release: 0.13.4-stable

# Conflicts:
#	authentik/core/api/applications.py

.bumpversion.cfg

@@ -1,10 +1,10 @@
 [bumpversion]
-current_version = 0.12.7-stable
+current_version = 0.13.4-stable
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
 serialize = {major}.{minor}.{patch}-{release}
-message = new release: {new_version}
+message = release: {new_version}
 tag_name = version/{new_version}
 
 [bumpversion:part:release]
@@ -15,18 +15,22 @@ values =
 	beta
 	stable
 
-[bumpversion:file:docs/installation/docker-compose.md]
+[bumpversion:file:website/docs/installation/docker-compose.md]
 
-[bumpversion:file:docs/installation/kubernetes.md]
+[bumpversion:file:website/docs/installation/kubernetes.md]
 
 [bumpversion:file:docker-compose.yml]
 
 [bumpversion:file:helm/values.yaml]
 
+[bumpversion:file:helm/README.md]
+
 [bumpversion:file:helm/Chart.yaml]
 
 [bumpversion:file:.github/workflows/release.yml]
 
-[bumpversion:file:passbook/__init__.py]
+[bumpversion:file:authentik/__init__.py]
 
 [bumpversion:file:proxy/pkg/version.go]
+
+[bumpversion:file:web/src/constants.ts]

.coveragerc

@@ -1,33 +0,0 @@
-[run]
-source = passbook
-relative_files = true
-omit =
-    */asgi.py
-    manage.py
-    */migrations/*
-    */apps.py
-    docs/
-
-[report]
-sort = Cover
-skip_covered = True
-precision = 2
-exclude_lines =
-  pragma: no cover
-
-    # Don't complain about missing debug-only code:
-    def __unicode__
-    def __str__
-    def __repr__
-    if self\.debug
-    if TYPE_CHECKING
-
-    # Don't complain if tests don't hit defensive assertion code:
-    raise AssertionError
-    raise NotImplementedError
-
-    # Don't complain if non-runnable code isn't run:
-    if 0:
-    if __name__ == .__main__.:
-
-show_missing = True

.dockerignore

@@ -1,6 +1,6 @@
 env
 helm
-passbook-ui
 static
+htmlcov
 *.env.yml
-node_modules/
+**/node_modules

.github/FUNDING.yml

@@ -1 +1 @@
-custom: ["https://www.paypal.me/beryju"]
+github: [BeryJu]

.github/ISSUE_TEMPLATE/bug_report.md

@@ -27,7 +27,7 @@ If applicable, add screenshots to help explain your problem.
 Output of docker-compose logs or kubectl logs respectively
 
 **Version and Deployment (please complete the following information):**
- - passbook version: [e.g. 0.10.0-stable]
+ - authentik version: [e.g. 0.10.0-stable]
  - Deployment: [e.g. docker-compose, helm]
 
 **Additional context**

.github/dependabot.yml

@@ -9,7 +9,7 @@ updates:
   assignees:
   - BeryJu
 - package-ecosystem: npm
-  directory: "/passbook/static/static"
+  directory: "/web"
   schedule:
     interval: daily
     time: "04:00"

.github/workflows/release.yml

@@ -1,4 +1,4 @@
-name: passbook-on-release
+name: authentik-on-release
 
 on:
   release:
@@ -18,13 +18,13 @@ jobs:
       - name: Building Docker Image
         run: docker build
           --no-cache
-          -t beryju/passbook:0.12.7-stable
-          -t beryju/passbook:latest
+          -t beryju/authentik:0.13.4-stable
+          -t beryju/authentik:latest
           -f Dockerfile .
       - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/passbook:0.12.7-stable
+        run: docker push beryju/authentik:0.13.4-stable
       - name: Push Docker Container to Registry (latest)
-        run: docker push beryju/passbook:latest
+        run: docker push beryju/authentik:latest
   build-proxy:
     runs-on: ubuntu-latest
     steps:
@@ -36,7 +36,7 @@ jobs:
         run: |
           cd proxy
           go get -u github.com/go-swagger/go-swagger/cmd/swagger
-          swagger generate client -f ../swagger.yaml -A passbook -t pkg/
+          swagger generate client -f ../swagger.yaml -A authentik -t pkg/
           go build -v .
       - name: Docker Login Registry
         env:
@@ -45,27 +45,18 @@ jobs:
         run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
       - name: Building Docker Image
         run: |
-          cd proxy
+          cd proxy/
           docker build \
           --no-cache \
-          -t beryju/passbook-proxy:0.12.7-stable \
-          -t beryju/passbook-proxy:latest \
+          -t beryju/authentik-proxy:0.13.4-stable \
+          -t beryju/authentik-proxy:latest \
           -f Dockerfile .
       - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/passbook-proxy:0.12.7-stable
+        run: docker push beryju/authentik-proxy:0.13.4-stable
       - name: Push Docker Container to Registry (latest)
-        run: docker push beryju/passbook-proxy:latest
+        run: docker push beryju/authentik-proxy:latest
   build-static:
     runs-on: ubuntu-latest
-    services:
-      postgres:
-        image: postgres:latest
-        env:
-          POSTGRES_DB: passbook
-          POSTGRES_USER: passbook
-          POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
-      redis:
-        image: redis:latest
     steps:
       - uses: actions/checkout@v1
       - name: Docker Login Registry
@@ -74,20 +65,22 @@ jobs:
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
         run: docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD
       - name: Building Docker Image
-        run: docker build
-          --no-cache
-          --network=$(docker network ls | grep github | awk '{print $1}')
-          -t beryju/passbook-static:0.12.7-stable
-          -t beryju/passbook-static:latest
-          -f static.Dockerfile .
+        run: |
+          cd web/
+          docker build \
+          --no-cache \
+          -t beryju/authentik-static:0.13.4-stable \
+          -t beryju/authentik-static:latest \
+          -f Dockerfile .
       - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/passbook-static:0.12.7-stable
+        run: docker push beryju/authentik-static:0.13.4-stable
       - name: Push Docker Container to Registry (latest)
-        run: docker push beryju/passbook-static:latest
+        run: docker push beryju/authentik-static:latest
   test-release:
     needs:
       - build-server
       - build-static
+      - build-proxy
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v1
@@ -95,11 +88,11 @@ jobs:
         run: |
           sudo apt-get install -y pwgen
           echo "PG_PASS=$(pwgen 40 1)" >> .env
-          echo "PASSBOOK_SECRET_KEY=$(pwgen 50 1)" >> .env
+          echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
           docker-compose pull -q
           docker-compose up --no-start
           docker-compose start postgresql redis
-          docker-compose run -u root --entrypoint /bin/bash server -c "pip install --no-cache -r requirements-dev.txt && ./manage.py test passbook"
+          docker-compose run -u root --entrypoint /bin/bash server -c "pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik"
   sentry-release:
     needs:
       - test-release
@@ -111,8 +104,8 @@ jobs:
         env:
           SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
           SENTRY_ORG: beryjuorg
-          SENTRY_PROJECT: passbook
+          SENTRY_PROJECT: authentik
           SENTRY_URL: https://sentry.beryju.org
         with:
-          tagName: 0.12.7-stable
+          tagName: 0.13.4-stable
           environment: beryjuorg-prod

.github/workflows/tag.yml

@@ -1,4 +1,4 @@
-name: passbook-on-tag
+name: authentik-on-tag
 
 on:
   push:
@@ -14,17 +14,17 @@ jobs:
       - name: Pre-release test
         run: |
           sudo apt-get install -y pwgen
-          echo "PASSBOOK_TAG=latest" >> .env
+          echo "AUTHENTIK_TAG=latest" >> .env
           echo "PG_PASS=$(pwgen 40 1)" >> .env
-          echo "PASSBOOK_SECRET_KEY=$(pwgen 50 1)" >> .env
+          echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
           docker-compose pull -q
           docker build \
             --no-cache \
-            -t beryju/passbook:latest \
+            -t beryju/authentik:latest \
             -f Dockerfile .
           docker-compose up --no-start
           docker-compose start postgresql redis
-          docker-compose run -u root --entrypoint /bin/bash server -c "pip install --no-cache -r requirements-dev.txt && ./manage.py test passbook"
+          docker-compose run -u root --entrypoint /bin/bash server -c "pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik"
       - name: Install Helm
         run: |
           apt update && apt install -y curl
@@ -33,7 +33,7 @@ jobs:
         run: |
           helm dependency update helm/
           helm package helm/
-          mv passbook-*.tgz passbook-chart.tgz
+          mv authentik-*.tgz authentik-chart.tgz
       - name: Extract version number
         id: get_version
         uses: actions/github-script@0.2.0
@@ -58,6 +58,6 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: ./passbook-chart.tgz
-          asset_name: passbook-chart.tgz
+          asset_path: ./authentik-chart.tgz
+          asset_name: authentik-chart.tgz
           asset_content_type: application/gzip

.gitignore

@@ -27,12 +27,12 @@ media
 .Python
 build/
 develop-eggs/
-dist/
 downloads/
 eggs/
 .eggs/
 lib64/
 parts/
+dist/
 sdist/
 var/
 wheels/
@@ -198,4 +198,6 @@ local.env.yml
 **/charts/*.tgz
 
 # Selenium Screenshots
-selenium_screenshots/**
+selenium_screenshots/
+backups/
+media/

.isort.cfg

@@ -1,6 +0,0 @@
-[settings]
-multi_line_output=3
-include_trailing_comma=True
-force_grid_wrap=0
-use_parentheses=True
-line_length=88

.prospector.yaml

@@ -9,3 +9,4 @@ ignore-paths:
 
 uses:
   - django
+  - celery

.pylintrc

@@ -1,16 +1,29 @@
 [MASTER]
 
-disable=arguments-differ,no-self-use,fixme,locally-disabled,too-many-ancestors,too-few-public-methods,import-outside-toplevel,bad-continuation,signature-differs,similarities,cyclic-import
+disable =
+    arguments-differ,
+    no-self-use,
+    fixme,
+    locally-disabled,
+    too-many-ancestors,
+    too-few-public-methods,
+    import-outside-toplevel,
+    bad-continuation,
+    signature-differs,
+    similarities,
+    cyclic-import,
+    protected-access,
+    unsubscriptable-object # remove when pylint is upgraded to 2.6
 
 load-plugins=pylint_django,pylint.extensions.bad_builtin
 
-extension-pkg-whitelist=lxml
+extension-pkg-whitelist=lxml,xmlsec
 
 # Allow constants to be shorter than normal (and lowercase, for settings.py)
 const-rgx=[a-zA-Z0-9_]{1,40}$
 
 ignored-modules=django-otp
+generated-members=xmlsec.constants.*,xmlsec.tree.*,xmlsec.template.*
 ignore=migrations
 max-attributes=12
-
-jobs=12
+max-branches=20

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.8-slim-buster as locker
+FROM python:3.9-slim-buster as locker
 
 COPY ./Pipfile /app/
 COPY ./Pipfile.lock /app/
@@ -9,7 +9,7 @@ RUN pip install pipenv && \
     pipenv lock -r > requirements.txt && \
     pipenv lock -rd > requirements-dev.txt
 
-FROM python:3.8-slim-buster
+FROM python:3.9-slim-buster
 
 WORKDIR /
 COPY --from=locker /app/requirements.txt /
@@ -20,7 +20,7 @@ RUN apt-get update && \
     curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \
     echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
     apt-get update && \
-    apt-get install -y --no-install-recommends postgresql-client-12 postgresql-client-11 build-essential && \
+    apt-get install -y --no-install-recommends postgresql-client-12 postgresql-client-11 build-essential libxmlsec1-dev pkg-config && \
     apt-get clean && \
     pip install -r /requirements.txt --no-cache-dir && \
     apt-get remove --purge -y build-essential && \
@@ -30,16 +30,19 @@ RUN apt-get update && \
     # but then we have to drop permmissions later
     groupadd -g 998 docker_998 && \
     groupadd -g 999 docker_999 && \
-    adduser --system --no-create-home --uid 1000 --group --home /passbook passbook && \
-    usermod -a -G docker_998 passbook && \
-    usermod -a -G docker_999 passbook && \
+    adduser --system --no-create-home --uid 1000 --group --home /authentik authentik && \
+    usermod -a -G docker_998 authentik && \
+    usermod -a -G docker_999 authentik && \
     mkdir /backups && \
-    chown passbook:passbook /backups
+    chown authentik:authentik /backups
 
-COPY ./passbook/ /passbook
+COPY ./authentik/ /authentik
+COPY ./pytest.ini /
+COPY ./xml /xml
 COPY ./manage.py /
 COPY ./lifecycle/ /lifecycle
 
-USER passbook
-
+USER authentik
+STOPSIGNAL SIGINT
+ENV TMPDIR /dev/shm/
 ENTRYPOINT [ "/lifecycle/bootstrap.sh" ]

Makefile

@@ -1,26 +1,43 @@
 all: lint-fix lint coverage gen
 
+test-full:
+	coverage run manage.py test --failfast -v 3 .
+	coverage html
+	coverage report
+
+test-integration:
+	k3d cluster create || exit 0
+	k3d kubeconfig write -o ~/.kube/config --overwrite
+	coverage run manage.py test --failfast -v 3 tests/integration
+
+test-e2e:
+	coverage run manage.py test --failfast -v 3 tests/e2e
+
 coverage:
-	coverage run --concurrency=multiprocessing manage.py test --failfast -v 3
-	coverage combine
+	coverage run manage.py test --failfast -v 3 authentik
 	coverage html
 	coverage report
 
 lint-fix:
-	isort -rc .
-	black passbook e2e lifecycle
+	isort -rc authentik tests lifecycle
+	black authentik tests lifecycle
 
 lint:
-	pyright passbook e2e lifecycle
-	bandit -r passbook e2e lifecycle -x node_modules
-	pylint passbook e2e lifecycle
+	pyright authentik tests lifecycle
+	bandit -r authentik tests lifecycle -x node_modules
+	pylint authentik tests lifecycle
 	prospector
 
 gen: coverage
 	./manage.py generate_swagger -o swagger.yaml -f yaml
 
 local-stack:
-	export PASSBOOK_TAG=testing
-	docker build -t beryju/passbook:testng .
+	export AUTHENTIK_TAG=testing
+	docker build -t beryju/authentik:testng .
 	docker-compose up -d
 	docker-compose run --rm server migrate
+
+build-static:
+	docker-compose -f scripts/ci.docker-compose.yml up -d
+	docker build -t beryju/authentik-static -f static.Dockerfile --network=scripts_default .
+	docker-compose -f scripts/ci.docker-compose.yml down -v

Pipfile

@@ -35,7 +35,6 @@ qrcode = "*"
 requests-oauthlib = "*"
 sentry-sdk = "*"
 service_identity = "*"
-signxml = "*"
 structlog = "*"
 swagger-spec-validator = "*"
 urllib3 = {extras = ["secure"],version = "*"}
@@ -44,9 +43,10 @@ channels = "*"
 channels-redis = "*"
 kubernetes = "*"
 docker = "*"
+xmlsec = "*"
 
 [requires]
-python_version = "3.8"
+python_version = "3.9"
 
 [dev-packages]
 autopep8 = "*"

README.md

@@ -1,53 +1,32 @@
-<img src="docs/images/logo.svg" height="50" alt="passbook logo"><img src="docs/images/brand_inverted.svg" height="50" alt="passbook">
+<img src="web/icons/icon_top_brand.svg" height="250" alt="authentik logo">
 
-[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/passbook/1?style=flat-square)](https://dev.azure.com/beryjuorg/passbook/_build?definitionId=1)
-![Tests](https://img.shields.io/azure-devops/tests/beryjuorg/passbook/1?compact_message&style=flat-square)
-[![Code Coverage](https://img.shields.io/codecov/c/gh/beryju/passbook?style=flat-square)](https://codecov.io/gh/BeryJu/passbook)
-![Docker pulls](https://img.shields.io/docker/pulls/beryju/passbook.svg?style=flat-square)
-![Latest version](https://img.shields.io/docker/v/beryju/passbook?sort=semver&style=flat-square)
-![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/BeryJu/passbook?style=flat-square)
+---
 
-## What is passbook?
+[![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/1?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=1)
+[![Tests](https://img.shields.io/azure-devops/tests/beryjuorg/authentik/1?compact_message&style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=1)
+[![Code Coverage](https://img.shields.io/codecov/c/gh/beryju/authentik?style=flat-square)](https://codecov.io/gh/BeryJu/authentik)
+![Docker pulls](https://img.shields.io/docker/pulls/beryju/authentik.svg?style=flat-square)
+![Latest version](https://img.shields.io/docker/v/beryju/authentik?sort=semver&style=flat-square)
+![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/BeryJu/authentik?style=flat-square)
 
-passbook is an open-source Identity Provider focused on flexibility and versatility. You can use passbook in an existing environment to add support for new protocols. passbook is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
+## What is authentik?
+
+authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
 
 ## Installation
 
-For small/test setups it is recommended to use docker-compose, see the [documentation](https://passbook.beryju.org/installation/docker-compose/)
+For small/test setups it is recommended to use docker-compose, see the [documentation](https://goauthentik.io/docs/installation/docker-compose/)
 
-For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://passbook.beryju.org//installation/kubernetes/)
+For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://goauthentik.io/docs/installation/kubernetes/)
 
 ## Screenshots
 
-![](docs/images/screen_apps.png)
-![](docs/images/screen_admin.png)
+![](website/static/img/screen_apps.png)
+![](website/static/img/screen_admin.png)
 
 ## Development
 
-To develop on passbook, you need a system with Python 3.7+ (3.8 is recommended). passbook uses [pipenv](https://pipenv.pypa.io/en/latest/) for managing dependencies.
-
-To get started, run
-
-```
-python3 -m pip install pipenv
-git clone https://github.com/BeryJu/passbook.git
-cd passbook
-pipenv shell
-pipenv sync -d
-```
-
-Since passbook uses PostgreSQL-specific fields, you also need a local PostgreSQL instance to develop. passbook also uses redis for caching and message queueing.
-For these databases you can use [Postgres.app](https://postgresapp.com/) and [Redis.app](https://jpadilla.github.io/redisapp/) on macOS or use it the docker-compose file in `scripts/docker-compose.yml`.
-
-To tell passbook about these databases, create a file in the project root called `local.env.yml` with the following contents:
-
-```yaml
-debug: true
-postgresql:
-  user: postgres
-
-log_level: debug
-```
+See [Development Documentation](https://goauthentik.io/docs/development/local-dev-environment)
 
 ## Security
 

SECURITY.md

@@ -2,13 +2,13 @@
 
 ## Supported Versions
 
-As passbook is currently in a pre-stable, only the latest "stable" version is supported. After passbook 1.0, this will change.
+As authentik is currently in a pre-stable, only the latest "stable" version is supported. After authentik 1.0, this will change.
 
 | Version  | Supported          |
 | -------- | ------------------ |
-| 0.10.x   | :white_check_mark: |
 | 0.11.x   | :white_check_mark: |
 | 0.12.x   | :white_check_mark: |
+| 0.13.x   | :white_check_mark: |
 
 ## Reporting a Vulnerability
 

authentik/__init__.py

@@ -0,0 +1,2 @@
+"""authentik"""
+__version__ = "0.13.4-stable"

authentik/admin/api/metrics.py

@@ -1,4 +1,4 @@
-"""passbook administration overview"""
+"""authentik administration metrics"""
 import time
 from collections import Counter
 from datetime import timedelta
@@ -17,49 +17,48 @@ from rest_framework.response import Response
 from rest_framework.serializers import Serializer
 from rest_framework.viewsets import ViewSet
 
-from passbook.audit.models import Event, EventAction
+from authentik.audit.models import Event, EventAction
+
+
+def get_events_per_1h(**filter_kwargs) -> List[Dict[str, int]]:
+    """Get event count by hour in the last day, fill with zeros"""
+    date_from = now() - timedelta(days=1)
+    result = (
+        Event.objects.filter(created__gte=date_from, **filter_kwargs)
+        .annotate(
+            age=ExpressionWrapper(now() - F("created"), output_field=DurationField())
+        )
+        .annotate(age_hours=ExtractHour("age"))
+        .values("age_hours")
+        .annotate(count=Count("pk"))
+        .order_by("age_hours")
+    )
+    data = Counter({d["age_hours"]: d["count"] for d in result})
+    results = []
+    _now = now()
+    for hour in range(0, -24, -1):
+        results.append(
+            {
+                "x": time.mktime((_now + timedelta(hours=hour)).timetuple()) * 1000,
+                "y": data[hour * -1],
+            }
+        )
+    return results
 
 
 class AdministrationMetricsSerializer(Serializer):
-    """Overview View"""
+    """Login Metrics per 1h"""
 
     logins_per_1h = SerializerMethodField()
     logins_failed_per_1h = SerializerMethodField()
 
-    def get_events_per_1h(self, action: str) -> List[Dict[str, int]]:
-        """Get event count by hour in the last day, fill with zeros"""
-        date_from = now() - timedelta(days=1)
-        result = (
-            Event.objects.filter(action=action, created__gte=date_from)
-            .annotate(
-                age=ExpressionWrapper(
-                    now() - F("created"), output_field=DurationField()
-                )
-            )
-            .annotate(age_hours=ExtractHour("age"))
-            .values("age_hours")
-            .annotate(count=Count("pk"))
-            .order_by("age_hours")
-        )
-        data = Counter({d["age_hours"]: d["count"] for d in result})
-        results = []
-        _now = now()
-        for hour in range(0, -24, -1):
-            results.append(
-                {
-                    "x": time.mktime((_now + timedelta(hours=hour)).timetuple()) * 1000,
-                    "y": data[hour * -1],
-                }
-            )
-        return results
-
     def get_logins_per_1h(self, _):
         """Get successful logins per hour for the last 24 hours"""
-        return self.get_events_per_1h(EventAction.LOGIN)
+        return get_events_per_1h(action=EventAction.LOGIN)
 
     def get_logins_failed_per_1h(self, _):
         """Get failed logins per hour for the last 24 hours"""
-        return self.get_events_per_1h(EventAction.LOGIN_FAILED)
+        return get_events_per_1h(action=EventAction.LOGIN_FAILED)
 
     def create(self, request: Request) -> response:
         raise NotImplementedError
@@ -69,12 +68,12 @@ class AdministrationMetricsSerializer(Serializer):
 
 
 class AdministrationMetricsViewSet(ViewSet):
-    """Return single instance of AdministrationMetricsSerializer"""
+    """Login Metrics per 1h"""
 
     permission_classes = [IsAdminUser]
 
     @swagger_auto_schema(responses={200: AdministrationMetricsSerializer(many=True)})
     def list(self, request: Request) -> Response:
-        """Return single instance of AdministrationMetricsSerializer"""
+        """Login Metrics per 1h"""
         serializer = AdministrationMetricsSerializer(True)
         return Response(serializer.data)

authentik/admin/api/tasks.py

@@ -13,7 +13,7 @@ from rest_framework.response import Response
 from rest_framework.serializers import Serializer
 from rest_framework.viewsets import ViewSet
 
-from passbook.lib.tasks import TaskInfo
+from authentik.lib.tasks import TaskInfo
 
 
 class TaskSerializer(Serializer):
@@ -66,7 +66,7 @@ class TaskViewSet(ViewSet):
                     "successful": True,
                 }
             )
-        except ImportError:
+        except ImportError:  # pragma: no cover
             # if we get an import error, the module path has probably changed
             task.delete()
             return Response({"successful": False})

authentik/admin/api/version.py

@@ -0,0 +1,60 @@
+"""authentik administration overview"""
+from django.core.cache import cache
+from drf_yasg2.utils import swagger_auto_schema
+from packaging.version import parse
+from rest_framework.fields import SerializerMethodField
+from rest_framework.mixins import ListModelMixin
+from rest_framework.permissions import IsAdminUser
+from rest_framework.request import Request
+from rest_framework.response import Response
+from rest_framework.serializers import Serializer
+from rest_framework.viewsets import GenericViewSet
+
+from authentik import __version__
+from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
+
+
+class VersionSerializer(Serializer):
+    """Get running and latest version."""
+
+    version_current = SerializerMethodField()
+    version_latest = SerializerMethodField()
+    outdated = SerializerMethodField()
+
+    def get_version_current(self, _) -> str:
+        """Get current version"""
+        return __version__
+
+    def get_version_latest(self, _) -> str:
+        """Get latest version from cache"""
+        version_in_cache = cache.get(VERSION_CACHE_KEY)
+        if not version_in_cache:  # pragma: no cover
+            update_latest_version.delay()
+            return __version__
+        return version_in_cache
+
+    def get_outdated(self, instance) -> bool:
+        """Check if we're running the latest version"""
+        return parse(self.get_version_current(instance)) < parse(
+            self.get_version_latest(instance)
+        )
+
+    def create(self, request: Request) -> Response:
+        raise NotImplementedError
+
+    def update(self, request: Request) -> Response:
+        raise NotImplementedError
+
+
+class VersionViewSet(ListModelMixin, GenericViewSet):
+    """Get running and latest version."""
+
+    permission_classes = [IsAdminUser]
+
+    def get_queryset(self):
+        return None
+
+    @swagger_auto_schema(responses={200: VersionSerializer(many=True)})
+    def list(self, request: Request) -> Response:
+        """Get running and latest version."""
+        return Response(VersionSerializer(True).data)

authentik/admin/api/workers.py

@@ -0,0 +1,25 @@
+"""authentik administration overview"""
+from rest_framework.mixins import ListModelMixin
+from rest_framework.permissions import IsAdminUser
+from rest_framework.request import Request
+from rest_framework.response import Response
+from rest_framework.serializers import Serializer
+from rest_framework.viewsets import GenericViewSet
+
+from authentik.root.celery import CELERY_APP
+
+
+class WorkerViewSet(ListModelMixin, GenericViewSet):
+    """Get currently connected worker count."""
+
+    serializer_class = Serializer
+    permission_classes = [IsAdminUser]
+
+    def get_queryset(self):
+        return None
+
+    def list(self, request: Request) -> Response:
+        """Get currently connected worker count."""
+        return Response(
+            {"pagination": {"count": len(CELERY_APP.control.ping(timeout=0.5))}}
+        )

authentik/admin/apps.py

@@ -0,0 +1,11 @@
+"""authentik admin app config"""
+from django.apps import AppConfig
+
+
+class AuthentikAdminConfig(AppConfig):
+    """authentik admin app config"""
+
+    name = "authentik.admin"
+    label = "authentik_admin"
+    mountpoint = "administration/"
+    verbose_name = "authentik Admin"

authentik/admin/fields.py

@@ -36,15 +36,15 @@ class CodeMirrorWidget(forms.Textarea):
     # CodeMirror mode to enable
     mode: str
 
+    template_name = "fields/codemirror.html"
+
     def __init__(self, *args, mode="yaml", **kwargs):
         super().__init__(*args, **kwargs)
         self.mode = mode
 
     def render(self, *args, **kwargs):
         attrs = kwargs.setdefault("attrs", {})
-        attrs.setdefault("class", "")
-        attrs["class"] += " codemirror"
-        attrs["data-cm-mode"] = self.mode
+        attrs["mode"] = self.mode
         return super().render(*args, **kwargs)
 
 

authentik/admin/forms/overview.py

@@ -0,0 +1,18 @@
+"""Forms for modals on overview page"""
+from django import forms
+
+
+class PolicyCacheClearForm(forms.Form):
+    """Form to clear Policy cache"""
+
+    title = "Clear Policy cache"
+    body = """Are you sure you want to clear the policy cache?
+    This will cause all policies to be re-evaluated on their next usage."""
+
+
+class FlowCacheClearForm(forms.Form):
+    """Form to clear Flow cache"""
+
+    title = "Clear Flow cache"
+    body = """Are you sure you want to clear the flow cache?
+    This will cause all flows to be re-evaluated on their next usage."""

authentik/admin/forms/policies.py

@@ -1,8 +1,8 @@
-"""passbook administration forms"""
+"""authentik administration forms"""
 from django import forms
 
-from passbook.admin.fields import CodeMirrorWidget, YAMLField
-from passbook.core.models import User
+from authentik.admin.fields import CodeMirrorWidget, YAMLField
+from authentik.core.models import User
 
 
 class PolicyTestForm(forms.Form):

authentik/admin/forms/source.py

@@ -1,4 +1,4 @@
-"""passbook core source form fields"""
+"""authentik core source form fields"""
 
 SOURCE_FORM_FIELDS = [
     "name",

authentik/admin/forms/users.py

@@ -1,9 +1,9 @@
-"""passbook administrative user forms"""
+"""authentik administrative user forms"""
 
 from django import forms
 
-from passbook.admin.fields import CodeMirrorWidget, YAMLField
-from passbook.core.models import User
+from authentik.admin.fields import CodeMirrorWidget, YAMLField
+from authentik.core.models import User
 
 
 class UserForm(forms.ModelForm):

authentik/admin/mixins.py

@@ -1,4 +1,4 @@
-"""passbook admin mixins"""
+"""authentik admin mixins"""
 from django.contrib.auth.mixins import UserPassesTestMixin
 
 

authentik/admin/settings.py

@@ -1,10 +1,10 @@
-"""passbook admin settings"""
+"""authentik admin settings"""
 from celery.schedules import crontab
 
 CELERY_BEAT_SCHEDULE = {
     "admin_latest_version": {
-        "task": "passbook.admin.tasks.update_latest_version",
+        "task": "authentik.admin.tasks.update_latest_version",
         "schedule": crontab(minute=0),  # Run every hour
-        "options": {"queue": "passbook_scheduled"},
+        "options": {"queue": "authentik_scheduled"},
     }
 }

authentik/admin/tasks.py

@@ -1,13 +1,13 @@
-"""passbook admin tasks"""
+"""authentik admin tasks"""
 from django.core.cache import cache
 from requests import RequestException, get
 from structlog import get_logger
 
-from passbook.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
-from passbook.root.celery import CELERY_APP
+from authentik.lib.tasks import MonitoredTask, TaskResult, TaskResultStatus
+from authentik.root.celery import CELERY_APP
 
 LOGGER = get_logger()
-VERSION_CACHE_KEY = "passbook_latest_version"
+VERSION_CACHE_KEY = "authentik_latest_version"
 VERSION_CACHE_TIMEOUT = 2 * 60 * 60  # 2 hours
 
 
@@ -15,9 +15,9 @@ VERSION_CACHE_TIMEOUT = 2 * 60 * 60  # 2 hours
 def update_latest_version(self: MonitoredTask):
     """Update latest version info"""
     try:
-        data = get(
-            "https://api.github.com/repos/beryju/passbook/releases/latest"
-        ).json()
+        response = get("https://api.github.com/repos/beryju/authentik/releases/latest")
+        response.raise_for_status()
+        data = response.json()
         tag_name = data.get("tag_name")
         cache.set(VERSION_CACHE_KEY, tag_name.split("/")[1], VERSION_CACHE_TIMEOUT)
         self.set_status(

authentik/admin/templates/administration/application/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -10,7 +10,7 @@
             <i class="pf-icon pf-icon-applications"></i>
             {% trans 'Applications' %}
         </h1>
-        <p>{% trans "External Applications which use passbook as Identity-Provider, utilizing protocols like OAuth2 and SAML." %}</p>
+        <p>{% trans "External Applications which use authentik as Identity-Provider, utilizing protocols like OAuth2 and SAML." %}</p>
     </div>
 </section>
 <section class="pf-c-page__main-section pf-m-no-padding-mobile">
@@ -20,7 +20,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:application-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:application-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -28,23 +36,37 @@
         <table class="pf-c-table pf-m-compact pf-m-grid-xl" role="grid">
             <thead>
                 <tr role="row">
+                    <th role="columnheader"></th>
                     <th role="columnheader" scope="col">{% trans 'Name' %}</th>
+                    <th role="columnheader" scope="col">{% trans 'Slug' %}</th>
                     <th role="columnheader" scope="col">{% trans 'Provider' %}</th>
                     <th role="columnheader" scope="col">{% trans 'Provider Type' %}</th>
-                    <th role="cell"></th>
+                    <th role="columnheader"></th>
                 </tr>
             </thead>
             <tbody role="rowgroup">
                 {% for application in object_list %}
                 <tr role="row">
-                    <th role="columnheader">
-                        <div>
-                            <div>{{ application.name }}</div>
+                    <td role="cell" {% if application.meta_icon %} style="vertical-align: bottom;" {% endif %}>
+                        {% if application.meta_icon %}
+                        <img class="app-icon pf-c-avatar" src="{{ application.meta_icon.url }}" alt="{% trans 'Application Icon' %}">
+                        {% else %}
+                        <i class="pf-icon pf-icon-arrow"></i>
+                        {% endif %}
+                    </td>
+                    <td role="cell">
+                        <a href="/applications/{{ application.slug }}/">
+                            <div>
+                                {{ application.name }}
+                            </div>
                             {% if application.meta_publisher %}
                             <small>{{ application.meta_publisher }}</small>
                             {% endif %}
-                        </div>
-                    </th>
+                        </a>
+                    </td>
+                    <td role="cell">
+                        <code>{{ application.slug }}</span>
+                    </td>
                     <td role="cell">
                         <span>
                             {{ application.get_provider }}
@@ -56,8 +78,18 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:application-update' pk=application.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:application-delete' pk=application.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:application-update' pk=application.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:application-delete' pk=application.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                     </td>
                 </tr>
                 {% endfor %}
@@ -85,7 +117,12 @@
                     {% trans 'Currently no applications exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:application-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:application-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/base.html

@@ -0,0 +1,5 @@
+{% load static %}
+{% load i18n %}
+
+{% block content %}
+{% endblock %}

authentik/admin/templates/administration/certificatekeypair/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -20,7 +20,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:certificatekeypair-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:certificatekeypair-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -31,7 +39,6 @@
                     <th role="columnheader" scope="col">{% trans 'Name' %}</th>
                     <th role="columnheader" scope="col">{% trans 'Private Key available' %}</th>
                     <th role="columnheader" scope="col">{% trans 'Fingerprint' %}</th>
-                    <th role="columnheader" scope="col">{% trans 'Provider Type' %}</th>
                     <th role="cell"></th>
                 </tr>
             </thead>
@@ -53,13 +60,21 @@
                         </span>
                     </td>
                     <td role="cell">
-                        <span>
-                            {{ kp.fingerprint }}
-                        </span>
+                        <code>{{ kp.fingerprint }}</code>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:certificatekeypair-update' pk=kp.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:certificatekeypair-delete' pk=kp.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:certificatekeypair-update' pk=kp.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:certificatekeypair-delete' pk=kp.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                     </td>
                 </tr>
                 {% endfor %}
@@ -87,7 +102,12 @@
                     {% trans 'Currently no certificates exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:certificatekeypair-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:certificatekeypair-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/flow/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -20,8 +20,21 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:flow-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
-                    <a href="{% url 'passbook_admin:flow-import' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-secondary" type="button">{% trans 'Import' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:flow-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <ak-modal-button href="{% url 'authentik_admin:flow-import' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                            {% trans 'Import' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -40,10 +53,10 @@
                 {% for flow in object_list %}
                 <tr role="row">
                     <th role="columnheader">
-                        <div>
-                            <div>{{ flow.slug }}</div>
+                        <a href="/flows/{{ flow.slug }}/">
+                            <div><code>{{ flow.slug }}</code></div>
                             <small>{{ flow.name }}</small>
-                        </div>
+                        </a>
                     </th>
                     <td role="cell">
                         <span>
@@ -61,10 +74,20 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:flow-update' pk=flow.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:flow-delete' pk=flow.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:flow-execute' pk=flow.pk %}?next={{ request.get_full_path }}">{% trans 'Execute' %}</a>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:flow-export' pk=flow.pk %}?next={{ request.get_full_path }}">{% trans 'Export' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:flow-update' pk=flow.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:flow-delete' pk=flow.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <a class="pf-c-button pf-m-secondary ak-root-link" href="{% url 'authentik_admin:flow-execute' pk=flow.pk %}?next={{ request.get_full_path }}">{% trans 'Execute' %}</a>
+                        <a class="pf-c-button pf-m-secondary ak-root-link" href="{% url 'authentik_admin:flow-export' pk=flow.pk %}?next={{ request.get_full_path }}">{% trans 'Export' %}</a>
                     </td>
                 </tr>
                 {% endfor %}
@@ -92,8 +115,18 @@
                     {% trans 'Currently no flows exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:flow-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
-                <a href="{% url 'passbook_admin:flow-import' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Import' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:flow-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
+                <ak-modal-button href="{% url 'authentik_admin:flow-import' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                        {% trans 'Import' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/group/list.html

@@ -1,7 +1,6 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -21,8 +20,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:group-create' %}?back={{ request.get_full_path }}"
-                        class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:group-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -55,8 +61,18 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:group-update' pk=group.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:group-delete' pk=group.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:group-update' pk=group.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:group-delete' pk=group.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                     </td>
                 </tr>
                 {% endfor %}
@@ -84,7 +100,12 @@
                     {% trans 'Currently no group exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:group-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:group-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/outpost/list.html

@@ -2,17 +2,17 @@
 
 {% load i18n %}
 {% load humanize %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load admin_reflection %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
     <div class="pf-c-content">
         <h1>
-            <i class="fas fa-map-marker"></i>
+            <i class="pf-icon pf-icon-zone"></i>
             {% trans 'Outposts' %}
         </h1>
-        <p>{% trans "Outposts are deployments of passbook components to support different environments and protocols, like reverse proxies." %}</p>
+        <p>{% trans "Outposts are deployments of authentik components to support different environments and protocols, like reverse proxies." %}</p>
     </div>
 </section>
 <section class="pf-c-page__main-section pf-m-no-padding-mobile">
@@ -22,7 +22,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:outpost-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:outpost-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -84,8 +92,18 @@
                     {% endif %}
                     {% endwith %}
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:outpost-update' pk=outpost.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:outpost-delete' pk=outpost.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:outpost-update' pk=outpost.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:outpost-delete' pk=outpost.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% get_htmls outpost as htmls %}
                         {% for html in htmls %}
                         {{ html|safe }}
@@ -117,7 +135,12 @@
                     {% trans 'Currently no outposts exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:outpost-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:outpost-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/outpost_service_connection/list.html

@@ -0,0 +1,154 @@
+{% extends "administration/base.html" %}
+
+{% load i18n %}
+{% load humanize %}
+{% load authentik_utils %}
+{% load admin_reflection %}
+
+{% block content %}
+<section class="pf-c-page__main-section pf-m-light">
+    <div class="pf-c-content">
+        <h1>
+            <i class="pf-icon-integration"></i>
+            {% trans 'Outpost Service-Connections' %}
+        </h1>
+        <p>{% trans "Outpost Service-Connections define how authentik connects to external platforms to manage and deploy Outposts." %}</p>
+    </div>
+</section>
+<section class="pf-c-page__main-section pf-m-no-padding-mobile">
+    <div class="pf-c-card">
+        {% if object_list %}
+        <div class="pf-c-toolbar">
+            <div class="pf-c-toolbar__content">
+                {% include 'partials/toolbar_search.html' %}
+                <div class="pf-c-toolbar__bulk-select">
+                    <ak-dropdown class="pf-c-dropdown">
+                        <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
+                            <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
+                            <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
+                        </button>
+                        <ul class="pf-c-dropdown__menu" hidden>
+                            {% for type, name in types.items %}
+                            <li>
+                                <ak-modal-button href="{% url 'authentik_admin:outpost-service-connection-create' %}?type={{ type }}">
+                                    <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                        {{ name|verbose_name }}<br>
+                                        <small>
+                                            {{ name|doc }}
+                                        </small>
+                                    </button>
+                                    <div slot="modal"></div>
+                                </ak-modal-button>
+                            </li>
+                            {% endfor %}
+                        </ul>
+                    </ak-dropdown>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
+                </div>
+                {% include 'partials/pagination.html' %}
+            </div>
+        </div>
+        <table class="pf-c-table pf-m-compact pf-m-grid-xl" role="grid">
+            <thead>
+                <tr role="row">
+                    <th role="columnheader" scope="col">{% trans 'Name' %}</th>
+                    <th role="columnheader" scope="col">{% trans 'Type' %}</th>
+                    <th role="columnheader" scope="col">{% trans 'Local?' %}</th>
+                    <th role="columnheader" scope="col">{% trans 'Status' %}</th>
+                    <th role="cell"></th>
+                </tr>
+            </thead>
+            <tbody role="rowgroup">
+                {% for sc in object_list %}
+                <tr role="row">
+                    <th role="columnheader">
+                        <span>{{ sc.name }}</span>
+                    </th>
+                    <td role="cell">
+                        <span>
+                            {{ sc|verbose_name }}
+                        </span>
+                    </td>
+                    <td role="cell">
+                        <span>
+                            {{ sc.local|yesno:"Yes,No" }}
+                        </span>
+                    </td>
+                    <td role="cell">
+                        <span>
+                            {% if sc.state.healthy %}
+                            <i class="fas fa-check pf-m-success"></i> {{ sc.state.version }}
+                            {% else %}
+                            <i class="fas fa-times pf-m-danger"></i> {% trans 'Unhealthy' %}
+                            {% endif %}
+                        </span>
+                    </td>
+                    <td>
+                        <ak-modal-button href="{% url 'authentik_admin:outpost-service-connection-update' pk=sc.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:outpost-service-connection-delete' pk=sc.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                    </td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+        <div class="pf-c-pagination pf-m-bottom">
+            {% include 'partials/pagination.html' %}
+        </div>
+        {% else %}
+        <div class="pf-c-toolbar">
+            <div class="pf-c-toolbar__content">
+                {% include 'partials/toolbar_search.html' %}
+            </div>
+        </div>
+        <div class="pf-c-empty-state">
+            <div class="pf-c-empty-state__content">
+                <i class="fas fa-map-marker pf-c-empty-state__icon" aria-hidden="true"></i>
+                <h1 class="pf-c-title pf-m-lg">
+                    {% trans 'No Outpost Service Connections.' %}
+                </h1>
+                <div class="pf-c-empty-state__body">
+                {% if request.GET.search != "" %}
+                    {% trans "Your search query doesn't match any outposts." %}
+                {% else %}
+                    {% trans 'Currently no service connections exist. Click the button below to create one.' %}
+                {% endif %}
+                </div>
+                <ak-dropdown class="pf-c-dropdown">
+                    <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
+                        <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
+                        <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
+                    </button>
+                    <ul class="pf-c-dropdown__menu" hidden>
+                        {% for type, name in types.items %}
+                        <li>
+                            <ak-modal-button href="{% url 'authentik_admin:outpost-service-connection-create' %}?type={{ type }}">
+                                <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                    {{ name|verbose_name }}<br>
+                                    <small>
+                                        {{ name|doc }}
+                                    </small>
+                                </button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
+                        </li>
+                        {% endfor %}
+                    </ul>
+                </ak-dropdown>
+            </div>
+        </div>
+        {% endif %}
+    </div>
+</section>
+{% endblock %}

authentik/admin/templates/administration/policy/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -20,7 +20,7 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <div class="pf-c-dropdown">
+                    <ak-dropdown class="pf-c-dropdown">
                         <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                             <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                             <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -28,16 +28,19 @@
                         <ul class="pf-c-dropdown__menu" hidden>
                             {% for type, name in types.items %}
                             <li>
-                                <a class="pf-c-dropdown__menu-item" href="{% url 'passbook_admin:policy-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                    {{ name|verbose_name }}<br>
-                                    <small>
-                                        {{ name|doc }}
-                                    </small>
-                                </a>
+                                <ak-modal-button href="{% url 'authentik_admin:policy-create' %}?type={{ type }}">
+                                    <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                        {{ name|verbose_name }}<br>
+                                        <small>
+                                            {{ name|doc }}
+                                        </small>
+                                    </button>
+                                    <div slot="modal"></div>
+                                </ak-modal-button>
                             </li>
                             {% endfor %}
                         </ul>
-                    </div>
+                    </ak-dropdown>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -71,9 +74,24 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:policy-update' pk=policy.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-tertiary" href="{% url 'passbook_admin:policy-test' pk=policy.pk %}?back={{ request.get_full_path }}">{% trans 'Test' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:policy-delete' pk=policy.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:policy-update' pk=policy.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:policy-test' pk=policy.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Test' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:policy-delete' pk=policy.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                     </td>
                 </tr>
                 {% endfor %}
@@ -101,7 +119,7 @@
                     {% trans 'Currently no policies exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <div class="pf-c-dropdown">
+                <ak-dropdown class="pf-c-dropdown">
                     <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                         <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                         <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -109,17 +127,19 @@
                     <ul class="pf-c-dropdown__menu" hidden>
                         {% for type, name in types.items %}
                         <li>
-                            <a class="pf-c-dropdown__menu-item"
-                                href="{% url 'passbook_admin:policy-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                {{ name|verbose_name }}<br>
-                                <small>
-                                    {{ name|doc }}
-                                </small>
-                            </a>
+                            <ak-modal-button href="{% url 'authentik_admin:policy-create' %}?type={{ type }}">
+                                <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                    {{ name|verbose_name }}<br>
+                                    <small>
+                                        {{ name|doc }}
+                                    </small>
+                                </button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </li>
                         {% endfor %}
                     </ul>
-                </div>
+                </ak-dropdown>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/policy/test.html

@@ -0,0 +1,11 @@
+{% extends 'generic/form.html' %}
+
+{% load i18n %}
+
+{% block above_form %}
+<h1>{% blocktrans with policy=policy %}Test policy {{ policy }}{% endblocktrans %}</h1>
+{% endblock %}
+
+{% block action %}
+{% trans 'Test' %}
+{% endblock %}

authentik/admin/templates/administration/policy_binding/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -19,8 +19,15 @@
         <div class="pf-c-toolbar">
             <div class="pf-c-toolbar__content">
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:policy-binding-create' %}?back={{ request.get_full_path }}"
-                        class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:policy-binding-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -66,9 +73,19 @@
                         <th role="cell">
                             <div>{{ binding.timeout }}</div>
                         </th>
-                        <td class="pb-table-action" role="cell">
-                            <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:policy-binding-update' pk=binding.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                            <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:policy-binding-delete' pk=binding.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <td>
+                            <ak-modal-button href="{% url 'authentik_admin:policy-binding-update' pk=binding.pk %}">
+                                <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                    {% trans 'Edit' %}
+                                </ak-spinner-button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
+                            <ak-modal-button href="{% url 'authentik_admin:policy-binding-delete' pk=binding.pk %}">
+                                <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                    {% trans 'Delete' %}
+                                </ak-spinner-button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </td>
                     </tr>
                     {% endfor %}
@@ -88,7 +105,12 @@
                 <div class="pf-c-empty-state__body">
                     {% trans 'Currently no policy bindings exist. Click the button below to create one.' %}
                 </div>
-                <a href="{% url 'passbook_admin:policy-binding-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:policy-binding-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/property_mapping/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -10,7 +10,7 @@
             <i class="pf-icon pf-icon-blueprint"></i>
             {% trans 'Property Mappings' %}
         </h1>
-        <p>{% trans "Control how passbook exposes and interprets information." %}
+        <p>{% trans "Control how authentik exposes and interprets information." %}
         </p>
     </div>
 </section>
@@ -21,7 +21,7 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <div class="pf-c-dropdown">
+                    <ak-dropdown class="pf-c-dropdown">
                         <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                             <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                             <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -29,17 +29,22 @@
                         <ul class="pf-c-dropdown__menu" hidden>
                             {% for type, name in types.items %}
                             <li>
-                                <a class="pf-c-dropdown__menu-item"
-                                    href="{% url 'passbook_admin:property-mapping-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                    {{ name|verbose_name }}<br>
-                                    <small>
-                                        {{ name|doc }}
-                                    </small>
-                                </a>
+                                <ak-modal-button href="{% url 'authentik_admin:property-mapping-create' %}?type={{ type }}">
+                                    <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                        {{ name|verbose_name }}<br>
+                                        <small>
+                                            {{ name|doc }}
+                                        </small>
+                                    </button>
+                                    <div slot="modal"></div>
+                                </ak-modal-button>
                             </li>
                             {% endfor %}
                         </ul>
-                    </div>
+                    </ak-dropdown>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -66,8 +71,18 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:property-mapping-update' pk=property_mapping.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:property-mapping-delete' pk=property_mapping.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:property-mapping-update' pk=property_mapping.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:property-mapping-delete' pk=property_mapping.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                     </td>
                 </tr>
                 {% endfor %}
@@ -95,7 +110,7 @@
                     {% trans 'Currently no property mappings exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <div class="pf-c-dropdown">
+                <ak-dropdown class="pf-c-dropdown">
                     <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                         <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                         <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -103,17 +118,19 @@
                     <ul class="pf-c-dropdown__menu" hidden>
                         {% for type, name in types.items %}
                         <li>
-                            <a class="pf-c-dropdown__menu-item"
-                                href="{% url 'passbook_admin:property-mapping-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                {{ name|verbose_name }}<br>
-                                <small>
-                                    {{ name|doc }}
-                                </small>
-                            </a>
+                            <ak-modal-button href="{% url 'authentik_admin:property-mapping-create' %}?type={{ type }}">
+                                <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                    {{ name|verbose_name }}<br>
+                                    <small>
+                                        {{ name|doc }}
+                                    </small>
+                                </button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </li>
                         {% endfor %}
                     </ul>
-                </div>
+                </ak-dropdown>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/provider/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load admin_reflection %}
 
 {% block content %}
@@ -22,7 +22,7 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <div class="pf-c-dropdown">
+                    <ak-dropdown class="pf-c-dropdown">
                         <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                             <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                             <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -30,16 +30,22 @@
                         <ul class="pf-c-dropdown__menu" hidden>
                             {% for type, name in types.items %}
                             <li>
-                                <a class="pf-c-dropdown__menu-item" href="{% url 'passbook_admin:provider-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                    {{ name|verbose_name }}<br>
-                                    <small>
-                                        {{ name|doc }}
-                                    </small>
-                                </a>
+                                <ak-modal-button href="{% url 'authentik_admin:provider-create' %}?type={{ type }}">
+                                    <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                        {{ name|verbose_name }}<br>
+                                        <small>
+                                            {{ name|doc }}
+                                        </small>
+                                    </button>
+                                    <div slot="modal"></div>
+                                </ak-modal-button>
                             </li>
                             {% endfor %}
                         </ul>
-                    </div>
+                    </ak-dropdown>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -77,11 +83,21 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:provider-update' pk=provider.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:provider-delete' pk=provider.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:provider-update' pk=provider.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:provider-delete' pk=provider.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% get_links provider as links %}
                         {% for name, href in links.items %}
-                            <a class="pf-c-button pf-m-tertiary" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
+                            <a class="pf-c-button pf-m-tertiary ak-root-link" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                         {% endfor %}
                         {% get_htmls provider as htmls %}
                         {% for html in htmls %}
@@ -114,7 +130,7 @@
                     {% trans 'Currently no providers exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <div class="pf-c-dropdown">
+                <ak-dropdown class="pf-c-dropdown">
                     <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                         <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                         <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -122,16 +138,19 @@
                     <ul class="pf-c-dropdown__menu" hidden>
                         {% for type, name in types.items %}
                         <li>
-                            <a class="pf-c-dropdown__menu-item" href="{% url 'passbook_admin:provider-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                {{ name|verbose_name }}<br>
-                                <small>
-                                    {{ name|doc }}
-                                </small>
-                            </a>
+                            <ak-modal-button href="{% url 'authentik_admin:provider-create' %}?type={{ type }}">
+                                <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                    {{ name|verbose_name }}<br>
+                                    <small>
+                                        {{ name|doc }}
+                                    </small>
+                                </button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </li>
                         {% endfor %}
                     </ul>
-                </div>
+                </ak-dropdown>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/source/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load admin_reflection %}
 
 {% block content %}
@@ -11,7 +11,7 @@
             <i class="pf-icon pf-icon-middleware"></i>
             {% trans 'Source' %}
         </h1>
-        <p>{% trans "External Sources which can be used to get Identities into passbook, for example Social Providers like Twiter and GitHub or Enterprise Providers like ADFS and LDAP." %}
+        <p>{% trans "External Sources which can be used to get Identities into authentik, for example Social Providers like Twiter and GitHub or Enterprise Providers like ADFS and LDAP." %}
         </p>
     </div>
 </section>
@@ -22,7 +22,7 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <div class="pf-c-dropdown">
+                    <ak-dropdown class="pf-c-dropdown">
                         <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                             <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                             <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -30,16 +30,22 @@
                         <ul class="pf-c-dropdown__menu" hidden>
                             {% for type, name in types.items %}
                             <li>
-                                <a class="pf-c-dropdown__menu-item" href="{% url 'passbook_admin:source-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                    {{ name|verbose_name }}<br>
-                                    <small>
-                                        {{ name|doc }}
-                                    </small>
-                                </a>
+                                <ak-modal-button href="{% url 'authentik_admin:source-create' %}?type={{ type }}">
+                                    <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                        {{ name|verbose_name }}<br>
+                                        <small>
+                                            {{ name|doc }}
+                                        </small>
+                                    </button>
+                                    <div slot="modal"></div>
+                                </ak-modal-button>
                             </li>
                             {% endfor %}
                         </ul>
-                    </div>
+                    </ak-dropdown>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -57,12 +63,12 @@
                 {% for source in object_list %}
                 <tr role="row">
                     <th role="columnheader">
-                        <div>
+                        <a href="/sources/{{ source.slug }}/">
                             <div>{{ source.name }}</div>
                             {% if not source.enabled %}
                             <small>{% trans 'Disabled' %}</small>
                             {% endif %}
-                        </div>
+                        </a>
                     </th>
                     <td role="cell">
                         <span>
@@ -75,11 +81,21 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:source-update' pk=source.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:source-delete' pk=source.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:source-update' pk=source.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:source-delete' pk=source.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% get_links source as links %}
                         {% for name, href in links %}
-                            <a class="pf-c-button pf-m-tertiary" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
+                            <a class="pf-c-button pf-m-tertiary ak-root-link" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                         {% endfor %}
                     </td>
                 </tr>
@@ -108,7 +124,7 @@
                     {% trans 'Currently no sources exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <div class="pf-c-dropdown">
+                <ak-dropdown class="pf-c-dropdown">
                     <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                         <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                         <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -116,16 +132,19 @@
                     <ul class="pf-c-dropdown__menu" hidden>
                         {% for type, name in types.items %}
                         <li>
-                            <a class="pf-c-dropdown__menu-item" href="{% url 'passbook_admin:source-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                {{ name|verbose_name }}<br>
-                                <small>
-                                    {{ name|doc }}
-                                </small>
-                            </a>
+                            <ak-modal-button href="{% url 'authentik_admin:source-create' %}?type={{ type }}">
+                                <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                    {{ name|verbose_name }}<br>
+                                    <small>
+                                        {{ name|doc }}
+                                    </small>
+                                </button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </li>
                         {% endfor %}
                     </ul>
-                </div>
+                </ak-dropdown>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/stage/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load admin_reflection %}
 
 {% block content %}
@@ -21,7 +21,7 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <div class="pf-c-dropdown">
+                    <ak-dropdown class="pf-c-dropdown">
                         <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                             <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                             <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -29,16 +29,22 @@
                         <ul class="pf-c-dropdown__menu" hidden>
                             {% for type, name in types.items %}
                             <li>
-                                <a class="pf-c-dropdown__menu-item" href="{% url 'passbook_admin:stage-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                    {{ name|verbose_name }}<br>
-                                    <small>
-                                        {{ name|doc }}
-                                    </small>
-                                </a>
+                                <ak-modal-button href="{% url 'authentik_admin:stage-create' %}?type={{ type }}">
+                                    <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                        {{ name|verbose_name }}<br>
+                                        <small>
+                                            {{ name|doc }}
+                                        </small>
+                                    </button>
+                                    <div slot="modal"></div>
+                                </ak-modal-button>
                             </li>
                             {% endfor %}
                         </ul>
-                    </div>
+                    </ak-dropdown>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -63,18 +69,28 @@
                     <td role="cell">
                         <ul>
                             {% for flow in stage.flow_set.all %}
-                            <li><a href="{% url 'passbook_admin:flow-update' pk=flow.pk %}">{{ flow.slug }}</a></li>
+                            <li>{{ flow.slug }}<</li>
                             {% empty %}
                             <li>-</li>
                             {% endfor %}
                         </ul>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:stage-update' pk=stage.stage_uuid %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:stage-delete' pk=stage.stage_uuid %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:stage-update' pk=stage.stage_uuid %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:stage-delete' pk=stage.stage_uuid %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% get_links stage as links %}
                         {% for name, href in links.items %}
-                        <a class="pf-c-button pf-m-tertiary" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
+                        <a class="pf-c-button pf-m-tertiary ak-root-link" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                         {% endfor %}
                     </td>
                 </tr>
@@ -103,7 +119,7 @@
                     {% trans 'Currently no stages exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <div class="pf-c-dropdown">
+                <ak-dropdown class="pf-c-dropdown">
                     <button class="pf-m-primary pf-c-dropdown__toggle" type="button">
                         <span class="pf-c-dropdown__toggle-text">{% trans 'Create' %}</span>
                         <i class="fas fa-caret-down pf-c-dropdown__toggle-icon" aria-hidden="true"></i>
@@ -111,17 +127,19 @@
                     <ul class="pf-c-dropdown__menu" hidden>
                         {% for type, name in types.items %}
                         <li>
-                            <a class="pf-c-dropdown__menu-item"
-                                href="{% url 'passbook_admin:stage-create' %}?type={{ type }}&back={{ request.get_full_path }}">
-                                {{ name|verbose_name }}<br>
-                                <small>
-                                    {{ name|doc }}
-                                </small>
-                            </a>
+                            <ak-modal-button href="{% url 'authentik_admin:stage-create' %}?type={{ type }}">
+                                <button slot="trigger" class="pf-c-dropdown__menu-item">
+                                    {{ name|verbose_name }}<br>
+                                    <small>
+                                        {{ name|doc }}
+                                    </small>
+                                </button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </li>
                         {% endfor %}
                     </ul>
-                </div>
+                </ak-dropdown>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/stage_binding/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -19,8 +19,15 @@
         <div class="pf-c-toolbar">
             <div class="pf-c-toolbar__content">
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:stage-binding-create' %}?back={{ request.get_full_path }}"
-                        class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:stage-binding-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -73,8 +80,18 @@
                             </div>
                         </td>
                         <td>
-                            <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:stage-binding-update' pk=binding.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                            <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:stage-binding-delete' pk=binding.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                            <ak-modal-button href="{% url 'authentik_admin:stage-binding-update' pk=binding.pk %}">
+                                <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                    {% trans 'Update' %}
+                                </ak-spinner-button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
+                            <ak-modal-button href="{% url 'authentik_admin:stage-binding-delete' pk=binding.pk %}">
+                                <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                    {% trans 'Delete' %}
+                                </ak-spinner-button>
+                                <div slot="modal"></div>
+                            </ak-modal-button>
                         </td>
                     </tr>
                     {% endfor %}
@@ -94,7 +111,12 @@
                 <div class="pf-c-empty-state__body">
                     {% trans 'Currently no flow-stage bindings exist. Click the button below to create one.' %}
                 </div>
-                <a href="{% url 'passbook_admin:certificatekeypair-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:stage-binding-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/stage_invitation/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -21,8 +21,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:stage-invitation-create' %}?back={{ request.get_full_path }}"
-                        class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:stage-invitation-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -49,7 +56,12 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:stage-invitation-delete' pk=invitation.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:stage-invitation-delete' pk=invitation.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                     </td>
                 </tr>
                 {% endfor %}
@@ -77,7 +89,12 @@
                     {% trans 'Currently no invitations exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:stage-invitation-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:stage-invitation-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/stage_prompt/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load admin_reflection %}
 
 {% block content %}
@@ -21,7 +21,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:stage-prompt-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:stage-prompt-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -63,18 +71,28 @@
                     <td role="cell">
                         <ul>
                             {% for flow in prompt.flow_set.all %}
-                            <li><a href="{% url 'passbook_admin:flow-update' pk=flow.pk %}">{{ flow.slug }}</a></li>
+                            <li>{{ flow.slug }}</li>
                             {% empty %}
                             <li>-</li>
                             {% endfor %}
                         </ul>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:stage-prompt-update' pk=prompt.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:stage-prompt-delete' pk=prompt.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:stage-prompt-update' pk=prompt.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Update' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-modal-button href="{% url 'authentik_admin:stage-prompt-delete' pk=prompt.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% get_links prompt as links %}
                         {% for name, href in links.items %}
-                        <a class="pf-c-button pf-m-tertiary" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
+                        <a class="pf-c-button pf-m-tertiary ak-root-link" href="{{ href }}?back={{ request.get_full_path }}">{% trans name %}</a>
                         {% endfor %}
                     </td>
                 </tr>
@@ -103,7 +121,7 @@
                     {% trans 'Currently no stage prompts exist. Click the button below to create one.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:stage-prompt-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <a href="{% url 'authentik_admin:stage-prompt-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/administration/task/list.html

@@ -2,7 +2,7 @@
 
 {% load i18n %}
 {% load humanize %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -11,11 +11,18 @@
             <i class="pf-icon pf-icon-automation"></i>
             {% trans 'System Tasks' %}
         </h1>
-        <p>{% trans "Long-running operations which passbook executes in the background." %}</p>
+        <p>{% trans "Long-running operations which authentik executes in the background." %}</p>
     </div>
 </section>
 <section class="pf-c-page__main-section pf-m-no-padding-mobile">
     <div class="pf-c-card">
+        <div class="pf-c-toolbar">
+            <div class="pf-c-toolbar__content">
+                <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                    {% trans 'Refresh' %}
+                </button>
+            </div>
+        </div>
         <table class="pf-c-table pf-m-compact pf-m-grid-xl" role="grid">
             <thead>
                 <tr role="row">
@@ -64,9 +71,9 @@
                         {% endfor %}
                     </td>
                     <td>
-                        <button is="action-button" class="pf-c-button pf-m-primary" url="{% url 'passbook_api:admin_system_tasks-retry' pk=task.task_name %}">
+                        <ak-action-button url="{% url 'authentik_api:admin_system_tasks-retry' pk=task.task_name %}">
                             {% trans 'Retry Task' %}
-                        </button>
+                        </ak-action-button>
                     </td>
                 </tr>
                 {% endfor %}

authentik/admin/templates/administration/token/list.html

@@ -1,16 +1,16 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
     <div class="pf-c-content">
         <h1>
-            <i class="fas fa-key"></i>
+            <i class="pf-icon pf-icon-security"></i>
             {% trans 'Tokens' %}
         </h1>
-        <p>{% trans "Tokens are used throughout passbook for Email validation stages, Recovery keys and API access." %}</p>
+        <p>{% trans "Tokens are used throughout authentik for Email validation stages, Recovery keys and API access." %}</p>
     </div>
 </section>
 <section class="pf-c-page__main-section pf-m-no-padding-mobile">
@@ -58,7 +58,15 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-danger" href="{% url 'passbook_admin:token-delete' pk=token.pk %}?back={{ request.get_full_path }}">{% trans 'Delete' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:token-delete' pk=token.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-danger">
+                                {% trans 'Delete' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
+                        <ak-token-copy-button identifier="{{ token.identifier }}">
+                            {% trans 'Copy token' %}
+                        </ak-token-copy-button>
                     </td>
                 </tr>
                 {% endfor %}

authentik/admin/templates/administration/user/disable.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">

authentik/admin/templates/administration/user/list.html

@@ -1,7 +1,7 @@
 {% extends "administration/base.html" %}
 
 {% load i18n %}
-{% load passbook_utils %}
+{% load authentik_utils %}
 
 {% block content %}
 <section class="pf-c-page__main-section pf-m-light">
@@ -19,7 +19,15 @@
             <div class="pf-c-toolbar__content">
                 {% include 'partials/toolbar_search.html' %}
                 <div class="pf-c-toolbar__bulk-select">
-                    <a href="{% url 'passbook_admin:user-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                    <ak-modal-button href="{% url 'authentik_admin:user-create' %}">
+                        <ak-spinner-button slot="trigger" class="pf-m-primary">
+                            {% trans 'Create' %}
+                        </ak-spinner-button>
+                        <div slot="modal"></div>
+                    </ak-modal-button>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                 </div>
                 {% include 'partials/pagination.html' %}
             </div>
@@ -53,14 +61,29 @@
                         </span>
                     </td>
                     <td>
-                        <a class="pf-c-button pf-m-secondary" href="{% url 'passbook_admin:user-update' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Edit' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:user-update' pk=user.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-secondary">
+                                {% trans 'Edit' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% if user.is_active %}
-                        <a class="pf-c-button pf-m-warning" href="{% url 'passbook_admin:user-disable' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Disable' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:user-disable' pk=user.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-warning">
+                                {% trans 'Disable' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% else %}
-                        <a class="pf-c-button pf-m-primary" href="{% url 'passbook_admin:user-enable' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Enable' %}</a>
+                        <ak-modal-button href="{% url 'authentik_admin:user-delete' pk=user.pk %}">
+                            <ak-spinner-button slot="trigger" class="pf-m-primary">
+                                {% trans 'Enable' %}
+                            </ak-spinner-button>
+                            <div slot="modal"></div>
+                        </ak-modal-button>
                         {% endif %}
-                        <a class="pf-c-button pf-m-tertiary" href="{% url 'passbook_admin:user-password-reset' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Reset Password' %}</a>
-                        <a class="pf-c-button pf-m-tertiary" href="{% url 'passbook_core:impersonate-init' user_id=user.pk %}">{% trans 'Impersonate' %}</a>
+                        <a class="pf-c-button pf-m-tertiary ak-root-link" href="{% url 'authentik_admin:user-password-reset' pk=user.pk %}?back={{ request.get_full_path }}">{% trans 'Reset Password' %}</a>
+                        <a class="pf-c-button pf-m-tertiary ak-root-link" href="{% url 'authentik_core:impersonate-init' user_id=user.pk %}">{% trans 'Impersonate' %}</a>
                     </td>
                 </tr>
                 {% endfor %}
@@ -88,7 +111,12 @@
                     {% trans 'Currently no users exist. How did you even get here.' %}
                 {% endif %}
                 </div>
-                <a href="{% url 'passbook_admin:user-create' %}?back={{ request.get_full_path }}" class="pf-c-button pf-m-primary" type="button">{% trans 'Create' %}</a>
+                <ak-modal-button href="{% url 'authentik_admin:user-create' %}">
+                    <ak-spinner-button slot="trigger" class="pf-m-primary">
+                        {% trans 'Create' %}
+                    </ak-spinner-button>
+                    <div slot="modal"></div>
+                </ak-modal-button>
             </div>
         </div>
         {% endif %}

authentik/admin/templates/fields/codemirror.html

@@ -0,0 +1 @@
+<ak-codemirror mode="{{ widget.attrs.mode }}"><textarea class="pf-c-form-control" name="{{ widget.name }}">{% if widget.value %}{{ widget.value }}{% endif %}</textarea></ak-codemirror>

authentik/admin/templates/generic/create.html

@@ -1,6 +1,6 @@
 {% extends base_template|default:"generic/form.html" %}
 
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load i18n %}
 
 {% block above_form %}

authentik/admin/templates/generic/form.html

@@ -0,0 +1,38 @@
+{% extends container_template|default:"administration/base.html" %}
+
+{% load i18n %}
+{% load authentik_utils %}
+{% load static %}
+
+{% block content %}
+<section class="pf-c-page__main-section pf-m-light">
+    <div class="pf-c-content">
+        {% block above_form %}
+        {% endblock %}
+    </div>
+</section>
+<section class="pf-c-page__main-section">
+    <div class="pf-l-stack">
+        <div class="pf-l-stack__item">
+            <div class="pf-c-card">
+                <div class="pf-c-card__body">
+                    <form id="main-form" action="" method="post" class="pf-c-form pf-m-horizontal" enctype="multipart/form-data">
+                        {% include 'partials/form_horizontal.html' with form=form %}
+                        {% block beneath_form %}
+                        {% endblock %}
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</section>
+<footer class="pf-c-modal-box__footer">
+    <input class="pf-c-button pf-m-primary" type="submit" form="main-form" value="{% block action %}{% endblock %}" />
+    <a class="pf-c-button pf-m-secondary" href="{% back %}">{% trans "Cancel" %}</a>
+</footer>
+{% endblock %}
+
+{% block scripts %}
+{{ block.super }}
+{{ form.media.js }}
+{% endblock %}

authentik/admin/templates/generic/form_non_model.html

@@ -0,0 +1,20 @@
+{% extends base_template|default:"generic/form.html" %}
+
+{% load authentik_utils %}
+{% load i18n %}
+
+{% block above_form %}
+<h1>
+    {% trans form.title %}
+</h1>
+{% endblock %}
+
+{% block beneath_form %}
+<p>
+    {% trans form.body %}
+</p>
+{% endblock %}
+
+{% block action %}
+{% trans 'Confirm' %}
+{% endblock %}

authentik/admin/templates/generic/update.html

@@ -1,6 +1,6 @@
 {% extends base_template|default:"generic/form.html" %}
 
-{% load passbook_utils %}
+{% load authentik_utils %}
 {% load i18n %}
 
 {% block above_form %}

authentik/admin/templatetags/admin_reflection.py

@@ -1,4 +1,4 @@
-"""passbook admin templatetags"""
+"""authentik admin templatetags"""
 from django import template
 from django.db.models import Model
 from django.utils.html import mark_safe

authentik/admin/tests/test_api.py

@@ -0,0 +1,73 @@
+"""test admin api"""
+from json import loads
+
+from django.shortcuts import reverse
+from django.test import TestCase
+
+from authentik import __version__
+from authentik.core.models import Group, User
+from authentik.core.tasks import clean_expired_models
+
+
+class TestAdminAPI(TestCase):
+    """test admin api"""
+
+    def setUp(self) -> None:
+        super().setUp()
+        self.user = User.objects.create(username="test-user")
+        self.group = Group.objects.create(name="superusers", is_superuser=True)
+        self.group.users.add(self.user)
+        self.group.save()
+        self.client.force_login(self.user)
+
+    def test_tasks(self):
+        """Test Task API"""
+        clean_expired_models.delay()
+        response = self.client.get(reverse("authentik_api:admin_system_tasks-list"))
+        self.assertEqual(response.status_code, 200)
+        body = loads(response.content)
+        self.assertTrue(
+            any([task["task_name"] == "clean_expired_models" for task in body])
+        )
+
+    def test_tasks_retry(self):
+        """Test Task API (retry)"""
+        clean_expired_models.delay()
+        response = self.client.post(
+            reverse(
+                "authentik_api:admin_system_tasks-retry",
+                kwargs={"pk": "clean_expired_models"},
+            )
+        )
+        self.assertEqual(response.status_code, 200)
+        body = loads(response.content)
+        self.assertTrue(body["successful"])
+
+    def test_tasks_retry_404(self):
+        """Test Task API (retry, 404)"""
+        response = self.client.post(
+            reverse(
+                "authentik_api:admin_system_tasks-retry",
+                kwargs={"pk": "qwerqewrqrqewrqewr"},
+            )
+        )
+        self.assertEqual(response.status_code, 404)
+
+    def test_version(self):
+        """Test Version API"""
+        response = self.client.get(reverse("authentik_api:admin_version-list"))
+        self.assertEqual(response.status_code, 200)
+        body = loads(response.content)
+        self.assertEqual(body["version_current"], __version__)
+
+    def test_workers(self):
+        """Test Workers API"""
+        response = self.client.get(reverse("authentik_api:admin_workers-list"))
+        self.assertEqual(response.status_code, 200)
+        body = loads(response.content)
+        self.assertEqual(body["pagination"]["count"], 0)
+
+    def test_metrics(self):
+        """Test metrics API"""
+        response = self.client.get(reverse("authentik_api:admin_metrics-list"))
+        self.assertEqual(response.status_code, 200)

authentik/admin/tests/test_generated.py

@@ -7,9 +7,9 @@ from django.shortcuts import reverse
 from django.test import Client, TestCase
 from django.urls.exceptions import NoReverseMatch
 
-from passbook.admin.urls import urlpatterns
-from passbook.core.models import Group, User
-from passbook.lib.utils.reflection import get_apps
+from authentik.admin.urls import urlpatterns
+from authentik.core.models import Group, User
+from authentik.lib.utils.reflection import get_apps
 
 
 class TestAdmin(TestCase):
@@ -17,7 +17,7 @@ class TestAdmin(TestCase):
 
     def setUp(self):
         self.user = User.objects.create_user(username="test")
-        self.user.pb_groups.add(Group.objects.filter(is_superuser=True).first())
+        self.user.ak_groups.add(Group.objects.filter(is_superuser=True).first())
         self.user.save()
         self.client = Client()
         self.client.force_login(self.user)
@@ -28,7 +28,7 @@ def generic_view_tester(view_name: str) -> Callable:
 
     def tester(self: TestAdmin):
         try:
-            full_url = reverse(f"passbook_admin:{view_name}")
+            full_url = reverse(f"authentik_admin:{view_name}")
             response = self.client.get(full_url)
             self.assertTrue(response.status_code < 500)
         except NoReverseMatch:

authentik/admin/tests/test_policy_binding.py

@@ -0,0 +1,43 @@
+"""admin tests"""
+from uuid import uuid4
+
+from django import forms
+from django.test import TestCase
+from django.test.client import RequestFactory
+
+from authentik.admin.views.policies_bindings import PolicyBindingCreateView
+from authentik.core.models import Application
+from authentik.policies.forms import PolicyBindingForm
+
+
+class TestPolicyBindingView(TestCase):
+    """Generic admin tests"""
+
+    def setUp(self):
+        self.factory = RequestFactory()
+
+    def test_without_get_param(self):
+        """Test PolicyBindingCreateView without get params"""
+        request = self.factory.get("/")
+        view = PolicyBindingCreateView(request=request)
+        self.assertEqual(view.get_initial(), {})
+
+    def test_with_params_invalid(self):
+        """Test PolicyBindingCreateView with invalid get params"""
+        request = self.factory.get("/", {"target": uuid4()})
+        view = PolicyBindingCreateView(request=request)
+        self.assertEqual(view.get_initial(), {})
+
+    def test_with_params(self):
+        """Test PolicyBindingCreateView with get params"""
+        target = Application.objects.create(name="test")
+        request = self.factory.get("/", {"target": target.pk.hex})
+        view = PolicyBindingCreateView(request=request)
+        self.assertEqual(view.get_initial(), {"target": target, "order": 0})
+
+        self.assertTrue(
+            isinstance(
+                PolicyBindingForm(initial={"target": "foo"}).fields["target"].widget,
+                forms.HiddenInput,
+            )
+        )

authentik/admin/tests/test_stage_bindings.py

@@ -0,0 +1,43 @@
+"""admin tests"""
+from uuid import uuid4
+
+from django import forms
+from django.test import TestCase
+from django.test.client import RequestFactory
+
+from authentik.admin.views.stages_bindings import StageBindingCreateView
+from authentik.flows.forms import FlowStageBindingForm
+from authentik.flows.models import Flow
+
+
+class TestStageBindingView(TestCase):
+    """Generic admin tests"""
+
+    def setUp(self):
+        self.factory = RequestFactory()
+
+    def test_without_get_param(self):
+        """Test StageBindingCreateView without get params"""
+        request = self.factory.get("/")
+        view = StageBindingCreateView(request=request)
+        self.assertEqual(view.get_initial(), {})
+
+    def test_with_params_invalid(self):
+        """Test StageBindingCreateView with invalid get params"""
+        request = self.factory.get("/", {"target": uuid4()})
+        view = StageBindingCreateView(request=request)
+        self.assertEqual(view.get_initial(), {})
+
+    def test_with_params(self):
+        """Test StageBindingCreateView with get params"""
+        target = Flow.objects.create(name="test", slug="test")
+        request = self.factory.get("/", {"target": target.pk.hex})
+        view = StageBindingCreateView(request=request)
+        self.assertEqual(view.get_initial(), {"target": target, "order": 0})
+
+        self.assertTrue(
+            isinstance(
+                FlowStageBindingForm(initial={"target": "foo"}).fields["target"].widget,
+                forms.HiddenInput,
+            )
+        )

authentik/admin/urls.py

@@ -1,16 +1,17 @@
-"""passbook URL Configuration"""
+"""authentik URL Configuration"""
 from django.urls import path
 
-from passbook.admin.views import (
+from authentik.admin.views import (
     applications,
     certificate_key_pair,
     flows,
     groups,
     outposts,
+    outposts_service_connections,
     overview,
     policies,
     policies_bindings,
-    property_mapping,
+    property_mappings,
     providers,
     sources,
     stages,
@@ -23,7 +24,16 @@ from passbook.admin.views import (
 )
 
 urlpatterns = [
-    path("", overview.AdministrationOverviewView.as_view(), name="overview"),
+    path(
+        "overview/cache/flow/",
+        overview.FlowCacheClearView.as_view(),
+        name="overview-clear-flow-cache",
+    ),
+    path(
+        "overview/cache/policy/",
+        overview.PolicyCacheClearView.as_view(),
+        name="overview-clear-policy-cache",
+    ),
     # Applications
     path(
         "applications/", applications.ApplicationListView.as_view(), name="applications"
@@ -225,22 +235,22 @@ urlpatterns = [
     # Property Mappings
     path(
         "property-mappings/",
-        property_mapping.PropertyMappingListView.as_view(),
+        property_mappings.PropertyMappingListView.as_view(),
         name="property-mappings",
     ),
     path(
         "property-mappings/create/",
-        property_mapping.PropertyMappingCreateView.as_view(),
+        property_mappings.PropertyMappingCreateView.as_view(),
         name="property-mapping-create",
     ),
     path(
         "property-mappings/<uuid:pk>/update/",
-        property_mapping.PropertyMappingUpdateView.as_view(),
+        property_mappings.PropertyMappingUpdateView.as_view(),
         name="property-mapping-update",
     ),
     path(
         "property-mappings/<uuid:pk>/delete/",
-        property_mapping.PropertyMappingDeleteView.as_view(),
+        property_mappings.PropertyMappingDeleteView.as_view(),
         name="property-mapping-delete",
     ),
     # Users
@@ -312,6 +322,27 @@ urlpatterns = [
         outposts.OutpostDeleteView.as_view(),
         name="outpost-delete",
     ),
+    # Outpost Service Connections
+    path(
+        "outposts/service_connections/",
+        outposts_service_connections.OutpostServiceConnectionListView.as_view(),
+        name="outpost-service-connections",
+    ),
+    path(
+        "outposts/service_connections/create/",
+        outposts_service_connections.OutpostServiceConnectionCreateView.as_view(),
+        name="outpost-service-connection-create",
+    ),
+    path(
+        "outposts/service_connections/<uuid:pk>/update/",
+        outposts_service_connections.OutpostServiceConnectionUpdateView.as_view(),
+        name="outpost-service-connection-update",
+    ),
+    path(
+        "outposts/service_connections/<uuid:pk>/delete/",
+        outposts_service_connections.OutpostServiceConnectionDeleteView.as_view(),
+        name="outpost-service-connection-delete",
+    ),
     # Tasks
     path(
         "tasks/",

authentik/admin/views/applications.py

@@ -1,4 +1,4 @@
-"""passbook Application administration"""
+"""authentik Application administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -9,15 +9,15 @@ from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.forms.applications import ApplicationForm
-from passbook.core.models import Application
-from passbook.lib.views import CreateAssignPermView
+from authentik.core.forms.applications import ApplicationForm
+from authentik.core.models import Application
+from authentik.lib.views import CreateAssignPermView
 
 
 class ApplicationListView(
@@ -30,7 +30,7 @@ class ApplicationListView(
     """Show list of all applications"""
 
     model = Application
-    permission_required = "passbook_core.view_application"
+    permission_required = "authentik_core.view_application"
     ordering = "name"
     template_name = "administration/application/list.html"
 
@@ -55,10 +55,10 @@ class ApplicationCreateView(
 
     model = Application
     form_class = ApplicationForm
-    permission_required = "passbook_core.add_application"
+    permission_required = "authentik_core.add_application"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:applications")
+    success_url = reverse_lazy("authentik_admin:applications")
     success_message = _("Successfully created Application")
 
 
@@ -73,10 +73,10 @@ class ApplicationUpdateView(
 
     model = Application
     form_class = ApplicationForm
-    permission_required = "passbook_core.change_application"
+    permission_required = "authentik_core.change_application"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:applications")
+    success_url = reverse_lazy("authentik_admin:applications")
     success_message = _("Successfully updated Application")
 
 
@@ -86,8 +86,8 @@ class ApplicationDeleteView(
     """Delete application"""
 
     model = Application
-    permission_required = "passbook_core.delete_application"
+    permission_required = "authentik_core.delete_application"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:applications")
+    success_url = reverse_lazy("authentik_admin:applications")
     success_message = _("Successfully deleted Application")

authentik/admin/views/certificate_key_pair.py

@@ -1,4 +1,4 @@
-"""passbook CertificateKeyPair administration"""
+"""authentik CertificateKeyPair administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -9,15 +9,15 @@ from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.crypto.forms import CertificateKeyPairForm
-from passbook.crypto.models import CertificateKeyPair
-from passbook.lib.views import CreateAssignPermView
+from authentik.crypto.forms import CertificateKeyPairForm
+from authentik.crypto.models import CertificateKeyPair
+from authentik.lib.views import CreateAssignPermView
 
 
 class CertificateKeyPairListView(
@@ -30,7 +30,7 @@ class CertificateKeyPairListView(
     """Show list of all keypairs"""
 
     model = CertificateKeyPair
-    permission_required = "passbook_crypto.view_certificatekeypair"
+    permission_required = "authentik_crypto.view_certificatekeypair"
     ordering = "name"
     template_name = "administration/certificatekeypair/list.html"
 
@@ -48,10 +48,10 @@ class CertificateKeyPairCreateView(
 
     model = CertificateKeyPair
     form_class = CertificateKeyPairForm
-    permission_required = "passbook_crypto.add_certificatekeypair"
+    permission_required = "authentik_crypto.add_certificatekeypair"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:certificate_key_pair")
+    success_url = reverse_lazy("authentik_admin:certificate_key_pair")
     success_message = _("Successfully created CertificateKeyPair")
 
 
@@ -66,10 +66,10 @@ class CertificateKeyPairUpdateView(
 
     model = CertificateKeyPair
     form_class = CertificateKeyPairForm
-    permission_required = "passbook_crypto.change_certificatekeypair"
+    permission_required = "authentik_crypto.change_certificatekeypair"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:certificate_key_pair")
+    success_url = reverse_lazy("authentik_admin:certificate_key_pair")
     success_message = _("Successfully updated Certificate-Key Pair")
 
 
@@ -79,8 +79,8 @@ class CertificateKeyPairDeleteView(
     """Delete certificatekeypair"""
 
     model = CertificateKeyPair
-    permission_required = "passbook_crypto.delete_certificatekeypair"
+    permission_required = "authentik_crypto.delete_certificatekeypair"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:certificate_key_pair")
+    success_url = reverse_lazy("authentik_admin:certificate_key_pair")
     success_message = _("Successfully deleted Certificate-Key Pair")

authentik/admin/views/flows.py

@@ -1,4 +1,4 @@
-"""passbook Flow administration"""
+"""authentik Flow administration"""
 from django.contrib import messages
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
@@ -11,21 +11,21 @@ from django.utils.translation import gettext as _
 from django.views.generic import DetailView, FormView, ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.flows.forms import FlowForm, FlowImportForm
-from passbook.flows.models import Flow
-from passbook.flows.planner import PLAN_CONTEXT_PENDING_USER
-from passbook.flows.transfer.common import DataclassEncoder
-from passbook.flows.transfer.exporter import FlowExporter
-from passbook.flows.transfer.importer import FlowImporter
-from passbook.flows.views import SESSION_KEY_PLAN, FlowPlanner
-from passbook.lib.utils.urls import redirect_with_qs
-from passbook.lib.views import CreateAssignPermView
+from authentik.flows.forms import FlowForm, FlowImportForm
+from authentik.flows.models import Flow
+from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
+from authentik.flows.transfer.common import DataclassEncoder
+from authentik.flows.transfer.exporter import FlowExporter
+from authentik.flows.transfer.importer import FlowImporter
+from authentik.flows.views import SESSION_KEY_PLAN, FlowPlanner
+from authentik.lib.utils.urls import redirect_with_qs
+from authentik.lib.views import CreateAssignPermView
 
 
 class FlowListView(
@@ -38,7 +38,7 @@ class FlowListView(
     """Show list of all flows"""
 
     model = Flow
-    permission_required = "passbook_flows.view_flow"
+    permission_required = "authentik_flows.view_flow"
     ordering = "name"
     template_name = "administration/flow/list.html"
     search_fields = ["name", "slug", "designation", "title"]
@@ -55,10 +55,10 @@ class FlowCreateView(
 
     model = Flow
     form_class = FlowForm
-    permission_required = "passbook_flows.add_flow"
+    permission_required = "authentik_flows.add_flow"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:flows")
+    success_url = reverse_lazy("authentik_admin:flows")
     success_message = _("Successfully created Flow")
 
 
@@ -73,10 +73,10 @@ class FlowUpdateView(
 
     model = Flow
     form_class = FlowForm
-    permission_required = "passbook_flows.change_flow"
+    permission_required = "authentik_flows.change_flow"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:flows")
+    success_url = reverse_lazy("authentik_admin:flows")
     success_message = _("Successfully updated Flow")
 
 
@@ -84,10 +84,10 @@ class FlowDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageV
     """Delete flow"""
 
     model = Flow
-    permission_required = "passbook_flows.delete_flow"
+    permission_required = "authentik_flows.delete_flow"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:flows")
+    success_url = reverse_lazy("authentik_admin:flows")
     success_message = _("Successfully deleted Flow")
 
 
@@ -95,7 +95,7 @@ class FlowDebugExecuteView(LoginRequiredMixin, PermissionRequiredMixin, DetailVi
     """Debug exectue flow, setting the current user as pending user"""
 
     model = Flow
-    permission_required = "passbook_flows.view_flow"
+    permission_required = "authentik_flows.view_flow"
 
     # pylint: disable=unused-argument
     def get(self, request: HttpRequest, pk: str) -> HttpResponse:
@@ -106,7 +106,7 @@ class FlowDebugExecuteView(LoginRequiredMixin, PermissionRequiredMixin, DetailVi
         plan = planner.plan(self.request, {PLAN_CONTEXT_PENDING_USER: request.user})
         self.request.session[SESSION_KEY_PLAN] = plan
         return redirect_with_qs(
-            "passbook_flows:flow-executor-shell",
+            "authentik_flows:flow-executor-shell",
             self.request.GET,
             flow_slug=flow.slug,
         )
@@ -118,7 +118,7 @@ class FlowImportView(LoginRequiredMixin, FormView):
 
     form_class = FlowImportForm
     template_name = "administration/flow/import.html"
-    success_url = reverse_lazy("passbook_admin:flows")
+    success_url = reverse_lazy("authentik_admin:flows")
 
     def dispatch(self, request, *args, **kwargs):
         if not request.user.is_superuser:
@@ -139,7 +139,7 @@ class FlowExportView(LoginRequiredMixin, PermissionRequiredMixin, DetailView):
     """Export Flow"""
 
     model = Flow
-    permission_required = "passbook_flows.export_flow"
+    permission_required = "authentik_flows.export_flow"
 
     # pylint: disable=unused-argument
     def get(self, request: HttpRequest, pk: str) -> HttpResponse:
@@ -147,5 +147,5 @@ class FlowExportView(LoginRequiredMixin, PermissionRequiredMixin, DetailView):
         flow: Flow = self.get_object()
         exporter = FlowExporter(flow)
         response = JsonResponse(exporter.export(), encoder=DataclassEncoder, safe=False)
-        response["Content-Disposition"] = f'attachment; filename="{flow.slug}.json"'
+        response["Content-Disposition"] = f'attachment; filename="{flow.slug}.akflow"'
         return response

authentik/admin/views/groups.py

@@ -1,4 +1,4 @@
-"""passbook Group administration"""
+"""authentik Group administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -9,15 +9,15 @@ from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.forms.groups import GroupForm
-from passbook.core.models import Group
-from passbook.lib.views import CreateAssignPermView
+from authentik.core.forms.groups import GroupForm
+from authentik.core.models import Group
+from authentik.lib.views import CreateAssignPermView
 
 
 class GroupListView(
@@ -30,7 +30,7 @@ class GroupListView(
     """Show list of all groups"""
 
     model = Group
-    permission_required = "passbook_core.view_group"
+    permission_required = "authentik_core.view_group"
     ordering = "name"
     template_name = "administration/group/list.html"
     search_fields = ["name", "attributes"]
@@ -47,10 +47,10 @@ class GroupCreateView(
 
     model = Group
     form_class = GroupForm
-    permission_required = "passbook_core.add_group"
+    permission_required = "authentik_core.add_group"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:groups")
+    success_url = reverse_lazy("authentik_admin:groups")
     success_message = _("Successfully created Group")
 
 
@@ -65,10 +65,10 @@ class GroupUpdateView(
 
     model = Group
     form_class = GroupForm
-    permission_required = "passbook_core.change_group"
+    permission_required = "authentik_core.change_group"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:groups")
+    success_url = reverse_lazy("authentik_admin:groups")
     success_message = _("Successfully updated Group")
 
 
@@ -76,8 +76,8 @@ class GroupDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessage
     """Delete group"""
 
     model = Group
-    permission_required = "passbook_flows.delete_group"
+    permission_required = "authentik_flows.delete_group"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:groups")
+    success_url = reverse_lazy("authentik_admin:groups")
     success_message = _("Successfully deleted Group")

authentik/admin/views/outposts.py

@@ -1,4 +1,4 @@
-"""passbook Outpost administration"""
+"""authentik Outpost administration"""
 from dataclasses import asdict
 from typing import Any, Dict
 
@@ -12,15 +12,15 @@ from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.lib.views import CreateAssignPermView
-from passbook.outposts.forms import OutpostForm
-from passbook.outposts.models import Outpost, OutpostConfig
+from authentik.lib.views import CreateAssignPermView
+from authentik.outposts.forms import OutpostForm
+from authentik.outposts.models import Outpost, OutpostConfig
 
 
 class OutpostListView(
@@ -33,7 +33,7 @@ class OutpostListView(
     """Show list of all outposts"""
 
     model = Outpost
-    permission_required = "passbook_outposts.view_outpost"
+    permission_required = "authentik_outposts.view_outpost"
     ordering = "name"
     template_name = "administration/outpost/list.html"
     search_fields = ["name", "_config"]
@@ -50,16 +50,16 @@ class OutpostCreateView(
 
     model = Outpost
     form_class = OutpostForm
-    permission_required = "passbook_outposts.add_outpost"
+    permission_required = "authentik_outposts.add_outpost"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:outposts")
+    success_url = reverse_lazy("authentik_admin:outposts")
     success_message = _("Successfully created Outpost")
 
     def get_initial(self) -> Dict[str, Any]:
         return {
             "_config": asdict(
-                OutpostConfig(passbook_host=self.request.build_absolute_uri("/"))
+                OutpostConfig(authentik_host=self.request.build_absolute_uri("/"))
             )
         }
 
@@ -75,10 +75,10 @@ class OutpostUpdateView(
 
     model = Outpost
     form_class = OutpostForm
-    permission_required = "passbook_outposts.change_outpost"
+    permission_required = "authentik_outposts.change_outpost"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:outposts")
+    success_url = reverse_lazy("authentik_admin:outposts")
     success_message = _("Successfully updated Outpost")
 
 
@@ -86,8 +86,8 @@ class OutpostDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessa
     """Delete outpost"""
 
     model = Outpost
-    permission_required = "passbook_outposts.delete_outpost"
+    permission_required = "authentik_outposts.delete_outpost"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:outposts")
+    success_url = reverse_lazy("authentik_admin:outposts")
     success_message = _("Successfully deleted Outpost")

authentik/admin/views/outposts_service_connections.py

@@ -0,0 +1,83 @@
+"""authentik OutpostServiceConnection administration"""
+from django.contrib.auth.mixins import LoginRequiredMixin
+from django.contrib.auth.mixins import (
+    PermissionRequiredMixin as DjangoPermissionRequiredMixin,
+)
+from django.contrib.messages.views import SuccessMessageMixin
+from django.urls import reverse_lazy
+from django.utils.translation import gettext as _
+from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
+
+from authentik.admin.views.utils import (
+    BackSuccessUrlMixin,
+    DeleteMessageView,
+    InheritanceCreateView,
+    InheritanceListView,
+    InheritanceUpdateView,
+    SearchListMixin,
+    UserPaginateListMixin,
+)
+from authentik.outposts.models import OutpostServiceConnection
+
+
+class OutpostServiceConnectionListView(
+    LoginRequiredMixin,
+    PermissionListMixin,
+    UserPaginateListMixin,
+    SearchListMixin,
+    InheritanceListView,
+):
+    """Show list of all outpost-service-connections"""
+
+    model = OutpostServiceConnection
+    permission_required = "authentik_outposts.add_outpostserviceconnection"
+    template_name = "administration/outpost_service_connection/list.html"
+    ordering = "pk"
+    search_fields = ["pk", "name"]
+
+
+class OutpostServiceConnectionCreateView(
+    SuccessMessageMixin,
+    BackSuccessUrlMixin,
+    LoginRequiredMixin,
+    DjangoPermissionRequiredMixin,
+    InheritanceCreateView,
+):
+    """Create new OutpostServiceConnection"""
+
+    model = OutpostServiceConnection
+    permission_required = "authentik_outposts.add_outpostserviceconnection"
+
+    template_name = "generic/create.html"
+    success_url = reverse_lazy("authentik_admin:outpost-service-connections")
+    success_message = _("Successfully created OutpostServiceConnection")
+
+
+class OutpostServiceConnectionUpdateView(
+    SuccessMessageMixin,
+    BackSuccessUrlMixin,
+    LoginRequiredMixin,
+    PermissionRequiredMixin,
+    InheritanceUpdateView,
+):
+    """Update outpostserviceconnection"""
+
+    model = OutpostServiceConnection
+    permission_required = "authentik_outposts.change_outpostserviceconnection"
+
+    template_name = "generic/update.html"
+    success_url = reverse_lazy("authentik_admin:outpost-service-connections")
+    success_message = _("Successfully updated OutpostServiceConnection")
+
+
+class OutpostServiceConnectionDeleteView(
+    LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageView
+):
+    """Delete outpostserviceconnection"""
+
+    model = OutpostServiceConnection
+    permission_required = "authentik_outposts.delete_outpostserviceconnection"
+
+    template_name = "generic/delete.html"
+    success_url = reverse_lazy("authentik_admin:outpost-service-connections")
+    success_message = _("Successfully deleted OutpostServiceConnection")

authentik/admin/views/overview.py

@@ -0,0 +1,45 @@
+"""authentik administration overview"""
+from django.contrib.messages.views import SuccessMessageMixin
+from django.core.cache import cache
+from django.http.request import HttpRequest
+from django.http.response import HttpResponse
+from django.utils.translation import gettext as _
+from django.views.generic import FormView
+from structlog import get_logger
+
+from authentik.admin.forms.overview import FlowCacheClearForm, PolicyCacheClearForm
+from authentik.admin.mixins import AdminRequiredMixin
+
+LOGGER = get_logger()
+
+
+class PolicyCacheClearView(AdminRequiredMixin, SuccessMessageMixin, FormView):
+    """View to clear Policy cache"""
+
+    form_class = PolicyCacheClearForm
+
+    template_name = "generic/form_non_model.html"
+    success_url = "/"
+    success_message = _("Successfully cleared Policy cache")
+
+    def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
+        keys = cache.keys("policy_*")
+        cache.delete_many(keys)
+        LOGGER.debug("Cleared Policy cache", keys=len(keys))
+        return super().post(request, *args, **kwargs)
+
+
+class FlowCacheClearView(AdminRequiredMixin, SuccessMessageMixin, FormView):
+    """View to clear Flow cache"""
+
+    form_class = FlowCacheClearForm
+
+    template_name = "generic/form_non_model.html"
+    success_url = "/"
+    success_message = _("Successfully cleared Flow cache")
+
+    def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
+        keys = cache.keys("flow_*")
+        cache.delete_many(keys)
+        LOGGER.debug("Cleared flow cache", keys=len(keys))
+        return super().post(request, *args, **kwargs)

authentik/admin/views/policies.py

@@ -1,4 +1,4 @@
-"""passbook Policy administration"""
+"""authentik Policy administration"""
 from typing import Any, Dict
 
 from django.contrib import messages
@@ -15,8 +15,8 @@ from django.views.generic import FormView
 from django.views.generic.detail import DetailView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.forms.policies import PolicyTestForm
-from passbook.admin.views.utils import (
+from authentik.admin.forms.policies import PolicyTestForm
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     InheritanceCreateView,
@@ -25,8 +25,8 @@ from passbook.admin.views.utils import (
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.policies.models import Policy, PolicyBinding
-from passbook.policies.process import PolicyProcess, PolicyRequest
+from authentik.policies.models import Policy, PolicyBinding
+from authentik.policies.process import PolicyProcess, PolicyRequest
 
 
 class PolicyListView(
@@ -39,7 +39,7 @@ class PolicyListView(
     """Show list of all policies"""
 
     model = Policy
-    permission_required = "passbook_policies.view_policy"
+    permission_required = "authentik_policies.view_policy"
     ordering = "name"
     template_name = "administration/policy/list.html"
     search_fields = ["name"]
@@ -55,10 +55,10 @@ class PolicyCreateView(
     """Create new Policy"""
 
     model = Policy
-    permission_required = "passbook_policies.add_policy"
+    permission_required = "authentik_policies.add_policy"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:policies")
+    success_url = reverse_lazy("authentik_admin:policies")
     success_message = _("Successfully created Policy")
 
 
@@ -72,10 +72,10 @@ class PolicyUpdateView(
     """Update policy"""
 
     model = Policy
-    permission_required = "passbook_policies.change_policy"
+    permission_required = "authentik_policies.change_policy"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:policies")
+    success_url = reverse_lazy("authentik_admin:policies")
     success_message = _("Successfully updated Policy")
 
 
@@ -83,10 +83,10 @@ class PolicyDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessag
     """Delete policy"""
 
     model = Policy
-    permission_required = "passbook_policies.delete_policy"
+    permission_required = "authentik_policies.delete_policy"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:policies")
+    success_url = reverse_lazy("authentik_admin:policies")
     success_message = _("Successfully deleted Policy")
 
 
@@ -95,7 +95,7 @@ class PolicyTestView(LoginRequiredMixin, DetailView, PermissionRequiredMixin, Fo
 
     model = Policy
     form_class = PolicyTestForm
-    permission_required = "passbook_policies.view_policy"
+    permission_required = "authentik_policies.view_policy"
     template_name = "administration/policy/test.html"
     object = None
 

authentik/admin/views/policies_bindings.py

@@ -1,24 +1,26 @@
-"""passbook PolicyBinding administration"""
+"""authentik PolicyBinding administration"""
+from typing import Any
+
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
 )
 from django.contrib.messages.views import SuccessMessageMixin
-from django.db.models import QuerySet
+from django.db.models import Max, QuerySet
 from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 from guardian.shortcuts import get_objects_for_user
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     UserPaginateListMixin,
 )
-from passbook.lib.views import CreateAssignPermView
-from passbook.policies.forms import PolicyBindingForm
-from passbook.policies.models import PolicyBinding
+from authentik.lib.views import CreateAssignPermView
+from authentik.policies.forms import PolicyBindingForm
+from authentik.policies.models import PolicyBinding, PolicyBindingModel
 
 
 class PolicyBindingListView(
@@ -27,7 +29,7 @@ class PolicyBindingListView(
     """Show list of all policies"""
 
     model = PolicyBinding
-    permission_required = "passbook_policies.view_policybinding"
+    permission_required = "authentik_policies.view_policybinding"
     ordering = ["order", "target"]
     template_name = "administration/policy_binding/list.html"
 
@@ -36,7 +38,7 @@ class PolicyBindingListView(
         # First, get all pbm objects that have bindings attached
         objects = (
             get_objects_for_user(
-                self.request.user, "passbook_policies.view_policybindingmodel"
+                self.request.user, "authentik_policies.view_policybindingmodel"
             )
             .filter(policies__isnull=False)
             .select_subclasses()
@@ -60,13 +62,29 @@ class PolicyBindingCreateView(
     """Create new PolicyBinding"""
 
     model = PolicyBinding
-    permission_required = "passbook_policies.add_policybinding"
+    permission_required = "authentik_policies.add_policybinding"
     form_class = PolicyBindingForm
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:policies-bindings")
+    success_url = reverse_lazy("authentik_admin:policies-bindings")
     success_message = _("Successfully created PolicyBinding")
 
+    def get_initial(self) -> dict[str, Any]:
+        if "target" in self.request.GET:
+            initial_target_pk = self.request.GET["target"]
+            targets = PolicyBindingModel.objects.filter(
+                pk=initial_target_pk
+            ).select_subclasses()
+            if not targets.exists():
+                return {}
+            max_order = PolicyBinding.objects.filter(target=targets.first()).aggregate(
+                Max("order")
+            )["order__max"]
+            if not isinstance(max_order, int):
+                max_order = -1
+            return {"target": targets.first(), "order": max_order + 1}
+        return super().get_initial()
+
 
 class PolicyBindingUpdateView(
     SuccessMessageMixin,
@@ -78,11 +96,11 @@ class PolicyBindingUpdateView(
     """Update policybinding"""
 
     model = PolicyBinding
-    permission_required = "passbook_policies.change_policybinding"
+    permission_required = "authentik_policies.change_policybinding"
     form_class = PolicyBindingForm
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:policies-bindings")
+    success_url = reverse_lazy("authentik_admin:policies-bindings")
     success_message = _("Successfully updated PolicyBinding")
 
 
@@ -92,8 +110,8 @@ class PolicyBindingDeleteView(
     """Delete policybinding"""
 
     model = PolicyBinding
-    permission_required = "passbook_policies.delete_policybinding"
+    permission_required = "authentik_policies.delete_policybinding"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:policies-bindings")
+    success_url = reverse_lazy("authentik_admin:policies-bindings")
     success_message = _("Successfully deleted PolicyBinding")

authentik/admin/views/property_mappings.py

@@ -1,4 +1,4 @@
-"""passbook PropertyMapping administration"""
+"""authentik PropertyMapping administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -8,7 +8,7 @@ from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     InheritanceCreateView,
@@ -17,7 +17,7 @@ from passbook.admin.views.utils import (
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.models import PropertyMapping
+from authentik.core.models import PropertyMapping
 
 
 class PropertyMappingListView(
@@ -30,7 +30,7 @@ class PropertyMappingListView(
     """Show list of all property_mappings"""
 
     model = PropertyMapping
-    permission_required = "passbook_core.view_propertymapping"
+    permission_required = "authentik_core.view_propertymapping"
     template_name = "administration/property_mapping/list.html"
     ordering = "name"
     search_fields = ["name", "expression"]
@@ -46,10 +46,10 @@ class PropertyMappingCreateView(
     """Create new PropertyMapping"""
 
     model = PropertyMapping
-    permission_required = "passbook_core.add_propertymapping"
+    permission_required = "authentik_core.add_propertymapping"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:property-mappings")
+    success_url = reverse_lazy("authentik_admin:property-mappings")
     success_message = _("Successfully created Property Mapping")
 
 
@@ -63,10 +63,10 @@ class PropertyMappingUpdateView(
     """Update property_mapping"""
 
     model = PropertyMapping
-    permission_required = "passbook_core.change_propertymapping"
+    permission_required = "authentik_core.change_propertymapping"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:property-mappings")
+    success_url = reverse_lazy("authentik_admin:property-mappings")
     success_message = _("Successfully updated Property Mapping")
 
 
@@ -76,8 +76,8 @@ class PropertyMappingDeleteView(
     """Delete property_mapping"""
 
     model = PropertyMapping
-    permission_required = "passbook_core.delete_propertymapping"
+    permission_required = "authentik_core.delete_propertymapping"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:property-mappings")
+    success_url = reverse_lazy("authentik_admin:property-mappings")
     success_message = _("Successfully deleted Property Mapping")

authentik/admin/views/providers.py

@@ -1,4 +1,4 @@
-"""passbook Provider administration"""
+"""authentik Provider administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -8,7 +8,7 @@ from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     InheritanceCreateView,
@@ -17,7 +17,7 @@ from passbook.admin.views.utils import (
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.models import Provider
+from authentik.core.models import Provider
 
 
 class ProviderListView(
@@ -30,10 +30,10 @@ class ProviderListView(
     """Show list of all providers"""
 
     model = Provider
-    permission_required = "passbook_core.add_provider"
+    permission_required = "authentik_core.add_provider"
     template_name = "administration/provider/list.html"
-    ordering = "id"
-    search_fields = ["id", "name"]
+    ordering = "pk"
+    search_fields = ["pk", "name"]
 
 
 class ProviderCreateView(
@@ -46,10 +46,10 @@ class ProviderCreateView(
     """Create new Provider"""
 
     model = Provider
-    permission_required = "passbook_core.add_provider"
+    permission_required = "authentik_core.add_provider"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:providers")
+    success_url = reverse_lazy("authentik_admin:providers")
     success_message = _("Successfully created Provider")
 
 
@@ -63,10 +63,10 @@ class ProviderUpdateView(
     """Update provider"""
 
     model = Provider
-    permission_required = "passbook_core.change_provider"
+    permission_required = "authentik_core.change_provider"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:providers")
+    success_url = reverse_lazy("authentik_admin:providers")
     success_message = _("Successfully updated Provider")
 
 
@@ -76,8 +76,8 @@ class ProviderDeleteView(
     """Delete provider"""
 
     model = Provider
-    permission_required = "passbook_core.delete_provider"
+    permission_required = "authentik_core.delete_provider"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:providers")
+    success_url = reverse_lazy("authentik_admin:providers")
     success_message = _("Successfully deleted Provider")

authentik/admin/views/sources.py

@@ -1,4 +1,4 @@
-"""passbook Source administration"""
+"""authentik Source administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -8,7 +8,7 @@ from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     InheritanceCreateView,
@@ -17,7 +17,7 @@ from passbook.admin.views.utils import (
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.models import Source
+from authentik.core.models import Source
 
 
 class SourceListView(
@@ -30,7 +30,7 @@ class SourceListView(
     """Show list of all sources"""
 
     model = Source
-    permission_required = "passbook_core.view_source"
+    permission_required = "authentik_core.view_source"
     ordering = "name"
     template_name = "administration/source/list.html"
     search_fields = ["name", "slug"]
@@ -46,10 +46,10 @@ class SourceCreateView(
     """Create new Source"""
 
     model = Source
-    permission_required = "passbook_core.add_source"
+    permission_required = "authentik_core.add_source"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:sources")
+    success_url = reverse_lazy("authentik_admin:sources")
     success_message = _("Successfully created Source")
 
 
@@ -63,10 +63,10 @@ class SourceUpdateView(
     """Update source"""
 
     model = Source
-    permission_required = "passbook_core.change_source"
+    permission_required = "authentik_core.change_source"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:sources")
+    success_url = reverse_lazy("authentik_admin:sources")
     success_message = _("Successfully updated Source")
 
 
@@ -74,8 +74,8 @@ class SourceDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessag
     """Delete source"""
 
     model = Source
-    permission_required = "passbook_core.delete_source"
+    permission_required = "authentik_core.delete_source"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:sources")
+    success_url = reverse_lazy("authentik_admin:sources")
     success_message = _("Successfully deleted Source")

authentik/admin/views/stages.py

@@ -1,4 +1,4 @@
-"""passbook Stage administration"""
+"""authentik Stage administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -8,7 +8,7 @@ from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     InheritanceCreateView,
@@ -17,7 +17,7 @@ from passbook.admin.views.utils import (
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.flows.models import Stage
+from authentik.flows.models import Stage
 
 
 class StageListView(
@@ -31,7 +31,7 @@ class StageListView(
 
     model = Stage
     template_name = "administration/stage/list.html"
-    permission_required = "passbook_flows.view_stage"
+    permission_required = "authentik_flows.view_stage"
     ordering = "name"
     search_fields = ["name"]
 
@@ -47,9 +47,9 @@ class StageCreateView(
 
     model = Stage
     template_name = "generic/create.html"
-    permission_required = "passbook_flows.add_stage"
+    permission_required = "authentik_flows.add_stage"
 
-    success_url = reverse_lazy("passbook_admin:stages")
+    success_url = reverse_lazy("authentik_admin:stages")
     success_message = _("Successfully created Stage")
 
 
@@ -63,9 +63,9 @@ class StageUpdateView(
     """Update stage"""
 
     model = Stage
-    permission_required = "passbook_flows.update_application"
+    permission_required = "authentik_flows.update_application"
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:stages")
+    success_url = reverse_lazy("authentik_admin:stages")
     success_message = _("Successfully updated Stage")
 
 
@@ -74,6 +74,6 @@ class StageDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessage
 
     model = Stage
     template_name = "generic/delete.html"
-    permission_required = "passbook_flows.delete_stage"
-    success_url = reverse_lazy("passbook_admin:stages")
+    permission_required = "authentik_flows.delete_stage"
+    success_url = reverse_lazy("authentik_admin:stages")
     success_message = _("Successfully deleted Stage")

authentik/admin/views/stages_bindings.py

@@ -1,22 +1,25 @@
-"""passbook StageBinding administration"""
+"""authentik StageBinding administration"""
+from typing import Any
+
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
 )
 from django.contrib.messages.views import SuccessMessageMixin
+from django.db.models import Max
 from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     UserPaginateListMixin,
 )
-from passbook.flows.forms import FlowStageBindingForm
-from passbook.flows.models import FlowStageBinding
-from passbook.lib.views import CreateAssignPermView
+from authentik.flows.forms import FlowStageBindingForm
+from authentik.flows.models import Flow, FlowStageBinding
+from authentik.lib.views import CreateAssignPermView
 
 
 class StageBindingListView(
@@ -25,7 +28,7 @@ class StageBindingListView(
     """Show list of all flows"""
 
     model = FlowStageBinding
-    permission_required = "passbook_flows.view_flowstagebinding"
+    permission_required = "authentik_flows.view_flowstagebinding"
     ordering = ["target", "order"]
     template_name = "administration/stage_binding/list.html"
 
@@ -40,13 +43,27 @@ class StageBindingCreateView(
     """Create new StageBinding"""
 
     model = FlowStageBinding
-    permission_required = "passbook_flows.add_flowstagebinding"
+    permission_required = "authentik_flows.add_flowstagebinding"
     form_class = FlowStageBindingForm
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:stage-bindings")
+    success_url = reverse_lazy("authentik_admin:stage-bindings")
     success_message = _("Successfully created StageBinding")
 
+    def get_initial(self) -> dict[str, Any]:
+        if "target" in self.request.GET:
+            initial_target_pk = self.request.GET["target"]
+            targets = Flow.objects.filter(pk=initial_target_pk).select_subclasses()
+            if not targets.exists():
+                return {}
+            max_order = FlowStageBinding.objects.filter(
+                target=targets.first()
+            ).aggregate(Max("order"))["order__max"]
+            if not isinstance(max_order, int):
+                max_order = -1
+            return {"target": targets.first(), "order": max_order + 1}
+        return super().get_initial()
+
 
 class StageBindingUpdateView(
     SuccessMessageMixin,
@@ -58,11 +75,11 @@ class StageBindingUpdateView(
     """Update FlowStageBinding"""
 
     model = FlowStageBinding
-    permission_required = "passbook_flows.change_flowstagebinding"
+    permission_required = "authentik_flows.change_flowstagebinding"
     form_class = FlowStageBindingForm
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:stage-bindings")
+    success_url = reverse_lazy("authentik_admin:stage-bindings")
     success_message = _("Successfully updated StageBinding")
 
 
@@ -72,8 +89,8 @@ class StageBindingDeleteView(
     """Delete FlowStageBinding"""
 
     model = FlowStageBinding
-    permission_required = "passbook_flows.delete_flowstagebinding"
+    permission_required = "authentik_flows.delete_flowstagebinding"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:stage-bindings")
+    success_url = reverse_lazy("authentik_admin:stage-bindings")
     success_message = _("Successfully deleted FlowStageBinding")

authentik/admin/views/stages_invitations.py

@@ -1,4 +1,4 @@
-"""passbook Invitation administration"""
+"""authentik Invitation administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -10,16 +10,16 @@ from django.utils.translation import gettext as _
 from django.views.generic import ListView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.lib.views import CreateAssignPermView
-from passbook.stages.invitation.forms import InvitationForm
-from passbook.stages.invitation.models import Invitation
-from passbook.stages.invitation.signals import invitation_created
+from authentik.lib.views import CreateAssignPermView
+from authentik.stages.invitation.forms import InvitationForm
+from authentik.stages.invitation.models import Invitation
+from authentik.stages.invitation.signals import invitation_created
 
 
 class InvitationListView(
@@ -32,7 +32,7 @@ class InvitationListView(
     """Show list of all invitations"""
 
     model = Invitation
-    permission_required = "passbook_stages_invitation.view_invitation"
+    permission_required = "authentik_stages_invitation.view_invitation"
     template_name = "administration/stage_invitation/list.html"
     ordering = "-expires"
     search_fields = ["created_by__username", "expires", "fixed_data"]
@@ -49,10 +49,10 @@ class InvitationCreateView(
 
     model = Invitation
     form_class = InvitationForm
-    permission_required = "passbook_stages_invitation.add_invitation"
+    permission_required = "authentik_stages_invitation.add_invitation"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:stage-invitations")
+    success_url = reverse_lazy("authentik_admin:stage-invitations")
     success_message = _("Successfully created Invitation")
 
     def form_valid(self, form):
@@ -69,8 +69,8 @@ class InvitationDeleteView(
     """Delete invitation"""
 
     model = Invitation
-    permission_required = "passbook_stages_invitation.delete_invitation"
+    permission_required = "authentik_stages_invitation.delete_invitation"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:stage-invitations")
+    success_url = reverse_lazy("authentik_admin:stage-invitations")
     success_message = _("Successfully deleted Invitation")

authentik/admin/views/stages_prompts.py

@@ -1,4 +1,4 @@
-"""passbook Prompt administration"""
+"""authentik Prompt administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
     PermissionRequiredMixin as DjangoPermissionRequiredMixin,
@@ -9,15 +9,15 @@ from django.utils.translation import gettext as _
 from django.views.generic import ListView, UpdateView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.lib.views import CreateAssignPermView
-from passbook.stages.prompt.forms import PromptAdminForm
-from passbook.stages.prompt.models import Prompt
+from authentik.lib.views import CreateAssignPermView
+from authentik.stages.prompt.forms import PromptAdminForm
+from authentik.stages.prompt.models import Prompt
 
 
 class PromptListView(
@@ -30,7 +30,7 @@ class PromptListView(
     """Show list of all prompts"""
 
     model = Prompt
-    permission_required = "passbook_stages_prompt.view_prompt"
+    permission_required = "authentik_stages_prompt.view_prompt"
     ordering = "order"
     template_name = "administration/stage_prompt/list.html"
     search_fields = [
@@ -52,10 +52,10 @@ class PromptCreateView(
 
     model = Prompt
     form_class = PromptAdminForm
-    permission_required = "passbook_stages_prompt.add_prompt"
+    permission_required = "authentik_stages_prompt.add_prompt"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:stage-prompts")
+    success_url = reverse_lazy("authentik_admin:stage-prompts")
     success_message = _("Successfully created Prompt")
 
 
@@ -70,10 +70,10 @@ class PromptUpdateView(
 
     model = Prompt
     form_class = PromptAdminForm
-    permission_required = "passbook_stages_prompt.change_prompt"
+    permission_required = "authentik_stages_prompt.change_prompt"
 
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:stage-prompts")
+    success_url = reverse_lazy("authentik_admin:stage-prompts")
     success_message = _("Successfully updated Prompt")
 
 
@@ -81,8 +81,8 @@ class PromptDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessag
     """Delete prompt"""
 
     model = Prompt
-    permission_required = "passbook_stages_prompt.delete_prompt"
+    permission_required = "authentik_stages_prompt.delete_prompt"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:stage-prompts")
+    success_url = reverse_lazy("authentik_admin:stage-prompts")
     success_message = _("Successfully deleted Prompt")

authentik/admin/views/tasks.py

@@ -1,10 +1,10 @@
-"""passbook Tasks List"""
+"""authentik Tasks List"""
 from typing import Any, Dict
 
 from django.views.generic.base import TemplateView
 
-from passbook.admin.mixins import AdminRequiredMixin
-from passbook.lib.tasks import TaskInfo, TaskResultStatus
+from authentik.admin.mixins import AdminRequiredMixin
+from authentik.lib.tasks import TaskInfo, TaskResultStatus
 
 
 class TaskListView(AdminRequiredMixin, TemplateView):

authentik/admin/views/tokens.py

@@ -1,16 +1,16 @@
-"""passbook Token administration"""
+"""authentik Token administration"""
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
 from django.views.generic import ListView
 from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
 
-from passbook.admin.views.utils import (
+from authentik.admin.views.utils import (
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.models import Token
+from authentik.core.models import Token
 
 
 class TokenListView(
@@ -23,7 +23,7 @@ class TokenListView(
     """Show list of all tokens"""
 
     model = Token
-    permission_required = "passbook_core.view_token"
+    permission_required = "authentik_core.view_token"
     ordering = "expires"
     template_name = "administration/token/list.html"
     search_fields = [
@@ -38,8 +38,8 @@ class TokenDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessage
     """Delete token"""
 
     model = Token
-    permission_required = "passbook_core.delete_token"
+    permission_required = "authentik_core.delete_token"
 
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:tokens")
+    success_url = reverse_lazy("authentik_admin:tokens")
     success_message = _("Successfully deleted Token")

authentik/admin/views/users.py

@@ -1,4 +1,4 @@
-"""passbook User administration"""
+"""authentik User administration"""
 from django.contrib import messages
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.mixins import (
@@ -18,15 +18,15 @@ from guardian.mixins import (
     get_anonymous_user,
 )
 
-from passbook.admin.forms.users import UserForm
-from passbook.admin.views.utils import (
+from authentik.admin.forms.users import UserForm
+from authentik.admin.views.utils import (
     BackSuccessUrlMixin,
     DeleteMessageView,
     SearchListMixin,
     UserPaginateListMixin,
 )
-from passbook.core.models import Token, User
-from passbook.lib.views import CreateAssignPermView
+from authentik.core.models import Token, User
+from authentik.lib.views import CreateAssignPermView
 
 
 class UserListView(
@@ -39,7 +39,7 @@ class UserListView(
     """Show list of all users"""
 
     model = User
-    permission_required = "passbook_core.view_user"
+    permission_required = "authentik_core.view_user"
     ordering = "username"
     template_name = "administration/user/list.html"
     search_fields = ["username", "name", "attributes"]
@@ -59,10 +59,10 @@ class UserCreateView(
 
     model = User
     form_class = UserForm
-    permission_required = "passbook_core.add_user"
+    permission_required = "authentik_core.add_user"
 
     template_name = "generic/create.html"
-    success_url = reverse_lazy("passbook_admin:users")
+    success_url = reverse_lazy("authentik_admin:users")
     success_message = _("Successfully created User")
 
 
@@ -77,12 +77,12 @@ class UserUpdateView(
 
     model = User
     form_class = UserForm
-    permission_required = "passbook_core.change_user"
+    permission_required = "authentik_core.change_user"
 
     # By default the object's name is user which is used by other checks
     context_object_name = "object"
     template_name = "generic/update.html"
-    success_url = reverse_lazy("passbook_admin:users")
+    success_url = reverse_lazy("authentik_admin:users")
     success_message = _("Successfully updated User")
 
 
@@ -90,12 +90,12 @@ class UserDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageV
     """Delete user"""
 
     model = User
-    permission_required = "passbook_core.delete_user"
+    permission_required = "authentik_core.delete_user"
 
     # By default the object's name is user which is used by other checks
     context_object_name = "object"
     template_name = "generic/delete.html"
-    success_url = reverse_lazy("passbook_admin:users")
+    success_url = reverse_lazy("authentik_admin:users")
     success_message = _("Successfully deleted User")
 
 
@@ -107,12 +107,12 @@ class UserDisableView(
     object: User
 
     model = User
-    permission_required = "passbook_core.update_user"
+    permission_required = "authentik_core.update_user"
 
     # By default the object's name is user which is used by other checks
     context_object_name = "object"
     template_name = "administration/user/disable.html"
-    success_url = reverse_lazy("passbook_admin:users")
+    success_url = reverse_lazy("authentik_admin:users")
     success_message = _("Successfully disabled User")
 
     def delete(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
@@ -131,11 +131,11 @@ class UserEnableView(
     object: User
 
     model = User
-    permission_required = "passbook_core.update_user"
+    permission_required = "authentik_core.update_user"
 
     # By default the object's name is user which is used by other checks
     context_object_name = "object"
-    success_url = reverse_lazy("passbook_admin:users")
+    success_url = reverse_lazy("authentik_admin:users")
     success_message = _("Successfully enabled User")
 
     def get(self, request: HttpRequest, *args, **kwargs):
@@ -150,19 +150,19 @@ class UserPasswordResetView(LoginRequiredMixin, PermissionRequiredMixin, DetailV
     """Get Password reset link for user"""
 
     model = User
-    permission_required = "passbook_core.reset_user_password"
+    permission_required = "authentik_core.reset_user_password"
 
     def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
         """Create token for user and return link"""
         super().get(request, *args, **kwargs)
-        token, _ = Token.objects.get_or_create(
+        token, __ = Token.objects.get_or_create(
             identifier="password-reset-temp", user=self.object
         )
         querystring = urlencode({"token": token.key})
         link = request.build_absolute_uri(
-            reverse("passbook_flows:default-recovery") + f"?{querystring}"
+            reverse("authentik_flows:default-recovery") + f"?{querystring}"
         )
         messages.success(
             request, _("Password reset link: <pre>%(link)s</pre>" % {"link": link})
         )
-        return redirect("passbook_admin:users")
+        return redirect("authentik_admin:users")

authentik/admin/views/utils.py

@@ -1,4 +1,4 @@
-"""passbook admin util views"""
+"""authentik admin util views"""
 from typing import Any, Dict, List, Optional
 from urllib.parse import urlparse
 
@@ -11,8 +11,8 @@ from django.http.request import HttpRequest
 from django.views.generic import DeleteView, ListView, UpdateView
 from django.views.generic.list import MultipleObjectMixin
 
-from passbook.lib.utils.reflection import all_subclasses
-from passbook.lib.views import CreateAssignPermView
+from authentik.lib.utils.reflection import all_subclasses
+from authentik.lib.views import CreateAssignPermView
 
 
 class DeleteMessageView(SuccessMessageMixin, DeleteView):

authentik/api/apps.py

@@ -0,0 +1,12 @@
+"""authentik API AppConfig"""
+
+from django.apps import AppConfig
+
+
+class AuthentikAPIConfig(AppConfig):
+    """authentik API Config"""
+
+    name = "authentik.api"
+    label = "authentik_api"
+    mountpoint = "api/"
+    verbose_name = "authentik API"

authentik/api/auth.py

@@ -1,12 +1,13 @@
 """API Authentication"""
 from base64 import b64decode
+from binascii import Error
 from typing import Any, Optional, Tuple, Union
 
 from rest_framework.authentication import BaseAuthentication, get_authorization_header
 from rest_framework.request import Request
 from structlog import get_logger
 
-from passbook.core.models import Token, TokenIntents, User
+from authentik.core.models import Token, TokenIntents, User
 
 LOGGER = get_logger()
 
@@ -24,14 +25,14 @@ def token_from_header(raw_header: bytes) -> Optional[Token]:
             return None
     try:
         auth_credentials = b64decode(auth_credentials.encode()).decode()
-    except UnicodeDecodeError:
+    except (UnicodeDecodeError, Error):
         return None
     # Accept credentials with username and without
     if ":" in auth_credentials:
         _, password = auth_credentials.split(":")
     else:
         password = auth_credentials
-    if password == "":
+    if password == "":  # nosec
         return None
     tokens = Token.filter_not_expired(key=password, intent=TokenIntents.INTENT_API)
     if not tokens.exists():
@@ -40,7 +41,7 @@ def token_from_header(raw_header: bytes) -> Optional[Token]:
     return tokens.first()
 
 
-class PassbookTokenAuthentication(BaseAuthentication):
+class AuthentikTokenAuthentication(BaseAuthentication):
     """Token-based authentication using HTTP Basic authentication"""
 
     def authenticate(self, request: Request) -> Union[Tuple[User, Any], None]:
@@ -54,4 +55,4 @@ class PassbookTokenAuthentication(BaseAuthentication):
         return (token.user, None)
 
     def authenticate_header(self, request: Request) -> str:
-        return 'Basic realm="passbook"'
+        return 'Basic realm="authentik"'

authentik/api/pagination.py

@@ -0,0 +1,31 @@
+"""Pagination which includes total pages and current page"""
+from rest_framework import pagination
+from rest_framework.response import Response
+
+
+class Pagination(pagination.PageNumberPagination):
+    """Pagination which includes total pages and current page"""
+
+    page_size_query_param = "page_size"
+
+    def get_paginated_response(self, data):
+        previous_page_number = 0
+        if self.page.has_previous():
+            previous_page_number = self.page.previous_page_number()
+        next_page_number = 0
+        if self.page.has_next():
+            next_page_number = self.page.next_page_number()
+        return Response(
+            {
+                "pagination": {
+                    "next": next_page_number,
+                    "previous": previous_page_number,
+                    "count": self.page.paginator.count,
+                    "current": self.page.number,
+                    "total_pages": self.page.paginator.num_pages,
+                    "start_index": self.page.start_index(),
+                    "end_index": self.page.end_index(),
+                },
+                "results": data,
+            }
+        )

authentik/api/templates/rest_framework/api.html

@@ -2,6 +2,6 @@
 
 {% block branding %}
 <span class='navbar-brand'>
-    passbook
+    authentik
 </span>
 {% endblock %}

authentik/api/tests.py

@@ -0,0 +1,37 @@
+"""Test API Authentication"""
+from base64 import b64encode
+
+from django.test import TestCase
+from guardian.shortcuts import get_anonymous_user
+
+from authentik.api.auth import token_from_header
+from authentik.core.models import Token, TokenIntents
+
+
+class TestAPIAuth(TestCase):
+    """Test API Authentication"""
+
+    def test_valid(self):
+        """Test valid token"""
+        token = Token.objects.create(
+            intent=TokenIntents.INTENT_API, user=get_anonymous_user()
+        )
+        auth = b64encode(f":{token.key}".encode()).decode()
+        self.assertEqual(token_from_header(f"Basic {auth}".encode()), token)
+
+    def test_invalid_type(self):
+        """Test invalid type"""
+        self.assertIsNone(token_from_header("foo bar".encode()))
+
+    def test_invalid_decode(self):
+        """Test invalid bas64"""
+        self.assertIsNone(token_from_header("Basic bar".encode()))
+
+    def test_invalid_empty_password(self):
+        """Test invalid with empty password"""
+        self.assertIsNone(token_from_header("Basic :".encode()))
+
+    def test_invalid_no_token(self):
+        """Test invalid with no token"""
+        auth = b64encode(":abc".encode()).decode()
+        self.assertIsNone(token_from_header(f"Basic :{auth}".encode()))

authentik/api/urls.py

@@ -1,7 +1,7 @@
-"""passbook api urls"""
+"""authentik api urls"""
 from django.urls import include, path
 
-from passbook.api.v2.urls import urlpatterns as v2_urls
+from authentik.api.v2.urls import urlpatterns as v2_urls
 
 urlpatterns = [
     path("v2beta/", include(v2_urls)),

authentik/api/v2/config.py

@@ -0,0 +1,46 @@
+"""core Configs API"""
+from drf_yasg2.utils import swagger_auto_schema
+from rest_framework.permissions import AllowAny
+from rest_framework.request import Request
+from rest_framework.response import Response
+from rest_framework.serializers import ReadOnlyField, Serializer
+from rest_framework.viewsets import ViewSet
+
+from authentik.lib.config import CONFIG
+
+
+class ConfigSerializer(Serializer):
+    """Serialize authentik Config into DRF Object"""
+
+    branding_logo = ReadOnlyField()
+    branding_title = ReadOnlyField()
+
+    error_reporting_enabled = ReadOnlyField()
+    error_reporting_environment = ReadOnlyField()
+    error_reporting_send_pii = ReadOnlyField()
+
+    def create(self, request: Request) -> Response:
+        raise NotImplementedError
+
+    def update(self, request: Request) -> Response:
+        raise NotImplementedError
+
+
+class ConfigsViewSet(ViewSet):
+    """Read-only view set that returns the current session's Configs"""
+
+    permission_classes = [AllowAny]
+
+    @swagger_auto_schema(responses={200: ConfigSerializer(many=True)})
+    def list(self, request: Request) -> Response:
+        """Retrive public configuration options"""
+        config = ConfigSerializer(
+            {
+                "branding_logo": CONFIG.y("authentik.branding.logo"),
+                "branding_title": CONFIG.y("authentik.branding.title"),
+                "error_reporting_enabled": CONFIG.y("error_reporting.enabled"),
+                "error_reporting_environment": CONFIG.y("error_reporting.environment"),
+                "error_reporting_send_pii": CONFIG.y("error_reporting.send_pii"),
+            }
+        )
+        return Response(config.data)