Compare commits

..

3397 Commits

Author SHA1 Message Date
31a58e2c25 release: 2021.6.2 2021-06-22 23:35:10 +02:00
229715acb2 ci: fix push as stable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 23:33:36 +02:00
2a670afd02 Break down Sources into individual sections in Docs (#1052)
* Create index.mdx

Add Wekan example

* updated to include wekan entry

* Update and rename website/docs/sources.md to website/docs/sources/index.md

Break Sources into individual pages.

* Update and rename website/docs/sources/index.md to website/docs/sources/ldap/index.md

* Create index.md

* Update index.md

* Update index.md

* Create index.md

* Create index.md

* Create index.md

* Update index.md

* Update index.md

* Update index.md

* Create index.md

* discord images

* spacing

* Added discord

* discord changes

* Added sources breakdown to the sidebar

* Fixed the saml title

* Added github examples

* fixed formatting

* Changed file path, updated sidebar, added google.

* fixed a spelling mistake

* Cleaned up formatting

* Fixed Notes
2021-06-22 21:46:44 +02:00
b69248dd55 stages/authenticator_validate: fix error when using not_configured_action=configure
closes #1048

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 20:08:58 +02:00
5ff5edf769 outposts: improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 18:51:02 +02:00
939889e0ec tenants: fix footer_links for moved config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 15:48:17 +02:00
19ae6585dc lib: add tests for config loader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 13:12:07 +02:00
a81c847392 website/docs: fix call to group_attributes for nextcloud
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 13:00:48 +02:00
c6ede78fba core: add support for custom urls for avatars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 12:25:24 +02:00
cea1289186 website/docs: add instruction for local.env.yml for frontend dev
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-22 12:06:55 +02:00
c297f28552 build(deps): bump @typescript-eslint/parser in /web (#1060) 2021-06-22 08:55:04 +02:00
35b25bd76e build(deps): bump @sentry/browser from 6.7.1 to 6.7.2 in /web (#1061) 2021-06-22 08:54:56 +02:00
64d7610b13 build(deps): bump boto3 from 1.17.97 to 1.17.98 (#1065) 2021-06-22 08:11:27 +02:00
2c8fcff832 build(deps): bump codemirror from 5.61.1 to 5.62.0 in /web (#1058) 2021-06-22 08:11:11 +02:00
054e76d02a build(deps): bump @babel/preset-env from 7.14.5 to 7.14.7 in /web (#1059) 2021-06-22 08:10:56 +02:00
80fa132dd9 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1062) 2021-06-22 08:10:39 +02:00
4c59c3abef build(deps): bump @sentry/tracing from 6.7.1 to 6.7.2 in /web (#1063) 2021-06-22 08:10:27 +02:00
22d319c0e7 build(deps): bump rollup from 2.52.1 to 2.52.2 in /web (#1064) 2021-06-22 08:09:44 +02:00
89edd77484 website/docs: use beta images for dev setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 22:57:18 +02:00
04e52d8ba6 web/admin: handle elements in slot=form not being forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 22:48:47 +02:00
9b5e3921cb providers/saml: better handle decoding errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 22:48:34 +02:00
2bbad64dc3 website/docs: add developer docs for frontend-only
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 21:25:56 +02:00
f6026fdb13 root: allow loading local /static files without debug flag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 21:21:35 +02:00
49def45ca3 root: remove old traefik labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 21:04:59 +02:00
a4856969f4 outposts: fix port and inner_port being mixed on docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 19:19:06 +02:00
2aa7266688 crypto: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 16:24:03 +02:00
25817cae6b ci: always run full test, send sourcemaps to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 16:12:14 +02:00
5383ae2c19 ci: re-tag latest images on stable build instead of building again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 16:11:30 +02:00
c0c246edab crypto: catch error when loading private key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 15:57:48 +02:00
831b32c279 core: fix PropertyMapping's globals not matching Expression policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 15:54:43 +02:00
70ccc63702 core: remove default flow background from default css, set static in base_full and dynamically in if/flow
closes #1056

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:37:34 +02:00
de954250e5 root: make general cache timeouts configurable
closes #974

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:18:49 +02:00
f268bd4c69 policies: make policy result cache timeout configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:17:58 +02:00
57a48b6350 flows: make flow plan cache timeout configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 10:17:11 +02:00
9aac114115 root: save temporary database dump in /tmp
closes #1055

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 09:58:19 +02:00
66e3cbdc46 build(deps): bump eslint from 7.28.0 to 7.29.0 in /web (#1053) 2021-06-21 08:49:06 +02:00
2d76d23f7b root: add pr_wanted exemption to stale bot
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-20 17:27:54 +02:00
4327b35bc3 tenants: fix tenant not being queried correctly when using accessing over a child domain
closes #1044

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-20 14:39:21 +02:00
f7047df40e policies: don't use policy cache when checking application access
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-20 13:30:07 +02:00
ef77a4b64e tests/e2e: fix provider test image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 22:11:09 +02:00
5d7d21076f tests/integration: fix expected image names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 20:22:20 +02:00
ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 19:52:55 +02:00
9cb7e6c606 root: set outposts.docker_image_base to gh-master for tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 15:49:49 +02:00
e7d36c095d web/admin: sort inputs on authenticator validation stage form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 15:35:39 +02:00
b88eb430c1 outposts/proxy: fix additionalHeaders not being set
closes #1050

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 15:24:51 +02:00
641872a33a web/admin: fix tenant's default flag not being saved
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1044
2021-06-19 12:42:29 +02:00
405c690193 tests/e2e: test additionalHeaders with proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-19 12:40:24 +02:00
932cf48d2b website/docs: remove old branding settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-18 09:10:19 +02:00
402819107d build(deps): bump boto3 from 1.17.96 to 1.17.97 (#1046) 2021-06-18 07:24:02 +02:00
41f135126b build(deps): bump typescript from 4.3.3 to 4.3.4 in /web (#1045) 2021-06-18 07:23:49 +02:00
591a339302 build(deps): bump celery from 5.1.0 to 5.1.1 (#1047) 2021-06-18 07:23:41 +02:00
35f2c5d96a website/docs: add release notes for 2021.6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-17 22:52:39 +02:00
fe6963c428 release: 2021.6.1 2021-06-17 22:14:52 +02:00
19cac4bf43 providers/saml: fix error when getting transient user identifier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-17 13:52:10 +02:00
4ca564490e providers/saml: add support for NameID type unspecified
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-17 12:45:53 +02:00
fcb795c273 providers/saml: fix NameIDPolicy not being parsed correctly, improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-17 12:22:40 +02:00
14c70b3e4a build(deps): bump rollup from 2.52.0 to 2.52.1 in /web (#1039) 2021-06-17 08:53:11 +02:00
ac880c28d7 build(deps): bump rollup from 2.51.2 to 2.52.0 in /web (#1033) 2021-06-17 08:51:31 +02:00
f3c6b9a4f6 build(deps): bump postcss from 8.3.4 to 8.3.5 in /website (#1034) 2021-06-17 08:51:22 +02:00
cba0cf0d76 build(deps): bump @lingui/core from 3.10.3 to 3.10.4 in /web (#1035) 2021-06-17 08:51:11 +02:00
73b67cf0f0 build(deps): bump typescript from 4.3.2 to 4.3.3 in /web (#1036) 2021-06-17 08:51:00 +02:00
23a8052cc8 build(deps): bump boto3 from 1.17.95 to 1.17.96 (#1037) 2021-06-17 08:50:52 +02:00
57c49c3865 build(deps): bump psycopg2-binary from 2.8.6 to 2.9.1 (#1038) 2021-06-17 08:50:43 +02:00
cbea51ae5b stages/authenticator_duo: make Duo-admin viewset writeable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 23:17:26 +02:00
8962081d92 website/docs: add wekan (#1032)
* Create index.mdx

Add Wekan example

* updated to include wekan entry
2021-06-16 23:08:58 +02:00
e743f13f81 recovery: fix error when creating multiple keys for the same user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 23:04:35 +02:00
b20a8b7c17 stages/authenticator_duo: fix error when enrolling an existing user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 23:04:24 +02:00
b53c94d76a flows: fix error when stage has incorrect type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 22:52:00 +02:00
d4419d66c1 core: fix error when creating AuthenticatedSession without key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 22:51:48 +02:00
79044368d2 core: fix error getting stages when enrollment flow isn't set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 22:45:42 +02:00
426686957d website/docs: remove migrate command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 22:43:43 +02:00
28cb803fd9 website/docs: Add a note about Protocol Overwrite (#1031)
Added a note in the Nextcloud section for Protocol overwrite when behind a reverse proxy
2021-06-16 19:38:34 +02:00
85c3a36b62 website: clear up comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 14:54:44 +02:00
9ba8a715b1 build(deps): bump @sentry/tracing from 6.7.0 to 6.7.1 in /web (#1026) 2021-06-16 09:26:32 +02:00
358750f66e build(deps): bump drf-spectacular from 0.17.1 to 0.17.2 (#1028) 2021-06-16 08:47:05 +02:00
b9918529b8 build(deps): bump @sentry/browser from 6.7.0 to 6.7.1 in /web (#1027) 2021-06-16 08:46:40 +02:00
a5673b4ec8 build(deps): bump boto3 from 1.17.94 to 1.17.95 (#1029) 2021-06-16 08:46:11 +02:00
d9287d0c0e Merge branch 'next' 2021-06-15 23:43:44 +02:00
d9c2b64116 root: update schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 23:38:03 +02:00
2b150d3077 website/docs: add changelog for release candidates
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 22:19:45 +02:00
dec7a9cfb9 website/docs: add docs for flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 22:14:23 +02:00
e0f48a30b7 release: 2021.6.1-rc6 2021-06-15 21:18:33 +02:00
973f14d911 ci: only build stable images when non-rc version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 18:41:26 +02:00
e8978adc1b outpost: fix syntax error when creating an outpost with connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 18:39:51 +02:00
3ca8d9c968 ci: build and push stable tag when rc not in release name
closes #1023

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-15 17:34:23 +02:00
42636142fa build(deps): bump @typescript-eslint/parser in /web (#1021)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-15 09:29:14 +02:00
57c459348f build(deps): bump @sentry/tracing from 6.6.0 to 6.7.0 in /web (#1020)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.6.0 to 6.7.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.6.0...6.7.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-15 09:28:55 +02:00
493b34cf0d build(deps): bump boto3 from 1.17.93 to 1.17.94 (#1022) 2021-06-15 08:55:32 +02:00
f0493f418b build(deps): bump @sentry/browser from 6.6.0 to 6.7.0 in /web (#1019) 2021-06-15 08:55:05 +02:00
d45a292652 build(deps): bump @babel/core from 7.14.5 to 7.14.6 in /web (#1018) 2021-06-15 08:54:44 +02:00
b21ea360db build(deps): bump @lingui/core from 3.10.2 to 3.10.3 in /web (#1016) 2021-06-15 08:54:36 +02:00
6816f8b851 build(deps): bump postcss from 8.3.2 to 8.3.4 in /website (#1015) 2021-06-15 08:54:18 +02:00
de714f0390 build(deps): bump @typescript-eslint/eslint-plugin in /web (#1017) 2021-06-15 08:54:10 +02:00
800df332b5 stages/authenticator_duo: don't create default duo stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 22:55:37 +02:00
16c194d2dc core: fix upload api not checking clear properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 22:34:47 +02:00
53100a72fe stages/identification: fix challenges not being annotated correctly and API client not loading data correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 22:28:11 +02:00
ec4c3f44cb events: don't create system exception event in debug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 22:16:27 +02:00
f10bd432b3 policies/reputation: fix race condition in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 20:40:40 +02:00
4de927ba5b web/admin: fix link for github issue creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 18:55:43 +02:00
74e578c2bf events: add tenant to event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 18:43:29 +02:00
e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 17:22:58 +02:00
0e02925a3d stages/authenticator_validate: add tests for authenticator validation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 16:32:36 +02:00
5b837c3ccc providers/saml: improve error handling for signature errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 12:51:42 +02:00
2580371f94 outposts: fix error when getting component for base service connection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 12:38:29 +02:00
4e9be85353 website/docs: add docs for outpost configuration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 09:21:35 +02:00
79508e1965 core: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 23:41:50 +02:00
3a88dde545 web: fix declaration of Intl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 23:13:43 +02:00
31fc4d1cb9 web: migrate banner to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 22:55:41 +02:00
09cd8f8f63 web/admin: fix ak-application-check-access-form for get api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 22:40:51 +02:00
d824b09365 outposts/ldap: improve responses for unsuccessful binds
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 22:00:05 +02:00
cabbd18880 core: revert check_access API to get to prevent CSRF errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 21:47:49 +02:00
c9dda17c68 web/admin: select service connection by default when only one exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 20:12:01 +02:00
bb8559ee18 web: remove base interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 19:54:27 +02:00
5ae32e525c web/flows: improve display of allowed fields for identification stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 16:30:03 +02:00
0832145a01 web: fix fields for new api schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 15:36:25 +02:00
4167276c8f root: fix references to helm chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 14:30:44 +02:00
afb84c7bc5 flows: fix error clearing flow background when no files have been uploaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 14:14:41 +02:00
82b2c7e3f0 web: add capabilities to sentry event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 14:08:39 +02:00
fc8004db2b outposts: fix integrity error with tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 13:36:54 +02:00
ddfc943bba root: fix build_hash being set incorrectly for tagged versions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 13:32:18 +02:00
8c0c12292e build(deps): bump tslib from 2.2.0 to 2.3.0 in /web (#1011)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.2.0...2.3.0)

---
updated-dependencies:
- dependency-name: tslib
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-13 13:08:50 +02:00
803490d98b build(deps): bump rollup from 2.51.1 to 2.51.2 in /web (#1012)
Bumps [rollup](https://github.com/rollup/rollup) from 2.51.1 to 2.51.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.51.1...v2.51.2)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-13 13:08:38 +02:00
16835ab478 build(deps): bump boto3 from 1.17.92 to 1.17.93 (#1013)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.92 to 1.17.93.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.92...1.17.93)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-13 13:08:27 +02:00
572b8d87b5 api: fix import error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 12:59:28 +02:00
31d2ea65fd provider/proxy: mark forward_auth flag as deprecated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 12:39:25 +02:00
f4ac2f50e2 sources/saml: check sessions before deleting user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 12:39:10 +02:00
969a3f0ddd build(deps): bump drf-spectacular from 0.17.0 to 0.17.1 (#1014)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.17.0...0.17.1)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-13 12:28:24 +02:00
4e18f47f28 web/flows: fix expiry not shown on consent stage when loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 12:21:11 +02:00
f10286edf8 Merge branch 'version-2021.6' into next 2021-06-12 20:43:12 +02:00
d789dcc28f core: fix impersonation not working with inactive users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 20:41:02 +02:00
715a71427e web/admin: fix user enable/disable modal not matching other modals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 20:31:02 +02:00
84c21d16cf website: fix duplicate plugin ID
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 20:15:35 +02:00
2e4e17adb7 web/flows: fix IdentificationStage's label not matching fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 18:49:50 +02:00
00cbaaf672 web/flows: improve display of errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 18:18:36 +02:00
74e4e8f6aa core: delete real session when AuthenticatedSession is deleted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 17:37:32 +02:00
d78fda990a release: 2021.6.1-rc5 2021-06-12 15:19:24 +02:00
10d949f7a9 stages/password: add constants for password backends
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-12 12:14:55 +02:00
6661af032d build(deps): bump @sentry/tracing from 6.5.1 to 6.6.0 in /web (#1007)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.5.1 to 6.6.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.5.1...6.6.0)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-11 09:28:58 +02:00
fb5e4a3af8 build(deps): bump postcss from 8.3.1 to 8.3.2 in /website (#1006) 2021-06-11 08:25:06 +02:00
1dfad83a34 build(deps): bump @sentry/browser from 6.5.1 to 6.6.0 in /web (#1008) 2021-06-11 08:24:48 +02:00
70025c648c build(deps): bump boto3 from 1.17.91 to 1.17.92 (#1009) 2021-06-11 08:24:24 +02:00
676b77aa7c stages/identification: add UPN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:48:39 +02:00
e35e096266 stages/authenticator_webauthn: use tenant title as RP_NAME
closes #1004

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:17:25 +02:00
7af12d4fec stages/authenticator_totp: set TOTP issuer based on slug'd tenant title
closes #1004

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:16:37 +02:00
8d6db0fabf flows: fix configuration URL being set when no flow is configure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:07:26 +02:00
8ddcf99bf7 web: fix flow download link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 21:47:40 +02:00
e25f6aea8c release: 2021.6.1-rc4 2021-06-10 18:59:00 +02:00
b1a9eda1d3 ci: fix release test using wrong docker image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 18:58:30 +02:00
2c15ab9995 release: 2021.6.1-rc3 2021-06-10 18:04:59 +02:00
b3c51e426d web: fix styling for toggle group on dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 18:02:27 +02:00
71578af47f ci: fix testing for release tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 17:41:54 +02:00
6c985acb36 release: 2021.6.1-rc2 2021-06-10 14:10:47 +02:00
d878d2140e providers/saml: add metadata download link to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 14:06:44 +02:00
4766d6ff3d flows: add export URL to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 13:52:50 +02:00
3a64d97040 crypto: add download links as API fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 13:46:12 +02:00
2275ba3add flows: fix get_pending_user returning in-memory user when PLAN_CONTEXT_PENDING_USER_IDENTIFIER is set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 12:17:46 +02:00
9f7c941426 Merge branch 'master' into next 2021-06-10 11:59:10 +02:00
34ae9e6dab API: add endpoint to show by what objects an object is used (#995)
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 11:58:12 +02:00
bf683514ee build(deps): bump @babel/plugin-proposal-decorators in /web (#1000) 2021-06-10 09:11:01 +02:00
9b58bdb447 build(deps): bump @babel/preset-env from 7.14.4 to 7.14.5 in /web (#1002) 2021-06-10 09:10:52 +02:00
4237f20ccd build(deps): bump boto3 from 1.17.90 to 1.17.91 (#1003) 2021-06-10 08:53:42 +02:00
2408719a47 build(deps): bump eslint-plugin-lit from 1.5.0 to 1.5.1 in /web (#1001) 2021-06-10 08:53:35 +02:00
b33fef7929 build(deps): bump @babel/preset-typescript from 7.13.0 to 7.14.5 in /web (#999) 2021-06-10 08:53:20 +02:00
73b9847e7d build(deps): bump @babel/core from 7.14.3 to 7.14.5 in /web (#998) 2021-06-10 08:53:10 +02:00
a7e4eb021d build(deps): bump @babel/plugin-transform-runtime in /web (#997) 2021-06-10 08:53:01 +02:00
11306770ad build(deps): bump postcss from 8.3.0 to 8.3.1 in /website (#996) 2021-06-10 08:52:51 +02:00
5235e00d3c stages/authenticator_validate: add more logging for challenges
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 23:58:08 +02:00
7834146efc web/admin: fix authenticatior_valiation stage not setting correct fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 19:38:54 +02:00
d4379ecd31 flows: fix configure_url not being set correctly User settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 19:25:27 +02:00
7492608ace Merge branch 'version-2021.6' into next 2021-06-09 16:06:06 +02:00
7eef501446 Revert "root: fix permissions for docker files"
This reverts commit a7adeb917e.
2021-06-09 16:04:17 +02:00
b73de96aa6 lifecycle: fix permissions for unittest xml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 16:03:51 +02:00
a7adeb917e root: fix permissions for docker files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 16:00:29 +02:00
4ee2f951da lifecycle: fix check_if_root not working without docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:56:12 +02:00
01c5235e82 ci: use bootstrap for testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:54:47 +02:00
0ce4f9fe12 Revert "web: don't build api client as separate bundle"
This reverts commit 7c1fe1243f.
2021-06-09 15:37:57 +02:00
2f4f951818 Revert "web: build API during npm build"
This reverts commit a6c214e8fa.
2021-06-09 15:37:50 +02:00
a6c214e8fa web: build API during npm build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:35:35 +02:00
57f8b108c4 root: remove production=false
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:27:06 +02:00
7c1fe1243f web: don't build api client as separate bundle
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:26:42 +02:00
3f69dd34ba ci: run tests as authentik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 15:05:03 +02:00
c81431895a Merge branch 'master' into version-2021.6 2021-06-09 15:04:52 +02:00
560c979d26 root: fix requirements-dev including all dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 14:22:45 +02:00
c5cc8842ec root: fix missing test files in docker file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 14:22:32 +02:00
2a881d241d Merge branch 'master' into next 2021-06-09 11:25:07 +02:00
6291834573 outpost: fix missing outpost images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 11:24:59 +02:00
eeea36acea outpost: fix missing outpost images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 11:22:28 +02:00
e95b9da586 website/docs: fix beta instructions for k8s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 11:07:02 +02:00
f4a53c89ef release: 2021.6.1-rc1 2021-06-09 11:01:14 +02:00
20493252e2 lifecycle: fix custom port not being set for postgres healthcheck
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 10:59:48 +02:00
2210497569 events: add EMAIL_SENT event, show sent emails in event log
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 10:28:32 +02:00
2addf71f37 outposts: add service connection to outpost API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 09:45:14 +02:00
de11181890 web/admin: fix outpost/ldap charts when no healthy objects exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 09:31:30 +02:00
66e3bc6b58 build(deps): bump @lingui/core from 3.9.0 to 3.10.2 in /web (#989)
Bumps [@lingui/core](https://github.com/lingui/js-lingui) from 3.9.0 to 3.10.2.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.9.0...v3.10.2)

---
updated-dependencies:
- dependency-name: "@lingui/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 09:24:05 +02:00
612679e8df build(deps): bump @lingui/macro from 3.9.0 to 3.10.2 in /web (#992)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.9.0 to 3.10.2.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.9.0...v3.10.2)

---
updated-dependencies:
- dependency-name: "@lingui/macro"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 09:19:30 +02:00
c9072f7403 build(deps): bump rollup from 2.51.0 to 2.51.1 in /web (#988) 2021-06-09 08:31:42 +02:00
cacacb06af build(deps): bump @patternfly/patternfly from 4.103.6 to 4.108.2 in /web (#990) 2021-06-09 08:31:23 +02:00
7da87a53b7 build(deps): bump @lingui/cli from 3.9.0 to 3.10.2 in /web (#991) 2021-06-09 08:29:41 +02:00
9f894881ca build(deps): bump boto3 from 1.17.89 to 1.17.90 (#993) 2021-06-09 08:29:31 +02:00
dad24c03ff outposts: set cookies for a domain to authenticate an entire domain (#971)
* outposts: initial cookie domain implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add cookie domain setting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: replace forward_auth_mode with general mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: rebuild proxy provider form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: re-add forward_auth_mode for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix data.mode not being set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: always set log level to debug when testing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: use new mode attribute

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only ingress /akprox on forward_domain

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix error on ProxyProviderForm when not using proxy mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix default for outpost form's type missing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add additional desc for proxy modes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix service account permissions not always being updated

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: fix redirecting to incorrect host for domain mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: improve error handling for network errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: fix image naming not matching main imaeg

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: fix redirects for domain mode and traefik

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix colour for paragraphs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix consent stage not showing permissions correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add domain-level docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken links

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: remove dead code

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix missing id for #header-text

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 23:10:17 +02:00
fb8d67a9d9 core: add configure_url to UserSettings for both stages and sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 19:21:27 +02:00
029d58191e sources/saml: include metadata download link in API response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 17:22:03 +02:00
75404f1345 web/admin: pass full configure flow URL instead of just boolean
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 17:14:54 +02:00
ba1b23c879 flows: move flow relevant info into ContextualFlowInfo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 16:53:28 +02:00
ae8cf00a21 tests/e2e: switch to ghcr images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 15:32:23 +02:00
d9ffb23a80 web/admin: improve ldap form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 09:31:36 +02:00
dab5f4c768 build(deps): bump @typescript-eslint/parser in /web (#982)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.26.0 to 4.26.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.26.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-08 09:27:20 +02:00
cd6632fca6 build(deps): bump @typescript-eslint/eslint-plugin in /web (#984) 2021-06-08 08:54:42 +02:00
ea1741838c build(deps): bump eslint-plugin-lit from 1.4.1 to 1.5.0 in /web (#983) 2021-06-08 08:54:33 +02:00
8256fa8c0b build(deps): bump duo-client from 4.3.1 to 4.3.2 (#985) 2021-06-08 08:54:03 +02:00
486a930163 build(deps): bump boto3 from 1.17.88 to 1.17.89 (#986) 2021-06-08 08:53:43 +02:00
8a58a31bd6 build(deps): bump github.com/go-openapi/runtime in /outpost (#987) 2021-06-08 08:53:34 +02:00
deb0d3f7bc website: add LDAP to protocols
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-07 22:27:53 +02:00
10208b45b6 website/docs: fix API browser not loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-07 22:19:11 +02:00
25f987ba2b stages/prompt: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-07 17:40:06 +02:00
f23111beff stages/user_write: add tests for duplicate data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-07 16:42:01 +02:00
0f693158b6 stages/email: add tests for inaccessible email templates
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-07 16:09:39 +02:00
e51226432f web: update default flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-07 10:18:40 +02:00
b1fbcef98a build(deps-dev): bump prettier from 2.3.0 to 2.3.1 in /website (#979) 2021-06-07 08:38:07 +02:00
ce56192412 build(deps-dev): bump pytest-django from 4.3.0 to 4.4.0 (#980) 2021-06-07 08:37:56 +02:00
70d72f340f outpost: fix default value for buildHash
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 23:07:23 +02:00
7524e114d9 outpost/ldap: add http server for healthchecks
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 23:07:13 +02:00
4d7dab92bc website/docs: add changelog for 2021.6
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 19:43:47 +02:00
a36e3aa3a4 web: rename Form.reset to resetForm to prevent t.form is not a function error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 19:28:16 +02:00
fceab788d2 outposts: fix error during outpost disconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 19:25:09 +02:00
d55d44d664 web/user: fix deletion of authenticator not refreshing page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 19:09:29 +02:00
88cc38394e root: improve sentry tags to simplify queries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 14:51:43 +02:00
ea1696a275 root: add stale.yml
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 14:47:03 +02:00
552d26eb98 outpost: only build in docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 14:11:38 +02:00
90a5c84ac8 core: make EndSessionView inherit PolicyAccessView
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 14:07:50 +02:00
b55c3a687d web/admin: fix default for policy binding negate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 14:04:20 +02:00
e786244988 root: don't run main ci for website or outpost changes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 13:56:38 +02:00
68f1fbebf4 root: add question template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 13:56:38 +02:00
9180d448df core: move end-session to core
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 13:56:38 +02:00
67470590c2 web/flows: only show permissions header when permissions are defined
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 13:56:38 +02:00
fe2e850303 build(deps): bump rollup from 2.50.6 to 2.51.0 in /web (#977)
Bumps [rollup](https://github.com/rollup/rollup) from 2.50.6 to 2.51.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.50.6...v2.51.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-06 13:56:24 +02:00
a7a3c158ea build(deps): bump eslint from 7.27.0 to 7.28.0 in /web (#976)
Bumps [eslint](https://github.com/eslint/eslint) from 7.27.0 to 7.28.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.27.0...v7.28.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-06 13:56:13 +02:00
98d0986ac8 build(deps): bump boto3 from 1.17.87 to 1.17.88 (#978)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.87 to 1.17.88.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.87...1.17.88)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-06 13:56:05 +02:00
bedf7fbcaa web/admin: don't show backup error when server can't backup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:51:23 +02:00
1f35f73c66 api: add CAN_BACKUP capability
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:44:43 +02:00
8ea02e4cc9 web/admin: fix charts not showing with null values
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:40:32 +02:00
f399b32135 web: fix form for charts not matching the rest
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:40:20 +02:00
0032f535da core: add minor tests for users api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 01:23:04 +02:00
3c349b1f22 tests: fix missing test GeoIP database
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 01:08:11 +02:00
17326615b7 events: rewrite GeoIP to a wrapper, reload file every 8 hours
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 00:42:41 +02:00
f5dbdbd48b *: add clear param to file upload API to delete stored file and reset field
closes #949

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 21:33:03 +02:00
277c2f4aad core: make application.meta_icon nullable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#949
2021-06-05 21:06:52 +02:00
d38f944435 web: fix ModalForm loading data even when not in viewport
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 20:51:58 +02:00
ba3e0a0586 core: fix flow query
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 20:30:56 +02:00
7581c84a37 flows: fix tests using flow.background.url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 20:29:31 +02:00
86b450c6d1 flows: add compatibility_mode to toggle ShadyDOM
closes #894

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 20:04:30 +02:00
e43e42139a web: migrate templates back to django
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 19:38:24 +02:00
0b90cfcec4 flows: set default background in code not model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 19:38:13 +02:00
cefe3fa6dd outposts: fix docker controller always replacing beta images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 16:08:20 +02:00
24da24b5d5 stages/identification: allow setting of a password stage to check password and identity in a single step
closes #970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 16:05:03 +02:00
f996f9d4e3 tests/e2e: ensure outpost service account has correct permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-04 09:46:31 +02:00
5411412626 build(deps): bump golang from 1.16.4 to 1.16.5 in /outpost (#966)
Bumps golang from 1.16.4 to 1.16.5.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-04 09:37:13 +02:00
f9050f9192 build(deps): bump golang from 1.16.4 to 1.16.5 (#967)
Bumps golang from 1.16.4 to 1.16.5.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-04 09:37:02 +02:00
bc75c07e65 build(deps): bump rollup from 2.50.5 to 2.50.6 in /web (#968)
Bumps [rollup](https://github.com/rollup/rollup) from 2.50.5 to 2.50.6.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.50.5...v2.50.6)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-04 09:35:59 +02:00
c02b943612 build(deps): bump boto3 from 1.17.86 to 1.17.87 (#969)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.86 to 1.17.87.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.86...1.17.87)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-04 09:35:47 +02:00
7b39718bd1 tenants: fix fallback for unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 22:40:01 +02:00
e9621bae06 tests: show logs for containers on failed e2e tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 22:17:18 +02:00
0eaabbc0f3 admin: fix upgrading deletion of tasks when listing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 17:42:13 +02:00
5e3628bea6 core: add fallback URLs for websocket to cleanup test logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 17:26:18 +02:00
290ebef8e3 core: instead of migrating sessions, clear cache on initial upgrade
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 17:20:25 +02:00
46ab1d20df stages/email: fix token being created without identifier
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 14:54:07 +02:00
48e68d6852 core: fix token identifier not being set to unique
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 11:45:48 +02:00
cde056825e build(deps): bump @sentry/browser from 6.5.0 to 6.5.1 in /web (#962)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.5.0 to 6.5.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.5.0...6.5.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-03 10:25:31 +02:00
de25b64f2b build(deps): bump django from 3.2.3 to 3.2.4 (#964)
Bumps [django](https://github.com/django/django) from 3.2.3 to 3.2.4.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.3...3.2.4)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-03 10:00:12 +02:00
32f0c6abe1 build(deps): bump boto3 from 1.17.85 to 1.17.86 (#963)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.85 to 1.17.86.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.85...1.17.86)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-03 09:59:49 +02:00
960210f351 build(deps): bump @sentry/tracing from 6.5.0 to 6.5.1 in /web (#961)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.5.0 to 6.5.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.5.0...6.5.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-03 09:59:39 +02:00
7c300f0858 web/admin: fix flow export button not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 00:40:07 +02:00
ed3859800c core: improve API validation for Application's set_icon_url (fix JSON Syntax Error)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 00:39:56 +02:00
06b7f62a40 core: make app's meta_launch_url textfield
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 00:21:20 +02:00
45b7c349f1 Merge branch 'next' 2021-06-02 23:46:40 +02:00
7bef6f7153 Zabbix Integration Instructions (#960) 2021-06-02 23:16:52 +02:00
d32e40b1f8 tenants: fix unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 22:38:30 +02:00
cec47c3cfc providers/oauth2: show id_token issues for refresh token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 22:05:04 +02:00
4d773274d4 web: fix missing default favicon and not updating correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:47:56 +02:00
3ea2b16a12 tenants: add separate field for favicon url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:31:04 +02:00
974ddc07f7 web: improve loading of custom favicon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:19:39 +02:00
2f64b76eba flows: fix invalid background URL when using manually set static or http
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:09:54 +02:00
a113778ca7 web/admin: fix css for dropdown toggles which are secondary
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 20:42:31 +02:00
06caaa7c80 web/admin: fix BoundPoliciesList's policy edit button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 20:29:34 +02:00
b50ac96605 providers/oauth2: remove size limit on Access code nonce
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 20:20:07 +02:00
166b98fa34 web/admin: fix BoundPoliciesList's edit policy button not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 18:00:26 +02:00
6d0e0cbe5a outposts: improve validation of providers (must match outpost type)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 16:04:41 +02:00
b339452843 web: set favicon based on current tenants branding logo
closes #956

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 14:38:24 +02:00
4f04ab7a5f sources/oauth: fix azure AD get_profile_info not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 11:34:59 +02:00
35bcd5d174 sources/oauth: improve debug logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 11:34:18 +02:00
644ff4a90c outposts: fix error when validating kubeconfig
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 10:25:59 +02:00
05d45383be build(deps): bump drf-spectacular from 0.16.0 to 0.17.0 (#957)
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases)
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.16.0...0.17.0)

---
updated-dependencies:
- dependency-name: drf-spectacular
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-02 09:25:28 +02:00
702fdfedb7 build(deps): bump uvicorn from 0.13.4 to 0.14.0 (#958)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.4 to 0.14.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.4...0.14.0)

---
updated-dependencies:
- dependency-name: uvicorn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-02 09:24:46 +02:00
2a0af8750d build(deps): bump boto3 from 1.17.84 to 1.17.85 (#959)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.84 to 1.17.85.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.84...1.17.85)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-02 09:24:18 +02:00
770316a49f web/admin: fix oauth source not creatable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:36:21 +02:00
85d349e776 web/admin: only allow outpost providers matching outpost type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:35:36 +02:00
f29344e91f web/admin: improve error handling for non-rest_framework errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:34:16 +02:00
9900cc5c81 web/admin: fix urls not showing when pre-selected provider is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:33:59 +02:00
3af48a81e2 web/admin: fix source type not always matching modelname
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:30:04 +02:00
5bebf26908 web/admin: fix CanSaveMedia -> SaveMedia
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-01 23:16:21 +02:00
eea831fb5a build(deps): bump @typescript-eslint/parser in /web (#952)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.25.0 to 4.26.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.26.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-01 10:02:48 +02:00
2e4a9219a2 build(deps): bump @sentry/tracing from 6.4.1 to 6.5.0 in /web (#951)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.4.1 to 6.5.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.4.1...6.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-01 10:02:34 +02:00
7f1098ce9b build(deps): bump @sentry/browser from 6.4.1 to 6.5.0 in /web (#953)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.4.1 to 6.5.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.4.1...6.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-01 09:27:49 +02:00
6cd6224d2b build(deps): bump @typescript-eslint/eslint-plugin in /web (#954)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.25.0 to 4.26.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.26.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-01 09:27:38 +02:00
43d85f8696 build(deps-dev): bump pylint from 2.8.2 to 2.8.3 (#955)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.2...v2.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-01 09:27:29 +02:00
ef8b26db13 Fix typo in migrations for authenticator_webauthn (#950) 2021-06-01 00:24:20 +02:00
ebfa7c8dce website/docs: fix docs for outpost annotations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 23:32:17 +02:00
e295f18e78 web/admin: fix error when importing SAML Metadata
closes #948

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 22:26:24 +02:00
cef5c2b084 website/docs: add note for CSRF in hass
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 17:08:39 +02:00
e24a9e3119 policies: fix missing negate flag of policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-31 11:50:29 +02:00
264a170a7e build(deps): bump rollup from 2.50.2 to 2.50.5 in /web (#945)
Bumps [rollup](https://github.com/rollup/rollup) from 2.50.2 to 2.50.5.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.50.2...v2.50.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-31 09:06:21 +02:00
8e1c2d7fc0 build(deps): bump @babel/preset-env from 7.14.2 to 7.14.4 in /web (#946)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.2 to 7.14.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.4/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-31 09:06:07 +02:00
6c7f4197a1 build(deps): bump chart.js from 3.3.0 to 3.3.2 in /web (#944)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.3.0 to 3.3.2.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.3.0...v3.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-31 09:05:54 +02:00
1cd3866855 build(deps): bump django-redis from 4.12.1 to 5.0.0 (#947)
Bumps [django-redis](https://github.com/jazzband/django-redis) from 4.12.1 to 5.0.0.
- [Release notes](https://github.com/jazzband/django-redis/releases)
- [Changelog](https://github.com/jazzband/django-redis/blob/master/CHANGES.rst)
- [Commits](https://github.com/jazzband/django-redis/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-31 09:05:03 +02:00
6a9c95c593 root: generate API Client in dockerfile instead of copying it (#942)
* root: generate API Client in dockerfile instead of copying it

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: fix docker build

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: fix path for docker build

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: set explicit buildContext

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 17:28:58 +02:00
80adafdb48 admin: fix attribute error when loading old taskinfo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 16:22:13 +02:00
72f5a4c460 outposts: fix possible recursion error in docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 16:22:02 +02:00
fb6242d2d3 Merge pull request #941 from goauthentik/authenticated-sessions
Session management
2021-05-30 15:12:49 +02:00
b9773d39c0 core: add tests for authenticated sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 14:43:00 +02:00
0e8d9aa45d api: add System info API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 14:01:20 +02:00
fc45d35699 core: add migration for sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 13:08:29 +02:00
7e8044619c lib: return default IP if none could be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 12:49:44 +02:00
cf57660772 web/admin: add basic session management UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:02:20 +02:00
66a04aeec5 api: add can_geo_ip capability
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:02:03 +02:00
73338bdf32 core: add geo_ip to authenticated sessions if enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 01:01:20 +02:00
059da74d1c core: add current attribute to authenticated_session API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 00:31:41 +02:00
45b8b1e198 core: delete AuthenticatedSession on logout
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 00:27:33 +02:00
5e43eb9838 Merge branch 'master' into authenticated-sessions 2021-05-30 00:23:09 +02:00
11607622a3 web/admin: fix proxy provider's certificate not being optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 00:22:58 +02:00
133fc38c05 core: initial authenticated sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-30 00:15:16 +02:00
f51ab7a878 policies/reputation: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 23:46:13 +02:00
c89b8a5f7c web/admin: add UI for reputations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 23:01:45 +02:00
31ad09c391 stages/identification: add signal which is sent upon identification failure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 22:58:32 +02:00
05b3c4ddb3 policies/reputation: save username instead of user object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 22:49:58 +02:00
d52cc30341 website/docs: fix website build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 22:00:47 +02:00
d2e9683411 website/docs: add tenants
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 21:56:09 +02:00
a4c28a28b4 website/docs: improve docs for expressions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 21:47:35 +02:00
6232333a52 Merge pull request #940 from goauthentik/tenant
Tenancy
2021-05-29 21:22:10 +02:00
a1203cf4b2 flows: fix ToDefaultFlow not using tenants
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 20:32:42 +02:00
8427fb87f6 tenants: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:47:55 +02:00
e3578eb7ae Merge branch 'master' into tenant 2021-05-29 19:17:23 +02:00
5990b8d4de outposts: fix docker container not being stopped correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:16:39 +02:00
3b31b7ce83 core: add http host in log messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:07:54 +02:00
4d9b362dbf tenants: add migration to add default tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 19:06:35 +02:00
7bd93ed18e web/admin: add webui for tenants
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:55:08 +02:00
477ff85109 flows: migrate flow_unenrollment to tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:44:02 +02:00
fae8b80ceb core: fix usage of config on templates
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:31:05 +02:00
df92f01719 flows: remove default-recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:30:55 +02:00
9dd6b7d436 flows: remove default-enrollment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:14:37 +02:00
14f85ec980 tenants: migrate context_processor to tenants
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 18:01:48 +02:00
ff611f21cd tenants: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-29 17:47:25 +02:00
a1b6e09e8a outposts: set restart-policy on docker container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-28 17:18:11 +02:00
02b5742228 stages/authenticator_duo: add default setup flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-28 16:47:39 +02:00
c5cc84c8b6 build(deps-dev): bump requests-mock from 1.9.2 to 1.9.3 (#939) 2021-05-28 09:35:39 +02:00
109ada570f build(deps): bump boto3 from 1.17.82 to 1.17.83 (#938) 2021-05-28 09:35:32 +02:00
b9436c281a build(deps): bump rollup from 2.50.1 to 2.50.2 in /web (#937) 2021-05-28 09:35:20 +02:00
89f2f920cf build(deps): bump boto3 from 1.17.80 to 1.17.82 (#935) 2021-05-27 09:46:57 +02:00
abd0d585a6 build(deps): bump typescript from 4.2.4 to 4.3.2 in /web (#932) 2021-05-27 09:26:26 +02:00
ee74281537 build(deps): bump rollup from 2.50.0 to 2.50.1 in /web (#933) 2021-05-27 09:26:09 +02:00
5488db3574 build(deps): bump docker/setup-qemu-action from 1.1.0 to 1.2.0 (#934) 2021-05-27 09:25:50 +02:00
61f92095a5 build(deps): bump urllib3 from 1.26.4 to 1.26.5 (#936) 2021-05-27 09:25:19 +02:00
3a9f081e1b web/admin: improve persistence for test forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-26 12:08:11 +02:00
a237ae3363 web/admin: add Modal to check application access for any user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-26 12:05:17 +02:00
523621daa2 core: make application's check_access API return a PolicyResult and accept for_user as superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-26 11:47:23 +02:00
309d80a921 ci: build image with timestamp for flux
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-26 10:37:33 +02:00
1bd41116a4 Merge branch 'master' into next 2021-05-26 10:28:03 +02:00
a7b85aeda2 build(deps): bump rollup from 2.49.0 to 2.50.0 in /web (#929)
Bumps [rollup](https://github.com/rollup/rollup) from 2.49.0 to 2.50.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.49.0...v2.50.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-26 10:22:04 +02:00
142861e3ee Merge pull request #930 from goauthentik/dependabot/pip/boto3-1.17.80
build(deps): bump boto3 from 1.17.79 to 1.17.80
2021-05-26 10:21:55 +02:00
02411bb543 tests/e2e: fix IdentificationStage not having sources set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 17:35:24 +02:00
c4453f38a2 stages/identification: make shown sources configurable
closes #918

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 16:37:53 +02:00
250e23408e Duo (#917)
* stages/authenticator_duo: initial duo stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_duo: improve setup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_validate: add Duo support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make use of oneOf OpenAPI to annotate all challenge types

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: update to new api schema

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: fix client usage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: return user info when user can't search

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix linting error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages: fix stage unittests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add default challenge response

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: update types

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix mismatched names

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add duo docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_duo: add missing duo device

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix enable buttons missing on stages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/prompt: annotate PromptChallengeResponse's additionalProperties

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve logging

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix flow titles not being set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix invalid flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: fix error when authorization header has no spaces

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/user_write: handle integrity error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: handle disconnects without outpost better

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: allow blank on WithUserInfo

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 13:35:59 +02:00
6f3eb4c068 flows: allow blank on WithUserInfo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 12:53:48 +02:00
58a4b20297 outposts: handle disconnects without outpost better
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 12:06:55 +02:00
6d3e067a2b stages/user_write: handle integrity error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 11:46:15 +02:00
6db2bf2a21 api: fix error when authorization header has no spaces
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 11:40:49 +02:00
6893948fa0 tests/e2e: fix invalid flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 11:18:47 +02:00
6317a8c5d0 Merge branch 'master' into duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
2021-05-25 09:58:38 +02:00
bc39320f86 tests/e2e: fix flow titles not being set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-25 09:50:03 +02:00
2001cf0e04 build(deps): bump @typescript-eslint/eslint-plugin in /web (#925)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.24.0 to 4.25.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.25.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-25 09:24:44 +02:00
712c5df5b1 build(deps): bump @typescript-eslint/parser in /web (#926)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.24.0 to 4.25.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.25.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-25 09:20:21 +02:00
8057c63cb4 build(deps): bump chart.js from 3.2.1 to 3.3.0 in /web (#927)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.2.1...v3.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-25 09:20:10 +02:00
7816a3075a build(deps): bump boto3 from 1.17.78 to 1.17.79 (#928)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.78 to 1.17.79.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.78...1.17.79)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-25 09:19:42 +02:00
1679e94956 web/flows: improve logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 23:43:48 +02:00
8ecac59eca stages/prompt: annotate PromptChallengeResponse's additionalProperties
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:55:24 +02:00
af504e13a2 web/admin: fix enable buttons missing on stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:25:38 +02:00
8183a51b72 stages/authenticator_duo: add missing duo device
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:16:29 +02:00
ab25610643 website/docs: add duo docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 22:11:16 +02:00
127ebed5c6 flows: fix mismatched names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 21:09:18 +02:00
716923e17a web/flows: update types
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 20:59:44 +02:00
c6bb6709fd flows: add default challenge response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 20:27:50 +02:00
fb4e0723ee stages: fix stage unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 17:12:48 +02:00
8ecacb319c web: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 16:31:05 +02:00
2a5926608f outposts/ldap: return user info when user can't search
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 16:09:05 +02:00
763c3fcfe0 outposts/ldap: fix client usage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 15:58:59 +02:00
1b346866da Merge branch 'master' into duo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
2021-05-24 14:54:24 +02:00
25a88c17d1 outpost: update to new api schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 14:41:40 +02:00
6f6ae7831e flows: make use of oneOf OpenAPI to annotate all challenge types
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-24 14:11:23 +02:00
0062872e18 build(deps): bump celery from 5.0.5 to 5.1.0 (#921) 2021-05-24 12:51:24 +02:00
e49fb3295f build(deps): bump eslint from 7.26.0 to 7.27.0 in /web (#920) 2021-05-24 12:49:36 +02:00
0e89353ac9 build(deps): bump boto3 from 1.17.77 to 1.17.78 (#924) 2021-05-24 12:49:03 +02:00
b8f98881fa build(deps): bump rollup from 2.48.0 to 2.49.0 in /web (#919) 2021-05-24 12:48:53 +02:00
f887850b95 build(deps): bump github.com/getsentry/sentry-go in /outpost (#922) 2021-05-24 12:48:45 +02:00
2ec4b4ec98 build(deps): bump django-guardian from 2.3.0 to 2.4.0 (#923) 2021-05-24 12:48:23 +02:00
c98e4196bd website/docs: ingress nginx auth headers (#916)
Extend example how to pass through auth headers from authentik if using ingress nginx as forward auth.
2021-05-23 22:49:31 +02:00
3b41c662ed stages/authenticator_validate: add Duo support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 22:31:12 +02:00
65522186f1 stages/authenticator_duo: improve setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 21:44:52 +02:00
9f5a3c396d stages/authenticator_duo: initial duo stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 21:10:39 +02:00
53e2b2c784 Prometheus metrics (#914)
* admin: add worker metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* admin: add version metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add gauge for system tasks

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add gauge for last hello and connection status

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: re-add prometheus metrics to database

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: allow access to metrics without credentials when debug is on

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: add UpdatingGauge to auto-set value on load

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add metrics for cache and building

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: add metrics for policy engine

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add histogram for task durations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: revert to gauge because values are updated on export view

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add gauge to count all models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* events: add metrics for events

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 20:29:34 +02:00
a5cd9fa141 outposts: improve logging for docker controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 19:27:24 +02:00
039a1e544e outpost: use same http client for api requests and oauth token redeeming
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-23 19:27:08 +02:00
0768b201a7 Merge branch 'version-2021.5' 2021-05-22 20:47:48 +02:00
c1c55a6005 lifecycle: fix permission error with local docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 20:47:05 +02:00
0144e1ad72 Merge branch 'next' 2021-05-22 20:27:26 +02:00
2d5c45543b release: 2021.5.4 2021-05-22 20:15:23 +02:00
9b57f0b81d Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/en.po
#	web/src/locales/pseudo-LOCALE.po
2021-05-22 20:01:16 +02:00
9d476a42d1 web: don't set X-Forwarded-Proto when no request TLS Options are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 19:46:40 +02:00
2c816e6162 providers/proxy: don't use https to communicate with outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 18:56:38 +02:00
934cfa483c website/docs: add release notes for 2021.5.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 13:11:06 +02:00
50308510b4 Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/en.po
#	web/src/locales/pseudo-LOCALE.po
2021-05-22 13:10:04 +02:00
dbcb4d46ba web: fix missing flow and policy cache UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 13:04:13 +02:00
bb89b9b572 Merge branch 'version-2021.5' into next 2021-05-21 23:50:43 +02:00
6600da7d98 providers/oauth2: add missing kid header to JWT Tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 23:40:00 +02:00
1a0f72d0a8 Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/stages/authenticator_static/api.py
#	swagger.yaml
2021-05-21 21:33:18 +02:00
a265dd54cc stages/authenticator_*: fix Permission Error when disabling Authenticator as non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 21:25:03 +02:00
a603f42cc0 api: add OwnerFilter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 20:46:59 +02:00
d9a788aac8 api: rename auth to authentication, add authorization for rest_framework permission class
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 20:14:03 +02:00
7c6185b581 api: fix URL names for admin Authenticator Views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:53:40 +02:00
41a1305555 policies: improve debug logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:10:47 +02:00
75f252b530 flows: rename oob to oobe
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:10:42 +02:00
c526e5fb9a policies: improve debug logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:10:15 +02:00
7aa903d715 website/docs: update k8s install docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:02:05 +02:00
b826eb264e flows: rename oob to oobe
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 12:06:39 +02:00
a9519a4a68 g: set x-forwarded-proto based on upstream TLS Status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 09:41:39 +02:00
a4960064c9 build(deps): bump postcss from 8.2.15 to 8.3.0 in /website (#911)
Bumps [postcss](https://github.com/postcss/postcss) from 8.2.15 to 8.3.0.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.2.15...8.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-21 09:33:19 +02:00
94bddb9886 build(deps): bump codemirror from 5.61.0 to 5.61.1 in /web (#912)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.61.0 to 5.61.1.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.61.0...5.61.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-21 09:33:08 +02:00
f38702f361 build(deps): bump boto3 from 1.17.76 to 1.17.77 (#913)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.76 to 1.17.77.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.76...1.17.77)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-21 09:32:59 +02:00
c49fac39b1 g: set x-forwarded-proto based on upstream TLS Status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 00:03:02 +02:00
b3390f0ab4 website/docs: update nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 22:06:55 +02:00
7666c246c3 Merge branch 'version-2021.5' 2021-05-20 20:46:18 +02:00
bf4cbb25fe release: 2021.5.3 2021-05-20 20:17:39 +02:00
a925418f60 lib: don't send ImproperlyConfigured to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:18:35 +02:00
ffd61d0e60 root: fix bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:16:23 +02:00
13cc33c39c website/docs: add 2021.5.3 changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:14:28 +02:00
71d112bdcf sources/plex: remove default for plex_token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:13:54 +02:00
c58fe18b97 web: remove nginx config, add caching headers to g
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:11:55 +02:00
d2c06c40ea sources/plex: remove default for plex_token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:09:51 +02:00
590c7f4c9d outposts: fix error on outpost disconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 18:07:27 +02:00
9a48c2fd9a outposts: fix error on outpost disconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 18:07:07 +02:00
be5a6c0310 api: add set_*_url method for Application and Flow to set icon/background to URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 17:18:40 +02:00
92106ca4bf api: add capabilities to API, add can_save_media
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 17:00:47 +02:00
56f1204c9b outposts: fix update signal not being sent to correct instances
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 15:23:38 +02:00
f6f93640c5 outposts: fix update signal not being sent to correct instances
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 15:23:18 +02:00
b8c76eaf1c build(deps): bump @sentry/tracing from 6.4.0 to 6.4.1 in /web (#908)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.4.0...6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-20 10:13:43 +02:00
9dbbd4eff6 build(deps): bump @sentry/browser from 6.4.0 to 6.4.1 in /web (#907) 2021-05-20 10:08:47 +02:00
2908be5272 build(deps): bump boto3 from 1.17.75 to 1.17.76 (#909) 2021-05-20 10:08:37 +02:00
349a5b2d00 web/admin: fix flow form not loading data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:19 +02:00
63e3667e82 web: fix t.reset is not a function
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:11 +02:00
92f2a82c03 providers/oauth2: fix double login required when prompt=login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:08 +02:00
dcf074650e providers/proxy: fix redirect_uris not always being set on save
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:04 +02:00
1324ec5146 web/admin: fix flow form not loading data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:09:50 +02:00
0f556fe8a3 web: remove po lineNumbers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 00:06:10 +02:00
19371dad65 web: fix t.reset is not a function
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-19 23:37:23 +02:00
acf1ad91d9 providers/oauth2: fix double login required when prompt=login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-19 23:34:27 +02:00
a74419214c providers/proxy: fix redirect_uris not always being set on save
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-19 23:10:00 +02:00
7bd8110984 build(deps): bump @lingui/macro from 3.8.10 to 3.9.0 in /web (#902) 2021-05-19 14:50:26 +02:00
aa5623772c build(deps): bump @lingui/core from 3.8.10 to 3.9.0 in /web (#905) 2021-05-19 14:47:43 +02:00
50ede4cc2c build(deps): bump @lingui/cli from 3.8.10 to 3.9.0 in /web (#903)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.10 to 3.9.0.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.10...v3.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-19 07:35:34 +02:00
879ad27602 build(deps): bump @patternfly/patternfly from 4.102.2 to 4.103.6 in /web (#904)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.102.2 to 4.103.6.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.102.2...prerelease-v4.103.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-19 07:35:21 +02:00
37a63d104f build(deps): bump boto3 from 1.17.74 to 1.17.75 (#906)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.74 to 1.17.75.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.74...1.17.75)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-19 07:35:07 +02:00
bc6aef7af2 lib: improve sentry integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-18 11:29:36 +02:00
2498e72f5d web: remove nginx config, add caching headers to g
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-18 10:15:52 +02:00
c61442c121 build(deps): bump @typescript-eslint/eslint-plugin in /web (#895)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.23.0 to 4.24.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.24.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-18 09:30:24 +02:00
2d66837742 build(deps): bump @sentry/tracing from 6.3.6 to 6.4.0 in /web (#896)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.6 to 6.4.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.6...6.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-18 09:30:16 +02:00
90e7fbe238 build(deps): bump @babel/core from 7.14.2 to 7.14.3 in /web (#897)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.14.2 to 7.14.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.3/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-18 09:24:19 +02:00
4447f737e8 build(deps): bump @typescript-eslint/parser in /web (#898)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.23.0 to 4.24.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.24.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-18 09:24:10 +02:00
c13c747263 build(deps): bump @babel/plugin-transform-runtime in /web (#899)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.14.2 to 7.14.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.3/packages/babel-plugin-transform-runtime)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-18 09:24:00 +02:00
cac23f2fa4 Merge pull request #900 from goauthentik/dependabot/npm_and_yarn/web/sentry/browser-6.4.0
build(deps): bump @sentry/browser from 6.3.6 to 6.4.0 in /web
2021-05-18 09:23:48 +02:00
788ea46d8c flows: fix formatting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-18 09:23:22 +02:00
c285c6b476 Merge pull request #901 from goauthentik/dependabot/pip/boto3-1.17.74 2021-05-18 08:31:48 +02:00
a7cf364e43 build(deps): bump boto3 from 1.17.73 to 1.17.74
Bumps [boto3](https://github.com/boto/boto3) from 1.17.73 to 1.17.74.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.73...1.17.74)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-18 04:29:36 +00:00
06dee5d5d8 flows: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-17 23:38:31 +02:00
3cf0f07baf *: fix API Schema for file uploads
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-17 23:12:52 +02:00
e177ab33e0 root: Merge pull request #886 from goauthentik/openapi-v3
OpenAPI v3
2021-05-17 21:25:07 +02:00
9e7c9ae649 web: fix API Path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-17 20:48:58 +02:00
f016095891 Merge branch 'master' into openapi-v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
2021-05-17 20:37:18 +02:00
5a465fbc36 release: 2021.5.2 2021-05-17 19:54:10 +02:00
7cd80a903a build(deps): bump eslint-plugin-lit from 1.4.0 to 1.4.1 in /web (#890)
Bumps [eslint-plugin-lit](https://github.com/43081j/eslint-plugin-lit) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/43081j/eslint-plugin-lit/releases)
- [Commits](https://github.com/43081j/eslint-plugin-lit/compare/v1.4.0...v1.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:12:14 +02:00
dd00351bc7 build(deps): bump rollup from 2.47.0 to 2.48.0 in /web (#889)
Bumps [rollup](https://github.com/rollup/rollup) from 2.47.0 to 2.48.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.47.0...v2.48.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:12:05 +02:00
5fca7d11b8 build(deps): bump boto3 from 1.17.72 to 1.17.73 (#891)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.72 to 1.17.73.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.72...1.17.73)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:08:53 +02:00
0ff59636f7 build(deps-dev): bump pytest-django from 4.2.0 to 4.3.0 (#892)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.2.0...v4.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:08:41 +02:00
c4751e4b59 Merge branch 'master' into openapi-v3 2021-05-17 00:12:30 +02:00
e5ebe390d2 ci: fix missing dependencies for scripts.generate_ci_config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-17 00:08:45 +02:00
7f4bd27b85 Merge branch 'master' into openapi-v3 2021-05-16 23:51:45 +02:00
b66626f9c4 ci: generate secert_key for CI runs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 23:46:23 +02:00
a51a18f3a3 root: remove swagger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 23:24:52 +02:00
b13d6deda8 root: explicitly set --user for codegen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 23:14:51 +02:00
23123c43ee website/docs: improve wording on release notes, point to tag for docker-compose download
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 23:08:11 +02:00
8ce918d527 website/docs: Always point to master copy of docker-compose.yml in installation instructions (#888) 2021-05-16 23:02:16 +02:00
626006725e ci: always use makefile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:57:02 +02:00
f9ce41229d api: fix unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:36:26 +02:00
ae6a406b1d Merge branch 'master' into openapi-v3 2021-05-16 22:29:39 +02:00
45c1a603e7 root: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:29:28 +02:00
330219e76f Merge branch 'master' into openapi-v3 2021-05-16 22:26:07 +02:00
583271d5ed root: only load debug secret key when debug is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:25:55 +02:00
176360fdd7 website/docs: fix $auth_cookie not being defined in outpost docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:18:31 +02:00
0db17b9729 root: remove yasg
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:18:04 +02:00
9f9ee66cc4 api: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 21:57:04 +02:00
ab2bd622a8 Merge branch 'master' into openapi-v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	outpost/pkg/ak/api.go
#	outpost/pkg/ak/global.go
#	outpost/pkg/ldap/instance_bind.go
2021-05-16 21:36:24 +02:00
6bd27d27ec outpost: use shorter API Calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 21:35:23 +02:00
8d2a3b67b9 lib: Fix config loading of secrets from files (#887) 2021-05-16 21:10:31 +02:00
a5233f89b2 outpost: migrate to openapitools/openapi-generator-cli
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 21:07:01 +02:00
8b6292b3de api: don't overwrite 400 and 403
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 20:54:58 +02:00
cbed5a6522 api: fix missing error definitions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 19:53:04 +02:00
589f806b7c flows: fix schema for flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 19:13:31 +02:00
07dc648470 web: fix mixed Static/TOTP pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:59:33 +02:00
41f6d3b6e7 stages/authenticator_static: add serializer for tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:55:47 +02:00
ec8490e105 web: fix remaining API Calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:52:27 +02:00
69668a2a05 web: fix designation for flow lookups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:46:04 +02:00
d0f1daf025 admin: make tasks's retry api not ask for a body
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:43:47 +02:00
d38fd603dd web: fix more special API Calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:41:02 +02:00
ba5374f6e1 web: mass update API calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:24:15 +02:00
7152d7ee01 outposts: fix schema for outposts health
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:10:11 +02:00
ab07113530 admin: migrate WorkerViewSet to APIView
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:06:46 +02:00
a7d7b46747 admin: migrate version view to APIView
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 18:00:02 +02:00
dde1dabf97 web: pass 2 migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:53:59 +02:00
1f05484e3c web/admin: migrate more components
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:51:58 +02:00
9a44088d2b admin: migrate metrics viewset to APIView
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:49:37 +02:00
b351ae12c5 api: make config viewset single view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:44:19 +02:00
759bf59780 core: make filefields readonly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:34:55 +02:00
10cb60f48e api: fix pagination not being required in schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 17:32:13 +02:00
99be97206b web: fix enums
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 15:31:13 +02:00
ef9f08553c *: linting pass, rename from swagger to schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 15:22:57 +02:00
4fb71a6bdd api: fix pagination schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 15:08:51 +02:00
3ab7588b73 web: Read() to Retrieve()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 14:43:42 +02:00
cac1f242dc *: replace swagger with openapi
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 14:23:05 +02:00
0bac738090 *: fix static response descriptions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 14:07:29 +02:00
d0d3072c50 outposts/ldap: fix AUTHENTIK_INSECURE not being respected for API client during bind
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 00:01:16 +02:00
1324d03815 *: initial migration to openapi v3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 23:57:28 +02:00
34e2bbc41d Merge branch 'next' 2021-05-15 23:25:17 +02:00
ea2dbb2f33 web/admin: fix error when copying token while none exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 23:25:06 +02:00
c55f2ad10a root: set additional sentry tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 19:53:43 +02:00
2cde40aeee website/docs: add release notes for 2021.5.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:49:34 +02:00
a30b32fbbf outposts: fix missing default for OutpostState.for_channel
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:46:53 +02:00
1745306cc6 outposts: fix error when controller loads from cache but cache has expired
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:45:33 +02:00
8925787a13 flows: fix error when using cancel flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:42:37 +02:00
968b7ec17a lib: fix parsing of remote IP header when behind multiple reverse proxies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 15:08:53 +02:00
6600d5bf69 providers/oauth2: use user.uid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 14:08:49 +02:00
a4278833d8 providers/proxy: fix ingress not being created with full https
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 13:45:41 +02:00
942905b9b1 providers/proxy: fix formatting issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 16:24:35 +02:00
81056c3889 LDAP: use username instead of name for user dn (#883) 2021-05-14 12:58:27 +02:00
36b694fc41 website/docs: add example ldapsearch command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:47:38 +02:00
2d9f216658 web/admin: add notice for LDAP Provider's group selection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:44:01 +02:00
8d7bb7da17 providers/proxy: connect ingress to https instead of http
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#882
2021-05-14 11:42:03 +02:00
965db6eaf5 outposts/proxy: fix insecure TLS Skip
closes #882

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:38:40 +02:00
9bdd6f23a4 website/docs: add ldap example, use ghcr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:19:09 +02:00
675ad7710c outposts/proxy: fix error redeeming code when using non-standard ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:13:57 +02:00
9939db13c3 outposts: fix reload notification not working due to wrong ID being saved
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:13:04 +02:00
03e134b296 web/admin: fix propertymappings not loading correctly
closes #879

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 10:58:33 +02:00
465750276c core: fix application's slug field not being set to unique
closes #881

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 10:49:42 +02:00
9b13191646 web: fix chunks overwriting each other
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 01:06:29 +02:00
634ea61b50 lifecycle: check if group of docker socket exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 00:50:20 +02:00
0fcb4936a2 web: output js chunks without hashing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 23:15:40 +02:00
934e62d5be lifecycle: fix error when worker is not running as root
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 22:55:35 +02:00
c5e9197b19 website/docs: fix release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 21:43:10 +02:00
0b7ebf0e07 release: 2021.5.1 2021-05-13 20:50:31 +02:00
ddca8ef3ca tests/integration: fix outpost tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:33:41 +02:00
709581f5a8 root: use ghcr images by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:15:29 +02:00
72e41c03f5 lifecycle: run worker as root and drop perms later to fix docker permission issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:11:49 +02:00
40503d06b7 web/admin: improve UI for plex source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:12:07 +02:00
1df8790050 stages/authenticator_static: fix error when listing devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:09:55 +02:00
3c23ad340f web/admin: improve diagram api for flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:01:40 +02:00
f9f2e00913 core: improve error handling for backups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 17:56:49 +02:00
8362507bdf outposts: fix GIT_BUILD_HASH not being set correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 17:49:11 +02:00
a2181c3bf0 build(deps): bump actions/create-release from 1.0.0 to 1.1.4 (#876) 2021-05-13 15:40:05 +02:00
a07ded0dae build(deps): bump actions/github-script from 0.2.0 to 4.0.2 (#877) 2021-05-13 15:39:48 +02:00
3b0b9301ee build(deps): bump django from 3.2.2 to 3.2.3 (#878) 2021-05-13 15:39:40 +02:00
919f293fc7 tests/e2e: fix redirect_uri
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 13:09:30 +02:00
c4df2e5a50 Merge branch 'master' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
2021-05-13 12:47:55 +02:00
4d1500e0f3 outposts/proxy: revert to using request Host for redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 12:34:53 +02:00
281bd4c69a build(deps): bump @babel/core from 7.14.0 to 7.14.2 in /web (#868)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.14.0 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:23:08 +02:00
e4678aa032 build(deps): bump @babel/plugin-transform-runtime in /web (#869)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.13.15 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-plugin-transform-runtime)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:21:52 +02:00
ff1c4d555a build(deps): bump @babel/preset-env from 7.14.1 to 7.14.2 in /web (#870)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.1 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:20:46 +02:00
4a3e34d40a build(deps): bump @docusaurus/preset-classic in /website (#872)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.75 to 2.0.0-beta.0.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.0/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:18:39 +02:00
6939898bbe build(deps): bump @babel/plugin-proposal-decorators in /web (#871)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.13.15 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-plugin-proposal-decorators)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:18:30 +02:00
549607c5ed build(deps): bump kubernetes from 12.0.1 to 17.17.0 (#874)
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 12.0.1 to 17.17.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-client/python/compare/v12.0.1...v17.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:18:20 +02:00
f61acdfbfd build(deps): bump geoip2 from 4.1.0 to 4.2.0 (#873) 2021-05-13 11:15:25 +02:00
e3572bad76 build(deps): bump boto3 from 1.17.71 to 1.17.72 (#875) 2021-05-13 10:36:43 +02:00
8f99891a9d release: 2021.5.1-rc10 2021-05-12 21:25:18 +02:00
99d5262d41 ci: install git in final test containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 21:24:35 +02:00
97a3c2d88b release: 2021.5.1-rc9 2021-05-12 20:50:29 +02:00
e91ff4566d Merge branch 'next' into version-2021.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	outpost/pkg/version.go
2021-05-12 20:49:58 +02:00
dc942b2f4c outposts: build as gh-<commit hash>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 20:37:55 +02:00
a3fccbdaff outposts: add build_hash for docker image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 20:36:18 +02:00
bdf9f26d07 outposts: compare build hash in outdated check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 19:05:29 +02:00
901cea1453 outposts: send build hash as part of hello
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 19:02:04 +02:00
37b57ac28f outposts: include git commit hash in build from git branch
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:56:44 +02:00
e9aa37ba67 outposts/ldap: fix user info caching, fix mixed case DN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#864
2021-05-12 18:49:15 +02:00
9a0aa4c79b outposts/ldap: add infinite loop prevention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:31:44 +02:00
34ab68a169 outposts: cleanup logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:01:46 +02:00
52cf4890cf root: remove servername from backup files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 17:53:23 +02:00
8e5d03cb86 outposts: remove legacy API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:41:54 +02:00
2190fa555b events/api: fix error when updating transports
closes #866

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:41:30 +02:00
ae1edde17b ci: install git in container for dbbackup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:30:51 +02:00
3ad1c3f212 web/admin: fix AuthenticatorValidationStage's form not setting notConfiguredAction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#802
2021-05-12 16:28:14 +02:00
3665e2fefa release: 2021.5.1-rc8 2021-05-12 14:52:34 +02:00
3dbe35cf9e stages/invitation: fix wrong serializer used for user model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	swagger.yaml
2021-05-12 14:22:16 +02:00
65ec444e52 build(deps): bump boto3 from 1.17.70 to 1.17.71 (#865)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.70 to 1.17.71.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.70...1.17.71)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-12 10:46:06 +02:00
c7f0ea8a4b root: update dbbackup to git version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 01:20:31 +02:00
0620324702 root: bump version of psf black
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 00:42:46 +02:00
5a802bcf83 web/admin: fix list of outpost status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 22:59:45 +02:00
00c8054893 web/admin: fix border on dark mode in firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 22:27:33 +02:00
dc2538f59d web/admin: fix outpost health not updating on refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 21:53:19 +02:00
5a0e78c698 outposts: fix issue with duplicate outpost health
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 21:46:30 +02:00
fd4e8a59f4 web/admin: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:09:49 +02:00
dd1a6a81c8 outposts/proxy: improve host header detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:02:36 +02:00
84dfbcaaae providers/api: return redirect_uris for proxy provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:02:17 +02:00
e649e9fb03 core: don't use self.get_object for application permission check to prevent 404 when view permission is missing
closes #864

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 17:35:11 +02:00
266ef66a6f Merge branch 'master' into next 2021-05-11 14:57:52 +02:00
842fdb0b0c fixed session durations of more than 1 day (#863) 2021-05-11 14:57:33 +02:00
a270a84aae website/docs: update link for saml provider metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#857
2021-05-11 14:23:39 +02:00
36f7cad23b Merge pull request #862 from goauthentik/form-refresh-on-save
Form refresh on save
2021-05-11 14:23:32 +02:00
e441ac1e43 web/admin: add download links for certificates
closes #861

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 14:21:48 +02:00
24f2932777 crypto: add ?download flag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#861
2021-05-11 14:21:35 +02:00
a6c6f22221 web/admin: add button to copy saml metadata download link
closes #857

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:52:47 +02:00
abd5db8ad4 website/docs: update link for saml provider metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#857
2021-05-11 13:44:51 +02:00
124ce80694 sources/plex: make plex_token readable from API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:32:28 +02:00
4352960f83 web/admin: fix error when updating oauth source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:31:33 +02:00
4e2443d60b flows: make cancel link always logout user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:13:05 +02:00
34a8408a4f Merge branch 'next' into form-refresh-on-save 2021-05-11 13:07:57 +02:00
17b65adcc5 lib: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:07:47 +02:00
6f8d129dea web/admin: migrate remaining forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:44:50 +02:00
59f339beda web/admin: migrate stage forms to ModelForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:35:53 +02:00
ce1c400022 web/admin: migrate policy forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:19:35 +02:00
c99afe0ad4 web/admin: remove unused imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:12:31 +02:00
ff9ff18c11 web/admin: migrate more forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:05:30 +02:00
4d11d82c6e web/admin: migrate more forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 11:55:25 +02:00
b4d750174f web/admin: add modelform as base, start migrating
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 11:48:34 +02:00
fd44765ff4 Merge branch 'next' into form-refresh-on-save 2021-05-11 11:47:29 +02:00
190ebb27e4 Merge branch 'master' into next 2021-05-11 11:47:10 +02:00
fb3c04d0c7 build(deps): bump postcss from 8.2.14 to 8.2.15 in /website (#858) 2021-05-11 10:46:06 +02:00
3ba8de61e0 build(deps): bump eslint-plugin-lit from 1.3.0 to 1.4.0 in /web (#859) 2021-05-11 10:45:46 +02:00
d4d2be84a3 build(deps): bump boto3 from 1.17.69 to 1.17.70 (#860) 2021-05-11 10:45:33 +02:00
96ea7ae09c root: allow configuration of s3 backup location
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 02:10:00 +02:00
172bfceb31 root: fix db backup failing when password has special chars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 02:01:22 +02:00
932b19999e providers/proxy: missing @property for noop
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 01:26:01 +02:00
0f1cc86e71 outposts/ak: updater providers automatically every 150 seconds
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 01:07:26 +02:00
788fd00390 outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 00:27:29 +02:00
f602e202b8 website/docs: use beryju.org directly for beta
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 00:11:42 +02:00
9b60fcb08b root: only install latest postgresql client, since they are backwards compatible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 23:24:27 +02:00
a293a14f2a outposts: re-add _config for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 22:28:46 +02:00
65bfa589eb Merge branch 'master' into next 2021-05-10 20:35:11 +02:00
defca51d24 build(deps): bump @sentry/browser from 6.3.5 to 6.3.6 in /web (#855)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.3.5 to 6.3.6.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.5...6.3.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:34:09 +02:00
d862028134 build(deps): bump @typescript-eslint/eslint-plugin in /web (#856)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.22.1 to 4.23.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.23.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:33:59 +02:00
c19d7c37aa build(deps): bump @sentry/tracing from 6.3.5 to 6.3.6 in /web (#853)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.5 to 6.3.6.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.5...6.3.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:30:55 +02:00
6fb3102d25 build(deps): bump @typescript-eslint/parser in /web (#854)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.22.1 to 4.23.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.23.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:30:41 +02:00
51e3453dca admin: fix linting in api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 20:14:21 +02:00
6f58fdf158 api: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:51:29 +02:00
5d4051f547 ci: test and lint at the same time
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:36:28 +02:00
219b8d1a57 outposts: allow individual components of managed outposts to be disabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:27:48 +02:00
c7d4e69669 root: make database port configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:25:15 +02:00
cd629dfbaa outposts: improve API validation for config attribute, ensure all required attributes are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:24:42 +02:00
8eaaaae2a7 outpost: add trace log level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 18:09:52 +02:00
3d0a853449 Merge branch 'version-2021.5' into next 2021-05-10 18:07:39 +02:00
c2f8ff55cf outposts: fix outpost delete hanging thread, run cleanup in async task with info from cache with ability to retry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 17:11:31 +02:00
4b52697cfe web/elements: add refresh support to chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 15:57:52 +02:00
80fae44f47 release: 2021.5.1-rc7 2021-05-10 12:13:10 +02:00
afd7af557d ci: login to ghcr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 12:13:03 +02:00
73eb97ca6e release: 2021.5.1-rc6 2021-05-10 11:44:23 +02:00
ebe90d8886 Merge branch 'next' into version-2021.5 2021-05-10 11:43:50 +02:00
a1a1b113b1 release: 2021.5.1-rc5 2021-05-10 11:34:00 +02:00
9adf8e88ba ci: remove arm v8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 11:33:21 +02:00
72d87ee51d ci: test arm/v8 with libpq
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 11:23:15 +02:00
9654285535 Merge branch 'master' into next 2021-05-10 11:22:16 +02:00
6e47e69c62 build(deps-dev): bump prettier from 2.2.1 to 2.3.0 in /website (#852)
Bumps [prettier](https://github.com/prettier/prettier) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.2.1...2.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 09:05:00 +02:00
1ba89a02ee root: install libpq-dev in docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:38:58 +02:00
1fb3642701 sources/oauth: fix google tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:27:37 +02:00
847d97b813 sources/oauth: fix google tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:27:20 +02:00
253060def2 website: add service-account for outposts in other cluster
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:16:52 +02:00
2e70ea799a ci: try arm64 only
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:06:49 +02:00
7364914ae8 Merge branch 'master' into next 2021-05-10 00:02:53 +02:00
1f1d322958 *: fix api results when non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:01:35 +02:00
e4841ce1a4 Merge branch 'version-2021.5' into next 2021-05-09 23:41:23 +02:00
af30b781b6 ci: only arm only v8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:40:27 +02:00
5f490c563e ci: build for arm v6 and v8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:32:52 +02:00
e33a5528f7 core: catch IntegrityError in flow_manager and deny request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:31:39 +02:00
d4de243e3b ci: always run on release for version branches but don't push images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:09:48 +02:00
317117ee68 build(deps): bump eslint from 7.25.0 to 7.26.0 in /web (#848)
Bumps [eslint](https://github.com/eslint/eslint) from 7.25.0 to 7.26.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.25.0...v7.26.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 23:03:39 +02:00
40d03a6124 build(deps): bump service-identity from 18.1.0 to 21.1.0 (#849)
Bumps [service-identity](https://github.com/pyca/service-identity) from 18.1.0 to 21.1.0.
- [Release notes](https://github.com/pyca/service-identity/releases)
- [Changelog](https://github.com/pyca/service-identity/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/service-identity/compare/18.1.0...21.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 23:03:03 +02:00
9cfeeb35ba ci: fix invalid workflow file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 22:56:50 +02:00
b7d828702d sources/oauth: don't set username on google source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 22:56:44 +02:00
19dfeec782 build(deps): bump django-otp from 1.0.4 to 1.0.5 (#850)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.4...v1.0.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 22:55:30 +02:00
07eef2869f build(deps): bump boto3 from 1.17.68 to 1.17.69 (#851)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.68 to 1.17.69.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.68...1.17.69)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 22:55:19 +02:00
f7fd31cc84 release: 2021.5.1-rc4 2021-05-09 21:43:38 +02:00
465d9c2b93 ci: use local context for docker build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 21:42:22 +02:00
04aae8f584 sources/oauth: make secret write_only
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 21:40:25 +02:00
bbca90c93a Merge branch 'next' into version-2021.5 2021-05-09 20:57:23 +02:00
dda1d4e0fb core: add more logs to flow_manager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 20:27:37 +02:00
f072c600cc lifecycle: use URl for redis on startup to prevent errors with no paswords
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 20:13:58 +02:00
65b8a5bb8d outposts/proxy: redirect to protocol based on X-Forwarded-Proto
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 19:12:35 +02:00
92537a6c8d Merge branch 'next' into version-2021.5 2021-05-09 18:46:26 +02:00
72836ecd9d outposts: default to currently running namespace if possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:44:32 +02:00
251a97c77e Merge branch 'next' into version-2021.5 2021-05-09 18:13:52 +02:00
7f7046f0e4 outposts: lowercase k8s object names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:13:21 +02:00
20e59158c2 root: add github actions to dependabot
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:08:06 +02:00
9a9e55ae32 ci: bump qemu action version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:53:57 +02:00
481260a5ca ci: bump checkout actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:51:56 +02:00
436adcce2e website/docs: fix URL for new chart repo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:32:14 +02:00
cd3f02fd3b release: 2021.5.1-rc3 2021-05-09 17:25:48 +02:00
7abfd24150 ci: only build arm64 and arm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:23:19 +02:00
d3feab9463 release: 2021.5.1-rc2 2021-05-09 16:43:36 +02:00
189427609f ci: fix paths for go build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:41:52 +02:00
d76a9c211a ci: fix web api client not being generated for general build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:41:45 +02:00
ef7d9c4d35 ci: fix mixed environment variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:37:03 +02:00
70c25692eb release: 2021.5.1-rc1 2021-05-09 16:07:50 +02:00
71b31a2812 ci: fix web api client not being generated before docker build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:06:27 +02:00
d4493c0ee9 web/admin: add new base form to handle refresh events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:59:00 +02:00
3208358a03 web: fix font-color of select inputs in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:44:22 +02:00
a6a8eddf7c providers/proxy: create ingress for forward_auth /akprox path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:40:44 +02:00
8c0a87b710 outposts: improve logging for outpost controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:34:44 +02:00
2f88c435fb website/docs: update diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 01:30:29 +02:00
5cad59a9f8 providers/proxy: fix being able to set empty internal_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 00:07:34 +02:00
5ac6a6910e outposts: check if traefik CRD exists before attempting to delete
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:59:13 +02:00
d751a7fc4c lib: add user attribute "goauthentik.io/user/override-ips" to allow overriding of client ips
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:42:31 +02:00
f1fd223bc7 outposts/ldap: fix concurrency issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:21:53 +02:00
e75712fa09 website/docs: add configuration options for postgres and redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 17:14:14 +02:00
1b87375661 lib: add default to config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 17:13:13 +02:00
545a114450 website/docs: add 2021.5 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:42:46 +02:00
02b06838e2 root: remove old helm chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:25:11 +02:00
6868b7722c outposts: delete old outpost deployment when name or namespace is changed
closes #845

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:11:38 +02:00
1e303b515b web/flows: update background for new release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 15:57:42 +02:00
34a9a6a389 ci: run apt update before installing dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 14:41:40 +02:00
7a1935b4e2 outposts: fix error on k8s when name has spaces
closes #846

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 14:09:21 +02:00
bf60b33d03 website/docs: add diagram for terminology
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 13:58:38 +02:00
9bb50fd556 website: update screenshots
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:23:43 +02:00
5e7521915a stages/password: fix configure_flow not being set on initial setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:43 +02:00
7b0cda3a6a website/docs: fix tabs not rendering correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:30 +02:00
db5279f952 web/admin: default to user active to true
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:17 +02:00
9fc072e4df outposts: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:56:44 +02:00
55ea9afeec core: fix dark mode on server-side rendered pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:53:53 +02:00
9485f0b8cc outpost/ldap: make users and groups OU instead of CN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:46:26 +02:00
fabdb6448f ci: fix arguments for sentry release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:00:13 +02:00
e629079352 Merge branch 'master' into next 2021-05-07 10:07:46 +02:00
e6dfa8294e providers/proxy: use name.namespace for middleware service
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 10:07:30 +02:00
e5a5a5c603 outposts: fix k8s controller not handing Disabled() in static deployment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 09:52:43 +02:00
4d07da5ffa build(deps): bump golang from 1.16.3 to 1.16.4 (#841)
Bumps golang from 1.16.3 to 1.16.4.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:44:09 +02:00
5b4f34fd5f build(deps): bump boto3 from 1.17.67 to 1.17.68 (#843)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.67 to 1.17.68.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.67...1.17.68)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:44:00 +02:00
2e05047151 build(deps): bump sentry-sdk from 1.0.0 to 1.1.0 (#844)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.0.0...1.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:43:48 +02:00
459a6ea437 build(deps): bump golang from 1.16.3 to 1.16.4 in /outpost (#842)
Bumps golang from 1.16.3 to 1.16.4.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:43:37 +02:00
ea7f9f291f outposts: create traefikmiddleware if forwardAuth is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 00:01:35 +02:00
241d790e69 stages/user_write: if any connection is being sent in the plan context, save it to the user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 22:10:20 +02:00
83e08f12ae core: fix arguments not being passed in FlowManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 22:07:48 +02:00
6526659b51 sources/plex: allow auth for owner (when identifier of source plex token matches)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 21:50:15 +02:00
6c3b7c8d3e events: handle error when notifications are triggered and no users exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:13:04 +02:00
d51ecc4554 sources/saml: handle internal error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:10:56 +02:00
ef63e35ad2 outposts: improve messaging from controller on k8s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:07:29 +02:00
4e9176ed2e outposts: support different port on container vs exposed port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:59:49 +02:00
d1296e9cc7 outposts: fix deployments referencing the wrong secret
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:51:14 +02:00
d85e0593f1 core: set attributes on users which are enrolled via source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:35:05 +02:00
20c1f15dc0 web/admin: fix color-scheme for charts and flow diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 16:25:29 +02:00
c864f4e312 root: replace images in compose with alpine
closes #840

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 15:01:37 +02:00
202ad1a3ac root: update security md
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:43:19 +02:00
979a5f800e web/admin: show callback URL when creating/updating source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:40:02 +02:00
c151faeff6 ci: batch runs in azure devops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:02:59 +02:00
b3a3852a54 core: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:58:58 +02:00
e401b4e74e web/admin: fix naming of charts on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:51:54 +02:00
9538ad5710 web/admin: show users and groups as chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:44:53 +02:00
49bf82a0a4 core: add user filter by superuser status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:44:42 +02:00
e6fdec4c8e Merge branch 'master' into next 2021-05-06 13:16:22 +02:00
73b87a5e3d events: fix error in API when specifying max_n
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:15:54 +02:00
303b847cdc web/admin: rewrite overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:15:27 +02:00
0386c0dd7b build(deps): bump lit-element from 2.5.0 to 2.5.1 in /web (#834)
Bumps [lit-element](https://github.com/lit/lit-element) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/lit/lit-element/releases)
- [Changelog](https://github.com/lit/lit-element/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lit/lit-element/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-06 11:00:42 +02:00
7f1b9cdeb2 build(deps): bump django from 3.2.1 to 3.2.2 (#839)
Bumps [django](https://github.com/django/django) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.1...3.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-06 11:00:28 +02:00
252bb04dd3 build(deps): bump boto3 from 1.17.66 to 1.17.67 (#838) 2021-05-06 08:44:21 +02:00
3fbcfb48fb build(deps): bump @types/codemirror from 0.0.109 to 5.60.0 in /web (#833) 2021-05-06 08:43:59 +02:00
69f7198976 build(deps): bump postcss from 8.2.13 to 8.2.14 in /website (#835) 2021-05-06 08:43:29 +02:00
c74c8b2083 build(deps): bump lit-html from 1.4.0 to 1.4.1 in /web (#836) 2021-05-06 08:43:10 +02:00
63d4f598e4 build(deps): bump babel-plugin-macros from 3.0.1 to 3.1.0 in /web (#837) 2021-05-06 08:42:54 +02:00
ded6b6f937 web/admin: refactor chart component to allow setting of general chart data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 22:15:11 +02:00
225099b1a1 web/admin: fix error when viewing ldap provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:57:13 +02:00
6b7a32548d web/admin: change icon for aggregate card
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:55:11 +02:00
c71d415456 web/admin: load plex servers on load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:15:26 +02:00
c03f0d1d7c ci: fix names for docker images during release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:11:18 +02:00
ac9cac302c outposts: fix outpost state showing last time without version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:49:13 +02:00
701c140cfd providers/proxy: fix logic error for ingress lookup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:28:13 +02:00
ca5761652c lifecycle: show errors when initial db check fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:15:01 +02:00
553872e8dd website: fix layout on mobile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:05:07 +02:00
adc9b67a9c website/docs: move configuration to its own document
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:52:07 +02:00
fa2ff5fc2b sources/plex: save user's plex token, add option to allow friends
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:37:59 +02:00
d5cab5d580 sources/plex: fix default for client_id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:23:51 +02:00
9e3b5d313b web/admin: rewrite sidebar to use full components, switch to categories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:14:37 +02:00
be8b2bf6f6 providers/proxy: don't create ingress for domains which use forwardAuth, don't create ingress at all if all providers are forward auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 17:53:12 +02:00
3f8cd7ff13 website/docs: link correct docker-compose file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 17:30:44 +02:00
b266a2cdfb outposts: make k8s service type configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 15:37:56 +02:00
9a15a66d85 outposts: make k8s object naming configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 15:36:27 +02:00
446f104c90 core: add user UID to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 11:54:28 +02:00
2cad9a3d07 website/docs: add LDAP Outpost docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 11:48:07 +02:00
ee48b8c225 Merge pull request #828 from goauthentik/dependabot/npm_and_yarn/web/typescript-eslint/parser-4.22.1
build(deps): bump @typescript-eslint/parser from 4.22.0 to 4.22.1 in /web
2021-05-05 11:09:08 +02:00
a91649a7d4 build(deps): bump @typescript-eslint/parser in /web
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.22.0 to 4.22.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-05 08:53:54 +00:00
ca89201bd8 Outpost LDAP (#784)
* outposts: initial ldap outpost implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add LDAP Binding using flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add API to check access to single application by slug

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: check application access

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add LDAP provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add ability to use multiple providers on the same outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add UI for LDAP Provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: fix linting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add controllers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix type not being configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: use authorization_flow instead of separate field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add dockerfile

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add groups to users

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search_group to limit who can do search requests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: improve logging,return success for empty DN

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: allow outposts to have non-object specific permissions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: use forked version of ldap library

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: save user DN to determine who can search

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* */api: fix lookups per user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: only show plex servers you own

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* lib: add support for file:// protocol in config file

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: hide oauth client secret if not updating

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/ldap: check access based on Group Membership

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: show users and groups when user has overall user permissions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* lib: handle errors when reading config from file://

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix package json failing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: bump node spec to 16x for npm version and lockfile v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 10:40:56 +02:00
e3a8fc0746 build(deps): bump @typescript-eslint/eslint-plugin in /web (#829)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.22.0 to 4.22.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-05 10:13:10 +02:00
5e3a6b802b build(deps): bump rollup from 2.46.0 to 2.47.0 in /web (#830)
Bumps [rollup](https://github.com/rollup/rollup) from 2.46.0 to 2.47.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.46.0...v2.47.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-05 10:12:59 +02:00
e8d9f992b9 build(deps): bump boto3 from 1.17.65 to 1.17.66 (#831)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.65 to 1.17.66.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.65...1.17.66)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-05 10:12:48 +02:00
260b2c8ca8 ci: bump node spec to 16x for npm version and lockfile v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 09:44:15 +02:00
751e77fa9e web: fix package json failing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:24:10 +02:00
86c2a5d69d lib: handle errors when reading config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:03:00 +02:00
1a02049104 core: show users and groups when user has overall user permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:02:47 +02:00
32934fcd38 outpost/ldap: check access based on Group Membership
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 00:03:19 +02:00
d84d7c26ca Merge branch 'master' into outpost-ldap 2021-05-04 23:34:31 +02:00
2f6e6a3123 core: improve messaging when flow manager denied request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 23:30:21 +02:00
36b674349a Merge branch 'master' into next 2021-05-04 23:28:04 +02:00
038ef67745 build(deps-dev): bump pytest from 6.2.3 to 6.2.4 (#826)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.3 to 6.2.4.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.3...6.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 23:14:06 +02:00
53831fa354 build(deps): bump boto3 from 1.17.64 to 1.17.65 (#827)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.64 to 1.17.65.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.64...1.17.65)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 23:13:56 +02:00
be39673f29 Merge pull request #825 from goauthentik/dependabot/pip/django-3.2.1
build(deps): bump django from 3.2 to 3.2.1
2021-05-04 23:13:46 +02:00
0f8dbfcc9c web/admin: hide oauth client secret if not updating
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:58:52 +02:00
ba57bf4fa2 lib: add support for file:// protocol in config file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:53:59 +02:00
b1c9126832 web/admin: only show plex servers you own
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:51:52 +02:00
e674f03064 */api: fix lookups per user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 21:58:20 +02:00
08451c15f4 outposts/ldap: save user DN to determine who can search
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 21:49:15 +02:00
99d161e212 Merge branch 'master' into outpost-ldap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
2021-05-04 21:02:20 +02:00
940ccf9ea8 website/docs: fix formatting for release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 20:13:38 +02:00
08cce2ca4e website/docs: update release notes for next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:50:13 +02:00
4acbda2b77 core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:49:27 +02:00
83cfb5f8c2 stages/email: improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:30:23 +02:00
0d370ef0a9 web/admin: filter out service accounts by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:23:13 +02:00
a335ca0895 web/admin: use history.replaceState in Tabs to prevent double history entries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:13:20 +02:00
8a666535a8 website/docs: update container explanation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:49:21 +02:00
e6431593f7 web/admin: auto-select keypair in oauth provider creation when only 1 keypair exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:09:04 +02:00
928c2bf0d6 web/admin: add launch button to application view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:08:46 +02:00
68388e9551 helm: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 16:27:05 +02:00
5d26fa0403 gproxy: add sentry integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:28:48 +02:00
42f9ba8efe gproxy: load default config file for debug and listen statements
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:10:34 +02:00
0440ad7c09 web/admin: add missing plex source view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 12:09:35 +02:00
3ebc531ae2 web/admin/sources: fix userMatchingMode not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 12:02:16 +02:00
ca3b5fa2a2 Merge pull request #822 from goauthentik/go-proxy
Go proxy
2021-05-04 11:41:17 +02:00
0f0a5b0621 ci: fix API not being generated for server build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 10:58:37 +02:00
51835887ab build(deps): bump @babel/preset-env from 7.14.0 to 7.14.1 in /web (#823)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.0 to 7.14.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.1/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 10:44:03 +02:00
09bcbcc2ac build(deps): bump boto3 from 1.17.62 to 1.17.64
Bumps [boto3](https://github.com/boto/boto3) from 1.17.62 to 1.17.64.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.62...1.17.64)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-04 10:44:03 +02:00
8a76d6a21b build(deps): bump @babel/preset-env from 7.14.0 to 7.14.1 in /web (#823)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.0 to 7.14.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.1/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 09:51:21 +02:00
48ab436444 Merge pull request #824 from goauthentik/dependabot/pip/boto3-1.17.64
build(deps): bump boto3 from 1.17.62 to 1.17.64
2021-05-04 09:51:10 +02:00
18a53a9e23 build(deps): bump boto3 from 1.17.62 to 1.17.64
Bumps [boto3](https://github.com/boto/boto3) from 1.17.62 to 1.17.64.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.62...1.17.64)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-04 04:35:31 +00:00
6725569ba8 gproxy: listen on tls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 23:19:22 +02:00
812be495a5 Merge branch 'master' into go-proxy 2021-05-03 22:53:33 +02:00
dbc3df1f63 events: handle error when notification rule doesn't exist during task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 22:52:39 +02:00
07b001bc2b Merge pull request #814 from goauthentik/plex-auth
sources/plex: rewrite plex source
2021-05-03 22:46:37 +02:00
c012bed379 web: bump CI pipeline to node 14
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 22:13:23 +02:00
d330e9ee7f web/flows: fix rendering for plex login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 22:08:25 +02:00
be21a5d172 sources/plex: add general tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:55:55 +02:00
ea2f623955 tests/e2e: update e2e tests for new source login button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:40:45 +02:00
6fc38436f4 sources/plex: set better defaults on model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:23:13 +02:00
35faf269db sources: rewrite onboarding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 20:27:52 +02:00
e56c3fc54c Merge branch 'master' into plex-auth 2021-05-03 18:28:53 +02:00
5891fb3ad6 root: fix redis not being set to restart unless-stopped
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 18:28:46 +02:00
1041718e27 sources/saml: fix redirect url dropping non-standard ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 14:51:46 +02:00
2507c0eec9 stages/invitation: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 12:44:19 +02:00
5ea9601062 build(deps): bump @sentry/tracing from 6.3.4 to 6.3.5 in /web (#819)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.4 to 6.3.5.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.4...6.3.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 12:43:37 +02:00
c0e6a6c614 website/docs: add wip docs for next version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 10:00:14 +02:00
4523550422 stages/invitation: add single_use flag to delete invitation after use
closes #821

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:52:38 +02:00
988cf15b71 root: initial go proxy, update compose and helm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:39:09 +02:00
6ae660aea4 build(deps): bump boto3 from 1.17.61 to 1.17.62 (#820) 2021-05-03 08:36:53 +02:00
f201ce8059 build(deps): bump chart.js from 3.2.0 to 3.2.1 in /web (#818) 2021-05-03 08:36:27 +02:00
59624ed45c build(deps): bump lit-element from 2.4.0 to 2.5.0 in /web (#817) 2021-05-03 08:36:12 +02:00
3e78baf2d7 build(deps): bump @docusaurus/preset-classic in /website (#816) 2021-05-03 08:36:00 +02:00
08c67b2a2c build(deps): bump @sentry/browser from 6.3.4 to 6.3.5 in /web (#815) 2021-05-03 08:35:39 +02:00
01d29134b9 sources/plex: add API to redeem token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 16:47:20 +02:00
55250e88e5 sources/*: rewrite UILoginButton to return challenge instead
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 16:46:27 +02:00
f1b100c8a5 sources/plex: initial plex source implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 14:43:51 +02:00
19708bc67b core: add additional_data to UILoginButton to pass additional data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 14:43:26 +02:00
40a885aaaa web/admin: add collapse button to sidebar header on mobile viewport
closes #813

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 12:48:45 +02:00
c529340d6c *: fix title not being set correctly for server-side rendered views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 12:22:50 +02:00
c317efa14c Merge branch 'master' into outpost-ldap 2021-05-01 00:26:55 +02:00
379fcf9c1f sources/saml: fix error ValueError while decoding XML
closes #812

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-01 00:18:57 +02:00
e10a7b48b7 sources/saml: fix Redirect bindings when SSO Url already has query params
related to #812

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 23:44:04 +02:00
3e666de91d outposts: fix formatting of image name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 16:52:28 +02:00
333758d91f crypto: handle encrypted private keys
closes #811

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 15:25:42 +02:00
50678a9e2e build(deps): bump @sentry/tracing from 6.3.3 to 6.3.4 in /web (#809)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.3...6.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 10:36:58 +02:00
eb8f52b870 stages/identification: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 10:15:27 +02:00
3ee90712b2 build(deps): bump @types/grecaptcha from 3.0.1 to 3.0.2 in /web (#807)
Bumps [@types/grecaptcha](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/grecaptcha) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/grecaptcha)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:48 +02:00
e4eadf8080 build(deps): bump rollup from 2.45.2 to 2.46.0 in /web (#806)
Bumps [rollup](https://github.com/rollup/rollup) from 2.45.2 to 2.46.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.45.2...v2.46.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:30 +02:00
26ebaf16fc build(deps): bump @babel/preset-env from 7.13.15 to 7.14.0 in /web (#808)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.13.15 to 7.14.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.0/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:21 +02:00
d0ed372af0 build(deps): bump @sentry/browser from 6.3.3 to 6.3.4 in /web (#805)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.3...6.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:09 +02:00
cc8b2d7dfe build(deps): bump @babel/core from 7.13.16 to 7.14.0 in /web (#804)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.16 to 7.14.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.0/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:36:59 +02:00
61a212371f build(deps): bump boto3 from 1.17.60 to 1.17.61 (#810)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.60 to 1.17.61.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.60...1.17.61)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:36:40 +02:00
9ce49c2089 stages/identification: fix unused import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 09:34:33 +02:00
34c45900c2 stages/identification: allow selection of no user fields to only allow login via sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 01:07:37 +02:00
bf7d110af3 Merge branch 'version-2021.4'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	.github/workflows/release.yml
#	helm/README.md
#	helm/values.yaml
#	website/docs/installation/kubernetes.md
2021-04-29 23:50:52 +02:00
4e5eeacf0a release: 2021.4.5 2021-04-29 23:03:09 +02:00
e7b498e8b4 outposts/ldap: use forked version of ldap library
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 21:06:30 +02:00
b55cb2b40c Merge branch 'master' into outpost-ldap 2021-04-29 20:13:47 +02:00
25c001f2cd outposts: allow better configuration of outpost image name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 20:07:53 +02:00
2a409215d3 outpost: forwardAuth mode (#790) 2021-04-29 18:17:10 +02:00
ad8ee83697 root: use upstream sentry action for release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 16:14:03 +02:00
d1d28722d2 lib: don't send 404 errors to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:27:41 +02:00
1efd09fcd5 website/docs: update release notes for 2021.4.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:26:42 +02:00
35f0e6b88d lib: don't send 404 errors to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:25:54 +02:00
a6e528d209 core: fix text color of error pages not being white
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:18:28 +02:00
bb2c4423b0 core: fix text color of error pages not being white
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:17:10 +02:00
ad9f29566b build(deps): bump @sentry/tracing from 6.3.1 to 6.3.3 in /web (#798)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.1 to 6.3.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.1...6.3.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-29 10:30:50 +02:00
e76bb6bc13 build(deps): bump pyjwt from 2.0.1 to 2.1.0 (#801) 2021-04-29 07:31:40 +02:00
a68642779d build(deps): bump lit-html from 1.3.0 to 1.4.0 in /web (#797) 2021-04-29 07:31:04 +02:00
3c04fcaa9f build(deps): bump django-otp from 1.0.3 to 1.0.4 (#800) 2021-04-29 07:30:54 +02:00
5955d28073 build(deps): bump boto3 from 1.17.59 to 1.17.60 (#799) 2021-04-29 07:30:23 +02:00
a6fb6161d7 build(deps): bump @sentry/browser from 6.3.1 to 6.3.3 in /web (#796) 2021-04-29 07:30:06 +02:00
6b0e0610c6 website/docs: add release notes for 2021.4.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:51:22 +02:00
2c70301f56 stages/invitation: accept token from prompt_data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:40 +02:00
07b9923bf6 stages/invitation: fix token not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:40 +02:00
8b3923200d web: fix text-colour for form help text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:40 +02:00
3dcd67c1a3 outposts: only kill docker container if its running
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:32 +02:00
2a9feafb90 root: add middleware to properly report websocket connection to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:42:10 +02:00
580e88c6fc web: ignore network errors for sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:55 +02:00
d82c01aa61 web/admin: don't show docker certs as required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:50 +02:00
1af3357826 *: make logger not use .error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:44 +02:00
ed49d7824e stages/email: catch ValueError when global email settings are invalid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:38 +02:00
378402fcf0 stages/user_login: add tests for explicit session length
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:21 +02:00
50f0c11c0b web/flows: fix redirect loop when sentry is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:21 +02:00
58712828a4 web/flows/identification: fix phrasing account recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:40:16 +02:00
b2b9093c95 web: don't enable ShadyDOM on selenium
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:40:16 +02:00
afa2afe1d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:40:16 +02:00
d7631e8af0 stages/invitation: accept token from prompt_data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:39:06 +02:00
6e625f7400 stages/invitation: fix token not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:13:54 +02:00
f54ead2b45 web: fix text-colour for form help text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:55:01 +02:00
c4e4e17f93 providers/oauth2: add access_code_validity (#795)
closes #794

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:03:43 +02:00
43c87f87c3 root: use docker action during release
closes #738

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:03:13 +02:00
4da0c81f44 root: use docker action to login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 20:58:11 +02:00
9b70aaa717 outposts: only kill docker container if its running
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 18:32:16 +02:00
5769eb277c website/admin: fix sessionDuration not updated on UserLoginStageForm
closes #793

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 09:16:04 +02:00
26f60b3e85 build(deps): bump @docusaurus/preset-classic in /website (#791)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.73 to 2.0.0-alpha.74.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.74/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-28 09:10:57 +02:00
7d8ed06539 build(deps): bump boto3 from 1.17.58 to 1.17.59 (#792)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.58 to 1.17.59.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.58...1.17.59)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-28 09:09:35 +02:00
4d858c64e0 Merge branch 'master' into outpost-ldap 2021-04-27 17:08:26 +02:00
6f0792ccfe api: remove legacy basic auth for 2021.3 outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 17:06:47 +02:00
04f06e00ff api: add tests for permission_required decorator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 17:04:38 +02:00
776c3128b8 flows: add tests for stage type, component and ui_user_settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 16:52:50 +02:00
e9e0992dce root: add middleware to properly report websocket connection to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 16:21:44 +02:00
69af788b0f web: ignore network errors for sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:54:57 +02:00
ceace0282b web/admin: don't show docker certs as required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:40 +02:00
ccef7b4233 *: make logger not use .error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:26 +02:00
cad6c42fdd lib: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:11 +02:00
d2abe6d455 stages/email: catch ValueError when global email settings are invalid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:20:09 +02:00
68d120b3b4 sources/oauth: add tests for google type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:19:54 +02:00
48c0c0baca */api: simplify lookups for per-user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 14:53:01 +02:00
7b29a1e485 stages/user_login: add tests for explicit session length
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 14:52:42 +02:00
fe28d216fe providers/oauth2: always test JWT keys in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 14:07:04 +02:00
e36fb6641e Merge branch 'master' into outpost-ldap 2021-04-27 09:27:11 +02:00
972471ce79 build(deps): bump boto3 from 1.17.57 to 1.17.58 (#788)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.57 to 1.17.58.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.57...1.17.58)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-27 09:18:13 +02:00
38edd76949 build(deps): bump postcss from 8.2.12 to 8.2.13 in /website (#787)
Bumps [postcss](https://github.com/postcss/postcss) from 8.2.12 to 8.2.13.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.2.12...8.2.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-27 09:17:46 +02:00
cd07c12c1b build(deps-dev): bump pylint from 2.8.1 to 2.8.2 (#789)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.8.1...v2.8.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-27 09:17:21 +02:00
3ce8b836dc outposts: allow outposts to have non-object specific permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:28:26 +02:00
d27dfcc1e3 outposts/ldap: improve logging,return success for empty DN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:25:31 +02:00
1d5958a78f providers/ldap: add search_group to limit who can do search requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:25:03 +02:00
b6e0a1d8f4 website: remove slot from api browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 19:51:47 +02:00
2a122845d9 core: add groups to users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 19:51:24 +02:00
21c7787eed web/flows: fix redirect loop when sentry is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 17:45:09 +02:00
fae4d34131 Merge branch 'master' into outpost-ldap 2021-04-26 17:11:50 +02:00
7ff7bfeb58 core: fix incorrect styling for bse_full template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 16:44:13 +02:00
983604265b Merge branch 'master' into outpost-ldap 2021-04-26 15:55:52 +02:00
f8d6daa928 root: unlock pylint again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:55:36 +02:00
6fc26aca72 build(deps-dev): bump pylint-django from 2.4.3 to 2.4.4 (#786)
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.4.3 to 2.4.4.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.4.3...v2.4.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-26 15:51:00 +02:00
29da7dd8d6 providers/ldap: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:49:19 +02:00
91ca90f700 outposts/ldap: add dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:35:56 +02:00
b3c8ffb96c outposts/ldap: use authorization_flow instead of separate field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:09:41 +02:00
b35d9ae8b0 outposts: fix type not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:45:14 +02:00
302b047f1a outposts/ldap: add controllers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:26:31 +02:00
dcd80c6d63 outposts/ldap: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 12:24:46 +02:00
d741ed430a web/admin: add UI for LDAP Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 12:12:02 +02:00
8436738b0f root: fix transifex link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:56:10 +02:00
5b150657f5 outposts/ldap: add ability to use multiple providers on the same outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:53:06 +02:00
f89479caf3 providers/ldap: add LDAP provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:52:42 +02:00
2f3bf5efe7 outposts/ldap: check application access
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 10:46:53 +02:00
5fb07acf54 core: add API to check access to single application by slug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 10:08:35 +02:00
99d0d4e8de Merge branch 'master' into outpost-ldap 2021-04-26 09:25:26 +02:00
afc5dc5543 root: lock pylint to < 2.8
https://github.com/PyCQA/pylint-django/issues/323
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 09:24:18 +02:00
9341787fe7 providers/oauth2: replace deprecated jwkest with pyjwt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 00:02:13 +02:00
6c9b3ebd2b outposts: add LDAP Binding using flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 22:07:12 +02:00
a525d6c3a9 Merge branch 'master' into outpost-ldap 2021-04-25 20:46:02 +02:00
b59b9314e4 web/flows/identification: fix phrasing account recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 18:50:19 +02:00
7687b744cc build(deps): bump @sentry/browser from 6.3.0 to 6.3.1 in /web (#780)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.0...6.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:14:42 +02:00
9fb41b8d10 build(deps): bump boto3 from 1.17.54 to 1.17.57 (#783)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.54 to 1.17.57.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.54...1.17.57)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:12:34 +02:00
51ffdcb5cb build(deps): bump @sentry/tracing from 6.3.0 to 6.3.1 in /web (#779)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.0...6.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:12:12 +02:00
4d6cd4c57d build(deps): bump @patternfly/patternfly from 4.96.2 to 4.102.2 in /web (#778)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.96.2 to 4.102.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.96.2...prerelease-v4.102.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:59 +02:00
41c5f01422 build(deps): bump postcss from 8.2.10 to 8.2.12 in /website (#777)
Bumps [postcss](https://github.com/postcss/postcss) from 8.2.10 to 8.2.12.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.2.10...8.2.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:43 +02:00
e567cd5580 build(deps): bump chart.js from 3.1.1 to 3.2.0 in /web (#776)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.1.1...v3.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:30 +02:00
5f81909bab build(deps): bump eslint from 7.24.0 to 7.25.0 in /web (#775)
Bumps [eslint](https://github.com/eslint/eslint) from 7.24.0 to 7.25.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.24.0...v7.25.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:21 +02:00
d03b43605e root: fix dependabot 2021-04-25 17:12:48 +02:00
ea187d4e81 root: remove dependabot
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 17:12:28 +02:00
502ac51fa7 web: don't enable ShadyDOM on selenium
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 01:29:01 +02:00
4bc6fd28d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-24 23:32:46 +02:00
820c9e7d06 Merge branch 'master' into outpost-ldap 2021-04-24 22:22:01 +02:00
e5a8714e6a Merge branch 'version-2021.4' 2021-04-24 21:44:40 +02:00
d56d6ea3a9 website/docs: add release notes for 2021.4.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-24 21:11:11 +02:00
5f58a4566c release: 2021.4.4 2021-04-24 21:03:29 +02:00
d616bdd5d6 providers/oauth2: add proper support for non-http schemes as redirect URIs
closes #772

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 16:34:52 +02:00
5112ef9331 web/admin: fix error when updating identification stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 14:27:23 +02:00
7a49377caf outpost: check for X-Forwarded-Host to switch context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 14:07:44 +02:00
5b3941a425 outposts: always update bundles and swap maps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 10:08:19 +02:00
c1ab5c5556 web: fix title not being loaded from config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#770
2021-04-22 23:50:37 +02:00
3282b34431 providers/oauth2: fix TokenView not having CORS headers set even with proper Origin
and added tests. closes #771

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 23:48:28 +02:00
392d9bb10b providers/oauth2: fix misleading name of cors_allow_any
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#771
2021-04-22 23:29:49 +02:00
82f6c515ea root: fix readme links to az pipelines
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 22:32:38 +02:00
d67d5f73c5 website/docs: fix config options with double-underscores not showing correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 22:31:24 +02:00
799d186510 web/flows: fix Sentry not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:48:22 +02:00
3983b7fbe4 lib: don't send SuspiciousOperation to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:17:00 +02:00
d75284a587 flows: fix errors which occur during flow execution being sent to sentry malformed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:14:37 +02:00
71e4936dc3 web/admin: fix error when me() returns 403
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 19:52:01 +02:00
9d3b6f7a4d web: only report http errors for 500 and above
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 19:51:32 +02:00
003df44a34 web/admin: adjust phrasing of cards on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 14:07:30 +02:00
a7598c6ee5 *: fix more URLs for github org
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 11:06:56 +02:00
0891e43040 web/admin: fix invalid group member count
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 10:36:10 +02:00
1f49aea48d web/admin: fix mismatched required tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 10:33:36 +02:00
499b52df6a root: update urls to github org
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 22:46:48 +02:00
b8a566f4a0 outposts: move local connection check to task, run every 60 minutes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:34:48 +02:00
aa0e8edb8b *: make tasks run every 60 minutes not :00 every hour
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:26:17 +02:00
0e35bb18c7 web/admin: fix display for user supseruser status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:18:55 +02:00
4a06ebf4f9 build(deps): bump @sentry/browser from 6.2.5 to 6.3.0 in /web (#766)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.2.5 to 6.3.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.5...6.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 11:13:37 +02:00
11584af425 website/docs: add note for nextcloud Reverse proxy and extension
closes #750

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:22:43 +02:00
a31da9e1d3 build(deps): bump @babel/core from 7.13.15 to 7.13.16 in /web (#764)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.15 to 7.13.16.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.16/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 10:18:45 +02:00
8d6d49834b build(deps): bump codemirror from 5.60.0 to 5.61.0 in /web (#765)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.60.0 to 5.61.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.60.0...5.61.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 10:18:32 +02:00
2825710262 build(deps): bump @sentry/tracing from 6.2.5 to 6.3.0 in /web (#767)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.2.5 to 6.3.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.5...6.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 10:18:18 +02:00
7346ccf2b7 web/admin: add description for fields in proxy provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:18:00 +02:00
57072dd6ce stages/identification: fix query logic for user lookup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:09:38 +02:00
fec098a823 web/admin: only allow policies to be bound to sources as users/groups cannot be checked
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 23:30:37 +02:00
73950b72e5 web/admin: improve phrasing for Policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 23:16:17 +02:00
b40afb9b7d stages/identification: ignore inactive users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 21:45:14 +02:00
1f783dfc01 stages/user_login: add default backend
closes #763

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:53:07 +02:00
7ccf8bcdc8 web/admin: only pre-select items when creating a new object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:32:47 +02:00
76131e40ec tests/e2e: monkey patch OAuth1 test instead of setting URLs manually
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:03:20 +02:00
5955394c1d web: send response info when response is thrown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:32:38 +02:00
a8998a6356 sources/oauth: handle error in auzre_ad when ID Can't be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:27:52 +02:00
dc75d7b7f0 sources/oauth: fix error whilst fetching user profile when source uses fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:25:59 +02:00
34a191f216 web/admin: fix link to providers on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 16:35:21 +02:00
299931985e web: fix mis-matched package-lock file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 11:27:56 +02:00
b946fbf9e7 Merge branch 'version-2021.4' 2021-04-20 09:21:26 +02:00
e20bb7d636 release: 2021.4.3 2021-04-20 09:15:07 +02:00
5db3409efc web: bump lingui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 09:13:42 +02:00
649db054a6 build(deps): bump boto3 from 1.17.53 to 1.17.54 (#762) 2021-04-20 08:26:10 +02:00
4f5e1fb86b outposts: initial ldap outpost implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 00:30:27 +02:00
15d5b91642 root: fix developer link in readme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 22:05:58 +02:00
e9abc25b92 website/docs: prepare changelog for 2021.4.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 21:08:10 +02:00
dc930c0cdf website/docs: manually set slug so release note URLs don't break
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 21:05:19 +02:00
464a1c0536 api: make 401 messages clearer
closes #755

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 20:46:57 +02:00
837d2f6fab outpost: use tools from docker (#758)
* outpost: replace golang.org/x/lint with golangci-lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: use swagger generator from docker

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: don't use tty for swagger gen

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: revert docker-swagger gen

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 20:43:13 +02:00
8f00d73512 website: fix main site not rendering because <BrowserOnly>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 19:23:26 +02:00
b75feab709 outposts: don't run outpost_controller when no service connection is set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 19:23:26 +02:00
9c8433ec4d fix(docs/grafana): Fix a silly (#757) 2021-04-19 19:22:23 +02:00
ef080900a4 feat(docs/grafana): Add role mapping info (#756)
* feat(docs/grafana): Add role mapping info

* feat(docs/grafana): More info on role mappings
2021-04-19 19:07:09 +02:00
10b45a8dea api: fix 401 responses which should be 403s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 19:03:00 +02:00
c43ac1f704 api: mount outposts under outposts/instances to match flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:51:12 +02:00
14d702450a core: add parameter to output property mapping test formatted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:32:36 +02:00
0a1a2a035e web/admin: fix *Test Forms not having a default for codemirrors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:25:16 +02:00
ace777ebbe website: re-sort releases, add outposts to terminology
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 17:25:26 +02:00
8a6879afa5 core: add superuser_full_list to applications list, shows all applications when superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 16:07:30 +02:00
fdc7f14056 core: fix Tokens being created with incorrect intent by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 15:43:16 +02:00
8be80aaf9d api: fix CSRF error when using POST/PATCH/PUT in API Browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 15:31:32 +02:00
e476f2dda2 website: bump deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 09:28:48 +02:00
5d48cfab14 build(deps): bump @docusaurus/core in /website (#753) 2021-04-19 08:22:35 +02:00
1f22f0e7bb build(deps): bump chart.js from 3.1.0 to 3.1.1 in /web (#751) 2021-04-19 08:22:02 +02:00
ce082ead5e providers/oauth2: add unittests for authorize and token views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 21:05:49 +02:00
dd2cd09637 web/admin: fix undefined being shown when viewing application
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 19:04:10 +02:00
828fe07fca website: dynamically load rapidoc to prevent react errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:58:36 +02:00
a074ea70e9 website/docs-dev: add initial translation docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:31:15 +02:00
84ce2c1df2 website: separate development docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:25:58 +02:00
8628595590 website: add API Browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:15:19 +02:00
7b8e5c4272 root: auto-migrate on startup, lock database using pg_advisory_lock
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:47:50 +02:00
caa5dc1d14 web/admin: improve default selection for property-mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:21:05 +02:00
f328b21e89 providers/oauth2: Set CORS Headers for token endpoint, check Origin header against redirect URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:20:50 +02:00
52abd959eb sources/oauth: save null instead of empty string for sources without configurable URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 21:15:06 +02:00
a0cd17a257 docs: add troubleshooting for permission issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 20:09:03 +02:00
32c5bf04b8 *: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 20:08:49 +02:00
766c4873a0 web/admin: add ability to add users to a group whilst creating a group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:56:49 +02:00
240136154b web/admin: fix default for codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:37:13 +02:00
78dd7b0341 web/admin: fix group member table order
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:36:55 +02:00
0021a93952 web/admin: fix non-matching provider type being selected when creating an OAuth Source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:17:08 +02:00
67240fb9ad *: add model_name to TypeCreate API to pass to forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:12:00 +02:00
4add0bbe86 web/admin: fix provider type resetting when changing provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:06:56 +02:00
d2dd7d1366 sources/oauth: fix redirect loop for source with non-configurable URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:06:12 +02:00
476e57daa2 Merge branch 'version-2021.4'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	docker-compose.yml
#	website/docs/installation/kubernetes.md
2021-04-17 16:01:35 +02:00
4eb8a0dcd1 docs: prepare changelog for 2021.4.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 15:29:55 +02:00
60615c9f3e release: 2021.4.2 2021-04-17 15:26:59 +02:00
b5b8573d87 core: fix propertymapping API returning invalid value for components
closes #746

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
2e44c1cdfc sources/ldap: improve error handling during sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
31909a4d78 outpost: fix outpost deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
4a444e667a root: base Websocket message storage on Base not fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
f67b57e369 flows: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
6be19962d2 outposts: bump go version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
262a9fa2a0 flows: annotate flows executor 404 error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
e8ba159756 root: fix setting of EMAIL_USE_TLS and EMAIL_USE_SSL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
0b03d66a2f outposts: fix errors when creating multiple outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
7c858c9626 web/admin: fix errors in user profile when non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
71b6839d03 flows: include configure_flow in stages API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
ada49c077a web/admin: fix error when user doesn't have permissions to read source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
7880c7fb98 helm: make storage class, size and mode configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
2b48ba4103 sources/oauth: fix resolution of sources' provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
5e67f68f2b core: improve messaging when creating a recovery link for a user when no recovery flow exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
1992b89154 sources/oauth: fix error when creating an oauth source which has fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
9ab2088ab7 helm: turn off monitoring by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:00:27 +02:00
a9d0d96418 root: add restart: unless-stopped to compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:00:27 +02:00
c476503594 web: fix background-color on router outlet on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:59:37 +02:00
de74f3ec1f core: fix propertymapping API returning invalid value for components
closes #746

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:50:28 +02:00
ce98255607 sources/ldap: improve error handling during sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:29:51 +02:00
53b9e5b93f outpost: fix outpost deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:16:40 +02:00
7aeb390eac docs: add note for minimum values.yaml file for k8s install
closes #745

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:06:21 +02:00
5df9ad63cf root: base Websocket message storage on Base not fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 23:46:03 +02:00
e4400476a2 flows: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 23:15:06 +02:00
ef3c01ec34 outposts: bump go version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 23:01:10 +02:00
b136d3bc69 flows: annotate flows executor 404 error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 22:56:44 +02:00
c34fcc73dc root: fix setting of EMAIL_USE_TLS and EMAIL_USE_SSL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 22:44:42 +02:00
11b09c4ebd outposts: fix errors when creating multiple outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 22:43:35 +02:00
e32070ddeb web/admin: fix errors in user profile when non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:24:58 +02:00
33a8cea007 flows: include configure_flow in stages API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:19:48 +02:00
d01fd7cdb7 web/admin: fix error when user doesn't have permissions to read source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:06:06 +02:00
1770e42cbf sources/oauth: add login with plex support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:05:35 +02:00
2fed739be7 helm: make storage class, size and mode configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 12:31:55 +02:00
aa820b2b4d website: fix enrollment for keycloak
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 12:23:46 +02:00
582d2eb5eb sources/oauth: fix resolution of sources' provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 11:29:23 +02:00
c5e2635903 core: improve messaging when creating a recovery link for a user when no recovery flow exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 10:09:46 +02:00
cfe0a7a694 sources/oauth: fix error when creating an oauth source which has fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 09:49:25 +02:00
c579540473 helm: turn off monitoring by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 09:20:17 +02:00
35f2b06611 build(deps): bump boto3 from 1.17.52 to 1.17.53 (#742)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.52 to 1.17.53.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.52...1.17.53)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-16 09:07:17 +02:00
9c4f025d71 build(deps): bump @types/codemirror from 0.0.108 to 0.0.109 in /web (#743)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.108 to 0.0.109.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-16 09:07:06 +02:00
d8b8e8a5a3 root: add restart: unless-stopped to compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 09:03:58 +02:00
ec34c3eb75 website: fix azure ad application proxy on comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 20:59:14 +02:00
0554c94c53 docs: add notes for openssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 17:33:25 +02:00
19a663a645 root: fix healthcheck part in docker-compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 17:28:38 +02:00
e72881b2a9 root: fix healthcheck part in docker-compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 17:20:14 +02:00
4452ff171e docs: add Explanation what containers do what
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 16:12:55 +02:00
39bdc3a9a9 website: fix enrollment for keycloack
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 13:12:50 +02:00
33bb6edf8c web: fix background-color on router outlet on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 11:31:06 +02:00
2eb18ff5e6 root: fix expired discord invite
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 10:54:43 +02:00
aeb1b5e8f2 build(deps): bump boto3 from 1.17.51 to 1.17.52 (#736) 2021-04-15 09:16:09 +02:00
bd8447d5a7 release: 2021.4.1 2021-04-14 09:46:16 +02:00
35fad191b8 Merge branch 'master' into version-2021.4 2021-04-14 09:27:11 +02:00
40a6f15cf1 build(deps): bump boto3 from 1.17.50 to 1.17.51 (#734) 2021-04-14 08:27:03 +02:00
420465981b build(deps): bump rollup from 2.45.1 to 2.45.2 in /web (#735) 2021-04-14 08:26:53 +02:00
4f9f936a7f Merge branch 'master' into version-2021.4 2021-04-13 23:16:35 +02:00
85c9fbe763 api: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 21:49:47 +02:00
3d9874be69 api: fix error when authorization is empty
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 21:41:26 +02:00
9742d19729 Merge branch 'master' into version-2021.4 2021-04-13 21:07:20 +02:00
5a25e6d697 api: add legacy support for older outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 21:06:04 +02:00
7798a046db outpost: fix API calls being made with basic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 20:50:45 +02:00
7a562fe8c0 Merge branch 'master' into version-2021.4 2021-04-13 20:02:25 +02:00
6821679fbc *: add support for bearer authentication on API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 20:01:30 +02:00
513d3c1c31 web: add support for PII for sentry, add user feedback dialog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 18:35:26 +02:00
30cb468ec5 website: fix search on docs site
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 18:05:19 +02:00
8b66fa55a6 web/elements: center header if no description is shown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 17:46:03 +02:00
55bb9b6643 web/admin: show banner when backend and frontend versions mismatch
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 16:52:02 +02:00
1b79fad6cf build(deps): bump @typescript-eslint/eslint-plugin in /web (#732)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.21.0 to 4.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 10:28:22 +02:00
f9976492e7 build(deps): bump boto3 from 1.17.49 to 1.17.50 (#731)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.49 to 1.17.50.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.49...1.17.50)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 09:42:16 +02:00
2fd0e46378 build(deps): bump @typescript-eslint/parser in /web (#733)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.21.0 to 4.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 09:41:51 +02:00
fd0ad20031 release: 2021.4.1-rc2 2021-04-12 20:03:21 +02:00
13b75c15f0 outpost: download go-swagger from github (#730)
* outpost: download go-swagger from github

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: use sudo to download swagger

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 20:01:12 +02:00
d329995740 docs: add algolia search
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 18:25:52 +02:00
cd1b0c67ea web: fix text colour on initial load when not in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 12:25:44 +02:00
ab7941922f build(deps): bump @lingui/macro from 3.8.6 to 3.8.9 in /web (#722)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.8.6 to 3.8.9.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.6...v3.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 12:17:16 +02:00
e057d5fe0a root: fix lockfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 11:19:11 +02:00
3fb53e8311 build(deps-dev): bump pytest-django from 4.1.0 to 4.2.0 (#721)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.1.0...v4.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2021-04-12 10:57:46 +02:00
96b9d931f3 build(deps): bump @lingui/cli from 3.8.6 to 3.8.9 in /web (#725)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.6 to 3.8.9.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.6...v3.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2021-04-12 10:56:56 +02:00
a35f77c612 build(deps-dev): bump pylint-django from 2.4.2 to 2.4.3 (#729)
* build(deps-dev): bump pylint-django from 2.4.2 to 2.4.3

Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.4.2...v2.4.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: fix pylint warning

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 09:33:56 +02:00
f287745c53 root: remove mapped port from server container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 09:29:06 +02:00
65e09f92cd build(deps): bump boto3 from 1.17.48 to 1.17.49 (#720)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.48 to 1.17.49.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.48...1.17.49)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 09:28:23 +02:00
9b6446701e build(deps): bump chart.js from 3.0.2 to 3.1.0 in /web (#724)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.0.2...v3.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 09:27:32 +02:00
71f7e23fe4 build(deps): bump eslint from 7.23.0 to 7.24.0 in /web (#723) 2021-04-12 08:31:28 +02:00
59eb89db6c build(deps): bump rollup from 2.44.0 to 2.45.1 in /web (#726) 2021-04-12 08:31:10 +02:00
939b55ce29 build(deps): bump @lingui/core from 3.8.6 to 3.8.9 in /web (#727) 2021-04-12 08:30:59 +02:00
7ba4e63c47 build(deps): bump postcss from 8.2.9 to 8.2.10 in /website (#728) 2021-04-12 08:30:49 +02:00
fae92f6bc8 *: fix JSONField overwriting required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 23:20:45 +02:00
f9bf491240 stages/invitation: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 23:09:09 +02:00
4f27a97e10 *: add validator to ensure JSON Fields only receive dicts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 23:05:19 +02:00
a0daaabfde web: replace full pf with components for loading animation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 22:02:48 +02:00
ea7ecb50c0 web: disable loading of roboto fonts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:52:01 +02:00
e7626d0716 Revert "release: 2021.4.1-rc1"
This reverts commit 2397cb162a.
2021-04-11 21:04:25 +02:00
e9d29b956d Merge branch 'master' into next 2021-04-11 21:02:59 +02:00
4a4ee98dec docs: fix typo in release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:49 +02:00
0d0baaa2f9 web/admin: fix missing css from ApplicationViewPage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:49 +02:00
1be1654bf2 web/elements: fix height when using PageHeader with Image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:48 +02:00
ca51afb7df web: always set css variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:37 +02:00
11c8ae8f18 web/admin: remove sidebar box shadow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:36 +02:00
858fcb8554 web/admin: classify no connected workers as error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:36 +02:00
571772854b web/admin: add tab to show events of a user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:35 +02:00
c91b40fc07 web/elements: use same icon for changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:35 +02:00
a736e708ae web/admin: use less generic slot names for ak-tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:24 +02:00
5c133a6c30 web/elements: make provider clickable for user's oauth codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:23 +02:00
078dfb30f3 web/admin: make username in events log clickable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:22 +02:00
b526250515 web: fix header colour for notification drawer in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:21 +02:00
e52d397cb7 docs: fix typo in release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 20:40:53 +02:00
633029be3f web/admin: fix missing css from ApplicationViewPage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 19:44:29 +02:00
4147fbb839 web/elements: fix height when using PageHeader with Image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 19:38:24 +02:00
430e3c576c web: always set css variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 19:00:29 +02:00
d6f60ad9ec web/admin: remove sidebar box shadow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:56:34 +02:00
de6f663688 web/admin: classify no connected workers as error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:48:24 +02:00
fe17c3aa34 web/admin: add tab to show events of a user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:46:26 +02:00
07b2525278 web/elements: use same icon for changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:40:48 +02:00
9f758d19ba web/admin: use less generic slot names for ak-tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:40:01 +02:00
4216577565 web/elements: make provider clickable for user's oauth codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:24:27 +02:00
f3396226e8 web/admin: make username in events log clickable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 17:51:17 +02:00
ae7959ff51 web: fix header colour for notification drawer in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 17:41:26 +02:00
b42b7be726 outpost: fix build dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 16:51:50 +02:00
2397cb162a release: 2021.4.1-rc1 2021-04-11 16:18:20 +02:00
80bcd09cec docs: add headers set by proxy outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 14:08:05 +02:00
1e10f37370 outpost: fix check for changed providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:50:04 +02:00
bf253643a6 web/elements: fix page header in firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:49:53 +02:00
ab4569e5d6 web/admin: fix application form's provider selection not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:49:35 +02:00
8df29235bb core: add provider_obj field to applications API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:31:31 +02:00
cb048764f4 providers/proxy: make outpost API readonly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:31:15 +02:00
5627848fad lifecycle: allow adjustment of worker cores
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:20:27 +02:00
fb53dc826a web/elements: fix TokenCopyButton error case
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:03:20 +02:00
335c5a0b80 web/elements: use ActionButton as base for TokeCopyButton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 00:52:51 +02:00
d76db3caba *: add missing error codes as swagger annotations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:55:43 +02:00
32d88c3a49 core: consider never consider expiring models with self.expiring set to false expired
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:42:42 +02:00
5522c94b65 web/admin: fix OutpostDeploymentModal not being closable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:31:11 +02:00
19e73630ab lib: discard all log messages from dbbackup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:20:20 +02:00
97364ad102 docs: fix markdown on release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 21:12:25 +02:00
55fd7cd151 Merge branch 'master' into version-2021.4 2021-04-10 21:10:14 +02:00
c9cc1629d6 Merge branch 'master' into next 2021-04-10 21:09:49 +02:00
f4ec678587 docs: prepare changelog for 2021.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 21:09:35 +02:00
115274e691 docs: prepare changelog for 2021.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 21:08:20 +02:00
96d3d536be docs: prepare changelog for 2021.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:58:55 +02:00
f156c0f05d web/admin: fix header hight for inherited objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:58:45 +02:00
5d64b0cafd web/admin: make provider in application list a link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:51:22 +02:00
182256c53e web/admin: migrate GroupForm to use TableModal instead of select multiple
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:23:48 +02:00
c44aa2a204 web/elements: add TableModal for selecting objects in a modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:13:40 +02:00
c133f16371 web/elements: move table search to table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:13:19 +02:00
ca2a4ffb59 web/elements: render ChipGroup when checkboxes are enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:12:57 +02:00
75bc7c1cbd web/elements: add Chip and ChipGroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:12:32 +02:00
7c761ff3d9 web/elements: add close button to notification drawer for mobile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 17:43:07 +02:00
f6b8dc5cea web/admin: move SidebarHamburger into PageHeader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 17:42:15 +02:00
6f7fb4c919 web/elements: add PageHeader element to replace page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 17:09:40 +02:00
1fbf6be6c2 web: add security.txt (#719) 2021-04-10 15:11:26 +02:00
f3aea29324 web/admin: add additional explanation what stages do
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 12:52:17 +02:00
f5921f8480 web/admin: add additional explanation what policies do
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 12:37:08 +02:00
c82cd4fbcf web/admin: fix CSS for outpost deployment modal, fix URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 12:20:45 +02:00
83bb3f8b0b web/elements: disable lineNumbers in codemirror for firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 18:57:34 +02:00
c887139367 web/elements: add ak-label for status to replace simple icons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 17:09:38 +02:00
34b8a97ae9 web/admin: add custom rendering for inbuilt sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 16:30:53 +02:00
5dd29d45d8 core: make Source model managed, add inbuilt source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 16:20:59 +02:00
43ad4f58ac web/elements: fix height of branding on firefox in certain screen sizes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 15:54:41 +02:00
23f269d676 web/admin: add note that attributes are yaml/json
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 14:30:49 +02:00
e7346317bb web/elements: fix codemirror error on reset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 14:19:31 +02:00
98318953cd sources/ldap: create event when user integrity error occurs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 12:17:27 +02:00
5a5a32ff83 web/elements: fix checkbox not being sent correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:58:52 +02:00
232a5a8ad0 root: set default session age to expire on browser close
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:50:09 +02:00
6049d91f7c Merge branch 'next'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/sources/ldap/signals.py
2021-04-09 11:29:57 +02:00
118f55d95c sources/ldap: fix error during event creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:29:32 +02:00
1494394a78 sources/ldap: fix error during event creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:24:13 +02:00
963af1ac1e web/admin: adjust label for ldap password sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:24:13 +02:00
e7b7186f4b docs: update ad docs for password writeback permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:24:13 +02:00
33fb06a299 build(deps): bump @lingui/cli from 3.8.3 to 3.8.6 in /web (#714)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.3 to 3.8.6.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.3...v3.8.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-09 10:57:11 +02:00
66e0c545ac build(deps): bump @babel/plugin-proposal-decorators in /web (#716)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.13.5 to 7.13.15.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.15/packages/babel-plugin-proposal-decorators)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-09 10:56:57 +02:00
1fbc7ed5fa build(deps): bump @lingui/macro from 3.8.3 to 3.8.6 in /web (#718) 2021-04-09 08:49:59 +00:00
9c081ae417 build(deps): bump @babel/preset-env from 7.13.12 to 7.13.15 in /web (#715) 2021-04-09 08:47:43 +00:00
17faffd78e build(deps): bump @babel/core from 7.13.14 to 7.13.15 in /web (#717) 2021-04-09 08:48:20 +02:00
16885b064e build(deps): bump @babel/plugin-transform-runtime in /web (#713) 2021-04-09 08:47:40 +02:00
65bee361a2 build(deps): bump @lingui/core from 3.8.3 to 3.8.6 in /web (#712) 2021-04-09 08:47:29 +02:00
aff192dbbe build(deps): bump boto3 from 1.17.47 to 1.17.48 (#711) 2021-04-09 08:47:02 +02:00
d37c33d941 sources/ldap: only save sync state in TaskInfo, return TaskInfo in API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 23:33:41 +02:00
7b0005ac42 stages/password: handle authenticate() throwing a ValidationError
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 23:13:25 +02:00
aefeb5bacf sources/ldap: create Event when changing a user's password fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 23:13:11 +02:00
7d0e7bcf75 core: return none when application has no launch URL and none could be guessed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:59:11 +02:00
dbc75428a0 web/admin: add button to open application from list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:51:24 +02:00
e33a1ea0c7 web/admin: fix ApplicationForm setting wrong field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:51:13 +02:00
ca35204e0c flows: ask for email address in oob flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:50:58 +02:00
4a74d16388 web/admin: fix default icon for application list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:28:36 +02:00
3c47555276 web/admin: Show inbuilt authentik db as source in sources list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:25:57 +02:00
c5abecf578 web/admin: add provider create button to application form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:16:59 +02:00
8793bb1358 web: fix color of form-group header in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:13:45 +02:00
37632bd0c7 lib: don't send DockerException to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:03:10 +02:00
fb09c8f863 website: add discord links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 21:03:48 +02:00
f14d0aade4 build(deps): bump @types/chart.js from 2.9.31 to 2.9.32 in /web (#708) 2021-04-08 08:35:55 +02:00
29eda41eed build(deps): bump boto3 from 1.17.46 to 1.17.47 (#709) 2021-04-08 08:35:21 +02:00
5eaead60b6 build(deps): bump typescript from 4.2.3 to 4.2.4 in /web (#710) 2021-04-08 08:35:08 +02:00
4054e6da8c helm: don't automount Service token when integration is not enabled, improve k8s detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 16:16:17 +02:00
12b1f53948 root: monitor redis in readiness check, relax monitoring period
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 15:51:19 +02:00
35232afa7e core: skip backup when running in k8s and s3 backup not configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 15:34:28 +02:00
17de0ff24e build(deps): bump django from 3.1.7 to 3.2 (#707)
* build(deps): bump django from 3.1.7 to 3.2

Bumps [django](https://github.com/django/django) from 3.1.7 to 3.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.7...3.2)

Signed-off-by: dependabot[bot] <support@github.com>

* root: set DEFAULT_AUTO_FIELD and remove full app config paths

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: check parent class for component and serializer on abstract classes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 10:54:38 +02:00
c5b56fd4e6 build(deps): bump boto3 from 1.17.45 to 1.17.46 (#705) 2021-04-07 08:59:56 +02:00
8f20376804 build(deps): bump docker from 4.4.4 to 5.0.0 (#706) 2021-04-07 08:59:40 +02:00
a2a35e49a9 improved out-of-box experience (#704) 2021-04-06 20:25:22 +02:00
fb409a73a1 web/elements: Fix display in deleteform when object has no name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:36:42 +02:00
a13d89fcde web/admin: fix BoundPoliciesList using wrong key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:24:50 +02:00
a31fc8319d policies: fix policybinding API returning wrong policy objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:24:32 +02:00
b09943e106 web/admin: fix error when editing stages from BoundStageList
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:15:53 +02:00
d5169504ea web/admin: add button to create prompt on PromptStageForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 16:58:28 +02:00
e678e3553b web/admin: fix default order for *bindingForms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 16:57:11 +02:00
4b2119510c web/admin: open flow execution in new tab
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 16:56:03 +02:00
e903582f96 web/admin: fix default for PolicyBindingForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 12:11:59 +02:00
20de845f2b web/admin: fix inconsistent modal size from BoundPoliciesList
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 12:11:48 +02:00
5fc052a384 web: remove test page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 11:49:48 +02:00
7b523d8be2 build(deps): bump @typescript-eslint/parser in /web (#698)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.20.0 to 4.21.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.21.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 10:05:47 +02:00
af15e32d30 build(deps): bump @lingui/cli from 3.8.2 to 3.8.3 in /web (#700)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.2...v3.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 10:05:38 +02:00
b6900e498c build(deps): bump @lingui/macro from 3.8.2 to 3.8.3 in /web (#699)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.2...v3.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 10:04:26 +02:00
dfc1cc08bb build(deps): bump tslib from 2.1.0 to 2.2.0 in /web (#701)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.1.0...2.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 09:53:53 +02:00
80e426a4b8 build(deps): bump boto3 from 1.17.44 to 1.17.45 (#697) 2021-04-06 07:55:48 +02:00
2196468804 build(deps): bump @lingui/core from 3.8.2 to 3.8.3 in /web (#702) 2021-04-06 07:55:23 +02:00
5ccbc17e65 build(deps): bump @typescript-eslint/eslint-plugin in /web (#703) 2021-04-06 07:55:10 +02:00
b98b4f2ae7 web/admin: add backup status card
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 20:40:30 +02:00
dcc873b88b admin: add API to get info for a single task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 20:40:22 +02:00
d48badbca3 web/admin: show ldap sync status on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 20:36:31 +02:00
f0ef2eea4f admin: sort tasks api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 19:21:19 +02:00
61652406c7 events: add progress bar to event expiry migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 13:33:01 +02:00
11859c8cea build(deps): bump boto3 from 1.17.43 to 1.17.44 (#692)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.43 to 1.17.44.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.43...1.17.44)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05 11:53:58 +02:00
a6608c140e build(deps): bump chart.js from 2.9.4 to 3.0.2 in /web (#696)
* build(deps): bump chart.js from 2.9.4 to 3.0.2 in /web

Bumps [chart.js](https://github.com/chartjs/Chart.js) from 2.9.4 to 3.0.2.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v2.9.4...v3.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

* web/elements/chart: upgrade to chart.js 3

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 11:28:22 +02:00
3da23829d3 build(deps): bump rapidoc from 8.4.9 to 9.0.0 in /web (#695) 2021-04-05 09:14:19 +02:00
ab8c954e00 build(deps): bump django-otp from 1.0.2 to 1.0.3 (#694) 2021-04-05 09:13:45 +02:00
c89ec88751 build(deps-dev): bump pytest from 6.2.2 to 6.2.3 (#693) 2021-04-05 09:13:33 +02:00
c0dbb738bd Merge branch 'master' into next 2021-04-05 01:12:31 +02:00
d0230c0b54 web: fix misc strings not being translated properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 01:12:13 +02:00
a9336d0983 web: allow for non-path elements in hash, store current tab page in hash
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 01:04:14 +02:00
2c4239d79a web: allow for non-path elements in hash, store current tab page in hash
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 23:19:08 +02:00
1a0a62975c web/admin: rework policybindingform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 22:56:28 +02:00
e06d729fe5 web: SpinnerSize -> PFSize, add size prop for modal button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 22:04:46 +02:00
a66b832154 web/admin: fix policies of oauth/saml source not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 21:03:57 +02:00
b2189374e2 web/admin: remove divider from cert form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:57:33 +02:00
ff40ab0c49 web/elements: fix font colour for confirmation form in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:54:03 +02:00
002c048d0b web/elements: rewrite SpinnerButton to promises, fix spinner button with forms after errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:42:50 +02:00
52029f55e4 web: fix form error text not being red in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:26:00 +02:00
85121de9d7 web/admin: only set ?writeOnly when editing an object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:11:57 +02:00
93b362570d web/elements: add ?writeOnly flag for passwords etc
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:07:46 +02:00
597bd472ea web/admin: fix inconsistent button levels for events lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 19:07:42 +02:00
e2f01ce740 web: replace spaces after icons with nbsp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 19:01:00 +02:00
d4982b276c web: fix mismatched css files between static and SSR
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 18:35:16 +02:00
c1d93bfd7c web: fix TableColumn sort fields being translated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:56:16 +02:00
469b6b64bc web/admin: link EventInfoPage on EventListPage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:51:43 +02:00
c0bdb2407a web/admin: fix card title on oauth source settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:46:36 +02:00
596431cae7 web/admin: replace paper-input on user settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:45:38 +02:00
6b085a58be web/elements: fix width for vertical tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:44:29 +02:00
bd514dcce6 web: fix untranslated table columns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:22:29 +02:00
d83756b4d9 web/admin: use expandable for Task list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:20:49 +02:00
16d989dbfa core: fix schema for Challenge's type enum
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:15:58 +02:00
9517c890b5 if/*: show loading animation before full JS is loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:10:08 +02:00
8cae1f2ab5 stages/email: add tests for API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:14:58 +02:00
90e7856efb docs: update screenshots
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:05:35 +02:00
37a14858ad policies: fix display of policy result source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:04:41 +02:00
5b5d7e4997 web/admin: add edit button to application view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:01:42 +02:00
67fef02d71 web: fix minor issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:41:18 +02:00
b8c41f54c5 stages/email: update default email templates
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:40:52 +02:00
97ea859315 web/admin: default FlowStageBinding's order to 0
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:19:52 +02:00
616b1f4a05 web: sort groups from groupBy<T>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:19:34 +02:00
d1cde64214 stages/email: add support for custom template to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:19:22 +02:00
d061868fdc web/elements: show form without stack in modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 12:18:10 +02:00
a2cfe9c2a7 admin: sort apps in meta api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 12:17:35 +02:00
8a7c414031 web/*: fix defaults for booleans to use first()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:41:13 +02:00
46e0571ed0 web/admin: only show http basic fields for proxy provider when enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:30:02 +02:00
1835981f3d web/*: add loading indicator to select inputs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:24:06 +02:00
87fdb591ce web/admin: fix unlocalised strings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:10:56 +02:00
195951a61a web/elements: fix ActionButton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 23:23:29 +02:00
1f781eb78a web/elements: make ak-spinner-button work with ModalForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 23:09:52 +02:00
1b63e461cc web/api: log requests to console
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 23:06:57 +02:00
e8dc6b259f Merge pull request #691 from BeryJu/web-intl 2021-04-03 21:32:57 +02:00
a7f751f3b3 web/admin: fix expression info not being localised
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:53:52 +02:00
ed18e623db web/admin: fix edit button on user page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:37:32 +02:00
b37470b3de web: activate pseudo-locale using querystring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:34:16 +02:00
e246071aac core: fix user metrics not accepting detail
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:33:59 +02:00
4554c468bc web/elements: fully translate table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:01:29 +02:00
5923edc69a web: translate sidebar and more list pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:59:22 +02:00
55c24de8c7 policies: fix error when viewing/clearing cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:57:50 +02:00
25300c1928 web: initial migration to lingui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:44:56 +02:00
fc1caf1469 api: remove js i18n catalog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:07:54 +02:00
44d33ed96e web: add basic lingui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:07:11 +02:00
650b084c72 web: migrate to babel
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 18:20:17 +02:00
82c2a202cb web/admin/providers/oauth2: only show client secret when clientType is not public
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 15:09:52 +02:00
aaa1f92945 web/admin/providers/oauth2: add generated defaults for clientId and secret
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 14:51:05 +02:00
66d7d598fb web/elements: remove modalbutton logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 14:34:46 +02:00
8d2aecd687 web/admin: remove left-over ak-modal-buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 14:32:19 +02:00
6eff2fe0d1 Merge pull request #683 from BeryJu/new-forms-part-3
New forms part 3
2021-04-03 14:05:20 +02:00
eeb9449c11 lib: remove templatetags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:37:32 +02:00
94a5a6c4c0 web/elements: fix race condition in codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:08:46 +02:00
a291063b9c web/admin/providers: use form groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:08:35 +02:00
c17eb00e3b providers/oauth2: fix component for Scope
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:08:21 +02:00
43f37e4776 web: add first() to improve defaults
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 11:41:11 +02:00
42cb55d78a *: rename objectType to component to get rid of lookup tables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 11:32:17 +02:00
aaebd01058 admin: finalise migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:20:20 +02:00
d7698343ae stages/authenticator_validate: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:15:32 +02:00
0b057ccb34 stages/authenticator_webauthn: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:06:41 +02:00
995f3a13d1 stages/authenticator_static: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:03:43 +02:00
ab7f4c5ba2 stages/authenticator_totp: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:01:59 +02:00
be4288fb46 stages/consent: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:55:17 +02:00
75d8641a38 stages/dummy: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:49:15 +02:00
1d72019645 stages/deny: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:48:15 +02:00
c1c47c5f30 stages/email: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:46:40 +02:00
fc47af12be stages/invitation: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:42:41 +02:00
a9bee998f2 stages/password: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:22:23 +02:00
31226e3c75 stages/prompt: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:10:59 +02:00
f7aabe8ca9 stages/user_delete: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:04:20 +02:00
8ac82b97d3 stages/user_write: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:54:00 +02:00
128af67011 stages/user_logout: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:52:55 +02:00
fb9a4ec461 stages/user_login: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:51:39 +02:00
2a261cfaf8 stages/identification: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:45:50 +02:00
224ad46a21 stages/captcha: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:45:39 +02:00
05cc8e2b51 tests: only create selenium_screenshots/ on error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:23:09 +02:00
ffe3ec0cb4 root: disable django admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:21:40 +02:00
448dd7ed54 core: change TypeCreateSerializer to component
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:17:30 +02:00
1dc01ef857 *: add API tests for types endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:11:53 +02:00
0f76e80341 admin: remove policies views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:15:48 +02:00
6acfbb7d66 policies/reputation: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:09:30 +02:00
fcdc064cac policies/password: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:09:19 +02:00
0c92f4a74d policies/hibp: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:57:55 +02:00
ac136ec5f6 policies/expiry: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:49:37 +02:00
f75f6a8404 policies/expression: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:42:30 +02:00
415bb4cc88 policies/event_matcher: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:37:51 +02:00
6a3e1da986 policies/dummy: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:31:53 +02:00
5a6b6c369e admin: add API to get all installed apps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:13:09 +02:00
66d342880c events: add API to get all event actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:02:58 +02:00
7fad2b6563 sources/oauth: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 15:42:07 +02:00
22f50aae45 managed: fix ManagedSerializer interfering with other serializers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 15:00:15 +02:00
1daba5db87 sources/oauth: revamp types system, move default URLs to type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 14:59:58 +02:00
83fc22005c *: remove swagger parameters from functions that don't accept them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:39:22 +02:00
7eb7fc2e12 sources/oauth: add API to get provider types
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:26:42 +02:00
07702afe68 sources/saml: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:12:31 +02:00
0aa21c007a web/elements: delegate requestUpdate in proxyform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:11:47 +02:00
c659e40df7 web/elements: make form sync slug field with name field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:56:03 +02:00
ffacd4d021 web/admin: fix oauth2 provider rsaKey being required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:48:21 +02:00
54ad6b8dd9 web/admin: fix flows not showing slug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:48:09 +02:00
70fc4c0d88 sources/ldap: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:12:14 +02:00
742f570c4c managed: add API serializer, add managed field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:03:33 +02:00
75d67e0e05 web/elements: add formgroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 11:47:03 +02:00
7bd7ae41b4 Merge branch 'master' into new-forms-part-3 2021-04-02 10:58:26 +02:00
5f9a9b80f0 build(deps): bump @sentry/tracing from 6.2.4 to 6.2.5 in /web (#688) 2021-04-02 10:27:30 +02:00
94208477e9 build(deps): bump boto3 from 1.17.42 to 1.17.43 (#687) 2021-04-02 09:42:10 +02:00
4da0803f15 build(deps): bump @sentry/browser from 6.2.4 to 6.2.5 in /web (#689) 2021-04-02 09:41:59 +02:00
72201c296b build(deps): bump golang from 1.16.2 to 1.16.3 in /outpost (#690) 2021-04-02 09:41:35 +02:00
ed2e9b88e7 Merge branch 'master' into new-forms-part-3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 23:02:22 +02:00
dd88d9254e Merge branch 'next'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/interfaces/AdminInterface.ts
2021-04-01 20:46:06 +02:00
509f21a9b4 providers/oauth2: add validation and tests to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 20:43:18 +02:00
b299451cab providers/saml: fix metadata download not being unauthenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 20:16:07 +02:00
7e63a18d37 providers/saml: fix unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 20:05:50 +02:00
b9e718f5b8 web: build polyfills into separate file, load first
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 19:55:32 +02:00
b4a6f8350b admin: remove provider views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 19:28:30 +02:00
5eb9b95ab5 providers/saml: migrate import to API, add API tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 19:28:12 +02:00
4e3701ca8d web/admin: migrate provider forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 15:39:59 +02:00
7a0ebbdc53 crypto: add filter for key-pairs with private key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 11:38:35 +02:00
051c5672b9 Merge branch 'master' into new-forms-part-3 2021-04-01 10:43:09 +02:00
57f242ccf8 build(deps): bump github.com/go-openapi/swag in /outpost (#686)
Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.19.14 to 0.19.15.
- [Release notes](https://github.com/go-openapi/swag/releases)
- [Commits](https://github.com/go-openapi/swag/compare/v0.19.14...v0.19.15)

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-01 10:34:04 +02:00
0c2903f33f build(deps): bump @patternfly/patternfly from 4.90.5 to 4.96.2 in /web (#684) 2021-04-01 08:54:07 +02:00
d7cbebcb02 build(deps): bump boto3 from 1.17.41 to 1.17.42 (#685) 2021-04-01 08:52:12 +02:00
d3f2f987e0 providers/saml: migrate saml property mappings to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:38:40 +02:00
221e6190c8 sources/ldap: migrate property mappings to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:08:40 +02:00
6a69425688 providers/oauth2: migrate scope mapping to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:07:57 +02:00
656fe00302 outposts: migrate service connections to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:47:41 +02:00
884c91062d web/elements: fix error when resetting a proxyform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:34:48 +02:00
a7d9857a69 web/elements: fix codemirror not being updateable without focus
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:32:28 +02:00
f814f7792c web/elements: add ProxyForm to instantiate forms based on string type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:27:59 +02:00
e264e10ad6 web/elements: improve codemirror mismatching value
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:18:40 +02:00
f2d5d62c9c Merge pull request #676 from BeryJu/new-forms-part-2
New forms part 2
2021-03-31 21:19:42 +02:00
af438af8ac stages/invitation: add API tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 20:52:46 +02:00
041b51a7f8 policies: add tests for bindings API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 20:37:24 +02:00
330d5047e7 core: add tests for token API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 20:36:28 +02:00
e476186cbc web/admin: migrate policybinding form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 19:41:42 +02:00
3124b0f39c web/elements: add support for non-field errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 19:13:56 +02:00
55f68a9197 policies: fix api updating issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 18:54:36 +02:00
c92a2ecbf5 web/admin: fix hideManaged toggle for propertymapping list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 16:47:39 +02:00
d248b30eb3 policies: fix serializers for bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 16:26:52 +02:00
c71009fea9 web/admin: move BoundPoliciesList to pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 16:04:04 +02:00
b15aca80ca web: add utils for grouping
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 15:57:59 +02:00
25e043afea web/admin: migrate FlowStageBinding form to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 15:46:48 +02:00
0395c84270 web/admin: fix flow execute button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 15:00:54 +02:00
e66c46ff59 Merge branch 'master' into new-forms-part-2 2021-03-31 14:16:24 +02:00
46f4493f04 policies: configurable engine mode (#682)
* policies: add policy_engine_mode field, defaults to MODE_ALL

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to forms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: update default for new objects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* docs: add to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 14:14:56 +02:00
da5de30d7b docs: update expression docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 11:54:03 +02:00
5cbcd89369 build(deps): bump github.com/go-openapi/strfmt from 0.20.0 to 0.20.1 in /outpost (#681)
* build(deps): bump github.com/go-openapi/strfmt in /outpost

Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.20.0...v0.20.1)

Signed-off-by: dependabot[bot] <support@github.com>

* outpost: fix dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 09:58:37 +02:00
32f5cc7fba build(deps): bump @sentry/browser from 6.2.3 to 6.2.4 in /web (#678)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.2.3 to 6.2.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.3...6.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 09:58:00 +02:00
c6005ea389 build(deps): bump boto3 from 1.17.40 to 1.17.41 (#680) 2021-03-31 08:36:42 +02:00
60b6a7cdfc build(deps): bump postcss from 8.2.8 to 8.2.9 in /website (#679) 2021-03-31 08:36:28 +02:00
f5bc5fa24a build(deps): bump @sentry/tracing from 6.2.3 to 6.2.4 in /web (#677) 2021-03-31 08:36:11 +02:00
f9382ed32e web/admin: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 23:18:07 +02:00
c0cfd75a2e web/admin: add UserTokenForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:51:26 +02:00
64fa04306c core: overwrite user on token creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:46:19 +02:00
7a583cb7e6 web/admin: move user settings into separate folder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:22:11 +02:00
cb0b5f7146 web/admin: migrate prompts to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:12:06 +02:00
8a3b1ae29d web/admin: migrate invitations to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:11:30 +02:00
717282b4b7 web/elements: fix error resetting form with codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 19:56:00 +02:00
78a4a167ac outposts: remove outpost form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:45:26 +02:00
23d7ef36d2 core: remove provider and outpostserviceconnection base model create operations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:35:06 +02:00
d1dd6b7a8f core: fix tests for property mapping API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:34:33 +02:00
9c65fd814b web: fix saving for CodeMirror not returning an object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:20:48 +02:00
58a7d67922 web/admin: migrate property mapping test to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:53:43 +02:00
b1fb2982ef web/admin: port policy test form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:53:26 +02:00
f206baf3f0 core: add API to test property mapping
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:32:57 +02:00
6916c59483 policies: fix test API not working, add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:22:47 +02:00
41914d9b7a crypto: add tests for builder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 16:34:45 +02:00
1f89b94f66 Merge pull request #664 from BeryJu/new-forms
web: New forms
2021-03-30 16:32:50 +02:00
80b0aef210 core: add new permissions for tokens to view key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:50:41 +02:00
b1214f6c35 *: add new base class for non-model serializers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:50:00 +02:00
c7dcf92a2e api: add tests for swagger generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:23:37 +02:00
50ce5aa2b4 root: replace pytest with pyproject in dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:08:54 +02:00
b3b8e71caa web/flows: fix challenge type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 14:34:20 +02:00
3686cba6b4 root: fix build for static files during e2e
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 14:06:11 +02:00
b1967b42e3 root: temporarily use failfast to debug tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 13:05:49 +02:00
bfa0c46588 tests/e2e: fix source tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 11:05:31 +02:00
69ee18e13d Merge branch 'master' into new-forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
2021-03-30 10:26:18 +02:00
c180a521ec build(deps-dev): bump pylint from 2.7.2 to 2.7.3 (#674)
* build(deps-dev): bump pylint from 2.7.2 to 2.7.3

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.7.2...pylint-2.7.3)

Signed-off-by: dependabot[bot] <support@github.com>

* sources/saml: fix linting for SAMLBindingTypes.Redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/oauth: Fix linting for RequestKind

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix linting for ChallengeTypes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 10:05:14 +02:00
59f5846d1a root: replace bumpversion with bump2version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 09:54:10 +02:00
7e85524e51 *: simplify API permissions checking, add API for user recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 09:45:48 +02:00
59e1811187 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#672)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.19.0 to 4.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.20.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 09:21:04 +02:00
120332924b build(deps-dev): bump @typescript-eslint/parser in /web (#671) 2021-03-30 09:11:07 +02:00
01ae3334ee build(deps): bump rollup from 2.43.1 to 2.44.0 in /web (#673) 2021-03-30 09:10:55 +02:00
03cf8799c4 build(deps): bump boto3 from 1.17.39 to 1.17.40 (#675) 2021-03-30 09:10:44 +02:00
54c50f6446 policies: add test API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 23:40:36 +02:00
09aa5d6350 web/admin: migrate outposts to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 23:12:31 +02:00
e5ff416c2d outposts: add API for default config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:52:08 +02:00
21ea527623 api: fix invalid swagger schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:34:24 +02:00
36c34e05f8 stages/authenticator_webuahtn: remove views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:31:29 +02:00
7a93b9e565 web/user: use ak form element for webauthn device
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:31:12 +02:00
3945dc9f3f web/admin: fix execute button on flow view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:30:57 +02:00
e96d2fa666 web/admin: migrate flows to web forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:24:46 +02:00
3a2f285a87 flows: add API to debug-execute a flow and import flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:21:04 +02:00
a09481dea2 flows: add API to set background image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:40:08 +02:00
03ff495011 web/admin: migrate application form to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:39:53 +02:00
657b0089b1 core: add set_icon operation to applications API to set icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:16:13 +02:00
7d74e1d2c4 *: revert to drf-yasg upstream
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:04:54 +02:00
81ac53ff0a web/admin: migrate events notification rules to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 19:22:22 +02:00
6c999d10c3 web/elements: trigger refresh on successful modalform submit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 19:20:21 +02:00
1e58941323 web/admin: migrate Event Transport to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 19:06:00 +02:00
a52b57cc38 events: fix missing send_once param from api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:58:54 +02:00
bffa51f7df web: cleanup required attr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:25:59 +02:00
d5281d2023 web: set name on ak-form-element-horizontal for error messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:24:56 +02:00
5b8e3b4189 web: improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:18:25 +02:00
372cf4a8cb api: add error responses to swagger schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:09:45 +02:00
fc17580d9a web: only show message on server error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:36:52 +02:00
dfff2a1134 web/admin: migrate crypto/certificatekeypair to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:35:13 +02:00
b3d54b7620 api: cleanup args for @permission_required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:33:55 +02:00
a445b03523 crypto: add API to generate keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:33:27 +02:00
5d37012075 api: allow @permission_required with no object permission
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:28:28 +02:00
a9db538c63 web/admin: fix missing css for descriptor list in cert list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 16:23:43 +02:00
526af26536 web/admin: migrate user forms to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 16:16:27 +02:00
fac8d53163 web/admin: fix message when object is created
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:57:38 +02:00
0804b5e6c5 web: shrink flow build by not including router
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:53:56 +02:00
464a56ad52 Merge branch 'master' into new-forms 2021-03-29 15:37:12 +02:00
0793fff222 *: simplify API permissions checking, add API for user recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:36:35 +02:00
4fa122b827 docs: add integration docs for minio
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 14:51:33 +02:00
583b6cc20b web/admin: remove site-shell
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 14:42:28 +02:00
ed17920bd4 Merge branch 'master' into new-forms 2021-03-29 12:28:35 +02:00
3cc7d54cc1 policies: use GroupSerializer for PolicyBinding API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:28:06 +02:00
d71d45b958 web/admin: use shadowroot for codemirror, remove styles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:21:00 +02:00
e7c6ff9499 admin: remove group views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:03:11 +02:00
1b496dd472 web/admin: use new group form for create
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:02:58 +02:00
c1781d89df build(deps): bump boto3 from 1.17.37 to 1.17.39 (#670)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.37 to 1.17.39.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.37...1.17.39)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 12:02:07 +02:00
12bfa404c8 web: rudimentary lazy loading for modals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 11:59:30 +02:00
76e571ea0a web: use custom-element as wrapper
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 10:09:43 +02:00
48ee582f37 Merge branch 'master' into new-forms 2021-03-29 09:58:35 +02:00
9d0398f81d docs: fix incorrect URL for AWX integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 09:10:01 +02:00
d2d0e99f9d build(deps): bump rollup from 2.42.4 to 2.43.1 in /web (#669)
Bumps [rollup](https://github.com/rollup/rollup) from 2.42.4 to 2.43.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.42.4...v2.43.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:08:42 +02:00
e165b3dae5 build(deps-dev): bump @rollup/plugin-typescript in /web (#668)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.2.0 to 8.2.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v8.2.0...typescript-v8.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:08:27 +02:00
6abd8a0ca0 build(deps-dev): bump eslint from 7.22.0 to 7.23.0 in /web (#667)
Bumps [eslint](https://github.com/eslint/eslint) from 7.22.0 to 7.23.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.22.0...v7.23.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:07:59 +02:00
78acfc18fc build(deps): bump djangorestframework from 3.12.3 to 3.12.4 (#666)
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.3 to 3.12.4.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:07:03 +02:00
aced8b507c build(deps): bump gunicorn from 20.0.4 to 20.1.0 (#665)
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 20.0.4 to 20.1.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/20.0.4...20.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:06:25 +02:00
fbc33815a3 core: fix user view imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:33:27 +02:00
768d72ec24 web/admin: implement groupform using webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:07:11 +02:00
bd9c0efab7 core: use only user ids for group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:03:48 +02:00
d358dc1182 Merge branch 'next' into new-forms 2021-03-28 20:25:08 +02:00
956d868106 web: cleanup routes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 16:10:28 +02:00
0fcef494a6 Merge branch 'next' into new-forms 2021-03-27 23:48:04 +01:00
6f6fe6ad06 flows: fully fix unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:47:00 +01:00
926636c331 web: fix error handling in forms for non-server errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:39:31 +01:00
2e6a264f98 web: migrate group forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:38:53 +01:00
95ecad8382 Merge branch 'next' into new-forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/api/legacy.ts
#	web/src/main.ts
#	web/src/pages/users/UserSettingsPage.ts
2021-03-27 23:21:16 +01:00
035771de81 web: add middleware that shows message for failed API requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:18:51 +01:00
1a53bc3de5 web: use FlowURLManager for cancel links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:18:11 +01:00
e621eb7455 web: cleanup message API, use enum for level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:11:44 +01:00
261583cb92 flows: fix tests for dummy stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:58:41 +01:00
1bc48d2bea stages/dummy: fix missing component
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:35:36 +01:00
9bab708e6e web/flows/authenticator_validate: auto-select TOTP device when password manager prefills it
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:32:15 +01:00
103e0f3b06 web: add default title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:24:09 +01:00
c8608db4ee web: cleanup entrypoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:06:42 +01:00
869f18483f web: fix flow's policy and stage count missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:02:01 +01:00
32fb90e056 core: include full users in group API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 15:53:54 +01:00
f636414fb7 Merge branch 'master' into new-forms 2021-03-26 16:08:54 +01:00
a4fd0dc597 Merge branch 'master' into next 2021-03-26 09:42:23 +01:00
2a437536d4 build(deps): bump djangorestframework from 3.12.2 to 3.12.3 (#663)
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.2 to 3.12.3.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.12.2...3.12.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-26 09:39:51 +01:00
a39f42974f build(deps): bump boto3 from 1.17.36 to 1.17.37 (#662)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.36 to 1.17.37.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.36...1.17.37)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-26 09:39:15 +01:00
2e58982419 web/elements: fix detection of inner forms, catch errors and don't close modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 22:08:09 +01:00
72cca0473a web/elements: throw error in form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 22:07:54 +01:00
02212406c4 web: start migrating: groups form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 21:39:49 +01:00
2fade4e604 web/elements: add ModalForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 14:27:16 +01:00
469ba3a391 web/flows: fix WebAuthn register stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 10:07:23 +01:00
0b3980e564 web: fix URLs for FlowURLManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 10:07:10 +01:00
cfcf7aa2ae web: separate forms into dedicated file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 09:52:19 +01:00
fc6f242f86 web/admin/user: fix user source connection lookups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 09:14:07 +01:00
ec8dee3588 web: add API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 09:14:07 +01:00
e7fd37efeb build(deps): bump boto3 from 1.17.35 to 1.17.36 (#660)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.35 to 1.17.36.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.35...1.17.36)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-25 09:13:24 +01:00
ccd4665d82 build(deps): bump rollup from 2.42.3 to 2.42.4 in /web (#661)
Bumps [rollup](https://github.com/rollup/rollup) from 2.42.3 to 2.42.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.42.3...v2.42.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-25 09:13:14 +01:00
fe4791c216 web: initial implementation of new forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 00:05:11 +01:00
6e46124c94 web/admin/user: fix user source connection lookups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 21:40:08 +01:00
1275f22599 web: add API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 21:16:03 +01:00
533a719914 sources/oauth: migrate to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 20:35:00 +01:00
a085632b8e stages/authenticator_*: migrate remaining stages to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 20:13:31 +01:00
1ef5a8e6c5 stages/password: migrate settings to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 19:48:24 +01:00
ab5d6dbea1 sources/authenticator_webauthn: rewrite to webcomponent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 18:00:37 +01:00
ffd8c59c8e api: use common skeleton in swagger template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:46:41 +01:00
83c3a116f3 core: add Serializer for UserSettings, used by stages and sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:46:31 +01:00
f695a3f40a stages/authenticator_*: fix missing fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:19:39 +01:00
f41f2bfdab sources/saml: use STAGE_CONFIGURATION for default-source-pre-authentication flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:12:41 +01:00
17f7a97ef3 sources/oauth2: add API For UserSourceConnection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 14:46:08 +01:00
3698c6431c flow: pass Query on FlowExecutorSolve to prevent redirect issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 14:12:49 +01:00
4d88af4601 flows: fix RedirectChallenge wrapper being confused by querystrings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 12:47:12 +01:00
dce869b566 flows: fix post-email continuation not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 12:46:54 +01:00
1d641b2432 root: update swagger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:55:50 +01:00
5a5539da97 sources/saml: fix failing unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:55:43 +01:00
e12d99ba63 Merge branch 'master' into next 2021-03-24 09:22:41 +01:00
4612cea970 sources/saml: replace server-side pre-auth views for pre_auth flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:22:15 +01:00
da4fa96499 sources/oauth: simplify enrollment handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:22:15 +01:00
4137266041 flows: revert to sever-side redirects for security, pass querystring from client during flow plan
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:22:15 +01:00
9427942ea8 build(deps): bump boto3 from 1.17.34 to 1.17.35 (#659)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.34 to 1.17.35.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.34...1.17.35)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24 08:05:16 +01:00
5b8b973345 flows: revert to sever-side redirects for security, pass querystring from client during flow plan
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 22:35:50 +01:00
d44dc00757 web: only set background during initial load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 21:58:12 +01:00
37655e1e21 web/flow: fix deep redirects not working properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 20:05:35 +01:00
a1f961db97 web/flow: fix styling of loading between stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 19:52:00 +01:00
62d0e020db stages/email: add wrapper view to accept queryargs and redirects to flow if
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 19:42:58 +01:00
fa5f379a53 outposts: fix docker image not having correct tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:31:26 +01:00
3f6174e8cc ci: fix missing isort
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:28:23 +01:00
1fd949d4ec flows: remove FlowExecutorShellView
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:09:13 +01:00
de6fa63d21 web: detect deep links in flow interface and redirect locally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:04:21 +01:00
cfe7bc8155 flows: migrate access denied message to webcompoennts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 17:55:13 +01:00
c6c4636b9b policies: show messages of root result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 17:14:54 +01:00
bd74e07ce1 flows: move <ak-message-container> outside of flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 16:18:00 +01:00
45c1072291 web: add execute button to flow view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 16:06:08 +01:00
33787d0685 web: remove pf-c-card-aggregate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 16:05:37 +01:00
068d281b19 web: use constants for custom event names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 15:16:56 +01:00
56344cadeb web: add confirmation form for simple write-requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 15:07:45 +01:00
3c2d541d60 web: refresh status card on ak-refresh event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 15:04:09 +01:00
0671d712fa policies: remove deprecated group_membership policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 14:43:24 +01:00
6961089425 flows: add API to clear cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 10:37:41 +01:00
b6d797fc78 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#654)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.18.0 to 4.19.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.19.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:24:04 +01:00
3e5a756016 build(deps): bump rollup from 2.42.1 to 2.42.3 in /web (#655)
Bumps [rollup](https://github.com/rollup/rollup) from 2.42.1 to 2.42.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.42.1...v2.42.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:21:36 +01:00
d24cbae39a build(deps-dev): bump @typescript-eslint/parser in /web (#656)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.18.0 to 4.19.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.19.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:21:24 +01:00
480113e080 build(deps): bump boto3 from 1.17.33 to 1.17.34 (#657)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.33 to 1.17.34.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.33...1.17.34)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:20:22 +01:00
3167426b53 build(deps): bump react and react-dom in /website (#658)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together.

Updates `react` from 17.0.1 to 17.0.2
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.2/packages/react)

Updates `react-dom` from 17.0.1 to 17.0.2
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.2/packages/react-dom)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:20:03 +01:00
863124efbb web: fix UserChart not showing authorizations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 23:15:38 +01:00
80cc0fcc61 tests: use dex from ghcr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 22:27:57 +01:00
ddf09a4cf5 web: fix styling during initial challenge load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:49:11 +01:00
012a045c8e web: make default background-color darker to prevent flashbang
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:48:58 +01:00
145ef8b071 ci: start postgres for pylint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:10:38 +01:00
3157bf63a6 root: upgrade to pylint 2.7
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:03:33 +01:00
e202fd988b root: update to isort 5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 19:53:10 +01:00
8155d88db7 root: update linters, remove prospector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 19:52:51 +01:00
6ce3d2916b web: remove version from queryargs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 18:30:04 +01:00
450bb9040d web: fix pluralisation in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 17:08:41 +01:00
4f8b882554 web: copy static assets only once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 14:54:12 +01:00
8a451bb5f6 web: fix FlowExecutor not setting title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 14:39:51 +01:00
fe7f23238c Static SPA (#648)
* core: initial migration to /if

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: move jsi18n to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix static URLs in tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add new html files to rollup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix rollup config and nginx config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add Impersonation support to user API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add banner for impersonation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix test_user function for new User API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add background to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: set background from flow API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: make root view login_required for redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: redirect to root-redirect instead of if-admin direct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add header to prevent Authorization Basic prompt in browser

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: redirect to root when user/me request fails

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 13:44:17 +01:00
936e2fb4e2 build(deps): bump @sentry/browser from 6.2.2 to 6.2.3 in /web (#651) 2021-03-22 10:39:13 +01:00
bb743a4d30 build(deps): bump github.com/go-openapi/runtime from 0.19.26 to 0.19.27 in /outpost (#653) 2021-03-22 10:38:54 +01:00
3238c85514 build(deps): bump rollup from 2.41.5 to 2.42.1 in /web (#649) 2021-03-22 08:29:01 +01:00
e2c0fa8d8a build(deps): bump codemirror from 5.59.4 to 5.60.0 in /web (#650) 2021-03-22 08:28:52 +01:00
50f946e4a7 build(deps): bump @sentry/tracing from 6.2.2 to 6.2.3 in /web (#652) 2021-03-22 08:28:03 +01:00
556a0d5d84 web: wrap hidden inputs in form to prevent warning
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 18:19:20 +01:00
25c82d80f5 flows: use full ShadowDom for flowContainer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 17:51:23 +01:00
7e47906475 api: add Footer links to config API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 17:35:00 +01:00
24ac6d2c25 stages/authenticator_webauthn: prefer Biometrics over security key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 16:52:14 +01:00
68449a0d21 web: fix buttons being shown over ak-loading backdrop
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 15:01:48 +01:00
bb9fbb55b6 core: use a single column for flow executor flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 14:53:02 +01:00
c834f0a372 stages/authenticator_webauthn: explicitly allow cross-platform devices for iOS/safari
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 00:10:07 +01:00
1414322f71 root: optimise images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 23:35:05 +01:00
17f46c291b website: fix missmatching screenshots for admin page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 23:23:02 +01:00
18594c4886 web: fix WebAuthn not working when using the retry button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 23:17:41 +01:00
d906738097 web: create separate chunk for poly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 22:33:06 +01:00
43f19f78bb providers/oauth2: fix error when redirecting from an authorization error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 22:06:45 +01:00
3eacd8b754 web: fix SpinnerButton not showing successful status correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 20:47:53 +01:00
3d45956f15 web: fix display of scopes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 19:05:10 +01:00
fb20ae7e1a web: sort users by last_login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 18:39:12 +01:00
5c85c3315d web: add user info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:54:25 +01:00
d0529e76ba web: show user metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:30:10 +01:00
4c49209f71 core: add user metrics API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:30:01 +01:00
3668850e8f web: add user authorization codes and refresh codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 16:47:39 +01:00
4525a43e63 web: add initial user view page with consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 16:42:32 +01:00
077abdb602 web: remove gettext from icons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 16:36:54 +01:00
b6087c0f10 web: fix CodeMirror styles missing for SAML Source/Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 15:59:10 +01:00
972972a4d9 web: add Changelog Tab for sources and providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 15:52:57 +01:00
45a397bd77 web: fix card titles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 15:38:09 +01:00
f54cc79f6b website: add Authelia to comparsion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 11:52:41 +01:00
2cad208038 website: fix checkmarks on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 11:49:44 +01:00
f1a4754568 build(deps): bump rollup from 2.41.4 to 2.41.5 in /web (#647) 2021-03-19 11:31:13 +01:00
d8841911de website: use <ClientOnly> to prevent issues during SSR
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 23:41:20 +01:00
fe054136b1 website: add comparison based on vector.dev's site
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 22:09:54 +01:00
e7a8371cbb website: add sliders for light/dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 20:51:21 +01:00
d82dfc65b7 api: replace rest_framework browser with rapi-doc
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 20:35:12 +01:00
2de869d9c3 web: add ObjectChangelog element to show changelog for a single object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 18:12:04 +01:00
080282a0bc events: add better filters to event API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 18:11:38 +01:00
8242c139c2 events: use ExpiringModel with delta of 1 year for events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 17:10:59 +01:00
5b4c5d0f31 stages/consent: add API to get user's given consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 16:07:33 +01:00
9ad10863de providers/oauth2: add API for auth codes and refresh tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 15:59:38 +01:00
14f2522c3e events: improve logging for geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 15:16:43 +01:00
01fc63fc98 web: set document title on navigation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 14:48:02 +01:00
a57d524273 flows: add API for flow export
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 14:36:00 +01:00
93bd95436f admin: remove user enable/disable views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 13:09:00 +01:00
db9aa5d9dc admin: remove delete views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:40:28 +01:00
48443e3e09 web/pages: use DeleteForm for all lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:32:03 +01:00
dae60b5a08 *: replace ReadOnlyModelViewSet with List/Retrieve/Delete viewsets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:11:07 +01:00
013a192485 web: Improve error handling in deleteform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 11:16:13 +01:00
bc37480f0d web: simplify DeleteForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:49:01 +01:00
a95b6e0e61 web: implement initial DeleteForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:43:12 +01:00
ac78e3e2ec root: further cleanup in asgi logger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:27:52 +01:00
77a484e698 stages/*: fix warning for user settings API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:11:13 +01:00
f1f706dd0d web: migrate user settings to SPA
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:03:07 +01:00
a6123cfbe4 flows: add API for user's stage settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 00:33:12 +01:00
07142cab8b core: add API for user source settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 00:32:40 +01:00
9a27bc8627 web: build .d.ts files for API client in rollup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:55:26 +01:00
e6cb60b793 web/siteshell: fix missing stylesheets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:26:51 +01:00
706ffb56f7 web/pages/library: fix layout for applications without icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:25:11 +01:00
8cadee28c1 web: don't navigate on siteshell failure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:23:35 +01:00
ef58020fd4 web: move MessageContainer to document
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:23:24 +01:00
a54fa7c9b1 web: fix display issues with challenges using pending_user_avatar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:19:31 +01:00
a8d411a77b outposts: fix integration test failing occasionally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:02:13 +01:00
5f6f5dbfc4 web: revert to use full pf in skeleton to improve FMP
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 21:20:47 +01:00
aeb4b6b412 outposts: update go.sum
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:49:51 +01:00
9efc4dec18 web: fix syntax for expires directive
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:38:23 +01:00
7b826b696c root: add nginx to bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:38:13 +01:00
b1c21c405a outpost: bump recws to 1.3.1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:27:53 +01:00
cd1218c78e Merge branch 'master' into next 2021-03-17 20:09:47 +01:00
a8c1fd1e4e web: fix styling for flow stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:07:03 +01:00
14d990df7f web: replace pf-icon-arrow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:51:52 +01:00
93e8f9cb36 web: fix notification drawer, add button to show event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:49:08 +01:00
04d2e769bb web: fix codemirror not being loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:30:33 +01:00
5b0d875a42 admin: re-add property-mapping test template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:28:45 +01:00
820f4be02f web: fix application view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:28:36 +01:00
0ef040e5b6 web: fix provider view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:18:15 +01:00
d2bbf2965d web: fix source pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:03:53 +01:00
bf32cf3265 web: add fullHeight toggle to empty state, add dark empty state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:49:55 +01:00
5f0192ee48 web: fix dark mode for admin overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:38:39 +01:00
91e1ded3bf web: fix border-colour for expanded table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:38:22 +01:00
c70f6e3122 events: fix Schema for query params for top_per_user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:33:12 +01:00
56260cd23f root: fix concurrency logging issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:20:00 +01:00
fdbb9803b5 web: fix search field on tablepages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:00:26 +01:00
83abc20300 web: fix library display
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:00:17 +01:00
88cf0b2cdc web: move colour styles to css file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 17:51:24 +01:00
16950dbc54 web: fix missing notification trigger icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 17:38:41 +01:00
43bf9e6c21 web: remove common_styles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 17:29:51 +01:00
2698d9d23a web: remove COMMON_STYLES from message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 13:23:33 +01:00
6eb0583eeb web: move form element
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 12:11:56 +01:00
49f140e9bc build(deps): bump @docusaurus/preset-classic in /website (#644)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.71 to 2.0.0-alpha.72.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.72/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:25:03 +01:00
9ddc10431a build(deps): bump github.com/recws-org/recws in /outpost (#645)
Bumps [github.com/recws-org/recws](https://github.com/recws-org/recws) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/recws-org/recws/releases)
- [Commits](https://github.com/recws-org/recws/compare/v1.2.1...v1.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:23:08 +01:00
cad1c9eae6 build(deps): bump @fortawesome/fontawesome-free in /web (#642)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.2 to 5.15.3.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.2...5.15.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:22:54 +01:00
a6708594bb build(deps): bump rollup from 2.41.2 to 2.41.4 in /web (#643)
Bumps [rollup](https://github.com/rollup/rollup) from 2.41.2 to 2.41.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.41.2...v2.41.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:22:46 +01:00
14027e2fc6 build(deps): bump @docusaurus/core in /website (#646)
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 2.0.0-alpha.71 to 2.0.0-alpha.72.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.72/packages/docusaurus)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:21:37 +01:00
cf519f48e7 ci: ensure dist exists before client gen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 00:47:23 +01:00
eb884f7ef7 ci: ensure dist exists before client gen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 00:18:37 +01:00
9902a11621 web: fix path for artefacts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 22:42:15 +01:00
abbec501f7 web: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 22:31:48 +01:00
67629ce0b7 web: load missing flow css files and adopt them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 22:02:58 +01:00
5f024eb1f7 web: use API as dedicated module
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 21:32:39 +01:00
db99225c65 web: add default icon for empty state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 20:39:07 +01:00
6717f2a68d web: fix missing copy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 20:12:07 +01:00
56a7e1e2f0 web: fix size for spinner on table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 20:08:25 +01:00
e434b0233a docs: add changelog for 2021.3.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 19:48:30 +01:00
4b33971155 release: 2021.3.4 2021-03-16 19:17:50 +01:00
9e71287c25 Merge branch 'next' into version-2021.3 2021-03-16 19:12:55 +01:00
9784c6c828 tests/e2e: fix checks for ak-sidebar since ak-interface uses shadowdom now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 18:38:17 +01:00
732b6a3556 root: fix typo in bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:45:56 +01:00
dc1e17ba0c Merge branch 'master' into version-2021.3 2021-03-16 17:38:39 +01:00
f05d5973af root: fix typo in bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:38:34 +01:00
deb48487f3 root: fix typo in bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:38:01 +01:00
78f3abc64f web: use sections in sidebar, adjust colouring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:34:19 +01:00
e45bc3834a web: use ShadowDom for all elements, embed smaller CSS in skeleton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:24:02 +01:00
0d9db1b6f2 web: use chunking for vendor and api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:00:02 +01:00
ce555aa5e9 root: fix hash for docker build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 16:45:53 +01:00
07ca82e599 admin: include git build hash in gh-* tags and show build hash in admin overview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:42:01 +01:00
a9339589bb web: fix outpost health display
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:02:50 +01:00
c8ed650f1c web: fix system task index
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:02:04 +01:00
cd78d8d3fa build(deps-dev): bump @typescript-eslint/parser in /web (#640)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.17.0 to 4.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.18.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 12:09:00 +01:00
7fdc935fb9 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#641)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.17.0 to 4.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.18.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 11:50:18 +01:00
c8069325b3 build(deps): bump rollup from 2.41.1 to 2.41.2 in /web (#637)
Bumps [rollup](https://github.com/rollup/rollup) from 2.41.1 to 2.41.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.41.1...v2.41.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 10:17:54 +01:00
9d08e02fe1 build(deps-dev): bump eslint from 7.21.0 to 7.22.0 in /web (#638)
Bumps [eslint](https://github.com/eslint/eslint) from 7.21.0 to 7.22.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.21.0...v7.22.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 10:17:42 +01:00
a11ea598a2 build(deps): bump react and react-dom in /website (#639)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together.

Updates `react` from 16.14.0 to 17.0.1
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.1/packages/react)

Updates `react-dom` from 16.14.0 to 17.0.1
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.1/packages/react-dom)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 10:17:27 +01:00
2713b05e8c Merge branch 'master' into version-2021.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	docker-compose.yml
#	helm/README.md
#	web/src/authentik.css
#	web/src/flows/FlowExecutor.ts
#	web/src/flows/stages/identification/IdentificationStage.ts
#	website/docs/installation/kubernetes.md
2021-03-13 21:36:17 +01:00
fef5a5ca52 Merge branch 'master' into next 2021-03-13 21:27:51 +01:00
9d339d8b11 policies: fix error when clearing policy cache when no policies are cached
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-13 21:10:13 +01:00
4e86aa3f59 sources/oauth: fix error on user enrollment when no enrollment flow is defined
fixes #636

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-13 21:08:31 +01:00
221e4b665c docs: add beta opt-in docs 2021-03-12 18:04:42 +01:00
e67f235a9f website: add docs for compose configuration options 2021-03-12 16:43:31 +01:00
741ebbacca Merge branch 'master' into next 2021-03-12 12:41:34 +01:00
b63b789f77 web: prevent duplicate messages 2021-03-12 12:41:17 +01:00
a63702ef90 web: add close button to messages 2021-03-12 12:27:57 +01:00
a4a4550753 Merge branch 'master' into next 2021-03-12 10:06:38 +01:00
fd864655f6 build(deps): bump @sentry/tracing from 6.2.1 to 6.2.2 in /web (#633) 2021-03-12 09:02:44 +01:00
c1da09507a build(deps): bump rollup from 2.41.0 to 2.41.1 in /web (#632) 2021-03-12 09:01:53 +01:00
ed2ea220bf build(deps): bump boto3 from 1.17.25 to 1.17.26 (#634) 2021-03-12 09:01:25 +01:00
7738cbe751 build(deps): bump golang from 1.16.1 to 1.16.2 in /outpost (#635) 2021-03-12 09:01:16 +01:00
bf16ea3607 build(deps): bump @sentry/browser from 6.2.1 to 6.2.2 in /web (#631) 2021-03-12 09:00:10 +01:00
d6f44e069c docs: add notice for launch URL for vcenter 7u2 2021-03-11 22:17:16 +01:00
899cf392f4 web: improve compatibility with password managers 2021-03-11 22:04:59 +01:00
d99451b45c outposts: improve logs for outpost connection 2021-03-11 17:50:57 +01:00
5b31f8edf6 Merge branch 'master' into next
# Conflicts:
#	helm/templates/geoip-pvc.yaml
2021-03-11 17:43:28 +01:00
00235e039b helm: add initial geoip 2021-03-11 17:43:03 +01:00
2dfaef4220 helm: add initial geoip 2021-03-11 17:37:38 +01:00
13fceacfe4 root: add geoip config to docker-compose 2021-03-11 16:42:19 +01:00
f8dc32b387 events: don't fail on boot when geoip can't be opened 2021-03-11 16:38:14 +01:00
828f2f8b92 web: use loadingState for autosubmitStage 2021-03-11 15:39:59 +01:00
734399755d web: improve layout of expanded event info 2021-03-11 15:15:17 +01:00
d8f106b976 web: improve styling for application list 2021-03-11 10:56:22 +01:00
9a524dd671 web: show related edit button for bound stages and policies 2021-03-11 10:12:22 +01:00
0775296003 website: bump postcss 2021-03-11 09:57:33 +01:00
390534c14e build(deps): bump boto3 from 1.17.24 to 1.17.25 (#629)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.24 to 1.17.25.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.24...1.17.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-11 09:37:13 +01:00
2a644f64ad build(deps): bump golang from 1.16.0 to 1.16.1 in /outpost (#630)
Bumps golang from 1.16.0 to 1.16.1.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-11 09:36:39 +01:00
e0298141cf web: backport fix: add missing background filter
# Conflicts:
#	authentik/core/templates/login/base_full.html
2021-03-10 23:23:25 +01:00
df7119bb22 web: backport fix: add missing background filter 2021-03-10 23:22:39 +01:00
1d5bba831e root: add comment for error reporting to compose 2021-03-10 23:15:38 +01:00
0b4be70c00 web: fix path for fallback flow view 2021-03-10 23:15:25 +01:00
786737650b build(deps): bump @docusaurus/core in /website (#628)
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 2.0.0-alpha.70 to 2.0.0-alpha.71.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.71/packages/docusaurus)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:19:36 +01:00
54c80a2e1f build(deps-dev): bump rollup-plugin-minify-html-literals in /web (#624)
Bumps [rollup-plugin-minify-html-literals](https://github.com/asyncLiz/rollup-plugin-minify-html-literals) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/asyncLiz/rollup-plugin-minify-html-literals/releases)
- [Changelog](https://github.com/asyncLiz/rollup-plugin-minify-html-literals/blob/master/CHANGELOG.md)
- [Commits](https://github.com/asyncLiz/rollup-plugin-minify-html-literals/compare/v1.2.5...v1.2.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:14:16 +01:00
b376211a0e build(deps): bump boto3 from 1.17.23 to 1.17.24 (#625)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.23 to 1.17.24.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.23...1.17.24)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:13:53 +01:00
1990a3063e build(deps): bump github.com/sirupsen/logrus in /outpost (#627)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.0...v1.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:13:44 +01:00
5abf22ad8a build(deps): bump @docusaurus/preset-classic in /website (#626)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.70 to 2.0.0-alpha.71.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.71/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:13:35 +01:00
b7b87d87fc build(deps): bump @patternfly/patternfly from 4.87.3 to 4.90.5 in /web (#622)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.87.3 to 4.90.5.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.87.3...prerelease-v4.90.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:12:49 +01:00
20184424ab build(deps): bump rollup from 2.40.0 to 2.41.0 in /web (#623)
Bumps [rollup](https://github.com/rollup/rollup) from 2.40.0 to 2.41.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.40.0...v2.41.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:12:26 +01:00
d5de12b69e release: 2021.3.3 2021-03-09 18:03:53 +01:00
d1a3350085 release: 2021.3.3 2021-03-09 14:24:01 +01:00
e0b84c71a7 docs: add 2021.3.3 2021-03-09 14:23:48 +01:00
3bc1d6a690 web: fix Source icons not being displayed on firefox
# Conflicts:
#	web/src/elements/stages/identification/IdentificationStage.ts
2021-03-09 13:09:50 +01:00
786c74ef2c stages/authenticator_static: fix error when disable static tokens 2021-03-09 13:09:18 +01:00
3e9b5f5449 stages/authenticator_webauthn: add missing migration 2021-03-09 13:09:07 +01:00
5d071488d3 providers/oauth2: allow protected_resource_view when method is OPTIONS
# Conflicts:
#	authentik/providers/oauth2/views/provider.py
2021-03-09 13:08:33 +01:00
90d234a458 web: fix Colours for user settings in dark mode 2021-03-09 13:07:53 +01:00
0032bb6aee web: fix styling for static token list 2021-03-09 13:07:40 +01:00
6e6755d805 web: fix Flow executor not showing spinner when redirecting
# Conflicts:
#	web/src/pages/generic/FlowExecutor.ts
2021-03-09 13:07:32 +01:00
132b990f10 web: fix Source icons not being displayed on firefox 2021-03-09 13:06:17 +01:00
34a3d81eff stages/authenticator_*: add API for authenticator devices 2021-03-09 10:38:07 +01:00
43a4217497 web: add optional checkboxes to table 2021-03-09 10:38:07 +01:00
e0ec5826ca web: add edit button to LibraryView when user is superuser 2021-03-09 10:38:07 +01:00
5413a01360 web: fix drawer not updating after marking notification as seen 2021-03-09 10:38:07 +01:00
d9c3a29404 build(deps-dev): bump @typescript-eslint/parser in /web (#618)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.16.1 to 4.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.17.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 10:37:56 +01:00
bcce91476c build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#619)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.16.1 to 4.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.17.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 09:18:03 +01:00
56f0f454d0 build(deps): bump boto3 from 1.17.22 to 1.17.23 (#620)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.22 to 1.17.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.22...1.17.23)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 09:17:53 +01:00
25e63edf77 build(deps): bump defusedxml from 0.7.0 to 0.7.1 (#621) 2021-03-09 09:05:50 +01:00
d150851ff5 root: fix date settings 2021-03-08 15:24:11 +01:00
2e2840c71e helm: add service monitors 2021-03-08 13:02:02 +01:00
ff276fcc58 web: fix layout for search 2021-03-08 12:55:13 +01:00
2852fa3c5e web: use generated API Client (#616)
* api: fix types for config API

* api: remove broken swagger UI

* admin: re-fix system task enum

* events: make event optional

* events: fix Schema for notification transport test

* flows: use APIView for Flow Executor

* core: fix schema for Metrics APIs

* web: rewrite to use generated API client

* web: generate API Client in CI

* admin: use x_cord and y_cord to prevent yaml issues

* events: fix linting errors

* web: don't lint generated code

* core: fix fields not being required in TypeSerializer

* flows: fix missing permission_classes

* web: cleanup

* web: fix rendering of graph on Overview page

* web: cleanup imports

* core: fix missing background image filter

* flows: fix flows not advancing properly

* stages/*: fix warnings during get_challenge

* web: send Flow response as JSON instead of FormData

* web: fix styles for horizontal tabs

* web: add base chart class and custom chart for application view

* root: generate ts client for e2e tests

* web: don't attempt to connect to websocket in selenium tests

* web: fix UserTokenList not being included in the build

* web: fix styling for static token list

* web: fix CSRF Token missing

* stages/authenticator_static: fix error when disable static tokens

* core: fix display issue when updating user info

* web: fix Flow executor not showing spinner when redirecting
2021-03-08 11:14:00 +01:00
1c6d498621 web: fix Flow executor not showing spinner when redirecting
# Conflicts:
#	web/src/pages/generic/FlowExecutor.ts
2021-03-08 10:26:42 +01:00
3f0e4bb654 stages/authenticator_static: fix error when disable static tokens 2021-03-08 10:26:03 +01:00
a59d78a7c7 web: fix styling for static token list 2021-03-08 10:25:56 +01:00
0a24202f1e build(deps): bump boto3 from 1.17.21 to 1.17.22 (#617) 2021-03-08 07:45:40 +01:00
cbc86d674d web: fix Colours for user settings in dark mode 2021-03-06 23:00:29 +01:00
082628771b tests/integration: add more tests for docker outpost 2021-03-05 19:09:13 +01:00
93b50e7d6e tests/e2e: add tests for OIDC implicit flow 2021-03-05 17:18:50 +01:00
c6de4e47d7 providers/oauth2: allow protected_resource_view when method is OPTIONS 2021-03-05 16:57:37 +01:00
0e9e378bdf docs: update manual k8s outpost deployment 2021-03-05 15:30:41 +01:00
de4b3d6290 providers/oauth2: always set CORS headers on provider info view 2021-03-05 14:27:16 +01:00
56f75aecc7 docs: bump version of outpost in docs 2021-03-05 14:14:37 +01:00
0fe009d37c stages/authenticator_webauthn: add missing migration 2021-03-05 14:14:37 +01:00
49db283e71 build(deps): bump boto3 from 1.17.20 to 1.17.21 (#613)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.20 to 1.17.21.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.20...1.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 09:27:03 +01:00
7058366623 build(deps): bump defusedxml from 0.6.0 to 0.7.0 (#614)
Bumps [defusedxml](https://github.com/tiran/defusedxml) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/tiran/defusedxml/releases)
- [Changelog](https://github.com/tiran/defusedxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/tiran/defusedxml/compare/v0.6.0...v0.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 09:26:42 +01:00
ced45513b8 build(deps-dev): bump typescript from 4.2.2 to 4.2.3 in /web (#615)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 09:26:18 +01:00
15e15c9635 docs: add 2021.3.2 2021-03-04 09:40:27 +01:00
d53c82eee2 core: fix link on login template 2021-03-04 09:39:13 +01:00
e1e0b0cf7d release: 2021.3.2 2021-03-04 09:33:25 +01:00
33e013a59f build(deps): bump boto3 from 1.17.19 to 1.17.20 (#611)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.19 to 1.17.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.19...1.17.20)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-04 08:55:05 +01:00
96a74776f8 build(deps): bump sentry-sdk from 0.20.3 to 1.0.0 (#612)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.3 to 1.0.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.3...1.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-04 08:54:57 +01:00
bb63d08682 web: fix submit in Modal reloading page in firefox 2021-03-03 23:01:47 +01:00
32655567da sources/ldap: fix sync for Users without pwdLastSet 2021-03-03 22:54:05 +01:00
ff5f5f65e8 web: fix date display issue 2021-03-03 21:53:30 +01:00
1f97aa09fa docs: fix typos in release notes 2021-03-03 21:15:17 +01:00
32e5ebb8a3 release: 2021.3.1 2021-03-03 20:53:43 +01:00
597e00dd86 root: update bumpversion config 2021-03-03 20:53:38 +01:00
dd31191845 Merge branch 'master' into version-2021.3 2021-03-03 20:48:02 +01:00
e9d95b1311 docs: Add Wiki.js integration docs (#610)
* docs(wikijs): Add Wiki.js integration docs

* docs(wikijs): Add to sidebar.
2021-03-03 20:31:02 +01:00
3319547a0e outposts: improve error handling for kubernetes outpost 2021-03-03 20:27:38 +01:00
1a00730cdd core: cleanup output for backup task 2021-03-03 20:11:55 +01:00
466723573c api: fix types for config API 2021-03-03 20:05:43 +01:00
ea784d47f4 admin: fix mismatched Swagger schema 2021-03-03 17:44:47 +01:00
77d5ba2862 events: fix typo in events API 2021-03-03 16:54:59 +01:00
f4580a1097 api: remove legacy messages API as its WS only 2021-03-03 15:02:20 +01:00
9e3d1f0baa web: fix circular dependency 2021-03-03 11:38:30 +01:00
c002c4b610 api: make pagination required 2021-03-03 10:37:03 +01:00
dde5e910cf root: fix name of docker images 2021-03-03 10:36:46 +01:00
5218332bce web: improve error handing for fetch in AdminLoginChart 2021-03-03 10:06:54 +01:00
28cd08bbba core: make user settings use vertical tabs 2021-03-03 10:05:12 +01:00
3cb0575a1e root: fix swagger pagination not matching API 2021-03-03 09:28:22 +01:00
dc1c1b9569 build(deps): bump boto3 from 1.17.18 to 1.17.19 (#609) 2021-03-03 08:58:24 +01:00
662d117b66 root: replace ghcr with harbor for expiry 2021-03-03 00:07:42 +01:00
b2449757f9 web/stages/authenticator_validate: only show back button when multiple challenges 2021-03-02 22:30:21 +01:00
a0753bfc88 docs: add docs for deny stage 2021-03-02 22:25:28 +01:00
e2a771bdaa docs: update screenshot in captcha stage 2021-03-02 22:25:00 +01:00
23de9df2a5 stages/authenticator_validate: cleanup 2021-03-02 22:20:54 +01:00
5c739ebed2 docs: add authenticator_webauthn stage docs 2021-03-02 22:20:05 +01:00
d3f8d7120f docs: cleanup, add 2021.3 to sidebar 2021-03-02 22:10:54 +01:00
21fd251edf docs: add apache guacamole integration 2021-03-02 22:04:53 +01:00
28cededb90 docs: update integration for harbor 2021-03-02 21:49:04 +01:00
d420719649 release: 2021.3.1-rc2 2021-03-02 21:41:30 +01:00
0018fbacd3 Merge branch 'master' into version-2021.3
# Conflicts:
#	web/src/constants.ts
2021-03-02 21:39:30 +01:00
8c41d2f4cb stages/authenticator_webauthn: add views to update and delete devices 2021-03-02 21:26:31 +01:00
3941590d0c web: fix missing create buttons on user token list 2021-03-02 21:16:14 +01:00
dc4a7c35da core: fix errors on user token views 2021-03-02 21:16:03 +01:00
e8c9b70ae8 sources/ldap: check pwdLastSet when syncing Users 2021-03-02 21:05:02 +01:00
74d240dfd4 admin: use spinner-button for modal forms 2021-03-02 20:37:23 +01:00
7d296b2119 root: align image on readme 2021-03-02 17:00:36 +01:00
373793ce9a policies: show more information when provider fails to resolve application 2021-03-02 16:58:55 +01:00
5c0ec7554b web: fix lists not being paginated 2021-03-02 15:12:26 +01:00
792fa45dca providers/oauth2: add logout URL to Setup URLs API 2021-03-02 15:11:18 +01:00
743aaea15e policies: improve logging 2021-03-02 15:04:31 +01:00
de03ed0aec web: fix background for shell without flow executor 2021-03-02 15:04:14 +01:00
e68ec16a34 web: improve display of notification age 2021-03-02 15:03:58 +01:00
68a0219d0f docs: update debug screenshot 2021-03-02 13:29:09 +01:00
38d9533afd root: update screenshots 2021-03-02 12:15:32 +01:00
7538af5e09 docs: fix download links for compose 2021-03-02 10:07:46 +01:00
2e659c1ab0 release: 2021.3.1-rc1 2021-03-02 09:41:09 +01:00
ad0cc5f0be Merge branch 'master' into version-2021.3 2021-03-02 09:41:00 +01:00
7ae9482e7b web: fix mismatched version 2021-03-02 09:40:43 +01:00
7fb95dfabf stages/password: improve logging 2021-03-02 09:40:32 +01:00
83cc5d24f2 stages/password: improve logging 2021-03-02 09:30:29 +01:00
38b3096c9a build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#603)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.15.2 to 4.16.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.16.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:20:53 +01:00
df8f21e559 build(deps): bump @sentry/tracing from 6.2.0 to 6.2.1 in /web (#604)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.0...6.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:20:45 +01:00
f4979fcf19 build(deps-dev): bump @typescript-eslint/parser in /web (#605)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.15.2 to 4.16.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.16.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:13:01 +01:00
431b7375c1 build(deps): bump @sentry/browser from 6.2.0 to 6.2.1 in /web (#606)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.0...6.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:12:45 +01:00
a6627145c8 build(deps): bump boto3 from 1.17.17 to 1.17.18 (#607)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.17 to 1.17.18.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.17...1.17.18)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:12:28 +01:00
3045cf1aef web: make user password-reset button use action button 2021-03-01 20:41:54 +01:00
c65b2944b3 stages/reputation: add API for user and IP Score 2021-03-01 20:22:37 +01:00
2ae5a81c15 stages/deny: add deny stage 2021-03-01 20:16:54 +01:00
ed8b78600e stages/authenticator_validate: add configuration stage to configure Authenticator 2021-03-01 19:23:59 +01:00
644a03e40e lib: don't order_by on widget because PolicyBindingModel, order in form 2021-03-01 19:23:09 +01:00
88ce93ab04 policies: fix tests creating policies with empty names 2021-03-01 19:22:35 +01:00
8878dc61d3 web: Add Policy create button to BoundPoliciesList 2021-03-01 18:34:36 +01:00
03d38557e5 stages/*: simplify __str__ of classes 2021-03-01 18:30:47 +01:00
37b59bb5b9 lib: sort GroupedModelChoiceField by name
closes #602
2021-03-01 18:30:27 +01:00
19eea68e0f web: use vertical list for related application links 2021-03-01 17:23:00 +01:00
ce7aae16c9 stages/password: fix ?next param for password change 2021-03-01 17:17:44 +01:00
fd9ba97479 core: remove source's ui_additional_info 2021-03-01 16:57:51 +01:00
919debdd13 root: lock twisted to 20.3.0 whilst its causing issues with uvloop 2021-03-01 16:26:05 +01:00
36690de285 root: push PR and branch images to GHCR (#601) 2021-03-01 12:04:56 +01:00
ca4ead8fd8 events: fix event creation with anonymous user 2021-03-01 12:04:27 +01:00
a81f981471 lib: fix being unable to set authentik. options 2021-03-01 11:11:00 +01:00
d6fd2b0afa sources/saml: add Metadata API 2021-03-01 10:50:45 +01:00
0478ae3da8 web: add missing SAML Source display page 2021-03-01 10:49:00 +01:00
9c33f4858f web: fix more height issues and sidebar not correctly activating 2021-03-01 10:32:25 +01:00
f2eaa9052e build(deps-dev): bump coverage from 5.4 to 5.5 (#598)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.4 to 5.5.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.4...coverage-5.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 09:01:08 +01:00
21d0641110 build(deps): bump rollup from 2.39.1 to 2.40.0 in /web (#599)
Bumps [rollup](https://github.com/rollup/rollup) from 2.39.1 to 2.40.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.39.1...v2.40.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 09:00:39 +01:00
67d05f99e9 build(deps-dev): bump eslint from 7.20.0 to 7.21.0 in /web (#600)
Bumps [eslint](https://github.com/eslint/eslint) from 7.20.0 to 7.21.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.20.0...v7.21.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 09:00:31 +01:00
21d6a28715 root: fix branch Name extraction to work on non PRs 2021-02-28 14:24:16 +01:00
1149a8d9a4 flows: fix tests for diagram 2021-02-28 11:01:34 +01:00
5e98172afb website/docs: update next docs 2021-02-28 10:44:00 +01:00
9b3e94c7c8 flows: fix flow diagram showing policy after stage and not before 2021-02-28 10:28:37 +01:00
30a1b65e94 web: fix BoundPoliciesList not showing policy correctly 2021-02-28 10:19:19 +01:00
9bb46ecb88 build(deps): bump boto3 from 1.17.16 to 1.17.17 (#597) 2021-02-28 09:47:31 +01:00
269e6c4f38 Merge pull request #564 from BeryJu/stage-challenge 2021-02-28 01:30:52 +01:00
7f65ae3f92 Merge branch 'master' into stage-challenge
# Conflicts:
#	web/package-lock.json
2021-02-28 00:47:18 +01:00
ee6b365003 tests/e2e: fix SAML source tests 2021-02-28 00:30:33 +01:00
2ad4bd5c0a tests/e2e: fix oauth source tests 2021-02-28 00:27:18 +01:00
0958740b51 providers/saml: fix Autosubmit Challenge 2021-02-28 00:09:08 +01:00
9cdfd8b75a tests/e2e: fix other provider tests 2021-02-28 00:08:57 +01:00
3c8a0081bc tests/e2e: fix more test, add requirements for crypto 2021-02-27 23:33:15 +01:00
088e0e736a tests/e2e: fix more tests, cleanup 2021-02-27 22:57:15 +01:00
cbb0681f95 web/stages/consent: use data- attribute for permission id 2021-02-27 22:54:20 +01:00
55c408a8bf tests/e2e: replace apply_default_data with @apply_migration decorator 2021-02-27 22:32:48 +01:00
07379acf7f tests/e2e: fix enroll tests 2021-02-27 22:09:40 +01:00
a1af93f8be web: disable CaptureConsoleIntegration 2021-02-27 22:09:10 +01:00
b9a9da4ec7 web/stages/prompt: render later so fields aren't cached 2021-02-27 21:05:20 +01:00
05a5b5b675 stages/prompt: fix fields not being sorted correctly 2021-02-27 21:03:57 +01:00
0fb17eee43 web: fix URLs for clear buttons 2021-02-27 21:00:55 +01:00
a1474e09e5 website/docs: fix type for username input 2021-02-27 21:00:42 +01:00
a33c7d7786 web: fix admin url for Prompt 2021-02-27 21:00:33 +01:00
c08d9762d9 web: add button to edit stage on flow BoundStageList 2021-02-27 20:45:59 +01:00
d43e6e5736 web: fix styling on dark mode for band on flow 2021-02-27 20:45:46 +01:00
380786bfde tests/e2e: fix URLs, use self.login() 2021-02-27 19:02:29 +01:00
ffcf064f83 Merge branch 'version-2021.2'
# Conflicts:
#	authentik/policies/group_membership/forms.py
#	web/package.json
#	web/src/constants.ts
#	web/src/elements/buttons/TokenCopyButton.ts
2021-02-27 18:29:30 +01:00
252718bbaf docs: add changelog for 2021.2.6 2021-02-27 18:18:36 +01:00
5725e54334 release: 2021.2.6-stable 2021-02-27 18:16:46 +01:00
c20856ca17 web: fix colourstyles not being included in common_styles
# Conflicts:
#	authentik/events/geo.py
#	web/src/elements/buttons/TokenCopyButton.ts
2021-02-27 18:16:32 +01:00
402afa1e85 Merge branch 'master' into stage-challenge
# Conflicts:
#	web/src/elements/buttons/SpinnerButton.ts
2021-02-27 18:10:08 +01:00
5b4e75000b web: fix colourstyles not being included in common_styles 2021-02-27 17:38:21 +01:00
9c73e9cf4e web: fix colourstyles not being included in common_styles
# Conflicts:
#	authentik/events/geo.py
#	web/src/elements/buttons/TokenCopyButton.ts
2021-02-27 17:36:07 +01:00
b10c3db13d web: add sentry CaptureConsole
# Conflicts:
#	web/package.json
2021-02-27 17:19:43 +01:00
1a052913e9 web: add sentry CaptureConsole 2021-02-27 17:18:42 +01:00
e930a1d0dc root: run ci on version-* branches 2021-02-27 17:07:11 +01:00
fe290aa214 sources/ldap: fix password setter on users which are not LDAP 2021-02-27 17:04:16 +01:00
a2e69bd250 sources/ldap: fix API error when source has not synced yet 2021-02-27 17:04:16 +01:00
d2a35eb8de admin: fix missing success_url for clean views 2021-02-27 17:04:16 +01:00
3437d8b4b0 flows: handle error when app cannot be found during import 2021-02-27 17:04:16 +01:00
b862bf4284 providers/oauth2: fix error when no login event could be found 2021-02-27 17:04:16 +01:00
de22a367b1 events: fix error when event can't be loaded into rule task 2021-02-27 17:04:15 +01:00
17ab895652 flows: fix glob pattern for doc flows 2021-02-27 17:04:06 +01:00
a4d5815e1b policies: sort groups in groupmembership policy and binding
closes #595

# Conflicts:
#	authentik/policies/group_membership/forms.py
2021-02-27 17:02:34 +01:00
4cbfaaa72b sources/ldap: fix password setter on users which are not LDAP 2021-02-27 16:49:59 +01:00
92943f08d9 sources/ldap: fix API error when source has not synced yet 2021-02-27 16:29:36 +01:00
10ef1c7e93 admin: fix missing success_url for clean views 2021-02-27 16:27:42 +01:00
02c762c268 flows: handle error when app cannot be found during import 2021-02-27 16:26:06 +01:00
bbf0ca92af website/flows: fix default value for session_duration 2021-02-27 16:09:58 +01:00
d2dfc6d63b Merge branch 'master' into stage-challenge 2021-02-27 16:04:57 +01:00
a18240fcd7 providers/oauth2: fix error when no login event could be found 2021-02-27 16:02:07 +01:00
d36e5dccf9 docs: add docs for recovery keys 2021-02-27 16:00:05 +01:00
9af1d6f63b events: fix error when event can't be loaded into rule task 2021-02-27 15:22:43 +01:00
ab6d46558b docs: remove dummy stage 2021-02-27 15:20:33 +01:00
e94abfc986 flows: fix glob pattern for doc flows 2021-02-27 13:23:16 +01:00
5c652c1f79 policies: sort groups in groupmembership policy and binding
closes #595
2021-02-27 13:19:38 +01:00
89aa0f0cc8 Merge branch 'master' into stage-challenge 2021-02-27 13:14:38 +01:00
085589bcec docs(exampleFlows): Rename pbflow to akflow (#596)
* docs(exampleFlows): Rename enrollment-2-stage.pbflow

* docs(exampleFlows): Rename enrollment-email-verification.pbflow

* docs(exampleFlows): Rename login-2fa.pbflow

* docs(exampleFlows): Rename login-conditional-captcha.pbflow

* docs(exampleFlows): Rename recovery-email-verification.pbflow

* docs(exampleFlows): Rename unenrollment.pbflow

* docs(exampleFlows): Fix links.
2021-02-27 13:11:41 +01:00
95d0d6f3e8 tests/e2e: add login method 2021-02-26 16:47:01 +01:00
c62ef4ae81 stages/identification: don't pass entire application 2021-02-26 16:44:45 +01:00
3df81ca6f0 root: don't use failfast 2021-02-26 15:39:50 +01:00
578326eccd tests/e2e: don't use reverse for self.shell_url 2021-02-26 15:13:31 +01:00
2335ccddaa root: add fallback URL for websocket 2021-02-26 15:12:58 +01:00
477e30f542 core: fix path for blank avatar when avatars are disabled 2021-02-26 15:07:30 +01:00
7bf3d7e10a Merge branch 'master' into stage-challenge
# Conflicts:
#	Pipfile.lock
2021-02-26 12:02:49 +01:00
1bef659b10 stages/captcha: remove dependency on captcha app 2021-02-26 10:13:58 +01:00
e3f7bd8ab8 build(deps): bump @types/chart.js from 2.9.30 to 2.9.31 in /web (#593)
Bumps [@types/chart.js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chart.js) from 2.9.30 to 2.9.31.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chart.js)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-26 09:25:55 +01:00
45c731de3c build(deps): bump boto3 from 1.17.15 to 1.17.16 (#594)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.15 to 1.17.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.15...1.17.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-26 09:25:44 +01:00
535770abbd tests/e2e: fix authenticator tests 2021-02-25 22:54:39 +01:00
eccea8eba0 web/stages/authenticator_totp: fix enter button triggering copy button 2021-02-25 22:43:42 +01:00
ab200a1dfb web: add hidden input with totp config url 2021-02-25 21:43:00 +01:00
ca122b20c9 web: fix spacing for messages 2021-02-25 21:23:31 +01:00
74b407ebc7 web: add button to copy TOTP URL
closes #591
2021-02-25 21:22:57 +01:00
fbf2fe2404 stages/authenticator_validate: fix webauthn validation 2021-02-25 21:00:32 +01:00
b968adffc1 stages/authenticator_totp: fix error when disabling device 2021-02-25 21:00:18 +01:00
c275992f7b web: re-enable fallback to siteshell for now 2021-02-25 20:55:22 +01:00
4e2c686db1 Merge branch 'master' into stage-challenge
# Conflicts:
#	Pipfile.lock
2021-02-25 20:13:17 +01:00
bfc69562d8 root: remove qr and captcha from backend dependencies 2021-02-25 20:06:20 +01:00
9e6a7bf16b stages/captcha: migrated to SPA 2021-02-25 19:58:38 +01:00
890e0e9054 *: remove unused templates and code, move avatar to User model 2021-02-25 19:58:23 +01:00
cf7e7c44ff stages/password: fix recovery link not being shown in SPA 2021-02-25 15:09:48 +01:00
0f169f176d stages/authenticator_validate: implement validation, add button to go back to device picker 2021-02-25 12:07:32 +01:00
429fc921b1 build(deps): bump codemirror from 5.59.3 to 5.59.4 in /web (#590)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.3 to 5.59.4.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.3...5.59.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-25 09:18:15 +01:00
e7a9a41a2f build(deps): bump boto3 from 1.17.14 to 1.17.15 (#589)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.14 to 1.17.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.14...1.17.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-25 09:18:02 +01:00
d1c24f47b2 build(deps): bump docker from 4.4.3 to 4.4.4 (#588)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.3 to 4.4.4.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.3...4.4.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-25 09:17:45 +01:00
007676b400 stages/authenticator_validate: fix post from code form 2021-02-24 20:39:39 +01:00
c0c235bead helm: fix initialDelaySeconds 2021-02-24 19:39:35 +01:00
a3aacb5285 docs: add 2021.2.5 2021-02-24 10:22:55 +01:00
5977c09b05 Merge branch 'version-2021.2'
# Conflicts:
#	authentik/admin/templates/administration/policy/list.html
#	web/src/pages/outposts/OutpostListPage.ts
2021-02-24 10:20:48 +01:00
e81d3dad3e release: 2021.2.5-stable 2021-02-24 09:54:06 +01:00
5aabaebd96 root: fix request_id not being logged for actual asgi requests 2021-02-24 09:45:52 +01:00
7b60bca297 web: fix SiteShell breaking links when handlers are updated twice 2021-02-24 09:45:08 +01:00
a07d7456c8 web: fix outpost edit/delete buttons 2021-02-24 09:44:55 +01:00
f33369bf0c helm: add initial wait for healthcheck 2021-02-24 09:44:39 +01:00
1abcff39c7 outpost: improve logging output, ensure fields match api server 2021-02-24 09:44:24 +01:00
c1caf84d92 events: fix user QuerySet being passed 2021-02-24 09:44:05 +01:00
86c069fe64 admin: fix policy list not having a refresh button 2021-02-24 09:43:57 +01:00
ce0140ef67 events: pass Event's user to Notification policy engine when present 2021-02-24 09:43:50 +01:00
bba43c5109 sources/oauth: fix buttons not being ak-root-link 2021-02-24 09:23:44 +01:00
d99a415502 web: fix library not being full height, again 2021-02-24 09:23:40 +01:00
9049593ff5 sources/oauth: fix buttons not being ak-root-link 2021-02-24 09:23:19 +01:00
e74c098b7a web: fix library not being full height, again 2021-02-24 09:21:16 +01:00
d06a44378d build(deps): bump boto3 from 1.17.13 to 1.17.14 (#586)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.13 to 1.17.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.13...1.17.14)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-24 09:13:20 +01:00
0a8da376fc build(deps-dev): bump typescript from 4.1.5 to 4.2.2 in /web (#587)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.5 to 4.2.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-24 09:13:07 +01:00
2a0f940a42 Merge branch 'master' into stage-challenge 2021-02-23 23:43:51 +01:00
8aa067795a web: replace default flow background for 2021.3 2021-02-23 23:43:37 +01:00
3cdb81c5ba stages/authenticator_validate: create challenge per device, implement class switcher 2021-02-23 23:43:13 +01:00
e8259791f0 stages/authenticator_webauthn: fix rp_id and origin generation 2021-02-23 23:39:00 +01:00
55af786852 Merge branch 'master' into stage-challenge 2021-02-23 23:17:03 +01:00
8a916602c4 docs: update for 2021.2.4-stable 2021-02-23 23:16:32 +01:00
7101c7987c Merge branch 'version-2021.2' 2021-02-23 23:02:05 +01:00
bd48955f39 release: 2021.2.4-stable 2021-02-23 23:00:43 +01:00
53adcd9157 core: fix user-settings not loading sources 2021-02-23 22:55:08 +01:00
c5a2bb8914 admin: fix success_urls 2021-02-23 22:55:01 +01:00
66e5958283 core: fix user-settings not loading sources 2021-02-23 22:53:17 +01:00
9db445c3ee admin: fix success_urls 2021-02-23 22:53:05 +01:00
574438b51e web: fix /-/user/ not loading 2021-02-23 22:46:11 +01:00
a05885140d Merge branch 'master' into stage-challenge 2021-02-23 18:27:04 +01:00
8878fac4e7 stages/authenticator_validate: send challenge for each device 2021-02-23 18:25:58 +01:00
7ee97a961c build(deps): bump github.com/getsentry/sentry-go in /outpost (#584)
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.9.0...v0.10.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:25:52 +01:00
737ff62e92 build(deps): bump golang from 1.15 to 1.16.0 in /outpost (#582)
Bumps golang from 1.15 to 1.16.0.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:19:31 +01:00
07ada5a1b7 build(deps): bump rollup from 2.39.0 to 2.39.1 in /web (#583)
Bumps [rollup](https://github.com/rollup/rollup) from 2.39.0 to 2.39.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.39.0...v2.39.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:19:24 +01:00
8caeed6b18 build(deps): bump github.com/sirupsen/logrus in /outpost (#585)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.7.0...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:19:10 +01:00
b5adff5327 root: fix paths for dependabot 2021-02-23 15:20:10 +01:00
3894895d32 stages/authenticator_validate: start rewrite to SPA 2021-02-23 13:50:47 +01:00
7f53c97fb2 Merge branch 'master' into stage-challenge 2021-02-23 13:18:35 +01:00
44bd4b9511 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#580)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.15.1 to 4.15.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.2/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 10:17:21 +01:00
2a1b5e0154 docs: add hardware requirements to docker-compose 2021-02-23 09:46:07 +01:00
8c0d48fe0a build(deps): bump boto3 from 1.17.12 to 1.17.13 (#579)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.12 to 1.17.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.12...1.17.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 09:25:56 +01:00
0863e60d29 build(deps-dev): bump @typescript-eslint/parser in /web (#581)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.15.1 to 4.15.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.2/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 09:25:36 +01:00
451c117ea4 stages/authenticator_webauthn: fix incorrect response being sent 2021-02-22 19:54:05 +01:00
388c8c8bec web: fix autofocus in ak-form-element 2021-02-22 19:26:50 +01:00
5904070bb2 flows: add ensure_csrf_cookie() to flow shell view 2021-02-22 18:42:15 +01:00
35ac87ec10 Merge branch 'master' into stage-challenge 2021-02-22 17:42:12 +01:00
8f8c2a291b root: add discord badge to readme 2021-02-22 17:27:16 +01:00
592a2dcede build(deps): bump codemirror from 5.59.2 to 5.59.3 in /web (#577)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.2 to 5.59.3.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.2...5.59.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:44:18 +01:00
a3221475e5 build(deps): bump boto3 from 1.17.11 to 1.17.12 (#575)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.11 to 1.17.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.11...1.17.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:44:10 +01:00
25f5031422 build(deps): bump django from 3.1.6 to 3.1.7 (#574)
Bumps [django](https://github.com/django/django) from 3.1.6 to 3.1.7.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.6...3.1.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:44:02 +01:00
63b94263af build(deps): bump uvicorn from 0.13.3 to 0.13.4 (#576)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.3...0.13.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:43:52 +01:00
217595bb01 tests: start fixing selenium tests 2021-02-21 23:39:02 +01:00
2dd8119abe web: fix linting 2021-02-21 23:26:16 +01:00
20e0fe3941 web: move ak-form-element to separate file 2021-02-21 23:09:08 +01:00
0fa97de06e web/stages: fix cancel URL 2021-02-21 22:10:32 +01:00
38da13fea3 web: use ak-spinner everywhere 2021-02-21 22:01:48 +01:00
fb9880bff4 web: add loading animation to flowexecutor 2021-02-21 22:01:35 +01:00
acc790f590 stages/authenticator_webauthn: fix formatting of card 2021-02-21 21:42:40 +01:00
76c572cf7c stages/authenticator_webauthn: migrate to SPA 2021-02-21 20:53:23 +01:00
0904fea109 flows: fix migration for e2e tests 2021-02-21 20:47:23 +01:00
6df89e7abf stages/authenticator_static: migrate to SPA 2021-02-21 19:34:49 +01:00
21afda6dc2 stages/authenticator_totp: migrate to SPA 2021-02-21 19:10:50 +01:00
74c0ed27ba web: fix /-/user/ not loading 2021-02-21 19:03:43 +01:00
dc680a3385 flows: set pending_user in ChallengeStageView 2021-02-21 18:58:08 +01:00
88e5b22d16 flows: add get_pending_user() for WithUserInfoChallenge 2021-02-21 18:35:21 +01:00
27cd10e072 stages/prompt: migrate to SPA 2021-02-21 18:27:34 +01:00
d35f524865 core: remove old templates 2021-02-21 14:59:37 +01:00
ca223fa4df providers/saml: migrate to challenge for submit 2021-02-21 14:36:22 +01:00
14962eb6cc stages/email: migrate to SPA 2021-02-21 13:42:55 +01:00
b9f409d6d9 stages/consent: migrate to SPA 2021-02-21 13:15:45 +01:00
a8681ac88f root: fix typo 2021-02-21 00:22:14 +01:00
c1e6786ea1 stages/password: Migrate to SPA 2021-02-21 00:14:42 +01:00
1c8d101fc3 stages/identification: remove templates 2021-02-20 23:47:18 +01:00
7a9140bdcd core: move UILoginButtonSerializer into core 2021-02-20 23:42:35 +01:00
511f94fc7f *: cleanup code, return errors in challenge_invalid, fixup rendering 2021-02-20 23:34:10 +01:00
548b1ead2f flows: challenge error response in challenge format 2021-02-20 20:28:57 +01:00
33f67140f2 stages/identification: move user validation to serializer 2021-02-20 20:16:20 +01:00
8787dc23d0 web: fix linting errors 2021-02-20 19:59:24 +01:00
e0ae92ccc7 stages/*: update tests for new response 2021-02-20 19:41:48 +01:00
bdb86d7119 *: replace shortcuts.reverse with urls.reverse 2021-02-20 19:13:50 +01:00
a1a3d316e3 stages/identification: implement challenge 2021-02-20 18:28:11 +01:00
672b86ef88 web: fix old Links 2021-02-20 18:27:19 +01:00
a3c9d5873c web: fix URL for flows cached count 2021-02-20 18:27:03 +01:00
0e975757b8 core: remove UILoginButton's icon_path 2021-02-20 18:26:43 +01:00
391ee10cb8 Merge branch 'master' into stage-challenge
# Conflicts:
#	authentik/api/v2/urls.py
2021-02-20 12:51:10 +01:00
4f374c0c01 web: add 404 page, don't auto-redirect to home 2021-02-20 00:28:00 +01:00
dde303f13a admin: remove dead code 2021-02-20 00:27:22 +01:00
264c678eaa web: migrate user token list to web 2021-02-20 00:20:01 +01:00
854d94056e web: migrate remaining list views to web 2021-02-20 00:19:53 +01:00
9d4c22c706 web: show header while loading application info 2021-02-19 23:34:06 +01:00
9b12895fab admin: remove unneeded code 2021-02-19 19:32:46 +01:00
93478a55d7 web: migrate Stage List to web 2021-02-19 19:29:17 +01:00
a76cbf8b70 flows: separate flows api into smaller files 2021-02-19 19:14:16 +01:00
6597d5bd28 web: migrate Token List to web 2021-02-19 19:09:30 +01:00
fd28f37c0d web: migrate User list to web 2021-02-19 18:43:57 +01:00
d219f65e7a web: migrate System Task list to web 2021-02-19 18:12:23 +01:00
865f652476 web: migrate Outpost Service Connection to web 2021-02-19 17:49:34 +01:00
8008918d8b admin: remove PolicyBinding list 2021-02-19 17:37:19 +01:00
75d0bd01c2 admin: remove StageBinding list 2021-02-19 17:19:48 +01:00
029c6cd182 web: migrate Group list to web 2021-02-19 17:18:09 +01:00
71f771c22c core: add types API to propertymapping 2021-02-19 17:10:30 +01:00
0993d5ce4a web: reset retryDelay for WS connection after successful connect 2021-02-19 17:10:16 +01:00
38bd05867d web: migrate Policy list to web 2021-02-19 17:05:02 +01:00
79089d8981 policies: add bound count to api 2021-02-19 16:53:30 +01:00
44e51970e1 web: update for new cached actions 2021-02-19 16:37:50 +01:00
47bde052ca policies: add types action to policy API, use MetaNameSerializer 2021-02-19 16:34:33 +01:00
bd6a473d4f flows: add cached as action to flow API 2021-02-19 16:34:12 +01:00
cd23053007 web: fix height on table pages 2021-02-19 16:22:52 +01:00
6e11fd0f2e web: fix application library not being full height 2021-02-19 16:13:55 +01:00
277b4336d3 stages/authenticator_validate: update autocomplete for code input 2021-02-19 16:00:59 +01:00
1c1f9b6cb8 web: fix SiteShell not being full height 2021-02-19 15:34:21 +01:00
c23df5e1d5 build(deps): bump @sentry/browser from 6.1.0 to 6.2.0 in /web (#571)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.1.0...6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 12:16:50 +01:00
c47cef6fbf build(deps): bump sentry-sdk from 0.20.2 to 0.20.3 (#567)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.2 to 0.20.3.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.2...0.20.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:22:30 +01:00
83b7b3257a build(deps): bump boto3 from 1.17.10 to 1.17.11 (#568)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.10 to 1.17.11.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.10...1.17.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:22:16 +01:00
270be95e68 build(deps): bump structlog from 20.2.0 to 21.1.0 (#569)
Bumps [structlog](https://github.com/hynek/structlog) from 20.2.0 to 21.1.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.2.0...21.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:22:06 +01:00
1c919b8b88 build(deps): bump docker from 4.4.2 to 4.4.3 (#570)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.2...4.4.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:21:49 +01:00
1e51a2cdd7 build(deps): bump rollup-plugin-copy from 3.3.0 to 3.4.0 in /web (#572)
Bumps [rollup-plugin-copy](https://github.com/vladshcherbin/rollup-plugin-copy) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/vladshcherbin/rollup-plugin-copy/releases)
- [Commits](https://github.com/vladshcherbin/rollup-plugin-copy/compare/3.3.0...3.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:21:34 +01:00
7ba44b15a7 build(deps): bump @sentry/tracing from 6.1.0 to 6.2.0 in /web (#573)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.1.0...6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:21:26 +01:00
4a94f515b3 root: add next branch 2021-02-18 21:24:34 +01:00
b229b2f40d Merge branch 'master' into stage-challenge
# Conflicts:
#	authentik/stages/authenticator_validate/stage.py
#	authentik/stages/identification/stage.py
2021-02-18 14:04:35 +01:00
e4f0613fab *: replace tuple and set from typing with normal 2021-02-18 13:53:57 +01:00
ecff810021 *: replace List from typing with normal list 2021-02-18 13:45:46 +01:00
fdde97cbbf *: replace Dict from typing with normal dict 2021-02-18 13:41:03 +01:00
c2a5641e6a Merge branch 'master' into stage-challenge 2021-02-18 12:46:28 +01:00
5a47c4850d build(deps): bump @patternfly/patternfly from 4.87.2 to 4.87.3 in /web (#566)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.87.2 to 4.87.3.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.87.2...prerelease-v4.87.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-18 09:12:31 +01:00
70b8a941bb build(deps): bump boto3 from 1.17.9 to 1.17.10 (#565)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.9 to 1.17.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.9...1.17.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-18 09:12:18 +01:00
eb01b42425 flows: mount executor under api, implement initial challenge design 2021-02-17 23:52:49 +01:00
8708e487ae stages: add WebAuthn stage (#550)
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
e020b8bf32 build(deps): bump boto3 from 1.17.8 to 1.17.9 (#562)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.8 to 1.17.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.8...1.17.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-17 09:28:40 +01:00
8e27121e10 build(deps): bump @patternfly/patternfly from 4.80.3 to 4.87.2 in /web (#563)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.80.3 to 4.87.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.80.3...prerelease-v4.87.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-17 09:24:34 +01:00
06870b4f64 web: improve styling on model info 2021-02-16 23:19:01 +01:00
4cfcc48b23 admin: migrate certificate-keypair list to web 2021-02-16 23:16:52 +01:00
60c244c31d core: add User.uid for globally unique user ID 2021-02-16 23:04:48 +01:00
d122bddae2 web: update flow diagram on ak-refresh 2021-02-16 22:54:14 +01:00
69e6221906 web: port flow list 2021-02-16 22:52:54 +01:00
68eefd083e web: fix linting errors 2021-02-16 22:35:55 +01:00
a647917074 providers/saml: use redirect binding first 2021-02-16 21:35:19 +01:00
099197ba8c providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly 2021-02-16 21:30:15 +01:00
baa2ed5ecc web: fix download button for SAML Metadata download 2021-02-16 21:04:03 +01:00
f8ba623fc1 web: add more related links, add policy/user/group support for bindings 2021-02-16 20:52:59 +01:00
6bcdf36ca6 admin: add ?provider for ApplicationCreateView 2021-02-16 20:00:52 +01:00
416d949d80 web: add button to create application on provider page 2021-02-16 20:00:34 +01:00
0b75a0028b providers/saml: fix error when getting metadata of provider with no application 2021-02-16 19:58:04 +01:00
0901d7461e providers/saml: fix redirect error 2021-02-16 19:28:18 +01:00
61772b75ff providers/saml: fix managed mappings not being set on import 2021-02-16 19:20:52 +01:00
0ade57b5a6 docs: replace Autogenerated with managed mappings 2021-02-16 19:18:57 +01:00
61604adf9a root: fix request_id not being logged for actual asgi requests 2021-02-16 19:14:08 +01:00
8bd147b205 web: fix spacing on boudstagelist 2021-02-16 17:03:37 +01:00
724f53e972 build(deps): bump boto3 from 1.17.7 to 1.17.8 (#557)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.7 to 1.17.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.7...1.17.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:07:56 +00:00
c10478ec68 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#560)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.15.0 to 4.15.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:03:57 +00:00
cdf12ee03d build(deps): bump docker from 4.4.1 to 4.4.2 (#558)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.1...4.4.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:18:30 +01:00
964a8dbb82 build(deps): bump sentry-sdk from 0.20.1 to 0.20.2 (#559)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.1...0.20.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:17:21 +01:00
7ad48bfc44 build(deps-dev): bump @typescript-eslint/parser in /web (#561)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.15.0 to 4.15.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:17:07 +01:00
da90510b98 build(deps): bump rollup from 2.38.5 to 2.39.0 in /web (#553)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.5 to 2.39.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.5...v2.39.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:28:08 +01:00
4bd1598c2c build(deps): bump construct-style-sheets-polyfill in /web (#556)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.9 to 2.4.16.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/master/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/compare/v2.4.9...v2.4.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:27:44 +01:00
6aa8d56d9f build(deps-dev): bump eslint from 7.19.0 to 7.20.0 in /web (#554)
Bumps [eslint](https://github.com/eslint/eslint) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.19.0...v7.20.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:27:31 +01:00
ccf7d794e9 build(deps): bump sentry-sdk from 0.20.0 to 0.20.1 (#552)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.0...0.20.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:27:10 +01:00
50ed2fb257 build(deps): bump boto3 from 1.17.6 to 1.17.7 (#551)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.6 to 1.17.7.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.6...1.17.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:26:56 +01:00
5ae030997a providers/saml: fix missing import 2021-02-15 09:25:22 +01:00
52dabcaad9 build(deps-dev): bump @rollup/plugin-typescript in /web (#555)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.1.1 to 8.2.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v8.1.1...typescript-v8.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:05:01 +01:00
35e8a0c374 admin: fix ?next for Flow list 2021-02-14 18:39:36 +01:00
be292729a5 web: fix SiteShell breaking links when handlers are updated twice 2021-02-13 18:11:29 +01:00
1649c478b6 web: fix outpost edit/delete buttons 2021-02-12 11:56:54 +01:00
42feb54d80 helm: add initial wait for healthcheck 2021-02-12 11:53:49 +01:00
bbd088a957 events: fix geoip case when not configured 2021-02-12 10:43:00 +01:00
5417d0a90c *: bump pyright version 2021-02-12 10:19:38 +01:00
417b5d61a4 root: add initial geoip implementation 2021-02-12 09:52:14 +01:00
f13aad21cb build(deps): bump boto3 from 1.17.5 to 1.17.6 (#549)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.5 to 1.17.6.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.5...1.17.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 09:19:37 +01:00
79e8ee46c0 web: also use json logs for static parts 2021-02-12 00:00:11 +01:00
e3eaaeaf17 outpost: improve logging output, ensure fields match api server 2021-02-11 23:52:00 +01:00
e550216f85 events: fix user QuerySet being passed 2021-02-11 23:36:22 +01:00
1afb4a7a76 policies: add ability to directly assign groups in bindings 2021-02-11 20:36:48 +01:00
391eb9d469 admin: fix policy list not having a refresh button 2021-02-11 20:17:45 +01:00
494f094fa1 events: pass Event's user to Notification policy engine when present 2021-02-11 19:56:39 +01:00
aa0f5df218 policies/*: cleanup api and forms, use correct inheritance 2021-02-11 19:50:02 +01:00
6fc740a98b build(deps-dev): bump typescript from 4.1.4 to 4.1.5 in /web (#547)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.1.4...v4.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-11 09:12:09 +01:00
7da90ff7e4 release: 2021.2.3-stable 2021-02-10 20:47:33 +01:00
61b5714652 docs: update release notes 2021-02-10 20:47:06 +01:00
d2df426489 core: fix tokens using wrong lookup 2021-02-10 20:32:54 +01:00
e6c75ed173 web: fix untranslated strings 2021-02-10 20:21:04 +01:00
a353c6956e web: fix missing source create button 2021-02-10 20:13:12 +01:00
a367d8515f core: add source endpoint 2021-02-10 20:12:07 +01:00
2b7a22a29a core: add providers/types endpoint 2021-02-10 20:11:54 +01:00
e6712a50d2 docs: update changelog 2021-02-10 13:45:24 +01:00
c621f62d92 release: 2021.2.2-stable 2021-02-10 13:33:23 +01:00
a0648cd925 build(deps-dev): bump typescript from 4.1.3 to 4.1.4 in /web (#544)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.1.3...v4.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:40:39 +01:00
2650e672bb build(deps): bump boto3 from 1.17.4 to 1.17.5 (#545)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.4 to 1.17.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.4...1.17.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:40:29 +01:00
53b9376789 build(deps): bump pycryptodome from 3.9.9 to 3.10.1 (#546)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.9.9 to 3.10.1.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.9.9...v3.10.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:39:50 +01:00
d15e50025c root: log runtime in milliseconds 2021-02-09 23:33:25 +01:00
0af66a26ab crypto: move certificate and key data to separate api calls to create events 2021-02-09 21:47:00 +01:00
bf754369d9 providers/proxy: fix certificates without key being selectable 2021-02-09 21:11:44 +01:00
02dc112f8f outposts: fix ProxyProvider update not triggering outpost update 2021-02-09 20:59:39 +01:00
2d4e7ebab5 admin: remove unnecessary success_urls 2021-02-09 20:58:46 +01:00
a7d0a50859 events: rename context.token to context.secret 2021-02-09 20:10:43 +01:00
71c9108f89 events: rename token_view to secret_view 2021-02-09 18:20:28 +01:00
f8bcdb26b3 web: PBResponse -> AKResponse 2021-02-09 17:04:55 +01:00
45f1d95bf9 sources/oauth: add callback URL to api 2021-02-09 16:58:19 +01:00
5dab198c47 web: add new sources view 2021-02-09 16:24:27 +01:00
ad91abe9de admin: remove old sources view 2021-02-09 16:17:48 +01:00
fa30755241 web: make ActionButton's method configurable 2021-02-09 16:14:51 +01:00
552f8c6a9a sources/*: switch API to use slug in URL 2021-02-09 16:08:30 +01:00
101f916247 web: add source list page 2021-02-09 10:22:49 +01:00
2acdcf74e1 sources/ldap: add API for sync status 2021-02-09 10:21:59 +01:00
ddb8610032 web: fix modalbutton for non-fetched sites 2021-02-09 10:00:33 +01:00
22ad850e6c web: fix overflow on modalbutton 2021-02-09 09:57:59 +01:00
57925ed60a build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#543)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.14.2 to 4.15.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 09:57:06 +01:00
48cc2f17c1 build(deps-dev): bump @typescript-eslint/parser in /web (#542)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.14.2 to 4.15.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 09:30:41 +01:00
448108fca0 build(deps): bump boto3 from 1.17.3 to 1.17.4 (#541)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.3 to 1.17.4.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.3...1.17.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 09:30:30 +01:00
c1254f6212 web: update SiteShell to not use innerHTML 2021-02-08 23:16:20 +01:00
c8120c0d3e web: fix ModalButton working in global scope, causing issues on 2nd use 2021-02-08 23:10:45 +01:00
52016e0806 policies: skip cache on debug request 2021-02-08 22:14:23 +01:00
e555bdd42b lib: fix stacktrace for general expressions 2021-02-08 22:14:13 +01:00
1a619c90de Merge branch 'version-2021.2' 2021-02-08 21:51:59 +01:00
18faf30b0c docs: update release notes 2021-02-08 21:51:53 +01:00
b3bd979ecd release: 2021.2.1-stable 2021-02-08 21:34:05 +01:00
db113c5e8f Merge branch 'master' into version-2021.2 2021-02-08 21:33:58 +01:00
78bcb90a1e outposts: ensure Outpost API is backwards compatible 2021-02-08 19:51:46 +01:00
b64ecbde22 web: fix linting 2021-02-08 19:42:49 +01:00
43bab840ec web: fix sidebar being active when stage prompts is selected 2021-02-08 19:08:39 +01:00
f020b79384 admin: remove old code 2021-02-08 19:07:25 +01:00
820f658b49 web: add outpost list page 2021-02-08 19:04:19 +01:00
5d460a2537 admin: remove outposts list 2021-02-08 19:02:39 +01:00
efc46f52e6 outposts: move health to API 2021-02-08 19:01:10 +01:00
9fac51f8c7 outpost: downgrade recws for now
see https://github.com/recws-org/recws/issues/29
2021-02-08 17:56:58 +01:00
fe4b2d1a34 providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event 2021-02-08 11:51:38 +01:00
f8abe3e210 providers/oauth2: add unofficial groups attribute to default profile claim 2021-02-08 11:50:26 +01:00
3ced67b151 sources/*: simplify source api 2021-02-08 10:25:59 +01:00
cd5631ec76 admin: fix link in source list 2021-02-08 10:25:59 +01:00
95df7c7f30 build(deps): bump construct-style-sheets-polyfill in /web (#540)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.6 to 2.4.9.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/master/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/compare/v2.4.6...v2.4.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-08 09:22:59 +01:00
1e934aa5d5 release: 2021.2.1-rc2 2021-02-07 19:04:43 +01:00
d93927755a Merge branch 'master' into version-2021.2 2021-02-07 19:04:37 +01:00
ddb3b71dce outpost: cap reconnect backoff at 60 seconds, reset backoff on successful connection 2021-02-07 18:30:05 +01:00
bf9826873e web: fix outpost item in sidebar being active on service connection views 2021-02-07 18:21:13 +01:00
6869b3c16a admin: add button to generate certificate-key pair 2021-02-07 16:15:55 +01:00
9b71b8da5f docs: update rancher docs and add to affected for update 2021-02-07 15:03:26 +01:00
bfc8e9200f providers/saml: split views into separate files 2021-02-07 13:39:33 +01:00
c4311abc9f web: fix link to provider list on overview page 2021-02-06 22:46:09 +01:00
ec42869e00 policies: add debug flag to PolicyRequest to prevent alerts from testing policies 2021-02-06 21:45:38 +01:00
45963c2ffc admin: improve layout for policy testing 2021-02-06 21:43:14 +01:00
1aa27b5e80 website: update ini dependency 2021-02-06 21:25:03 +01:00
1737feec91 build(deps): bump @docusaurus/core in /website (#537)
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 2.0.0-alpha.66 to 2.0.0-alpha.70.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.70/packages/docusaurus)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:23:04 +01:00
a0e0fb930a build(deps): bump @mdx-js/react from 1.6.21 to 1.6.22 in /website (#538)
Bumps [@mdx-js/react](https://github.com/mdx-js/mdx) from 1.6.21 to 1.6.22.
- [Release notes](https://github.com/mdx-js/mdx/releases)
- [Changelog](https://github.com/mdx-js/mdx/blob/main/changelog.md)
- [Commits](https://github.com/mdx-js/mdx/compare/v1.6.21...v1.6.22)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2021-02-06 21:22:43 +01:00
4a32c3ca11 build(deps): bump @docusaurus/preset-classic in /website (#535)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.66 to 2.0.0-alpha.70.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.70/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:19:46 +01:00
d307539fd0 build(deps): bump rollup from 2.38.4 to 2.38.5 in /web (#534)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.4 to 2.38.5.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.4...v2.38.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:19:33 +01:00
c060a3eec2 build(deps-dev): bump prettier from 2.1.2 to 2.2.1 in /website (#536)
Bumps [prettier](https://github.com/prettier/prettier) from 2.1.2 to 2.2.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.1.2...2.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:19:20 +01:00
4612ae1ff4 Merge pull request #539 from BeryJu/dependabot/pip/boto3-1.17.3
build(deps): bump boto3 from 1.17.2 to 1.17.3
2021-02-06 21:19:06 +01:00
7af883d80c root: add dedicated live and readiness views 2021-02-06 21:07:05 +01:00
4a5374d03f admin: remove provider list view 2021-02-06 20:54:50 +01:00
3b536f6e55 admin: fix property-mapping views redirecting to invalid URL 2021-02-06 20:54:12 +01:00
6aa13a8666 providers/saml: force-set friendly_name to empty string for managed mappings 2021-02-06 20:52:52 +01:00
24e4924dec docs: fix minor formatting errors 2021-02-06 20:52:29 +01:00
a252f303c0 docs: add docs to dependabot 2021-02-06 20:51:43 +01:00
33cdbd7776 release: 2021.2.1-rc1 2021-02-06 20:10:50 +01:00
18bc54214d web: increase height of multi-select 2021-02-06 19:19:57 +01:00
db7e9f9b95 sources/ldap: set default group property mapping 2021-02-06 19:17:39 +01:00
a885247d36 docs: update release notes for 2021.2 2021-02-06 19:09:42 +01:00
91282c7bd8 web: add page for Proxy Provider 2021-02-06 18:57:25 +01:00
830b8bcd5b web: add page for OAuth2 Provider 2021-02-06 18:39:15 +01:00
0f5e6d0d8c api: add dark theme for API Browser 2021-02-06 18:09:24 +01:00
6aa6615608 web: add view page for SAML Provider 2021-02-06 18:07:13 +01:00
91d6a3c8c7 providers/*: simplify provider API 2021-02-06 17:31:29 +01:00
a6ac82c492 *: rewrite managed objects, use nullable text flag instead of boolean as uid (#533) 2021-02-06 15:56:21 +00:00
05d777c373 Merge pull request #528 from BeryJu/ldap-groupOfNames
sources/ldap: support group to user memberships
2021-02-06 16:07:36 +01:00
32cf960053 sources/ldap: add property_mappings_group to make group mapping more customisable 2021-02-06 15:27:07 +01:00
83bf639926 sources/ldap: use both entryDN and dn (for active-directory) 2021-02-05 15:17:57 +01:00
2717742bd2 sources/ldap: don't remove users from group which were not synced from AD 2021-02-05 15:17:20 +01:00
ef70e93bbd Merge branch 'master' into ldap-groupOfNames 2021-02-05 14:52:39 +01:00
478d3430eb sources/ldap: use openldap tests for entire sync 2021-02-05 14:29:22 +01:00
9c1ade59e9 sources/ldap: add more flatten to user sync, start adding tests for OpenLDAP 2021-02-05 13:36:27 +01:00
fadf746234 managed: allow for matching on multiple interfaces 2021-02-05 13:18:44 +01:00
397dfc29f1 sources/ldap: change default object filters to use objectClass= instead of objectCategory 2021-02-05 11:43:39 +01:00
b0e3b8b39d sources/ldap: use entryDN attribute from ldap3 as opposed to implicit DN attribute 2021-02-05 11:43:13 +01:00
df9ae796d4 build(deps): bump boto3 from 1.17.1 to 1.17.2 (#529)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.1 to 1.17.2.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.1...1.17.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 11:00:31 +01:00
dfdad5388f build(deps): bump @sentry/tracing from 6.0.4 to 6.1.0 in /web (#531)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.4 to 6.1.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.4...6.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 11:00:19 +01:00
c38ea69bdd build(deps-dev): bump autopep8 from 1.5.4 to 1.5.5 (#530)
Bumps [autopep8](https://github.com/hhatto/autopep8) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/hhatto/autopep8/releases)
- [Commits](https://github.com/hhatto/autopep8/compare/v1.5.4...v1.5.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 09:52:46 +01:00
dca6f43858 build(deps): bump @sentry/browser from 6.0.4 to 6.1.0 in /web (#532)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.4 to 6.1.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.4...6.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 09:52:33 +01:00
51cbb7cc8e ci: fix warning when setting branchName in PR 2021-02-05 00:38:08 +01:00
1f8130e685 events: improve information sent in notification emails 2021-02-04 21:44:59 +01:00
580d59e921 web: add EventInfoPage 2021-02-04 21:28:01 +01:00
e639d8ab56 sources/ldap: add case when group does not have uniqueness attribute 2021-02-04 21:18:49 +01:00
9f478bb46a web: fix type warnings 2021-02-04 21:10:13 +01:00
7a16f97908 web: add ak-expand for event list to show full context 2021-02-04 20:59:18 +01:00
dd8c1eeb52 web: add ak-expand 2021-02-04 20:56:40 +01:00
005b4d8dda sources/ldap: fix linting issues 2021-02-04 20:36:05 +01:00
de2d8b2d85 providers/oauth2: pass application to configuration error event 2021-02-04 20:35:37 +01:00
7d107991a2 sources/ldap: fix count for membership, fix wrong attribute being searched 2021-02-04 20:22:28 +01:00
14dc420747 sources/ldap: rewrite group membership syncing 2021-02-04 20:06:42 +01:00
89dc4db30b sources/ldap: load operational attributes (#526) 2021-02-04 12:37:55 +01:00
cc3fccb27e sources/ldap: use dn attribute for distinguishedName, ignore users with no distinguishedName
closes #527
2021-02-04 12:10:57 +01:00
add20de8de providers/*: fix api linting issues 2021-02-04 10:27:55 +01:00
7e2a471903 web: fix linting issues 2021-02-04 10:22:14 +01:00
9ca9e67ffa web: fix pagination not working correctly sometimes, fix pagination not showing when changing pages 2021-02-04 10:09:19 +01:00
178417fe67 web: start implementing provider list 2021-02-04 10:09:19 +01:00
53f002a123 events: allow searching by event id 2021-02-04 10:09:19 +01:00
c7c387eb38 providers/*: add assigned application name and slug 2021-02-04 10:09:19 +01:00
1b3760a4b7 events: don't log successful system tasks 2021-02-04 10:09:18 +01:00
704a502089 build(deps): bump @types/codemirror from 0.0.107 to 0.0.108 in /web (#523)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.107 to 0.0.108.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-04 09:36:52 +01:00
3b12ef80eb build(deps): bump boto3 from 1.17.0 to 1.17.1 (#522)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.0 to 1.17.1.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.0...1.17.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-04 09:36:38 +01:00
1101810fea admin: show more details for policy testing 2021-02-03 22:09:46 +01:00
1ab5289e2e admin: add test view for property mappings 2021-02-03 21:58:56 +01:00
ac24fc9ce3 web: add javascript mode to codemirror 2021-02-03 21:58:30 +01:00
4b24b185f2 admin: fix context not being passed correctly to policy test view 2021-02-03 21:40:03 +01:00
ea0ba5ae30 stages/password: use form.add_error 2021-02-03 21:39:03 +01:00
44686de74e docs: prepare 2021.2 releases 2021-02-03 21:29:13 +01:00
b74c08620a admin: add link to changelog to update events 2021-02-03 21:19:51 +01:00
e25d03d8f4 Managed objects (#519)
* managed: add base manager and Ops

* core: use ManagedModel for Token and PropertyMapping

* providers/saml: implement managed objects for SAML Provider

* sources/ldap: migrate to managed

* providers/oauth2: migrate to managed

* providers/proxy: migrate to managed

* *: load .managed in apps

* managed: add reconcile task, run on startup

* providers/oauth2: fix import path for managed

* providers/saml: don't set FriendlyName when mapping is none

* *: use ObjectManager in tests to ensure objects exist

* ci: use vmImage ubuntu-latest

* providers/saml: add new mapping for username and user id

* tests: remove docker proxy

* tests/e2e: use updated attribute names

* docs: update SAML docs

* tests/e2e: fix remaining saml cases

* outposts: make tokens as managed

* *: make PropertyMapping SerializerModel

* web: add page for property-mappings

* web: add codemirror to common_styles because codemirror

* docs: fix member-of in nextcloud

* docs: nextcloud add admin

* web: fix refresh reloading data two times

* web: add loading lock to table to prevent double loads

* web: add ability to use null in QueryArgs (value will be skipped)

* web: add hide option to property mappings

* web: fix linting
2021-02-03 21:18:31 +01:00
f8f26d2a23 build(deps): bump rollup from 2.38.3 to 2.38.4 in /web (#520)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.3 to 2.38.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.3...v2.38.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-03 09:32:12 +01:00
1f2e177e3e build(deps): bump boto3 from 1.16.63 to 1.17.0 (#521)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.63 to 1.17.0.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.63...1.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-03 09:32:01 +01:00
cfed41439e events: add send_once flag to send webhooks only once 2021-02-02 19:34:55 +01:00
3ac148d01c events: only title for slack webhook 2021-02-02 19:18:51 +01:00
3e696d6ac8 flows: use global logger for stored plans 2021-02-02 17:29:03 +01:00
0114bc0d6a flows: fix lint errors 2021-02-02 17:02:02 +01:00
c60934f9b1 flows: fix benchmark using wrong context 2021-02-02 16:27:21 +01:00
09bdcfaab0 flows: optimise logging 2021-02-02 16:27:03 +01:00
624206281e policies: optimise logging 2021-02-02 16:12:41 +01:00
4d7e64c48c web: adjust trace sample rate 2021-02-02 15:50:29 +01:00
3d112e7688 root: use filtering_bound_logger for speed improvements 2021-02-02 15:43:44 +01:00
3c4ff65a01 stages/consent: fix wrong widget for expire 2021-02-02 15:01:33 +01:00
d7f54ce5d5 build(deps): bump @sentry/tracing from 6.0.3 to 6.0.4 in /web (#515)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.3...6.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 11:23:47 +01:00
bc55c97fa2 build(deps): bump @sentry/browser from 6.0.3 to 6.0.4 in /web (#516)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.3...6.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 11:21:41 +01:00
d9a907e39e build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#518)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.14.1 to 4.14.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.2/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 11:21:28 +01:00
8616647045 build(deps): bump rollup from 2.38.2 to 2.38.3 in /web (#517)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.2 to 2.38.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.2...v2.38.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 10:03:18 +01:00
4d861e2830 build(deps-dev): bump @typescript-eslint/parser in /web (#514)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.14.1 to 4.14.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.2/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 10:03:03 +01:00
881730f52e build(deps): bump django from 3.1.5 to 3.1.6 (#513)
Bumps [django](https://github.com/django/django) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.5...3.1.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 10:02:49 +01:00
e78577d470 build(deps): bump @sentry/tracing from 6.0.2 to 6.0.3 in /web (#511)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.2...6.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 10:15:59 +01:00
d502f4d77d build(deps): bump boto3 from 1.16.62 to 1.16.63 (#507)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.62 to 1.16.63.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.62...1.16.63)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:43 +01:00
3c5f7deba9 build(deps): bump packaging from 20.8 to 20.9 (#506)
Bumps [packaging](https://github.com/pypa/packaging) from 20.8 to 20.9.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.8...20.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:30 +01:00
b61334c482 build(deps-dev): bump eslint from 7.18.0 to 7.19.0 in /web (#508)
Bumps [eslint](https://github.com/eslint/eslint) from 7.18.0 to 7.19.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.18.0...v7.19.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:20 +01:00
eb762632d0 build(deps-dev): bump @rollup/plugin-typescript in /web (#509)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.1.0 to 8.1.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v8.1.0...typescript-v8.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:10 +01:00
6a882249aa build(deps): bump rollup from 2.38.1 to 2.38.2 in /web (#510)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.1 to 2.38.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.1...v2.38.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:11:58 +01:00
94f6bbd431 build(deps): bump @sentry/browser from 6.0.2 to 6.0.3 in /web (#512)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.2...6.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:11:42 +01:00
3926ee9eb6 core: clear application cache upon application creation 2021-01-30 18:12:14 +01:00
7fbf915e0a policies: fix application cached not being cleared correctly 2021-01-30 18:12:01 +01:00
5af9e8c05d core: improve application caching 2021-01-30 18:03:44 +01:00
7c0c453d9f web: fix new provider dropdown being cut off 2021-01-30 12:38:33 +01:00
d8ae56ed19 providers/saml: fix imported provider not saving properties correctly 2021-01-30 12:33:27 +01:00
a9a65ceca6 Merge branch 'version-2021.1' 2021-01-29 10:45:55 +01:00
c11fd884b8 docs: separate 2021.1 fixes by patch release 2021-01-29 10:45:50 +01:00
3e3f29973b release: 2021.1.4-stable 2021-01-29 10:29:06 +01:00
af7e1fd0c5 build(deps): bump rollup from 2.38.0 to 2.38.1 in /web (#505)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.0 to 2.38.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.0...v2.38.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 09:31:59 +01:00
2556a106a0 build(deps): bump boto3 from 1.16.61 to 1.16.62 (#504)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.61 to 1.16.62.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.61...1.16.62)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 09:31:37 +01:00
2f3a086f29 docs: update veeam docs for group mapping 2021-01-28 23:34:51 +01:00
239af7048a providers/saml: import SAML Provider with all autogenerated mappings 2021-01-28 23:32:36 +01:00
188ef0f58f core: only cache Applications API when no filtering is done 2021-01-28 23:16:51 +01:00
5ef4354723 providers/saml: make NameID configurable using a Property Mapping 2021-01-28 22:50:13 +01:00
66a8b52c7c providers/saml: update default OIDs for default property mappings 2021-01-28 22:44:44 +01:00
c1563f4cff lib: fix ak_is_group_member checking wrong groups 2021-01-28 22:30:59 +01:00
ac7b0ac965 web: fix site-shell being cut off when not full height 2021-01-28 22:17:20 +01:00
da37b42bcf admin: fix providers not showing SAML Import on empty state 2021-01-28 22:16:50 +01:00
f4bb22138c providers/saml: add support for WindowsDomainQualifiedName, add docs for NameID 2021-01-28 22:00:40 +01:00
605213821c docs: add SAML docs for veeam enterprise manager 2021-01-28 21:20:28 +01:00
2b34ac7545 build(deps): bump @types/codemirror from 0.0.106 to 0.0.107 in /web (#503)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.106 to 0.0.107.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 10:04:36 +01:00
542a4b9bdf build(deps): bump @patternfly/patternfly from 4.70.2 to 4.80.3 in /web (#502)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.70.2 to 4.80.3.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.70.2...prerelease-v4.80.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 10:04:15 +01:00
b0a791711e build(deps): bump boto3 from 1.16.60 to 1.16.61 (#501)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.60 to 1.16.61.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.60...1.16.61)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 10:03:08 +01:00
c0199933c8 events: fix email template for notifications 2021-01-27 13:22:43 +01:00
5c3f410016 release: 2021.1.3-stable 2021-01-27 10:50:48 +01:00
02e4a71e25 Merge branch 'master' into version-2021.1 2021-01-27 10:50:41 +01:00
bfe8bb5e61 lifecycle: fix typo causing single process in docker-compose 2021-01-27 10:13:23 +01:00
b1591618ae admin: handle FlowNonApplicableException during flow plan 2021-01-27 09:57:26 +01:00
55bcc254c1 flows: fix FlowNonApplicableException not being Sentry Ignored 2021-01-27 09:57:18 +01:00
2798a3edc9 build(deps): bump boto3 from 1.16.59 to 1.16.60 (#498)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.59 to 1.16.60.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.59...1.16.60)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-27 09:05:00 +01:00
e2aaa26ce7 build(deps): bump urllib3 from 1.26.2 to 1.26.3 (#499)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.2 to 1.26.3.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.3/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.2...1.26.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-27 09:04:42 +01:00
81e4d2d1d7 build(deps-dev): bump coverage from 5.3.1 to 5.4 (#500)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.3.1 to 5.4.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.3.1...coverage-5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-27 09:04:18 +01:00
f663b66c19 docs: fix nextcloud docs using wrong fields 2021-01-26 22:10:00 +01:00
9a7b343120 build(deps-dev): bump @typescript-eslint/parser in /web (#495)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.14.0 to 4.14.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:07:53 +01:00
02c1a7f7d0 build(deps): bump @sentry/browser from 6.0.1 to 6.0.2 in /web (#496)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.1...6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:07:27 +01:00
b2f65a7ed2 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#497)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.14.0 to 4.14.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:05:40 +01:00
8071692739 build(deps): bump @sentry/tracing from 6.0.1 to 6.0.2 in /web (#494)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.1...6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:05:17 +01:00
8d11934caa build(deps-dev): bump pytest from 6.2.1 to 6.2.2 (#493)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.1...6.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:04:42 +01:00
6076ae2f9e ci: fix building for dependabot 2021-01-25 21:11:29 +01:00
78b4b61882 build(deps): bump boto3 from 1.16.58 to 1.16.59 (#489) 2021-01-25 13:59:42 +01:00
91df37a4a0 build(deps): bump ldap3 from 2.8.1 to 2.9 (#490) 2021-01-25 13:58:20 +01:00
2566af231b build(deps): bump @types/chart.js from 2.9.29 to 2.9.30 in /web (#491) 2021-01-25 13:57:23 +01:00
80f7b5656d build(deps): bump rollup from 2.37.1 to 2.38.0 in /web (#492) 2021-01-25 13:56:58 +01:00
23cb8f44a6 build(deps): bump @sentry/tracing from 6.0.0 to 6.0.1 in /web (#487)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.0...6.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-22 09:47:24 +01:00
c3a0aa594a build(deps): bump boto3 from 1.16.57 to 1.16.58 (#486)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.57 to 1.16.58.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.57...1.16.58)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-22 09:45:52 +01:00
6b7977ad86 build(deps): bump @sentry/browser from 6.0.0 to 6.0.1 in /web (#488)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.0...6.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-22 09:45:37 +01:00
d7dfd6e7df build(deps): bump pyyaml from 5.4 to 5.4.1 (#484)
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.4 to 5.4.1.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.4...5.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 09:53:20 +01:00
fc5842be67 build(deps): bump rollup from 2.37.0 to 2.37.1 in /web (#485)
Bumps [rollup](https://github.com/rollup/rollup) from 2.37.0 to 2.37.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.37.0...v2.37.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 09:53:08 +01:00
b03677a077 build(deps): bump codemirror from 5.59.1 to 5.59.2 in /web (#483)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.1 to 5.59.2.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.1...5.59.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 09:52:54 +01:00
d136890415 build(deps): bump @sentry/browser from 5.30.0 to 6.0.0 in /web (#478)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.30.0 to 6.0.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.30.0...6.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:54:50 +01:00
3ea76f1d86 build(deps): bump rollup from 2.36.2 to 2.37.0 in /web (#479)
Bumps [rollup](https://github.com/rollup/rollup) from 2.36.2 to 2.37.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.36.2...v2.37.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:39:19 +01:00
1ab9683ec6 build(deps): bump @sentry/tracing from 5.30.0 to 6.0.0 in /web (#480)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.30.0 to 6.0.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.30.0...6.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:39:00 +01:00
1e16c9b1e8 build(deps): bump boto3 from 1.16.56 to 1.16.57 (#482)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.56 to 1.16.57.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.56...1.16.57)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:38:40 +01:00
b242ba03a0 build(deps): bump pyyaml from 5.3.1 to 5.4 (#481)
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:38:21 +01:00
49294b4a43 build(deps-dev): bump @typescript-eslint/parser in /web (#477)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.13.0 to 4.14.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-19 09:34:07 +01:00
80e5c25c01 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#476)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.13.0 to 4.14.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-19 09:22:15 +01:00
ed267a4a1a docs: fix release name 2021-01-18 11:23:09 +01:00
7d844d1821 release: 2021.1.2-stable 2021-01-18 11:15:11 +01:00
6f1fb9ca43 release: 2021.1.2-stable 2021-01-18 11:14:55 +01:00
09f56f1f01 Merge branch 'master' into version-2021.1 2021-01-18 11:14:45 +01:00
3d3a0cd9e3 events: create event when system task fails 2021-01-18 10:09:14 +01:00
32667f37d1 build(deps): bump boto3 from 1.16.55 to 1.16.56 (#473)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.55 to 1.16.56.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.55...1.16.56)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-18 07:46:37 +01:00
9532c4df9d build(deps-dev): bump eslint from 7.17.0 to 7.18.0 in /web (#474)
Bumps [eslint](https://github.com/eslint/eslint) from 7.17.0 to 7.18.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.17.0...v7.18.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-18 07:46:26 +01:00
fd90979832 build(deps): bump rollup from 2.36.1 to 2.36.2 in /web (#475)
Bumps [rollup](https://github.com/rollup/rollup) from 2.36.1 to 2.36.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.36.1...v2.36.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-18 07:46:14 +01:00
2e20d5dfbf stages/email: fix email task not falling back to use_global_settings 2021-01-17 23:32:55 +01:00
33f06f0799 policies: fix logic error for sync mode 2021-01-17 23:32:55 +01:00
920736fc77 helm: fix s3 secret key and email password not being base64 encoded 2021-01-17 23:32:55 +01:00
ee8e42728e helm: fix old reference to static secret_key 2021-01-17 23:32:55 +01:00
204792b750 stages/email: fix email task not falling back to use_global_settings 2021-01-17 23:31:58 +01:00
8ffa3e5885 policies: fix logic error for sync mode 2021-01-17 23:31:34 +01:00
175d3b3377 helm: fix s3 secret key and email password not being base64 encoded 2021-01-17 23:02:14 +01:00
d5f35798dc helm: fix old reference to static secret_key 2021-01-17 23:01:58 +01:00
1a0aa7e944 Merge branch 'version-2021.1'
# Conflicts:
#	.bumpversion.cfg
#	.github/workflows/release.yml
#	authentik/__init__.py
#	docker-compose.yml
#	helm/Chart.yaml
#	helm/README.md
#	helm/values.yaml
#	outpost/pkg/version.go
#	web/src/constants.ts
#	website/docs/installation/docker-compose.md
#	website/docs/installation/kubernetes.md
2021-01-17 22:37:13 +01:00
677a181b9c release: 2021.1.1-stable 2021-01-17 22:36:16 +01:00
4b551add1a stages/password: catch importerror during authentic() 2021-01-17 20:23:22 +01:00
90220e911f stages/password: catch importerror during authentic() 2021-01-17 20:18:45 +01:00
217cca822d web: fix sidebar overlaying background 2021-01-17 20:09:53 +01:00
e6f897c7e6 policies: detect when running in a daemon process and run policies sync 2021-01-17 20:09:53 +01:00
65c9d4bf4c policies: use custom context for fork instead of changing global context 2021-01-17 20:09:53 +01:00
6e88e52d78 outposts: add message to outpost_service_connection_monitor task 2021-01-17 20:09:53 +01:00
4e884e80ab web: fix sidebar overlaying background 2021-01-17 20:09:37 +01:00
d19bfebce3 policies: detect when running in a daemon process and run policies sync 2021-01-17 19:59:58 +01:00
b86d4a455d policies: use custom context for fork instead of changing global context 2021-01-17 19:59:19 +01:00
222cece3e1 outposts: add message to outpost_service_connection_monitor task 2021-01-17 19:22:01 +01:00
6e69edf1af core: increase application cache duration
# Conflicts:
#	authentik/core/api/applications.py
2021-01-17 19:17:47 +01:00
55aab5660b core: increase application cache duration 2021-01-17 19:17:13 +01:00
08e7ef3c1e core: increase application cache duration 2021-01-17 19:04:54 +01:00
d728163eea helm: fix typos 2021-01-17 18:56:51 +01:00
cbf246694c helm: fix typos 2021-01-17 18:56:24 +01:00
9d0a01012d root: use stable version on master
This reverts commit 94182f88a4.
2021-01-17 17:41:49 +01:00
cf76652a4c release: 2021.1.1-rc2 2021-01-17 17:40:43 +01:00
c525ecc334 ci: fix paths for github release 2021-01-17 17:40:20 +01:00
49d40d4337 admin: fix linting 2021-01-17 17:35:00 +01:00
94182f88a4 release: 2021.1.1-rc1 2021-01-17 17:25:47 +01:00
1c25f4f09b core: use tabs for user settings 2021-01-17 17:25:15 +01:00
6495d6c50a web: fix tabs detecting all slot elements 2021-01-16 23:04:08 +01:00
b81f3e4a38 docs: prepare next release 2021-01-16 22:38:46 +01:00
aad3b43ac3 core: cache applications API 2021-01-16 22:38:09 +01:00
60f52f102a outposts: optimise signals to not always trigger 2021-01-16 22:14:37 +01:00
f3ccb5341d outpost: improve logging 2021-01-16 22:13:57 +01:00
cb73210447 events: don't log permission creation 2021-01-16 22:03:06 +01:00
81efc9a673 outposts: update pipeline 2021-01-16 21:49:30 +01:00
72c6c0da9b outposts: update go module domain 2021-01-16 21:45:24 +01:00
8fef839965 outpost: separate ak-api and proxy further for future outposts 2021-01-16 21:41:39 +01:00
87b830ff9a outpost: rename proxy to outpost 2021-01-16 19:20:27 +01:00
8acb9dde5f web: add notification 'mark as seen' button 2021-01-16 19:09:03 +01:00
36e8b1004c web: add update method 2021-01-16 19:08:20 +01:00
f959212692 events: make notifications filterable 2021-01-16 19:08:07 +01:00
2d2a404028 providers/oauth2: improve error handling and event creation 2021-01-16 18:27:10 +01:00
394ad6ade5 web: wrap notifications desc 2021-01-16 18:22:25 +01:00
4baf9e4a22 web: fix unread count, use white-space pre 2021-01-16 18:04:09 +01:00
d020599e09 web: format json output for EventInfo 2021-01-16 17:02:31 +01:00
4f28a89e63 policies: improve recording of error messages during policy process 2021-01-16 16:38:57 +01:00
f8b4b92e8d policies: pass direct exception from expression policies 2021-01-16 15:41:59 +01:00
33f208657c helm: bump memory hard limit 2021-01-16 14:15:50 +01:00
c1fbfc63ab core: use version in qs for static files to ensure latest are loaded 2021-01-16 14:15:42 +01:00
192dbe05c4 events: triggers -> rules 2021-01-16 14:15:23 +01:00
0b41cb84f0 web: update styling of notification drawer to match rest 2021-01-15 12:16:35 +01:00
d637bd0bf9 events: improve infinite loop detection 2021-01-15 11:27:18 +01:00
a2bddc6d91 policies: fix engine tests checking wrong key 2021-01-15 11:27:07 +01:00
2e42da11ea policies/event_matcher: simplify validity checking 2021-01-15 11:26:55 +01:00
f297d1256d events: fix linting 2021-01-15 11:19:56 +01:00
5e1e5afb24 build(deps): bump boto3 from 1.16.54 to 1.16.55 (#472) 2021-01-15 09:26:35 +01:00
da59e7c4a7 events: fix infinite loop in unittests 2021-01-15 00:32:59 +01:00
8684d106d5 events: fix default transport for successive migrations 2021-01-14 23:50:18 +01:00
2579e168c3 web: start implementing notifications 2021-01-14 22:14:35 +01:00
7f5caf901d expressions: set exception as message field 2021-01-14 21:58:10 +01:00
1c686e19b5 policies: set message instead of error for Event 2021-01-14 20:17:21 +01:00
3cc92f6c97 events: ensure created field is timestamp 2021-01-14 20:16:54 +01:00
8f5b33a3a2 web: show more context on policy_exception 2021-01-14 18:13:52 +01:00
4447345345 policies: fix display of stacktrace in events 2021-01-14 18:07:41 +01:00
42c6401ba7 events: add event context to slack webhook 2021-01-14 17:40:19 +01:00
eef111bcfd events: disable policy cache for trigger 2021-01-14 17:39:59 +01:00
6192b2787f events: notifications: send entire event in API 2021-01-14 17:22:02 +01:00
c7d28f8ca9 events: attach default transport to default triggers 2021-01-14 17:22:02 +01:00
1342266368 events: include full group in event notification 2021-01-14 17:22:02 +01:00
7ff679b1a3 policies: fix error when error occurs during policy process with no target 2021-01-14 17:22:02 +01:00
8beddcddb0 events: set severity for default triggers 2021-01-14 17:22:02 +01:00
9fe8554f28 events: make notification read/update only 2021-01-14 17:22:02 +01:00
812fe72e60 build(deps): bump @sentry/tracing from 5.29.2 to 5.30.0 in /web (#470)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.29.2 to 5.30.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.2...5.30.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 10:00:29 +01:00
d0e4533cdd build(deps): bump boto3 from 1.16.53 to 1.16.54 (#468)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.53 to 1.16.54.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.53...1.16.54)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 09:22:22 +01:00
b1b5d94ddc build(deps): bump @fortawesome/fontawesome-free in /web (#471)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.1 to 5.15.2.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.1...5.15.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 09:22:04 +01:00
59722e0bbe build(deps): bump @sentry/browser from 5.29.2 to 5.30.0 in /web (#469)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.29.2 to 5.30.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.2...5.30.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 09:21:46 +01:00
9c5bb3998c docs: fix minor grammar issues 2021-01-13 10:28:02 +01:00
c180c4b1a2 build(deps): bump boto3 from 1.16.52 to 1.16.53 (#467)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.52 to 1.16.53.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.52...1.16.53)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-13 09:29:14 +01:00
308896719d docs: add docs for events and notifications 2021-01-13 00:26:33 +01:00
95c1473dd2 events: assign default triggers to default admin group, create default transport 2021-01-12 23:28:17 +01:00
b14c5039ed events: set default admin group to receive default triggers 2021-01-12 23:06:42 +01:00
b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
29e08e7477 stages/otp_*: fix app's verbose_name 2021-01-12 22:59:46 +01:00
36bc1dc020 events: record source when user is using source to authenticate 2021-01-12 22:48:55 +01:00
61d1407804 sources/*: Set PLAN_CONTEXT_SOURCE when logging in with a source 2021-01-12 22:37:33 +01:00
47ddf0d7f2 web: add UI for notification triggers 2021-01-12 22:26:57 +01:00
cb36a3c8c7 web: add event transports UI 2021-01-12 22:12:16 +01:00
cac94792fa admin: add event transport forms 2021-01-12 22:03:33 +01:00
6f56c37d2f web: make action button better handle errors and show messages 2021-01-12 21:52:21 +01:00
8369fa16ae events: add mode_verbose to transport, return string on send error 2021-01-12 21:51:55 +01:00
f30bdbecd6 events: catch errors during send and re-raise as custom type 2021-01-12 21:48:16 +01:00
c727c845df policies: add and/or mode (#463)
* policies: add mode to PolicyEngine for AND and OR modes

* events: use PolicyEngine in OR mode
2021-01-12 18:22:25 +01:00
b2b737e59e build(deps-dev): bump @typescript-eslint/parser in /web (#465)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.12.0 to 4.13.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.13.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-12 10:16:47 +01:00
e2b930afe3 build(deps): bump boto3 from 1.16.51 to 1.16.52 (#464)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.51 to 1.16.52.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.51...1.16.52)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-12 09:45:24 +01:00
36c0b924bc build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#466)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.12.0 to 4.13.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.13.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-12 09:45:14 +01:00
1ccf6dcf6f events: Notifications (#418)
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
f8a426f0e8 ci: fix docker tag name for dependabot PRs 2021-01-11 16:18:44 +01:00
f8756d0fc9 build(deps): bump @types/codemirror from 0.0.105 to 0.0.106 in /web (#462)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.105 to 0.0.106.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-11 08:23:19 +01:00
fd6d99f4f9 build(deps): bump @types/codemirror from 0.0.104 to 0.0.105 in /web (#461)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.104 to 0.0.105.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-08 09:52:17 +01:00
04379f2c90 build(deps): bump boto3 from 1.16.50 to 1.16.51 (#460)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.50 to 1.16.51.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.50...1.16.51)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-08 09:52:02 +01:00
ba1195cf70 build(deps): bump boto3 from 1.16.49 to 1.16.50 (#458)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.49 to 1.16.50.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.49...1.16.50)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-07 10:09:08 +01:00
b0bd9212c7 build(deps): bump rollup from 2.36.0 to 2.36.1 in /web (#459)
Bumps [rollup](https://github.com/rollup/rollup) from 2.36.0 to 2.36.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.36.0...v2.36.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-07 10:08:48 +01:00
209179e012 build(deps): bump rollup from 2.35.1 to 2.36.0 in /web (#456)
Bumps [rollup](https://github.com/rollup/rollup) from 2.35.1 to 2.36.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.35.1...v2.36.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:01:26 +01:00
df16f635fa build(deps): bump boto3 from 1.16.48 to 1.16.49 (#457)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.48 to 1.16.49.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.48...1.16.49)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:01:03 +01:00
14ccf47a2b build(deps): bump tslib from 2.0.3 to 2.1.0 in /web (#455)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.0.3 to 2.1.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.0.3...2.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:00:40 +01:00
2aac024477 build(deps): bump @types/codemirror from 0.0.103 to 0.0.104 in /web (#454)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.103 to 0.0.104.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:00:25 +01:00
4743e72e18 policies: ensure binding has a target during unittests 2021-01-05 12:37:52 +01:00
cab2942c4e web: fix [object Object] being shown for policy_execution
closes #449
2021-01-05 11:52:25 +01:00
9fb5ce2a1a policies: add binding to policy_execution context 2021-01-05 11:51:05 +01:00
0eab4489c5 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#453)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.11.1 to 4.12.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.12.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 10:41:48 +01:00
3aae030b23 build(deps): bump boto3 from 1.16.47 to 1.16.48 (#450)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.47 to 1.16.48.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.47...1.16.48)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 10:41:35 +01:00
e7060cb90a build(deps-dev): bump @typescript-eslint/parser in /web (#452)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.11.1 to 4.12.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.12.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 09:47:01 +01:00
6c0b9e3525 build(deps): bump django from 3.1.4 to 3.1.5 (#451)
Bumps [django](https://github.com/django/django) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.4...3.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 09:46:46 +01:00
82bb179bc2 root: global email settings (#448)
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
774eb0388b build(deps-dev): bump eslint from 7.16.0 to 7.17.0 in /web (#447)
Bumps [eslint](https://github.com/eslint/eslint) from 7.16.0 to 7.17.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.16.0...v7.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-04 08:56:28 +01:00
6ed78830a0 providers/proxy: check ingress annotations we manage 2021-01-02 01:48:39 +01:00
6fe323f1a7 outposts: by default only check labels 2021-01-02 01:08:05 +01:00
85c2db018e outposts: ensure field_manager is also used for updates 2021-01-02 00:52:42 +01:00
bc9e7e8b93 build(deps): bump structlog from 20.1.0 to 20.2.0 (#445)
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-01-01 15:39:43 +01:00
08c58ce3fb build(deps): bump boto3 from 1.16.46 to 1.16.47 (#444)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.46 to 1.16.47.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.46...1.16.47)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-01 13:51:17 +01:00
c3bc986473 build(deps): bump codemirror from 5.59.0 to 5.59.1 in /web (#446)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.0 to 5.59.1.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.0...5.59.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-01 13:51:00 +01:00
2e69efe699 providers/saml: sign metadata when signing is enabled 2020-12-31 15:02:21 +01:00
4daa373dcf web: match on path begin in sidebar 2020-12-31 14:19:36 +01:00
a85b8a65c0 release: 0.14.2-stable 2020-12-31 12:00:31 +01:00
d8dc1f8bb5 web: fix linting 2020-12-31 11:34:30 +01:00
0f4d5bc3b0 web: fix colour for selected sortable table header 2020-12-31 11:31:49 +01:00
6eed549577 web: add EventInfo case for policy_execution 2020-12-31 11:21:52 +01:00
be54ba4fe2 policies: catch error in process to not hang requests 2020-12-31 11:16:17 +01:00
68b9c34f78 policies: fix obj not being set 2020-12-31 11:16:01 +01:00
3584bdf530 events: fix error when creating an even from policyrequests 2020-12-31 11:15:42 +01:00
e712719333 admin: fix reverse urls for application forms 2020-12-31 10:13:06 +01:00
9a21c2f6bd build(deps): bump boto3 from 1.16.45 to 1.16.46 (#443)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.45 to 1.16.46.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.45...1.16.46)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-31 08:55:06 +01:00
0632d8ff37 web: fix loading overlay for site-shell 2020-12-30 23:12:55 +01:00
6bfaf71c12 web: fix link on application list 2020-12-30 22:50:27 +01:00
b6c8c319e5 web: default to open sidebar 2020-12-30 22:45:00 +01:00
4fde1b7365 providers/saml: allow audience to be empty 2020-12-30 22:15:28 +01:00
412f5b9210 providers/saml: fix signing and verification kp not being set correctly 2020-12-30 22:11:24 +01:00
a9e53cd52a providers/saml: fix string being passed to lxml 2020-12-30 22:03:01 +01:00
d0ee7908ab providers/saml: force user to select authz flow for import 2020-12-30 22:02:41 +01:00
e69834dec4 providers/saml: show error message why import failed 2020-12-30 22:02:28 +01:00
1b9d22615c build(deps): bump construct-style-sheets-polyfill in /web (#442)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.3 to 2.4.6.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/master/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/compare/v2.4.3...v2.4.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 09:23:02 +01:00
e995536a15 build(deps): bump boto3 from 1.16.44 to 1.16.45 (#440)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.44 to 1.16.45.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.44...1.16.45)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 09:22:52 +01:00
e6818faab1 build(deps): bump uvicorn from 0.13.2 to 0.13.3 (#441)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.2...0.13.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 09:22:42 +01:00
010e834149 root: update security.md 2020-12-29 21:34:34 +01:00
16d5e1d9ff release: 0.14.1-stable 2020-12-29 21:25:49 +01:00
765ae80698 providers/oauth2: fix error when creating RefreshToken 2020-12-29 21:22:49 +01:00
bbd0ff24d8 docs: add grafana integration docs 2020-12-29 20:43:27 +01:00
7a403613b2 Suggested changes (#434)
L112 - L115 is a suggestion I'm unsure of, but wanted to somehow improve it. Feel free to discard, but I still recommend signup>sign-up on L114 of origin.

On L124, the resulting webpage shows "Active- Directory" (note the space after the hyphen). Not sure how to fix this though.
2020-12-29 20:17:35 +01:00
4ad184a3fb build(deps-dev): bump @typescript-eslint/parser in /web (#439)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 14:53:40 +01:00
48d5f28e7a build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#438)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 14:43:30 +01:00
0cb48121b2 build(deps): bump boto3 from 1.16.43 to 1.16.44 (#436)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.43 to 1.16.44.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.43...1.16.44)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 13:41:19 +01:00
4194ffe2d4 build(deps): bump channels from 3.0.2 to 3.0.3 (#437)
Bumps [channels](https://github.com/django/channels) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/3.0.2...3.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 13:34:10 +01:00
4636fe7e64 Add migrate command to 0.14 docs. (#435) 2020-12-28 21:51:22 +01:00
182d714b16 docs: fix typo 2020-12-28 18:15:32 +01:00
540c22ce15 release: 0.14.0-stable 2020-12-28 17:49:45 +01:00
8c3008abce release: 0.14.0-rc2 2020-12-28 17:49:39 +01:00
8a22c86aaa release: 0.14.0-rc1 2020-12-28 17:49:35 +01:00
22ce142cb8 outposts: include protocol in outpost deployment ports 2020-12-28 17:21:02 +01:00
1a292feebb outposts: always check metadata on reconcile 2020-12-28 17:11:37 +01:00
09f4d812b3 outposts: set field_manager 2020-12-28 17:11:33 +01:00
2bab4ebfe8 core: fix library url pattern not matching SPA 2020-12-28 15:06:25 +01:00
a8647caca9 build(deps): bump @types/codemirror from 0.0.102 to 0.0.103 in /web (#433)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.102 to 0.0.103.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-28 14:32:57 +01:00
590597caf6 events: replace list view with SPA Page 2020-12-28 14:32:34 +01:00
7b43777b22 web: reset expanded rows on fetch 2020-12-28 14:04:07 +01:00
77861b52e3 web: fix search loading old results when using enter 2020-12-28 13:56:33 +01:00
5f9c1e229c root: return API dates as timestamp 2020-12-28 13:07:49 +01:00
119adb3e7b web: fix old default URL 2020-12-28 13:07:35 +01:00
5db38bd0b7 web: lazy-render expanded table 2020-12-28 13:07:20 +01:00
0e1587bc1a providers/oauth2: don't write authorization code to event log 2020-12-28 01:07:18 +01:00
dc16a8a4c9 providers/proxy: set proxy-size for nginx for larger response 2020-12-28 00:45:58 +01:00
a6d0c8c26c providers/saml: Metadata Import (#432)
* providers/saml: add basic metadata parser

* providers/saml: add importer for Singing certificate, validate signature, add tests

* providers/saml: add provider name to form,

* web: don't use trailing slash for spa URLs

* providers/saml: formatting fixes

* sources/*: add verbose_name to source serializers

* admin: add button launch import modal
2020-12-27 22:38:04 +01:00
5797a3743a docs: prepare 0.14 release 2020-12-27 22:16:31 +01:00
b7e43efb34 docs: use version-0.13 branch for 0.13 instructions 2020-12-27 22:11:53 +01:00
48df12d045 proxy: update to latest stable oauth2_proxy version 2020-12-27 20:14:08 +01:00
4fea0f5939 web: fix error when applications have no provider assigned 2020-12-27 19:40:50 +01:00
a7bdd63e4d web: make siteshell's loading be relative to parent 2020-12-27 19:36:30 +01:00
e216efb6ec providers/oauth2: create access tokens as JWT 2020-12-27 19:36:17 +01:00
378fe38b12 providers/oauth2: ensure response is URL fragment only when implicit or hybrid 2020-12-27 19:07:42 +01:00
ce9fb8801c providers/oauth2: ensure nonce is validated on all OIDC flows 2020-12-27 18:13:41 +01:00
67ca83c228 providers/oauth2: add c_hash field 2020-12-27 18:13:13 +01:00
ee2e737782 providers/oauth2: remove response_type field as spec doesn't require validation 2020-12-27 18:12:47 +01:00
b04c9a2098 providers/oauth2: check redirect_uri before request object 2020-12-27 17:15:36 +01:00
7f7b7e37c1 docs: rename upgrading to release notes 2020-12-27 15:35:58 +01:00
e7c96eb70d providers/oauth2: Make AuthorizeError's state parameter requireed 2020-12-27 15:33:29 +01:00
e8debce9c8 providers/oauth2: fix infinite loops when prompt=login 2020-12-27 15:23:26 +01:00
bcd0686a33 providers/oauth2: redirect back correctly with state on AuthorizationError 2020-12-27 15:22:53 +01:00
55322995a1 providers/oauth2: make iss field configurable 2020-12-27 15:02:12 +01:00
dff5eb69c8 providers/oauth2: fix token endpoint creating invalid token when no scopes are passed 2020-12-27 14:48:44 +01:00
b747022bc1 providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token 2020-12-27 14:33:51 +01:00
885fcff495 providers/oauth2: add grant_types_supported to discovery endpoint 2020-12-27 14:17:40 +01:00
5b18e28753 providers/oauth2: fix include_claims_in_id_token not being shown in form/API 2020-12-27 14:05:10 +01:00
9848c5f3eb providers/oauth2: implement discovery's scopes_supported better 2020-12-27 13:36:14 +01:00
fc98c3934a providers/*: implement configuration_error 2020-12-27 13:15:31 +01:00
7964061466 events: add configuration_error action 2020-12-27 13:11:38 +01:00
5f90f54195 stages/invitation: ensure created_by is set when creating from API 2020-12-27 13:11:28 +01:00
49eb568d3c stages/invitation: remove invitation_created signal as model_created functions the same 2020-12-27 13:00:52 +01:00
d47d9103c7 tests: fix e2e tests for redirect_uri errors 2020-12-27 13:00:05 +01:00
12cbe464fc web: fix table styling on mobile 2020-12-27 12:50:12 +01:00
d17b2b0d1b providers/oauth2: add request_parameter_supported 2020-12-27 12:18:23 +01:00
f17d809219 providers/oauth2: add scopes_supported to discovery endpoint 2020-12-26 21:18:16 +01:00
6c8e9fb553 providers/oauth2: add ACR support 2020-12-26 20:16:50 +01:00
43bb29e16a providers/oauth2: implement max_age param 2020-12-26 20:05:31 +01:00
29edbb0357 providers/oauth2: use auth_time from LOGIN event 2020-12-26 19:05:02 +01:00
12ae867759 providers/oauth2: redirect back on prompt=none error instead of showing message 2020-12-26 18:58:18 +01:00
a20ca9136b providers/oauth2: use in for prompt check 2020-12-26 18:53:47 +01:00
3759e96e7d providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in 2020-12-26 18:45:23 +01:00
480d882a82 policies: add pre_permission_check to PolicyAccessView for request validity checks 2020-12-26 18:43:45 +01:00
e5e1e3737d providers/oauth2: fix query using user model not dict 2020-12-26 18:20:34 +01:00
8dddcf891e providers/oauth2: fix "auth_time" being based on user.last_login 2020-12-26 18:11:29 +01:00
319104c39b providers/oauth2: improve error handling, ensure correct message is shown to user 2020-12-26 17:50:16 +01:00
a9336f069c flows: add diagrams (#415)
* flows: initial diagram implementation

* web: install flowchart.js, add flow diagram page

* web: adjust diagram colours for dark mode

* flows: add permission checks for diagram

* flows: fix formatting

* web: fix formatting for web

* flows: add fix when last stage has policy

* flows: add test for diagram

* web: flows/diagram: add support for light mode

* flows: make Flows's Diagram API return json, add more tests and fix swagger response
2020-12-26 17:05:11 +01:00
33f5169f36 core: fix formatting 2020-12-26 15:28:29 +01:00
4c690a20ef core: fix token update/delete not working 2020-12-26 01:23:34 +01:00
f68c8f7d90 core: fix User's token creation not working 2020-12-26 01:23:18 +01:00
95b56a0005 release: 0.13.5-stable 2020-12-26 00:52:42 +01:00
811c569b54 core: show multi-select notice for SelectMultiple Widgets 2020-12-26 00:43:40 +01:00
3ac3a8eebe core: fix error during migrations 2020-12-25 23:51:40 +01:00
6a5a243dac stages/invitation: fix optional field being required 2020-12-25 23:41:34 +01:00
3549a9ecdd docs: add notice about password stage to AD integration 2020-12-25 23:38:19 +01:00
ee916a68a4 stages/password: fix PasswordStageForm not showing backends 2020-12-25 23:34:26 +01:00
e9ca42cbb9 docs: point to ad integration in sources overview 2020-12-25 23:11:02 +01:00
692d577217 docs: remove arrow reference in ad integration 2020-12-25 23:10:53 +01:00
f192ee5052 core: fix anonymous user being included in User API 2020-12-25 22:42:53 +01:00
c95f8e8418 api: fix formatting 2020-12-24 16:26:01 +01:00
9549a7188b ci: fix branchName in PRs 2020-12-24 16:18:06 +01:00
4998ccbe41 root: update license 2020-12-24 16:01:55 +01:00
a56ddb2b8e release: 0.13.4-stable 2020-12-24 15:46:08 +01:00
3cc6b8ee38 root: use coloured icon for readme 2020-12-24 14:32:20 +01:00
927ab509a1 outposts: validate kubeconfig before saving 2020-12-24 13:23:19 +01:00
c85506f43c outposts: allow blank kubeconfig 2020-12-24 13:23:14 +01:00
4157a0780d core: make application's provider not required 2020-12-24 13:23:10 +01:00
79da2bf698 web: Table parity (#427)
* core: fix application API always being sorted by name

* web: add sorting to tables

* web: add search to TablePage

* core: add search to applications API

* core: add MetaNameSerializer

* *: fix signature for non-modal serializers

* providers/*: implement MetaNameSerializer

* web: implement full app list page, use as default in sidebar

* web: fix linting errors

* admin: remove old application list

* web: fix default sorting for application list

* web: fix spacing for search element in toolbar
2020-12-24 09:56:05 +01:00
c3e9168b46 build(deps): bump django-storages from 1.11 to 1.11.1 (#431)
Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.11 to 1.11.1.
- [Release notes](https://github.com/jschneier/django-storages/releases)
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jschneier/django-storages/compare/1.11...1.11.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-24 09:52:32 +01:00
d16838bbed build(deps): bump boto3 from 1.16.42 to 1.16.43 (#430)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.42 to 1.16.43.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.42...1.16.43)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-24 09:52:06 +01:00
6032efb67d root: use logo and screenshots from actual domain 2020-12-23 17:33:18 +01:00
322c6f01c2 build(deps): bump boto3 from 1.16.41 to 1.16.42 (#428)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.41 to 1.16.42.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.41...1.16.42)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-23 09:52:31 +01:00
71a58955f2 build(deps): bump docker from 4.4.0 to 4.4.1 (#429)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.0...4.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-23 09:52:07 +01:00
f035da440a web: fix sidebar being overlayed over modal backdrop 2020-12-22 20:30:46 +01:00
001de38d85 docs: add nextcloud docs 2020-12-22 20:09:15 +01:00
3ea39fe122 build(deps-dev): bump @typescript-eslint/parser in /web (#424)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-22 10:25:37 +01:00
7bfa217cae build(deps): bump boto3 from 1.16.40 to 1.16.41 (#426)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.40 to 1.16.41.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.40...1.16.41)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-22 09:34:02 +01:00
fdb9b45c51 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#425)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-22 09:33:44 +01:00
116375084c build(deps): bump boto3 from 1.16.39 to 1.16.40 (#419)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.39 to 1.16.40.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.39...1.16.40)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:53 +01:00
1fca1df9dc build(deps): bump uvicorn from 0.13.1 to 0.13.2 (#420)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.1...0.13.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:32 +01:00
4464ecc060 build(deps-dev): bump coverage from 5.3 to 5.3.1 (#421)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.3 to 5.3.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.3...coverage-5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:16 +01:00
1af4373d97 build(deps): bump codemirror from 5.58.3 to 5.59.0 in /web (#422)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.3 to 5.59.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.3...5.59.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:01 +01:00
28bbf5ac7f build(deps-dev): bump eslint from 7.15.0 to 7.16.0 in /web (#423)
Bumps [eslint](https://github.com/eslint/eslint) from 7.15.0 to 7.16.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.15.0...v7.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:07:47 +01:00
23f61e6b4f admin: fix policy test button in dark theme 2020-12-20 22:29:20 +01:00
db135a6dbc policies/expression: fix missing ak_logger 2020-12-20 22:18:13 +01:00
a4dc6d13b5 events: rename audit to events and use for more metrics (#397)
* events: rename audit to events

* policies/expression: log expression exceptions as event

* policies/expression: add ExpressionPolicy Model to event when possible

* lib/expressions: ensure syntax errors are logged too

* lib: fix lint error

* policies: add execution_logging field

* core: add property mapping tests

* policies/expression: add full test

* policies/expression: fix attribute name

* policies: add execution_logging

* web: fix imports

* root: update swagger

* policies: use dataclass instead of dict for types

* events: add support for dataclass as event param

* events: add special keys which are never cleaned

* policies: add tests for process, don't clean full cache

* admin: create event when new version is seen

* events: move utils to separate file

* admin: add tests for admin tasks

* events: add .set_user method to ensure users have correct attributes set

* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
4d88dcff08 web: expand sidebar by default on desktop, auto collapse 2020-12-20 19:26:30 +01:00
6a835ad192 policies: add simple test-case 2020-12-19 23:41:24 +01:00
efc849e760 policies/engine: Add sanity test to ensure result count matches policy count 2020-12-19 23:40:55 +01:00
e62333dfb3 web: use displyname in sidebar for user 2020-12-19 17:44:02 +01:00
e23afd18e4 release: 0.13.3-stable 2020-12-19 16:55:07 +01:00
c2a30b760a web: allow Sidebar to be opened on mobile (#417)
* web: initial sidebar trigger on mobile

* web: render hamburger button as overlay top right
2020-12-19 16:54:25 +01:00
6e24856d45 flows: fix redirect when un-authenticated user uses external authentication (#416)
* flows: add PLAN_CONTEXT_REDIRECT so final redirect can be set from within flow

* sources/*: use PLAN_CONTEXT_REDIRECT

* flows: fallback when flow plan is empty
2020-12-19 16:42:39 +01:00
98a58b74e3 core: ensure generic error template fills screen 2020-12-19 14:28:20 +01:00
5f3ab22bea providers/oauth2: fix incorrect background set on end session screen 2020-12-19 14:24:28 +01:00
1ed5d5da35 build(deps): bump @sentry/browser from 5.29.1 to 5.29.2 in /web (#413)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.29.1 to 5.29.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.1...5.29.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 09:58:34 +01:00
76193e0031 build(deps): bump boto3 from 1.16.38 to 1.16.39 (#412)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.38 to 1.16.39.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.38...1.16.39)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 09:44:54 +01:00
50109ca7ad build(deps): bump @sentry/tracing from 5.29.1 to 5.29.2 in /web (#414)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.29.1 to 5.29.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.1...5.29.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 09:44:33 +01:00
e4b66d991c release: 0.13.2-stable 2020-12-17 20:20:47 +01:00
68adc2d5a5 admin: fix warning during swagger generation 2020-12-17 19:49:35 +01:00
349a3a67d5 flows: use to_stage_response in _flow_done() 2020-12-17 19:34:15 +01:00
e1394207e7 flows: fix inconsistent behaviour when flow is empty 2020-12-17 19:22:24 +01:00
f265c1f10b admin: fix cache clean views erroring 2020-12-17 19:03:32 +01:00
1aecdc7f8f web: fix css for policy tertiary buttons and text on flow card 2020-12-17 14:31:45 +01:00
a18edaf62b build(deps): bump @sentry/tracing from 5.29.0 to 5.29.1 in /web (#411)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.29.0 to 5.29.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.0...5.29.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 11:41:19 +01:00
c91abe448c build(deps): bump celery from 5.0.4 to 5.0.5 (#407)
Bumps [celery](https://github.com/celery/celery) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.4...v5.0.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:46:11 +01:00
e531e52403 build(deps): bump django-storages from 1.10.1 to 1.11 (#408)
Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.10.1 to 1.11.
- [Release notes](https://github.com/jschneier/django-storages/releases)
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jschneier/django-storages/compare/1.10.1...1.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:45:58 +01:00
cae536fa65 build(deps): bump boto3 from 1.16.37 to 1.16.38 (#409)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.37 to 1.16.38.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.37...1.16.38)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:45:45 +01:00
316b15b8a9 build(deps): bump @sentry/browser from 5.29.0 to 5.29.1 in /web (#410)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.29.0 to 5.29.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.0...5.29.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:45:29 +01:00
e6ccd4fa76 web: fix file name casing 2020-12-17 00:18:24 +01:00
86aabba3ed web: fix file name casing 2020-12-17 00:18:03 +01:00
0b36aad5c8 admin: ensure clean_expired_models is called during tests 2020-12-17 00:17:20 +01:00
64d2a216f0 web: fix linting 2020-12-16 23:50:23 +01:00
a5e5e140d6 admin: add full api tests 2020-12-16 23:42:44 +01:00
29f98abd00 root: update swagger 2020-12-16 23:32:14 +01:00
7b5ce4e98a web: use colours for icons, move users to separate card 2020-12-16 23:28:04 +01:00
d7fa52ebf3 admin: remove old admin overview 2020-12-16 23:21:38 +01:00
2ffaa94825 web: fix typo 2020-12-16 23:08:40 +01:00
b80b2626a6 web: fix rendering of version 2020-12-16 23:08:35 +01:00
3b7bba5a62 web: make sure naming matches backend 2020-12-16 23:03:06 +01:00
2d9efe035e web: migrate admin overview cards to separate files 2020-12-16 23:00:32 +01:00
48438e28fd admin: separate overview API into WorkerAPI and VersionAPI 2020-12-16 22:53:53 +01:00
885a2f0a58 web: add flow and policy cache card 2020-12-16 22:30:37 +01:00
cf46ee06b7 api: create dedicated api for cached flows and policies 2020-12-16 22:18:36 +01:00
9e33b49d29 web: rewrite aggregate cards to separate components 2020-12-16 22:00:40 +01:00
1179ba4ef2 api: remove counters from overview api and allow filtering on object apis 2020-12-16 22:00:29 +01:00
3c12c8b3ff core: make Provider SerializerModel 2020-12-16 21:38:40 +01:00
4d22659b6e web: re-organise sidebar 2020-12-16 16:04:11 +01:00
2c0709eeee web: render SidebarItem from the item 2020-12-16 16:04:02 +01:00
c24d1b6b84 outposts: fix incorrect timeout for state cache 2020-12-16 12:14:34 +01:00
040e148a73 release: 0.13.1-stable 2020-12-16 11:26:15 +01:00
b85d550ee0 build(deps-dev): bump pytest from 6.2.0 to 6.2.1 (#405)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.0...6.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-16 09:15:14 +01:00
ce95139d66 build(deps): bump boto3 from 1.16.36 to 1.16.37 (#404)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.36 to 1.16.37.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.36...1.16.37)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-16 09:14:58 +01:00
46436a5780 build(deps): bump @types/chart.js from 2.9.28 to 2.9.29 in /web (#406)
Bumps [@types/chart.js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chart.js) from 2.9.28 to 2.9.29.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chart.js)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-16 09:14:43 +01:00
835a9aaaf2 outposts: fix circular import 2020-12-16 00:00:36 +01:00
42005e7def outposts: ensure all Service Connection state updates are done by the task 2020-12-15 23:39:52 +01:00
d9956e1e9c outpost: fix invalid incluster config causing Outpost Service Connection list to fail 2020-12-15 21:17:33 +01:00
4b1e73251a root: fix messages showing for all sessions of a user 2020-12-15 15:19:15 +01:00
736dbdca33 build(deps-dev): bump @rollup/plugin-typescript in /web (#401)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/eslint-v8.0.0...typescript-v8.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 10:54:31 +01:00
789b8e5d3e build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#402)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.10.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 10:28:11 +01:00
074b55f66b build(deps): bump boto3 from 1.16.35 to 1.16.36 (#398)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.35 to 1.16.36.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.35...1.16.36)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:52 +01:00
d9bc5ea4d1 build(deps): bump rollup from 2.34.2 to 2.35.1 in /web (#399)
Bumps [rollup](https://github.com/rollup/rollup) from 2.34.2 to 2.35.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.2...v2.35.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:42 +01:00
716bb9f188 build(deps): bump @patternfly/patternfly from 4.65.6 to 4.70.2 in /web (#400)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.65.6 to 4.70.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.65.6...prerelease-v4.70.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:30 +01:00
dd496619a2 build(deps-dev): bump @typescript-eslint/parser in /web (#403)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.10.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:04 +01:00
51d07f7913 proxy: output JSON logs 2020-12-14 19:41:32 +01:00
5c4163579b root: fix application icons now showing with docker-compose 2020-12-14 19:32:48 +01:00
5a73413d58 web: fix brand not showing on firefox 2020-12-14 19:26:02 +01:00
51a5d4bf49 docs: fix issues when overscrolling 2020-12-14 14:16:00 +01:00
8bbb854073 root: make docker-compose database name and username configurable 2020-12-14 12:27:33 +01:00
9f2e9e8444 release: 0.13.0-stable 2020-12-14 11:20:47 +01:00
a3d361f500 outposts: fix controller not using token.key 2020-12-14 11:03:49 +01:00
e9bb583b32 providers/proxy: ensure pb_proxy is deleted and ak_proxy is created 2020-12-14 10:47:49 +01:00
efccf47c83 build(deps): bump packaging from 20.7 to 20.8 (#388)
Bumps [packaging](https://github.com/pypa/packaging) from 20.7 to 20.8.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.7...20.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:07:23 +01:00
a5b144cf8f build(deps): bump boto3 from 1.16.34 to 1.16.35 (#391)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.34 to 1.16.35.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.34...1.16.35)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:07:12 +01:00
afc5a17fc2 build(deps): bump github.com/recws-org/recws in /proxy (#394)
Bumps [github.com/recws-org/recws](https://github.com/recws-org/recws) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/recws-org/recws/releases)
- [Commits](https://github.com/recws-org/recws/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:06:59 +01:00
b3e0884b2e build(deps-dev): bump eslint-plugin-lit from 1.2.4 to 1.3.0 in /web (#396)
Bumps [eslint-plugin-lit](https://github.com/43081j/eslint-plugin-lit) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/43081j/eslint-plugin-lit/releases)
- [Commits](https://github.com/43081j/eslint-plugin-lit/compare/v1.2.4...v1.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:06:34 +01:00
078d648551 build(deps): bump uvicorn from 0.13.0 to 0.13.1 (#390)
* build(deps): bump uvicorn from 0.13.0 to 0.13.1

Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.0...0.13.1)

Signed-off-by: dependabot[bot] <support@github.com>

* root: remove asgi workaround when websocket is closed during connect

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-14 10:05:07 +01:00
41f9097592 build(deps-dev): bump pytest from 6.1.2 to 6.2.0 (#389)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.1.2 to 6.2.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.1.2...6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:53:18 +01:00
562175741c build(deps): bump github.com/getsentry/sentry-go in /proxy (#392)
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.7.0 to 0.9.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.7.0...v0.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:52:56 +01:00
24e24cb97e build(deps-dev): bump typescript from 4.1.2 to 4.1.3 in /web (#395)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:52:40 +01:00
69b0a23a7d build(deps-dev): bump bandit from 1.6.3 to 1.7.0 (#387)
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.3 to 1.7.0.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.3...1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:11:24 +01:00
f0f3245388 root: fix links to docs 2020-12-14 00:45:02 +01:00
99ca0d1f9f helm: fix missing /media/ route 2020-12-14 00:11:49 +01:00
c9f0d048a8 release: 0.13.0-rc4 2020-12-13 23:40:07 +01:00
90a94b5e3e root: fix paths for XML Schema files 2020-12-13 23:40:01 +01:00
ae1a8842db providers/oauth2: start adding tests for OAuthAuthorizationParams 2020-12-13 23:14:35 +01:00
a3b17d1ed4 admin: add tests for hidden form fields 2020-12-13 23:14:18 +01:00
41576e27be tests/integration: continue even if ssl can't be cleaned up 2020-12-13 21:51:59 +01:00
07082cb3aa tests/integration: add tests for Docker outpost using TLS connection 2020-12-13 21:30:33 +01:00
426cb33fab outposts: remove unused views 2020-12-13 21:25:05 +01:00
9e4f840d2d api: add token tests 2020-12-13 20:38:56 +01:00
e120d274e9 lib: fix sentry tests not running 2020-12-13 20:38:50 +01:00
977d3f6ef9 stages/user_write: add test that attributes without prefix are ignored 2020-12-13 20:38:43 +01:00
ecdbc917a5 admin: add api tests 2020-12-13 20:38:21 +01:00
0083cd55df sources/oauth: start adding tests for types 2020-12-13 20:03:34 +01:00
d380194e13 */saml: test against SAML Schema 2020-12-13 19:53:16 +01:00
32f5d5ba72 recovery: add test for invalid key 2020-12-13 18:46:36 +01:00
e818416863 policies/password: add invalid test case 2020-12-13 18:43:17 +01:00
7eed70cfe9 policies/hibp: add invalid test case 2020-12-13 18:42:59 +01:00
ea6ca23f57 lib: add tests for sentry integration 2020-12-13 18:41:47 +01:00
f056b026d6 lib: test edgecase for timedelta_from_string 2020-12-13 18:35:51 +01:00
1c0a6efeb1 flows/exporter: remove dead code since no stage is PolicyBindingModel 2020-12-13 18:25:30 +01:00
17732eea08 flows: add test for PLAN_CONTEXT_PENDING_USER_IDENTIFIER 2020-12-13 18:23:19 +01:00
aa5381fd59 flows: add tests case for reevaluate marker that keeps the stage 2020-12-13 18:07:11 +01:00
ffee86fcf3 crypto: simplify api/forms key validation 2020-12-13 18:06:52 +01:00
7ff7398aff admin: add tests for binding creation forms with invalid target 2020-12-13 18:06:34 +01:00
67925a39f2 web: fix source icons missing from static container 2020-12-13 17:50:30 +01:00
3b5e1c7b34 core: cleanup channels code, fix error when server side close 2020-12-13 17:46:34 +01:00
3e49acf7ae outposts: regularly ensure that all outposts have a valid service account and token 2020-12-13 17:10:56 +01:00
76764c4374 web: fix background for readonly inputs 2020-12-13 15:19:28 +01:00
9f6f8e1b55 outposts: update keys in outpost config 2020-12-13 15:15:20 +01:00
9590180c6c docs: update changelog 2020-12-13 12:41:42 +01:00
aef5c60a7b release: 0.13.0-rc3 2020-12-13 00:57:36 +01:00
d4c9c667c9 tests: fix URLs to use user-details instead of user-settings 2020-12-13 00:48:46 +01:00
96f0d582f0 core: load user detail form in an inner SiteShell so update doesn't reload entire page 2020-12-13 00:18:36 +01:00
7e8702a71e web: fix user detail form not working 2020-12-13 00:03:37 +01:00
1524061480 web: only auto-update slug when slug and name are already in sync 2020-12-12 23:45:47 +01:00
434922f702 web: make most client/network errors ignored by sentry 2020-12-12 23:32:55 +01:00
d2862ddc93 lifecycle: clean full redis as part of system migration 2020-12-12 23:30:49 +01:00
6e55431d4c stages/*: fix redirects not pointing to user_settings 2020-12-12 23:14:07 +01:00
01548c5e9c stages/*: fix links opening in SiteShell 2020-12-12 23:14:02 +01:00
bf1dae2dbe helm: make imagePullPolicy configurable 2020-12-12 23:13:58 +01:00
59c93defcf release: 0.13.0-rc2 2020-12-12 21:50:10 +01:00
a2a1a27502 web: fix icons not being included in static container 2020-12-12 21:49:00 +01:00
e3227e7d54 core: remove remaining references to old font 2020-12-12 21:41:12 +01:00
1f4a8fffdb docs: fix minor markdown and syntax errors 2020-12-12 21:30:05 +01:00
86b1183883 helm: bump version in readme 2020-12-12 21:27:05 +01:00
f781f4848c ci: fix release not depending on proxy build 2020-12-12 21:10:13 +01:00
19824d693c core: fix permission check for applications API 2020-12-12 21:00:35 +01:00
0694b911a4 docs: add changelog for 0.13 2020-12-12 21:00:23 +01:00
71e7a03f71 release: 0.13.0-rc1 2020-12-12 20:47:10 +01:00
0a874c98cb web: cleanup messages implementation (#386)
* web: rebuild messages without template objects

* web: show error message when ws connection fails

* web: show error message when siteshell page not found

* web: fix spinner size for loading

* web: fix linting error
2020-12-12 20:46:02 +01:00
488e8f769a web: remove policy bindings page (#370)
* admin: accept ?target for PolicyBindingCreateView

* core: fix rendering of hidden fields in horizontal form

* web: add create button for application's bound policies

* admin: fix delete form not working

* web: fix ak-refresh event not being dispatched correctly

* web: fix linting errors

* admin: fix tests not loading

* build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)

Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)

Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)

Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for new bandit version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add header to bound-policies

* web: fix spacing between bulk_select buttons

* web: add separate ak-bound-policies-list, add flow view page

* web: fix flows' policies not loading

* Squashed commit of the following:

commit e535cb0ec8
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Dec 10 09:58:07 2020 +0100

    build(deps): bump boto3 from 1.16.32 to 1.16.33 (#383)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.32 to 1.16.33.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.32...1.16.33)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 8c1f55d3e3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 09:06:45 2020 +0100

    build(deps): bump boto3 from 1.16.31 to 1.16.32 (#382)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.31 to 1.16.32.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.31...1.16.32)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit c3a2cb44cd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 09:06:29 2020 +0100

    build(deps): bump celery from 5.0.3 to 5.0.4 (#380)

    Bumps [celery](https://github.com/celery/celery) from 5.0.3 to 5.0.4.
    - [Release notes](https://github.com/celery/celery/releases)
    - [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
    - [Commits](https://github.com/celery/celery/compare/v5.0.3...v5.0.4)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 682401bbf2
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 07:20:45 2020 +0100

    build(deps): bump uvicorn from 0.12.3 to 0.13.0 (#381)

    Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.3 to 0.13.0.
    - [Release notes](https://github.com/encode/uvicorn/releases)
    - [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/encode/uvicorn/compare/0.12.3...0.13.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 3e6e167348
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 10:32:00 2020 +0100

    build(deps-dev): bump @typescript-eslint/parser in /web (#377)

    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.0 to 4.9.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/parser)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit d08c1b7b02
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 10:31:47 2020 +0100

    build(deps): bump @sentry/browser from 5.28.0 to 5.29.0 in /web (#378)

    Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
    - [Release notes](https://github.com/getsentry/sentry-javascript/releases)
    - [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 94d70d252c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:37 2020 +0100

    build(deps): bump boto3 from 1.16.30 to 1.16.31 (#375)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.30 to 1.16.31.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.30...1.16.31)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ccfe746dd5
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:28 2020 +0100

    build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#376)

    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.0 to 4.9.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/eslint-plugin)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ef5dffa96a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:16 2020 +0100

    build(deps): bump @sentry/tracing from 5.28.0 to 5.29.0 in /web (#379)

    Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
    - [Release notes](https://github.com/getsentry/sentry-javascript/releases)
    - [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2caa1e7650
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 11:21:07 2020 +0100

    build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

    * build(deps-dev): bump bandit from 1.6.2 to 1.6.3

    Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
    - [Release notes](https://github.com/PyCQA/bandit/releases)
    - [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

    Signed-off-by: dependabot[bot] <support@github.com>

    * root: update for new bandit version

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>

commit 2246f3a534
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 10:26:01 2020 +0100

    build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)

    Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
    - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
    - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 95ba00cb79
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 09:09:49 2020 +0100

    build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)

    Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
    - [Release notes](https://github.com/rollup/rollup/releases)
    - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2ab4d6620f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 09:09:24 2020 +0100

    build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)

    Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
    - [Release notes](https://github.com/eslint/eslint/releases)
    - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* web: fix linting error

* web: simplify sidebar logic

* web: add support for multiple active matchers per sidebar item

* web: move router to elements

* flows: add stage_obj to flows api

* sources/*: make all sources implement SerializerModel

* web: improve listing of stages

* web: implement expandable table

* web/table: use TemplateResult as return value for row()

* web: add empty state, fix link for BoundStageList

* admin: make stage binding form accept ?target like policy binding

* web: fix styles in dark mode for expanding tables

* flows: add policybindingmodel_ptr_id to FlowStageBinding API

* web: improve wording for policies

* web: fix dark theme for tertiary buttons and static modals

* web: implement SourceViewPage

* web: add empty state for BoundPoliciesList

* web: cleanup URLs for FlowStageBindings

* root: remove url attribute from ak-messages

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-12 19:39:09 +01:00
e6a776be07 build(deps): bump sentry-sdk from 0.19.4 to 0.19.5 (#384)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.4 to 0.19.5.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.4...0.19.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-11 10:28:38 +01:00
4fd1dafd82 build(deps): bump boto3 from 1.16.33 to 1.16.34 (#385)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.33 to 1.16.34.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.33...1.16.34)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-11 09:19:45 +01:00
e535cb0ec8 build(deps): bump boto3 from 1.16.32 to 1.16.33 (#383)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.32 to 1.16.33.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.32...1.16.33)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-10 09:58:07 +01:00
8c1f55d3e3 build(deps): bump boto3 from 1.16.31 to 1.16.32 (#382)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.31 to 1.16.32.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.31...1.16.32)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-09 09:06:45 +01:00
c3a2cb44cd build(deps): bump celery from 5.0.3 to 5.0.4 (#380)
Bumps [celery](https://github.com/celery/celery) from 5.0.3 to 5.0.4.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.3...v5.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-09 09:06:29 +01:00
682401bbf2 build(deps): bump uvicorn from 0.12.3 to 0.13.0 (#381)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.12.3...0.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-09 07:20:45 +01:00
3e6e167348 build(deps-dev): bump @typescript-eslint/parser in /web (#377)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:32:00 +01:00
d08c1b7b02 build(deps): bump @sentry/browser from 5.28.0 to 5.29.0 in /web (#378)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:31:47 +01:00
94d70d252c build(deps): bump boto3 from 1.16.30 to 1.16.31 (#375)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.30 to 1.16.31.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.30...1.16.31)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 09:02:37 +01:00
ccfe746dd5 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#376)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 09:02:28 +01:00
ef5dffa96a build(deps): bump @sentry/tracing from 5.28.0 to 5.29.0 in /web (#379)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 09:02:16 +01:00
2caa1e7650 build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for new bandit version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-07 11:21:07 +01:00
2246f3a534 build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 10:26:01 +01:00
95ba00cb79 build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)
Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 09:09:49 +01:00
2ab4d6620f build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)
Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 09:09:24 +01:00
01482d8468 tests: fix images being pulled from dockerhub, again 2020-12-06 21:23:57 +01:00
45c4469d47 tests: fix images being pulled from dockerhub 2020-12-06 20:47:12 +01:00
8a526ad452 root: use proxy for e2e tests 2020-12-06 19:52:26 +01:00
773943e044 web: fix htmlFromString not working 2020-12-06 18:40:25 +01:00
c0166aec20 web: fix RouteMatch erroring when arguments are given 2020-12-06 18:40:11 +01:00
c03754abec web: dark mode (#368)
* web: initial dark mode

* web: re-fix sidebar colour in dark mode

* web: fix dark mode for user settings

* web: fix dark mode for flows

* core: match delete template's footer with generic form

* admin: show app icon in app list
2020-12-06 18:02:04 +01:00
3487c41ce0 build(deps-dev): bump django-debug-toolbar from 3.1.1 to 3.2 (#363)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.1.1 to 3.2.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.1.1...3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 18:01:15 +01:00
d4d4a4ab94 build(deps): bump boto3 from 1.16.28 to 1.16.30 (#366)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.28 to 1.16.30.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.28...1.16.30)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 17:18:15 +01:00
05d87a2314 build(deps): bump celery from 5.0.2 to 5.0.3 (#362)
Bumps [celery](https://github.com/celery/celery) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.2...v5.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 17:18:04 +01:00
5b83c5a191 build(deps): bump rollup from 2.34.0 to 2.34.1 in /web (#365)
Bumps [rollup](https://github.com/rollup/rollup) from 2.34.0 to 2.34.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.0...v2.34.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-12-06 17:08:29 +01:00
867e161f32 tests: fix proxy pipeline (#367)
* tests: retry on WebDriverException

* tests: remove debug statements
2020-12-06 16:17:51 +01:00
ff15514d5b stages/identification: add show_matched_user to optionally hide user details 2020-12-06 13:12:32 +01:00
58497bb63f web: fix /users/me/ endpoint being called multiple times 2020-12-06 12:38:19 +01:00
e0bc4f1da5 lifecycle: fix outpost service connections not being migrated 2020-12-06 12:22:51 +01:00
1cfe1aff13 wip: rename to authentik (#361)
* root: initial rename

* web: rename custom element prefix

* root: rename external functions with pb_ prefix

* root: fix formatting

* root: replace domain with goauthentik.io

* proxy: update path

* root: rename remaining prefixes

* flows: rename file extension

* root: pbadmin -> akadmin

* docs: fix image filenames

* lifecycle: ignore migration files

* ci: copy default config from current source before loading last tagged

* *: new sentry dsn

* tests: fix missing python3.9-dev package

* root: add additional migrations for service accounts created by outposts

* core: mark system-created service accounts with attribute

* policies/expression: fix pb_ replacement not working

* web: fix last linting errors, add lit-analyse

* policies/expressions: fix lint errors

* web: fix sidebar display on screens where not all items fit

* proxy: attempt to fix proxy pipeline

* proxy: use go env GOPATH to get gopath

* lib: fix user_default naming inconsistency

* docs: add upgrade docs

* docs: update screenshots to use authentik

* admin: fix create button on empty-state of outpost

* web: fix modal submit not refreshing SiteShell and Table

* web: fix height of app-card and height of generic icon

* web: fix rendering of subtext

* admin: fix version check error not being caught

* web: fix worker count not being shown

* docs: update screenshots

* root: new icon

* web: fix lint error

* admin: fix linting error

* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00
810a7ab50b proxy: backport fix of proxy pipeline 2020-12-04 09:59:59 +01:00
3b12de23ff ci: fix mismatched docker tags being used 2020-12-02 22:41:53 +01:00
12f788661c web: add empty state for library page, add more helpers 2020-12-02 22:14:28 +01:00
6164db5a18 root: attempt to build static image without django's collectstatic (#360)
* root: attempt to build static image without django's collectstatic

* web: move static dockerfile to /web

* web: fix dockerfile path

* web: improve image size by not copying node_modules
2020-12-02 21:23:07 +01:00
c17623323a web: further cleanup, more linting 2020-12-02 15:44:40 +01:00
05aeeafacc flows: fix header/footer moving around on login template when card changes size 2020-12-02 15:07:19 +01:00
dc4a7d98e8 web: fix SidebarUser not rendering 2020-12-02 14:45:19 +01:00
cc5a0c23aa flows: allow uploading of custom flow backgrounds, update default flow background 2020-12-02 14:40:05 +01:00
821458373d web: remove sidebar items from sidebar class, add admin-interface 2020-12-02 13:56:28 +01:00
832a3dda41 web: fix spinner size for site-shell 2020-12-02 11:19:56 +01:00
728befbda8 build(deps): bump boto3 from 1.16.25 to 1.16.28 (#357)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.25 to 1.16.28.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.25...1.16.28)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 11:19:47 +01:00
a77c3f73cc build(deps): bump @sentry/browser from 5.27.6 to 5.28.0 in /web (#358)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.27.6 to 5.28.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.27.6...5.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 11:19:00 +01:00
ebae03c399 build(deps): bump @sentry/tracing from 5.27.6 to 5.28.0 in /web (#359)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.27.6 to 5.28.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.27.6...5.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 10:13:41 +01:00
ffa4ac7efa build(deps): bump django-model-utils from 4.1.0 to 4.1.1 (#355)
Bumps [django-model-utils](https://github.com/jazzband/django-model-utils) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/jazzband/django-model-utils/releases)
- [Changelog](https://github.com/jazzband/django-model-utils/blob/master/CHANGES.rst)
- [Commits](https://github.com/jazzband/django-model-utils/compare/4.1.0...4.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 10:13:28 +01:00
16373d2143 build(deps): bump django from 3.1.3 to 3.1.4 (#356)
Bumps [django](https://github.com/django/django) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.3...3.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 08:28:03 +01:00
1779b4d888 web: more admin overview components 2020-12-01 22:42:11 +01:00
b218ded241 api: move events to Audit API 2020-12-01 22:16:50 +01:00
8c8ff4643a web: improve file structure, separate routes from outlet 2020-12-01 17:41:27 +01:00
e6391b64f0 web: update to new formatting rules, make eslint warnings fail ci 2020-12-01 17:27:19 +01:00
7195b77606 web: fix web pipeline not running 2020-12-01 14:59:25 +01:00
add7ecc7aa core: update library url to fix e2e tests 2020-12-01 14:57:22 +01:00
bce75dc047 web: fix formatting mostly, add pipeline 2020-12-01 13:59:59 +01:00
71fbb23a2f web: add placeholder config, fix sizing of sidebar brand 2020-12-01 13:20:54 +01:00
7bb26b5903 web: add more cards to overview 2020-12-01 12:41:37 +01:00
93bfe60369 api: allow setting of page size 2020-12-01 11:58:14 +01:00
93bf977709 web: start implementing admin overview page 2020-12-01 10:21:04 +01:00
760dca0f76 web: fix django not being defined as global 2020-12-01 09:53:14 +01:00
a777ecc933 web: start implementing translation in JS 2020-12-01 09:47:22 +01:00
0231bcf685 web: switch to eslint 2020-12-01 09:47:22 +01:00
a312ad2ad1 web: add TablePage 2020-12-01 09:47:21 +01:00
8e25970c01 build(deps): bump dacite from 1.5.1 to 1.6.0 (#353)
Bumps [dacite](https://github.com/konradhalas/dacite) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/konradhalas/dacite/releases)
- [Changelog](https://github.com/konradhalas/dacite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/konradhalas/dacite/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-01 09:47:11 +01:00
b1c4d0c716 build(deps-dev): bump @rollup/plugin-typescript in /web (#354)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 6.1.0 to 8.0.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v6.1.0...eslint-v8.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-01 08:31:59 +01:00
43c391aa1c docs: move dev setup to docs site, fix docs header 2020-11-30 13:12:56 +01:00
2a0b4c8f14 web: remove dist from git 2020-11-30 12:50:08 +01:00
1193608631 web: port library page to clientside, router performance improvements 2020-11-30 12:34:26 +01:00
775d80de6d build(deps): bump rollup from 2.33.3 to 2.34.0 in /web (#352)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.3 to 2.34.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.3...v2.34.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-30 09:13:37 +01:00
05f8f92082 build(deps): bump django-model-utils from 4.0.0 to 4.1.0 (#351)
Bumps [django-model-utils](https://github.com/jazzband/django-model-utils) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/jazzband/django-model-utils/releases)
- [Changelog](https://github.com/jazzband/django-model-utils/blob/master/CHANGES.rst)
- [Commits](https://github.com/jazzband/django-model-utils/compare/4.0.0...4.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-30 09:13:21 +01:00
f7022dd11f web: sort components into folders, implement pagination for table 2020-11-29 22:14:48 +01:00
606e32603e api: improve pagination to show relevant data used for interface 2020-11-29 22:14:03 +01:00
5c5adfcccc admin: fix rendering of FileInput 2020-11-29 19:40:28 +01:00
0a2c0464df proxy: send proxy version in user-agent header 2020-11-29 19:01:15 +01:00
902953a2c7 admin: add use spinner button for admin lists 2020-11-29 18:46:45 +01:00
a8dad2e393 web: add sentry, add spinner button as base for action button 2020-11-29 18:10:20 +01:00
2417d5a59e policies: add policy_obj to Binding API 2020-11-29 13:57:40 +01:00
66b3635648 web: allow setting of querystring arguments with API Client, update table 2020-11-29 13:57:40 +01:00
7f821c484c build(deps): bump lxml from 4.6.1 to 4.6.2 (#350)
Bumps [lxml](https://github.com/lxml/lxml) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.6.1...lxml-4.6.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-28 23:19:58 +01:00
f51acb97a9 tests: fix docker proxy missing for single test 2020-11-28 21:29:11 +01:00
c4db907a50 build(deps-dev): bump prettier from 2.2.0 to 2.2.1 in /web (#348)
Bumps [prettier](https://github.com/prettier/prettier) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.2.0...2.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-28 20:46:08 +01:00
5650bd2d4c build(deps): bump packaging from 20.4 to 20.7 (#349)
Bumps [packaging](https://github.com/pypa/packaging) from 20.4 to 20.7.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.4...20.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-28 20:45:55 +01:00
9466f91466 root: move webapp to /web (#347)
* root: move webapp to /web

* root: fix static build

* root: fix static files not being served for e2e tests
2020-11-28 19:43:42 +01:00
127ffbd456 root: fix linting error 2020-11-27 21:00:47 +01:00
2fbf06a1aa root: fix formatting, update swagger 2020-11-27 18:42:22 +01:00
55f2ae5d08 static: start implementing Application View page 2020-11-27 18:37:56 +01:00
47fe867803 root: add more API methods 2020-11-27 18:37:45 +01:00
28980d932a static: update ts formatting 2020-11-26 23:42:58 +01:00
1e640fac76 static: rewrite tabs to not use hash and render in shadow root 2020-11-26 23:31:56 +01:00
c7b6eac33d static: rewrite API Fetching to make API Version upgrades easier 2020-11-26 22:37:41 +01:00
f83087d04d static: cleanup messages, improve reconnect 2020-11-26 21:55:03 +01:00
14ab9bbd05 static: fetch messages which were created when the user arrives/leaves the page 2020-11-26 18:16:50 +01:00
a91d0ddc6c static: backoff retrying to connect to ws 2020-11-26 18:04:24 +01:00
89400b4ea4 root: save messages to session as backup 2020-11-26 17:57:46 +01:00
afcbe24ff5 static: add websocket support for messages, move console.log to debug 2020-11-26 17:23:29 +01:00
9c00c86e9b root: add Channels Message Storage and consumer 2020-11-26 17:12:00 +01:00
7efed56acc static: add multiple active paths to sidebar 2020-11-26 16:06:44 +01:00
81a2c3992a static: start implementing new application page 2020-11-26 15:55:01 +01:00
feabd38173 static: add argument support to Router and add RouteMatch 2020-11-26 13:58:45 +01:00
1432f0648f core: fix applications API not being same format as other APIs 2020-11-26 13:31:09 +01:00
04f876af7b build(deps): bump docker from 4.3.1 to 4.4.0 (#344)
* build(deps): bump docker from 4.3.1 to 4.4.0

Bumps [docker](https://github.com/docker/docker-py) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.3.1...4.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

* outposts: fix both network_mode and ports being set during tests

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-11-26 11:25:06 +01:00
2449c63d0a build(deps): bump @types/codemirror in /passbook/static/static (#346)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.99 to 0.0.100.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-26 09:58:48 +01:00
c738ea573c tests/e2e: fix logic error 2020-11-25 12:41:13 +01:00
987b3a47d0 build(deps): bump @types/codemirror in /passbook/static/static (#343)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.98 to 0.0.99.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-25 11:42:19 +01:00
4dd397d9d9 build(deps): bump boto3 from 1.16.23 to 1.16.25 (#345)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.23 to 1.16.25.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.23...1.16.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-25 11:24:37 +01:00
5973f8bbca lib: fix bad_request_message for new error template 2020-11-24 23:35:04 +01:00
43f27c2401 static: make SiteShell redirect when request > 400 2020-11-24 23:06:27 +01:00
7c73d2c2fb static: improve router, add redirect support 2020-11-24 23:02:10 +01:00
3f67da8f54 core: improve error page 2020-11-24 22:46:50 +01:00
afbecadba0 static: improve ModalButton performance by using manual redirects 2020-11-24 12:49:56 +01:00
2de4023d43 root: fix asgi formatting 2020-11-24 12:36:54 +01:00
6573d2e8f6 docs: update screenshots 2020-11-24 11:51:46 +01:00
bc412466b2 static: formatting 2020-11-24 11:50:49 +01:00
7a481396c6 root: fix incorrect MEDIA_URL 2020-11-24 11:50:27 +01:00
7f40c89ade root: fix KeyError in ASGI 2020-11-24 11:50:17 +01:00
3c0f640b48 static: fix link to logout in sidebar 2020-11-23 21:47:03 +01:00
2f6ba42ce3 static: align microsoft icon with other icons 2020-11-23 21:45:57 +01:00
aa8589d377 stages/identification: fix icons not showing on firefox 2020-11-23 21:44:58 +01:00
cb2bad0a36 static: add polyfill for firefox for CSS 2020-11-23 21:41:23 +01:00
665839133f Application Icon upload (#341)
* core: add initial implementation for File Upload

* root: add volumes to docker-compose for file upload

* helm: add pvc for uploads

* core: allow meta_icon to be overwritten with static files
2020-11-23 20:50:19 +01:00
91e9f176a5 proxy: revert to original command (#342) 2020-11-23 19:49:36 +01:00
1a64edb89f proxy: fix call to swagger generate 2020-11-23 19:04:24 +01:00
6874265f94 proxy: fix permissions for swagger install 2020-11-23 18:14:00 +01:00
9889dedcac proxy: install swagger via apt 2020-11-23 18:11:22 +01:00
275ac587a1 static: remove fixed branding 2020-11-23 18:08:35 +01:00
2f43b5b5ec Merge pull request #338 from BeryJu/ui-improvements
Migrate to SPA
2020-11-23 18:02:07 +01:00
416b2c60a1 static: improve organisation of UI files 2020-11-23 16:55:58 +01:00
b39bee7a30 static: include full FA in router-outlet 2020-11-23 16:46:28 +01:00
9714e5583d static: move passbook.css to src folder 2020-11-23 16:42:03 +01:00
bef25929a7 Merge branch 'master' into ui-improvements 2020-11-23 14:40:36 +01:00
34f54a96cf tests: update e2e tests for SPA 2020-11-23 14:24:42 +01:00
401359a73f static: fix sidebar header login when request isnt finished 2020-11-23 12:32:01 +01:00
88f1cbb29c static: use config API for index, add static index.html 2020-11-23 11:50:38 +01:00
bd9bce4c9b api: add API for config used in SPA 2020-11-23 11:49:09 +01:00
49c7ab701e build(deps): bump boto3 from 1.16.22 to 1.16.23 (#340)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.22 to 1.16.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.22...1.16.23)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 10:37:16 +01:00
35db60f2c8 build(deps): bump uvicorn from 0.12.2 to 0.12.3 (#339)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.2 to 0.12.3.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.12.2...0.12.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 08:00:22 +01:00
c0fd3e79bc ci: fix e2e tests not running in python 3.9 2020-11-23 00:38:25 +01:00
8a54014a13 root: fix broken links in readme 2020-11-23 00:21:11 +01:00
3cfe144394 static: fix behaviour on initial load when no route is given 2020-11-22 23:48:34 +01:00
5da8caf0d4 *: fix remaining redirects to overview 2020-11-22 23:45:51 +01:00
c26d928eb0 core: make impersonation's redirect return to shell 2020-11-22 23:40:49 +01:00
02d4118f73 core: fix token list's copy not working 2020-11-22 23:40:36 +01:00
d97b2bf503 core: fix impersonation notice being shown twice 2020-11-22 23:39:40 +01:00
2a50e36027 static: fix hash not changing when invalid route is chosen 2020-11-22 23:26:19 +01:00
eff3208ff7 static: fix icon baseline on headers 2020-11-22 22:57:08 +01:00
551aff9455 core: fix token list not operating in modals 2020-11-22 22:24:31 +01:00
22b4757971 admin: add pb-token-copy-button 2020-11-22 22:24:22 +01:00
fa004876e9 *: fix formatting 2020-11-22 22:14:36 +01:00
d5e34bb71d static: fix colours not changing on ActionButton 2020-11-22 22:10:55 +01:00
e0dbeca657 static: add TokenCopyButton for token lists, improve colours on buttons 2020-11-22 22:06:00 +01:00
1b6bd5b997 outposts: update modal to pb-modal-button 2020-11-22 21:43:36 +01:00
a340378ce1 providers/oauth2: update modal to pb-modal-button 2020-11-22 21:39:05 +01:00
962f7d5f5c providers/saml: update modal to pb-modal-button 2020-11-22 21:38:47 +01:00
a10404f34b static: make ModalButton work with non-URL content 2020-11-22 21:35:52 +01:00
ed72595ae0 static: fix codemirror css not being loaded 2020-11-22 21:25:58 +01:00
82dd597881 *: remove use of FilteredSelectMultiple 2020-11-22 21:13:03 +01:00
0c2d46e0af static: fix modal scrolling not working 2020-11-22 21:04:09 +01:00
8b11616cf8 static: fix pb-aggregate card not being styled 2020-11-22 20:54:05 +01:00
4b4a49bc66 static: fix sidebar paths 2020-11-22 20:50:30 +01:00
b770508d68 static: fix backdrop for modals 2020-11-22 20:45:38 +01:00
8934a0d4f0 static: remove backdrop's overlay colour 2020-11-22 20:33:04 +01:00
fcf763ed3e *: rewrite user settings to use a single page 2020-11-22 20:30:26 +01:00
be8cc77086 static: fix link for property mappings 2020-11-22 20:26:44 +01:00
ffea308480 static: make site-shell not rely on hash 2020-11-22 19:58:20 +01:00
c9712facf3 core: fix ShellView not being login only 2020-11-22 19:43:25 +01:00
07773ed934 static: add elements for sidebar brand and sidebar user 2020-11-22 19:37:09 +01:00
3c311ca527 core: add avatars to user api 2020-11-22 19:36:40 +01:00
bc02fb04f8 static: improve brand layout on sidebar 2020-11-22 13:55:13 +01:00
37979291b5 static: re-add backdrop, format 2020-11-22 13:48:39 +01:00
49899a9ceb admin: add refresh button to audit and tasks list 2020-11-22 13:45:47 +01:00
bc2113a935 static: show admin categories only when user is superuser 2020-11-22 13:43:41 +01:00
eb9df38e92 static: fix ActionButton not working 2020-11-22 13:43:24 +01:00
372e51ee07 static: add navbar items to sidebar 2020-11-22 13:13:45 +01:00
30bf4f5747 core: migrate shell to core, remove navbar 2020-11-22 13:13:19 +01:00
ef2b8cf802 static: fix modal close icon not loading 2020-11-22 01:08:56 +01:00
c455a9a6b6 static: fix text being center when in pb-dropdown 2020-11-22 01:03:19 +01:00
7dac6841fb static: add RouterOutlet, render sidebar clientside 2020-11-22 00:30:26 +01:00
a8669ffe40 root: fix paths for static docker build 2020-11-21 21:59:05 +01:00
1ed392c53c static: fix sidebar active not working with search/pagination 2020-11-21 21:23:40 +01:00
4bd433d69e static: fix search redirecting entire page 2020-11-21 21:22:25 +01:00
f3010726d6 admin: fix template syntax error 2020-11-21 21:04:42 +01:00
812d699fd6 static: fix spinner not being on top of elements 2020-11-21 21:04:32 +01:00
e32cbec072 admin: fix pagination redirecting full page 2020-11-21 20:59:20 +01:00
1cb227305c static: format code 2020-11-21 20:48:49 +01:00
e42ad3f659 static: improve structure and cleanup 2020-11-21 20:47:19 +01:00
6a2ae67c31 static: fix flow-shell-card not working correctly 2020-11-21 20:43:05 +01:00
aa1b99204a static: migrate slug to ts 2020-11-21 19:22:53 +01:00
6681289a5a admin: migrate overview data-target modals 2020-11-21 19:10:05 +01:00
322ad0890a static: use dist folder 2020-11-21 18:34:45 +01:00
b849b2aef3 static: add code-mirror widget 2020-11-21 18:32:34 +01:00
92c0ad4154 admin: fix error when creating password-reset link 2020-11-21 16:23:39 +01:00
49397cef70 admin: add .pb-root-link for AdminSiteShell for links that should not be modified 2020-11-21 16:23:23 +01:00
517b811a99 admin: add shell view 2020-11-21 16:16:59 +01:00
6bdcbfbf0e admin: update lists to use modal button 2020-11-21 16:16:34 +01:00
b555c151dc static: close modal on escape key 2020-11-21 15:24:45 +01:00
12f211d07d admin: implement sidebar is-active on clientside 2020-11-21 14:03:02 +01:00
277f960113 static: add refresh button, ensure forms in modal work correctly
closes #262
2020-11-21 12:27:19 +01:00
aa6eacaf6b Merge branch 'master' into ui-improvements
# Conflicts:
#	passbook/static/static/package.json
2020-11-21 11:30:18 +01:00
80866f00f4 admin/shell: add loading animation 2020-11-21 11:28:11 +01:00
59e7d9b81e static: rewrite modal to use shadowroot and import css 2020-11-21 11:28:00 +01:00
d6d91c8180 build(deps): bump codemirror in /passbook/static/static (#335)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.2 to 5.58.3.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.2...5.58.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-21 01:19:26 +01:00
d10d645c02 build(deps): bump rollup in /passbook/static/static (#337)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.2 to 2.33.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.2...v2.33.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-21 00:27:32 +01:00
a2c7921c1f admin: migrate login stats chart to web component 2020-11-20 23:42:14 +01:00
582dfface9 static: add admin shell to improve admin experience 2020-11-20 22:46:05 +01:00
592f2cc558 admin: use pb-dropdown component for dropdowns 2020-11-20 22:15:46 +01:00
1e1a002ab2 static: rewrite custom components to typescript 2020-11-20 22:13:09 +01:00
ba2bd4fdaf build(deps): bump boto3 from 1.16.20 to 1.16.22 (#333)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.20 to 1.16.22.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.20...1.16.22)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-20 22:05:11 +01:00
9a407dcc5a build(deps): bump sentry-sdk from 0.19.3 to 0.19.4 (#334)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.3 to 0.19.4.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.3...0.19.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-20 18:51:29 +01:00
f8c720f8cd build(deps): bump @patternfly/patternfly in /passbook/static/static (#336)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.59.1 to 4.65.6.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.59.1...prerelease-v4.65.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-20 17:06:11 +01:00
9c3bc4eb38 tests: move integration tests into separate folder, add separate pipeline task 2020-11-19 14:35:43 +01:00
0a8d4eecae outposts: add docker TLS authentication and verification 2020-11-19 13:10:18 +01:00
120f5f2e44 build(deps): bump boto3 from 1.16.19 to 1.16.20 (#332)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.19 to 1.16.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.19...1.16.20)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-18 12:43:41 +01:00
e99812a6f5 build(deps): bump boto3 from 1.16.18 to 1.16.19 (#331)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.18 to 1.16.19.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.18...1.16.19)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-17 14:11:21 +01:00
1c5fedb177 build(deps): bump rollup in /passbook/static/static (#330)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.1 to 2.33.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.1...v2.33.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-16 15:24:41 +01:00
8cc063ded2 lib: add @patch decorator to config for unittests 2020-11-16 12:48:53 +01:00
5faafbbca6 root: ensure manual loggers also have timestamp 2020-11-16 01:41:33 +01:00
dda1217735 root: include pytest config in dockerfile for github tests 2020-11-16 00:41:40 +01:00
d21f187673 outposts: make docker image prefix configurable 2020-11-16 00:36:42 +01:00
8a105cf5a0 release: 0.12.11-stable 2020-11-16 00:21:56 +01:00
9e384df79e static: adjust sizing of icon in navbar 2020-11-15 22:57:33 +01:00
c0bfd32d39 root: update remaining paths for static files 2020-11-15 22:46:14 +01:00
7be680cbe5 Migrate to Docusaurus (#329)
* docs: initial migration to docusaurus

* website: add custom font, update blurbs and icons

* website: update splash

* root: update links to docs

* flows: use .pbflow extension so docusaurus doesn't mangle the files

* e2e: workaround prospector

* Squashed commit of the following:

commit 1248585dca
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Sun Nov 15 20:46:53 2020 +0100

    e2e: attempt to fix prospector error again

commit 1319c480c4
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Sun Nov 15 20:41:35 2020 +0100

    ci: install previous python version for upgrade testing

* web: update accent colours and format

* website: format markdown files

* website: fix colours for text

* website: switch to temporary accent colour to improve readability

* flows: fix path for TestTransferDocs

* flows: fix formatting of tests
2020-11-15 22:42:02 +01:00
93bf8eaa82 root: fix useless supressions 2020-11-15 21:02:15 +01:00
1248585dca e2e: attempt to fix prospector error again 2020-11-15 20:46:53 +01:00
1319c480c4 ci: install previous python version for upgrade testing 2020-11-15 20:41:35 +01:00
1911e8e3a9 e2e: fix linting error 2020-11-15 19:31:42 +01:00
4198c5363f proxy: bump dependencies 2020-11-15 16:35:46 +01:00
207aae15a8 root: add missing libraries for static docker container 2020-11-15 16:17:25 +01:00
50531b8a36 root: upgrade to python3.9 2020-11-15 16:15:01 +01:00
e5e4824920 */saml: fully migrate to xmlsec, remove signxml dependency 2020-11-15 15:20:56 +01:00
085247e2dc ci: fix apt install for libxmlsec1 2020-11-15 01:05:20 +01:00
f766594ab0 build(deps): bump urllib3 from 1.25.11 to 1.26.2 (#327)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.11 to 1.26.2.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.11...1.26.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-13 17:42:44 +01:00
d1e469e282 build(deps): bump boto3 from 1.16.16 to 1.16.17 (#328)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.16 to 1.16.17.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.16...1.16.17)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-13 11:44:14 +01:00
79e4500827 build(deps): bump sentry-sdk from 0.19.2 to 0.19.3 (#326)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.2 to 0.19.3.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.2...0.19.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-13 06:55:47 +01:00
42702fa96a root: fix missing libxmlsec1-dev pkg-config packages 2020-11-12 19:38:58 +01:00
9deb3ad80f sources/saml: make signature and digest of SAML Source configurable 2020-11-12 12:02:57 +01:00
9877ef99c4 */saml: fix creation and validation of detached signatures 2020-11-12 11:59:07 +01:00
c304b40e1b providers/saml: improve verification for detached signatures 2020-11-12 11:58:51 +01:00
f0e6d6f417 root: fix asgi import order 2020-11-12 11:58:51 +01:00
54de5c981e providers/saml: fix signatures being required 2020-11-12 11:58:51 +01:00
a446775fe2 build(deps): bump boto3 from 1.16.15 to 1.16.16 (#325)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.15 to 1.16.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.15...1.16.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-12 11:57:23 +01:00
7393d8720b new release: 0.12.10-stable 2020-11-11 14:54:29 +01:00
287cb72d6f root: fix websockets not working correctly 2020-11-11 14:51:26 +01:00
c5eff4bdd6 outposts: fix selection of outpost's service connection not showing name 2020-11-11 14:34:43 +01:00
e9a33ed8ab root: fix exclusion in dockerignore 2020-11-11 14:24:43 +01:00
875173a86e outposts: fix migration error 2020-11-11 14:10:15 +01:00
df7642b365 build(deps): bump boto3 from 1.16.14 to 1.16.15 (#324)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.14 to 1.16.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.14...1.16.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-11 09:54:19 +01:00
3bc1c0aa8b build(deps): bump channels from 3.0.1 to 3.0.2 (#322)
Bumps [channels](https://github.com/django/channels) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/3.0.1...3.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-10 23:41:29 +01:00
8951f5695e build(deps): bump boto3 from 1.16.13 to 1.16.14 (#323)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.13 to 1.16.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.13...1.16.14)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 21:50:42 +01:00
7401278707 new release: 0.12.9-stable 2020-11-10 20:15:06 +01:00
e99f6e289b outposts: fix kubernetes ApiClient not being used 2020-11-09 10:45:08 +01:00
07da6ffa69 build(deps): bump boto3 from 1.16.12 to 1.16.13 (#321)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.12 to 1.16.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.12...1.16.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-09 10:17:56 +01:00
dc18730094 static: add tabs component 2020-11-08 22:43:46 +01:00
a202679bfb crypto: fix "Could not deserialize key data." with empty private key 2020-11-08 22:43:35 +01:00
1edcda58ba providers/saml: add verification_kp when verifying assertions against certificates without private key 2020-11-08 22:24:54 +01:00
5cb7f0794e outposts: periodically update state of service connection, show state in UI 2020-11-08 21:31:27 +01:00
7e8e3893eb outposts: save state of outposts 2020-11-08 21:02:52 +01:00
e91e286ebc build(deps): bump djangorestframework from 3.12.1 to 3.12.2 (#318)
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.12.1...3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-06 17:28:09 +01:00
ef4a115b61 build(deps): bump boto3 from 1.16.11 to 1.16.12 (#319)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.11 to 1.16.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.11...1.16.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-06 16:17:53 +01:00
b79b73f5c6 build(deps): bump boto3 from 1.16.10 to 1.16.11 (#316)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.10 to 1.16.11.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.10...1.16.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 11:13:48 +01:00
056e3ed15b build(deps): bump channels from 3.0.0 to 3.0.1 (#317)
Bumps [channels](https://github.com/django/channels) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/3.0.0...3.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 08:07:23 +01:00
fb5e210af8 outposts: add handler for e2e tests when schema is updated already 2020-11-04 15:36:31 +01:00
e5e2615f15 outposts: fix unittests 2020-11-04 14:56:35 +01:00
6c72a9e2e8 providers/proxy: fix k8s integration tests 2020-11-04 14:02:29 +01:00
c04d0a373a admin: add views for outpost service-connections 2020-11-04 13:35:41 +01:00
bd74e518a7 outposts: add *ServiceConnection API 2020-11-04 11:05:40 +01:00
3b76af4eaa outposts: fix defaults and tests for outposts 2020-11-04 10:57:06 +01:00
706448dc14 outposts: initial service connection implementation 2020-11-04 10:41:18 +01:00
34793f7cef core: adjust timeout of backup task's caching 2020-11-03 22:53:58 +01:00
ba96c9526e proxy: don't use sentry for proxy server 2020-11-03 12:12:21 +01:00
617432deaa build(deps): bump boto3 from 1.16.9 to 1.16.10 (#310)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.9 to 1.16.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.9...1.16.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 11:37:29 +01:00
36bf2be16d build(deps): bump celery from 5.0.1 to 5.0.2 (#313)
Bumps [celery](https://github.com/celery/celery) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.1...v5.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 11:37:18 +01:00
912ed343e6 build(deps): bump pycryptodome from 3.9.8 to 3.9.9 (#314)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.9.8 to 3.9.9.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.9.8...v3.9.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 11:27:32 +01:00
2e15df295a build(deps): bump sentry-sdk from 0.19.1 to 0.19.2 (#311)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.1...0.19.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 10:25:10 +01:00
eaab3f62cb build(deps): bump rollup in /passbook/static/static (#312)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.0 to 2.33.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.0...v2.33.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 10:24:58 +01:00
aa615b0fd6 build(deps): bump django from 3.1.2 to 3.1.3 (#315)
Bumps [django](https://github.com/django/django) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.2...3.1.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 09:49:06 +01:00
b775f2788c build(deps): bump channels from 2.4.0 to 3.0.0 (#309)
* build(deps): bump channels from 2.4.0 to 3.0.0

Bumps [channels](https://github.com/django/channels) from 2.4.0 to 3.0.0.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/2.4.0...3.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for channels 3

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-11-02 10:26:26 +01:00
9c28db3d89 build(deps): bump boto3 from 1.16.8 to 1.16.9 (#307)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.8 to 1.16.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.8...1.16.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-02 09:19:04 +01:00
67360bd6e9 build(deps): bump rollup in /passbook/static/static (#308)
Bumps [rollup](https://github.com/rollup/rollup) from 2.32.1 to 2.33.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.32.1...v2.33.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-02 09:18:39 +01:00
4f6f8c7cae build(deps): bump boto3 from 1.16.7 to 1.16.8 (#305)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.7 to 1.16.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.7...1.16.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 10:59:15 +01:00
3b82ad798b build(deps): bump channels-redis from 3.1.0 to 3.2.0 (#304)
Bumps [channels-redis](https://github.com/django/channels_redis) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/django/channels_redis/releases)
- [Changelog](https://github.com/django/channels_redis/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels_redis/compare/3.1.0...3.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 09:45:05 +01:00
8827f06ac1 build(deps): bump signxml from 2.8.0 to 2.8.1 (#306)
Bumps [signxml](https://github.com/kislyuk/signxml) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/kislyuk/signxml/releases)
- [Changelog](https://github.com/XML-Security/signxml/blob/develop/Changes.rst)
- [Commits](https://github.com/kislyuk/signxml/compare/v2.8.0...v2.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 09:15:19 +01:00
251672a67d new release: 0.12.8-stable 2020-10-29 22:37:53 +01:00
4ffc0e2a08 docs: update proxy docs 2020-10-29 22:12:13 +01:00
4e1808632d proxy: add support for additionalHeaders 2020-10-29 22:09:53 +01:00
791627d3ce proxy: remove unused code 2020-10-29 21:46:26 +01:00
f3df3a0157 providers/proxy: add sticky sessions to ingress 2020-10-29 17:25:51 +01:00
6aaae53a19 proxy: use host not hostname to match header 2020-10-29 17:25:39 +01:00
4d84f6d598 outposts: ensure permissions are updated when a related object is saved 2020-10-29 17:25:29 +01:00
4e2349b6d9 build(deps): bump boto3 from 1.16.5 to 1.16.7 (#303)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.5 to 1.16.7.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.5...1.16.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-29 15:35:56 +01:00
cd57b8f7f3 build(deps): bump drf-yasg2 from 1.19.3 to 1.19.4 (#302)
Bumps [drf-yasg2](https://github.com/JoelLefkowitz/drf-yasg) from 1.19.3 to 1.19.4.
- [Release notes](https://github.com/JoelLefkowitz/drf-yasg/releases)
- [Changelog](https://github.com/JoelLefkowitz/drf-yasg/blob/master/docs/changelog.rst)
- [Commits](https://github.com/JoelLefkowitz/drf-yasg/compare/1.19.3...1.19.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-29 12:14:11 +01:00
40b1fc06b0 build(deps): bump @patternfly/patternfly in /passbook/static/static (#301)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.50.4 to 4.59.1.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.50.4...prerelease-v4.59.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-10-29 09:21:39 +01:00
02fa217e28 build(deps-dev): bump pytest from 6.1.1 to 6.1.2 (#300)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.1.1...6.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-29 09:21:09 +01:00
6652514358 lib: improve error ignore list 2020-10-28 19:00:11 +01:00
dcd3dc9744 lib: ensure tasks don't expire 2020-10-28 18:53:39 +01:00
d6afdc575e new release: 0.12.7-stable 2020-10-27 11:36:46 +01:00
287b38efee e2e: don't use proxy for quay 2020-10-27 10:30:08 +01:00
e805fb62fb e2e: use docker proxy for test images 2020-10-27 09:50:06 +01:00
c92dda77f1 build(deps): bump boto3 from 1.16.4 to 1.16.5 (#299)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.4...1.16.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 09:45:58 +01:00
f12fd78822 stages/user_login: replace usage of -1 with 0 2020-10-27 00:31:22 +01:00
caba183c9b static: fix class name of FlowShellCard 2020-10-27 00:30:55 +01:00
3aeaa121a3 root: add dockerfile to dependabot 2020-10-27 00:30:42 +01:00
a9f3118a7d docs: add home-assistant integration docs 2020-10-26 22:14:51 +01:00
054b819262 stages/user_login: use timedelta_string_validator instead of seconds 2020-10-26 22:03:27 +01:00
6b3411f63b root: fix permission denied error for backups 2020-10-26 21:12:20 +01:00
6a8000ea0d root: ensure traefik logs are json 2020-10-26 18:39:49 +01:00
352d4db0d7 e2e: add NoSuchElementException to @retry 2020-10-26 17:57:01 +01:00
4b665cfb8f static: fix FlowShellCard not returning the response 2020-10-26 11:00:37 +01:00
4e12003944 api: remove authentication fallback for pre-0.12 proxies 2020-10-26 11:00:19 +01:00
6bfd465855 static: improve error handling for FlowShellCard to prevent infinite spinners 2020-10-26 10:52:13 +01:00
e8670aa693 build(deps): bump codemirror in /passbook/static/static (#295)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.1 to 5.58.2.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.1...5.58.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-26 10:35:47 +01:00
5263e750b1 build(deps): bump boto3 from 1.16.3 to 1.16.4 (#296)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.3 to 1.16.4.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.3...1.16.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-26 10:35:24 +01:00
a2a9d73296 build(deps): bump django-otp from 1.0.1 to 1.0.2 (#297)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.1...v1.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-26 08:31:24 +01:00
6befc9d627 helm: re-disable redis clustering 2020-10-23 20:45:21 +02:00
73497a27cc new release: 0.12.6-stable 2020-10-23 18:42:29 +02:00
f3098418f2 core: fix backup task not being registered, add fallback for api to remove info on ImportError
celery only discovers tasks from installed apps, which `lib` is not, hence the schedule didn't trigger it
2020-10-23 18:32:28 +02:00
a5197963b2 build(deps-dev): bump pytest-django from 4.0.0 to 4.1.0 (#293)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.0.0...v4.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-23 09:38:49 +02:00
e4634bcc78 build(deps): bump boto3 from 1.16.2 to 1.16.3 (#294)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.2 to 1.16.3.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.2...1.16.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-23 08:01:43 +02:00
74da44a6a9 helm: add readme, general cleanup 2020-10-22 17:25:30 +02:00
3324473cd0 new release: 0.12.5-stable 2020-10-22 14:22:32 +02:00
39d8038533 e2e: Fix @retry decorator not truncating database 2020-10-22 14:05:29 +02:00
bbcf58705f lib: add configurable avatars, set to none mode for tests 2020-10-22 14:03:31 +02:00
7b5a0964b2 outposts: handle docker connection error on init 2020-10-22 12:50:06 +02:00
8eca76e464 root: fix docker permission error 2020-10-22 11:54:23 +02:00
fb9ab368f8 root: fix typo in docker-compose 2020-10-22 11:30:53 +02:00
877279b2ee build(deps): bump rollup in /passbook/static/static (#292)
Bumps [rollup](https://github.com/rollup/rollup) from 2.32.0 to 2.32.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.32.0...v2.32.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-22 11:30:03 +02:00
301be4b411 build(deps): bump boto3 from 1.16.1 to 1.16.2 (#291)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.1 to 1.16.2.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.1...1.16.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-22 08:05:29 +02:00
728f527ccb build(deps): bump drf-yasg2 from 1.19.2 to 1.19.3 (#290)
Bumps [drf-yasg2](https://github.com/JoelLefkowitz/drf-yasg) from 1.19.2 to 1.19.3.
- [Release notes](https://github.com/JoelLefkowitz/drf-yasg/releases)
- [Changelog](https://github.com/JoelLefkowitz/drf-yasg/blob/master/docs/changelog.rst)
- [Commits](https://github.com/JoelLefkowitz/drf-yasg/compare/1.19.2...1.19.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-21 09:51:39 +02:00
3f1c790b1d build(deps): bump boto3 from 1.16.0 to 1.16.1 (#289)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.0...1.16.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-21 09:12:13 +02:00
b00573bde2 new release: 0.12.4-stable 2020-10-20 22:31:31 +02:00
aeee3ad7f9 e2e: add @retry decorator to make e2e tests more reliable 2020-10-20 18:51:17 +02:00
ef021495ef flows: revert evaluate_on_call rename for backwards compatibility 2020-10-20 15:41:50 +02:00
061eab4b36 docs: fix keys for example flows 2020-10-20 15:14:41 +02:00
870e01f836 flows: rename re_evaluate_policies to evaluate_on_call, add evaluate_on_plan 2020-10-20 15:06:36 +02:00
e2ca72adf0 stages/user_login: only show successful login message at login stage 2020-10-20 12:11:59 +02:00
395ef43eae policies/expression: fix ip_network not being imported by default 2020-10-20 12:05:56 +02:00
a4cc653757 new release: 0.12.3-stable 2020-10-20 10:24:45 +02:00
db4ff20906 outposts: fix service using incorrect pod selector 2020-10-20 10:18:05 +02:00
1f0fbd33b6 build(deps): bump urllib3 from 1.25.10 to 1.25.11 (#287)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.10 to 1.25.11.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.10...1.25.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-20 10:17:46 +02:00
5de8d2721e build(deps): bump uvicorn from 0.12.1 to 0.12.2 (#286)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.1 to 0.12.2.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.12.1...0.12.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-20 10:09:37 +02:00
0d65da9a9e build(deps): bump boto3 from 1.15.18 to 1.16.0 (#288)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.18 to 1.16.0.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.18...1.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-20 09:34:55 +02:00
4316ee4330 root: implement db backups with monitored task, update docs 2020-10-19 22:17:47 +02:00
2ed9a1dbe3 */tasks: update phrasing 2020-10-19 21:35:31 +02:00
8e03824d20 lib: always set task's UID, even for unexpected errors 2020-10-19 21:30:21 +02:00
754dbdd0e5 outpost: fix logs for kubernetes controller 2020-10-19 21:29:58 +02:00
e13d348315 new release: 0.12.2-stable 2020-10-19 19:36:36 +02:00
169f3ebe5b outposts: fix logger again 2020-10-19 18:52:17 +02:00
f8ad604e85 outposts: add more tests 2020-10-19 17:47:51 +02:00
774b9c8a61 outposts: update kubernetes controller to use pk as identifier instead of name 2020-10-19 17:39:12 +02:00
d8c522233e outposts: fix outpost mangling log output 2020-10-19 16:54:11 +02:00
82d50f7eaa outposts: fix list showing questionmark when only one outpost is registered 2020-10-19 16:34:16 +02:00
1c426c5136 outposts: trigger deployment re-create when selector changes 2020-10-19 16:21:39 +02:00
d6e14cc551 proxy: show version on startup 2020-10-19 16:21:13 +02:00
c3917ebc2e lifecycle: fix formatting 2020-10-19 16:13:45 +02:00
7203bd37a3 outposts: replace migration with string backup handler 2020-10-19 16:04:38 +02:00
597188c7ee lifecycle: fix migration trying to load all classes 2020-10-19 15:55:16 +02:00
ac4c314042 new release: 0.12.1-stable 2020-10-19 15:30:27 +02:00
05866d3544 providers/proxy: fix creation of ingress 2020-10-19 15:06:50 +02:00
6596bc6034 helm: fix permissions for ingresses in networking 2020-10-19 14:55:14 +02:00
c6661ef4d2 lifecycle: add migration to 0.12 which removes old outpost state from cache 2020-10-19 14:35:38 +02:00
386e23dfac core: fix api signature for view_key 2020-10-19 14:35:22 +02:00
5d7220ca70 helm: fix keys for s3 backup 2020-10-19 14:30:44 +02:00
5de0d03acf new release: 0.12.0-stable 2020-10-19 12:15:25 +02:00
b0cc91f343 ci: disable code-ql while django check is broken 2020-10-19 12:15:17 +02:00
029a78f108 build(deps): bump sentry-sdk from 0.19.0 to 0.19.1 (#285)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.0...0.19.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 12:02:33 +02:00
3f4a8dc4f6 docs: update example helm values file 2020-10-19 11:31:36 +02:00
32f6ba6302 ci: install python3.8 for code ql 2020-10-19 11:12:57 +02:00
8da0b14f29 docs: update to-012 2020-10-19 11:12:57 +02:00
83eb4aff02 build(deps): bump rollup in /passbook/static/static (#282)
Bumps [rollup](https://github.com/rollup/rollup) from 2.31.0 to 2.32.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.31.0...v2.32.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 11:12:46 +02:00
927d02f591 build(deps): bump celery from 5.0.0 to 5.0.1 (#279)
Bumps [celery](https://github.com/celery/celery) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.0...v5.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 11:12:34 +02:00
d04afcd6d0 build(deps): bump chart.js in /passbook/static/static (#283)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 2.9.3 to 2.9.4.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v2.9.3...v2.9.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 10:44:05 +02:00
89c6db66fd build(deps): bump drf-yasg2 from 1.18.5 to 1.19.2 (#284)
Bumps [drf-yasg2](https://github.com/JoelLefkowitz/drf-yasg) from 1.18.5 to 1.19.2.
- [Release notes](https://github.com/JoelLefkowitz/drf-yasg/releases)
- [Changelog](https://github.com/JoelLefkowitz/drf-yasg/blob/master/docs/changelog.rst)
- [Commits](https://github.com/JoelLefkowitz/drf-yasg/compare/1.18.5...1.19.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 10:43:52 +02:00
e6ffa65a7e build(deps): bump lxml from 4.5.2 to 4.6.1 (#280)
Bumps [lxml](https://github.com/lxml/lxml) from 4.5.2 to 4.6.1.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.5.2...lxml-4.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 08:38:58 +02:00
8a2f982a77 admin: fix html of overview 2020-10-19 00:46:31 +02:00
16cf6315e3 docs: add active directory docs 2020-10-18 23:03:46 +02:00
1d85874f41 stages/user_write: don't update session hash after password change when impersonating 2020-10-18 22:58:05 +02:00
ff64182ae8 stages/prompt: skip password equality check when previous checks failed 2020-10-18 22:54:40 +02:00
a9ee67bf2d sources/ldap: adjust order or fields in form 2020-10-18 22:39:13 +02:00
e87d52a76b providers/proxy: implement Ingress diff checking 2020-10-18 21:34:45 +02:00
8b09cf55a2 root: upgrade to traefik 2.3 2020-10-18 18:48:19 +02:00
0203d20759 providers/proxy: add traefik labels to outposts deployed with docker integration 2020-10-18 17:46:20 +02:00
7861e2e0bd provider/proxy: add K8s ingress support 2020-10-18 17:13:44 +02:00
ad29d54bbf outposts: simplify k8s controller add more extensibility 2020-10-18 17:09:02 +02:00
c698ba37d9 core: add ability for users to create tokens 2020-10-18 15:42:16 +02:00
6a53069653 *: make generic template's base parameterised 2020-10-18 15:35:27 +02:00
152b2d863d api: add fallback for proxies < 0.12 which send authorization without b64 2020-10-18 15:14:00 +02:00
ee670d5e19 core: add key field to token for easier rotation 2020-10-18 14:34:22 +02:00
36e095671c proxy: fix WS Authorization Header being sent with the wrong format 2020-10-18 14:04:12 +02:00
1088b947a8 audit: remove duplicate date column, add search 2020-10-17 22:26:35 +02:00
c4a30c50ac stages/consent: add fallback template 2020-10-17 18:18:29 +02:00
2831df45a0 docs: add note about high cpu usage of proxy 2020-10-17 17:06:57 +02:00
ee5bac099f outposts: fix migration not having access to token property 2020-10-17 17:06:08 +02:00
69f7b41044 e2e: use dockercontroller to test proxy 2020-10-17 17:03:10 +02:00
f9cede7b31 proxy: add random reload offset for HA 2020-10-17 16:48:53 +02:00
903cdeaa7f proxy: fix high CPU when websocket not connected 2020-10-17 16:44:53 +02:00
e909e7fa8a outposts: kill container on down 2020-10-17 16:33:38 +02:00
bee38551f3 outposts: fix tokens without identifier not loading in the UI 2020-10-17 16:33:23 +02:00
c0ec6388df outposts: give container time to boot when newly created 2020-10-16 23:38:46 +02:00
8f08836885 outposts: ensure log is also written to stdout 2020-10-16 23:36:59 +02:00
dd0d7e7481 root: switch from drf-yasg to drf_yasg2 and up rest_framework 2020-10-16 23:32:35 +02:00
25d0ac6534 ci: bump pyright version 2020-10-16 22:29:59 +02:00
971713d1aa outposts: call controller.down on outpost pre_delete 2020-10-16 22:27:00 +02:00
5135d828b4 outposts: rename run to up, add down method for deleting 2020-10-16 22:22:15 +02:00
b2c571bf1b helm: add service account for controller, add option to enable it 2020-10-16 21:55:24 +02:00
6b1d30d230 outposts: improve logging from k8s controller 2020-10-16 21:31:55 +02:00
3454760731 *: ensure TaskResult uid is slugified to prevent URL errors 2020-10-16 21:31:12 +02:00
96846220c3 outposts: trigger reconcile on save 2020-10-16 21:08:35 +02:00
a4f5678144 docs: update admin screenshot 2020-10-16 20:26:09 +02:00
a18baa3cb3 static: simplify Message update trigger 2020-10-16 20:13:57 +02:00
dfedd4a7f1 admin: improve overview, re-add links
closes #270
2020-10-16 20:07:56 +02:00
897f64600a static: dynamically add messages instead of replacing 2020-10-16 19:22:44 +02:00
c6eb015d18 static: fix shell card missing on small screens 2020-10-16 19:13:39 +02:00
54088239ab sources/ldap: fix MonitoredTask not using uid 2020-10-16 16:43:40 +02:00
aa9c7a6567 flow: re-add FlowShell as Web Component 2020-10-16 16:36:18 +02:00
6c0c12c90a static: fix messages update only working once 2020-10-16 16:30:38 +02:00
c49b57ad1d stages/email: fix make_msgid call 2020-10-16 16:07:59 +02:00
2339e855bb *: Improve MonitoredTasks' error capture 2020-10-16 16:00:24 +02:00
bdc019c7cf outposts: skip post_save during migrations and unittests 2020-10-16 15:58:28 +02:00
5e2fb6d56e static: replace server-side alerts with webcomponent 2020-10-16 15:26:51 +02:00
3b9524cdfc *: ensure unittests wait on tasks 2020-10-16 14:53:14 +02:00
7154f19668 admin: fix task list not being sorted 2020-10-16 14:53:00 +02:00
8fedd9ec07 stages/email: Implement MonitoredTask, but only for failed emails 2020-10-16 14:31:01 +02:00
4ac87d8739 sources/saml: Implement MonitoredTask 2020-10-16 14:30:44 +02:00
e4f45eba0a policies/reputation: implement MonitoredTask 2020-10-16 14:20:41 +02:00
4b3e0f0f96 sources/ldap: implement MonitoredTask 2020-10-16 14:20:07 +02:00
482da81522 admin: add button to retry task 2020-10-16 14:10:27 +02:00
c5226fd0e8 admin: add API to list tasks and schedule retry 2020-10-16 14:10:11 +02:00
7806cff96f lib: save task's call arguments for manual retry 2020-10-16 13:35:40 +02:00
fa504e4bf9 outposts: pass outpost reference instead of PK, implement TaskResult.uid 2020-10-16 12:54:52 +02:00
86cfb10b9b outposts: implement .run_wuth_logs() which returns logs, add task monitoring 2020-10-16 11:38:49 +02:00
f6b8171624 outposts: improve controller error handling 2020-10-16 11:31:31 +02:00
91ce7f7363 root: implement monitored tasks 2020-10-16 11:28:54 +02:00
17060238f0 build(deps): bump rollup in /passbook/static/static (#278)
Bumps [rollup](https://github.com/rollup/rollup) from 2.30.0 to 2.31.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.30.0...v2.31.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-16 10:01:01 +02:00
c392c2a74b build(deps): bump boto3 from 1.15.16 to 1.15.17 (#277)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.16 to 1.15.17.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.16...1.15.17)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-16 09:39:12 +02:00
8cbaec8ba8 build(deps): bump kubernetes from 11.0.0 to 12.0.0 (#276)
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 11.0.0 to 12.0.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-client/python/compare/v11.0.0...v12.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-15 09:40:27 +02:00
4750f8c653 ci: fix typo 2020-10-14 20:28:24 +02:00
69d2a1cf3b providers/proxy: add more kubernetes tests 2020-10-14 20:21:47 +02:00
635f6c1ef2 ci: add k3d cluster for kubernetes controller tests 2020-10-14 20:21:36 +02:00
18da7565c2 outposts: improve performance by running related check in worker, fix tokens being left over on outpost delete 2020-10-14 18:41:16 +02:00
45699a1a69 outpost: rewrite kubernetes controller 2020-10-14 17:49:09 +02:00
5556e9f8e7 outposts: always save state, even without version 2020-10-14 12:15:40 +02:00
327bb09dd4 build(deps): bump rollup in /passbook/static/static (#275)
Bumps [rollup](https://github.com/rollup/rollup) from 2.29.0 to 2.30.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.29.0...v2.30.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-14 11:47:30 +02:00
8ca23451c6 outposts: rewrite state logic, use cache to expire old channels, support multiple instances 2020-10-14 11:32:33 +02:00
b99e2b10fe docs: add note about vcenter and AD Join 2020-10-14 11:32:33 +02:00
e966dff1a7 Revert "flows: rewrite shell to webcomponents"
This reverts commit b03a508475.
2020-10-14 11:32:33 +02:00
481fbedef2 build(deps): bump sentry-sdk from 0.18.0 to 0.19.0 (#274)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.18.0...0.19.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-14 11:27:35 +02:00
d104012eee build(deps-dev): bump colorama from 0.4.3 to 0.4.4 (#273)
Bumps [colorama](https://github.com/tartley/colorama) from 0.4.3 to 0.4.4.
- [Release notes](https://github.com/tartley/colorama/releases)
- [Changelog](https://github.com/tartley/colorama/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tartley/colorama/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-13 11:55:05 +02:00
b03a508475 flows: rewrite shell to webcomponents 2020-10-12 17:53:35 +02:00
8ede4b6a13 build(deps): bump boto3 from 1.15.15 to 1.15.16 (#272)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.15 to 1.15.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.15...1.15.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-12 10:32:52 +02:00
41323afccc docs: add upgrade instructions for 0.11 2020-10-11 23:42:38 +02:00
4a10b4999b core: fix navbar icon not showing in firefox 2020-10-11 23:38:22 +02:00
20ee634cda admin: add buttons to disable and enable users 2020-10-11 21:54:00 +02:00
713025d218 new release: 0.11.0-stable 2020-10-11 19:57:03 +02:00
58ae159835 outposts: disable Kubernetes selection for now 2020-10-11 19:40:22 +02:00
c95efe3cde docs: fix usage of user's groups 2020-10-11 19:29:22 +02:00
b6eb0bf53d providers/oauth2: add missing property_mapping template 2020-10-11 19:29:13 +02:00
610b6c7f70 policies: add PolicyAccessView, which does complete access checking 2020-10-11 19:26:20 +02:00
1ea2d99ff2 ci: run rollup build 2020-10-09 11:33:02 +02:00
67be43679c build(deps): bump boto3 from 1.15.14 to 1.15.15 (#268)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.14 to 1.15.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.14...1.15.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-09 11:32:02 +02:00
fd42389bd5 build(deps-dev): bump rollup-plugin-sourcemaps (#267)
Bumps [rollup-plugin-sourcemaps](https://github.com/maxdavidson/rollup-plugin-sourcemaps) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/maxdavidson/rollup-plugin-sourcemaps/releases)
- [Changelog](https://github.com/maxdavidson/rollup-plugin-sourcemaps/blob/master/CHANGELOG.md)
- [Commits](https://github.com/maxdavidson/rollup-plugin-sourcemaps/compare/v0.6.2...v0.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-09 11:31:47 +02:00
71b1df2fec build(deps): bump rollup in /passbook/static/static (#269)
Bumps [rollup](https://github.com/rollup/rollup) from 2.28.2 to 2.29.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.28.2...v2.29.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-09 09:08:39 +02:00
7a3122f25c docs: add reverse-proxy example config, fix outpost docker-compose 2020-10-08 09:27:28 +02:00
63041d788b core: update application list API to show applications accessible by policy 2020-10-08 09:26:50 +02:00
bfc1bae0bb build(deps): bump boto3 from 1.15.13 to 1.15.14 (#266)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.13 to 1.15.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.13...1.15.14)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-08 09:18:06 +02:00
8ab7f7fcbb core: make passbook title navigate to overview
closes #264
2020-10-07 19:27:20 +02:00
c1eb8317f7 providers/proxy: update phrasing for basic_auth_* attributes
closes #265
2020-10-07 19:27:06 +02:00
7a578e5e83 admin: dont show check when outpost hasnt connected
closes #263
2020-10-07 19:19:25 +02:00
b10912d8ba proxy: cleanup addHeadersForProxying 2020-10-07 18:02:57 +02:00
ef24b1cde2 docs: update screenshots 2020-10-07 18:02:26 +02:00
26cacc2a06 build(deps): bump boto3 from 1.15.12 to 1.15.13 (#259)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.12 to 1.15.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.12...1.15.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-07 11:54:32 +02:00
ca0e89c799 build(deps): bump @patternfly/patternfly in /passbook/static/static (#261)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.42.2 to 4.50.4.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.42.2...prerelease-v4.50.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-07 09:10:47 +02:00
17950119ad build(deps): bump django-otp from 1.0.0 to 1.0.1 (#260)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.0...v1.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-07 09:10:25 +02:00
876618c1ec build(deps): bump @fortawesome/fontawesome-free (#258)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.0 to 5.15.1.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.0...5.15.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 10:19:05 +02:00
2293ab69b9 build(deps): bump boto3 from 1.15.11 to 1.15.12 (#257)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.11 to 1.15.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.11...1.15.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 09:55:56 +02:00
9df00e09a4 root: fix static docker's rollup build 2020-10-06 00:06:53 +02:00
cf6ce9c915 audit: optimize eventaction, 2020-10-05 23:43:56 +02:00
3b61191614 outpost: enable docker controller 2020-10-05 23:11:44 +02:00
9954eeac86 proxy: fix broken docker healthcheck 2020-10-05 22:53:26 +02:00
ac88bd5d44 core: hide token value by default 2020-10-05 22:40:30 +02:00
2406a619df root: fix lockfile in dockerfile 2020-10-05 22:37:53 +02:00
63087c9393 root: run backups in server contianer 2020-10-05 22:30:13 +02:00
da9aaf69df admin: add metrics and charts 2020-10-05 22:10:03 +02:00
ae125dd1f0 root: fix missing docker dependency 2020-10-04 15:04:07 +02:00
f636595230 static: add fetch-fill-slot to load data for admin interface 2020-10-04 13:09:03 +02:00
d506e8f1a3 outposts: implement docker controller 2020-10-04 00:41:12 +02:00
d3a96ac7aa outposts: load token async 2020-10-04 00:29:18 +02:00
189b0ec324 admin: expose info as API 2020-10-04 00:28:58 +02:00
c5a6b4961f core: Add Token identifier as sudo-primary key 2020-10-04 00:28:43 +02:00
b590589324 root: add base template for api 2020-10-03 23:20:33 +02:00
9fb1ac98ec Backup/Restore (#256)
* lifecycle: move s3 backup settings to s3 name

* providers/oauth2: fix for alerting for missing certificatekeypair

* lifecycle: add backup commands

see #252

* lifecycle: install postgres-client for 11 and 12

* root: migrate to DBBACKUP_STORAGE_OPTIONS, add region setting

* lifecycle: auto-clean last backups

* helm: add s3 region parameter, add cronjob for backups

* docs: add backup docs

* root: remove backup scheduled task for now
2020-10-03 20:36:36 +02:00
195d8fe71f core: move name field to base Provider 2020-10-03 20:05:16 +02:00
b0602a3215 admin: implement search for all views
see #253
2020-10-03 19:32:01 +02:00
0150a5c58c admin: add SearchListMixin mixin and partial template 2020-10-03 19:05:20 +02:00
b35d27c83e admin: fix pagination template, ensure template is placed correctly in footer 2020-10-03 17:50:17 +02:00
801bb90806 root: lock pyright version 2020-10-03 15:34:53 +02:00
55a83abb26 *: remove deprecated providing_args 2020-10-02 11:18:14 +02:00
c09b4e9713 e2e: fix invalid proxy image being pulled 2020-10-02 10:30:56 +02:00
247015e955 stages/otp_*: Remove duplicate validation for OTP Codes 2020-10-02 10:30:43 +02:00
fe3634be64 build(deps): bump django from 3.1.1 to 3.1.2 (#255)
Bumps [django](https://github.com/django/django) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.1...3.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-02 09:50:18 +02:00
ead20b03aa build(deps): bump boto3 from 1.15.9 to 1.15.10 (#254)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.9 to 1.15.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.9...1.15.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-02 09:32:39 +02:00
932a475af7 docs: add notice about vcenter launch URL 2020-10-01 20:01:58 +02:00
e9a1a18ba3 providers/oauth2: ensure that when rs256 is selected, a certificate key pair is selected 2020-10-01 20:01:45 +02:00
6cd9edd38a providers/oauth2: add missing token_validity field to Forms and API 2020-10-01 20:01:28 +02:00
9b5f9167cd root: always enable dbbackup 2020-10-01 13:41:40 +02:00
1f30bcd335 root: lock postgresql to 12 in docker-compose 2020-10-01 10:42:38 +02:00
94eaeb5a60 new release: 0.10.9-stable 2020-10-01 10:24:16 +02:00
a5420fe019 providers/saml: lowercase acs URLs before checking
closes #249
2020-10-01 10:04:20 +02:00
2e1849a732 providers/oauth2: lowercase all uris before checking redirect URI
see #249
2020-10-01 10:00:44 +02:00
4039e96803 build(deps): bump boto3 from 1.15.8 to 1.15.9 (#250)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.8 to 1.15.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.8...1.15.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-01 09:50:04 +02:00
8f585eca70 stages/identification: replace buggy FilteredSelectMultiple with ArrayFieldSelectMultiple 2020-09-30 23:58:01 +02:00
516455f482 stages/identification: add case_insensitive_matching
closes #248
2020-09-30 23:48:53 +02:00
719099a5af ci: remove deploy as --recreate is deprecated 2020-09-30 23:00:05 +02:00
7f74d32253 docs: update phrasing on tautulli docs 2020-09-30 21:19:04 +02:00
525d271535 *: apply new black styling 2020-09-30 19:34:22 +02:00
9ef39f1e04 root: update black version 2020-09-30 16:39:15 +02:00
9099dc5713 root: fix missing dependencies of uvicorn 2020-09-30 16:11:28 +02:00
c3c525a3f0 lib: re-add Websockets error 2020-09-30 15:55:59 +02:00
e699dfe88c ci: fix CD not working correctly 2020-09-30 15:41:04 +02:00
c0b334eb02 lib: ignore ChannelFull error 2020-09-30 15:40:54 +02:00
815ad26b91 root: add hard uvloop and httptools dependency 2020-09-30 15:37:15 +02:00
03647fa6af new release: 0.10.8-stable 2020-09-30 14:59:02 +02:00
5aec581585 docs: add docs for Tautulli
closes #244
2020-09-30 14:32:23 +02:00
68e9b7e140 proxy: only use logrus 2020-09-30 14:31:55 +02:00
b42bca4e3e build(deps): bump django-filter from 2.3.0 to 2.4.0 (#239)
Bumps [django-filter](https://github.com/carltongibson/django-filter) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/carltongibson/django-filter/releases)
- [Changelog](https://github.com/carltongibson/django-filter/blob/master/CHANGES.rst)
- [Commits](https://github.com/carltongibson/django-filter/compare/2.3.0...2.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 13:29:11 +02:00
42c9ac61b2 build(deps-dev): bump pytest from 6.0.2 to 6.1.0 (#238)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.0.2 to 6.1.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.0.2...6.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 13:14:42 +02:00
7cdc5f0568 build(deps): bump sentry-sdk from 0.17.8 to 0.18.0 (#245)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.8 to 0.18.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.8...0.18.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 12:44:50 +02:00
a063613f4c build(deps): bump uvicorn from 0.11.8 to 0.12.0 (#241)
* build(deps): bump uvicorn from 0.11.8 to 0.12.0

Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.11.8 to 0.12.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.11.8...0.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

* lib: remove websockets ignored exception

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-09-30 11:49:59 +02:00
3af04bf1e4 build(deps): bump boto3 from 1.15.5 to 1.15.8 (#246)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.5 to 1.15.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.5...1.15.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 11:49:36 +02:00
74f8b68af8 proxy: ask for pb_proxy scope, set authorization header if enabled 2020-09-30 11:49:06 +02:00
59dbc15be7 core: make group_attributes include user's attributes 2020-09-30 11:39:25 +02:00
9d5dd896f3 providers/proxy: start implementing basic_auth_enabled
see #244
2020-09-30 11:15:22 +02:00
02f5f12089 providers/proxy: use external_url for launch URL, hide setup URLs 2020-09-30 11:14:50 +02:00
90ea6dba90 providers/proxy: add pb_proxy scope for proxy that sends user_attributes 2020-09-30 11:13:59 +02:00
b0b2c0830b build(deps): bump github.com/sirupsen/logrus in /proxy (#243)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 09:32:33 +02:00
acb2b825f3 root: fix pipfile not referencing djangorestframework 2020-09-30 09:23:00 +02:00
e956b86649 root: lock rest-framework to 3.11.1 to prevent drf-yasg
See https://github.com/axnsan12/drf-yasg/issues/641
2020-09-30 09:15:48 +02:00
739c66da1c crypto: add tests 2020-09-30 09:12:37 +02:00
e8c7cce68f build(deps): bump @fortawesome/fontawesome-free (#247)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.14.0 to 5.15.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.14.0...5.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 08:57:47 +02:00
f741d382c2 e2e: bump wait 2020-09-29 15:01:01 +02:00
a13d4047b6 e2e: fix formatting 2020-09-29 14:04:23 +02:00
e0d8189442 e2e: update for new saml-test-sp, pull image before run 2020-09-29 12:47:38 +02:00
760352202e admin: fix get_form_class 2020-09-29 11:42:34 +02:00
9724ded194 policies: change .form() and .serializer() to properties, add tests 2020-09-29 10:32:58 +02:00
5da4ff4ff1 e2e: further cleanup tests, directly navigate to user-settings instead of click 2020-09-29 00:27:58 +02:00
e54b98a80e e2e: cleanup tests, remove XPATH selectors 2020-09-28 18:19:46 +02:00
67b69cb5d3 e2e: add oidc tests using oidc-test-client 2020-09-28 17:22:35 +02:00
863111ac57 e2e: fix oauth1 tests 2020-09-28 12:15:32 +02:00
bd78087582 root: fix RemovedInDjango40Warning being triggered 2020-09-28 11:47:50 +02:00
8f4e954160 providers/oauth2: rewrite introspection endpoint to allow basic or bearer auth 2020-09-28 11:42:27 +02:00
553f184aad e2e: add proxy connectivity test via Websocket 2020-09-28 09:04:44 +02:00
b6d7847eae providers/oauth2: fix token introspection view 2020-09-28 09:04:31 +02:00
ad0d339794 flows: add benchmark command 2020-09-27 21:21:30 +02:00
737cd22bb9 root: fix apt autoremove call 2020-09-27 21:07:29 +02:00
6ad1465f8f root: don't set default log level in docker-compose 2020-09-27 19:36:44 +02:00
d74fa4abbf admin: fix categories in sidebar being collapsible 2020-09-27 18:40:50 +02:00
b24938fc6b stages/consent: fix formatting 2020-09-26 21:06:01 +02:00
ea1564548c stages/consent: support pending_user from flow 2020-09-26 20:43:41 +02:00
3663c3c8a1 sources/saml: cleanup SLO Implementation 2020-09-26 20:38:38 +02:00
07e20a2950 core: add AuthJsonConsumer to handle websocket authentication 2020-09-26 20:11:04 +02:00
6366d50a0e core: show 'Create Application' button based on perms 2020-09-26 19:54:52 +02:00
c3e64df95b new release: 0.10.7-stable 2020-09-26 19:26:12 +02:00
d2bf2c8896 ci: fix prospector call 2020-09-26 19:17:42 +02:00
f27b43507c ci: ensure same checks as locally are run 2020-09-26 19:08:37 +02:00
c1058c7438 e2e: fix formatting 2020-09-26 18:18:01 +02:00
c37901feb9 e2e: add tests for oauth1 2020-09-26 17:44:05 +02:00
44b815efae sources/oauth: fix data being sent in body and header for oauth1 2020-09-26 17:43:58 +02:00
64a71a3663 flows: fix planner removing too many stages 2020-09-26 14:58:13 +02:00
ae435f423e ci: fix failing unittests not reporting correctly 2020-09-26 14:55:50 +02:00
7aa89c6d4f flows: fix formatting 2020-09-26 14:19:42 +02:00
7e9d7e5198 flows: fix two stages being removed when reevaluate_marker was enabled 2020-09-26 14:13:10 +02:00
2be6cd70d9 sources/oauth: fix handling of token for do_request 2020-09-26 14:00:48 +02:00
2b9705b33c policies/expression: remove pb_flow_plan, save flow context directly in context 2020-09-26 13:58:32 +02:00
502e43085f lifecycle: update celery command for 5.0 2020-09-26 02:17:39 +02:00
40f1de3b11 admin: load info about latest version in celery task 2020-09-26 02:16:35 +02:00
899c5b63ea admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-26 02:04:16 +02:00
e104c74761 admin: make pagination size configurable 2020-09-26 01:55:40 +02:00
5d46c1ea5a flows: improve strings, ensure default-source-enrollment's first stage has re_evaluate_policies 2020-09-26 01:37:54 +02:00
7d533889bc sources/oauth: fix OAuth1 not working, cleanup 2020-09-26 01:27:33 +02:00
d9c2b32cba sources/oauth: cleanup clients, add type annotations 2020-09-26 00:34:57 +02:00
6e4ce8dbaa core: cache user's is_superuser 2020-09-26 00:34:35 +02:00
03d58b439f sources/oauth: separate clients into separate modules 2020-09-25 23:58:58 +02:00
ea38da441b ci: run e2e tests with failfast 2020-09-25 22:21:58 +02:00
bdaf0111c2 stages/password: fix formatting 2020-09-25 21:12:42 +02:00
974c2ddb11 stages/password: fix change_flow being deleted instead of renamed 2020-09-25 20:33:06 +02:00
769ce1c642 e2e: add tests for TOTP Setup, static OTP Setup and otp validation 2020-09-25 20:21:49 +02:00
f294791d41 stages/otp_time: fix redirect uri after setup 2020-09-25 19:39:19 +02:00
4ee22f8ec1 stages/otp_static: fix redirect URL after setup, fix stage not being passed to setup 2020-09-25 19:38:51 +02:00
74d3cfbba0 stages/otp_time: show OTP URI as aria-label 2020-09-25 19:03:12 +02:00
d278acb83b stages/otp_: fix flows having no title 2020-09-25 18:50:29 +02:00
84da454612 stages/otp_: ensure stage.configure_flow is set 2020-09-25 17:45:13 +02:00
52101007aa e2e: bump chrome version 2020-09-25 17:39:25 +02:00
dc57f433fd stages/password: update to use ConfigurableStage 2020-09-25 16:51:22 +02:00
3d4c5b8f4e stages/otp_time: implement configure_flow 2020-09-25 12:56:27 +02:00
e66424cc49 stages/otp_static: implement configure_flow 2020-09-25 12:56:14 +02:00
8fa83a8d08 flows: change setup_stage to configure_stage in migration 2020-09-25 12:55:33 +02:00
397892b282 stages/consent: cleanup 2020-09-25 12:49:19 +02:00
7be50c2574 flows: add ConfigurableStage base class and ConfigureFlowInitView 2020-09-25 12:49:19 +02:00
2aad523596 build(deps-dev): bump django-debug-toolbar from 3.1 to 3.1.1 (#236)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.1 to 3.1.1.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.1...3.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-25 11:49:46 +02:00
6982b97eb0 build(deps): bump boto3 from 1.15.4 to 1.15.5 (#235)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.4 to 1.15.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.4...1.15.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-25 10:51:57 +02:00
3de879496d build(deps): bump celery from 4.4.7 to 5.0.0 (#237)
Bumps [celery](https://github.com/celery/celery) from 4.4.7 to 5.0.0.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v4.4.7...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-25 10:20:21 +02:00
4e75118a43 Create Dependabot config file (#234)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-25 09:36:29 +02:00
52c4fb431f core: add user.group_attributes 2020-09-24 15:45:58 +02:00
d696d854ff docs: update aws and gitlab docs 2020-09-24 15:36:29 +02:00
6966c119a7 build(deps): bump codemirror in /passbook/static/static (#231)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.0 to 5.58.1.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.0...5.58.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-24 14:31:49 +02:00
8cf5e647e3 build(deps): bump sentry-sdk from 0.17.7 to 0.17.8 (#229)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.7 to 0.17.8.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.7...0.17.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-24 14:21:39 +02:00
99bc6241f6 build(deps): bump boto3 from 1.15.3 to 1.15.4 (#230)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.3...1.15.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-24 08:37:01 +02:00
e5f837ebb7 root: add issue templates 2020-09-23 14:05:36 +02:00
9d93da3d45 providers/proxy: fix formatting 2020-09-23 12:33:33 +02:00
9f6f18f9bb proxy: implement internal_host_ssl_validation option 2020-09-23 12:21:19 +02:00
6458b1dbf8 providers/proxy: make upstream SSL Validation configurable 2020-09-23 12:20:14 +02:00
1aff9afca6 build(deps): bump boto3 from 1.15.1 to 1.15.3 (#226)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.1 to 1.15.3.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.1...1.15.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-23 11:51:02 +02:00
e0bc7d3932 build(deps): bump sentry-sdk from 0.17.6 to 0.17.7 (#228)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.6 to 0.17.7.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.6...0.17.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-23 08:51:50 +02:00
9fd9b2611c build(deps): bump codemirror in /passbook/static/static (#225)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.57.0 to 5.58.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.57.0...5.58.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-23 00:29:01 +02:00
6f3a1dfd08 build(deps-dev): bump django-debug-toolbar from 3.0 to 3.1 (#227)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.0 to 3.1.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.0...3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-22 23:54:09 +02:00
464b2cce88 audit: fix model information being saved nested 2020-09-21 22:34:03 +02:00
1854 changed files with 154519 additions and 34910 deletions

View File

@ -1,10 +1,12 @@
[bumpversion]
current_version = 0.10.6-stable
current_version = 2021.6.2
tag = True
commit = True
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
serialize = {major}.{minor}.{patch}-{release}
message = new release: {new_version}
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-?(?P<release>.*)
serialize =
{major}.{minor}.{patch}-{release}
{major}.{minor}.{patch}
message = release: {new_version}
tag_name = version/{new_version}
[bumpversion:part:release]
@ -15,18 +17,20 @@ values =
beta
stable
[bumpversion:file:docs/installation/docker-compose.md]
[bumpversion:file:docs/installation/kubernetes.md]
[bumpversion:file:website/docs/installation/docker-compose.md]
[bumpversion:file:docker-compose.yml]
[bumpversion:file:helm/values.yaml]
[bumpversion:file:helm/Chart.yaml]
[bumpversion:file:.github/workflows/release.yml]
[bumpversion:file:passbook/__init__.py]
[bumpversion:file:authentik/__init__.py]
[bumpversion:file:proxy/pkg/version.go]
[bumpversion:file:internal/constants/constants.go]
[bumpversion:file:outpost/pkg/version.go]
[bumpversion:file:web/src/constants.ts]
[bumpversion:file:website/docs/outposts/manual-deploy-docker-compose.md]
[bumpversion:file:website/docs/outposts/manual-deploy-kubernetes.md]

View File

@ -1,33 +0,0 @@
[run]
source = passbook
relative_files = true
omit =
*/asgi.py
manage.py
*/migrations/*
*/apps.py
docs/
[report]
sort = Cover
skip_covered = True
precision = 2
exclude_lines =
pragma: no cover
# Don't complain about missing debug-only code:
def __unicode__
def __str__
def __repr__
if self\.debug
if TYPE_CHECKING
# Don't complain if tests don't hit defensive assertion code:
raise AssertionError
raise NotImplementedError
# Don't complain if non-runnable code isn't run:
if 0:
if __name__ == .__main__.:
show_missing = True

View File

@ -1,6 +1,5 @@
env
helm
passbook-ui
static
htmlcov
*.env.yml
node_modules/
**/node_modules

2
.github/FUNDING.yml vendored
View File

@ -1 +1 @@
custom: ["https://www.paypal.me/beryju"]
github: [BeryJu]

34
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View File

@ -0,0 +1,34 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: bug
assignees: ''
---
**Describe the bug**
A clear and concise description of what the bug is.
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Expected behavior**
A clear and concise description of what you expected to happen.
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Logs**
Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
- authentik version: [e.g. 0.10.0-stable]
- Deployment: [e.g. docker-compose, helm]
**Additional context**
Add any other context about the problem here.

View File

@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: enhancement
assignees: ''
---
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.

27
.github/ISSUE_TEMPLATE/question.md vendored Normal file
View File

@ -0,0 +1,27 @@
---
name: Question
about: Ask a question about a feature or specific configuration
title: ''
labels: question
assignees: ''
---
**Describe your question/**
A clear and concise description of what you're trying to do.
**Relevant infos**
i.e. Version of other software you're using, specifics of your setup
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Logs**
Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
- authentik version: [e.g. 0.10.0-stable]
- Deployment: [e.g. docker-compose, helm]
**Additional context**
Add any other context about the problem here.

3
.github/codecov.yml vendored Normal file
View File

@ -0,0 +1,3 @@
coverage:
precision: 2
round: up

58
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,58 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: gomod
directory: "/outpost"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: npm
directory: "/web"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: npm
directory: "/website"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: pip
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: docker
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: docker
directory: "/outpost"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu

14
.github/stale.yml vendored Normal file
View File

@ -0,0 +1,14 @@
# Number of days of inactivity before an issue becomes stale
daysUntilStale: 60
# Number of days of inactivity before a stale issue is closed
daysUntilClose: 7
# Issues with these labels will never be considered stale
exemptLabels:
- pinned
- security
- pr_wanted
# Comment to post when marking an issue as stale. Set to `false` to disable
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank you
for your contributions.

View File

@ -1,54 +0,0 @@
name: "CodeQL"
on:
push:
branches: [master, admin-more-info, ci-deploy-dev, gh-pages, provider-saml-v2]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: '0 20 * * 2'
jobs:
analyse:
name: Analyse
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
# If this run was triggered by a pull request event, then checkout
# the head of the pull request instead of the merge commit.
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
# Override language selection by uncommenting this and choosing your languages
# with:
# languages: go, javascript, csharp, python, cpp, java
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

View File

@ -1,118 +1,181 @@
name: passbook-on-release
name: authentik-on-release
on:
release:
types: [published, created]
push:
branches:
- version-*
jobs:
# Build
build-server:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
run: docker build
--no-cache
-t beryju/passbook:0.10.6-stable
-t beryju/passbook:latest
-f Dockerfile .
- name: Push Docker Container to Registry (versioned)
run: docker push beryju/passbook:0.10.6-stable
- name: Push Docker Container to Registry (latest)
run: docker push beryju/passbook:latest
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik:2021.6.2,
beryju/authentik:latest,
ghcr.io/goauthentik/server:2021.6.2,
ghcr.io/goauthentik/server:latest
platforms: linux/amd64,linux/arm64
context: .
- name: Building Docker Image (stable)
if: ${{ github.event_name == 'release' && !contains('2021.6.2', 'rc') }}
run: |
docker pull beryju/authentik:latest
docker tag beryju/authentik:latest beryju/authentik:stable
docker push beryju/authentik:stable
docker pull ghcr.io/goauthentik/server:latest
docker tag ghcr.io/goauthentik/server:latest ghcr.io/goauthentik/server:stable
docker push ghcr.io/goauthentik/server:stable
build-proxy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.15"
- name: prepare go api client
run: |
cd proxy
go get -u github.com/go-swagger/go-swagger/cmd/swagger
swagger generate client -f ../swagger.yaml -A passbook -t pkg/
go build -v .
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-proxy:2021.6.2,
beryju/authentik-proxy:latest,
ghcr.io/goauthentik/proxy:2021.6.2,
ghcr.io/goauthentik/proxy:latest
file: outpost/proxy.Dockerfile
platforms: linux/amd64,linux/arm64
- name: Building Docker Image (stable)
if: ${{ github.event_name == 'release' && !contains('2021.6.2', 'rc') }}
run: |
cd proxy
docker build \
--no-cache \
-t beryju/passbook-proxy:0.10.6-stable \
-t beryju/passbook-proxy:latest \
-f Dockerfile .
- name: Push Docker Container to Registry (versioned)
run: docker push beryju/passbook-proxy:0.10.6-stable
- name: Push Docker Container to Registry (latest)
run: docker push beryju/passbook-proxy:latest
build-static:
docker pull beryju/authentik-proxy:latest
docker tag beryju/authentik-proxy:latest beryju/authentik-proxy:stable
docker push beryju/authentik-proxy:stable
docker pull ghcr.io/goauthentik/proxy:latest
docker tag ghcr.io/goauthentik/proxy:latest ghcr.io/goauthentik/proxy:stable
docker push ghcr.io/goauthentik/proxy:stable
build-ldap:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
redis:
image: redis:latest
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.15"
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
run: docker build
--no-cache
--network=$(docker network ls | grep github | awk '{print $1}')
-t beryju/passbook-static:0.10.6-stable
-t beryju/passbook-static:latest
-f static.Dockerfile .
- name: Push Docker Container to Registry (versioned)
run: docker push beryju/passbook-static:0.10.6-stable
- name: Push Docker Container to Registry (latest)
run: docker push beryju/passbook-static:latest
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-ldap:2021.6.2,
beryju/authentik-ldap:latest,
ghcr.io/goauthentik/ldap:2021.6.2,
ghcr.io/goauthentik/ldap:latest
file: outpost/ldap.Dockerfile
platforms: linux/amd64,linux/arm64
- name: Building Docker Image (stable)
if: ${{ github.event_name == 'release' && !contains('2021.6.2', 'rc') }}
run: |
docker pull beryju/authentik-ldap:latest
docker tag beryju/authentik-ldap:latest beryju/authentik-ldap:stable
docker push beryju/authentik-ldap:stable
docker pull ghcr.io/goauthentik/ldap:latest
docker tag ghcr.io/goauthentik/ldap:latest ghcr.io/goauthentik/ldap:stable
docker push ghcr.io/goauthentik/ldap:stable
test-release:
needs:
- build-server
- build-static
- build-proxy
- build-ldap
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Run test suite in final docker images
run: |
sudo apt-get install -y pwgen
echo "PG_PASS=$(pwgen 40 1)" >> .env
echo "PASSBOOK_SECRET_KEY=$(pwgen 50 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
docker-compose pull -q
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root --entrypoint /bin/bash server -c "pip install --no-cache -r requirements-dev.txt && ./manage.py test passbook"
docker-compose run -u root server test
sentry-release:
if: ${{ github.event_name == 'release' }}
needs:
- test-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v2
- name: Setup Node.js environment
uses: actions/setup-node@v2.1.5
with:
node-version: 12.x
- name: Build web api client and web ui
run: |
export NODE_ENV=production
make gen-web
cd web
npm i
npm run build
- name: Create a Sentry.io release
uses: tclindner/sentry-releases-action@v1.2.0
uses: getsentry/action-release@v1
if: ${{ github.event_name == 'release' }}
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: beryjuorg
SENTRY_PROJECT: passbook
SENTRY_PROJECT: authentik
SENTRY_URL: https://sentry.beryju.org
with:
tagName: 0.10.6-stable
version: authentik@2021.6.2
environment: beryjuorg-prod
sourcemaps: './web/dist'

View File

@ -1,4 +1,4 @@
name: passbook-on-tag
name: authentik-on-tag
on:
push:
@ -10,40 +10,31 @@ jobs:
name: Create Release from Tag
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/checkout@v2
- name: Pre-release test
run: |
sudo apt-get install -y pwgen
echo "PASSBOOK_TAG=latest" >> .env
echo "AUTHENTIK_TAG=latest" >> .env
echo "PG_PASS=$(pwgen 40 1)" >> .env
echo "PASSBOOK_SECRET_KEY=$(pwgen 50 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
docker-compose pull -q
docker build \
--no-cache \
-t beryju/passbook:latest \
-t ghcr.io/goauthentik/server:latest \
-f Dockerfile .
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root --entrypoint /bin/bash server -c "pip install --no-cache -r requirements-dev.txt && ./manage.py test passbook"
- name: Install Helm
run: |
apt update && apt install -y curl
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
- name: Helm package
run: |
helm dependency update helm/
helm package helm/
mv passbook-*.tgz passbook-chart.tgz
docker-compose run -u root server test
- name: Extract version number
id: get_version
uses: actions/github-script@0.2.0
uses: actions/github-script@v4.0.2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
return context.payload.ref.replace(/\/refs\/tags\/version\//, '');
- name: Create Release
id: create_release
uses: actions/create-release@v1.0.0
uses: actions/create-release@v1.1.4
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
@ -51,13 +42,3 @@ jobs:
release_name: Release ${{ steps.get_version.outputs.result }}
draft: true
prerelease: false
- name: Upload packaged Helm Chart
id: upload-release-asset
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./passbook-chart.tgz
asset_name: passbook-chart.tgz
asset_content_type: application/gzip

13
.gitignore vendored
View File

@ -27,12 +27,12 @@ media
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib64/
parts/
dist/
sdist/
var/
wheels/
@ -193,9 +193,10 @@ pip-selfcheck.json
local.env.yml
.vscode/
### Helm ###
# Chart dependencies
**/charts/*.tgz
# Selenium Screenshots
selenium_screenshots/**
selenium_screenshots/
backups/
media/
*mmdb
.idea/

View File

@ -1,6 +0,0 @@
[settings]
multi_line_output=3
include_trailing_comma=True
force_grid_wrap=0
use_parentheses=True
line_length=88

View File

@ -1,11 +0,0 @@
strictness: medium
test-warnings: true
doc-warnings: false
ignore-paths:
- migrations
- docs
- node_modules
uses:
- django

View File

@ -1,16 +0,0 @@
[MASTER]
disable=arguments-differ,no-self-use,fixme,locally-disabled,too-many-ancestors,too-few-public-methods,import-outside-toplevel,bad-continuation,signature-differs,similarities,cyclic-import
load-plugins=pylint_django,pylint.extensions.bad_builtin
extension-pkg-whitelist=lxml
# Allow constants to be shorter than normal (and lowercase, for settings.py)
const-rgx=[a-zA-Z0-9_]{1,40}$
ignored-modules=django-otp
ignore=migrations
max-attributes=12
jobs=12

View File

@ -1,4 +1,5 @@
FROM python:3.8-slim-buster as locker
# Stage 1: Lock python dependencies
FROM python:3.9-slim-buster as locker
COPY ./Pipfile /app/
COPY ./Pipfile.lock /app/
@ -7,26 +8,80 @@ WORKDIR /app/
RUN pip install pipenv && \
pipenv lock -r > requirements.txt && \
pipenv lock -rd > requirements-dev.txt
pipenv lock -r --dev-only > requirements-dev.txt
FROM python:3.8-slim-buster
# Stage 2: Build web API
FROM openapitools/openapi-generator-cli as api-builder
COPY ./schema.yml /local/schema.yml
RUN docker-entrypoint.sh generate \
-i /local/schema.yml \
-g typescript-fetch \
-o /local/web/api \
--additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
# Stage 3: Build webui
FROM node as npm-builder
COPY ./web /static/
COPY --from=api-builder /local/web/api /static/api
ENV NODE_ENV=production
RUN cd /static && npm i && npm run build
# Stage 4: Build go proxy
FROM golang:1.16.5 AS builder
WORKDIR /work
COPY --from=npm-builder /static/robots.txt /work/web/robots.txt
COPY --from=npm-builder /static/security.txt /work/web/security.txt
COPY --from=npm-builder /static/dist/ /work/web/dist/
COPY --from=npm-builder /static/authentik/ /work/web/authentik/
COPY ./cmd /work/cmd
COPY ./web/static.go /work/web/static.go
COPY ./internal /work/internal
COPY ./go.mod /work/go.mod
COPY ./go.sum /work/go.sum
RUN go build -o /work/authentik ./cmd/server/main.go
# Stage 5: Run
FROM python:3.9-slim-buster
WORKDIR /
COPY --from=locker /app/requirements.txt /
COPY --from=locker /app/requirements-dev.txt /
RUN apt-get update && \
apt-get install -y --no-install-recommends postgresql-client-11 build-essential && \
rm -rf /var/lib/apt/ && \
pip install -r /requirements.txt --no-cache-dir && \
apt-get remove --purge -y build-essential && \
apt-get autoremove --purge && \
adduser --system --no-create-home --uid 1000 --group --home /passbook passbook
ARG GIT_BUILD_HASH
ENV GIT_BUILD_HASH=$GIT_BUILD_HASH
COPY ./passbook/ /passbook
RUN apt-get update && \
apt-get install -y --no-install-recommends curl ca-certificates gnupg git runit && \
curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \
echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
apt-get update && \
apt-get install -y --no-install-recommends libpq-dev postgresql-client build-essential libxmlsec1-dev pkg-config libmaxminddb0 && \
pip install -r /requirements.txt --no-cache-dir && \
apt-get remove --purge -y build-essential git && \
apt-get autoremove --purge -y && \
apt-get clean && \
rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/ && \
adduser --system --no-create-home --uid 1000 --group --home /authentik authentik && \
mkdir /backups && \
chown authentik:authentik /backups
COPY ./authentik/ /authentik
COPY ./pyproject.toml /
COPY ./xml /xml
COPY ./tests /tests
COPY ./manage.py /
COPY ./lifecycle/ /lifecycle
COPY --from=builder /work/authentik /authentik-proxy
USER passbook
USER authentik
ENV TMPDIR /dev/shm/
ENV PYTHONUBUFFERED 1
ENTRYPOINT [ "/lifecycle/bootstrap.sh" ]

687
LICENSE
View File

@ -1,21 +1,674 @@
MIT License
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (c) 2019 BeryJu.org
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
Preamble
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.

View File

@ -1,26 +1,65 @@
all: lint-fix lint coverage gen
.SHELLFLAGS += -x -e
PWD = $(shell pwd)
UID = $(shell id -u)
GID = $(shell id -g)
coverage:
coverage run --concurrency=multiprocessing manage.py test --failfast -v 3
coverage combine
all: lint-fix lint test gen
test-integration:
k3d cluster create || exit 0
k3d kubeconfig write -o ~/.kube/config --overwrite
coverage run manage.py test -v 3 tests/integration
test-e2e:
coverage run manage.py test --failfast -v 3 tests/e2e
test:
coverage run manage.py test -v 3 authentik
coverage html
coverage report
lint-fix:
isort -rc .
black .
isort authentik tests lifecycle
black authentik tests lifecycle
lint:
pyright
bandit -r .
pylint passbook
prospector
pyright authentik tests lifecycle
bandit -r authentik tests lifecycle -x node_modules
pylint authentik tests lifecycle
gen: coverage
./manage.py generate_swagger -o swagger.yaml -f yaml
gen-build:
./manage.py spectacular --file schema.yml
local-stack:
export PASSBOOK_TAG=testing
docker build -t beryju/passbook:testng .
docker-compose up -d
docker-compose run --rm server migrate
gen-clean:
rm -rf web/api/src/
rm -rf outpost/api/
gen-web:
docker run \
--rm -v ${PWD}:/local \
--user ${UID}:${GID} \
openapitools/openapi-generator-cli generate \
-i /local/schema.yml \
-g typescript-fetch \
-o /local/web/api \
--additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
cd web/api && npx tsc
gen-outpost:
docker run \
--rm -v ${PWD}:/local \
--user ${UID}:${GID} \
openapitools/openapi-generator-cli generate \
--git-host goauthentik.io \
--git-repo-id outpost \
--git-user-id api \
-i /local/schema.yml \
-g go \
-o /local/outpost/api \
--additional-properties=packageName=api,enumClassPrefix=true,useOneOfDiscriminatorLookup=true
rm -f outpost/api/go.mod outpost/api/go.sum
gen: gen-build gen-clean gen-web gen-outpost
run:
go run -v cmd/server/main.go

47
Pipfile
View File

@ -6,59 +6,60 @@ verify_ssl = true
[packages]
boto3 = "*"
celery = "*"
channels = "*"
channels-redis = "*"
dacite = "*"
defusedxml = "*"
django = "*"
django-cors-middleware = "*"
django-dbbackup = "*"
django-dbbackup = { git = 'https://github.com/django-dbbackup/django-dbbackup.git', ref = '9d1909c30a3271c8c9c8450add30d6e0b996e145' }
django-filter = "*"
django-guardian = "*"
django-model-utils = "*"
django-otp = "*"
django-prometheus = "*"
django-recaptcha = "*"
django-redis = "*"
django-rest-framework = "*"
django-storages = "*"
djangorestframework = "*"
djangorestframework-guardian = "*"
drf-yasg = "*"
docker = "*"
drf-spectacular = "*"
facebook-sdk = "*"
geoip2 = "*"
gunicorn = "*"
kubernetes = "*"
ldap3 = "*"
lxml = "*"
lxml = ">=4.6.3"
packaging = "*"
psycopg2-binary = "*"
pycryptodome = "*"
pyjwkest = "*"
uvicorn = "*"
gunicorn = "*"
pyjwt = "*"
pyyaml = "*"
qrcode = "*"
requests-oauthlib = "*"
sentry-sdk = "*"
service_identity = "*"
signxml = "*"
structlog = "*"
swagger-spec-validator = "*"
twisted = "==20.3.0"
urllib3 = {extras = ["secure"],version = "*"}
dacite = "*"
channels = "*"
channels-redis = "*"
kubernetes = "*"
uvicorn = {extras = ["standard"],version = "*"}
webauthn = "*"
xmlsec = "*"
duo-client = "*"
ua-parser = "*"
deepmerge = "*"
[requires]
python_version = "3.8"
python_version = "3.9"
[dev-packages]
autopep8 = "*"
bandit = "*"
black = "==19.10b0"
bumpversion = "*"
black = "==21.5b1"
bump2version = "*"
colorama = "*"
coverage = "*"
django-debug-toolbar = "*"
docker = "*"
pylint = "*"
pylint-django = "*"
selenium = "*"
prospector = "*"
pytest = "*"
pytest-django = "*"
selenium = "*"
requests-mock = "*"

2157
Pipfile.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -1,53 +1,38 @@
<img src="docs/images/logo.svg" height="50" alt="passbook logo"><img src="docs/images/brand_inverted.svg" height="50" alt="passbook">
<p align="center">
<img src="https://goauthentik.io/img/icon_top_brand_colour.svg" height="150" alt="authentik logo">
</p>
[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/passbook/1?style=flat-square)](https://dev.azure.com/beryjuorg/passbook/_build?definitionId=1)
![Tests](https://img.shields.io/azure-devops/tests/beryjuorg/passbook/1?compact_message&style=flat-square)
[![Code Coverage](https://img.shields.io/codecov/c/gh/beryju/passbook?style=flat-square)](https://codecov.io/gh/BeryJu/passbook)
![Docker pulls](https://img.shields.io/docker/pulls/beryju/passbook.svg?style=flat-square)
![Latest version](https://img.shields.io/docker/v/beryju/passbook?sort=semver&style=flat-square)
![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/BeryJu/passbook?style=flat-square)
---
## What is passbook?
[![](https://img.shields.io/discord/809154715984199690?label=Discord&style=flat-square)](https://discord.gg/jg33eMhnj6)
[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/6?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=6)
[![Tests](https://img.shields.io/azure-devops/tests/beryjuorg/authentik/6?compact_message&style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=6)
[![Code Coverage](https://img.shields.io/codecov/c/gh/goauthentik/authentik?style=flat-square)](https://codecov.io/gh/goauthentik/authentik)
![Docker pulls](https://img.shields.io/docker/pulls/beryju/authentik.svg?style=flat-square)
![Latest version](https://img.shields.io/docker/v/beryju/authentik?sort=semver&style=flat-square)
![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/goauthentik/authentik?style=flat-square)
[Transifex](https://www.transifex.com/beryjuorg/authentik/)
passbook is an open-source Identity Provider focused on flexibility and versatility. You can use passbook in an existing environment to add support for new protocols. passbook is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
## What is authentik?
authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
## Installation
For small/test setups it is recommended to use docker-compose, see the [documentation](https://passbook.beryju.org/installation/docker-compose/)
For small/test setups it is recommended to use docker-compose, see the [documentation](https://goauthentik.io/docs/installation/docker-compose/)
For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://passbook.beryju.org//installation/kubernetes/)
For bigger setups, there is a Helm Chart [here])(https://github.com/goauthentik/helm). This is documented [here](https://goauthentik.io/docs/installation/kubernetes/)
## Screenshots
![](docs/images/screen_apps.png)
![](docs/images/screen_admin.png)
Light | Dark
--- | ---
![](https://goauthentik.io/img/screen_apps_light.jpg) | ![](https://goauthentik.io/img/screen_apps_dark.jpg)
![](https://goauthentik.io/img/screen_admin_light.jpg) | ![](https://goauthentik.io/img/screen_admin_dark.jpg)
## Development
To develop on passbook, you need a system with Python 3.7+ (3.8 is recommended). passbook uses [pipenv](https://pipenv.pypa.io/en/latest/) for managing dependencies.
To get started, run
```
python3 -m pip install pipenv
git clone https://github.com/BeryJu/passbook.git
cd passbook
pipenv shell
pipenv sync -d
```
Since passbook uses PostgreSQL-specific fields, you also need a local PostgreSQL instance to develop. passbook also uses redis for caching and message queueing.
For these databases you can use [Postgres.app](https://postgresapp.com/) and [Redis.app](https://jpadilla.github.io/redisapp/) on macOS or use it the docker-compose file in `scripts/docker-compose.yml`.
To tell passbook about these databases, create a file in the project root called `local.env.yml` with the following contents:
```yaml
debug: true
postgresql:
user: postgres
log_level: debug
```
See [Development Documentation](https://goauthentik.io/developer-docs/)
## Security

View File

@ -2,12 +2,10 @@
## Supported Versions
As passbook is currently in a pre-stable, only the latest "stable" version is supported. After passbook 1.0, this will change.
| Version | Supported |
| -------- | ------------------ |
| 0.9.x | :white_check_mark: |
| 0.10.x | :white_check_mark: |
| ---------- | ------------------ |
| 2021.4.x | :white_check_mark: |
| 2021.5.x | :white_check_mark: |
## Reporting a Vulnerability

3
authentik/__init__.py Normal file
View File

@ -0,0 +1,3 @@
"""authentik"""
__version__ = "2021.6.2"
ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"

View File

@ -0,0 +1,31 @@
"""Meta API"""
from drf_spectacular.utils import extend_schema
from rest_framework.fields import CharField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import PassiveSerializer
from authentik.lib.utils.reflection import get_apps
class AppSerializer(PassiveSerializer):
"""Serialize Application info"""
name = CharField()
label = CharField()
class AppsViewSet(ViewSet):
"""Read-only view set list all installed apps"""
permission_classes = [IsAdminUser]
@extend_schema(responses={200: AppSerializer(many=True)})
def list(self, request: Request) -> Response:
"""List current messages and pass into Serializer"""
data = []
for app in sorted(get_apps(), key=lambda app: app.name):
data.append({"name": app.name, "label": app.verbose_name})
return Response(AppSerializer(data, many=True).data)

View File

@ -0,0 +1,81 @@
"""authentik administration metrics"""
import time
from collections import Counter
from datetime import timedelta
from django.db.models import Count, ExpressionWrapper, F
from django.db.models.fields import DurationField
from django.db.models.functions import ExtractHour
from django.utils.timezone import now
from drf_spectacular.utils import extend_schema, extend_schema_field
from rest_framework.fields import IntegerField, SerializerMethodField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
from authentik.events.models import Event, EventAction
def get_events_per_1h(**filter_kwargs) -> list[dict[str, int]]:
"""Get event count by hour in the last day, fill with zeros"""
date_from = now() - timedelta(days=1)
result = (
Event.objects.filter(created__gte=date_from, **filter_kwargs)
.annotate(
age=ExpressionWrapper(now() - F("created"), output_field=DurationField())
)
.annotate(age_hours=ExtractHour("age"))
.values("age_hours")
.annotate(count=Count("pk"))
.order_by("age_hours")
)
data = Counter({int(d["age_hours"]): d["count"] for d in result})
results = []
_now = now()
for hour in range(0, -24, -1):
results.append(
{
"x_cord": time.mktime((_now + timedelta(hours=hour)).timetuple())
* 1000,
"y_cord": data[hour * -1],
}
)
return results
class CoordinateSerializer(PassiveSerializer):
"""Coordinates for diagrams"""
x_cord = IntegerField(read_only=True)
y_cord = IntegerField(read_only=True)
class LoginMetricsSerializer(PassiveSerializer):
"""Login Metrics per 1h"""
logins_per_1h = SerializerMethodField()
logins_failed_per_1h = SerializerMethodField()
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_per_1h(self, _):
"""Get successful logins per hour for the last 24 hours"""
return get_events_per_1h(action=EventAction.LOGIN)
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_failed_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
return get_events_per_1h(action=EventAction.LOGIN_FAILED)
class AdministrationMetricsViewSet(APIView):
"""Login Metrics per 1h"""
permission_classes = [IsAdminUser]
@extend_schema(responses={200: LoginMetricsSerializer(many=False)})
def get(self, request: Request) -> Response:
"""Login Metrics per 1h"""
serializer = LoginMetricsSerializer(True)
return Response(serializer.data)

View File

@ -0,0 +1,91 @@
"""authentik administration overview"""
import os
import platform
from datetime import datetime
from sys import version as python_version
from typing import TypedDict
from django.utils.timezone import now
from drf_spectacular.utils import extend_schema
from gunicorn import version_info as gunicorn_version
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
from rest_framework.fields import SerializerMethodField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
class RuntimeDict(TypedDict):
"""Runtime information"""
python_version: str
gunicorn_version: str
environment: str
architecture: str
platform: str
uname: str
class SystemSerializer(PassiveSerializer):
"""Get system information."""
http_headers = SerializerMethodField()
http_host = SerializerMethodField()
http_is_secure = SerializerMethodField()
runtime = SerializerMethodField()
tenant = SerializerMethodField()
server_time = SerializerMethodField()
def get_http_headers(self, request: Request) -> dict[str, str]:
"""Get HTTP Request headers"""
headers = {}
for key, value in request.META.items():
if not isinstance(value, str):
continue
headers[key] = value
return headers
def get_http_host(self, request: Request) -> str:
"""Get HTTP host"""
return request._request.get_host()
def get_http_is_secure(self, request: Request) -> bool:
"""Get HTTP Secure flag"""
return request._request.is_secure()
def get_runtime(self, request: Request) -> RuntimeDict:
"""Get versions"""
return {
"python_version": python_version,
"gunicorn_version": ".".join(str(x) for x in gunicorn_version),
"environment": "kubernetes"
if SERVICE_HOST_ENV_NAME in os.environ
else "compose",
"architecture": platform.machine(),
"platform": platform.platform(),
"uname": " ".join(platform.uname()),
}
def get_tenant(self, request: Request) -> str:
"""Currently active tenant"""
return str(request._request.tenant)
def get_server_time(self, request: Request) -> datetime:
"""Current server time"""
return now()
class SystemView(APIView):
"""Get system information."""
permission_classes = [IsAdminUser]
pagination_class = None
filter_backends = []
@extend_schema(responses={200: SystemSerializer(many=False)})
def get(self, request: Request) -> Response:
"""Get system information."""
return Response(SystemSerializer(request).data)

View File

@ -0,0 +1,104 @@
"""Tasks API"""
from importlib import import_module
from django.contrib import messages
from django.http.response import Http404
from django.utils.translation import gettext_lazy as _
from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import OpenApiResponse, extend_schema
from rest_framework.decorators import action
from rest_framework.fields import CharField, ChoiceField, DateTimeField, ListField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import PassiveSerializer
from authentik.events.monitored_tasks import TaskInfo, TaskResultStatus
class TaskSerializer(PassiveSerializer):
"""Serialize TaskInfo and TaskResult"""
task_name = CharField()
task_description = CharField()
task_finish_timestamp = DateTimeField(source="finish_time")
status = ChoiceField(
source="result.status.name",
choices=[(x.name, x.name) for x in TaskResultStatus],
)
messages = ListField(source="result.messages")
def to_representation(self, instance):
"""When a new version of authentik adds fields to TaskInfo,
the API will fail with an AttributeError, as the classes
are pickled in cache. In that case, just delete the info"""
try:
return super().to_representation(instance)
except AttributeError:
if isinstance(self.instance, list):
for inst in self.instance:
inst.delete()
else:
self.instance.delete()
return {}
class TaskViewSet(ViewSet):
"""Read-only view set that returns all background tasks"""
permission_classes = [IsAdminUser]
serializer_class = TaskSerializer
@extend_schema(
responses={
200: TaskSerializer(many=False),
404: OpenApiResponse(description="Task not found"),
}
)
# pylint: disable=invalid-name
def retrieve(self, request: Request, pk=None) -> Response:
"""Get a single system task"""
task = TaskInfo.by_name(pk)
if not task:
raise Http404
return Response(TaskSerializer(task, many=False).data)
@extend_schema(responses={200: TaskSerializer(many=True)})
def list(self, request: Request) -> Response:
"""List system tasks"""
tasks = sorted(TaskInfo.all().values(), key=lambda task: task.task_name)
return Response(TaskSerializer(tasks, many=True).data)
@extend_schema(
request=OpenApiTypes.NONE,
responses={
204: OpenApiResponse(description="Task retried successfully"),
404: OpenApiResponse(description="Task not found"),
500: OpenApiResponse(description="Failed to retry task"),
},
)
@action(detail=True, methods=["post"])
# pylint: disable=invalid-name
def retry(self, request: Request, pk=None) -> Response:
"""Retry task"""
task = TaskInfo.by_name(pk)
if not task:
raise Http404
try:
task_module = import_module(task.task_call_module)
task_func = getattr(task_module, task.task_call_func)
task_func.delay(*task.task_call_args, **task.task_call_kwargs)
messages.success(
self.request,
_(
"Successfully re-scheduled Task %(name)s!"
% {"name": task.task_name}
),
)
return Response(status=204)
except ImportError: # pragma: no cover
# if we get an import error, the module path has probably changed
task.delete()
return Response(status=500)

View File

@ -0,0 +1,59 @@
"""authentik administration overview"""
from os import environ
from django.core.cache import cache
from drf_spectacular.utils import extend_schema
from packaging.version import parse
from rest_framework.fields import SerializerMethodField
from rest_framework.permissions import IsAuthenticated
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik import ENV_GIT_HASH_KEY, __version__
from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
from authentik.core.api.utils import PassiveSerializer
class VersionSerializer(PassiveSerializer):
"""Get running and latest version."""
version_current = SerializerMethodField()
version_latest = SerializerMethodField()
build_hash = SerializerMethodField()
outdated = SerializerMethodField()
def get_build_hash(self, _) -> str:
"""Get build hash, if version is not latest or released"""
return environ.get(ENV_GIT_HASH_KEY, "")
def get_version_current(self, _) -> str:
"""Get current version"""
return __version__
def get_version_latest(self, _) -> str:
"""Get latest version from cache"""
version_in_cache = cache.get(VERSION_CACHE_KEY)
if not version_in_cache: # pragma: no cover
update_latest_version.delay()
return __version__
return version_in_cache
def get_outdated(self, instance) -> bool:
"""Check if we're running the latest version"""
return parse(self.get_version_current(instance)) < parse(
self.get_version_latest(instance)
)
class VersionView(APIView):
"""Get running and latest version."""
permission_classes = [IsAuthenticated]
pagination_class = None
filter_backends = []
@extend_schema(responses={200: VersionSerializer(many=False)})
def get(self, request: Request) -> Response:
"""Get running and latest version."""
return Response(VersionSerializer(True).data)

View File

@ -0,0 +1,26 @@
"""authentik administration overview"""
from drf_spectacular.utils import extend_schema, inline_serializer
from prometheus_client import Gauge
from rest_framework.fields import IntegerField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.root.celery import CELERY_APP
GAUGE_WORKERS = Gauge("authentik_admin_workers", "Currently connected workers")
class WorkerView(APIView):
"""Get currently connected worker count."""
permission_classes = [IsAdminUser]
@extend_schema(
responses=inline_serializer("Workers", fields={"count": IntegerField()})
)
def get(self, request: Request) -> Response:
"""Get currently connected worker count."""
count = len(CELERY_APP.control.ping(timeout=0.5))
return Response({"count": count})

10
authentik/admin/apps.py Normal file
View File

@ -0,0 +1,10 @@
"""authentik admin app config"""
from django.apps import AppConfig
class AuthentikAdminConfig(AppConfig):
"""authentik admin app config"""
name = "authentik.admin"
label = "authentik_admin"
verbose_name = "authentik Admin"

View File

@ -0,0 +1,10 @@
"""authentik admin settings"""
from celery.schedules import crontab
CELERY_BEAT_SCHEDULE = {
"admin_latest_version": {
"task": "authentik.admin.tasks.update_latest_version",
"schedule": crontab(minute="*/60"), # Run every hour
"options": {"queue": "authentik_scheduled"},
}
}

73
authentik/admin/tasks.py Normal file
View File

@ -0,0 +1,73 @@
"""authentik admin tasks"""
import re
from os import environ
from django.core.cache import cache
from django.core.validators import URLValidator
from packaging.version import parse
from prometheus_client import Info
from requests import RequestException, get
from structlog.stdlib import get_logger
from authentik import ENV_GIT_HASH_KEY, __version__
from authentik.events.models import Event, EventAction
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
from authentik.root.celery import CELERY_APP
LOGGER = get_logger()
VERSION_CACHE_KEY = "authentik_latest_version"
VERSION_CACHE_TIMEOUT = 8 * 60 * 60 # 8 hours
# Chop of the first ^ because we want to search the entire string
URL_FINDER = URLValidator.regex.pattern[1:]
PROM_INFO = Info("authentik_version", "Currently running authentik version")
def _set_prom_info():
"""Set prometheus info for version"""
PROM_INFO.info(
{
"version": __version__,
"latest": cache.get(VERSION_CACHE_KEY, ""),
"build_hash": environ.get(ENV_GIT_HASH_KEY, ""),
}
)
@CELERY_APP.task(bind=True, base=MonitoredTask)
def update_latest_version(self: MonitoredTask):
"""Update latest version info"""
try:
response = get(
"https://api.github.com/repos/goauthentik/authentik/releases/latest"
)
response.raise_for_status()
data = response.json()
tag_name = data.get("tag_name")
upstream_version = tag_name.split("/")[1]
cache.set(VERSION_CACHE_KEY, upstream_version, VERSION_CACHE_TIMEOUT)
self.set_status(
TaskResult(
TaskResultStatus.SUCCESSFUL, ["Successfully updated latest Version"]
)
)
_set_prom_info()
# Check if upstream version is newer than what we're running,
# and if no event exists yet, create one.
local_version = parse(__version__)
if local_version < parse(upstream_version):
# Event has already been created, don't create duplicate
if Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
context__new_version=upstream_version,
).exists():
return
event_dict = {"new_version": upstream_version}
if match := re.search(URL_FINDER, data.get("body", "")):
event_dict["message"] = f"Changelog: {match.group()}"
Event.new(EventAction.UPDATE_AVAILABLE, **event_dict).save()
except (RequestException, IndexError) as exc:
cache.set(VERSION_CACHE_KEY, "0.0.0", VERSION_CACHE_TIMEOUT)
self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc))
_set_prom_info()

View File

@ -0,0 +1,102 @@
"""test admin api"""
from json import loads
from django.test import TestCase
from django.urls import reverse
from authentik import __version__
from authentik.core.models import Group, User
from authentik.core.tasks import clean_expired_models
from authentik.events.monitored_tasks import TaskResultStatus
class TestAdminAPI(TestCase):
"""test admin api"""
def setUp(self) -> None:
super().setUp()
self.user = User.objects.create(username="test-user")
self.group = Group.objects.create(name="superusers", is_superuser=True)
self.group.users.add(self.user)
self.group.save()
self.client.force_login(self.user)
def test_tasks(self):
"""Test Task API"""
clean_expired_models.delay()
response = self.client.get(reverse("authentik_api:admin_system_tasks-list"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertTrue(
any(task["task_name"] == "clean_expired_models" for task in body)
)
def test_tasks_single(self):
"""Test Task API (read single)"""
clean_expired_models.delay()
response = self.client.get(
reverse(
"authentik_api:admin_system_tasks-detail",
kwargs={"pk": "clean_expired_models"},
)
)
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertEqual(body["status"], TaskResultStatus.SUCCESSFUL.name)
self.assertEqual(body["task_name"], "clean_expired_models")
response = self.client.get(
reverse(
"authentik_api:admin_system_tasks-detail", kwargs={"pk": "qwerqwer"}
)
)
self.assertEqual(response.status_code, 404)
def test_tasks_retry(self):
"""Test Task API (retry)"""
clean_expired_models.delay()
response = self.client.post(
reverse(
"authentik_api:admin_system_tasks-retry",
kwargs={"pk": "clean_expired_models"},
)
)
self.assertEqual(response.status_code, 204)
def test_tasks_retry_404(self):
"""Test Task API (retry, 404)"""
response = self.client.post(
reverse(
"authentik_api:admin_system_tasks-retry",
kwargs={"pk": "qwerqewrqrqewrqewr"},
)
)
self.assertEqual(response.status_code, 404)
def test_version(self):
"""Test Version API"""
response = self.client.get(reverse("authentik_api:admin_version"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertEqual(body["version_current"], __version__)
def test_workers(self):
"""Test Workers API"""
response = self.client.get(reverse("authentik_api:admin_workers"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertEqual(body["count"], 0)
def test_metrics(self):
"""Test metrics API"""
response = self.client.get(reverse("authentik_api:admin_metrics"))
self.assertEqual(response.status_code, 200)
def test_apps(self):
"""Test apps API"""
response = self.client.get(reverse("authentik_api:apps-list"))
self.assertEqual(response.status_code, 200)
def test_system(self):
"""Test system API"""
response = self.client.get(reverse("authentik_api:admin_system"))
self.assertEqual(response.status_code, 200)

View File

@ -0,0 +1,81 @@
"""test admin tasks"""
import json
from dataclasses import dataclass
from unittest.mock import Mock, patch
from django.core.cache import cache
from django.test import TestCase
from requests.exceptions import RequestException
from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
from authentik.events.models import Event, EventAction
@dataclass
class MockResponse:
"""Mock class to emulate the methods of requests's Response we need"""
status_code: int
response: str
def json(self) -> dict:
"""Get json parsed response"""
return json.loads(self.response)
def raise_for_status(self):
"""raise RequestException if status code is 400 or more"""
if self.status_code >= 400:
raise RequestException
REQUEST_MOCK_VALID = Mock(
return_value=MockResponse(
200,
"""{
"tag_name": "version/99999999.9999999",
"body": "https://goauthentik.io/test"
}""",
)
)
REQUEST_MOCK_INVALID = Mock(return_value=MockResponse(400, "{}"))
class TestAdminTasks(TestCase):
"""test admin tasks"""
@patch("authentik.admin.tasks.get", REQUEST_MOCK_VALID)
def test_version_valid_response(self):
"""Test Update checker with valid response"""
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "99999999.9999999")
self.assertTrue(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
context__new_version="99999999.9999999",
context__message="Changelog: https://goauthentik.io/test",
).exists()
)
# test that a consecutive check doesn't create a duplicate event
update_latest_version.delay().get()
self.assertEqual(
len(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
context__new_version="99999999.9999999",
context__message="Changelog: https://goauthentik.io/test",
)
),
1,
)
@patch("authentik.admin.tasks.get", REQUEST_MOCK_INVALID)
def test_version_error(self):
"""Test Update checker with invalid response"""
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "0.0.0")
self.assertFalse(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE, context__new_version="0.0.0"
).exists()
)

34
authentik/api/apps.py Normal file
View File

@ -0,0 +1,34 @@
"""authentik API AppConfig"""
from django.apps import AppConfig
class AuthentikAPIConfig(AppConfig):
"""authentik API Config"""
name = "authentik.api"
label = "authentik_api"
mountpoint = "api/"
verbose_name = "authentik API"
def ready(self) -> None:
from drf_spectacular.extensions import OpenApiAuthenticationExtension
from authentik.api.authentication import TokenAuthentication
# Class is defined here as it needs to be created early enough that drf-spectacular will
# find it, but also won't cause any import issues
# pylint: disable=unused-variable
class TokenSchema(OpenApiAuthenticationExtension):
"""Auth schema"""
target_class = TokenAuthentication
name = "authentik"
def get_security_definition(self, auto_schema):
"""Auth schema"""
return {
"type": "apiKey",
"in": "header",
"name": "Authorization",
}

View File

@ -0,0 +1,57 @@
"""API Authentication"""
from base64 import b64decode
from binascii import Error
from typing import Any, Optional, Union
from rest_framework.authentication import BaseAuthentication, get_authorization_header
from rest_framework.exceptions import AuthenticationFailed
from rest_framework.request import Request
from structlog.stdlib import get_logger
from authentik.core.models import Token, TokenIntents, User
LOGGER = get_logger()
# pylint: disable=too-many-return-statements
def token_from_header(raw_header: bytes) -> Optional[Token]:
"""raw_header in the Format of `Bearer dGVzdDp0ZXN0`"""
auth_credentials = raw_header.decode()
if auth_credentials == "" or " " not in auth_credentials:
return None
auth_type, auth_credentials = auth_credentials.split()
if auth_type.lower() not in ["basic", "bearer"]:
LOGGER.debug("Unsupported authentication type, denying", type=auth_type.lower())
raise AuthenticationFailed("Unsupported authentication type")
password = auth_credentials
if auth_type.lower() == "basic":
try:
auth_credentials = b64decode(auth_credentials.encode()).decode()
except (UnicodeDecodeError, Error):
raise AuthenticationFailed("Malformed header")
# Accept credentials with username and without
if ":" in auth_credentials:
_, password = auth_credentials.split(":")
else:
password = auth_credentials
if password == "": # nosec
raise AuthenticationFailed("Malformed header")
tokens = Token.filter_not_expired(key=password, intent=TokenIntents.INTENT_API)
if not tokens.exists():
raise AuthenticationFailed("Token invalid/expired")
return tokens.first()
class TokenAuthentication(BaseAuthentication):
"""Token-based authentication using HTTP Bearer authentication"""
def authenticate(self, request: Request) -> Union[tuple[User, Any], None]:
"""Token-based authentication using HTTP Bearer authentication"""
auth = get_authorization_header(request)
token = token_from_header(auth)
# None is only returned when the header isn't set.
if not token:
return None
return (token.user, None) # pragma: no cover

View File

@ -0,0 +1,35 @@
"""API Authorization"""
from django.db.models import Model
from django.db.models.query import QuerySet
from rest_framework.filters import BaseFilterBackend
from rest_framework.permissions import BasePermission
from rest_framework.request import Request
class OwnerFilter(BaseFilterBackend):
"""Filter objects by their owner"""
owner_key = "user"
def filter_queryset(self, request: Request, queryset: QuerySet, view) -> QuerySet:
return queryset.filter(**{self.owner_key: request.user})
class OwnerPermissions(BasePermission):
"""Authorize requests by an object's owner matching the requesting user"""
owner_key = "user"
def has_permission(self, request: Request, view) -> bool:
"""If the user is authenticated, we allow all requests here. For listing, the
object-level permissions are done by the filter backend"""
return request.user.is_authenticated
def has_object_permission(self, request: Request, view, obj: Model) -> bool:
"""Check if the object's owner matches the currently logged in user"""
if not hasattr(obj, self.owner_key):
return False
owner = getattr(obj, self.owner_key)
if owner != request.user:
return False
return True

View File

@ -0,0 +1,32 @@
"""API Decorators"""
from functools import wraps
from typing import Callable, Optional
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ModelViewSet
def permission_required(
perm: Optional[str] = None, other_perms: Optional[list[str]] = None
):
"""Check permissions for a single custom action"""
def wrapper_outter(func: Callable):
"""Check permissions for a single custom action"""
@wraps(func)
def wrapper(self: ModelViewSet, request: Request, *args, **kwargs) -> Response:
if perm:
obj = self.get_object()
if not request.user.has_perm(perm, obj):
return self.permission_denied(request)
if other_perms:
for other_perm in other_perms:
if not request.user.has_perm(other_perm):
return self.permission_denied(request)
return func(self, request, *args, **kwargs)
return wrapper
return wrapper_outter

View File

@ -0,0 +1,76 @@
"""Pagination which includes total pages and current page"""
from rest_framework import pagination
from rest_framework.response import Response
class Pagination(pagination.PageNumberPagination):
"""Pagination which includes total pages and current page"""
page_query_param = "page"
page_size_query_param = "page_size"
def get_paginated_response(self, data):
previous_page_number = 0
if self.page.has_previous():
previous_page_number = self.page.previous_page_number()
next_page_number = 0
if self.page.has_next():
next_page_number = self.page.next_page_number()
return Response(
{
"pagination": {
"next": next_page_number,
"previous": previous_page_number,
"count": self.page.paginator.count,
"current": self.page.number,
"total_pages": self.page.paginator.num_pages,
"start_index": self.page.start_index(),
"end_index": self.page.end_index(),
},
"results": data,
}
)
def get_paginated_response_schema(self, schema):
return {
"type": "object",
"properties": {
"pagination": {
"type": "object",
"properties": {
"next": {
"type": "number",
},
"previous": {
"type": "number",
},
"count": {
"type": "number",
},
"current": {
"type": "number",
},
"total_pages": {
"type": "number",
},
"start_index": {
"type": "number",
},
"end_index": {
"type": "number",
},
},
"required": [
"next",
"previous",
"count",
"current",
"total_pages",
"start_index",
"end_index",
],
},
"results": schema,
},
"required": ["pagination", "results"],
}

77
authentik/api/schema.py Normal file
View File

@ -0,0 +1,77 @@
"""Error Response schema, from https://github.com/axnsan12/drf-yasg/issues/224"""
from django.utils.translation import gettext_lazy as _
from drf_spectacular.plumbing import (
ResolvedComponent,
build_array_type,
build_basic_type,
build_object_type,
)
from drf_spectacular.settings import spectacular_settings
from drf_spectacular.types import OpenApiTypes
def build_standard_type(obj, **kwargs):
"""Build a basic type with optional add ons."""
schema = build_basic_type(obj)
schema.update(kwargs)
return schema
GENERIC_ERROR = build_object_type(
description=_("Generic API Error"),
properties={
"detail": build_standard_type(OpenApiTypes.STR),
"code": build_standard_type(OpenApiTypes.STR),
},
required=["detail"],
)
VALIDATION_ERROR = build_object_type(
description=_("Validation Error"),
properties={
"non_field_errors": build_array_type(build_standard_type(OpenApiTypes.STR)),
"code": build_standard_type(OpenApiTypes.STR),
},
required=["detail"],
additionalProperties={},
)
def postprocess_schema_responses(result, generator, **kwargs): # noqa: W0613
"""Workaround to set a default response for endpoints.
Workaround suggested at
<https://github.com/tfranzel/drf-spectacular/issues/119#issuecomment-656970357>
for the missing drf-spectacular feature discussed in
<https://github.com/tfranzel/drf-spectacular/issues/101>.
"""
def create_component(name, schema, type_=ResolvedComponent.SCHEMA):
"""Register a component and return a reference to it."""
component = ResolvedComponent(
name=name,
type=type_,
schema=schema,
object=name,
)
generator.registry.register_on_missing(component)
return component
generic_error = create_component("GenericError", GENERIC_ERROR)
validation_error = create_component("ValidationError", VALIDATION_ERROR)
for path in result["paths"].values():
for method in path.values():
method["responses"].setdefault("400", validation_error.ref)
method["responses"].setdefault("403", generic_error.ref)
result["components"] = generator.registry.build(
spectacular_settings.APPEND_COMPONENTS
)
# This is a workaround for authentik/stages/prompt/stage.py
# since the serializer PromptChallengeResponse
# accepts dynamic keys
for component in result["components"]["schemas"]:
if component == "PromptChallengeResponseRequest":
comp = result["components"]["schemas"][component]
comp["additionalProperties"] = {}
return result

View File

@ -0,0 +1,49 @@
{% extends "base/skeleton.html" %}
{% load static %}
{% block title %}
API Browser - {{ tenant.branding_title }}
{% endblock %}
{% block head %}
<script type="module" src="{% static 'dist/rapidoc-min.js' %}"></script>
{% endblock %}
{% block body %}
<script>
function getCookie(name) {
let cookieValue = "";
if (document.cookie && document.cookie !== "") {
const cookies = document.cookie.split(";");
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === name + "=") {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
window.addEventListener('DOMContentLoaded', (event) => {
const rapidocEl = document.querySelector('rapi-doc');
rapidocEl.addEventListener('before-try', (e) => {
e.detail.request.headers.append('X-CSRFToken', getCookie("authentik_csrf"));
});
});
</script>
<rapi-doc
spec-url="{{ path }}"
heading-text="authentik"
theme="dark"
render-style="view"
primary-color="#fd4b2d"
allow-spec-url-load="false"
allow-spec-file-load="false">
<div slot="logo">
<img src="{% static 'dist/assets/icons/icon.png' %}" style="width:50px; height:50px" />
</div>
</rapi-doc>
{% endblock %}

View File

@ -0,0 +1,49 @@
"""Test API Authentication"""
from base64 import b64encode
from django.test import TestCase
from guardian.shortcuts import get_anonymous_user
from rest_framework.exceptions import AuthenticationFailed
from authentik.api.authentication import token_from_header
from authentik.core.models import Token, TokenIntents
class TestAPIAuth(TestCase):
"""Test API Authentication"""
def test_valid_basic(self):
"""Test valid token"""
token = Token.objects.create(
intent=TokenIntents.INTENT_API, user=get_anonymous_user()
)
auth = b64encode(f":{token.key}".encode()).decode()
self.assertEqual(token_from_header(f"Basic {auth}".encode()), token)
def test_valid_bearer(self):
"""Test valid token"""
token = Token.objects.create(
intent=TokenIntents.INTENT_API, user=get_anonymous_user()
)
self.assertEqual(token_from_header(f"Bearer {token.key}".encode()), token)
def test_invalid_type(self):
"""Test invalid type"""
with self.assertRaises(AuthenticationFailed):
token_from_header("foo bar".encode())
def test_invalid_decode(self):
"""Test invalid bas64"""
with self.assertRaises(AuthenticationFailed):
token_from_header("Basic bar".encode())
def test_invalid_empty_password(self):
"""Test invalid with empty password"""
with self.assertRaises(AuthenticationFailed):
token_from_header("Basic :".encode())
def test_invalid_no_token(self):
"""Test invalid with no token"""
with self.assertRaises(AuthenticationFailed):
auth = b64encode(":abc".encode()).decode()
self.assertIsNone(token_from_header(f"Basic :{auth}".encode()))

View File

@ -0,0 +1,16 @@
"""Test config API"""
from json import loads
from django.urls import reverse
from rest_framework.test import APITestCase
class TestConfig(APITestCase):
"""Test config API"""
def test_config(self):
"""Test YAML generation"""
response = self.client.get(
reverse("authentik_api:config"),
)
self.assertTrue(loads(response.content.decode()))

View File

@ -0,0 +1,33 @@
"""test decorators api"""
from django.urls import reverse
from guardian.shortcuts import assign_perm
from rest_framework.test import APITestCase
from authentik.core.models import Application, User
class TestAPIDecorators(APITestCase):
"""test decorators api"""
def setUp(self) -> None:
super().setUp()
self.user = User.objects.create(username="test-user")
def test_obj_perm_denied(self):
"""Test object perm denied"""
self.client.force_login(self.user)
app = Application.objects.create(name="denied", slug="denied")
response = self.client.get(
reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
)
self.assertEqual(response.status_code, 403)
def test_other_perm_denied(self):
"""Test other perm denied"""
self.client.force_login(self.user)
app = Application.objects.create(name="denied", slug="denied")
assign_perm("authentik_core.view_application", self.user, app)
response = self.client.get(
reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
)
self.assertEqual(response.status_code, 403)

View File

@ -0,0 +1,22 @@
"""Schema generation tests"""
from django.urls import reverse
from rest_framework.test import APITestCase
from yaml import safe_load
class TestSchemaGeneration(APITestCase):
"""Generic admin tests"""
def test_schema(self):
"""Test generation"""
response = self.client.get(
reverse("authentik_api:schema"),
)
self.assertTrue(safe_load(response.content.decode()))
def test_browser(self):
"""Test API Browser"""
response = self.client.get(
reverse("authentik_api:schema-browser"),
)
self.assertEqual(response.status_code, 200)

View File

@ -1,7 +1,7 @@
"""passbook api urls"""
"""authentik api urls"""
from django.urls import include, path
from passbook.api.v2.urls import urlpatterns as v2_urls
from authentik.api.v2.urls import urlpatterns as v2_urls
urlpatterns = [
path("v2beta/", include(v2_urls)),

View File

@ -0,0 +1,70 @@
"""core Configs API"""
from os import environ, path
from django.conf import settings
from django.db import models
from drf_spectacular.utils import extend_schema
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
from rest_framework.fields import BooleanField, CharField, ChoiceField, ListField
from rest_framework.permissions import AllowAny
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.views import APIView
from authentik.core.api.utils import PassiveSerializer
from authentik.events.geo import GEOIP_READER
from authentik.lib.config import CONFIG
class Capabilities(models.TextChoices):
"""Define capabilities which influence which APIs can/should be used"""
CAN_SAVE_MEDIA = "can_save_media"
CAN_GEO_IP = "can_geo_ip"
CAN_BACKUP = "can_backup"
class ConfigSerializer(PassiveSerializer):
"""Serialize authentik Config into DRF Object"""
error_reporting_enabled = BooleanField(read_only=True)
error_reporting_environment = CharField(read_only=True)
error_reporting_send_pii = BooleanField(read_only=True)
capabilities = ListField(child=ChoiceField(choices=Capabilities.choices))
class ConfigView(APIView):
"""Read-only view set that returns the current session's Configs"""
permission_classes = [AllowAny]
def get_capabilities(self) -> list[Capabilities]:
"""Get all capabilities this server instance supports"""
caps = []
deb_test = settings.DEBUG or settings.TEST
if path.ismount(settings.MEDIA_ROOT) or deb_test:
caps.append(Capabilities.CAN_SAVE_MEDIA)
if GEOIP_READER.enabled:
caps.append(Capabilities.CAN_GEO_IP)
if SERVICE_HOST_ENV_NAME in environ:
# Running in k8s, only s3 backup is supported
if CONFIG.y("postgresql.s3_backup"):
caps.append(Capabilities.CAN_BACKUP)
else:
# Running in compose, backup is always supported
caps.append(Capabilities.CAN_BACKUP)
return caps
@extend_schema(responses={200: ConfigSerializer(many=False)})
def get(self, request: Request) -> Response:
"""Retrive public configuration options"""
config = ConfigSerializer(
{
"error_reporting_enabled": CONFIG.y("error_reporting.enabled"),
"error_reporting_environment": CONFIG.y("error_reporting.environment"),
"error_reporting_send_pii": CONFIG.y("error_reporting.send_pii"),
"capabilities": self.get_capabilities(),
}
)
return Response(config.data)

240
authentik/api/v2/urls.py Normal file
View File

@ -0,0 +1,240 @@
"""api v2 urls"""
from django.urls import path
from drf_spectacular.views import SpectacularAPIView
from rest_framework import routers
from authentik.admin.api.meta import AppsViewSet
from authentik.admin.api.metrics import AdministrationMetricsViewSet
from authentik.admin.api.system import SystemView
from authentik.admin.api.tasks import TaskViewSet
from authentik.admin.api.version import VersionView
from authentik.admin.api.workers import WorkerView
from authentik.api.v2.config import ConfigView
from authentik.api.views import APIBrowserView
from authentik.core.api.applications import ApplicationViewSet
from authentik.core.api.authenticated_sessions import AuthenticatedSessionViewSet
from authentik.core.api.groups import GroupViewSet
from authentik.core.api.propertymappings import PropertyMappingViewSet
from authentik.core.api.providers import ProviderViewSet
from authentik.core.api.sources import SourceViewSet
from authentik.core.api.tokens import TokenViewSet
from authentik.core.api.users import UserViewSet
from authentik.crypto.api import CertificateKeyPairViewSet
from authentik.events.api.event import EventViewSet
from authentik.events.api.notification import NotificationViewSet
from authentik.events.api.notification_rule import NotificationRuleViewSet
from authentik.events.api.notification_transport import NotificationTransportViewSet
from authentik.flows.api.bindings import FlowStageBindingViewSet
from authentik.flows.api.flows import FlowViewSet
from authentik.flows.api.stages import StageViewSet
from authentik.flows.views import FlowExecutorView
from authentik.outposts.api.outposts import OutpostViewSet
from authentik.outposts.api.service_connections import (
DockerServiceConnectionViewSet,
KubernetesServiceConnectionViewSet,
ServiceConnectionViewSet,
)
from authentik.policies.api.bindings import PolicyBindingViewSet
from authentik.policies.api.policies import PolicyViewSet
from authentik.policies.dummy.api import DummyPolicyViewSet
from authentik.policies.event_matcher.api import EventMatcherPolicyViewSet
from authentik.policies.expiry.api import PasswordExpiryPolicyViewSet
from authentik.policies.expression.api import ExpressionPolicyViewSet
from authentik.policies.hibp.api import HaveIBeenPwendPolicyViewSet
from authentik.policies.password.api import PasswordPolicyViewSet
from authentik.policies.reputation.api import (
IPReputationViewSet,
ReputationPolicyViewSet,
UserReputationViewSet,
)
from authentik.providers.ldap.api import LDAPOutpostConfigViewSet, LDAPProviderViewSet
from authentik.providers.oauth2.api.provider import OAuth2ProviderViewSet
from authentik.providers.oauth2.api.scope import ScopeMappingViewSet
from authentik.providers.oauth2.api.tokens import (
AuthorizationCodeViewSet,
RefreshTokenViewSet,
)
from authentik.providers.proxy.api import (
ProxyOutpostConfigViewSet,
ProxyProviderViewSet,
)
from authentik.providers.saml.api import SAMLPropertyMappingViewSet, SAMLProviderViewSet
from authentik.sources.ldap.api import LDAPPropertyMappingViewSet, LDAPSourceViewSet
from authentik.sources.oauth.api.source import OAuthSourceViewSet
from authentik.sources.oauth.api.source_connection import (
UserOAuthSourceConnectionViewSet,
)
from authentik.sources.plex.api import PlexSourceViewSet
from authentik.sources.saml.api import SAMLSourceViewSet
from authentik.stages.authenticator_duo.api import (
AuthenticatorDuoStageViewSet,
DuoAdminDeviceViewSet,
DuoDeviceViewSet,
)
from authentik.stages.authenticator_static.api import (
AuthenticatorStaticStageViewSet,
StaticAdminDeviceViewSet,
StaticDeviceViewSet,
)
from authentik.stages.authenticator_totp.api import (
AuthenticatorTOTPStageViewSet,
TOTPAdminDeviceViewSet,
TOTPDeviceViewSet,
)
from authentik.stages.authenticator_validate.api import (
AuthenticatorValidateStageViewSet,
)
from authentik.stages.authenticator_webauthn.api import (
AuthenticateWebAuthnStageViewSet,
WebAuthnAdminDeviceViewSet,
WebAuthnDeviceViewSet,
)
from authentik.stages.captcha.api import CaptchaStageViewSet
from authentik.stages.consent.api import ConsentStageViewSet, UserConsentViewSet
from authentik.stages.deny.api import DenyStageViewSet
from authentik.stages.dummy.api import DummyStageViewSet
from authentik.stages.email.api import EmailStageViewSet
from authentik.stages.identification.api import IdentificationStageViewSet
from authentik.stages.invitation.api import InvitationStageViewSet, InvitationViewSet
from authentik.stages.password.api import PasswordStageViewSet
from authentik.stages.prompt.api import PromptStageViewSet, PromptViewSet
from authentik.stages.user_delete.api import UserDeleteStageViewSet
from authentik.stages.user_login.api import UserLoginStageViewSet
from authentik.stages.user_logout.api import UserLogoutStageViewSet
from authentik.stages.user_write.api import UserWriteStageViewSet
from authentik.tenants.api import TenantViewSet
router = routers.DefaultRouter()
router.register("admin/system_tasks", TaskViewSet, basename="admin_system_tasks")
router.register("admin/apps", AppsViewSet, basename="apps")
router.register("core/authenticated_sessions", AuthenticatedSessionViewSet)
router.register("core/applications", ApplicationViewSet)
router.register("core/groups", GroupViewSet)
router.register("core/users", UserViewSet)
router.register("core/user_consent", UserConsentViewSet)
router.register("core/tokens", TokenViewSet)
router.register("core/tenants", TenantViewSet)
router.register("outposts/instances", OutpostViewSet)
router.register("outposts/service_connections/all", ServiceConnectionViewSet)
router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet)
router.register(
"outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet
)
router.register("outposts/proxy", ProxyOutpostConfigViewSet)
router.register("outposts/ldap", LDAPOutpostConfigViewSet)
router.register("flows/instances", FlowViewSet)
router.register("flows/bindings", FlowStageBindingViewSet)
router.register("crypto/certificatekeypairs", CertificateKeyPairViewSet)
router.register("events/events", EventViewSet)
router.register("events/notifications", NotificationViewSet)
router.register("events/transports", NotificationTransportViewSet)
router.register("events/rules", NotificationRuleViewSet)
router.register("sources/all", SourceViewSet)
router.register("sources/oauth_user_connections", UserOAuthSourceConnectionViewSet)
router.register("sources/ldap", LDAPSourceViewSet)
router.register("sources/saml", SAMLSourceViewSet)
router.register("sources/oauth", OAuthSourceViewSet)
router.register("sources/plex", PlexSourceViewSet)
router.register("policies/all", PolicyViewSet)
router.register("policies/bindings", PolicyBindingViewSet)
router.register("policies/expression", ExpressionPolicyViewSet)
router.register("policies/event_matcher", EventMatcherPolicyViewSet)
router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet)
router.register("policies/password_expiry", PasswordExpiryPolicyViewSet)
router.register("policies/password", PasswordPolicyViewSet)
router.register("policies/reputation/users", UserReputationViewSet)
router.register("policies/reputation/ips", IPReputationViewSet)
router.register("policies/reputation", ReputationPolicyViewSet)
router.register("providers/all", ProviderViewSet)
router.register("providers/ldap", LDAPProviderViewSet)
router.register("providers/proxy", ProxyProviderViewSet)
router.register("providers/oauth2", OAuth2ProviderViewSet)
router.register("providers/saml", SAMLProviderViewSet)
router.register("oauth2/authorization_codes", AuthorizationCodeViewSet)
router.register("oauth2/refresh_tokens", RefreshTokenViewSet)
router.register("propertymappings/all", PropertyMappingViewSet)
router.register("propertymappings/ldap", LDAPPropertyMappingViewSet)
router.register("propertymappings/saml", SAMLPropertyMappingViewSet)
router.register("propertymappings/scope", ScopeMappingViewSet)
router.register("authenticators/duo", DuoDeviceViewSet)
router.register("authenticators/static", StaticDeviceViewSet)
router.register("authenticators/totp", TOTPDeviceViewSet)
router.register("authenticators/webauthn", WebAuthnDeviceViewSet)
router.register(
"authenticators/admin/duo",
DuoAdminDeviceViewSet,
basename="admin-duodevice",
)
router.register(
"authenticators/admin/static",
StaticAdminDeviceViewSet,
basename="admin-staticdevice",
)
router.register(
"authenticators/admin/totp", TOTPAdminDeviceViewSet, basename="admin-totpdevice"
)
router.register(
"authenticators/admin/webauthn",
WebAuthnAdminDeviceViewSet,
basename="admin-webauthndevice",
)
router.register("stages/all", StageViewSet)
router.register("stages/authenticator/duo", AuthenticatorDuoStageViewSet)
router.register("stages/authenticator/static", AuthenticatorStaticStageViewSet)
router.register("stages/authenticator/totp", AuthenticatorTOTPStageViewSet)
router.register("stages/authenticator/validate", AuthenticatorValidateStageViewSet)
router.register("stages/authenticator/webauthn", AuthenticateWebAuthnStageViewSet)
router.register("stages/captcha", CaptchaStageViewSet)
router.register("stages/consent", ConsentStageViewSet)
router.register("stages/deny", DenyStageViewSet)
router.register("stages/email", EmailStageViewSet)
router.register("stages/identification", IdentificationStageViewSet)
router.register("stages/invitation/invitations", InvitationViewSet)
router.register("stages/invitation/stages", InvitationStageViewSet)
router.register("stages/password", PasswordStageViewSet)
router.register("stages/prompt/prompts", PromptViewSet)
router.register("stages/prompt/stages", PromptStageViewSet)
router.register("stages/user_delete", UserDeleteStageViewSet)
router.register("stages/user_login", UserLoginStageViewSet)
router.register("stages/user_logout", UserLogoutStageViewSet)
router.register("stages/user_write", UserWriteStageViewSet)
router.register("stages/dummy", DummyStageViewSet)
router.register("policies/dummy", DummyPolicyViewSet)
urlpatterns = (
[
path("", APIBrowserView.as_view(), name="schema-browser"),
]
+ router.urls
+ [
path(
"admin/metrics/",
AdministrationMetricsViewSet.as_view(),
name="admin_metrics",
),
path("admin/version/", VersionView.as_view(), name="admin_version"),
path("admin/workers/", WorkerView.as_view(), name="admin_workers"),
path("admin/system/", SystemView.as_view(), name="admin_system"),
path("root/config/", ConfigView.as_view(), name="config"),
path(
"flows/executor/<slug:flow_slug>/",
FlowExecutorView.as_view(),
name="flow-executor",
),
path("schema/", SpectacularAPIView.as_view(), name="schema"),
]
)

19
authentik/api/views.py Normal file
View File

@ -0,0 +1,19 @@
"""General API Views"""
from typing import Any
from django.urls import reverse
from django.views.generic import TemplateView
class APIBrowserView(TemplateView):
"""Show browser view based on rapi-doc"""
template_name = "api/browser.html"
def get_context_data(self, **kwargs: Any) -> dict[str, Any]:
path = self.request.build_absolute_uri(
reverse(
"authentik_api:schema",
)
)
return super().get_context_data(path=path, **kwargs)

View File

@ -0,0 +1,255 @@
"""Application API Views"""
from django.core.cache import cache
from django.db.models import QuerySet
from django.http.response import HttpResponseBadRequest
from django.shortcuts import get_object_or_404
from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import (
OpenApiParameter,
OpenApiResponse,
extend_schema,
inline_serializer,
)
from rest_framework.decorators import action
from rest_framework.fields import BooleanField, CharField, FileField, ReadOnlyField
from rest_framework.parsers import MultiPartParser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from structlog.stdlib import get_logger
from authentik.admin.api.metrics import CoordinateSerializer, get_events_per_1h
from authentik.api.decorators import permission_required
from authentik.core.api.providers import ProviderSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.core.models import Application, User
from authentik.events.models import EventAction
from authentik.policies.api.exec import PolicyTestResultSerializer
from authentik.policies.engine import PolicyEngine
from authentik.policies.types import PolicyResult
from authentik.stages.user_login.stage import USER_LOGIN_AUTHENTICATED
LOGGER = get_logger()
def user_app_cache_key(user_pk: str) -> str:
"""Cache key where application list for user is saved"""
return f"user_app_cache_{user_pk}"
class ApplicationSerializer(ModelSerializer):
"""Application Serializer"""
launch_url = ReadOnlyField(source="get_launch_url")
provider_obj = ProviderSerializer(source="get_provider", required=False)
meta_icon = ReadOnlyField(source="get_meta_icon")
class Meta:
model = Application
fields = [
"pk",
"name",
"slug",
"provider",
"provider_obj",
"launch_url",
"meta_launch_url",
"meta_icon",
"meta_description",
"meta_publisher",
"policy_engine_mode",
]
extra_kwargs = {
"meta_icon": {"read_only": True},
}
class ApplicationViewSet(UsedByMixin, ModelViewSet):
"""Application Viewset"""
queryset = Application.objects.all()
serializer_class = ApplicationSerializer
search_fields = [
"name",
"slug",
"meta_launch_url",
"meta_description",
"meta_publisher",
]
lookup_field = "slug"
ordering = ["name"]
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
if backend == ObjectPermissionsFilter:
continue
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def _get_allowed_applications(self, queryset: QuerySet) -> list[Application]:
applications = []
for application in queryset:
engine = PolicyEngine(application, self.request.user, self.request)
engine.build()
if engine.passing:
applications.append(application)
return applications
@extend_schema(
parameters=[
OpenApiParameter(
name="for_user",
location=OpenApiParameter.QUERY,
type=OpenApiTypes.INT,
)
],
responses={
200: PolicyTestResultSerializer(),
404: OpenApiResponse(description="for_user user not found"),
},
)
@action(detail=True, methods=["GET"])
# pylint: disable=unused-argument
def check_access(self, request: Request, slug: str) -> Response:
"""Check access to a single application by slug"""
# Don't use self.get_object as that checks for view_application permission
# which the user might not have, even if they have access
application = get_object_or_404(Application, slug=slug)
# If the current user is superuser, they can set `for_user`
for_user = self.request.user
if self.request.user.is_superuser and "for_user" in request.data:
for_user = get_object_or_404(User, pk=request.data.get("for_user"))
engine = PolicyEngine(application, for_user, self.request)
engine.build()
result = engine.result
response = PolicyTestResultSerializer(PolicyResult(False))
if result.passing:
response = PolicyTestResultSerializer(PolicyResult(True))
if self.request.user.is_superuser:
response = PolicyTestResultSerializer(result)
return Response(response.data)
@extend_schema(
parameters=[
OpenApiParameter(
name="superuser_full_list",
location=OpenApiParameter.QUERY,
type=OpenApiTypes.BOOL,
)
]
)
def list(self, request: Request) -> Response:
"""Custom list method that checks Policy based access instead of guardian"""
self.request.session.pop(USER_LOGIN_AUTHENTICATED, None)
queryset = self._filter_queryset_for_list(self.get_queryset())
self.paginate_queryset(queryset)
should_cache = request.GET.get("search", "") == ""
superuser_full_list = (
str(request.GET.get("superuser_full_list", "false")).lower() == "true"
)
if superuser_full_list and request.user.is_superuser:
serializer = self.get_serializer(queryset, many=True)
return self.get_paginated_response(serializer.data)
allowed_applications = []
if not should_cache:
allowed_applications = self._get_allowed_applications(queryset)
if should_cache:
LOGGER.debug("Caching allowed application list")
allowed_applications = cache.get(user_app_cache_key(self.request.user.pk))
if not allowed_applications:
allowed_applications = self._get_allowed_applications(queryset)
cache.set(
user_app_cache_key(self.request.user.pk),
allowed_applications,
timeout=86400,
)
serializer = self.get_serializer(allowed_applications, many=True)
return self.get_paginated_response(serializer.data)
@permission_required("authentik_core.change_application")
@extend_schema(
request={
"multipart/form-data": inline_serializer(
"SetIcon",
fields={
"file": FileField(required=False),
"clear": BooleanField(default=False),
},
)
},
responses={
200: OpenApiResponse(description="Success"),
400: OpenApiResponse(description="Bad request"),
},
)
@action(
detail=True,
pagination_class=None,
filter_backends=[],
methods=["POST"],
parser_classes=(MultiPartParser,),
)
# pylint: disable=unused-argument
def set_icon(self, request: Request, slug: str):
"""Set application icon"""
app: Application = self.get_object()
icon = request.FILES.get("file", None)
clear = request.data.get("clear", "false").lower() == "true"
if clear:
# .delete() saves the model by default
app.meta_icon.delete()
return Response({})
if icon:
app.meta_icon = icon
app.save()
return Response({})
return HttpResponseBadRequest()
@permission_required("authentik_core.change_application")
@extend_schema(
request=inline_serializer("SetIconURL", fields={"url": CharField()}),
responses={
200: OpenApiResponse(description="Success"),
400: OpenApiResponse(description="Bad request"),
},
)
@action(
detail=True,
pagination_class=None,
filter_backends=[],
methods=["POST"],
)
# pylint: disable=unused-argument
def set_icon_url(self, request: Request, slug: str):
"""Set application icon (as URL)"""
app: Application = self.get_object()
url = request.data.get("url", None)
if url is None:
return HttpResponseBadRequest()
app.meta_icon.name = url
app.save()
return Response({})
@permission_required(
"authentik_core.view_application", ["authentik_events.view_event"]
)
@extend_schema(responses={200: CoordinateSerializer(many=True)})
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=unused-argument
def metrics(self, request: Request, slug: str):
"""Metrics for application logins"""
app = self.get_object()
return Response(
get_events_per_1h(
action=EventAction.AUTHORIZE_APPLICATION,
context__authorized_application__pk=app.pk.hex,
)
)

View File

@ -0,0 +1,117 @@
"""AuthenticatedSessions API Viewset"""
from typing import Optional, TypedDict
from django_filters.rest_framework import DjangoFilterBackend
from guardian.utils import get_anonymous_user
from rest_framework import mixins
from rest_framework.fields import SerializerMethodField
from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.request import Request
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import GenericViewSet
from ua_parser import user_agent_parser
from authentik.core.api.used_by import UsedByMixin
from authentik.core.models import AuthenticatedSession
from authentik.events.geo import GEOIP_READER, GeoIPDict
class UserAgentDeviceDict(TypedDict):
"""User agent device"""
brand: str
family: str
model: str
class UserAgentOSDict(TypedDict):
"""User agent os"""
family: str
major: str
minor: str
patch: str
patch_minor: str
class UserAgentBrowserDict(TypedDict):
"""User agent browser"""
family: str
major: str
minor: str
patch: str
class UserAgentDict(TypedDict):
"""User agent details"""
device: UserAgentDeviceDict
os: UserAgentOSDict
user_agent: UserAgentBrowserDict
string: str
class AuthenticatedSessionSerializer(ModelSerializer):
"""AuthenticatedSession Serializer"""
current = SerializerMethodField()
user_agent = SerializerMethodField()
geo_ip = SerializerMethodField()
def get_current(self, instance: AuthenticatedSession) -> bool:
"""Check if session is currently active session"""
request: Request = self.context["request"]
return request._request.session.session_key == instance.session_key
def get_user_agent(self, instance: AuthenticatedSession) -> UserAgentDict:
"""Get parsed user agent"""
return user_agent_parser.Parse(instance.last_user_agent)
def get_geo_ip(
self, instance: AuthenticatedSession
) -> Optional[GeoIPDict]: # pragma: no cover
"""Get parsed user agent"""
return GEOIP_READER.city_dict(instance.last_ip)
class Meta:
model = AuthenticatedSession
fields = [
"uuid",
"current",
"user_agent",
"geo_ip",
"user",
"last_ip",
"last_user_agent",
"last_used",
"expires",
]
class AuthenticatedSessionViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""AuthenticatedSession Viewset"""
queryset = AuthenticatedSession.objects.all()
serializer_class = AuthenticatedSessionSerializer
search_fields = ["user__username", "last_ip", "last_user_agent"]
filterset_fields = ["user__username", "last_ip", "last_user_agent"]
ordering = ["user__username"]
filter_backends = [
DjangoFilterBackend,
OrderingFilter,
SearchFilter,
]
def get_queryset(self):
user = self.request.user if self.request else get_anonymous_user()
if user.is_superuser:
return super().get_queryset()
return super().get_queryset().filter(user=user.pk)

View File

@ -0,0 +1,44 @@
"""Groups API Viewset"""
from django.db.models.query import QuerySet
from rest_framework.fields import JSONField
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import is_dict
from authentik.core.models import Group
class GroupSerializer(ModelSerializer):
"""Group Serializer"""
attributes = JSONField(validators=[is_dict], required=False)
class Meta:
model = Group
fields = ["pk", "name", "is_superuser", "parent", "users", "attributes"]
class GroupViewSet(UsedByMixin, ModelViewSet):
"""Group Viewset"""
queryset = Group.objects.all()
serializer_class = GroupSerializer
search_fields = ["name", "is_superuser"]
filterset_fields = ["name", "is_superuser"]
ordering = ["name"]
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
if backend == ObjectPermissionsFilter:
continue
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def filter_queryset(self, queryset):
if self.request.user.has_perm("authentik_core.view_group"):
return self._filter_queryset_for_list(queryset)
return super().filter_queryset(queryset)

View File

@ -0,0 +1,151 @@
"""PropertyMapping API Views"""
from json import dumps
from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema
from guardian.shortcuts import get_objects_for_user
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.exceptions import PermissionDenied
from rest_framework.fields import BooleanField, CharField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from authentik.api.decorators import permission_required
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import (
MetaNameSerializer,
PassiveSerializer,
TypeCreateSerializer,
)
from authentik.core.expression import PropertyMappingEvaluator
from authentik.core.models import PropertyMapping
from authentik.lib.utils.reflection import all_subclasses
from authentik.managed.api import ManagedSerializer
from authentik.policies.api.exec import PolicyTestSerializer
class PropertyMappingTestResultSerializer(PassiveSerializer):
"""Result of a Property-mapping test"""
result = CharField(read_only=True)
successful = BooleanField(read_only=True)
class PropertyMappingSerializer(ManagedSerializer, ModelSerializer, MetaNameSerializer):
"""PropertyMapping Serializer"""
component = SerializerMethodField()
def get_component(self, obj: PropertyMapping) -> str:
"""Get object's component so that we know how to edit the object"""
return obj.component
def validate_expression(self, expression: str) -> str:
"""Test Syntax"""
evaluator = PropertyMappingEvaluator()
evaluator.validate(expression)
return expression
class Meta:
model = PropertyMapping
fields = [
"pk",
"managed",
"name",
"expression",
"component",
"verbose_name",
"verbose_name_plural",
]
class PropertyMappingViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""PropertyMapping Viewset"""
queryset = PropertyMapping.objects.none()
serializer_class = PropertyMappingSerializer
search_fields = [
"name",
]
filterset_fields = {"managed": ["isnull"]}
ordering = ["name"]
def get_queryset(self): # pragma: no cover
return PropertyMapping.objects.select_subclasses()
@extend_schema(responses={200: TypeCreateSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def types(self, request: Request) -> Response:
"""Get all creatable property-mapping types"""
data = []
for subclass in all_subclasses(self.queryset.model):
subclass: PropertyMapping
data.append(
{
"name": subclass._meta.verbose_name,
"description": subclass.__doc__,
# pyright: reportGeneralTypeIssues=false
"component": subclass().component,
"model_name": subclass._meta.model_name,
}
)
return Response(TypeCreateSerializer(data, many=True).data)
@permission_required("authentik_core.view_propertymapping")
@extend_schema(
request=PolicyTestSerializer(),
responses={
200: PropertyMappingTestResultSerializer,
400: OpenApiResponse(description="Invalid parameters"),
},
parameters=[
OpenApiParameter(
name="format_result",
location=OpenApiParameter.QUERY,
type=OpenApiTypes.BOOL,
)
],
)
@action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"])
# pylint: disable=unused-argument, invalid-name
def test(self, request: Request, pk: str) -> Response:
"""Test Property Mapping"""
mapping: PropertyMapping = self.get_object()
test_params = PolicyTestSerializer(data=request.data)
if not test_params.is_valid():
return Response(test_params.errors, status=400)
format_result = str(request.GET.get("format_result", "false")).lower() == "true"
# User permission check, only allow mapping testing for users that are readable
users = get_objects_for_user(request.user, "authentik_core.view_user").filter(
pk=test_params.validated_data["user"].pk
)
if not users.exists():
raise PermissionDenied()
response_data = {"successful": True, "result": ""}
try:
result = mapping.evaluate(
users.first(),
self.request,
**test_params.validated_data.get("context", {}),
)
response_data["result"] = dumps(
result, indent=(4 if format_result else None)
)
except Exception as exc: # pylint: disable=broad-except
response_data["result"] = str(exc)
response_data["successful"] = False
response = PropertyMappingTestResultSerializer(response_data)
return Response(response.data)

View File

@ -0,0 +1,94 @@
"""Provider API Views"""
from django.utils.translation import gettext_lazy as _
from drf_spectacular.utils import extend_schema
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.fields import ReadOnlyField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Provider
from authentik.lib.utils.reflection import all_subclasses
class ProviderSerializer(ModelSerializer, MetaNameSerializer):
"""Provider Serializer"""
assigned_application_slug = ReadOnlyField(source="application.slug")
assigned_application_name = ReadOnlyField(source="application.name")
component = SerializerMethodField()
def get_component(self, obj: Provider) -> str: # pragma: no cover
"""Get object component so that we know how to edit the object"""
# pyright: reportGeneralTypeIssues=false
if obj.__class__ == Provider:
return ""
return obj.component
class Meta:
model = Provider
fields = [
"pk",
"name",
"authorization_flow",
"property_mappings",
"component",
"assigned_application_slug",
"assigned_application_name",
"verbose_name",
"verbose_name_plural",
]
class ProviderViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""Provider Viewset"""
queryset = Provider.objects.none()
serializer_class = ProviderSerializer
filterset_fields = {
"application": ["isnull"],
}
search_fields = [
"name",
"application__name",
]
def get_queryset(self): # pragma: no cover
return Provider.objects.select_subclasses()
@extend_schema(responses={200: TypeCreateSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def types(self, request: Request) -> Response:
"""Get all creatable provider types"""
data = []
for subclass in all_subclasses(self.queryset.model):
subclass: Provider
data.append(
{
"name": subclass._meta.verbose_name,
"description": subclass.__doc__,
"component": subclass().component,
"model_name": subclass._meta.model_name,
}
)
data.append(
{
"name": _("SAML Provider from Metadata"),
"description": _("Create a SAML Provider by importing its Metadata."),
"component": "ak-provider-saml-import-form",
"model_name": "",
}
)
return Response(TypeCreateSerializer(data, many=True).data)

View File

@ -0,0 +1,113 @@
"""Source API Views"""
from typing import Iterable
from drf_spectacular.utils import extend_schema
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from structlog.stdlib import get_logger
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Source
from authentik.core.types import UserSettingSerializer
from authentik.lib.utils.reflection import all_subclasses
from authentik.policies.engine import PolicyEngine
LOGGER = get_logger()
class SourceSerializer(ModelSerializer, MetaNameSerializer):
"""Source Serializer"""
component = SerializerMethodField()
def get_component(self, obj: Source) -> str:
"""Get object component so that we know how to edit the object"""
# pyright: reportGeneralTypeIssues=false
if obj.__class__ == Source:
return ""
return obj.component
class Meta:
model = Source
fields = [
"pk",
"name",
"slug",
"enabled",
"authentication_flow",
"enrollment_flow",
"component",
"verbose_name",
"verbose_name_plural",
"policy_engine_mode",
"user_matching_mode",
]
class SourceViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
UsedByMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""Source Viewset"""
queryset = Source.objects.none()
serializer_class = SourceSerializer
lookup_field = "slug"
def get_queryset(self): # pragma: no cover
return Source.objects.select_subclasses()
@extend_schema(responses={200: TypeCreateSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def types(self, request: Request) -> Response:
"""Get all creatable source types"""
data = []
for subclass in all_subclasses(self.queryset.model):
subclass: Source
component = ""
if subclass._meta.abstract:
component = subclass.__bases__[0]().component
else:
component = subclass().component
# pyright: reportGeneralTypeIssues=false
data.append(
{
"name": subclass._meta.verbose_name,
"description": subclass.__doc__,
"component": component,
"model_name": subclass._meta.model_name,
}
)
return Response(TypeCreateSerializer(data, many=True).data)
@extend_schema(responses={200: UserSettingSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def user_settings(self, request: Request) -> Response:
"""Get all sources the user can configure"""
_all_sources: Iterable[Source] = Source.objects.filter(
enabled=True
).select_subclasses()
matching_sources: list[UserSettingSerializer] = []
for source in _all_sources:
user_settings = source.ui_user_settings
if not user_settings:
continue
policy_engine = PolicyEngine(source, request.user, request)
policy_engine.build()
if not policy_engine.passing:
continue
source_settings = source.ui_user_settings
source_settings.initial_data["object_uid"] = source.slug
if not source_settings.is_valid():
LOGGER.warning(source_settings.errors)
matching_sources.append(source_settings.validated_data)
return Response(matching_sources)

View File

@ -0,0 +1,87 @@
"""Tokens API Viewset"""
from django.http.response import Http404
from drf_spectacular.utils import OpenApiResponse, extend_schema
from rest_framework.decorators import action
from rest_framework.fields import CharField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from authentik.api.decorators import permission_required
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.users import UserSerializer
from authentik.core.api.utils import PassiveSerializer
from authentik.core.models import Token, TokenIntents
from authentik.events.models import Event, EventAction
from authentik.managed.api import ManagedSerializer
class TokenSerializer(ManagedSerializer, ModelSerializer):
"""Token Serializer"""
user = UserSerializer(required=False)
class Meta:
model = Token
fields = [
"pk",
"managed",
"identifier",
"intent",
"user",
"description",
"expires",
"expiring",
]
depth = 2
class TokenViewSerializer(PassiveSerializer):
"""Show token's current key"""
key = CharField(read_only=True)
class TokenViewSet(UsedByMixin, ModelViewSet):
"""Token Viewset"""
lookup_field = "identifier"
queryset = Token.filter_not_expired()
serializer_class = TokenSerializer
search_fields = [
"identifier",
"intent",
"user__username",
"description",
]
filterset_fields = [
"identifier",
"intent",
"user__username",
"description",
]
ordering = ["expires"]
def perform_create(self, serializer: TokenSerializer):
serializer.save(user=self.request.user, intent=TokenIntents.INTENT_API)
@permission_required("authentik_core.view_token_key")
@extend_schema(
responses={
200: TokenViewSerializer(many=False),
404: OpenApiResponse(description="Token not found or expired"),
}
)
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=unused-argument
def view_key(self, request: Request, identifier: str) -> Response:
"""Return token key and log access"""
token: Token = self.get_object()
if token.is_expired:
raise Http404
Event.new(EventAction.SECRET_VIEW, secret=token).from_http( # noqa # nosec
request
)
return Response(TokenViewSerializer({"key": token.key}).data)

View File

@ -0,0 +1,102 @@
"""used_by mixin"""
from enum import Enum
from inspect import getmembers
from django.db.models.base import Model
from django.db.models.deletion import SET_DEFAULT, SET_NULL
from django.db.models.manager import Manager
from drf_spectacular.utils import extend_schema
from guardian.shortcuts import get_objects_for_user
from rest_framework.decorators import action
from rest_framework.fields import CharField, ChoiceField
from rest_framework.request import Request
from rest_framework.response import Response
from authentik.core.api.utils import PassiveSerializer
class DeleteAction(Enum):
"""Which action a delete will have on a used object"""
CASCADE = "cascade"
CASCADE_MANY = "cascade_many"
SET_NULL = "set_null"
SET_DEFAULT = "set_default"
class UsedBySerializer(PassiveSerializer):
"""A list of all objects referencing the queried object"""
app = CharField()
model_name = CharField()
pk = CharField()
name = CharField()
action = ChoiceField(choices=[(x.name, x.name) for x in DeleteAction])
def get_delete_action(manager: Manager) -> str:
"""Get the delete action from the Foreign key, falls back to cascade"""
if hasattr(manager, "field"):
if manager.field.remote_field.on_delete.__name__ == SET_NULL.__name__:
return DeleteAction.SET_NULL.name
if manager.field.remote_field.on_delete.__name__ == SET_DEFAULT.__name__:
return DeleteAction.SET_DEFAULT.name
if hasattr(manager, "source_field"):
return DeleteAction.CASCADE_MANY.name
return DeleteAction.CASCADE.name
class UsedByMixin:
"""Mixin to add a used_by endpoint to return a list of all objects using this object"""
@extend_schema(
responses={200: UsedBySerializer(many=True)},
)
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name, unused-argument, too-many-locals
def used_by(self, request: Request, *args, **kwargs) -> Response:
"""Get a list of all objects that use this object"""
# pyright: reportGeneralTypeIssues=false
model: Model = self.get_object()
used_by = []
shadows = []
for attr_name, manager in getmembers(model, lambda x: isinstance(x, Manager)):
if attr_name == "objects": # pragma: no cover
continue
manager: Manager
if manager.model._meta.abstract:
continue
app = manager.model._meta.app_label
model_name = manager.model._meta.model_name
delete_action = get_delete_action(manager)
# To make sure we only apply shadows when there are any objects,
# but so we only apply them once, have a simple flag for the first object
first_object = True
for obj in get_objects_for_user(
request.user, f"{app}.view_{model_name}", manager
).all():
# Only merge shadows on first object
if first_object:
shadows += getattr(
manager.model._meta, "authentik_used_by_shadows", []
)
first_object = False
serializer = UsedBySerializer(
data={
"app": app,
"model_name": model_name,
"pk": str(obj.pk),
"name": str(obj),
"action": delete_action,
}
)
serializer.is_valid()
used_by.append(serializer.data)
# Check the shadows map and remove anything that should be shadowed
for idx, user in enumerate(used_by):
full_model_name = f"{user['app']}.{user['model_name']}"
if full_model_name in shadows:
del used_by[idx]
return Response(used_by)

212
authentik/core/api/users.py Normal file
View File

@ -0,0 +1,212 @@
"""User API Views"""
from json import loads
from django.db.models.query import QuerySet
from django.http.response import Http404
from django.urls import reverse_lazy
from django.utils.http import urlencode
from django_filters.filters import BooleanFilter, CharFilter
from django_filters.filterset import FilterSet
from drf_spectacular.utils import OpenApiResponse, extend_schema, extend_schema_field
from guardian.utils import get_anonymous_user
from rest_framework.decorators import action
from rest_framework.fields import CharField, JSONField, SerializerMethodField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import (
BooleanField,
ListSerializer,
ModelSerializer,
ValidationError,
)
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from authentik.admin.api.metrics import CoordinateSerializer, get_events_per_1h
from authentik.api.decorators import permission_required
from authentik.core.api.groups import GroupSerializer
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import LinkSerializer, PassiveSerializer, is_dict
from authentik.core.middleware import (
SESSION_IMPERSONATE_ORIGINAL_USER,
SESSION_IMPERSONATE_USER,
)
from authentik.core.models import Token, TokenIntents, User
from authentik.events.models import EventAction
from authentik.tenants.models import Tenant
class UserSerializer(ModelSerializer):
"""User Serializer"""
is_superuser = BooleanField(read_only=True)
avatar = CharField(read_only=True)
attributes = JSONField(validators=[is_dict], required=False)
groups = ListSerializer(child=GroupSerializer(), read_only=True, source="ak_groups")
uid = CharField(read_only=True)
class Meta:
model = User
fields = [
"pk",
"username",
"name",
"is_active",
"last_login",
"is_superuser",
"groups",
"email",
"avatar",
"attributes",
"uid",
]
class SessionUserSerializer(PassiveSerializer):
"""Response for the /user/me endpoint, returns the currently active user (as `user` property)
and, if this user is being impersonated, the original user in the `original` property."""
user = UserSerializer()
original = UserSerializer(required=False)
class UserMetricsSerializer(PassiveSerializer):
"""User Metrics"""
logins_per_1h = SerializerMethodField()
logins_failed_per_1h = SerializerMethodField()
authorizations_per_1h = SerializerMethodField()
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_per_1h(self, _):
"""Get successful logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(action=EventAction.LOGIN, user__pk=user.pk)
@extend_schema_field(CoordinateSerializer(many=True))
def get_logins_failed_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(
action=EventAction.LOGIN_FAILED, context__username=user.username
)
@extend_schema_field(CoordinateSerializer(many=True))
def get_authorizations_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(
action=EventAction.AUTHORIZE_APPLICATION, user__pk=user.pk
)
class UsersFilter(FilterSet):
"""Filter for users"""
attributes = CharFilter(
field_name="attributes",
lookup_expr="",
label="Attributes",
method="filter_attributes",
)
is_superuser = BooleanFilter(field_name="ak_groups", lookup_expr="is_superuser")
# pylint: disable=unused-argument
def filter_attributes(self, queryset, name, value):
"""Filter attributes by query args"""
try:
value = loads(value)
except ValueError:
raise ValidationError(detail="filter: failed to parse JSON")
if not isinstance(value, dict):
raise ValidationError(detail="filter: value must be key:value mapping")
qs = {}
for key, _value in value.items():
qs[f"attributes__{key}"] = _value
return queryset.filter(**qs)
class Meta:
model = User
fields = ["username", "name", "is_active", "is_superuser", "attributes"]
class UserViewSet(UsedByMixin, ModelViewSet):
"""User Viewset"""
queryset = User.objects.none()
serializer_class = UserSerializer
search_fields = ["username", "name", "is_active"]
filterset_class = UsersFilter
def get_queryset(self): # pragma: no cover
return User.objects.all().exclude(pk=get_anonymous_user().pk)
@extend_schema(responses={200: SessionUserSerializer(many=False)})
@action(detail=False, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name
def me(self, request: Request) -> Response:
"""Get information about current user"""
serializer = SessionUserSerializer(
data={"user": UserSerializer(request.user).data}
)
if SESSION_IMPERSONATE_USER in request._request.session:
serializer.initial_data["original"] = UserSerializer(
request._request.session[SESSION_IMPERSONATE_ORIGINAL_USER]
).data
serializer.is_valid()
return Response(serializer.data)
@permission_required("authentik_core.view_user", ["authentik_events.view_event"])
@extend_schema(responses={200: UserMetricsSerializer(many=False)})
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name, unused-argument
def metrics(self, request: Request, pk: int) -> Response:
"""User metrics per 1h"""
user: User = self.get_object()
serializer = UserMetricsSerializer(True)
serializer.context["user"] = user
return Response(serializer.data)
@permission_required("authentik_core.reset_user_password")
@extend_schema(
responses={
"200": LinkSerializer(many=False),
"404": OpenApiResponse(description="No recovery flow found."),
},
)
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name, unused-argument
def recovery(self, request: Request, pk: int) -> Response:
"""Create a temporary link that a user can use to recover their accounts"""
tenant: Tenant = request._request.tenant
# Check that there is a recovery flow, if not return an error
flow = tenant.flow_recovery
if not flow:
raise Http404
user: User = self.get_object()
token, __ = Token.objects.get_or_create(
identifier=f"{user.uid}-password-reset",
user=user,
intent=TokenIntents.INTENT_RECOVERY,
)
querystring = urlencode({"token": token.key})
link = request.build_absolute_uri(
reverse_lazy("authentik_core:if-flow", kwargs={"flow_slug": flow.slug})
+ f"?{querystring}"
)
return Response({"link": link})
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
if backend == ObjectPermissionsFilter:
continue
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def filter_queryset(self, queryset):
if self.request.user.has_perm("authentik_core.view_group"):
return self._filter_queryset_for_list(queryset)
return super().filter_queryset(queryset)

View File

@ -0,0 +1,68 @@
"""API Utilities"""
from typing import Any
from django.db.models import Model
from rest_framework.fields import CharField, IntegerField
from rest_framework.serializers import (
Serializer,
SerializerMethodField,
ValidationError,
)
def is_dict(value: Any):
"""Ensure a value is a dictionary, useful for JSONFields"""
if isinstance(value, dict):
return
raise ValidationError("Value must be a dictionary.")
class PassiveSerializer(Serializer):
"""Base serializer class which doesn't implement create/update methods"""
def create(self, validated_data: dict) -> Model: # pragma: no cover
return Model()
def update(
self, instance: Model, validated_data: dict
) -> Model: # pragma: no cover
return Model()
class Meta:
model = Model
class MetaNameSerializer(PassiveSerializer):
"""Add verbose names to response"""
verbose_name = SerializerMethodField()
verbose_name_plural = SerializerMethodField()
def get_verbose_name(self, obj: Model) -> str:
"""Return object's verbose_name"""
return obj._meta.verbose_name
def get_verbose_name_plural(self, obj: Model) -> str:
"""Return object's plural verbose_name"""
return obj._meta.verbose_name_plural
class TypeCreateSerializer(PassiveSerializer):
"""Types of an object that can be created"""
name = CharField(required=True)
description = CharField(required=True)
component = CharField(required=True)
model_name = CharField(required=True)
class CacheSerializer(PassiveSerializer):
"""Generic cache stats for an object"""
count = IntegerField(read_only=True)
class LinkSerializer(PassiveSerializer):
"""Returns a single link"""
link = CharField()

30
authentik/core/apps.py Normal file
View File

@ -0,0 +1,30 @@
"""authentik core app config"""
from importlib import import_module
from django.apps import AppConfig
from django.db import ProgrammingError
from authentik.core.signals import GAUGE_MODELS
from authentik.lib.utils.reflection import get_apps
class AuthentikCoreConfig(AppConfig):
"""authentik core app config"""
name = "authentik.core"
label = "authentik_core"
verbose_name = "authentik Core"
mountpoint = ""
def ready(self):
import_module("authentik.core.signals")
import_module("authentik.core.managed")
try:
for app in get_apps():
for model in app.get_models():
GAUGE_MODELS.labels(
model_name=model._meta.model_name,
app=model._meta.app_label,
).set(model.objects.count())
except ProgrammingError:
pass

View File

@ -0,0 +1,35 @@
"""Channels base classes"""
from channels.exceptions import DenyConnection
from channels.generic.websocket import JsonWebsocketConsumer
from rest_framework.exceptions import AuthenticationFailed
from structlog.stdlib import get_logger
from authentik.api.authentication import token_from_header
from authentik.core.models import User
LOGGER = get_logger()
class AuthJsonConsumer(JsonWebsocketConsumer):
"""Authorize a client with a token"""
user: User
def connect(self):
headers = dict(self.scope["headers"])
if b"authorization" not in headers:
LOGGER.warning("WS Request without authorization header")
raise DenyConnection()
raw_header = headers[b"authorization"]
try:
token = token_from_header(raw_header)
# token is only None when no header was given, in which case we deny too
if not token:
raise DenyConnection()
except AuthenticationFailed as exc:
LOGGER.warning("Failed to authenticate", exc=exc)
raise DenyConnection()
self.user = token.user

View File

@ -1,5 +1,5 @@
"""passbook core exceptions"""
from passbook.lib.sentry import SentryIgnoredException
"""authentik core exceptions"""
from authentik.lib.sentry import SentryIgnoredException
class PropertyMappingExpressionException(SentryIgnoredException):

View File

@ -0,0 +1,47 @@
"""Property Mapping Evaluator"""
from traceback import format_tb
from typing import Optional
from django.http import HttpRequest
from guardian.utils import get_anonymous_user
from authentik.core.models import PropertyMapping, User
from authentik.events.models import Event, EventAction
from authentik.lib.expression.evaluator import BaseEvaluator
from authentik.policies.types import PolicyRequest
class PropertyMappingEvaluator(BaseEvaluator):
"""Custom Evalautor that adds some different context variables."""
def set_context(
self,
user: Optional[User],
request: Optional[HttpRequest],
mapping: PropertyMapping,
**kwargs,
):
"""Update context with context from PropertyMapping's evaluate"""
req = PolicyRequest(user=get_anonymous_user())
req.obj = mapping
if user:
req.user = user
self._context["user"] = user
if request:
req.http_request = request
self._context["request"] = req
self._context.update(**kwargs)
def handle_error(self, exc: Exception, expression_source: str):
"""Exception Handler"""
error_string = "\n".join(format_tb(exc.__traceback__) + [str(exc)])
event = Event.new(
EventAction.PROPERTY_MAPPING_EXCEPTION,
expression=expression_source,
message=error_string,
)
if "request" in self._context:
req: PolicyRequest = self._context["request"]
event.from_http(req.http_request, req.user)
return
event.save()

16
authentik/core/managed.py Normal file
View File

@ -0,0 +1,16 @@
"""Core managed objects"""
from authentik.core.models import Source
from authentik.managed.manager import EnsureExists, ObjectManager
class CoreManager(ObjectManager):
"""Core managed objects"""
def reconcile(self):
return [
EnsureExists(
Source,
"goauthentik.io/sources/inbuilt",
name="authentik Built-in",
),
]

View File

@ -1,4 +1,4 @@
"""passbook admin Middleware to impersonate users"""
"""authentik admin Middleware to impersonate users"""
from logging import Logger
from threading import local
from typing import Callable
@ -6,9 +6,10 @@ from uuid import uuid4
from django.http import HttpRequest, HttpResponse
SESSION_IMPERSONATE_USER = "passbook_impersonate_user"
SESSION_IMPERSONATE_ORIGINAL_USER = "passbook_impersonate_original_user"
SESSION_IMPERSONATE_USER = "authentik_impersonate_user"
SESSION_IMPERSONATE_ORIGINAL_USER = "authentik_impersonate_original_user"
LOCAL = local()
RESPONSE_HEADER_ID = "X-authentik-id"
class ImpersonateMiddleware:
@ -25,6 +26,8 @@ class ImpersonateMiddleware:
if SESSION_IMPERSONATE_USER in request.session:
request.user = request.session[SESSION_IMPERSONATE_USER]
# Ensure that the user is active, otherwise nothing will work
request.user.is_active = True
return self.get_response(request)
@ -41,16 +44,21 @@ class RequestIDMiddleware:
if not hasattr(request, "request_id"):
request_id = uuid4().hex
setattr(request, "request_id", request_id)
LOCAL.passbook = {"request_id": request_id}
LOCAL.authentik = {
"request_id": request_id,
"host": request.get_host(),
}
response = self.get_response(request)
response["X-passbook-id"] = request.request_id
del LOCAL.passbook["request_id"]
response[RESPONSE_HEADER_ID] = request.request_id
del LOCAL.authentik["request_id"]
del LOCAL.authentik["host"]
return response
# pylint: disable=unused-argument
def structlog_add_request_id(logger: Logger, method_name: str, event_dict):
"""If threadlocal has passbook defined, add request_id to log"""
if hasattr(LOCAL, "passbook"):
event_dict["request_id"] = LOCAL.passbook.get("request_id", "")
"""If threadlocal has authentik defined, add request_id to log"""
if hasattr(LOCAL, "authentik"):
event_dict["request_id"] = LOCAL.authentik.get("request_id", "")
event_dict["host"] = LOCAL.authentik.get("host", "")
return event_dict

View File

@ -10,7 +10,7 @@ import guardian.mixins
from django.conf import settings
from django.db import migrations, models
import passbook.core.models
import authentik.core.models
class Migration(migrations.Migration):
@ -18,7 +18,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_policies", "0001_initial"),
("authentik_policies", "0001_initial"),
("auth", "0011_update_proxy_permissions"),
]
@ -108,11 +108,18 @@ class Migration(migrations.Migration):
("uuid", models.UUIDField(default=uuid.uuid4, editable=False)),
("name", models.TextField(help_text="User's display name.")),
("password_change_date", models.DateTimeField(auto_now_add=True)),
("attributes", models.JSONField(blank=True, default=dict),),
(
"attributes",
models.JSONField(blank=True, default=dict),
),
],
options={"permissions": (("reset_user_password", "Reset Password"),),},
options={
"permissions": (("reset_user_password", "Reset Password"),),
},
bases=(guardian.mixins.GuardianUserMixin, models.Model),
managers=[("objects", django.contrib.auth.models.UserManager()),],
managers=[
("objects", django.contrib.auth.models.UserManager()),
],
),
migrations.CreateModel(
name="PropertyMapping",
@ -145,7 +152,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_policies.PolicyBindingModel",
to="authentik_policies.PolicyBindingModel",
),
),
("name", models.TextField(help_text="Source's display Name.")),
@ -157,11 +164,11 @@ class Migration(migrations.Migration):
(
"property_mappings",
models.ManyToManyField(
blank=True, default=None, to="passbook_core.PropertyMapping"
blank=True, default=None, to="authentik_core.PropertyMapping"
),
),
],
bases=("passbook_policies.policybindingmodel",),
bases=("authentik_policies.policybindingmodel",),
),
migrations.CreateModel(
name="UserSourceConnection",
@ -181,7 +188,7 @@ class Migration(migrations.Migration):
"source",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to="passbook_core.Source",
to="authentik_core.Source",
),
),
(
@ -192,7 +199,9 @@ class Migration(migrations.Migration):
),
),
],
options={"unique_together": {("user", "source")},},
options={
"unique_together": {("user", "source")},
},
),
migrations.CreateModel(
name="Token",
@ -209,7 +218,7 @@ class Migration(migrations.Migration):
(
"expires",
models.DateTimeField(
default=passbook.core.models.default_token_duration
default=authentik.core.models.default_token_duration
),
),
("expiring", models.BooleanField(default=True)),
@ -223,7 +232,10 @@ class Migration(migrations.Migration):
),
),
],
options={"verbose_name": "Token", "verbose_name_plural": "Tokens",},
options={
"verbose_name": "Token",
"verbose_name_plural": "Tokens",
},
),
migrations.CreateModel(
name="Provider",
@ -240,7 +252,7 @@ class Migration(migrations.Migration):
(
"property_mappings",
models.ManyToManyField(
blank=True, default=None, to="passbook_core.PropertyMapping"
blank=True, default=None, to="authentik_core.PropertyMapping"
),
),
],
@ -258,7 +270,10 @@ class Migration(migrations.Migration):
),
),
("name", models.CharField(max_length=80, verbose_name="name")),
("attributes", models.JSONField(blank=True, default=dict),),
(
"attributes",
models.JSONField(blank=True, default=dict),
),
(
"parent",
models.ForeignKey(
@ -266,11 +281,13 @@ class Migration(migrations.Migration):
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="children",
to="passbook_core.Group",
to="authentik_core.Group",
),
),
],
options={"unique_together": {("name", "parent")},},
options={
"unique_together": {("name", "parent")},
},
),
migrations.CreateModel(
name="Application",
@ -283,7 +300,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_policies.PolicyBindingModel",
to="authentik_policies.PolicyBindingModel",
),
),
("name", models.TextField(help_text="Application's display Name.")),
@ -305,22 +322,23 @@ class Migration(migrations.Migration):
default=None,
null=True,
on_delete=django.db.models.deletion.SET_DEFAULT,
to="passbook_core.Provider",
to="authentik_core.Provider",
),
),
],
bases=("passbook_policies.policybindingmodel",),
bases=("authentik_policies.policybindingmodel",),
),
migrations.AddField(
model_name="user",
name="groups",
field=models.ManyToManyField(to="passbook_core.Group"),
field=models.ManyToManyField(to="authentik_core.Group"),
),
migrations.AddField(
model_name="user",
name="sources",
field=models.ManyToManyField(
through="passbook_core.UserSourceConnection", to="passbook_core.Source"
through="authentik_core.UserSourceConnection",
to="authentik_core.Source",
),
),
migrations.AddField(

View File

@ -7,12 +7,15 @@ from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("passbook_flows", "0003_auto_20200523_1133"),
("passbook_core", "0001_initial"),
("authentik_flows", "0003_auto_20200523_1133"),
("authentik_core", "0001_initial"),
]
operations = [
migrations.RemoveField(model_name="application", name="skip_authorization",),
migrations.RemoveField(
model_name="application",
name="skip_authorization",
),
migrations.AddField(
model_name="source",
name="authentication_flow",
@ -23,7 +26,7 @@ class Migration(migrations.Migration):
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="source_authentication",
to="passbook_flows.Flow",
to="authentik_flows.Flow",
),
),
migrations.AddField(
@ -36,7 +39,7 @@ class Migration(migrations.Migration):
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="source_enrollment",
to="passbook_flows.Flow",
to="authentik_flows.Flow",
),
),
migrations.AddField(
@ -46,7 +49,7 @@ class Migration(migrations.Migration):
help_text="Flow used when authorizing this provider.",
on_delete=django.db.models.deletion.CASCADE,
related_name="provider_authorization",
to="passbook_flows.Flow",
to="authentik_flows.Flow",
),
),
]

View File

@ -1,32 +1,45 @@
# Generated by Django 3.0.6 on 2020-05-23 16:40
from os import environ
from django.apps.registry import Apps
from django.conf import settings
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
def create_default_user(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
# We have to use a direct import here, otherwise we get an object manager error
from passbook.core.models import User
from authentik.core.models import User
db_alias = schema_editor.connection.alias
pbadmin, _ = User.objects.using(db_alias).get_or_create(
username="pbadmin", email="root@localhost", name="passbook Default Admin"
akadmin, _ = User.objects.using(db_alias).get_or_create(
username="akadmin", email="root@localhost", name="authentik Default Admin"
)
pbadmin.set_password("pbadmin", signal=False) # noqa # nosec
pbadmin.save()
if "TF_BUILD" in environ or "AK_ADMIN_PASS" in environ or settings.TEST:
akadmin.set_password(
environ.get("AK_ADMIN_PASS", "akadmin"), signal=False
) # noqa # nosec
else:
akadmin.set_unusable_password()
akadmin.save()
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0002_auto_20200523_1133"),
("authentik_core", "0002_auto_20200523_1133"),
]
operations = [
migrations.RemoveField(model_name="user", name="is_superuser",),
migrations.RemoveField(model_name="user", name="is_staff",),
migrations.RemoveField(
model_name="user",
name="is_superuser",
),
migrations.RemoveField(
model_name="user",
name="is_staff",
),
migrations.RunPython(create_default_user),
migrations.AddField(
model_name="user",

View File

@ -6,7 +6,7 @@ from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0003_default_user"),
("authentik_core", "0003_default_user"),
]
operations = [

View File

@ -6,7 +6,7 @@ from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0004_auto_20200703_2213"),
("authentik_core", "0004_auto_20200703_2213"),
]
operations = [

View File

@ -6,7 +6,7 @@ from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0005_token_intent"),
("authentik_core", "0005_token_intent"),
]
operations = [

View File

@ -6,7 +6,7 @@ from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0006_auto_20200709_1608"),
("authentik_core", "0006_auto_20200709_1608"),
]
operations = [

View File

@ -7,14 +7,14 @@ class Migration(migrations.Migration):
dependencies = [
("auth", "0012_alter_user_first_name_max_length"),
("passbook_core", "0007_auto_20200815_1841"),
("authentik_core", "0007_auto_20200815_1841"),
]
operations = [
migrations.RemoveField(
model_name="user",
name="groups",
field=models.ManyToManyField(to="passbook_core.Group"),
field=models.ManyToManyField(to="authentik_core.Group"),
),
migrations.AddField(
model_name="user",
@ -31,6 +31,6 @@ class Migration(migrations.Migration):
migrations.AddField(
model_name="user",
name="pb_groups",
field=models.ManyToManyField(to="passbook_core.Group"),
field=models.ManyToManyField(to="authentik_core.Group"),
),
]

View File

@ -3,36 +3,45 @@ from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import passbook.core.models
import authentik.core.models
def create_default_admin_group(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Group = apps.get_model("passbook_core", "Group")
User = apps.get_model("passbook_core", "User")
Group = apps.get_model("authentik_core", "Group")
User = apps.get_model("authentik_core", "User")
# Creates a default admin group
group, _ = Group.objects.using(db_alias).get_or_create(
is_superuser=True, defaults={"name": "passbook Admins",}
is_superuser=True,
defaults={
"name": "authentik Admins",
},
)
group.users.set(User.objects.filter(username="pbadmin"))
group.users.set(User.objects.filter(username="akadmin"))
group.save()
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0008_auto_20200824_1532"),
("authentik_core", "0008_auto_20200824_1532"),
]
operations = [
migrations.RemoveField(model_name="user", name="is_superuser",),
migrations.RemoveField(model_name="user", name="is_staff",),
migrations.RemoveField(
model_name="user",
name="is_superuser",
),
migrations.RemoveField(
model_name="user",
name="is_staff",
),
migrations.AlterField(
model_name="user",
name="pb_groups",
field=models.ManyToManyField(
related_name="users", to="passbook_core.Group"
related_name="users", to="authentik_core.Group"
),
),
migrations.AddField(
@ -44,6 +53,9 @@ class Migration(migrations.Migration):
),
migrations.RunPython(create_default_admin_group),
migrations.AlterModelManagers(
name="user", managers=[("objects", passbook.core.models.UserManager()),],
name="user",
managers=[
("objects", authentik.core.models.UserManager()),
],
),
]

View File

@ -6,7 +6,7 @@ from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0009_group_is_superuser"),
("authentik_core", "0009_group_is_superuser"),
]
operations = [

View File

@ -0,0 +1,19 @@
# Generated by Django 3.1.2 on 2020-10-03 17:34
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0010_auto_20200917_1021"),
]
operations = [
migrations.AddField(
model_name="provider",
name="name_temp",
field=models.TextField(default=""),
preserve_default=False,
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.1.2 on 2020-10-03 17:37
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0011_provider_name_temp"),
("authentik_providers_oauth2", "0006_remove_oauth2provider_name"),
("authentik_providers_saml", "0006_remove_samlprovider_name"),
]
operations = [
migrations.RenameField(
model_name="provider",
old_name="name_temp",
new_name="name",
),
]

View File

@ -0,0 +1,35 @@
# Generated by Django 3.1.2 on 2020-10-03 21:32
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0012_auto_20201003_1737"),
]
operations = [
migrations.AddField(
model_name="token",
name="identifier",
field=models.TextField(default=""),
preserve_default=False,
),
migrations.AlterField(
model_name="token",
name="intent",
field=models.TextField(
choices=[
("verification", "Intent Verification"),
("api", "Intent Api"),
("recovery", "Intent Recovery"),
],
default="verification",
),
),
migrations.AlterUniqueTogether(
name="token",
unique_together={("identifier", "user")},
),
]

View File

@ -0,0 +1,50 @@
# Generated by Django 3.1.2 on 2020-10-18 11:58
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import authentik.core.models
def set_default_token_key(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Token = apps.get_model("authentik_core", "Token")
for token in Token.objects.using(db_alias).all():
token.key = token.pk.hex
token.save()
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0013_auto_20201003_2132"),
]
operations = [
migrations.AddField(
model_name="token",
name="key",
field=models.TextField(default=authentik.core.models.default_token_key),
),
migrations.AlterUniqueTogether(
name="token",
unique_together=set(),
),
migrations.AlterField(
model_name="token",
name="identifier",
field=models.SlugField(max_length=255),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_co_key_e45007_idx"),
),
migrations.AddIndex(
model_name="token",
index=models.Index(
fields=["identifier"], name="authentik_co_identif_1a34a8_idx"
),
),
migrations.RunPython(set_default_token_key),
]

View File

@ -0,0 +1,24 @@
# Generated by Django 3.1.3 on 2020-11-23 17:19
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0014_auto_20201018_1158"),
]
operations = [
migrations.RemoveField(
model_name="application",
name="meta_icon_url",
),
migrations.AddField(
model_name="application",
name="meta_icon",
field=models.FileField(
blank=True, default="", upload_to="application-icons/"
),
),
]

View File

@ -0,0 +1,36 @@
# Generated by Django 3.1.3 on 2020-12-02 22:34
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0015_application_icon"),
]
operations = [
migrations.RemoveIndex(
model_name="token",
name="authentik_co_key_e45007_idx",
),
migrations.RemoveIndex(
model_name="token",
name="authentik_co_identif_1a34a8_idx",
),
migrations.RenameField(
model_name="user",
old_name="pb_groups",
new_name="ak_groups",
),
migrations.AddIndex(
model_name="token",
index=models.Index(
fields=["identifier"], name="authentik_c_identif_d9d032_idx"
),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_c_key_f71355_idx"),
),
]

View File

@ -0,0 +1,35 @@
# Generated by Django 3.1.4 on 2021-01-30 18:28
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0016_auto_20201202_2234"),
]
operations = [
migrations.AddField(
model_name="propertymapping",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
verbose_name="Managed by authentik",
unique=True,
),
),
migrations.AddField(
model_name="token",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
verbose_name="Managed by authentik",
unique=True,
),
),
]

View File

@ -0,0 +1,21 @@
# Generated by Django 3.1.7 on 2021-03-30 13:45
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0017_managed"),
]
operations = [
migrations.AlterModelOptions(
name="token",
options={
"permissions": (("view_token_key", "View token's key"),),
"verbose_name": "Token",
"verbose_name_plural": "Tokens",
},
),
]

View File

@ -0,0 +1,24 @@
# Generated by Django 3.2 on 2021-04-09 14:06
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0018_auto_20210330_1345"),
]
operations = [
migrations.AddField(
model_name="source",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
unique=True,
verbose_name="Managed by authentik",
),
),
]

View File

@ -0,0 +1,40 @@
# Generated by Django 3.2 on 2021-05-03 17:06
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0019_source_managed"),
]
operations = [
migrations.AddField(
model_name="source",
name="user_matching_mode",
field=models.TextField(
choices=[
("identifier", "Use the source-specific identifier"),
(
"email_link",
"Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.",
),
(
"email_deny",
"Use the user's email address, but deny enrollment when the email address already exists.",
),
(
"username_link",
"Link to a user with identical username address. Can have security implications when a username is used with another source.",
),
(
"username_deny",
"Use the user's username, but deny enrollment when the username already exists.",
),
],
default="identifier",
help_text="How the source determines if an existing user should be authenticated or a new user enrolled.",
),
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.2.3 on 2021-05-14 08:48
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0020_source_user_matching_mode"),
]
operations = [
migrations.AlterField(
model_name="application",
name="slug",
field=models.SlugField(
help_text="Internal application name, used in URLs.", unique=True
),
),
]

View File

@ -0,0 +1,63 @@
# Generated by Django 3.2.3 on 2021-05-29 22:14
import uuid
import django.db.models.deletion
from django.apps.registry import Apps
from django.conf import settings
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import authentik.core.models
def migrate_sessions(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
from django.contrib.sessions.backends.cache import KEY_PREFIX
from django.core.cache import cache
session_keys = cache.keys(KEY_PREFIX + "*")
cache.delete_many(session_keys)
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0021_alter_application_slug"),
]
operations = [
migrations.CreateModel(
name="AuthenticatedSession",
fields=[
(
"expires",
models.DateTimeField(
default=authentik.core.models.default_token_duration
),
),
("expiring", models.BooleanField(default=True)),
(
"uuid",
models.UUIDField(
default=uuid.uuid4, primary_key=True, serialize=False
),
),
("session_key", models.CharField(max_length=40)),
("last_ip", models.TextField()),
("last_user_agent", models.TextField(blank=True)),
("last_used", models.DateTimeField(auto_now=True)),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to=settings.AUTH_USER_MODEL,
),
),
],
options={
"abstract": False,
},
),
migrations.RunPython(migrate_sessions),
]

View File

@ -0,0 +1,23 @@
# Generated by Django 3.2.3 on 2021-06-02 21:51
import django.core.validators
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0022_authenticatedsession"),
]
operations = [
migrations.AlterField(
model_name="application",
name="meta_launch_url",
field=models.TextField(
blank=True,
default="",
validators=[django.core.validators.URLValidator()],
),
),
]

View File

@ -0,0 +1,35 @@
# Generated by Django 3.2.3 on 2021-06-03 09:33
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
from django.db.models import Count
def fix_duplicates(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Token = apps.get_model("authentik_core", "token")
identifiers = (
Token.objects.using(db_alias)
.values("identifier")
.annotate(identifier_count=Count("identifier"))
.filter(identifier_count__gt=1)
)
for ident in identifiers:
Token.objects.using(db_alias).filter(identifier=ident["identifier"]).delete()
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0023_alter_application_meta_launch_url"),
]
operations = [
migrations.RunPython(fix_duplicates),
migrations.AlterField(
model_name="token",
name="identifier",
field=models.SlugField(max_length=255, unique=True),
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.2.3 on 2021-06-05 19:04
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0024_alter_token_identifier"),
]
operations = [
migrations.AlterField(
model_name="application",
name="meta_icon",
field=models.FileField(
default=None, null=True, upload_to="application-icons/"
),
),
]

Some files were not shown because too many files have changed in this diff Show More