 +01:00
3e22740eac core: add API endpoint to directly set user's password
closes #2040

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 13:31:58 +01:00
d18a691f63 core: prevent LDAP password being set for internal hash upgrades
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 13:23:42 +01:00
3cd5e68bc1 web/admin: add missing Okta label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 12:36:21 +01:00
c741c13132 internal: fix listen attempt on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 12:36:11 +01:00
924f6f104a build(deps): bump eslint from 8.5.0 to 8.6.0 in /web (#2048) 2022-01-03 10:34:36 +01:00
454594025b build(deps): bump goauthentik.io/api from 0.2021124.5 to 0.2021124.6 (#2049) 2022-01-03 10:34:19 +01:00
e72097292c web/flows: fix helper form not being removed from identification stage (improve password manager compatibility)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-02 20:03:34 +01:00
ab17a12184 web/user: fix auto-detected locale not being re-activated when switching to auto-detect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-02 20:01:51 +01:00
776f3f69a5 core: compile backend translations (#2046) 2022-01-02 10:37:18 +01:00
8560c7150a Translate /locale/en/LC_MESSAGES/django.po in tr (#2044) 2022-01-02 00:15:18 +01:00
301386fb4a Translate /web/src/locales/en.po in tr (#2045) 2022-01-02 00:12:51 +01:00
68e8b6990b web: Update Web API Client version (#2043)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-01-01 20:28:23 +01:00
4f800c4758 web/flows: include user in access denied stage
closes #2039

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 20:25:49 +01:00
90c31c2214 flows: add test helpers to simplify and improve checking of stages, remove force_str
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 20:25:32 +01:00
50e3d317b2 flows: use WithUserInfoChallenge for AccessDeniedChallenge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2039
2022-01-01 19:45:34 +01:00
3eed7bb010 lib: dont send any sentry events when testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 18:56:14 +01:00
0ef8edc9f1 web/user: add language selection
closes #2041

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 18:25:03 +01:00
a6373ebb33 web: fix tr locale not being loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-31 16:19:17 +01:00
bf8ce55eea web/admin: fix display when groups/users don't fit on a single row
closes #2030

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-31 12:03:21 +01:00
61b4fcb5f3 build(deps): bump @rollup/plugin-node-resolve in /web (#2032) 2021-12-31 08:54:30 +01:00
81275e3bd1 build(deps): bump @babel/preset-env from 7.16.5 to 7.16.7 in /web (#2033) 2021-12-31 08:54:13 +01:00
7988bf7748 build(deps): bump @babel/plugin-proposal-decorators in /web (#2034) 2021-12-31 08:54:03 +01:00
00d8eec360 build(deps): bump @babel/core from 7.16.5 to 7.16.7 in /web (#2035) 2021-12-31 08:53:08 +01:00
82150c8e84 build(deps): bump @babel/preset-typescript from 7.16.5 to 7.16.7 in /web (#2036) 2021-12-31 08:52:58 +01:00
1dbd749a74 build(deps): bump @babel/plugin-transform-runtime in /web (#2037) 2021-12-31 08:52:44 +01:00
a96479f16c build(deps): bump goauthentik.io/api from 0.2021124.3 to 0.2021124.5 (#2038) 2021-12-31 08:52:27 +01:00
5d5fb1f37e web/elements: fix alignment of chipgroup on modal add
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 22:37:53 +01:00
b6f4d6a5eb web/elements: fix spacing between chips in chip-group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2030
2021-12-30 22:34:55 +01:00
8ab5c04c2c web/admin: show flow title in list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 22:10:31 +01:00
386944117e web: Update Web API Client version (#2031)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-30 22:02:52 +01:00
9154b9b85d web/user: rework user source connection UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:59:41 +01:00
fc19372709 flows: fix migration removing flow titles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:00:00 +01:00
e5d9c6537c web: add tr to locales
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 16:56:28 +01:00
bf5cbac314 web/admin: fix alignment in outpost list when expanding rows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 16:35:32 +01:00
5cca637a3d root: add opencontainer labels to dockerfiles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 16:33:13 +01:00
5bfb8b454b web: fix broken links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 16:27:16 +01:00
4d96437972 web: Update Web API Client version (#2028)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-30 15:19:13 +01:00
d03b0b8152 outposts: include outposts build hash in state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 15:16:34 +01:00
c249b55ff5 *: use py3.10 syntax for unions, remove old Type[] import when possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 14:59:01 +01:00
1e1876b34c root: bump python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-29 13:03:29 +01:00
a27493ad1b build(deps): bump @rollup/plugin-replace from 3.0.0 to 3.0.1 in /web (#2027)
Bumps [@rollup/plugin-replace](https://github.com/rollup/plugins/tree/HEAD/packages/replace) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/replace/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/alias-v3.0.1/packages/replace)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-replace"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-29 12:27:35 +01:00
95b1ab820e build(deps): bump @typescript-eslint/eslint-plugin in /web (#2026) 2021-12-28 09:21:09 +01:00
5cf9f0002b build(deps): bump @typescript-eslint/parser from 5.8.0 to 5.8.1 in /web (#2025) 2021-12-28 09:15:39 +01:00
fc7a452b0c flows: update default flow titles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 22:04:35 +01:00
25ee0e4b45 root: bump dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 20:45:15 +01:00
46f12e62e8 flows: don't create EventAction.FLOW_EXECUTION
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-27 15:07:33 +01:00
4245dea25a build(deps): bump rollup from 2.61.1 to 2.62.0 in /web (#2020) 2021-12-27 08:46:37 +01:00
908db3df81 build(deps): bump goauthentik.io/api from 0.2021124.2 to 0.2021124.3 (#2021) 2021-12-27 08:46:24 +01:00
ef4f9aa437 Translate /web/src/locales/en.po in tr (#2019)
translation completed updated for the source file '/web/src/locales/en.po'
on the 'tr' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-12-26 18:44:41 +01:00
902dd83c67 Translate /web/src/locales/en.po in tr (#2016)
translation completed updated for the source file '/web/src/locales/en.po'
on the 'tr' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-12-26 18:39:20 +01:00
1c4b78b5f4 Translate /web/src/locales/en.po in tr (#2005) 2021-12-26 18:37:10 +01:00
d854d819d1 web/flows: fix duplicate loading spinners when using webauthn
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 15:14:56 +01:00
f246da6b73 outposts/proxy: fix error checking for type assertion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:57:32 +01:00
4a56b5e827 web: fix background for modals on light theme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:53:23 +01:00
53b10e64f8 outposts: fix error when client hasn't be initialised
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:26:48 +01:00
27e4c7027c web: fix potential panic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:24:44 +01:00
410d1b97cd outposts/proxy: add support for multiple states, when multiple requests are redirect at once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:16:02 +01:00
f93f7e635b web: fix styling for modals, ensure correct classes are used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 20:30:35 +01:00
74eba04735 web: remove page header colour, match user navbar to admin sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 19:46:53 +01:00
01bdaffe36 root: remove kubernetes version constraint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 19:23:31 +01:00
f6b556713a root: fix missing ssh directory from container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 19:18:47 +01:00
abe38bb16a outposts: fix __exit__ being called without params
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 17:52:20 +01:00
f2b8d45999 web/admin: include key type in list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:54:28 +01:00
3f61dff1cb web: Update Web API Client version (#1996)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-25 16:53:57 +01:00
b19da6d774 crypto: return private key's type (required for some oauth2 providers)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:51:28 +01:00
7c55616e29 outposts: fix creation of from_env docker client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:48:23 +01:00
952a7f07c1 website/docs: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:38:56 +01:00
6510b97c1e outposts: add remote docker integration via SSH
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:31:34 +01:00
19b707a0fb ci: fix translation command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 13:42:08 +01:00
320a600349 root: migrate pipenv to poetry (#1995) 2021-12-24 23:25:38 +01:00
10110deae5 web/admin: add Admin in titlebar for admin interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 20:04:21 +01:00
884c546f32 outposts: clean up flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 19:52:19 +01:00
abec906677 root: bump python packages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 15:13:36 +01:00
22d1dd801c root: also use analytics uuid for sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 15:13:27 +01:00
03891cbe09 build(deps): bump chart.js from 3.6.2 to 3.7.0 in /web (#1993) 2021-12-24 09:50:16 +01:00
3c5157dfd4 build(deps): bump fuse.js from 6.5.0 to 6.5.3 in /web (#1992) 2021-12-24 09:49:31 +01:00
d241e8d51d build(deps): bump @types/chart.js from 2.9.34 to 2.9.35 in /web (#1991) 2021-12-24 09:49:14 +01:00
7ba15884ed build(deps): bump goauthentik.io/api from 0.2021123.3 to 0.2021124.2 (#1994) 2021-12-24 09:48:47 +01:00
47356915b1 outposts: fix outpost's sentry not sending release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 19:01:32 +01:00
2520c92b78 website/docs: add additional docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:51:18 +01:00
e7e0e6d213 lib: strip values for timedelta from string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:49:35 +01:00
ca0250e19f core: add meta theme-color
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:49:24 +01:00
cf4c7c1bcb web: fix missing closing tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:35:33 +01:00
670af8789a web: Update Web API Client version (#1990)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-23 18:29:32 +01:00
5c5634830f stages/identification: add field for passwordless flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:27:00 +01:00
b6b0edb7ad website/docs: use compose override for certbot instead separate stack
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:03:35 +01:00
45440abc80 web: Update Web API Client version (#1989)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-23 11:05:34 +01:00
9c42b75567 release: 2021.12.4 2021-12-23 10:32:48 +01:00
e9a477c1eb root: cleanup bumpversion config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 10:32:46 +01:00
fa60655a5d build(deps): bump github.com/getsentry/sentry-go from 0.11.0 to 0.12.0 (#1987) 2021-12-23 09:54:46 +01:00
5d729b4878 build(deps): bump fuse.js from 6.4.6 to 6.5.0 in /web (#1986) 2021-12-23 09:48:27 +01:00
8692f7233f build(deps): bump goauthentik.io/api from 0.2021123.2 to 0.2021123.3 (#1988) 2021-12-23 09:47:56 +01:00
457e17fec3 website/docs: add small let's encrypt docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 00:59:06 +01:00
87e99625e6 internal: update tenant certificates on outpost refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 00:38:49 +01:00
6f32eeea43 website/docs: prepare 2021.12.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:37:04 +01:00
dfcf8b2d40 root: update python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:36:56 +01:00
846006f2e3 events: create test notification with event with data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:32:29 +01:00
f557b2129f *: fix random typos
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:13:18 +01:00
6dc2003e34 providers/oauth2: fix tests validating JWT incorrectly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 23:00:57 +01:00
0149c89003 providers/oauth2: fix invalid assignments in JWKS view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:41:28 +01:00
f458cae954 providers/proxy: add error handing when field is already gone
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:31:53 +01:00
f01d117ce6 providers/proxy: fix imports in migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:25:02 +01:00
2bde43e5dc crypto: use older syntax for type union
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:22:45 +01:00
84cc0b5490 web: Update Web API Client version (#1984)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:16:44 +01:00
2f3026084e providers/oauth2: remove jwt_alg field and set algorithm based on selected keypair, select HS256 when no keypair is selected
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 22:09:49 +01:00
89696edbee website/integrations: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:46 +01:00
c1f0833c09 crypto: improve support for non-rsa private keys (discovery)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 21:46:22 +01:00
c77f804b77 web/user: fix user details not rendering when loading to a different user settings tab and then switching
closes #1664

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 20:13:52 +01:00
8e83209631 stages/authenticator_validate: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:14:35 +01:00
2e48e0cc2f stages/authenticator_validate: fix prompt not triggering when using in non-authentication context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:03:02 +01:00
e72f0ab160 stages/authenticator_validation: refuse passwordless flow if flow is not for authentication
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 18:02:43 +01:00
a3c681cc44 website/docs: cleanup old image names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 17:38:09 +01:00
5b3a9e29fb stages/authenticator_validate: add passwordless login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 17:34:46 +01:00
15803dc67d website/docs: revert traefik to not use header regex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 15:30:01 +01:00
ff37e064c9 build(deps): bump goauthentik.io/api from 0.2021123.1 to 0.2021123.2 (#1983)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021123.1 to 0.2021123.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021123.1...v0.2021123.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-22 11:58:06 +01:00
ef8e922e2a web: Update Web API Client version (#1982)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-22 11:51:15 +01:00
34b11524f1 tenants: add web certificate field, make authentik's core certificate configurable based on keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
9e2492be5c web/elements: fix link from notification drawer not working in user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:49:10 +01:00
b3ba083ff0 internal: cleanup logging, remove duplicate code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:33:21 +01:00
22a8603892 internal: add custom proxy certificates support to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:16:01 +01:00
d83d058a4b build(deps): bump @docusaurus/plugin-client-redirects in /website (#1980) 2021-12-22 09:47:58 +01:00
ec3fd4a3ab build(deps): bump @docusaurus/preset-classic in /website (#1979) 2021-12-22 09:41:01 +01:00
0764668b14 build(deps): bump goauthentik.io/api from 0.2021122.2 to 0.2021123.1 (#1981) 2021-12-22 09:40:00 +01:00
16b6c17305 Revert "policies: don't always clear application cache on post_save"
This reverts commit 5ef385f0bb.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/policies/signals.py
2021-12-22 00:23:19 +01:00
e60509697a web/admin: fix explore integration not opening in new tab
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 00:03:28 +01:00
85364af9e9 web: Update Web API Client version (#1978)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-21 21:28:01 +01:00
cf4b4030aa release: 2021.12.3 2021-12-21 20:52:08 +01:00
74dc025869 ci: sentry release even when tests fail
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 20:52:03 +01:00
cabdc53553 root: fix compose docker image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 20:51:39 +01:00
29e9f399bd website/docs: prepare 2021.12.3 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:50:24 +01:00
dad43017a0 web/admin: use SentryIgnoredError for user errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:44:44 +01:00
7fb939f97b core: fix error when getting launch URL for application with non-existent Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:40:29 +01:00
Sem
88859b1c26 website/integrations: Updated Gitea Integration (#1972)
* Updated Gitea Integration

Described a fix to a situation where Gitea might require an additional OIDC mapping in order to make the authentication flow function properly.

* Update index.md

Updated as discussed in PR

* Update index.md

Implementing requested changes
2021-12-21 19:39:27 +01:00
c78236a2a2 root: don't set secure cross opener policy
closes #1977

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:22 +01:00
ba55538a34 outposts/proxy: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:06 +01:00
f742c73e24 outposts/proxy: fix allowlist for forward_auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1970
2021-12-21 15:49:25 +01:00
ca314c262c *: revert to using GHCR directly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:54:49 +01:00
b932b6c963 website/docs: update log levels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:15:17 +01:00
3c048a1921 outposts/proxy: fix session not expiring correctly due to miscalculation
closes #1976

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:10:57 +01:00
8a60a7e26f providers/proxy: revert to static list of forwarded headers
wildcard is not usable for this since the regular expression doesn't support negative lookahead, meaning we would always forward all headers, including Connection and others

closes #1969

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 12:04:54 +01:00
f10b57ba0b outposts/proxy: handle redirect loop in start handler, show error message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 10:07:08 +01:00
e53114a645 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1974)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.7.0 to 5.8.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.8.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-21 09:27:57 +01:00
2e50532518 build(deps): bump codemirror from 5.64.0 to 5.65.0 in /web (#1973) 2021-12-21 09:14:27 +01:00
1936ddfecb build(deps): bump @typescript-eslint/parser from 5.7.0 to 5.8.0 in /web (#1975) 2021-12-21 09:13:50 +01:00
4afef46cb8 ci: improve restore after switching to stable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:47:06 +01:00
92b4244e81 providers/proxy: update traefik regex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1969
2021-12-20 22:43:58 +01:00
dfbf7027bc providers/proxy: add traefik.ingress.kubernetes.io/router.tls annotation for ingress
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:24:42 +01:00
eca2ef20d0 outposts/proxy: add initial redirect-loop prevention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:21:53 +01:00
cac5c7b3ea outposts/proxy: make templates more re-usable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:20:23 +01:00
37ee555c8e outposts/proxy: fix ping URI not being routed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:12:02 +01:00
f910da0f8a outposts: fix initial refresh not calling Server.Refresh()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:47:32 +01:00
fc9d270992 outposts/ldap: fix log formatter and level not being set correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:46:01 +01:00
dcbc3d788a web/admin: fix border for outpost health status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:40:26 +01:00
4658018a90 Revert "outposts: rename outpost"
This reverts commit a5c30fd9c7.
2021-12-20 21:37:31 +01:00
577b7ee515 providers/proxy: include auth headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:37:22 +01:00
621773c1ea internal: rework global logging settings, embedded outpost no longer overwrites core, clean up double init
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:23:19 +01:00
3da526f20e root: allow trace log level to work for core/embedded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:11:47 +01:00
052e465041 outpost: re-run globalSetup when updating config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:08:03 +01:00
c843f18743 lib: add additional celery logger to sentry ignore
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:04:45 +01:00
80d0b14bb8 outposts: fix error when getting state for non-existent outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:44:47 +01:00
68637cf7cf outposts: handle/ignore http Abort handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:42:45 +01:00
82acba26af internal: fix sentry sample rate not applying to proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:42:26 +01:00
ff8a812823 web/admin: don't auto-select certificate for LDAP source verification
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:31:57 +01:00
7f5fed2aea web/admin: add outpost type to list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:30:52 +01:00
a5c30fd9c7 outposts: rename outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:28:05 +01:00
ef23a0da52 outposts/proxy: fix traefik header regex to only match Remote- and X- headers to prevent websocket errors
closes #1969

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 13:30:19 +01:00
ba527e7141 root: drop redis cache sentry errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 13:12:14 +01:00
8edc254ab5 root: upgrade python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 10:45:38 +01:00
42627d21b0 build(deps): bump eslint from 8.4.1 to 8.5.0 in /web (#1966) 2021-12-20 08:48:45 +01:00
2479b157d0 build(deps): bump goauthentik.io/api from 0.2021121.1 to 0.2021122.2 (#1967) 2021-12-20 08:48:22 +01:00
602573f83f ci: fix label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:44:34 +01:00
20c33fa011 web: Update Web API Client version (#1962) 2021-12-19 13:31:25 +01:00
8599d9efe0 web/admin: auto set the embedded outpost's authentik_host on first view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:27:04 +01:00
8e6fcfe350 root: fix inconsistent URL quoting of redis URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 22:24:41 +01:00
558aa45201 web: Update Web API Client version (#1959)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-18 21:37:25 +01:00
e9910732bc release: 2021.12.2 2021-12-18 21:03:50 +01:00
246dd4b062 ci: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 21:03:47 +01:00
4425f8d183 ci: only build arm, amd64 on linux and darwin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 21:02:20 +01:00
c410bb8c36 ci: fix dependency
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 20:50:59 +01:00
44f62a4773 website/docs: add 2021.12.2 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 20:39:16 +01:00
b6ff04694f providers/oauth2: don't rely on expiry task for access codes and refresh tokens
closes #1911

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 17:42:41 +01:00
d4ce0e8e41 web/elements: fix border between search buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 17:34:28 +01:00
362d72da8c ci: fix shouldBuild being based off of harbor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 17:01:51 +01:00
88d0f8d8a8 web: Update Web API Client version (#1958)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-18 16:19:18 +01:00
61097b9400 policies/password: add minimum digits
closes #1952

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 16:15:56 +01:00
7a73ddfb60 outposts/proxy: match skipPathRegex against full URL on domain auth
closes #1955

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:50:42 +01:00
d66f13c249 web: Update Web API Client version (#1957)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-18 15:38:52 +01:00
8cc3cb6a42 website/docs: fix reference to non-existent version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:34:39 +01:00
4c5537ddfe sources/oauth: allow writing to user in SourceConnection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1888
2021-12-18 15:33:46 +01:00
a95779157d tests/integration: add rename and full update tests for k8s controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:32:16 +01:00
70256727fd web: ignore instantSearchSDKJSBridgeClearHighlight error on edge on iOS
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:05:40 +01:00
ac6afb2b82 stages/email: add test for non-existent directory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:05:40 +01:00
2ea7bd86e8 website/integrations: add Service Provider Binding: Post for rancher (#1956)
Adds a line to the docs that's important for Rancher and Authentik to work
2021-12-18 15:05:27 +01:00
95bce9c9e7 outposts: release binary outposts (#1954)
* outposts/proxy: always embed static assets, still check local

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: add initial ci to build outpost as binary

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: fix typo, build web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: upload to release on publish, only run linux on ci

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: ensure latest go is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: split e2e tests into two halves

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-17 19:49:32 +00:00
71a22c2a34 outposts: add unittests for docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-17 13:42:33 +01:00
f3eb85877d web: Update Web API Client version (#1951)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-17 12:02:22 +01:00
273f5211a0 providers/saml: Fix typo (#1950) 2021-12-17 11:00:20 +00:00
db06428ab9 build(deps): bump goauthentik.io/api from 0.2021104.17 to 0.2021121.1 (#1948)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021104.17 to 0.2021121.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021104.17...v0.2021121.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-17 10:21:58 +01:00
109d8e48d4 website: update integrations categories to match new version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 21:38:37 +01:00
2ca115285c crypto: fix private keys not being imported correctly
closes #1945

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 21:14:15 +01:00
f5459645a5 web/admin: fix background colour for application sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 21:06:08 +01:00
14c159500d core: don't rotate non-api tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 19:32:39 +01:00
03da87991f outposts: don't use custom environment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 19:12:05 +01:00
e38ee9c580 web: Update Web API Client version (#1944)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-16 16:56:43 +01:00
3bf53b2db1 root: update security
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 16:54:48 +01:00
f33190caa5 release: 2021.12.1 2021-12-16 15:48:59 +01:00
741822424a Merge branch 'master' into version-2021.12 2021-12-16 15:48:53 +01:00
0ca6fbb224 website/docs: final 2021.12.1 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 15:48:47 +01:00
Sem
f72b652b24 website/integrations: Updated bookstack integration docs page (#1942)
In some cases one might need to define the full SAML property to enable proper group sync. (see: https://github.com/BookStackApp/BookStack/issues/3109 )
2021-12-16 14:23:00 +01:00
0a2c1eb419 web/elements: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:27:08 +01:00
eb9593a847 web/elements: close notification drawer when clearing all notifications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:23:44 +01:00
7c71c52791 web/admin: add sidebar to applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:23:30 +01:00
59493c02c4 web/elements: pass full Markdown object to ak-markdown, get title from metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:18:43 +01:00
83089b47d3 web/elements: add Markdown component to improve rendering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:10:46 +01:00
103e723d8c web/elements: add support for sidebar on table page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:10:28 +01:00
7d6e88061f outposts: check if hub from context is set and fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 11:19:57 +01:00
f8aab40e3e internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 11:00:19 +01:00
5123bc1316 root: add sponsors to readme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 10:30:13 +01:00
30e8408e85 web/admin: fix notification unread colours not matching on user and admin interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 10:17:17 +01:00
bb34474101 web/admin: fix stage related flows not being shown in a list
closes #1941

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 10:13:10 +01:00
a105760123 events: improve app lookup for event creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 16:46:02 +01:00
f410a77010 lifecycle: add -Ofair to celery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 16:44:09 +01:00
6ff8fdcc49 root: enable threading integration in sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 15:49:08 +01:00
50ca3dc772 core: fix error when attempting to provider from cached application
closes #1940

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 15:11:13 +01:00
2a09fc0ae2 release: 2021.12.1-rc5 2021-12-15 10:21:29 +01:00
fbb6756488 Merge branch 'master' into version-2021.12 2021-12-15 10:16:05 +01:00
f45fb2eac0 website/docs: prepare 2021.12.1-rc5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 10:15:58 +01:00
7b8cde17e6 web/admin: show warning when deleting currently logged in user
closes #1937

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 10:11:35 +01:00
186634fc67 build(deps): bump @patternfly/patternfly from 4.159.1 to 4.164.2 in /web (#1938) 2021-12-15 08:58:46 +01:00
c84b1b7997 build(deps): bump goauthentik.io/api from 0.2021104.13 to 0.2021104.17 (#1939) 2021-12-15 08:58:30 +01:00
6e83467481 web/flows: fix error when attempting to enroll new webauthn device
closes #1936

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 00:24:46 +01:00
72db17f23b stages/identification: fix miscalculated sleep
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 23:31:08 +01:00
ee4e176039 web/admin: fix invalid display for LDAP Source sync status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 23:00:45 +01:00
e18e681c2b events: dont store full backtrace in systemtask
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:55:38 +01:00
10fe67e08d sources/ldap: fix incorrect task names being referenced, use source native slug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:53:14 +01:00
fc1db83be7 web: Update Web API Client version (#1935)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-14 22:19:46 +01:00
3740e65906 web/admin: add dashboard with user creation/login statistics
closes #1867

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:08:41 +01:00
30386cd899 events: add custom manager with helpers for metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 21:49:33 +01:00
64a10e9a46 events: fix schema for top_per_user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 21:08:15 +01:00
77d6242cce web/admin: fix extra closing element
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 20:53:25 +01:00
9a86dcaec3 web: Update Web API Client version (#1934)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-14 16:26:21 +01:00
0b00768b84 events: add flow_execution event type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:13:51 +01:00
d162c79373 flows: fix wrong exception being caught in flow inspector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:06:00 +01:00
05db352a0f web: add link to open API Browser for API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:03:42 +01:00
5bf3d7fe02 web: Update Web API Client version (#1933)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-14 15:59:26 +01:00
1ae1cbebf4 web/admin: re-organise sidebar items
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:57:03 +01:00
8c16dfc478 stages/invitation: use GroupMemberSerializer serializer to prevent all of the user's groups and their users from being returned
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:56:13 +01:00
c6a3286e4c web/admin: update overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:23:32 +01:00
44cfd7e5b0 web: accept header as slot in PageHeader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:23:20 +01:00
210d4c5058 web: add helper to navigate with params
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:23:02 +01:00
6b39d616b1 web/elements: allow aggregate cards' elements to not be centered
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:22:52 +01:00
32ace1bece crypto: add additional validation before importing a certificate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 14:49:25 +01:00
54f893b84f flows: add additional sentry spans
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:59:36 +01:00
b5685ec072 outposts: set sentry-trace on API requests to match them to the outer transaction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:50:31 +01:00
5854833240 stages/authenticator_webauthn: fix migrations for different choices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:06:46 +01:00
4b2437a6f1 stages/authenticator_webauthn: use correct choices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:51:34 +01:00
2981ac7b10 tests/e2e: use ghcr for e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:36:47 +01:00
59a51c859a stages/authenticator_webauthn: add migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 10:09:35 +01:00
47bab6c182 web: Update Web API Client version (#1932)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-14 10:02:50 +01:00
4e6714fffe stages/authenticator_webauthn: make user_verification configurable
closes #1921

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:58:20 +01:00
aa6b595545 root: bump python dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:45:36 +01:00
0131b1f6cc sources/oauth: fix wrong redirect URL being generated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:34:47 +01:00
9f53c359dd build(deps): bump typescript from 4.5.3 to 4.5.4 in /web (#1926) 2021-12-14 08:31:56 +01:00
28e4dba3e8 build(deps): bump @babel/core from 7.16.0 to 7.16.5 in /web (#1929) 2021-12-14 08:31:36 +01:00
2afd46e1df build(deps): bump @babel/plugin-transform-runtime in /web (#1922) 2021-12-14 08:31:28 +01:00
f5991b19be build(deps): bump @babel/preset-typescript from 7.16.0 to 7.16.5 in /web (#1925) 2021-12-14 08:31:19 +01:00
5cc75cb25c build(deps): bump @typescript-eslint/parser from 5.6.0 to 5.7.0 in /web (#1923) 2021-12-14 08:31:04 +01:00
68c1df2d39 build(deps): bump @rollup/plugin-node-resolve in /web (#1924) 2021-12-14 08:30:35 +01:00
c83724f45c build(deps): bump @babel/preset-env from 7.16.4 to 7.16.5 in /web (#1930) 2021-12-14 08:29:56 +01:00
5f91c150df build(deps): bump @babel/plugin-proposal-decorators in /web (#1927) 2021-12-14 08:29:36 +01:00
0bfe999442 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1928) 2021-12-14 08:29:13 +01:00
58440b16c4 build(deps): bump goauthentik.io/api from 0.2021104.11 to 0.2021104.13 (#1931) 2021-12-14 08:28:42 +01:00
57757a2ff5 web: Update Web API Client version (#1920) 2021-12-14 01:11:32 +01:00
2993f506a7 sources/oauth: implement apple native sign-in using the apple JS SDK
closes #1881

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 00:40:29 +01:00
e4841d54a1 *: migrate ui_* properties to functions to allow context being passed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:56:35 +01:00
4f05dcec89 sources/oauth: allow oauth types to override their login button challenge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:45:11 +01:00
ede6bcd31e *: remove debug statements from tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:41:08 +01:00
728c8e994d sources/oauth: strip parts of custom apple client_id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 23:26:00 +01:00
5290b64415 web: Update Web API Client version
commit 96533a743c
Author: BeryJu <BeryJu@users.noreply.github.com>
Date:   Mon Dec 13 20:50:45 2021 +0000

    web: Update Web API Client version

    Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:53:28 +01:00
fec6de1ba2 providers/oauth2: add additional logging to show with token path is taken
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:49:42 +01:00
69678dcfa6 providers/oauth2: use generate_key instead of uuid4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 22:13:20 +01:00
4911a243ff sources/oauth: add initial okta type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1910
2021-12-13 21:48:59 +01:00
70316b37da web/admin: only show source name not description
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 21:48:45 +01:00
307cb94e3b website: add initial redirect (#1918)
* website: add initial redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website: add integrations too

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website: add docs to netlify config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website: use splats correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add status

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 20:42:31 +00:00
ace53a8fa5 root: remove lxml version workaround
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 21:08:50 +01:00
0544dc3f83 web: use correct transaction names for web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 21:03:30 +01:00
708ff300a3 website: remove remaining /index URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 19:01:16 +01:00
4e63f0f215 core: add fallback for missing sentry trace
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 18:06:01 +01:00
141481df3a web: send sentry-trace header in API requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 17:41:11 +01:00
29241cc287 core: always inject sentry trace into template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 17:41:00 +01:00
e81e97d404 root: add .python-version so dependabot doesn't use broken python 3.10.0
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 17:23:42 +01:00
a5182e5c24 root: custom sentry-sdk, attempt #3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 17:00:18 +01:00
cf5ff6e160 outposts: reset backoff after successful connect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:38:48 +01:00
f2b3a2ec91 providers/saml: optimise excessive queries to user when evaluating attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:38:38 +01:00
69780c67a9 lib: set evaluation span's description based on filename
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:32:01 +01:00
ac9cf590bc *: use prefixed span names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:18:42 +01:00
cb6edcb198 core: set tag with request ID
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:15:27 +01:00
8eecc28c3c events: add sentry for geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:15:20 +01:00
10b16bc36a outposts: add description to span
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:12:14 +01:00
2fe88cfea9 root: don't stale enhancement/confirmed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:51:30 +01:00
caab396b56 web/admin: improve wording for froward_auth, don't show setup when using proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:36:05 +01:00
5f0f4284a2 web/admin: fix rendering for applications on view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:27:28 +01:00
c11be2284d outposts/proxy: also set max length for redis backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:05:55 +01:00
aa321196d7 outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 13:33:20 +01:00
ff03db61a8 web/admin: fix rendering of applications with custom icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 13:21:14 +01:00
f3b3ce6572 website/docs: add 2021.12.1-rc4 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 12:56:34 +01:00
09b02e1aec release: 2021.12.1-rc4 2021-12-13 12:53:58 +01:00
451a9aaf01 Merge branch 'master' into version-2021.12 2021-12-13 12:53:50 +01:00
eaee7cb562 root: use lxml 4.6.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 12:21:27 +01:00
a010c91a52 website/docs: update references for new docusaurus version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 11:56:26 +01:00
709194330f root: install lxml before regular install to prevent xmlsec issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 11:26:05 +01:00
5914bbf173 Merge branch 'master' into version-2021.12
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Dockerfile
2021-12-13 10:54:21 +01:00
5e9166f859 root: lock lxml to 4.6.4 to prevent xmlsec issues with lxml-version.h missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 10:47:59 +01:00
35b8ef6592 build(deps): bump @docusaurus/plugin-client-redirects in /website (#1912)
Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.9 to 2.0.0-beta.13.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.13/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 10:21:33 +01:00
772a939f17 tests/e2e: remove version assertion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 09:26:07 +01:00
24971801cf build(deps): bump @docusaurus/preset-classic in /website (#1916)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.9 to 2.0.0-beta.13.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.13/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-13 09:24:38 +01:00
43aebe8cb2 build(deps): bump @sentry/tracing from 6.16.0 to 6.16.1 in /web (#1914) 2021-12-13 09:09:32 +01:00
19cfc87c84 build(deps): bump postcss from 8.4.4 to 8.4.5 in /website (#1913) 2021-12-13 08:48:24 +01:00
f920f183c8 build(deps): bump @sentry/browser from 6.16.0 to 6.16.1 in /web (#1915) 2021-12-13 08:47:54 +01:00
97f979c81e build(deps): bump rollup from 2.61.0 to 2.61.1 in /web (#1917) 2021-12-13 08:38:12 +01:00
e61411d396 Revert "Revert "root: use custom sentry-sdk""
This reverts commit c4f985f542.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 00:01:59 +01:00
c4f985f542 Revert "root: use custom sentry-sdk"
This reverts commit 302dee7ab2.
2021-12-12 23:52:11 +01:00
302dee7ab2 root: use custom sentry-sdk
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 22:11:20 +01:00
83c12ad483 flows: fix description for spans
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 21:51:51 +01:00
4224fd5c6f lib: correctly report "faked" IPs to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:54:29 +01:00
597ce1eb42 Revert "*: use cache.delete_pattern instead of getting keys and deleting them"
This reverts commit ff481ba6e7.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/flows/views/executor.py
#	authentik/policies/signals.py
2021-12-12 20:41:34 +01:00
5ef385f0bb policies: don't always clear application cache on post_save
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:39:04 +01:00
cda4be3d47 flows: add additional tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:37:20 +01:00
8cdf22fc94 root: set default redis iter to 1000
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:24:43 +01:00
6efc7578ef flows: add additional sentry spans to flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 20:04:21 +01:00
4e2457560d outposts/proxy: use filesystem storage for non-embedded outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:59:31 +01:00
2ddf122d27 Revert "outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long"
This reverts commit b3e40c6aed.
2021-12-12 17:58:19 +01:00
a24651437a website/docs: simplify traefik compose example
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:18:55 +01:00
30bb7acb17 website/docs: fix escaping for docker-compose annotations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:13:46 +01:00
7859145138 outposts: don't try to create docker client for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:13:26 +01:00
8a8aafec81 root: enable boto3 sentry integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 14:38:24 +01:00
deebdf2bcc outposts: fix unlabeled transaction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 13:46:31 +01:00
4982c4abcb outpost: add additional checks for websocket connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 00:11:17 +01:00
1486f90077 tests/e2e: cleanup output from e2e containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 23:27:57 +01:00
f4988bc45e outpost: rewrite re-connect logic without recws
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:53:59 +01:00
8abc9cc031 outposts: cleanup logs for failed binds
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:09:18 +01:00
534689895c lib: remove old load_local_files setting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:03:06 +01:00
8a0dd6be24 outposts: handle RuntimeError during websocket connect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:01:55 +01:00
65d2eed82d stagse/authenticator_webauthn: remove pydantic import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 20:32:25 +01:00
e450e7b107 root: add wsproto to default packages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 20:20:28 +01:00
552ddda909 lifecycle: use custom worker class
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 19:55:09 +01:00
bafeff7306 outposts: improve logging for outpost controllers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 15:35:20 +01:00
6791436302 root: fix certs file missing in container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 15:01:04 +01:00
7eda794070 outposts: fix docker controller not stopping containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1859
2021-12-11 14:00:15 +01:00
e3129c1067 root: bump celery messages to info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 13:59:56 +01:00
ff481ba6e7 *: use cache.delete_pattern instead of getting keys and deleting them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 21:35:28 +01:00
a106bad2db tests/e2e: use correct container image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 21:11:37 +01:00
3a1c311d02 website/docs: Added FortiManager Link (#1908) 2021-12-10 20:57:36 +01:00
6465333f4f website/docs: Add FortiManager intergration instructions (#1907) 2021-12-10 20:57:22 +01:00
b761659227 root: use ghcr for containers during testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 20:57:09 +01:00
9321c355f8 build(deps): bump construct-style-sheets-polyfill in /web (#1905)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/construct-style-sheets) from 2.4.17 to 3.0.5.
- [Release notes](https://github.com/calebdwilliams/construct-style-sheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/main/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/construct-style-sheets/commits)

---
updated-dependencies:
- dependency-name: construct-style-sheets-polyfill
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-10 09:41:24 +01:00
86c8e79ea1 website: rollback to beta.9 to fix build issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-10 09:26:05 +01:00
8916b1f8ab build(deps): bump @docusaurus/preset-classic in /website (#1902) 2021-12-10 08:40:01 +01:00
41fcf2aba6 build(deps): bump golang from 1.17.4-bullseye to 1.17.5-bullseye (#1900) 2021-12-10 08:39:36 +01:00
87e72b08a9 build(deps): bump rollup from 2.60.2 to 2.61.0 in /web (#1901) 2021-12-10 08:39:25 +01:00
b2fcd42e3c build(deps): bump typescript from 4.5.2 to 4.5.3 in /web (#1903) 2021-12-10 08:38:30 +01:00
fc1b47a80f build(deps): bump @docusaurus/plugin-client-redirects in /website (#1904) 2021-12-10 08:37:56 +01:00
af14e3502e build(deps): bump goauthentik.io/api from 0.2021104.10 to 0.2021104.11 (#1906) 2021-12-10 08:37:36 +01:00
a2faa5ceb5 tests/e2e: use mixed casing in ldap test to ensure search works
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 20:59:55 +01:00
63a19a1381 outposts/ldap: fix searches with mixed casing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 20:55:51 +01:00
b472dcb7e7 tests/e2e: update new outpost service account names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 20:44:52 +01:00
6303909031 web: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 20:16:53 +01:00
4bdc06865b web: fix borders of sidebars in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 20:10:14 +01:00
2ee48cd039 outposts: set display name for outpost service account
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 19:59:38 +01:00
893d5f452b web: Update Web API Client version (#1899)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-09 19:56:29 +01:00
340a9bc8ee core: fix error when using invalid key-values in attributes query
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 19:53:47 +01:00
cb3d9f83f1 ci: don't rebuild frontend for sentry, extract files from container image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 14:10:13 +01:00
4ba55aa8e9 flows: fix error when trying to print FlowToken objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:55:43 +01:00
bab6f501ec flows: fix error in inspector view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:52:46 +01:00
7327939684 website/docs: add 2021.12.1-rc3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 13:25:23 +01:00
ffb0135f06 release: 2021.12.1-rc3 2021-12-09 13:23:41 +01:00
ee0ddc3d17 Merge branch 'master' into version-2021.12 2021-12-09 13:23:28 +01:00
5dd979d66c root: add flower entrypoint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 11:38:57 +01:00
a9bd34f3c5 events: revert to @prefill_task decorator since base class doesn't get executed until task runs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 10:18:00 +01:00
db316b59c5 stages/prompt: use policyenginemode all
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:40 +01:00
6209714f87 policies/expression: add ak_call_policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:39:28 +01:00
1ed2bddba7 root: fix celery task ID not being included in log
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 09:36:52 +01:00
26b35c9b7b root: fix name conflict in threadlocal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:42:48 +01:00
86a9271f75 root: add request_id to celery tasks, prefixed with "task-"
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:34:20 +01:00
402ed9bd20 root: allow usage of --randomly-seed for testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-08 21:33:41 +01:00
68a0684569 ci: fix test-migrations-from-stable (#1898)
* ci: copy files instead of checking out

* ci: add marks for prs
2021-12-08 21:00:58 +01:00
bd2e453218 outposts/ldap: Fix search case sensitivity. (#1897) 2021-12-08 20:11:56 +01:00
1f31c63e57 build(deps): bump python from 3.9-slim-bullseye to 3.10.1-slim-bullseye (#1894) 2021-12-08 07:49:01 +01:00
480410efa2 build(deps): bump @sentry/tracing from 6.15.0 to 6.16.0 in /web (#1895) 2021-12-08 07:48:33 +01:00
e9bfee52ed build(deps): bump @sentry/browser from 6.15.0 to 6.16.0 in /web (#1896) 2021-12-08 07:47:03 +01:00
326b574d54 root: update dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-07 16:25:10 +01:00
0a7abcf2ad build(deps): bump @typescript-eslint/eslint-plugin in /web (#1890) 2021-12-07 08:41:43 +01:00
9e5019881e build(deps): bump @typescript-eslint/parser from 5.5.0 to 5.6.0 in /web (#1892) 2021-12-07 08:40:49 +01:00
8071750681 build(deps): bump eslint from 8.4.0 to 8.4.1 in /web (#1891) 2021-12-07 08:39:49 +01:00
f2f0931904 build(deps): bump goauthentik.io/api from 0.2021104.9 to 0.2021104.10 (#1893) 2021-12-07 08:39:10 +01:00
a91204e5b9 web/user: allow custom font-awesome icons for applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1189
2021-12-06 21:20:15 +01:00
b14c22cbff web: fix duplicate classes, make generic icon clickable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 21:13:04 +01:00
b3e40c6aed outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 13:54:59 +01:00
873aa4bb22 providers/saml: remove SESSION_KEY_POST from session after using it
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1873
2021-12-06 12:47:25 +01:00
c1ea78c422 core: fix missing permission check for group creating when creating service account
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 12:33:29 +01:00
3c8bbc2621 sources/*: only allow superusers to directly create source connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 12:22:40 +01:00
42a9979d91 web/elements: close dropdown when refresh event is dispatched
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 11:18:22 +01:00
b7f94df4d9 web: fix text colour for bad request on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:54:21 +01:00
4143d3fe28 events: don't set metrics on import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:13:48 +01:00
f95c06b76f web: Update Web API Client version (#1889)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-06 10:13:42 +01:00
e3e9178ccc web/admin: show outpost warning on application page too
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:10:44 +01:00
b694816e7b sources/*: Allow creation of source connections via API
closes #1888

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:05:42 +01:00
e046000f36 build(deps): bump chart.js from 3.6.1 to 3.6.2 in /web (#1886) 2021-12-06 08:42:21 +01:00
edb5caae9b build(deps-dev): bump prettier from 2.5.0 to 2.5.1 in /website (#1883) 2021-12-06 08:41:30 +01:00
02d27651f3 build(deps): bump eslint from 8.3.0 to 8.4.0 in /web (#1884) 2021-12-06 08:41:05 +01:00
44cd4d847d build(deps): bump golang from 1.17.3-bullseye to 1.17.4-bullseye (#1882) 2021-12-06 08:40:18 +01:00
472256794d build(deps): bump prettier from 2.5.0 to 2.5.1 in /web (#1885) 2021-12-06 08:39:52 +01:00
cbb6887983 build(deps): bump goauthentik.io/api from 0.2021104.7 to 0.2021104.9 (#1887) 2021-12-06 08:39:26 +01:00
317e9ec605 core: add FlowToken which saves the pickled flow plan, replace standard token in email stage to allow finishing flows in different sessions
closes #1801

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 15:20:11 +01:00
ada2a16412 tests/e2e: add post binding test
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:18:01 +01:00
61f6b0f122 web: Update Web API Client version (#1880)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-05 11:17:31 +01:00
6a3f7e45cf providers/saml: add ?force_binding to limit bindings for metadata endpoint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:42 +01:00
2b78c4ba86 *: use request.query_params instead of accessing the django request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 11:14:20 +01:00
680ef641fb providers/saml: fix error when propertymapping returns invalid data in list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-05 10:31:16 +01:00
2b5504ff63 release: 2021.12.1-rc2 2021-12-04 20:06:41 +01:00
f8a6aa3250 root: fix missing certs directly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-04 20:06:02 +01:00
6c23fc4b2b webiste/docs: add 2021.12.1-rc2 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-04 20:03:26 +01:00
639c2f5c2e Merge branch 'master' into version-2021.12 2021-12-04 19:55:37 +01:00
e44632f9a0 web/admin: fix wrong description for reputation policy
closes #1877

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-04 19:54:58 +01:00
3f2ce34468 web: update icons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:54:04 +01:00
426cef998f sources/ldap: make task names more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:39:42 +01:00
8ddb62ed0f sources/plex: fix plex token being included in event log
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:37:40 +01:00
572f6d4ea0 crypto: add certificate discovery to automatically import certificates from lets encrypt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1835
2021-12-03 18:27:36 +01:00
8db68410c6 website/docs: re-organise core concepts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 18:27:36 +01:00
caa3c3de32 web: Add Christmas icon (#1879) 2021-12-03 16:50:24 +01:00
23b5ca761a web: Update Web API Client version (#1876)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-03 10:11:44 +01:00
f1b9021e3e sources/ldap: add optional tls verification certificate
closes #1875

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:09:13 +01:00
99c62af89e ci: add check to ensure no migrations are missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:05:21 +01:00
8ae50814fe *: add missing migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:04:54 +01:00
2e2b491ec7 source/ldap: fix hanging unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 09:41:13 +01:00
ac432e78e2 sources/ldap: don't cache LDAP Connection, use random server
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 21:18:20 +01:00
83ac42ac43 stages/prompt: fix error when both default and required are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 21:11:22 +01:00
4bd1cd127b providers/saml: fix IndexError in signature check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:30:03 +01:00
2eb5a5cc76 sources/ldap: handle typeerror during creation of objects when using wrong kwargs params
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:24:24 +01:00
75051687e6 sources/ldap: allow multiple server URIs for loadbalancing and failover
closes #1874

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:15:11 +01:00
7e316b5fc2 root: add missing sample_rate default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:54:37 +01:00
5594ad0b36 web/admin: add spinner to table refresh to show progress
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:34:21 +01:00
ea097afeae outposts/proxy: fix path prefix in static handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:21:40 +01:00
b77b4b5c80 root: fix paths in proxy dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:19:45 +01:00
f8dc7f48f2 outposts/proxy: fix path for media
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 18:47:36 +01:00
692e75b057 website/docs: add passwordless docs
closes #1863

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:48:34 +01:00
02771683a6 web/flows: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:32:00 +01:00
40404ff41d outposts/ldap: Rework/improve LDAP search logic. (#1687)
* outposts/ldap: Refactor searching so we key primarily off base dn

* docs: Updating guides on sssd and the ldap outpost.
2021-12-02 15:28:58 +01:00
fdd5211253 web/flows: Revise duo authenticator login prompt text (#1872) 2021-12-02 15:27:47 +01:00
85a417d22e outposts/proxy: re-add rs256 support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:17:32 +01:00
66c530ea06 outposts: always trigger outpost reconcile on startup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:06:14 +01:00
347c3793fc outposts/proxy: add additional headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 14:19:57 +01:00
cf78c89830 events: replace @prefill_task with custom base class to prefill
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:47:35 +01:00
20c738c384 crypto: fix default API not having an ordering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 13:00:41 +01:00
4f54ce6afb providers/saml: fix error when using post bindings and user freshly logged in
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1873
2021-12-02 13:00:21 +01:00
f0d7edb963 *: fix @prefill_task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 10:05:51 +01:00
e42ad8db93 outposts/proxy: copy user-agent header from upstream request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 10:01:54 +01:00
e917e756cc outposts/proxy: make logging fields more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 09:58:50 +01:00
b4963bec76 providers/proxy: fix defaults for traefik integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 21:47:13 +01:00
0d23796989 root: fix paths for dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 21:25:01 +01:00
d0ceafe79e outposts/proxy: add X-authentik-meta-version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:59:45 +01:00
f2023a7af2 *: don't use go embed to make using custom files easier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:35:28 +01:00
31d597005f build(deps): bump goauthentik.io/api from 0.2021104.6 to 0.2021104.7 (#1871)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021104.6 to 0.2021104.7.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021104.6...v0.2021104.7)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-01 20:30:25 +01:00
62dc86be7b web: Update Web API Client version (#1870)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-12-01 20:21:51 +01:00
7aa8e35f87 providers/proxy: use wildcard for traefik headers copy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:35 +01:00
60b95271eb outposts/proxy: add additional headers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:09 +01:00
382b0e8941 root: fix overlay outpost api generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:13:05 +01:00
3b068610b9 outposts/proxy: clean up header setting (don't copy all headers)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:05:56 +01:00
9a8f62f42e web/admin: don't show disabled http basic as red
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 17:07:03 +01:00
632e3cf7dc Merge branch 'master' into version-2021.12 2021-12-01 15:27:48 +01:00
e7144649d5 ci: dont use matrix for multiplatform build
This reverts commit 9092d1189b.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	.github/workflows/ci-main.yml
#	.github/workflows/ci-outpost.yml
#	.github/workflows/release-publish.yml
2021-12-01 15:27:37 +01:00
dd8909c9b2 website/docs: add v2021.12 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 13:23:55 +01:00
e6818c1f6a release: 2021.12.1-rc1 2021-12-01 13:08:13 +01:00
10c4e3c717 ci: use buildx
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 13:08:06 +01:00
b8425867c8 build(deps): bump chart.js from 3.6.0 to 3.6.1 in /web (#1864) 2021-12-01 08:54:36 +01:00
a05da8cdbf build(deps): bump rollup from 2.60.1 to 2.60.2 in /web (#1865) 2021-12-01 08:54:08 +01:00
c3aeefa653 website/docs: fix wrong placeholder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-30 11:21:14 +01:00
62c840df21 website/docs: fix missing placeholder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-30 11:20:05 +01:00
45d1db8880 website/docs: add proxy custom header docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-30 11:12:34 +01:00
b34f30f1dd build(deps): bump @typescript-eslint/eslint-plugin in /web (#1860) 2021-11-30 08:54:12 +01:00
7a54e84eb4 build(deps): bump @typescript-eslint/parser from 5.4.0 to 5.5.0 in /web (#1861) 2021-11-30 08:52:44 +01:00
917eef96fb lib: add improved log to sentry events being sent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 21:37:29 +01:00
9a393848b2 outpost: configure error reporting based off of main instance config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:42:19 +01:00
a6abeb50c6 build(deps): bump goauthentik.io/api from 0.2021104.5 to 0.2021104.6 (#1858)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021104.5 to 0.2021104.6.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021104.5...v0.2021104.6)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-29 14:39:17 +01:00
39acb044fb lifecycle: allow custom worker count in k8s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:27:55 +01:00
7d2f622f4b web: Update Web API Client version (#1857)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:17:12 +01:00
a2b38caf64 web: update for new config api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 13:58:00 +01:00
1193b9fd22 root: revert to upstream api generator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 13:56:18 +01:00
e3a5ef1907 root: make sentry sample rate configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 13:52:34 +01:00
e597bb4542 policies/expression: fix ak_user_has_authenticator evaluation when not specifying optional device_type (#1849)
* Fix ak_user_has_authenticator evaluation when not specifying optional device_type

* Simpler patch
2021-11-29 10:35:17 +01:00
c31df2b3f9 build(deps): bump @lingui/cli from 3.12.1 to 3.13.0 in /web (#1854) 2021-11-29 09:00:35 +01:00
3f2637cffa build(deps): bump @lingui/detect-locale from 3.12.1 to 3.13.0 in /web (#1852) 2021-11-29 09:00:25 +01:00
3b6d9bec0a build(deps): bump @lingui/macro from 3.12.1 to 3.13.0 in /web (#1853) 2021-11-29 08:49:01 +01:00
b184210610 build(deps): bump postcss from 8.4.1 to 8.4.4 in /website (#1851) 2021-11-29 08:48:29 +01:00
d2010808ee build(deps): bump @lingui/core from 3.12.1 to 3.13.0 in /web (#1855) 2021-11-29 08:48:03 +01:00
f5b185dd06 build(deps): bump goauthentik.io/api from 0.2021104.3 to 0.2021104.5 (#1856) 2021-11-29 08:47:21 +01:00
ae161c1ba9 web/admin: fix actions column on ip reputation page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 21:14:52 +01:00
109283b189 web: use ak-label for boolean values
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 21:12:53 +01:00
235d283def web/elements: use <slot> in ak-label instead of attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 21:05:07 +01:00
96a86b3298 web: include @lit in prettier sort
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 15:45:00 +01:00
db9ea8603c web: cleanup sentry error catching
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 15:17:27 +01:00
8b7f698c7b outposts/proxy: continue compiling additional regexes even when one fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 15:06:26 +01:00
813c13ce45 web/admin: fix display of banners on provider pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 20:48:06 +01:00
629a0e1a4d web/admin: make object view pages more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 19:40:40 +01:00
d1e2c018a3 root: fix dockerfile paths
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 14:36:44 +01:00
1e86844823 root: copy website into web builder for docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 14:19:57 +01:00
b58875d4c7 web: add rollup config for proxy outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 14:18:51 +01:00
03e0eecb1d web/admin: redesign provider pages to provide more info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 14:08:45 +01:00
7aa61d86e4 web: allow markdown import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 13:52:11 +01:00
0e6a799e6d web/elements: allow multiple tabs with different state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 13:30:02 +01:00
bc6afdf94f website/docs: use common placeholders for forward_auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 13:29:38 +01:00
80364b04a9 web/elements: allow app.model names for ak-object-changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 13:03:13 +01:00
0948e0ee1c web: Update Web API Client version (#1848)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-26 10:35:03 +01:00
5c54de66fc *: add meta_model_name field to all models with inheritance
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:32:39 +01:00
937edc73bc web: Update Web API Client version (#1847)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-26 10:30:18 +01:00
2c0d8d8943 core: add meta_model_name to MetaNameSerializer to easily show relevant events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 10:27:08 +01:00
059ccdd592 build(deps-dev): bump prettier from 2.4.1 to 2.5.0 in /website (#1845) 2021-11-26 08:49:08 +01:00
0ec0d3f1aa build(deps): bump prettier from 2.4.1 to 2.5.0 in /web (#1846) 2021-11-26 08:48:26 +01:00
0a0eee138a stages/authenticator_validate: catch error when attempting to configure user without flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:44:48 +01:00
3ed4c38101 web: re-fix router height
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:31:35 +01:00
de8cf65503 stages/email: prevent error with duplicate token
closes #1827

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 23:17:37 +01:00
121b36f35f lib: log error for file:// in config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 19:21:40 +01:00
363aed2a47 root: url quote redis passwords for connection string
closes https://github.com/goauthentik/helm/issues/39

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-25 18:05:36 +01:00
ef994e0084 lifecycle: improve redis connection debug py printing full URL 2021-11-25 13:44:42 +01:00
e1ef196283 core: remove dump_config, handle directly in config loader without booting django, don't check database 2021-11-25 13:38:31 +01:00
f81ffd54f3 website/docs: fix invalid markdown 2021-11-25 13:37:57 +01:00
f9bfae9190 Merge branch 'master' into next 2021-11-25 13:07:55 +01:00
0d686465a4 ci: bump cache revision 2021-11-25 11:54:30 +00:00
e13b4a561f web/user: fix filtering for applications based on launchURL 2021-11-25 11:32:24 +01:00
f6417f95e5 build(deps): bump postcss from 8.3.11 to 8.4.1 in /website (#1841) 2021-11-25 08:17:28 +01:00
9c6bf5f4ae build(deps): bump goauthentik.io/api from 0.2021104.2 to 0.2021104.3 (#1842) 2021-11-25 08:16:39 +01:00
d2d7acb50e website/integrations: update minio callback URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 22:54:45 +01:00
c7681dde32 outposts: reload on signal USR1, fix display of reload offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 22:45:27 +01:00
8cf9661e08 root: fix translation, run translation compile on PR
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 18:16:02 +01:00
2dbd76cf90 tests/e2e: use StaticLiveServerTestCase
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 11:32:45 +01:00
28d39f4d80 website: add netlify badge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 11:30:02 +01:00
760428aa18 website/docs: add outpost integrations docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 10:58:23 +01:00
49bbac7441 web: Update Web API Client version (#1840)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-24 10:04:38 +01:00
0b8cfd437b *: fix typo'd signing pair name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 09:55:10 +01:00
b69aaf9417 tests/e2e: fix header name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 09:18:22 +01:00
758d1bdfd4 tests/e2e: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 08:50:13 +01:00
ab501ca971 build(deps): bump actions/cache from 2.1.6 to 2.1.7 (#1838) 2021-11-24 07:38:33 +01:00
9657741a3d build(deps): bump github.com/go-openapi/strfmt from 0.21.0 to 0.21.1 (#1839) 2021-11-24 07:38:02 +01:00
29b7368f42 tests/e2e: fix static user checks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:56:23 +01:00
75724b6f8d root: make testing output more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:46:27 +01:00
7c9f821bfd web: attempt to drop fetch errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:29:25 +01:00
5b9e6bed6c lib: fix custom URL schemes being overwritten
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:23:09 +01:00
6113d7d768 website/docs: add application docs
closes #1837

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:15:30 +01:00
0e3602d7eb lib: improve probability of symbols in generated key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 23:01:30 +01:00
2b94e9a687 tests/e2e: bump retries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:54:08 +01:00
6ed7d842e4 *: allow URLs without domain and custom schemas
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:51:04 +01:00
8794c840cf web: only show applications with http link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:40:31 +01:00
9c9c00755a core: fix test user not having password set properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:30:09 +01:00
6703c0a5d1 tests/e2e: don't load core migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 22:05:19 +01:00
060f19ce06 tests/e2e: ensure akadmin is not used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 21:34:53 +01:00
b2d2e7cbc8 tests/e2e: remove logger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 21:19:33 +01:00
91fd792f88 tests/e2e: use generated uid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:19:13 +01:00
2d9cd28221 tests/e2e: bump retries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:15:37 +01:00
aa64cf898f ci: enable automerge for generated PRs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:15:31 +01:00
27d109c1fe core: compile backend translations (#1836)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-23 19:12:48 +01:00
1b4a14f3ee root: allow .mo files for backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:09:29 +01:00
9835785864 core: make test user's password optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 19:06:44 +01:00
d785998c5a Revert "root: disable random tests for now"
This reverts commit 8ba9553220.
2021-11-23 18:46:51 +01:00
8ba9553220 root: disable random tests for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:57:56 +01:00
6eb132c48b tests/e2e: fix ldap provider tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 17:28:35 +01:00
b523cd064b Translate /locale/en/LC_MESSAGES/django.po in de (#1834) 2021-11-23 15:17:57 +01:00
355b832cc3 tests/e2e: fix email backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 13:22:28 +01:00
8f5af464a2 web/admin: fix Forms with file uploads not handling errors correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 12:18:39 +01:00
fb70769358 root: add missing importlib-metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 10:11:47 +01:00
ad06778c34 ci: remove v2 suffix in cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 10:00:23 +01:00
bcb4451fb7 build(deps): bump rollup from 2.60.0 to 2.60.1 in /web (#1832) 2021-11-23 08:52:34 +01:00
110d558572 build(deps): bump boto3 from 1.20.10 to 1.20.11 (#1833) 2021-11-23 08:47:20 +01:00
e32d4f0095 tests/e2e: don't run e2e tests randomly for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:32:24 +01:00
0e413acd61 ci: only try once for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:30:10 +01:00
d3397c349f stages/email: minify email css template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-23 00:10:43 +01:00
fb18a10e61 website/integrations: Add Provider/Uptime Kuma (#1831)
* docs: add integration docs for uptime-kuma

* docs: add integration docs for uptime-kuma
2021-11-23 00:10:31 +01:00
9bb0d04aeb root: Random tests (#1825)
* root: add pytest-randomly to randomise tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate flows for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: generate users for testing instead of relying on existing ones

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: use generated certificate

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: keep containers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: use websockets test case

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 22:56:02 +01:00
666cf77b04 website/integrations: add integration docs for budibase (#1830) 2021-11-22 22:55:49 +01:00
90ca1b8e5a website/integrations: Add Provider/HedgeDoc (#1829)
* docs: add integration docs for hedgedoc

* docs: add integration docs for hedgedoc
2021-11-22 22:55:14 +01:00
f1e95b8816 website/integrations: Add Provider/PowerDNS-Admin (#1826)
* docs: add integration docs for powerdns-admin

* docs: add integration docs for powerdns-admin
2021-11-22 21:02:30 +01:00
dad8547212 root: remove arm/v7
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 14:29:21 +01:00
a957e1fc45 root: install cargo for cryptography build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 12:22:19 +01:00
39e3f02503 website: fix build for docs-only target
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 12:11:24 +01:00
2b999e922c ci: disable arm for ci due to duration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 11:48:41 +01:00
4224134a19 tests/e2e: remove deprecated desired_capabilities
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 11:28:26 +01:00
eda260dddd website: fix redirect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 11:13:31 +01:00
8a1dd521e1 website: move integrations to separate folder, separate sidebar and new URL, add URL redirect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 11:10:26 +01:00
1c5e91de1d website: fix selection in navbar not being visible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 10:55:33 +01:00
4b1744fad0 website/docs: add onlyoffice docs
closes #1820

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 10:28:21 +01:00
f17b83010d root: remove separate postgresql repo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-22 10:07:26 +01:00
12ddf9e73c build(deps): bump boto3 from 1.20.8 to 1.20.10 (#1823) 2021-11-22 09:00:27 +01:00
0b3b300333 build(deps): bump eslint from 8.2.0 to 8.3.0 in /web (#1821) 2021-11-22 08:59:32 +01:00
23f1a19765 build(deps): bump codemirror from 5.63.3 to 5.64.0 in /web (#1822) 2021-11-22 08:58:54 +01:00
b27e998615 build(deps): bump structlog from 21.2.0 to 21.3.0 (#1824) 2021-11-22 08:58:04 +01:00
2b928146a8 root: use amd64 for multistage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 23:59:05 +01:00
a94b0504b7 ci: always disable fail-fast
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 23:44:09 +01:00
4fcbfa7709 ci: add missing qemu action
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 23:35:23 +01:00
986e01db20 root: add missing libraries to compile cryptography for armv7
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 23:34:01 +01:00
9092d1189b ci: disable arm/v7 for now, use matrix for release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 23:08:55 +01:00
605ed94ba2 ci: use matrix for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 22:51:07 +01:00
4cbeeb9a0c ci: add cross platform build for dev main image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1819
2021-11-21 22:44:49 +01:00
993dee6aad ci: build outpost for multi arch in matrix
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 22:33:43 +01:00
c663deb659 website/docs: note to not use quotation marks for email
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-21 21:52:29 +01:00
61621e7d60 lifecycle: improve backup restore by dropping database before
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-20 00:32:24 +01:00
0ee9b07172 web/admin: show changelog on user info page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:59:04 +01:00
431ba6b4ef lib: add cli option for lib.config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:52:10 +01:00
146818793e website/docs: fix kubectl restart command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:45:03 +01:00
0ce663bce4 web/user: fix height issues on user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:32:25 +01:00
923ba4fb42 web: improve dark theme for vertical tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:29:47 +01:00
bb6eed0db1 root: properly catch 404 errors for websocket connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:19:07 +01:00
d1bd8f333b outposts/proxy: use disableIndex for static files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:50:56 +01:00
2ac9f5426d outposts: don't panic when listening for metrics fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:37:13 +01:00
8d1fd48003 web/admin: allow flow edit on flow view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:20:31 +01:00
241cb01ec6 web/flows: fix spinner during webauthn not centred
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 09:51:52 +01:00
65b4139997 build(deps): bump @patternfly/patternfly from 4.151.4 to 4.159.1 in /web (#1816) 2021-11-19 08:46:35 +01:00
1431be8c44 build(deps): bump geoip2 from 4.4.0 to 4.5.0 (#1817) 2021-11-19 08:45:20 +01:00
049fceeeee web: add more state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 21:40:34 +01:00
e6638afa3c web: remove manually URL encoded paths
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 21:33:49 +01:00
465898c7d0 web/elements: add new API to store attributes in URL, use for table and tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 21:16:00 +01:00
c363b1cfde web/admin: unify rendering and sorting of user lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 20:44:15 +01:00
b30ffd1318 web/admin: make user clickable for bound policies list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 20:43:45 +01:00
fe0d3a64c8 web/admin: fix typo in events action
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 20:32:59 +01:00
ae9f1c1063 outpost/ldap: fix panic when attempting to update without locked users mutex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 19:36:27 +01:00
ea63d384fd web/flows: fix lint errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 09:36:42 +01:00
c28d75754d build(deps): bump boto3 from 1.20.7 to 1.20.8 (#1813) 2021-11-18 08:50:55 +01:00
518b691e00 build(deps): bump packaging from 21.2 to 21.3 (#1812) 2021-11-18 08:50:15 +01:00
cd845be45d build(deps): bump typescript from 4.4.4 to 4.5.2 in /web (#1811) 2021-11-18 08:49:45 +01:00
a813d8e05e build(deps): bump sentry-sdk from 1.4.3 to 1.5.0 (#1814) 2021-11-18 08:49:18 +01:00
75f850f4d2 build(deps): bump @babel/plugin-transform-runtime in /web (#1804)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.16.0 to 7.16.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.4/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:40:32 +01:00
c84265c6f0 build(deps): bump @sentry/browser from 6.14.3 to 6.15.0 in /web (#1805)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.14.3 to 6.15.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.14.3...6.15.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:39:21 +01:00
a477ea29cd build(deps): bump @babel/preset-env from 7.16.0 to 7.16.4 in /web (#1803)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.16.0 to 7.16.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.4/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:39:06 +01:00
f6aa85e340 build(deps): bump @sentry/tracing from 6.14.3 to 6.15.0 in /web (#1806)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.14.3 to 6.15.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.14.3...6.15.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:38:02 +01:00
0aeedb3ad8 build(deps): bump @babel/plugin-proposal-decorators in /web (#1807)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.16.0 to 7.16.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.4/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:37:53 +01:00
4b29f238b5 build(deps): bump boto3 from 1.20.6 to 1.20.7 (#1808)
Bumps [boto3](https://github.com/boto/boto3) from 1.20.6 to 1.20.7.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.20.6...1.20.7)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:37:16 +01:00
34157db06a build(deps): bump celery from 5.2.0 to 5.2.1 (#1809)
Bumps [celery](https://github.com/celery/celery) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: celery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:37:03 +01:00
84b9e66a97 build(deps): bump goauthentik.io/api from 0.2021104.1 to 0.2021104.2 (#1810)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021104.1 to 0.2021104.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021104.1...v0.2021104.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17 09:36:47 +01:00
e831e4fb94 root: add lifespan shim to prevent errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 13:25:03 +01:00
956922820b web: Update Web API Client version (#1802)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-16 12:39:37 +01:00
b0fac9c9f1 providers/saml: fix SessionNotOnOrAfter not being included
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 12:36:40 +01:00
f4db09cd59 events: add gdpr_compliance option
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1551
2021-11-16 11:29:13 +01:00
047030f901 web: optionally allow unique messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 11:21:30 +01:00
638e8d741f *: fix multiple tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 10:38:21 +01:00
425b87a6d0 outposts: add ack and disconnect tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-16 09:34:37 +01:00
e7dc763612 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1797) 2021-11-16 08:22:27 +01:00
a80cc94da9 build(deps): bump @typescript-eslint/parser from 5.3.1 to 5.4.0 in /web (#1798) 2021-11-16 08:21:19 +01:00
547dd3cb7a build(deps): bump goauthentik.io/api from 0.2021103.2 to 0.2021104.1 (#1799) 2021-11-16 08:20:30 +01:00
95739a934c build(deps): bump boto3 from 1.20.5 to 1.20.6 (#1800) 2021-11-16 08:20:07 +01:00
d12e24017e outposts: add websocket tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 23:58:19 +01:00
e4a0345231 tests/integration: use channels test server
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 22:37:36 +01:00
078633c2af lib: drop all sentry exceptions when debug enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 22:18:56 +01:00
4b8b800648 stages/*: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 20:58:34 +01:00
6f9ed001a1 crypto: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 20:38:03 +01:00
e4095dfffe admin: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 20:10:09 +01:00
d5341c2284 managed: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:53:08 +01:00
357bd65028 web/flows: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:52:17 +01:00
867fb0dac0 root: fix settings for managed not loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:49:03 +01:00
2666aa2c73 root: add errorhandling in log middleware
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 17:11:44 +01:00
f0e9bafa35 outposts: add tests for management commands
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:44:42 +01:00
0d739f5c1a recovery: add additional tests for commands
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:41:37 +01:00
e08077c73a root: replace asgi-based logger with middleware
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:32:56 +01:00
7cf8a31057 internal: fix integrated docs not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:13:02 +01:00
c43049a981 website/docs: remove deprecated docker_image_base
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 15:58:17 +01:00
1a9ace6f9d internal: use runserver when debug for code reload
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 14:04:10 +01:00
b8d86bc482 web/flows: update default background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 13:07:00 +01:00
f7044e41c6 build(deps-dev): bump bandit from 1.7.0 to 1.7.1 (#1793)
* build(deps-dev): bump bandit from 1.7.0 to 1.7.1

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1)

---
updated-dependencies:
- dependency-name: bandit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: fix bandit false positives

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 09:16:16 +01:00
fa59fec17a build(deps): bump rollup from 2.59.0 to 2.60.0 in /web (#1792) 2021-11-15 08:39:31 +01:00
e29afa289e build(deps): bump boto3 from 1.20.4 to 1.20.5 (#1794) 2021-11-15 08:39:14 +01:00
4d4193a586 ci: re-add cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-14 19:14:18 +01:00
59343ff441 stages/email: fix missing component in response when retrying email send
closes #1791

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-14 17:52:31 +01:00
cab564152d lib: load json strings in config env variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-14 12:44:22 +01:00
97b814ab33 outpost/proxy: show better error when hostname isn't configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 22:45:37 +01:00
88516ba2ca core: make defaults for _change_email and _change_username configurable
closes #1789

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 22:33:03 +01:00
f069cfb643 outposts/ldap: copy boundUsers map when running refresh instead of using blank map
closes #1651

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 00:26:01 +01:00
4ce3c2341c website/docs: add nginx-proxy-manager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-12 23:00:10 +01:00
77e42d60cb website/docs: use new headers in docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-12 22:48:01 +01:00
cacb919c6f web: Update Web API Client version (#1787)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-12 14:15:26 +01:00
2a3b049b01 release: 2021.10.4 2021-11-12 12:31:24 +01:00
e4a5e86c93 sources/oauth: Fixed the incorrect padding issue in apple.py (#1773)
* Fixed the incorrect padding issue in apple.py

Fixed the incorrect padding issue in apple.py by adding proper padding to the raw_payload.

* Fixed the incorrect encoding of client_secret in apple.py

In the get_client_secret() method, the "sub" in the payload must be only the client ID. So I have changed self.source.consumer_key to parts[0]

* Added the decode method for the id_token

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-12 12:10:29 +01:00
3a51bcd890 tests/e2e: add retry for webdriver init
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-12 09:37:05 +01:00
c28f68400d build(deps): bump @sentry/tracing from 6.14.1 to 6.14.3 in /web (#1783) 2021-11-12 08:30:16 +01:00
5d50fc281a build(deps): bump boto3 from 1.20.3 to 1.20.4 (#1785) 2021-11-12 08:30:02 +01:00
9f7d1466e9 build(deps): bump @sentry/browser from 6.14.1 to 6.14.3 in /web (#1784) 2021-11-12 08:29:22 +01:00
c815d24806 build(deps): bump psycopg2-binary from 2.9.1 to 2.9.2 (#1786) 2021-11-12 08:29:05 +01:00
d1200a7e40 website/docs: Mention correct logo in Gitea docs (#1782) 2021-11-12 01:02:17 +01:00
edd4f9ceae root: update security
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:50:46 +01:00
1cfe81887b stages/authenticator_validate: improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:33:41 +01:00
bb5e0ebab1 website/docs: Add Integrations/Provider/Gitea (#1781) 2021-11-11 23:23:32 +01:00
dfda76d896 tests/e2e: use cached LDAP lookup for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:20:32 +01:00
8fc5114ce4 website/docs: prepare 2021.10.4 docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:20:17 +01:00
e7b4363d21 outposts/ldap: fix logic error in cached ldap searcher
closes #1779

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:18:32 +01:00
53905d1a89 stages/authenticator_validate: enable all device classes by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 22:49:30 +01:00
0ad1392632 web/admin: use more natural default ordering for objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 22:47:10 +01:00
6db1c914ee stages/authenticator_duo: fix devices created with name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 22:16:47 +01:00
00324f922d outposts: send SelectedChallenge when using MFA with Go FlowExecutor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 21:27:06 +01:00
8a24ddad28 website/docs: Added missing SSO server URL field for Zabbix (#1780) 2021-11-11 21:06:33 +01:00
0f85fe3c29 website/docs: authentik starts lowercase (#1778)
* website/docs: Add Integrations/Provider/OPNsense

* website/docs: Add missing steps + fix recs

* website/docs: authentik starts lowercase

* website/docs: authentik starts lowercase
2021-11-11 16:53:46 +01:00
1f05eaa420 website/docs: Add Integrations/Provider/OPNsense (#1777)
* website/docs: Add Integrations/Provider/OPNsense

* website/docs: Add missing steps + fix recs

* website/docs: authentik starts lowercase
2021-11-11 16:44:02 +01:00
84e126a32c website/docs: add group hierarchy docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 16:15:40 +01:00
9ae69866bd web/admin: fix display issues with flow execute buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 13:51:33 +01:00
56576a7f44 build(deps): bump boto3 from 1.20.2 to 1.20.3 (#1769) 2021-11-11 08:43:22 +01:00
7f0295ba53 build(deps): bump @trivago/prettier-plugin-sort-imports in /web (#1768) 2021-11-11 08:43:13 +01:00
5553b3ff36 build(deps): bump drf-spectacular from 0.20.2 to 0.21.0 (#1771) 2021-11-11 08:43:03 +01:00
6f969525fe build(deps): bump webauthn from 1.0.1 to 1.1.0 (#1770) 2021-11-11 08:42:33 +01:00
bac12246fb build(deps-dev): bump coverage from 6.1.1 to 6.1.2 (#1772) 2021-11-11 08:42:19 +01:00
b53ef6e529 build(deps): bump goauthentik.io/api from 0.2021103.1 to 0.2021103.2 (#1767)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021103.1 to 0.2021103.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021103.1...v0.2021103.2)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-10 23:26:13 +01:00
39c62afb93 web: Update Web API Client version (#1766)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-10 23:11:26 +01:00
c98bdbacc5 providers/proxy: return list of configured scope names so outpost requests custom scopes
closes #1762

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 23:06:21 +01:00
1e8d45dc15 web: write interfaces to different folders and remove custom chunk names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 17:54:50 +01:00
202b057ce9 outposts/proxy: fix static files not being served in proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 17:16:13 +01:00
d5d8641b37 stages/*: disable trim_whitespace on important fields
closes #1765

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 16:48:19 +01:00
9dd37689e3 ci: remove cache from translation compile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 13:19:57 +01:00
cc0832f487 core: force lowercase emails for gravatar usage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 12:40:20 +01:00
b515bf7d2e ci: disable cache again...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 11:57:22 +01:00
34fbf3941b website/docs: add air-gapped docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 11:28:59 +01:00
e73606b54d root: catch error in analytics on startup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 11:28:08 +01:00
0a413fe21a web/admin: show warnings above tab bar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 10:05:35 +01:00
d1b9f1e6b8 ci: limit pipeline to 2 hours
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 09:31:59 +01:00
e5a6e128e4 build(deps): bump boto3 from 1.20.0 to 1.20.2 (#1763) 2021-11-10 08:16:19 +01:00
9295d1ed0b website/docs: fix missing SAML cert in sentry docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 23:42:16 +01:00
5d479a6c8f root: set utm_source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 23:23:47 +01:00
4a773b2b4f sources/ldap: set connect/receive timeout (default to 15s)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 22:27:58 +01:00
8003d67844 sources/ldap: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 22:24:33 +01:00
58baf97e2d website/docs: Add additionalHeaders to attributes list (#1754)
* Add additionalHeaders to attributes list

Added additional headers with example of usage

* Update user.md
2021-11-09 21:17:36 +01:00
51783c1cbb sorces/ldap: fix user/group sync overwriting attributes instead of merging them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 21:16:59 +01:00
94290c7e36 root: remove pipenv constraint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 14:19:33 +01:00
123ff7ad1f website/docs: Fix typo (#1761) 2021-11-09 13:27:52 +01:00
8f3e863cce root: use python slim-bullseye as base
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-09 11:34:42 +01:00
3d6c459349 build(deps): bump @typescript-eslint/parser from 5.3.0 to 5.3.1 in /web (#1756) 2021-11-09 08:24:51 +01:00
6a583bae49 build(deps): bump goauthentik.io/api from 0.2021102.6 to 0.2021103.1 (#1758) 2021-11-09 08:24:18 +01:00
78e5879d9a build(deps): bump boto3 from 1.19.12 to 1.20.0 (#1757) 2021-11-09 08:24:09 +01:00
fdcac2a9ed build(deps): bump @typescript-eslint/eslint-plugin in /web (#1755) 2021-11-09 08:23:47 +01:00
e81715caef web: Update Web API Client version (#1753)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-08 21:19:00 +01:00
ab2b13938e release: 2021.10.3 2021-11-08 20:52:11 +01:00
5c97a3aef3 website/docs: final 2021.10.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 20:51:59 +01:00
e6963c543d outpost: remove analytics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 19:35:53 +01:00
9ca15983a2 root: keep last 30 backups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 17:46:25 +01:00
99ef94b7aa stages/prompt: only set placeholder when in context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 15:10:32 +01:00
133bedafba web: Update Web API Client version (#1752)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-08 14:53:50 +01:00
c3faa61ed9 stages/prompt: set field placeholder based on plan context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:47:50 +01:00
da74304221 stages/prompt: add text_read_only field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:45:56 +01:00
ed6659a46d outpost/ldap: don't cleanup user info as it is overwritten on bind
closes #1651

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:41:38 +01:00
0abb1f94a4 build(deps): bump @sentry/tracing from 6.14.0 to 6.14.1 in /web (#1746) 2021-11-08 08:30:37 +01:00
c7e299e0bf build(deps): bump eslint from 8.1.0 to 8.2.0 in /web (#1747) 2021-11-08 08:29:44 +01:00
8a6590bac8 build(deps): bump @sentry/browser from 6.14.0 to 6.14.1 in /web (#1748) 2021-11-08 08:29:35 +01:00
ed717dcfa2 build(deps): bump boto3 from 1.19.11 to 1.19.12 (#1749) 2021-11-08 08:29:23 +01:00
b6df42f580 build(deps): bump goauthentik.io/api from 0.2021102.5 to 0.2021102.6 (#1750) 2021-11-08 08:29:16 +01:00
2ea85bd0c4 build(deps): bump celery from 5.1.2 to 5.2.0 (#1751) 2021-11-08 08:28:33 +01:00
68fa8105e1 Merge branch 'master' into version-2021.10 2021-11-07 23:16:53 +01:00
79db0ce4c1 stages/prompt: use initial instead of default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 22:20:08 +01:00
5e23b11764 stages/prompt: default prompts to the current value of the context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:59:50 +01:00
c4e029ffe2 recovery: add create_admin_group management command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:53:21 +01:00
61b5b36192 core: add command to output full config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:45:52 +01:00
c6cc1b1728 root: fix defaults for EMAIL_USE_TLS
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 21:37:14 +01:00
77dd652160 web: Update Web API Client version (#1744)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
#	web/package-lock.json
#	web/package.json
2021-11-07 18:04:27 +01:00
1144944adb stages/identification: only allow limited challenges for login sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:35 +01:00
7751be284e stages/identification: use random sleep
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:32 +01:00
74382c6287 cmd/server: improve cleanup on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:29 +01:00
011babbbd9 web: fix linting errors by adding a wrapper for next param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:26 +01:00
3c01a1dd7b ci: keep latest github and scripts folder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:22 +01:00
6e832be2de core: fix auth_method for tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:19 +01:00
46017f2f86 events: ignore creation/deletion of AuthenticatedSession objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:16 +01:00
da50eb0369 web/user: fix redirect after starting configuration flow from user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:13 +01:00
b996e3cee7 ci: lock pipenv to 2021.11.5 for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:09 +01:00
12735cc14c admin: improve check to remove version notifications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-07 18:03:06 +01:00
4d36699b78 outpost/ldap: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 19:32:11 +01:00
8110d2861b web: Update Web API Client version (#1744)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-06 19:23:25 +01:00
1cc60f572d root: use forked openapi-generator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 19:10:17 +01:00
90151a13ae stages/identification: only allow limited challenges for login sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 14:53:38 +01:00
f958aa6930 stages/identification: use random sleep
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 14:50:35 +01:00
13fbac30a2 cmd/server: improve cleanup on shutdown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:54:59 +01:00
4f4cdf16f1 web: fix linting errors by adding a wrapper for next param
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:19:39 +01:00
7d75599627 ci: keep latest github and scripts folder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:06:51 +01:00
924a13e832 core: fix auth_method for tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:04:41 +01:00
ae83c35dfd events: ignore creation/deletion of AuthenticatedSession objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:04:34 +01:00
e9102f4e28 web/user: fix redirect after starting configuration flow from user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 12:57:06 +01:00
9b8c1cbea5 ci: lock pipenv to 2021.11.5 for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 12:22:59 +01:00
6424bf98da admin: improve check to remove version notifications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 12:15:05 +01:00
74fb0f9e2a website/docs: Document using Proxmox VE as Provider Integration (#1743) 2021-11-06 00:00:57 +01:00
4380f37a77 web/admin: fix missing values for LDAP Provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 11:42:09 +01:00
17fccd44e6 build(deps): bump goauthentik.io/api from 0.2021102.4 to 0.2021102.5 (#1742)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.2021102.4 to 0.2021102.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.2021102.4...v0.2021102.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-05 10:50:59 +01:00
217a8b5610 web: Update Web API Client version (#1741)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-05 10:42:02 +01:00
2cef220a3e providers/ldap: add/squash migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:41:50 +01:00
5a8c66d325 providers/ldap: memory Query (#1681)
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add basic in-memory searcher

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:37:30 +01:00
8de13d3f67 build(deps): bump goauthentik.io/api from 0.2021102.2 to 0.2021102.4 (#1738)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 09:33:26 +01:00
5c22bedbaf build(deps): bump golang from 1.17.2-bullseye to 1.17.3-bullseye (#1737) 2021-11-05 08:29:51 +01:00
8a0f993f0b build(deps): bump boto3 from 1.19.10 to 1.19.11 (#1739) 2021-11-05 08:29:37 +01:00
abcf515a69 web/admin: also show note for SAML provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:21:10 +01:00
894f704c27 web: Update Web API Client version (#1736)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-05 01:18:13 +01:00
7798292aa8 sources/plex: use exception_to_string in tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:16:36 +01:00
3005ca17bd web/admin: show warning on provider when not used with outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:15:33 +01:00
909461e533 providers/*: include list of outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:06:04 +01:00
df838a4023 web: Update Web API Client version (#1735)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-05 01:01:51 +01:00
0f86b62dd3 website/docs: prepare 2021.10.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:55:31 +01:00
a40c3aeb68 core: make group membership lookup respect parent groups (upwards)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:53:56 +01:00
4080738ded web/elements: fix import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:27:23 +01:00
4a89be3048 core: include parent group name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 00:11:17 +01:00
e587c53e18 web: remove deprecated rollup-plugin-node-resolve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 22:34:48 +01:00
023b97aa69 sources/ldap: remove deprecated default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 22:13:47 +01:00
51365dba74 web: Update Web API Client version (#1734)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-04 21:03:09 +01:00
0d3705685e web/admin: show warning on invitation list when no stage exists or is bound
closes #1720

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 21:00:42 +01:00
738e4d5c74 web/admin: only show flows with an invitation stage configured instead of all enrollment flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1720
2021-11-04 20:54:55 +01:00
b14b9cb0dd tests/e2e: fix selector for static token tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:55:30 +01:00
2a21ebf7b0 web/flows: fix authenticator_validate not allowing alpha-numeric codes due to empty pattern
closes #1663

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:39:10 +01:00
5bc1301043 stages/authenticator_*: add default name for authenticators
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:34:51 +01:00
e0e4bf6972 web/user: fix device type for static tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:28:55 +01:00
337677ad12 web/flows: improve display of static tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:21:04 +01:00
3712d5aee2 web/user: fix empty page when no sources to connect exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:16:08 +01:00
dd82d55725 outposts: also send outpost type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:08:31 +01:00
8d766efecb root: don't set signal on start when running in ci or dev
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:32:21 +01:00
9ac3b29418 outpost: add lightweight, anonymous metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:10:43 +01:00
5000c5b061 web/user: fix ak-user-settings-password getting wrong configureUrl
closes #1733

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:50:26 +01:00
b362d2af03 lib: fix linting issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:43:09 +01:00
bcd42fce13 root: further improve detection of environment we're running in
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:35:22 +01:00
6deddd038f internal: start embedded outpost directly after backend is healthy instead of waiting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:18:04 +01:00
3b47cb64da root: improve compose detection, add anonymous stats
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:16:21 +01:00
cf5e70c759 lifecycle: revert to non-h11 worker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:16:10 +01:00
20bc38a54b build(deps): bump boto3 from 1.19.9 to 1.19.10 (#1731) 2021-11-04 08:36:15 +01:00
672a4ab1f4 build(deps): bump @sentry/browser from 6.13.3 to 6.14.0 in /web (#1728) 2021-11-04 08:35:53 +01:00
47dd667261 build(deps): bump @trivago/prettier-plugin-sort-imports in /web (#1729) 2021-11-04 08:35:40 +01:00
d1ac69789b build(deps): bump @sentry/tracing from 6.13.3 to 6.14.0 in /web (#1730) 2021-11-04 08:34:36 +01:00
08abf81c6d build(deps): bump goauthentik.io/api from 0.2021101.11 to 0.2021102.2 (#1732) 2021-11-04 08:33:50 +01:00
76bd987e6f web: Update Web API Client version (#1727)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-03 21:11:10 +01:00
5374352411 sources/plex: allow users to connect their plex account without login flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 21:09:02 +01:00
08eff4cc5d sources/plex: fix missing ordering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 20:21:33 +01:00
c87a9f9489 web: remove debug entry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 20:19:37 +01:00
8f6d700aa8 sources/oauth: set prompt=none for Discord provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 15:48:59 +01:00
c6843b026c web: Update Web API Client version (#1726)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-03 11:41:57 +01:00
3769c33ef0 Merge branch 'version-2021.10' 2021-11-03 11:39:27 +01:00
8982afaf44 website/docs: add 2021.10.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 10:20:29 +01:00
58c221e867 release: 2021.10.2 2021-11-03 10:07:28 +01:00
108d3e56e3 build(deps): bump @docusaurus/plugin-client-redirects in /website (#1721) 2021-11-03 09:01:54 +01:00
145b32c480 build(deps): bump lxml from 4.6.3 to 4.6.4 (#1725) 2021-11-03 08:33:42 +01:00
c788504bb0 build(deps): bump boto3 from 1.19.8 to 1.19.9 (#1724) 2021-11-03 08:33:32 +01:00
34782b31e5 build(deps): bump @docusaurus/preset-classic in /website (#1722) 2021-11-03 08:33:10 +01:00
5a3ca13d76 build(deps): bump swagger-spec-validator from 2.7.3 to 2.7.4 (#1723) 2021-11-03 08:33:02 +01:00
5dc0f3b91b website: remove static service account, use helm chart instead
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 00:14:01 +01:00
f51515f3de stages/invitation: don't throw 404 error in stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 00:07:13 +01:00
f978575293 stages/invitation: remove invitation from plan context after deletion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 23:50:12 +01:00
cb64eed90d web: re-fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 14:59:35 +01:00
db1f7f0400 Revert "tests/e2e: remove deprecated desired_capabilities"
This reverts commit 2da7a8fede.
2021-11-02 14:53:52 +01:00
0d02dbf55c api: replace django sentry proxy with go proxy to prevent login issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 14:44:37 +01:00
6da78b8c32 web/user: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 13:48:37 +01:00
3a80bc8bda web/user: fix configureUrl not being passed to <ak-user-settings-password>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 13:21:01 +01:00
1aa9c0f9ca root: move pyright config to toml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 13:05:11 +01:00
2da7a8fede tests/e2e: remove deprecated desired_capabilities
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 11:04:47 +01:00
89cb402f42 root: fix postgres install on bullseye
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 10:56:39 +01:00
b617fd213f web: replace deprecated commonjs plugin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 10:38:20 +01:00
97b0f58f25 root: build outposts without CGO, use debug images for basic shell
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 10:11:51 +01:00
49a98bb744 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1715) 2021-11-02 08:45:25 +01:00
f93a00d773 build(deps): bump rollup from 2.58.3 to 2.59.0 in /web (#1716) 2021-11-02 08:44:16 +01:00
8de40a8a21 build(deps): bump @typescript-eslint/parser from 5.2.0 to 5.3.0 in /web (#1717) 2021-11-02 08:44:08 +01:00
b9c54e97fa build(deps): bump goauthentik.io/api from 0.2021101.10 to 0.2021101.11 (#1718) 2021-11-02 08:44:00 +01:00
f1c55465f7 build(deps): bump boto3 from 1.19.7 to 1.19.8 (#1719) 2021-11-02 08:43:51 +01:00
40c2b2860b web: Update Web API Client version (#1712)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-11-01 21:08:38 +01:00
a92bce322d web/flows: fix sub_text not rendering for static fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 20:54:43 +01:00
af83308fd4 stages/prompt: fix type in Prompt not having enum set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 20:44:48 +01:00
73d991e75a root: update to buster
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 16:31:26 +01:00
1eba3f1334 root: update base images for outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 16:29:53 +01:00
b86251255d website/docs: add azure ad docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 15:58:59 +01:00
ccab41a6ca build(deps): bump packaging from 21.0 to 21.2 (#1708) 2021-11-01 12:32:42 +01:00
0e051031b1 build(deps): bump django-storages from 1.12.2 to 1.12.3 (#1710) 2021-11-01 12:24:06 +01:00
aecbe8c585 build(deps): bump django from 3.2.8 to 3.2.9 (#1711) 2021-11-01 12:19:17 +01:00
da98022704 build(deps): bump boto3 from 1.19.6 to 1.19.7 (#1709) 2021-11-01 12:16:20 +01:00
e13f9c0b38 build(deps-dev): bump coverage from 6.0.2 to 6.1.1 (#1707) 2021-11-01 12:15:57 +01:00
7941fb9d95 build(deps): bump @babel/plugin-proposal-decorators in /web (#1703) 2021-11-01 10:05:47 +01:00
d2392b0881 build(deps): bump @babel/preset-env from 7.15.8 to 7.16.0 in /web (#1704) 2021-11-01 10:05:37 +01:00
b2044d75fb build(deps): bump @babel/core from 7.15.8 to 7.16.0 in /web (#1701) 2021-11-01 10:04:54 +01:00
617b64b7db build(deps): bump @babel/preset-typescript from 7.15.0 to 7.16.0 in /web (#1700) 2021-11-01 10:03:54 +01:00
2bf5f2709a build(deps): bump @patternfly/patternfly from 4.144.5 to 4.151.4 in /web (#1702) 2021-11-01 10:03:42 +01:00
f03325df28 build(deps): bump @babel/plugin-transform-runtime in /web (#1705) 2021-11-01 10:03:22 +01:00
2b71e5bdfd build(deps): bump goauthentik.io/api from 0.2021101.5 to 0.2021101.10 (#1706) 2021-11-01 10:02:52 +01:00
f861737b85 web/admin: fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 23:04:26 +01:00
6036d88392 providers/proxy: allow configuring of additional scope mappings for proxy
closes #1255

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 22:25:51 +01:00
bfc8a56a0b *: fix tests for new field show_source_labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 18:18:21 +01:00
8d995011b8 web: Update Web API Client version (#1699)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-31 18:00:20 +01:00
5646141fe2 stages/identification: add show_source_labels option, to show labels for sources
closes #1679

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 17:57:48 +01:00
96b0bc324e web/flows: fix invalid validation for static tokens
closes #1663

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 17:32:39 +01:00
335d6edd11 providers/saml: fix error on missing AssertionConsumerServiceURL, fall back to default ACS
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 17:21:15 +01:00
5d9bed130a root: fix Detection of S3 settings for backups
closes #1698

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 16:54:10 +01:00
0a1ab74707 web: Update Web API Client version (#1697)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-31 12:16:09 +01:00
ef24b94585 Merge branch 'version-2021.10' 2021-10-31 12:13:43 +01:00
77b0438aa4 website/docs: prepare 2021.10.1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 10:57:48 +01:00
2788329880 release: 2021.10.1 2021-10-31 10:56:21 +01:00
15ab11be70 web/user: fix wrong device being selected in user's mfa update form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 00:55:56 +02:00
8d5460a132 outposts: separate websocket re-connection logic to decrease requests on reconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 21:33:50 +02:00
5ba2c80813 Merge branch 'update-web-api-client'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/user/user-settings/mfa/MFADeviceForm.ts
2021-10-30 15:20:16 +02:00
06766bdb25 web/user: update form to update mfa devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 15:19:17 +02:00
fdae13316c web: Update Web API Client version
Signed-off-by: GitHub <noreply@github.com>
2021-10-30 13:18:31 +00:00
ae21886e8e web/user: update form to update mfa devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 15:16:27 +02:00
f5dc81907a core: add created field to source connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 15:02:41 +02:00
40f8ce3c4c web/user: rework MFA Device UI to support multiple devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 14:56:14 +02:00
c934915776 web: Update Web API Client version (#1695)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-30 14:53:02 +02:00
d70c8fbcc3 core: add API for all user-source connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 14:36:54 +02:00
12b26e49ec flows: optimise stage user_settings API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 14:16:28 +02:00
0ac548d56e web: Update Web API Client version (#1693)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-29 09:16:08 +02:00
e771e1857f core: add API to list all authenticator devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-29 09:08:48 +02:00
479e9750c7 web/user: also search desc and publisher
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-29 09:08:48 +02:00
c5e7801247 build(deps): bump github.com/go-openapi/runtime from 0.20.0 to 0.21.0 (#1691)
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-29 09:06:34 +02:00
48ea15a946 build(deps): bump flowchart.js from 1.16.0 to 1.17.0 in /web (#1689) 2021-10-29 08:32:13 +02:00
e4c06f7356 build(deps): bump boto3 from 1.19.5 to 1.19.6 (#1690) 2021-10-29 08:31:58 +02:00
4d7d866e4b build(deps): bump github.com/go-openapi/strfmt from 0.20.3 to 0.21.0 (#1692) 2021-10-29 08:31:34 +02:00
72a93c0959 root: pin node images to v16
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-28 10:29:48 +02:00
73733b20b6 build(deps): bump @trivago/prettier-plugin-sort-imports from 2.0.4 to 3.0.0 in /web (#1684)
* build(deps): bump @trivago/prettier-plugin-sort-imports in /web

Bumps [@trivago/prettier-plugin-sort-imports](https://github.com/trivago/prettier-plugin-sort-imports) from 2.0.4 to 3.0.0.
- [Release notes](https://github.com/trivago/prettier-plugin-sort-imports/releases)
- [Changelog](https://github.com/trivago/prettier-plugin-sort-imports/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trivago/prettier-plugin-sort-imports/commits)

---
updated-dependencies:
- dependency-name: "@trivago/prettier-plugin-sort-imports"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* web: update prettier config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-28 09:48:51 +02:00
3872314931 root: update golang ldap server package
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-28 09:48:31 +02:00
85c6ede448 build(deps): bump goauthentik.io/api from 0.2021101.4 to 0.2021101.5 (#1685) 2021-10-28 08:47:04 +02:00
49c2bee9d6 build(deps): bump boto3 from 1.19.4 to 1.19.5 (#1686) 2021-10-28 08:46:54 +02:00
6b2c9d7c44 web: Update Web API Client version (#1683)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-27 22:32:01 +02:00
381010600f release: 2021.10.1-rc3 2021-10-27 18:57:07 +02:00
2a265f706a website/docs: prepare 2021.10.1-rc3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 18:56:52 +02:00
1b21b50b77 providers/oauth2: fallback to uid if UPN was selected but isn't available
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 16:11:35 +02:00
fa6324ab1d sources/ldap: prevent key users from being set as this is an M2M relation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:43:56 +02:00
9e0daf2bcf sources/ldap: skip values which are of type bytes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:43:38 +02:00
0273ae16df events: fix error when notification transport doesn't exist anymore
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:38:41 +02:00
f2f12ef0ba api: fix error when connection to websocket via secret_key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:21:52 +02:00
61d3df5f02 outposts: fix docker controller not using object_naming_template
closes #1682

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-27 15:04:59 +02:00
971de4fcb9 core: add USER_ATTRIBUTE_CHANGE_EMAIL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1590 and #1677
2021-10-27 13:34:11 +02:00
9c0bc78ca0 build(deps): bump boto3 from 1.19.3 to 1.19.4 (#1678) 2021-10-27 08:30:26 +02:00
92085f1a3c core: add toggle to completely disable backup mechanism
closes #1671

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-26 17:04:33 +02:00
6067406e96 website/docs: add freeipa docs (#1666)
* website/docs: add freeipa docs

Signed-off-by: M. David Bennett <mdavidbennett@syntheticworks.com>

* website/docs: fix freeipa settings screenshot

Signed-off-by: M. David Bennett <mdavidbennett@syntheticworks.com>
2021-10-26 14:29:42 +02:00
9ccd4d69fe build(deps): bump @typescript-eslint/eslint-plugin in /web (#1673) 2021-10-26 13:25:45 +02:00
17ec48332d build(deps): bump rollup from 2.58.0 to 2.58.3 in /web (#1672) 2021-10-26 13:25:01 +02:00
d3f5253a6b build(deps): bump @typescript-eslint/parser from 5.1.0 to 5.2.0 in /web (#1674) 2021-10-26 13:24:38 +02:00
7a70726d57 build(deps): bump kubernetes from v19.15.0b1 to 19.15.0 (#1675) 2021-10-26 13:24:12 +02:00
be303937fb build(deps): bump boto3 from 1.19.2 to 1.19.3 (#1676) 2021-10-26 13:23:59 +02:00
2326fc9ae2 build(deps): bump eslint from 8.0.1 to 8.1.0 in /web (#1669) 2021-10-25 09:58:30 +02:00
9374b0bcf2 build(deps): bump chart.js from 3.5.1 to 3.6.0 in /web (#1668) 2021-10-25 09:58:18 +02:00
47e6028099 build(deps): bump boto3 from 1.19.1 to 1.19.2 (#1670) 2021-10-25 09:57:57 +02:00
24114e8304 Update harbor doc (#1667) 2021-10-24 16:44:04 +02:00
921d9c79a1 build(deps): bump @docusaurus/plugin-client-redirects in /website (#1659) 2021-10-22 07:35:06 +02:00
1119989ab7 build(deps): bump postcss from 8.3.10 to 8.3.11 in /website (#1657) 2021-10-22 07:34:34 +02:00
e17594f0f7 build(deps): bump eslint-plugin-custom-elements in /web (#1658) 2021-10-22 07:34:25 +02:00
5ae3b868d4 build(deps): bump @docusaurus/preset-classic in /website (#1660) 2021-10-22 07:34:11 +02:00
37ee4af5ff build(deps): bump goauthentik.io/api from 0.2021101.2 to 0.2021101.4 (#1661) 2021-10-22 07:33:55 +02:00
829aaca317 build(deps): bump boto3 from 1.19.0 to 1.19.1 (#1662) 2021-10-22 07:33:45 +02:00
8eb4d53810 providers/oauth2: fix events being created from /application/o/authorize/
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-21 22:59:01 +02:00
e60dfc5b3c web: Update Web API Client version (#1656) 2021-10-21 17:06:53 +02:00
cc403d8777 Merge branch 'version-2021.10' 2021-10-21 16:52:18 +02:00
b81e2e69d1 website/docs: prepare 2021.10.1-rc2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-21 16:49:11 +02:00
731f5d0199 release: 2021.10.1-rc2 2021-10-21 16:38:30 +02:00
a40cb03b44 root: use custom url for discord
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-21 10:40:43 +02:00
f6a85c98c9 website: add redirect for discord
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-21 10:37:53 +02:00
5727f28784 web: Update Web API Client version (#1655)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-21 10:35:15 +02:00
6fc54ed7c6 build(deps): bump postcss from 8.3.9 to 8.3.10 in /website (#1652)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-21 10:29:48 +02:00
4298900ecc build(deps): bump eslint-plugin-custom-elements in /web (#1653) 2021-10-21 09:03:26 +02:00
f04aa09b72 build(deps): bump boto3 from 1.18.65 to 1.19.0 (#1654) 2021-10-21 09:02:57 +02:00
3647633232 core: cleanup embedded outpost logging, log user for http requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 22:12:49 +02:00
2e06786869 outpost/ldap: fix logging for mismatched provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 19:49:17 +02:00
eba91c6b2b root: add cookie domain setting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 18:26:22 +02:00
ba9f8a5795 lib: add utm_source to default links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 17:31:27 +02:00
02b4173d30 root: add utm_source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 16:34:39 +02:00
61fab497cf core: add user flag to prevent users from changing their usernames
closes #1590

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 16:17:19 +02:00
6a95de4e8a website: fix script loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 15:37:11 +02:00
621e7f564a flows: also clear cache when deleting bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 15:25:38 +02:00
535f2eb27e website: netlify proxy analytics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 15:24:04 +02:00
0db4716e92 web/flows: show cancel link when choosing authenticator chalenge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 15:15:31 +02:00
c10ce5c679 web: disable Sentry.showReportDialog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 11:46:02 +02:00
070438aabe ci: allow manual cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 11:18:23 +02:00
71798b931c ci: only keep images for last week
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 11:17:57 +02:00
8663134c87 build(deps): bump eslint-plugin-lit from 1.6.0 to 1.6.1 in /web (#1648) 2021-10-20 09:13:52 +02:00
6bcbaeec2e build(deps): bump boto3 from 1.18.64 to 1.18.65 (#1649) 2021-10-20 09:13:37 +02:00
17ce113c6b build(deps): bump goauthentik.io/api from 0.202198.6 to 0.2021101.2 (#1650) 2021-10-20 09:13:28 +02:00
ff600cd5b1 web: Update Web API Client version (#1647)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-20 00:19:11 +02:00
2df4322ecf sources/oauth: add choices to oauth provider_type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 00:11:19 +02:00
bb8e0c6f59 web/flow: showing of authentik logo in flow executor
closes #1646

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-19 23:06:23 +02:00
ca682c3ee4 web/flows: fix authenticator device selection not updating
closes #1645

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-19 22:45:09 +02:00
f011e8a61a Merge branch 'version-2021.10' 2021-10-19 22:25:35 +02:00
bfe27d5979 web: Update Web API Client version (#1643)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-19 16:01:03 +02:00
b8aff17d98 web: Update Web API Client version (#1643)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-19 15:52:31 +02:00
3b7e8e3931 website/docs: fix typos
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-19 15:45:15 +02:00
03369e2338 sources/ldap: check for existence of vendor fields before falling back
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1521
2021-10-19 15:40:40 +02:00
5da7d9a573 release: 2021.10.1-rc1 2021-10-19 15:34:59 +02:00
12110e264d ci: remove pwgen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-19 15:34:54 +02:00
f5049d3d0f build(deps): bump @typescript-eslint/eslint-plugin in /web (#1639) 2021-10-19 06:59:35 +02:00
b616253444 build(deps): bump flowchart.js from 1.15.0 to 1.16.0 in /web (#1640) 2021-10-19 06:58:04 +02:00
41efe49d27 build(deps): bump @typescript-eslint/parser from 5.0.0 to 5.1.0 in /web (#1641) 2021-10-19 06:57:55 +02:00
86d0e6ce45 build(deps): bump boto3 from 1.18.63 to 1.18.64 (#1642) 2021-10-19 06:57:35 +02:00
89bb27b95c sources/ldap: fix missing arguments?
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 22:04:58 +02:00
9333ffd04f website/docs: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 21:48:10 +02:00
2b155964c2 sources/ldap: extract vendor-specific functions
#1521

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 21:44:10 +02:00
c3bd509eb8 website/docs: add matrix docs
closes #1477

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 21:09:26 +02:00
72c0da2bdf build(deps): bump webauthn from 1.0.0 to 1.0.1 (#1638)
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 18:04:31 +02:00
151c62733f build(deps): bump goauthentik.io/api from 0.202198.3 to 0.202198.6 (#1637)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202198.3 to 0.202198.6.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202198.3...v0.202198.6)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 18:04:20 +02:00
dbdea24290 website: remove .git suffix for go import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 17:48:13 +02:00
909c4217bc website/docs: prepare 2021.10
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 17:06:18 +02:00
922fc9b8d5 sources/oauth: add Sign in with Apple (#1635)
* sources/oauth: add apple sign in support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: apple sign in docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix missing apple in sidebar

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/oauth: add fallback values for name and slug

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 16:35:12 +02:00
2c06eed8e7 events: don't prefill task if they already have a state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 14:48:14 +02:00
a1b3af401d outposts: improve handling of recreate scenarios
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 14:29:37 +02:00
92d38f62b5 outposts: handle k8s 422 response code by recreating objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 10:23:11 +02:00
98a56c77e3 providers/proxy: update ingress controller to work with k8s 1.22
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-18 10:00:24 +02:00
e5906a4115 build(deps): bump @docusaurus/plugin-client-redirects in /website (#1629)
Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.6 to 2.0.0-beta.7.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.7/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 09:16:44 +02:00
20c6874bb4 build(deps): bump @rollup/plugin-typescript from 8.2.5 to 8.3.0 in /web (#1630)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins/tree/HEAD/packages/typescript) from 8.2.5 to 8.3.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Changelog](https://github.com/rollup/plugins/blob/master/packages/typescript/CHANGELOG.md)
- [Commits](https://github.com/rollup/plugins/commits/typescript-v8.3.0/packages/typescript)

---
updated-dependencies:
- dependency-name: "@rollup/plugin-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 09:15:35 +02:00
222d3bd358 build(deps): bump @docusaurus/preset-classic in /website (#1631)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.6 to 2.0.0-beta.7.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.7/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 09:15:26 +02:00
02c15f7c43 build(deps): bump boto3 from 1.18.62 to 1.18.63 (#1632)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.62 to 1.18.63.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.62...1.18.63)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 09:15:16 +02:00
ab200eb855 build(deps): bump django-storages from 1.12.1 to 1.12.2 (#1633)
Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.12.1 to 1.12.2.
- [Release notes](https://github.com/jschneier/django-storages/releases)
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jschneier/django-storages/compare/1.12.1...1.12.2)

---
updated-dependencies:
- dependency-name: django-storages
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 09:15:06 +02:00
9e8ce012e3 build(deps): bump pyjwt from 2.2.0 to 2.3.0 (#1634)
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/jpadilla/pyjwt/releases)
- [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jpadilla/pyjwt/commits)

---
updated-dependencies:
- dependency-name: pyjwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-18 09:14:55 +02:00
00dc8f8b1f ci: backoff translation compile ci
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-17 22:15:38 +02:00
ce812e14c7 core: improve detection for s3 settings to trigger backup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-17 15:56:31 +02:00
8d32a53126 outposts: add additional error checking for docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-17 15:54:57 +02:00
f9b6b1dd3f web/admin: improve visibility of oauth rsa key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-17 14:15:36 +02:00
9679be39fa lifecycle: bump celery healthcheck to 5s timeout
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1627
2021-10-16 14:28:05 +02:00
0225bf9c99 stages/authenticator_validate: create a default authenticator validate stage with sensible defaults
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-16 00:28:56 +02:00
8040e2b6e4 build(deps): bump webauthn from 0.4.7 to 1.0.0 (#1625)
* build(deps): bump webauthn from 0.4.7 to 1.0.0

Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 0.4.7 to 1.0.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v0.4.7...v1.0.0)

---
updated-dependencies:
- dependency-name: webauthn
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* stages/authenticator_webauthn: migrate to new library version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_validate: migrate to new version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_webauthn: add bytes_to_base64url_dict for json encoding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* actually don't do that

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing response on web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more double json

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more base64 stuff

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* working

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: always sync

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-15 23:26:29 +02:00
56a56ffdbf web: new default flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-15 23:03:41 +02:00
afedcc0074 build(deps): bump drf-spectacular from 0.20.1 to 0.20.2 (#1624)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.20.1...0.20.2)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-15 17:48:51 +00:00
4d93e30147 web: Update Web API Client version (#1623)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-15 19:29:44 +02:00
f62786e58b policies: add additional filters to create flow charts on frontend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-15 18:21:44 +02:00
f76c1a6f93 build(deps): bump @patternfly/patternfly from 4.135.2 to 4.144.5 in /web (#1621) 2021-10-15 08:33:46 +02:00
56871523e7 build(deps): bump boto3 from 1.18.61 to 1.18.62 (#1622) 2021-10-15 08:33:31 +02:00
5f9dda2e58 outposts: rename docker_image_base to container_image_base, since its not docker specific
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 20:28:30 +02:00
0c55eea678 outposts: Adding more flexibility to outposts in Kubernetes. (#1617)
* outposts/ldap: Support hard coded `uidNumber` and `gidNumber`.

* outposts: more options for image + labels

- Set outpost docker image in config.
- Set image pull secrets in outpost config.
- Add additional labels for easier targeting from
  custom services.

* Fix some linting errors.

* outposts: Rename `docker_image` to `container_image
2021-10-14 19:54:56 +02:00
19a343dadb web: fix linting on rollup config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 19:49:31 +02:00
3ab9798f38 web: prepare for building with external API bases
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 19:45:20 +02:00
dd9dc7e596 root: fix error with sentry proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 19:45:01 +02:00
797e31696a outposts: fix attribute error in docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 13:37:56 +02:00
9a42c5815d web/admin: add fallback font for doughnut charts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:50:52 +02:00
f341479732 web: make table pagination size user-configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:48:52 +02:00
8eddb4b95b admin: check for debug in worker count api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:32:30 +02:00
5c58532121 web/admin: default to warning state for backup task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:31:01 +02:00
4b7399f454 *: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 12:21:28 +02:00
27982a771c web: Update Web API Client version (#1620)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-14 11:52:50 +02:00
8296d0c94c web/admin: fix SMS Authenticator stage not loading state correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 11:49:55 +02:00
9bc9568008 stages/authenticator_sms: make fields non-nullable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 11:42:11 +02:00
07d619d257 website/docs: add authenticator_sms stage docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 11:33:46 +02:00
6ee7d5bf9c web: Update Web API Client version
Signed-off-by: GitHub <noreply@github.com>
2021-10-14 10:25:13 +02:00
634375c43f stages/authenticator_sms: add generic provider (#1595)
* stages/sms: New SMS provider, aka wrapper for outside API

* web/pages/authenicator_sms: Conditionally show options based on provider.

* stages/authenicator_sms: Fixing up the model.

* Whoops

* stages/authenicator_sms: Adding supported auth types for Generic provider.

* web/pages/stages/authenicator_sms: Added auth type for generic provider

* web/pages/stages/authenicator_sms: Fixing up my generic provider options.

* stages/authenicator/sms: Working version of generic provider.

* stages/authenicator/sms: Cleanup and creating an event on error.

* web/ages/stages/authenicator_sms: Made a default for Auth Type and cleaned up the non-needed name attribute.

* stages/authenicator_validate: Fixing up the migration as it had no SMS.

* stages/authenicator_sms: Removd non-needed migration and better error code handling.

* stages/authenicator_sms: Removd non-needed migration and better error code handling.

* web/pages/stages/authenicator_sms: Provider default is not empty anymore.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 10:24:15 +02:00
10fc33f7d3 build(deps): bump eslint from 8.0.0 to 8.0.1 in /web (#1612) 2021-10-14 08:33:55 +02:00
ee140014e9 build(deps): bump pyyaml from 5.4.1 to 6.0 (#1613) 2021-10-14 08:33:07 +02:00
2d363948b6 build(deps-dev): bump selenium from 3.141.0 to 4.0.0 (#1614) 2021-10-14 08:32:50 +02:00
dcb3ef14d1 build(deps): bump boto3 from 1.18.60 to 1.18.61 (#1615) 2021-10-14 08:32:37 +02:00
a71ef7f36c build(deps): bump django-model-utils from 4.1.1 to 4.2.0 (#1616) 2021-10-14 08:32:28 +02:00
4d51ec906d internal/proxyv2: improve error handling when configuring app
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 21:48:11 +02:00
cd42281383 Revert "website: use 302-based proxy for goauthentik.io/v2"
This reverts commit faf706cbec.
2021-10-13 21:27:26 +02:00
faf706cbec website: use 302-based proxy for goauthentik.io/v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 21:25:12 +02:00
16c05a7bbc tests: migrate to selenium 4 (#1611) 2021-10-13 19:06:19 +02:00
2ad5995332 website/docs: add symlink for latest compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 17:51:54 +02:00
f73a404fd6 website: make static files available under domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 17:45:45 +02:00
178e8e7e43 web/user: initial optimisation for smaller screens
see #1610

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 11:23:26 +02:00
98907ec889 root: remove structlog.processors.format_exc_info for new structlog version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 09:42:49 +02:00
9dd9ab6da3 build(deps): bump structlog from 21.1.0 to 21.2.0 (#1609)
Bumps [structlog](https://github.com/hynek/structlog) from 21.1.0 to 21.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/21.1.0...21.2.0)

---
updated-dependencies:
- dependency-name: structlog
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:41:44 +02:00
80c6b8f0c7 build(deps): bump @typescript-eslint/parser from 4.33.0 to 5.0.0 in /web (#1604) 2021-10-13 08:36:09 +02:00
8436814874 build(deps): bump codemirror from 5.63.1 to 5.63.3 in /web (#1606) 2021-10-13 08:34:56 +02:00
3c16bdce45 build(deps): bump typescript from 4.4.3 to 4.4.4 in /web (#1607) 2021-10-13 08:34:34 +02:00
a2bce79796 build(deps): bump boto3 from 1.18.59 to 1.18.60 (#1608) 2021-10-13 08:34:24 +02:00
3e5b05203b Revert "root: handle liveness probe in router"
This reverts commit d39dbc7287.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 18:44:37 +02:00
57e86582d1 Revert "root: handle liveness probe in router (also keep internal one)"
This reverts commit dd7cb45733.
2021-10-12 18:44:08 +02:00
dd7cb45733 root: handle liveness probe in router (also keep internal one)
This reverts commit d39dbc7287.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 18:43:39 +02:00
2b09d97522 core: fix squash migrations error when AK_ADMIN_TOKEN is set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 17:45:10 +02:00
d39dbc7287 root: handle liveness probe in router
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 14:54:15 +02:00
48f96ea55f lifecycle: only set prometheus_multiproc_dir in ak wrapper to prevent full disk on worker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 14:44:32 +02:00
22a7c25526 internal: call GetStore on application to improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 13:33:20 +02:00
cc69311ec0 stages/authenticator_validate: add new class
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 13:13:31 +02:00
15d7004e25 tests/e2e: use vanity urls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 12:38:23 +02:00
ddb70a283e managed: don't run managed reconciler in foreground on startup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 12:10:46 +02:00
ecfc3a6d93 *: migrate everything to goauthentik.io docker proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 11:04:47 +02:00
5753182e03 root: migrate docker images to netlify proxy (#1603)
* migrate to netlify proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* relative forward to func

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* custom logic for go paths

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix const

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* missing break

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add default for new repos

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 10:58:02 +02:00
db79244ba4 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1602)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.33.0 to 5.0.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.0.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-12 09:26:39 +02:00
3231bcea66 build(deps): bump eslint from 7.32.0 to 8.0.0 in /web (#1596) 2021-10-12 08:34:10 +02:00
5e0299ca82 build(deps): bump @types/codemirror from 5.60.4 to 5.60.5 in /web (#1597) 2021-10-12 08:33:01 +02:00
42e35aace0 build(deps-dev): bump coverage from 6.0.1 to 6.0.2 (#1598) 2021-10-12 08:32:23 +02:00
d96cfc8e30 build(deps): bump goauthentik.io/api from 0.202198.2 to 0.202198.3 (#1599) 2021-10-12 08:32:13 +02:00
36c97afc44 build(deps): bump django-storages from 1.12 to 1.12.1 (#1600) 2021-10-12 08:32:02 +02:00
9c322be8d7 build(deps): bump boto3 from 1.18.58 to 1.18.59 (#1601) 2021-10-12 08:31:51 +02:00
cf09205933 website/docs: fix sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 22:45:24 +02:00
e851a7f294 website/docs: add missing make migrate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 22:33:31 +02:00
e4f141c6c0 *: Squash Migrations (#1593)
* *: first squash pass

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/saml: squash less

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix docker controller not correctly checking image

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix old migration reference

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 21:39:35 +02:00
35fa93d9aa ci: fix missing gettext
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:59:52 +02:00
2bdc0102f9 web: Update Web API Client version (#1592)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-11 17:53:43 +02:00
aef9d27706 stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
* stages/authenticator_sms: initial implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add initial stage UI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: clear invalid state when old input was invalid but new input is correct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_sms: add more logic

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add basic SMS settings

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_sms: initial working version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_sms: add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: optimise totp password manager entry on authenticator_validation stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add grouping support for table

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: allow sms class in authenticator stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add grouping to more pages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_validate: add SMS support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add throttling for flow executor based on session key and pending user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix style issues

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: add workflow to compile backend translations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
7bf587af24 ci: push dev images to ghcr (#1591)
* ci: push dev images to ghcr

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: use new ghcr images

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: use ghcr proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 14:08:34 +02:00
ef1cf7867c Revert "build(deps): bump eslint from 7.32.0 to 8.0.0 in /web (#1584)"
This reverts commit e22b8f5fdc.
2021-10-11 13:43:36 +02:00
da443b443c website: use ghcr proxy for registry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 10:08:21 +02:00
f4322e665a build(deps): bump github.com/go-openapi/strfmt from 0.20.2 to 0.20.3 (#1585)
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.20.2 to 0.20.3.
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.20.2...v0.20.3)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-11 09:20:36 +02:00
e22b8f5fdc build(deps): bump eslint from 7.32.0 to 8.0.0 in /web (#1584) 2021-10-11 08:33:38 +02:00
a18176af56 build(deps): bump react-before-after-slider-component in /website (#1583) 2021-10-11 08:32:48 +02:00
4132fd139c build(deps): bump goauthentik.io/api from 0.202197.2 to 0.202198.2 (#1586) 2021-10-11 08:32:28 +02:00
b077bb8783 build(deps): bump github.com/go-openapi/runtime from 0.19.31 to 0.20.0 (#1587) 2021-10-11 08:32:20 +02:00
69665d9547 build(deps): bump pycryptodome from 3.10.4 to 3.11.0 (#1588) 2021-10-11 08:32:11 +02:00
d0f056357d build(deps): bump boto3 from 1.18.57 to 1.18.58 (#1589) 2021-10-11 08:32:02 +02:00
9ed236f7ab outposts/ldap: Support hard coded uidNumber and gidNumber. (#1582) 2021-10-10 23:43:36 +02:00
83f4830946 website: add netlify config file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-10 22:26:33 +02:00
e23df99a9e web: Update Web API Client version (#1580)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-10 18:57:23 +02:00
b80ecd4668 stages/prompt: fix wrong field type of field_key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-10 18:54:56 +02:00
66ca488ea0 web: Update Web API Client version (#1579)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-10 14:43:58 +02:00
d959b7a930 Merge branch 'version-2021.9' 2021-10-10 14:35:40 +02:00
62ae3f1e31 website/docs: prepare 2021.9.8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-10 13:22:36 +02:00
619203c177 release: 2021.9.8 2021-10-10 13:12:26 +02:00
a1adf382af root: don't compilemessages in build process since it requires redis, do it on startup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 23:38:25 +02:00
834bddd0da root: add AUTHENTIK_SECRET_KEY for compilemessages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 22:52:32 +02:00
7d9251ce2f root: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 20:56:49 +02:00
fb13a46252 web: Update Web API Client version (#1576)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-09 20:23:38 +02:00
dfefdbfd7c root: compile messages for backend in docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 20:11:51 +02:00
846c971674 root: add translation for backend strings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 20:07:28 +02:00
5b7e1f97e0 stages/authenticator_duo: remove signals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 19:29:35 +02:00
dff0613b3d crypto: add managed field, prepare managed JWT cert
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 19:14:39 +02:00
0a4343d61b web: Update Web API Client version (#1575)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-09 16:05:02 +02:00
09696207a6 web/user: remove debug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 16:03:14 +02:00
8965451073 core: add default for user's settings attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 16:01:22 +02:00
994c1c4b6a web: Update Web API Client version (#1574)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-09 16:01:14 +02:00
3ee5a672f1 web/user: load interface settings from user settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 15:52:36 +02:00
b33ea9cc61 core: add settings serializer to user/me and update_self endpoints, saved in a key in attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-09 15:35:18 +02:00
50a623d8ab build(deps): bump golang from 1.17.1 to 1.17.2 (#1566) 2021-10-08 08:34:37 +02:00
cdbf7ae567 build(deps): bump lit from 2.0.0 to 2.0.2 in /web (#1567) 2021-10-08 08:34:21 +02:00
1307a39042 build(deps): bump react-before-after-slider-component in /website (#1569) 2021-10-08 08:33:54 +02:00
dca34cfbd3 build(deps): bump docker from 5.0.2 to 5.0.3 (#1571) 2021-10-08 08:33:39 +02:00
735f7cbd69 build(deps): bump boto3 from 1.18.56 to 1.18.57 (#1570) 2021-10-08 08:33:20 +02:00
728356d420 build(deps): bump goauthentik.io/api from 0.202197.1 to 0.202197.2 (#1572) 2021-10-08 08:32:54 +02:00
a9f6f1563d ci: fix more order
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 22:40:13 +02:00
155c28d7cd ci: prepare variables before checking out stable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 22:40:13 +02:00
f9a180eb1f ci: fix gh_env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 22:40:13 +02:00
4ae476e58d Revert "build(deps): bump construct-style-sheets-polyfill in /web (#1531)"
This reverts commit 55259adf38.
2021-10-07 22:35:41 +02:00
f32d35b07c policies/password: add extra sub_text field in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:27:24 +02:00
9e936e4436 outposts: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:15:57 +02:00
649abddea7 outposts: fallback to known-good outpost image if configured image cannot be pulled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:10:39 +02:00
956382b682 ci: set separate variable for container branch name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:06:03 +02:00
67b88595ad stages/prompt: fix sub_text not allowing blank
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 19:00:15 +02:00
b4ee693a5c stages/user_write: allow recursive writing to user.attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 18:57:19 +02:00
57e5acaf2f stages/prompt: add sub_text field to add HTML below prompt fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 18:34:37 +02:00
050ec99c89 flows: fix inspector history not being cleared when executing from API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 18:29:28 +02:00
10fd1c8120 web/admin: truncate prompt label when too long
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 17:58:07 +02:00
070745e764 Revert "build(deps): bump construct-style-sheets-polyfill in /web (#1531)"
This reverts commit 55259adf38.
2021-10-07 10:48:12 +02:00
cbeee27fc1 build(deps): bump @sentry/tracing from 6.13.2 to 6.13.3 in /web (#1556)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 09:39:44 +02:00
2bc4d0cedb build(deps): bump @babel/core from 7.15.5 to 7.15.8 in /web (#1555) 2021-10-07 08:28:13 +02:00
5105a1c207 build(deps): bump @babel/plugin-transform-runtime in /web (#1557) 2021-10-07 08:28:02 +02:00
64e357ab0e build(deps): bump @babel/preset-env from 7.15.6 to 7.15.8 in /web (#1554) 2021-10-07 08:27:03 +02:00
6ca93525aa build(deps): bump @babel/plugin-proposal-decorators in /web (#1558) 2021-10-07 08:26:21 +02:00
a2c978768c build(deps): bump @sentry/browser from 6.13.2 to 6.13.3 in /web (#1559) 2021-10-07 08:26:11 +02:00
f0c7be7144 build(deps): bump pyjwt from 2.1.0 to 2.2.0 (#1560) 2021-10-07 08:26:00 +02:00
0f96e3e4b3 build(deps): bump django-storages from 1.11.1 to 1.12 (#1561) 2021-10-07 08:25:44 +02:00
d42fc37a88 build(deps): bump goauthentik.io/api from 0.202196.1 to 0.202197.1 (#1562) 2021-10-07 08:25:16 +02:00
4ecd8f5dcf build(deps): bump boto3 from 1.18.55 to 1.18.56 (#1563) 2021-10-07 08:25:06 +02:00
d7a194b512 build(deps-dev): bump coverage from 6.0 to 6.0.1 (#1564) 2021-10-07 08:24:56 +02:00
753f8d38bf web: Update Web API Client version (#1552)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-06 21:09:30 +02:00
118a54517a website/docs: add 2021.9.7 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 21:05:04 +02:00
8c27616d0c Merge branch 'version-2021.9' 2021-10-06 21:04:16 +02:00
e444d0d640 release: 2021.9.7 2021-10-06 20:57:56 +02:00
3869965b4c web/admin: fix description for flow import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/fr_FR.po
2021-10-06 20:51:36 +02:00
097a42bb7b web/admin: fix description for flow import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 20:50:43 +02:00
26f1f47cc1 Revert "build(deps): bump python from 3.9-slim-buster to 3.10.0-slim-buster (#1546)"
This reverts commit 471f9c6d05.
2021-10-06 09:55:44 +02:00
471f9c6d05 build(deps): bump python from 3.9-slim-buster to 3.10.0-slim-buster (#1546)
Bumps python from 3.9-slim-buster to 3.10.0-slim-buster.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-06 09:35:01 +02:00
d4e1b95991 root: fix syntax error in dockerfile healthcheck
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 09:18:24 +02:00
67d13f19a1 root: fix syntax error in dockerfile healthcheck
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 09:18:01 +02:00
1b7c19cf50 build(deps): bump eslint-plugin-lit from 1.5.1 to 1.6.0 in /web (#1547) 2021-10-06 08:29:03 +02:00
b012ae600d build(deps): bump boto3 from 1.18.54 to 1.18.55 (#1548) 2021-10-06 08:28:33 +02:00
1838101d60 build(deps): bump goauthentik.io/api from 0.202195.4 to 0.202196.1 (#1549) 2021-10-06 08:28:23 +02:00
929add4e9c build(deps): bump django from 3.2.7 to 3.2.8 (#1550) 2021-10-06 08:28:15 +02:00
18edaea658 website/docs: fix header of release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 00:08:03 +02:00
8030e45d75 web: Update Web API Client version (#1545)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-06 00:07:00 +02:00
d75c63d38b Merge branch 'version-2021.9'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/fr_FR.po
2021-10-06 00:04:09 +02:00
52889ffea1 website/docs: add 2021.9.6 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 00:03:29 +02:00
2b730dec54 release: 2021.9.6 2021-10-05 22:22:54 +02:00
2aacb311bc internal: add internal healthchecking to prevent websocket errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 22:22:38 +02:00
40055ef01b cmd: prevent outposts from panicking when failing to get their config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 22:22:38 +02:00
6c603cdf80 internal: add internal healthchecking to prevent websocket errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 22:21:14 +02:00
5f4a1417b2 cmd: prevent outposts from panicking when failing to get their config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 22:19:05 +02:00
75608dce5c web: add locale detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/interfaces/locale.ts
2021-10-05 21:22:08 +02:00
b0f7083879 lifecycle: fix syntax error in ak wrapper
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 21:04:01 +02:00
e8420957b1 lifecycle: fix syntax error in ak wrapper
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 21:03:54 +02:00
62bf79ce32 root: add docker-native healthcheck for web and celery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:45:38 +02:00
7a16c9cb14 root: remove redundant internal network from compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:45:38 +02:00
d29d161ac6 admin: clear update notification when notification's version matches current version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:45:38 +02:00
aee58c8d53 root: add docker-native healthcheck for web and celery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:45:18 +02:00
c47ab4f1fc root: remove redundant internal network from compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:39:27 +02:00
fa6df84de2 admin: clear update notification when notification's version matches current version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:36:38 +02:00
1faa403fe2 root: update security
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 20:08:26 +02:00
653631ac77 Translate /web/src/locales/en.po in fr_FR (#1536)
translation completed for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
#	web/src/locales/fr_FR.po
2021-10-05 16:24:48 +02:00
cde303e780 web: fix strings not being translated at all when matching browser locale not found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/interfaces/locale.ts
2021-10-05 16:24:31 +02:00
7f5feb9451 web: fix strings not being translated at all when matching browser locale not found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 16:23:40 +02:00
b85aeae5ef web: ensure fallback locale is loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 14:53:02 +02:00
aa359a032c build(deps): bump goauthentik.io/api from 0.202195.3 to 0.202195.4 (#1544)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202195.3 to 0.202195.4.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202195.3...v0.202195.4)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-05 13:49:15 +02:00
6491065aab web: Update Web API Client version (#1543)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-05 13:49:15 +02:00
79eec5a3a0 core: include group uuids in self serializer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:49:14 +02:00
cd5e091937 build(deps): bump goauthentik.io/api from 0.202195.1 to 0.202195.3 (#1542)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202195.1 to 0.202195.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202195.1...v0.202195.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
#	go.mod
#	go.sum
2021-10-05 13:49:11 +02:00
7ed8952803 web: Update Web API Client version (#1540)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-05 13:48:53 +02:00
c1f302fb7c core: only return group names for user_self
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:48:53 +02:00
cb31e52d0e web/flows: adjust message for email stage
closes #1538

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/fr_FR.po
2021-10-05 13:48:51 +02:00
782764ac73 api: ensure viewsets have default ordering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:48:42 +02:00
d0c56325ef web/elements: fix model form always loading when viewport check is disabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:48:42 +02:00
73d57d6f82 core: make user's name field fully options
closes #1537

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:48:42 +02:00
2716a26887 web: Update Web API Client version (#1539)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
#	web/package-lock.json
#	web/package.json
2021-10-05 13:48:23 +02:00
0452537e8b web/admin: only show outpost deployment info when not embedded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:47:55 +02:00
d1a1bfbbc5 web/user: don't show managed tokens in user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:47:49 +02:00
a69fcbca9a web: fix rendering of token copy button in dark mode
closes #1528

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/fr_FR.po
2021-10-05 13:47:29 +02:00
1ac4dacc3b outposts: fix error when comparing ports in docker controller when port mapping is disabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:47:15 +02:00
b72b731320 build(deps): bump goauthentik.io/api from 0.202195.3 to 0.202195.4 (#1544)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202195.3 to 0.202195.4.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202195.3...v0.202195.4)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-05 13:19:20 +02:00
65de4b8cad web: Update Web API Client version (#1543)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-05 13:12:42 +02:00
9e7e22367b core: include group uuids in self serializer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 13:10:44 +02:00
9301b27e43 build(deps): bump goauthentik.io/api from 0.202195.1 to 0.202195.3 (#1542)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202195.1 to 0.202195.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202195.1...v0.202195.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-05 13:00:06 +02:00
7b415a24ee web: Update Web API Client version (#1540)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-05 12:33:50 +02:00
f5761dc70d core: only return group names for user_self
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 12:31:25 +02:00
4f57dfda93 web/flows: adjust message for email stage
closes #1538

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:28:11 +02:00
16380b3f7a api: ensure viewsets have default ordering
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:26:41 +02:00
b0e416e9f0 web/elements: fix model form always loading when viewport check is disabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:23:45 +02:00
16f2603130 core: make user's name field fully options
closes #1537

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:23:27 +02:00
e742494f3d web: Update Web API Client version (#1539)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-05 11:14:04 +02:00
5fdca722f4 web/admin: only show outpost deployment info when not embedded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:11:44 +02:00
847cfed73f web/user: don't show managed tokens in user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:11:34 +02:00
19247accd9 web: fix rendering of token copy button in dark mode
closes #1528

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:11:13 +02:00
05b587ae44 outposts: fix error when comparing ports in docker controller when port mapping is disabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 10:44:07 +02:00
a515afae0b recovery: handle error when user doesn't exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 10:40:59 +02:00
8da00585e3 Translate /web/src/locales/en.po in fr_FR (#1536)
translation completed for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-10-05 10:30:01 +02:00
b70a72f247 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1529) 2021-10-05 07:19:47 +02:00
11160b6e04 build(deps): bump postcss from 8.3.8 to 8.3.9 in /website (#1530) 2021-10-05 07:18:40 +02:00
55259adf38 build(deps): bump construct-style-sheets-polyfill in /web (#1531) 2021-10-05 07:18:28 +02:00
3f308ad48c build(deps): bump @typescript-eslint/parser in /web (#1532) 2021-10-05 07:18:20 +02:00
ee6fd6f609 build(deps): bump react-before-after-slider-component in /website (#1533) 2021-10-05 07:17:38 +02:00
d53d0c353f build(deps): bump goauthentik.io/api from 0.202194.1 to 0.202195.1 (#1534) 2021-10-05 07:17:25 +02:00
1360b76d1b build(deps): bump boto3 from 1.18.53 to 1.18.54 (#1535) 2021-10-05 07:17:13 +02:00
e22a286a6f lifecycle: only lock database when system migrations need to be applied, and during django migrations, and don't double unlock
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 23:14:16 +02:00
62c0f69541 web: Update Web API Client version (#1527)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-04 22:07:00 +02:00
1c340ddbbd Merge branch 'version-2021.9'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/package-lock.json
#	web/package.json
2021-10-04 22:02:56 +02:00
bcf7e162a4 release: 2021.9.5 2021-10-04 20:08:46 +02:00
62af5b2dd3 website/docs: add 2021.9.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 19:33:11 +02:00
f44956bd61 web: Update Web API Client version (#1526)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:52:27 +02:00
e0859686c4 web: Update Web API Client version (#1526)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-04 18:50:43 +02:00
cb37e5c10e stages/email: add activate_user_on_success flag, add for all example flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/fr_FR.po
2021-10-04 18:50:19 +02:00
73bb778d62 stages/user_login: add check for user.is_active and tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:50:00 +02:00
b612a82e16 outposts: don't always build permissions on outpost.user access, only in signals and tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:49:57 +02:00
83991c743e lifecycle: switch to h11 uvicorn worker for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:49:54 +02:00
09f43ca43b events: add missing migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:49:50 +02:00
1c91835a26 providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514)
Use the RDN instead of the FDN when establishing group memberships based on posixGroup's 'memberUid' attribute.

fixes #1436

Signed-off-by: Steven Armstrong <steven@armstrong.cc>
2021-10-04 18:49:45 +02:00
c032914092 web/admin: fix search group label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:49:42 +02:00
3634bf4629 tests/integration: fix tests failing due to incorrect comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:49:10 +02:00
0692663537 stages/email: add activate_user_on_success flag, add for all example flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:47:51 +02:00
b5649bdcc4 stages/user_login: add check for user.is_active and tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:37:05 +02:00
418e491799 Revert "build(deps): bump construct-style-sheets-polyfill in /web (#1516)"
This reverts commit 0c6237d8c4.
2021-10-04 18:22:21 +02:00
fab9a10487 outposts: don't always build permissions on outpost.user access, only in signals and tasks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:04:19 +02:00
9778050dda lifecycle: switch to h11 uvicorn worker for now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:03:08 +02:00
9ac808ee98 website/docs: add missing pipenv instructions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 17:54:06 +02:00
0f00b27384 events: add missing migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 17:51:31 +02:00
ab5981836d providers/ldap: use RDN when using posixGroup's memberUid attribute (#1514)
Use the RDN instead of the FDN when establishing group memberships based on posixGroup's 'memberUid' attribute.

fixes #1436

Signed-off-by: Steven Armstrong <steven@armstrong.cc>
2021-10-04 10:56:06 +02:00
a4418a83f8 web/admin: fix search group label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 09:41:16 +02:00
36b23c4624 root: coverage with toml support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 09:17:31 +02:00
0c6237d8c4 build(deps): bump construct-style-sheets-polyfill in /web (#1516)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.17 to 3.0.3.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/main/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/commits/v3.0.3)

---
updated-dependencies:
- dependency-name: construct-style-sheets-polyfill
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 09:11:55 +02:00
e546453250 build(deps): bump react-before-after-slider-component in /website (#1517) 2021-10-04 08:33:28 +02:00
5b35d71bb3 build(deps): bump rollup from 2.57.0 to 2.58.0 in /web (#1518) 2021-10-04 08:33:03 +02:00
cddff85e1c build(deps): bump @types/codemirror from 5.60.3 to 5.60.4 in /web (#1519) 2021-10-04 08:32:34 +02:00
c65c6a62cc build(deps): bump boto3 from 1.18.52 to 1.18.53 (#1520) 2021-10-04 08:32:24 +02:00
1bc51adcac build(deps): bump goauthentik.io/api from 0.202193.3 to 0.202194.1 (#1522) 2021-10-04 08:32:11 +02:00
c523b799be build(deps-dev): bump coverage from 5.5 to 6.0 (#1524) 2021-10-04 08:32:00 +02:00
9d0d779f40 build(deps): bump drf-spectacular from 0.19.0 to 0.20.1 (#1523) 2021-10-04 08:31:17 +02:00
8a791c4eac tests/e2e: fallback to gh-master if outpost docker image cannot be found for PR
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 23:12:11 +02:00
036a4e86e2 tests/integration: fix tests failing due to incorrect comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 22:54:07 +02:00
4715e7bf04 website/docs: fix description for docker outpost settings (#1513)
Changed the first "Kubernetes outpost specific settings" to Docker
2021-10-03 19:43:56 +02:00
45f99fbaf0 outposts: fix circular import in kubernetes controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:25:26 +02:00
83150d9920 outposts: fix circular import in kubernetes controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:25:18 +02:00
e31a3307b5 providers/proxy: always check ingress secret in kubernetes controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:14:42 +02:00
d28fcca344 outposts: check ports of deployment in kubernetes outpost controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:14:42 +02:00
c296e1214c web: fix package lock
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:14:37 +02:00
d30dcda814 providers/proxy: always check ingress secret in kubernetes controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:14:27 +02:00
c720c9f41b outposts: check ports of deployment in kubernetes outpost controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 19:09:52 +02:00
62cfb76b39 website/docs: fix order of steps on bookstack integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:46:47 +02:00
d676cf6e3f outposts/proxy: show full error message when user is authenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:20:44 +02:00
39d87841d0 outposts/proxy: add new headers with unified naming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:20:44 +02:00
fcd879034c outpost/proxy: fix missing negation for internal host ssl verification
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:20:44 +02:00
b285814e24 sources/ldap: fix logic error in Active Directory account disabled status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:19:07 +02:00
1c52836060 web: fix package lock
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 01:17:41 +02:00
f3cc1be0f2 Translate /web/src/locales/en.po in fr_FR (#1509)
translation completed updated for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-10-03 00:32:17 +02:00
8dd77793a0 sources/ldap: fix logic error in Active Directory account disabled status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 00:30:35 +02:00
f6e8dbfb5e outposts/proxy: show full error message when user is authenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-02 22:00:37 +02:00
3c1ac4c7ec outposts/proxy: add new headers with unified naming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-02 22:00:23 +02:00
52bbf454e3 outpost/proxy: fix missing negation for internal host ssl verification
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-02 21:17:15 +02:00
1252c6b07d web: add locale detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-01 14:11:54 +02:00
3493d35af9 web: Translate /web/src/locales/en.po in fr_FR (#1506)
translated updated for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-01 14:02:18 +02:00
f8e4ffbc85 web: Update Web API Client version (#1505)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-10-01 12:24:12 +02:00
faca127217 Merge branch 'version-2021.9'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
2021-10-01 12:19:11 +02:00
f88575cec4 website/docs: prepare 2021.9.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-01 10:09:54 +02:00
1a6ea72c09 release: 2021.9.4 2021-10-01 09:51:51 +02:00
b4eac771c2 build(deps): bump boto3 from 1.18.51 to 1.18.52 (#1503) 2021-10-01 08:49:09 +02:00
84e4ec4406 build(deps): bump channels-redis from 3.3.0 to 3.3.1 (#1504) 2021-10-01 08:48:59 +02:00
c251b87f8c sources/ldap: add support for Active Directory userAccountControl attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 19:34:43 +02:00
21a9aa229a sources/ldap: don't sync ldap source when no property mappings are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 19:34:43 +02:00
5f6565ee27 web/admin: fix LDAP Source form not exposing syncParentGroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 19:34:43 +02:00
afad55a357 build(deps): bump sentry-sdk from 1.4.2 to 1.4.3 (#1502) 2021-09-30 19:34:43 +02:00
f25d76fa43 build(deps): bump sentry-sdk from 1.4.1 to 1.4.2 (#1488) 2021-09-30 19:34:42 +02:00
53e15bfbca sources/ldap: add support for Active Directory userAccountControl attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 19:13:48 +02:00
8bce16e6b4 sources/ldap: don't sync ldap source when no property mappings are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 18:49:18 +02:00
e9bb8c896b web/admin: fix LDAP Source form not exposing syncParentGroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 18:10:56 +02:00
de5455716d build(deps): bump codemirror from 5.63.0 to 5.63.1 in /web (#1500) 2021-09-30 08:40:57 +02:00
1d879400f2 build(deps): bump boto3 from 1.18.49 to 1.18.51 (#1501) 2021-09-30 08:40:48 +02:00
5136ae17f5 build(deps): bump sentry-sdk from 1.4.2 to 1.4.3 (#1502) 2021-09-30 08:40:38 +02:00
10b45d954e outposts: allow disabling of docker controller port mapping
closes #1474

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 00:11:50 +02:00
339eaf37f2 web/elements: use dedicated button for search clear instead of webkit exclusive one
closes #1499

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 00:11:50 +02:00
f723fdd551 web/elements: fix initialLoad not being done when viewportCheck was disabled
closes #1497

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 00:11:50 +02:00
4cb8ae760a outposts: allow disabling of docker controller port mapping
closes #1474

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 23:55:22 +02:00
e4898f4b92 web/elements: use dedicated button for search clear instead of webkit exclusive one
closes #1499

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 21:47:38 +02:00
a2f3c54c2a website/docs: use full paths for forward_auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 21:36:57 +02:00
c0a0b52fbb web/elements: fix initialLoad not being done when viewportCheck was disabled
closes #1497

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 21:36:44 +02:00
8359f0bfb3 web: fix linting again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 10:20:40 +02:00
ee610a906a web: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 10:07:04 +02:00
828eeb5ebb root: Use fully qualified names for docker bases base images. (#1490)
Signed-off-by: Steven Armstrong <steven@armstrong.cc>
2021-09-29 10:04:27 +02:00
c9c177d8f9 web/admin: don't require username nor name for activate/deactivate toggles
closes #1491

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 10:02:06 +02:00
c19afa4f16 outposts/proxy: fix duplicate protocol in domain auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 10:02:01 +02:00
cfd4817bb5 root: Use fully qualified names for docker bases base images. (#1490)
Signed-off-by: Steven Armstrong <steven@armstrong.cc>
2021-09-29 09:52:07 +02:00
94ae52b576 web/admin: don't require username nor name for activate/deactivate toggles
closes #1491

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 09:42:59 +02:00
be479f2453 build(deps): bump @lingui/core from 3.11.1 to 3.12.1 in /web (#1493) 2021-09-29 09:10:30 +02:00
c5d066577d build(deps): bump @lingui/macro from 3.11.1 to 3.12.1 in /web (#1492) 2021-09-29 08:42:45 +02:00
9ec6eaf4b8 build(deps): bump @lingui/cli from 3.11.1 to 3.12.1 in /web (#1494) 2021-09-29 08:34:38 +02:00
b057120351 build(deps): bump goauthentik.io/api from 0.202193.1 to 0.202193.3 (#1495) 2021-09-29 08:34:27 +02:00
b8082598a1 web: fix linting again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:49:22 +02:00
1b5a163f46 web: Update Web API Client version (#1489)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-28 09:40:54 +02:00
1f2f48a7bc web: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:39:21 +02:00
f9ad102915 flows: inspector (#1469)
* flows: add initial inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: change naming a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flow: add inspector frame

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: don't use shadydom when inspecting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add current stage to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/*: fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: deep-copy plan instead of just adding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: restrict inspector to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add buttons to launch flow with inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: don't automatically follow redirects when inspector is open

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make current_plan optional, only require historry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: handle error messages in inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve UI when flow is done

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add is_completed flag to inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix monkeypatches for tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add inspector tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: re-enable cache

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:36:48 +02:00
ea4b920264 build(deps): bump @typescript-eslint/parser in /web (#1484) 2021-09-28 09:08:39 +02:00
7d8390ca77 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1485) 2021-09-28 08:32:35 +02:00
7ae551da65 build(deps): bump boto3 from 1.18.48 to 1.18.49 (#1486) 2021-09-28 08:32:25 +02:00
51b26c2ac7 build(deps): bump goauthentik.io/api from 0.202192.5 to 0.202193.1 (#1487) 2021-09-28 08:32:10 +02:00
e4a5f22f9b build(deps): bump sentry-sdk from 1.4.1 to 1.4.2 (#1488) 2021-09-28 08:31:57 +02:00
2462d58135 outposts/proxy: fix duplicate protocol in domain auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 20:49:00 +02:00
44534153a0 website/docs: fix hardcoded name in service-account yaml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 20:18:12 +02:00
facfea035b web: Update Web API Client version (#1483) 2021-09-27 18:52:42 +02:00
941bc61b31 release: 2021.9.3 2021-09-27 17:31:50 +02:00
282b364606 stages/prompt: fix inconsistent policy context for validation policies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 17:05:26 +02:00
ad4bc4083d website/docs: update dev docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 16:04:41 +02:00
ebe282eb1a web/admin: fix user_write form not writing group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 10:12:45 +02:00
830c26ca25 tests/e2e: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-27 09:52:47 +02:00
ed3b4a3d4a build(deps): bump rapidoc from 9.1.2 to 9.1.3 in /website (#1478)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.1.2 to 9.1.3.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/v9.1.2...v9.1.3)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-27 09:24:43 +02:00
975c4ddc04 build(deps): bump postcss from 8.3.7 to 8.3.8 in /website (#1479)
Bumps [postcss](https://github.com/postcss/postcss) from 8.3.7 to 8.3.8.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.3.7...8.3.8)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-27 09:22:49 +02:00
7e2896298a build(deps): bump rapidoc from 9.1.2 to 9.1.3 in /web (#1480)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.1.2 to 9.1.3.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/v9.1.2...v9.1.3)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-27 09:22:31 +02:00
cba9cf8361 build(deps): bump actions/github-script from 4.1 to 5 (#1481)
Bumps [actions/github-script](https://github.com/actions/github-script) from 4.1 to 5.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v4.1...v5)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-27 09:22:21 +02:00
bf12580f64 build(deps): bump pycryptodome from 3.10.3 to 3.10.4 (#1482)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.10.3 to 3.10.4.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/commits/v3.10.4)

---
updated-dependencies:
- dependency-name: pycryptodome
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-27 09:22:03 +02:00
75ef4ce596 tests/e2e: add new ldap object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:57:42 +02:00
c2f3ce11b0 outposts/ldap: fix potential panic when converting attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:52:25 +02:00
3c256fecc6 outposts/ldap: add groupofuniquenames
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:49:11 +02:00
0285b84133 outposts/ldap: add query support for all supported object classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:42:26 +02:00
99a371a02c web/elements: fix token copy button not working on chrome...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:34:28 +02:00
c7e6eb8896 outposts/ldap: add support for base scope and domain info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:01:22 +02:00
674bd9e05c web/admin: Fix typo 'username address' -> 'username' (#1473) 2021-09-26 12:53:37 +02:00
b79901df87 website/docs: prepare 2021.9.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 12:03:10 +02:00
b248f450dd outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
closes #1471

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 12:00:51 +02:00
05db9e5c40 web/admin: handle error correctly when creating user recovery link
closes #1472

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 11:49:40 +02:00
234a5e2b66 outposts: fix outposts not correctly updating central state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 11:40:21 +02:00
aea1736f70 outposts/proxy: Fix failing traefik healtcheck (#1470) 2021-09-26 11:33:18 +02:00
9f4a4449f5 outposts/proxy: ensure cookies only last as long as tokens
closes #1462

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 16:12:59 +02:00
b6b55e2336 build(deps): bump goauthentik.io/api from 0.202192.3 to 0.202192.5 (#1468)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202192.3 to 0.202192.5.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202192.3...v0.202192.5)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-25 16:06:10 +02:00
8f2805e05b web: Update Web API Client version (#1467)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-25 16:04:07 +02:00
4f3583cd7e providers/proxy: make token_validity float and optional for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 15:54:32 +02:00
617e90dca3 web: Update Web API Client version (#1465)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-25 15:48:05 +02:00
f7408626a8 providers/proxy: return token_validity as total seconds instead of expression
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 15:44:16 +02:00
4dcb15af46 build(deps): bump goauthentik.io/api from 0.202192.1 to 0.202192.3 (#1464)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202192.1 to 0.202192.3.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202192.1...v0.202192.3)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-25 15:11:08 +02:00
89beb7a9f7 web: Update Web API Client version (#1463)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-25 15:02:33 +02:00
28eeb4798e providers/proxy: add token_validity field for outpost configuration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1462
2021-09-25 15:00:06 +02:00
79b92e764e *: fix typos in code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 00:01:11 +02:00
919336a519 outposts: ensure service is always re-created with mismatching ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 23:45:15 +02:00
27e04589c1 outposts/proxyv2: fix routing not working correctly for domain auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 23:32:16 +02:00
ba44fbdac8 website/docs: fix typos and grammar (#1459) 2021-09-24 15:37:54 +02:00
0e093a8917 web: Update Web API Client version (#1458) 2021-09-24 12:23:14 +02:00
d0bfb99859 web/elements: improve error handling on forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 12:19:56 +02:00
93bdea3769 core: fix api return code for user self-update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 11:51:03 +02:00
e681654af7 web/admin: add notice for recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 11:50:52 +02:00
cab7593dca web/user: fix brand not being shown in safari
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 11:50:46 +02:00
cf92f9aefc web/elements: fix token copy error in safari
closes #1219

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 10:44:28 +02:00
8d72b3498d internal: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 10:44:28 +02:00
42ab858c50 build(deps): bump goauthentik.io/api from 0.202191.4 to 0.202192.1 (#1455)
Bumps [goauthentik.io/api](https://github.com/goauthentik/client-go) from 0.202191.4 to 0.202192.1.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v0.202191.4...v0.202192.1)

---
updated-dependencies:
- dependency-name: goauthentik.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-24 09:34:10 +02:00
a1abae9ab1 build(deps): bump boto3 from 1.18.46 to 1.18.47 (#1456)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.46 to 1.18.47.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.46...1.18.47)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-24 09:34:01 +02:00
8f36b49061 web/user: search apps when user typed before apps have loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 16:34:11 +02:00
64b4e851ce events: add additional validation for event transport
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 16:29:58 +02:00
40a62ac1e5 web/admin: fix Transport Form not loading mode correctly on edit
closes #1453

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 16:16:38 +02:00
5df60e4d87 web/admin: fix NotificationWebhookMapping not loading correctly
closes #1452

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 16:13:58 +02:00
50ebc8522d web: Update Web API Client version (#1454)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-23 14:21:49 +02:00
eddca478dc release: 2021.9.2 2021-09-23 12:34:02 +02:00
99a7fca08e website/docs: prepare 2021.9.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 12:33:42 +02:00
a7e3602908 web: fix import order of polyfills causing shadydom to not work on firefox and safari
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 10:16:49 +02:00
74169860cf api: add logging to sentry proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 09:57:42 +02:00
52bb774f73 internal: add asset paths for user interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 09:57:24 +02:00
f26fcaf825 website/docs: add warning for example flows (#1444) 2021-09-23 08:34:40 +02:00
b8e92e2f11 build(deps): bump postcss from 8.3.6 to 8.3.7 in /website (#1445) 2021-09-23 08:33:27 +02:00
08adfc94d6 build(deps): bump rollup from 2.56.3 to 2.57.0 in /web (#1446) 2021-09-23 08:33:18 +02:00
236fafb735 build(deps): bump boto3 from 1.18.45 to 1.18.46 (#1447) 2021-09-23 08:33:10 +02:00
5ad9ddee3c build(deps): bump goauthentik.io/api from 0.202191.3 to 0.202191.4 (#1449) 2021-09-23 08:33:01 +02:00
24d220ff49 build(deps): bump urllib3 from 1.26.6 to 1.26.7 (#1448) 2021-09-23 08:32:53 +02:00
3364c195b7 build(deps): bump sentry-sdk from 1.4.0 to 1.4.1 (#1450) 2021-09-23 08:32:43 +02:00
50aa87d141 web/user: enable sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 22:35:52 +02:00
72b375023d web: Update Web API Client version (#1443)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-22 20:53:25 +02:00
77ba186818 website/docs: add notice for guacamole token length
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 20:02:30 +02:00
2fe6de0505 release: 2021.9.1 2021-09-22 19:11:20 +02:00
bf9e969b53 website/docs: prepare 2021.9.1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 18:58:52 +02:00
184f119b16 website: set use_global_settings to true for example flows with email stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 18:52:55 +02:00
ebc06f1abe outposts/ldap: fix logic error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 13:19:50 +02:00
0f8880ab0a outposts: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 13:14:28 +02:00
ee56da5092 build(deps): bump @sentry/tracing from 6.13.1 to 6.13.2 in /web (#1438) 2021-09-22 07:32:40 +02:00
2152004502 build(deps): bump @types/codemirror from 5.60.2 to 5.60.3 in /web (#1437) 2021-09-22 07:30:35 +02:00
45d0b80d02 build(deps): bump @sentry/browser from 6.13.1 to 6.13.2 in /web (#1439) 2021-09-22 07:30:27 +02:00
96065eb942 build(deps): bump boto3 from 1.18.44 to 1.18.45 (#1441) 2021-09-22 07:30:01 +02:00
ac944fee8b build(deps): bump drf-spectacular from 0.18.2 to 0.19.0 (#1442) 2021-09-22 07:29:52 +02:00
1d0e5fc353 build(deps): bump sentry-sdk from 1.3.1 to 1.4.0 (#1440) 2021-09-22 07:28:48 +02:00
1f97420207 outposts/ldap: allow custom attributes to shadow built-in attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 21:59:39 +02:00
ae07f13a87 outposts: don't map port 9300 on docker, only expose port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 21:40:08 +02:00
0aec504170 website/docs: add ssl port for ldap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 15:44:05 +02:00
3b4c9bcc57 root: use tagged go client version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 15:42:07 +02:00
5182a6741e root: format pyproject
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 13:32:28 +02:00
da7635ae5c web: sort imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 11:33:51 +02:00
a92a0fb60a web: migrate to lit 2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 11:19:26 +02:00
cb10c1753b build(deps): bump lit-html from 1.4.1 to 2.0.0 in /web (#1427) 2021-09-21 08:35:36 +02:00
ae654bd4c8 build(deps): bump lit-element from 2.5.1 to 3.0.0 in /web (#1433) 2021-09-21 08:32:15 +02:00
28192655ec build(deps): bump @typescript-eslint/eslint-plugin in /web (#1426) 2021-09-21 08:32:00 +02:00
9582294eb8 build(deps): bump @sentry/tracing from 6.12.0 to 6.13.1 in /web (#1428) 2021-09-21 08:31:48 +02:00
0172430d7d build(deps): bump @patternfly/patternfly from 4.132.2 to 4.135.2 in /web (#1429) 2021-09-21 08:30:44 +02:00
1454b65933 build(deps): bump @typescript-eslint/parser in /web (#1430) 2021-09-21 08:30:36 +02:00
432a7792e2 build(deps): bump @sentry/browser from 6.12.0 to 6.13.1 in /web (#1431) 2021-09-21 08:30:28 +02:00
54069618b4 build(deps): bump codemirror from 5.62.3 to 5.63.0 in /web (#1432) 2021-09-21 08:30:20 +02:00
81feb313df build(deps): bump geoip2 from 4.2.0 to 4.3.0 (#1434) 2021-09-21 08:29:33 +02:00
e6b275add3 stages/invitation: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 20:41:05 +02:00
27016a5527 stages/invitation: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 20:30:51 +02:00
4c29d517f0 stages/email: use different query arguments for email and invitation tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:55:53 +02:00
180d27cc37 outposts: don't restart container when health checks are starting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:46:05 +02:00
5a8b356dc7 web: fix css for dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:38:25 +02:00
3195640776 stages/email: slugify token identifier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:26:25 +02:00
f463296d47 web: Update Web API Client version (#1421)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-20 19:22:46 +02:00
adf4b23c01 website/docs: add /akprox for nginx auth_request (#1420) 2021-09-20 19:21:30 +02:00
d900a2b6a9 *: fix lookup_fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:19:36 +02:00
95a2fddfa8 policies/expression: add ak_user_has_authenticator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:13:41 +02:00
8f7d21b692 stages/email: don't throw 404 when token can't be found
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 19:01:25 +02:00
3f84abec2f core: fix token identifier not being slugified when created with user-controller input
closes #1390

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 13:43:25 +02:00
b5c857aff4 api: add explicit lookup_value_regex, disable include_format_suffixes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 13:42:56 +02:00
f8dee09107 web/user: allow customisable background colour
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 12:49:17 +02:00
84a800583c web/user: make search configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-20 12:15:53 +02:00
88de94f014 build(deps): bump rapidoc from 9.1.0 to 9.1.2 in /website (#1418)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.1.0 to 9.1.2.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/v9.1.0...v9.1.2)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-20 11:50:38 +02:00
25549ec339 build(deps): bump rapidoc from 9.1.0 to 9.1.2 in /web (#1419)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.1.0 to 9.1.2.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/v9.1.0...v9.1.2)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-20 11:50:27 +02:00
fe4923bff6 build(deps): bump boto3 from 1.18.43 to 1.18.44 (#1417)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.43 to 1.18.44.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.43...1.18.44)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-20 09:09:22 +02:00
bb1a0b6bd2 web: Update Web API Client version (#1416)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-19 22:32:38 +02:00
879b5ead71 web: fix notification badge not refreshing after clearing notifications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 21:58:59 +02:00
1670ec9167 website/docs: update 2021.9.1-rc3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 21:55:21 +02:00
ac52667327 release: 2021.9.1-rc3 2021-09-19 21:52:49 +02:00
0d7c5c2108 web/user: fix edit button for applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 21:10:57 +02:00
73e3d19384 web/user: add auto-focus search for applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 21:07:18 +02:00
f6e0f0282d core: fix tokens not being viewable but superusers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 16:11:20 +02:00
3f42067a8f web: improve display of action buttons with non-primary classes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 15:57:12 +02:00
ed6f5b98df sources/ldap: improve messages of sync tasks in UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 15:54:22 +02:00
dd290e264c web/admin: trigger refresh after syncing ldap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 15:34:44 +02:00
c85484fc00 core: allow admins to create tokens with all parameters, re-add user to token form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 15:25:48 +02:00
663dffd8be web/admin: fix error in firefox when creating token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 00:28:40 +02:00
c15d0c3d17 web: fix text colour in delete form in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 00:14:50 +02:00
bf09a54f35 web/user: optimise load, fix unread status for notifications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-18 18:16:31 +02:00
930dd51663 web: fix datetime-local fields throwing errors on firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-18 15:31:48 +02:00
12a523c7aa website: remove sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-18 14:33:53 +02:00
ea9a6d57dd build(deps): bump rapidoc from 9.0.0 to 9.1.0 in /website (#1414)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/9.0.0...v9.1.0)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-18 11:23:54 +02:00
91958e1232 build(deps): bump rapidoc from 9.0.0 to 9.1.0 in /web (#1415)
Bumps [rapidoc](https://github.com/mrin9/RapiDoc) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/mrin9/RapiDoc/releases)
- [Commits](https://github.com/mrin9/RapiDoc/compare/9.0.0...v9.1.0)

---
updated-dependencies:
- dependency-name: rapidoc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-18 11:23:44 +02:00
8925afb089 web/admin: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 16:54:48 +02:00
ccafe7be4f website/docs: update 2021.9 changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 16:49:36 +02:00
8279690a8f sources/ldap: prevent error when retrying old system task with no arguments
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 16:49:26 +02:00
763d3ae76a web/admin: fix ldap sync status for new API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 16:46:18 +02:00
b775e7f4d3 web: Update Web API Client version (#1412)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-17 12:45:16 +02:00
3d8d93ece5 root: log failed celery tasks to event log
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 12:42:42 +02:00
06af306e8a sources/ldap: bump timeout, run each sync component in its own task
closes #1411

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 12:42:20 +02:00
9257f3c919 web/user: add missing stop impersonation button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 10:04:47 +02:00
2fe7f4cf04 web/user: fix final redirect after stage setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 09:53:14 +02:00
04399bc8bb web/admin: fix settings link on user avatar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 09:53:04 +02:00
fcbcfbc3c0 website/docs: Minor LDAP and NGINX Documentation Updates (#1406)
* update LDAP documentation

* include domain level nginx forward auth example

* wrap in banner

* update placeholder
2021-09-17 09:47:27 +02:00
3e4ce62dfe build(deps-dev): bump pylint from 2.10.2 to 2.11.1 (#1409)
* build(deps-dev): bump pylint from 2.10.2 to 2.11.1

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.10.2 to 2.11.1.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.10.2...v2.11.1)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* root: update pylint config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 09:46:39 +02:00
d8292151e6 build(deps-dev): bump prettier from 2.4.0 to 2.4.1 in /website (#1407) 2021-09-17 09:17:20 +02:00
3d01a59b34 build(deps): bump prettier from 2.4.0 to 2.4.1 in /web (#1408) 2021-09-17 09:17:12 +02:00
5df15c4105 build(deps): bump boto3 from 1.18.42 to 1.18.43 (#1410) 2021-09-17 09:16:43 +02:00
75d695105d web: Update Web API Client version (#1405)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-16 23:44:53 +02:00
28189bdddf release: 2021.9.1-rc2 2021-09-16 23:23:36 +02:00
f6885c7cf8 website: update screenshots
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 23:20:05 +02:00
2c43f0824e tests/e2e: fix e2e tests for new URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 22:48:34 +02:00
13e2eea72f web/user: new end-user interface (#1404)
* web/user: migrate to top navbar

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: prepare config from server

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* re-sort

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove old interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update issue template

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use notification badge

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: re-add go-to-admin button

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix remaining redirects directly to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make settings better

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: ensure sources and stages are sorted

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add sessions and consent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/oauth2: add post wrapper to stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add new interface to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 22:17:05 +02:00
9441be1ee2 interface split (#943) 2021-09-16 17:30:16 +02:00
d7ab2a362a ci: bump cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 13:46:11 +02:00
e920be3a72 ci: add versioning to cache keys
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 12:31:29 +02:00
f771383c4b cmd: fix outpost metrics not being set in embedded mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 12:09:12 +02:00
65c75f085a website/docs: add 2021.9.1-rc2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 11:06:03 +02:00
17503365f7 policies: improve error handling when using bindings without policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 11:04:31 +02:00
ebf9f0ca63 stages/email: don't crash when testing stage does not exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 11:04:08 +02:00
ae26d2756f providers/saml: improved error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:58:51 +02:00
124071f9be root: remove python requirement from pipfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:37:43 +02:00
471f7d9c62 outposts: add consistent name and type to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:14:51 +02:00
a6a6b3bd06 outposts: add outpost_name label to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:04:17 +02:00
48ad3dccda outposts/proxy: remove deprecated rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 09:57:47 +02:00
341c58a722 core: fix token expiry for service accounts being only 30 minutes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 09:57:34 +02:00
9b04f2da48 website/docs: add notice for rancher cert
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 09:40:04 +02:00
f7a296544f web: Update Web API Client version (#1401)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-15 22:45:32 +02:00
78641a57ad web: update background image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 22:43:03 +02:00
a77ff5ffec website/docs: add 2021.9 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 22:37:39 +02:00
bdd5e16db1 release: 2021.9.1-rc1 2021-09-15 20:20:54 +02:00
d4672bfe79 events: log parsed query string instead of just full path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 20:15:04 +02:00
abd9fab41a api: fix call of sentry proxy task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 19:39:58 +02:00
7c8bf42ef9 api: send proxied sentry events in background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 19:12:20 +02:00
274b555912 api: add timeout for sentry proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 18:59:27 +02:00
916530f0d8 providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui
closes #1369

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 17:14:53 +02:00
95efd47f65 root: remove asgi error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 12:23:14 +02:00
90ecb1af7f outposts: fix service account's permissions being checked twice
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 09:55:27 +02:00
d7fdca1b44 stages/email: fix error when retrying email delivery after stage has been deleted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 09:50:11 +02:00
37346763dc sources/oauth: Updating token url to new google url (#1397)
the present url goes to a 404
google openid (https://accounts.google.com/.well-known/openid-configuration) says the new url is `https://oauth2.googleapis.com/token`

not using the new url makes authentik fallback on the default auth flow
2021-09-15 09:15:19 +02:00
c35fd2755f build(deps): bump boto3 from 1.18.41 to 1.18.42 (#1398) 2021-09-15 08:40:42 +02:00
281e3a0518 build(deps): bump django-otp from 1.1.0 to 1.1.1 (#1399) 2021-09-15 08:40:34 +02:00
6349cdad2f web: Update Web API Client version (#1396)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-14 21:50:32 +02:00
ef341dd405 stages/user_write: add option to add newly created users to a group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 21:45:34 +02:00
198e5ce642 outpost: fix crash when common keys are not defined in config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 17:40:48 +02:00
923fbac5b0 website/docs: Fix docker-compose example (#1395)
`docker-compose exec` by default allocates a tty and does not support `-it`.

See https://docs.docker.com/compose/reference/exec/
2021-09-14 16:35:01 +02:00
5f28c7ace7 web: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 14:44:57 +02:00
d96c96006f web/admin: open URLs group when urls are customisable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 14:38:52 +02:00
3ddf2d6f85 sources/oauth: fix type lookup for openid not matching
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 14:38:35 +02:00
ba6849f29c *: remove string.format()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 12:06:47 +02:00
942170f902 Revert "sources/oauth: fix access_token being sent as query param and not authorization header"
This reverts commit 248f993541.
2021-09-14 11:59:32 +02:00
248f993541 sources/oauth: fix access_token being sent as query param and not authorization header
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 11:07:36 +02:00
56d40bddd0 web/admin: make token list more consistent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 10:04:15 +02:00
3a700a449a sources/oauth: don't try to load azure AD user ID as UUID
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 09:33:44 +02:00
a20f552bcf web/flows: fix alignment for duo authenticator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 09:23:10 +02:00
32331a56eb build(deps): bump django-otp from 1.0.6 to 1.1.0 (#1394)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.6 to 1.1.0.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.6...v1.1.0)

---
updated-dependencies:
- dependency-name: django-otp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-14 09:23:01 +02:00
d752b7e41c build(deps): bump @typescript-eslint/parser in /web (#1392) 2021-09-14 08:36:32 +02:00
0b4223c6ca build(deps): bump @typescript-eslint/eslint-plugin in /web (#1391) 2021-09-14 08:35:30 +02:00
a3ec5c13f0 build(deps): bump boto3 from 1.18.40 to 1.18.41 (#1393) 2021-09-14 08:35:05 +02:00
128b582dd6 website/docs: fix inconsistent version number
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 22:05:35 +02:00
e59ede5422 website/docs: fix ports for current outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 22:03:02 +02:00
6d08ba2513 root: update go api client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 18:36:12 +02:00
23444f4df0 core: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 18:19:28 +02:00
3338f7a401 website/docs: prepare 2021.9
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 18:18:14 +02:00
b126519275 web: Update Web API Client version (#1389)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-13 18:10:24 +02:00
71e68b498e core: optimise groups api by removing member superuser status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 18:06:37 +02:00
fb267ee223 tenants: optimise db queries in middleware
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 17:54:37 +02:00
8e59b06611 lifecycle: migrate to gunicorn instead of runserver
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 17:54:23 +02:00
a4b3519428 api: fix possible error in sentry proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 16:36:04 +02:00
4895fc3bbb build(deps): bump typescript from 4.4.2 to 4.4.3 in /web (#1387) 2021-09-13 08:39:24 +02:00
3daabd6fa8 build(deps): bump boto3 from 1.18.39 to 1.18.40 (#1388) 2021-09-13 08:38:58 +02:00
9fccb14065 Merge branch 'update-web-api-client'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/package-lock.json
#	web/package.json
2021-09-12 01:09:40 +02:00
12efe94fd1 web: Update Web API Client version
Signed-off-by: GitHub <noreply@github.com>
2021-09-11 23:07:32 +00:00
375ef27b9f web: Update Web API Client version
Signed-off-by: GitHub <noreply@github.com>
2021-09-12 01:06:28 +02:00
9a7fa39de4 events: allow setting a mapping for webhook transport to customise request payloads
closes #1383

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-12 01:05:42 +02:00
c779ad2e3b *: use common user agent for all outgoing requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-11 21:08:26 +02:00
7e7ef289ba admin: migrate to new update check, add option to disable update check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-11 20:35:23 +02:00
223d9ad414 outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-11 19:30:21 +02:00
948ea7b087 web: Update Web API Client version (#1382)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-11 19:24:18 +02:00
bf771f8b6c release: 2021.8.5 2021-09-11 19:20:13 +02:00
6dc8aa396c Update index.md (#1381) 2021-09-11 00:11:48 +02:00
92a48f9dc6 build(deps): bump sqlparse from 0.4.1 to 0.4.2 (#1380) 2021-09-10 20:32:47 +02:00
d0ad9fcb1f web: Update Web API Client version (#1379)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-10 18:19:29 +02:00
539e6deca5 root: use go api client from github (#1378)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 16:18:11 +00:00
df4c8003b8 api: fix items of list fields having nullable set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 18:15:59 +02:00
169e748a78 website: prepare go vanity URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 17:18:15 +02:00
39b365c6ae sources/oauth: don't cancel flow when redirecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 16:36:10 +02:00
9a79bab43d outposts/proxy: fix redirect URL error due to callback url not being joined correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 16:19:29 +02:00
e229eda96e outposts/controllers/kubernetes: don't create service monitor for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 15:59:39 +02:00
4448145aa9 providers/proxy: use auth/traefik subpath
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 13:53:04 +02:00
3d042e708a outposts/proxy: always redirect on forward_auth for traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 12:43:57 +02:00
2428d5f1c2 outpost: update global outpost config on refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 12:18:19 +02:00
f1dc2b4d2a web: Update Web API Client version (#1377)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-10 11:41:12 +02:00
7dfbcdbb81 stages/authenticator_duo: add API to "import" devices from duo
closes #1371

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 11:35:09 +02:00
5fd4f56fa2 build(deps-dev): bump prettier from 2.3.2 to 2.4.0 in /website (#1372) 2021-09-10 08:41:38 +02:00
b9d5ba6b0a build(deps): bump @babel/preset-env from 7.15.4 to 7.15.6 in /web (#1373) 2021-09-10 08:41:29 +02:00
2a4cb07ba8 build(deps): bump prettier from 2.3.2 to 2.4.0 in /web (#1374) 2021-09-10 08:41:20 +02:00
7939286176 build(deps): bump golang from 1.17.0 to 1.17.1 (#1375) 2021-09-10 08:41:10 +02:00
46ef49b897 build(deps): bump boto3 from 1.18.38 to 1.18.39 (#1376) 2021-09-10 08:40:58 +02:00
b923d85f6a web: allow duplicate messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 20:09:31 +02:00
2862b4ecfb core: remove ?v from static files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 20:09:12 +02:00
094acc62f0 web: ignore network error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 19:58:43 +02:00
13d17dc729 lib: fix default listening port for metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 16:40:39 +02:00
5cf3a13ca8 flows: fix invalid parameter in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 16:36:51 +02:00
d0898a3869 flows: ensure all StageViews accept post, add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 16:30:14 +02:00
7158c9d2ea core: metrics v2 (#1370)
* outposts: add ldap metrics, move ping to 9100

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add flow_executor metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use port 9300 for metrics, add core metrics port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/controllers/k8s: add service monitor creation support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:52:24 +02:00
c5cf17b60b lifecycle: fix worker startup error when docker socket's group is not called docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:24:35 +02:00
da58796768 providers/proxy: fix defaults for old proxy providers (load providers directly)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 13:54:24 +02:00
d98499a3fa providers/proxy: fix defaults for old proxy providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 13:26:36 +02:00
e5944567e8 outposts/proxy: fix url not being substituted for sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 11:00:58 +02:00
d296c12d01 outposts/proxy: fix redirect when using forward_auth mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 10:56:20 +02:00
4c3a9e69f2 outposts/proxy: fix securecookie: no codecs provided error with redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 10:23:46 +02:00
eb2540a3c8 build(deps): bump boto3 from 1.18.37 to 1.18.38 (#1367) 2021-09-09 08:20:41 +02:00
bf9a3615d9 build(deps): bump github.com/pires/go-proxyproto from 0.6.0 to 0.6.1 (#1368) 2021-09-09 08:20:22 +02:00
33fb22e3e7 ci: include build sha in docker tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 23:03:32 +02:00
f3ff398a44 providers/proxy: add metrics port to controllers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 23:01:22 +02:00
533eb59a04 outposts/controllers: re-create service when mismatched ports to prevent errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 23:00:53 +02:00
8ca29f6d49 Revert "outpost/proxy: set samesite none"
This reverts commit f7afb60c1f.
2021-09-08 22:56:24 +02:00
0a33d38adf outpost/proxy: fix prometheus errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 22:41:41 +02:00
f7afb60c1f outpost/proxy: set samesite none
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 22:06:44 +02:00
b9c605bf1a outpost/proxy: fix double slash when trailing slash in authentik_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 22:03:41 +02:00
2983adc719 outpost/proxyv2: fix redirect to localhost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 21:07:16 +02:00
502393ee56 outpost/proxyv2: allow port offset via yaml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 21:07:06 +02:00
121bba1d9f web: Update Web API Client version (#1366) 2021-09-08 20:23:01 +02:00
3c1b70c355 outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add rs256

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

more stuff

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add forward auth an sign_out

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

match cookie name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

re-add support for rs256 for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add error handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

ensure unique user-agent is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

set cookie duration based on id_token expiry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

build proxy v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add ssl

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add basic auth and custom header support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add application cert loading

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

implement whitelist

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add redis

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

migrate embedded outpost to v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

remove old proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

providers/proxy: make token expiration configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only allow one redirect URI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix docker build for proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove default port offset

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add AUTHENTIK_HOST_BROWSER

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix e2e/integration tests not using proper tags

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove references of old port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix user_attributes not being loaded correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
27508dd1f0 build(deps): bump @lingui/core from 3.10.4 to 3.11.1 in /web (#1363) 2021-09-08 08:38:00 +02:00
6d962dbdf3 build(deps): bump @lingui/macro from 3.10.2 to 3.11.1 in /web (#1362) 2021-09-08 08:36:56 +02:00
9194e6368a build(deps): bump @lingui/cli from 3.10.2 to 3.11.1 in /web (#1361) 2021-09-08 08:36:46 +02:00
917fb7d626 build(deps): bump boto3 from 1.18.36 to 1.18.37 (#1364) 2021-09-08 08:36:12 +02:00
3cf5794b96 web/admin: increase default expiry for refresh tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 00:12:18 +02:00
631b0a1819 outpost/proxy: improve error logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 23:33:48 +02:00
6662dcc4b0 Revert "web: replace deprecated dependencies"
This reverts commit 95db54b819.
2021-09-07 23:25:38 +02:00
95db54b819 web: replace deprecated dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 23:16:30 +02:00
bc7d5042df outpost/proxy: use common template for proxy error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 16:44:15 +02:00
de3e1c3dbc sources/oauth: fix FlowExecutor view call
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 11:39:03 +02:00
3c6aac5435 sources/oauth: prevent potentially confidential data from being logged
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 11:05:18 +02:00
eeb755ab7d root: show location header in logs when redirecting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 11:04:00 +02:00
70d0dd51a5 sources/oauth: cancel currently active flows before redirecting out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 11:03:45 +02:00
073dd8b560 web/admin: fix notification clear all not triggering render
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 10:23:55 +02:00
b5d2924d46 website/docs: update 2021.8.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 10:10:43 +02:00
597e279f34 ci: fix old node version in release ci
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 10:07:36 +02:00
fc28def83d build(deps): bump @typescript-eslint/eslint-plugin in /web (#1358) 2021-09-07 08:42:57 +02:00
f6efdfded4 build(deps): bump @typescript-eslint/parser in /web (#1357) 2021-09-07 08:31:13 +02:00
91312496e0 ci: simplify testspace setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-06 16:52:21 +02:00
b557b4337d build(deps): bump @babel/core from 7.15.4 to 7.15.5 in /web (#1351) 2021-09-06 08:36:40 +02:00
bfde186aa0 build(deps): bump actions/cache from 1 to 2.1.6 (#1352) 2021-09-06 08:36:32 +02:00
2bd75dd1a9 build(deps): bump xmlsec from 1.3.11 to 1.3.12 (#1353) 2021-09-06 08:36:16 +02:00
27ab31a9b0 build(deps): bump boto3 from 1.18.35 to 1.18.36 (#1354) 2021-09-06 08:35:56 +02:00
44a8b737d9 build(deps): bump drf-spectacular from 0.18.1 to 0.18.2 (#1355) 2021-09-06 08:35:45 +02:00
b939ee7a09 website/docs: use kubectl exec with deployment, add note for backup version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1349
2021-09-05 20:25:42 +02:00
0bae550520 root: include authentik version in backup naming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-05 20:25:02 +02:00
b5cc2f2bda website/docs: add missing ENV, changed k8s beta instructions (#1350)
* fixed IsActive and IsSuperuser return string

IsActive and IsSuperuser attributes were interchanged.

* updated docs

Co-authored-by: Tobias Mandjik <tobias.mandjik@linogics.io>
2021-09-05 19:58:42 +02:00
9ad4cf1db9 outposts/ldap: improve logging of client IPs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-05 19:47:30 +02:00
9dbafaaea2 web: Update Web API Client version (#1348)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 22:49:16 +02:00
2db8b07578 events: add mark_all_seen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 22:08:12 +02:00
7c1a7bfd9d ci: use native kind action to test integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 16:06:44 +02:00
b7ef076798 outposts: add expected outpost replica count to metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 15:56:57 +02:00
37c29a073e policies/password: fix symbols not being checked correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 15:21:48 +02:00
0c288ea64b ci: cache webui for e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 15:21:24 +02:00
2476475174 ci: attempt to cache pipenv (#1347)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:55:54 +02:00
71913c8164 website/docs: fix typos in vikunja docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:38:35 +02:00
6ec8432217 policies/password: don't use regex for symbol detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:36:01 +02:00
7a12c0e4d1 web/admin: fix user selection in token form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:33:40 +02:00
23a7eba16b website/docs: add 8.5 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:09:11 +02:00
3ba84a8e8b stages/identification: fix empty user_fields query returning first user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 14:07:14 +02:00
75476217a0 internal: fix web requests not having a logger set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:52:47 +02:00
7771c0b905 internal: fix font loading errors on safari
closes #1057

for some reason safari appends the relative font path to the document URL not to the stylesheet URL. Since I don't want to build a fully custom patternfly base css file, this mounts the static files where safari expects them

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:50:29 +02:00
3378e82ec7 root: fix is_secure with safari on debug environments
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:45:50 +02:00
126e43dea4 internal: disable directory listing on static files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:40:29 +02:00
f725009530 web/flows: fix display error when using IdentificationStage without input fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:06:37 +02:00
70d1e3a0cb outpost: fix spans being sent without parent context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 18:17:08 +02:00
e751ce1220 root: update badges
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 18:11:13 +02:00
e09a27cf87 events: remove authentik_events gauge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 18:04:26 +02:00
06fbf44724 root: update security.md
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 17:26:10 +02:00
200e409d91 core: minor query optimization
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 14:02:57 +02:00
5e5854e256 ci: fix invalid workflow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:58:42 +02:00
3df8bcfc9c web: Update Web API Client version (#1345)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-03 10:53:59 +02:00
e76c14f9e0 ci: run on pr and improve checking for push
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:53:39 +02:00
6b6748b1c7 web/admin: show applications instead of providers in outpost form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:43:21 +02:00
d92d8e6dbb api: add additional filters for ldap and proxy providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:43:09 +02:00
c2b9dc5c75 api: cache schema, fix server urls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 10:23:14 +02:00
5c1d27de2b build(deps): bump docker from 5.0.1 to 5.0.2 (#1343) 2021-09-03 08:46:33 +02:00
6ab9e7cd68 build(deps): bump @babel/core from 7.15.0 to 7.15.4 in /web (#1339) 2021-09-03 08:46:23 +02:00
3ef56e9ec1 build(deps): bump @docusaurus/plugin-client-redirects in /website (#1338) 2021-09-03 08:46:05 +02:00
6d8d157772 build(deps): bump @babel/plugin-proposal-decorators in /web (#1340) 2021-09-03 08:44:36 +02:00
cadd466eec build(deps): bump @docusaurus/preset-classic in /website (#1341) 2021-09-03 08:44:27 +02:00
3fea0c1e49 build(deps): bump @babel/preset-env from 7.15.0 to 7.15.4 in /web (#1342) 2021-09-03 08:44:16 +02:00
4c58201adc build(deps): bump boto3 from 1.18.34 to 1.18.35 (#1344) 2021-09-03 08:44:02 +02:00
4fb4e72624 web: Update Web API Client version (#1337)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-02 21:34:04 +02:00
276d8fe5cf release: 2021.8.4 2021-09-02 20:21:21 +02:00
92ce5f0931 web: improve error display when only {'detail'} is returned
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 19:55:37 +02:00
7fea20375f *: fix tests not using APITestCase
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 19:14:21 +02:00
d4d4034d2c web: Update Web API Client version (#1336)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-02 17:42:55 +02:00
f0db408699 api: add v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 17:40:02 +02:00
5e200655d9 web: Update Web API Client version (#1335)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-02 17:13:16 +02:00
d5d1f2a645 web: show version in logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 17:10:43 +02:00
cc5cc43baa api: fix sentry endpoint not working due to mime-media
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 16:56:53 +02:00
e512f085db root: allow enabling s3 backup ssl verification
closes #1332

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 09:41:55 +02:00
f323c01bd8 build(deps): bump django from 3.2.6 to 3.2.7 (#1333) 2021-09-02 09:12:24 +02:00
f56cacb406 build(deps): bump boto3 from 1.18.33 to 1.18.34 (#1334) 2021-09-02 09:12:03 +02:00
eaecd31e9f ci: always run codecov and testspace
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 22:59:51 +02:00
36989d82e1 ci: merge on testspace
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 22:35:17 +02:00
50777d9022 ci: re-add testspace (#1331)
* ci: re-add testspace

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: fix double k3d

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 22:33:10 +02:00
a15571bd3e outposts/proxy: detect empty authentik_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 22:09:07 +02:00
26fd66d831 stages/authenticator_validate: fix variable shadowing, optimization
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:54:54 +02:00
0be873025a ci: fix bumpversion path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:38:04 +02:00
28ada49910 website/docs: final 2021.8.4 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:37:00 +02:00
4fc8e61f8c stages/authenticator_validate: show single button for multiple webauthn authenticators
tested with browser + yubikey 5

closes #1096

The order of allowCredentials doesn't seem to matter, chrome seems to always choose the internal authenticator first.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:28:52 +02:00
7d26ea1a9c web/admin: fix list of webauthn devices not updating after rename
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:05:18 +02:00
3a58dc62e1 ci: fix missing branch
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 18:34:57 +02:00
71fe7bc827 ci: fix sha being used instead of timestamp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 17:10:42 +02:00
933336c38b ci: fix images not being pushed with correct tags
* ci: debug

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: fix branch and sha

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 16:19:29 +02:00
371feb9a31 ci: fix images not being pushed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 15:07:13 +02:00
95a2fd3c9e web: Update Web API Client version (#1327)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-09-01 14:48:48 +02:00
17cb76c334 stages/invitation: fix invitation not inheriting ExpiringModel
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 14:25:19 +02:00
88f0dfc8cc web/admin: fallback for invitation list on first load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 13:33:05 +02:00
f82aada23b web/admin: fix flow executor not opening in new tab
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 13:19:09 +02:00
ecaee92634 build(deps): bump @sentry/tracing from 6.11.0 to 6.12.0 in /web (#1322)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.11.0 to 6.12.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.11.0...6.12.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-01 09:26:53 +02:00
89252ec47b build(deps): bump @sentry/tracing from 6.11.0 to 6.12.0 in /website (#1320)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.11.0 to 6.12.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.11.0...6.12.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-01 09:26:33 +02:00
f0f25ab291 build(deps): bump @sentry/react from 6.11.0 to 6.12.0 in /website (#1321) 2021-09-01 08:40:07 +02:00
e4d0fec15a build(deps): bump @sentry/browser from 6.11.0 to 6.12.0 in /web (#1323) 2021-09-01 08:39:56 +02:00
6b10baf086 build(deps): bump docker from 5.0.0 to 5.0.1 (#1324) 2021-09-01 08:39:21 +02:00
f148b5d341 build(deps): bump boto3 from 1.18.32 to 1.18.33 (#1326) 2021-09-01 08:39:12 +02:00
1471ff8940 build(deps): bump drf-spectacular from 0.18.0 to 0.18.1 (#1325) 2021-09-01 08:39:01 +02:00
d9a6ec2ac0 webiste/docs: update extensionvs/v1beta ingress
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-31 21:11:01 +02:00
5745ffa0a8 ci: don't login to docker on forks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-31 09:31:10 +02:00
b26202db35 build(deps): bump @typescript-eslint/parser in /web (#1316) 2021-08-31 08:42:14 +02:00
6318577a51 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1317) 2021-08-31 08:16:59 +02:00
6a2cd45847 build(deps-dev): bump pytest from 6.2.4 to 6.2.5 (#1318) 2021-08-31 08:16:44 +02:00
ef5cea2c01 build(deps): bump boto3 from 1.18.31 to 1.18.32 (#1319) 2021-08-31 08:16:32 +02:00
69f4d54bae ci: migrate ci to gh actions (#1315) 2021-08-30 20:21:15 +02:00
b1eec5a7d2 outposts/proxy: add more logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 17:18:52 +02:00
1b8271d767 flows: disable compatibility_mode by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 17:18:43 +02:00
3e9f5ec5ef providers/proxy: improve error handling for non-tls ingresses
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 14:43:57 +02:00
63f57b6a77 events: improve logging for task exceptions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 14:43:44 +02:00
a016f99450 core: fix user_obj being empty on token API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 12:51:17 +02:00
adc18b2991 build(deps): bump boto3 from 1.18.30 to 1.18.31 (#1314)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.30 to 1.18.31.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.30...1.18.31)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-30 09:12:58 +02:00
e37a326b95 website/docs: prepare 8.4 docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 22:12:49 +02:00
048467e97d outpost/ldap: delay user information removal upon closing of connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 21:13:46 +02:00
cc2cd6919f outpost/embedded: only send requests for non-akprox paths when we're doing proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 21:13:28 +02:00
0c6e781e5b providers/proxy: fix traefik middleware being generated with wrong ports for embedded outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 20:49:11 +02:00
7294d8fca5 website/docs: add note for cross-namespace reference in traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 20:46:17 +02:00
16ec5680b4 web: Update Web API Client version (#1313)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-29 19:51:10 +02:00
87920fb1d7 website/docs: add docs for websocket connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 19:49:18 +02:00
523b96a6d2 api: add basic rate limiting for sentry endpoint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 19:33:18 +02:00
45731d8069 cmd: add option to disable embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 19:19:13 +02:00
e872371970 website/docs: add embedded outpost docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 14:43:13 +02:00
08e8cf850a web/flows: fix FlowExecutor not updating when challenge changes from outside
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 13:49:57 +02:00
b1ed2154ac policies/password: fix PasswordStage not being usable with prompt stages, rework validation logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 00:40:36 +02:00
7ef2aa3eb9 web: Update Web API Client version (#1312) 2021-08-28 19:08:38 +02:00
160139813d release: 2021.8.3 2021-08-28 16:58:44 +02:00
582ad92c76 outposts/k8s: improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-28 14:58:26 +02:00
f61736e3d1 stages/identification: add error handling when password isn't set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-28 12:54:10 +02:00
eb02c96281 website/docs: make it clearer to use context[]
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-28 12:53:57 +02:00
8619552920 website/docs: prepare 2021.8.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 23:12:53 +02:00
6237352e25 web/flows: fix checkboxes not being rendered correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 23:09:53 +02:00
2d8b4f543b providers/proxy: fix url parsing for traefik labels on docker containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 22:21:16 +02:00
8542dc10ab providers/proxy: fix docker container labels not being inherited correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 20:20:34 +02:00
c55b63337c web/flows: fix post-challenge updates not always being called by using setter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:45:23 +02:00
12ddee3bb6 outpost: add additional labels to docker container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:26:27 +02:00
dc41d0af27 outposts: add configurable docker_network for outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 19:26:11 +02:00
3323b50036 web/flows: also check for redirects as result of posting challenge
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 10:08:15 +02:00
8acb15a7fd outpost: fix flow executor not sending password for identification stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 09:43:07 +02:00
f601e04b38 web/flows: assign location from redirect challenge in request handler not render
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 09:43:00 +02:00
f50529cb5b build(deps): bump @docusaurus/preset-classic in /website (#1307)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.4 to 2.0.0-beta.5.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.5/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-27 09:20:09 +02:00
3f1b6f9ed4 build(deps): bump typescript from 4.3.5 to 4.4.2 in /web (#1306) 2021-08-27 08:36:43 +02:00
f1ab0f4314 build(deps): bump @patternfly/patternfly from 4.125.3 to 4.132.2 in /web (#1308) 2021-08-27 08:36:34 +02:00
4d1129f385 build(deps): bump boto3 from 1.18.29 to 1.18.30 (#1310) 2021-08-27 08:36:19 +02:00
03ac9c6e16 build(deps): bump @docusaurus/plugin-client-redirects in /website (#1309) 2021-08-27 08:36:11 +02:00
c0839924f1 build(deps): bump github.com/go-openapi/runtime from 0.19.30 to 0.19.31 (#1311) 2021-08-27 08:35:57 +02:00
91e3aa760a web: Update Web API Client version (#1305)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-26 19:06:13 +02:00
5c0681d57b website/docs: add 2021.8.2 docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-26 18:56:42 +02:00
c4f72c2bc1 release: 2021.8.2 2021-08-26 17:58:20 +02:00
e92f9836e3 root: allow django auth backend for upgrading users with cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-26 17:57:25 +02:00
3818dc834b web: Update Web API Client version (#1304)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-26 16:57:12 +02:00
cda011a049 website/docs: add 2021.8.1 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-26 16:06:27 +02:00
897f6f3473 release: 2021.8.1 2021-08-26 16:03:45 +02:00
b70b44490b root: Require PG_PASS to be set (#1303)
This raises an error when PG_PASS is not set.

docker-compose recently changed the way .env files are searched for (see
for example https://github.com/docker/compose/issues/8347) and with the
current setup, authentik will not work anyway without a password set.
2021-08-26 10:24:35 +02:00
77a5a58cb9 root: Fix table of contents for CONTRIBUTING.md (#1302) 2021-08-26 10:08:07 +02:00
f3b227434e web: Update Web API Client version (#1301)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-26 10:06:46 +02:00
2ae164df78 *: cleanup api schema warnings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-26 09:36:41 +02:00
9b09793230 build(deps): bump drf-spectacular from 0.17.3 to 0.18.0 (#1299) 2021-08-26 08:54:59 +02:00
f8a401aeca build(deps): bump boto3 from 1.18.28 to 1.18.29 (#1300) 2021-08-26 08:53:56 +02:00
ffbab2cd68 outpost/ldap: set request_id in sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 22:36:08 +02:00
734e5fcab4 web: Update Web API Client version (#1298)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-25 21:52:32 +02:00
78578c6c9d web/admin: allow admins to create tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:23:32 +02:00
0ccec96490 core: make user optional in token creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:21:51 +02:00
8022d0801d web/elements: add support for datetime-local
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:14:32 +02:00
d79975c409 core: fix user object for token not be setable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 20:43:34 +02:00
20d65035d5 core: fix error when user updates themselves
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 17:52:50 +02:00
8d6227377f core: fix error for asgi error handler with websockets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 10:24:01 +02:00
4bc50e7f57 build(deps): bump boto3 from 1.18.27 to 1.18.28 (#1296) 2021-08-25 08:35:12 +02:00
945e42c940 web: Update Web API Client version (#1295) 2021-08-24 22:35:08 +02:00
052bb28086 ci: only generate NPM API package on master
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 21:44:47 +02:00
4a84b7e2d5 web: Update Web API Client version (#1294)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-24 21:32:29 +02:00
4d27694706 release: 2021.8.1-rc2 2021-08-24 21:29:29 +02:00
16cfa8cae2 web/admin: add ServiceAccount creation form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 20:13:08 +02:00
1a20c8ffc1 web: Update Web API Client version (#1293)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-24 20:12:46 +02:00
d7ad5f6a16 core: add API to create service account with token for app password
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 20:09:22 +02:00
5af9a3d3be sources/saml: fix error when getting metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 16:51:08 +02:00
dec34bc948 stages/password: fix replace_inbuilt not being called
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 16:37:39 +02:00
cff37caa57 web: Update Web API Client version (#1292) 2021-08-24 14:32:33 +02:00
cc6d5765f2 web/admin: fix inconsistent ordering for ldap property mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 13:04:19 +02:00
2ec1ff2ebb sources/ldap: fix error when modifying ldap source with password write-back
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 13:03:41 +02:00
884c2bd0e9 root: fix missing ldap backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 13:03:19 +02:00
2c938ec9dc stages/password: sort backends in migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 12:44:45 +02:00
9733caf3b7 admin: use copy for environ api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 11:39:49 +02:00
494af0a430 web: Update Web API Client version (#1291)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-24 11:01:51 +02:00
10e50bc77f stages/user_login: improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 10:58:50 +02:00
44bfbb9e49 Merge branch 'master' into next 2021-08-24 10:58:27 +02:00
5be152e12d stages/password: fix migration error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 10:57:20 +02:00
b0efab6d6d admin: add env to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 10:55:46 +02:00
f2725b88c8 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1289) 2021-08-24 10:33:59 +02:00
24cc123029 build(deps): bump @typescript-eslint/parser in /web (#1288) 2021-08-24 10:16:49 +02:00
d75c9997f6 build(deps): bump boto3 from 1.18.26 to 1.18.27 (#1290) 2021-08-24 10:16:41 +02:00
0a20a30af3 ci: remove zeus.ci :(
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 00:07:02 +02:00
c60ba91fee core: fix auth saving entire models into session
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 23:59:43 +02:00
37927c9361 web: Update Web API Client version (#1287)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-23 22:06:25 +02:00
0a63441935 website/docs: update release notes 2021.8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 21:24:53 +02:00
6b7a8b6ac7 core: add new token intent and auth backend (#1284)
* core: add new token intent and auth backend

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: update schema

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: allow users to create app password tokens

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: display token's intents

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/password: auto-enable app password backend

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix missing app passwords backend

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: use custom inbuilt backend, set backend login information in flow plan for events

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add docs for `auth_method` and `auth_method_args` fields

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website: fix example flows using incorrect backend

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: add alias for akflow files

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix token intent not defaulting correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website: update akflows orders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: improve delete modal for stage bindings and policy bindings

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: fix linting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website: make default login-2fa flow ignore 2fa with app passwords

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: select all password stage backends by default

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: fix mis-matched postgres version for CI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix authentication error when no request is given

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: set debug log level

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/user_write: fix wrong fallback authentication backend

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add token tests for invalid intent and token auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 21:21:39 +02:00
cba255eaaa Merge branch 'master' into app-passwords
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/tests/test_source_flow_manager.py
#	authentik/stages/authenticator_validate/tests.py
#	authentik/stages/password/tests.py
#	scripts/generate_ci_config.py
2021-08-23 21:21:12 +02:00
859cf2bd8f lib: move id and key generators to lib (#1286)
* lib: move generators to lib

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: bump default token key size

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix split being used for http basic auth instead of partition

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: don't rethrow error in ActionButton

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 20:27:38 +02:00
a2578ffaad core: add token tests for invalid intent and token auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 20:21:54 +02:00
888526a2a7 stages/user_write: fix wrong fallback authentication backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 19:31:23 +02:00
0d00b9cc0d ci: set debug log level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 19:14:24 +02:00
27cc5d7138 core: fix authentication error when no request is given
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 19:09:53 +02:00
b2f077645a web: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 18:38:35 +02:00
2878597603 root: fix mis-matched postgres version for CI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 18:25:31 +02:00
5face5410f web/admin: select all password stage backends by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 18:08:29 +02:00
1b8750e13b website: make default login-2fa flow ignore 2fa with app passwords
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:50:42 +02:00
e27a6fdeeb events: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:48:28 +02:00
a9af40f85c web/admin: improve delete modal for stage bindings and policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:46:51 +02:00
59f04963be website: update akflows orders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:39:19 +02:00
033c9a3bd3 core: fix token intent not defaulting correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:33:35 +02:00
09e3d616e9 root: add alias for akflow files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:29:12 +02:00
0b280c0a47 website: fix example flows using incorrect backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:26:07 +02:00
07a4f474f4 website/docs: add docs for auth_method and auth_method_args fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:23:55 +02:00
244dc671db Merge branch 'master' into app-passwords 2021-08-23 17:12:17 +02:00
4308136108 root: fix error_handler for websocket
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:12:11 +02:00
69a0153619 core: use custom inbuilt backend, set backend login information in flow plan for events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:09:53 +02:00
2655768f5a Merge branch 'master' into app-passwords 2021-08-23 16:48:43 +02:00
73c55b56a0 ci: update commit message for web api update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:48:28 +02:00
bcbdd6c26f web: Update Web API Client version (#1283)
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2021-08-23 16:47:56 +02:00
00e9b91f56 web/admin: fix missing app passwords backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:47:38 +02:00
4cf76fdcda stages/password: auto-enable app password backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:39:39 +02:00
c4832206fa web/admin: display token's intents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:33:12 +02:00
d05562a388 Merge branch 'master' into app-passwords 2021-08-23 16:28:25 +02:00
f217d34a98 web/admin: allow users to create app password tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:27:39 +02:00
89f2967f69 ci: only run npm client push on master and version branches
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:21:27 +02:00
9a6a3e66b8 root: update schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:14:33 +02:00
2f4b18ebbd web: fix license for API Client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:12:31 +02:00
20572c728d core: add new token intent and auth backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:05:29 +02:00
aad753de68 ci: fix extraction of generated client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:57:56 +02:00
a79a150a1f root: test schema auto-update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:55:26 +02:00
8b23e4701a ci: upgrade web api client when schema changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:54:58 +02:00
a366d61891 root: add License to NPM package
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:41:49 +02:00
9a13dfd63a website/docs: update release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:40:15 +02:00
32d80829e2 web/admin: show system status first
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:25:35 +02:00
f6953296d8 outposts: add recursion limit for docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:25:28 +02:00
e4790f9060 core: handle error when ?for_user is not numberical
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:25:18 +02:00
58712047e1 root: add ASGI Error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:15:12 +02:00
85915905dc web/flows: fix error during error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:11:30 +02:00
52f2838f57 lifecycle: rename to ak
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:54:02 +02:00
12e2f7b945 outposts: add repair_permissions command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:53:53 +02:00
45d47f828a outpost: handle non-existant permission
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:39:47 +02:00
cf7eb88661 web: add custom readme to api client
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 12:00:35 +02:00
6a14ae7975 web: Merge pull request #1258 from goauthentik/publish-api-to-npm
Publish api to npm
2021-08-23 11:43:25 +02:00
08f3294a1d web: add ESM to generated Client
https://github.com/OpenAPITools/openapi-generator/issues/8881
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 11:11:18 +02:00
ac47fc9295 web: use custom client for web linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:36:32 +02:00
1ff19e1467 web: fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:33:45 +02:00
439454a71b website: add docs for making schema changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:32:37 +02:00
2a11964e1a Merge branch 'master' into publish-api-to-npm 2021-08-23 10:16:35 +02:00
507b8d43fb root: remove remainders from gen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:16:24 +02:00
7efec281be build(deps-dev): bump pylint from 2.9.6 to 2.10.2 (#1280)
* build(deps-dev): bump pylint from 2.9.6 to 2.10.2

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.9.6 to 2.10.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.9.6...v2.10.2)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: add missing encoding to open() calls

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:10:31 +02:00
9469f86f65 web: improve api client versioning
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:09:56 +02:00
e998919097 web: fix build not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 10:02:39 +02:00
450d69a1a4 web: build. api in different folder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 09:49:09 +02:00
b74681f22c Merge branch 'master' into publish-api-to-npm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/package-lock.json
#	web/src/pages/sources/oauth/OAuthSourceForm.ts
2021-08-23 09:40:52 +02:00
f95a7c26e5 build(deps): bump github.com/go-openapi/strfmt from 0.20.1 to 0.20.2 (#1281)
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.20.1...v0.20.2)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-23 07:44:28 +02:00
ffc9bd2cec build(deps): bump boto3 from 1.18.25 to 1.18.26 (#1282) 2021-08-23 07:06:16 +02:00
bb7db0c828 build(deps): bump codemirror from 5.62.2 to 5.62.3 in /web (#1279) 2021-08-23 07:06:04 +02:00
aec3e08201 Merge branch 'version-2021.8' into next 2021-08-22 21:57:14 +02:00
0651fbba06 website/docs: add 2021.8 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-22 20:19:23 +02:00
7639cdad0a release: 2021.8.1-rc1 2021-08-22 20:17:35 +02:00
6533f48912 web: add topMost attribute to ak-loading-overlay to force it over codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 19:26:06 +02:00
2024dac39a web: lock overflow when showing loading overlay on modals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 19:19:23 +02:00
33d5cd2973 web: add notice for Certificate for LDAP Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 18:48:02 +02:00
b003e8e1e8 sources/oauth: fix openidconnect provider name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 18:36:06 +02:00
294d70ae4d outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 17:53:09 +02:00
23fd257624 outposts/ldap: fix nil pointer dereference when search self
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:51:47 +02:00
3e909ae6bb core: allow filtering users by the groups they are in
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:27:48 +02:00
ff24bc8cb8 outpost/ldap: regularly pre-heat flow executor cache to increase bind performance
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:17:30 +02:00
ecf35cfd1d web: fix mis-matched oauth source icon names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:10:03 +02:00
673520c9f8 web: fix OAuthSource not setting providerType
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:08:50 +02:00
b4f738492d sources/oauth: improve UI with prefilled urls (when customizable) and hiding provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 15:52:41 +02:00
00a666856d web: expand parent FormGroup when containing element has error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 15:24:31 +02:00
bff7addb55 stages/password: adjust name of default prompt stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 15:16:18 +02:00
2a90c0b35e sources/oauth2: migrate to microsoft graph instead of azure graph
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 15:15:29 +02:00
93e27d1959 web: improve failed request handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 14:40:45 +02:00
02c736d784 lib: ignore installation specific errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 14:14:18 +02:00
2015d91484 outpost: load global config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 14:14:18 +02:00
6433b5982e api: add cache timeouts to config API for outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 14:14:18 +02:00
f0bc90738f build(deps): bump actions/github-script from 4.0.2 to 4.1 (#1276) 2021-08-20 08:42:54 +02:00
970a4baf49 build(deps): bump boto3 from 1.18.24 to 1.18.25 (#1277) 2021-08-20 08:42:42 +02:00
5fbefef56f build(deps): bump chart.js from 3.5.0 to 3.5.1 in /web (#1274) 2021-08-19 08:37:12 +02:00
1110038eb0 build(deps): bump boto3 from 1.18.23 to 1.18.24 (#1275) 2021-08-19 08:36:43 +02:00
e945c250db ci: make zeus optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-18 10:33:25 +02:00
b46d08cc97 build(deps): bump boto3 from 1.18.22 to 1.18.23 (#1273) 2021-08-18 09:59:17 +02:00
18eccd995d sources/plex: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-17 13:44:54 +02:00
6f06ba06d0 website/docs: fixed a typo and pronounce problem (#1271) 2021-08-17 13:29:25 +02:00
495b068be5 web: add plex connection deletion support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-17 13:02:40 +02:00
84c4547005 sources/plex: add API for user connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-17 13:02:40 +02:00
065121d280 build(deps): bump @typescript-eslint/parser in /web (#1267) 2021-08-17 09:58:35 +02:00
8c943e187b build(deps): bump golang from 1.16.7 to 1.17.0 (#1265) 2021-08-17 09:04:49 +02:00
ee54a8b33d build(deps): bump @typescript-eslint/eslint-plugin in /web (#1266) 2021-08-17 09:04:27 +02:00
373d94635f build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.0 to 3.4.1 (#1268) 2021-08-17 09:04:19 +02:00
31422c6836 build(deps): bump kubernetes from 17.17.0 to 18.20.0 (#1269) 2021-08-17 09:04:05 +02:00
bca59a2b5a build(deps): bump boto3 from 1.18.21 to 1.18.22 (#1270) 2021-08-17 09:03:17 +02:00
4ff3bc59b7 website/docs: Fixed two typos in Wordpress integration (#1264)
* Create index.mdx

Add Wekan example

* updated to include wekan entry

* Update and rename website/docs/sources.md to website/docs/sources/index.md

Break Sources into individual pages.

* Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md

* Create index.md

* Update index.md

* Update index.md

* Create index.md

* Create index.md

* Create index.md

* Update index.md

* Update index.md

* Update index.md

* Create index.md

* discord images

* spacing

* Added discord

* discord changes

* Added sources breakdown to the sidebar

* Fixed the saml title

* Added github examples

* fixed formatting

* Changed file path, updated sidebar, added google.

* fixed a spelling mistake

* Cleaned up formatting

* Fixed Notes

* docs: fix typo in logout url

* docs: added wordpress integration

* docs: fixed two typos for wordpress
2021-08-16 17:31:33 +02:00
bd9cd086a0 Merge branch 'master' into publish-api-to-npm 2021-08-16 17:29:36 +02:00
a6b1ee949d web: fix mis-matched height of application cards
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-16 11:33:12 +02:00
f93e2c5eb6 website/docs: Add Wordpress to Integrations (#1259)
* Create index.mdx

Add Wekan example

* updated to include wekan entry

* Update and rename website/docs/sources.md to website/docs/sources/index.md

Break Sources into individual pages.

* Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md

* Create index.md

* Update index.md

* Update index.md

* Create index.md

* Create index.md

* Create index.md

* Update index.md

* Update index.md

* Update index.md

* Create index.md

* discord images

* spacing

* Added discord

* discord changes

* Added sources breakdown to the sidebar

* Fixed the saml title

* Added github examples

* fixed formatting

* Changed file path, updated sidebar, added google.

* fixed a spelling mistake

* Cleaned up formatting

* Fixed Notes

* docs: fix typo in logout url

* docs: added wordpress integration
2021-08-16 10:33:53 +02:00
8fe38b528b outposts: fix managed check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-16 09:36:01 +02:00
38dbde191c build(deps): bump github.com/go-ldap/ldap/v3 from 3.3.0 to 3.4.0 (#1262)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-16 09:28:14 +02:00
39434053b9 build(deps): bump boto3 from 1.18.20 to 1.18.21 (#1263)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.20 to 1.18.21.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.20...1.18.21)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-16 09:28:03 +02:00
5bdc1a3ddc build(deps): bump uvicorn from 0.14.0 to 0.15.0 (#1261)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.14.0...0.15.0)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-16 09:27:47 +02:00
14fb0c3d61 web: cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 22:18:03 +02:00
c52afe5952 Merge branch 'master' into publish-api-to-npm 2021-08-15 21:40:11 +02:00
36e6d5e394 website/docs: fix image reference typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 21:39:24 +02:00
1d4b941a3b web: migrate to @goauthentik/api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 21:32:28 +02:00
0344e5d9b3 root: remove usage of make-gen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 21:32:17 +02:00
d8e8cc062b ci: add pipeline to build and push js api package
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 21:32:06 +02:00
0a6efab7cb outposts: fix syntax
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 20:59:37 +02:00
c8dc299ae3 website/docs: Add Portainer to Integrations Providers docs (#1256)
* Create index.mdx

Add Wekan example

* updated to include wekan entry

* Update and rename website/docs/sources.md to website/docs/sources/index.md

Break Sources into individual pages.

* Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md

* Create index.md

* Update index.md

* Update index.md

* Create index.md

* Create index.md

* Create index.md

* Update index.md

* Update index.md

* Update index.md

* Create index.md

* discord images

* spacing

* Added discord

* discord changes

* Added sources breakdown to the sidebar

* Fixed the saml title

* Added github examples

* fixed formatting

* Changed file path, updated sidebar, added google.

* fixed a spelling mistake

* Cleaned up formatting

* Fixed Notes

* Added Bookstack to the intergrations

* Fixed a typo with formatting

* Added a line break for Advanced protocol settings

* Added Vikunja to integration providers docs

* web: update tsconfig

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* Add Portainer to integration provider docs

Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 20:58:52 +02:00
700c66f312 web/library: Updated applications card display (#1257) 2021-08-15 20:19:50 +02:00
04861b1b00 web: update package-lock
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 18:14:37 +02:00
06badf88b2 web: fix missing import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 18:14:02 +02:00
67ab4305ad website/developer-docs: simplify .env file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 18:13:25 +02:00
b35e62e5ae outposts: don't start docker container for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 18:10:49 +02:00
051016f613 web: fix missing app description
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 18:09:48 +02:00
295f0fe730 Revert "build(deps): bump construct-style-sheets-polyfill in /web (#1252)"
This reverts commit 0d5a7f9b44.
2021-08-15 18:05:52 +02:00
54b7ef42f5 outpost/ldap: add sAMAccountName on groups for compatibility
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 15:59:24 +02:00
669b5db8e5 web: update tsconfig
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 11:27:48 +02:00
4882de6ade website/developer-docs: add note for node16 and npm i for api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-14 22:09:45 +02:00
95ceabe1ba website/docs: Forward authentication proxy and Grafana considerations (#1254)
* docs: Updated forward authentication proxy nginx buffer config, grafana oauth integration considerations

* docs: Cover edge-case when default grafana org id is not 1
2021-08-14 22:05:23 +02:00
769a3424dc web/elements: fix unchecking all elements not unchecking select-all
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-14 21:38:05 +02:00
47070261b0 web/elements: fix select all not working in tables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-14 21:34:11 +02:00
0d5a7f9b44 build(deps): bump construct-style-sheets-polyfill in /web (#1252) 2021-08-13 09:23:12 +02:00
07ceaa20f3 build(deps): bump boto3 from 1.18.19 to 1.18.20 (#1253) 2021-08-13 09:22:26 +02:00
d1403f6f7d web: implement bulk-delete form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 23:21:29 +02:00
9430a2eea2 web/elements: add bulk delete form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 21:42:52 +02:00
2592fc3826 sources/ldap: allow for anonymous binds, fix sync_users_password not working correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 19:09:29 +02:00
d9ece98bbc core: fix token expiration not being updated upon key rotation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 17:22:42 +02:00
1524efcf51 core: fix expired tokens not being returned by API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 17:21:53 +02:00
8cceacb33f website: fix typo in example flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 17:16:39 +02:00
3b13f322de build(deps): bump tslib from 2.3.0 to 2.3.1 in /web (#1250) 2021-08-12 09:34:12 +02:00
a570189c73 build(deps): bump boto3 from 1.18.18 to 1.18.19 (#1251) 2021-08-12 09:34:04 +02:00
c92c0102ca website/docs: add database port parameter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 02:24:36 +02:00
c6dddc97f0 core: fix error when migrating with AK_ADMIN_TOKEN set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 22:36:52 +02:00
38292a588b website/docs: add docs for automated installs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 21:57:58 +02:00
01e54cb986 website/docs: update compose install
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 21:53:20 +02:00
e90da9283e core: add support to bootstrap token on initial install using AK_ADMIN_TOKEN in environment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 21:45:49 +02:00
e0e0f4fa6c core: fix users's group list not allowing blank values
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 20:16:45 +02:00
90426802fd website/docs: update 2021.8 release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 19:54:03 +02:00
8b28039c1b web: re-add sentry error dialog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 19:53:52 +02:00
cdf57d7eea web/elements: add support for dot-notation in input names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 19:48:19 +02:00
b237f2ddfb web/elements: fix loading overlay not being removed on error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 17:44:09 +02:00
784a3efaa5 web: fix websocket connecting double
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 16:53:47 +02:00
9e0c4e7e08 web/admin: fix version API being called too much
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 16:46:23 +02:00
7e62b82d56 outpost/embedded: fix login URL not being set correctly from outpost config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 12:39:27 +02:00
c079f9e339 build(deps): bump rollup from 2.56.1 to 2.56.2 in /web (#1247) 2021-08-11 09:15:43 +02:00
72d42249e2 build(deps): bump boto3 from 1.18.17 to 1.18.18 (#1248) 2021-08-11 09:15:34 +02:00
f9e826d553 web: improve loading indication for modals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 00:00:07 +02:00
0f5e0a774a web/admin: fix ScopeMapping requiring description
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 23:33:27 +02:00
34fe250fb0 web/elements: fix resetForm is not a function
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 23:22:25 +02:00
92990b4ded web/elements: properly cleanup event handlers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 23:22:13 +02:00
9e2f165dd8 web: update tsconfig
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 23:21:59 +02:00
88891c99bc web/admin: fix drawers being openable via tab focus
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 22:50:03 +02:00
93de363c86 website/developer-docs: add notice for translation requirements
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 21:42:59 +02:00
7db3be604c web/admin: allow modification of users groups from user view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 21:27:41 +02:00
ec95a2bddc core: allow changing of groups a user is in from user api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 19:31:30 +02:00
de9d483b9f admin: add API to show embedded outpost status, add notice when its not configured properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 19:16:11 +02:00
0c9c3153b5 tests/e2e: fix LDAP provider tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 14:10:06 +02:00
557724768a core: add API to directly send recovery link to user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 13:54:59 +02:00
68608087ec web: fix class for propertymapping test button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 12:46:50 +02:00
3118365118 Merge branch 'master' into next 2021-08-10 12:45:40 +02:00
1f821521c6 outposts/ldap: add sAMAccountName field for compatibility
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 12:45:29 +02:00
281a460960 providers/ldap: fix error in outpost when certificate is configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 12:45:29 +02:00
0e131e6b2f build(deps): bump @typescript-eslint/parser in /web (#1243) 2021-08-10 10:34:16 +02:00
ca9e632b57 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1244) 2021-08-10 09:45:48 +02:00
184aa25513 build(deps): bump boto3 from 1.18.16 to 1.18.17 (#1245) 2021-08-10 09:45:38 +02:00
80df444067 outposts/ldap: add sAMAccountName field for compatibility
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 21:00:02 +02:00
d18e829d80 providers/ldap: fix error in outpost when certificate is configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 20:47:26 +02:00
c5dfe189f7 build(deps): bump @sentry/tracing from 6.10.0 to 6.11.0 in /web (#1237)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.10.0 to 6.11.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.10.0...6.11.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-09 10:17:42 +02:00
29f6f1d54f build(deps): bump @sentry/tracing from 6.10.0 to 6.11.0 in /website (#1238)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.10.0 to 6.11.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.10.0...6.11.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-09 09:53:16 +02:00
e952bd671f build(deps): bump @sentry/browser from 6.10.0 to 6.11.0 in /web (#1239)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.10.0 to 6.11.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.10.0...6.11.0)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-09 09:53:03 +02:00
421c7df536 build(deps): bump rollup from 2.56.0 to 2.56.1 in /web (#1236) 2021-08-09 09:03:23 +02:00
f322198020 build(deps): bump @sentry/react from 6.10.0 to 6.11.0 in /website (#1240) 2021-08-09 09:02:53 +02:00
c392aa607d build(deps): bump boto3 from 1.18.15 to 1.18.16 (#1241) 2021-08-09 09:02:43 +02:00
4e368d1e8d build(deps): bump github.com/go-openapi/runtime from 0.19.29 to 0.19.30 (#1242) 2021-08-09 09:02:29 +02:00
229468175a lifecycle: fix error in gunicorn config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 01:07:50 +02:00
e1f7421c6a web: fix error from trying to clone the request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 00:38:43 +02:00
7a836e0d7e api: fix backup capability not being detected correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 00:32:29 +02:00
5b57d67b5f cmd: improve error message for local config loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 00:28:08 +02:00
4cd3466e56 root: ignore known warnings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 00:27:29 +02:00
f496b8b5d7 providers/oauth2: add more test cases for token view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 00:20:32 +02:00
3d5eebda3b Merge branch 'next' 2021-08-09 00:12:04 +02:00
a26e5f3b17 website/docs: Add Vikunja Instructions to Integrations as Provider (#1235)
* Create index.mdx

Add Wekan example

* updated to include wekan entry

* Update and rename website/docs/sources.md to website/docs/sources/index.md

Break Sources into individual pages.

* Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md

* Create index.md

* Update index.md

* Update index.md

* Create index.md

* Create index.md

* Create index.md

* Update index.md

* Update index.md

* Update index.md

* Create index.md

* discord images

* spacing

* Added discord

* discord changes

* Added sources breakdown to the sidebar

* Fixed the saml title

* Added github examples

* fixed formatting

* Changed file path, updated sidebar, added google.

* fixed a spelling mistake

* Cleaned up formatting

* Fixed Notes

* Added Bookstack to the intergrations

* Fixed a typo with formatting

* Added a line break for Advanced protocol settings

* Added Vikunja to integration providers docs
2021-08-09 00:11:48 +02:00
fe91bff854 outpost/embedded: fix schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 23:09:35 +02:00
03958d170b outpost/proxy: fix string substitution for internal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 22:24:10 +02:00
837fa23af0 outpost: only set embedded outpost config on creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 22:23:33 +02:00
665c1aa81b providers/proxy: don't create ingress when no hosts are defined
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 21:46:05 +02:00
ebc6afe015 outpost: fix detection of embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 21:39:08 +02:00
45bee4b4dc outposts: fix test for config validation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 17:14:05 +02:00
c025d64ba3 outpost: revert managed config, make authentik_host field optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:58:01 +02:00
a9ef1a3190 web/admin: link build hash when set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:57:27 +02:00
2a53bc4330 outpost: add fallback for authentik_host when its not set in config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:32:26 +02:00
8180d6f9e8 outposts: don't override authentik_host for embedded outpost authentik_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:29:33 +02:00
ccfc1dbcc2 *: make all PropertyMappings filterable by multiple managed attributes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:06:44 +02:00
16f0f89a9d outpost/embedded: fix embedded outpost redirecting to localhost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 15:39:52 +02:00
c5976de500 web/admin: fix UI inconsistency
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 15:18:32 +02:00
1781ab59ba web/admin: fix requests on API Drawer vanishing when the drawer is closed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 15:17:06 +02:00
3367b83368 providers/saml: use idp-initiated sso flow as launch url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 15:01:52 +02:00
f21bb319d0 web/admin: fix Outpost's detailed health not being shown in columns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 14:04:50 +02:00
f0a8c30ce9 outposts: create different service when using embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 14:01:39 +02:00
571049219f web: fix API Drawer not opening in new tab by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 13:39:39 +02:00
260f0b8710 web: fix width for ViewPages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 13:19:13 +02:00
787f5a1e96 website/docs: prepare next release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 22:38:26 +02:00
b36a3100e6 outposts: allow empty provider list for embedded provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 22:32:44 +02:00
e02207f38d outpost/embedded: use redis session backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 22:12:22 +02:00
3eafa4711e web: fix lint errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 21:43:04 +02:00
9a8240bdd1 proviers/saml: fix validation error not being raised
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 21:39:30 +02:00
f6ab241219 providers/oauth2: fix accessing undefined variable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 21:35:17 +02:00
ff579fd387 web: update default flow background for 2021.8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 21:32:40 +02:00
1693118df7 web/admin: cleanup display of outpost health
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 21:11:28 +02:00
b0f09eb2c4 web/admin: fix Table not updating selectedElements correctly after update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 20:53:28 +02:00
9c9addb0ce *: ensure all resources can be filtered
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 16:34:14 +02:00
decb91e5f1 build(deps): bump boto3 from 1.18.14 to 1.18.15 (#1233) 2021-08-06 09:00:10 +02:00
b39339409a build(deps): bump golang from 1.16.6 to 1.16.7 (#1231) 2021-08-06 08:59:59 +02:00
0d75ce45c3 build(deps): bump actions/setup-node from 2.3.2 to 2.4.0 (#1232) 2021-08-06 08:59:50 +02:00
8801e39e65 build(deps): bump @patternfly/patternfly from 4.115.2 to 4.125.3 in /web (#1230) 2021-08-06 08:59:41 +02:00
0faa91c1fe build(deps): bump rollup from 2.55.1 to 2.56.0 in /web (#1229) 2021-08-06 08:59:33 +02:00
2d5094fdf7 root: fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-06 00:11:24 +02:00
8044818a4d core: add additional cleanup for authenticated sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 23:25:40 +02:00
9703e32c1b web: migrate gallery to grid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 23:13:55 +02:00
f28bfdaeb9 web: fix minor styling issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 22:04:45 +02:00
fdd8e66b91 web: add API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 22:04:31 +02:00
562eb8af95 website/docs: remove traefik and fix compose port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 20:24:47 +02:00
a43fb026a0 Merge branch 'version-2021.7'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/providers/saml/processors/metadata_parser.py
#	web/src/pages/sources/oauth/OAuthSourceForm.ts
#	web/src/pages/sources/plex/PlexSourceForm.ts
#	web/src/pages/users/UserForm.ts
2021-08-05 20:23:32 +02:00
29b88d0e5c website/docs: add 2021.7.3 changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 19:26:25 +02:00
48c980e8e7 website/docs: add Bookstack Integration Instructions (#1228)
* Create index.mdx

Add Wekan example

* updated to include wekan entry

* Update and rename website/docs/sources.md to website/docs/sources/index.md

Break Sources into individual pages.

* Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md

* Create index.md

* Update index.md

* Update index.md

* Create index.md

* Create index.md

* Create index.md

* Update index.md

* Update index.md

* Update index.md

* Create index.md

* discord images

* spacing

* Added discord

* discord changes

* Added sources breakdown to the sidebar

* Fixed the saml title

* Added github examples

* fixed formatting

* Changed file path, updated sidebar, added google.

* fixed a spelling mistake

* Cleaned up formatting

* Fixed Notes

* Added Bookstack to the intergrations

* Fixed a typo with formatting

* Added a line break for Advanced protocol settings
2021-08-05 17:17:19 +00:00
667ccbe00e web/admin: fix source form's userMatchingMode being swapped
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 18:45:24 +02:00
6af2c6a014 outpost/ldap: fix errors with new UserSelf serializer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 18:20:24 +02:00
6fe5175f21 core: add UserSelfSerializer and separate method for users to update themselves with limited fields
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 17:42:19 +02:00
90775d5122 web/admin: fix email being required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 14:50:32 +02:00
e52390aa28 web: fix alignment issues in application list page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 14:14:39 +02:00
fea493f3a0 web/admin: fix table width for policies for bound stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 13:47:23 +02:00
5803575ee2 web/admin: fix launch button on app list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 13:47:13 +02:00
1a17ce24f9 web: use single delete button with checkbox and icon-based action buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 12:30:43 +02:00
ddd5047cc3 web: better label table actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 10:40:44 +02:00
919946609d web/elements: add separate flag for chips when checkboxes are enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 10:16:13 +02:00
d861a0cec9 web/elements: fix select-all not selecting previously unselected rows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 10:15:03 +02:00
6ea83edd9f web: disable showReportDialog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 09:57:58 +02:00
13a8ad3126 lifecycle: decrease default worker count on compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 09:37:14 +02:00
e83465517b build(deps): bump @babel/plugin-transform-runtime in /web (#1221)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.14.5 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-05 09:30:02 +02:00
bc23197643 build(deps): bump @babel/preset-typescript from 7.14.5 to 7.15.0 in /web (#1223)
Bumps [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) from 7.14.5 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-preset-typescript)

---
updated-dependencies:
- dependency-name: "@babel/preset-typescript"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-05 09:29:46 +02:00
f887c257f8 build(deps): bump boto3 from 1.18.13 to 1.18.14 (#1226) 2021-08-05 08:35:26 +02:00
1d4017d94a build(deps): bump @babel/core from 7.14.8 to 7.15.0 in /web (#1225) 2021-08-05 08:35:17 +02:00
8f9e8bb9dd build(deps): bump actions/setup-node from 2.3.1 to 2.3.2 (#1224) 2021-08-05 08:35:07 +02:00
ded9060af2 build(deps): bump @babel/preset-env from 7.14.9 to 7.15.0 in /web (#1222) 2021-08-05 08:34:45 +02:00
579697b978 build(deps): bump @fortawesome/fontawesome-free in /web (#1220) 2021-08-05 08:34:35 +02:00
200391c533 build(deps): bump actions/setup-node from 2.3.0 to 2.3.1 (#1217) 2021-08-04 08:48:09 +02:00
5384a06cb5 build(deps): bump boto3 from 1.18.12 to 1.18.13 (#1218) 2021-08-04 08:47:59 +02:00
04486d65dc web: fully re-label service connection to integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-04 00:18:15 +02:00
a449f9c69b providers/saml: fix error when PropertyMapping return value isn't string
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 22:40:56 +02:00
36b346662c providers/saml: add WantAssertionsSigned
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 22:40:13 +02:00
9d392931df root: fix lint errors from re-format
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 18:09:16 +02:00
2c60ec50be web: re-format with prettier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 17:52:21 +02:00
77ed25ae34 root: reformat to 100 line width
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-03 17:45:16 +02:00
b87903a209 build(deps): bump @typescript-eslint/parser in /web (#1211)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.28.5 to 4.29.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.29.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-03 09:43:09 +02:00
87a418de25 build(deps): bump @webcomponents/webcomponentsjs in /web (#1212)
Bumps [@webcomponents/webcomponentsjs](https://github.com/webcomponents/polyfills/tree/HEAD/packages/webcomponentsjs) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/webcomponents/polyfills/releases)
- [Changelog](https://github.com/webcomponents/polyfills/blob/master/packages/webcomponentsjs/CHANGELOG.md)
- [Commits](https://github.com/webcomponents/polyfills/commits/@webcomponents/webcomponentsjs@2.6.0/packages/webcomponentsjs)

---
updated-dependencies:
- dependency-name: "@webcomponents/webcomponentsjs"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-03 09:23:25 +02:00
683d10fa70 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1213)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.28.5 to 4.29.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.29.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-03 09:23:14 +02:00
8e84d74634 build(deps): bump boto3 from 1.18.11 to 1.18.12 (#1214)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.11 to 1.18.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.11...1.18.12)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-03 09:23:05 +02:00
d783c632ad build(deps): bump django from 3.2.5 to 3.2.6 (#1215)
Bumps [django](https://github.com/django/django) from 3.2.5 to 3.2.6.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/commits)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-03 09:22:52 +02:00
756f3dbedc web: add centered icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-02 19:43:46 +02:00
eff2e3aeb0 root: fix readme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-02 19:42:58 +02:00
fb3e302f44 root: update readme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-02 12:47:28 +02:00
24d2c94e7c website/docs: fix "new application" typo (#1210) 2021-08-02 08:27:07 +00:00
400adaa282 build(deps): bump @babel/preset-env from 7.14.8 to 7.14.9 in /web (#1207) 2021-08-02 08:38:01 +02:00
6d67ad8451 build(deps): bump eslint from 7.31.0 to 7.32.0 in /web (#1206) 2021-08-02 08:37:50 +02:00
7ad1656369 build(deps): bump @rollup/plugin-typescript from 8.2.4 to 8.2.5 in /web (#1208) 2021-08-02 08:37:41 +02:00
79b1b21931 build(deps): bump boto3 from 1.18.10 to 1.18.11 (#1209) 2021-08-02 08:37:28 +02:00
9c9bcb7a01 Merge branch 'version-2021.7' 2021-08-01 19:23:22 +02:00
75fec19079 website/docs: add note for nginx header size
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 18:22:50 +02:00
a939e224fc stages/email: handle OSError
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 17:53:13 +02:00
1fc2bcf02b flows: fix flows not redirecting correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 17:50:43 +02:00
b7bfb93928 website/docs: update 2021.7.2 changelog again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 15:24:59 +02:00
4e5dba1d0b flows: don't check redirect URL when set from flow plan (set from authentik or policy)
closes #1203

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 15:10:45 +02:00
92a448b677 flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 14:56:48 +02:00
f875149983 providers/saml: fix metadata being inaccessible without authentication
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 14:50:17 +02:00
d70b81fe43 providers/saml: fix Error when getting metadata for invalid ID
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 13:50:54 +02:00
a64dbc94c1 website/docs: update 2021.7.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 13:24:04 +02:00
b58c913618 stages/invitation: delete invite only after full enrollment flow is completed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 13:21:27 +02:00
9665e33156 website/docs: add note for invitation via prompt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 13:07:50 +02:00
96d7a5a27f web/admin: fix empty column when no invitation expiry was set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:44:10 +02:00
05aefefb61 website/docs: add category for old releases
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:43:59 +02:00
f5dc8c045e website/docs: prepare 2021.7.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:37:56 +02:00
1e1f17aceb website/docs: add example Email template
closes #1204

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:32:13 +02:00
35c1476bbe outposts: catch invalid ServiceConnection error in outpost controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:25:11 +02:00
18bb4fd0bf sources/plex: add background task to monitor validity of plex token
closes #1205

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:24:52 +02:00
ac77291b6d web/admin: add re-authenticate button for plex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1205
2021-08-01 11:47:39 +02:00
5571aa32b6 web/admin: add UI to copy invitation link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 11:47:22 +02:00
66c3535bcb outpost: bump timer for periodic config reloads
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 21:57:33 +02:00
293c479364 outposts: ensure embedded outpost is created with integration selected
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 21:09:38 +02:00
f9382b8458 web/admin: fix embedded outpost showing version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 14:59:16 +02:00
c9fe28dad7 website/docs: add usage for invitation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 14:14:10 +02:00
8bb57a1283 web/admin: re-name service connection to integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 13:48:26 +02:00
55a5300bd2 website/docs: add notice for psql password length
closes #1184

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-30 09:52:18 +02:00
8ceef82c55 stages/email: fix error when re-requesting email after token has expired
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-30 09:39:24 +02:00
f933cd99ad events: ensure fallback result is set for on_failure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-30 09:37:53 +02:00
e5b63377a0 build(deps): bump boto3 from 1.18.9 to 1.18.10 (#1202) 2021-07-30 09:07:12 +02:00
6c81a1929d build(deps): bump @rollup/plugin-typescript from 8.2.3 to 8.2.4 in /web (#1201) 2021-07-30 09:07:03 +02:00
e5269306df build(deps): bump rollup from 2.55.0 to 2.55.1 in /web (#1200) 2021-07-30 09:06:53 +02:00
7ac5091e5a events: remove default result for MonitoredTasks, only save when result was set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 22:42:56 +02:00
bc9ff792a8 outposts: manage config for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 22:29:38 +02:00
8495ff9fc0 providers/oauth2: fix error when requesting jwks keys with no rs256 aet
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 21:22:31 +02:00
309cd90c43 ci: fix sentry sourcemap path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 21:06:40 +02:00
acbc0ee5cc Revert "tests: re-add firefox e2e tests"
This reverts commit a60f6e426f.
2021-07-29 19:45:12 +02:00
a60f6e426f tests: re-add firefox e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 18:52:59 +02:00
6fd86aa357 e2e: fix broken selenium by locking images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 18:49:08 +02:00
f1e32b989d Revert "tests: add firefox e2e tests"
This reverts commit 5693a794b4.
2021-07-29 18:02:46 +02:00
6aebbec270 Revert "tests/e2e: remove chrome requirement"
This reverts commit b86fd7b716.
2021-07-29 18:02:42 +02:00
b86fd7b716 tests/e2e: remove chrome requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 15:24:54 +02:00
5693a794b4 tests: add firefox e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 15:07:13 +02:00
f01bc20d44 Embedded outpost (#1193)
* api: allow API requests as managed outpost's account when using secret_key

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load secret key from env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: make listener IP configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: run outpost in background and pass requests conditionally

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: unify branding to embedded

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix embedded outpost not being editable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix mismatched host detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix LDAP test not including user for embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix user matching

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add tests for secret_key auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load environment variables using github.com/Netflix/go-env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 11:30:30 +02:00
1b03aae7aa build(deps): bump @docusaurus/preset-classic in /website (#1196)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-beta.3 to 2.0.0-beta.4.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.4/packages/docusaurus-preset-classic)

---
updated-dependencies:
- dependency-name: "@docusaurus/preset-classic"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:28:59 +02:00
7eb97cd2bc build(deps): bump twisted from 20.3.0 to 21.7.0 (#1198)
Bumps [twisted](https://github.com/twisted/twisted) from 20.3.0 to 21.7.0.
- [Release notes](https://github.com/twisted/twisted/releases)
- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
- [Commits](https://github.com/twisted/twisted/compare/twisted-20.3.0...twisted-21.7.0)

---
updated-dependencies:
- dependency-name: twisted
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:22:44 +02:00
8aaec3b149 build(deps): bump boto3 from 1.18.8 to 1.18.9 (#1199)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.8 to 1.18.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.18.8...1.18.9)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:22:31 +02:00
4c9b49e7a6 build(deps-dev): bump pylint from 2.9.5 to 2.9.6 (#1197)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.9.5 to 2.9.6.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.9.5...v2.9.6)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:22:23 +02:00
903d1ecc6e build(deps): bump @docusaurus/plugin-client-redirects in /website (#1195)
Bumps [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects) from 2.0.0-beta.3 to 2.0.0-beta.4.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.4/packages/docusaurus-plugin-client-redirects)

---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:22:08 +02:00
f2197d63f1 build(deps): bump rollup from 2.54.0 to 2.55.0 in /web (#1194)
Bumps [rollup](https://github.com/rollup/rollup) from 2.54.0 to 2.55.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.54.0...v2.55.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 09:21:53 +02:00
9c0f7e0018 web/admin: fix LDAP Provider bind flow list being empty
closes #1192

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-28 21:01:10 +02:00
75ff2480e2 providers/proxy: fix hosts for ingress not being compared correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-28 16:08:06 +02:00
bc7f84fff4 sources/ldap: improve ms-ad password complexity checking
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-28 12:47:52 +02:00
1b638adf89 web/admin: fully remove response cloning due to errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-28 12:26:50 +02:00
7eebc40e00 ci: add codeql 2021-07-28 09:58:13 +02:00
33ddccf066 build(deps): bump boto3 from 1.18.7 to 1.18.8 (#1190) 2021-07-28 09:22:36 +02:00
efc8452e72 build(deps): bump sentry-sdk from 1.3.0 to 1.3.1 (#1191) 2021-07-28 09:22:26 +02:00
1518 changed files with 183083 additions and 52153 deletions

View File

@ -1,36 +1,20 @@
[bumpversion]
current_version = 2021.7.3
current_version = 2022.8.1
tag = True
commit = True
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-?(?P<release>.*)
serialize =
{major}.{minor}.{patch}-{release}
{major}.{minor}.{patch}
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)
serialize = {major}.{minor}.{patch}
message = release: {new_version}
tag_name = version/{new_version}
[bumpversion:part:release]
optional_value = stable
first_value = beta
values =
alpha
beta
stable
[bumpversion:file:website/docs/installation/docker-compose.md]
[bumpversion:file:pyproject.toml]
[bumpversion:file:docker-compose.yml]
[bumpversion:file:schema.yml]
[bumpversion:file:.github/workflows/release.yml]
[bumpversion:file:authentik/__init__.py]
[bumpversion:file:internal/constants/constants.go]
[bumpversion:file:web/src/constants.ts]
[bumpversion:file:website/docs/outposts/manual-deploy-docker-compose.md]
[bumpversion:file:website/docs/outposts/manual-deploy-kubernetes.md]

View File

@ -27,7 +27,7 @@ If applicable, add screenshots to help explain your problem.
Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
- authentik version: [e.g. 0.10.0-stable]
- authentik version: [e.g. 2021.8.5]
- Deployment: [e.g. docker-compose, helm]
**Additional context**

View File

@ -20,7 +20,7 @@ If applicable, add screenshots to help explain your problem.
Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
- authentik version: [e.g. 0.10.0-stable]
- authentik version: [e.g. 2021.8.5]
- Deployment: [e.g. docker-compose, helm]
**Additional context**

View File

@ -0,0 +1,92 @@
name: 'Comment usage instructions on PRs'
description: 'Comment usage instructions on PRs'
inputs:
tag:
description: "Image tag to pull"
required: true
runs:
using: "composite"
steps:
- name: Generate config
id: ev
shell: python
run: |
"""Helper script to get the actual branch name, docker safe"""
import os
from time import time
env_pr_branch = "GITHUB_HEAD_REF"
default_branch = "GITHUB_REF"
sha = "GITHUB_SHA"
branch_name = os.environ[default_branch]
if os.environ.get(env_pr_branch, "") != "":
branch_name = os.environ[env_pr_branch]
should_build = str(os.environ.get("DOCKER_USERNAME", "") != "").lower()
print("##[set-output name=branchName]%s" % branch_name)
print(
"##[set-output name=branchNameContainer]%s"
% branch_name.replace("refs/heads/", "").replace("/", "-")
)
print("##[set-output name=timestamp]%s" % int(time()))
print("##[set-output name=sha]%s" % os.environ[sha])
print("##[set-output name=shouldBuild]%s" % should_build)
import configparser
parser = configparser.ConfigParser()
parser.read(".bumpversion.cfg")
version = parser.get("bumpversion", "current_version")
version_family = ".".join(version.split(".")[:-1])
print("##[set-output name=version]%s" % version)
print("##[set-output name=versionFamily]%s" % version_family)
- name: Find Comment
uses: peter-evans/find-comment@v2
id: fc
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: authentik PR Installation instructions
- name: Create or update comment
uses: peter-evans/create-or-update-comment@v2
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
authentik PR Installation instructions
<details>
<summary>Instructions for docker-compose</summary>
Add the following block to your `.env` file:
```shell
AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=${{ inputs.tag }}
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
```
Afterwards, run the upgrade commands from the latest release notes.
</details>
<details>
<summary>Instructions for Kubernetes</summary>
Add the following block to your `values.yml` file:
```yaml
authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: ${{ inputs.tag }}
# pullPolicy: Always to ensure you always get the latest version
pullPolicy: Always
```
Afterwards, run the upgrade commands from the latest release notes.
</details>
edit-mode: replace

View File

@ -0,0 +1,63 @@
name: 'Prepare docker environment variables'
description: 'Prepare docker environment variables'
outputs:
shouldBuild:
description: "Whether to build image or not"
value: ${{ steps.ev.outputs.shouldBuild }}
branchName:
description: "Branch name"
value: ${{ steps.ev.outputs.branchName }}
branchNameContainer:
description: "Branch name (for containers)"
value: ${{ steps.ev.outputs.branchNameContainer }}
timestamp:
description: "Timestamp"
value: ${{ steps.ev.outputs.timestamp }}
sha:
description: "sha"
value: ${{ steps.ev.outputs.sha }}
version:
description: "version"
value: ${{ steps.ev.outputs.version }}
versionFamily:
description: "versionFamily"
value: ${{ steps.ev.outputs.versionFamily }}
runs:
using: "composite"
steps:
- name: Generate config
id: ev
shell: python
run: |
"""Helper script to get the actual branch name, docker safe"""
import os
from time import time
env_pr_branch = "GITHUB_HEAD_REF"
default_branch = "GITHUB_REF"
sha = "GITHUB_SHA"
branch_name = os.environ[default_branch]
if os.environ.get(env_pr_branch, "") != "":
branch_name = os.environ[env_pr_branch]
should_build = str(os.environ.get("DOCKER_USERNAME", "") != "").lower()
print("##[set-output name=branchName]%s" % branch_name)
print(
"##[set-output name=branchNameContainer]%s"
% branch_name.replace("refs/heads/", "").replace("/", "-")
)
print("##[set-output name=timestamp]%s" % int(time()))
print("##[set-output name=sha]%s" % os.environ[sha])
print("##[set-output name=shouldBuild]%s" % should_build)
import configparser
parser = configparser.ConfigParser()
parser.read(".bumpversion.cfg")
version = parser.get("bumpversion", "current_version")
version_family = ".".join(version.split(".")[:-1])
print("##[set-output name=version]%s" % version)
print("##[set-output name=versionFamily]%s" % version_family)

45
.github/actions/setup/action.yml vendored Normal file
View File

@ -0,0 +1,45 @@
name: 'Setup authentik testing environemnt'
description: 'Setup authentik testing environemnt'
runs:
using: "composite"
steps:
- name: Install poetry
shell: bash
run: |
pipx install poetry || true
sudo apt update
sudo apt install -y libxmlsec1-dev pkg-config gettext
- name: Setup python and restore poetry
uses: actions/setup-python@v3
with:
python-version: '3.10'
cache: 'poetry'
- name: Setup node
uses: actions/setup-node@v3.1.0
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Setup dependencies
shell: bash
run: |
docker-compose -f .github/actions/setup/docker-compose.yml up -d
poetry env use python3.10
poetry install
npm install -g pyright@1.1.136
- name: Generate config
shell: poetry run python {0}
run: |
from authentik.lib.generators import generate_id
from yaml import safe_dump
with open("local.env.yml", "w") as _config:
safe_dump(
{
"log_level": "debug",
"secret_key": generate_id(),
},
_config,
default_flow_style=False,
)

View File

@ -3,7 +3,7 @@ version: '3.7'
services:
postgresql:
container_name: postgres
image: library/postgres:11
image: library/postgres:12
volumes:
- db-data:/var/lib/postgresql/data
environment:

3
.github/codespell-words.txt vendored Normal file
View File

@ -0,0 +1,3 @@
keypair
keypairs
hass

View File

@ -6,45 +6,57 @@ updates:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
reviewers:
- "@goauthentik/core"
commit-message:
prefix: "ci:"
- package-ecosystem: gomod
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
reviewers:
- "@goauthentik/core"
commit-message:
prefix: "core:"
- package-ecosystem: npm
directory: "/web"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
reviewers:
- "@goauthentik/core"
commit-message:
prefix: "web:"
- package-ecosystem: npm
directory: "/website"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
reviewers:
- "@goauthentik/core"
commit-message:
prefix: "website:"
- package-ecosystem: pip
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
reviewers:
- "@goauthentik/core"
commit-message:
prefix: "core:"
- package-ecosystem: docker
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
reviewers:
- "@goauthentik/core"
commit-message:
prefix: "core:"

View File

@ -1,7 +1,7 @@
<!--
👋 Hello there! Welcome.
Please check the [Contributing guidelines](https://github.com/goauthentik/authentik/blob/master/CONTRIBUTING.md#how-can-i-contribute).
Please check the [Contributing guidelines](https://github.com/goauthentik/authentik/blob/main/CONTRIBUTING.md#how-can-i-contribute).
-->
# Details

4
.github/stale.yml vendored
View File

@ -7,6 +7,10 @@ exemptLabels:
- pinned
- security
- pr_wanted
- enhancement
- bug/confirmed
- enhancement/confirmed
- question
# Comment to post when marking an issue as stale. Set to `false` to disable
markComment: >
This issue has been automatically marked as stale because it has not had

243
.github/workflows/ci-main.yml vendored Normal file
View File

@ -0,0 +1,243 @@
name: authentik-ci-main
on:
push:
branches:
- main
- next
- version-*
paths-ignore:
- website
pull_request:
branches:
- main
env:
POSTGRES_DB: authentik
POSTGRES_USER: authentik
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
jobs:
lint:
strategy:
fail-fast: false
matrix:
job:
- pylint
- black
- isort
- bandit
- pyright
- pending-migrations
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- name: run job
run: poetry run make ci-${{ matrix.job }}
test-migrations:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- name: run migrations
run: poetry run python -m lifecycle.migrate
test-migrations-from-stable:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup authentik env
uses: ./.github/actions/setup
- name: checkout stable
run: |
# Copy current, latest config to local
cp authentik/lib/default.yml local.env.yml
cp -R .github ..
cp -R scripts ..
git checkout $(git describe --abbrev=0 --match 'version/*')
rm -rf .github/ scripts/
mv ../.github ../scripts .
- name: Setup authentik env (ensure stable deps are installed)
uses: ./.github/actions/setup
- name: run migrations to stable
run: poetry run python -m lifecycle.migrate
- name: checkout current code
run: |
set -x
git fetch
git reset --hard HEAD
git clean -d -fx .
git checkout $GITHUB_SHA
poetry install
- name: Setup authentik env (ensure latest deps are installed)
uses: ./.github/actions/setup
- name: migrate to latest
run: poetry run python -m lifecycle.migrate
test-unittest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- uses: testspace-com/setup-testspace@v1
with:
domain: ${{github.repository_owner}}
- name: run unittest
run: |
poetry run make test
poetry run coverage xml
- name: run testspace
if: ${{ always() }}
run: |
testspace [unittest]unittest.xml --link=codecov
- if: ${{ always() }}
uses: codecov/codecov-action@v3
test-integration:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- uses: testspace-com/setup-testspace@v1
with:
domain: ${{github.repository_owner}}
- name: Create k8s Kind Cluster
uses: helm/kind-action@v1.3.0
- name: run integration
run: |
poetry run make test-integration
poetry run coverage xml
- name: run testspace
if: ${{ always() }}
run: |
testspace [integration]unittest.xml --link=codecov
- if: ${{ always() }}
uses: codecov/codecov-action@v3
test-e2e-provider:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- uses: testspace-com/setup-testspace@v1
with:
domain: ${{github.repository_owner}}
- name: Setup authentik env
run: |
docker-compose -f tests/e2e/docker-compose.yml up -d
- id: cache-web
uses: actions/cache@v3
with:
path: web/dist
key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**') }}
- name: prepare web ui
if: steps.cache-web.outputs.cache-hit != 'true'
working-directory: web
run: |
npm ci
make -C .. gen-client-web
npm run build
- name: run e2e
run: |
poetry run make test-e2e-provider
poetry run coverage xml
- name: run testspace
if: ${{ always() }}
run: |
testspace [e2e-provider]unittest.xml --link=codecov
- if: ${{ always() }}
uses: codecov/codecov-action@v3
test-e2e-rest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- uses: testspace-com/setup-testspace@v1
with:
domain: ${{github.repository_owner}}
- name: Setup authentik env
run: |
docker-compose -f tests/e2e/docker-compose.yml up -d
- id: cache-web
uses: actions/cache@v3
with:
path: web/dist
key: ${{ runner.os }}-web-${{ hashFiles('web/package-lock.json', 'web/src/**') }}
- name: prepare web ui
if: steps.cache-web.outputs.cache-hit != 'true'
working-directory: web/
run: |
npm ci
make -C .. gen-client-web
npm run build
- name: run e2e
run: |
poetry run make test-e2e-rest
poetry run coverage xml
- name: run testspace
if: ${{ always() }}
run: |
testspace [e2e-rest]unittest.xml --link=codecov
- if: ${{ always() }}
uses: codecov/codecov-action@v3
ci-core-mark:
needs:
- lint
- test-migrations
- test-migrations-from-stable
- test-unittest
- test-integration
- test-e2e-rest
- test-e2e-provider
runs-on: ubuntu-latest
steps:
- run: echo mark
build:
needs: ci-core-mark
runs-on: ubuntu-latest
timeout-minutes: 120
strategy:
fail-fast: false
matrix:
arch:
- 'linux/amd64'
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
- name: Login to Container Registry
uses: docker/login-action@v2
if: ${{ steps.ev.outputs.shouldBuild == 'true' }}
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v3
with:
push: ${{ steps.ev.outputs.shouldBuild == 'true' }}
tags: |
ghcr.io/goauthentik/dev-server:gh-${{ steps.ev.outputs.branchNameContainer }}
ghcr.io/goauthentik/dev-server:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.sha }}
build-args: |
GIT_BUILD_HASH=${{ steps.ev.outputs.sha }}
VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }}
platforms: ${{ matrix.arch }}
- name: Comment on PR
if: github.event_name == 'pull_request'
continue-on-error: true
uses: ./.github/actions/comment-pr-instructions
with:
tag: gh-${{ steps.ev.outputs.branchNameContainer }}

135
.github/workflows/ci-outpost.yml vendored Normal file
View File

@ -0,0 +1,135 @@
name: authentik-ci-outpost
on:
push:
branches:
- main
- next
- version-*
pull_request:
branches:
- main
jobs:
lint-golint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: "^1.17"
- name: Prepare and generate API
run: |
# Create folder structure for go embeds
mkdir -p web/dist
mkdir -p website/help
touch web/dist/test website/help/test
- name: Generate API
run: make gen-client-go
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
test-unittest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: "^1.17"
- name: Generate API
run: make gen-client-go
- name: Go unittests
run: |
go test -timeout 0 -v -race -coverprofile=coverage.out -covermode=atomic -cover ./...
ci-outpost-mark:
needs:
- lint-golint
- test-unittest
runs-on: ubuntu-latest
steps:
- run: echo mark
build:
timeout-minutes: 120
needs:
- ci-outpost-mark
strategy:
fail-fast: false
matrix:
type:
- proxy
- ldap
arch:
- 'linux/amd64'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
- name: Login to Container Registry
uses: docker/login-action@v2
if: ${{ steps.ev.outputs.shouldBuild == 'true' }}
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate API
run: make gen-client-go
- name: Building Docker Image
uses: docker/build-push-action@v3
with:
push: ${{ steps.ev.outputs.shouldBuild == 'true' }}
tags: |
ghcr.io/goauthentik/dev-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchNameContainer }}
ghcr.io/goauthentik/dev-${{ matrix.type }}:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}
ghcr.io/goauthentik/dev-${{ matrix.type }}:gh-${{ steps.ev.outputs.sha }}
file: ${{ matrix.type }}.Dockerfile
build-args: |
GIT_BUILD_HASH=${{ steps.ev.outputs.sha }}
VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }}
platforms: ${{ matrix.arch }}
build-outpost-binary:
timeout-minutes: 120
needs:
- ci-outpost-mark
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type:
- proxy
- ldap
goos: [linux]
goarch: [amd64, arm64]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: "^1.17"
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Generate API
run: make gen-client-go
- name: Build web
working-directory: web/
run: |
npm ci
npm run build-proxy
- name: Build outpost
run: |
set -x
export GOOS=${{ matrix.goos }}
export GOARCH=${{ matrix.goarch }}
go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }}
- uses: actions/upload-artifact@v3
with:
name: authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
path: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}

92
.github/workflows/ci-web.yml vendored Normal file
View File

@ -0,0 +1,92 @@
name: authentik-ci-web
on:
push:
branches:
- main
- next
- version-*
pull_request:
branches:
- main
jobs:
lint-eslint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- working-directory: web/
run: npm ci
- name: Generate API
run: make gen-client-web
- name: Eslint
working-directory: web/
run: npm run lint
lint-prettier:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- working-directory: web/
run: npm ci
- name: Generate API
run: make gen-client-web
- name: prettier
working-directory: web/
run: npm run prettier-check
lint-lit-analyse:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- working-directory: web/
run: |
npm ci
# lit-analyse doesn't understand path rewrites, so make it
# belive it's an actual module
cd node_modules/@goauthentik
ln -s ../../src/ web
- name: Generate API
run: make gen-client-web
- name: lit-analyse
working-directory: web/
run: npm run lit-analyse
ci-web-mark:
needs:
- lint-eslint
- lint-prettier
- lint-lit-analyse
runs-on: ubuntu-latest
steps:
- run: echo mark
build:
needs:
- ci-web-mark
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- working-directory: web/
run: npm ci
- name: Generate API
run: make gen-client-web
- name: build
working-directory: web/
run: npm run build

33
.github/workflows/ci-website.yml vendored Normal file
View File

@ -0,0 +1,33 @@
name: authentik-ci-website
on:
push:
branches:
- main
- next
- version-*
pull_request:
branches:
- main
jobs:
lint-prettier:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: website/package-lock.json
- working-directory: website/
run: npm ci
- name: prettier
working-directory: website/
run: npm run prettier-check
ci-website-mark:
needs:
- lint-prettier
runs-on: ubuntu-latest
steps:
- run: echo mark

60
.github/workflows/codeql-analysis.yml vendored Normal file
View File

@ -0,0 +1,60 @@
name: "CodeQL"
on:
push:
branches: [ main, '*', next, version* ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
schedule:
- cron: '30 6 * * 5'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'go', 'javascript', 'python' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
# Learn more:
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2

22
.github/workflows/ghcr-retention.yml vendored Normal file
View File

@ -0,0 +1,22 @@
name: ghcr-retention
on:
schedule:
- cron: '0 0 * * *' # every day at midnight
workflow_dispatch:
jobs:
clean-ghcr:
name: Delete old unused container images
runs-on: ubuntu-latest
steps:
- name: Delete 'dev' containers older than a week
uses: sondrelg/container-retention-policy@v1
with:
image-names: dev-server,dev-ldap,dev-proxy
cut-off: One week ago UTC
account-type: org
org-name: goauthentik
untagged-only: false
token: ${{ secrets.GHCR_CLEANUP_TOKEN }}
skip-tags: gh-next,gh-main

170
.github/workflows/release-publish.yml vendored Normal file
View File

@ -0,0 +1,170 @@
name: authentik-on-release
on:
release:
types: [published, created]
jobs:
build-server:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
- name: Docker Login Registry
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v3
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik:${{ steps.ev.outputs.version }},
beryju/authentik:${{ steps.ev.outputs.versionFamily }},
beryju/authentik:latest,
ghcr.io/goauthentik/server:${{ steps.ev.outputs.version }},
ghcr.io/goauthentik/server:${{ steps.ev.outputs.versionFamily }},
ghcr.io/goauthentik/server:latest
platforms: linux/amd64,linux/arm64
context: .
build-outpost:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type:
- proxy
- ldap
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: "^1.17"
- name: Set up QEMU
uses: docker/setup-qemu-action@v2.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
- name: Docker Login Registry
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v3
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-${{ matrix.type }}:${{ steps.ev.outputs.version }},
beryju/authentik-${{ matrix.type }}:${{ steps.ev.outputs.versionFamily }},
beryju/authentik-${{ matrix.type }}:latest,
ghcr.io/goauthentik/${{ matrix.type }}:${{ steps.ev.outputs.version }},
ghcr.io/goauthentik/${{ matrix.type }}:${{ steps.ev.outputs.versionFamily }},
ghcr.io/goauthentik/${{ matrix.type }}:latest
file: ${{ matrix.type }}.Dockerfile
platforms: linux/amd64,linux/arm64
build-outpost-binary:
timeout-minutes: 120
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
type:
- proxy
- ldap
goos: [linux, darwin]
goarch: [amd64, arm64]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: "^1.17"
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Build web
working-directory: web/
run: |
npm ci
npm run build-proxy
- name: Build outpost
run: |
set -x
export GOOS=${{ matrix.goos }}
export GOARCH=${{ matrix.goarch }}
go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }}
- name: Upload binaries to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
asset_name: authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
tag: ${{ github.ref }}
test-release:
needs:
- build-server
- build-outpost
- build-outpost-binary
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run test suite in final docker images
run: |
echo "PG_PASS=$(openssl rand -base64 32)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 32)" >> .env
docker-compose pull -q
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root server test
sentry-release:
needs:
- build-server
- build-outpost
- build-outpost-binary
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: prepare variables
uses: ./.github/actions/docker-push-variables
id: ev
- name: Get static files from docker image
run: |
docker pull ghcr.io/goauthentik/server:latest
container=$(docker container create ghcr.io/goauthentik/server:latest)
docker cp ${container}:web/ .
- name: Create a Sentry.io release
uses: getsentry/action-release@v1
if: ${{ github.event_name == 'release' }}
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: beryjuorg
SENTRY_PROJECT: authentik
SENTRY_URL: https://sentry.beryju.org
with:
version: authentik@${{ steps.ev.outputs.version }}
environment: beryjuorg-prod
sourcemaps: './web/dist'
url_prefix: '~/static/dist'

View File

@ -10,24 +10,21 @@ jobs:
name: Create Release from Tag
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
- name: Pre-release test
run: |
sudo apt-get install -y pwgen
echo "PG_PASS=$(openssl rand -base64 32)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 32)" >> .env
docker buildx install
docker build -t testing:latest .
echo "AUTHENTIK_IMAGE=testing" >> .env
echo "AUTHENTIK_TAG=latest" >> .env
echo "PG_PASS=$(pwgen 40 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
docker-compose pull -q
docker build \
--no-cache \
-t ghcr.io/goauthentik/server:latest \
-f Dockerfile .
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root server test
docker-compose run -u root server test-all
- name: Extract version number
id: get_version
uses: actions/github-script@v4.0.2
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |

View File

@ -1,182 +0,0 @@
name: authentik-on-release
on:
release:
types: [published, created]
push:
branches:
- version-*
jobs:
# Build
build-server:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik:2021.7.3,
beryju/authentik:latest,
ghcr.io/goauthentik/server:2021.7.3,
ghcr.io/goauthentik/server:latest
platforms: linux/amd64,linux/arm64
context: .
- name: Building Docker Image (stable)
if: ${{ github.event_name == 'release' && !contains('2021.7.3', 'rc') }}
run: |
docker pull beryju/authentik:latest
docker tag beryju/authentik:latest beryju/authentik:stable
docker push beryju/authentik:stable
docker pull ghcr.io/goauthentik/server:latest
docker tag ghcr.io/goauthentik/server:latest ghcr.io/goauthentik/server:stable
docker push ghcr.io/goauthentik/server:stable
build-proxy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.15"
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-proxy:2021.7.3,
beryju/authentik-proxy:latest,
ghcr.io/goauthentik/proxy:2021.7.3,
ghcr.io/goauthentik/proxy:latest
file: proxy.Dockerfile
platforms: linux/amd64,linux/arm64
- name: Building Docker Image (stable)
if: ${{ github.event_name == 'release' && !contains('2021.7.3', 'rc') }}
run: |
docker pull beryju/authentik-proxy:latest
docker tag beryju/authentik-proxy:latest beryju/authentik-proxy:stable
docker push beryju/authentik-proxy:stable
docker pull ghcr.io/goauthentik/proxy:latest
docker tag ghcr.io/goauthentik/proxy:latest ghcr.io/goauthentik/proxy:stable
docker push ghcr.io/goauthentik/proxy:stable
build-ldap:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.15"
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-ldap:2021.7.3,
beryju/authentik-ldap:latest,
ghcr.io/goauthentik/ldap:2021.7.3,
ghcr.io/goauthentik/ldap:latest
file: ldap.Dockerfile
platforms: linux/amd64,linux/arm64
- name: Building Docker Image (stable)
if: ${{ github.event_name == 'release' && !contains('2021.7.3', 'rc') }}
run: |
docker pull beryju/authentik-ldap:latest
docker tag beryju/authentik-ldap:latest beryju/authentik-ldap:stable
docker push beryju/authentik-ldap:stable
docker pull ghcr.io/goauthentik/ldap:latest
docker tag ghcr.io/goauthentik/ldap:latest ghcr.io/goauthentik/ldap:stable
docker push ghcr.io/goauthentik/ldap:stable
test-release:
needs:
- build-server
- build-proxy
- build-ldap
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run test suite in final docker images
run: |
sudo apt-get install -y pwgen
echo "PG_PASS=$(pwgen 40 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
docker-compose pull -q
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root server test
sentry-release:
if: ${{ github.event_name == 'release' }}
needs:
- test-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Node.js environment
uses: actions/setup-node@v2.3.0
with:
node-version: 12.x
- name: Build web api client and web ui
run: |
export NODE_ENV=production
make gen-web
cd web
npm i
npm run build
- name: Create a Sentry.io release
uses: getsentry/action-release@v1
if: ${{ github.event_name == 'release' }}
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: beryjuorg
SENTRY_PROJECT: authentik
SENTRY_URL: https://sentry.beryju.org
with:
version: authentik@2021.7.3
environment: beryjuorg-prod
sourcemaps: './web/dist'
url_prefix: '~/static/dist'

View File

@ -0,0 +1,36 @@
name: authentik-backend-translate-compile
on:
push:
branches: [ main ]
paths:
- '/locale/'
pull_request:
paths:
- '/locale/'
workflow_dispatch:
env:
POSTGRES_DB: authentik
POSTGRES_USER: authentik
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
jobs:
compile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup authentik env
uses: ./.github/actions/setup
- name: run compile
run: poetry run ./manage.py compilemessages
- name: Create Pull Request
uses: peter-evans/create-pull-request@v4
id: cpr
with:
token: ${{ secrets.GITHUB_TOKEN }}
branch: compile-backend-translation
commit-message: "core: compile backend translations"
title: "core: compile backend translations"
body: "core: compile backend translations"
delete-branch: true
signoff: true

42
.github/workflows/web-api-publish.yml vendored Normal file
View File

@ -0,0 +1,42 @@
name: authentik-web-api-publish
on:
push:
branches: [ main ]
paths:
- 'schema.yml'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Setup .npmrc file to publish to npm
- uses: actions/setup-node@v3.4.1
with:
node-version: '16'
registry-url: 'https://registry.npmjs.org'
- name: Generate API Client
run: make gen-client-web
- name: Publish package
working-directory: gen-ts-api/
run: |
npm ci
npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
- name: Upgrade /web
working-directory: web/
run: |
export VERSION=`node -e 'console.log(require("../gen-ts-api/package.json").version)'`
npm i @goauthentik/api@$VERSION
- name: Create Pull Request
uses: peter-evans/create-pull-request@v4
id: cpr
with:
token: ${{ secrets.GITHUB_TOKEN }}
branch: update-web-api-client
commit-message: "web: bump API Client version"
title: "web: bump API Client version"
body: "web: bump API Client version"
delete-branch: true
signoff: true

7
.gitignore vendored
View File

@ -66,7 +66,9 @@ coverage.xml
unittest.xml
# Translations
*.mo
# Have to include binary mo files as they are annoying to compile at build time
# since a full postgres and redis instance are required
# *.mo
# Django stuff:
@ -191,7 +193,6 @@ pip-selfcheck.json
# End of https://www.gitignore.io/api/python,django
/static/
local.env.yml
.vscode/
# Selenium Screenshots
selenium_screenshots/
@ -200,4 +201,4 @@ media/
*mmdb
.idea/
/api/
/gen-*/

34
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,34 @@
{
"cSpell.words": [
"akadmin",
"asgi",
"authentik",
"authn",
"goauthentik",
"jwks",
"oidc",
"openid",
"plex",
"saml",
"totp",
"webauthn",
"traefik",
"passwordless",
"kubernetes"
],
"python.linting.pylintEnabled": true,
"todo-tree.tree.showCountsInTree": true,
"todo-tree.tree.showBadges": true,
"python.formatting.provider": "black",
"yaml.customTags": [
"!Find sequence",
"!KeyOf scalar"
],
"typescript.preferences.importModuleSpecifier": "non-relative",
"typescript.preferences.importModuleSpecifierEnding": "index",
"typescript.tsdk": "./web/node_modules/typescript/lib",
"typescript.enablePromptUseWorkspaceTsdk": true,
"yaml.schemas": {
"./blueprints/schema.json": "blueprints/**/*.yaml"
}
}

86
.vscode/tasks.json vendored Normal file
View File

@ -0,0 +1,86 @@
{
"version": "2.0.0",
"tasks": [
{
"label": "authentik[core]: format & test",
"command": "poetry",
"args": [
"run",
"make"
],
"group": "build",
},
{
"label": "authentik[core]: run",
"command": "poetry",
"args": [
"run",
"make",
"run",
],
"group": "build",
"presentation": {
"panel": "dedicated",
"group": "running"
},
},
{
"label": "authentik[web]: format",
"command": "make",
"args": ["web"],
"group": "build",
},
{
"label": "authentik[web]: watch",
"command": "make",
"args": ["web-watch"],
"group": "build",
"presentation": {
"panel": "dedicated",
"group": "running"
},
},
{
"label": "authentik: install",
"command": "make",
"args": ["install"],
"group": "build",
},
{
"label": "authentik: i18n-extract",
"command": "poetry",
"args": [
"run",
"make",
"i18n-extract"
],
"group": "build",
},
{
"label": "authentik[website]: format",
"command": "make",
"args": ["website"],
"group": "build",
},
{
"label": "authentik[website]: watch",
"command": "make",
"args": ["website-watch"],
"group": "build",
"presentation": {
"panel": "dedicated",
"group": "running"
},
},
{
"label": "authentik[api]: generate",
"command": "poetry",
"args": [
"run",
"make",
"gen"
],
"group": "build"
},
]
}

View File

@ -60,7 +60,7 @@ representative at an online or offline event.
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported to the community leaders responsible for enforcement at
hello@beryju.org.
hello@goauthentik.io.
All complaints will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and security of the

View File

@ -11,8 +11,8 @@ The following is a set of guidelines for contributing to authentik and its compo
[I don't want to read this whole thing, I just have a question!!!](#i-dont-want-to-read-this-whole-thing-i-just-have-a-question)
[What should I know before I get started?](#what-should-i-know-before-i-get-started)
* [Atom and Packages](#atom-and-packages)
* [Atom Design Decisions](#design-decisions)
* [The components](#the-components)
* [authentik's structure](#authentiks-structure)
[How Can I Contribute?](#how-can-i-contribute)
* [Reporting Bugs](#reporting-bugs)
@ -22,21 +22,16 @@ The following is a set of guidelines for contributing to authentik and its compo
[Styleguides](#styleguides)
* [Git Commit Messages](#git-commit-messages)
* [JavaScript Styleguide](#javascript-styleguide)
* [CoffeeScript Styleguide](#coffeescript-styleguide)
* [Specs Styleguide](#specs-styleguide)
* [Python Styleguide](#python-styleguide)
* [Documentation Styleguide](#documentation-styleguide)
[Additional Notes](#additional-notes)
* [Issue and Pull Request Labels](#issue-and-pull-request-labels)
## Code of Conduct
Basically, don't be a dickhead. This is an open-source non-profit project, that is made in the free time of Volunteers. If there's something you dislike or think can be done better, tell us! We'd love to hear any suggestions for improvement.
## I don't want to read this whole thing I just have a question!!!
Either [create a question on GitHub](https://github.com/goauthentik/authentik/issues/new?assignees=&labels=question&template=question.md&title=) or join [the Discord server](https://discord.gg/jg33eMhnj6)
Either [create a question on GitHub](https://github.com/goauthentik/authentik/issues/new?assignees=&labels=question&template=question.md&title=) or join [the Discord server](https://goauthentik.io/discord)
## What should I know before I get started?
@ -122,7 +117,7 @@ This section guides you through submitting a bug report for authentik. Following
Whenever authentik encounters an error, it will be logged as an Event with the type `system_exception`. This event type has a button to directly open a pre-filled GitHub issue form.
This form will have the full stack trace of the error that ocurred and shouldn't contain any sensitive data.
This form will have the full stack trace of the error that occurred and shouldn't contain any sensitive data.
### Suggesting Enhancements
@ -136,7 +131,7 @@ When you are creating an enhancement suggestion, please fill in [the template](h
authentik can be run locally, all though depending on which part you want to work on, different pre-requisites are required.
This is documented in the [developer docs](https://goauthentik.io/developer-docs/)
This is documented in the [developer docs](https://goauthentik.io/developer-docs/?utm_source=github)
### Pull Requests

View File

@ -1,113 +1,100 @@
# Stage 1: Lock python dependencies
FROM python:3.9-slim-buster as locker
# Stage 1: Build website
FROM --platform=${BUILDPLATFORM} docker.io/node:18 as website-builder
COPY ./Pipfile /app/
COPY ./Pipfile.lock /app/
WORKDIR /app/
RUN pip install pipenv && \
pipenv lock -r > requirements.txt && \
pipenv lock -r --dev-only > requirements-dev.txt
# Stage 2: Build website
FROM node as website-builder
COPY ./website /static/
COPY ./website /work/website/
COPY ./blueprints /work/blueprints/
ENV NODE_ENV=production
RUN cd /static && npm i && npm run build-docs-only
WORKDIR /work/website
RUN npm ci && npm run build-docs-only
# Stage 3: Build web API
FROM openapitools/openapi-generator-cli as web-api-builder
# Stage 2: Build webui
FROM --platform=${BUILDPLATFORM} docker.io/node:18 as web-builder
COPY ./schema.yml /local/schema.yml
RUN docker-entrypoint.sh generate \
-i /local/schema.yml \
-g typescript-fetch \
-o /local/web/api \
--additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
# Stage 3: Generate API Client
FROM openapitools/openapi-generator-cli as go-api-builder
COPY ./schema.yml /local/schema.yml
RUN docker-entrypoint.sh generate \
--git-host goauthentik.io \
--git-repo-id outpost \
--git-user-id api \
-i /local/schema.yml \
-g go \
-o /local/api \
--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true && \
rm -f /local/api/go.mod /local/api/go.sum
# Stage 4: Build webui
FROM node as web-builder
COPY ./web /static/
COPY --from=web-api-builder /local/web/api /static/api
COPY ./web /work/web/
COPY ./website /work/website/
ENV NODE_ENV=production
RUN cd /static && npm i && npm run build
WORKDIR /work/web
RUN npm ci && npm run build
# Stage 5: Build go proxy
FROM golang:1.16.6 AS builder
# Stage 3: Poetry to requirements.txt export
FROM docker.io/python:3.10.6-slim-bullseye AS poetry-locker
WORKDIR /work
COPY ./pyproject.toml /work
COPY ./poetry.lock /work
RUN pip install --no-cache-dir poetry && \
poetry export -f requirements.txt --output requirements.txt && \
poetry export -f requirements.txt --dev --output requirements-dev.txt
# Stage 4: Build go proxy
FROM docker.io/golang:1.19.0-bullseye AS go-builder
WORKDIR /work
COPY --from=web-builder /static/robots.txt /work/web/robots.txt
COPY --from=web-builder /static/security.txt /work/web/security.txt
COPY --from=web-builder /static/dist/ /work/web/dist/
COPY --from=web-builder /static/authentik/ /work/web/authentik/
COPY --from=website-builder /static/help/ /work/website/help/
COPY --from=web-builder /work/web/robots.txt /work/web/robots.txt
COPY --from=web-builder /work/web/security.txt /work/web/security.txt
COPY --from=go-api-builder /local/api api
COPY ./cmd /work/cmd
COPY ./web/static.go /work/web/static.go
COPY ./website/static.go /work/website/static.go
COPY ./internal /work/internal
COPY ./go.mod /work/go.mod
COPY ./go.sum /work/go.sum
RUN go build -o /work/authentik ./cmd/server/main.go
# Stage 6: Run
FROM python:3.9-slim-buster
# Stage 5: Run
FROM docker.io/python:3.10.6-slim-bullseye AS final-image
LABEL org.opencontainers.image.url https://goauthentik.io
LABEL org.opencontainers.image.description goauthentik.io Main server image, see https://goauthentik.io for more info.
LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik
WORKDIR /
COPY --from=locker /app/requirements.txt /
COPY --from=locker /app/requirements-dev.txt /
ARG GIT_BUILD_HASH
ENV GIT_BUILD_HASH=$GIT_BUILD_HASH
COPY --from=poetry-locker /work/requirements.txt /
COPY --from=poetry-locker /work/requirements-dev.txt /
RUN apt-get update && \
apt-get install -y --no-install-recommends curl ca-certificates gnupg git runit && \
curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \
echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
apt-get update && \
apt-get install -y --no-install-recommends libpq-dev postgresql-client build-essential libxmlsec1-dev pkg-config libmaxminddb0 && \
pip install -r /requirements.txt --no-cache-dir && \
apt-get remove --purge -y build-essential git && \
# Required for installing pip packages
apt-get install -y --no-install-recommends build-essential pkg-config libxmlsec1-dev && \
# Required for runtime
apt-get install -y --no-install-recommends libxmlsec1-openssl libmaxminddb0 && \
# Required for bootstrap & healtcheck
apt-get install -y --no-install-recommends curl runit && \
pip install --no-cache-dir -r /requirements.txt && \
apt-get remove --purge -y build-essential pkg-config libxmlsec1-dev && \
apt-get autoremove --purge -y && \
apt-get clean && \
rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/ && \
adduser --system --no-create-home --uid 1000 --group --home /authentik authentik && \
mkdir /backups && \
chown authentik:authentik /backups
mkdir -p /certs /media /blueprints && \
mkdir -p /authentik/.ssh && \
chown authentik:authentik /certs /media /authentik/.ssh
COPY ./authentik/ /authentik
COPY ./pyproject.toml /
COPY ./xml /xml
COPY ./tests /tests
COPY ./manage.py /
COPY ./blueprints /blueprints
COPY ./lifecycle/ /lifecycle
COPY --from=builder /work/authentik /authentik-proxy
COPY --from=go-builder /work/authentik /authentik-proxy
COPY --from=web-builder /work/web/dist/ /web/dist/
COPY --from=web-builder /work/web/authentik/ /web/authentik/
COPY --from=website-builder /work/website/help/ /website/help/
USER 1000
USER authentik
ENV TMPDIR /dev/shm/
ENV PYTHONUBUFFERED 1
ENTRYPOINT [ "/lifecycle/bootstrap.sh" ]
ENV PYTHONUNBUFFERED 1
ENV PATH "/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/lifecycle"
HEALTHCHECK --interval=30s --timeout=30s --start-period=60s --retries=3 CMD [ "/lifecycle/ak", "healthcheck" ]
ENTRYPOINT [ "/usr/local/bin/dumb-init", "--", "/lifecycle/ak" ]

168
Makefile
View File

@ -2,67 +2,183 @@
PWD = $(shell pwd)
UID = $(shell id -u)
GID = $(shell id -g)
NPM_VERSION = $(shell python -m scripts.npm_version)
all: lint-fix lint test gen
all: lint-fix lint test gen web
test-integration:
k3d cluster create || exit 0
k3d kubeconfig write -o ~/.kube/config --overwrite
coverage run manage.py test -v 3 tests/integration
coverage run manage.py test tests/integration
test-e2e:
coverage run manage.py test --failfast -v 3 tests/e2e
test-e2e-provider:
coverage run manage.py test tests/e2e/test_provider*
test-e2e-rest:
coverage run manage.py test tests/e2e/test_flows* tests/e2e/test_source*
test-go:
go test -timeout 0 -v -race -cover ./...
test-docker:
echo "PG_PASS=$(openssl rand -base64 32)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 32)" >> .env
docker-compose pull -q
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root server test
rm -f .env
test:
coverage run manage.py test -v 3 authentik
coverage run manage.py test authentik
coverage html
coverage report
lint-fix:
isort authentik tests lifecycle
black authentik tests lifecycle
isort authentik tests scripts lifecycle
black authentik tests scripts lifecycle
codespell -I .github/codespell-words.txt -S 'web/src/locales/**' -w \
authentik \
internal \
cmd \
web/src \
website/src \
website/docs \
website/developer-docs
lint:
pyright authentik tests lifecycle
bandit -r authentik tests lifecycle -x node_modules
pylint authentik tests lifecycle
bandit -r authentik tests lifecycle -x node_modules
golangci-lint run -v
i18n-extract: i18n-extract-core web-extract
i18n-extract-core:
ak makemessages --ignore web --ignore internal --ignore web --ignore web-api --ignore website -l en
gen-build:
./manage.py spectacular --file schema.yml
AUTHENTIK_DEBUG=true ak make_blueprint_schema > blueprints/schema.json
AUTHENTIK_DEBUG=true ak spectacular --file schema.yml
gen-clean:
rm -rf web/api/src/
rm -rf api/
gen-web:
gen-client-web:
docker run \
--rm -v ${PWD}:/local \
--user ${UID}:${GID} \
openapitools/openapi-generator-cli generate \
openapitools/openapi-generator-cli:v6.0.0 generate \
-i /local/schema.yml \
-g typescript-fetch \
-o /local/web/api \
--additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
cd web/api && npx tsc
-o /local/gen-ts-api \
--additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=@goauthentik/api,npmVersion=${NPM_VERSION}
mkdir -p web/node_modules/@goauthentik/api
\cp -fv scripts/web_api_readme.md gen-ts-api/README.md
cd gen-ts-api && npm i
\cp -rfv gen-ts-api/* web/node_modules/@goauthentik/api
gen-outpost:
gen-client-go:
wget https://raw.githubusercontent.com/goauthentik/client-go/main/config.yaml -O config.yaml
mkdir -p templates
wget https://raw.githubusercontent.com/goauthentik/client-go/main/templates/README.mustache -O templates/README.mustache
wget https://raw.githubusercontent.com/goauthentik/client-go/main/templates/go.mod.mustache -O templates/go.mod.mustache
docker run \
--rm -v ${PWD}:/local \
--user ${UID}:${GID} \
openapitools/openapi-generator-cli generate \
--git-host goauthentik.io \
--git-repo-id outpost \
--git-user-id api \
openapitools/openapi-generator-cli:v6.0.0 generate \
-i /local/schema.yml \
-g go \
-o /local/api \
--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true
rm -f api/go.mod api/go.sum
-o /local/gen-go-api \
-c /local/config.yaml
go mod edit -replace goauthentik.io/api/v3=./gen-go-api
rm -rf config.yaml ./templates/
gen: gen-build gen-clean gen-web gen-outpost
gen-dev-config:
python -m scripts.generate_config
gen: gen-build gen-clean gen-client-web
migrate:
python -m lifecycle.migrate
run:
go run -v cmd/server/main.go
#########################
## Web
#########################
web-build: web-install
cd web && npm run build
web: web-lint-fix web-lint
web-install:
cd web && npm ci
web-watch:
rm -rf web/dist/
mkdir web/dist/
touch web/dist/.gitkeep
cd web && npm run watch
web-lint-fix:
cd web && npm run prettier
web-lint:
cd web && npm run lint
cd web && npm run lit-analyse
web-extract:
cd web && npm run extract
#########################
## Website
#########################
website: website-lint-fix
website-install:
cd website && npm ci
website-lint-fix:
cd website && npm run prettier
website-watch:
cd website && npm run watch
# These targets are use by GitHub actions to allow usage of matrix
# which makes the YAML File a lot smaller
ci--meta-debug:
python -V
node --version
ci-pylint: ci--meta-debug
pylint authentik tests lifecycle
ci-black: ci--meta-debug
black --check authentik tests lifecycle
ci-isort: ci--meta-debug
isort --check authentik tests lifecycle
ci-bandit: ci--meta-debug
bandit -r authentik tests lifecycle
ci-pyright: ci--meta-debug
pyright e2e lifecycle
ci-pending-migrations: ci--meta-debug
ak makemigrations --check
install: web-install website-install
poetry install
dev-reset:
dropdb -U postgres -h localhost authentik
createdb -U postgres -h localhost authentik
redis-cli -n 0 flushall
redis-cli -n 1 flushall
redis-cli -n 2 flushall
redis-cli -n 3 flushall
make migrate

66
Pipfile
View File

@ -1,66 +0,0 @@
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true
[packages]
boto3 = "*"
celery = "*"
channels = "*"
channels-redis = "*"
dacite = "*"
defusedxml = "*"
django = "*"
django-dbbackup = { git = 'https://github.com/django-dbbackup/django-dbbackup.git', ref = '9d1909c30a3271c8c9c8450add30d6e0b996e145' }
django-filter = "*"
django-guardian = "*"
django-model-utils = "*"
django-otp = "*"
django-prometheus = "*"
django-redis = "*"
django-storages = "*"
djangorestframework = "*"
djangorestframework-guardian = "*"
docker = "*"
drf-spectacular = "*"
facebook-sdk = "*"
geoip2 = "*"
gunicorn = "*"
kubernetes = "*"
ldap3 = "*"
lxml = ">=4.6.3"
packaging = "*"
psycopg2-binary = "*"
pycryptodome = "*"
pyjwt = "*"
pyyaml = "*"
requests-oauthlib = "*"
sentry-sdk = "*"
service_identity = "*"
structlog = "*"
swagger-spec-validator = "*"
twisted = "==20.3.0"
urllib3 = {extras = ["secure"],version = "*"}
uvicorn = {extras = ["standard"],version = "*"}
webauthn = "*"
xmlsec = "*"
duo-client = "*"
ua-parser = "*"
deepmerge = "*"
colorama = "*"
[requires]
python_version = "3.9"
[dev-packages]
bandit = "*"
black = "==21.5b1"
bump2version = "*"
colorama = "*"
coverage = "*"
pylint = "*"
pylint-django = "*"
pytest = "*"
pytest-django = "*"
selenium = "*"
requests-mock = "*"

1887
Pipfile.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -4,14 +4,15 @@
---
[![](https://img.shields.io/discord/809154715984199690?label=Discord&style=flat-square)](https://discord.gg/jg33eMhnj6)
[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/6?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=6)
[![Tests](https://img.shields.io/azure-devops/tests/beryjuorg/authentik/6?compact_message&style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=6)
[![Code Coverage](https://img.shields.io/codecov/c/gh/goauthentik/authentik?style=flat-square)](https://codecov.io/gh/goauthentik/authentik)
![Docker pulls](https://img.shields.io/docker/pulls/beryju/authentik.svg?style=flat-square)
![Latest version](https://img.shields.io/docker/v/beryju/authentik?sort=semver&style=flat-square)
![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/goauthentik/authentik?style=flat-square)
[Transifex](https://www.transifex.com/beryjuorg/authentik/)
[![Join Discord](https://img.shields.io/discord/809154715984199690?label=Discord&style=for-the-badge)](https://goauthentik.io/discord)
[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-main?label=core%20build&style=for-the-badge)](https://github.com/goauthentik/authentik/actions/workflows/ci-main.yml)
[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-outpost?label=outpost%20build&style=for-the-badge)](https://github.com/goauthentik/authentik/actions/workflows/ci-outpost.yml)
[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/goauthentik/authentik/authentik-ci-web?label=web%20build&style=for-the-badge)](https://github.com/goauthentik/authentik/actions/workflows/ci-web.yml)
[![Code Coverage](https://img.shields.io/codecov/c/gh/goauthentik/authentik?style=for-the-badge)](https://codecov.io/gh/goauthentik/authentik)
[![Testspace tests](https://img.shields.io/testspace/total/goauthentik/goauthentik:authentik/main?style=for-the-badge)](https://goauthentik.testspace.com/)
![Docker pulls](https://img.shields.io/docker/pulls/beryju/authentik.svg?style=for-the-badge)
![Latest version](https://img.shields.io/docker/v/beryju/authentik?sort=semver&style=for-the-badge)
[![](https://img.shields.io/badge/Help%20translate-transifex-blue?style=for-the-badge)](https://www.transifex.com/beryjuorg/authentik/)
## What is authentik?
@ -19,9 +20,9 @@ authentik is an open-source Identity Provider focused on flexibility and versati
## Installation
For small/test setups it is recommended to use docker-compose, see the [documentation](https://goauthentik.io/docs/installation/docker-compose/)
For small/test setups it is recommended to use docker-compose, see the [documentation](https://goauthentik.io/docs/installation/docker-compose/?utm_source=github)
For bigger setups, there is a Helm Chart [here])(https://github.com/goauthentik/helm). This is documented [here](https://goauthentik.io/docs/installation/kubernetes/)
For bigger setups, there is a Helm Chart [here](https://github.com/goauthentik/helm). This is documented [here](https://goauthentik.io/docs/installation/kubernetes/?utm_source=github)
## Screenshots
@ -32,8 +33,28 @@ Light | Dark
## Development
See [Development Documentation](https://goauthentik.io/developer-docs/)
See [Development Documentation](https://goauthentik.io/developer-docs/?utm_source=github)
## Security
See [SECURITY.md](SECURITY.md)
## Sponsors
This project is proudly sponsored by:
<p>
<a href="https://www.digitalocean.com/?utm_medium=opensource&utm_source=goauthentik.io">
<img src="https://opensource.nyc3.cdn.digitaloceanspaces.com/attribution/assets/SVG/DO_Logo_horizontal_blue.svg" width="201px">
</a>
</p>
DigitalOcean provides development and testing resources for authentik.
<p>
<a href="https://www.netlify.com">
<img src="https://www.netlify.com/img/global/badges/netlify-color-accent.svg" alt="Deploys by Netlify" />
</a>
</p>
Netlify hosts the [goauthentik.io](https://goauthentik.io) site.

View File

@ -6,10 +6,10 @@
| Version | Supported |
| ---------- | ------------------ |
| 2021.5.x | :white_check_mark: |
| 2021.6.x | :white_check_mark: |
| 2021.7.x | :white_check_mark: |
| 2022.6.x | :white_check_mark: |
| 2022.7.x | :white_check_mark: |
| 2022.8.x | :white_check_mark: |
## Reporting a Vulnerability
To report a vulnerability, send an email to [security@beryju.org](mailto:security@beryju.org)
To report a vulnerability, send an email to [security@goauthentik.io](mailto:security@goauthentik.io)

View File

@ -1,3 +1,22 @@
"""authentik"""
__version__ = "2021.7.3"
from os import environ
from typing import Optional
__version__ = "2022.8.1"
ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"
def get_build_hash(fallback: Optional[str] = None) -> str:
"""Get build hash"""
build_hash = environ.get(ENV_GIT_HASH_KEY, fallback if fallback else "")
if build_hash == "" and fallback:
return fallback
return build_hash
def get_full_version() -> str:
"""Get full version, with build hash appended"""
version = __version__
if (build_hash := get_build_hash()) != "":
version += "." + build_hash
return version

View File

@ -1,13 +1,6 @@
"""authentik administration metrics"""
import time
from collections import Counter
from datetime import timedelta
from django.db.models import Count, ExpressionWrapper, F
from django.db.models.fields import DurationField
from django.db.models.functions import ExtractHour
from django.utils.timezone import now
from drf_spectacular.utils import extend_schema, extend_schema_field
from guardian.shortcuts import get_objects_for_user
from rest_framework.fields import IntegerField, SerializerMethodField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
@ -15,34 +8,7 @@ from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
from authentik.events.models import Event, EventAction
def get_events_per_1h(**filter_kwargs) -> list[dict[str, int]]:
"""Get event count by hour in the last day, fill with zeros"""
date_from = now() - timedelta(days=1)
result = (
Event.objects.filter(created__gte=date_from, **filter_kwargs)
.annotate(
age=ExpressionWrapper(now() - F("created"), output_field=DurationField())
)
.annotate(age_hours=ExtractHour("age"))
.values("age_hours")
.annotate(count=Count("pk"))
.order_by("age_hours")
)
data = Counter({int(d["age_hours"]): d["count"] for d in result})
results = []
_now = now()
for hour in range(0, -24, -1):
results.append(
{
"x_cord": time.mktime((_now + timedelta(hours=hour)).timetuple())
* 1000,
"y_cord": data[hour * -1],
}
)
return results
from authentik.events.models import EventAction
class CoordinateSerializer(PassiveSerializer):
@ -61,12 +27,22 @@ class LoginMetricsSerializer(PassiveSerializer):
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_per_1h(self, _):
"""Get successful logins per hour for the last 24 hours"""
return get_events_per_1h(action=EventAction.LOGIN)
user = self.context["user"]
return (
get_objects_for_user(user, "authentik_events.view_event")
.filter(action=EventAction.LOGIN)
.get_events_per_hour()
)
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_failed_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
return get_events_per_1h(action=EventAction.LOGIN_FAILED)
user = self.context["user"]
return (
get_objects_for_user(user, "authentik_events.view_event")
.filter(action=EventAction.LOGIN_FAILED)
.get_events_per_hour()
)
class AdministrationMetricsViewSet(APIView):
@ -78,4 +54,5 @@ class AdministrationMetricsViewSet(APIView):
def get(self, request: Request) -> Response:
"""Login Metrics per 1h"""
serializer = LoginMetricsSerializer(True)
serializer.context["user"] = request.user
return Response(serializer.data)

View File

@ -16,6 +16,8 @@ from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
from authentik.outposts.apps import MANAGED_OUTPOST
from authentik.outposts.models import Outpost
class RuntimeDict(TypedDict):
@ -32,12 +34,18 @@ class RuntimeDict(TypedDict):
class SystemSerializer(PassiveSerializer):
"""Get system information."""
env = SerializerMethodField()
http_headers = SerializerMethodField()
http_host = SerializerMethodField()
http_is_secure = SerializerMethodField()
runtime = SerializerMethodField()
tenant = SerializerMethodField()
server_time = SerializerMethodField()
embedded_outpost_host = SerializerMethodField()
def get_env(self, request: Request) -> dict[str, str]:
"""Get Environment"""
return os.environ.copy()
def get_http_headers(self, request: Request) -> dict[str, str]:
"""Get HTTP Request headers"""
@ -61,9 +69,7 @@ class SystemSerializer(PassiveSerializer):
return {
"python_version": python_version,
"gunicorn_version": ".".join(str(x) for x in gunicorn_version),
"environment": "kubernetes"
if SERVICE_HOST_ENV_NAME in os.environ
else "compose",
"environment": "kubernetes" if SERVICE_HOST_ENV_NAME in os.environ else "compose",
"architecture": platform.machine(),
"platform": platform.platform(),
"uname": " ".join(platform.uname()),
@ -77,6 +83,13 @@ class SystemSerializer(PassiveSerializer):
"""Current server time"""
return now()
def get_embedded_outpost_host(self, request: Request) -> str:
"""Get the FQDN configured on the embedded outpost"""
outposts = Outpost.objects.filter(managed=MANAGED_OUTPOST)
if not outposts.exists(): # pragma: no cover
return ""
return outposts.first().config.authentik_host
class SystemView(APIView):
"""Get system information."""

View File

@ -12,10 +12,13 @@ from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from structlog.stdlib import get_logger
from authentik.core.api.utils import PassiveSerializer
from authentik.events.monitored_tasks import TaskInfo, TaskResultStatus
LOGGER = get_logger()
class TaskSerializer(PassiveSerializer):
"""Serialize TaskInfo and TaskResult"""
@ -36,7 +39,7 @@ class TaskSerializer(PassiveSerializer):
are pickled in cache. In that case, just delete the info"""
try:
return super().to_representation(instance)
except AttributeError:
except AttributeError: # pragma: no cover
if isinstance(self.instance, list):
for inst in self.instance:
inst.delete()
@ -89,16 +92,15 @@ class TaskViewSet(ViewSet):
try:
task_module = import_module(task.task_call_module)
task_func = getattr(task_module, task.task_call_func)
LOGGER.debug("Running task", task=task_func)
task_func.delay(*task.task_call_args, **task.task_call_kwargs)
messages.success(
self.request,
_(
"Successfully re-scheduled Task %(name)s!"
% {"name": task.task_name}
),
_("Successfully re-scheduled Task %(name)s!" % {"name": task.task_name}),
)
return Response(status=204)
except ImportError: # pragma: no cover
except (ImportError, AttributeError): # pragma: no cover
LOGGER.warning("Failed to run task, remove state", task=task)
# if we get an import error, the module path has probably changed
task.delete()
return Response(status=500)

View File

@ -1,6 +1,4 @@
"""authentik administration overview"""
from os import environ
from django.core.cache import cache
from drf_spectacular.utils import extend_schema
from packaging.version import parse
@ -10,7 +8,7 @@ from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik import ENV_GIT_HASH_KEY, __version__
from authentik import __version__, get_build_hash
from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
from authentik.core.api.utils import PassiveSerializer
@ -25,7 +23,7 @@ class VersionSerializer(PassiveSerializer):
def get_build_hash(self, _) -> str:
"""Get build hash, if version is not latest or released"""
return environ.get(ENV_GIT_HASH_KEY, "")
return get_build_hash()
def get_version_current(self, _) -> str:
"""Get current version"""
@ -41,9 +39,7 @@ class VersionSerializer(PassiveSerializer):
def get_outdated(self, instance) -> bool:
"""Check if we're running the latest version"""
return parse(self.get_version_current(instance)) < parse(
self.get_version_latest(instance)
)
return parse(self.get_version_current(instance)) < parse(self.get_version_latest(instance))
class VersionView(APIView):

View File

@ -1,6 +1,6 @@
"""authentik administration overview"""
from django.conf import settings
from drf_spectacular.utils import extend_schema, inline_serializer
from prometheus_client import Gauge
from rest_framework.fields import IntegerField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
@ -9,18 +9,17 @@ from rest_framework.views import APIView
from authentik.root.celery import CELERY_APP
GAUGE_WORKERS = Gauge("authentik_admin_workers", "Currently connected workers")
class WorkerView(APIView):
"""Get currently connected worker count."""
permission_classes = [IsAdminUser]
@extend_schema(
responses=inline_serializer("Workers", fields={"count": IntegerField()})
)
@extend_schema(responses=inline_serializer("Workers", fields={"count": IntegerField()}))
def get(self, request: Request) -> Response:
"""Get currently connected worker count."""
count = len(CELERY_APP.control.ping(timeout=0.5))
# In debug we run with `CELERY_TASK_ALWAYS_EAGER`, so tasks are ran on the main process
if settings.DEBUG: # pragma: no cover
count += 1
return Response({"count": count})

View File

@ -1,10 +1,20 @@
"""authentik admin app config"""
from django.apps import AppConfig
from prometheus_client import Gauge, Info
from authentik.blueprints.manager import ManagedAppConfig
PROM_INFO = Info("authentik_version", "Currently running authentik version")
GAUGE_WORKERS = Gauge("authentik_admin_workers", "Currently connected workers")
class AuthentikAdminConfig(AppConfig):
class AuthentikAdminConfig(ManagedAppConfig):
"""authentik admin app config"""
name = "authentik.admin"
label = "authentik_admin"
verbose_name = "authentik Admin"
default = True
def reconcile_load_admin_signals(self):
"""Load admin signals"""
self.import_module("authentik.admin.signals")

View File

@ -1,10 +1,12 @@
"""authentik admin settings"""
from celery.schedules import crontab
from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = {
"admin_latest_version": {
"task": "authentik.admin.tasks.update_latest_version",
"schedule": crontab(minute="*/60"), # Run every hour
"schedule": crontab(minute=fqdn_rand("admin_latest_version"), hour="*"),
"options": {"queue": "authentik_scheduled"},
}
}

View File

@ -0,0 +1,23 @@
"""admin signals"""
from django.dispatch import receiver
from authentik.admin.api.tasks import TaskInfo
from authentik.admin.apps import GAUGE_WORKERS
from authentik.root.celery import CELERY_APP
from authentik.root.monitoring import monitoring_set
@receiver(monitoring_set)
# pylint: disable=unused-argument
def monitoring_set_workers(sender, **kwargs):
"""Set worker gauge"""
count = len(CELERY_APP.control.ping(timeout=0.5))
GAUGE_WORKERS.set(count)
@receiver(monitoring_set)
# pylint: disable=unused-argument
def monitoring_set_tasks(sender, **kwargs):
"""Set task gauges"""
for task in TaskInfo.all().values():
task.set_prom_metrics()

View File

@ -1,17 +1,24 @@
"""authentik admin tasks"""
import re
from os import environ
from django.core.cache import cache
from django.core.validators import URLValidator
from django.db import DatabaseError, InternalError, ProgrammingError
from packaging.version import parse
from prometheus_client import Info
from requests import RequestException, get
from requests import RequestException
from structlog.stdlib import get_logger
from authentik import ENV_GIT_HASH_KEY, __version__
from authentik.events.models import Event, EventAction
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
from authentik import __version__, get_build_hash
from authentik.admin.apps import PROM_INFO
from authentik.events.models import Event, EventAction, Notification
from authentik.events.monitored_tasks import (
MonitoredTask,
TaskResult,
TaskResultStatus,
prefill_task,
)
from authentik.lib.config import CONFIG
from authentik.lib.utils.http import get_http_session
from authentik.root.celery import CELERY_APP
LOGGER = get_logger()
@ -19,7 +26,7 @@ VERSION_CACHE_KEY = "authentik_latest_version"
VERSION_CACHE_TIMEOUT = 8 * 60 * 60 # 8 hours
# Chop of the first ^ because we want to search the entire string
URL_FINDER = URLValidator.regex.pattern[1:]
PROM_INFO = Info("authentik_version", "Currently running authentik version")
LOCAL_VERSION = parse(__version__)
def _set_prom_info():
@ -28,33 +35,48 @@ def _set_prom_info():
{
"version": __version__,
"latest": cache.get(VERSION_CACHE_KEY, ""),
"build_hash": environ.get(ENV_GIT_HASH_KEY, ""),
"build_hash": get_build_hash(),
}
)
@CELERY_APP.task(
throws=(DatabaseError, ProgrammingError, InternalError),
)
def clear_update_notifications():
"""Clear update notifications on startup if the notification was for the version
we're running now."""
for notification in Notification.objects.filter(event__action=EventAction.UPDATE_AVAILABLE):
if "new_version" not in notification.event.context:
continue
notification_version = notification.event.context["new_version"]
if LOCAL_VERSION >= parse(notification_version):
notification.delete()
@CELERY_APP.task(bind=True, base=MonitoredTask)
@prefill_task
def update_latest_version(self: MonitoredTask):
"""Update latest version info"""
if CONFIG.y_bool("disable_update_check"):
cache.set(VERSION_CACHE_KEY, "0.0.0", VERSION_CACHE_TIMEOUT)
self.set_status(TaskResult(TaskResultStatus.WARNING, messages=["Version check disabled."]))
return
try:
response = get(
"https://api.github.com/repos/goauthentik/authentik/releases/latest"
response = get_http_session().get(
"https://version.goauthentik.io/version.json",
)
response.raise_for_status()
data = response.json()
tag_name = data.get("tag_name")
upstream_version = tag_name.split("/")[1]
upstream_version = data.get("stable", {}).get("version")
cache.set(VERSION_CACHE_KEY, upstream_version, VERSION_CACHE_TIMEOUT)
self.set_status(
TaskResult(
TaskResultStatus.SUCCESSFUL, ["Successfully updated latest Version"]
)
TaskResult(TaskResultStatus.SUCCESSFUL, ["Successfully updated latest Version"])
)
_set_prom_info()
# Check if upstream version is newer than what we're running,
# and if no event exists yet, create one.
local_version = parse(__version__)
if local_version < parse(upstream_version):
if LOCAL_VERSION < parse(upstream_version):
# Event has already been created, don't create duplicate
if Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
@ -62,7 +84,7 @@ def update_latest_version(self: MonitoredTask):
).exists():
return
event_dict = {"new_version": upstream_version}
if match := re.search(URL_FINDER, data.get("body", "")):
if match := re.search(URL_FINDER, data.get("stable", {}).get("changelog", "")):
event_dict["message"] = f"Changelog: {match.group()}"
Event.new(EventAction.UPDATE_AVAILABLE, **event_dict).save()
except (RequestException, IndexError) as exc:

View File

@ -5,6 +5,7 @@ from django.test import TestCase
from django.urls import reverse
from authentik import __version__
from authentik.blueprints.tests import reconcile_app
from authentik.core.models import Group, User
from authentik.core.tasks import clean_expired_models
from authentik.events.monitored_tasks import TaskResultStatus
@ -27,9 +28,7 @@ class TestAdminAPI(TestCase):
response = self.client.get(reverse("authentik_api:admin_system_tasks-list"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertTrue(
any(task["task_name"] == "clean_expired_models" for task in body)
)
self.assertTrue(any(task["task_name"] == "clean_expired_models" for task in body))
def test_tasks_single(self):
"""Test Task API (read single)"""
@ -45,9 +44,7 @@ class TestAdminAPI(TestCase):
self.assertEqual(body["status"], TaskResultStatus.SUCCESSFUL.name)
self.assertEqual(body["task_name"], "clean_expired_models")
response = self.client.get(
reverse(
"authentik_api:admin_system_tasks-detail", kwargs={"pk": "qwerqwer"}
)
reverse("authentik_api:admin_system_tasks-detail", kwargs={"pk": "qwerqwer"})
)
self.assertEqual(response.status_code, 404)
@ -96,6 +93,7 @@ class TestAdminAPI(TestCase):
response = self.client.get(reverse("authentik_api:apps-list"))
self.assertEqual(response.status_code, 200)
@reconcile_app("authentik_outposts")
def test_system(self):
"""Test system API"""
response = self.client.get(reverse("authentik_api:admin_system"))

View File

@ -1,52 +1,33 @@
"""test admin tasks"""
import json
from dataclasses import dataclass
from unittest.mock import Mock, patch
from django.core.cache import cache
from django.test import TestCase
from requests.exceptions import RequestException
from requests_mock import Mocker
from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
from authentik.admin.tasks import (
VERSION_CACHE_KEY,
clear_update_notifications,
update_latest_version,
)
from authentik.events.models import Event, EventAction
from authentik.lib.config import CONFIG
@dataclass
class MockResponse:
"""Mock class to emulate the methods of requests's Response we need"""
status_code: int
response: str
def json(self) -> dict:
"""Get json parsed response"""
return json.loads(self.response)
def raise_for_status(self):
"""raise RequestException if status code is 400 or more"""
if self.status_code >= 400:
raise RequestException
REQUEST_MOCK_VALID = Mock(
return_value=MockResponse(
200,
"""{
"tag_name": "version/99999999.9999999",
"body": "https://goauthentik.io/test"
}""",
)
)
REQUEST_MOCK_INVALID = Mock(return_value=MockResponse(400, "{}"))
RESPONSE_VALID = {
"$schema": "https://version.goauthentik.io/schema.json",
"stable": {
"version": "99999999.9999999",
"changelog": "See https://goauthentik.io/test",
"reason": "bugfix",
},
}
class TestAdminTasks(TestCase):
"""test admin tasks"""
@patch("authentik.admin.tasks.get", REQUEST_MOCK_VALID)
def test_version_valid_response(self):
"""Test Update checker with valid response"""
with Mocker() as mocker, CONFIG.patch("disable_update_check", False):
mocker.get("https://version.goauthentik.io/version.json", json=RESPONSE_VALID)
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "99999999.9999999")
self.assertTrue(
@ -69,9 +50,10 @@ class TestAdminTasks(TestCase):
1,
)
@patch("authentik.admin.tasks.get", REQUEST_MOCK_INVALID)
def test_version_error(self):
"""Test Update checker with invalid response"""
with Mocker() as mocker:
mocker.get("https://version.goauthentik.io/version.json", status_code=400)
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "0.0.0")
self.assertFalse(
@ -79,3 +61,23 @@ class TestAdminTasks(TestCase):
action=EventAction.UPDATE_AVAILABLE, context__new_version="0.0.0"
).exists()
)
def test_version_disabled(self):
"""Test Update checker while its disabled"""
with CONFIG.patch("disable_update_check", True):
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "0.0.0")
def test_clear_update_notifications(self):
"""Test clear of previous notification"""
Event.objects.create(
action=EventAction.UPDATE_AVAILABLE, context={"new_version": "99999999.9999999.9999999"}
)
Event.objects.create(action=EventAction.UPDATE_AVAILABLE, context={"new_version": "1.1.1"})
Event.objects.create(action=EventAction.UPDATE_AVAILABLE, context={})
clear_update_notifications()
self.assertFalse(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE, context__new_version="1.1"
).exists()
)

View File

@ -1,57 +1,91 @@
"""API Authentication"""
from base64 import b64decode
from binascii import Error
from typing import Any, Optional, Union
from typing import Any, Optional
from django.conf import settings
from rest_framework.authentication import BaseAuthentication, get_authorization_header
from rest_framework.exceptions import AuthenticationFailed
from rest_framework.request import Request
from structlog.stdlib import get_logger
from authentik.core.middleware import CTX_AUTH_VIA
from authentik.core.models import Token, TokenIntents, User
from authentik.outposts.models import Outpost
from authentik.providers.oauth2.constants import SCOPE_AUTHENTIK_API
from authentik.providers.oauth2.models import RefreshToken
LOGGER = get_logger()
# pylint: disable=too-many-return-statements
def token_from_header(raw_header: bytes) -> Optional[Token]:
"""raw_header in the Format of `Bearer dGVzdDp0ZXN0`"""
auth_credentials = raw_header.decode()
def validate_auth(header: bytes) -> str:
"""Validate that the header is in a correct format,
returns type and credentials"""
auth_credentials = header.decode().strip()
if auth_credentials == "" or " " not in auth_credentials:
return None
auth_type, _, auth_credentials = auth_credentials.partition(" ")
if auth_type.lower() not in ["basic", "bearer"]:
if auth_type.lower() != "bearer":
LOGGER.debug("Unsupported authentication type, denying", type=auth_type.lower())
raise AuthenticationFailed("Unsupported authentication type")
password = auth_credentials
if auth_type.lower() == "basic":
try:
auth_credentials = b64decode(auth_credentials.encode()).decode()
except (UnicodeDecodeError, Error):
if auth_credentials == "": # nosec # noqa
raise AuthenticationFailed("Malformed header")
# Accept credentials with username and without
if ":" in auth_credentials:
_, password = auth_credentials.split(":")
else:
password = auth_credentials
if password == "": # nosec
raise AuthenticationFailed("Malformed header")
tokens = Token.filter_not_expired(key=password, intent=TokenIntents.INTENT_API)
if not tokens.exists():
return auth_credentials
def bearer_auth(raw_header: bytes) -> Optional[User]:
"""raw_header in the Format of `Bearer ....`"""
auth_credentials = validate_auth(raw_header)
if not auth_credentials:
return None
# first, check traditional tokens
key_token = Token.filter_not_expired(
key=auth_credentials, intent=TokenIntents.INTENT_API
).first()
if key_token:
CTX_AUTH_VIA.set("api_token")
return key_token.user
# then try to auth via JWT
jwt_token = RefreshToken.filter_not_expired(
refresh_token=auth_credentials, _scope__icontains=SCOPE_AUTHENTIK_API
).first()
if jwt_token:
# Double-check scopes, since they are saved in a single string
# we want to check the parsed version too
if SCOPE_AUTHENTIK_API not in jwt_token.scope:
raise AuthenticationFailed("Token invalid/expired")
return tokens.first()
CTX_AUTH_VIA.set("jwt")
return jwt_token.user
# then try to auth via secret key (for embedded outpost/etc)
user = token_secret_key(auth_credentials)
if user:
CTX_AUTH_VIA.set("secret_key")
return user
raise AuthenticationFailed("Token invalid/expired")
def token_secret_key(value: str) -> Optional[User]:
"""Check if the token is the secret key
and return the service account for the managed outpost"""
from authentik.outposts.apps import MANAGED_OUTPOST
if value != settings.SECRET_KEY:
return None
outposts = Outpost.objects.filter(managed=MANAGED_OUTPOST)
if not outposts:
return None
outpost = outposts.first()
return outpost.user
class TokenAuthentication(BaseAuthentication):
"""Token-based authentication using HTTP Bearer authentication"""
def authenticate(self, request: Request) -> Union[tuple[User, Any], None]:
def authenticate(self, request: Request) -> tuple[User, Any] | None:
"""Token-based authentication using HTTP Bearer authentication"""
auth = get_authorization_header(request)
token = token_from_header(auth)
user = bearer_auth(auth)
# None is only returned when the header isn't set.
if not token:
if not user:
return None
return (token.user, None) # pragma: no cover
return (user, None) # pragma: no cover

View File

@ -12,6 +12,8 @@ class OwnerFilter(BaseFilterBackend):
owner_key = "user"
def filter_queryset(self, request: Request, queryset: QuerySet, view) -> QuerySet:
if request.user.is_superuser:
return queryset
return queryset.filter(**{self.owner_key: request.user})
@ -33,3 +35,12 @@ class OwnerPermissions(BasePermission):
if owner != request.user:
return False
return True
class OwnerSuperuserPermissions(OwnerPermissions):
"""Similar to OwnerPermissions, except always allow access for superusers"""
def has_object_permission(self, request: Request, view, obj: Model) -> bool:
if request.user.is_superuser:
return True
return super().has_object_permission(request, view, obj)

View File

@ -5,11 +5,12 @@ from typing import Callable, Optional
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ModelViewSet
from structlog.stdlib import get_logger
LOGGER = get_logger()
def permission_required(
perm: Optional[str] = None, other_perms: Optional[list[str]] = None
):
def permission_required(perm: Optional[str] = None, other_perms: Optional[list[str]] = None):
"""Check permissions for a single custom action"""
def wrapper_outter(func: Callable):
@ -20,10 +21,12 @@ def permission_required(
if perm:
obj = self.get_object()
if not request.user.has_perm(perm, obj):
LOGGER.debug("denying access for object", user=request.user, perm=perm, obj=obj)
return self.permission_denied(request)
if other_perms:
for other_perm in other_perms:
if not request.user.has_perm(other_perm):
LOGGER.debug("denying access for other", user=request.user, perm=perm)
return self.permission_denied(request)
return func(self, request, *args, **kwargs)

View File

@ -11,7 +11,7 @@ from drf_spectacular.types import OpenApiTypes
def build_standard_type(obj, **kwargs):
"""Build a basic type with optional add ons."""
"""Build a basic type with optional add owns."""
schema = build_basic_type(obj)
schema.update(kwargs)
return schema
@ -31,7 +31,7 @@ VALIDATION_ERROR = build_object_type(
"non_field_errors": build_array_type(build_standard_type(OpenApiTypes.STR)),
"code": build_standard_type(OpenApiTypes.STR),
},
required=["detail"],
required=[],
additionalProperties={},
)
@ -63,9 +63,7 @@ def postprocess_schema_responses(result, generator, **kwargs): # noqa: W0613
method["responses"].setdefault("400", validation_error.ref)
method["responses"].setdefault("403", generic_error.ref)
result["components"] = generator.registry.build(
spectacular_settings.APPEND_COMPONENTS
)
result["components"] = generator.registry.build(spectacular_settings.APPEND_COMPONENTS)
# This is a workaround for authentik/stages/prompt/stage.py
# since the serializer PromptChallengeResponse

View File

@ -8,9 +8,6 @@ API Browser - {{ tenant.branding_title }}
{% block head %}
<script type="module" src="{% static 'dist/rapidoc-min.js' %}"></script>
{% endblock %}
{% block body %}
<script>
function getCookie(name) {
let cookieValue = "";
@ -30,20 +27,62 @@ function getCookie(name) {
window.addEventListener('DOMContentLoaded', (event) => {
const rapidocEl = document.querySelector('rapi-doc');
rapidocEl.addEventListener('before-try', (e) => {
e.detail.request.headers.append('X-CSRFToken', getCookie("authentik_csrf"));
e.detail.request.headers.append('X-authentik-CSRF', getCookie("authentik_csrf"));
});
});
</script>
<style>
img.logo {
width: 100%;
padding: 1rem 0.5rem 1.5rem 0.5rem;
min-height: 48px;
}
</style>
{% endblock %}
{% block body %}
<rapi-doc
spec-url="{{ path }}"
heading-text="authentik"
theme="dark"
render-style="view"
heading-text=""
theme="light"
render-style="read"
default-schema-tab="schema"
primary-color="#fd4b2d"
nav-bg-color="#212427"
bg-color="#000000"
text-color="#000000"
nav-text-color="#ffffff"
nav-hover-bg-color="#3c3f42"
nav-accent-color="#4f5255"
nav-hover-text-color="#ffffff"
use-path-in-nav-bar="true"
nav-item-spacing="relaxed"
allow-server-selection="false"
show-header="false"
allow-spec-url-load="false"
allow-spec-file-load="false">
<div slot="logo">
<img src="{% static 'dist/assets/icons/icon.png' %}" style="width:50px; height:50px" />
<div slot="nav-logo">
<img class="logo" src="{% static 'dist/assets/icons/icon_left_brand.png' %}" />
</div>
</rapi-doc>
<script>
const rapidoc = document.querySelector("rapi-doc");
const matcher = window.matchMedia("(prefers-color-scheme: light)");
const changer = (ev) => {
const style = getComputedStyle(document.documentElement);
let bg, text = "";
if (matcher.matches) {
bg = style.getPropertyValue('--pf-global--BackgroundColor--light-300');
text = style.getPropertyValue('--pf-global--Color--300');
} else {
bg = style.getPropertyValue('--ak-dark-background');
text = style.getPropertyValue('--ak-dark-foreground');
}
rapidoc.attributes.getNamedItem("bg-color").value = bg.trim();
rapidoc.attributes.getNamedItem("text-color").value = text.trim();
rapidoc.requestUpdate();
};
matcher.addEventListener("change", changer);
window.addEventListener("load", changer);
</script>
{% endblock %}

View File

@ -1,49 +1,78 @@
"""Test API Authentication"""
from base64 import b64encode
from django.conf import settings
from django.test import TestCase
from guardian.shortcuts import get_anonymous_user
from rest_framework.exceptions import AuthenticationFailed
from authentik.api.authentication import token_from_header
from authentik.core.models import Token, TokenIntents
from authentik.api.authentication import bearer_auth
from authentik.blueprints.tests import reconcile_app
from authentik.core.models import USER_ATTRIBUTE_SA, Token, TokenIntents
from authentik.core.tests.utils import create_test_flow
from authentik.lib.generators import generate_id
from authentik.providers.oauth2.constants import SCOPE_AUTHENTIK_API
from authentik.providers.oauth2.models import OAuth2Provider, RefreshToken
class TestAPIAuth(TestCase):
"""Test API Authentication"""
def test_valid_basic(self):
"""Test valid token"""
token = Token.objects.create(
intent=TokenIntents.INTENT_API, user=get_anonymous_user()
)
auth = b64encode(f":{token.key}".encode()).decode()
self.assertEqual(token_from_header(f"Basic {auth}".encode()), token)
def test_valid_bearer(self):
"""Test valid token"""
token = Token.objects.create(
intent=TokenIntents.INTENT_API, user=get_anonymous_user()
)
self.assertEqual(token_from_header(f"Bearer {token.key}".encode()), token)
def test_invalid_type(self):
"""Test invalid type"""
with self.assertRaises(AuthenticationFailed):
token_from_header("foo bar".encode())
bearer_auth("foo bar".encode())
def test_invalid_decode(self):
"""Test invalid bas64"""
with self.assertRaises(AuthenticationFailed):
token_from_header("Basic bar".encode())
def test_invalid_empty_password(self):
"""Test invalid with empty password"""
with self.assertRaises(AuthenticationFailed):
token_from_header("Basic :".encode())
def test_invalid_empty(self):
"""Test invalid type"""
self.assertIsNone(bearer_auth("Bearer ".encode()))
self.assertIsNone(bearer_auth("".encode()))
def test_invalid_no_token(self):
"""Test invalid with no token"""
with self.assertRaises(AuthenticationFailed):
auth = b64encode(":abc".encode()).decode()
self.assertIsNone(token_from_header(f"Basic :{auth}".encode()))
self.assertIsNone(bearer_auth(f"Basic :{auth}".encode()))
def test_bearer_valid(self):
"""Test valid token"""
token = Token.objects.create(intent=TokenIntents.INTENT_API, user=get_anonymous_user())
self.assertEqual(bearer_auth(f"Bearer {token.key}".encode()), token.user)
def test_managed_outpost(self):
"""Test managed outpost"""
with self.assertRaises(AuthenticationFailed):
bearer_auth(f"Bearer {settings.SECRET_KEY}".encode())
@reconcile_app("authentik_outposts")
def test_managed_outpost_success(self):
"""Test managed outpost"""
user = bearer_auth(f"Bearer {settings.SECRET_KEY}".encode())
self.assertEqual(user.attributes[USER_ATTRIBUTE_SA], True)
def test_jwt_valid(self):
"""Test valid JWT"""
provider = OAuth2Provider.objects.create(
name=generate_id(), client_id=generate_id(), authorization_flow=create_test_flow()
)
refresh = RefreshToken.objects.create(
user=get_anonymous_user(),
provider=provider,
refresh_token=generate_id(),
_scope=SCOPE_AUTHENTIK_API,
)
self.assertEqual(bearer_auth(f"Bearer {refresh.refresh_token}".encode()), refresh.user)
def test_jwt_missing_scope(self):
"""Test valid JWT"""
provider = OAuth2Provider.objects.create(
name=generate_id(), client_id=generate_id(), authorization_flow=create_test_flow()
)
refresh = RefreshToken.objects.create(
user=get_anonymous_user(),
provider=provider,
refresh_token=generate_id(),
_scope="",
)
with self.assertRaises(AuthenticationFailed):
self.assertEqual(bearer_auth(f"Bearer {refresh.refresh_token}".encode()), refresh.user)

View File

@ -0,0 +1,29 @@
"""authentik API Modelviewset tests"""
from typing import Callable
from django.test import TestCase
from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
from authentik.api.v3.urls import router
class TestModelViewSets(TestCase):
"""Test Viewset"""
def viewset_tester_factory(test_viewset: type[ModelViewSet]) -> Callable:
"""Test Viewset"""
def tester(self: TestModelViewSets):
self.assertIsNotNone(getattr(test_viewset, "search_fields", None))
filterset_class = getattr(test_viewset, "filterset_class", None)
if not filterset_class:
self.assertIsNotNone(getattr(test_viewset, "filterset_fields", None))
return tester
for _, viewset, _ in router.registry:
if not issubclass(viewset, (ModelViewSet, ReadOnlyModelViewSet)):
continue
setattr(TestModelViewSets, f"test_viewset_{viewset.__name__}", viewset_tester_factory(viewset))

View File

@ -1,8 +1,8 @@
"""authentik api urls"""
from django.urls import include, path
from authentik.api.v2.urls import urlpatterns as v2_urls
from authentik.api.v3.urls import urlpatterns as v3_urls
urlpatterns = [
path("v2beta/", include(v2_urls)),
path("v3/", include(v3_urls)),
]

View File

@ -1,70 +0,0 @@
"""core Configs API"""
from os import environ, path
from django.conf import settings
from django.db import models
from drf_spectacular.utils import extend_schema
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
from rest_framework.fields import BooleanField, CharField, ChoiceField, ListField
from rest_framework.permissions import AllowAny
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
from authentik.events.geo import GEOIP_READER
from authentik.lib.config import CONFIG
class Capabilities(models.TextChoices):
"""Define capabilities which influence which APIs can/should be used"""
CAN_SAVE_MEDIA = "can_save_media"
CAN_GEO_IP = "can_geo_ip"
CAN_BACKUP = "can_backup"
class ConfigSerializer(PassiveSerializer):
"""Serialize authentik Config into DRF Object"""
error_reporting_enabled = BooleanField(read_only=True)
error_reporting_environment = CharField(read_only=True)
error_reporting_send_pii = BooleanField(read_only=True)
capabilities = ListField(child=ChoiceField(choices=Capabilities.choices))
class ConfigView(APIView):
"""Read-only view set that returns the current session's Configs"""
permission_classes = [AllowAny]
def get_capabilities(self) -> list[Capabilities]:
"""Get all capabilities this server instance supports"""
caps = []
deb_test = settings.DEBUG or settings.TEST
if path.ismount(settings.MEDIA_ROOT) or deb_test:
caps.append(Capabilities.CAN_SAVE_MEDIA)
if GEOIP_READER.enabled:
caps.append(Capabilities.CAN_GEO_IP)
if SERVICE_HOST_ENV_NAME in environ:
# Running in k8s, only s3 backup is supported
if CONFIG.y_bool("postgresql.s3_backup"):
caps.append(Capabilities.CAN_BACKUP)
else:
# Running in compose, backup is always supported
caps.append(Capabilities.CAN_BACKUP)
return caps
@extend_schema(responses={200: ConfigSerializer(many=False)})
def get(self, request: Request) -> Response:
"""Retrive public configuration options"""
config = ConfigSerializer(
{
"error_reporting_enabled": CONFIG.y("error_reporting.enabled"),
"error_reporting_environment": CONFIG.y("error_reporting.environment"),
"error_reporting_send_pii": CONFIG.y("error_reporting.send_pii"),
"capabilities": self.get_capabilities(),
}
)
return Response(config.data)

View File

@ -1,38 +0,0 @@
"""Sentry tunnel"""
from json import loads
from django.conf import settings
from django.http.request import HttpRequest
from django.http.response import HttpResponse
from django.views.generic.base import View
from requests import post
from requests.exceptions import RequestException
from authentik.lib.config import CONFIG
class SentryTunnelView(View):
"""Sentry tunnel, to prevent ad blockers from blocking sentry"""
def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
"""Sentry tunnel, to prevent ad blockers from blocking sentry"""
# Only allow usage of this endpoint when error reporting is enabled
if not CONFIG.y_bool("error_reporting.enabled", False):
return HttpResponse(status=400)
# Body is 2 json objects separated by \n
full_body = request.body
header = loads(full_body.splitlines()[0])
# Check that the DSN is what we expect
dsn = header.get("dsn", "")
if dsn != settings.SENTRY_DSN:
return HttpResponse(status=400)
response = post(
"https://sentry.beryju.org/api/8/envelope/",
data=full_body,
headers={"Content-Type": "application/octet-stream"},
)
try:
response.raise_for_status()
except RequestException:
return HttpResponse(status=500)
return HttpResponse(status=response.status_code)

View File

@ -0,0 +1,92 @@
"""core Configs API"""
from os import path
from django.conf import settings
from django.db import models
from drf_spectacular.utils import extend_schema
from rest_framework.fields import (
BooleanField,
CharField,
ChoiceField,
FloatField,
IntegerField,
ListField,
)
from rest_framework.permissions import AllowAny
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
from authentik.events.geo import GEOIP_READER
from authentik.lib.config import CONFIG
class Capabilities(models.TextChoices):
"""Define capabilities which influence which APIs can/should be used"""
CAN_SAVE_MEDIA = "can_save_media"
CAN_GEO_IP = "can_geo_ip"
CAN_IMPERSONATE = "can_impersonate"
class ErrorReportingConfigSerializer(PassiveSerializer):
"""Config for error reporting"""
enabled = BooleanField(read_only=True)
environment = CharField(read_only=True)
send_pii = BooleanField(read_only=True)
traces_sample_rate = FloatField(read_only=True)
class ConfigSerializer(PassiveSerializer):
"""Serialize authentik Config into DRF Object"""
error_reporting = ErrorReportingConfigSerializer(required=True)
capabilities = ListField(child=ChoiceField(choices=Capabilities.choices))
cache_timeout = IntegerField(required=True)
cache_timeout_flows = IntegerField(required=True)
cache_timeout_policies = IntegerField(required=True)
cache_timeout_reputation = IntegerField(required=True)
class ConfigView(APIView):
"""Read-only view set that returns the current session's Configs"""
permission_classes = [AllowAny]
def get_capabilities(self) -> list[Capabilities]:
"""Get all capabilities this server instance supports"""
caps = []
deb_test = settings.DEBUG or settings.TEST
if path.ismount(settings.MEDIA_ROOT) or deb_test:
caps.append(Capabilities.CAN_SAVE_MEDIA)
if GEOIP_READER.enabled:
caps.append(Capabilities.CAN_GEO_IP)
if CONFIG.y_bool("impersonation"):
caps.append(Capabilities.CAN_IMPERSONATE)
return caps
def get_config(self) -> ConfigSerializer:
"""Get Config"""
return ConfigSerializer(
{
"error_reporting": {
"enabled": CONFIG.y("error_reporting.enabled"),
"environment": CONFIG.y("error_reporting.environment"),
"send_pii": CONFIG.y("error_reporting.send_pii"),
"traces_sample_rate": float(CONFIG.y("error_reporting.sample_rate", 0.4)),
},
"capabilities": self.get_capabilities(),
"cache_timeout": int(CONFIG.y("redis.cache_timeout")),
"cache_timeout_flows": int(CONFIG.y("redis.cache_timeout_flows")),
"cache_timeout_policies": int(CONFIG.y("redis.cache_timeout_policies")),
"cache_timeout_reputation": int(CONFIG.y("redis.cache_timeout_reputation")),
}
)
@extend_schema(responses={200: ConfigSerializer(many=False)})
def get(self, request: Request) -> Response:
"""Retrieve public configuration options"""
return Response(self.get_config().data)

View File

@ -1,6 +1,6 @@
"""api v2 urls"""
"""api v3 urls"""
from django.urls import path
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.cache import cache_page
from drf_spectacular.views import SpectacularAPIView
from rest_framework import routers
@ -10,26 +10,29 @@ from authentik.admin.api.system import SystemView
from authentik.admin.api.tasks import TaskViewSet
from authentik.admin.api.version import VersionView
from authentik.admin.api.workers import WorkerView
from authentik.api.v2.config import ConfigView
from authentik.api.v2.sentry import SentryTunnelView
from authentik.api.v3.config import ConfigView
from authentik.api.views import APIBrowserView
from authentik.blueprints.api import BlueprintInstanceViewSet
from authentik.core.api.applications import ApplicationViewSet
from authentik.core.api.authenticated_sessions import AuthenticatedSessionViewSet
from authentik.core.api.devices import AdminDeviceViewSet, DeviceViewSet
from authentik.core.api.groups import GroupViewSet
from authentik.core.api.propertymappings import PropertyMappingViewSet
from authentik.core.api.providers import ProviderViewSet
from authentik.core.api.sources import SourceViewSet
from authentik.core.api.sources import SourceViewSet, UserSourceConnectionViewSet
from authentik.core.api.tokens import TokenViewSet
from authentik.core.api.users import UserViewSet
from authentik.crypto.api import CertificateKeyPairViewSet
from authentik.events.api.event import EventViewSet
from authentik.events.api.notification import NotificationViewSet
from authentik.events.api.notification_rule import NotificationRuleViewSet
from authentik.events.api.notification_transport import NotificationTransportViewSet
from authentik.events.api.events import EventViewSet
from authentik.events.api.notification_mappings import NotificationWebhookMappingViewSet
from authentik.events.api.notification_rules import NotificationRuleViewSet
from authentik.events.api.notification_transports import NotificationTransportViewSet
from authentik.events.api.notifications import NotificationViewSet
from authentik.flows.api.bindings import FlowStageBindingViewSet
from authentik.flows.api.flows import FlowViewSet
from authentik.flows.api.stages import StageViewSet
from authentik.flows.views import FlowExecutorView
from authentik.flows.views.executor import FlowExecutorView
from authentik.flows.views.inspector import FlowInspectorView
from authentik.outposts.api.outposts import OutpostViewSet
from authentik.outposts.api.service_connections import (
DockerServiceConnectionViewSet,
@ -44,35 +47,29 @@ from authentik.policies.expiry.api import PasswordExpiryPolicyViewSet
from authentik.policies.expression.api import ExpressionPolicyViewSet
from authentik.policies.hibp.api import HaveIBeenPwendPolicyViewSet
from authentik.policies.password.api import PasswordPolicyViewSet
from authentik.policies.reputation.api import (
IPReputationViewSet,
ReputationPolicyViewSet,
UserReputationViewSet,
)
from authentik.policies.reputation.api import ReputationPolicyViewSet, ReputationViewSet
from authentik.providers.ldap.api import LDAPOutpostConfigViewSet, LDAPProviderViewSet
from authentik.providers.oauth2.api.provider import OAuth2ProviderViewSet
from authentik.providers.oauth2.api.scope import ScopeMappingViewSet
from authentik.providers.oauth2.api.tokens import (
AuthorizationCodeViewSet,
RefreshTokenViewSet,
)
from authentik.providers.proxy.api import (
ProxyOutpostConfigViewSet,
ProxyProviderViewSet,
)
from authentik.providers.oauth2.api.tokens import AuthorizationCodeViewSet, RefreshTokenViewSet
from authentik.providers.proxy.api import ProxyOutpostConfigViewSet, ProxyProviderViewSet
from authentik.providers.saml.api import SAMLPropertyMappingViewSet, SAMLProviderViewSet
from authentik.sources.ldap.api import LDAPPropertyMappingViewSet, LDAPSourceViewSet
from authentik.sources.oauth.api.source import OAuthSourceViewSet
from authentik.sources.oauth.api.source_connection import (
UserOAuthSourceConnectionViewSet,
)
from authentik.sources.plex.api import PlexSourceViewSet
from authentik.sources.oauth.api.source_connection import UserOAuthSourceConnectionViewSet
from authentik.sources.plex.api.source import PlexSourceViewSet
from authentik.sources.plex.api.source_connection import PlexSourceConnectionViewSet
from authentik.sources.saml.api import SAMLSourceViewSet
from authentik.stages.authenticator_duo.api import (
AuthenticatorDuoStageViewSet,
DuoAdminDeviceViewSet,
DuoDeviceViewSet,
)
from authentik.stages.authenticator_sms.api import (
AuthenticatorSMSStageViewSet,
SMSAdminDeviceViewSet,
SMSDeviceViewSet,
)
from authentik.stages.authenticator_static.api import (
AuthenticatorStaticStageViewSet,
StaticAdminDeviceViewSet,
@ -83,9 +80,7 @@ from authentik.stages.authenticator_totp.api import (
TOTPAdminDeviceViewSet,
TOTPDeviceViewSet,
)
from authentik.stages.authenticator_validate.api import (
AuthenticatorValidateStageViewSet,
)
from authentik.stages.authenticator_validate.api import AuthenticatorValidateStageViewSet
from authentik.stages.authenticator_webauthn.api import (
AuthenticateWebAuthnStageViewSet,
WebAuthnAdminDeviceViewSet,
@ -107,6 +102,7 @@ from authentik.stages.user_write.api import UserWriteStageViewSet
from authentik.tenants.api import TenantViewSet
router = routers.DefaultRouter()
router.include_format_suffixes = False
router.register("admin/system_tasks", TaskViewSet, basename="admin_system_tasks")
router.register("admin/apps", AppsViewSet, basename="apps")
@ -122,9 +118,7 @@ router.register("core/tenants", TenantViewSet)
router.register("outposts/instances", OutpostViewSet)
router.register("outposts/service_connections/all", ServiceConnectionViewSet)
router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet)
router.register(
"outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet
)
router.register("outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet)
router.register("outposts/proxy", ProxyOutpostConfigViewSet)
router.register("outposts/ldap", LDAPOutpostConfigViewSet)
@ -138,8 +132,12 @@ router.register("events/notifications", NotificationViewSet)
router.register("events/transports", NotificationTransportViewSet)
router.register("events/rules", NotificationRuleViewSet)
router.register("managed/blueprints", BlueprintInstanceViewSet)
router.register("sources/all", SourceViewSet)
router.register("sources/oauth_user_connections", UserOAuthSourceConnectionViewSet)
router.register("sources/user_connections/all", UserSourceConnectionViewSet)
router.register("sources/user_connections/oauth", UserOAuthSourceConnectionViewSet)
router.register("sources/user_connections/plex", PlexSourceConnectionViewSet)
router.register("sources/ldap", LDAPSourceViewSet)
router.register("sources/saml", SAMLSourceViewSet)
router.register("sources/oauth", OAuthSourceViewSet)
@ -152,8 +150,7 @@ router.register("policies/event_matcher", EventMatcherPolicyViewSet)
router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet)
router.register("policies/password_expiry", PasswordExpiryPolicyViewSet)
router.register("policies/password", PasswordPolicyViewSet)
router.register("policies/reputation/users", UserReputationViewSet)
router.register("policies/reputation/ips", IPReputationViewSet)
router.register("policies/reputation/scores", ReputationViewSet)
router.register("policies/reputation", ReputationPolicyViewSet)
router.register("providers/all", ProviderViewSet)
@ -169,24 +166,35 @@ router.register("propertymappings/all", PropertyMappingViewSet)
router.register("propertymappings/ldap", LDAPPropertyMappingViewSet)
router.register("propertymappings/saml", SAMLPropertyMappingViewSet)
router.register("propertymappings/scope", ScopeMappingViewSet)
router.register("propertymappings/notification", NotificationWebhookMappingViewSet)
router.register("authenticators/all", DeviceViewSet, basename="device")
router.register("authenticators/duo", DuoDeviceViewSet)
router.register("authenticators/sms", SMSDeviceViewSet)
router.register("authenticators/static", StaticDeviceViewSet)
router.register("authenticators/totp", TOTPDeviceViewSet)
router.register("authenticators/webauthn", WebAuthnDeviceViewSet)
router.register(
"authenticators/admin/all",
AdminDeviceViewSet,
basename="admin-device",
)
router.register(
"authenticators/admin/duo",
DuoAdminDeviceViewSet,
basename="admin-duodevice",
)
router.register(
"authenticators/admin/sms",
SMSAdminDeviceViewSet,
basename="admin-smsdevice",
)
router.register(
"authenticators/admin/static",
StaticAdminDeviceViewSet,
basename="admin-staticdevice",
)
router.register(
"authenticators/admin/totp", TOTPAdminDeviceViewSet, basename="admin-totpdevice"
)
router.register("authenticators/admin/totp", TOTPAdminDeviceViewSet, basename="admin-totpdevice")
router.register(
"authenticators/admin/webauthn",
WebAuthnAdminDeviceViewSet,
@ -195,6 +203,7 @@ router.register(
router.register("stages/all", StageViewSet)
router.register("stages/authenticator/duo", AuthenticatorDuoStageViewSet)
router.register("stages/authenticator/sms", AuthenticatorSMSStageViewSet)
router.register("stages/authenticator/static", AuthenticatorStaticStageViewSet)
router.register("stages/authenticator/totp", AuthenticatorTOTPStageViewSet)
router.register("stages/authenticator/validate", AuthenticatorValidateStageViewSet)
@ -237,7 +246,11 @@ urlpatterns = (
FlowExecutorView.as_view(),
name="flow-executor",
),
path("sentry/", csrf_exempt(SentryTunnelView.as_view()), name="sentry"),
path("schema/", SpectacularAPIView.as_view(), name="schema"),
path(
"flows/inspector/<slug:flow_slug>/",
FlowInspectorView.as_view(),
name="flow-inspector",
),
path("schema/", cache_page(86400)(SpectacularAPIView.as_view()), name="schema"),
]
)

103
authentik/blueprints/api.py Normal file
View File

@ -0,0 +1,103 @@
"""Serializer mixin for managed models"""
from dataclasses import asdict
from drf_spectacular.utils import extend_schema, inline_serializer
from rest_framework.decorators import action
from rest_framework.fields import CharField, DateTimeField, JSONField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ListSerializer, ModelSerializer
from rest_framework.viewsets import ModelViewSet
from authentik.api.decorators import permission_required
from authentik.blueprints.models import BlueprintInstance
from authentik.blueprints.v1.tasks import BlueprintFile, apply_blueprint, blueprints_find
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import PassiveSerializer
from authentik.events.utils import sanitize_dict
class ManagedSerializer:
"""Managed Serializer"""
managed = CharField(read_only=True, allow_null=True)
class MetadataSerializer(PassiveSerializer):
"""Serializer for blueprint metadata"""
name = CharField()
labels = JSONField()
class BlueprintInstanceSerializer(ModelSerializer):
"""Info about a single blueprint instance file"""
class Meta:
model = BlueprintInstance
fields = [
"pk",
"name",
"path",
"context",
"last_applied",
"last_applied_hash",
"status",
"enabled",
"managed_models",
"metadata",
]
extra_kwargs = {
"status": {"read_only": True},
"last_applied": {"read_only": True},
"last_applied_hash": {"read_only": True},
"managed_models": {"read_only": True},
"metadata": {"read_only": True},
}
class BlueprintInstanceViewSet(UsedByMixin, ModelViewSet):
"""Blueprint instances"""
permission_classes = [IsAdminUser]
serializer_class = BlueprintInstanceSerializer
queryset = BlueprintInstance.objects.all()
search_fields = ["name", "path"]
filterset_fields = ["name", "path"]
@extend_schema(
responses={
200: ListSerializer(
child=inline_serializer(
"BlueprintFile",
fields={
"path": CharField(),
"last_m": DateTimeField(),
"hash": CharField(),
"meta": MetadataSerializer(required=False, read_only=True),
},
)
)
}
)
@action(detail=False, pagination_class=None, filter_backends=[])
def available(self, request: Request) -> Response:
"""Get blueprints"""
files: list[BlueprintFile] = blueprints_find.delay().get()
return Response([sanitize_dict(asdict(file)) for file in files])
@permission_required("authentik_blueprints.view_blueprintinstance")
@extend_schema(
request=None,
responses={
200: BlueprintInstanceSerializer(),
},
)
@action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"])
def apply(self, request: Request, *args, **kwargs) -> Response:
"""Apply a blueprint"""
blueprint = self.get_object()
apply_blueprint.delay(str(blueprint.pk)).get()
return self.retrieve(request, *args, **kwargs)

View File

@ -0,0 +1,22 @@
"""authentik Blueprints app"""
from authentik.blueprints.manager import ManagedAppConfig
class AuthentikBlueprintsConfig(ManagedAppConfig):
"""authentik Blueprints app"""
name = "authentik.blueprints"
label = "authentik_blueprints"
verbose_name = "authentik Blueprints"
default = True
def reconcile_load_blueprints_v1_tasks(self):
"""Load v1 tasks"""
self.import_module("authentik.blueprints.v1.tasks")
def reconcile_blueprints_discover(self):
"""Run blueprint discovery"""
from authentik.blueprints.v1.tasks import blueprints_discover
blueprints_discover.delay()

View File

@ -0,0 +1,27 @@
"""Apply blueprint from commandline"""
from django.core.management.base import BaseCommand, no_translations
from structlog.stdlib import get_logger
from authentik.blueprints.v1.importer import Importer
LOGGER = get_logger()
class Command(BaseCommand):
"""Apply blueprint from commandline"""
@no_translations
def handle(self, *args, **options):
"""Apply all blueprints in order, abort when one fails to import"""
for blueprint_path in options.get("blueprints", []):
with open(blueprint_path, "r", encoding="utf8") as blueprint_file:
importer = Importer(blueprint_file.read())
valid, logs = importer.validate()
if not valid:
for log in logs:
LOGGER.debug(**log)
raise ValueError("blueprint invalid")
importer.apply()
def add_arguments(self, parser):
parser.add_argument("blueprints", nargs="+", type=str)

View File

@ -0,0 +1,35 @@
"""Generate JSON Schema for blueprints"""
from json import dumps, loads
from pathlib import Path
from django.apps import apps
from django.core.management.base import BaseCommand, no_translations
from structlog.stdlib import get_logger
from authentik.blueprints.v1.importer import is_model_allowed
LOGGER = get_logger()
class Command(BaseCommand):
"""Generate JSON Schema for blueprints"""
schema: dict
@no_translations
def handle(self, *args, **options):
"""Generate JSON Schema for blueprints"""
path = Path(__file__).parent.joinpath("./schema_template.json")
with open(path, "r", encoding="utf-8") as _template_file:
self.schema = loads(_template_file.read())
self.set_model_allowed()
self.stdout.write(dumps(self.schema, indent=4))
def set_model_allowed(self):
"""Set model enum"""
model_names = []
for model in apps.get_models():
if not is_model_allowed(model):
continue
model_names.append(f"{model._meta.app_label}.{model._meta.model_name}")
self.schema["properties"]["entries"]["items"]["properties"]["model"]["enum"] = model_names

View File

@ -0,0 +1,90 @@
{
"$schema": "http://json-schema.org/draft-07/schema",
"$id": "http://example.com/example.json",
"type": "object",
"title": "authentik Blueprint schema",
"default": {},
"required": [
"version",
"entries"
],
"properties": {
"version": {
"$id": "#/properties/version",
"type": "integer",
"title": "Blueprint version",
"default": 1
},
"metadata": {
"$id": "#/properties/metadata",
"type": "object",
"required": [
"name"
],
"properties": {
"name": {
"type": "string"
},
"labels": {
"type": "object"
}
}
},
"context": {
"$id": "#/properties/context",
"type": "object",
"additionalProperties": true
},
"entries": {
"type": "array",
"items": {
"$id": "#entry",
"type": "object",
"required": [
"model",
"identifiers"
],
"properties": {
"model": {
"type": "string",
"enum": [
"placeholder"
]
},
"id": {
"type": "string"
},
"attrs": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "Commonly available field, may not exist on all models"
}
},
"default": {},
"additionalProperties": true
},
"identifiers": {
"type": "object",
"properties": {
"pk": {
"description": "Commonly available field, may not exist on all models",
"anyOf": [
{
"type": "number"
},
{
"type": "string",
"format": "uuid"
}
]
}
},
"additionalProperties": true
}
}
}
}
}
}

View File

@ -0,0 +1,44 @@
"""Managed objects manager"""
from importlib import import_module
from inspect import ismethod
from django.apps import AppConfig
from django.db import DatabaseError, InternalError, ProgrammingError
from structlog.stdlib import BoundLogger, get_logger
LOGGER = get_logger()
class ManagedAppConfig(AppConfig):
"""Basic reconciliation logic for apps"""
_logger: BoundLogger
def __init__(self, app_name: str, *args, **kwargs) -> None:
super().__init__(app_name, *args, **kwargs)
self._logger = get_logger().bind(app_name=app_name)
def ready(self) -> None:
self.reconcile()
return super().ready()
def import_module(self, path: str):
"""Load module"""
import_module(path)
def reconcile(self) -> None:
"""reconcile ourselves"""
prefix = "reconcile_"
for meth_name in dir(self):
meth = getattr(self, meth_name)
if not ismethod(meth):
continue
if not meth_name.startswith(prefix):
continue
name = meth_name.replace(prefix, "")
try:
self._logger.debug("Starting reconciler", name=name)
meth()
self._logger.debug("Successfully reconciled", name=name)
except (DatabaseError, ProgrammingError, InternalError) as exc:
self._logger.debug("Failed to run reconcile", name=name, exc=exc)

View File

@ -0,0 +1,134 @@
# Generated by Django 4.0.6 on 2022-07-31 17:35
import uuid
from glob import glob
from pathlib import Path
import django.contrib.postgres.fields
from dacite import from_dict
from django.apps.registry import Apps
from django.conf import settings
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
from yaml import load
from authentik.blueprints.v1.labels import LABEL_AUTHENTIK_SYSTEM
from authentik.lib.config import CONFIG
def check_blueprint_v1_file(BlueprintInstance: type["BlueprintInstance"], path: Path):
"""Check if blueprint should be imported"""
from authentik.blueprints.models import BlueprintInstanceStatus
from authentik.blueprints.v1.common import BlueprintLoader, BlueprintMetadata
from authentik.blueprints.v1.labels import LABEL_AUTHENTIK_INSTANTIATE
with open(path, "r", encoding="utf-8") as blueprint_file:
raw_blueprint = load(blueprint_file.read(), BlueprintLoader)
if not raw_blueprint:
return
metadata = raw_blueprint.get("metadata", None)
version = raw_blueprint.get("version", 1)
if version != 1:
return
blueprint_file.seek(0)
instance: BlueprintInstance = BlueprintInstance.objects.filter(path=path).first()
rel_path = path.relative_to(Path(CONFIG.y("blueprints_dir")))
meta = None
if metadata:
meta = from_dict(BlueprintMetadata, metadata)
if meta.labels.get(LABEL_AUTHENTIK_INSTANTIATE, "").lower() == "false":
return
if not instance:
instance = BlueprintInstance(
name=meta.name if meta else str(rel_path),
path=str(rel_path),
context={},
status=BlueprintInstanceStatus.UNKNOWN,
enabled=True,
managed_models=[],
last_applied_hash="",
metadata=metadata,
)
instance.save()
def migration_blueprint_import(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
BlueprintInstance = apps.get_model("authentik_blueprints", "BlueprintInstance")
Flow = apps.get_model("authentik_flows", "Flow")
db_alias = schema_editor.connection.alias
for file in glob(f"{CONFIG.y('blueprints_dir')}/**/*.yaml", recursive=True):
check_blueprint_v1_file(BlueprintInstance, Path(file))
for blueprint in BlueprintInstance.objects.using(db_alias).all():
# If we already have flows (and we should always run before flow migrations)
# then this is an existing install and we want to disable all blueprints
if Flow.objects.using(db_alias).all().exists():
blueprint.enabled = False
# System blueprints are always enabled
if blueprint.metadata.get("labels", {}).get(LABEL_AUTHENTIK_SYSTEM, "").lower() == "true":
blueprint.enabled = True
blueprint.save()
class Migration(migrations.Migration):
initial = True
dependencies = [("authentik_flows", "0001_initial")]
operations = [
migrations.CreateModel(
name="BlueprintInstance",
fields=[
("created", models.DateTimeField(auto_now_add=True)),
("last_updated", models.DateTimeField(auto_now=True)),
(
"managed",
models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
unique=True,
verbose_name="Managed by authentik",
),
),
(
"instance_uuid",
models.UUIDField(
default=uuid.uuid4, editable=False, primary_key=True, serialize=False
),
),
("name", models.TextField()),
("metadata", models.JSONField(default=dict)),
("path", models.TextField()),
("context", models.JSONField(default=dict)),
("last_applied", models.DateTimeField(auto_now=True)),
("last_applied_hash", models.TextField()),
(
"status",
models.TextField(
choices=[
("successful", "Successful"),
("warning", "Warning"),
("error", "Error"),
("orphaned", "Orphaned"),
("unknown", "Unknown"),
]
),
),
("enabled", models.BooleanField(default=True)),
(
"managed_models",
django.contrib.postgres.fields.ArrayField(
base_field=models.TextField(), default=list, size=None
),
),
],
options={
"verbose_name": "Blueprint Instance",
"verbose_name_plural": "Blueprint Instances",
"unique_together": {("name", "path")},
},
),
migrations.RunPython(migration_blueprint_import),
]

View File

@ -0,0 +1,79 @@
"""Managed Object models"""
from uuid import uuid4
from django.contrib.postgres.fields import ArrayField
from django.db import models
from django.utils.translation import gettext_lazy as _
from rest_framework.serializers import Serializer
from authentik.lib.models import CreatedUpdatedModel, SerializerModel
class ManagedModel(models.Model):
"""Model which can be managed by authentik exclusively"""
managed = models.TextField(
default=None,
null=True,
verbose_name=_("Managed by authentik"),
help_text=_(
(
"Objects which are managed by authentik. These objects are created and updated "
"automatically. This is flag only indicates that an object can be overwritten by "
"migrations. You can still modify the objects via the API, but expect changes "
"to be overwritten in a later update."
)
),
unique=True,
)
class Meta:
abstract = True
class BlueprintInstanceStatus(models.TextChoices):
"""Instance status"""
SUCCESSFUL = "successful"
WARNING = "warning"
ERROR = "error"
ORPHANED = "orphaned"
UNKNOWN = "unknown"
class BlueprintInstance(SerializerModel, ManagedModel, CreatedUpdatedModel):
"""Instance of a single blueprint. Can be parameterized via context attribute when
blueprint in `path` has inputs."""
instance_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)
name = models.TextField()
metadata = models.JSONField(default=dict)
path = models.TextField()
context = models.JSONField(default=dict)
last_applied = models.DateTimeField(auto_now=True)
last_applied_hash = models.TextField()
status = models.TextField(choices=BlueprintInstanceStatus.choices)
enabled = models.BooleanField(default=True)
managed_models = ArrayField(models.TextField(), default=list)
@property
def serializer(self) -> Serializer:
from authentik.blueprints.api import BlueprintInstanceSerializer
return BlueprintInstanceSerializer
def __str__(self) -> str:
return f"Blueprint Instance {self.name}"
class Meta:
verbose_name = _("Blueprint Instance")
verbose_name_plural = _("Blueprint Instances")
unique_together = (
(
"name",
"path",
),
)

View File

@ -0,0 +1,12 @@
"""blueprint Settings"""
from celery.schedules import crontab
from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = {
"blueprints_v1_discover": {
"task": "authentik.blueprints.v1.tasks.blueprints_discover",
"schedule": crontab(minute=fqdn_rand("blueprints_v1_discover"), hour="*"),
"options": {"queue": "authentik_scheduled"},
},
}

View File

@ -0,0 +1,49 @@
"""Blueprint helpers"""
from functools import wraps
from pathlib import Path
from typing import Callable
from django.apps import apps
from authentik.blueprints.manager import ManagedAppConfig
from authentik.lib.config import CONFIG
def apply_blueprint(*files: str):
"""Apply blueprint before test"""
from authentik.blueprints.v1.importer import Importer
def wrapper_outer(func: Callable):
"""Apply blueprint before test"""
@wraps(func)
def wrapper(*args, **kwargs):
base_path = Path(CONFIG.y("blueprints_dir"))
for file in files:
full_path = Path(base_path, file)
with full_path.open("r", encoding="utf-8") as _file:
Importer(_file.read()).apply()
return func(*args, **kwargs)
return wrapper
return wrapper_outer
def reconcile_app(app_name: str):
"""Re-reconcile AppConfig methods"""
def wrapper_outer(func: Callable):
"""Re-reconcile AppConfig methods"""
@wraps(func)
def wrapper(*args, **kwargs):
config = apps.get_app_config(app_name)
if isinstance(config, ManagedAppConfig):
config.reconcile()
return func(*args, **kwargs)
return wrapper
return wrapper_outer

View File

@ -0,0 +1,37 @@
"""test packaged blueprints"""
from glob import glob
from pathlib import Path
from typing import Callable
from django.test import TransactionTestCase
from django.utils.text import slugify
from authentik.blueprints.tests import apply_blueprint
from authentik.blueprints.v1.importer import Importer
from authentik.tenants.models import Tenant
class TestBundled(TransactionTestCase):
"""Empty class, test methods are added dynamically"""
@apply_blueprint("default/90-default-tenant.yaml")
def test_decorator_static(self):
"""Test @apply_blueprint decorator"""
self.assertTrue(Tenant.objects.filter(domain="authentik-default").exists())
def blueprint_tester(file_name: str) -> Callable:
"""This is used instead of subTest for better visibility"""
def tester(self: TestBundled):
with open(file_name, "r", encoding="utf8") as flow_yaml:
importer = Importer(flow_yaml.read())
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
return tester
for flow_file in glob("blueprints/**/*.yaml", recursive=True):
method_name = slugify(Path(flow_file).stem).replace("-", "_").replace(".", "_")
setattr(TestBundled, f"test_flow_{method_name}", blueprint_tester(flow_file))

View File

@ -0,0 +1,34 @@
"""authentik managed models tests"""
from typing import Callable, Type
from django.apps import apps
from django.test import TestCase
from authentik.blueprints.v1.importer import is_model_allowed
from authentik.lib.models import SerializerModel
class TestModels(TestCase):
"""Test Models"""
def serializer_tester_factory(test_model: Type[SerializerModel]) -> Callable:
"""Test serializer"""
def tester(self: TestModels):
if test_model._meta.abstract:
return
model_class = test_model()
self.assertTrue(isinstance(model_class, SerializerModel))
self.assertIsNotNone(model_class.serializer)
return tester
for app in apps.get_app_configs():
if not app.label.startswith("authentik"):
continue
for model in app.get_models():
if not is_model_allowed(model):
continue
setattr(TestModels, f"test_{app.label}_{model.__name__}", serializer_tester_factory(model))

View File

@ -1,45 +1,68 @@
"""Test flow transfer"""
from json import dumps
"""Test blueprints v1"""
from django.test import TransactionTestCase
from authentik.blueprints.v1.exporter import Exporter
from authentik.blueprints.v1.importer import Importer, transaction_rollback
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
from authentik.flows.transfer.common import DataclassEncoder
from authentik.flows.transfer.exporter import FlowExporter
from authentik.flows.transfer.importer import FlowImporter, transaction_rollback
from authentik.lib.generators import generate_id
from authentik.policies.expression.models import ExpressionPolicy
from authentik.policies.models import PolicyBinding
from authentik.providers.oauth2.generators import generate_client_id
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
from authentik.stages.user_login.models import UserLoginStage
STATIC_PROMPT_EXPORT = """version: 1
entries:
- identifiers:
pk: cb954fd4-65a5-4ad9-b1ee-180ee9559cf4
model: authentik_stages_prompt.prompt
attrs:
field_key: username
label: Username
type: username
required: true
placeholder: Username
order: 0
"""
class TestFlowTransfer(TransactionTestCase):
"""Test flow transfer"""
YAML_TAG_TESTS = """version: 1
context:
foo: bar
entries:
- attrs:
expression: return True
identifiers:
name: !Format [foo-%s-%s, !Context foo, !Context bar]
id: default-source-enrollment-if-username
model: authentik_policies_expression.expressionpolicy
"""
def test_bundle_invalid_format(self):
"""Test bundle with invalid format"""
importer = FlowImporter('{"version": 3}')
self.assertFalse(importer.validate())
importer = FlowImporter(
class TestBlueprintsV1(TransactionTestCase):
"""Test Blueprints"""
def test_blueprint_invalid_format(self):
"""Test blueprint with invalid format"""
importer = Importer('{"version": 3}')
self.assertFalse(importer.validate()[0])
importer = Importer(
(
'{"version": 1,"entries":[{"identifiers":{},"attrs":{},'
'"model": "authentik_core.User"}]}'
)
)
self.assertFalse(importer.validate())
self.assertFalse(importer.validate()[0])
def test_export_validate_import(self):
"""Test export and validate it"""
flow_slug = generate_client_id()
flow_slug = generate_id()
with transaction_rollback():
login_stage = UserLoginStage.objects.create(name=generate_client_id())
login_stage = UserLoginStage.objects.create(name=generate_id())
flow = Flow.objects.create(
slug=flow_slug,
designation=FlowDesignation.AUTHENTICATION,
name=generate_client_id(),
title=generate_client_id(),
name=generate_id(),
title=generate_id(),
)
FlowStageBinding.objects.update_or_create(
target=flow,
@ -47,47 +70,67 @@ class TestFlowTransfer(TransactionTestCase):
order=0,
)
exporter = FlowExporter(flow)
exporter = Exporter(flow)
export = exporter.export()
self.assertEqual(len(export.entries), 3)
export_json = exporter.export_to_string()
export_yaml = exporter.export_to_string()
importer = FlowImporter(export_json)
self.assertTrue(importer.validate())
importer = Importer(export_yaml)
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
self.assertTrue(Flow.objects.filter(slug=flow_slug).exists())
def test_export_validate_import_re_import(self):
"""Test export and import it twice"""
count_initial = Prompt.objects.filter(field_key="username").count()
importer = Importer(STATIC_PROMPT_EXPORT)
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
count_before = Prompt.objects.filter(field_key="username").count()
self.assertEqual(count_initial + 1, count_before)
importer = Importer(STATIC_PROMPT_EXPORT)
self.assertTrue(importer.apply())
self.assertEqual(Prompt.objects.filter(field_key="username").count(), count_before)
def test_import_yaml_tags(self):
"""Test some yaml tags"""
ExpressionPolicy.objects.filter(name="foo-foo-bar").delete()
importer = Importer(YAML_TAG_TESTS, {"bar": "baz"})
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
self.assertTrue(ExpressionPolicy.objects.filter(name="foo-foo-bar"))
def test_export_validate_import_policies(self):
"""Test export and validate it"""
flow_slug = generate_client_id()
stage_name = generate_client_id()
flow_slug = generate_id()
stage_name = generate_id()
with transaction_rollback():
flow_policy = ExpressionPolicy.objects.create(
name=generate_client_id(),
name=generate_id(),
expression="return True",
)
flow = Flow.objects.create(
slug=flow_slug,
designation=FlowDesignation.AUTHENTICATION,
name=generate_client_id(),
title=generate_client_id(),
name=generate_id(),
title=generate_id(),
)
PolicyBinding.objects.create(policy=flow_policy, target=flow, order=0)
user_login = UserLoginStage.objects.create(name=stage_name)
fsb = FlowStageBinding.objects.create(
target=flow, stage=user_login, order=0
)
fsb = FlowStageBinding.objects.create(target=flow, stage=user_login, order=0)
PolicyBinding.objects.create(policy=flow_policy, target=fsb, order=0)
exporter = FlowExporter(flow)
export = exporter.export()
exporter = Exporter(flow)
export_yaml = exporter.export_to_string()
export_json = dumps(export, cls=DataclassEncoder)
importer = FlowImporter(export_json)
self.assertTrue(importer.validate())
importer = Importer(export_yaml)
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
self.assertTrue(UserLoginStage.objects.filter(name=stage_name).exists())
self.assertTrue(Flow.objects.filter(slug=flow_slug).exists())
@ -113,24 +156,23 @@ class TestFlowTransfer(TransactionTestCase):
)
# Stages
first_stage = PromptStage.objects.create(name=generate_client_id())
first_stage = PromptStage.objects.create(name=generate_id())
first_stage.fields.set([username_prompt, password, password_repeat])
first_stage.save()
flow = Flow.objects.create(
name=generate_client_id(),
slug=generate_client_id(),
name=generate_id(),
slug=generate_id(),
designation=FlowDesignation.ENROLLMENT,
title=generate_client_id(),
title=generate_id(),
)
FlowStageBinding.objects.create(target=flow, stage=first_stage, order=0)
exporter = FlowExporter(flow)
export = exporter.export()
export_json = dumps(export, cls=DataclassEncoder)
exporter = Exporter(flow)
export_yaml = exporter.export_to_string()
importer = FlowImporter(export_json)
importer = Importer(export_yaml)
self.assertTrue(importer.validate())
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())

View File

@ -0,0 +1,45 @@
"""Test blueprints v1 api"""
from json import loads
from tempfile import NamedTemporaryFile, mkdtemp
from django.urls import reverse
from rest_framework.test import APITestCase
from yaml import dump
from authentik.core.tests.utils import create_test_admin_user
from authentik.lib.config import CONFIG
TMP = mkdtemp("authentik-blueprints")
class TestBlueprintsV1API(APITestCase):
"""Test Blueprints API"""
def setUp(self) -> None:
self.user = create_test_admin_user()
self.client.force_login(self.user)
@CONFIG.patch("blueprints_dir", TMP)
def test_api_available(self):
"""Test valid file"""
with NamedTemporaryFile(mode="w+", suffix=".yaml", dir=TMP) as file:
file.write(
dump(
{
"version": 1,
"entries": [],
}
)
)
file.flush()
res = self.client.get(reverse("authentik_api:blueprintinstance-available"))
self.assertEqual(res.status_code, 200)
response = loads(res.content.decode())
self.assertEqual(len(response), 1)
self.assertEqual(
response[0]["hash"],
(
"e52bb445b03cd36057258dc9f0ce0fbed8278498ee1470e45315293e5f026d1bd1f9b352"
"6871c0003f5c07be5c3316d9d4a08444bd8fed1b3f03294e51e44522"
),
)

View File

@ -0,0 +1,140 @@
"""Test blueprints v1 tasks"""
from tempfile import NamedTemporaryFile, mkdtemp
from django.test import TransactionTestCase
from yaml import dump
from authentik.blueprints.models import BlueprintInstance, BlueprintInstanceStatus
from authentik.blueprints.v1.tasks import apply_blueprint, blueprints_discover, blueprints_find
from authentik.lib.config import CONFIG
from authentik.lib.generators import generate_id
TMP = mkdtemp("authentik-blueprints")
class TestBlueprintsV1Tasks(TransactionTestCase):
"""Test Blueprints v1 Tasks"""
@CONFIG.patch("blueprints_dir", TMP)
def test_invalid_file_syntax(self):
"""Test syntactically invalid file"""
with NamedTemporaryFile(suffix=".yaml", dir=TMP) as file:
file.write(b"{")
file.flush()
blueprints = blueprints_find()
self.assertEqual(blueprints, [])
@CONFIG.patch("blueprints_dir", TMP)
def test_invalid_file_version(self):
"""Test invalid file"""
with NamedTemporaryFile(suffix=".yaml", dir=TMP) as file:
file.write(b"version: 2")
file.flush()
blueprints = blueprints_find()
self.assertEqual(blueprints, [])
@CONFIG.patch("blueprints_dir", TMP)
def test_valid(self):
"""Test valid file"""
with NamedTemporaryFile(mode="w+", suffix=".yaml", dir=TMP) as file:
file.write(
dump(
{
"version": 1,
"entries": [],
}
)
)
file.flush()
blueprints_discover() # pylint: disable=no-value-for-parameter
self.assertEqual(
BlueprintInstance.objects.first().last_applied_hash,
(
"e52bb445b03cd36057258dc9f0ce0fbed8278498ee1470e45315293e5f026d1b"
"d1f9b3526871c0003f5c07be5c3316d9d4a08444bd8fed1b3f03294e51e44522"
),
)
self.assertEqual(BlueprintInstance.objects.first().metadata, {})
@CONFIG.patch("blueprints_dir", TMP)
def test_valid_updated(self):
"""Test valid file"""
with NamedTemporaryFile(mode="w+", suffix=".yaml", dir=TMP) as file:
file.write(
dump(
{
"version": 1,
"entries": [],
}
)
)
file.flush()
blueprints_discover() # pylint: disable=no-value-for-parameter
self.assertEqual(
BlueprintInstance.objects.first().last_applied_hash,
(
"e52bb445b03cd36057258dc9f0ce0fbed8278498ee1470e45315293e5f026d1b"
"d1f9b3526871c0003f5c07be5c3316d9d4a08444bd8fed1b3f03294e51e44522"
),
)
self.assertEqual(BlueprintInstance.objects.first().metadata, {})
file.write(
dump(
{
"version": 1,
"entries": [],
"metadata": {
"name": "foo",
},
}
)
)
file.flush()
blueprints_discover() # pylint: disable=no-value-for-parameter
self.assertEqual(
BlueprintInstance.objects.first().last_applied_hash,
(
"fc62fea96067da8592bdf90927246d0ca150b045447df93b0652a0e20a8bc327"
"681510b5db37ea98759c61f9a98dd2381f46a3b5a2da69dfb45158897f14e824"
),
)
self.assertEqual(
BlueprintInstance.objects.first().metadata,
{
"name": "foo",
"labels": {},
},
)
@CONFIG.patch("blueprints_dir", TMP)
def test_valid_disabled(self):
"""Test valid file"""
with NamedTemporaryFile(mode="w+", suffix=".yaml", dir=TMP) as file:
file.write(
dump(
{
"version": 1,
"entries": [],
}
)
)
file.flush()
instance: BlueprintInstance = BlueprintInstance.objects.create(
name=generate_id(),
path=file.name,
enabled=False,
status=BlueprintInstanceStatus.UNKNOWN,
)
instance.refresh_from_db()
self.assertEqual(instance.last_applied_hash, "")
self.assertEqual(
instance.status,
BlueprintInstanceStatus.UNKNOWN,
)
apply_blueprint(instance.pk) # pylint: disable=no-value-for-parameter
instance.refresh_from_db()
self.assertEqual(instance.last_applied_hash, "")
self.assertEqual(
instance.status,
BlueprintInstanceStatus.UNKNOWN,
)

View File

View File

@ -0,0 +1,244 @@
"""transfer common classes"""
from collections import OrderedDict
from dataclasses import asdict, dataclass, field, is_dataclass
from enum import Enum
from typing import Any, Optional
from uuid import UUID
from django.apps import apps
from django.db.models import Model, Q
from rest_framework.fields import Field
from rest_framework.serializers import Serializer
from yaml import SafeDumper, SafeLoader, ScalarNode, SequenceNode
from authentik.lib.models import SerializerModel
from authentik.lib.sentry import SentryIgnoredException
from authentik.policies.models import PolicyBindingModel
def get_attrs(obj: SerializerModel) -> dict[str, Any]:
"""Get object's attributes via their serializer, and convert it to a normal dict"""
serializer: Serializer = obj.serializer(obj)
data = dict(serializer.data)
for field_name, _field in serializer.fields.items():
_field: Field
if field_name not in data:
continue
if _field.read_only:
data.pop(field_name, None)
if _field.default == data.get(field_name, None):
data.pop(field_name, None)
if field_name.endswith("_set"):
data.pop(field_name, None)
return data
@dataclass
class BlueprintEntry:
"""Single entry of a bundle"""
identifiers: dict[str, Any]
model: str
attrs: Optional[dict[str, Any]] = field(default_factory=dict)
# pylint: disable=invalid-name
id: Optional[str] = None
_instance: Optional[Model] = None
@staticmethod
def from_model(model: SerializerModel, *extra_identifier_names: str) -> "BlueprintEntry":
"""Convert a SerializerModel instance to a Bundle Entry"""
identifiers = {
"pk": model.pk,
}
all_attrs = get_attrs(model)
for extra_identifier_name in extra_identifier_names:
identifiers[extra_identifier_name] = all_attrs.pop(extra_identifier_name)
return BlueprintEntry(
identifiers=identifiers,
model=f"{model._meta.app_label}.{model._meta.model_name}",
attrs=all_attrs,
)
def tag_resolver(self, value: Any, blueprint: "Blueprint") -> Any:
"""Check if we have any special tags that need handling"""
if isinstance(value, YAMLTag):
return value.resolve(self, blueprint)
if isinstance(value, dict):
for key, inner_value in value.items():
value[key] = self.tag_resolver(inner_value, blueprint)
if isinstance(value, list):
for idx, inner_value in enumerate(value):
value[idx] = self.tag_resolver(inner_value, blueprint)
return value
def get_attrs(self, blueprint: "Blueprint") -> dict[str, Any]:
"""Get attributes of this entry, with all yaml tags resolved"""
return self.tag_resolver(self.attrs, blueprint)
def get_identifiers(self, blueprint: "Blueprint") -> dict[str, Any]:
"""Get attributes of this entry, with all yaml tags resolved"""
return self.tag_resolver(self.identifiers, blueprint)
@dataclass
class BlueprintMetadata:
"""Optional blueprint metadata"""
name: str
labels: dict[str, str] = field(default_factory=dict)
@dataclass
class Blueprint:
"""Dataclass used for a full export"""
version: int = field(default=1)
entries: list[BlueprintEntry] = field(default_factory=list)
metadata: Optional[BlueprintMetadata] = field(default=None)
context: Optional[dict] = field(default_factory=dict)
class YAMLTag:
"""Base class for all YAML Tags"""
def resolve(self, entry: BlueprintEntry, blueprint: Blueprint) -> Any:
"""Implement yaml tag logic"""
raise NotImplementedError
class KeyOf(YAMLTag):
"""Reference another object by their ID"""
id_from: str
# pylint: disable=unused-argument
def __init__(self, loader: "BlueprintLoader", node: ScalarNode) -> None:
super().__init__()
self.id_from = node.value
def resolve(self, entry: BlueprintEntry, blueprint: Blueprint) -> Any:
for _entry in blueprint.entries:
if _entry.id == self.id_from and _entry._instance:
# Special handling for PolicyBindingModels, as they'll have a different PK
# which is used when creating policy bindings
if (
isinstance(_entry._instance, PolicyBindingModel)
and entry.model.lower() == "authentik_policies.policybinding"
):
return _entry._instance.pbm_uuid
return _entry._instance.pk
raise ValueError(
f"KeyOf: failed to find entry with `id` of `{self.id_from}` and a model instance"
)
class Context(YAMLTag):
"""Lookup key from instance context"""
key: str
default: Optional[Any]
# pylint: disable=unused-argument
def __init__(self, loader: "BlueprintLoader", node: ScalarNode | SequenceNode) -> None:
super().__init__()
self.default = None
if isinstance(node, ScalarNode):
self.key = node.value
if isinstance(node, SequenceNode):
self.key = node.value[0].value
self.default = node.value[1].value
def resolve(self, entry: BlueprintEntry, blueprint: Blueprint) -> Any:
value = self.default
if self.key in blueprint.context:
value = blueprint.context[self.key]
return value
class Format(YAMLTag):
"""Format a string"""
format_string: str
args: list[Any]
# pylint: disable=unused-argument
def __init__(self, loader: "BlueprintLoader", node: SequenceNode) -> None:
super().__init__()
self.format_string = node.value[0].value
self.args = []
for raw_node in node.value[1:]:
self.args.append(raw_node.value)
def resolve(self, entry: BlueprintEntry, blueprint: Blueprint) -> Any:
try:
print(self.format_string)
print(self.args)
return self.format_string % tuple(self.args)
except TypeError as exc:
raise EntryInvalidError(exc)
class Find(YAMLTag):
"""Find any object"""
model_name: str
conditions: list[list]
model_class: type[Model]
def __init__(self, loader: "BlueprintLoader", node: SequenceNode) -> None:
super().__init__()
self.model_name = node.value[0].value
self.model_class = apps.get_model(*self.model_name.split("."))
self.conditions = []
for raw_node in node.value[1:]:
values = []
for node_values in raw_node.value:
values.append(loader.construct_object(node_values))
self.conditions.append(values)
def resolve(self, entry: BlueprintEntry, blueprint: Blueprint) -> Any:
query = Q()
for cond in self.conditions:
query &= Q(**{cond[0]: cond[1]})
instance = self.model_class.objects.filter(query).first()
if instance:
return instance.pk
return None
class BlueprintDumper(SafeDumper):
"""Dump dataclasses to yaml"""
default_flow_style = False
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.add_representer(UUID, lambda self, data: self.represent_str(str(data)))
self.add_representer(OrderedDict, lambda self, data: self.represent_dict(dict(data)))
self.add_representer(Enum, lambda self, data: self.represent_str(data.value))
def represent(self, data) -> None:
if is_dataclass(data):
data = asdict(data)
return super().represent(data)
class BlueprintLoader(SafeLoader):
"""Loader for blueprints with custom tag support"""
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.add_constructor("!KeyOf", KeyOf)
self.add_constructor("!Find", Find)
self.add_constructor("!Context", Context)
self.add_constructor("!Format", Format)
class EntryInvalidError(SentryIgnoredException):
"""Error raised when an entry is invalid"""

View File

@ -1,22 +1,18 @@
"""Flow exporter"""
from json import dumps
from typing import Iterator
from uuid import UUID
from django.db.models import Q
from yaml import dump
from authentik.blueprints.v1.common import Blueprint, BlueprintDumper, BlueprintEntry
from authentik.flows.models import Flow, FlowStageBinding, Stage
from authentik.flows.transfer.common import (
DataclassEncoder,
FlowBundle,
FlowBundleEntry,
)
from authentik.policies.models import Policy, PolicyBinding
from authentik.stages.prompt.models import PromptStage
class FlowExporter:
"""Export flow with attached stages into json"""
class Exporter:
"""Export flow with attached stages into yaml"""
flow: Flow
with_policies: bool
@ -35,57 +31,51 @@ class FlowExporter:
"pbm_uuid", flat=True
)
def walk_stages(self) -> Iterator[FlowBundleEntry]:
"""Convert all stages attached to self.flow into FlowBundleEntry objects"""
stages = (
Stage.objects.filter(flow=self.flow).select_related().select_subclasses()
)
def walk_stages(self) -> Iterator[BlueprintEntry]:
"""Convert all stages attached to self.flow into BlueprintEntry objects"""
stages = Stage.objects.filter(flow=self.flow).select_related().select_subclasses()
for stage in stages:
if isinstance(stage, PromptStage):
pass
yield FlowBundleEntry.from_model(stage, "name")
yield BlueprintEntry.from_model(stage, "name")
def walk_stage_bindings(self) -> Iterator[FlowBundleEntry]:
"""Convert all bindings attached to self.flow into FlowBundleEntry objects"""
def walk_stage_bindings(self) -> Iterator[BlueprintEntry]:
"""Convert all bindings attached to self.flow into BlueprintEntry objects"""
bindings = FlowStageBinding.objects.filter(target=self.flow).select_related()
for binding in bindings:
yield FlowBundleEntry.from_model(binding, "target", "stage", "order")
yield BlueprintEntry.from_model(binding, "target", "stage", "order")
def walk_policies(self) -> Iterator[FlowBundleEntry]:
def walk_policies(self) -> Iterator[BlueprintEntry]:
"""Walk over all policies. This is done at the beginning of the export for stages that have
a direct foreign key to a policy."""
# Special case for PromptStage as that has a direct M2M to policy, we have to ensure
# all policies referenced in there we also include here
prompt_stages = PromptStage.objects.filter(flow=self.flow).values_list(
"pk", flat=True
)
prompt_stages = PromptStage.objects.filter(flow=self.flow).values_list("pk", flat=True)
query = Q(bindings__in=self.pbm_uuids) | Q(promptstage__in=prompt_stages)
policies = Policy.objects.filter(query).select_related()
for policy in policies:
yield FlowBundleEntry.from_model(policy)
yield BlueprintEntry.from_model(policy)
def walk_policy_bindings(self) -> Iterator[FlowBundleEntry]:
def walk_policy_bindings(self) -> Iterator[BlueprintEntry]:
"""Walk over all policybindings relative to us. This is run at the end of the export, as
we are sure all objects exist now."""
bindings = PolicyBinding.objects.filter(
target__in=self.pbm_uuids
).select_related()
bindings = PolicyBinding.objects.filter(target__in=self.pbm_uuids).select_related()
for binding in bindings:
yield FlowBundleEntry.from_model(binding, "policy", "target", "order")
yield BlueprintEntry.from_model(binding, "policy", "target", "order")
def walk_stage_prompts(self) -> Iterator[FlowBundleEntry]:
def walk_stage_prompts(self) -> Iterator[BlueprintEntry]:
"""Walk over all prompts associated with any PromptStages"""
prompt_stages = PromptStage.objects.filter(flow=self.flow)
for stage in prompt_stages:
for prompt in stage.fields.all():
yield FlowBundleEntry.from_model(prompt)
yield BlueprintEntry.from_model(prompt)
def export(self) -> FlowBundle:
def export(self) -> Blueprint:
"""Create a list of all objects including the flow"""
if self.with_policies:
self._prepare_pbm()
bundle = FlowBundle()
bundle.entries.append(FlowBundleEntry.from_model(self.flow, "slug"))
bundle = Blueprint()
bundle.entries.append(BlueprintEntry.from_model(self.flow, "slug"))
if self.with_stage_prompts:
bundle.entries.extend(self.walk_stage_prompts())
if self.with_policies:
@ -97,6 +87,6 @@ class FlowExporter:
return bundle
def export_to_string(self) -> str:
"""Call export and convert it to json"""
"""Call export and convert it to yaml"""
bundle = self.export()
return dumps(bundle, cls=DataclassEncoder)
return dump(bundle, Dumper=BlueprintDumper)

View File

@ -1,11 +1,11 @@
"""Flow importer"""
"""Blueprint importer"""
from contextlib import contextmanager
from copy import deepcopy
from json import loads
from typing import Any, Type
from typing import Any, Optional
from dacite import from_dict
from dacite.exceptions import DaciteError
from deepmerge import always_merger
from django.apps import apps
from django.db import transaction
from django.db.models import Model
@ -14,42 +14,86 @@ from django.db.utils import IntegrityError
from rest_framework.exceptions import ValidationError
from rest_framework.serializers import BaseSerializer, Serializer
from structlog.stdlib import BoundLogger, get_logger
from structlog.testing import capture_logs
from structlog.types import EventDict
from yaml import load
from authentik.flows.models import Flow, FlowStageBinding, Stage
from authentik.flows.transfer.common import (
from authentik.blueprints.v1.common import (
Blueprint,
BlueprintEntry,
BlueprintLoader,
EntryInvalidError,
FlowBundle,
FlowBundleEntry,
)
from authentik.core.models import (
AuthenticatedSession,
PropertyMapping,
Provider,
Source,
UserSourceConnection,
)
from authentik.flows.models import Stage
from authentik.lib.models import SerializerModel
from authentik.policies.models import Policy, PolicyBinding
from authentik.stages.prompt.models import Prompt
from authentik.outposts.models import OutpostServiceConnection
from authentik.policies.models import Policy, PolicyBindingModel
ALLOWED_MODELS = (Flow, FlowStageBinding, Stage, Policy, PolicyBinding, Prompt)
def is_model_allowed(model: type[Model]) -> bool:
"""Check if model is allowed"""
# pylint: disable=imported-auth-user
from django.contrib.auth.models import Group as DjangoGroup
from django.contrib.auth.models import User as DjangoUser
excluded_models = (
DjangoUser,
DjangoGroup,
# Base classes
Provider,
Source,
PropertyMapping,
UserSourceConnection,
Stage,
OutpostServiceConnection,
Policy,
PolicyBindingModel,
# Classes that have other dependencies
AuthenticatedSession,
)
return model not in excluded_models
@contextmanager
def transaction_rollback():
"""Enters an atomic transaction and always triggers a rollback at the end of the block."""
atomic = transaction.atomic()
# pylint: disable=unnecessary-dunder-call
atomic.__enter__()
yield
atomic.__exit__(IntegrityError, None, None)
class FlowImporter:
"""Import Flow from json"""
class Importer:
"""Import Blueprint from YAML"""
logger: BoundLogger
def __init__(self, json_input: str):
def __init__(self, yaml_input: str, context: Optional[dict] = None):
self.__pk_map: dict[Any, Model] = {}
self.logger = get_logger()
import_dict = loads(json_input)
import_dict = load(yaml_input, BlueprintLoader)
try:
self.__import = from_dict(FlowBundle, import_dict)
self.__import = from_dict(Blueprint, import_dict)
except DaciteError as exc:
raise EntryInvalidError from exc
context = {}
always_merger.merge(context, self.__import.context)
if context:
always_merger.merge(context, context)
self.__import.context = context
@property
def blueprint(self) -> Blueprint:
"""Get imported blueprint"""
return self.__import
def __update_pks_for_attrs(self, attrs: dict[str, Any]) -> dict[str, Any]:
"""Replace any value if it is a known primary key of an other object"""
@ -78,6 +122,8 @@ class FlowImporter:
"""Generate an or'd query from all identifiers in an entry"""
# Since identifiers can also be pk-references to other objects (see FlowStageBinding)
# we have to ensure those references are also replaced
main_query = Q()
if "pk" in attrs:
main_query = Q(pk=attrs["pk"])
sub_query = Q()
for identifier, value in attrs.items():
@ -88,26 +134,27 @@ class FlowImporter:
sub_query &= Q(**{identifier: value})
return main_query | sub_query
def _validate_single(self, entry: FlowBundleEntry) -> BaseSerializer:
def _validate_single(self, entry: BlueprintEntry) -> BaseSerializer:
"""Validate a single entry"""
model_app_label, model_name = entry.model.split(".")
model: Type[SerializerModel] = apps.get_model(model_app_label, model_name)
if not isinstance(model(), ALLOWED_MODELS):
model: type[SerializerModel] = apps.get_model(model_app_label, model_name)
# Don't use isinstance since we don't want to check for inheritance
if not is_model_allowed(model):
raise EntryInvalidError(f"Model {model} not allowed")
if entry.identifiers == {}:
raise EntryInvalidError("No identifiers")
# If we try to validate without referencing a possible instance
# we'll get a duplicate error, hence we load the model here and return
# the full serializer for later usage
# Because a model might have multiple unique columns, we chain all identifiers together
# to create an OR query.
updated_identifiers = self.__update_pks_for_attrs(entry.identifiers)
updated_identifiers = self.__update_pks_for_attrs(entry.get_identifiers(self.__import))
for key, value in list(updated_identifiers.items()):
if isinstance(value, dict) and "pk" in value:
del updated_identifiers[key]
updated_identifiers[f"{key}"] = value["pk"]
existing_models = model.objects.filter(
self.__query_from_identifier(updated_identifiers)
)
existing_models = model.objects.filter(self.__query_from_identifier(updated_identifiers))
serializer_kwargs = {}
if existing_models.exists():
@ -119,11 +166,15 @@ class FlowImporter:
pk=model_instance.pk,
)
serializer_kwargs["instance"] = model_instance
serializer_kwargs["partial"] = True
else:
self.logger.debug(
"initialise new instance", model=model, **updated_identifiers
)
full_data = self.__update_pks_for_attrs(entry.attrs)
self.logger.debug("initialise new instance", model=model, **updated_identifiers)
model_instance = model()
# pk needs to be set on the model instance otherwise a new one will be generated
if "pk" in updated_identifiers:
model_instance.pk = updated_identifiers["pk"]
serializer_kwargs["instance"] = model_instance
full_data = self.__update_pks_for_attrs(entry.get_attrs(self.__import))
full_data.update(updated_identifiers)
serializer_kwargs["data"] = full_data
@ -135,7 +186,7 @@ class FlowImporter:
return serializer
def apply(self) -> bool:
"""Apply (create/update) flow json, in database transaction"""
"""Apply (create/update) models yaml, in database transaction"""
try:
with transaction.atomic():
if not self._apply_models():
@ -148,10 +199,9 @@ class FlowImporter:
return True
def _apply_models(self) -> bool:
"""Apply (create/update) flow json"""
"""Apply (create/update) models yaml"""
self.__pk_map = {}
entries = deepcopy(self.__import.entries)
for entry in entries:
for entry in self.__import.entries:
model_app_label, model_name = entry.model.split(".")
try:
model: SerializerModel = apps.get_model(model_app_label, model_name)
@ -164,23 +214,32 @@ class FlowImporter:
try:
serializer = self._validate_single(entry)
except EntryInvalidError as exc:
self.logger.warning("entry not valid", entry=entry, error=exc)
self.logger.warning("entry invalid", entry=entry, error=exc)
return False
model = serializer.save()
if "pk" in entry.identifiers:
self.__pk_map[entry.identifiers["pk"]] = model.pk
entry._instance = model
self.logger.debug("updated model", model=model, pk=model.pk)
return True
def validate(self) -> bool:
"""Validate loaded flow export, ensure all models are allowed
def validate(self) -> tuple[bool, list[EventDict]]:
"""Validate loaded blueprint export, ensure all models are allowed
and serializers have no errors"""
self.logger.debug("Starting flow import validaton")
self.logger.debug("Starting blueprint import validation")
orig_import = deepcopy(self.__import)
if self.__import.version != 1:
self.logger.warning("Invalid bundle version")
return False
with transaction_rollback():
return False, []
with (
transaction_rollback(),
capture_logs() as logs,
):
successful = self._apply_models()
if not successful:
self.logger.debug("Flow validation failed")
return successful
self.logger.debug("blueprint validation failed")
for log in logs:
self.logger.debug(**log)
self.__import = orig_import
return successful, logs

View File

@ -0,0 +1,4 @@
"""Blueprint labels"""
LABEL_AUTHENTIK_SYSTEM = "blueprints.goauthentik.io/system"
LABEL_AUTHENTIK_INSTANTIATE = "blueprints.goauthentik.io/instantiate"

View File

@ -0,0 +1,145 @@
"""v1 blueprints tasks"""
from dataclasses import asdict, dataclass, field
from hashlib import sha512
from pathlib import Path
from typing import Optional
from dacite import from_dict
from django.db import DatabaseError, InternalError, ProgrammingError
from django.utils.timezone import now
from django.utils.translation import gettext_lazy as _
from yaml import load
from yaml.error import YAMLError
from authentik.blueprints.models import BlueprintInstance, BlueprintInstanceStatus
from authentik.blueprints.v1.common import BlueprintLoader, BlueprintMetadata
from authentik.blueprints.v1.importer import Importer
from authentik.blueprints.v1.labels import LABEL_AUTHENTIK_INSTANTIATE
from authentik.events.monitored_tasks import (
MonitoredTask,
TaskResult,
TaskResultStatus,
prefill_task,
)
from authentik.lib.config import CONFIG
from authentik.root.celery import CELERY_APP
@dataclass
class BlueprintFile:
"""Basic info about a blueprint file"""
path: str
version: int
hash: str
last_m: int
meta: Optional[BlueprintMetadata] = field(default=None)
@CELERY_APP.task(
throws=(DatabaseError, ProgrammingError, InternalError),
)
def blueprints_find():
"""Find blueprints and return valid ones"""
blueprints = []
root = Path(CONFIG.y("blueprints_dir"))
for file in root.glob("**/*.yaml"):
path = Path(file)
with open(path, "r", encoding="utf-8") as blueprint_file:
try:
raw_blueprint = load(blueprint_file.read(), BlueprintLoader)
except YAMLError:
raw_blueprint = None
if not raw_blueprint:
continue
metadata = raw_blueprint.get("metadata", None)
version = raw_blueprint.get("version", 1)
if version != 1:
continue
file_hash = sha512(path.read_bytes()).hexdigest()
blueprint = BlueprintFile(path.relative_to(root), version, file_hash, path.stat().st_mtime)
blueprint.meta = from_dict(BlueprintMetadata, metadata) if metadata else None
blueprints.append(blueprint)
return blueprints
@CELERY_APP.task(
throws=(DatabaseError, ProgrammingError, InternalError), base=MonitoredTask, bind=True
)
@prefill_task
def blueprints_discover(self: MonitoredTask):
"""Find blueprints and check if they need to be created in the database"""
count = 0
for blueprint in blueprints_find():
check_blueprint_v1_file(blueprint)
count += 1
self.set_status(
TaskResult(
TaskResultStatus.SUCCESSFUL,
messages=[_("Successfully imported %(count)d files." % {"count": count})],
)
)
def check_blueprint_v1_file(blueprint: BlueprintFile):
"""Check if blueprint should be imported"""
instance: BlueprintInstance = BlueprintInstance.objects.filter(path=blueprint.path).first()
if (
blueprint.meta
and blueprint.meta.labels.get(LABEL_AUTHENTIK_INSTANTIATE, "").lower() == "false"
):
return
if not instance:
instance = BlueprintInstance(
name=blueprint.meta.name if blueprint.meta else str(blueprint.path),
path=blueprint.path,
context={},
status=BlueprintInstanceStatus.UNKNOWN,
enabled=True,
managed_models=[],
metadata={},
)
instance.save()
if instance.last_applied_hash != blueprint.hash:
instance.metadata = asdict(blueprint.meta) if blueprint.meta else {}
instance.save()
apply_blueprint.delay(instance.pk.hex)
@CELERY_APP.task(
bind=True,
base=MonitoredTask,
)
def apply_blueprint(self: MonitoredTask, instance_pk: str):
"""Apply single blueprint"""
self.set_uid(instance_pk)
self.save_on_success = False
try:
instance: BlueprintInstance = BlueprintInstance.objects.filter(pk=instance_pk).first()
if not instance or not instance.enabled:
return
full_path = Path(CONFIG.y("blueprints_dir")).joinpath(Path(instance.path))
file_hash = sha512(full_path.read_bytes()).hexdigest()
with open(full_path, "r", encoding="utf-8") as blueprint_file:
importer = Importer(blueprint_file.read(), instance.context)
valid, logs = importer.validate()
if not valid:
instance.status = BlueprintInstanceStatus.ERROR
instance.save()
self.set_status(TaskResult(TaskResultStatus.ERROR, [x["event"] for x in logs]))
return
applied = importer.apply()
if not applied:
instance.status = BlueprintInstanceStatus.ERROR
instance.save()
self.set_status(TaskResult(TaskResultStatus.ERROR, "Failed to apply"))
return
instance.status = BlueprintInstanceStatus.SUCCESSFUL
instance.last_applied_hash = file_hash
instance.last_applied = now()
instance.save()
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL))
except (DatabaseError, ProgrammingError, InternalError, IOError) as exc:
instance.status = BlueprintInstanceStatus.ERROR
instance.save()
self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc))

View File

@ -1,17 +1,15 @@
"""Application API Views"""
from typing import Optional
from django.core.cache import cache
from django.db.models import QuerySet
from django.http.response import HttpResponseBadRequest
from django.shortcuts import get_object_or_404
from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import (
OpenApiParameter,
OpenApiResponse,
extend_schema,
inline_serializer,
)
from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema
from guardian.shortcuts import get_objects_for_user
from rest_framework.decorators import action
from rest_framework.fields import BooleanField, CharField, FileField, ReadOnlyField
from rest_framework.fields import ReadOnlyField, SerializerMethodField
from rest_framework.parsers import MultiPartParser
from rest_framework.request import Request
from rest_framework.response import Response
@ -19,13 +17,16 @@ from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from structlog.stdlib import get_logger
from structlog.testing import capture_logs
from authentik.admin.api.metrics import CoordinateSerializer, get_events_per_1h
from authentik.admin.api.metrics import CoordinateSerializer
from authentik.api.decorators import permission_required
from authentik.core.api.providers import ProviderSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import FilePathSerializer, FileUploadSerializer
from authentik.core.models import Application, User
from authentik.events.models import EventAction
from authentik.events.utils import sanitize_dict
from authentik.policies.api.exec import PolicyTestResultSerializer
from authentik.policies.engine import PolicyEngine
from authentik.policies.types import PolicyResult
@ -42,11 +43,16 @@ def user_app_cache_key(user_pk: str) -> str:
class ApplicationSerializer(ModelSerializer):
"""Application Serializer"""
launch_url = ReadOnlyField(source="get_launch_url")
provider_obj = ProviderSerializer(source="get_provider", required=False)
launch_url = SerializerMethodField()
provider_obj = ProviderSerializer(source="get_provider", required=False, read_only=True)
meta_icon = ReadOnlyField(source="get_meta_icon")
def get_launch_url(self, app: Application) -> Optional[str]:
"""Allow formatting of launch URL"""
user = self.context["request"].user
return app.get_launch_url(user)
class Meta:
model = Application
@ -57,11 +63,13 @@ class ApplicationSerializer(ModelSerializer):
"provider",
"provider_obj",
"launch_url",
"open_in_new_tab",
"meta_launch_url",
"meta_icon",
"meta_description",
"meta_publisher",
"policy_engine_mode",
"group",
]
extra_kwargs = {
"meta_icon": {"read_only": True},
@ -71,7 +79,7 @@ class ApplicationSerializer(ModelSerializer):
class ApplicationViewSet(UsedByMixin, ModelViewSet):
"""Application Viewset"""
queryset = Application.objects.all()
queryset = Application.objects.all().prefetch_related("provider")
serializer_class = ApplicationSerializer
search_fields = [
"name",
@ -79,6 +87,15 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
"meta_launch_url",
"meta_description",
"meta_publisher",
"group",
]
filterset_fields = [
"name",
"slug",
"meta_launch_url",
"meta_description",
"meta_publisher",
"group",
]
lookup_field = "slug"
ordering = ["name"]
@ -122,15 +139,25 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
# If the current user is superuser, they can set `for_user`
for_user = request.user
if request.user.is_superuser and "for_user" in request.query_params:
try:
for_user = get_object_or_404(User, pk=request.query_params.get("for_user"))
except ValueError:
return HttpResponseBadRequest("for_user must be numerical")
engine = PolicyEngine(application, for_user, request)
engine.use_cache = False
with capture_logs() as logs:
engine.build()
result = engine.result
response = PolicyTestResultSerializer(PolicyResult(False))
if result.passing:
response = PolicyTestResultSerializer(PolicyResult(True))
if request.user.is_superuser:
log_messages = []
for log in logs:
if log.get("process", "") == "PolicyProcess":
continue
log_messages.append(sanitize_dict(log))
result.log_messages = log_messages
response = PolicyTestResultSerializer(result)
return Response(response.data)
@ -147,9 +174,7 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
"""Custom list method that checks Policy based access instead of guardian"""
should_cache = request.GET.get("search", "") == ""
superuser_full_list = (
str(request.GET.get("superuser_full_list", "false")).lower() == "true"
)
superuser_full_list = str(request.GET.get("superuser_full_list", "false")).lower() == "true"
if superuser_full_list and request.user.is_superuser:
return super().list(request)
@ -179,13 +204,7 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
@permission_required("authentik_core.change_application")
@extend_schema(
request={
"multipart/form-data": inline_serializer(
"SetIcon",
fields={
"file": FileField(required=False),
"clear": BooleanField(default=False),
},
)
"multipart/form-data": FileUploadSerializer,
},
responses={
200: OpenApiResponse(description="Success"),
@ -217,7 +236,7 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
@permission_required("authentik_core.change_application")
@extend_schema(
request=inline_serializer("SetIconURL", fields={"url": CharField()}),
request=FilePathSerializer,
responses={
200: OpenApiResponse(description="Success"),
400: OpenApiResponse(description="Bad request"),
@ -240,9 +259,7 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
app.save()
return Response({})
@permission_required(
"authentik_core.view_application", ["authentik_events.view_event"]
)
@permission_required("authentik_core.view_application", ["authentik_events.view_event"])
@extend_schema(responses={200: CoordinateSerializer(many=True)})
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=unused-argument
@ -250,8 +267,10 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
"""Metrics for application logins"""
app = self.get_object()
return Response(
get_events_per_1h(
get_objects_for_user(request.user, "authentik_events.view_event")
.filter(
action=EventAction.AUTHORIZE_APPLICATION,
context__authorized_application__pk=app.pk.hex,
)
.get_events_per_hour()
)

View File

@ -11,6 +11,7 @@ from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import GenericViewSet
from ua_parser import user_agent_parser
from authentik.api.authorization import OwnerSuperuserPermissions
from authentik.core.api.used_by import UsedByMixin
from authentik.core.models import AuthenticatedSession
from authentik.events.geo import GEOIP_READER, GeoIPDict
@ -68,9 +69,7 @@ class AuthenticatedSessionSerializer(ModelSerializer):
"""Get parsed user agent"""
return user_agent_parser.Parse(instance.last_user_agent)
def get_geo_ip(
self, instance: AuthenticatedSession
) -> Optional[GeoIPDict]: # pragma: no cover
def get_geo_ip(self, instance: AuthenticatedSession) -> Optional[GeoIPDict]: # pragma: no cover
"""Get parsed user agent"""
return GEOIP_READER.city_dict(instance.last_ip)
@ -104,11 +103,8 @@ class AuthenticatedSessionViewSet(
search_fields = ["user__username", "last_ip", "last_user_agent"]
filterset_fields = ["user__username", "last_ip", "last_user_agent"]
ordering = ["user__username"]
filter_backends = [
DjangoFilterBackend,
OrderingFilter,
SearchFilter,
]
permission_classes = [OwnerSuperuserPermissions]
filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
def get_queryset(self):
user = self.request.user if self.request else get_anonymous_user()

View File

@ -0,0 +1,68 @@
"""Authenticator Devices API Views"""
from django_otp import device_classes, devices_for_user
from django_otp.models import Device
from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import OpenApiParameter, extend_schema
from rest_framework.fields import BooleanField, CharField, IntegerField, SerializerMethodField
from rest_framework.permissions import IsAdminUser, IsAuthenticated
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import MetaNameSerializer
class DeviceSerializer(MetaNameSerializer):
"""Serializer for Duo authenticator devices"""
pk = IntegerField()
name = CharField()
type = SerializerMethodField()
confirmed = BooleanField()
def get_type(self, instance: Device) -> str:
"""Get type of device"""
return instance._meta.label
class DeviceViewSet(ViewSet):
"""Viewset for authenticator devices"""
serializer_class = DeviceSerializer
permission_classes = [IsAuthenticated]
@extend_schema(responses={200: DeviceSerializer(many=True)})
def list(self, request: Request) -> Response:
"""Get all devices for current user"""
devices = devices_for_user(request.user)
return Response(DeviceSerializer(devices, many=True).data)
class AdminDeviceViewSet(ViewSet):
"""Viewset for authenticator devices"""
serializer_class = DeviceSerializer
permission_classes = [IsAdminUser]
def get_devices(self, **kwargs):
"""Get all devices in all child classes"""
for model in device_classes():
device_set = model.objects.filter(**kwargs)
yield from device_set
@extend_schema(
parameters=[
OpenApiParameter(
name="user",
location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT,
)
],
responses={200: DeviceSerializer(many=True)},
)
def list(self, request: Request) -> Response:
"""Get all devices for current user"""
kwargs = {}
if "user" in request.query_params:
kwargs = {"user": request.query_params["user"]}
return Response(DeviceSerializer(self.get_devices(**kwargs), many=True).data)

View File

@ -1,9 +1,11 @@
"""Groups API Viewset"""
from json import loads
from django.db.models.query import QuerySet
from django_filters.filters import ModelMultipleChoiceFilter
from django_filters.filters import CharFilter, ModelMultipleChoiceFilter
from django_filters.filterset import FilterSet
from rest_framework.fields import BooleanField, CharField, JSONField
from rest_framework.serializers import ListSerializer, ModelSerializer
from rest_framework.fields import CharField, IntegerField, JSONField
from rest_framework.serializers import ListSerializer, ModelSerializer, ValidationError
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
@ -15,7 +17,6 @@ from authentik.core.models import Group, User
class GroupMemberSerializer(ModelSerializer):
"""Stripped down user serializer to show relevant users for groups"""
is_superuser = BooleanField(read_only=True)
avatar = CharField(read_only=True)
attributes = JSONField(validators=[is_dict], required=False)
uid = CharField(read_only=True)
@ -29,7 +30,6 @@ class GroupMemberSerializer(ModelSerializer):
"name",
"is_active",
"last_login",
"is_superuser",
"email",
"avatar",
"attributes",
@ -44,24 +44,41 @@ class GroupSerializer(ModelSerializer):
users_obj = ListSerializer(
child=GroupMemberSerializer(), read_only=True, source="users", required=False
)
parent_name = CharField(source="parent.name", read_only=True)
num_pk = IntegerField(read_only=True)
class Meta:
model = Group
fields = [
"pk",
"num_pk",
"name",
"is_superuser",
"parent",
"parent_name",
"users",
"attributes",
"users_obj",
]
extra_kwargs = {
"users": {
"default": list,
}
}
class GroupFilter(FilterSet):
"""Filter for groups"""
attributes = CharFilter(
field_name="attributes",
lookup_expr="",
label="Attributes",
method="filter_attributes",
)
members_by_username = ModelMultipleChoiceFilter(
field_name="users__username",
to_field_name="username",
@ -72,16 +89,34 @@ class GroupFilter(FilterSet):
queryset=User.objects.all(),
)
# pylint: disable=unused-argument
def filter_attributes(self, queryset, name, value):
"""Filter attributes by query args"""
try:
value = loads(value)
except ValueError:
raise ValidationError(detail="filter: failed to parse JSON")
if not isinstance(value, dict):
raise ValidationError(detail="filter: value must be key:value mapping")
qs = {}
for key, _value in value.items():
qs[f"attributes__{key}"] = _value
try:
_ = len(queryset.filter(**qs))
return queryset.filter(**qs)
except ValueError:
return queryset
class Meta:
model = Group
fields = ["name", "is_superuser", "members_by_pk", "members_by_username"]
fields = ["name", "is_superuser", "members_by_pk", "attributes", "members_by_username"]
class GroupViewSet(UsedByMixin, ModelViewSet):
"""Group Viewset"""
queryset = Group.objects.all()
queryset = Group.objects.all().select_related("parent").prefetch_related("users")
serializer_class = GroupSerializer
search_fields = ["name", "is_superuser"]
filterset_class = GroupFilter

View File

@ -14,16 +14,12 @@ from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from authentik.api.decorators import permission_required
from authentik.blueprints.api import ManagedSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import (
MetaNameSerializer,
PassiveSerializer,
TypeCreateSerializer,
)
from authentik.core.api.utils import MetaNameSerializer, PassiveSerializer, TypeCreateSerializer
from authentik.core.expression import PropertyMappingEvaluator
from authentik.core.models import PropertyMapping
from authentik.lib.utils.reflection import all_subclasses
from authentik.managed.api import ManagedSerializer
from authentik.policies.api.exec import PolicyTestSerializer
@ -60,6 +56,7 @@ class PropertyMappingSerializer(ManagedSerializer, ModelSerializer, MetaNameSeri
"component",
"verbose_name",
"verbose_name_plural",
"meta_model_name",
]
@ -141,9 +138,7 @@ class PropertyMappingViewSet(
self.request,
**test_params.validated_data.get("context", {}),
)
response_data["result"] = dumps(
result, indent=(4 if format_result else None)
)
response_data["result"] = dumps(result, indent=(4 if format_result else None))
except Exception as exc: # pylint: disable=broad-except
response_data["result"] = str(exc)
response_data["successful"] = False

View File

@ -43,6 +43,7 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
"assigned_application_name",
"verbose_name",
"verbose_name_plural",
"meta_model_name",
]

View File

@ -1,18 +1,21 @@
"""Source API Views"""
from typing import Iterable
from django_filters.rest_framework import DjangoFilterBackend
from drf_spectacular.utils import extend_schema
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.serializers import ModelSerializer, ReadOnlyField, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from structlog.stdlib import get_logger
from authentik.api.authorization import OwnerFilter, OwnerSuperuserPermissions
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Source
from authentik.core.models import Source, UserSourceConnection
from authentik.core.types import UserSettingSerializer
from authentik.lib.utils.reflection import all_subclasses
from authentik.policies.engine import PolicyEngine
@ -23,6 +26,7 @@ LOGGER = get_logger()
class SourceSerializer(ModelSerializer, MetaNameSerializer):
"""Source Serializer"""
managed = ReadOnlyField()
component = SerializerMethodField()
def get_component(self, obj: Source) -> str:
@ -45,8 +49,11 @@ class SourceSerializer(ModelSerializer, MetaNameSerializer):
"component",
"verbose_name",
"verbose_name_plural",
"meta_model_name",
"policy_engine_mode",
"user_matching_mode",
"managed",
"user_path_template",
]
@ -62,6 +69,8 @@ class SourceViewSet(
queryset = Source.objects.none()
serializer_class = SourceSerializer
lookup_field = "slug"
search_fields = ["slug", "name"]
filterset_fields = ["slug", "name", "managed"]
def get_queryset(self): # pragma: no cover
return Source.objects.select_subclasses()
@ -74,6 +83,8 @@ class SourceViewSet(
for subclass in all_subclasses(self.queryset.model):
subclass: Source
component = ""
if len(subclass.__subclasses__()) > 0:
continue
if subclass._meta.abstract:
component = subclass.__bases__[0]().component
else:
@ -93,21 +104,57 @@ class SourceViewSet(
@action(detail=False, pagination_class=None, filter_backends=[])
def user_settings(self, request: Request) -> Response:
"""Get all sources the user can configure"""
_all_sources: Iterable[Source] = Source.objects.filter(
enabled=True
).select_subclasses()
_all_sources: Iterable[Source] = (
Source.objects.filter(enabled=True).select_subclasses().order_by("name")
)
matching_sources: list[UserSettingSerializer] = []
for source in _all_sources:
user_settings = source.ui_user_settings
user_settings = source.ui_user_settings()
if not user_settings:
continue
policy_engine = PolicyEngine(source, request.user, request)
policy_engine.build()
if not policy_engine.passing:
continue
source_settings = source.ui_user_settings
source_settings = source.ui_user_settings()
source_settings.initial_data["object_uid"] = source.slug
if not source_settings.is_valid():
LOGGER.warning(source_settings.errors)
matching_sources.append(source_settings.validated_data)
return Response(matching_sources)
class UserSourceConnectionSerializer(SourceSerializer):
"""OAuth Source Serializer"""
source = SourceSerializer(read_only=True)
class Meta:
model = UserSourceConnection
fields = [
"pk",
"user",
"source",
"created",
]
extra_kwargs = {
"user": {"read_only": True},
"created": {"read_only": True},
}
class UserSourceConnectionViewSet(
mixins.RetrieveModelMixin,
mixins.UpdateModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""User-source connection Viewset"""
queryset = UserSourceConnection.objects.all()
serializer_class = UserSourceConnectionSerializer
permission_classes = [OwnerSuperuserPermissions]
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
ordering = ["pk"]

View File

@ -1,26 +1,42 @@
"""Tokens API Viewset"""
from django.http.response import Http404
from drf_spectacular.utils import OpenApiResponse, extend_schema
from typing import Any
from django_filters.rest_framework import DjangoFilterBackend
from drf_spectacular.utils import OpenApiResponse, extend_schema, inline_serializer
from guardian.shortcuts import assign_perm, get_anonymous_user
from rest_framework.decorators import action
from rest_framework.exceptions import ValidationError
from rest_framework.fields import CharField
from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from authentik.api.authorization import OwnerSuperuserPermissions
from authentik.api.decorators import permission_required
from authentik.blueprints.api import ManagedSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.users import UserSerializer
from authentik.core.api.utils import PassiveSerializer
from authentik.core.models import USER_ATTRIBUTE_TOKEN_EXPIRING, Token, TokenIntents
from authentik.events.models import Event, EventAction
from authentik.managed.api import ManagedSerializer
from authentik.events.utils import model_to_dict
class TokenSerializer(ManagedSerializer, ModelSerializer):
"""Token Serializer"""
user = UserSerializer(required=False)
user_obj = UserSerializer(required=False, source="user", read_only=True)
def validate(self, attrs: dict[Any, str]) -> dict[Any, str]:
"""Ensure only API or App password tokens are created."""
request: Request = self.context["request"]
attrs.setdefault("user", request.user)
attrs.setdefault("intent", TokenIntents.INTENT_API)
if attrs.get("intent") not in [TokenIntents.INTENT_API, TokenIntents.INTENT_APP_PASSWORD]:
raise ValidationError(f"Invalid intent {attrs.get('intent')}")
return attrs
class Meta:
@ -31,11 +47,14 @@ class TokenSerializer(ManagedSerializer, ModelSerializer):
"identifier",
"intent",
"user",
"user_obj",
"description",
"expires",
"expiring",
]
depth = 2
extra_kwargs = {
"user": {"required": False},
}
class TokenViewSerializer(PassiveSerializer):
@ -63,17 +82,27 @@ class TokenViewSet(UsedByMixin, ModelViewSet):
"description",
"expires",
"expiring",
"managed",
]
ordering = ["expires"]
ordering = ["identifier", "expires"]
permission_classes = [OwnerSuperuserPermissions]
filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
def get_queryset(self):
user = self.request.user if self.request else get_anonymous_user()
if user.is_superuser:
return super().get_queryset()
return super().get_queryset().filter(user=user.pk)
def perform_create(self, serializer: TokenSerializer):
serializer.save(
if not self.request.user.is_superuser:
instance = serializer.save(
user=self.request.user,
intent=TokenIntents.INTENT_API,
expiring=self.request.user.attributes.get(
USER_ATTRIBUTE_TOKEN_EXPIRING, True
),
expiring=self.request.user.attributes.get(USER_ATTRIBUTE_TOKEN_EXPIRING, True),
)
assign_perm("authentik_core.view_token_key", self.request.user, instance)
return instance
return super().perform_create(serializer)
@permission_required("authentik_core.view_token_key")
@extend_schema(
@ -82,14 +111,39 @@ class TokenViewSet(UsedByMixin, ModelViewSet):
404: OpenApiResponse(description="Token not found or expired"),
}
)
@action(detail=True, pagination_class=None, filter_backends=[])
@action(detail=True, pagination_class=None, filter_backends=[], methods=["GET"])
# pylint: disable=unused-argument
def view_key(self, request: Request, identifier: str) -> Response:
"""Return token key and log access"""
token: Token = self.get_object()
if token.is_expired:
raise Http404
Event.new(EventAction.SECRET_VIEW, secret=token).from_http( # noqa # nosec
request
)
Event.new(EventAction.SECRET_VIEW, secret=token).from_http(request) # noqa # nosec
return Response(TokenViewSerializer({"key": token.key}).data)
@permission_required("authentik_core.set_token_key")
@extend_schema(
request=inline_serializer(
"TokenSetKey",
{
"key": CharField(),
},
),
responses={
204: OpenApiResponse(description="Successfully changed key"),
400: OpenApiResponse(description="Missing key"),
404: OpenApiResponse(description="Token not found or expired"),
},
)
@action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"])
# pylint: disable=unused-argument
def set_key(self, request: Request, identifier: str) -> Response:
"""Return token key and log access"""
token: Token = self.get_object()
key = request.POST.get("key")
if not key:
return Response(status=400)
token.key = key
token.save()
Event.new(EventAction.MODEL_UPDATED, model=model_to_dict(token)).from_http(
request
) # noqa # nosec
return Response(status=204)

View File

@ -79,9 +79,7 @@ class UsedByMixin:
).all():
# Only merge shadows on first object
if first_object:
shadows += getattr(
manager.model._meta, "authentik_used_by_shadows", []
)
shadows += getattr(manager.model._meta, "authentik_used_by_shadows", [])
first_object = False
serializer = UsedBySerializer(
data={

View File

@ -1,40 +1,78 @@
"""User API Views"""
from datetime import timedelta
from json import loads
from typing import Any, Optional
from django.contrib.auth import update_session_auth_hash
from django.db.models.query import QuerySet
from django.db.transaction import atomic
from django.db.utils import IntegrityError
from django.urls import reverse_lazy
from django.utils.http import urlencode
from django_filters.filters import BooleanFilter, CharFilter
from django.utils.text import slugify
from django.utils.timezone import now
from django.utils.translation import gettext as _
from django_filters.filters import BooleanFilter, CharFilter, ModelMultipleChoiceFilter
from django_filters.filterset import FilterSet
from drf_spectacular.utils import extend_schema, extend_schema_field
from guardian.utils import get_anonymous_user
from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import (
OpenApiParameter,
OpenApiResponse,
extend_schema,
extend_schema_field,
inline_serializer,
)
from guardian.shortcuts import get_anonymous_user, get_objects_for_user
from rest_framework.decorators import action
from rest_framework.fields import CharField, JSONField, SerializerMethodField
from rest_framework.permissions import IsAuthenticated
from rest_framework.fields import (
CharField,
IntegerField,
JSONField,
ListField,
SerializerMethodField,
)
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import (
BooleanField,
ListSerializer,
ModelSerializer,
PrimaryKeyRelatedField,
ValidationError,
)
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from structlog.stdlib import get_logger
from authentik.admin.api.metrics import CoordinateSerializer, get_events_per_1h
from authentik.admin.api.metrics import CoordinateSerializer
from authentik.api.decorators import permission_required
from authentik.core.api.groups import GroupSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import LinkSerializer, PassiveSerializer, is_dict
from authentik.core.middleware import (
SESSION_IMPERSONATE_ORIGINAL_USER,
SESSION_IMPERSONATE_USER,
SESSION_KEY_IMPERSONATE_ORIGINAL_USER,
SESSION_KEY_IMPERSONATE_USER,
)
from authentik.core.models import (
USER_ATTRIBUTE_SA,
USER_ATTRIBUTE_TOKEN_EXPIRING,
USER_PATH_SERVICE_ACCOUNT,
Group,
Token,
TokenIntents,
User,
)
from authentik.core.models import Token, TokenIntents, User
from authentik.events.models import EventAction
from authentik.flows.models import FlowToken
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner
from authentik.flows.views.executor import QS_KEY_TOKEN
from authentik.stages.email.models import EmailStage
from authentik.stages.email.tasks import send_mails
from authentik.stages.email.utils import TemplateEmailMessage
from authentik.tenants.models import Tenant
LOGGER = get_logger()
class UserSerializer(ModelSerializer):
"""User Serializer"""
@ -42,8 +80,21 @@ class UserSerializer(ModelSerializer):
is_superuser = BooleanField(read_only=True)
avatar = CharField(read_only=True)
attributes = JSONField(validators=[is_dict], required=False)
groups = ListSerializer(child=GroupSerializer(), read_only=True, source="ak_groups")
groups = PrimaryKeyRelatedField(
allow_empty=True, many=True, source="ak_groups", queryset=Group.objects.all()
)
groups_obj = ListSerializer(child=GroupSerializer(), read_only=True, source="ak_groups")
uid = CharField(read_only=True)
username = CharField(max_length=150)
def validate_path(self, path: str) -> str:
"""Validate path"""
if path[:1] == "/" or path[-1] == "/":
raise ValidationError(_("No leading or trailing slashes allowed."))
for segment in path.split("/"):
if segment == "":
raise ValidationError(_("No empty segments in user path allowed."))
return path
class Meta:
@ -56,21 +107,46 @@ class UserSerializer(ModelSerializer):
"last_login",
"is_superuser",
"groups",
"groups_obj",
"email",
"avatar",
"attributes",
"uid",
"path",
]
extra_kwargs = {
"name": {"allow_blank": True},
}
class UserSelfSerializer(ModelSerializer):
"""User Serializer for information a user can retrieve about themselves and
update about themselves"""
"""User Serializer for information a user can retrieve about themselves"""
is_superuser = BooleanField(read_only=True)
avatar = CharField(read_only=True)
groups = ListSerializer(child=GroupSerializer(), read_only=True, source="ak_groups")
groups = SerializerMethodField()
uid = CharField(read_only=True)
settings = SerializerMethodField()
@extend_schema_field(
ListSerializer(
child=inline_serializer(
"UserSelfGroups",
{"name": CharField(read_only=True), "pk": CharField(read_only=True)},
)
)
)
def get_groups(self, _: User):
"""Return only the group names a user is member of"""
for group in self.instance.ak_groups.all():
yield {
"name": group.name,
"pk": group.pk,
}
def get_settings(self, user: User) -> dict[str, Any]:
"""Get user settings with tenant and group settings applied"""
return user.group_attributes(self._context["request"]).get("settings", {})
class Meta:
@ -85,9 +161,11 @@ class UserSelfSerializer(ModelSerializer):
"email",
"avatar",
"uid",
"settings",
]
extra_kwargs = {
"is_active": {"read_only": True},
"name": {"allow_blank": True},
}
@ -110,22 +188,30 @@ class UserMetricsSerializer(PassiveSerializer):
def get_logins_per_1h(self, _):
"""Get successful logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(action=EventAction.LOGIN, user__pk=user.pk)
return (
get_objects_for_user(user, "authentik_events.view_event")
.filter(action=EventAction.LOGIN, user__pk=user.pk)
.get_events_per_hour()
)
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_failed_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(
action=EventAction.LOGIN_FAILED, context__username=user.username
return (
get_objects_for_user(user, "authentik_events.view_event")
.filter(action=EventAction.LOGIN_FAILED, context__username=user.username)
.get_events_per_hour()
)
@extend_schema_field(CoordinateSerializer(many=True))
def get_authorizations_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(
action=EventAction.AUTHORIZE_APPLICATION, user__pk=user.pk
return (
get_objects_for_user(user, "authentik_events.view_event")
.filter(action=EventAction.AUTHORIZE_APPLICATION, user__pk=user.pk)
.get_events_per_hour()
)
@ -140,6 +226,22 @@ class UsersFilter(FilterSet):
)
is_superuser = BooleanFilter(field_name="ak_groups", lookup_expr="is_superuser")
uuid = CharFilter(field_name="uuid")
path = CharFilter(
field_name="path",
)
path_startswith = CharFilter(field_name="path", lookup_expr="startswith")
groups_by_name = ModelMultipleChoiceFilter(
field_name="ak_groups__name",
to_field_name="name",
queryset=Group.objects.all(),
)
groups_by_pk = ModelMultipleChoiceFilter(
field_name="ak_groups",
queryset=Group.objects.all(),
)
# pylint: disable=unused-argument
def filter_attributes(self, queryset, name, value):
@ -153,7 +255,11 @@ class UsersFilter(FilterSet):
qs = {}
for key, _value in value.items():
qs[f"attributes__{key}"] = _value
try:
_ = len(queryset.filter(**qs))
return queryset.filter(**qs)
except ValueError:
return queryset
class Meta:
model = User
@ -164,6 +270,8 @@ class UsersFilter(FilterSet):
"is_active",
"is_superuser",
"attributes",
"groups_by_name",
"groups_by_pk",
]
@ -171,51 +279,149 @@ class UserViewSet(UsedByMixin, ModelViewSet):
"""User Viewset"""
queryset = User.objects.none()
ordering = ["username"]
serializer_class = UserSerializer
search_fields = ["username", "name", "is_active", "email"]
search_fields = ["username", "name", "is_active", "email", "uuid"]
filterset_class = UsersFilter
def get_queryset(self): # pragma: no cover
return User.objects.all().exclude(pk=get_anonymous_user().pk)
def _create_recovery_link(self) -> tuple[Optional[str], Optional[Token]]:
"""Create a recovery link (when the current tenant has a recovery flow set),
that can either be shown to an admin or sent to the user directly"""
tenant: Tenant = self.request._request.tenant
# Check that there is a recovery flow, if not return an error
flow = tenant.flow_recovery
if not flow:
LOGGER.debug("No recovery flow set")
return None, None
user: User = self.get_object()
planner = FlowPlanner(flow)
planner.allow_empty_flows = True
plan = planner.plan(
self.request._request,
{
PLAN_CONTEXT_PENDING_USER: user,
},
)
token, __ = FlowToken.objects.update_or_create(
identifier=f"{user.uid}-password-reset",
defaults={
"user": user,
"flow": flow,
"_plan": FlowToken.pickle(plan),
},
)
querystring = urlencode({QS_KEY_TOKEN: token.key})
link = self.request.build_absolute_uri(
reverse_lazy("authentik_core:if-flow", kwargs={"flow_slug": flow.slug})
+ f"?{querystring}"
)
return link, token
@permission_required(None, ["authentik_core.add_user", "authentik_core.add_token"])
@extend_schema(
request=inline_serializer(
"UserServiceAccountSerializer",
{
"name": CharField(required=True),
"create_group": BooleanField(default=False),
},
),
responses={
200: inline_serializer(
"UserServiceAccountResponse",
{
"username": CharField(required=True),
"token": CharField(required=True),
"user_uid": CharField(required=True),
"user_pk": IntegerField(required=True),
"group_pk": CharField(required=False),
},
)
},
)
@action(detail=False, methods=["POST"], pagination_class=None, filter_backends=[])
def service_account(self, request: Request) -> Response:
"""Create a new user account that is marked as a service account"""
username = request.data.get("name")
create_group = request.data.get("create_group", False)
with atomic():
try:
user = User.objects.create(
username=username,
name=username,
attributes={USER_ATTRIBUTE_SA: True, USER_ATTRIBUTE_TOKEN_EXPIRING: False},
path=USER_PATH_SERVICE_ACCOUNT,
)
response = {
"username": user.username,
"user_uid": user.uid,
"user_pk": user.pk,
}
if create_group and self.request.user.has_perm("authentik_core.add_group"):
group = Group.objects.create(
name=username,
)
group.users.add(user)
response["group_pk"] = str(group.pk)
token = Token.objects.create(
identifier=slugify(f"service-account-{username}-password"),
intent=TokenIntents.INTENT_APP_PASSWORD,
user=user,
expires=now() + timedelta(days=360),
)
response["token"] = token.key
return Response(response)
except (IntegrityError) as exc:
return Response(data={"non_field_errors": [str(exc)]}, status=400)
@extend_schema(responses={200: SessionUserSerializer(many=False)})
@action(detail=False, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name
def me(self, request: Request) -> Response:
"""Get information about current user"""
context = {"request": request}
serializer = SessionUserSerializer(
data={"user": UserSerializer(request.user).data}
data={"user": UserSelfSerializer(instance=request.user, context=context).data}
)
if SESSION_IMPERSONATE_USER in request._request.session:
if SESSION_KEY_IMPERSONATE_USER in request._request.session:
serializer.initial_data["original"] = UserSelfSerializer(
request._request.session[SESSION_IMPERSONATE_ORIGINAL_USER]
instance=request._request.session[SESSION_KEY_IMPERSONATE_ORIGINAL_USER],
context=context,
).data
serializer.is_valid()
return Response(serializer.data)
self.request.session.modified = True
return Response(serializer.initial_data)
@permission_required("authentik_core.reset_user_password")
@extend_schema(
request=UserSelfSerializer, responses={200: SessionUserSerializer(many=False)}
request=inline_serializer(
"UserPasswordSetSerializer",
{
"password": CharField(required=True),
},
),
responses={
204: OpenApiResponse(description="Successfully changed password"),
400: OpenApiResponse(description="Bad request"),
},
)
@action(
methods=["PUT"],
detail=False,
pagination_class=None,
filter_backends=[],
permission_classes=[IsAuthenticated],
)
def update_self(self, request: Request) -> Response:
"""Allow users to change information on their own profile"""
data = UserSelfSerializer(
instance=User.objects.get(pk=request.user.pk), data=request.data
)
if not data.is_valid():
return Response(data.errors)
new_user = data.save()
# If we're impersonating, we need to update that user object
# since it caches the full object
if SESSION_IMPERSONATE_USER in request.session:
request.session[SESSION_IMPERSONATE_USER] = new_user
return self.me(request)
@action(detail=True, methods=["POST"])
# pylint: disable=invalid-name, unused-argument
def set_password(self, request: Request, pk: int) -> Response:
"""Set password for user"""
user: User = self.get_object()
try:
user.set_password(request.data.get("password"))
user.save()
except (ValidationError, IntegrityError) as exc:
LOGGER.debug("Failed to set password", exc=exc)
return Response(status=400)
if user.pk == request.user.pk and SESSION_KEY_IMPERSONATE_USER not in self.request.session:
LOGGER.debug("Updating session hash after password change")
update_session_auth_hash(self.request, user)
return Response(status=204)
@permission_required("authentik_core.view_user", ["authentik_events.view_event"])
@extend_schema(responses={200: UserMetricsSerializer(many=False)})
@ -239,24 +445,60 @@ class UserViewSet(UsedByMixin, ModelViewSet):
# pylint: disable=invalid-name, unused-argument
def recovery(self, request: Request, pk: int) -> Response:
"""Create a temporary link that a user can use to recover their accounts"""
tenant: Tenant = request._request.tenant
# Check that there is a recovery flow, if not return an error
flow = tenant.flow_recovery
if not flow:
link, _ = self._create_recovery_link()
if not link:
LOGGER.debug("Couldn't create token")
return Response({"link": ""}, status=404)
user: User = self.get_object()
token, __ = Token.objects.get_or_create(
identifier=f"{user.uid}-password-reset",
user=user,
intent=TokenIntents.INTENT_RECOVERY,
)
querystring = urlencode({"token": token.key})
link = request.build_absolute_uri(
reverse_lazy("authentik_core:if-flow", kwargs={"flow_slug": flow.slug})
+ f"?{querystring}"
)
return Response({"link": link})
@permission_required("authentik_core.reset_user_password")
@extend_schema(
parameters=[
OpenApiParameter(
name="email_stage",
location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR,
required=True,
)
],
responses={
"204": OpenApiResponse(description="Successfully sent recover email"),
"404": OpenApiResponse(description="Bad request"),
},
)
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name, unused-argument
def recovery_email(self, request: Request, pk: int) -> Response:
"""Create a temporary link that a user can use to recover their accounts"""
for_user = self.get_object()
if for_user.email == "":
LOGGER.debug("User doesn't have an email address")
return Response(status=404)
link, token = self._create_recovery_link()
if not link:
LOGGER.debug("Couldn't create token")
return Response(status=404)
# Lookup the email stage to assure the current user can access it
stages = get_objects_for_user(
request.user, "authentik_stages_email.view_emailstage"
).filter(pk=request.query_params.get("email_stage"))
if not stages.exists():
LOGGER.debug("Email stage does not exist/user has no permissions")
return Response(status=404)
email_stage: EmailStage = stages.first()
message = TemplateEmailMessage(
subject=_(email_stage.subject),
template_name=email_stage.template,
to=[for_user.email],
template_context={
"url": link,
"user": for_user,
"expires": token.expires,
},
)
send_mails(email_stage, message)
return Response(status=204)
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
@ -269,3 +511,32 @@ class UserViewSet(UsedByMixin, ModelViewSet):
if self.request.user.has_perm("authentik_core.view_user"):
return self._filter_queryset_for_list(queryset)
return super().filter_queryset(queryset)
@extend_schema(
responses={
200: inline_serializer(
"UserPathSerializer", {"paths": ListField(child=CharField(), read_only=True)}
)
},
parameters=[
OpenApiParameter(
name="search",
location=OpenApiParameter.QUERY,
type=OpenApiTypes.STR,
)
],
)
@action(detail=False, pagination_class=None)
def paths(self, request: Request) -> Response:
"""Get all user paths"""
return Response(
data={
"paths": list(
self.filter_queryset(self.get_queryset())
.values("path")
.distinct()
.order_by("path")
.values_list("path", flat=True)
)
}
)

View File

@ -2,21 +2,15 @@
from typing import Any
from django.db.models import Model
from rest_framework.fields import CharField, IntegerField
from rest_framework.serializers import (
Serializer,
SerializerMethodField,
ValidationError,
)
from rest_framework.fields import BooleanField, CharField, FileField, IntegerField
from rest_framework.serializers import Serializer, SerializerMethodField, ValidationError
def is_dict(value: Any):
"""Ensure a value is a dictionary, useful for JSONFields"""
if isinstance(value, dict):
return
raise ValidationError(
"Value must be a dictionary, and not have any duplicate keys."
)
raise ValidationError("Value must be a dictionary, and not have any duplicate keys.")
class PassiveSerializer(Serializer):
@ -25,13 +19,21 @@ class PassiveSerializer(Serializer):
def create(self, validated_data: dict) -> Model: # pragma: no cover
return Model()
def update(
self, instance: Model, validated_data: dict
) -> Model: # pragma: no cover
def update(self, instance: Model, validated_data: dict) -> Model: # pragma: no cover
return Model()
class Meta:
model = Model
class FileUploadSerializer(PassiveSerializer):
"""Serializer to upload file"""
file = FileField(required=False)
clear = BooleanField(default=False)
class FilePathSerializer(PassiveSerializer):
"""Serializer to upload file"""
url = CharField()
class MetaNameSerializer(PassiveSerializer):
@ -39,6 +41,7 @@ class MetaNameSerializer(PassiveSerializer):
verbose_name = SerializerMethodField()
verbose_name_plural = SerializerMethodField()
meta_model_name = SerializerMethodField()
def get_verbose_name(self, obj: Model) -> str:
"""Return object's verbose_name"""
@ -48,6 +51,10 @@ class MetaNameSerializer(PassiveSerializer):
"""Return object's plural verbose_name"""
return obj._meta.verbose_name_plural
def get_meta_model_name(self, obj: Model) -> str:
"""Return internal model name"""
return f"{obj._meta.app_label}.{obj._meta.model_name}"
class TypeCreateSerializer(PassiveSerializer):
"""Types of an object that can be created"""

View File

@ -1,30 +1,37 @@
"""authentik core app config"""
from importlib import import_module
from django.conf import settings
from django.apps import AppConfig
from django.db import ProgrammingError
from authentik.core.signals import GAUGE_MODELS
from authentik.lib.utils.reflection import get_apps
from authentik.blueprints.manager import ManagedAppConfig
class AuthentikCoreConfig(AppConfig):
class AuthentikCoreConfig(ManagedAppConfig):
"""authentik core app config"""
name = "authentik.core"
label = "authentik_core"
verbose_name = "authentik Core"
mountpoint = ""
default = True
def ready(self):
import_module("authentik.core.signals")
import_module("authentik.core.managed")
try:
for app in get_apps():
for model in app.get_models():
GAUGE_MODELS.labels(
model_name=model._meta.model_name,
app=model._meta.app_label,
).set(model.objects.count())
except ProgrammingError:
pass
def reconcile_load_core_signals(self):
"""Load core signals"""
self.import_module("authentik.core.signals")
def reconcile_debug_worker_hook(self):
"""Dispatch startup tasks inline when debugging"""
if settings.DEBUG:
from authentik.root.celery import worker_ready_hook
worker_ready_hook()
def reconcile_source_inbuilt(self):
"""Reconcile inbuilt source"""
from authentik.core.models import Source
Source.objects.update_or_create(
defaults={
"name": "authentik Built-in",
"slug": "authentik-built-in",
},
managed="goauthentik.io/sources/inbuilt",
)

60
authentik/core/auth.py Normal file
View File

@ -0,0 +1,60 @@
"""Authenticate with tokens"""
from typing import Any, Optional
from django.contrib.auth.backends import ModelBackend
from django.http.request import HttpRequest
from authentik.core.models import Token, TokenIntents, User
from authentik.events.utils import cleanse_dict, sanitize_dict
from authentik.flows.planner import FlowPlan
from authentik.flows.views.executor import SESSION_KEY_PLAN
from authentik.stages.password.stage import PLAN_CONTEXT_METHOD, PLAN_CONTEXT_METHOD_ARGS
class InbuiltBackend(ModelBackend):
"""Inbuilt backend"""
def authenticate(
self, request: HttpRequest, username: Optional[str], password: Optional[str], **kwargs: Any
) -> Optional[User]:
user = super().authenticate(request, username=username, password=password, **kwargs)
if not user:
return None
self.set_method("password", request)
return user
def set_method(self, method: str, request: Optional[HttpRequest], **kwargs):
"""Set method data on current flow, if possbiel"""
if not request:
return
# Since we can't directly pass other variables to signals, and we want to log the method
# and the token used, we assume we're running in a flow and set a variable in the context
flow_plan: FlowPlan = request.session.get(SESSION_KEY_PLAN, FlowPlan(""))
flow_plan.context[PLAN_CONTEXT_METHOD] = method
flow_plan.context[PLAN_CONTEXT_METHOD_ARGS] = cleanse_dict(sanitize_dict(kwargs))
request.session[SESSION_KEY_PLAN] = flow_plan
class TokenBackend(InbuiltBackend):
"""Authenticate with token"""
def authenticate(
self, request: HttpRequest, username: Optional[str], password: Optional[str], **kwargs: Any
) -> Optional[User]:
try:
user = User._default_manager.get_by_natural_key(username)
except User.DoesNotExist:
# Run the default password hasher once to reduce the timing
# difference between an existing and a nonexistent user (#20760).
User().set_password(password)
return None
# pylint: disable=no-member
tokens = Token.filter_not_expired(
user=user, key=password, intent=TokenIntents.INTENT_APP_PASSWORD
)
if not tokens.exists():
return None
token = tokens.first()
self.set_method("token", request, token=token)
return token.user

View File

@ -4,7 +4,7 @@ from channels.generic.websocket import JsonWebsocketConsumer
from rest_framework.exceptions import AuthenticationFailed
from structlog.stdlib import get_logger
from authentik.api.authentication import token_from_header
from authentik.api.authentication import bearer_auth
from authentik.core.models import User
LOGGER = get_logger()
@ -24,12 +24,12 @@ class AuthJsonConsumer(JsonWebsocketConsumer):
raw_header = headers[b"authorization"]
try:
token = token_from_header(raw_header)
# token is only None when no header was given, in which case we deny too
if not token:
user = bearer_auth(raw_header)
# user is only None when no header was given, in which case we deny too
if not user:
raise DenyConnection()
except AuthenticationFailed as exc:
LOGGER.warning("Failed to authenticate", exc=exc)
raise DenyConnection()
self.user = token.user
self.user = user

View File

@ -1,16 +0,0 @@
"""Core managed objects"""
from authentik.core.models import Source
from authentik.managed.manager import EnsureExists, ObjectManager
class CoreManager(ObjectManager):
"""Core managed objects"""
def reconcile(self):
return [
EnsureExists(
Source,
"goauthentik.io/sources/inbuilt",
name="authentik Built-in",
),
]

View File

Some files were not shown because too many files have changed in this diff Show More