Compare commits

..

4252 Commits

Author SHA1 Message Date
bf4cbb25fe release: 2021.5.3 2021-05-20 20:17:39 +02:00
a925418f60 lib: don't send ImproperlyConfigured to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:18:35 +02:00
ffd61d0e60 root: fix bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:16:23 +02:00
71d112bdcf sources/plex: remove default for plex_token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:13:54 +02:00
c58fe18b97 web: remove nginx config, add caching headers to g
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:11:55 +02:00
590c7f4c9d outposts: fix error on outpost disconnect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 18:07:27 +02:00
56f1204c9b outposts: fix update signal not being sent to correct instances
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 15:23:38 +02:00
349a5b2d00 web/admin: fix flow form not loading data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:19 +02:00
63e3667e82 web: fix t.reset is not a function
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:11 +02:00
92f2a82c03 providers/oauth2: fix double login required when prompt=login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:08 +02:00
dcf074650e providers/proxy: fix redirect_uris not always being set on save
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 01:10:04 +02:00
5a465fbc36 release: 2021.5.2 2021-05-17 19:54:10 +02:00
7cd80a903a build(deps): bump eslint-plugin-lit from 1.4.0 to 1.4.1 in /web (#890)
Bumps [eslint-plugin-lit](https://github.com/43081j/eslint-plugin-lit) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/43081j/eslint-plugin-lit/releases)
- [Commits](https://github.com/43081j/eslint-plugin-lit/compare/v1.4.0...v1.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:12:14 +02:00
dd00351bc7 build(deps): bump rollup from 2.47.0 to 2.48.0 in /web (#889)
Bumps [rollup](https://github.com/rollup/rollup) from 2.47.0 to 2.48.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.47.0...v2.48.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:12:05 +02:00
5fca7d11b8 build(deps): bump boto3 from 1.17.72 to 1.17.73 (#891)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.72 to 1.17.73.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.72...1.17.73)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:08:53 +02:00
0ff59636f7 build(deps-dev): bump pytest-django from 4.2.0 to 4.3.0 (#892)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.2.0...v4.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-17 09:08:41 +02:00
e5ebe390d2 ci: fix missing dependencies for scripts.generate_ci_config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-17 00:08:45 +02:00
b66626f9c4 ci: generate secert_key for CI runs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 23:46:23 +02:00
23123c43ee website/docs: improve wording on release notes, point to tag for docker-compose download
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 23:08:11 +02:00
8ce918d527 website/docs: Always point to master copy of docker-compose.yml in installation instructions (#888) 2021-05-16 23:02:16 +02:00
45c1a603e7 root: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:29:28 +02:00
583271d5ed root: only load debug secret key when debug is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:25:55 +02:00
176360fdd7 website/docs: fix $auth_cookie not being defined in outpost docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 22:18:31 +02:00
8d2a3b67b9 lib: Fix config loading of secrets from files (#887) 2021-05-16 21:10:31 +02:00
d0d3072c50 outposts/ldap: fix AUTHENTIK_INSECURE not being respected for API client during bind
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-16 00:01:16 +02:00
34e2bbc41d Merge branch 'next' 2021-05-15 23:25:17 +02:00
ea2dbb2f33 web/admin: fix error when copying token while none exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 23:25:06 +02:00
c55f2ad10a root: set additional sentry tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 19:53:43 +02:00
2cde40aeee website/docs: add release notes for 2021.5.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:49:34 +02:00
a30b32fbbf outposts: fix missing default for OutpostState.for_channel
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:46:53 +02:00
1745306cc6 outposts: fix error when controller loads from cache but cache has expired
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:45:33 +02:00
8925787a13 flows: fix error when using cancel flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 17:42:37 +02:00
968b7ec17a lib: fix parsing of remote IP header when behind multiple reverse proxies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 15:08:53 +02:00
6600d5bf69 providers/oauth2: use user.uid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 14:08:49 +02:00
a4278833d8 providers/proxy: fix ingress not being created with full https
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-15 13:45:41 +02:00
942905b9b1 providers/proxy: fix formatting issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 16:24:35 +02:00
81056c3889 LDAP: use username instead of name for user dn (#883) 2021-05-14 12:58:27 +02:00
36b694fc41 website/docs: add example ldapsearch command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:47:38 +02:00
2d9f216658 web/admin: add notice for LDAP Provider's group selection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:44:01 +02:00
8d7bb7da17 providers/proxy: connect ingress to https instead of http
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#882
2021-05-14 11:42:03 +02:00
965db6eaf5 outposts/proxy: fix insecure TLS Skip
closes #882

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:38:40 +02:00
9bdd6f23a4 website/docs: add ldap example, use ghcr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:19:09 +02:00
675ad7710c outposts/proxy: fix error redeeming code when using non-standard ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:13:57 +02:00
9939db13c3 outposts: fix reload notification not working due to wrong ID being saved
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 11:13:04 +02:00
03e134b296 web/admin: fix propertymappings not loading correctly
closes #879

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 10:58:33 +02:00
465750276c core: fix application's slug field not being set to unique
closes #881

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 10:49:42 +02:00
9b13191646 web: fix chunks overwriting each other
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 01:06:29 +02:00
634ea61b50 lifecycle: check if group of docker socket exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-14 00:50:20 +02:00
0fcb4936a2 web: output js chunks without hashing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 23:15:40 +02:00
934e62d5be lifecycle: fix error when worker is not running as root
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 22:55:35 +02:00
c5e9197b19 website/docs: fix release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 21:43:10 +02:00
0b7ebf0e07 release: 2021.5.1 2021-05-13 20:50:31 +02:00
ddca8ef3ca tests/integration: fix outpost tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:33:41 +02:00
709581f5a8 root: use ghcr images by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:15:29 +02:00
72e41c03f5 lifecycle: run worker as root and drop perms later to fix docker permission issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 20:11:49 +02:00
40503d06b7 web/admin: improve UI for plex source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:12:07 +02:00
1df8790050 stages/authenticator_static: fix error when listing devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:09:55 +02:00
3c23ad340f web/admin: improve diagram api for flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 18:01:40 +02:00
f9f2e00913 core: improve error handling for backups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 17:56:49 +02:00
8362507bdf outposts: fix GIT_BUILD_HASH not being set correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 17:49:11 +02:00
a2181c3bf0 build(deps): bump actions/create-release from 1.0.0 to 1.1.4 (#876) 2021-05-13 15:40:05 +02:00
a07ded0dae build(deps): bump actions/github-script from 0.2.0 to 4.0.2 (#877) 2021-05-13 15:39:48 +02:00
3b0b9301ee build(deps): bump django from 3.2.2 to 3.2.3 (#878) 2021-05-13 15:39:40 +02:00
919f293fc7 tests/e2e: fix redirect_uri
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 13:09:30 +02:00
c4df2e5a50 Merge branch 'master' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
2021-05-13 12:47:55 +02:00
4d1500e0f3 outposts/proxy: revert to using request Host for redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-13 12:34:53 +02:00
281bd4c69a build(deps): bump @babel/core from 7.14.0 to 7.14.2 in /web (#868)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.14.0 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:23:08 +02:00
e4678aa032 build(deps): bump @babel/plugin-transform-runtime in /web (#869)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.13.15 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-plugin-transform-runtime)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:21:52 +02:00
ff1c4d555a build(deps): bump @babel/preset-env from 7.14.1 to 7.14.2 in /web (#870)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.1 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:20:46 +02:00
4a3e34d40a build(deps): bump @docusaurus/preset-classic in /website (#872)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.75 to 2.0.0-beta.0.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-beta.0/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:18:39 +02:00
6939898bbe build(deps): bump @babel/plugin-proposal-decorators in /web (#871)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.13.15 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-plugin-proposal-decorators)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:18:30 +02:00
549607c5ed build(deps): bump kubernetes from 12.0.1 to 17.17.0 (#874)
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 12.0.1 to 17.17.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-client/python/compare/v12.0.1...v17.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-13 11:18:20 +02:00
f61acdfbfd build(deps): bump geoip2 from 4.1.0 to 4.2.0 (#873) 2021-05-13 11:15:25 +02:00
e3572bad76 build(deps): bump boto3 from 1.17.71 to 1.17.72 (#875) 2021-05-13 10:36:43 +02:00
8f99891a9d release: 2021.5.1-rc10 2021-05-12 21:25:18 +02:00
99d5262d41 ci: install git in final test containers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 21:24:35 +02:00
97a3c2d88b release: 2021.5.1-rc9 2021-05-12 20:50:29 +02:00
e91ff4566d Merge branch 'next' into version-2021.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	outpost/pkg/version.go
2021-05-12 20:49:58 +02:00
dc942b2f4c outposts: build as gh-<commit hash>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 20:37:55 +02:00
a3fccbdaff outposts: add build_hash for docker image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 20:36:18 +02:00
bdf9f26d07 outposts: compare build hash in outdated check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 19:05:29 +02:00
901cea1453 outposts: send build hash as part of hello
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 19:02:04 +02:00
37b57ac28f outposts: include git commit hash in build from git branch
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:56:44 +02:00
e9aa37ba67 outposts/ldap: fix user info caching, fix mixed case DN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#864
2021-05-12 18:49:15 +02:00
9a0aa4c79b outposts/ldap: add infinite loop prevention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:31:44 +02:00
34ab68a169 outposts: cleanup logging
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 18:01:46 +02:00
52cf4890cf root: remove servername from backup files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 17:53:23 +02:00
8e5d03cb86 outposts: remove legacy API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:41:54 +02:00
2190fa555b events/api: fix error when updating transports
closes #866

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:41:30 +02:00
ae1edde17b ci: install git in container for dbbackup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 16:30:51 +02:00
3ad1c3f212 web/admin: fix AuthenticatorValidationStage's form not setting notConfiguredAction
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#802
2021-05-12 16:28:14 +02:00
3665e2fefa release: 2021.5.1-rc8 2021-05-12 14:52:34 +02:00
3dbe35cf9e stages/invitation: fix wrong serializer used for user model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	swagger.yaml
2021-05-12 14:22:16 +02:00
65ec444e52 build(deps): bump boto3 from 1.17.70 to 1.17.71 (#865)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.70 to 1.17.71.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.70...1.17.71)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-12 10:46:06 +02:00
c7f0ea8a4b root: update dbbackup to git version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 01:20:31 +02:00
0620324702 root: bump version of psf black
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-12 00:42:46 +02:00
5a802bcf83 web/admin: fix list of outpost status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 22:59:45 +02:00
00c8054893 web/admin: fix border on dark mode in firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 22:27:33 +02:00
dc2538f59d web/admin: fix outpost health not updating on refresh
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 21:53:19 +02:00
5a0e78c698 outposts: fix issue with duplicate outpost health
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 21:46:30 +02:00
fd4e8a59f4 web/admin: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:09:49 +02:00
dd1a6a81c8 outposts/proxy: improve host header detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:02:36 +02:00
84dfbcaaae providers/api: return redirect_uris for proxy provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 20:02:17 +02:00
e649e9fb03 core: don't use self.get_object for application permission check to prevent 404 when view permission is missing
closes #864

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 17:35:11 +02:00
266ef66a6f Merge branch 'master' into next 2021-05-11 14:57:52 +02:00
842fdb0b0c fixed session durations of more than 1 day (#863) 2021-05-11 14:57:33 +02:00
a270a84aae website/docs: update link for saml provider metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#857
2021-05-11 14:23:39 +02:00
36f7cad23b Merge pull request #862 from goauthentik/form-refresh-on-save
Form refresh on save
2021-05-11 14:23:32 +02:00
e441ac1e43 web/admin: add download links for certificates
closes #861

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 14:21:48 +02:00
24f2932777 crypto: add ?download flag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#861
2021-05-11 14:21:35 +02:00
a6c6f22221 web/admin: add button to copy saml metadata download link
closes #857

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:52:47 +02:00
abd5db8ad4 website/docs: update link for saml provider metadata
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#857
2021-05-11 13:44:51 +02:00
124ce80694 sources/plex: make plex_token readable from API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:32:28 +02:00
4352960f83 web/admin: fix error when updating oauth source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:31:33 +02:00
4e2443d60b flows: make cancel link always logout user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:13:05 +02:00
34a8408a4f Merge branch 'next' into form-refresh-on-save 2021-05-11 13:07:57 +02:00
17b65adcc5 lib: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 13:07:47 +02:00
6f8d129dea web/admin: migrate remaining forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:44:50 +02:00
59f339beda web/admin: migrate stage forms to ModelForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:35:53 +02:00
ce1c400022 web/admin: migrate policy forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:19:35 +02:00
c99afe0ad4 web/admin: remove unused imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:12:31 +02:00
ff9ff18c11 web/admin: migrate more forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 12:05:30 +02:00
4d11d82c6e web/admin: migrate more forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 11:55:25 +02:00
b4d750174f web/admin: add modelform as base, start migrating
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 11:48:34 +02:00
fd44765ff4 Merge branch 'next' into form-refresh-on-save 2021-05-11 11:47:29 +02:00
190ebb27e4 Merge branch 'master' into next 2021-05-11 11:47:10 +02:00
fb3c04d0c7 build(deps): bump postcss from 8.2.14 to 8.2.15 in /website (#858) 2021-05-11 10:46:06 +02:00
3ba8de61e0 build(deps): bump eslint-plugin-lit from 1.3.0 to 1.4.0 in /web (#859) 2021-05-11 10:45:46 +02:00
d4d2be84a3 build(deps): bump boto3 from 1.17.69 to 1.17.70 (#860) 2021-05-11 10:45:33 +02:00
96ea7ae09c root: allow configuration of s3 backup location
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 02:10:00 +02:00
172bfceb31 root: fix db backup failing when password has special chars
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 02:01:22 +02:00
932b19999e providers/proxy: missing @property for noop
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 01:26:01 +02:00
0f1cc86e71 outposts/ak: updater providers automatically every 150 seconds
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 01:07:26 +02:00
788fd00390 outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 00:27:29 +02:00
f602e202b8 website/docs: use beryju.org directly for beta
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-11 00:11:42 +02:00
9b60fcb08b root: only install latest postgresql client, since they are backwards compatible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 23:24:27 +02:00
a293a14f2a outposts: re-add _config for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 22:28:46 +02:00
65bfa589eb Merge branch 'master' into next 2021-05-10 20:35:11 +02:00
defca51d24 build(deps): bump @sentry/browser from 6.3.5 to 6.3.6 in /web (#855)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.3.5 to 6.3.6.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.5...6.3.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:34:09 +02:00
d862028134 build(deps): bump @typescript-eslint/eslint-plugin in /web (#856)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.22.1 to 4.23.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.23.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:33:59 +02:00
c19d7c37aa build(deps): bump @sentry/tracing from 6.3.5 to 6.3.6 in /web (#853)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.5 to 6.3.6.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.5...6.3.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:30:55 +02:00
6fb3102d25 build(deps): bump @typescript-eslint/parser in /web (#854)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.22.1 to 4.23.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.23.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 20:30:41 +02:00
51e3453dca admin: fix linting in api tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 20:14:21 +02:00
6f58fdf158 api: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:51:29 +02:00
5d4051f547 ci: test and lint at the same time
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:36:28 +02:00
219b8d1a57 outposts: allow individual components of managed outposts to be disabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:27:48 +02:00
c7d4e69669 root: make database port configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:25:15 +02:00
cd629dfbaa outposts: improve API validation for config attribute, ensure all required attributes are set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 19:24:42 +02:00
8eaaaae2a7 outpost: add trace log level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 18:09:52 +02:00
3d0a853449 Merge branch 'version-2021.5' into next 2021-05-10 18:07:39 +02:00
c2f8ff55cf outposts: fix outpost delete hanging thread, run cleanup in async task with info from cache with ability to retry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 17:11:31 +02:00
4b52697cfe web/elements: add refresh support to chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 15:57:52 +02:00
80fae44f47 release: 2021.5.1-rc7 2021-05-10 12:13:10 +02:00
afd7af557d ci: login to ghcr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 12:13:03 +02:00
73eb97ca6e release: 2021.5.1-rc6 2021-05-10 11:44:23 +02:00
ebe90d8886 Merge branch 'next' into version-2021.5 2021-05-10 11:43:50 +02:00
a1a1b113b1 release: 2021.5.1-rc5 2021-05-10 11:34:00 +02:00
9adf8e88ba ci: remove arm v8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 11:33:21 +02:00
72d87ee51d ci: test arm/v8 with libpq
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 11:23:15 +02:00
9654285535 Merge branch 'master' into next 2021-05-10 11:22:16 +02:00
6e47e69c62 build(deps-dev): bump prettier from 2.2.1 to 2.3.0 in /website (#852)
Bumps [prettier](https://github.com/prettier/prettier) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.2.1...2.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 09:05:00 +02:00
1ba89a02ee root: install libpq-dev in docker
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:38:58 +02:00
1fb3642701 sources/oauth: fix google tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:27:37 +02:00
847d97b813 sources/oauth: fix google tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:27:20 +02:00
253060def2 website: add service-account for outposts in other cluster
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:16:52 +02:00
2e70ea799a ci: try arm64 only
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:06:49 +02:00
7364914ae8 Merge branch 'master' into next 2021-05-10 00:02:53 +02:00
1f1d322958 *: fix api results when non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:01:35 +02:00
e4841ce1a4 Merge branch 'version-2021.5' into next 2021-05-09 23:41:23 +02:00
af30b781b6 ci: only arm only v8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:40:27 +02:00
5f490c563e ci: build for arm v6 and v8
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:32:52 +02:00
e33a5528f7 core: catch IntegrityError in flow_manager and deny request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:31:39 +02:00
d4de243e3b ci: always run on release for version branches but don't push images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 23:09:48 +02:00
317117ee68 build(deps): bump eslint from 7.25.0 to 7.26.0 in /web (#848)
Bumps [eslint](https://github.com/eslint/eslint) from 7.25.0 to 7.26.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.25.0...v7.26.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 23:03:39 +02:00
40d03a6124 build(deps): bump service-identity from 18.1.0 to 21.1.0 (#849)
Bumps [service-identity](https://github.com/pyca/service-identity) from 18.1.0 to 21.1.0.
- [Release notes](https://github.com/pyca/service-identity/releases)
- [Changelog](https://github.com/pyca/service-identity/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/service-identity/compare/18.1.0...21.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 23:03:03 +02:00
9cfeeb35ba ci: fix invalid workflow file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 22:56:50 +02:00
b7d828702d sources/oauth: don't set username on google source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 22:56:44 +02:00
19dfeec782 build(deps): bump django-otp from 1.0.4 to 1.0.5 (#850)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.4...v1.0.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 22:55:30 +02:00
07eef2869f build(deps): bump boto3 from 1.17.68 to 1.17.69 (#851)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.68 to 1.17.69.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.68...1.17.69)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-09 22:55:19 +02:00
f7fd31cc84 release: 2021.5.1-rc4 2021-05-09 21:43:38 +02:00
465d9c2b93 ci: use local context for docker build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 21:42:22 +02:00
04aae8f584 sources/oauth: make secret write_only
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 21:40:25 +02:00
bbca90c93a Merge branch 'next' into version-2021.5 2021-05-09 20:57:23 +02:00
dda1d4e0fb core: add more logs to flow_manager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 20:27:37 +02:00
f072c600cc lifecycle: use URl for redis on startup to prevent errors with no paswords
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 20:13:58 +02:00
65b8a5bb8d outposts/proxy: redirect to protocol based on X-Forwarded-Proto
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 19:12:35 +02:00
92537a6c8d Merge branch 'next' into version-2021.5 2021-05-09 18:46:26 +02:00
72836ecd9d outposts: default to currently running namespace if possible
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:44:32 +02:00
251a97c77e Merge branch 'next' into version-2021.5 2021-05-09 18:13:52 +02:00
7f7046f0e4 outposts: lowercase k8s object names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:13:21 +02:00
20e59158c2 root: add github actions to dependabot
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 18:08:06 +02:00
9a9e55ae32 ci: bump qemu action version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:53:57 +02:00
481260a5ca ci: bump checkout actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:51:56 +02:00
436adcce2e website/docs: fix URL for new chart repo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:32:14 +02:00
cd3f02fd3b release: 2021.5.1-rc3 2021-05-09 17:25:48 +02:00
7abfd24150 ci: only build arm64 and arm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 17:23:19 +02:00
d3feab9463 release: 2021.5.1-rc2 2021-05-09 16:43:36 +02:00
189427609f ci: fix paths for go build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:41:52 +02:00
d76a9c211a ci: fix web api client not being generated for general build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:41:45 +02:00
ef7d9c4d35 ci: fix mixed environment variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:37:03 +02:00
70c25692eb release: 2021.5.1-rc1 2021-05-09 16:07:50 +02:00
71b31a2812 ci: fix web api client not being generated before docker build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 16:06:27 +02:00
d4493c0ee9 web/admin: add new base form to handle refresh events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:59:00 +02:00
3208358a03 web: fix font-color of select inputs in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:44:22 +02:00
a6a8eddf7c providers/proxy: create ingress for forward_auth /akprox path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:40:44 +02:00
8c0a87b710 outposts: improve logging for outpost controller
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 12:34:44 +02:00
2f88c435fb website/docs: update diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 01:30:29 +02:00
5cad59a9f8 providers/proxy: fix being able to set empty internal_host
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-09 00:07:34 +02:00
5ac6a6910e outposts: check if traefik CRD exists before attempting to delete
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:59:13 +02:00
d751a7fc4c lib: add user attribute "goauthentik.io/user/override-ips" to allow overriding of client ips
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:42:31 +02:00
f1fd223bc7 outposts/ldap: fix concurrency issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 21:21:53 +02:00
e75712fa09 website/docs: add configuration options for postgres and redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 17:14:14 +02:00
1b87375661 lib: add default to config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 17:13:13 +02:00
545a114450 website/docs: add 2021.5 to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:42:46 +02:00
02b06838e2 root: remove old helm chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:25:11 +02:00
6868b7722c outposts: delete old outpost deployment when name or namespace is changed
closes #845

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 16:11:38 +02:00
1e303b515b web/flows: update background for new release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 15:57:42 +02:00
34a9a6a389 ci: run apt update before installing dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 14:41:40 +02:00
7a1935b4e2 outposts: fix error on k8s when name has spaces
closes #846

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 14:09:21 +02:00
bf60b33d03 website/docs: add diagram for terminology
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-08 13:58:38 +02:00
9bb50fd556 website: update screenshots
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:23:43 +02:00
5e7521915a stages/password: fix configure_flow not being set on initial setup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:43 +02:00
7b0cda3a6a website/docs: fix tabs not rendering correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:30 +02:00
db5279f952 web/admin: default to user active to true
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 14:08:17 +02:00
9fc072e4df outposts: fix lint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:56:44 +02:00
55ea9afeec core: fix dark mode on server-side rendered pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:53:53 +02:00
9485f0b8cc outpost/ldap: make users and groups OU instead of CN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:46:26 +02:00
fabdb6448f ci: fix arguments for sentry release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 11:00:13 +02:00
e629079352 Merge branch 'master' into next 2021-05-07 10:07:46 +02:00
e6dfa8294e providers/proxy: use name.namespace for middleware service
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 10:07:30 +02:00
e5a5a5c603 outposts: fix k8s controller not handing Disabled() in static deployment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 09:52:43 +02:00
4d07da5ffa build(deps): bump golang from 1.16.3 to 1.16.4 (#841)
Bumps golang from 1.16.3 to 1.16.4.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:44:09 +02:00
5b4f34fd5f build(deps): bump boto3 from 1.17.67 to 1.17.68 (#843)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.67 to 1.17.68.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.67...1.17.68)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:44:00 +02:00
2e05047151 build(deps): bump sentry-sdk from 1.0.0 to 1.1.0 (#844)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/1.0.0...1.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:43:48 +02:00
459a6ea437 build(deps): bump golang from 1.16.3 to 1.16.4 in /outpost (#842)
Bumps golang from 1.16.3 to 1.16.4.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 09:43:37 +02:00
ea7f9f291f outposts: create traefikmiddleware if forwardAuth is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-07 00:01:35 +02:00
241d790e69 stages/user_write: if any connection is being sent in the plan context, save it to the user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 22:10:20 +02:00
83e08f12ae core: fix arguments not being passed in FlowManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 22:07:48 +02:00
6526659b51 sources/plex: allow auth for owner (when identifier of source plex token matches)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 21:50:15 +02:00
6c3b7c8d3e events: handle error when notifications are triggered and no users exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:13:04 +02:00
d51ecc4554 sources/saml: handle internal error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:10:56 +02:00
ef63e35ad2 outposts: improve messaging from controller on k8s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 20:07:29 +02:00
4e9176ed2e outposts: support different port on container vs exposed port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:59:49 +02:00
d1296e9cc7 outposts: fix deployments referencing the wrong secret
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:51:14 +02:00
d85e0593f1 core: set attributes on users which are enrolled via source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 19:35:05 +02:00
20c1f15dc0 web/admin: fix color-scheme for charts and flow diagram
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 16:25:29 +02:00
c864f4e312 root: replace images in compose with alpine
closes #840

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 15:01:37 +02:00
202ad1a3ac root: update security md
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:43:19 +02:00
979a5f800e web/admin: show callback URL when creating/updating source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:40:02 +02:00
c151faeff6 ci: batch runs in azure devops
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 14:02:59 +02:00
b3a3852a54 core: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:58:58 +02:00
e401b4e74e web/admin: fix naming of charts on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:51:54 +02:00
9538ad5710 web/admin: show users and groups as chart
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:44:53 +02:00
49bf82a0a4 core: add user filter by superuser status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:44:42 +02:00
e6fdec4c8e Merge branch 'master' into next 2021-05-06 13:16:22 +02:00
73b87a5e3d events: fix error in API when specifying max_n
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:15:54 +02:00
303b847cdc web/admin: rewrite overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-06 13:15:27 +02:00
0386c0dd7b build(deps): bump lit-element from 2.5.0 to 2.5.1 in /web (#834)
Bumps [lit-element](https://github.com/lit/lit-element) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/lit/lit-element/releases)
- [Changelog](https://github.com/lit/lit-element/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lit/lit-element/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-06 11:00:42 +02:00
7f1b9cdeb2 build(deps): bump django from 3.2.1 to 3.2.2 (#839)
Bumps [django](https://github.com/django/django) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.1...3.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-06 11:00:28 +02:00
252bb04dd3 build(deps): bump boto3 from 1.17.66 to 1.17.67 (#838) 2021-05-06 08:44:21 +02:00
3fbcfb48fb build(deps): bump @types/codemirror from 0.0.109 to 5.60.0 in /web (#833) 2021-05-06 08:43:59 +02:00
69f7198976 build(deps): bump postcss from 8.2.13 to 8.2.14 in /website (#835) 2021-05-06 08:43:29 +02:00
c74c8b2083 build(deps): bump lit-html from 1.4.0 to 1.4.1 in /web (#836) 2021-05-06 08:43:10 +02:00
63d4f598e4 build(deps): bump babel-plugin-macros from 3.0.1 to 3.1.0 in /web (#837) 2021-05-06 08:42:54 +02:00
ded6b6f937 web/admin: refactor chart component to allow setting of general chart data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 22:15:11 +02:00
225099b1a1 web/admin: fix error when viewing ldap provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:57:13 +02:00
6b7a32548d web/admin: change icon for aggregate card
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:55:11 +02:00
c71d415456 web/admin: load plex servers on load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:15:26 +02:00
c03f0d1d7c ci: fix names for docker images during release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 21:11:18 +02:00
ac9cac302c outposts: fix outpost state showing last time without version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:49:13 +02:00
701c140cfd providers/proxy: fix logic error for ingress lookup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:28:13 +02:00
ca5761652c lifecycle: show errors when initial db check fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:15:01 +02:00
553872e8dd website: fix layout on mobile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 20:05:07 +02:00
adc9b67a9c website/docs: move configuration to its own document
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:52:07 +02:00
fa2ff5fc2b sources/plex: save user's plex token, add option to allow friends
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:37:59 +02:00
d5cab5d580 sources/plex: fix default for client_id
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:23:51 +02:00
9e3b5d313b web/admin: rewrite sidebar to use full components, switch to categories
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 19:14:37 +02:00
be8b2bf6f6 providers/proxy: don't create ingress for domains which use forwardAuth, don't create ingress at all if all providers are forward auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 17:53:12 +02:00
3f8cd7ff13 website/docs: link correct docker-compose file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 17:30:44 +02:00
b266a2cdfb outposts: make k8s service type configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 15:37:56 +02:00
9a15a66d85 outposts: make k8s object naming configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 15:36:27 +02:00
446f104c90 core: add user UID to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 11:54:28 +02:00
2cad9a3d07 website/docs: add LDAP Outpost docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 11:48:07 +02:00
ee48b8c225 Merge pull request #828 from goauthentik/dependabot/npm_and_yarn/web/typescript-eslint/parser-4.22.1
build(deps): bump @typescript-eslint/parser from 4.22.0 to 4.22.1 in /web
2021-05-05 11:09:08 +02:00
a91649a7d4 build(deps): bump @typescript-eslint/parser in /web
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.22.0 to 4.22.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-05 08:53:54 +00:00
ca89201bd8 Outpost LDAP (#784)
* outposts: initial ldap outpost implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: add LDAP Binding using flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add API to check access to single application by slug

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: check application access

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add LDAP provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add ability to use multiple providers on the same outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add UI for LDAP Provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: fix linting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add controllers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix type not being configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: use authorization_flow instead of separate field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add dockerfile

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add groups to users

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search_group to limit who can do search requests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: improve logging,return success for empty DN

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: allow outposts to have non-object specific permissions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: use forked version of ldap library

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: save user DN to determine who can search

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* */api: fix lookups per user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: only show plex servers you own

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* lib: add support for file:// protocol in config file

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: hide oauth client secret if not updating

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/ldap: check access based on Group Membership

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: show users and groups when user has overall user permissions

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* lib: handle errors when reading config from file://

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix package json failing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: bump node spec to 16x for npm version and lockfile v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 10:40:56 +02:00
e3a8fc0746 build(deps): bump @typescript-eslint/eslint-plugin in /web (#829)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.22.0 to 4.22.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-05 10:13:10 +02:00
5e3a6b802b build(deps): bump rollup from 2.46.0 to 2.47.0 in /web (#830)
Bumps [rollup](https://github.com/rollup/rollup) from 2.46.0 to 2.47.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.46.0...v2.47.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-05 10:12:59 +02:00
e8d9f992b9 build(deps): bump boto3 from 1.17.65 to 1.17.66 (#831)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.65 to 1.17.66.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.65...1.17.66)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-05 10:12:48 +02:00
260b2c8ca8 ci: bump node spec to 16x for npm version and lockfile v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 09:44:15 +02:00
751e77fa9e web: fix package json failing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:24:10 +02:00
86c2a5d69d lib: handle errors when reading config from file://
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:03:00 +02:00
1a02049104 core: show users and groups when user has overall user permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 01:02:47 +02:00
32934fcd38 outpost/ldap: check access based on Group Membership
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-05 00:03:19 +02:00
d84d7c26ca Merge branch 'master' into outpost-ldap 2021-05-04 23:34:31 +02:00
2f6e6a3123 core: improve messaging when flow manager denied request
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 23:30:21 +02:00
36b674349a Merge branch 'master' into next 2021-05-04 23:28:04 +02:00
038ef67745 build(deps-dev): bump pytest from 6.2.3 to 6.2.4 (#826)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.3 to 6.2.4.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.3...6.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 23:14:06 +02:00
53831fa354 build(deps): bump boto3 from 1.17.64 to 1.17.65 (#827)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.64 to 1.17.65.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.64...1.17.65)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 23:13:56 +02:00
be39673f29 Merge pull request #825 from goauthentik/dependabot/pip/django-3.2.1
build(deps): bump django from 3.2 to 3.2.1
2021-05-04 23:13:46 +02:00
0f8dbfcc9c web/admin: hide oauth client secret if not updating
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:58:52 +02:00
ba57bf4fa2 lib: add support for file:// protocol in config file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:53:59 +02:00
b1c9126832 web/admin: only show plex servers you own
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 22:51:52 +02:00
e674f03064 */api: fix lookups per user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 21:58:20 +02:00
08451c15f4 outposts/ldap: save user DN to determine who can search
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 21:49:15 +02:00
99d161e212 Merge branch 'master' into outpost-ldap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
2021-05-04 21:02:20 +02:00
940ccf9ea8 website/docs: fix formatting for release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 20:13:38 +02:00
08cce2ca4e website/docs: update release notes for next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:50:13 +02:00
4acbda2b77 core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:49:27 +02:00
83cfb5f8c2 stages/email: improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:30:23 +02:00
0d370ef0a9 web/admin: filter out service accounts by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:23:13 +02:00
a335ca0895 web/admin: use history.replaceState in Tabs to prevent double history entries
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:13:20 +02:00
8a666535a8 website/docs: update container explanation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:49:21 +02:00
e6431593f7 web/admin: auto-select keypair in oauth provider creation when only 1 keypair exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:09:04 +02:00
928c2bf0d6 web/admin: add launch button to application view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 17:08:46 +02:00
68388e9551 helm: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 16:27:05 +02:00
5d26fa0403 gproxy: add sentry integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:28:48 +02:00
42f9ba8efe gproxy: load default config file for debug and listen statements
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:10:34 +02:00
0440ad7c09 web/admin: add missing plex source view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 12:09:35 +02:00
3ebc531ae2 web/admin/sources: fix userMatchingMode not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 12:02:16 +02:00
ca3b5fa2a2 Merge pull request #822 from goauthentik/go-proxy
Go proxy
2021-05-04 11:41:17 +02:00
0f0a5b0621 ci: fix API not being generated for server build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 10:58:37 +02:00
51835887ab build(deps): bump @babel/preset-env from 7.14.0 to 7.14.1 in /web (#823)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.0 to 7.14.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.1/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 10:44:03 +02:00
09bcbcc2ac build(deps): bump boto3 from 1.17.62 to 1.17.64
Bumps [boto3](https://github.com/boto/boto3) from 1.17.62 to 1.17.64.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.62...1.17.64)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-04 10:44:03 +02:00
8a76d6a21b build(deps): bump @babel/preset-env from 7.14.0 to 7.14.1 in /web (#823)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.0 to 7.14.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.1/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-04 09:51:21 +02:00
48ab436444 Merge pull request #824 from goauthentik/dependabot/pip/boto3-1.17.64
build(deps): bump boto3 from 1.17.62 to 1.17.64
2021-05-04 09:51:10 +02:00
18a53a9e23 build(deps): bump boto3 from 1.17.62 to 1.17.64
Bumps [boto3](https://github.com/boto/boto3) from 1.17.62 to 1.17.64.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.62...1.17.64)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-04 04:35:31 +00:00
6725569ba8 gproxy: listen on tls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 23:19:22 +02:00
812be495a5 Merge branch 'master' into go-proxy 2021-05-03 22:53:33 +02:00
dbc3df1f63 events: handle error when notification rule doesn't exist during task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 22:52:39 +02:00
07b001bc2b Merge pull request #814 from goauthentik/plex-auth
sources/plex: rewrite plex source
2021-05-03 22:46:37 +02:00
c012bed379 web: bump CI pipeline to node 14
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 22:13:23 +02:00
d330e9ee7f web/flows: fix rendering for plex login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 22:08:25 +02:00
be21a5d172 sources/plex: add general tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:55:55 +02:00
ea2f623955 tests/e2e: update e2e tests for new source login button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:40:45 +02:00
6fc38436f4 sources/plex: set better defaults on model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 21:23:13 +02:00
35faf269db sources: rewrite onboarding
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 20:27:52 +02:00
e56c3fc54c Merge branch 'master' into plex-auth 2021-05-03 18:28:53 +02:00
5891fb3ad6 root: fix redis not being set to restart unless-stopped
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 18:28:46 +02:00
1041718e27 sources/saml: fix redirect url dropping non-standard ports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 14:51:46 +02:00
2507c0eec9 stages/invitation: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 12:44:19 +02:00
5ea9601062 build(deps): bump @sentry/tracing from 6.3.4 to 6.3.5 in /web (#819)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.4 to 6.3.5.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.4...6.3.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 12:43:37 +02:00
c0e6a6c614 website/docs: add wip docs for next version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 10:00:14 +02:00
4523550422 stages/invitation: add single_use flag to delete invitation after use
closes #821

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:52:38 +02:00
988cf15b71 root: initial go proxy, update compose and helm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:39:09 +02:00
6ae660aea4 build(deps): bump boto3 from 1.17.61 to 1.17.62 (#820) 2021-05-03 08:36:53 +02:00
f201ce8059 build(deps): bump chart.js from 3.2.0 to 3.2.1 in /web (#818) 2021-05-03 08:36:27 +02:00
59624ed45c build(deps): bump lit-element from 2.4.0 to 2.5.0 in /web (#817) 2021-05-03 08:36:12 +02:00
3e78baf2d7 build(deps): bump @docusaurus/preset-classic in /website (#816) 2021-05-03 08:36:00 +02:00
08c67b2a2c build(deps): bump @sentry/browser from 6.3.4 to 6.3.5 in /web (#815) 2021-05-03 08:35:39 +02:00
01d29134b9 sources/plex: add API to redeem token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 16:47:20 +02:00
55250e88e5 sources/*: rewrite UILoginButton to return challenge instead
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 16:46:27 +02:00
f1b100c8a5 sources/plex: initial plex source implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 14:43:51 +02:00
19708bc67b core: add additional_data to UILoginButton to pass additional data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 14:43:26 +02:00
40a885aaaa web/admin: add collapse button to sidebar header on mobile viewport
closes #813

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 12:48:45 +02:00
c529340d6c *: fix title not being set correctly for server-side rendered views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-02 12:22:50 +02:00
c317efa14c Merge branch 'master' into outpost-ldap 2021-05-01 00:26:55 +02:00
379fcf9c1f sources/saml: fix error ValueError while decoding XML
closes #812

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-01 00:18:57 +02:00
e10a7b48b7 sources/saml: fix Redirect bindings when SSO Url already has query params
related to #812

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 23:44:04 +02:00
3e666de91d outposts: fix formatting of image name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 16:52:28 +02:00
333758d91f crypto: handle encrypted private keys
closes #811

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 15:25:42 +02:00
50678a9e2e build(deps): bump @sentry/tracing from 6.3.3 to 6.3.4 in /web (#809)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.3...6.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 10:36:58 +02:00
eb8f52b870 stages/identification: fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 10:15:27 +02:00
3ee90712b2 build(deps): bump @types/grecaptcha from 3.0.1 to 3.0.2 in /web (#807)
Bumps [@types/grecaptcha](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/grecaptcha) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/grecaptcha)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:48 +02:00
e4eadf8080 build(deps): bump rollup from 2.45.2 to 2.46.0 in /web (#806)
Bumps [rollup](https://github.com/rollup/rollup) from 2.45.2 to 2.46.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.45.2...v2.46.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:30 +02:00
26ebaf16fc build(deps): bump @babel/preset-env from 7.13.15 to 7.14.0 in /web (#808)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.13.15 to 7.14.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.0/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:21 +02:00
d0ed372af0 build(deps): bump @sentry/browser from 6.3.3 to 6.3.4 in /web (#805)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.3.3 to 6.3.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.3...6.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:37:09 +02:00
cc8b2d7dfe build(deps): bump @babel/core from 7.13.16 to 7.14.0 in /web (#804)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.16 to 7.14.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.0/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:36:59 +02:00
61a212371f build(deps): bump boto3 from 1.17.60 to 1.17.61 (#810)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.60 to 1.17.61.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.60...1.17.61)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 09:36:40 +02:00
9ce49c2089 stages/identification: fix unused import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 09:34:33 +02:00
34c45900c2 stages/identification: allow selection of no user fields to only allow login via sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-30 01:07:37 +02:00
bf7d110af3 Merge branch 'version-2021.4'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	.github/workflows/release.yml
#	helm/README.md
#	helm/values.yaml
#	website/docs/installation/kubernetes.md
2021-04-29 23:50:52 +02:00
4e5eeacf0a release: 2021.4.5 2021-04-29 23:03:09 +02:00
e7b498e8b4 outposts/ldap: use forked version of ldap library
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 21:06:30 +02:00
b55cb2b40c Merge branch 'master' into outpost-ldap 2021-04-29 20:13:47 +02:00
25c001f2cd outposts: allow better configuration of outpost image name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 20:07:53 +02:00
2a409215d3 outpost: forwardAuth mode (#790) 2021-04-29 18:17:10 +02:00
ad8ee83697 root: use upstream sentry action for release
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 16:14:03 +02:00
d1d28722d2 lib: don't send 404 errors to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:27:41 +02:00
1efd09fcd5 website/docs: update release notes for 2021.4.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:26:42 +02:00
35f0e6b88d lib: don't send 404 errors to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:25:54 +02:00
a6e528d209 core: fix text color of error pages not being white
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:18:28 +02:00
bb2c4423b0 core: fix text color of error pages not being white
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-29 15:17:10 +02:00
ad9f29566b build(deps): bump @sentry/tracing from 6.3.1 to 6.3.3 in /web (#798)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.1 to 6.3.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.1...6.3.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-29 10:30:50 +02:00
e76bb6bc13 build(deps): bump pyjwt from 2.0.1 to 2.1.0 (#801) 2021-04-29 07:31:40 +02:00
a68642779d build(deps): bump lit-html from 1.3.0 to 1.4.0 in /web (#797) 2021-04-29 07:31:04 +02:00
3c04fcaa9f build(deps): bump django-otp from 1.0.3 to 1.0.4 (#800) 2021-04-29 07:30:54 +02:00
5955d28073 build(deps): bump boto3 from 1.17.59 to 1.17.60 (#799) 2021-04-29 07:30:23 +02:00
a6fb6161d7 build(deps): bump @sentry/browser from 6.3.1 to 6.3.3 in /web (#796) 2021-04-29 07:30:06 +02:00
6b0e0610c6 website/docs: add release notes for 2021.4.5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:51:22 +02:00
2c70301f56 stages/invitation: accept token from prompt_data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:40 +02:00
07b9923bf6 stages/invitation: fix token not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:40 +02:00
8b3923200d web: fix text-colour for form help text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:40 +02:00
3dcd67c1a3 outposts: only kill docker container if its running
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:43:32 +02:00
2a9feafb90 root: add middleware to properly report websocket connection to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:42:10 +02:00
580e88c6fc web: ignore network errors for sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:55 +02:00
d82c01aa61 web/admin: don't show docker certs as required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:50 +02:00
1af3357826 *: make logger not use .error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:44 +02:00
ed49d7824e stages/email: catch ValueError when global email settings are invalid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:38 +02:00
378402fcf0 stages/user_login: add tests for explicit session length
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:21 +02:00
50f0c11c0b web/flows: fix redirect loop when sentry is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:41:21 +02:00
58712828a4 web/flows/identification: fix phrasing account recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:40:16 +02:00
b2b9093c95 web: don't enable ShadyDOM on selenium
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:40:16 +02:00
afa2afe1d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:40:16 +02:00
d7631e8af0 stages/invitation: accept token from prompt_data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:39:06 +02:00
6e625f7400 stages/invitation: fix token not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 22:13:54 +02:00
f54ead2b45 web: fix text-colour for form help text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:55:01 +02:00
c4e4e17f93 providers/oauth2: add access_code_validity (#795)
closes #794

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:03:43 +02:00
43c87f87c3 root: use docker action during release
closes #738

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 21:03:13 +02:00
4da0c81f44 root: use docker action to login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 20:58:11 +02:00
9b70aaa717 outposts: only kill docker container if its running
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 18:32:16 +02:00
5769eb277c website/admin: fix sessionDuration not updated on UserLoginStageForm
closes #793

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-28 09:16:04 +02:00
26f60b3e85 build(deps): bump @docusaurus/preset-classic in /website (#791)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.73 to 2.0.0-alpha.74.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.74/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-28 09:10:57 +02:00
7d8ed06539 build(deps): bump boto3 from 1.17.58 to 1.17.59 (#792)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.58 to 1.17.59.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.58...1.17.59)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-28 09:09:35 +02:00
4d858c64e0 Merge branch 'master' into outpost-ldap 2021-04-27 17:08:26 +02:00
6f0792ccfe api: remove legacy basic auth for 2021.3 outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 17:06:47 +02:00
04f06e00ff api: add tests for permission_required decorator
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 17:04:38 +02:00
776c3128b8 flows: add tests for stage type, component and ui_user_settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 16:52:50 +02:00
e9e0992dce root: add middleware to properly report websocket connection to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 16:21:44 +02:00
69af788b0f web: ignore network errors for sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:54:57 +02:00
ceace0282b web/admin: don't show docker certs as required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:40 +02:00
ccef7b4233 *: make logger not use .error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:26 +02:00
cad6c42fdd lib: add more tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:43:11 +02:00
d2abe6d455 stages/email: catch ValueError when global email settings are invalid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:20:09 +02:00
68d120b3b4 sources/oauth: add tests for google type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 15:19:54 +02:00
48c0c0baca */api: simplify lookups for per-user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 14:53:01 +02:00
7b29a1e485 stages/user_login: add tests for explicit session length
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 14:52:42 +02:00
fe28d216fe providers/oauth2: always test JWT keys in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-27 14:07:04 +02:00
e36fb6641e Merge branch 'master' into outpost-ldap 2021-04-27 09:27:11 +02:00
972471ce79 build(deps): bump boto3 from 1.17.57 to 1.17.58 (#788)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.57 to 1.17.58.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.57...1.17.58)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-27 09:18:13 +02:00
38edd76949 build(deps): bump postcss from 8.2.12 to 8.2.13 in /website (#787)
Bumps [postcss](https://github.com/postcss/postcss) from 8.2.12 to 8.2.13.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.2.12...8.2.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-27 09:17:46 +02:00
cd07c12c1b build(deps-dev): bump pylint from 2.8.1 to 2.8.2 (#789)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.8.1...v2.8.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-27 09:17:21 +02:00
3ce8b836dc outposts: allow outposts to have non-object specific permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:28:26 +02:00
d27dfcc1e3 outposts/ldap: improve logging,return success for empty DN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:25:31 +02:00
1d5958a78f providers/ldap: add search_group to limit who can do search requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 23:25:03 +02:00
b6e0a1d8f4 website: remove slot from api browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 19:51:47 +02:00
2a122845d9 core: add groups to users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 19:51:24 +02:00
21c7787eed web/flows: fix redirect loop when sentry is enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 17:45:09 +02:00
fae4d34131 Merge branch 'master' into outpost-ldap 2021-04-26 17:11:50 +02:00
7ff7bfeb58 core: fix incorrect styling for bse_full template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 16:44:13 +02:00
983604265b Merge branch 'master' into outpost-ldap 2021-04-26 15:55:52 +02:00
f8d6daa928 root: unlock pylint again
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:55:36 +02:00
6fc26aca72 build(deps-dev): bump pylint-django from 2.4.3 to 2.4.4 (#786)
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.4.3 to 2.4.4.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.4.3...v2.4.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-26 15:51:00 +02:00
29da7dd8d6 providers/ldap: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:49:19 +02:00
91ca90f700 outposts/ldap: add dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:35:56 +02:00
b3c8ffb96c outposts/ldap: use authorization_flow instead of separate field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 15:09:41 +02:00
b35d9ae8b0 outposts: fix type not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:45:14 +02:00
302b047f1a outposts/ldap: add controllers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 14:26:31 +02:00
dcd80c6d63 outposts/ldap: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 12:24:46 +02:00
d741ed430a web/admin: add UI for LDAP Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 12:12:02 +02:00
8436738b0f root: fix transifex link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:56:10 +02:00
5b150657f5 outposts/ldap: add ability to use multiple providers on the same outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:53:06 +02:00
f89479caf3 providers/ldap: add LDAP provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 11:52:42 +02:00
2f3bf5efe7 outposts/ldap: check application access
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 10:46:53 +02:00
5fb07acf54 core: add API to check access to single application by slug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 10:08:35 +02:00
99d0d4e8de Merge branch 'master' into outpost-ldap 2021-04-26 09:25:26 +02:00
afc5dc5543 root: lock pylint to < 2.8
https://github.com/PyCQA/pylint-django/issues/323
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 09:24:18 +02:00
9341787fe7 providers/oauth2: replace deprecated jwkest with pyjwt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-26 00:02:13 +02:00
6c9b3ebd2b outposts: add LDAP Binding using flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 22:07:12 +02:00
a525d6c3a9 Merge branch 'master' into outpost-ldap 2021-04-25 20:46:02 +02:00
b59b9314e4 web/flows/identification: fix phrasing account recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 18:50:19 +02:00
7687b744cc build(deps): bump @sentry/browser from 6.3.0 to 6.3.1 in /web (#780)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.0...6.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:14:42 +02:00
9fb41b8d10 build(deps): bump boto3 from 1.17.54 to 1.17.57 (#783)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.54 to 1.17.57.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.54...1.17.57)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:12:34 +02:00
51ffdcb5cb build(deps): bump @sentry/tracing from 6.3.0 to 6.3.1 in /web (#779)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.3.0...6.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:12:12 +02:00
4d6cd4c57d build(deps): bump @patternfly/patternfly from 4.96.2 to 4.102.2 in /web (#778)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.96.2 to 4.102.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.96.2...prerelease-v4.102.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:59 +02:00
41c5f01422 build(deps): bump postcss from 8.2.10 to 8.2.12 in /website (#777)
Bumps [postcss](https://github.com/postcss/postcss) from 8.2.10 to 8.2.12.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.2.10...8.2.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:43 +02:00
e567cd5580 build(deps): bump chart.js from 3.1.1 to 3.2.0 in /web (#776)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.1.1...v3.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:30 +02:00
5f81909bab build(deps): bump eslint from 7.24.0 to 7.25.0 in /web (#775)
Bumps [eslint](https://github.com/eslint/eslint) from 7.24.0 to 7.25.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.24.0...v7.25.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-25 18:11:21 +02:00
d03b43605e root: fix dependabot 2021-04-25 17:12:48 +02:00
ea187d4e81 root: remove dependabot
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 17:12:28 +02:00
502ac51fa7 web: don't enable ShadyDOM on selenium
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-25 01:29:01 +02:00
4bc6fd28d4 web/flows: include ShadyDOM, always enable ShadyDOM for flow interface
improve compatibility with password managers and iOS

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-24 23:32:46 +02:00
820c9e7d06 Merge branch 'master' into outpost-ldap 2021-04-24 22:22:01 +02:00
e5a8714e6a Merge branch 'version-2021.4' 2021-04-24 21:44:40 +02:00
d56d6ea3a9 website/docs: add release notes for 2021.4.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-24 21:11:11 +02:00
5f58a4566c release: 2021.4.4 2021-04-24 21:03:29 +02:00
d616bdd5d6 providers/oauth2: add proper support for non-http schemes as redirect URIs
closes #772

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 16:34:52 +02:00
5112ef9331 web/admin: fix error when updating identification stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 14:27:23 +02:00
7a49377caf outpost: check for X-Forwarded-Host to switch context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 14:07:44 +02:00
5b3941a425 outposts: always update bundles and swap maps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-23 10:08:19 +02:00
c1ab5c5556 web: fix title not being loaded from config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#770
2021-04-22 23:50:37 +02:00
3282b34431 providers/oauth2: fix TokenView not having CORS headers set even with proper Origin
and added tests. closes #771

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 23:48:28 +02:00
392d9bb10b providers/oauth2: fix misleading name of cors_allow_any
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#771
2021-04-22 23:29:49 +02:00
82f6c515ea root: fix readme links to az pipelines
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 22:32:38 +02:00
d67d5f73c5 website/docs: fix config options with double-underscores not showing correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 22:31:24 +02:00
799d186510 web/flows: fix Sentry not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:48:22 +02:00
3983b7fbe4 lib: don't send SuspiciousOperation to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:17:00 +02:00
d75284a587 flows: fix errors which occur during flow execution being sent to sentry malformed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 20:14:37 +02:00
71e4936dc3 web/admin: fix error when me() returns 403
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 19:52:01 +02:00
9d3b6f7a4d web: only report http errors for 500 and above
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 19:51:32 +02:00
003df44a34 web/admin: adjust phrasing of cards on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 14:07:30 +02:00
a7598c6ee5 *: fix more URLs for github org
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 11:06:56 +02:00
0891e43040 web/admin: fix invalid group member count
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 10:36:10 +02:00
1f49aea48d web/admin: fix mismatched required tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-22 10:33:36 +02:00
499b52df6a root: update urls to github org
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 22:46:48 +02:00
b8a566f4a0 outposts: move local connection check to task, run every 60 minutes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:34:48 +02:00
aa0e8edb8b *: make tasks run every 60 minutes not :00 every hour
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:26:17 +02:00
0e35bb18c7 web/admin: fix display for user supseruser status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 11:18:55 +02:00
4a06ebf4f9 build(deps): bump @sentry/browser from 6.2.5 to 6.3.0 in /web (#766)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.2.5 to 6.3.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.5...6.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 11:13:37 +02:00
11584af425 website/docs: add note for nextcloud Reverse proxy and extension
closes #750

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:22:43 +02:00
a31da9e1d3 build(deps): bump @babel/core from 7.13.15 to 7.13.16 in /web (#764)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.15 to 7.13.16.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.16/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 10:18:45 +02:00
8d6d49834b build(deps): bump codemirror from 5.60.0 to 5.61.0 in /web (#765)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.60.0 to 5.61.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.60.0...5.61.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 10:18:32 +02:00
2825710262 build(deps): bump @sentry/tracing from 6.2.5 to 6.3.0 in /web (#767)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.2.5 to 6.3.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.5...6.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-21 10:18:18 +02:00
7346ccf2b7 web/admin: add description for fields in proxy provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:18:00 +02:00
57072dd6ce stages/identification: fix query logic for user lookup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-21 10:09:38 +02:00
fec098a823 web/admin: only allow policies to be bound to sources as users/groups cannot be checked
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 23:30:37 +02:00
73950b72e5 web/admin: improve phrasing for Policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 23:16:17 +02:00
b40afb9b7d stages/identification: ignore inactive users
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 21:45:14 +02:00
1f783dfc01 stages/user_login: add default backend
closes #763

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:53:07 +02:00
7ccf8bcdc8 web/admin: only pre-select items when creating a new object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:32:47 +02:00
76131e40ec tests/e2e: monkey patch OAuth1 test instead of setting URLs manually
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 20:03:20 +02:00
5955394c1d web: send response info when response is thrown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:32:38 +02:00
a8998a6356 sources/oauth: handle error in auzre_ad when ID Can't be extracted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:27:52 +02:00
dc75d7b7f0 sources/oauth: fix error whilst fetching user profile when source uses fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 17:25:59 +02:00
34a191f216 web/admin: fix link to providers on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 16:35:21 +02:00
299931985e web: fix mis-matched package-lock file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 11:27:56 +02:00
b946fbf9e7 Merge branch 'version-2021.4' 2021-04-20 09:21:26 +02:00
e20bb7d636 release: 2021.4.3 2021-04-20 09:15:07 +02:00
5db3409efc web: bump lingui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 09:13:42 +02:00
649db054a6 build(deps): bump boto3 from 1.17.53 to 1.17.54 (#762) 2021-04-20 08:26:10 +02:00
4f5e1fb86b outposts: initial ldap outpost implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-20 00:30:27 +02:00
15d5b91642 root: fix developer link in readme
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 22:05:58 +02:00
e9abc25b92 website/docs: prepare changelog for 2021.4.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 21:08:10 +02:00
dc930c0cdf website/docs: manually set slug so release note URLs don't break
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 21:05:19 +02:00
464a1c0536 api: make 401 messages clearer
closes #755

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 20:46:57 +02:00
837d2f6fab outpost: use tools from docker (#758)
* outpost: replace golang.org/x/lint with golangci-lint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: use swagger generator from docker

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: don't use tty for swagger gen

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: revert docker-swagger gen

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 20:43:13 +02:00
8f00d73512 website: fix main site not rendering because <BrowserOnly>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 19:23:26 +02:00
b75feab709 outposts: don't run outpost_controller when no service connection is set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 19:23:26 +02:00
9c8433ec4d fix(docs/grafana): Fix a silly (#757) 2021-04-19 19:22:23 +02:00
ef080900a4 feat(docs/grafana): Add role mapping info (#756)
* feat(docs/grafana): Add role mapping info

* feat(docs/grafana): More info on role mappings
2021-04-19 19:07:09 +02:00
10b45a8dea api: fix 401 responses which should be 403s
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 19:03:00 +02:00
c43ac1f704 api: mount outposts under outposts/instances to match flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:51:12 +02:00
14d702450a core: add parameter to output property mapping test formatted
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:32:36 +02:00
0a1a2a035e web/admin: fix *Test Forms not having a default for codemirrors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 18:25:16 +02:00
ace777ebbe website: re-sort releases, add outposts to terminology
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 17:25:26 +02:00
8a6879afa5 core: add superuser_full_list to applications list, shows all applications when superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 16:07:30 +02:00
fdc7f14056 core: fix Tokens being created with incorrect intent by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 15:43:16 +02:00
8be80aaf9d api: fix CSRF error when using POST/PATCH/PUT in API Browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 15:31:32 +02:00
e476f2dda2 website: bump deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-19 09:28:48 +02:00
5d48cfab14 build(deps): bump @docusaurus/core in /website (#753) 2021-04-19 08:22:35 +02:00
1f22f0e7bb build(deps): bump chart.js from 3.1.0 to 3.1.1 in /web (#751) 2021-04-19 08:22:02 +02:00
ce082ead5e providers/oauth2: add unittests for authorize and token views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 21:05:49 +02:00
dd2cd09637 web/admin: fix undefined being shown when viewing application
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 19:04:10 +02:00
828fe07fca website: dynamically load rapidoc to prevent react errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:58:36 +02:00
a074ea70e9 website/docs-dev: add initial translation docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:31:15 +02:00
84ce2c1df2 website: separate development docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:25:58 +02:00
8628595590 website: add API Browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 17:15:19 +02:00
7b8e5c4272 root: auto-migrate on startup, lock database using pg_advisory_lock
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:47:50 +02:00
caa5dc1d14 web/admin: improve default selection for property-mappings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:21:05 +02:00
f328b21e89 providers/oauth2: Set CORS Headers for token endpoint, check Origin header against redirect URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-18 14:20:50 +02:00
52abd959eb sources/oauth: save null instead of empty string for sources without configurable URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 21:15:06 +02:00
a0cd17a257 docs: add troubleshooting for permission issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 20:09:03 +02:00
32c5bf04b8 *: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 20:08:49 +02:00
766c4873a0 web/admin: add ability to add users to a group whilst creating a group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:56:49 +02:00
240136154b web/admin: fix default for codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:37:13 +02:00
78dd7b0341 web/admin: fix group member table order
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:36:55 +02:00
0021a93952 web/admin: fix non-matching provider type being selected when creating an OAuth Source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:17:08 +02:00
67240fb9ad *: add model_name to TypeCreate API to pass to forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:12:00 +02:00
4add0bbe86 web/admin: fix provider type resetting when changing provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:06:56 +02:00
d2dd7d1366 sources/oauth: fix redirect loop for source with non-configurable URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 19:06:12 +02:00
476e57daa2 Merge branch 'version-2021.4'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	docker-compose.yml
#	website/docs/installation/kubernetes.md
2021-04-17 16:01:35 +02:00
4eb8a0dcd1 docs: prepare changelog for 2021.4.2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 15:29:55 +02:00
60615c9f3e release: 2021.4.2 2021-04-17 15:26:59 +02:00
b5b8573d87 core: fix propertymapping API returning invalid value for components
closes #746

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
2e44c1cdfc sources/ldap: improve error handling during sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
31909a4d78 outpost: fix outpost deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
4a444e667a root: base Websocket message storage on Base not fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:05 +02:00
f67b57e369 flows: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
6be19962d2 outposts: bump go version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
262a9fa2a0 flows: annotate flows executor 404 error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
e8ba159756 root: fix setting of EMAIL_USE_TLS and EMAIL_USE_SSL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
0b03d66a2f outposts: fix errors when creating multiple outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
7c858c9626 web/admin: fix errors in user profile when non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
71b6839d03 flows: include configure_flow in stages API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
ada49c077a web/admin: fix error when user doesn't have permissions to read source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:04 +02:00
7880c7fb98 helm: make storage class, size and mode configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
2b48ba4103 sources/oauth: fix resolution of sources' provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
5e67f68f2b core: improve messaging when creating a recovery link for a user when no recovery flow exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
1992b89154 sources/oauth: fix error when creating an oauth source which has fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:01:03 +02:00
9ab2088ab7 helm: turn off monitoring by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:00:27 +02:00
a9d0d96418 root: add restart: unless-stopped to compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 12:00:27 +02:00
c476503594 web: fix background-color on router outlet on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:59:37 +02:00
de74f3ec1f core: fix propertymapping API returning invalid value for components
closes #746

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:50:28 +02:00
ce98255607 sources/ldap: improve error handling during sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:29:51 +02:00
53b9e5b93f outpost: fix outpost deps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:16:40 +02:00
7aeb390eac docs: add note for minimum values.yaml file for k8s install
closes #745

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-17 11:06:21 +02:00
5df9ad63cf root: base Websocket message storage on Base not fallback
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 23:46:03 +02:00
e4400476a2 flows: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 23:15:06 +02:00
ef3c01ec34 outposts: bump go version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 23:01:10 +02:00
b136d3bc69 flows: annotate flows executor 404 error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 22:56:44 +02:00
c34fcc73dc root: fix setting of EMAIL_USE_TLS and EMAIL_USE_SSL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 22:44:42 +02:00
11b09c4ebd outposts: fix errors when creating multiple outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 22:43:35 +02:00
e32070ddeb web/admin: fix errors in user profile when non-superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:24:58 +02:00
33a8cea007 flows: include configure_flow in stages API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:19:48 +02:00
d01fd7cdb7 web/admin: fix error when user doesn't have permissions to read source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:06:06 +02:00
1770e42cbf sources/oauth: add login with plex support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 17:05:35 +02:00
2fed739be7 helm: make storage class, size and mode configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 12:31:55 +02:00
aa820b2b4d website: fix enrollment for keycloak
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 12:23:46 +02:00
582d2eb5eb sources/oauth: fix resolution of sources' provider type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 11:29:23 +02:00
c5e2635903 core: improve messaging when creating a recovery link for a user when no recovery flow exists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 10:09:46 +02:00
cfe0a7a694 sources/oauth: fix error when creating an oauth source which has fixed URLs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 09:49:25 +02:00
c579540473 helm: turn off monitoring by default
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 09:20:17 +02:00
35f2b06611 build(deps): bump boto3 from 1.17.52 to 1.17.53 (#742)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.52 to 1.17.53.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.52...1.17.53)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-16 09:07:17 +02:00
9c4f025d71 build(deps): bump @types/codemirror from 0.0.108 to 0.0.109 in /web (#743)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.108 to 0.0.109.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-16 09:07:06 +02:00
d8b8e8a5a3 root: add restart: unless-stopped to compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-16 09:03:58 +02:00
ec34c3eb75 website: fix azure ad application proxy on comparison
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 20:59:14 +02:00
0554c94c53 docs: add notes for openssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 17:33:25 +02:00
19a663a645 root: fix healthcheck part in docker-compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 17:28:38 +02:00
e72881b2a9 root: fix healthcheck part in docker-compose
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 17:20:14 +02:00
4452ff171e docs: add Explanation what containers do what
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 16:12:55 +02:00
39bdc3a9a9 website: fix enrollment for keycloack
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 13:12:50 +02:00
33bb6edf8c web: fix background-color on router outlet on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 11:31:06 +02:00
2eb18ff5e6 root: fix expired discord invite
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-15 10:54:43 +02:00
aeb1b5e8f2 build(deps): bump boto3 from 1.17.51 to 1.17.52 (#736) 2021-04-15 09:16:09 +02:00
bd8447d5a7 release: 2021.4.1 2021-04-14 09:46:16 +02:00
35fad191b8 Merge branch 'master' into version-2021.4 2021-04-14 09:27:11 +02:00
40a6f15cf1 build(deps): bump boto3 from 1.17.50 to 1.17.51 (#734) 2021-04-14 08:27:03 +02:00
420465981b build(deps): bump rollup from 2.45.1 to 2.45.2 in /web (#735) 2021-04-14 08:26:53 +02:00
4f9f936a7f Merge branch 'master' into version-2021.4 2021-04-13 23:16:35 +02:00
85c9fbe763 api: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 21:49:47 +02:00
3d9874be69 api: fix error when authorization is empty
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 21:41:26 +02:00
9742d19729 Merge branch 'master' into version-2021.4 2021-04-13 21:07:20 +02:00
5a25e6d697 api: add legacy support for older outposts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 21:06:04 +02:00
7798a046db outpost: fix API calls being made with basic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 20:50:45 +02:00
7a562fe8c0 Merge branch 'master' into version-2021.4 2021-04-13 20:02:25 +02:00
6821679fbc *: add support for bearer authentication on API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 20:01:30 +02:00
513d3c1c31 web: add support for PII for sentry, add user feedback dialog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 18:35:26 +02:00
30cb468ec5 website: fix search on docs site
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 18:05:19 +02:00
8b66fa55a6 web/elements: center header if no description is shown
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 17:46:03 +02:00
55bb9b6643 web/admin: show banner when backend and frontend versions mismatch
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-13 16:52:02 +02:00
1b79fad6cf build(deps): bump @typescript-eslint/eslint-plugin in /web (#732)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.21.0 to 4.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 10:28:22 +02:00
f9976492e7 build(deps): bump boto3 from 1.17.49 to 1.17.50 (#731)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.49 to 1.17.50.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.49...1.17.50)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 09:42:16 +02:00
2fd0e46378 build(deps): bump @typescript-eslint/parser in /web (#733)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.21.0 to 4.22.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.22.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 09:41:51 +02:00
fd0ad20031 release: 2021.4.1-rc2 2021-04-12 20:03:21 +02:00
13b75c15f0 outpost: download go-swagger from github (#730)
* outpost: download go-swagger from github

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: use sudo to download swagger

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 20:01:12 +02:00
d329995740 docs: add algolia search
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 18:25:52 +02:00
cd1b0c67ea web: fix text colour on initial load when not in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 12:25:44 +02:00
ab7941922f build(deps): bump @lingui/macro from 3.8.6 to 3.8.9 in /web (#722)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.8.6 to 3.8.9.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.6...v3.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 12:17:16 +02:00
e057d5fe0a root: fix lockfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 11:19:11 +02:00
3fb53e8311 build(deps-dev): bump pytest-django from 4.1.0 to 4.2.0 (#721)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.1.0...v4.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2021-04-12 10:57:46 +02:00
96b9d931f3 build(deps): bump @lingui/cli from 3.8.6 to 3.8.9 in /web (#725)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.6 to 3.8.9.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.6...v3.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2021-04-12 10:56:56 +02:00
a35f77c612 build(deps-dev): bump pylint-django from 2.4.2 to 2.4.3 (#729)
* build(deps-dev): bump pylint-django from 2.4.2 to 2.4.3

Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.4.2 to 2.4.3.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.4.2...v2.4.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: fix pylint warning

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 09:33:56 +02:00
f287745c53 root: remove mapped port from server container
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-12 09:29:06 +02:00
65e09f92cd build(deps): bump boto3 from 1.17.48 to 1.17.49 (#720)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.48 to 1.17.49.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.48...1.17.49)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 09:28:23 +02:00
9b6446701e build(deps): bump chart.js from 3.0.2 to 3.1.0 in /web (#724)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v3.0.2...v3.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 09:27:32 +02:00
71f7e23fe4 build(deps): bump eslint from 7.23.0 to 7.24.0 in /web (#723) 2021-04-12 08:31:28 +02:00
59eb89db6c build(deps): bump rollup from 2.44.0 to 2.45.1 in /web (#726) 2021-04-12 08:31:10 +02:00
939b55ce29 build(deps): bump @lingui/core from 3.8.6 to 3.8.9 in /web (#727) 2021-04-12 08:30:59 +02:00
7ba4e63c47 build(deps): bump postcss from 8.2.9 to 8.2.10 in /website (#728) 2021-04-12 08:30:49 +02:00
fae92f6bc8 *: fix JSONField overwriting required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 23:20:45 +02:00
f9bf491240 stages/invitation: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 23:09:09 +02:00
4f27a97e10 *: add validator to ensure JSON Fields only receive dicts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 23:05:19 +02:00
a0daaabfde web: replace full pf with components for loading animation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 22:02:48 +02:00
ea7ecb50c0 web: disable loading of roboto fonts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:52:01 +02:00
e7626d0716 Revert "release: 2021.4.1-rc1"
This reverts commit 2397cb162a.
2021-04-11 21:04:25 +02:00
e9d29b956d Merge branch 'master' into next 2021-04-11 21:02:59 +02:00
4a4ee98dec docs: fix typo in release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:49 +02:00
0d0baaa2f9 web/admin: fix missing css from ApplicationViewPage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:49 +02:00
1be1654bf2 web/elements: fix height when using PageHeader with Image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:48 +02:00
ca51afb7df web: always set css variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:37 +02:00
11c8ae8f18 web/admin: remove sidebar box shadow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:36 +02:00
858fcb8554 web/admin: classify no connected workers as error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:36 +02:00
571772854b web/admin: add tab to show events of a user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:35 +02:00
c91b40fc07 web/elements: use same icon for changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:35 +02:00
a736e708ae web/admin: use less generic slot names for ak-tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:24 +02:00
5c133a6c30 web/elements: make provider clickable for user's oauth codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:23 +02:00
078dfb30f3 web/admin: make username in events log clickable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:22 +02:00
b526250515 web: fix header colour for notification drawer in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 21:02:21 +02:00
e52d397cb7 docs: fix typo in release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 20:40:53 +02:00
633029be3f web/admin: fix missing css from ApplicationViewPage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 19:44:29 +02:00
4147fbb839 web/elements: fix height when using PageHeader with Image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 19:38:24 +02:00
430e3c576c web: always set css variables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 19:00:29 +02:00
d6f60ad9ec web/admin: remove sidebar box shadow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:56:34 +02:00
de6f663688 web/admin: classify no connected workers as error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:48:24 +02:00
fe17c3aa34 web/admin: add tab to show events of a user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:46:26 +02:00
07b2525278 web/elements: use same icon for changelog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:40:48 +02:00
9f758d19ba web/admin: use less generic slot names for ak-tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:40:01 +02:00
4216577565 web/elements: make provider clickable for user's oauth codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 18:24:27 +02:00
f3396226e8 web/admin: make username in events log clickable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 17:51:17 +02:00
ae7959ff51 web: fix header colour for notification drawer in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 17:41:26 +02:00
b42b7be726 outpost: fix build dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 16:51:50 +02:00
2397cb162a release: 2021.4.1-rc1 2021-04-11 16:18:20 +02:00
80bcd09cec docs: add headers set by proxy outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 14:08:05 +02:00
1e10f37370 outpost: fix check for changed providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:50:04 +02:00
bf253643a6 web/elements: fix page header in firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:49:53 +02:00
ab4569e5d6 web/admin: fix application form's provider selection not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:49:35 +02:00
8df29235bb core: add provider_obj field to applications API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:31:31 +02:00
cb048764f4 providers/proxy: make outpost API readonly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:31:15 +02:00
5627848fad lifecycle: allow adjustment of worker cores
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:20:27 +02:00
fb53dc826a web/elements: fix TokenCopyButton error case
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 13:03:20 +02:00
335c5a0b80 web/elements: use ActionButton as base for TokeCopyButton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-11 00:52:51 +02:00
d76db3caba *: add missing error codes as swagger annotations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:55:43 +02:00
32d88c3a49 core: consider never consider expiring models with self.expiring set to false expired
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:42:42 +02:00
5522c94b65 web/admin: fix OutpostDeploymentModal not being closable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:31:11 +02:00
19e73630ab lib: discard all log messages from dbbackup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 23:20:20 +02:00
97364ad102 docs: fix markdown on release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 21:12:25 +02:00
55fd7cd151 Merge branch 'master' into version-2021.4 2021-04-10 21:10:14 +02:00
c9cc1629d6 Merge branch 'master' into next 2021-04-10 21:09:49 +02:00
f4ec678587 docs: prepare changelog for 2021.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 21:09:35 +02:00
115274e691 docs: prepare changelog for 2021.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 21:08:20 +02:00
96d3d536be docs: prepare changelog for 2021.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:58:55 +02:00
f156c0f05d web/admin: fix header hight for inherited objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:58:45 +02:00
5d64b0cafd web/admin: make provider in application list a link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:51:22 +02:00
182256c53e web/admin: migrate GroupForm to use TableModal instead of select multiple
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:23:48 +02:00
c44aa2a204 web/elements: add TableModal for selecting objects in a modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:13:40 +02:00
c133f16371 web/elements: move table search to table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:13:19 +02:00
ca2a4ffb59 web/elements: render ChipGroup when checkboxes are enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:12:57 +02:00
75bc7c1cbd web/elements: add Chip and ChipGroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 20:12:32 +02:00
7c761ff3d9 web/elements: add close button to notification drawer for mobile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 17:43:07 +02:00
f6b8dc5cea web/admin: move SidebarHamburger into PageHeader
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 17:42:15 +02:00
6f7fb4c919 web/elements: add PageHeader element to replace page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 17:09:40 +02:00
1fbf6be6c2 web: add security.txt (#719) 2021-04-10 15:11:26 +02:00
f3aea29324 web/admin: add additional explanation what stages do
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 12:52:17 +02:00
f5921f8480 web/admin: add additional explanation what policies do
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 12:37:08 +02:00
c82cd4fbcf web/admin: fix CSS for outpost deployment modal, fix URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-10 12:20:45 +02:00
83bb3f8b0b web/elements: disable lineNumbers in codemirror for firefox
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 18:57:34 +02:00
c887139367 web/elements: add ak-label for status to replace simple icons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 17:09:38 +02:00
34b8a97ae9 web/admin: add custom rendering for inbuilt sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 16:30:53 +02:00
5dd29d45d8 core: make Source model managed, add inbuilt source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 16:20:59 +02:00
43ad4f58ac web/elements: fix height of branding on firefox in certain screen sizes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 15:54:41 +02:00
23f269d676 web/admin: add note that attributes are yaml/json
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 14:30:49 +02:00
e7346317bb web/elements: fix codemirror error on reset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 14:19:31 +02:00
98318953cd sources/ldap: create event when user integrity error occurs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 12:17:27 +02:00
5a5a32ff83 web/elements: fix checkbox not being sent correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:58:52 +02:00
232a5a8ad0 root: set default session age to expire on browser close
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:50:09 +02:00
6049d91f7c Merge branch 'next'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/sources/ldap/signals.py
2021-04-09 11:29:57 +02:00
118f55d95c sources/ldap: fix error during event creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:29:32 +02:00
1494394a78 sources/ldap: fix error during event creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:24:13 +02:00
963af1ac1e web/admin: adjust label for ldap password sync
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:24:13 +02:00
e7b7186f4b docs: update ad docs for password writeback permissions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-09 11:24:13 +02:00
33fb06a299 build(deps): bump @lingui/cli from 3.8.3 to 3.8.6 in /web (#714)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.3 to 3.8.6.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.3...v3.8.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-09 10:57:11 +02:00
66e0c545ac build(deps): bump @babel/plugin-proposal-decorators in /web (#716)
Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.13.5 to 7.13.15.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.15/packages/babel-plugin-proposal-decorators)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-09 10:56:57 +02:00
1fbc7ed5fa build(deps): bump @lingui/macro from 3.8.3 to 3.8.6 in /web (#718) 2021-04-09 08:49:59 +00:00
9c081ae417 build(deps): bump @babel/preset-env from 7.13.12 to 7.13.15 in /web (#715) 2021-04-09 08:47:43 +00:00
17faffd78e build(deps): bump @babel/core from 7.13.14 to 7.13.15 in /web (#717) 2021-04-09 08:48:20 +02:00
16885b064e build(deps): bump @babel/plugin-transform-runtime in /web (#713) 2021-04-09 08:47:40 +02:00
65bee361a2 build(deps): bump @lingui/core from 3.8.3 to 3.8.6 in /web (#712) 2021-04-09 08:47:29 +02:00
aff192dbbe build(deps): bump boto3 from 1.17.47 to 1.17.48 (#711) 2021-04-09 08:47:02 +02:00
d37c33d941 sources/ldap: only save sync state in TaskInfo, return TaskInfo in API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 23:33:41 +02:00
7b0005ac42 stages/password: handle authenticate() throwing a ValidationError
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 23:13:25 +02:00
aefeb5bacf sources/ldap: create Event when changing a user's password fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 23:13:11 +02:00
7d0e7bcf75 core: return none when application has no launch URL and none could be guessed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:59:11 +02:00
dbc75428a0 web/admin: add button to open application from list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:51:24 +02:00
e33a1ea0c7 web/admin: fix ApplicationForm setting wrong field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:51:13 +02:00
ca35204e0c flows: ask for email address in oob flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:50:58 +02:00
4a74d16388 web/admin: fix default icon for application list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:28:36 +02:00
3c47555276 web/admin: Show inbuilt authentik db as source in sources list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:25:57 +02:00
c5abecf578 web/admin: add provider create button to application form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:16:59 +02:00
8793bb1358 web: fix color of form-group header in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:13:45 +02:00
37632bd0c7 lib: don't send DockerException to sentry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 22:03:10 +02:00
fb09c8f863 website: add discord links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-08 21:03:48 +02:00
f14d0aade4 build(deps): bump @types/chart.js from 2.9.31 to 2.9.32 in /web (#708) 2021-04-08 08:35:55 +02:00
29eda41eed build(deps): bump boto3 from 1.17.46 to 1.17.47 (#709) 2021-04-08 08:35:21 +02:00
5eaead60b6 build(deps): bump typescript from 4.2.3 to 4.2.4 in /web (#710) 2021-04-08 08:35:08 +02:00
4054e6da8c helm: don't automount Service token when integration is not enabled, improve k8s detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 16:16:17 +02:00
12b1f53948 root: monitor redis in readiness check, relax monitoring period
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 15:51:19 +02:00
35232afa7e core: skip backup when running in k8s and s3 backup not configured
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 15:34:28 +02:00
17de0ff24e build(deps): bump django from 3.1.7 to 3.2 (#707)
* build(deps): bump django from 3.1.7 to 3.2

Bumps [django](https://github.com/django/django) from 3.1.7 to 3.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.7...3.2)

Signed-off-by: dependabot[bot] <support@github.com>

* root: set DEFAULT_AUTO_FIELD and remove full app config paths

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: check parent class for component and serializer on abstract classes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-07 10:54:38 +02:00
c5b56fd4e6 build(deps): bump boto3 from 1.17.45 to 1.17.46 (#705) 2021-04-07 08:59:56 +02:00
8f20376804 build(deps): bump docker from 4.4.4 to 5.0.0 (#706) 2021-04-07 08:59:40 +02:00
a2a35e49a9 improved out-of-box experience (#704) 2021-04-06 20:25:22 +02:00
fb409a73a1 web/elements: Fix display in deleteform when object has no name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:36:42 +02:00
a13d89fcde web/admin: fix BoundPoliciesList using wrong key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:24:50 +02:00
a31fc8319d policies: fix policybinding API returning wrong policy objects
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:24:32 +02:00
b09943e106 web/admin: fix error when editing stages from BoundStageList
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 17:15:53 +02:00
d5169504ea web/admin: add button to create prompt on PromptStageForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 16:58:28 +02:00
e678e3553b web/admin: fix default order for *bindingForms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 16:57:11 +02:00
4b2119510c web/admin: open flow execution in new tab
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 16:56:03 +02:00
e903582f96 web/admin: fix default for PolicyBindingForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 12:11:59 +02:00
20de845f2b web/admin: fix inconsistent modal size from BoundPoliciesList
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 12:11:48 +02:00
5fc052a384 web: remove test page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-06 11:49:48 +02:00
7b523d8be2 build(deps): bump @typescript-eslint/parser in /web (#698)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.20.0 to 4.21.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.21.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 10:05:47 +02:00
af15e32d30 build(deps): bump @lingui/cli from 3.8.2 to 3.8.3 in /web (#700)
Bumps [@lingui/cli](https://github.com/lingui/js-lingui) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.2...v3.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 10:05:38 +02:00
b6900e498c build(deps): bump @lingui/macro from 3.8.2 to 3.8.3 in /web (#699)
Bumps [@lingui/macro](https://github.com/lingui/js-lingui) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/lingui/js-lingui/releases)
- [Changelog](https://github.com/lingui/js-lingui/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lingui/js-lingui/compare/v3.8.2...v3.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 10:04:26 +02:00
dfc1cc08bb build(deps): bump tslib from 2.1.0 to 2.2.0 in /web (#701)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.1.0...2.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 09:53:53 +02:00
80e426a4b8 build(deps): bump boto3 from 1.17.44 to 1.17.45 (#697) 2021-04-06 07:55:48 +02:00
2196468804 build(deps): bump @lingui/core from 3.8.2 to 3.8.3 in /web (#702) 2021-04-06 07:55:23 +02:00
5ccbc17e65 build(deps): bump @typescript-eslint/eslint-plugin in /web (#703) 2021-04-06 07:55:10 +02:00
b98b4f2ae7 web/admin: add backup status card
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 20:40:30 +02:00
dcc873b88b admin: add API to get info for a single task
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 20:40:22 +02:00
d48badbca3 web/admin: show ldap sync status on overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 20:36:31 +02:00
f0ef2eea4f admin: sort tasks api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 19:21:19 +02:00
61652406c7 events: add progress bar to event expiry migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 13:33:01 +02:00
11859c8cea build(deps): bump boto3 from 1.17.43 to 1.17.44 (#692)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.43 to 1.17.44.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.43...1.17.44)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05 11:53:58 +02:00
a6608c140e build(deps): bump chart.js from 2.9.4 to 3.0.2 in /web (#696)
* build(deps): bump chart.js from 2.9.4 to 3.0.2 in /web

Bumps [chart.js](https://github.com/chartjs/Chart.js) from 2.9.4 to 3.0.2.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v2.9.4...v3.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

* web/elements/chart: upgrade to chart.js 3

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 11:28:22 +02:00
3da23829d3 build(deps): bump rapidoc from 8.4.9 to 9.0.0 in /web (#695) 2021-04-05 09:14:19 +02:00
ab8c954e00 build(deps): bump django-otp from 1.0.2 to 1.0.3 (#694) 2021-04-05 09:13:45 +02:00
c89ec88751 build(deps-dev): bump pytest from 6.2.2 to 6.2.3 (#693) 2021-04-05 09:13:33 +02:00
c0dbb738bd Merge branch 'master' into next 2021-04-05 01:12:31 +02:00
d0230c0b54 web: fix misc strings not being translated properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 01:12:13 +02:00
a9336d0983 web: allow for non-path elements in hash, store current tab page in hash
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-05 01:04:14 +02:00
2c4239d79a web: allow for non-path elements in hash, store current tab page in hash
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 23:19:08 +02:00
1a0a62975c web/admin: rework policybindingform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 22:56:28 +02:00
e06d729fe5 web: SpinnerSize -> PFSize, add size prop for modal button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 22:04:46 +02:00
a66b832154 web/admin: fix policies of oauth/saml source not being configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 21:03:57 +02:00
b2189374e2 web/admin: remove divider from cert form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:57:33 +02:00
ff40ab0c49 web/elements: fix font colour for confirmation form in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:54:03 +02:00
002c048d0b web/elements: rewrite SpinnerButton to promises, fix spinner button with forms after errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:42:50 +02:00
52029f55e4 web: fix form error text not being red in dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:26:00 +02:00
85121de9d7 web/admin: only set ?writeOnly when editing an object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:11:57 +02:00
93b362570d web/elements: add ?writeOnly flag for passwords etc
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 20:07:46 +02:00
597bd472ea web/admin: fix inconsistent button levels for events lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 19:07:42 +02:00
e2f01ce740 web: replace spaces after icons with nbsp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 19:01:00 +02:00
d4982b276c web: fix mismatched css files between static and SSR
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 18:35:16 +02:00
c1d93bfd7c web: fix TableColumn sort fields being translated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:56:16 +02:00
469b6b64bc web/admin: link EventInfoPage on EventListPage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:51:43 +02:00
c0bdb2407a web/admin: fix card title on oauth source settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:46:36 +02:00
596431cae7 web/admin: replace paper-input on user settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:45:38 +02:00
6b085a58be web/elements: fix width for vertical tabs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:44:29 +02:00
bd514dcce6 web: fix untranslated table columns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:22:29 +02:00
d83756b4d9 web/admin: use expandable for Task list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:20:49 +02:00
16d989dbfa core: fix schema for Challenge's type enum
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:15:58 +02:00
9517c890b5 if/*: show loading animation before full JS is loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 16:10:08 +02:00
8cae1f2ab5 stages/email: add tests for API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:14:58 +02:00
90e7856efb docs: update screenshots
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:05:35 +02:00
37a14858ad policies: fix display of policy result source
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:04:41 +02:00
5b5d7e4997 web/admin: add edit button to application view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 14:01:42 +02:00
67fef02d71 web: fix minor issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:41:18 +02:00
b8c41f54c5 stages/email: update default email templates
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:40:52 +02:00
97ea859315 web/admin: default FlowStageBinding's order to 0
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:19:52 +02:00
616b1f4a05 web: sort groups from groupBy<T>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:19:34 +02:00
d1cde64214 stages/email: add support for custom template to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 13:19:22 +02:00
d061868fdc web/elements: show form without stack in modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 12:18:10 +02:00
a2cfe9c2a7 admin: sort apps in meta api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 12:17:35 +02:00
8a7c414031 web/*: fix defaults for booleans to use first()
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:41:13 +02:00
46e0571ed0 web/admin: only show http basic fields for proxy provider when enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:30:02 +02:00
1835981f3d web/*: add loading indicator to select inputs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:24:06 +02:00
87fdb591ce web/admin: fix unlocalised strings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-04 00:10:56 +02:00
195951a61a web/elements: fix ActionButton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 23:23:29 +02:00
1f781eb78a web/elements: make ak-spinner-button work with ModalForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 23:09:52 +02:00
1b63e461cc web/api: log requests to console
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 23:06:57 +02:00
e8dc6b259f Merge pull request #691 from BeryJu/web-intl 2021-04-03 21:32:57 +02:00
a7f751f3b3 web/admin: fix expression info not being localised
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:53:52 +02:00
ed18e623db web/admin: fix edit button on user page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:37:32 +02:00
b37470b3de web: activate pseudo-locale using querystring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:34:16 +02:00
e246071aac core: fix user metrics not accepting detail
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:33:59 +02:00
4554c468bc web/elements: fully translate table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 20:01:29 +02:00
5923edc69a web: translate sidebar and more list pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:59:22 +02:00
55c24de8c7 policies: fix error when viewing/clearing cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:57:50 +02:00
25300c1928 web: initial migration to lingui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:44:56 +02:00
fc1caf1469 api: remove js i18n catalog
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:07:54 +02:00
44d33ed96e web: add basic lingui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 19:07:11 +02:00
650b084c72 web: migrate to babel
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 18:20:17 +02:00
82c2a202cb web/admin/providers/oauth2: only show client secret when clientType is not public
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 15:09:52 +02:00
aaa1f92945 web/admin/providers/oauth2: add generated defaults for clientId and secret
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 14:51:05 +02:00
66d7d598fb web/elements: remove modalbutton logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 14:34:46 +02:00
8d2aecd687 web/admin: remove left-over ak-modal-buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 14:32:19 +02:00
6eff2fe0d1 Merge pull request #683 from BeryJu/new-forms-part-3
New forms part 3
2021-04-03 14:05:20 +02:00
eeb9449c11 lib: remove templatetags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:37:32 +02:00
94a5a6c4c0 web/elements: fix race condition in codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:08:46 +02:00
a291063b9c web/admin/providers: use form groups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:08:35 +02:00
c17eb00e3b providers/oauth2: fix component for Scope
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 12:08:21 +02:00
43f37e4776 web: add first() to improve defaults
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 11:41:11 +02:00
42cb55d78a *: rename objectType to component to get rid of lookup tables
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 11:32:17 +02:00
aaebd01058 admin: finalise migration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:20:20 +02:00
d7698343ae stages/authenticator_validate: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:15:32 +02:00
0b057ccb34 stages/authenticator_webauthn: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:06:41 +02:00
995f3a13d1 stages/authenticator_static: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:03:43 +02:00
ab7f4c5ba2 stages/authenticator_totp: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 01:01:59 +02:00
be4288fb46 stages/consent: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:55:17 +02:00
75d8641a38 stages/dummy: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:49:15 +02:00
1d72019645 stages/deny: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:48:15 +02:00
c1c47c5f30 stages/email: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:46:40 +02:00
fc47af12be stages/invitation: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:42:41 +02:00
a9bee998f2 stages/password: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:22:23 +02:00
31226e3c75 stages/prompt: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:10:59 +02:00
f7aabe8ca9 stages/user_delete: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-03 00:04:20 +02:00
8ac82b97d3 stages/user_write: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:54:00 +02:00
128af67011 stages/user_logout: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:52:55 +02:00
fb9a4ec461 stages/user_login: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:51:39 +02:00
2a261cfaf8 stages/identification: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:45:50 +02:00
224ad46a21 stages/captcha: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:45:39 +02:00
05cc8e2b51 tests: only create selenium_screenshots/ on error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:23:09 +02:00
ffe3ec0cb4 root: disable django admin
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:21:40 +02:00
448dd7ed54 core: change TypeCreateSerializer to component
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:17:30 +02:00
1dc01ef857 *: add API tests for types endpoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 23:11:53 +02:00
0f76e80341 admin: remove policies views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:15:48 +02:00
6acfbb7d66 policies/reputation: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:09:30 +02:00
fcdc064cac policies/password: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 17:09:19 +02:00
0c92f4a74d policies/hibp: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:57:55 +02:00
ac136ec5f6 policies/expiry: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:49:37 +02:00
f75f6a8404 policies/expression: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:42:30 +02:00
415bb4cc88 policies/event_matcher: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:37:51 +02:00
6a3e1da986 policies/dummy: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:31:53 +02:00
5a6b6c369e admin: add API to get all installed apps
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:13:09 +02:00
66d342880c events: add API to get all event actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 16:02:58 +02:00
7fad2b6563 sources/oauth: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 15:42:07 +02:00
22f50aae45 managed: fix ManagedSerializer interfering with other serializers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 15:00:15 +02:00
1daba5db87 sources/oauth: revamp types system, move default URLs to type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 14:59:58 +02:00
83fc22005c *: remove swagger parameters from functions that don't accept them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:39:22 +02:00
7eb7fc2e12 sources/oauth: add API to get provider types
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:26:42 +02:00
07702afe68 sources/saml: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:12:31 +02:00
0aa21c007a web/elements: delegate requestUpdate in proxyform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 13:11:47 +02:00
c659e40df7 web/elements: make form sync slug field with name field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:56:03 +02:00
ffacd4d021 web/admin: fix oauth2 provider rsaKey being required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:48:21 +02:00
54ad6b8dd9 web/admin: fix flows not showing slug
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:48:09 +02:00
70fc4c0d88 sources/ldap: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:12:14 +02:00
742f570c4c managed: add API serializer, add managed field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 12:03:33 +02:00
75d67e0e05 web/elements: add formgroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-02 11:47:03 +02:00
7bd7ae41b4 Merge branch 'master' into new-forms-part-3 2021-04-02 10:58:26 +02:00
5f9a9b80f0 build(deps): bump @sentry/tracing from 6.2.4 to 6.2.5 in /web (#688) 2021-04-02 10:27:30 +02:00
94208477e9 build(deps): bump boto3 from 1.17.42 to 1.17.43 (#687) 2021-04-02 09:42:10 +02:00
4da0803f15 build(deps): bump @sentry/browser from 6.2.4 to 6.2.5 in /web (#689) 2021-04-02 09:41:59 +02:00
72201c296b build(deps): bump golang from 1.16.2 to 1.16.3 in /outpost (#690) 2021-04-02 09:41:35 +02:00
ed2e9b88e7 Merge branch 'master' into new-forms-part-3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 23:02:22 +02:00
dd88d9254e Merge branch 'next'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/interfaces/AdminInterface.ts
2021-04-01 20:46:06 +02:00
509f21a9b4 providers/oauth2: add validation and tests to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 20:43:18 +02:00
b299451cab providers/saml: fix metadata download not being unauthenticated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 20:16:07 +02:00
7e63a18d37 providers/saml: fix unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 20:05:50 +02:00
b9e718f5b8 web: build polyfills into separate file, load first
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 19:55:32 +02:00
b4a6f8350b admin: remove provider views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 19:28:30 +02:00
5eb9b95ab5 providers/saml: migrate import to API, add API tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 19:28:12 +02:00
4e3701ca8d web/admin: migrate provider forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 15:39:59 +02:00
7a0ebbdc53 crypto: add filter for key-pairs with private key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-04-01 11:38:35 +02:00
051c5672b9 Merge branch 'master' into new-forms-part-3 2021-04-01 10:43:09 +02:00
57f242ccf8 build(deps): bump github.com/go-openapi/swag in /outpost (#686)
Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.19.14 to 0.19.15.
- [Release notes](https://github.com/go-openapi/swag/releases)
- [Commits](https://github.com/go-openapi/swag/compare/v0.19.14...v0.19.15)

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-01 10:34:04 +02:00
0c2903f33f build(deps): bump @patternfly/patternfly from 4.90.5 to 4.96.2 in /web (#684) 2021-04-01 08:54:07 +02:00
d7cbebcb02 build(deps): bump boto3 from 1.17.41 to 1.17.42 (#685) 2021-04-01 08:52:12 +02:00
d3f2f987e0 providers/saml: migrate saml property mappings to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:38:40 +02:00
221e6190c8 sources/ldap: migrate property mappings to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:08:40 +02:00
6a69425688 providers/oauth2: migrate scope mapping to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:07:57 +02:00
656fe00302 outposts: migrate service connections to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:47:41 +02:00
884c91062d web/elements: fix error when resetting a proxyform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:34:48 +02:00
a7d9857a69 web/elements: fix codemirror not being updateable without focus
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:32:28 +02:00
f814f7792c web/elements: add ProxyForm to instantiate forms based on string type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:27:59 +02:00
e264e10ad6 web/elements: improve codemirror mismatching value
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 22:18:40 +02:00
f2d5d62c9c Merge pull request #676 from BeryJu/new-forms-part-2
New forms part 2
2021-03-31 21:19:42 +02:00
af438af8ac stages/invitation: add API tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 20:52:46 +02:00
041b51a7f8 policies: add tests for bindings API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 20:37:24 +02:00
330d5047e7 core: add tests for token API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 20:36:28 +02:00
e476186cbc web/admin: migrate policybinding form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 19:41:42 +02:00
3124b0f39c web/elements: add support for non-field errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 19:13:56 +02:00
55f68a9197 policies: fix api updating issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 18:54:36 +02:00
c92a2ecbf5 web/admin: fix hideManaged toggle for propertymapping list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 16:47:39 +02:00
d248b30eb3 policies: fix serializers for bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 16:26:52 +02:00
c71009fea9 web/admin: move BoundPoliciesList to pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 16:04:04 +02:00
b15aca80ca web: add utils for grouping
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 15:57:59 +02:00
25e043afea web/admin: migrate FlowStageBinding form to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 15:46:48 +02:00
0395c84270 web/admin: fix flow execute button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 15:00:54 +02:00
e66c46ff59 Merge branch 'master' into new-forms-part-2 2021-03-31 14:16:24 +02:00
46f4493f04 policies: configurable engine mode (#682)
* policies: add policy_engine_mode field, defaults to MODE_ALL

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: add policy_engine_mode to forms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* policies: update default for new objects

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* docs: add to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 14:14:56 +02:00
da5de30d7b docs: update expression docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 11:54:03 +02:00
5cbcd89369 build(deps): bump github.com/go-openapi/strfmt from 0.20.0 to 0.20.1 in /outpost (#681)
* build(deps): bump github.com/go-openapi/strfmt in /outpost

Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.20.0...v0.20.1)

Signed-off-by: dependabot[bot] <support@github.com>

* outpost: fix dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 09:58:37 +02:00
32f5cc7fba build(deps): bump @sentry/browser from 6.2.3 to 6.2.4 in /web (#678)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.2.3 to 6.2.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.3...6.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 09:58:00 +02:00
c6005ea389 build(deps): bump boto3 from 1.17.40 to 1.17.41 (#680) 2021-03-31 08:36:42 +02:00
60b6a7cdfc build(deps): bump postcss from 8.2.8 to 8.2.9 in /website (#679) 2021-03-31 08:36:28 +02:00
f5bc5fa24a build(deps): bump @sentry/tracing from 6.2.3 to 6.2.4 in /web (#677) 2021-03-31 08:36:11 +02:00
f9382ed32e web/admin: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 23:18:07 +02:00
c0cfd75a2e web/admin: add UserTokenForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:51:26 +02:00
64fa04306c core: overwrite user on token creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:46:19 +02:00
7a583cb7e6 web/admin: move user settings into separate folder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:22:11 +02:00
cb0b5f7146 web/admin: migrate prompts to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:12:06 +02:00
8a3b1ae29d web/admin: migrate invitations to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 22:11:30 +02:00
717282b4b7 web/elements: fix error resetting form with codemirror
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 19:56:00 +02:00
78a4a167ac outposts: remove outpost form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:45:26 +02:00
23d7ef36d2 core: remove provider and outpostserviceconnection base model create operations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:35:06 +02:00
d1dd6b7a8f core: fix tests for property mapping API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:34:33 +02:00
9c65fd814b web: fix saving for CodeMirror not returning an object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 18:20:48 +02:00
58a7d67922 web/admin: migrate property mapping test to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:53:43 +02:00
b1fb2982ef web/admin: port policy test form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:53:26 +02:00
f206baf3f0 core: add API to test property mapping
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:32:57 +02:00
6916c59483 policies: fix test API not working, add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 17:22:47 +02:00
41914d9b7a crypto: add tests for builder
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 16:34:45 +02:00
1f89b94f66 Merge pull request #664 from BeryJu/new-forms
web: New forms
2021-03-30 16:32:50 +02:00
80b0aef210 core: add new permissions for tokens to view key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:50:41 +02:00
b1214f6c35 *: add new base class for non-model serializers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:50:00 +02:00
c7dcf92a2e api: add tests for swagger generation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:23:37 +02:00
50ce5aa2b4 root: replace pytest with pyproject in dockerfile
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 15:08:54 +02:00
b3b8e71caa web/flows: fix challenge type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 14:34:20 +02:00
3686cba6b4 root: fix build for static files during e2e
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 14:06:11 +02:00
b1967b42e3 root: temporarily use failfast to debug tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 13:05:49 +02:00
bfa0c46588 tests/e2e: fix source tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 11:05:31 +02:00
69ee18e13d Merge branch 'master' into new-forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
2021-03-30 10:26:18 +02:00
c180a521ec build(deps-dev): bump pylint from 2.7.2 to 2.7.3 (#674)
* build(deps-dev): bump pylint from 2.7.2 to 2.7.3

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.7.2...pylint-2.7.3)

Signed-off-by: dependabot[bot] <support@github.com>

* sources/saml: fix linting for SAMLBindingTypes.Redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/oauth: Fix linting for RequestKind

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix linting for ChallengeTypes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 10:05:14 +02:00
59f5846d1a root: replace bumpversion with bump2version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 09:54:10 +02:00
7e85524e51 *: simplify API permissions checking, add API for user recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-30 09:45:48 +02:00
59e1811187 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#672)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.19.0 to 4.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.20.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 09:21:04 +02:00
120332924b build(deps-dev): bump @typescript-eslint/parser in /web (#671) 2021-03-30 09:11:07 +02:00
01ae3334ee build(deps): bump rollup from 2.43.1 to 2.44.0 in /web (#673) 2021-03-30 09:10:55 +02:00
03cf8799c4 build(deps): bump boto3 from 1.17.39 to 1.17.40 (#675) 2021-03-30 09:10:44 +02:00
54c50f6446 policies: add test API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 23:40:36 +02:00
09aa5d6350 web/admin: migrate outposts to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 23:12:31 +02:00
e5ff416c2d outposts: add API for default config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:52:08 +02:00
21ea527623 api: fix invalid swagger schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:34:24 +02:00
36c34e05f8 stages/authenticator_webuahtn: remove views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:31:29 +02:00
7a93b9e565 web/user: use ak form element for webauthn device
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:31:12 +02:00
3945dc9f3f web/admin: fix execute button on flow view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:30:57 +02:00
e96d2fa666 web/admin: migrate flows to web forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:24:46 +02:00
3a2f285a87 flows: add API to debug-execute a flow and import flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:21:04 +02:00
a09481dea2 flows: add API to set background image
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:40:08 +02:00
03ff495011 web/admin: migrate application form to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:39:53 +02:00
657b0089b1 core: add set_icon operation to applications API to set icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:16:13 +02:00
7d74e1d2c4 *: revert to drf-yasg upstream
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:04:54 +02:00
81ac53ff0a web/admin: migrate events notification rules to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 19:22:22 +02:00
6c999d10c3 web/elements: trigger refresh on successful modalform submit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 19:20:21 +02:00
1e58941323 web/admin: migrate Event Transport to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 19:06:00 +02:00
a52b57cc38 events: fix missing send_once param from api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:58:54 +02:00
bffa51f7df web: cleanup required attr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:25:59 +02:00
d5281d2023 web: set name on ak-form-element-horizontal for error messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:24:56 +02:00
5b8e3b4189 web: improve error handling
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:18:25 +02:00
372cf4a8cb api: add error responses to swagger schema
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:09:45 +02:00
fc17580d9a web: only show message on server error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:36:52 +02:00
dfff2a1134 web/admin: migrate crypto/certificatekeypair to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:35:13 +02:00
b3d54b7620 api: cleanup args for @permission_required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:33:55 +02:00
a445b03523 crypto: add API to generate keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:33:27 +02:00
5d37012075 api: allow @permission_required with no object permission
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:28:28 +02:00
a9db538c63 web/admin: fix missing css for descriptor list in cert list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 16:23:43 +02:00
526af26536 web/admin: migrate user forms to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 16:16:27 +02:00
fac8d53163 web/admin: fix message when object is created
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:57:38 +02:00
0804b5e6c5 web: shrink flow build by not including router
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:53:56 +02:00
464a56ad52 Merge branch 'master' into new-forms 2021-03-29 15:37:12 +02:00
0793fff222 *: simplify API permissions checking, add API for user recovery
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:36:35 +02:00
4fa122b827 docs: add integration docs for minio
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 14:51:33 +02:00
583b6cc20b web/admin: remove site-shell
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 14:42:28 +02:00
ed17920bd4 Merge branch 'master' into new-forms 2021-03-29 12:28:35 +02:00
3cc7d54cc1 policies: use GroupSerializer for PolicyBinding API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:28:06 +02:00
d71d45b958 web/admin: use shadowroot for codemirror, remove styles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:21:00 +02:00
e7c6ff9499 admin: remove group views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:03:11 +02:00
1b496dd472 web/admin: use new group form for create
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:02:58 +02:00
c1781d89df build(deps): bump boto3 from 1.17.37 to 1.17.39 (#670)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.37 to 1.17.39.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.37...1.17.39)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 12:02:07 +02:00
12bfa404c8 web: rudimentary lazy loading for modals
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 11:59:30 +02:00
76e571ea0a web: use custom-element as wrapper
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 10:09:43 +02:00
48ee582f37 Merge branch 'master' into new-forms 2021-03-29 09:58:35 +02:00
9d0398f81d docs: fix incorrect URL for AWX integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 09:10:01 +02:00
d2d0e99f9d build(deps): bump rollup from 2.42.4 to 2.43.1 in /web (#669)
Bumps [rollup](https://github.com/rollup/rollup) from 2.42.4 to 2.43.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.42.4...v2.43.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:08:42 +02:00
e165b3dae5 build(deps-dev): bump @rollup/plugin-typescript in /web (#668)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.2.0 to 8.2.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v8.2.0...typescript-v8.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:08:27 +02:00
6abd8a0ca0 build(deps-dev): bump eslint from 7.22.0 to 7.23.0 in /web (#667)
Bumps [eslint](https://github.com/eslint/eslint) from 7.22.0 to 7.23.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.22.0...v7.23.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:07:59 +02:00
78acfc18fc build(deps): bump djangorestframework from 3.12.3 to 3.12.4 (#666)
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.3 to 3.12.4.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:07:03 +02:00
aced8b507c build(deps): bump gunicorn from 20.0.4 to 20.1.0 (#665)
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 20.0.4 to 20.1.0.
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](https://github.com/benoitc/gunicorn/compare/20.0.4...20.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 09:06:25 +02:00
fbc33815a3 core: fix user view imports
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:33:27 +02:00
768d72ec24 web/admin: implement groupform using webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:07:11 +02:00
bd9c0efab7 core: use only user ids for group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:03:48 +02:00
d358dc1182 Merge branch 'next' into new-forms 2021-03-28 20:25:08 +02:00
956d868106 web: cleanup routes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 16:10:28 +02:00
0fcef494a6 Merge branch 'next' into new-forms 2021-03-27 23:48:04 +01:00
6f6fe6ad06 flows: fully fix unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:47:00 +01:00
926636c331 web: fix error handling in forms for non-server errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:39:31 +01:00
2e6a264f98 web: migrate group forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:38:53 +01:00
95ecad8382 Merge branch 'next' into new-forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/api/legacy.ts
#	web/src/main.ts
#	web/src/pages/users/UserSettingsPage.ts
2021-03-27 23:21:16 +01:00
035771de81 web: add middleware that shows message for failed API requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:18:51 +01:00
1a53bc3de5 web: use FlowURLManager for cancel links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:18:11 +01:00
e621eb7455 web: cleanup message API, use enum for level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 23:11:44 +01:00
261583cb92 flows: fix tests for dummy stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:58:41 +01:00
1bc48d2bea stages/dummy: fix missing component
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:35:36 +01:00
9bab708e6e web/flows/authenticator_validate: auto-select TOTP device when password manager prefills it
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:32:15 +01:00
103e0f3b06 web: add default title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:24:09 +01:00
c8608db4ee web: cleanup entrypoints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:06:42 +01:00
869f18483f web: fix flow's policy and stage count missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 22:02:01 +01:00
32fb90e056 core: include full users in group API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 15:53:54 +01:00
f636414fb7 Merge branch 'master' into new-forms 2021-03-26 16:08:54 +01:00
a4fd0dc597 Merge branch 'master' into next 2021-03-26 09:42:23 +01:00
2a437536d4 build(deps): bump djangorestframework from 3.12.2 to 3.12.3 (#663)
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.2 to 3.12.3.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.12.2...3.12.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-26 09:39:51 +01:00
a39f42974f build(deps): bump boto3 from 1.17.36 to 1.17.37 (#662)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.36 to 1.17.37.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.36...1.17.37)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-26 09:39:15 +01:00
2e58982419 web/elements: fix detection of inner forms, catch errors and don't close modal
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 22:08:09 +01:00
72cca0473a web/elements: throw error in form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 22:07:54 +01:00
02212406c4 web: start migrating: groups form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 21:39:49 +01:00
2fade4e604 web/elements: add ModalForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 14:27:16 +01:00
469ba3a391 web/flows: fix WebAuthn register stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 10:07:23 +01:00
0b3980e564 web: fix URLs for FlowURLManager
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 10:07:10 +01:00
cfcf7aa2ae web: separate forms into dedicated file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 09:52:19 +01:00
fc6f242f86 web/admin/user: fix user source connection lookups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 09:14:07 +01:00
ec8dee3588 web: add API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 09:14:07 +01:00
e7fd37efeb build(deps): bump boto3 from 1.17.35 to 1.17.36 (#660)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.35 to 1.17.36.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.35...1.17.36)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-25 09:13:24 +01:00
ccd4665d82 build(deps): bump rollup from 2.42.3 to 2.42.4 in /web (#661)
Bumps [rollup](https://github.com/rollup/rollup) from 2.42.3 to 2.42.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.42.3...v2.42.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-25 09:13:14 +01:00
fe4791c216 web: initial implementation of new forms
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-25 00:05:11 +01:00
6e46124c94 web/admin/user: fix user source connection lookups
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 21:40:08 +01:00
1275f22599 web: add API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 21:16:03 +01:00
533a719914 sources/oauth: migrate to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 20:35:00 +01:00
a085632b8e stages/authenticator_*: migrate remaining stages to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 20:13:31 +01:00
1ef5a8e6c5 stages/password: migrate settings to webcomponents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 19:48:24 +01:00
ab5d6dbea1 sources/authenticator_webauthn: rewrite to webcomponent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 18:00:37 +01:00
ffd8c59c8e api: use common skeleton in swagger template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:46:41 +01:00
83c3a116f3 core: add Serializer for UserSettings, used by stages and sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:46:31 +01:00
f695a3f40a stages/authenticator_*: fix missing fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:19:39 +01:00
f41f2bfdab sources/saml: use STAGE_CONFIGURATION for default-source-pre-authentication flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:12:41 +01:00
17f7a97ef3 sources/oauth2: add API For UserSourceConnection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 14:46:08 +01:00
3698c6431c flow: pass Query on FlowExecutorSolve to prevent redirect issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 14:12:49 +01:00
4d88af4601 flows: fix RedirectChallenge wrapper being confused by querystrings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 12:47:12 +01:00
dce869b566 flows: fix post-email continuation not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 12:46:54 +01:00
1d641b2432 root: update swagger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:55:50 +01:00
5a5539da97 sources/saml: fix failing unittests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:55:43 +01:00
e12d99ba63 Merge branch 'master' into next 2021-03-24 09:22:41 +01:00
4612cea970 sources/saml: replace server-side pre-auth views for pre_auth flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:22:15 +01:00
da4fa96499 sources/oauth: simplify enrollment handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:22:15 +01:00
4137266041 flows: revert to sever-side redirects for security, pass querystring from client during flow plan
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:22:15 +01:00
9427942ea8 build(deps): bump boto3 from 1.17.34 to 1.17.35 (#659)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.34 to 1.17.35.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.34...1.17.35)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24 08:05:16 +01:00
5b8b973345 flows: revert to sever-side redirects for security, pass querystring from client during flow plan
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 22:35:50 +01:00
d44dc00757 web: only set background during initial load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 21:58:12 +01:00
37655e1e21 web/flow: fix deep redirects not working properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 20:05:35 +01:00
a1f961db97 web/flow: fix styling of loading between stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 19:52:00 +01:00
62d0e020db stages/email: add wrapper view to accept queryargs and redirects to flow if
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 19:42:58 +01:00
fa5f379a53 outposts: fix docker image not having correct tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:31:26 +01:00
3f6174e8cc ci: fix missing isort
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:28:23 +01:00
1fd949d4ec flows: remove FlowExecutorShellView
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:09:13 +01:00
de6fa63d21 web: detect deep links in flow interface and redirect locally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 18:04:21 +01:00
cfe7bc8155 flows: migrate access denied message to webcompoennts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 17:55:13 +01:00
c6c4636b9b policies: show messages of root result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 17:14:54 +01:00
bd74e07ce1 flows: move <ak-message-container> outside of flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 16:18:00 +01:00
45c1072291 web: add execute button to flow view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 16:06:08 +01:00
33787d0685 web: remove pf-c-card-aggregate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 16:05:37 +01:00
068d281b19 web: use constants for custom event names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 15:16:56 +01:00
56344cadeb web: add confirmation form for simple write-requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 15:07:45 +01:00
3c2d541d60 web: refresh status card on ak-refresh event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 15:04:09 +01:00
0671d712fa policies: remove deprecated group_membership policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 14:43:24 +01:00
6961089425 flows: add API to clear cache
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 10:37:41 +01:00
b6d797fc78 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#654)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.18.0 to 4.19.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.19.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:24:04 +01:00
3e5a756016 build(deps): bump rollup from 2.42.1 to 2.42.3 in /web (#655)
Bumps [rollup](https://github.com/rollup/rollup) from 2.42.1 to 2.42.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.42.1...v2.42.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:21:36 +01:00
d24cbae39a build(deps-dev): bump @typescript-eslint/parser in /web (#656)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.18.0 to 4.19.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.19.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:21:24 +01:00
480113e080 build(deps): bump boto3 from 1.17.33 to 1.17.34 (#657)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.33 to 1.17.34.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.33...1.17.34)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:20:22 +01:00
3167426b53 build(deps): bump react and react-dom in /website (#658)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together.

Updates `react` from 17.0.1 to 17.0.2
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.2/packages/react)

Updates `react-dom` from 17.0.1 to 17.0.2
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.2/packages/react-dom)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-23 09:20:03 +01:00
863124efbb web: fix UserChart not showing authorizations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 23:15:38 +01:00
80cc0fcc61 tests: use dex from ghcr
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 22:27:57 +01:00
ddf09a4cf5 web: fix styling during initial challenge load
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:49:11 +01:00
012a045c8e web: make default background-color darker to prevent flashbang
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:48:58 +01:00
145ef8b071 ci: start postgres for pylint
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:10:38 +01:00
3157bf63a6 root: upgrade to pylint 2.7
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 20:03:33 +01:00
e202fd988b root: update to isort 5
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 19:53:10 +01:00
8155d88db7 root: update linters, remove prospector
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 19:52:51 +01:00
6ce3d2916b web: remove version from queryargs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 18:30:04 +01:00
450bb9040d web: fix pluralisation in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 17:08:41 +01:00
4f8b882554 web: copy static assets only once
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 14:54:12 +01:00
8a451bb5f6 web: fix FlowExecutor not setting title
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 14:39:51 +01:00
fe7f23238c Static SPA (#648)
* core: initial migration to /if

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: move jsi18n to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix static URLs in tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add new html files to rollup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix rollup config and nginx config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add Impersonation support to user API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add banner for impersonation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix test_user function for new User API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add background to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: set background from flow API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: make root view login_required for redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: redirect to root-redirect instead of if-admin direct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add header to prevent Authorization Basic prompt in browser

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: redirect to root when user/me request fails

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 13:44:17 +01:00
936e2fb4e2 build(deps): bump @sentry/browser from 6.2.2 to 6.2.3 in /web (#651) 2021-03-22 10:39:13 +01:00
bb743a4d30 build(deps): bump github.com/go-openapi/runtime from 0.19.26 to 0.19.27 in /outpost (#653) 2021-03-22 10:38:54 +01:00
3238c85514 build(deps): bump rollup from 2.41.5 to 2.42.1 in /web (#649) 2021-03-22 08:29:01 +01:00
e2c0fa8d8a build(deps): bump codemirror from 5.59.4 to 5.60.0 in /web (#650) 2021-03-22 08:28:52 +01:00
50f946e4a7 build(deps): bump @sentry/tracing from 6.2.2 to 6.2.3 in /web (#652) 2021-03-22 08:28:03 +01:00
556a0d5d84 web: wrap hidden inputs in form to prevent warning
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 18:19:20 +01:00
25c82d80f5 flows: use full ShadowDom for flowContainer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 17:51:23 +01:00
7e47906475 api: add Footer links to config API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 17:35:00 +01:00
24ac6d2c25 stages/authenticator_webauthn: prefer Biometrics over security key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 16:52:14 +01:00
68449a0d21 web: fix buttons being shown over ak-loading backdrop
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 15:01:48 +01:00
bb9fbb55b6 core: use a single column for flow executor flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 14:53:02 +01:00
c834f0a372 stages/authenticator_webauthn: explicitly allow cross-platform devices for iOS/safari
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 00:10:07 +01:00
1414322f71 root: optimise images
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 23:35:05 +01:00
17f46c291b website: fix missmatching screenshots for admin page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 23:23:02 +01:00
18594c4886 web: fix WebAuthn not working when using the retry button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 23:17:41 +01:00
d906738097 web: create separate chunk for poly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 22:33:06 +01:00
43f19f78bb providers/oauth2: fix error when redirecting from an authorization error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 22:06:45 +01:00
3eacd8b754 web: fix SpinnerButton not showing successful status correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 20:47:53 +01:00
3d45956f15 web: fix display of scopes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 19:05:10 +01:00
fb20ae7e1a web: sort users by last_login
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 18:39:12 +01:00
5c85c3315d web: add user info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:54:25 +01:00
d0529e76ba web: show user metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:30:10 +01:00
4c49209f71 core: add user metrics API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:30:01 +01:00
3668850e8f web: add user authorization codes and refresh codes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 16:47:39 +01:00
4525a43e63 web: add initial user view page with consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 16:42:32 +01:00
077abdb602 web: remove gettext from icons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 16:36:54 +01:00
b6087c0f10 web: fix CodeMirror styles missing for SAML Source/Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 15:59:10 +01:00
972972a4d9 web: add Changelog Tab for sources and providers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 15:52:57 +01:00
45a397bd77 web: fix card titles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 15:38:09 +01:00
f54cc79f6b website: add Authelia to comparsion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 11:52:41 +01:00
2cad208038 website: fix checkmarks on light mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 11:49:44 +01:00
f1a4754568 build(deps): bump rollup from 2.41.4 to 2.41.5 in /web (#647) 2021-03-19 11:31:13 +01:00
d8841911de website: use <ClientOnly> to prevent issues during SSR
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 23:41:20 +01:00
fe054136b1 website: add comparison based on vector.dev's site
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 22:09:54 +01:00
e7a8371cbb website: add sliders for light/dark mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 20:51:21 +01:00
d82dfc65b7 api: replace rest_framework browser with rapi-doc
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 20:35:12 +01:00
2de869d9c3 web: add ObjectChangelog element to show changelog for a single object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 18:12:04 +01:00
080282a0bc events: add better filters to event API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 18:11:38 +01:00
8242c139c2 events: use ExpiringModel with delta of 1 year for events
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 17:10:59 +01:00
5b4c5d0f31 stages/consent: add API to get user's given consent
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 16:07:33 +01:00
9ad10863de providers/oauth2: add API for auth codes and refresh tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 15:59:38 +01:00
14f2522c3e events: improve logging for geoip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 15:16:43 +01:00
01fc63fc98 web: set document title on navigation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 14:48:02 +01:00
a57d524273 flows: add API for flow export
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 14:36:00 +01:00
93bd95436f admin: remove user enable/disable views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 13:09:00 +01:00
db9aa5d9dc admin: remove delete views
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:40:28 +01:00
48443e3e09 web/pages: use DeleteForm for all lists
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:32:03 +01:00
dae60b5a08 *: replace ReadOnlyModelViewSet with List/Retrieve/Delete viewsets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:11:07 +01:00
013a192485 web: Improve error handling in deleteform
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 11:16:13 +01:00
bc37480f0d web: simplify DeleteForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:49:01 +01:00
a95b6e0e61 web: implement initial DeleteForm
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:43:12 +01:00
ac78e3e2ec root: further cleanup in asgi logger
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:27:52 +01:00
77a484e698 stages/*: fix warning for user settings API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:11:13 +01:00
f1f706dd0d web: migrate user settings to SPA
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 01:03:07 +01:00
a6123cfbe4 flows: add API for user's stage settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 00:33:12 +01:00
07142cab8b core: add API for user source settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 00:32:40 +01:00
9a27bc8627 web: build .d.ts files for API client in rollup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:55:26 +01:00
e6cb60b793 web/siteshell: fix missing stylesheets
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:26:51 +01:00
706ffb56f7 web/pages/library: fix layout for applications without icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:25:11 +01:00
8cadee28c1 web: don't navigate on siteshell failure
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:23:35 +01:00
ef58020fd4 web: move MessageContainer to document
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:23:24 +01:00
a54fa7c9b1 web: fix display issues with challenges using pending_user_avatar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:19:31 +01:00
a8d411a77b outposts: fix integration test failing occasionally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 22:02:13 +01:00
5f6f5dbfc4 web: revert to use full pf in skeleton to improve FMP
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 21:20:47 +01:00
aeb4b6b412 outposts: update go.sum
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:49:51 +01:00
9efc4dec18 web: fix syntax for expires directive
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:38:23 +01:00
7b826b696c root: add nginx to bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:38:13 +01:00
b1c21c405a outpost: bump recws to 1.3.1
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:27:53 +01:00
cd1218c78e Merge branch 'master' into next 2021-03-17 20:09:47 +01:00
a8c1fd1e4e web: fix styling for flow stages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 20:07:03 +01:00
14d990df7f web: replace pf-icon-arrow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:51:52 +01:00
93e8f9cb36 web: fix notification drawer, add button to show event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:49:08 +01:00
04d2e769bb web: fix codemirror not being loaded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:30:33 +01:00
5b0d875a42 admin: re-add property-mapping test template
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:28:45 +01:00
820f4be02f web: fix application view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:28:36 +01:00
0ef040e5b6 web: fix provider view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:18:15 +01:00
d2bbf2965d web: fix source pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 19:03:53 +01:00
bf32cf3265 web: add fullHeight toggle to empty state, add dark empty state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:49:55 +01:00
5f0192ee48 web: fix dark mode for admin overview page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:38:39 +01:00
91e1ded3bf web: fix border-colour for expanded table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:38:22 +01:00
c70f6e3122 events: fix Schema for query params for top_per_user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:33:12 +01:00
56260cd23f root: fix concurrency logging issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:20:00 +01:00
fdbb9803b5 web: fix search field on tablepages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:00:26 +01:00
83abc20300 web: fix library display
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:00:17 +01:00
88cf0b2cdc web: move colour styles to css file
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 17:51:24 +01:00
16950dbc54 web: fix missing notification trigger icon
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 17:38:41 +01:00
43bf9e6c21 web: remove common_styles
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 17:29:51 +01:00
2698d9d23a web: remove COMMON_STYLES from message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 13:23:33 +01:00
6eb0583eeb web: move form element
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 12:11:56 +01:00
49f140e9bc build(deps): bump @docusaurus/preset-classic in /website (#644)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.71 to 2.0.0-alpha.72.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.72/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:25:03 +01:00
9ddc10431a build(deps): bump github.com/recws-org/recws in /outpost (#645)
Bumps [github.com/recws-org/recws](https://github.com/recws-org/recws) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/recws-org/recws/releases)
- [Commits](https://github.com/recws-org/recws/compare/v1.2.1...v1.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:23:08 +01:00
cad1c9eae6 build(deps): bump @fortawesome/fontawesome-free in /web (#642)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.2 to 5.15.3.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.2...5.15.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:22:54 +01:00
a6708594bb build(deps): bump rollup from 2.41.2 to 2.41.4 in /web (#643)
Bumps [rollup](https://github.com/rollup/rollup) from 2.41.2 to 2.41.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.41.2...v2.41.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:22:46 +01:00
14027e2fc6 build(deps): bump @docusaurus/core in /website (#646)
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 2.0.0-alpha.71 to 2.0.0-alpha.72.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.72/packages/docusaurus)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-17 11:21:37 +01:00
cf519f48e7 ci: ensure dist exists before client gen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 00:47:23 +01:00
eb884f7ef7 ci: ensure dist exists before client gen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 00:18:37 +01:00
9902a11621 web: fix path for artefacts
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 22:42:15 +01:00
abbec501f7 web: fix linting errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 22:31:48 +01:00
67629ce0b7 web: load missing flow css files and adopt them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 22:02:58 +01:00
5f024eb1f7 web: use API as dedicated module
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 21:32:39 +01:00
db99225c65 web: add default icon for empty state
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 20:39:07 +01:00
6717f2a68d web: fix missing copy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 20:12:07 +01:00
56a7e1e2f0 web: fix size for spinner on table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 20:08:25 +01:00
e434b0233a docs: add changelog for 2021.3.4
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 19:48:30 +01:00
4b33971155 release: 2021.3.4 2021-03-16 19:17:50 +01:00
9e71287c25 Merge branch 'next' into version-2021.3 2021-03-16 19:12:55 +01:00
9784c6c828 tests/e2e: fix checks for ak-sidebar since ak-interface uses shadowdom now
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 18:38:17 +01:00
732b6a3556 root: fix typo in bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:45:56 +01:00
dc1e17ba0c Merge branch 'master' into version-2021.3 2021-03-16 17:38:39 +01:00
f05d5973af root: fix typo in bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:38:34 +01:00
deb48487f3 root: fix typo in bumpversion
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:38:01 +01:00
78f3abc64f web: use sections in sidebar, adjust colouring
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:34:19 +01:00
e45bc3834a web: use ShadowDom for all elements, embed smaller CSS in skeleton
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:24:02 +01:00
0d9db1b6f2 web: use chunking for vendor and api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 17:00:02 +01:00
ce555aa5e9 root: fix hash for docker build
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 16:45:53 +01:00
07ca82e599 admin: include git build hash in gh-* tags and show build hash in admin overview
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:42:01 +01:00
a9339589bb web: fix outpost health display
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:02:50 +01:00
c8ed650f1c web: fix system task index
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:02:04 +01:00
cd78d8d3fa build(deps-dev): bump @typescript-eslint/parser in /web (#640)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.17.0 to 4.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.18.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 12:09:00 +01:00
7fdc935fb9 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#641)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.17.0 to 4.18.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.18.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 11:50:18 +01:00
c8069325b3 build(deps): bump rollup from 2.41.1 to 2.41.2 in /web (#637)
Bumps [rollup](https://github.com/rollup/rollup) from 2.41.1 to 2.41.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.41.1...v2.41.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 10:17:54 +01:00
9d08e02fe1 build(deps-dev): bump eslint from 7.21.0 to 7.22.0 in /web (#638)
Bumps [eslint](https://github.com/eslint/eslint) from 7.21.0 to 7.22.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.21.0...v7.22.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 10:17:42 +01:00
a11ea598a2 build(deps): bump react and react-dom in /website (#639)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) and [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom). These dependencies needed to be updated together.

Updates `react` from 16.14.0 to 17.0.1
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.1/packages/react)

Updates `react-dom` from 16.14.0 to 17.0.1
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v17.0.1/packages/react-dom)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 10:17:27 +01:00
2713b05e8c Merge branch 'master' into version-2021.3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	docker-compose.yml
#	helm/README.md
#	web/src/authentik.css
#	web/src/flows/FlowExecutor.ts
#	web/src/flows/stages/identification/IdentificationStage.ts
#	website/docs/installation/kubernetes.md
2021-03-13 21:36:17 +01:00
fef5a5ca52 Merge branch 'master' into next 2021-03-13 21:27:51 +01:00
9d339d8b11 policies: fix error when clearing policy cache when no policies are cached
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-13 21:10:13 +01:00
4e86aa3f59 sources/oauth: fix error on user enrollment when no enrollment flow is defined
fixes #636

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-13 21:08:31 +01:00
221e4b665c docs: add beta opt-in docs 2021-03-12 18:04:42 +01:00
e67f235a9f website: add docs for compose configuration options 2021-03-12 16:43:31 +01:00
741ebbacca Merge branch 'master' into next 2021-03-12 12:41:34 +01:00
b63b789f77 web: prevent duplicate messages 2021-03-12 12:41:17 +01:00
a63702ef90 web: add close button to messages 2021-03-12 12:27:57 +01:00
a4a4550753 Merge branch 'master' into next 2021-03-12 10:06:38 +01:00
fd864655f6 build(deps): bump @sentry/tracing from 6.2.1 to 6.2.2 in /web (#633) 2021-03-12 09:02:44 +01:00
c1da09507a build(deps): bump rollup from 2.41.0 to 2.41.1 in /web (#632) 2021-03-12 09:01:53 +01:00
ed2ea220bf build(deps): bump boto3 from 1.17.25 to 1.17.26 (#634) 2021-03-12 09:01:25 +01:00
7738cbe751 build(deps): bump golang from 1.16.1 to 1.16.2 in /outpost (#635) 2021-03-12 09:01:16 +01:00
bf16ea3607 build(deps): bump @sentry/browser from 6.2.1 to 6.2.2 in /web (#631) 2021-03-12 09:00:10 +01:00
d6f44e069c docs: add notice for launch URL for vcenter 7u2 2021-03-11 22:17:16 +01:00
899cf392f4 web: improve compatibility with password managers 2021-03-11 22:04:59 +01:00
d99451b45c outposts: improve logs for outpost connection 2021-03-11 17:50:57 +01:00
5b31f8edf6 Merge branch 'master' into next
# Conflicts:
#	helm/templates/geoip-pvc.yaml
2021-03-11 17:43:28 +01:00
00235e039b helm: add initial geoip 2021-03-11 17:43:03 +01:00
2dfaef4220 helm: add initial geoip 2021-03-11 17:37:38 +01:00
13fceacfe4 root: add geoip config to docker-compose 2021-03-11 16:42:19 +01:00
f8dc32b387 events: don't fail on boot when geoip can't be opened 2021-03-11 16:38:14 +01:00
828f2f8b92 web: use loadingState for autosubmitStage 2021-03-11 15:39:59 +01:00
734399755d web: improve layout of expanded event info 2021-03-11 15:15:17 +01:00
d8f106b976 web: improve styling for application list 2021-03-11 10:56:22 +01:00
9a524dd671 web: show related edit button for bound stages and policies 2021-03-11 10:12:22 +01:00
0775296003 website: bump postcss 2021-03-11 09:57:33 +01:00
390534c14e build(deps): bump boto3 from 1.17.24 to 1.17.25 (#629)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.24 to 1.17.25.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.24...1.17.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-11 09:37:13 +01:00
2a644f64ad build(deps): bump golang from 1.16.0 to 1.16.1 in /outpost (#630)
Bumps golang from 1.16.0 to 1.16.1.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-11 09:36:39 +01:00
e0298141cf web: backport fix: add missing background filter
# Conflicts:
#	authentik/core/templates/login/base_full.html
2021-03-10 23:23:25 +01:00
df7119bb22 web: backport fix: add missing background filter 2021-03-10 23:22:39 +01:00
1d5bba831e root: add comment for error reporting to compose 2021-03-10 23:15:38 +01:00
0b4be70c00 web: fix path for fallback flow view 2021-03-10 23:15:25 +01:00
786737650b build(deps): bump @docusaurus/core in /website (#628)
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 2.0.0-alpha.70 to 2.0.0-alpha.71.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.71/packages/docusaurus)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:19:36 +01:00
54c80a2e1f build(deps-dev): bump rollup-plugin-minify-html-literals in /web (#624)
Bumps [rollup-plugin-minify-html-literals](https://github.com/asyncLiz/rollup-plugin-minify-html-literals) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/asyncLiz/rollup-plugin-minify-html-literals/releases)
- [Changelog](https://github.com/asyncLiz/rollup-plugin-minify-html-literals/blob/master/CHANGELOG.md)
- [Commits](https://github.com/asyncLiz/rollup-plugin-minify-html-literals/compare/v1.2.5...v1.2.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:14:16 +01:00
b376211a0e build(deps): bump boto3 from 1.17.23 to 1.17.24 (#625)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.23 to 1.17.24.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.23...1.17.24)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:13:53 +01:00
1990a3063e build(deps): bump github.com/sirupsen/logrus in /outpost (#627)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.0...v1.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:13:44 +01:00
5abf22ad8a build(deps): bump @docusaurus/preset-classic in /website (#626)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.70 to 2.0.0-alpha.71.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.71/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:13:35 +01:00
b7b87d87fc build(deps): bump @patternfly/patternfly from 4.87.3 to 4.90.5 in /web (#622)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.87.3 to 4.90.5.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.87.3...prerelease-v4.90.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:12:49 +01:00
20184424ab build(deps): bump rollup from 2.40.0 to 2.41.0 in /web (#623)
Bumps [rollup](https://github.com/rollup/rollup) from 2.40.0 to 2.41.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.40.0...v2.41.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-10 09:12:26 +01:00
d5de12b69e release: 2021.3.3 2021-03-09 18:03:53 +01:00
d1a3350085 release: 2021.3.3 2021-03-09 14:24:01 +01:00
e0b84c71a7 docs: add 2021.3.3 2021-03-09 14:23:48 +01:00
3bc1d6a690 web: fix Source icons not being displayed on firefox
# Conflicts:
#	web/src/elements/stages/identification/IdentificationStage.ts
2021-03-09 13:09:50 +01:00
786c74ef2c stages/authenticator_static: fix error when disable static tokens 2021-03-09 13:09:18 +01:00
3e9b5f5449 stages/authenticator_webauthn: add missing migration 2021-03-09 13:09:07 +01:00
5d071488d3 providers/oauth2: allow protected_resource_view when method is OPTIONS
# Conflicts:
#	authentik/providers/oauth2/views/provider.py
2021-03-09 13:08:33 +01:00
90d234a458 web: fix Colours for user settings in dark mode 2021-03-09 13:07:53 +01:00
0032bb6aee web: fix styling for static token list 2021-03-09 13:07:40 +01:00
6e6755d805 web: fix Flow executor not showing spinner when redirecting
# Conflicts:
#	web/src/pages/generic/FlowExecutor.ts
2021-03-09 13:07:32 +01:00
132b990f10 web: fix Source icons not being displayed on firefox 2021-03-09 13:06:17 +01:00
34a3d81eff stages/authenticator_*: add API for authenticator devices 2021-03-09 10:38:07 +01:00
43a4217497 web: add optional checkboxes to table 2021-03-09 10:38:07 +01:00
e0ec5826ca web: add edit button to LibraryView when user is superuser 2021-03-09 10:38:07 +01:00
5413a01360 web: fix drawer not updating after marking notification as seen 2021-03-09 10:38:07 +01:00
d9c3a29404 build(deps-dev): bump @typescript-eslint/parser in /web (#618)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.16.1 to 4.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.17.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 10:37:56 +01:00
bcce91476c build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#619)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.16.1 to 4.17.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.17.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 09:18:03 +01:00
56f0f454d0 build(deps): bump boto3 from 1.17.22 to 1.17.23 (#620)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.22 to 1.17.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.22...1.17.23)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 09:17:53 +01:00
25e63edf77 build(deps): bump defusedxml from 0.7.0 to 0.7.1 (#621) 2021-03-09 09:05:50 +01:00
d150851ff5 root: fix date settings 2021-03-08 15:24:11 +01:00
2e2840c71e helm: add service monitors 2021-03-08 13:02:02 +01:00
ff276fcc58 web: fix layout for search 2021-03-08 12:55:13 +01:00
2852fa3c5e web: use generated API Client (#616)
* api: fix types for config API

* api: remove broken swagger UI

* admin: re-fix system task enum

* events: make event optional

* events: fix Schema for notification transport test

* flows: use APIView for Flow Executor

* core: fix schema for Metrics APIs

* web: rewrite to use generated API client

* web: generate API Client in CI

* admin: use x_cord and y_cord to prevent yaml issues

* events: fix linting errors

* web: don't lint generated code

* core: fix fields not being required in TypeSerializer

* flows: fix missing permission_classes

* web: cleanup

* web: fix rendering of graph on Overview page

* web: cleanup imports

* core: fix missing background image filter

* flows: fix flows not advancing properly

* stages/*: fix warnings during get_challenge

* web: send Flow response as JSON instead of FormData

* web: fix styles for horizontal tabs

* web: add base chart class and custom chart for application view

* root: generate ts client for e2e tests

* web: don't attempt to connect to websocket in selenium tests

* web: fix UserTokenList not being included in the build

* web: fix styling for static token list

* web: fix CSRF Token missing

* stages/authenticator_static: fix error when disable static tokens

* core: fix display issue when updating user info

* web: fix Flow executor not showing spinner when redirecting
2021-03-08 11:14:00 +01:00
1c6d498621 web: fix Flow executor not showing spinner when redirecting
# Conflicts:
#	web/src/pages/generic/FlowExecutor.ts
2021-03-08 10:26:42 +01:00
3f0e4bb654 stages/authenticator_static: fix error when disable static tokens 2021-03-08 10:26:03 +01:00
a59d78a7c7 web: fix styling for static token list 2021-03-08 10:25:56 +01:00
0a24202f1e build(deps): bump boto3 from 1.17.21 to 1.17.22 (#617) 2021-03-08 07:45:40 +01:00
cbc86d674d web: fix Colours for user settings in dark mode 2021-03-06 23:00:29 +01:00
082628771b tests/integration: add more tests for docker outpost 2021-03-05 19:09:13 +01:00
93b50e7d6e tests/e2e: add tests for OIDC implicit flow 2021-03-05 17:18:50 +01:00
c6de4e47d7 providers/oauth2: allow protected_resource_view when method is OPTIONS 2021-03-05 16:57:37 +01:00
0e9e378bdf docs: update manual k8s outpost deployment 2021-03-05 15:30:41 +01:00
de4b3d6290 providers/oauth2: always set CORS headers on provider info view 2021-03-05 14:27:16 +01:00
56f75aecc7 docs: bump version of outpost in docs 2021-03-05 14:14:37 +01:00
0fe009d37c stages/authenticator_webauthn: add missing migration 2021-03-05 14:14:37 +01:00
49db283e71 build(deps): bump boto3 from 1.17.20 to 1.17.21 (#613)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.20 to 1.17.21.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.20...1.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 09:27:03 +01:00
7058366623 build(deps): bump defusedxml from 0.6.0 to 0.7.0 (#614)
Bumps [defusedxml](https://github.com/tiran/defusedxml) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/tiran/defusedxml/releases)
- [Changelog](https://github.com/tiran/defusedxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/tiran/defusedxml/compare/v0.6.0...v0.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 09:26:42 +01:00
ced45513b8 build(deps-dev): bump typescript from 4.2.2 to 4.2.3 in /web (#615)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 09:26:18 +01:00
15e15c9635 docs: add 2021.3.2 2021-03-04 09:40:27 +01:00
d53c82eee2 core: fix link on login template 2021-03-04 09:39:13 +01:00
e1e0b0cf7d release: 2021.3.2 2021-03-04 09:33:25 +01:00
33e013a59f build(deps): bump boto3 from 1.17.19 to 1.17.20 (#611)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.19 to 1.17.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.19...1.17.20)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-04 08:55:05 +01:00
96a74776f8 build(deps): bump sentry-sdk from 0.20.3 to 1.0.0 (#612)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.3 to 1.0.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.3...1.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-04 08:54:57 +01:00
bb63d08682 web: fix submit in Modal reloading page in firefox 2021-03-03 23:01:47 +01:00
32655567da sources/ldap: fix sync for Users without pwdLastSet 2021-03-03 22:54:05 +01:00
ff5f5f65e8 web: fix date display issue 2021-03-03 21:53:30 +01:00
1f97aa09fa docs: fix typos in release notes 2021-03-03 21:15:17 +01:00
32e5ebb8a3 release: 2021.3.1 2021-03-03 20:53:43 +01:00
597e00dd86 root: update bumpversion config 2021-03-03 20:53:38 +01:00
dd31191845 Merge branch 'master' into version-2021.3 2021-03-03 20:48:02 +01:00
e9d95b1311 docs: Add Wiki.js integration docs (#610)
* docs(wikijs): Add Wiki.js integration docs

* docs(wikijs): Add to sidebar.
2021-03-03 20:31:02 +01:00
3319547a0e outposts: improve error handling for kubernetes outpost 2021-03-03 20:27:38 +01:00
1a00730cdd core: cleanup output for backup task 2021-03-03 20:11:55 +01:00
466723573c api: fix types for config API 2021-03-03 20:05:43 +01:00
ea784d47f4 admin: fix mismatched Swagger schema 2021-03-03 17:44:47 +01:00
77d5ba2862 events: fix typo in events API 2021-03-03 16:54:59 +01:00
f4580a1097 api: remove legacy messages API as its WS only 2021-03-03 15:02:20 +01:00
9e3d1f0baa web: fix circular dependency 2021-03-03 11:38:30 +01:00
c002c4b610 api: make pagination required 2021-03-03 10:37:03 +01:00
dde5e910cf root: fix name of docker images 2021-03-03 10:36:46 +01:00
5218332bce web: improve error handing for fetch in AdminLoginChart 2021-03-03 10:06:54 +01:00
28cd08bbba core: make user settings use vertical tabs 2021-03-03 10:05:12 +01:00
3cb0575a1e root: fix swagger pagination not matching API 2021-03-03 09:28:22 +01:00
dc1c1b9569 build(deps): bump boto3 from 1.17.18 to 1.17.19 (#609) 2021-03-03 08:58:24 +01:00
662d117b66 root: replace ghcr with harbor for expiry 2021-03-03 00:07:42 +01:00
b2449757f9 web/stages/authenticator_validate: only show back button when multiple challenges 2021-03-02 22:30:21 +01:00
a0753bfc88 docs: add docs for deny stage 2021-03-02 22:25:28 +01:00
e2a771bdaa docs: update screenshot in captcha stage 2021-03-02 22:25:00 +01:00
23de9df2a5 stages/authenticator_validate: cleanup 2021-03-02 22:20:54 +01:00
5c739ebed2 docs: add authenticator_webauthn stage docs 2021-03-02 22:20:05 +01:00
d3f8d7120f docs: cleanup, add 2021.3 to sidebar 2021-03-02 22:10:54 +01:00
21fd251edf docs: add apache guacamole integration 2021-03-02 22:04:53 +01:00
28cededb90 docs: update integration for harbor 2021-03-02 21:49:04 +01:00
d420719649 release: 2021.3.1-rc2 2021-03-02 21:41:30 +01:00
0018fbacd3 Merge branch 'master' into version-2021.3
# Conflicts:
#	web/src/constants.ts
2021-03-02 21:39:30 +01:00
8c41d2f4cb stages/authenticator_webauthn: add views to update and delete devices 2021-03-02 21:26:31 +01:00
3941590d0c web: fix missing create buttons on user token list 2021-03-02 21:16:14 +01:00
dc4a7c35da core: fix errors on user token views 2021-03-02 21:16:03 +01:00
e8c9b70ae8 sources/ldap: check pwdLastSet when syncing Users 2021-03-02 21:05:02 +01:00
74d240dfd4 admin: use spinner-button for modal forms 2021-03-02 20:37:23 +01:00
7d296b2119 root: align image on readme 2021-03-02 17:00:36 +01:00
373793ce9a policies: show more information when provider fails to resolve application 2021-03-02 16:58:55 +01:00
5c0ec7554b web: fix lists not being paginated 2021-03-02 15:12:26 +01:00
792fa45dca providers/oauth2: add logout URL to Setup URLs API 2021-03-02 15:11:18 +01:00
743aaea15e policies: improve logging 2021-03-02 15:04:31 +01:00
de03ed0aec web: fix background for shell without flow executor 2021-03-02 15:04:14 +01:00
e68ec16a34 web: improve display of notification age 2021-03-02 15:03:58 +01:00
68a0219d0f docs: update debug screenshot 2021-03-02 13:29:09 +01:00
38d9533afd root: update screenshots 2021-03-02 12:15:32 +01:00
7538af5e09 docs: fix download links for compose 2021-03-02 10:07:46 +01:00
2e659c1ab0 release: 2021.3.1-rc1 2021-03-02 09:41:09 +01:00
ad0cc5f0be Merge branch 'master' into version-2021.3 2021-03-02 09:41:00 +01:00
7ae9482e7b web: fix mismatched version 2021-03-02 09:40:43 +01:00
7fb95dfabf stages/password: improve logging 2021-03-02 09:40:32 +01:00
83cc5d24f2 stages/password: improve logging 2021-03-02 09:30:29 +01:00
38b3096c9a build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#603)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.15.2 to 4.16.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.16.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:20:53 +01:00
df8f21e559 build(deps): bump @sentry/tracing from 6.2.0 to 6.2.1 in /web (#604)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.0...6.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:20:45 +01:00
f4979fcf19 build(deps-dev): bump @typescript-eslint/parser in /web (#605)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.15.2 to 4.16.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.16.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:13:01 +01:00
431b7375c1 build(deps): bump @sentry/browser from 6.2.0 to 6.2.1 in /web (#606)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.2.0...6.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:12:45 +01:00
a6627145c8 build(deps): bump boto3 from 1.17.17 to 1.17.18 (#607)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.17 to 1.17.18.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.17...1.17.18)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-02 09:12:28 +01:00
3045cf1aef web: make user password-reset button use action button 2021-03-01 20:41:54 +01:00
c65b2944b3 stages/reputation: add API for user and IP Score 2021-03-01 20:22:37 +01:00
2ae5a81c15 stages/deny: add deny stage 2021-03-01 20:16:54 +01:00
ed8b78600e stages/authenticator_validate: add configuration stage to configure Authenticator 2021-03-01 19:23:59 +01:00
644a03e40e lib: don't order_by on widget because PolicyBindingModel, order in form 2021-03-01 19:23:09 +01:00
88ce93ab04 policies: fix tests creating policies with empty names 2021-03-01 19:22:35 +01:00
8878dc61d3 web: Add Policy create button to BoundPoliciesList 2021-03-01 18:34:36 +01:00
03d38557e5 stages/*: simplify __str__ of classes 2021-03-01 18:30:47 +01:00
37b59bb5b9 lib: sort GroupedModelChoiceField by name
closes #602
2021-03-01 18:30:27 +01:00
19eea68e0f web: use vertical list for related application links 2021-03-01 17:23:00 +01:00
ce7aae16c9 stages/password: fix ?next param for password change 2021-03-01 17:17:44 +01:00
fd9ba97479 core: remove source's ui_additional_info 2021-03-01 16:57:51 +01:00
919debdd13 root: lock twisted to 20.3.0 whilst its causing issues with uvloop 2021-03-01 16:26:05 +01:00
36690de285 root: push PR and branch images to GHCR (#601) 2021-03-01 12:04:56 +01:00
ca4ead8fd8 events: fix event creation with anonymous user 2021-03-01 12:04:27 +01:00
a81f981471 lib: fix being unable to set authentik. options 2021-03-01 11:11:00 +01:00
d6fd2b0afa sources/saml: add Metadata API 2021-03-01 10:50:45 +01:00
0478ae3da8 web: add missing SAML Source display page 2021-03-01 10:49:00 +01:00
9c33f4858f web: fix more height issues and sidebar not correctly activating 2021-03-01 10:32:25 +01:00
f2eaa9052e build(deps-dev): bump coverage from 5.4 to 5.5 (#598)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.4 to 5.5.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.4...coverage-5.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 09:01:08 +01:00
21d0641110 build(deps): bump rollup from 2.39.1 to 2.40.0 in /web (#599)
Bumps [rollup](https://github.com/rollup/rollup) from 2.39.1 to 2.40.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.39.1...v2.40.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 09:00:39 +01:00
67d05f99e9 build(deps-dev): bump eslint from 7.20.0 to 7.21.0 in /web (#600)
Bumps [eslint](https://github.com/eslint/eslint) from 7.20.0 to 7.21.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.20.0...v7.21.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 09:00:31 +01:00
21d6a28715 root: fix branch Name extraction to work on non PRs 2021-02-28 14:24:16 +01:00
1149a8d9a4 flows: fix tests for diagram 2021-02-28 11:01:34 +01:00
5e98172afb website/docs: update next docs 2021-02-28 10:44:00 +01:00
9b3e94c7c8 flows: fix flow diagram showing policy after stage and not before 2021-02-28 10:28:37 +01:00
30a1b65e94 web: fix BoundPoliciesList not showing policy correctly 2021-02-28 10:19:19 +01:00
9bb46ecb88 build(deps): bump boto3 from 1.17.16 to 1.17.17 (#597) 2021-02-28 09:47:31 +01:00
269e6c4f38 Merge pull request #564 from BeryJu/stage-challenge 2021-02-28 01:30:52 +01:00
7f65ae3f92 Merge branch 'master' into stage-challenge
# Conflicts:
#	web/package-lock.json
2021-02-28 00:47:18 +01:00
ee6b365003 tests/e2e: fix SAML source tests 2021-02-28 00:30:33 +01:00
2ad4bd5c0a tests/e2e: fix oauth source tests 2021-02-28 00:27:18 +01:00
0958740b51 providers/saml: fix Autosubmit Challenge 2021-02-28 00:09:08 +01:00
9cdfd8b75a tests/e2e: fix other provider tests 2021-02-28 00:08:57 +01:00
3c8a0081bc tests/e2e: fix more test, add requirements for crypto 2021-02-27 23:33:15 +01:00
088e0e736a tests/e2e: fix more tests, cleanup 2021-02-27 22:57:15 +01:00
cbb0681f95 web/stages/consent: use data- attribute for permission id 2021-02-27 22:54:20 +01:00
55c408a8bf tests/e2e: replace apply_default_data with @apply_migration decorator 2021-02-27 22:32:48 +01:00
07379acf7f tests/e2e: fix enroll tests 2021-02-27 22:09:40 +01:00
a1af93f8be web: disable CaptureConsoleIntegration 2021-02-27 22:09:10 +01:00
b9a9da4ec7 web/stages/prompt: render later so fields aren't cached 2021-02-27 21:05:20 +01:00
05a5b5b675 stages/prompt: fix fields not being sorted correctly 2021-02-27 21:03:57 +01:00
0fb17eee43 web: fix URLs for clear buttons 2021-02-27 21:00:55 +01:00
a1474e09e5 website/docs: fix type for username input 2021-02-27 21:00:42 +01:00
a33c7d7786 web: fix admin url for Prompt 2021-02-27 21:00:33 +01:00
c08d9762d9 web: add button to edit stage on flow BoundStageList 2021-02-27 20:45:59 +01:00
d43e6e5736 web: fix styling on dark mode for band on flow 2021-02-27 20:45:46 +01:00
380786bfde tests/e2e: fix URLs, use self.login() 2021-02-27 19:02:29 +01:00
ffcf064f83 Merge branch 'version-2021.2'
# Conflicts:
#	authentik/policies/group_membership/forms.py
#	web/package.json
#	web/src/constants.ts
#	web/src/elements/buttons/TokenCopyButton.ts
2021-02-27 18:29:30 +01:00
252718bbaf docs: add changelog for 2021.2.6 2021-02-27 18:18:36 +01:00
5725e54334 release: 2021.2.6-stable 2021-02-27 18:16:46 +01:00
c20856ca17 web: fix colourstyles not being included in common_styles
# Conflicts:
#	authentik/events/geo.py
#	web/src/elements/buttons/TokenCopyButton.ts
2021-02-27 18:16:32 +01:00
402afa1e85 Merge branch 'master' into stage-challenge
# Conflicts:
#	web/src/elements/buttons/SpinnerButton.ts
2021-02-27 18:10:08 +01:00
5b4e75000b web: fix colourstyles not being included in common_styles 2021-02-27 17:38:21 +01:00
9c73e9cf4e web: fix colourstyles not being included in common_styles
# Conflicts:
#	authentik/events/geo.py
#	web/src/elements/buttons/TokenCopyButton.ts
2021-02-27 17:36:07 +01:00
b10c3db13d web: add sentry CaptureConsole
# Conflicts:
#	web/package.json
2021-02-27 17:19:43 +01:00
1a052913e9 web: add sentry CaptureConsole 2021-02-27 17:18:42 +01:00
e930a1d0dc root: run ci on version-* branches 2021-02-27 17:07:11 +01:00
fe290aa214 sources/ldap: fix password setter on users which are not LDAP 2021-02-27 17:04:16 +01:00
a2e69bd250 sources/ldap: fix API error when source has not synced yet 2021-02-27 17:04:16 +01:00
d2a35eb8de admin: fix missing success_url for clean views 2021-02-27 17:04:16 +01:00
3437d8b4b0 flows: handle error when app cannot be found during import 2021-02-27 17:04:16 +01:00
b862bf4284 providers/oauth2: fix error when no login event could be found 2021-02-27 17:04:16 +01:00
de22a367b1 events: fix error when event can't be loaded into rule task 2021-02-27 17:04:15 +01:00
17ab895652 flows: fix glob pattern for doc flows 2021-02-27 17:04:06 +01:00
a4d5815e1b policies: sort groups in groupmembership policy and binding
closes #595

# Conflicts:
#	authentik/policies/group_membership/forms.py
2021-02-27 17:02:34 +01:00
4cbfaaa72b sources/ldap: fix password setter on users which are not LDAP 2021-02-27 16:49:59 +01:00
92943f08d9 sources/ldap: fix API error when source has not synced yet 2021-02-27 16:29:36 +01:00
10ef1c7e93 admin: fix missing success_url for clean views 2021-02-27 16:27:42 +01:00
02c762c268 flows: handle error when app cannot be found during import 2021-02-27 16:26:06 +01:00
bbf0ca92af website/flows: fix default value for session_duration 2021-02-27 16:09:58 +01:00
d2dfc6d63b Merge branch 'master' into stage-challenge 2021-02-27 16:04:57 +01:00
a18240fcd7 providers/oauth2: fix error when no login event could be found 2021-02-27 16:02:07 +01:00
d36e5dccf9 docs: add docs for recovery keys 2021-02-27 16:00:05 +01:00
9af1d6f63b events: fix error when event can't be loaded into rule task 2021-02-27 15:22:43 +01:00
ab6d46558b docs: remove dummy stage 2021-02-27 15:20:33 +01:00
e94abfc986 flows: fix glob pattern for doc flows 2021-02-27 13:23:16 +01:00
5c652c1f79 policies: sort groups in groupmembership policy and binding
closes #595
2021-02-27 13:19:38 +01:00
89aa0f0cc8 Merge branch 'master' into stage-challenge 2021-02-27 13:14:38 +01:00
085589bcec docs(exampleFlows): Rename pbflow to akflow (#596)
* docs(exampleFlows): Rename enrollment-2-stage.pbflow

* docs(exampleFlows): Rename enrollment-email-verification.pbflow

* docs(exampleFlows): Rename login-2fa.pbflow

* docs(exampleFlows): Rename login-conditional-captcha.pbflow

* docs(exampleFlows): Rename recovery-email-verification.pbflow

* docs(exampleFlows): Rename unenrollment.pbflow

* docs(exampleFlows): Fix links.
2021-02-27 13:11:41 +01:00
95d0d6f3e8 tests/e2e: add login method 2021-02-26 16:47:01 +01:00
c62ef4ae81 stages/identification: don't pass entire application 2021-02-26 16:44:45 +01:00
3df81ca6f0 root: don't use failfast 2021-02-26 15:39:50 +01:00
578326eccd tests/e2e: don't use reverse for self.shell_url 2021-02-26 15:13:31 +01:00
2335ccddaa root: add fallback URL for websocket 2021-02-26 15:12:58 +01:00
477e30f542 core: fix path for blank avatar when avatars are disabled 2021-02-26 15:07:30 +01:00
7bf3d7e10a Merge branch 'master' into stage-challenge
# Conflicts:
#	Pipfile.lock
2021-02-26 12:02:49 +01:00
1bef659b10 stages/captcha: remove dependency on captcha app 2021-02-26 10:13:58 +01:00
e3f7bd8ab8 build(deps): bump @types/chart.js from 2.9.30 to 2.9.31 in /web (#593)
Bumps [@types/chart.js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chart.js) from 2.9.30 to 2.9.31.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chart.js)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-26 09:25:55 +01:00
45c731de3c build(deps): bump boto3 from 1.17.15 to 1.17.16 (#594)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.15 to 1.17.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.15...1.17.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-26 09:25:44 +01:00
535770abbd tests/e2e: fix authenticator tests 2021-02-25 22:54:39 +01:00
eccea8eba0 web/stages/authenticator_totp: fix enter button triggering copy button 2021-02-25 22:43:42 +01:00
ab200a1dfb web: add hidden input with totp config url 2021-02-25 21:43:00 +01:00
ca122b20c9 web: fix spacing for messages 2021-02-25 21:23:31 +01:00
74b407ebc7 web: add button to copy TOTP URL
closes #591
2021-02-25 21:22:57 +01:00
fbf2fe2404 stages/authenticator_validate: fix webauthn validation 2021-02-25 21:00:32 +01:00
b968adffc1 stages/authenticator_totp: fix error when disabling device 2021-02-25 21:00:18 +01:00
c275992f7b web: re-enable fallback to siteshell for now 2021-02-25 20:55:22 +01:00
4e2c686db1 Merge branch 'master' into stage-challenge
# Conflicts:
#	Pipfile.lock
2021-02-25 20:13:17 +01:00
bfc69562d8 root: remove qr and captcha from backend dependencies 2021-02-25 20:06:20 +01:00
9e6a7bf16b stages/captcha: migrated to SPA 2021-02-25 19:58:38 +01:00
890e0e9054 *: remove unused templates and code, move avatar to User model 2021-02-25 19:58:23 +01:00
cf7e7c44ff stages/password: fix recovery link not being shown in SPA 2021-02-25 15:09:48 +01:00
0f169f176d stages/authenticator_validate: implement validation, add button to go back to device picker 2021-02-25 12:07:32 +01:00
429fc921b1 build(deps): bump codemirror from 5.59.3 to 5.59.4 in /web (#590)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.3 to 5.59.4.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.3...5.59.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-25 09:18:15 +01:00
e7a9a41a2f build(deps): bump boto3 from 1.17.14 to 1.17.15 (#589)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.14 to 1.17.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.14...1.17.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-25 09:18:02 +01:00
d1c24f47b2 build(deps): bump docker from 4.4.3 to 4.4.4 (#588)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.3 to 4.4.4.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.3...4.4.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-25 09:17:45 +01:00
007676b400 stages/authenticator_validate: fix post from code form 2021-02-24 20:39:39 +01:00
c0c235bead helm: fix initialDelaySeconds 2021-02-24 19:39:35 +01:00
a3aacb5285 docs: add 2021.2.5 2021-02-24 10:22:55 +01:00
5977c09b05 Merge branch 'version-2021.2'
# Conflicts:
#	authentik/admin/templates/administration/policy/list.html
#	web/src/pages/outposts/OutpostListPage.ts
2021-02-24 10:20:48 +01:00
e81d3dad3e release: 2021.2.5-stable 2021-02-24 09:54:06 +01:00
5aabaebd96 root: fix request_id not being logged for actual asgi requests 2021-02-24 09:45:52 +01:00
7b60bca297 web: fix SiteShell breaking links when handlers are updated twice 2021-02-24 09:45:08 +01:00
a07d7456c8 web: fix outpost edit/delete buttons 2021-02-24 09:44:55 +01:00
f33369bf0c helm: add initial wait for healthcheck 2021-02-24 09:44:39 +01:00
1abcff39c7 outpost: improve logging output, ensure fields match api server 2021-02-24 09:44:24 +01:00
c1caf84d92 events: fix user QuerySet being passed 2021-02-24 09:44:05 +01:00
86c069fe64 admin: fix policy list not having a refresh button 2021-02-24 09:43:57 +01:00
ce0140ef67 events: pass Event's user to Notification policy engine when present 2021-02-24 09:43:50 +01:00
bba43c5109 sources/oauth: fix buttons not being ak-root-link 2021-02-24 09:23:44 +01:00
d99a415502 web: fix library not being full height, again 2021-02-24 09:23:40 +01:00
9049593ff5 sources/oauth: fix buttons not being ak-root-link 2021-02-24 09:23:19 +01:00
e74c098b7a web: fix library not being full height, again 2021-02-24 09:21:16 +01:00
d06a44378d build(deps): bump boto3 from 1.17.13 to 1.17.14 (#586)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.13 to 1.17.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.13...1.17.14)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-24 09:13:20 +01:00
0a8da376fc build(deps-dev): bump typescript from 4.1.5 to 4.2.2 in /web (#587)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.5 to 4.2.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-24 09:13:07 +01:00
2a0f940a42 Merge branch 'master' into stage-challenge 2021-02-23 23:43:51 +01:00
8aa067795a web: replace default flow background for 2021.3 2021-02-23 23:43:37 +01:00
3cdb81c5ba stages/authenticator_validate: create challenge per device, implement class switcher 2021-02-23 23:43:13 +01:00
e8259791f0 stages/authenticator_webauthn: fix rp_id and origin generation 2021-02-23 23:39:00 +01:00
55af786852 Merge branch 'master' into stage-challenge 2021-02-23 23:17:03 +01:00
8a916602c4 docs: update for 2021.2.4-stable 2021-02-23 23:16:32 +01:00
7101c7987c Merge branch 'version-2021.2' 2021-02-23 23:02:05 +01:00
bd48955f39 release: 2021.2.4-stable 2021-02-23 23:00:43 +01:00
53adcd9157 core: fix user-settings not loading sources 2021-02-23 22:55:08 +01:00
c5a2bb8914 admin: fix success_urls 2021-02-23 22:55:01 +01:00
66e5958283 core: fix user-settings not loading sources 2021-02-23 22:53:17 +01:00
9db445c3ee admin: fix success_urls 2021-02-23 22:53:05 +01:00
574438b51e web: fix /-/user/ not loading 2021-02-23 22:46:11 +01:00
a05885140d Merge branch 'master' into stage-challenge 2021-02-23 18:27:04 +01:00
8878fac4e7 stages/authenticator_validate: send challenge for each device 2021-02-23 18:25:58 +01:00
7ee97a961c build(deps): bump github.com/getsentry/sentry-go in /outpost (#584)
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.9.0...v0.10.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:25:52 +01:00
737ff62e92 build(deps): bump golang from 1.15 to 1.16.0 in /outpost (#582)
Bumps golang from 1.15 to 1.16.0.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:19:31 +01:00
07ada5a1b7 build(deps): bump rollup from 2.39.0 to 2.39.1 in /web (#583)
Bumps [rollup](https://github.com/rollup/rollup) from 2.39.0 to 2.39.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.39.0...v2.39.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:19:24 +01:00
8caeed6b18 build(deps): bump github.com/sirupsen/logrus in /outpost (#585)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.7.0...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 16:19:10 +01:00
b5adff5327 root: fix paths for dependabot 2021-02-23 15:20:10 +01:00
3894895d32 stages/authenticator_validate: start rewrite to SPA 2021-02-23 13:50:47 +01:00
7f53c97fb2 Merge branch 'master' into stage-challenge 2021-02-23 13:18:35 +01:00
44bd4b9511 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#580)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.15.1 to 4.15.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.2/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 10:17:21 +01:00
2a1b5e0154 docs: add hardware requirements to docker-compose 2021-02-23 09:46:07 +01:00
8c0d48fe0a build(deps): bump boto3 from 1.17.12 to 1.17.13 (#579)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.12 to 1.17.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.12...1.17.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 09:25:56 +01:00
0863e60d29 build(deps-dev): bump @typescript-eslint/parser in /web (#581)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.15.1 to 4.15.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.2/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-23 09:25:36 +01:00
451c117ea4 stages/authenticator_webauthn: fix incorrect response being sent 2021-02-22 19:54:05 +01:00
388c8c8bec web: fix autofocus in ak-form-element 2021-02-22 19:26:50 +01:00
5904070bb2 flows: add ensure_csrf_cookie() to flow shell view 2021-02-22 18:42:15 +01:00
35ac87ec10 Merge branch 'master' into stage-challenge 2021-02-22 17:42:12 +01:00
8f8c2a291b root: add discord badge to readme 2021-02-22 17:27:16 +01:00
592a2dcede build(deps): bump codemirror from 5.59.2 to 5.59.3 in /web (#577)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.2 to 5.59.3.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.2...5.59.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:44:18 +01:00
a3221475e5 build(deps): bump boto3 from 1.17.11 to 1.17.12 (#575)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.11 to 1.17.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.11...1.17.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:44:10 +01:00
25f5031422 build(deps): bump django from 3.1.6 to 3.1.7 (#574)
Bumps [django](https://github.com/django/django) from 3.1.6 to 3.1.7.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.6...3.1.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:44:02 +01:00
63b94263af build(deps): bump uvicorn from 0.13.3 to 0.13.4 (#576)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.3 to 0.13.4.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.3...0.13.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-22 08:43:52 +01:00
217595bb01 tests: start fixing selenium tests 2021-02-21 23:39:02 +01:00
2dd8119abe web: fix linting 2021-02-21 23:26:16 +01:00
20e0fe3941 web: move ak-form-element to separate file 2021-02-21 23:09:08 +01:00
0fa97de06e web/stages: fix cancel URL 2021-02-21 22:10:32 +01:00
38da13fea3 web: use ak-spinner everywhere 2021-02-21 22:01:48 +01:00
fb9880bff4 web: add loading animation to flowexecutor 2021-02-21 22:01:35 +01:00
acc790f590 stages/authenticator_webauthn: fix formatting of card 2021-02-21 21:42:40 +01:00
76c572cf7c stages/authenticator_webauthn: migrate to SPA 2021-02-21 20:53:23 +01:00
0904fea109 flows: fix migration for e2e tests 2021-02-21 20:47:23 +01:00
6df89e7abf stages/authenticator_static: migrate to SPA 2021-02-21 19:34:49 +01:00
21afda6dc2 stages/authenticator_totp: migrate to SPA 2021-02-21 19:10:50 +01:00
74c0ed27ba web: fix /-/user/ not loading 2021-02-21 19:03:43 +01:00
dc680a3385 flows: set pending_user in ChallengeStageView 2021-02-21 18:58:08 +01:00
88e5b22d16 flows: add get_pending_user() for WithUserInfoChallenge 2021-02-21 18:35:21 +01:00
27cd10e072 stages/prompt: migrate to SPA 2021-02-21 18:27:34 +01:00
d35f524865 core: remove old templates 2021-02-21 14:59:37 +01:00
ca223fa4df providers/saml: migrate to challenge for submit 2021-02-21 14:36:22 +01:00
14962eb6cc stages/email: migrate to SPA 2021-02-21 13:42:55 +01:00
b9f409d6d9 stages/consent: migrate to SPA 2021-02-21 13:15:45 +01:00
a8681ac88f root: fix typo 2021-02-21 00:22:14 +01:00
c1e6786ea1 stages/password: Migrate to SPA 2021-02-21 00:14:42 +01:00
1c8d101fc3 stages/identification: remove templates 2021-02-20 23:47:18 +01:00
7a9140bdcd core: move UILoginButtonSerializer into core 2021-02-20 23:42:35 +01:00
511f94fc7f *: cleanup code, return errors in challenge_invalid, fixup rendering 2021-02-20 23:34:10 +01:00
548b1ead2f flows: challenge error response in challenge format 2021-02-20 20:28:57 +01:00
33f67140f2 stages/identification: move user validation to serializer 2021-02-20 20:16:20 +01:00
8787dc23d0 web: fix linting errors 2021-02-20 19:59:24 +01:00
e0ae92ccc7 stages/*: update tests for new response 2021-02-20 19:41:48 +01:00
bdb86d7119 *: replace shortcuts.reverse with urls.reverse 2021-02-20 19:13:50 +01:00
a1a3d316e3 stages/identification: implement challenge 2021-02-20 18:28:11 +01:00
672b86ef88 web: fix old Links 2021-02-20 18:27:19 +01:00
a3c9d5873c web: fix URL for flows cached count 2021-02-20 18:27:03 +01:00
0e975757b8 core: remove UILoginButton's icon_path 2021-02-20 18:26:43 +01:00
391ee10cb8 Merge branch 'master' into stage-challenge
# Conflicts:
#	authentik/api/v2/urls.py
2021-02-20 12:51:10 +01:00
4f374c0c01 web: add 404 page, don't auto-redirect to home 2021-02-20 00:28:00 +01:00
dde303f13a admin: remove dead code 2021-02-20 00:27:22 +01:00
264c678eaa web: migrate user token list to web 2021-02-20 00:20:01 +01:00
854d94056e web: migrate remaining list views to web 2021-02-20 00:19:53 +01:00
9d4c22c706 web: show header while loading application info 2021-02-19 23:34:06 +01:00
9b12895fab admin: remove unneeded code 2021-02-19 19:32:46 +01:00
93478a55d7 web: migrate Stage List to web 2021-02-19 19:29:17 +01:00
a76cbf8b70 flows: separate flows api into smaller files 2021-02-19 19:14:16 +01:00
6597d5bd28 web: migrate Token List to web 2021-02-19 19:09:30 +01:00
fd28f37c0d web: migrate User list to web 2021-02-19 18:43:57 +01:00
d219f65e7a web: migrate System Task list to web 2021-02-19 18:12:23 +01:00
865f652476 web: migrate Outpost Service Connection to web 2021-02-19 17:49:34 +01:00
8008918d8b admin: remove PolicyBinding list 2021-02-19 17:37:19 +01:00
75d0bd01c2 admin: remove StageBinding list 2021-02-19 17:19:48 +01:00
029c6cd182 web: migrate Group list to web 2021-02-19 17:18:09 +01:00
71f771c22c core: add types API to propertymapping 2021-02-19 17:10:30 +01:00
0993d5ce4a web: reset retryDelay for WS connection after successful connect 2021-02-19 17:10:16 +01:00
38bd05867d web: migrate Policy list to web 2021-02-19 17:05:02 +01:00
79089d8981 policies: add bound count to api 2021-02-19 16:53:30 +01:00
44e51970e1 web: update for new cached actions 2021-02-19 16:37:50 +01:00
47bde052ca policies: add types action to policy API, use MetaNameSerializer 2021-02-19 16:34:33 +01:00
bd6a473d4f flows: add cached as action to flow API 2021-02-19 16:34:12 +01:00
cd23053007 web: fix height on table pages 2021-02-19 16:22:52 +01:00
6e11fd0f2e web: fix application library not being full height 2021-02-19 16:13:55 +01:00
277b4336d3 stages/authenticator_validate: update autocomplete for code input 2021-02-19 16:00:59 +01:00
1c1f9b6cb8 web: fix SiteShell not being full height 2021-02-19 15:34:21 +01:00
c23df5e1d5 build(deps): bump @sentry/browser from 6.1.0 to 6.2.0 in /web (#571)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.1.0...6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 12:16:50 +01:00
c47cef6fbf build(deps): bump sentry-sdk from 0.20.2 to 0.20.3 (#567)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.2 to 0.20.3.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.2...0.20.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:22:30 +01:00
83b7b3257a build(deps): bump boto3 from 1.17.10 to 1.17.11 (#568)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.10 to 1.17.11.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.10...1.17.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:22:16 +01:00
270be95e68 build(deps): bump structlog from 20.2.0 to 21.1.0 (#569)
Bumps [structlog](https://github.com/hynek/structlog) from 20.2.0 to 21.1.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.2.0...21.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:22:06 +01:00
1c919b8b88 build(deps): bump docker from 4.4.2 to 4.4.3 (#570)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.2 to 4.4.3.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.2...4.4.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:21:49 +01:00
1e51a2cdd7 build(deps): bump rollup-plugin-copy from 3.3.0 to 3.4.0 in /web (#572)
Bumps [rollup-plugin-copy](https://github.com/vladshcherbin/rollup-plugin-copy) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/vladshcherbin/rollup-plugin-copy/releases)
- [Commits](https://github.com/vladshcherbin/rollup-plugin-copy/compare/3.3.0...3.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:21:34 +01:00
7ba44b15a7 build(deps): bump @sentry/tracing from 6.1.0 to 6.2.0 in /web (#573)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.1.0...6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 09:21:26 +01:00
4a94f515b3 root: add next branch 2021-02-18 21:24:34 +01:00
b229b2f40d Merge branch 'master' into stage-challenge
# Conflicts:
#	authentik/stages/authenticator_validate/stage.py
#	authentik/stages/identification/stage.py
2021-02-18 14:04:35 +01:00
e4f0613fab *: replace tuple and set from typing with normal 2021-02-18 13:53:57 +01:00
ecff810021 *: replace List from typing with normal list 2021-02-18 13:45:46 +01:00
fdde97cbbf *: replace Dict from typing with normal dict 2021-02-18 13:41:03 +01:00
c2a5641e6a Merge branch 'master' into stage-challenge 2021-02-18 12:46:28 +01:00
5a47c4850d build(deps): bump @patternfly/patternfly from 4.87.2 to 4.87.3 in /web (#566)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.87.2 to 4.87.3.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.87.2...prerelease-v4.87.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-18 09:12:31 +01:00
70b8a941bb build(deps): bump boto3 from 1.17.9 to 1.17.10 (#565)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.9 to 1.17.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.9...1.17.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-18 09:12:18 +01:00
eb01b42425 flows: mount executor under api, implement initial challenge design 2021-02-17 23:52:49 +01:00
8708e487ae stages: add WebAuthn stage (#550)
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
e020b8bf32 build(deps): bump boto3 from 1.17.8 to 1.17.9 (#562)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.8 to 1.17.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.8...1.17.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-17 09:28:40 +01:00
8e27121e10 build(deps): bump @patternfly/patternfly from 4.80.3 to 4.87.2 in /web (#563)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.80.3 to 4.87.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.80.3...prerelease-v4.87.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-17 09:24:34 +01:00
06870b4f64 web: improve styling on model info 2021-02-16 23:19:01 +01:00
4cfcc48b23 admin: migrate certificate-keypair list to web 2021-02-16 23:16:52 +01:00
60c244c31d core: add User.uid for globally unique user ID 2021-02-16 23:04:48 +01:00
d122bddae2 web: update flow diagram on ak-refresh 2021-02-16 22:54:14 +01:00
69e6221906 web: port flow list 2021-02-16 22:52:54 +01:00
68eefd083e web: fix linting errors 2021-02-16 22:35:55 +01:00
a647917074 providers/saml: use redirect binding first 2021-02-16 21:35:19 +01:00
099197ba8c providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly 2021-02-16 21:30:15 +01:00
baa2ed5ecc web: fix download button for SAML Metadata download 2021-02-16 21:04:03 +01:00
f8ba623fc1 web: add more related links, add policy/user/group support for bindings 2021-02-16 20:52:59 +01:00
6bcdf36ca6 admin: add ?provider for ApplicationCreateView 2021-02-16 20:00:52 +01:00
416d949d80 web: add button to create application on provider page 2021-02-16 20:00:34 +01:00
0b75a0028b providers/saml: fix error when getting metadata of provider with no application 2021-02-16 19:58:04 +01:00
0901d7461e providers/saml: fix redirect error 2021-02-16 19:28:18 +01:00
61772b75ff providers/saml: fix managed mappings not being set on import 2021-02-16 19:20:52 +01:00
0ade57b5a6 docs: replace Autogenerated with managed mappings 2021-02-16 19:18:57 +01:00
61604adf9a root: fix request_id not being logged for actual asgi requests 2021-02-16 19:14:08 +01:00
8bd147b205 web: fix spacing on boudstagelist 2021-02-16 17:03:37 +01:00
724f53e972 build(deps): bump boto3 from 1.17.7 to 1.17.8 (#557)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.7 to 1.17.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.7...1.17.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:07:56 +00:00
c10478ec68 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#560)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.15.0 to 4.15.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:03:57 +00:00
cdf12ee03d build(deps): bump docker from 4.4.1 to 4.4.2 (#558)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.1...4.4.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:18:30 +01:00
964a8dbb82 build(deps): bump sentry-sdk from 0.20.1 to 0.20.2 (#559)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.1...0.20.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:17:21 +01:00
7ad48bfc44 build(deps-dev): bump @typescript-eslint/parser in /web (#561)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.15.0 to 4.15.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-16 09:17:07 +01:00
da90510b98 build(deps): bump rollup from 2.38.5 to 2.39.0 in /web (#553)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.5 to 2.39.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.5...v2.39.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:28:08 +01:00
4bd1598c2c build(deps): bump construct-style-sheets-polyfill in /web (#556)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.9 to 2.4.16.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/master/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/compare/v2.4.9...v2.4.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:27:44 +01:00
6aa8d56d9f build(deps-dev): bump eslint from 7.19.0 to 7.20.0 in /web (#554)
Bumps [eslint](https://github.com/eslint/eslint) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.19.0...v7.20.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:27:31 +01:00
ccf7d794e9 build(deps): bump sentry-sdk from 0.20.0 to 0.20.1 (#552)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.20.0...0.20.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:27:10 +01:00
50ed2fb257 build(deps): bump boto3 from 1.17.6 to 1.17.7 (#551)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.6 to 1.17.7.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.6...1.17.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:26:56 +01:00
5ae030997a providers/saml: fix missing import 2021-02-15 09:25:22 +01:00
52dabcaad9 build(deps-dev): bump @rollup/plugin-typescript in /web (#555)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.1.1 to 8.2.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v8.1.1...typescript-v8.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-15 09:05:01 +01:00
35e8a0c374 admin: fix ?next for Flow list 2021-02-14 18:39:36 +01:00
be292729a5 web: fix SiteShell breaking links when handlers are updated twice 2021-02-13 18:11:29 +01:00
1649c478b6 web: fix outpost edit/delete buttons 2021-02-12 11:56:54 +01:00
42feb54d80 helm: add initial wait for healthcheck 2021-02-12 11:53:49 +01:00
bbd088a957 events: fix geoip case when not configured 2021-02-12 10:43:00 +01:00
5417d0a90c *: bump pyright version 2021-02-12 10:19:38 +01:00
417b5d61a4 root: add initial geoip implementation 2021-02-12 09:52:14 +01:00
f13aad21cb build(deps): bump boto3 from 1.17.5 to 1.17.6 (#549)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.5 to 1.17.6.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.5...1.17.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-12 09:19:37 +01:00
79e8ee46c0 web: also use json logs for static parts 2021-02-12 00:00:11 +01:00
e3eaaeaf17 outpost: improve logging output, ensure fields match api server 2021-02-11 23:52:00 +01:00
e550216f85 events: fix user QuerySet being passed 2021-02-11 23:36:22 +01:00
1afb4a7a76 policies: add ability to directly assign groups in bindings 2021-02-11 20:36:48 +01:00
391eb9d469 admin: fix policy list not having a refresh button 2021-02-11 20:17:45 +01:00
494f094fa1 events: pass Event's user to Notification policy engine when present 2021-02-11 19:56:39 +01:00
aa0f5df218 policies/*: cleanup api and forms, use correct inheritance 2021-02-11 19:50:02 +01:00
6fc740a98b build(deps-dev): bump typescript from 4.1.4 to 4.1.5 in /web (#547)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.1.4...v4.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-11 09:12:09 +01:00
7da90ff7e4 release: 2021.2.3-stable 2021-02-10 20:47:33 +01:00
61b5714652 docs: update release notes 2021-02-10 20:47:06 +01:00
d2df426489 core: fix tokens using wrong lookup 2021-02-10 20:32:54 +01:00
e6c75ed173 web: fix untranslated strings 2021-02-10 20:21:04 +01:00
a353c6956e web: fix missing source create button 2021-02-10 20:13:12 +01:00
a367d8515f core: add source endpoint 2021-02-10 20:12:07 +01:00
2b7a22a29a core: add providers/types endpoint 2021-02-10 20:11:54 +01:00
e6712a50d2 docs: update changelog 2021-02-10 13:45:24 +01:00
c621f62d92 release: 2021.2.2-stable 2021-02-10 13:33:23 +01:00
a0648cd925 build(deps-dev): bump typescript from 4.1.3 to 4.1.4 in /web (#544)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.1.3...v4.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:40:39 +01:00
2650e672bb build(deps): bump boto3 from 1.17.4 to 1.17.5 (#545)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.4 to 1.17.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.4...1.17.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:40:29 +01:00
53b9376789 build(deps): bump pycryptodome from 3.9.9 to 3.10.1 (#546)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.9.9 to 3.10.1.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.9.9...v3.10.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:39:50 +01:00
d15e50025c root: log runtime in milliseconds 2021-02-09 23:33:25 +01:00
0af66a26ab crypto: move certificate and key data to separate api calls to create events 2021-02-09 21:47:00 +01:00
bf754369d9 providers/proxy: fix certificates without key being selectable 2021-02-09 21:11:44 +01:00
02dc112f8f outposts: fix ProxyProvider update not triggering outpost update 2021-02-09 20:59:39 +01:00
2d4e7ebab5 admin: remove unnecessary success_urls 2021-02-09 20:58:46 +01:00
a7d0a50859 events: rename context.token to context.secret 2021-02-09 20:10:43 +01:00
71c9108f89 events: rename token_view to secret_view 2021-02-09 18:20:28 +01:00
f8bcdb26b3 web: PBResponse -> AKResponse 2021-02-09 17:04:55 +01:00
45f1d95bf9 sources/oauth: add callback URL to api 2021-02-09 16:58:19 +01:00
5dab198c47 web: add new sources view 2021-02-09 16:24:27 +01:00
ad91abe9de admin: remove old sources view 2021-02-09 16:17:48 +01:00
fa30755241 web: make ActionButton's method configurable 2021-02-09 16:14:51 +01:00
552f8c6a9a sources/*: switch API to use slug in URL 2021-02-09 16:08:30 +01:00
101f916247 web: add source list page 2021-02-09 10:22:49 +01:00
2acdcf74e1 sources/ldap: add API for sync status 2021-02-09 10:21:59 +01:00
ddb8610032 web: fix modalbutton for non-fetched sites 2021-02-09 10:00:33 +01:00
22ad850e6c web: fix overflow on modalbutton 2021-02-09 09:57:59 +01:00
57925ed60a build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#543)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.14.2 to 4.15.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 09:57:06 +01:00
48cc2f17c1 build(deps-dev): bump @typescript-eslint/parser in /web (#542)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.14.2 to 4.15.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.15.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 09:30:41 +01:00
448108fca0 build(deps): bump boto3 from 1.17.3 to 1.17.4 (#541)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.3 to 1.17.4.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.3...1.17.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 09:30:30 +01:00
c1254f6212 web: update SiteShell to not use innerHTML 2021-02-08 23:16:20 +01:00
c8120c0d3e web: fix ModalButton working in global scope, causing issues on 2nd use 2021-02-08 23:10:45 +01:00
52016e0806 policies: skip cache on debug request 2021-02-08 22:14:23 +01:00
e555bdd42b lib: fix stacktrace for general expressions 2021-02-08 22:14:13 +01:00
1a619c90de Merge branch 'version-2021.2' 2021-02-08 21:51:59 +01:00
18faf30b0c docs: update release notes 2021-02-08 21:51:53 +01:00
b3bd979ecd release: 2021.2.1-stable 2021-02-08 21:34:05 +01:00
db113c5e8f Merge branch 'master' into version-2021.2 2021-02-08 21:33:58 +01:00
78bcb90a1e outposts: ensure Outpost API is backwards compatible 2021-02-08 19:51:46 +01:00
b64ecbde22 web: fix linting 2021-02-08 19:42:49 +01:00
43bab840ec web: fix sidebar being active when stage prompts is selected 2021-02-08 19:08:39 +01:00
f020b79384 admin: remove old code 2021-02-08 19:07:25 +01:00
820f658b49 web: add outpost list page 2021-02-08 19:04:19 +01:00
5d460a2537 admin: remove outposts list 2021-02-08 19:02:39 +01:00
efc46f52e6 outposts: move health to API 2021-02-08 19:01:10 +01:00
9fac51f8c7 outpost: downgrade recws for now
see https://github.com/recws-org/recws/issues/29
2021-02-08 17:56:58 +01:00
fe4b2d1a34 providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event 2021-02-08 11:51:38 +01:00
f8abe3e210 providers/oauth2: add unofficial groups attribute to default profile claim 2021-02-08 11:50:26 +01:00
3ced67b151 sources/*: simplify source api 2021-02-08 10:25:59 +01:00
cd5631ec76 admin: fix link in source list 2021-02-08 10:25:59 +01:00
95df7c7f30 build(deps): bump construct-style-sheets-polyfill in /web (#540)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.6 to 2.4.9.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/master/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/compare/v2.4.6...v2.4.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-08 09:22:59 +01:00
1e934aa5d5 release: 2021.2.1-rc2 2021-02-07 19:04:43 +01:00
d93927755a Merge branch 'master' into version-2021.2 2021-02-07 19:04:37 +01:00
ddb3b71dce outpost: cap reconnect backoff at 60 seconds, reset backoff on successful connection 2021-02-07 18:30:05 +01:00
bf9826873e web: fix outpost item in sidebar being active on service connection views 2021-02-07 18:21:13 +01:00
6869b3c16a admin: add button to generate certificate-key pair 2021-02-07 16:15:55 +01:00
9b71b8da5f docs: update rancher docs and add to affected for update 2021-02-07 15:03:26 +01:00
bfc8e9200f providers/saml: split views into separate files 2021-02-07 13:39:33 +01:00
c4311abc9f web: fix link to provider list on overview page 2021-02-06 22:46:09 +01:00
ec42869e00 policies: add debug flag to PolicyRequest to prevent alerts from testing policies 2021-02-06 21:45:38 +01:00
45963c2ffc admin: improve layout for policy testing 2021-02-06 21:43:14 +01:00
1aa27b5e80 website: update ini dependency 2021-02-06 21:25:03 +01:00
1737feec91 build(deps): bump @docusaurus/core in /website (#537)
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 2.0.0-alpha.66 to 2.0.0-alpha.70.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.70/packages/docusaurus)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:23:04 +01:00
a0e0fb930a build(deps): bump @mdx-js/react from 1.6.21 to 1.6.22 in /website (#538)
Bumps [@mdx-js/react](https://github.com/mdx-js/mdx) from 1.6.21 to 1.6.22.
- [Release notes](https://github.com/mdx-js/mdx/releases)
- [Changelog](https://github.com/mdx-js/mdx/blob/main/changelog.md)
- [Commits](https://github.com/mdx-js/mdx/compare/v1.6.21...v1.6.22)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2021-02-06 21:22:43 +01:00
4a32c3ca11 build(deps): bump @docusaurus/preset-classic in /website (#535)
Bumps [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) from 2.0.0-alpha.66 to 2.0.0-alpha.70.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/master/CHANGELOG-2.x.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v2.0.0-alpha.70/packages/docusaurus-preset-classic)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:19:46 +01:00
d307539fd0 build(deps): bump rollup from 2.38.4 to 2.38.5 in /web (#534)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.4 to 2.38.5.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.4...v2.38.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:19:33 +01:00
c060a3eec2 build(deps-dev): bump prettier from 2.1.2 to 2.2.1 in /website (#536)
Bumps [prettier](https://github.com/prettier/prettier) from 2.1.2 to 2.2.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.1.2...2.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-06 21:19:20 +01:00
4612ae1ff4 Merge pull request #539 from BeryJu/dependabot/pip/boto3-1.17.3
build(deps): bump boto3 from 1.17.2 to 1.17.3
2021-02-06 21:19:06 +01:00
7af883d80c root: add dedicated live and readiness views 2021-02-06 21:07:05 +01:00
4a5374d03f admin: remove provider list view 2021-02-06 20:54:50 +01:00
3b536f6e55 admin: fix property-mapping views redirecting to invalid URL 2021-02-06 20:54:12 +01:00
6aa13a8666 providers/saml: force-set friendly_name to empty string for managed mappings 2021-02-06 20:52:52 +01:00
24e4924dec docs: fix minor formatting errors 2021-02-06 20:52:29 +01:00
a252f303c0 docs: add docs to dependabot 2021-02-06 20:51:43 +01:00
33cdbd7776 release: 2021.2.1-rc1 2021-02-06 20:10:50 +01:00
18bc54214d web: increase height of multi-select 2021-02-06 19:19:57 +01:00
db7e9f9b95 sources/ldap: set default group property mapping 2021-02-06 19:17:39 +01:00
a885247d36 docs: update release notes for 2021.2 2021-02-06 19:09:42 +01:00
91282c7bd8 web: add page for Proxy Provider 2021-02-06 18:57:25 +01:00
830b8bcd5b web: add page for OAuth2 Provider 2021-02-06 18:39:15 +01:00
0f5e6d0d8c api: add dark theme for API Browser 2021-02-06 18:09:24 +01:00
6aa6615608 web: add view page for SAML Provider 2021-02-06 18:07:13 +01:00
91d6a3c8c7 providers/*: simplify provider API 2021-02-06 17:31:29 +01:00
a6ac82c492 *: rewrite managed objects, use nullable text flag instead of boolean as uid (#533) 2021-02-06 15:56:21 +00:00
05d777c373 Merge pull request #528 from BeryJu/ldap-groupOfNames
sources/ldap: support group to user memberships
2021-02-06 16:07:36 +01:00
32cf960053 sources/ldap: add property_mappings_group to make group mapping more customisable 2021-02-06 15:27:07 +01:00
83bf639926 sources/ldap: use both entryDN and dn (for active-directory) 2021-02-05 15:17:57 +01:00
2717742bd2 sources/ldap: don't remove users from group which were not synced from AD 2021-02-05 15:17:20 +01:00
ef70e93bbd Merge branch 'master' into ldap-groupOfNames 2021-02-05 14:52:39 +01:00
478d3430eb sources/ldap: use openldap tests for entire sync 2021-02-05 14:29:22 +01:00
9c1ade59e9 sources/ldap: add more flatten to user sync, start adding tests for OpenLDAP 2021-02-05 13:36:27 +01:00
fadf746234 managed: allow for matching on multiple interfaces 2021-02-05 13:18:44 +01:00
397dfc29f1 sources/ldap: change default object filters to use objectClass= instead of objectCategory 2021-02-05 11:43:39 +01:00
b0e3b8b39d sources/ldap: use entryDN attribute from ldap3 as opposed to implicit DN attribute 2021-02-05 11:43:13 +01:00
df9ae796d4 build(deps): bump boto3 from 1.17.1 to 1.17.2 (#529)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.1 to 1.17.2.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.1...1.17.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 11:00:31 +01:00
dfdad5388f build(deps): bump @sentry/tracing from 6.0.4 to 6.1.0 in /web (#531)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.4 to 6.1.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.4...6.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 11:00:19 +01:00
c38ea69bdd build(deps-dev): bump autopep8 from 1.5.4 to 1.5.5 (#530)
Bumps [autopep8](https://github.com/hhatto/autopep8) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/hhatto/autopep8/releases)
- [Commits](https://github.com/hhatto/autopep8/compare/v1.5.4...v1.5.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 09:52:46 +01:00
dca6f43858 build(deps): bump @sentry/browser from 6.0.4 to 6.1.0 in /web (#532)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.4 to 6.1.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.4...6.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-05 09:52:33 +01:00
51cbb7cc8e ci: fix warning when setting branchName in PR 2021-02-05 00:38:08 +01:00
1f8130e685 events: improve information sent in notification emails 2021-02-04 21:44:59 +01:00
580d59e921 web: add EventInfoPage 2021-02-04 21:28:01 +01:00
e639d8ab56 sources/ldap: add case when group does not have uniqueness attribute 2021-02-04 21:18:49 +01:00
9f478bb46a web: fix type warnings 2021-02-04 21:10:13 +01:00
7a16f97908 web: add ak-expand for event list to show full context 2021-02-04 20:59:18 +01:00
dd8c1eeb52 web: add ak-expand 2021-02-04 20:56:40 +01:00
005b4d8dda sources/ldap: fix linting issues 2021-02-04 20:36:05 +01:00
de2d8b2d85 providers/oauth2: pass application to configuration error event 2021-02-04 20:35:37 +01:00
7d107991a2 sources/ldap: fix count for membership, fix wrong attribute being searched 2021-02-04 20:22:28 +01:00
14dc420747 sources/ldap: rewrite group membership syncing 2021-02-04 20:06:42 +01:00
89dc4db30b sources/ldap: load operational attributes (#526) 2021-02-04 12:37:55 +01:00
cc3fccb27e sources/ldap: use dn attribute for distinguishedName, ignore users with no distinguishedName
closes #527
2021-02-04 12:10:57 +01:00
add20de8de providers/*: fix api linting issues 2021-02-04 10:27:55 +01:00
7e2a471903 web: fix linting issues 2021-02-04 10:22:14 +01:00
9ca9e67ffa web: fix pagination not working correctly sometimes, fix pagination not showing when changing pages 2021-02-04 10:09:19 +01:00
178417fe67 web: start implementing provider list 2021-02-04 10:09:19 +01:00
53f002a123 events: allow searching by event id 2021-02-04 10:09:19 +01:00
c7c387eb38 providers/*: add assigned application name and slug 2021-02-04 10:09:19 +01:00
1b3760a4b7 events: don't log successful system tasks 2021-02-04 10:09:18 +01:00
704a502089 build(deps): bump @types/codemirror from 0.0.107 to 0.0.108 in /web (#523)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.107 to 0.0.108.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-04 09:36:52 +01:00
3b12ef80eb build(deps): bump boto3 from 1.17.0 to 1.17.1 (#522)
Bumps [boto3](https://github.com/boto/boto3) from 1.17.0 to 1.17.1.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.17.0...1.17.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-04 09:36:38 +01:00
1101810fea admin: show more details for policy testing 2021-02-03 22:09:46 +01:00
1ab5289e2e admin: add test view for property mappings 2021-02-03 21:58:56 +01:00
ac24fc9ce3 web: add javascript mode to codemirror 2021-02-03 21:58:30 +01:00
4b24b185f2 admin: fix context not being passed correctly to policy test view 2021-02-03 21:40:03 +01:00
ea0ba5ae30 stages/password: use form.add_error 2021-02-03 21:39:03 +01:00
44686de74e docs: prepare 2021.2 releases 2021-02-03 21:29:13 +01:00
b74c08620a admin: add link to changelog to update events 2021-02-03 21:19:51 +01:00
e25d03d8f4 Managed objects (#519)
* managed: add base manager and Ops

* core: use ManagedModel for Token and PropertyMapping

* providers/saml: implement managed objects for SAML Provider

* sources/ldap: migrate to managed

* providers/oauth2: migrate to managed

* providers/proxy: migrate to managed

* *: load .managed in apps

* managed: add reconcile task, run on startup

* providers/oauth2: fix import path for managed

* providers/saml: don't set FriendlyName when mapping is none

* *: use ObjectManager in tests to ensure objects exist

* ci: use vmImage ubuntu-latest

* providers/saml: add new mapping for username and user id

* tests: remove docker proxy

* tests/e2e: use updated attribute names

* docs: update SAML docs

* tests/e2e: fix remaining saml cases

* outposts: make tokens as managed

* *: make PropertyMapping SerializerModel

* web: add page for property-mappings

* web: add codemirror to common_styles because codemirror

* docs: fix member-of in nextcloud

* docs: nextcloud add admin

* web: fix refresh reloading data two times

* web: add loading lock to table to prevent double loads

* web: add ability to use null in QueryArgs (value will be skipped)

* web: add hide option to property mappings

* web: fix linting
2021-02-03 21:18:31 +01:00
f8f26d2a23 build(deps): bump rollup from 2.38.3 to 2.38.4 in /web (#520)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.3 to 2.38.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.3...v2.38.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-03 09:32:12 +01:00
1f2e177e3e build(deps): bump boto3 from 1.16.63 to 1.17.0 (#521)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.63 to 1.17.0.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.63...1.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-03 09:32:01 +01:00
cfed41439e events: add send_once flag to send webhooks only once 2021-02-02 19:34:55 +01:00
3ac148d01c events: only title for slack webhook 2021-02-02 19:18:51 +01:00
3e696d6ac8 flows: use global logger for stored plans 2021-02-02 17:29:03 +01:00
0114bc0d6a flows: fix lint errors 2021-02-02 17:02:02 +01:00
c60934f9b1 flows: fix benchmark using wrong context 2021-02-02 16:27:21 +01:00
09bdcfaab0 flows: optimise logging 2021-02-02 16:27:03 +01:00
624206281e policies: optimise logging 2021-02-02 16:12:41 +01:00
4d7e64c48c web: adjust trace sample rate 2021-02-02 15:50:29 +01:00
3d112e7688 root: use filtering_bound_logger for speed improvements 2021-02-02 15:43:44 +01:00
3c4ff65a01 stages/consent: fix wrong widget for expire 2021-02-02 15:01:33 +01:00
d7f54ce5d5 build(deps): bump @sentry/tracing from 6.0.3 to 6.0.4 in /web (#515)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.3...6.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 11:23:47 +01:00
bc55c97fa2 build(deps): bump @sentry/browser from 6.0.3 to 6.0.4 in /web (#516)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.3...6.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 11:21:41 +01:00
d9a907e39e build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#518)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.14.1 to 4.14.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.2/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 11:21:28 +01:00
8616647045 build(deps): bump rollup from 2.38.2 to 2.38.3 in /web (#517)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.2 to 2.38.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.2...v2.38.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 10:03:18 +01:00
4d861e2830 build(deps-dev): bump @typescript-eslint/parser in /web (#514)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.14.1 to 4.14.2.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.2/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 10:03:03 +01:00
881730f52e build(deps): bump django from 3.1.5 to 3.1.6 (#513)
Bumps [django](https://github.com/django/django) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.5...3.1.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 10:02:49 +01:00
e78577d470 build(deps): bump @sentry/tracing from 6.0.2 to 6.0.3 in /web (#511)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.2...6.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 10:15:59 +01:00
d502f4d77d build(deps): bump boto3 from 1.16.62 to 1.16.63 (#507)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.62 to 1.16.63.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.62...1.16.63)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:43 +01:00
3c5f7deba9 build(deps): bump packaging from 20.8 to 20.9 (#506)
Bumps [packaging](https://github.com/pypa/packaging) from 20.8 to 20.9.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.8...20.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:30 +01:00
b61334c482 build(deps-dev): bump eslint from 7.18.0 to 7.19.0 in /web (#508)
Bumps [eslint](https://github.com/eslint/eslint) from 7.18.0 to 7.19.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.18.0...v7.19.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:20 +01:00
eb762632d0 build(deps-dev): bump @rollup/plugin-typescript in /web (#509)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.1.0 to 8.1.1.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v8.1.0...typescript-v8.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:12:10 +01:00
6a882249aa build(deps): bump rollup from 2.38.1 to 2.38.2 in /web (#510)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.1 to 2.38.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.1...v2.38.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:11:58 +01:00
94f6bbd431 build(deps): bump @sentry/browser from 6.0.2 to 6.0.3 in /web (#512)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.2...6.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-01 09:11:42 +01:00
3926ee9eb6 core: clear application cache upon application creation 2021-01-30 18:12:14 +01:00
7fbf915e0a policies: fix application cached not being cleared correctly 2021-01-30 18:12:01 +01:00
5af9e8c05d core: improve application caching 2021-01-30 18:03:44 +01:00
7c0c453d9f web: fix new provider dropdown being cut off 2021-01-30 12:38:33 +01:00
d8ae56ed19 providers/saml: fix imported provider not saving properties correctly 2021-01-30 12:33:27 +01:00
a9a65ceca6 Merge branch 'version-2021.1' 2021-01-29 10:45:55 +01:00
c11fd884b8 docs: separate 2021.1 fixes by patch release 2021-01-29 10:45:50 +01:00
3e3f29973b release: 2021.1.4-stable 2021-01-29 10:29:06 +01:00
af7e1fd0c5 build(deps): bump rollup from 2.38.0 to 2.38.1 in /web (#505)
Bumps [rollup](https://github.com/rollup/rollup) from 2.38.0 to 2.38.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.38.0...v2.38.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 09:31:59 +01:00
2556a106a0 build(deps): bump boto3 from 1.16.61 to 1.16.62 (#504)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.61 to 1.16.62.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.61...1.16.62)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 09:31:37 +01:00
2f3a086f29 docs: update veeam docs for group mapping 2021-01-28 23:34:51 +01:00
239af7048a providers/saml: import SAML Provider with all autogenerated mappings 2021-01-28 23:32:36 +01:00
188ef0f58f core: only cache Applications API when no filtering is done 2021-01-28 23:16:51 +01:00
5ef4354723 providers/saml: make NameID configurable using a Property Mapping 2021-01-28 22:50:13 +01:00
66a8b52c7c providers/saml: update default OIDs for default property mappings 2021-01-28 22:44:44 +01:00
c1563f4cff lib: fix ak_is_group_member checking wrong groups 2021-01-28 22:30:59 +01:00
ac7b0ac965 web: fix site-shell being cut off when not full height 2021-01-28 22:17:20 +01:00
da37b42bcf admin: fix providers not showing SAML Import on empty state 2021-01-28 22:16:50 +01:00
f4bb22138c providers/saml: add support for WindowsDomainQualifiedName, add docs for NameID 2021-01-28 22:00:40 +01:00
605213821c docs: add SAML docs for veeam enterprise manager 2021-01-28 21:20:28 +01:00
2b34ac7545 build(deps): bump @types/codemirror from 0.0.106 to 0.0.107 in /web (#503)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.106 to 0.0.107.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 10:04:36 +01:00
542a4b9bdf build(deps): bump @patternfly/patternfly from 4.70.2 to 4.80.3 in /web (#502)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.70.2 to 4.80.3.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.70.2...prerelease-v4.80.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 10:04:15 +01:00
b0a791711e build(deps): bump boto3 from 1.16.60 to 1.16.61 (#501)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.60 to 1.16.61.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.60...1.16.61)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 10:03:08 +01:00
c0199933c8 events: fix email template for notifications 2021-01-27 13:22:43 +01:00
5c3f410016 release: 2021.1.3-stable 2021-01-27 10:50:48 +01:00
02e4a71e25 Merge branch 'master' into version-2021.1 2021-01-27 10:50:41 +01:00
bfe8bb5e61 lifecycle: fix typo causing single process in docker-compose 2021-01-27 10:13:23 +01:00
b1591618ae admin: handle FlowNonApplicableException during flow plan 2021-01-27 09:57:26 +01:00
55bcc254c1 flows: fix FlowNonApplicableException not being Sentry Ignored 2021-01-27 09:57:18 +01:00
2798a3edc9 build(deps): bump boto3 from 1.16.59 to 1.16.60 (#498)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.59 to 1.16.60.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.59...1.16.60)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-27 09:05:00 +01:00
e2aaa26ce7 build(deps): bump urllib3 from 1.26.2 to 1.26.3 (#499)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.2 to 1.26.3.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.3/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.2...1.26.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-27 09:04:42 +01:00
81e4d2d1d7 build(deps-dev): bump coverage from 5.3.1 to 5.4 (#500)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.3.1 to 5.4.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.3.1...coverage-5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-27 09:04:18 +01:00
f663b66c19 docs: fix nextcloud docs using wrong fields 2021-01-26 22:10:00 +01:00
9a7b343120 build(deps-dev): bump @typescript-eslint/parser in /web (#495)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.14.0 to 4.14.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:07:53 +01:00
02c1a7f7d0 build(deps): bump @sentry/browser from 6.0.1 to 6.0.2 in /web (#496)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.1...6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:07:27 +01:00
b2f65a7ed2 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#497)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.14.0 to 4.14.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:05:40 +01:00
8071692739 build(deps): bump @sentry/tracing from 6.0.1 to 6.0.2 in /web (#494)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.1...6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:05:17 +01:00
8d11934caa build(deps-dev): bump pytest from 6.2.1 to 6.2.2 (#493)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.1...6.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 10:04:42 +01:00
6076ae2f9e ci: fix building for dependabot 2021-01-25 21:11:29 +01:00
78b4b61882 build(deps): bump boto3 from 1.16.58 to 1.16.59 (#489) 2021-01-25 13:59:42 +01:00
91df37a4a0 build(deps): bump ldap3 from 2.8.1 to 2.9 (#490) 2021-01-25 13:58:20 +01:00
2566af231b build(deps): bump @types/chart.js from 2.9.29 to 2.9.30 in /web (#491) 2021-01-25 13:57:23 +01:00
80f7b5656d build(deps): bump rollup from 2.37.1 to 2.38.0 in /web (#492) 2021-01-25 13:56:58 +01:00
23cb8f44a6 build(deps): bump @sentry/tracing from 6.0.0 to 6.0.1 in /web (#487)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.0...6.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-22 09:47:24 +01:00
c3a0aa594a build(deps): bump boto3 from 1.16.57 to 1.16.58 (#486)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.57 to 1.16.58.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.57...1.16.58)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-22 09:45:52 +01:00
6b7977ad86 build(deps): bump @sentry/browser from 6.0.0 to 6.0.1 in /web (#488)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/6.0.0...6.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-22 09:45:37 +01:00
d7dfd6e7df build(deps): bump pyyaml from 5.4 to 5.4.1 (#484)
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.4 to 5.4.1.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.4...5.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 09:53:20 +01:00
fc5842be67 build(deps): bump rollup from 2.37.0 to 2.37.1 in /web (#485)
Bumps [rollup](https://github.com/rollup/rollup) from 2.37.0 to 2.37.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.37.0...v2.37.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 09:53:08 +01:00
b03677a077 build(deps): bump codemirror from 5.59.1 to 5.59.2 in /web (#483)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.1 to 5.59.2.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.1...5.59.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-21 09:52:54 +01:00
d136890415 build(deps): bump @sentry/browser from 5.30.0 to 6.0.0 in /web (#478)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.30.0 to 6.0.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.30.0...6.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:54:50 +01:00
3ea76f1d86 build(deps): bump rollup from 2.36.2 to 2.37.0 in /web (#479)
Bumps [rollup](https://github.com/rollup/rollup) from 2.36.2 to 2.37.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.36.2...v2.37.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:39:19 +01:00
1ab9683ec6 build(deps): bump @sentry/tracing from 5.30.0 to 6.0.0 in /web (#480)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.30.0 to 6.0.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.30.0...6.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:39:00 +01:00
1e16c9b1e8 build(deps): bump boto3 from 1.16.56 to 1.16.57 (#482)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.56 to 1.16.57.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.56...1.16.57)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:38:40 +01:00
b242ba03a0 build(deps): bump pyyaml from 5.3.1 to 5.4 (#481)
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 09:38:21 +01:00
49294b4a43 build(deps-dev): bump @typescript-eslint/parser in /web (#477)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.13.0 to 4.14.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-19 09:34:07 +01:00
80e5c25c01 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#476)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.13.0 to 4.14.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.14.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-19 09:22:15 +01:00
ed267a4a1a docs: fix release name 2021-01-18 11:23:09 +01:00
7d844d1821 release: 2021.1.2-stable 2021-01-18 11:15:11 +01:00
6f1fb9ca43 release: 2021.1.2-stable 2021-01-18 11:14:55 +01:00
09f56f1f01 Merge branch 'master' into version-2021.1 2021-01-18 11:14:45 +01:00
3d3a0cd9e3 events: create event when system task fails 2021-01-18 10:09:14 +01:00
32667f37d1 build(deps): bump boto3 from 1.16.55 to 1.16.56 (#473)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.55 to 1.16.56.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.55...1.16.56)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-18 07:46:37 +01:00
9532c4df9d build(deps-dev): bump eslint from 7.17.0 to 7.18.0 in /web (#474)
Bumps [eslint](https://github.com/eslint/eslint) from 7.17.0 to 7.18.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.17.0...v7.18.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-18 07:46:26 +01:00
fd90979832 build(deps): bump rollup from 2.36.1 to 2.36.2 in /web (#475)
Bumps [rollup](https://github.com/rollup/rollup) from 2.36.1 to 2.36.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.36.1...v2.36.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-18 07:46:14 +01:00
2e20d5dfbf stages/email: fix email task not falling back to use_global_settings 2021-01-17 23:32:55 +01:00
33f06f0799 policies: fix logic error for sync mode 2021-01-17 23:32:55 +01:00
920736fc77 helm: fix s3 secret key and email password not being base64 encoded 2021-01-17 23:32:55 +01:00
ee8e42728e helm: fix old reference to static secret_key 2021-01-17 23:32:55 +01:00
204792b750 stages/email: fix email task not falling back to use_global_settings 2021-01-17 23:31:58 +01:00
8ffa3e5885 policies: fix logic error for sync mode 2021-01-17 23:31:34 +01:00
175d3b3377 helm: fix s3 secret key and email password not being base64 encoded 2021-01-17 23:02:14 +01:00
d5f35798dc helm: fix old reference to static secret_key 2021-01-17 23:01:58 +01:00
1a0aa7e944 Merge branch 'version-2021.1'
# Conflicts:
#	.bumpversion.cfg
#	.github/workflows/release.yml
#	authentik/__init__.py
#	docker-compose.yml
#	helm/Chart.yaml
#	helm/README.md
#	helm/values.yaml
#	outpost/pkg/version.go
#	web/src/constants.ts
#	website/docs/installation/docker-compose.md
#	website/docs/installation/kubernetes.md
2021-01-17 22:37:13 +01:00
677a181b9c release: 2021.1.1-stable 2021-01-17 22:36:16 +01:00
4b551add1a stages/password: catch importerror during authentic() 2021-01-17 20:23:22 +01:00
90220e911f stages/password: catch importerror during authentic() 2021-01-17 20:18:45 +01:00
217cca822d web: fix sidebar overlaying background 2021-01-17 20:09:53 +01:00
e6f897c7e6 policies: detect when running in a daemon process and run policies sync 2021-01-17 20:09:53 +01:00
65c9d4bf4c policies: use custom context for fork instead of changing global context 2021-01-17 20:09:53 +01:00
6e88e52d78 outposts: add message to outpost_service_connection_monitor task 2021-01-17 20:09:53 +01:00
4e884e80ab web: fix sidebar overlaying background 2021-01-17 20:09:37 +01:00
d19bfebce3 policies: detect when running in a daemon process and run policies sync 2021-01-17 19:59:58 +01:00
b86d4a455d policies: use custom context for fork instead of changing global context 2021-01-17 19:59:19 +01:00
222cece3e1 outposts: add message to outpost_service_connection_monitor task 2021-01-17 19:22:01 +01:00
6e69edf1af core: increase application cache duration
# Conflicts:
#	authentik/core/api/applications.py
2021-01-17 19:17:47 +01:00
55aab5660b core: increase application cache duration 2021-01-17 19:17:13 +01:00
08e7ef3c1e core: increase application cache duration 2021-01-17 19:04:54 +01:00
d728163eea helm: fix typos 2021-01-17 18:56:51 +01:00
cbf246694c helm: fix typos 2021-01-17 18:56:24 +01:00
9d0a01012d root: use stable version on master
This reverts commit 94182f88a4.
2021-01-17 17:41:49 +01:00
cf76652a4c release: 2021.1.1-rc2 2021-01-17 17:40:43 +01:00
c525ecc334 ci: fix paths for github release 2021-01-17 17:40:20 +01:00
49d40d4337 admin: fix linting 2021-01-17 17:35:00 +01:00
94182f88a4 release: 2021.1.1-rc1 2021-01-17 17:25:47 +01:00
1c25f4f09b core: use tabs for user settings 2021-01-17 17:25:15 +01:00
6495d6c50a web: fix tabs detecting all slot elements 2021-01-16 23:04:08 +01:00
b81f3e4a38 docs: prepare next release 2021-01-16 22:38:46 +01:00
aad3b43ac3 core: cache applications API 2021-01-16 22:38:09 +01:00
60f52f102a outposts: optimise signals to not always trigger 2021-01-16 22:14:37 +01:00
f3ccb5341d outpost: improve logging 2021-01-16 22:13:57 +01:00
cb73210447 events: don't log permission creation 2021-01-16 22:03:06 +01:00
81efc9a673 outposts: update pipeline 2021-01-16 21:49:30 +01:00
72c6c0da9b outposts: update go module domain 2021-01-16 21:45:24 +01:00
8fef839965 outpost: separate ak-api and proxy further for future outposts 2021-01-16 21:41:39 +01:00
87b830ff9a outpost: rename proxy to outpost 2021-01-16 19:20:27 +01:00
8acb9dde5f web: add notification 'mark as seen' button 2021-01-16 19:09:03 +01:00
36e8b1004c web: add update method 2021-01-16 19:08:20 +01:00
f959212692 events: make notifications filterable 2021-01-16 19:08:07 +01:00
2d2a404028 providers/oauth2: improve error handling and event creation 2021-01-16 18:27:10 +01:00
394ad6ade5 web: wrap notifications desc 2021-01-16 18:22:25 +01:00
4baf9e4a22 web: fix unread count, use white-space pre 2021-01-16 18:04:09 +01:00
d020599e09 web: format json output for EventInfo 2021-01-16 17:02:31 +01:00
4f28a89e63 policies: improve recording of error messages during policy process 2021-01-16 16:38:57 +01:00
f8b4b92e8d policies: pass direct exception from expression policies 2021-01-16 15:41:59 +01:00
33f208657c helm: bump memory hard limit 2021-01-16 14:15:50 +01:00
c1fbfc63ab core: use version in qs for static files to ensure latest are loaded 2021-01-16 14:15:42 +01:00
192dbe05c4 events: triggers -> rules 2021-01-16 14:15:23 +01:00
0b41cb84f0 web: update styling of notification drawer to match rest 2021-01-15 12:16:35 +01:00
d637bd0bf9 events: improve infinite loop detection 2021-01-15 11:27:18 +01:00
a2bddc6d91 policies: fix engine tests checking wrong key 2021-01-15 11:27:07 +01:00
2e42da11ea policies/event_matcher: simplify validity checking 2021-01-15 11:26:55 +01:00
f297d1256d events: fix linting 2021-01-15 11:19:56 +01:00
5e1e5afb24 build(deps): bump boto3 from 1.16.54 to 1.16.55 (#472) 2021-01-15 09:26:35 +01:00
da59e7c4a7 events: fix infinite loop in unittests 2021-01-15 00:32:59 +01:00
8684d106d5 events: fix default transport for successive migrations 2021-01-14 23:50:18 +01:00
2579e168c3 web: start implementing notifications 2021-01-14 22:14:35 +01:00
7f5caf901d expressions: set exception as message field 2021-01-14 21:58:10 +01:00
1c686e19b5 policies: set message instead of error for Event 2021-01-14 20:17:21 +01:00
3cc92f6c97 events: ensure created field is timestamp 2021-01-14 20:16:54 +01:00
8f5b33a3a2 web: show more context on policy_exception 2021-01-14 18:13:52 +01:00
4447345345 policies: fix display of stacktrace in events 2021-01-14 18:07:41 +01:00
42c6401ba7 events: add event context to slack webhook 2021-01-14 17:40:19 +01:00
eef111bcfd events: disable policy cache for trigger 2021-01-14 17:39:59 +01:00
6192b2787f events: notifications: send entire event in API 2021-01-14 17:22:02 +01:00
c7d28f8ca9 events: attach default transport to default triggers 2021-01-14 17:22:02 +01:00
1342266368 events: include full group in event notification 2021-01-14 17:22:02 +01:00
7ff679b1a3 policies: fix error when error occurs during policy process with no target 2021-01-14 17:22:02 +01:00
8beddcddb0 events: set severity for default triggers 2021-01-14 17:22:02 +01:00
9fe8554f28 events: make notification read/update only 2021-01-14 17:22:02 +01:00
812fe72e60 build(deps): bump @sentry/tracing from 5.29.2 to 5.30.0 in /web (#470)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.29.2 to 5.30.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.2...5.30.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 10:00:29 +01:00
d0e4533cdd build(deps): bump boto3 from 1.16.53 to 1.16.54 (#468)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.53 to 1.16.54.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.53...1.16.54)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 09:22:22 +01:00
b1b5d94ddc build(deps): bump @fortawesome/fontawesome-free in /web (#471)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.1 to 5.15.2.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.1...5.15.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 09:22:04 +01:00
59722e0bbe build(deps): bump @sentry/browser from 5.29.2 to 5.30.0 in /web (#469)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.29.2 to 5.30.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.2...5.30.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-14 09:21:46 +01:00
9c5bb3998c docs: fix minor grammar issues 2021-01-13 10:28:02 +01:00
c180c4b1a2 build(deps): bump boto3 from 1.16.52 to 1.16.53 (#467)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.52 to 1.16.53.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.52...1.16.53)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-13 09:29:14 +01:00
308896719d docs: add docs for events and notifications 2021-01-13 00:26:33 +01:00
95c1473dd2 events: assign default triggers to default admin group, create default transport 2021-01-12 23:28:17 +01:00
b14c5039ed events: set default admin group to receive default triggers 2021-01-12 23:06:42 +01:00
b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
29e08e7477 stages/otp_*: fix app's verbose_name 2021-01-12 22:59:46 +01:00
36bc1dc020 events: record source when user is using source to authenticate 2021-01-12 22:48:55 +01:00
61d1407804 sources/*: Set PLAN_CONTEXT_SOURCE when logging in with a source 2021-01-12 22:37:33 +01:00
47ddf0d7f2 web: add UI for notification triggers 2021-01-12 22:26:57 +01:00
cb36a3c8c7 web: add event transports UI 2021-01-12 22:12:16 +01:00
cac94792fa admin: add event transport forms 2021-01-12 22:03:33 +01:00
6f56c37d2f web: make action button better handle errors and show messages 2021-01-12 21:52:21 +01:00
8369fa16ae events: add mode_verbose to transport, return string on send error 2021-01-12 21:51:55 +01:00
f30bdbecd6 events: catch errors during send and re-raise as custom type 2021-01-12 21:48:16 +01:00
c727c845df policies: add and/or mode (#463)
* policies: add mode to PolicyEngine for AND and OR modes

* events: use PolicyEngine in OR mode
2021-01-12 18:22:25 +01:00
b2b737e59e build(deps-dev): bump @typescript-eslint/parser in /web (#465)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.12.0 to 4.13.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.13.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-12 10:16:47 +01:00
e2b930afe3 build(deps): bump boto3 from 1.16.51 to 1.16.52 (#464)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.51 to 1.16.52.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.51...1.16.52)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-12 09:45:24 +01:00
36c0b924bc build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#466)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.12.0 to 4.13.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.13.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-12 09:45:14 +01:00
1ccf6dcf6f events: Notifications (#418)
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
f8a426f0e8 ci: fix docker tag name for dependabot PRs 2021-01-11 16:18:44 +01:00
f8756d0fc9 build(deps): bump @types/codemirror from 0.0.105 to 0.0.106 in /web (#462)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.105 to 0.0.106.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-11 08:23:19 +01:00
fd6d99f4f9 build(deps): bump @types/codemirror from 0.0.104 to 0.0.105 in /web (#461)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.104 to 0.0.105.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-08 09:52:17 +01:00
04379f2c90 build(deps): bump boto3 from 1.16.50 to 1.16.51 (#460)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.50 to 1.16.51.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.50...1.16.51)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-08 09:52:02 +01:00
ba1195cf70 build(deps): bump boto3 from 1.16.49 to 1.16.50 (#458)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.49 to 1.16.50.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.49...1.16.50)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-07 10:09:08 +01:00
b0bd9212c7 build(deps): bump rollup from 2.36.0 to 2.36.1 in /web (#459)
Bumps [rollup](https://github.com/rollup/rollup) from 2.36.0 to 2.36.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.36.0...v2.36.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-07 10:08:48 +01:00
209179e012 build(deps): bump rollup from 2.35.1 to 2.36.0 in /web (#456)
Bumps [rollup](https://github.com/rollup/rollup) from 2.35.1 to 2.36.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.35.1...v2.36.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:01:26 +01:00
df16f635fa build(deps): bump boto3 from 1.16.48 to 1.16.49 (#457)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.48 to 1.16.49.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.48...1.16.49)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:01:03 +01:00
14ccf47a2b build(deps): bump tslib from 2.0.3 to 2.1.0 in /web (#455)
Bumps [tslib](https://github.com/Microsoft/tslib) from 2.0.3 to 2.1.0.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.0.3...2.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:00:40 +01:00
2aac024477 build(deps): bump @types/codemirror from 0.0.103 to 0.0.104 in /web (#454)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.103 to 0.0.104.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-06 14:00:25 +01:00
4743e72e18 policies: ensure binding has a target during unittests 2021-01-05 12:37:52 +01:00
cab2942c4e web: fix [object Object] being shown for policy_execution
closes #449
2021-01-05 11:52:25 +01:00
9fb5ce2a1a policies: add binding to policy_execution context 2021-01-05 11:51:05 +01:00
0eab4489c5 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#453)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.11.1 to 4.12.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.12.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 10:41:48 +01:00
3aae030b23 build(deps): bump boto3 from 1.16.47 to 1.16.48 (#450)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.47 to 1.16.48.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.47...1.16.48)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 10:41:35 +01:00
e7060cb90a build(deps-dev): bump @typescript-eslint/parser in /web (#452)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.11.1 to 4.12.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.12.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 09:47:01 +01:00
6c0b9e3525 build(deps): bump django from 3.1.4 to 3.1.5 (#451)
Bumps [django](https://github.com/django/django) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.4...3.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 09:46:46 +01:00
82bb179bc2 root: global email settings (#448)
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
774eb0388b build(deps-dev): bump eslint from 7.16.0 to 7.17.0 in /web (#447)
Bumps [eslint](https://github.com/eslint/eslint) from 7.16.0 to 7.17.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.16.0...v7.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-04 08:56:28 +01:00
6ed78830a0 providers/proxy: check ingress annotations we manage 2021-01-02 01:48:39 +01:00
6fe323f1a7 outposts: by default only check labels 2021-01-02 01:08:05 +01:00
85c2db018e outposts: ensure field_manager is also used for updates 2021-01-02 00:52:42 +01:00
bc9e7e8b93 build(deps): bump structlog from 20.1.0 to 20.2.0 (#445)
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-01-01 15:39:43 +01:00
08c58ce3fb build(deps): bump boto3 from 1.16.46 to 1.16.47 (#444)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.46 to 1.16.47.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.46...1.16.47)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-01 13:51:17 +01:00
c3bc986473 build(deps): bump codemirror from 5.59.0 to 5.59.1 in /web (#446)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.59.0 to 5.59.1.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.59.0...5.59.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-01 13:51:00 +01:00
2e69efe699 providers/saml: sign metadata when signing is enabled 2020-12-31 15:02:21 +01:00
4daa373dcf web: match on path begin in sidebar 2020-12-31 14:19:36 +01:00
a85b8a65c0 release: 0.14.2-stable 2020-12-31 12:00:31 +01:00
d8dc1f8bb5 web: fix linting 2020-12-31 11:34:30 +01:00
0f4d5bc3b0 web: fix colour for selected sortable table header 2020-12-31 11:31:49 +01:00
6eed549577 web: add EventInfo case for policy_execution 2020-12-31 11:21:52 +01:00
be54ba4fe2 policies: catch error in process to not hang requests 2020-12-31 11:16:17 +01:00
68b9c34f78 policies: fix obj not being set 2020-12-31 11:16:01 +01:00
3584bdf530 events: fix error when creating an even from policyrequests 2020-12-31 11:15:42 +01:00
e712719333 admin: fix reverse urls for application forms 2020-12-31 10:13:06 +01:00
9a21c2f6bd build(deps): bump boto3 from 1.16.45 to 1.16.46 (#443)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.45 to 1.16.46.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.45...1.16.46)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-31 08:55:06 +01:00
0632d8ff37 web: fix loading overlay for site-shell 2020-12-30 23:12:55 +01:00
6bfaf71c12 web: fix link on application list 2020-12-30 22:50:27 +01:00
b6c8c319e5 web: default to open sidebar 2020-12-30 22:45:00 +01:00
4fde1b7365 providers/saml: allow audience to be empty 2020-12-30 22:15:28 +01:00
412f5b9210 providers/saml: fix signing and verification kp not being set correctly 2020-12-30 22:11:24 +01:00
a9e53cd52a providers/saml: fix string being passed to lxml 2020-12-30 22:03:01 +01:00
d0ee7908ab providers/saml: force user to select authz flow for import 2020-12-30 22:02:41 +01:00
e69834dec4 providers/saml: show error message why import failed 2020-12-30 22:02:28 +01:00
1b9d22615c build(deps): bump construct-style-sheets-polyfill in /web (#442)
Bumps [construct-style-sheets-polyfill](https://github.com/calebdwilliams/adoptedStyleSheets) from 2.4.3 to 2.4.6.
- [Release notes](https://github.com/calebdwilliams/adoptedStyleSheets/releases)
- [Changelog](https://github.com/calebdwilliams/construct-style-sheets/blob/master/CHANGELOG.md)
- [Commits](https://github.com/calebdwilliams/adoptedStyleSheets/compare/v2.4.3...v2.4.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 09:23:02 +01:00
e995536a15 build(deps): bump boto3 from 1.16.44 to 1.16.45 (#440)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.44 to 1.16.45.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.44...1.16.45)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 09:22:52 +01:00
e6818faab1 build(deps): bump uvicorn from 0.13.2 to 0.13.3 (#441)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.2 to 0.13.3.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.2...0.13.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 09:22:42 +01:00
010e834149 root: update security.md 2020-12-29 21:34:34 +01:00
16d5e1d9ff release: 0.14.1-stable 2020-12-29 21:25:49 +01:00
765ae80698 providers/oauth2: fix error when creating RefreshToken 2020-12-29 21:22:49 +01:00
bbd0ff24d8 docs: add grafana integration docs 2020-12-29 20:43:27 +01:00
7a403613b2 Suggested changes (#434)
L112 - L115 is a suggestion I'm unsure of, but wanted to somehow improve it. Feel free to discard, but I still recommend signup>sign-up on L114 of origin.

On L124, the resulting webpage shows "Active- Directory" (note the space after the hyphen). Not sure how to fix this though.
2020-12-29 20:17:35 +01:00
4ad184a3fb build(deps-dev): bump @typescript-eslint/parser in /web (#439)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 14:53:40 +01:00
48d5f28e7a build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#438)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.11.0 to 4.11.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 14:43:30 +01:00
0cb48121b2 build(deps): bump boto3 from 1.16.43 to 1.16.44 (#436)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.43 to 1.16.44.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.43...1.16.44)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 13:41:19 +01:00
4194ffe2d4 build(deps): bump channels from 3.0.2 to 3.0.3 (#437)
Bumps [channels](https://github.com/django/channels) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/3.0.2...3.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 13:34:10 +01:00
4636fe7e64 Add migrate command to 0.14 docs. (#435) 2020-12-28 21:51:22 +01:00
182d714b16 docs: fix typo 2020-12-28 18:15:32 +01:00
540c22ce15 release: 0.14.0-stable 2020-12-28 17:49:45 +01:00
8c3008abce release: 0.14.0-rc2 2020-12-28 17:49:39 +01:00
8a22c86aaa release: 0.14.0-rc1 2020-12-28 17:49:35 +01:00
22ce142cb8 outposts: include protocol in outpost deployment ports 2020-12-28 17:21:02 +01:00
1a292feebb outposts: always check metadata on reconcile 2020-12-28 17:11:37 +01:00
09f4d812b3 outposts: set field_manager 2020-12-28 17:11:33 +01:00
2bab4ebfe8 core: fix library url pattern not matching SPA 2020-12-28 15:06:25 +01:00
a8647caca9 build(deps): bump @types/codemirror from 0.0.102 to 0.0.103 in /web (#433)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.102 to 0.0.103.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-28 14:32:57 +01:00
590597caf6 events: replace list view with SPA Page 2020-12-28 14:32:34 +01:00
7b43777b22 web: reset expanded rows on fetch 2020-12-28 14:04:07 +01:00
77861b52e3 web: fix search loading old results when using enter 2020-12-28 13:56:33 +01:00
5f9c1e229c root: return API dates as timestamp 2020-12-28 13:07:49 +01:00
119adb3e7b web: fix old default URL 2020-12-28 13:07:35 +01:00
5db38bd0b7 web: lazy-render expanded table 2020-12-28 13:07:20 +01:00
0e1587bc1a providers/oauth2: don't write authorization code to event log 2020-12-28 01:07:18 +01:00
dc16a8a4c9 providers/proxy: set proxy-size for nginx for larger response 2020-12-28 00:45:58 +01:00
a6d0c8c26c providers/saml: Metadata Import (#432)
* providers/saml: add basic metadata parser

* providers/saml: add importer for Singing certificate, validate signature, add tests

* providers/saml: add provider name to form,

* web: don't use trailing slash for spa URLs

* providers/saml: formatting fixes

* sources/*: add verbose_name to source serializers

* admin: add button launch import modal
2020-12-27 22:38:04 +01:00
5797a3743a docs: prepare 0.14 release 2020-12-27 22:16:31 +01:00
b7e43efb34 docs: use version-0.13 branch for 0.13 instructions 2020-12-27 22:11:53 +01:00
48df12d045 proxy: update to latest stable oauth2_proxy version 2020-12-27 20:14:08 +01:00
4fea0f5939 web: fix error when applications have no provider assigned 2020-12-27 19:40:50 +01:00
a7bdd63e4d web: make siteshell's loading be relative to parent 2020-12-27 19:36:30 +01:00
e216efb6ec providers/oauth2: create access tokens as JWT 2020-12-27 19:36:17 +01:00
378fe38b12 providers/oauth2: ensure response is URL fragment only when implicit or hybrid 2020-12-27 19:07:42 +01:00
ce9fb8801c providers/oauth2: ensure nonce is validated on all OIDC flows 2020-12-27 18:13:41 +01:00
67ca83c228 providers/oauth2: add c_hash field 2020-12-27 18:13:13 +01:00
ee2e737782 providers/oauth2: remove response_type field as spec doesn't require validation 2020-12-27 18:12:47 +01:00
b04c9a2098 providers/oauth2: check redirect_uri before request object 2020-12-27 17:15:36 +01:00
7f7b7e37c1 docs: rename upgrading to release notes 2020-12-27 15:35:58 +01:00
e7c96eb70d providers/oauth2: Make AuthorizeError's state parameter requireed 2020-12-27 15:33:29 +01:00
e8debce9c8 providers/oauth2: fix infinite loops when prompt=login 2020-12-27 15:23:26 +01:00
bcd0686a33 providers/oauth2: redirect back correctly with state on AuthorizationError 2020-12-27 15:22:53 +01:00
55322995a1 providers/oauth2: make iss field configurable 2020-12-27 15:02:12 +01:00
dff5eb69c8 providers/oauth2: fix token endpoint creating invalid token when no scopes are passed 2020-12-27 14:48:44 +01:00
b747022bc1 providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token 2020-12-27 14:33:51 +01:00
885fcff495 providers/oauth2: add grant_types_supported to discovery endpoint 2020-12-27 14:17:40 +01:00
5b18e28753 providers/oauth2: fix include_claims_in_id_token not being shown in form/API 2020-12-27 14:05:10 +01:00
9848c5f3eb providers/oauth2: implement discovery's scopes_supported better 2020-12-27 13:36:14 +01:00
fc98c3934a providers/*: implement configuration_error 2020-12-27 13:15:31 +01:00
7964061466 events: add configuration_error action 2020-12-27 13:11:38 +01:00
5f90f54195 stages/invitation: ensure created_by is set when creating from API 2020-12-27 13:11:28 +01:00
49eb568d3c stages/invitation: remove invitation_created signal as model_created functions the same 2020-12-27 13:00:52 +01:00
d47d9103c7 tests: fix e2e tests for redirect_uri errors 2020-12-27 13:00:05 +01:00
12cbe464fc web: fix table styling on mobile 2020-12-27 12:50:12 +01:00
d17b2b0d1b providers/oauth2: add request_parameter_supported 2020-12-27 12:18:23 +01:00
f17d809219 providers/oauth2: add scopes_supported to discovery endpoint 2020-12-26 21:18:16 +01:00
6c8e9fb553 providers/oauth2: add ACR support 2020-12-26 20:16:50 +01:00
43bb29e16a providers/oauth2: implement max_age param 2020-12-26 20:05:31 +01:00
29edbb0357 providers/oauth2: use auth_time from LOGIN event 2020-12-26 19:05:02 +01:00
12ae867759 providers/oauth2: redirect back on prompt=none error instead of showing message 2020-12-26 18:58:18 +01:00
a20ca9136b providers/oauth2: use in for prompt check 2020-12-26 18:53:47 +01:00
3759e96e7d providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in 2020-12-26 18:45:23 +01:00
480d882a82 policies: add pre_permission_check to PolicyAccessView for request validity checks 2020-12-26 18:43:45 +01:00
e5e1e3737d providers/oauth2: fix query using user model not dict 2020-12-26 18:20:34 +01:00
8dddcf891e providers/oauth2: fix "auth_time" being based on user.last_login 2020-12-26 18:11:29 +01:00
319104c39b providers/oauth2: improve error handling, ensure correct message is shown to user 2020-12-26 17:50:16 +01:00
a9336f069c flows: add diagrams (#415)
* flows: initial diagram implementation

* web: install flowchart.js, add flow diagram page

* web: adjust diagram colours for dark mode

* flows: add permission checks for diagram

* flows: fix formatting

* web: fix formatting for web

* flows: add fix when last stage has policy

* flows: add test for diagram

* web: flows/diagram: add support for light mode

* flows: make Flows's Diagram API return json, add more tests and fix swagger response
2020-12-26 17:05:11 +01:00
33f5169f36 core: fix formatting 2020-12-26 15:28:29 +01:00
4c690a20ef core: fix token update/delete not working 2020-12-26 01:23:34 +01:00
f68c8f7d90 core: fix User's token creation not working 2020-12-26 01:23:18 +01:00
95b56a0005 release: 0.13.5-stable 2020-12-26 00:52:42 +01:00
811c569b54 core: show multi-select notice for SelectMultiple Widgets 2020-12-26 00:43:40 +01:00
3ac3a8eebe core: fix error during migrations 2020-12-25 23:51:40 +01:00
6a5a243dac stages/invitation: fix optional field being required 2020-12-25 23:41:34 +01:00
3549a9ecdd docs: add notice about password stage to AD integration 2020-12-25 23:38:19 +01:00
ee916a68a4 stages/password: fix PasswordStageForm not showing backends 2020-12-25 23:34:26 +01:00
e9ca42cbb9 docs: point to ad integration in sources overview 2020-12-25 23:11:02 +01:00
692d577217 docs: remove arrow reference in ad integration 2020-12-25 23:10:53 +01:00
f192ee5052 core: fix anonymous user being included in User API 2020-12-25 22:42:53 +01:00
c95f8e8418 api: fix formatting 2020-12-24 16:26:01 +01:00
9549a7188b ci: fix branchName in PRs 2020-12-24 16:18:06 +01:00
4998ccbe41 root: update license 2020-12-24 16:01:55 +01:00
a56ddb2b8e release: 0.13.4-stable 2020-12-24 15:46:08 +01:00
3cc6b8ee38 root: use coloured icon for readme 2020-12-24 14:32:20 +01:00
927ab509a1 outposts: validate kubeconfig before saving 2020-12-24 13:23:19 +01:00
c85506f43c outposts: allow blank kubeconfig 2020-12-24 13:23:14 +01:00
4157a0780d core: make application's provider not required 2020-12-24 13:23:10 +01:00
79da2bf698 web: Table parity (#427)
* core: fix application API always being sorted by name

* web: add sorting to tables

* web: add search to TablePage

* core: add search to applications API

* core: add MetaNameSerializer

* *: fix signature for non-modal serializers

* providers/*: implement MetaNameSerializer

* web: implement full app list page, use as default in sidebar

* web: fix linting errors

* admin: remove old application list

* web: fix default sorting for application list

* web: fix spacing for search element in toolbar
2020-12-24 09:56:05 +01:00
c3e9168b46 build(deps): bump django-storages from 1.11 to 1.11.1 (#431)
Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.11 to 1.11.1.
- [Release notes](https://github.com/jschneier/django-storages/releases)
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jschneier/django-storages/compare/1.11...1.11.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-24 09:52:32 +01:00
d16838bbed build(deps): bump boto3 from 1.16.42 to 1.16.43 (#430)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.42 to 1.16.43.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.42...1.16.43)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-24 09:52:06 +01:00
6032efb67d root: use logo and screenshots from actual domain 2020-12-23 17:33:18 +01:00
322c6f01c2 build(deps): bump boto3 from 1.16.41 to 1.16.42 (#428)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.41 to 1.16.42.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.41...1.16.42)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-23 09:52:31 +01:00
71a58955f2 build(deps): bump docker from 4.4.0 to 4.4.1 (#429)
Bumps [docker](https://github.com/docker/docker-py) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.4.0...4.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-23 09:52:07 +01:00
f035da440a web: fix sidebar being overlayed over modal backdrop 2020-12-22 20:30:46 +01:00
001de38d85 docs: add nextcloud docs 2020-12-22 20:09:15 +01:00
3ea39fe122 build(deps-dev): bump @typescript-eslint/parser in /web (#424)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-22 10:25:37 +01:00
7bfa217cae build(deps): bump boto3 from 1.16.40 to 1.16.41 (#426)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.40 to 1.16.41.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.40...1.16.41)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-22 09:34:02 +01:00
fdb9b45c51 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#425)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.11.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-22 09:33:44 +01:00
116375084c build(deps): bump boto3 from 1.16.39 to 1.16.40 (#419)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.39 to 1.16.40.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.39...1.16.40)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:53 +01:00
1fca1df9dc build(deps): bump uvicorn from 0.13.1 to 0.13.2 (#420)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.1...0.13.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:32 +01:00
4464ecc060 build(deps-dev): bump coverage from 5.3 to 5.3.1 (#421)
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.3 to 5.3.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.3...coverage-5.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:16 +01:00
1af4373d97 build(deps): bump codemirror from 5.58.3 to 5.59.0 in /web (#422)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.3 to 5.59.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.3...5.59.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:08:01 +01:00
28bbf5ac7f build(deps-dev): bump eslint from 7.15.0 to 7.16.0 in /web (#423)
Bumps [eslint](https://github.com/eslint/eslint) from 7.15.0 to 7.16.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.15.0...v7.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-21 09:07:47 +01:00
23f61e6b4f admin: fix policy test button in dark theme 2020-12-20 22:29:20 +01:00
db135a6dbc policies/expression: fix missing ak_logger 2020-12-20 22:18:13 +01:00
a4dc6d13b5 events: rename audit to events and use for more metrics (#397)
* events: rename audit to events

* policies/expression: log expression exceptions as event

* policies/expression: add ExpressionPolicy Model to event when possible

* lib/expressions: ensure syntax errors are logged too

* lib: fix lint error

* policies: add execution_logging field

* core: add property mapping tests

* policies/expression: add full test

* policies/expression: fix attribute name

* policies: add execution_logging

* web: fix imports

* root: update swagger

* policies: use dataclass instead of dict for types

* events: add support for dataclass as event param

* events: add special keys which are never cleaned

* policies: add tests for process, don't clean full cache

* admin: create event when new version is seen

* events: move utils to separate file

* admin: add tests for admin tasks

* events: add .set_user method to ensure users have correct attributes set

* core: add test for property_mapping errors with user and request
2020-12-20 22:04:29 +01:00
4d88dcff08 web: expand sidebar by default on desktop, auto collapse 2020-12-20 19:26:30 +01:00
6a835ad192 policies: add simple test-case 2020-12-19 23:41:24 +01:00
efc849e760 policies/engine: Add sanity test to ensure result count matches policy count 2020-12-19 23:40:55 +01:00
e62333dfb3 web: use displyname in sidebar for user 2020-12-19 17:44:02 +01:00
e23afd18e4 release: 0.13.3-stable 2020-12-19 16:55:07 +01:00
c2a30b760a web: allow Sidebar to be opened on mobile (#417)
* web: initial sidebar trigger on mobile

* web: render hamburger button as overlay top right
2020-12-19 16:54:25 +01:00
6e24856d45 flows: fix redirect when un-authenticated user uses external authentication (#416)
* flows: add PLAN_CONTEXT_REDIRECT so final redirect can be set from within flow

* sources/*: use PLAN_CONTEXT_REDIRECT

* flows: fallback when flow plan is empty
2020-12-19 16:42:39 +01:00
98a58b74e3 core: ensure generic error template fills screen 2020-12-19 14:28:20 +01:00
5f3ab22bea providers/oauth2: fix incorrect background set on end session screen 2020-12-19 14:24:28 +01:00
1ed5d5da35 build(deps): bump @sentry/browser from 5.29.1 to 5.29.2 in /web (#413)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.29.1 to 5.29.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.1...5.29.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 09:58:34 +01:00
76193e0031 build(deps): bump boto3 from 1.16.38 to 1.16.39 (#412)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.38 to 1.16.39.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.38...1.16.39)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 09:44:54 +01:00
50109ca7ad build(deps): bump @sentry/tracing from 5.29.1 to 5.29.2 in /web (#414)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.29.1 to 5.29.2.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.1...5.29.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-18 09:44:33 +01:00
e4b66d991c release: 0.13.2-stable 2020-12-17 20:20:47 +01:00
68adc2d5a5 admin: fix warning during swagger generation 2020-12-17 19:49:35 +01:00
349a3a67d5 flows: use to_stage_response in _flow_done() 2020-12-17 19:34:15 +01:00
e1394207e7 flows: fix inconsistent behaviour when flow is empty 2020-12-17 19:22:24 +01:00
f265c1f10b admin: fix cache clean views erroring 2020-12-17 19:03:32 +01:00
1aecdc7f8f web: fix css for policy tertiary buttons and text on flow card 2020-12-17 14:31:45 +01:00
a18edaf62b build(deps): bump @sentry/tracing from 5.29.0 to 5.29.1 in /web (#411)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.29.0 to 5.29.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.0...5.29.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 11:41:19 +01:00
c91abe448c build(deps): bump celery from 5.0.4 to 5.0.5 (#407)
Bumps [celery](https://github.com/celery/celery) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.4...v5.0.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:46:11 +01:00
e531e52403 build(deps): bump django-storages from 1.10.1 to 1.11 (#408)
Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.10.1 to 1.11.
- [Release notes](https://github.com/jschneier/django-storages/releases)
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jschneier/django-storages/compare/1.10.1...1.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:45:58 +01:00
cae536fa65 build(deps): bump boto3 from 1.16.37 to 1.16.38 (#409)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.37 to 1.16.38.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.37...1.16.38)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:45:45 +01:00
316b15b8a9 build(deps): bump @sentry/browser from 5.29.0 to 5.29.1 in /web (#410)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.29.0 to 5.29.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.29.0...5.29.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-17 09:45:29 +01:00
e6ccd4fa76 web: fix file name casing 2020-12-17 00:18:24 +01:00
86aabba3ed web: fix file name casing 2020-12-17 00:18:03 +01:00
0b36aad5c8 admin: ensure clean_expired_models is called during tests 2020-12-17 00:17:20 +01:00
64d2a216f0 web: fix linting 2020-12-16 23:50:23 +01:00
a5e5e140d6 admin: add full api tests 2020-12-16 23:42:44 +01:00
29f98abd00 root: update swagger 2020-12-16 23:32:14 +01:00
7b5ce4e98a web: use colours for icons, move users to separate card 2020-12-16 23:28:04 +01:00
d7fa52ebf3 admin: remove old admin overview 2020-12-16 23:21:38 +01:00
2ffaa94825 web: fix typo 2020-12-16 23:08:40 +01:00
b80b2626a6 web: fix rendering of version 2020-12-16 23:08:35 +01:00
3b7bba5a62 web: make sure naming matches backend 2020-12-16 23:03:06 +01:00
2d9efe035e web: migrate admin overview cards to separate files 2020-12-16 23:00:32 +01:00
48438e28fd admin: separate overview API into WorkerAPI and VersionAPI 2020-12-16 22:53:53 +01:00
885a2f0a58 web: add flow and policy cache card 2020-12-16 22:30:37 +01:00
cf46ee06b7 api: create dedicated api for cached flows and policies 2020-12-16 22:18:36 +01:00
9e33b49d29 web: rewrite aggregate cards to separate components 2020-12-16 22:00:40 +01:00
1179ba4ef2 api: remove counters from overview api and allow filtering on object apis 2020-12-16 22:00:29 +01:00
3c12c8b3ff core: make Provider SerializerModel 2020-12-16 21:38:40 +01:00
4d22659b6e web: re-organise sidebar 2020-12-16 16:04:11 +01:00
2c0709eeee web: render SidebarItem from the item 2020-12-16 16:04:02 +01:00
c24d1b6b84 outposts: fix incorrect timeout for state cache 2020-12-16 12:14:34 +01:00
040e148a73 release: 0.13.1-stable 2020-12-16 11:26:15 +01:00
b85d550ee0 build(deps-dev): bump pytest from 6.2.0 to 6.2.1 (#405)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.2.0...6.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-16 09:15:14 +01:00
ce95139d66 build(deps): bump boto3 from 1.16.36 to 1.16.37 (#404)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.36 to 1.16.37.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.36...1.16.37)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-16 09:14:58 +01:00
46436a5780 build(deps): bump @types/chart.js from 2.9.28 to 2.9.29 in /web (#406)
Bumps [@types/chart.js](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chart.js) from 2.9.28 to 2.9.29.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chart.js)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-16 09:14:43 +01:00
835a9aaaf2 outposts: fix circular import 2020-12-16 00:00:36 +01:00
42005e7def outposts: ensure all Service Connection state updates are done by the task 2020-12-15 23:39:52 +01:00
d9956e1e9c outpost: fix invalid incluster config causing Outpost Service Connection list to fail 2020-12-15 21:17:33 +01:00
4b1e73251a root: fix messages showing for all sessions of a user 2020-12-15 15:19:15 +01:00
736dbdca33 build(deps-dev): bump @rollup/plugin-typescript in /web (#401)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/eslint-v8.0.0...typescript-v8.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 10:54:31 +01:00
789b8e5d3e build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#402)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.10.0/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 10:28:11 +01:00
074b55f66b build(deps): bump boto3 from 1.16.35 to 1.16.36 (#398)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.35 to 1.16.36.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.35...1.16.36)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:52 +01:00
d9bc5ea4d1 build(deps): bump rollup from 2.34.2 to 2.35.1 in /web (#399)
Bumps [rollup](https://github.com/rollup/rollup) from 2.34.2 to 2.35.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.2...v2.35.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:42 +01:00
716bb9f188 build(deps): bump @patternfly/patternfly from 4.65.6 to 4.70.2 in /web (#400)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.65.6 to 4.70.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.65.6...prerelease-v4.70.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:30 +01:00
dd496619a2 build(deps-dev): bump @typescript-eslint/parser in /web (#403)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.10.0/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-15 08:59:04 +01:00
51d07f7913 proxy: output JSON logs 2020-12-14 19:41:32 +01:00
5c4163579b root: fix application icons now showing with docker-compose 2020-12-14 19:32:48 +01:00
5a73413d58 web: fix brand not showing on firefox 2020-12-14 19:26:02 +01:00
51a5d4bf49 docs: fix issues when overscrolling 2020-12-14 14:16:00 +01:00
8bbb854073 root: make docker-compose database name and username configurable 2020-12-14 12:27:33 +01:00
9f2e9e8444 release: 0.13.0-stable 2020-12-14 11:20:47 +01:00
a3d361f500 outposts: fix controller not using token.key 2020-12-14 11:03:49 +01:00
e9bb583b32 providers/proxy: ensure pb_proxy is deleted and ak_proxy is created 2020-12-14 10:47:49 +01:00
efccf47c83 build(deps): bump packaging from 20.7 to 20.8 (#388)
Bumps [packaging](https://github.com/pypa/packaging) from 20.7 to 20.8.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.7...20.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:07:23 +01:00
a5b144cf8f build(deps): bump boto3 from 1.16.34 to 1.16.35 (#391)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.34 to 1.16.35.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.34...1.16.35)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:07:12 +01:00
afc5a17fc2 build(deps): bump github.com/recws-org/recws in /proxy (#394)
Bumps [github.com/recws-org/recws](https://github.com/recws-org/recws) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/recws-org/recws/releases)
- [Commits](https://github.com/recws-org/recws/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:06:59 +01:00
b3e0884b2e build(deps-dev): bump eslint-plugin-lit from 1.2.4 to 1.3.0 in /web (#396)
Bumps [eslint-plugin-lit](https://github.com/43081j/eslint-plugin-lit) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/43081j/eslint-plugin-lit/releases)
- [Commits](https://github.com/43081j/eslint-plugin-lit/compare/v1.2.4...v1.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 10:06:34 +01:00
078d648551 build(deps): bump uvicorn from 0.13.0 to 0.13.1 (#390)
* build(deps): bump uvicorn from 0.13.0 to 0.13.1

Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.13.0...0.13.1)

Signed-off-by: dependabot[bot] <support@github.com>

* root: remove asgi workaround when websocket is closed during connect

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-14 10:05:07 +01:00
41f9097592 build(deps-dev): bump pytest from 6.1.2 to 6.2.0 (#389)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.1.2 to 6.2.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.1.2...6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:53:18 +01:00
562175741c build(deps): bump github.com/getsentry/sentry-go in /proxy (#392)
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.7.0 to 0.9.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.7.0...v0.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:52:56 +01:00
24e24cb97e build(deps-dev): bump typescript from 4.1.2 to 4.1.3 in /web (#395)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:52:40 +01:00
69b0a23a7d build(deps-dev): bump bandit from 1.6.3 to 1.7.0 (#387)
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.3 to 1.7.0.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.3...1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-14 08:11:24 +01:00
f0f3245388 root: fix links to docs 2020-12-14 00:45:02 +01:00
99ca0d1f9f helm: fix missing /media/ route 2020-12-14 00:11:49 +01:00
c9f0d048a8 release: 0.13.0-rc4 2020-12-13 23:40:07 +01:00
90a94b5e3e root: fix paths for XML Schema files 2020-12-13 23:40:01 +01:00
ae1a8842db providers/oauth2: start adding tests for OAuthAuthorizationParams 2020-12-13 23:14:35 +01:00
a3b17d1ed4 admin: add tests for hidden form fields 2020-12-13 23:14:18 +01:00
41576e27be tests/integration: continue even if ssl can't be cleaned up 2020-12-13 21:51:59 +01:00
07082cb3aa tests/integration: add tests for Docker outpost using TLS connection 2020-12-13 21:30:33 +01:00
426cb33fab outposts: remove unused views 2020-12-13 21:25:05 +01:00
9e4f840d2d api: add token tests 2020-12-13 20:38:56 +01:00
e120d274e9 lib: fix sentry tests not running 2020-12-13 20:38:50 +01:00
977d3f6ef9 stages/user_write: add test that attributes without prefix are ignored 2020-12-13 20:38:43 +01:00
ecdbc917a5 admin: add api tests 2020-12-13 20:38:21 +01:00
0083cd55df sources/oauth: start adding tests for types 2020-12-13 20:03:34 +01:00
d380194e13 */saml: test against SAML Schema 2020-12-13 19:53:16 +01:00
32f5d5ba72 recovery: add test for invalid key 2020-12-13 18:46:36 +01:00
e818416863 policies/password: add invalid test case 2020-12-13 18:43:17 +01:00
7eed70cfe9 policies/hibp: add invalid test case 2020-12-13 18:42:59 +01:00
ea6ca23f57 lib: add tests for sentry integration 2020-12-13 18:41:47 +01:00
f056b026d6 lib: test edgecase for timedelta_from_string 2020-12-13 18:35:51 +01:00
1c0a6efeb1 flows/exporter: remove dead code since no stage is PolicyBindingModel 2020-12-13 18:25:30 +01:00
17732eea08 flows: add test for PLAN_CONTEXT_PENDING_USER_IDENTIFIER 2020-12-13 18:23:19 +01:00
aa5381fd59 flows: add tests case for reevaluate marker that keeps the stage 2020-12-13 18:07:11 +01:00
ffee86fcf3 crypto: simplify api/forms key validation 2020-12-13 18:06:52 +01:00
7ff7398aff admin: add tests for binding creation forms with invalid target 2020-12-13 18:06:34 +01:00
67925a39f2 web: fix source icons missing from static container 2020-12-13 17:50:30 +01:00
3b5e1c7b34 core: cleanup channels code, fix error when server side close 2020-12-13 17:46:34 +01:00
3e49acf7ae outposts: regularly ensure that all outposts have a valid service account and token 2020-12-13 17:10:56 +01:00
76764c4374 web: fix background for readonly inputs 2020-12-13 15:19:28 +01:00
9f6f8e1b55 outposts: update keys in outpost config 2020-12-13 15:15:20 +01:00
9590180c6c docs: update changelog 2020-12-13 12:41:42 +01:00
aef5c60a7b release: 0.13.0-rc3 2020-12-13 00:57:36 +01:00
d4c9c667c9 tests: fix URLs to use user-details instead of user-settings 2020-12-13 00:48:46 +01:00
96f0d582f0 core: load user detail form in an inner SiteShell so update doesn't reload entire page 2020-12-13 00:18:36 +01:00
7e8702a71e web: fix user detail form not working 2020-12-13 00:03:37 +01:00
1524061480 web: only auto-update slug when slug and name are already in sync 2020-12-12 23:45:47 +01:00
434922f702 web: make most client/network errors ignored by sentry 2020-12-12 23:32:55 +01:00
d2862ddc93 lifecycle: clean full redis as part of system migration 2020-12-12 23:30:49 +01:00
6e55431d4c stages/*: fix redirects not pointing to user_settings 2020-12-12 23:14:07 +01:00
01548c5e9c stages/*: fix links opening in SiteShell 2020-12-12 23:14:02 +01:00
bf1dae2dbe helm: make imagePullPolicy configurable 2020-12-12 23:13:58 +01:00
59c93defcf release: 0.13.0-rc2 2020-12-12 21:50:10 +01:00
a2a1a27502 web: fix icons not being included in static container 2020-12-12 21:49:00 +01:00
e3227e7d54 core: remove remaining references to old font 2020-12-12 21:41:12 +01:00
1f4a8fffdb docs: fix minor markdown and syntax errors 2020-12-12 21:30:05 +01:00
86b1183883 helm: bump version in readme 2020-12-12 21:27:05 +01:00
f781f4848c ci: fix release not depending on proxy build 2020-12-12 21:10:13 +01:00
19824d693c core: fix permission check for applications API 2020-12-12 21:00:35 +01:00
0694b911a4 docs: add changelog for 0.13 2020-12-12 21:00:23 +01:00
71e7a03f71 release: 0.13.0-rc1 2020-12-12 20:47:10 +01:00
0a874c98cb web: cleanup messages implementation (#386)
* web: rebuild messages without template objects

* web: show error message when ws connection fails

* web: show error message when siteshell page not found

* web: fix spinner size for loading

* web: fix linting error
2020-12-12 20:46:02 +01:00
488e8f769a web: remove policy bindings page (#370)
* admin: accept ?target for PolicyBindingCreateView

* core: fix rendering of hidden fields in horizontal form

* web: add create button for application's bound policies

* admin: fix delete form not working

* web: fix ak-refresh event not being dispatched correctly

* web: fix linting errors

* admin: fix tests not loading

* build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)

Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)

Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)

Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

* build(deps-dev): bump bandit from 1.6.2 to 1.6.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for new bandit version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add header to bound-policies

* web: fix spacing between bulk_select buttons

* web: add separate ak-bound-policies-list, add flow view page

* web: fix flows' policies not loading

* Squashed commit of the following:

commit e535cb0ec8
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Dec 10 09:58:07 2020 +0100

    build(deps): bump boto3 from 1.16.32 to 1.16.33 (#383)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.32 to 1.16.33.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.32...1.16.33)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 8c1f55d3e3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 09:06:45 2020 +0100

    build(deps): bump boto3 from 1.16.31 to 1.16.32 (#382)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.31 to 1.16.32.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.31...1.16.32)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit c3a2cb44cd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 09:06:29 2020 +0100

    build(deps): bump celery from 5.0.3 to 5.0.4 (#380)

    Bumps [celery](https://github.com/celery/celery) from 5.0.3 to 5.0.4.
    - [Release notes](https://github.com/celery/celery/releases)
    - [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
    - [Commits](https://github.com/celery/celery/compare/v5.0.3...v5.0.4)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 682401bbf2
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Dec 9 07:20:45 2020 +0100

    build(deps): bump uvicorn from 0.12.3 to 0.13.0 (#381)

    Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.3 to 0.13.0.
    - [Release notes](https://github.com/encode/uvicorn/releases)
    - [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/encode/uvicorn/compare/0.12.3...0.13.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 3e6e167348
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 10:32:00 2020 +0100

    build(deps-dev): bump @typescript-eslint/parser in /web (#377)

    Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.0 to 4.9.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/parser)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit d08c1b7b02
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 10:31:47 2020 +0100

    build(deps): bump @sentry/browser from 5.28.0 to 5.29.0 in /web (#378)

    Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
    - [Release notes](https://github.com/getsentry/sentry-javascript/releases)
    - [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 94d70d252c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:37 2020 +0100

    build(deps): bump boto3 from 1.16.30 to 1.16.31 (#375)

    Bumps [boto3](https://github.com/boto/boto3) from 1.16.30 to 1.16.31.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.16.30...1.16.31)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ccfe746dd5
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:28 2020 +0100

    build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#376)

    Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.0 to 4.9.1.
    - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
    - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
    - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/eslint-plugin)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ef5dffa96a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Dec 8 09:02:16 2020 +0100

    build(deps): bump @sentry/tracing from 5.28.0 to 5.29.0 in /web (#379)

    Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
    - [Release notes](https://github.com/getsentry/sentry-javascript/releases)
    - [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2caa1e7650
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 11:21:07 2020 +0100

    build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)

    * build(deps-dev): bump bandit from 1.6.2 to 1.6.3

    Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
    - [Release notes](https://github.com/PyCQA/bandit/releases)
    - [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

    Signed-off-by: dependabot[bot] <support@github.com>

    * root: update for new bandit version

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>

commit 2246f3a534
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 10:26:01 2020 +0100

    build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)

    Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
    - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
    - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 95ba00cb79
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 09:09:49 2020 +0100

    build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)

    Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
    - [Release notes](https://github.com/rollup/rollup/releases)
    - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 2ab4d6620f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Mon Dec 7 09:09:24 2020 +0100

    build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)

    Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
    - [Release notes](https://github.com/eslint/eslint/releases)
    - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
    - [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

    Signed-off-by: dependabot[bot] <support@github.com>

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* web: fix linting error

* web: simplify sidebar logic

* web: add support for multiple active matchers per sidebar item

* web: move router to elements

* flows: add stage_obj to flows api

* sources/*: make all sources implement SerializerModel

* web: improve listing of stages

* web: implement expandable table

* web/table: use TemplateResult as return value for row()

* web: add empty state, fix link for BoundStageList

* admin: make stage binding form accept ?target like policy binding

* web: fix styles in dark mode for expanding tables

* flows: add policybindingmodel_ptr_id to FlowStageBinding API

* web: improve wording for policies

* web: fix dark theme for tertiary buttons and static modals

* web: implement SourceViewPage

* web: add empty state for BoundPoliciesList

* web: cleanup URLs for FlowStageBindings

* root: remove url attribute from ak-messages

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-12 19:39:09 +01:00
e6a776be07 build(deps): bump sentry-sdk from 0.19.4 to 0.19.5 (#384)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.4 to 0.19.5.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.4...0.19.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-11 10:28:38 +01:00
4fd1dafd82 build(deps): bump boto3 from 1.16.33 to 1.16.34 (#385)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.33 to 1.16.34.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.33...1.16.34)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-11 09:19:45 +01:00
e535cb0ec8 build(deps): bump boto3 from 1.16.32 to 1.16.33 (#383)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.32 to 1.16.33.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.32...1.16.33)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-10 09:58:07 +01:00
8c1f55d3e3 build(deps): bump boto3 from 1.16.31 to 1.16.32 (#382)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.31 to 1.16.32.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.31...1.16.32)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-09 09:06:45 +01:00
c3a2cb44cd build(deps): bump celery from 5.0.3 to 5.0.4 (#380)
Bumps [celery](https://github.com/celery/celery) from 5.0.3 to 5.0.4.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.3...v5.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-09 09:06:29 +01:00
682401bbf2 build(deps): bump uvicorn from 0.12.3 to 0.13.0 (#381)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.12.3...0.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-09 07:20:45 +01:00
3e6e167348 build(deps-dev): bump @typescript-eslint/parser in /web (#377)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/parser)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:32:00 +01:00
d08c1b7b02 build(deps): bump @sentry/browser from 5.28.0 to 5.29.0 in /web (#378)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:31:47 +01:00
94d70d252c build(deps): bump boto3 from 1.16.30 to 1.16.31 (#375)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.30 to 1.16.31.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.30...1.16.31)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 09:02:37 +01:00
ccfe746dd5 build(deps-dev): bump @typescript-eslint/eslint-plugin in /web (#376)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 4.9.0 to 4.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.9.1/packages/eslint-plugin)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 09:02:28 +01:00
ef5dffa96a build(deps): bump @sentry/tracing from 5.28.0 to 5.29.0 in /web (#379)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.28.0 to 5.29.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.28.0...5.29.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 09:02:16 +01:00
2caa1e7650 build(deps-dev): bump bandit from 1.6.2 to 1.6.3 (#371)
* build(deps-dev): bump bandit from 1.6.2 to 1.6.3

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.6.2 to 1.6.3.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for new bandit version

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-12-07 11:21:07 +01:00
2246f3a534 build(deps): bump @types/codemirror from 0.0.100 to 0.0.102 in /web (#374)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.100 to 0.0.102.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 10:26:01 +01:00
95ba00cb79 build(deps): bump rollup from 2.34.1 to 2.34.2 in /web (#373)
Bumps [rollup](https://github.com/rollup/rollup) from 2.34.1 to 2.34.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.1...v2.34.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 09:09:49 +01:00
2ab4d6620f build(deps-dev): bump eslint from 7.14.0 to 7.15.0 in /web (#372)
Bumps [eslint](https://github.com/eslint/eslint) from 7.14.0 to 7.15.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.14.0...v7.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 09:09:24 +01:00
01482d8468 tests: fix images being pulled from dockerhub, again 2020-12-06 21:23:57 +01:00
45c4469d47 tests: fix images being pulled from dockerhub 2020-12-06 20:47:12 +01:00
8a526ad452 root: use proxy for e2e tests 2020-12-06 19:52:26 +01:00
773943e044 web: fix htmlFromString not working 2020-12-06 18:40:25 +01:00
c0166aec20 web: fix RouteMatch erroring when arguments are given 2020-12-06 18:40:11 +01:00
c03754abec web: dark mode (#368)
* web: initial dark mode

* web: re-fix sidebar colour in dark mode

* web: fix dark mode for user settings

* web: fix dark mode for flows

* core: match delete template's footer with generic form

* admin: show app icon in app list
2020-12-06 18:02:04 +01:00
3487c41ce0 build(deps-dev): bump django-debug-toolbar from 3.1.1 to 3.2 (#363)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.1.1 to 3.2.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.1.1...3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 18:01:15 +01:00
d4d4a4ab94 build(deps): bump boto3 from 1.16.28 to 1.16.30 (#366)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.28 to 1.16.30.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.28...1.16.30)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 17:18:15 +01:00
05d87a2314 build(deps): bump celery from 5.0.2 to 5.0.3 (#362)
Bumps [celery](https://github.com/celery/celery) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.2...v5.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-06 17:18:04 +01:00
5b83c5a191 build(deps): bump rollup from 2.34.0 to 2.34.1 in /web (#365)
Bumps [rollup](https://github.com/rollup/rollup) from 2.34.0 to 2.34.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.34.0...v2.34.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-12-06 17:08:29 +01:00
867e161f32 tests: fix proxy pipeline (#367)
* tests: retry on WebDriverException

* tests: remove debug statements
2020-12-06 16:17:51 +01:00
ff15514d5b stages/identification: add show_matched_user to optionally hide user details 2020-12-06 13:12:32 +01:00
58497bb63f web: fix /users/me/ endpoint being called multiple times 2020-12-06 12:38:19 +01:00
e0bc4f1da5 lifecycle: fix outpost service connections not being migrated 2020-12-06 12:22:51 +01:00
1cfe1aff13 wip: rename to authentik (#361)
* root: initial rename

* web: rename custom element prefix

* root: rename external functions with pb_ prefix

* root: fix formatting

* root: replace domain with goauthentik.io

* proxy: update path

* root: rename remaining prefixes

* flows: rename file extension

* root: pbadmin -> akadmin

* docs: fix image filenames

* lifecycle: ignore migration files

* ci: copy default config from current source before loading last tagged

* *: new sentry dsn

* tests: fix missing python3.9-dev package

* root: add additional migrations for service accounts created by outposts

* core: mark system-created service accounts with attribute

* policies/expression: fix pb_ replacement not working

* web: fix last linting errors, add lit-analyse

* policies/expressions: fix lint errors

* web: fix sidebar display on screens where not all items fit

* proxy: attempt to fix proxy pipeline

* proxy: use go env GOPATH to get gopath

* lib: fix user_default naming inconsistency

* docs: add upgrade docs

* docs: update screenshots to use authentik

* admin: fix create button on empty-state of outpost

* web: fix modal submit not refreshing SiteShell and Table

* web: fix height of app-card and height of generic icon

* web: fix rendering of subtext

* admin: fix version check error not being caught

* web: fix worker count not being shown

* docs: update screenshots

* root: new icon

* web: fix lint error

* admin: fix linting error

* root: migrate coverage config to pyproject
2020-12-05 22:08:42 +01:00
810a7ab50b proxy: backport fix of proxy pipeline 2020-12-04 09:59:59 +01:00
3b12de23ff ci: fix mismatched docker tags being used 2020-12-02 22:41:53 +01:00
12f788661c web: add empty state for library page, add more helpers 2020-12-02 22:14:28 +01:00
6164db5a18 root: attempt to build static image without django's collectstatic (#360)
* root: attempt to build static image without django's collectstatic

* web: move static dockerfile to /web

* web: fix dockerfile path

* web: improve image size by not copying node_modules
2020-12-02 21:23:07 +01:00
c17623323a web: further cleanup, more linting 2020-12-02 15:44:40 +01:00
05aeeafacc flows: fix header/footer moving around on login template when card changes size 2020-12-02 15:07:19 +01:00
dc4a7d98e8 web: fix SidebarUser not rendering 2020-12-02 14:45:19 +01:00
cc5a0c23aa flows: allow uploading of custom flow backgrounds, update default flow background 2020-12-02 14:40:05 +01:00
821458373d web: remove sidebar items from sidebar class, add admin-interface 2020-12-02 13:56:28 +01:00
832a3dda41 web: fix spinner size for site-shell 2020-12-02 11:19:56 +01:00
728befbda8 build(deps): bump boto3 from 1.16.25 to 1.16.28 (#357)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.25 to 1.16.28.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.25...1.16.28)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 11:19:47 +01:00
a77c3f73cc build(deps): bump @sentry/browser from 5.27.6 to 5.28.0 in /web (#358)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 5.27.6 to 5.28.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.27.6...5.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 11:19:00 +01:00
ebae03c399 build(deps): bump @sentry/tracing from 5.27.6 to 5.28.0 in /web (#359)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 5.27.6 to 5.28.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/5.27.6...5.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 10:13:41 +01:00
ffa4ac7efa build(deps): bump django-model-utils from 4.1.0 to 4.1.1 (#355)
Bumps [django-model-utils](https://github.com/jazzband/django-model-utils) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/jazzband/django-model-utils/releases)
- [Changelog](https://github.com/jazzband/django-model-utils/blob/master/CHANGES.rst)
- [Commits](https://github.com/jazzband/django-model-utils/compare/4.1.0...4.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 10:13:28 +01:00
16373d2143 build(deps): bump django from 3.1.3 to 3.1.4 (#356)
Bumps [django](https://github.com/django/django) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.3...3.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-02 08:28:03 +01:00
1779b4d888 web: more admin overview components 2020-12-01 22:42:11 +01:00
b218ded241 api: move events to Audit API 2020-12-01 22:16:50 +01:00
8c8ff4643a web: improve file structure, separate routes from outlet 2020-12-01 17:41:27 +01:00
e6391b64f0 web: update to new formatting rules, make eslint warnings fail ci 2020-12-01 17:27:19 +01:00
7195b77606 web: fix web pipeline not running 2020-12-01 14:59:25 +01:00
add7ecc7aa core: update library url to fix e2e tests 2020-12-01 14:57:22 +01:00
bce75dc047 web: fix formatting mostly, add pipeline 2020-12-01 13:59:59 +01:00
71fbb23a2f web: add placeholder config, fix sizing of sidebar brand 2020-12-01 13:20:54 +01:00
7bb26b5903 web: add more cards to overview 2020-12-01 12:41:37 +01:00
93bfe60369 api: allow setting of page size 2020-12-01 11:58:14 +01:00
93bf977709 web: start implementing admin overview page 2020-12-01 10:21:04 +01:00
760dca0f76 web: fix django not being defined as global 2020-12-01 09:53:14 +01:00
a777ecc933 web: start implementing translation in JS 2020-12-01 09:47:22 +01:00
0231bcf685 web: switch to eslint 2020-12-01 09:47:22 +01:00
a312ad2ad1 web: add TablePage 2020-12-01 09:47:21 +01:00
8e25970c01 build(deps): bump dacite from 1.5.1 to 1.6.0 (#353)
Bumps [dacite](https://github.com/konradhalas/dacite) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/konradhalas/dacite/releases)
- [Changelog](https://github.com/konradhalas/dacite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/konradhalas/dacite/compare/v1.5.1...v1.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-01 09:47:11 +01:00
b1c4d0c716 build(deps-dev): bump @rollup/plugin-typescript in /web (#354)
Bumps [@rollup/plugin-typescript](https://github.com/rollup/plugins) from 6.1.0 to 8.0.0.
- [Release notes](https://github.com/rollup/plugins/releases)
- [Commits](https://github.com/rollup/plugins/compare/typescript-v6.1.0...eslint-v8.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-01 08:31:59 +01:00
43c391aa1c docs: move dev setup to docs site, fix docs header 2020-11-30 13:12:56 +01:00
2a0b4c8f14 web: remove dist from git 2020-11-30 12:50:08 +01:00
1193608631 web: port library page to clientside, router performance improvements 2020-11-30 12:34:26 +01:00
775d80de6d build(deps): bump rollup from 2.33.3 to 2.34.0 in /web (#352)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.3 to 2.34.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.3...v2.34.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-30 09:13:37 +01:00
05f8f92082 build(deps): bump django-model-utils from 4.0.0 to 4.1.0 (#351)
Bumps [django-model-utils](https://github.com/jazzband/django-model-utils) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/jazzband/django-model-utils/releases)
- [Changelog](https://github.com/jazzband/django-model-utils/blob/master/CHANGES.rst)
- [Commits](https://github.com/jazzband/django-model-utils/compare/4.0.0...4.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-30 09:13:21 +01:00
f7022dd11f web: sort components into folders, implement pagination for table 2020-11-29 22:14:48 +01:00
606e32603e api: improve pagination to show relevant data used for interface 2020-11-29 22:14:03 +01:00
5c5adfcccc admin: fix rendering of FileInput 2020-11-29 19:40:28 +01:00
0a2c0464df proxy: send proxy version in user-agent header 2020-11-29 19:01:15 +01:00
902953a2c7 admin: add use spinner button for admin lists 2020-11-29 18:46:45 +01:00
a8dad2e393 web: add sentry, add spinner button as base for action button 2020-11-29 18:10:20 +01:00
2417d5a59e policies: add policy_obj to Binding API 2020-11-29 13:57:40 +01:00
66b3635648 web: allow setting of querystring arguments with API Client, update table 2020-11-29 13:57:40 +01:00
7f821c484c build(deps): bump lxml from 4.6.1 to 4.6.2 (#350)
Bumps [lxml](https://github.com/lxml/lxml) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.6.1...lxml-4.6.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-28 23:19:58 +01:00
f51acb97a9 tests: fix docker proxy missing for single test 2020-11-28 21:29:11 +01:00
c4db907a50 build(deps-dev): bump prettier from 2.2.0 to 2.2.1 in /web (#348)
Bumps [prettier](https://github.com/prettier/prettier) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.2.0...2.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-28 20:46:08 +01:00
5650bd2d4c build(deps): bump packaging from 20.4 to 20.7 (#349)
Bumps [packaging](https://github.com/pypa/packaging) from 20.4 to 20.7.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.4...20.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-28 20:45:55 +01:00
9466f91466 root: move webapp to /web (#347)
* root: move webapp to /web

* root: fix static build

* root: fix static files not being served for e2e tests
2020-11-28 19:43:42 +01:00
127ffbd456 root: fix linting error 2020-11-27 21:00:47 +01:00
2fbf06a1aa root: fix formatting, update swagger 2020-11-27 18:42:22 +01:00
55f2ae5d08 static: start implementing Application View page 2020-11-27 18:37:56 +01:00
47fe867803 root: add more API methods 2020-11-27 18:37:45 +01:00
28980d932a static: update ts formatting 2020-11-26 23:42:58 +01:00
1e640fac76 static: rewrite tabs to not use hash and render in shadow root 2020-11-26 23:31:56 +01:00
c7b6eac33d static: rewrite API Fetching to make API Version upgrades easier 2020-11-26 22:37:41 +01:00
f83087d04d static: cleanup messages, improve reconnect 2020-11-26 21:55:03 +01:00
14ab9bbd05 static: fetch messages which were created when the user arrives/leaves the page 2020-11-26 18:16:50 +01:00
a91d0ddc6c static: backoff retrying to connect to ws 2020-11-26 18:04:24 +01:00
89400b4ea4 root: save messages to session as backup 2020-11-26 17:57:46 +01:00
afcbe24ff5 static: add websocket support for messages, move console.log to debug 2020-11-26 17:23:29 +01:00
9c00c86e9b root: add Channels Message Storage and consumer 2020-11-26 17:12:00 +01:00
7efed56acc static: add multiple active paths to sidebar 2020-11-26 16:06:44 +01:00
81a2c3992a static: start implementing new application page 2020-11-26 15:55:01 +01:00
feabd38173 static: add argument support to Router and add RouteMatch 2020-11-26 13:58:45 +01:00
1432f0648f core: fix applications API not being same format as other APIs 2020-11-26 13:31:09 +01:00
04f876af7b build(deps): bump docker from 4.3.1 to 4.4.0 (#344)
* build(deps): bump docker from 4.3.1 to 4.4.0

Bumps [docker](https://github.com/docker/docker-py) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.3.1...4.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

* outposts: fix both network_mode and ports being set during tests

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-11-26 11:25:06 +01:00
2449c63d0a build(deps): bump @types/codemirror in /passbook/static/static (#346)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.99 to 0.0.100.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-26 09:58:48 +01:00
c738ea573c tests/e2e: fix logic error 2020-11-25 12:41:13 +01:00
987b3a47d0 build(deps): bump @types/codemirror in /passbook/static/static (#343)
Bumps [@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror) from 0.0.98 to 0.0.99.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-25 11:42:19 +01:00
4dd397d9d9 build(deps): bump boto3 from 1.16.23 to 1.16.25 (#345)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.23 to 1.16.25.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.23...1.16.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-25 11:24:37 +01:00
5973f8bbca lib: fix bad_request_message for new error template 2020-11-24 23:35:04 +01:00
43f27c2401 static: make SiteShell redirect when request > 400 2020-11-24 23:06:27 +01:00
7c73d2c2fb static: improve router, add redirect support 2020-11-24 23:02:10 +01:00
3f67da8f54 core: improve error page 2020-11-24 22:46:50 +01:00
afbecadba0 static: improve ModalButton performance by using manual redirects 2020-11-24 12:49:56 +01:00
2de4023d43 root: fix asgi formatting 2020-11-24 12:36:54 +01:00
6573d2e8f6 docs: update screenshots 2020-11-24 11:51:46 +01:00
bc412466b2 static: formatting 2020-11-24 11:50:49 +01:00
7a481396c6 root: fix incorrect MEDIA_URL 2020-11-24 11:50:27 +01:00
7f40c89ade root: fix KeyError in ASGI 2020-11-24 11:50:17 +01:00
3c0f640b48 static: fix link to logout in sidebar 2020-11-23 21:47:03 +01:00
2f6ba42ce3 static: align microsoft icon with other icons 2020-11-23 21:45:57 +01:00
aa8589d377 stages/identification: fix icons not showing on firefox 2020-11-23 21:44:58 +01:00
cb2bad0a36 static: add polyfill for firefox for CSS 2020-11-23 21:41:23 +01:00
665839133f Application Icon upload (#341)
* core: add initial implementation for File Upload

* root: add volumes to docker-compose for file upload

* helm: add pvc for uploads

* core: allow meta_icon to be overwritten with static files
2020-11-23 20:50:19 +01:00
91e9f176a5 proxy: revert to original command (#342) 2020-11-23 19:49:36 +01:00
1a64edb89f proxy: fix call to swagger generate 2020-11-23 19:04:24 +01:00
6874265f94 proxy: fix permissions for swagger install 2020-11-23 18:14:00 +01:00
9889dedcac proxy: install swagger via apt 2020-11-23 18:11:22 +01:00
275ac587a1 static: remove fixed branding 2020-11-23 18:08:35 +01:00
2f43b5b5ec Merge pull request #338 from BeryJu/ui-improvements
Migrate to SPA
2020-11-23 18:02:07 +01:00
416b2c60a1 static: improve organisation of UI files 2020-11-23 16:55:58 +01:00
b39bee7a30 static: include full FA in router-outlet 2020-11-23 16:46:28 +01:00
9714e5583d static: move passbook.css to src folder 2020-11-23 16:42:03 +01:00
bef25929a7 Merge branch 'master' into ui-improvements 2020-11-23 14:40:36 +01:00
34f54a96cf tests: update e2e tests for SPA 2020-11-23 14:24:42 +01:00
401359a73f static: fix sidebar header login when request isnt finished 2020-11-23 12:32:01 +01:00
88f1cbb29c static: use config API for index, add static index.html 2020-11-23 11:50:38 +01:00
bd9bce4c9b api: add API for config used in SPA 2020-11-23 11:49:09 +01:00
49c7ab701e build(deps): bump boto3 from 1.16.22 to 1.16.23 (#340)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.22 to 1.16.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.22...1.16.23)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 10:37:16 +01:00
35db60f2c8 build(deps): bump uvicorn from 0.12.2 to 0.12.3 (#339)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.2 to 0.12.3.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.12.2...0.12.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 08:00:22 +01:00
c0fd3e79bc ci: fix e2e tests not running in python 3.9 2020-11-23 00:38:25 +01:00
8a54014a13 root: fix broken links in readme 2020-11-23 00:21:11 +01:00
3cfe144394 static: fix behaviour on initial load when no route is given 2020-11-22 23:48:34 +01:00
5da8caf0d4 *: fix remaining redirects to overview 2020-11-22 23:45:51 +01:00
c26d928eb0 core: make impersonation's redirect return to shell 2020-11-22 23:40:49 +01:00
02d4118f73 core: fix token list's copy not working 2020-11-22 23:40:36 +01:00
d97b2bf503 core: fix impersonation notice being shown twice 2020-11-22 23:39:40 +01:00
2a50e36027 static: fix hash not changing when invalid route is chosen 2020-11-22 23:26:19 +01:00
eff3208ff7 static: fix icon baseline on headers 2020-11-22 22:57:08 +01:00
551aff9455 core: fix token list not operating in modals 2020-11-22 22:24:31 +01:00
22b4757971 admin: add pb-token-copy-button 2020-11-22 22:24:22 +01:00
fa004876e9 *: fix formatting 2020-11-22 22:14:36 +01:00
d5e34bb71d static: fix colours not changing on ActionButton 2020-11-22 22:10:55 +01:00
e0dbeca657 static: add TokenCopyButton for token lists, improve colours on buttons 2020-11-22 22:06:00 +01:00
1b6bd5b997 outposts: update modal to pb-modal-button 2020-11-22 21:43:36 +01:00
a340378ce1 providers/oauth2: update modal to pb-modal-button 2020-11-22 21:39:05 +01:00
962f7d5f5c providers/saml: update modal to pb-modal-button 2020-11-22 21:38:47 +01:00
a10404f34b static: make ModalButton work with non-URL content 2020-11-22 21:35:52 +01:00
ed72595ae0 static: fix codemirror css not being loaded 2020-11-22 21:25:58 +01:00
82dd597881 *: remove use of FilteredSelectMultiple 2020-11-22 21:13:03 +01:00
0c2d46e0af static: fix modal scrolling not working 2020-11-22 21:04:09 +01:00
8b11616cf8 static: fix pb-aggregate card not being styled 2020-11-22 20:54:05 +01:00
4b4a49bc66 static: fix sidebar paths 2020-11-22 20:50:30 +01:00
b770508d68 static: fix backdrop for modals 2020-11-22 20:45:38 +01:00
8934a0d4f0 static: remove backdrop's overlay colour 2020-11-22 20:33:04 +01:00
fcf763ed3e *: rewrite user settings to use a single page 2020-11-22 20:30:26 +01:00
be8cc77086 static: fix link for property mappings 2020-11-22 20:26:44 +01:00
ffea308480 static: make site-shell not rely on hash 2020-11-22 19:58:20 +01:00
c9712facf3 core: fix ShellView not being login only 2020-11-22 19:43:25 +01:00
07773ed934 static: add elements for sidebar brand and sidebar user 2020-11-22 19:37:09 +01:00
3c311ca527 core: add avatars to user api 2020-11-22 19:36:40 +01:00
bc02fb04f8 static: improve brand layout on sidebar 2020-11-22 13:55:13 +01:00
37979291b5 static: re-add backdrop, format 2020-11-22 13:48:39 +01:00
49899a9ceb admin: add refresh button to audit and tasks list 2020-11-22 13:45:47 +01:00
bc2113a935 static: show admin categories only when user is superuser 2020-11-22 13:43:41 +01:00
eb9df38e92 static: fix ActionButton not working 2020-11-22 13:43:24 +01:00
372e51ee07 static: add navbar items to sidebar 2020-11-22 13:13:45 +01:00
30bf4f5747 core: migrate shell to core, remove navbar 2020-11-22 13:13:19 +01:00
ef2b8cf802 static: fix modal close icon not loading 2020-11-22 01:08:56 +01:00
c455a9a6b6 static: fix text being center when in pb-dropdown 2020-11-22 01:03:19 +01:00
7dac6841fb static: add RouterOutlet, render sidebar clientside 2020-11-22 00:30:26 +01:00
a8669ffe40 root: fix paths for static docker build 2020-11-21 21:59:05 +01:00
1ed392c53c static: fix sidebar active not working with search/pagination 2020-11-21 21:23:40 +01:00
4bd433d69e static: fix search redirecting entire page 2020-11-21 21:22:25 +01:00
f3010726d6 admin: fix template syntax error 2020-11-21 21:04:42 +01:00
812d699fd6 static: fix spinner not being on top of elements 2020-11-21 21:04:32 +01:00
e32cbec072 admin: fix pagination redirecting full page 2020-11-21 20:59:20 +01:00
1cb227305c static: format code 2020-11-21 20:48:49 +01:00
e42ad3f659 static: improve structure and cleanup 2020-11-21 20:47:19 +01:00
6a2ae67c31 static: fix flow-shell-card not working correctly 2020-11-21 20:43:05 +01:00
aa1b99204a static: migrate slug to ts 2020-11-21 19:22:53 +01:00
6681289a5a admin: migrate overview data-target modals 2020-11-21 19:10:05 +01:00
322ad0890a static: use dist folder 2020-11-21 18:34:45 +01:00
b849b2aef3 static: add code-mirror widget 2020-11-21 18:32:34 +01:00
92c0ad4154 admin: fix error when creating password-reset link 2020-11-21 16:23:39 +01:00
49397cef70 admin: add .pb-root-link for AdminSiteShell for links that should not be modified 2020-11-21 16:23:23 +01:00
517b811a99 admin: add shell view 2020-11-21 16:16:59 +01:00
6bdcbfbf0e admin: update lists to use modal button 2020-11-21 16:16:34 +01:00
b555c151dc static: close modal on escape key 2020-11-21 15:24:45 +01:00
12f211d07d admin: implement sidebar is-active on clientside 2020-11-21 14:03:02 +01:00
277f960113 static: add refresh button, ensure forms in modal work correctly
closes #262
2020-11-21 12:27:19 +01:00
aa6eacaf6b Merge branch 'master' into ui-improvements
# Conflicts:
#	passbook/static/static/package.json
2020-11-21 11:30:18 +01:00
80866f00f4 admin/shell: add loading animation 2020-11-21 11:28:11 +01:00
59e7d9b81e static: rewrite modal to use shadowroot and import css 2020-11-21 11:28:00 +01:00
d6d91c8180 build(deps): bump codemirror in /passbook/static/static (#335)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.2 to 5.58.3.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.2...5.58.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-21 01:19:26 +01:00
d10d645c02 build(deps): bump rollup in /passbook/static/static (#337)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.2 to 2.33.3.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.2...v2.33.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-21 00:27:32 +01:00
a2c7921c1f admin: migrate login stats chart to web component 2020-11-20 23:42:14 +01:00
582dfface9 static: add admin shell to improve admin experience 2020-11-20 22:46:05 +01:00
592f2cc558 admin: use pb-dropdown component for dropdowns 2020-11-20 22:15:46 +01:00
1e1a002ab2 static: rewrite custom components to typescript 2020-11-20 22:13:09 +01:00
ba2bd4fdaf build(deps): bump boto3 from 1.16.20 to 1.16.22 (#333)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.20 to 1.16.22.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.20...1.16.22)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-20 22:05:11 +01:00
9a407dcc5a build(deps): bump sentry-sdk from 0.19.3 to 0.19.4 (#334)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.3 to 0.19.4.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.3...0.19.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-20 18:51:29 +01:00
f8c720f8cd build(deps): bump @patternfly/patternfly in /passbook/static/static (#336)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.59.1 to 4.65.6.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.59.1...prerelease-v4.65.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-20 17:06:11 +01:00
9c3bc4eb38 tests: move integration tests into separate folder, add separate pipeline task 2020-11-19 14:35:43 +01:00
0a8d4eecae outposts: add docker TLS authentication and verification 2020-11-19 13:10:18 +01:00
120f5f2e44 build(deps): bump boto3 from 1.16.19 to 1.16.20 (#332)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.19 to 1.16.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.19...1.16.20)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-18 12:43:41 +01:00
e99812a6f5 build(deps): bump boto3 from 1.16.18 to 1.16.19 (#331)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.18 to 1.16.19.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.18...1.16.19)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-17 14:11:21 +01:00
1c5fedb177 build(deps): bump rollup in /passbook/static/static (#330)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.1 to 2.33.2.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.1...v2.33.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-16 15:24:41 +01:00
8cc063ded2 lib: add @patch decorator to config for unittests 2020-11-16 12:48:53 +01:00
5faafbbca6 root: ensure manual loggers also have timestamp 2020-11-16 01:41:33 +01:00
dda1217735 root: include pytest config in dockerfile for github tests 2020-11-16 00:41:40 +01:00
d21f187673 outposts: make docker image prefix configurable 2020-11-16 00:36:42 +01:00
8a105cf5a0 release: 0.12.11-stable 2020-11-16 00:21:56 +01:00
9e384df79e static: adjust sizing of icon in navbar 2020-11-15 22:57:33 +01:00
c0bfd32d39 root: update remaining paths for static files 2020-11-15 22:46:14 +01:00
7be680cbe5 Migrate to Docusaurus (#329)
* docs: initial migration to docusaurus

* website: add custom font, update blurbs and icons

* website: update splash

* root: update links to docs

* flows: use .pbflow extension so docusaurus doesn't mangle the files

* e2e: workaround prospector

* Squashed commit of the following:

commit 1248585dca
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Sun Nov 15 20:46:53 2020 +0100

    e2e: attempt to fix prospector error again

commit 1319c480c4
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Sun Nov 15 20:41:35 2020 +0100

    ci: install previous python version for upgrade testing

* web: update accent colours and format

* website: format markdown files

* website: fix colours for text

* website: switch to temporary accent colour to improve readability

* flows: fix path for TestTransferDocs

* flows: fix formatting of tests
2020-11-15 22:42:02 +01:00
93bf8eaa82 root: fix useless supressions 2020-11-15 21:02:15 +01:00
1248585dca e2e: attempt to fix prospector error again 2020-11-15 20:46:53 +01:00
1319c480c4 ci: install previous python version for upgrade testing 2020-11-15 20:41:35 +01:00
1911e8e3a9 e2e: fix linting error 2020-11-15 19:31:42 +01:00
4198c5363f proxy: bump dependencies 2020-11-15 16:35:46 +01:00
207aae15a8 root: add missing libraries for static docker container 2020-11-15 16:17:25 +01:00
50531b8a36 root: upgrade to python3.9 2020-11-15 16:15:01 +01:00
e5e4824920 */saml: fully migrate to xmlsec, remove signxml dependency 2020-11-15 15:20:56 +01:00
085247e2dc ci: fix apt install for libxmlsec1 2020-11-15 01:05:20 +01:00
f766594ab0 build(deps): bump urllib3 from 1.25.11 to 1.26.2 (#327)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.11 to 1.26.2.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.11...1.26.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-13 17:42:44 +01:00
d1e469e282 build(deps): bump boto3 from 1.16.16 to 1.16.17 (#328)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.16 to 1.16.17.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.16...1.16.17)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-13 11:44:14 +01:00
79e4500827 build(deps): bump sentry-sdk from 0.19.2 to 0.19.3 (#326)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.2 to 0.19.3.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.2...0.19.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-13 06:55:47 +01:00
42702fa96a root: fix missing libxmlsec1-dev pkg-config packages 2020-11-12 19:38:58 +01:00
9deb3ad80f sources/saml: make signature and digest of SAML Source configurable 2020-11-12 12:02:57 +01:00
9877ef99c4 */saml: fix creation and validation of detached signatures 2020-11-12 11:59:07 +01:00
c304b40e1b providers/saml: improve verification for detached signatures 2020-11-12 11:58:51 +01:00
f0e6d6f417 root: fix asgi import order 2020-11-12 11:58:51 +01:00
54de5c981e providers/saml: fix signatures being required 2020-11-12 11:58:51 +01:00
a446775fe2 build(deps): bump boto3 from 1.16.15 to 1.16.16 (#325)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.15 to 1.16.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.15...1.16.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-12 11:57:23 +01:00
7393d8720b new release: 0.12.10-stable 2020-11-11 14:54:29 +01:00
287cb72d6f root: fix websockets not working correctly 2020-11-11 14:51:26 +01:00
c5eff4bdd6 outposts: fix selection of outpost's service connection not showing name 2020-11-11 14:34:43 +01:00
e9a33ed8ab root: fix exclusion in dockerignore 2020-11-11 14:24:43 +01:00
875173a86e outposts: fix migration error 2020-11-11 14:10:15 +01:00
df7642b365 build(deps): bump boto3 from 1.16.14 to 1.16.15 (#324)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.14 to 1.16.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.14...1.16.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-11 09:54:19 +01:00
3bc1c0aa8b build(deps): bump channels from 3.0.1 to 3.0.2 (#322)
Bumps [channels](https://github.com/django/channels) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/3.0.1...3.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-11-10 23:41:29 +01:00
8951f5695e build(deps): bump boto3 from 1.16.13 to 1.16.14 (#323)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.13 to 1.16.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.13...1.16.14)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 21:50:42 +01:00
7401278707 new release: 0.12.9-stable 2020-11-10 20:15:06 +01:00
e99f6e289b outposts: fix kubernetes ApiClient not being used 2020-11-09 10:45:08 +01:00
07da6ffa69 build(deps): bump boto3 from 1.16.12 to 1.16.13 (#321)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.12 to 1.16.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.12...1.16.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-09 10:17:56 +01:00
dc18730094 static: add tabs component 2020-11-08 22:43:46 +01:00
a202679bfb crypto: fix "Could not deserialize key data." with empty private key 2020-11-08 22:43:35 +01:00
1edcda58ba providers/saml: add verification_kp when verifying assertions against certificates without private key 2020-11-08 22:24:54 +01:00
5cb7f0794e outposts: periodically update state of service connection, show state in UI 2020-11-08 21:31:27 +01:00
7e8e3893eb outposts: save state of outposts 2020-11-08 21:02:52 +01:00
e91e286ebc build(deps): bump djangorestframework from 3.12.1 to 3.12.2 (#318)
Bumps [djangorestframework](https://github.com/encode/django-rest-framework) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/encode/django-rest-framework/releases)
- [Commits](https://github.com/encode/django-rest-framework/compare/3.12.1...3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-06 17:28:09 +01:00
ef4a115b61 build(deps): bump boto3 from 1.16.11 to 1.16.12 (#319)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.11 to 1.16.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.11...1.16.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-06 16:17:53 +01:00
b79b73f5c6 build(deps): bump boto3 from 1.16.10 to 1.16.11 (#316)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.10 to 1.16.11.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.10...1.16.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 11:13:48 +01:00
056e3ed15b build(deps): bump channels from 3.0.0 to 3.0.1 (#317)
Bumps [channels](https://github.com/django/channels) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/3.0.0...3.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 08:07:23 +01:00
fb5e210af8 outposts: add handler for e2e tests when schema is updated already 2020-11-04 15:36:31 +01:00
e5e2615f15 outposts: fix unittests 2020-11-04 14:56:35 +01:00
6c72a9e2e8 providers/proxy: fix k8s integration tests 2020-11-04 14:02:29 +01:00
c04d0a373a admin: add views for outpost service-connections 2020-11-04 13:35:41 +01:00
bd74e518a7 outposts: add *ServiceConnection API 2020-11-04 11:05:40 +01:00
3b76af4eaa outposts: fix defaults and tests for outposts 2020-11-04 10:57:06 +01:00
706448dc14 outposts: initial service connection implementation 2020-11-04 10:41:18 +01:00
34793f7cef core: adjust timeout of backup task's caching 2020-11-03 22:53:58 +01:00
ba96c9526e proxy: don't use sentry for proxy server 2020-11-03 12:12:21 +01:00
617432deaa build(deps): bump boto3 from 1.16.9 to 1.16.10 (#310)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.9 to 1.16.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.9...1.16.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 11:37:29 +01:00
36bf2be16d build(deps): bump celery from 5.0.1 to 5.0.2 (#313)
Bumps [celery](https://github.com/celery/celery) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.1...v5.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 11:37:18 +01:00
912ed343e6 build(deps): bump pycryptodome from 3.9.8 to 3.9.9 (#314)
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.9.8 to 3.9.9.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.9.8...v3.9.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 11:27:32 +01:00
2e15df295a build(deps): bump sentry-sdk from 0.19.1 to 0.19.2 (#311)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.1...0.19.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 10:25:10 +01:00
eaab3f62cb build(deps): bump rollup in /passbook/static/static (#312)
Bumps [rollup](https://github.com/rollup/rollup) from 2.33.0 to 2.33.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.33.0...v2.33.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 10:24:58 +01:00
aa615b0fd6 build(deps): bump django from 3.1.2 to 3.1.3 (#315)
Bumps [django](https://github.com/django/django) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.2...3.1.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-03 09:49:06 +01:00
b775f2788c build(deps): bump channels from 2.4.0 to 3.0.0 (#309)
* build(deps): bump channels from 2.4.0 to 3.0.0

Bumps [channels](https://github.com/django/channels) from 2.4.0 to 3.0.0.
- [Release notes](https://github.com/django/channels/releases)
- [Changelog](https://github.com/django/channels/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels/compare/2.4.0...3.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

* root: update for channels 3

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-11-02 10:26:26 +01:00
9c28db3d89 build(deps): bump boto3 from 1.16.8 to 1.16.9 (#307)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.8 to 1.16.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.8...1.16.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-02 09:19:04 +01:00
67360bd6e9 build(deps): bump rollup in /passbook/static/static (#308)
Bumps [rollup](https://github.com/rollup/rollup) from 2.32.1 to 2.33.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.32.1...v2.33.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-02 09:18:39 +01:00
4f6f8c7cae build(deps): bump boto3 from 1.16.7 to 1.16.8 (#305)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.7 to 1.16.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.7...1.16.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 10:59:15 +01:00
3b82ad798b build(deps): bump channels-redis from 3.1.0 to 3.2.0 (#304)
Bumps [channels-redis](https://github.com/django/channels_redis) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/django/channels_redis/releases)
- [Changelog](https://github.com/django/channels_redis/blob/master/CHANGELOG.txt)
- [Commits](https://github.com/django/channels_redis/compare/3.1.0...3.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 09:45:05 +01:00
8827f06ac1 build(deps): bump signxml from 2.8.0 to 2.8.1 (#306)
Bumps [signxml](https://github.com/kislyuk/signxml) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/kislyuk/signxml/releases)
- [Changelog](https://github.com/XML-Security/signxml/blob/develop/Changes.rst)
- [Commits](https://github.com/kislyuk/signxml/compare/v2.8.0...v2.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 09:15:19 +01:00
251672a67d new release: 0.12.8-stable 2020-10-29 22:37:53 +01:00
4ffc0e2a08 docs: update proxy docs 2020-10-29 22:12:13 +01:00
4e1808632d proxy: add support for additionalHeaders 2020-10-29 22:09:53 +01:00
791627d3ce proxy: remove unused code 2020-10-29 21:46:26 +01:00
f3df3a0157 providers/proxy: add sticky sessions to ingress 2020-10-29 17:25:51 +01:00
6aaae53a19 proxy: use host not hostname to match header 2020-10-29 17:25:39 +01:00
4d84f6d598 outposts: ensure permissions are updated when a related object is saved 2020-10-29 17:25:29 +01:00
4e2349b6d9 build(deps): bump boto3 from 1.16.5 to 1.16.7 (#303)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.5 to 1.16.7.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.5...1.16.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-29 15:35:56 +01:00
cd57b8f7f3 build(deps): bump drf-yasg2 from 1.19.3 to 1.19.4 (#302)
Bumps [drf-yasg2](https://github.com/JoelLefkowitz/drf-yasg) from 1.19.3 to 1.19.4.
- [Release notes](https://github.com/JoelLefkowitz/drf-yasg/releases)
- [Changelog](https://github.com/JoelLefkowitz/drf-yasg/blob/master/docs/changelog.rst)
- [Commits](https://github.com/JoelLefkowitz/drf-yasg/compare/1.19.3...1.19.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-29 12:14:11 +01:00
40b1fc06b0 build(deps): bump @patternfly/patternfly in /passbook/static/static (#301)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.50.4 to 4.59.1.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.50.4...prerelease-v4.59.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-10-29 09:21:39 +01:00
02fa217e28 build(deps-dev): bump pytest from 6.1.1 to 6.1.2 (#300)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.1.1...6.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-29 09:21:09 +01:00
6652514358 lib: improve error ignore list 2020-10-28 19:00:11 +01:00
dcd3dc9744 lib: ensure tasks don't expire 2020-10-28 18:53:39 +01:00
d6afdc575e new release: 0.12.7-stable 2020-10-27 11:36:46 +01:00
287b38efee e2e: don't use proxy for quay 2020-10-27 10:30:08 +01:00
e805fb62fb e2e: use docker proxy for test images 2020-10-27 09:50:06 +01:00
c92dda77f1 build(deps): bump boto3 from 1.16.4 to 1.16.5 (#299)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.4...1.16.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 09:45:58 +01:00
f12fd78822 stages/user_login: replace usage of -1 with 0 2020-10-27 00:31:22 +01:00
caba183c9b static: fix class name of FlowShellCard 2020-10-27 00:30:55 +01:00
3aeaa121a3 root: add dockerfile to dependabot 2020-10-27 00:30:42 +01:00
a9f3118a7d docs: add home-assistant integration docs 2020-10-26 22:14:51 +01:00
054b819262 stages/user_login: use timedelta_string_validator instead of seconds 2020-10-26 22:03:27 +01:00
6b3411f63b root: fix permission denied error for backups 2020-10-26 21:12:20 +01:00
6a8000ea0d root: ensure traefik logs are json 2020-10-26 18:39:49 +01:00
352d4db0d7 e2e: add NoSuchElementException to @retry 2020-10-26 17:57:01 +01:00
4b665cfb8f static: fix FlowShellCard not returning the response 2020-10-26 11:00:37 +01:00
4e12003944 api: remove authentication fallback for pre-0.12 proxies 2020-10-26 11:00:19 +01:00
6bfd465855 static: improve error handling for FlowShellCard to prevent infinite spinners 2020-10-26 10:52:13 +01:00
e8670aa693 build(deps): bump codemirror in /passbook/static/static (#295)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.1 to 5.58.2.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.1...5.58.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-26 10:35:47 +01:00
5263e750b1 build(deps): bump boto3 from 1.16.3 to 1.16.4 (#296)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.3 to 1.16.4.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.3...1.16.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-26 10:35:24 +01:00
a2a9d73296 build(deps): bump django-otp from 1.0.1 to 1.0.2 (#297)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.1...v1.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-26 08:31:24 +01:00
6befc9d627 helm: re-disable redis clustering 2020-10-23 20:45:21 +02:00
73497a27cc new release: 0.12.6-stable 2020-10-23 18:42:29 +02:00
f3098418f2 core: fix backup task not being registered, add fallback for api to remove info on ImportError
celery only discovers tasks from installed apps, which `lib` is not, hence the schedule didn't trigger it
2020-10-23 18:32:28 +02:00
a5197963b2 build(deps-dev): bump pytest-django from 4.0.0 to 4.1.0 (#293)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v4.0.0...v4.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-23 09:38:49 +02:00
e4634bcc78 build(deps): bump boto3 from 1.16.2 to 1.16.3 (#294)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.2 to 1.16.3.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.2...1.16.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-23 08:01:43 +02:00
74da44a6a9 helm: add readme, general cleanup 2020-10-22 17:25:30 +02:00
3324473cd0 new release: 0.12.5-stable 2020-10-22 14:22:32 +02:00
39d8038533 e2e: Fix @retry decorator not truncating database 2020-10-22 14:05:29 +02:00
bbcf58705f lib: add configurable avatars, set to none mode for tests 2020-10-22 14:03:31 +02:00
7b5a0964b2 outposts: handle docker connection error on init 2020-10-22 12:50:06 +02:00
8eca76e464 root: fix docker permission error 2020-10-22 11:54:23 +02:00
fb9ab368f8 root: fix typo in docker-compose 2020-10-22 11:30:53 +02:00
877279b2ee build(deps): bump rollup in /passbook/static/static (#292)
Bumps [rollup](https://github.com/rollup/rollup) from 2.32.0 to 2.32.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.32.0...v2.32.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-22 11:30:03 +02:00
301be4b411 build(deps): bump boto3 from 1.16.1 to 1.16.2 (#291)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.1 to 1.16.2.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.1...1.16.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-22 08:05:29 +02:00
728f527ccb build(deps): bump drf-yasg2 from 1.19.2 to 1.19.3 (#290)
Bumps [drf-yasg2](https://github.com/JoelLefkowitz/drf-yasg) from 1.19.2 to 1.19.3.
- [Release notes](https://github.com/JoelLefkowitz/drf-yasg/releases)
- [Changelog](https://github.com/JoelLefkowitz/drf-yasg/blob/master/docs/changelog.rst)
- [Commits](https://github.com/JoelLefkowitz/drf-yasg/compare/1.19.2...1.19.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-21 09:51:39 +02:00
3f1c790b1d build(deps): bump boto3 from 1.16.0 to 1.16.1 (#289)
Bumps [boto3](https://github.com/boto/boto3) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.16.0...1.16.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-21 09:12:13 +02:00
b00573bde2 new release: 0.12.4-stable 2020-10-20 22:31:31 +02:00
aeee3ad7f9 e2e: add @retry decorator to make e2e tests more reliable 2020-10-20 18:51:17 +02:00
ef021495ef flows: revert evaluate_on_call rename for backwards compatibility 2020-10-20 15:41:50 +02:00
061eab4b36 docs: fix keys for example flows 2020-10-20 15:14:41 +02:00
870e01f836 flows: rename re_evaluate_policies to evaluate_on_call, add evaluate_on_plan 2020-10-20 15:06:36 +02:00
e2ca72adf0 stages/user_login: only show successful login message at login stage 2020-10-20 12:11:59 +02:00
395ef43eae policies/expression: fix ip_network not being imported by default 2020-10-20 12:05:56 +02:00
a4cc653757 new release: 0.12.3-stable 2020-10-20 10:24:45 +02:00
db4ff20906 outposts: fix service using incorrect pod selector 2020-10-20 10:18:05 +02:00
1f0fbd33b6 build(deps): bump urllib3 from 1.25.10 to 1.25.11 (#287)
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.10 to 1.25.11.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.10...1.25.11)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-20 10:17:46 +02:00
5de8d2721e build(deps): bump uvicorn from 0.12.1 to 0.12.2 (#286)
Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.12.1 to 0.12.2.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.12.1...0.12.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-20 10:09:37 +02:00
0d65da9a9e build(deps): bump boto3 from 1.15.18 to 1.16.0 (#288)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.18 to 1.16.0.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.18...1.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-20 09:34:55 +02:00
4316ee4330 root: implement db backups with monitored task, update docs 2020-10-19 22:17:47 +02:00
2ed9a1dbe3 */tasks: update phrasing 2020-10-19 21:35:31 +02:00
8e03824d20 lib: always set task's UID, even for unexpected errors 2020-10-19 21:30:21 +02:00
754dbdd0e5 outpost: fix logs for kubernetes controller 2020-10-19 21:29:58 +02:00
e13d348315 new release: 0.12.2-stable 2020-10-19 19:36:36 +02:00
169f3ebe5b outposts: fix logger again 2020-10-19 18:52:17 +02:00
f8ad604e85 outposts: add more tests 2020-10-19 17:47:51 +02:00
774b9c8a61 outposts: update kubernetes controller to use pk as identifier instead of name 2020-10-19 17:39:12 +02:00
d8c522233e outposts: fix outpost mangling log output 2020-10-19 16:54:11 +02:00
82d50f7eaa outposts: fix list showing questionmark when only one outpost is registered 2020-10-19 16:34:16 +02:00
1c426c5136 outposts: trigger deployment re-create when selector changes 2020-10-19 16:21:39 +02:00
d6e14cc551 proxy: show version on startup 2020-10-19 16:21:13 +02:00
c3917ebc2e lifecycle: fix formatting 2020-10-19 16:13:45 +02:00
7203bd37a3 outposts: replace migration with string backup handler 2020-10-19 16:04:38 +02:00
597188c7ee lifecycle: fix migration trying to load all classes 2020-10-19 15:55:16 +02:00
ac4c314042 new release: 0.12.1-stable 2020-10-19 15:30:27 +02:00
05866d3544 providers/proxy: fix creation of ingress 2020-10-19 15:06:50 +02:00
6596bc6034 helm: fix permissions for ingresses in networking 2020-10-19 14:55:14 +02:00
c6661ef4d2 lifecycle: add migration to 0.12 which removes old outpost state from cache 2020-10-19 14:35:38 +02:00
386e23dfac core: fix api signature for view_key 2020-10-19 14:35:22 +02:00
5d7220ca70 helm: fix keys for s3 backup 2020-10-19 14:30:44 +02:00
5de0d03acf new release: 0.12.0-stable 2020-10-19 12:15:25 +02:00
b0cc91f343 ci: disable code-ql while django check is broken 2020-10-19 12:15:17 +02:00
029a78f108 build(deps): bump sentry-sdk from 0.19.0 to 0.19.1 (#285)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.19.0...0.19.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 12:02:33 +02:00
3f4a8dc4f6 docs: update example helm values file 2020-10-19 11:31:36 +02:00
32f6ba6302 ci: install python3.8 for code ql 2020-10-19 11:12:57 +02:00
8da0b14f29 docs: update to-012 2020-10-19 11:12:57 +02:00
83eb4aff02 build(deps): bump rollup in /passbook/static/static (#282)
Bumps [rollup](https://github.com/rollup/rollup) from 2.31.0 to 2.32.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.31.0...v2.32.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 11:12:46 +02:00
927d02f591 build(deps): bump celery from 5.0.0 to 5.0.1 (#279)
Bumps [celery](https://github.com/celery/celery) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v5.0.0...v5.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 11:12:34 +02:00
d04afcd6d0 build(deps): bump chart.js in /passbook/static/static (#283)
Bumps [chart.js](https://github.com/chartjs/Chart.js) from 2.9.3 to 2.9.4.
- [Release notes](https://github.com/chartjs/Chart.js/releases)
- [Commits](https://github.com/chartjs/Chart.js/compare/v2.9.3...v2.9.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 10:44:05 +02:00
89c6db66fd build(deps): bump drf-yasg2 from 1.18.5 to 1.19.2 (#284)
Bumps [drf-yasg2](https://github.com/JoelLefkowitz/drf-yasg) from 1.18.5 to 1.19.2.
- [Release notes](https://github.com/JoelLefkowitz/drf-yasg/releases)
- [Changelog](https://github.com/JoelLefkowitz/drf-yasg/blob/master/docs/changelog.rst)
- [Commits](https://github.com/JoelLefkowitz/drf-yasg/compare/1.18.5...1.19.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 10:43:52 +02:00
e6ffa65a7e build(deps): bump lxml from 4.5.2 to 4.6.1 (#280)
Bumps [lxml](https://github.com/lxml/lxml) from 4.5.2 to 4.6.1.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.5.2...lxml-4.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-19 08:38:58 +02:00
8a2f982a77 admin: fix html of overview 2020-10-19 00:46:31 +02:00
16cf6315e3 docs: add active directory docs 2020-10-18 23:03:46 +02:00
1d85874f41 stages/user_write: don't update session hash after password change when impersonating 2020-10-18 22:58:05 +02:00
ff64182ae8 stages/prompt: skip password equality check when previous checks failed 2020-10-18 22:54:40 +02:00
a9ee67bf2d sources/ldap: adjust order or fields in form 2020-10-18 22:39:13 +02:00
e87d52a76b providers/proxy: implement Ingress diff checking 2020-10-18 21:34:45 +02:00
8b09cf55a2 root: upgrade to traefik 2.3 2020-10-18 18:48:19 +02:00
0203d20759 providers/proxy: add traefik labels to outposts deployed with docker integration 2020-10-18 17:46:20 +02:00
7861e2e0bd provider/proxy: add K8s ingress support 2020-10-18 17:13:44 +02:00
ad29d54bbf outposts: simplify k8s controller add more extensibility 2020-10-18 17:09:02 +02:00
c698ba37d9 core: add ability for users to create tokens 2020-10-18 15:42:16 +02:00
6a53069653 *: make generic template's base parameterised 2020-10-18 15:35:27 +02:00
152b2d863d api: add fallback for proxies < 0.12 which send authorization without b64 2020-10-18 15:14:00 +02:00
ee670d5e19 core: add key field to token for easier rotation 2020-10-18 14:34:22 +02:00
36e095671c proxy: fix WS Authorization Header being sent with the wrong format 2020-10-18 14:04:12 +02:00
1088b947a8 audit: remove duplicate date column, add search 2020-10-17 22:26:35 +02:00
c4a30c50ac stages/consent: add fallback template 2020-10-17 18:18:29 +02:00
2831df45a0 docs: add note about high cpu usage of proxy 2020-10-17 17:06:57 +02:00
ee5bac099f outposts: fix migration not having access to token property 2020-10-17 17:06:08 +02:00
69f7b41044 e2e: use dockercontroller to test proxy 2020-10-17 17:03:10 +02:00
f9cede7b31 proxy: add random reload offset for HA 2020-10-17 16:48:53 +02:00
903cdeaa7f proxy: fix high CPU when websocket not connected 2020-10-17 16:44:53 +02:00
e909e7fa8a outposts: kill container on down 2020-10-17 16:33:38 +02:00
bee38551f3 outposts: fix tokens without identifier not loading in the UI 2020-10-17 16:33:23 +02:00
c0ec6388df outposts: give container time to boot when newly created 2020-10-16 23:38:46 +02:00
8f08836885 outposts: ensure log is also written to stdout 2020-10-16 23:36:59 +02:00
dd0d7e7481 root: switch from drf-yasg to drf_yasg2 and up rest_framework 2020-10-16 23:32:35 +02:00
25d0ac6534 ci: bump pyright version 2020-10-16 22:29:59 +02:00
971713d1aa outposts: call controller.down on outpost pre_delete 2020-10-16 22:27:00 +02:00
5135d828b4 outposts: rename run to up, add down method for deleting 2020-10-16 22:22:15 +02:00
b2c571bf1b helm: add service account for controller, add option to enable it 2020-10-16 21:55:24 +02:00
6b1d30d230 outposts: improve logging from k8s controller 2020-10-16 21:31:55 +02:00
3454760731 *: ensure TaskResult uid is slugified to prevent URL errors 2020-10-16 21:31:12 +02:00
96846220c3 outposts: trigger reconcile on save 2020-10-16 21:08:35 +02:00
a4f5678144 docs: update admin screenshot 2020-10-16 20:26:09 +02:00
a18baa3cb3 static: simplify Message update trigger 2020-10-16 20:13:57 +02:00
dfedd4a7f1 admin: improve overview, re-add links
closes #270
2020-10-16 20:07:56 +02:00
897f64600a static: dynamically add messages instead of replacing 2020-10-16 19:22:44 +02:00
c6eb015d18 static: fix shell card missing on small screens 2020-10-16 19:13:39 +02:00
54088239ab sources/ldap: fix MonitoredTask not using uid 2020-10-16 16:43:40 +02:00
aa9c7a6567 flow: re-add FlowShell as Web Component 2020-10-16 16:36:18 +02:00
6c0c12c90a static: fix messages update only working once 2020-10-16 16:30:38 +02:00
c49b57ad1d stages/email: fix make_msgid call 2020-10-16 16:07:59 +02:00
2339e855bb *: Improve MonitoredTasks' error capture 2020-10-16 16:00:24 +02:00
bdc019c7cf outposts: skip post_save during migrations and unittests 2020-10-16 15:58:28 +02:00
5e2fb6d56e static: replace server-side alerts with webcomponent 2020-10-16 15:26:51 +02:00
3b9524cdfc *: ensure unittests wait on tasks 2020-10-16 14:53:14 +02:00
7154f19668 admin: fix task list not being sorted 2020-10-16 14:53:00 +02:00
8fedd9ec07 stages/email: Implement MonitoredTask, but only for failed emails 2020-10-16 14:31:01 +02:00
4ac87d8739 sources/saml: Implement MonitoredTask 2020-10-16 14:30:44 +02:00
e4f45eba0a policies/reputation: implement MonitoredTask 2020-10-16 14:20:41 +02:00
4b3e0f0f96 sources/ldap: implement MonitoredTask 2020-10-16 14:20:07 +02:00
482da81522 admin: add button to retry task 2020-10-16 14:10:27 +02:00
c5226fd0e8 admin: add API to list tasks and schedule retry 2020-10-16 14:10:11 +02:00
7806cff96f lib: save task's call arguments for manual retry 2020-10-16 13:35:40 +02:00
fa504e4bf9 outposts: pass outpost reference instead of PK, implement TaskResult.uid 2020-10-16 12:54:52 +02:00
86cfb10b9b outposts: implement .run_wuth_logs() which returns logs, add task monitoring 2020-10-16 11:38:49 +02:00
f6b8171624 outposts: improve controller error handling 2020-10-16 11:31:31 +02:00
91ce7f7363 root: implement monitored tasks 2020-10-16 11:28:54 +02:00
17060238f0 build(deps): bump rollup in /passbook/static/static (#278)
Bumps [rollup](https://github.com/rollup/rollup) from 2.30.0 to 2.31.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.30.0...v2.31.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-16 10:01:01 +02:00
c392c2a74b build(deps): bump boto3 from 1.15.16 to 1.15.17 (#277)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.16 to 1.15.17.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.16...1.15.17)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-16 09:39:12 +02:00
8cbaec8ba8 build(deps): bump kubernetes from 11.0.0 to 12.0.0 (#276)
Bumps [kubernetes](https://github.com/kubernetes-client/python) from 11.0.0 to 12.0.0.
- [Release notes](https://github.com/kubernetes-client/python/releases)
- [Changelog](https://github.com/kubernetes-client/python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes-client/python/compare/v11.0.0...v12.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-15 09:40:27 +02:00
4750f8c653 ci: fix typo 2020-10-14 20:28:24 +02:00
69d2a1cf3b providers/proxy: add more kubernetes tests 2020-10-14 20:21:47 +02:00
635f6c1ef2 ci: add k3d cluster for kubernetes controller tests 2020-10-14 20:21:36 +02:00
18da7565c2 outposts: improve performance by running related check in worker, fix tokens being left over on outpost delete 2020-10-14 18:41:16 +02:00
45699a1a69 outpost: rewrite kubernetes controller 2020-10-14 17:49:09 +02:00
5556e9f8e7 outposts: always save state, even without version 2020-10-14 12:15:40 +02:00
327bb09dd4 build(deps): bump rollup in /passbook/static/static (#275)
Bumps [rollup](https://github.com/rollup/rollup) from 2.29.0 to 2.30.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.29.0...v2.30.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-14 11:47:30 +02:00
8ca23451c6 outposts: rewrite state logic, use cache to expire old channels, support multiple instances 2020-10-14 11:32:33 +02:00
b99e2b10fe docs: add note about vcenter and AD Join 2020-10-14 11:32:33 +02:00
e966dff1a7 Revert "flows: rewrite shell to webcomponents"
This reverts commit b03a508475.
2020-10-14 11:32:33 +02:00
481fbedef2 build(deps): bump sentry-sdk from 0.18.0 to 0.19.0 (#274)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.18.0...0.19.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-14 11:27:35 +02:00
d104012eee build(deps-dev): bump colorama from 0.4.3 to 0.4.4 (#273)
Bumps [colorama](https://github.com/tartley/colorama) from 0.4.3 to 0.4.4.
- [Release notes](https://github.com/tartley/colorama/releases)
- [Changelog](https://github.com/tartley/colorama/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tartley/colorama/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-13 11:55:05 +02:00
b03a508475 flows: rewrite shell to webcomponents 2020-10-12 17:53:35 +02:00
8ede4b6a13 build(deps): bump boto3 from 1.15.15 to 1.15.16 (#272)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.15 to 1.15.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.15...1.15.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-12 10:32:52 +02:00
41323afccc docs: add upgrade instructions for 0.11 2020-10-11 23:42:38 +02:00
4a10b4999b core: fix navbar icon not showing in firefox 2020-10-11 23:38:22 +02:00
20ee634cda admin: add buttons to disable and enable users 2020-10-11 21:54:00 +02:00
713025d218 new release: 0.11.0-stable 2020-10-11 19:57:03 +02:00
58ae159835 outposts: disable Kubernetes selection for now 2020-10-11 19:40:22 +02:00
c95efe3cde docs: fix usage of user's groups 2020-10-11 19:29:22 +02:00
b6eb0bf53d providers/oauth2: add missing property_mapping template 2020-10-11 19:29:13 +02:00
610b6c7f70 policies: add PolicyAccessView, which does complete access checking 2020-10-11 19:26:20 +02:00
1ea2d99ff2 ci: run rollup build 2020-10-09 11:33:02 +02:00
67be43679c build(deps): bump boto3 from 1.15.14 to 1.15.15 (#268)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.14 to 1.15.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.14...1.15.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-09 11:32:02 +02:00
fd42389bd5 build(deps-dev): bump rollup-plugin-sourcemaps (#267)
Bumps [rollup-plugin-sourcemaps](https://github.com/maxdavidson/rollup-plugin-sourcemaps) from 0.6.2 to 0.6.3.
- [Release notes](https://github.com/maxdavidson/rollup-plugin-sourcemaps/releases)
- [Changelog](https://github.com/maxdavidson/rollup-plugin-sourcemaps/blob/master/CHANGELOG.md)
- [Commits](https://github.com/maxdavidson/rollup-plugin-sourcemaps/compare/v0.6.2...v0.6.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-09 11:31:47 +02:00
71b1df2fec build(deps): bump rollup in /passbook/static/static (#269)
Bumps [rollup](https://github.com/rollup/rollup) from 2.28.2 to 2.29.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v2.28.2...v2.29.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-09 09:08:39 +02:00
7a3122f25c docs: add reverse-proxy example config, fix outpost docker-compose 2020-10-08 09:27:28 +02:00
63041d788b core: update application list API to show applications accessible by policy 2020-10-08 09:26:50 +02:00
bfc1bae0bb build(deps): bump boto3 from 1.15.13 to 1.15.14 (#266)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.13 to 1.15.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.13...1.15.14)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-08 09:18:06 +02:00
8ab7f7fcbb core: make passbook title navigate to overview
closes #264
2020-10-07 19:27:20 +02:00
c1eb8317f7 providers/proxy: update phrasing for basic_auth_* attributes
closes #265
2020-10-07 19:27:06 +02:00
7a578e5e83 admin: dont show check when outpost hasnt connected
closes #263
2020-10-07 19:19:25 +02:00
b10912d8ba proxy: cleanup addHeadersForProxying 2020-10-07 18:02:57 +02:00
ef24b1cde2 docs: update screenshots 2020-10-07 18:02:26 +02:00
26cacc2a06 build(deps): bump boto3 from 1.15.12 to 1.15.13 (#259)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.12 to 1.15.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.12...1.15.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-07 11:54:32 +02:00
ca0e89c799 build(deps): bump @patternfly/patternfly in /passbook/static/static (#261)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.42.2 to 4.50.4.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.42.2...prerelease-v4.50.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-07 09:10:47 +02:00
17950119ad build(deps): bump django-otp from 1.0.0 to 1.0.1 (#260)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v1.0.0...v1.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-07 09:10:25 +02:00
876618c1ec build(deps): bump @fortawesome/fontawesome-free (#258)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.15.0 to 5.15.1.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.15.0...5.15.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 10:19:05 +02:00
2293ab69b9 build(deps): bump boto3 from 1.15.11 to 1.15.12 (#257)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.11 to 1.15.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.11...1.15.12)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 09:55:56 +02:00
9df00e09a4 root: fix static docker's rollup build 2020-10-06 00:06:53 +02:00
cf6ce9c915 audit: optimize eventaction, 2020-10-05 23:43:56 +02:00
3b61191614 outpost: enable docker controller 2020-10-05 23:11:44 +02:00
9954eeac86 proxy: fix broken docker healthcheck 2020-10-05 22:53:26 +02:00
ac88bd5d44 core: hide token value by default 2020-10-05 22:40:30 +02:00
2406a619df root: fix lockfile in dockerfile 2020-10-05 22:37:53 +02:00
63087c9393 root: run backups in server contianer 2020-10-05 22:30:13 +02:00
da9aaf69df admin: add metrics and charts 2020-10-05 22:10:03 +02:00
ae125dd1f0 root: fix missing docker dependency 2020-10-04 15:04:07 +02:00
f636595230 static: add fetch-fill-slot to load data for admin interface 2020-10-04 13:09:03 +02:00
d506e8f1a3 outposts: implement docker controller 2020-10-04 00:41:12 +02:00
d3a96ac7aa outposts: load token async 2020-10-04 00:29:18 +02:00
189b0ec324 admin: expose info as API 2020-10-04 00:28:58 +02:00
c5a6b4961f core: Add Token identifier as sudo-primary key 2020-10-04 00:28:43 +02:00
b590589324 root: add base template for api 2020-10-03 23:20:33 +02:00
9fb1ac98ec Backup/Restore (#256)
* lifecycle: move s3 backup settings to s3 name

* providers/oauth2: fix for alerting for missing certificatekeypair

* lifecycle: add backup commands

see #252

* lifecycle: install postgres-client for 11 and 12

* root: migrate to DBBACKUP_STORAGE_OPTIONS, add region setting

* lifecycle: auto-clean last backups

* helm: add s3 region parameter, add cronjob for backups

* docs: add backup docs

* root: remove backup scheduled task for now
2020-10-03 20:36:36 +02:00
195d8fe71f core: move name field to base Provider 2020-10-03 20:05:16 +02:00
b0602a3215 admin: implement search for all views
see #253
2020-10-03 19:32:01 +02:00
0150a5c58c admin: add SearchListMixin mixin and partial template 2020-10-03 19:05:20 +02:00
b35d27c83e admin: fix pagination template, ensure template is placed correctly in footer 2020-10-03 17:50:17 +02:00
801bb90806 root: lock pyright version 2020-10-03 15:34:53 +02:00
55a83abb26 *: remove deprecated providing_args 2020-10-02 11:18:14 +02:00
c09b4e9713 e2e: fix invalid proxy image being pulled 2020-10-02 10:30:56 +02:00
247015e955 stages/otp_*: Remove duplicate validation for OTP Codes 2020-10-02 10:30:43 +02:00
fe3634be64 build(deps): bump django from 3.1.1 to 3.1.2 (#255)
Bumps [django](https://github.com/django/django) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1.1...3.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-02 09:50:18 +02:00
ead20b03aa build(deps): bump boto3 from 1.15.9 to 1.15.10 (#254)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.9 to 1.15.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.9...1.15.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-02 09:32:39 +02:00
932a475af7 docs: add notice about vcenter launch URL 2020-10-01 20:01:58 +02:00
e9a1a18ba3 providers/oauth2: ensure that when rs256 is selected, a certificate key pair is selected 2020-10-01 20:01:45 +02:00
6cd9edd38a providers/oauth2: add missing token_validity field to Forms and API 2020-10-01 20:01:28 +02:00
9b5f9167cd root: always enable dbbackup 2020-10-01 13:41:40 +02:00
1f30bcd335 root: lock postgresql to 12 in docker-compose 2020-10-01 10:42:38 +02:00
94eaeb5a60 new release: 0.10.9-stable 2020-10-01 10:24:16 +02:00
a5420fe019 providers/saml: lowercase acs URLs before checking
closes #249
2020-10-01 10:04:20 +02:00
2e1849a732 providers/oauth2: lowercase all uris before checking redirect URI
see #249
2020-10-01 10:00:44 +02:00
4039e96803 build(deps): bump boto3 from 1.15.8 to 1.15.9 (#250)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.8 to 1.15.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.8...1.15.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-01 09:50:04 +02:00
8f585eca70 stages/identification: replace buggy FilteredSelectMultiple with ArrayFieldSelectMultiple 2020-09-30 23:58:01 +02:00
516455f482 stages/identification: add case_insensitive_matching
closes #248
2020-09-30 23:48:53 +02:00
719099a5af ci: remove deploy as --recreate is deprecated 2020-09-30 23:00:05 +02:00
7f74d32253 docs: update phrasing on tautulli docs 2020-09-30 21:19:04 +02:00
525d271535 *: apply new black styling 2020-09-30 19:34:22 +02:00
9ef39f1e04 root: update black version 2020-09-30 16:39:15 +02:00
9099dc5713 root: fix missing dependencies of uvicorn 2020-09-30 16:11:28 +02:00
c3c525a3f0 lib: re-add Websockets error 2020-09-30 15:55:59 +02:00
e699dfe88c ci: fix CD not working correctly 2020-09-30 15:41:04 +02:00
c0b334eb02 lib: ignore ChannelFull error 2020-09-30 15:40:54 +02:00
815ad26b91 root: add hard uvloop and httptools dependency 2020-09-30 15:37:15 +02:00
03647fa6af new release: 0.10.8-stable 2020-09-30 14:59:02 +02:00
5aec581585 docs: add docs for Tautulli
closes #244
2020-09-30 14:32:23 +02:00
68e9b7e140 proxy: only use logrus 2020-09-30 14:31:55 +02:00
b42bca4e3e build(deps): bump django-filter from 2.3.0 to 2.4.0 (#239)
Bumps [django-filter](https://github.com/carltongibson/django-filter) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/carltongibson/django-filter/releases)
- [Changelog](https://github.com/carltongibson/django-filter/blob/master/CHANGES.rst)
- [Commits](https://github.com/carltongibson/django-filter/compare/2.3.0...2.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 13:29:11 +02:00
42c9ac61b2 build(deps-dev): bump pytest from 6.0.2 to 6.1.0 (#238)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.0.2 to 6.1.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.0.2...6.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 13:14:42 +02:00
7cdc5f0568 build(deps): bump sentry-sdk from 0.17.8 to 0.18.0 (#245)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.8 to 0.18.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.8...0.18.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 12:44:50 +02:00
a063613f4c build(deps): bump uvicorn from 0.11.8 to 0.12.0 (#241)
* build(deps): bump uvicorn from 0.11.8 to 0.12.0

Bumps [uvicorn](https://github.com/encode/uvicorn) from 0.11.8 to 0.12.0.
- [Release notes](https://github.com/encode/uvicorn/releases)
- [Changelog](https://github.com/encode/uvicorn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/encode/uvicorn/compare/0.11.8...0.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

* lib: remove websockets ignored exception

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2020-09-30 11:49:59 +02:00
3af04bf1e4 build(deps): bump boto3 from 1.15.5 to 1.15.8 (#246)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.5 to 1.15.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.5...1.15.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 11:49:36 +02:00
74f8b68af8 proxy: ask for pb_proxy scope, set authorization header if enabled 2020-09-30 11:49:06 +02:00
59dbc15be7 core: make group_attributes include user's attributes 2020-09-30 11:39:25 +02:00
9d5dd896f3 providers/proxy: start implementing basic_auth_enabled
see #244
2020-09-30 11:15:22 +02:00
02f5f12089 providers/proxy: use external_url for launch URL, hide setup URLs 2020-09-30 11:14:50 +02:00
90ea6dba90 providers/proxy: add pb_proxy scope for proxy that sends user_attributes 2020-09-30 11:13:59 +02:00
b0b2c0830b build(deps): bump github.com/sirupsen/logrus in /proxy (#243)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 09:32:33 +02:00
acb2b825f3 root: fix pipfile not referencing djangorestframework 2020-09-30 09:23:00 +02:00
e956b86649 root: lock rest-framework to 3.11.1 to prevent drf-yasg
See https://github.com/axnsan12/drf-yasg/issues/641
2020-09-30 09:15:48 +02:00
739c66da1c crypto: add tests 2020-09-30 09:12:37 +02:00
e8c7cce68f build(deps): bump @fortawesome/fontawesome-free (#247)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.14.0 to 5.15.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.14.0...5.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-30 08:57:47 +02:00
f741d382c2 e2e: bump wait 2020-09-29 15:01:01 +02:00
a13d4047b6 e2e: fix formatting 2020-09-29 14:04:23 +02:00
e0d8189442 e2e: update for new saml-test-sp, pull image before run 2020-09-29 12:47:38 +02:00
760352202e admin: fix get_form_class 2020-09-29 11:42:34 +02:00
9724ded194 policies: change .form() and .serializer() to properties, add tests 2020-09-29 10:32:58 +02:00
5da4ff4ff1 e2e: further cleanup tests, directly navigate to user-settings instead of click 2020-09-29 00:27:58 +02:00
e54b98a80e e2e: cleanup tests, remove XPATH selectors 2020-09-28 18:19:46 +02:00
67b69cb5d3 e2e: add oidc tests using oidc-test-client 2020-09-28 17:22:35 +02:00
863111ac57 e2e: fix oauth1 tests 2020-09-28 12:15:32 +02:00
bd78087582 root: fix RemovedInDjango40Warning being triggered 2020-09-28 11:47:50 +02:00
8f4e954160 providers/oauth2: rewrite introspection endpoint to allow basic or bearer auth 2020-09-28 11:42:27 +02:00
553f184aad e2e: add proxy connectivity test via Websocket 2020-09-28 09:04:44 +02:00
b6d7847eae providers/oauth2: fix token introspection view 2020-09-28 09:04:31 +02:00
ad0d339794 flows: add benchmark command 2020-09-27 21:21:30 +02:00
737cd22bb9 root: fix apt autoremove call 2020-09-27 21:07:29 +02:00
6ad1465f8f root: don't set default log level in docker-compose 2020-09-27 19:36:44 +02:00
d74fa4abbf admin: fix categories in sidebar being collapsible 2020-09-27 18:40:50 +02:00
b24938fc6b stages/consent: fix formatting 2020-09-26 21:06:01 +02:00
ea1564548c stages/consent: support pending_user from flow 2020-09-26 20:43:41 +02:00
3663c3c8a1 sources/saml: cleanup SLO Implementation 2020-09-26 20:38:38 +02:00
07e20a2950 core: add AuthJsonConsumer to handle websocket authentication 2020-09-26 20:11:04 +02:00
6366d50a0e core: show 'Create Application' button based on perms 2020-09-26 19:54:52 +02:00
c3e64df95b new release: 0.10.7-stable 2020-09-26 19:26:12 +02:00
d2bf2c8896 ci: fix prospector call 2020-09-26 19:17:42 +02:00
f27b43507c ci: ensure same checks as locally are run 2020-09-26 19:08:37 +02:00
c1058c7438 e2e: fix formatting 2020-09-26 18:18:01 +02:00
c37901feb9 e2e: add tests for oauth1 2020-09-26 17:44:05 +02:00
44b815efae sources/oauth: fix data being sent in body and header for oauth1 2020-09-26 17:43:58 +02:00
64a71a3663 flows: fix planner removing too many stages 2020-09-26 14:58:13 +02:00
ae435f423e ci: fix failing unittests not reporting correctly 2020-09-26 14:55:50 +02:00
7aa89c6d4f flows: fix formatting 2020-09-26 14:19:42 +02:00
7e9d7e5198 flows: fix two stages being removed when reevaluate_marker was enabled 2020-09-26 14:13:10 +02:00
2be6cd70d9 sources/oauth: fix handling of token for do_request 2020-09-26 14:00:48 +02:00
2b9705b33c policies/expression: remove pb_flow_plan, save flow context directly in context 2020-09-26 13:58:32 +02:00
502e43085f lifecycle: update celery command for 5.0 2020-09-26 02:17:39 +02:00
40f1de3b11 admin: load info about latest version in celery task 2020-09-26 02:16:35 +02:00
899c5b63ea admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-26 02:04:16 +02:00
e104c74761 admin: make pagination size configurable 2020-09-26 01:55:40 +02:00
5d46c1ea5a flows: improve strings, ensure default-source-enrollment's first stage has re_evaluate_policies 2020-09-26 01:37:54 +02:00
7d533889bc sources/oauth: fix OAuth1 not working, cleanup 2020-09-26 01:27:33 +02:00
d9c2b32cba sources/oauth: cleanup clients, add type annotations 2020-09-26 00:34:57 +02:00
6e4ce8dbaa core: cache user's is_superuser 2020-09-26 00:34:35 +02:00
03d58b439f sources/oauth: separate clients into separate modules 2020-09-25 23:58:58 +02:00
ea38da441b ci: run e2e tests with failfast 2020-09-25 22:21:58 +02:00
bdaf0111c2 stages/password: fix formatting 2020-09-25 21:12:42 +02:00
974c2ddb11 stages/password: fix change_flow being deleted instead of renamed 2020-09-25 20:33:06 +02:00
769ce1c642 e2e: add tests for TOTP Setup, static OTP Setup and otp validation 2020-09-25 20:21:49 +02:00
f294791d41 stages/otp_time: fix redirect uri after setup 2020-09-25 19:39:19 +02:00
4ee22f8ec1 stages/otp_static: fix redirect URL after setup, fix stage not being passed to setup 2020-09-25 19:38:51 +02:00
74d3cfbba0 stages/otp_time: show OTP URI as aria-label 2020-09-25 19:03:12 +02:00
d278acb83b stages/otp_: fix flows having no title 2020-09-25 18:50:29 +02:00
84da454612 stages/otp_: ensure stage.configure_flow is set 2020-09-25 17:45:13 +02:00
52101007aa e2e: bump chrome version 2020-09-25 17:39:25 +02:00
dc57f433fd stages/password: update to use ConfigurableStage 2020-09-25 16:51:22 +02:00
3d4c5b8f4e stages/otp_time: implement configure_flow 2020-09-25 12:56:27 +02:00
e66424cc49 stages/otp_static: implement configure_flow 2020-09-25 12:56:14 +02:00
8fa83a8d08 flows: change setup_stage to configure_stage in migration 2020-09-25 12:55:33 +02:00
397892b282 stages/consent: cleanup 2020-09-25 12:49:19 +02:00
7be50c2574 flows: add ConfigurableStage base class and ConfigureFlowInitView 2020-09-25 12:49:19 +02:00
2aad523596 build(deps-dev): bump django-debug-toolbar from 3.1 to 3.1.1 (#236)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.1 to 3.1.1.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.1...3.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-25 11:49:46 +02:00
6982b97eb0 build(deps): bump boto3 from 1.15.4 to 1.15.5 (#235)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.4 to 1.15.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.4...1.15.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-25 10:51:57 +02:00
3de879496d build(deps): bump celery from 4.4.7 to 5.0.0 (#237)
Bumps [celery](https://github.com/celery/celery) from 4.4.7 to 5.0.0.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v4.4.7...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-25 10:20:21 +02:00
4e75118a43 Create Dependabot config file (#234)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-25 09:36:29 +02:00
52c4fb431f core: add user.group_attributes 2020-09-24 15:45:58 +02:00
d696d854ff docs: update aws and gitlab docs 2020-09-24 15:36:29 +02:00
6966c119a7 build(deps): bump codemirror in /passbook/static/static (#231)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.0 to 5.58.1.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.0...5.58.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-24 14:31:49 +02:00
8cf5e647e3 build(deps): bump sentry-sdk from 0.17.7 to 0.17.8 (#229)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.7 to 0.17.8.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.7...0.17.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-24 14:21:39 +02:00
99bc6241f6 build(deps): bump boto3 from 1.15.3 to 1.15.4 (#230)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.3...1.15.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-24 08:37:01 +02:00
e5f837ebb7 root: add issue templates 2020-09-23 14:05:36 +02:00
9d93da3d45 providers/proxy: fix formatting 2020-09-23 12:33:33 +02:00
9f6f18f9bb proxy: implement internal_host_ssl_validation option 2020-09-23 12:21:19 +02:00
6458b1dbf8 providers/proxy: make upstream SSL Validation configurable 2020-09-23 12:20:14 +02:00
1aff9afca6 build(deps): bump boto3 from 1.15.1 to 1.15.3 (#226)
Bumps [boto3](https://github.com/boto/boto3) from 1.15.1 to 1.15.3.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.15.1...1.15.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-23 11:51:02 +02:00
e0bc7d3932 build(deps): bump sentry-sdk from 0.17.6 to 0.17.7 (#228)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.6 to 0.17.7.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.6...0.17.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-23 08:51:50 +02:00
9fd9b2611c build(deps): bump codemirror in /passbook/static/static (#225)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.57.0 to 5.58.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.57.0...5.58.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-23 00:29:01 +02:00
6f3a1dfd08 build(deps-dev): bump django-debug-toolbar from 3.0 to 3.1 (#227)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 3.0 to 3.1.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/3.0...3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-22 23:54:09 +02:00
464b2cce88 audit: fix model information being saved nested 2020-09-21 22:34:03 +02:00
4eaa46e717 new release: 0.10.6-stable 2020-09-21 22:07:59 +02:00
59e8dca499 sources/ldap: divide connector into password, sync and auth, add unittests for password 2020-09-21 21:40:41 +02:00
945d5bfaf6 *: use Audit custom event action, add SOURCE_LINKED event action 2020-09-21 20:40:45 +02:00
dbcdab05ff audit: create audit logs for model creation/updating/deletion 2020-09-21 20:26:30 +02:00
e2cc2843d8 core: add X-passbook-id to every request with unique ID 2020-09-21 19:37:44 +02:00
241d59be8d ci: test migration from last released version to current branch (#224)
* ci: test migration test from last released version to current branch

* ci: fix typo

* ci: remove hyphens

* ci: checkout Build.SourceBranchName

* ci: attempt to fix Build.SourceBranchName

https://github.com/microsoft/azure-pipelines-tasks/issues/8793

* ci: fix duplicate variables entry

* ci: fix quoting for docker jobs

* ci: attempt to access branchName directly

* ci: attempt to extract branch name via sed

* ci: fix escaping for Build.SourceBranch

* ci: different bash substitution

* ci: replace /refs/pulls

* ci: attempt to save previous branch as variable

* ci: fix indent

* ci: try compile-time variables for docker

* ci: always use Build.SourceBranch

* ci: use compile-time template expression

* ci: use Build.SourceBranchName

* ci: attempt to get branch name from System.PullRequest.SourceBranch
2020-09-21 17:55:57 +02:00
74251a8883 audit: update swagger for event 2020-09-21 13:41:53 +02:00
585afd1bcd core: remove migration dependency on ldap 2020-09-21 13:21:03 +02:00
8358574484 audit: remove foreign key to user, save user data as json 2020-09-21 13:20:50 +02:00
cbcdaaf532 providers/oauth2: fix creation of new refresh token 2020-09-21 11:48:23 +02:00
f99eaa85ac sources/ldap: implement LDAP password validation and syncing 2020-09-21 11:46:35 +02:00
5007a6befe stages/prompt: integrate password comparison when multiple password fields are given 2020-09-21 11:04:31 +02:00
50c75087b8 lifecycle: fix startup logs not being full json 2020-09-21 11:04:31 +02:00
438e4efd49 build(deps-dev): bump django-debug-toolbar from 2.2 to 3.0 (#223)
Bumps [django-debug-toolbar](https://github.com/jazzband/django-debug-toolbar) from 2.2 to 3.0.
- [Release notes](https://github.com/jazzband/django-debug-toolbar/releases)
- [Changelog](https://github.com/jazzband/django-debug-toolbar/blob/master/docs/changes.rst)
- [Commits](https://github.com/jazzband/django-debug-toolbar/compare/2.2...3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-21 10:59:43 +02:00
c7ca95ff2b new release: 0.10.5-stable 2020-09-20 13:58:33 +02:00
9f403a71ed root: fix IP detection when using multiple reverse proxies 2020-09-20 13:36:23 +02:00
2f4139df65 docs: add notice to use https when using external reverse proxy 2020-09-20 13:36:07 +02:00
f3ee8f7d9c admin: fix permissions not being checked for policybinding list 2020-09-19 23:07:39 +02:00
5fa3729702 audit: fix fields for events from impersonation being swapped 2020-09-19 22:54:36 +02:00
87f44fada4 providers/oauth2: fix refreshtoken being initialised wrong 2020-09-19 22:23:11 +02:00
c0026f3e16 admin: move pf-m-success to base css 2020-09-19 21:12:39 +02:00
c1051059f4 proxy: fix empty regex field being interpreted as regex 2020-09-19 21:05:41 +02:00
c25eda63ba new release: 0.10.4-stable 2020-09-19 19:40:58 +02:00
c90906c968 outposts: fix formatting 2020-09-19 19:12:49 +02:00
f6b52b9281 docs: add outpost upgrading docs 2020-09-19 19:04:04 +02:00
b04f92c8b4 admin: outposts show should-be version 2020-09-19 19:03:54 +02:00
a02fcb0a7a providers/oauth2: use # as separate for code#adfs, check if # exists in response_type and trim 2020-09-19 18:37:50 +02:00
c1ea605c7e build(deps): bump @patternfly/patternfly from 4.35.2 to 4.42.2 in /passbook/static/static (#222)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.35.2 to 4.42.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.35.2...prerelease-v4.42.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-19 18:30:23 +02:00
116be0b3c0 sources/ldap: add status display to show last sync 2020-09-19 17:50:39 +02:00
438250b3a9 policies: improve wording on denied tempaltes 2020-09-19 15:24:52 +02:00
5e6acee2a5 root: increase limit of max-attributes in pylint 2020-09-19 13:40:23 +02:00
8b4222e7bb providers/proxy: fix formatting 2020-09-19 12:21:31 +02:00
4af563ce89 proxy: implement simple healthcheck 2020-09-19 11:43:22 +02:00
77842fab58 proxy: implement SkipAuthRegex 2020-09-19 11:32:21 +02:00
5689f25c39 providers/proxy: add option to skip authentication for paths matching regular expressions 2020-09-19 11:32:04 +02:00
a69c494feb stages/password: update swagger 2020-09-19 02:20:38 +02:00
83408b6ae0 stages/password: add failed_attempts_before_cancel to cancel a flow after x failed entries 2020-09-19 02:18:43 +02:00
d30abc64d0 flows: improve _full template being used for stage_invalid 2020-09-19 02:15:15 +02:00
6674d3e017 e2e: fix tests for proxy provider/outpost 2020-09-19 01:54:54 +02:00
4749c3fad0 proxy: improve reconnect logic, send version, properly version proxy 2020-09-19 01:37:08 +02:00
18886697d6 outposts: add support for version checking 2020-09-19 01:34:11 +02:00
e75c9e9a79 providers/oauth2: make openid-configuration easily readable 2020-09-19 01:34:11 +02:00
5a3c1137ab providers/oauth2: add more info to configuration modal 2020-09-19 01:34:11 +02:00
ddca46e24a outposts: add modal to show setup information 2020-09-19 01:34:11 +02:00
22a9abf7bf docs: add docs for sonarr 2020-09-19 01:34:11 +02:00
fb16502466 build(deps): bump boto3 from 1.14.63 to 1.15.1 (#221)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-19 00:46:09 +02:00
421bd13ddf admin: make YAMLField return empty dict when empty yaml is given 2020-09-19 00:00:55 +02:00
404c9ef753 providers/saml: improve __str__ of SAMLPropertyMapping 2020-09-18 23:50:31 +02:00
a57b545093 docs: add landscape integration 2020-09-18 23:50:16 +02:00
d8530f238d docs: update sentry and awx integrations 2020-09-18 23:50:00 +02:00
fe4a0c3b44 core: add impersonation start/end to audit log
also add impersonated user as context to other logs
2020-09-18 23:39:37 +02:00
e0c104ee5c providers/oauth2: remove post_logout_redirect_uris 2020-09-18 23:37:40 +02:00
6ab8794754 proxy: improve logging and reconnecting 2020-09-18 21:54:23 +02:00
316e6cb17f admin: set default host for outposts based on HTTP host 2020-09-18 21:51:08 +02:00
9d5d99290c outposts: only show proxy providers 2020-09-18 21:50:49 +02:00
20ffe833de admin: fix create link for outposts 2020-09-18 21:28:48 +02:00
d4d026bf6a stages/user_write: add migration that removes unintended data 2020-09-18 18:58:07 +02:00
dfe093b2b9 stages/user_write: fix unittests 2020-09-18 18:52:19 +02:00
60739e620e stages/user_write: fix formatting 2020-09-18 18:41:11 +02:00
d6cc6770b8 stages/user_write: fix data being saved as attributes without intent 2020-09-18 18:15:33 +02:00
ddc1022461 stages/user_write: check if session hash should be updated early 2020-09-18 18:15:25 +02:00
2c2226610e providers/oauth2: fix end-session view not working, add tests 2020-09-17 21:55:01 +02:00
cba78b4de7 providers/*: fix launch_url not working 2020-09-17 21:53:57 +02:00
1eeb64ee39 docs: fix environment variable for error reporting 2020-09-17 21:22:46 +02:00
22dea62084 root: fix startup log not showing in docker 2020-09-17 21:16:31 +02:00
5ff1dd8426 core: move impersonation to core, add tests, add better permission checks 2020-09-17 16:24:53 +02:00
da15a8878f stages/password: improve labelling of LDAP backend 2020-09-17 15:54:48 +02:00
bf33828ac1 core: fix overview template for non-rectangular icons 2020-09-17 10:44:10 +02:00
950a1fc77e docs: add vsphere note for code (ADFS) 2020-09-17 10:43:59 +02:00
895e7d7393 new release: 0.10.3-stable 2020-09-17 10:10:39 +02:00
3beca0574d build(deps): bump github.com/sirupsen/logrus in /proxy (#219)
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.4.2 to 1.6.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.4.2...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-17 10:01:23 +02:00
990f5f0a43 proxy: bump versions 2020-09-17 09:35:16 +02:00
97ce143efe lifecycle: adjust worker count 2020-09-17 09:35:08 +02:00
cbbe174fd8 build(deps): bump boto3 from 1.14.62 to 1.14.63 (#218)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.62 to 1.14.63.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.62...1.14.63)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-17 08:57:57 +02:00
da3c640343 admin: fix type annotation for latest_version() 2020-09-16 23:54:55 +02:00
4b39c71de0 providers/oauth2: accept token as post param 2020-09-16 23:38:55 +02:00
818f417fd8 providers/oauth2: only send id_token as access_token if ADFS compat mode is enabled 2020-09-16 23:31:03 +02:00
f1ccef7f6a e2e: add tests for proxy provider and outposts 2020-09-16 23:22:17 +02:00
6187436518 build(deps): bump sentry-sdk from 0.17.4 to 0.17.6 (#217)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.4 to 0.17.6.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.4...0.17.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-16 10:30:19 +02:00
9559ee7cb9 build(deps-dev): bump pytest-django from 3.9.0 to 3.10.0 (#215)
Bumps [pytest-django](https://github.com/pytest-dev/pytest-django) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/pytest-dev/pytest-django/releases)
- [Changelog](https://github.com/pytest-dev/pytest-django/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pytest-dev/pytest-django/compare/v3.9.0...v3.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-16 10:08:25 +02:00
72e9c4e6fa build(deps): bump boto3 from 1.14.60 to 1.14.62 (#216)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.60 to 1.14.62.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.60...1.14.62)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-16 09:44:23 +02:00
97b8a025b3 ci: cleanup containers post e2e job 2020-09-16 09:08:10 +02:00
ea9687c30b core: don't fail migrations if no pbadmin exists 2020-09-15 23:37:39 +02:00
0a5e14a352 core: make is_superuser a group property, remove from user 2020-09-15 23:10:31 +02:00
0325847c22 docs: add vmware vsphere integration doc 2020-09-15 21:51:27 +02:00
491dcc1159 sources/ldap: improve default Property Mappings 2020-09-15 21:51:08 +02:00
6292049c74 sources/ldap: add limited support for attributes as object_fields on LDAPPropertyMappings 2020-09-15 21:08:14 +02:00
1e97af772f providers/oauth2: add workaround for vcenter 2020-09-15 20:54:54 +02:00
5c622cd4d2 providers/oauth2: make sub configurable based on hash, username, email and upn 2020-09-15 20:54:42 +02:00
c4de808c4e readme: link to install instructions from docs 2020-09-15 17:17:29 +02:00
8c604d225b static: update flow background 2020-09-15 16:14:13 +02:00
c7daadfb18 core: fix logic error in expired models cleanup 2020-09-15 12:53:02 +02:00
683968c96e sources/ldap: register ldap sources 2020-09-15 12:36:33 +02:00
c94added99 helm: bump dependency versions 2020-09-15 12:36:09 +02:00
61c00e5b39 ci: create release as draft 2020-09-15 12:36:02 +02:00
566ebae065 new release: 0.10.2-stable 2020-09-15 12:04:00 +02:00
9b62a6403b helm: fix affinity rules and resources 2020-09-15 11:41:11 +02:00
8c465b2026 outposts: remove unused import 2020-09-15 11:32:25 +02:00
6b7da71aa8 lib: improve error handling for sentry 2020-09-15 11:29:43 +02:00
e95bbfab9a outposts: disable WIP k8s controller 2020-09-15 11:25:59 +02:00
e401575894 lifecycle: fix worker not running scheduled tasks 2020-09-15 11:20:28 +02:00
6428801270 e2e: update e2e tests for new AccessDenied response 2020-09-15 10:30:04 +02:00
3e13c13619 flows: replace passbook_flows:denied with AccessDenied Reeponse 2020-09-15 09:54:19 +02:00
92f79eb30e policies: add AccessDeniedResponse as general response when access was denied 2020-09-15 09:53:59 +02:00
e7472de4bf sources/ldap: sync source on save 2020-09-14 23:35:01 +02:00
494950ac65 admin: fix anonymous user not being removed from user count 2020-09-14 23:19:16 +02:00
4d51295db2 new release: 0.10.1-stable 2020-09-14 23:08:57 +02:00
3bbded3555 docs: remove default password for docker-compose, improve instructions 2020-09-14 23:08:04 +02:00
b3262e2a82 docs: add docs for passbook_user_debug 2020-09-14 22:51:50 +02:00
40614a65fc flows: move complete denied view and template to flows 2020-09-14 21:52:43 +02:00
3cf558d594 providers/*: pass policy result objects when access denied 2020-09-14 21:52:25 +02:00
812cc0d2f1 policies: add references for source_policy and source_results 2020-09-14 21:51:59 +02:00
e21ed92848 providers/oauth2: ensure flow is cleaned up on error 2020-09-14 18:40:44 +02:00
5184c4b7ef flows: fix FlowNonApplicableException and EmptyFlowException leading to infinite spinners 2020-09-14 18:40:26 +02:00
2c07859b68 core: add automatic launch_url detection based on provider 2020-09-14 18:12:42 +02:00
ae6304c05e providers/proxy: fix provider requiring a certificate to be selected 2020-09-14 17:37:06 +02:00
501683e3cb outposts: add tests for permissions 2020-09-14 17:34:07 +02:00
cc8afa8706 admin: don't show policy as unbound when used as validation policy 2020-09-14 15:44:33 +02:00
17a9e02bc0 docs: update kubernetes deployment example 2020-09-14 15:41:24 +02:00
6a669992a8 outposts: fix permissions not being updated when providers are modified 2020-09-14 15:41:02 +02:00
7ea5c22b6c root: fix channels not loading redis connection details 2020-09-14 14:21:43 +02:00
b11d6a5891 build(deps): bump django-storages from 1.10 to 1.10.1 (#212)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-09-14 10:29:49 +02:00
49830367a7 build(deps-dev): bump coverage from 5.2.1 to 5.3 (#213)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-09-14 10:26:25 +02:00
e69ca5a229 ci: fix coverage combine for unittest and e2e 2020-09-14 09:52:43 +02:00
a57d21f5e8 build(deps): bump boto3 from 1.14.59 to 1.14.60 (#210)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-09-14 09:09:34 +02:00
c7026407c6 policies: fix type error 2020-09-14 00:28:23 +02:00
69eecd6b60 helm: add soft-affinity rules for worker and web 2020-09-14 00:12:40 +02:00
810f10edfe providers/oauth2: fix several small implicit flow errors 2020-09-14 00:11:11 +02:00
1c57128f11 providers/oauth2: fix token to code_token 2020-09-13 23:42:45 +02:00
82eade3eb1 new release: 0.10.0-stable 2020-09-13 23:03:38 +02:00
56a9dcc88d ci: fix CI trying to run e2e tests 2020-09-13 23:02:46 +02:00
fe70d80189 docs: fix kubernetes values version 2020-09-13 22:31:42 +02:00
e97e22c58a root: fix readme image link 2020-09-13 22:27:26 +02:00
bb4e39aab6 docs: add outpost deployment docs, link in outposts list 2020-09-13 22:20:17 +02:00
a8744f443c outposts: fix Kubernetes Controller not exporting dicts, secrets not being b64 encoded 2020-09-13 22:19:26 +02:00
7fe9b8f0b4 providers/proxy: add domainless URL Validator 2020-09-13 21:52:34 +02:00
696aa7e5f6 core: fix path to default icon 2020-09-13 20:47:17 +02:00
e1d82aee1d ci: run e2e tests on custom agent 2020-09-13 19:49:13 +02:00
151374f565 stages/email: fix loading of static files when path is a directory 2020-09-13 18:24:49 +02:00
bebeff9f7f root: allow for changing of logo and branding 2020-09-13 17:52:33 +02:00
8b99afa34d stages/email: fix binary files not being encoded correctly 2020-09-13 17:40:13 +02:00
b317852e8a static: replace brand.svg with text and font 2020-09-13 17:33:30 +02:00
24ae35c35a build(deps-dev): bump pytest from 6.0.1 to 6.0.2 (#211)
Bumps [pytest](https://github.com/pytest-dev/pytest) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/6.0.1...6.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-13 16:01:23 +02:00
8e6bb48227 sources/saml: add mitigation for idp-initiated requests 2020-09-13 15:39:25 +02:00
7a4e8af1ae outpost: fix outpost update signal only being sent to outposts connected to the same passbook instance 2020-09-13 14:29:40 +02:00
0161205c82 sources/saml: fix previous request ID being wrongly compared
request ID was compared to request ID not InResponseTo field
2020-09-13 14:00:56 +02:00
ca0ba85023 providers/saml: disallow idp-initiated SSO by default and validate Request ID 2020-09-12 00:53:44 +02:00
c2ebaa7f64 e2e: add oauth source test case with SameSite strict 2020-09-11 23:54:20 +02:00
23cccebb96 pytest (#209) 2020-09-11 23:21:11 +02:00
3f5d30e6fe build(deps): bump boto3 from 1.14.58 to 1.14.59 (#208)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.58 to 1.14.59.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.58...1.14.59)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-11 08:53:42 +02:00
ca735349f9 proxy: fix listening on wrong ip 2020-09-10 21:13:26 +02:00
25ce8c6dc7 build(deps): bump boto3 from 1.14.56 to 1.14.58 (#206)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-09-10 18:28:22 +02:00
081ac0bcdb root/asgi: hide healthcheck logs from sentry 2020-09-10 17:29:13 +02:00
8a07b349ee root: fix IP detection in ASGI logger, attempt to fix out of order issues 2020-09-10 16:58:25 +02:00
b3468bc265 providers/oauth2: fix comparison to undefined ResponseTypes 2020-09-10 16:26:55 +02:00
4edfad869f helm: fix missing .Values prefix for replicas 2020-09-10 15:07:56 +02:00
404f5d7912 new release: 0.10.0-rc6 2020-09-10 14:35:17 +02:00
8bea99a953 ci: run on release publish and creation 2020-09-10 14:35:13 +02:00
0b0ba33dce new release: 0.10.0-rc5 2020-09-10 14:24:31 +02:00
e3627b2cd9 ci: generate proxy api client before building docker image 2020-09-10 14:24:02 +02:00
37fac3ae00 ci: fix release being run on release edit 2020-09-10 13:25:08 +02:00
17a90adf3e new release: 0.10.0-rc4 2020-09-10 13:17:38 +02:00
7c3590f8ef ci: fix tests not being run in bash 2020-09-10 13:17:34 +02:00
7471415e7f new release: 0.10.0-rc3 2020-09-10 13:13:32 +02:00
9339d496f9 root: use PASSBOOK_TAG for static container 2020-09-10 13:13:27 +02:00
e72000eb06 new release: 0.10.0-rc2 2020-09-10 13:11:34 +02:00
ec5ff7c14d ci: fix docker-compose failing during release tag 2020-09-10 13:10:51 +02:00
43cb08b433 new release: 0.10.0-rc1 2020-09-10 13:05:12 +02:00
95a1c7b6d5 docs: remove manual upgrade instructions as they are automatic now 2020-09-10 13:04:56 +02:00
031a3d8719 build(deps): bump sentry-sdk from 0.17.3 to 0.17.4 (#207)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.3 to 0.17.4.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.3...0.17.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-10 09:54:50 +02:00
430905295d root: automate system migrations, move docker to lifecycle folder 2020-09-10 00:18:39 +02:00
1356a8108b docs: add docs for outposts 2020-09-09 19:34:19 +02:00
37dcf264e5 docs: add docs for proxy provider 2020-09-09 19:21:36 +02:00
296e1f4962 docs: improve documentation for providers 2020-09-09 19:14:12 +02:00
a0e81650d7 docs: update wording in upgrade guide 2020-09-09 18:55:01 +02:00
894cee6123 docs: add upgrade instructions for upcoming 0.10 2020-09-09 18:39:05 +02:00
a7be0379f4 e2e: fix tests using promptstages 2020-09-09 18:38:49 +02:00
2d6b57839d root: set fixed docker tags in compose 2020-09-09 18:21:53 +02:00
455e39a8bd helm: make replicas configurable 2020-09-09 18:21:27 +02:00
a7d8ac888a docs: update example flows 2020-09-09 17:23:26 +02:00
349e536d14 flows/tests: add tests to ensure flows in documentation are valid 2020-09-09 17:23:16 +02:00
cddc9bc1b7 flows/tests: update transfer tests to use same rollback function as importer 2020-09-09 17:22:44 +02:00
6d27408a10 transfer/exporter: ensure policies are exported before stages, ensure policies for new prompt stages are included 2020-09-09 17:22:24 +02:00
50a5959f6c flows/importer: fix validate writing to database not being reverted 2020-09-09 17:21:43 +02:00
18f42a0edf flows/importer: fix multiple uses of an importer instance causing errors 2020-09-09 17:21:16 +02:00
860ba994a6 policies/api: fix PolicyBinding's target being validated against the wrong pks 2020-09-09 17:20:37 +02:00
1776b72356 stages/prompt: remove PolicyBindingModel from PromptStage *breaking*
This resolves issues caused by the multiple primary keys, but also requires re-creation of the model.
2020-09-09 17:16:43 +02:00
8db60b3e83 docs: add example flows
closes #36
2020-09-08 23:18:42 +02:00
3b6341bf41 flow/transfer: fix pk's not being replaced in lists 2020-09-08 23:01:42 +02:00
3b97389833 asgi: revert ignore lifespan requests, remove healthcheck events from sentry
fixes PASSBOOK-5K
2020-09-08 18:29:01 +02:00
102d536a72 flows: fix incorrect pk being used in FlowStageBinding Form 2020-09-08 18:18:06 +02:00
9712be847c policies/api: fix target returning pbm_uuid instead of proper primary key of the object 2020-09-08 18:05:50 +02:00
f0b5e8143e admin: fix flow export view raising error 2020-09-08 16:49:15 +02:00
cc061e5b16 build(deps): bump channels-redis from 3.0.1 to 3.1.0 (#205)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 15:18:05 +02:00
fd8514331b build(deps): bump boto3 from 1.14.54 to 1.14.56 (#203)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 14:44:06 +02:00
1dc63776a5 ci: deploy to master.passbook.beryju.org on master (#113) 2020-09-07 11:59:15 +02:00
87b14e8761 flows/planner: optimise db queries during plan building 2020-09-07 11:27:02 +02:00
28893b9695 flows/transfer: fix missing unique fields for PolicyBinding 2020-09-07 11:26:37 +02:00
bb9ae28be8 build(deps): bump psycopg2-binary from 2.8.5 to 2.8.6 (#202)
Bumps [psycopg2-binary](https://github.com/psycopg/psycopg2) from 2.8.5 to 2.8.6.
- [Release notes](https://github.com/psycopg/psycopg2/releases)
- [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS)
- [Commits](https://github.com/psycopg/psycopg2/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 11:21:13 +02:00
0c05fd47f5 build(deps): bump ldap3 from 2.8 to 2.8.1 (#204)
Bumps [ldap3](https://github.com/cannatag/ldap3) from 2.8 to 2.8.1.
- [Release notes](https://github.com/cannatag/ldap3/releases)
- [Changelog](https://github.com/cannatag/ldap3/blob/dev/_changelog.txt)
- [Commits](https://github.com/cannatag/ldap3/compare/v2.8...v2.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-07 10:16:25 +02:00
fea44486c3 docker: use static worker count for docker (2 workers + 4 threads) 2020-09-06 22:16:12 +02:00
bf4763d946 asgi: ignore lifespan requests, remove healthcheck events from sentry 2020-09-06 16:51:50 +02:00
219e16f8e5 *: use direct sentry Hub for start_span 2020-09-06 16:12:17 +02:00
6ebefc9f17 root: fix some logs not being json 2020-09-06 15:52:54 +02:00
80e8a3d63c helm: fix arguments not being arrys 2020-09-06 15:52:22 +02:00
dd017e7190 flows: fix exporting and importing for models with multiple unique fields 2020-09-06 01:07:06 +02:00
268de20872 Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
14e47f3195 flows: fix default flows not having titles 2020-09-02 13:05:34 +02:00
6d289aea48 build(deps): bump boto3 from 1.14.51 to 1.14.53 (#199)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-02 10:16:45 +02:00
529fd081a0 build(deps): bump sentry-sdk from 0.17.1 to 0.17.2 (#198)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.1 to 0.17.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.1...0.17.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-02 09:53:58 +02:00
02e3c78720 build(deps): bump django from 3.1 to 3.1.1 (#200)
Bumps [django](https://github.com/django/django) from 3.1 to 3.1.1.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.1...3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-02 09:24:10 +02:00
abc78d6633 build(deps): bump django-storages from 1.9.1 to 1.10 (#197)
Bumps [django-storages](https://github.com/jschneier/django-storages) from 1.9.1 to 1.10.
- [Release notes](https://github.com/jschneier/django-storages/releases)
- [Changelog](https://github.com/jschneier/django-storages/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/jschneier/django-storages/compare/1.9.1...1.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-31 10:36:24 +02:00
3f3dfc0a28 build(deps): bump boto3 from 1.14.50 to 1.14.51 (#195)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.50 to 1.14.51.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.50...1.14.51)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-30 19:10:50 +02:00
5bd27bce3f build(deps): bump sentry-sdk from 0.17.0 to 0.17.1 (#196)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.17.0...0.17.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-30 12:41:57 +02:00
c39d136383 flows: add title field 2020-08-28 15:23:03 +02:00
a977184577 flows: export export/import functions in UI 2020-08-28 15:06:25 +02:00
b7ca40d98e build(deps): bump boto3 from 1.14.49 to 1.14.50 (#194)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.49 to 1.14.50.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.49...1.14.50)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-28 09:13:21 +02:00
b2cb794865 build(deps): bump @patternfly/patternfly in /passbook/static/static (#192)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.31.6 to 4.35.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.31.6...prerelease-v4.35.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-27 10:38:27 +02:00
874f03e4dd build(deps): bump boto3 from 1.14.48 to 1.14.49 (#193)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.48 to 1.14.49.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.48...1.14.49)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-27 10:19:48 +02:00
8f08d78bf1 build(deps): bump sentry-sdk from 0.16.5 to 0.17.0 (#190)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.16.5 to 0.17.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.16.5...0.17.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-26 10:58:01 +02:00
2661f2bbb3 build(deps): bump boto3 from 1.14.47 to 1.14.48 (#191)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.47 to 1.14.48.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.47...1.14.48)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-26 08:58:16 +02:00
7d321e8aa8 helm: make image name configurable, make postgres and redis charts optional 2020-08-25 18:02:51 +02:00
a732beb72b helm: update to v2 chart 2020-08-25 17:58:05 +02:00
0996775ebf helm: cleanup 2020-08-25 17:51:33 +02:00
4147e8d1a7 helm: remove unmaintained monitoring 2020-08-25 17:45:56 +02:00
983bbb622d helm: fix invalid domain 2020-08-25 17:45:03 +02:00
885f8bae9f helm: remove mount of configmap, read entirely from env 2020-08-25 17:43:37 +02:00
aaa662199c build(deps): bump django-prometheus from 2.0.0 to 2.1.0 (#188)
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/compare/2.0.0...2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-24 14:25:47 +02:00
0e0898c3cf Flow exporting/importing (#187)
* stages/*: Add SerializerModel as base model, implement serializer property

* flows: add initial flow exporter and importer

* policies/*: implement .serializer for all policies

* root: fix missing dacite requirement
2020-08-22 00:42:15 +02:00
8b17e8be99 build(deps): bump codemirror in /passbook/static/static (#185)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.56.0 to 5.57.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.56.0...5.57.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-21 10:52:03 +02:00
a082222b58 build(deps): bump boto3 from 1.14.45 to 1.14.47 (#186)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.45 to 1.14.47.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.45...1.14.47)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-21 10:34:16 +02:00
9826bb4d01 root: fix sentry's being passed incorrectly 2020-08-20 23:12:54 +02:00
f7c629ec9b root: when error_reporting is enabled, don't sent pii data by default 2020-08-20 22:19:49 +02:00
e2aeb96a6a root: fix invalid import for clean_expired_models 2020-08-20 21:53:20 +02:00
ff810c689f Replace Elastic APM with Sentry APM (#183) 2020-08-20 20:39:21 +02:00
0eb94df1f7 providers/oauth2: fix redirect_uri not being checked correctly if multiple redirect_uris are configured 2020-08-20 16:41:00 +02:00
86597df159 build(deps): bump boto3 from 1.14.43 to 1.14.45 (#181)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.43 to 1.14.45.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.43...1.14.45)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-08-20 09:09:56 +02:00
0394adaf46 *: fix general Linting errors 2020-08-19 10:49:14 +02:00
c7a2410b1d OAuth Provider Rewrite (#182) 2020-08-19 10:32:44 +02:00
b9076b5fd4 build(deps): bump @patternfly/patternfly from 4.31.4 to 4.31.6 in /passbook/static/static (#179)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.31.4 to 4.31.6.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.31.4...prerelease-v4.31.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-18 21:42:39 +02:00
c07a45083f build(deps-dev): bump unittest-xml-reporting from 3.0.3 to 3.0.4 (#180)
Bumps [unittest-xml-reporting](https://github.com/xmlrunner/unittest-xml-reporting) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/xmlrunner/unittest-xml-reporting/releases)
- [Commits](https://github.com/xmlrunner/unittest-xml-reporting/compare/3.0.3...3.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-18 21:42:20 +02:00
4b10fa3d93 build(deps): bump boto3 from 1.14.42 to 1.14.43 (#177)
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-17 12:41:10 +02:00
c910dc9a3c build(deps-dev): bump unittest-xml-reporting from 3.0.2 to 3.0.3 (#175)
Bumps [unittest-xml-reporting](https://github.com/xmlrunner/unittest-xml-reporting) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/xmlrunner/unittest-xml-reporting/releases)
- [Commits](https://github.com/xmlrunner/unittest-xml-reporting/compare/3.0.2...3.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-17 12:16:46 +02:00
882dc60292 build(deps): bump sentry-sdk from 0.16.4 to 0.16.5 (#176) 2020-08-17 11:52:20 +02:00
7923468a01 admin: fix incorrect view name for groups 2020-08-16 17:41:48 +02:00
9ebbb51cf7 Merge pull request #157 from BeryJu/dependabot/pip/django-3.1
build(deps): bump django from 3.0.9 to 3.1
2020-08-15 21:44:54 +02:00
bd25cadb71 lib: fix config possibly iterating None 2020-08-15 21:12:38 +02:00
7334599efd *: update JSON fields to django 3.1 2020-08-15 21:04:22 +02:00
54f0728005 build(deps): bump django from 3.0.9 to 3.1
Bumps [django](https://github.com/django/django) from 3.0.9 to 3.1.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.0.9...3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 21:25:04 +00:00
e0c7637382 Merge pull request #170 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/patternfly/patternfly-4.31.4
build(deps): bump @patternfly/patternfly from 4.23.3 to 4.31.4 in /passbook/static/static
2020-08-14 23:20:56 +02:00
086a3c0548 build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.23.3 to 4.31.4.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.23.3...prerelease-v4.31.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 20:58:38 +00:00
65efbbd7ee Merge pull request #160 from BeryJu/dependabot/pip/django-prometheus-2.1.0.dev61
build(deps): bump django-prometheus from 2.1.0.dev54 to 2.1.0.dev61
2020-08-14 22:25:35 +02:00
5cc045e3c9 build(deps): bump django-prometheus from 2.1.0.dev54 to 2.1.0.dev61
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev54 to 2.1.0.dev61.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 20:04:40 +00:00
56d259ce75 Merge pull request #172 from BeryJu/dependabot/pip/sentry-sdk-0.16.4
build(deps): bump sentry-sdk from 0.16.3 to 0.16.4
2020-08-14 22:00:24 +02:00
8919bade55 build(deps): bump sentry-sdk from 0.16.3 to 0.16.4
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.16.3 to 0.16.4.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.16.3...0.16.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 19:33:46 +00:00
703d511089 Merge pull request #173 from BeryJu/dependabot/pip/django-otp-1.0.0
build(deps): bump django-otp from 0.9.4 to 1.0.0
2020-08-14 21:29:34 +02:00
aabedfc3e4 build(deps): bump django-otp from 0.9.4 to 1.0.0
Bumps [django-otp](https://github.com/django-otp/django-otp) from 0.9.4 to 1.0.0.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v0.9.4...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 17:49:44 +00:00
0f154dee11 Merge pull request #167 from BeryJu/dependabot/pip/docker-4.3.0
build(deps-dev): bump docker from 4.2.2 to 4.3.0
2020-08-14 19:45:39 +02:00
a5c46d7e72 build(deps-dev): bump docker from 4.2.2 to 4.3.0
Bumps [docker](https://github.com/docker/docker-py) from 4.2.2 to 4.3.0.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.2.2...4.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 17:10:06 +00:00
bbd59698e1 Merge pull request #174 from BeryJu/dependabot/pip/boto3-1.14.42
build(deps): bump boto3 from 1.14.41 to 1.14.42
2020-08-14 19:06:09 +02:00
3b0216bc00 build(deps): bump boto3 from 1.14.41 to 1.14.42
Bumps [boto3](https://github.com/boto/boto3) from 1.14.41 to 1.14.42.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.41...1.14.42)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 16:41:51 +00:00
b4fc32afac e2e: fix typo, log when docker healthcheck fails 2020-08-14 18:09:49 +02:00
45df127f18 e2e: lock mailhog docker image 2020-08-14 17:55:44 +02:00
55cf49bb8a root: attempt to fix broken e2e tests 2020-08-14 17:39:41 +02:00
00ce2a90f1 e2e: lock version of selenium/chrome 2020-08-14 10:53:37 +02:00
de77e1e41e Merge pull request #171 from BeryJu/dependabot/pip/boto3-1.14.41
build(deps): bump boto3 from 1.14.40 to 1.14.41
2020-08-13 10:49:17 +02:00
e40c07e997 build(deps): bump boto3 from 1.14.40 to 1.14.41
Bumps [boto3](https://github.com/boto/boto3) from 1.14.40 to 1.14.41.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.40...1.14.41)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-13 05:15:58 +00:00
d4b0bbb368 Merge pull request #165 from BeryJu/dependabot/pip/ldap3-2.8 2020-08-12 23:01:49 +02:00
d05f077ba0 Merge pull request #169 from BeryJu/dependabot/pip/boto3-1.14.40
build(deps): bump boto3 from 1.14.39 to 1.14.40
2020-08-12 23:01:30 +02:00
ca322d1e2c build(deps): bump boto3 from 1.14.39 to 1.14.40
Bumps [boto3](https://github.com/boto/boto3) from 1.14.39 to 1.14.40.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.39...1.14.40)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-12 05:18:00 +00:00
3c9631b287 build(deps): bump ldap3 from 2.7 to 2.8
Bumps [ldap3](https://github.com/cannatag/ldap3) from 2.7 to 2.8.
- [Release notes](https://github.com/cannatag/ldap3/releases)
- [Changelog](https://github.com/cannatag/ldap3/blob/dev/_changelog.txt)
- [Commits](https://github.com/cannatag/ldap3/compare/v2.7...v2.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-11 14:40:31 +00:00
16c2332c14 Merge pull request #168 from BeryJu/dependabot/pip/boto3-1.14.39
build(deps): bump boto3 from 1.14.37 to 1.14.39
2020-08-11 16:36:36 +02:00
2723b2091f build(deps): bump boto3 from 1.14.37 to 1.14.39
Bumps [boto3](https://github.com/boto/boto3) from 1.14.37 to 1.14.39.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.37...1.14.39)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-11 05:20:33 +00:00
7b454ff72a Merge pull request #161 from BeryJu/dependabot/pip/pylint-django-2.3.0
build(deps-dev): bump pylint-django from 2.2.0 to 2.3.0
2020-08-07 14:06:17 +02:00
4578bf6f29 build(deps-dev): bump pylint-django from 2.2.0 to 2.3.0
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-07 10:51:40 +00:00
a991632396 Merge pull request #164 from BeryJu/dependabot/pip/boto3-1.14.37
build(deps): bump boto3 from 1.14.36 to 1.14.37
2020-08-07 12:47:50 +02:00
81d2f8c728 build(deps): bump boto3 from 1.14.36 to 1.14.37
Bumps [boto3](https://github.com/boto/boto3) from 1.14.36 to 1.14.37.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.36...1.14.37)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-07 05:13:58 +00:00
b42164a6b6 Merge pull request #162 from BeryJu/dependabot/pip/django-otp-0.9.4
build(deps): bump django-otp from 0.9.3 to 0.9.4
2020-08-06 10:07:24 +02:00
5857552b73 Merge pull request #163 from BeryJu/dependabot/pip/boto3-1.14.36
build(deps): bump boto3 from 1.14.35 to 1.14.36
2020-08-06 10:07:07 +02:00
0645dde90c build(deps): bump boto3 from 1.14.35 to 1.14.36
Bumps [boto3](https://github.com/boto/boto3) from 1.14.35 to 1.14.36.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.35...1.14.36)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-06 05:17:07 +00:00
494a8226a4 build(deps): bump django-otp from 0.9.3 to 0.9.4
Bumps [django-otp](https://github.com/django-otp/django-otp) from 0.9.3 to 0.9.4.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v0.9.3...v0.9.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-06 05:15:35 +00:00
aedd5f3f99 Merge pull request #158 from BeryJu/dependabot/pip/boto3-1.14.35
build(deps): bump boto3 from 1.14.34 to 1.14.35
2020-08-05 16:24:21 +02:00
8a1ff7cb5b build(deps): bump boto3 from 1.14.34 to 1.14.35
Bumps [boto3](https://github.com/boto/boto3) from 1.14.34 to 1.14.35.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.34...1.14.35)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-05 05:16:29 +00:00
e0a9cc0e26 Merge pull request #156 from BeryJu/dependabot/pip/boto3-1.14.34
build(deps): bump boto3 from 1.14.33 to 1.14.34
2020-08-04 14:18:36 +02:00
8f240b5303 build(deps): bump boto3 from 1.14.33 to 1.14.34
Bumps [boto3](https://github.com/boto/boto3) from 1.14.33 to 1.14.34.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.33...1.14.34)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-04 09:48:59 +00:00
ea39a5e952 Merge pull request #155 from BeryJu/dependabot/pip/django-3.0.9
build(deps): bump django from 3.0.8 to 3.0.9
2020-08-04 11:44:56 +02:00
ac539268cb build(deps): bump django from 3.0.8 to 3.0.9
Bumps [django](https://github.com/django/django) from 3.0.8 to 3.0.9.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.0.8...3.0.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-04 05:15:37 +00:00
ed72a2c959 helm: fix APM secret_token not being applied correctly 2020-08-03 20:55:44 +02:00
e5cd9a4a2a Merge pull request #151 from BeryJu/dependabot/pip/django-prometheus-2.1.0.dev54
build(deps): bump django-prometheus from 2.1.0.dev52 to 2.1.0.dev54
2020-08-03 10:02:17 +02:00
d4f530f80b build(deps): bump django-prometheus from 2.1.0.dev52 to 2.1.0.dev54
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev52 to 2.1.0.dev54.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 07:24:25 +00:00
282a518e00 Merge pull request #152 from BeryJu/dependabot/pip/autopep8-1.5.4
build(deps-dev): bump autopep8 from 1.5.3 to 1.5.4
2020-08-03 09:20:27 +02:00
5d50d99f59 Merge pull request #153 from BeryJu/dependabot/pip/sentry-sdk-0.16.3
build(deps): bump sentry-sdk from 0.16.2 to 0.16.3
2020-08-03 09:20:06 +02:00
d56a98e561 build(deps): bump sentry-sdk from 0.16.2 to 0.16.3
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.16.2 to 0.16.3.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.16.2...0.16.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 07:01:01 +00:00
0cfdbd92d8 build(deps-dev): bump autopep8 from 1.5.3 to 1.5.4
Bumps [autopep8](https://github.com/hhatto/autopep8) from 1.5.3 to 1.5.4.
- [Release notes](https://github.com/hhatto/autopep8/releases)
- [Commits](https://github.com/hhatto/autopep8/compare/v1.5.3...v1.5.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 07:00:21 +00:00
6262923398 Merge pull request #154 from BeryJu/dependabot/pip/celery-4.4.7
build(deps): bump celery from 4.4.6 to 4.4.7
2020-08-03 08:56:33 +02:00
f96b1b58f3 build(deps): bump celery from 4.4.6 to 4.4.7
Bumps [celery](https://github.com/celery/celery) from 4.4.6 to 4.4.7.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v4.4.6...v4.4.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 05:24:44 +00:00
fdf372912a Merge pull request #150 from pessimist101/patch-1
fix/Spelling error in SECURITY.md
2020-08-01 22:47:24 +02:00
2e517258fa fix/Spelling error in SECURITY.md 2020-08-01 21:38:07 +01:00
316ac78e49 new release: 0.9.0-stable 2020-08-01 22:17:59 +02:00
de2b67b111 providers/app_gw: improve templates 2020-08-01 22:13:12 +02:00
e1bbbe6671 providers/app_gw: disable client authz to use passbook 2020-08-01 20:53:55 +02:00
8b3839343c providers/oidc: remove static lookup for OIDCProvider, get related object for app_gw 2020-08-01 20:53:33 +02:00
7897ca4744 providers/app_gw: fix Client scopes and URLs 2020-08-01 20:33:38 +02:00
2fd00c6c9d Merge pull request #149 from BeryJu/dependabot/pip/boto3-1.14.33
build(deps): bump boto3 from 1.14.31 to 1.14.33
2020-08-01 20:25:20 +02:00
80f7f82fa4 build(deps): bump boto3 from 1.14.31 to 1.14.33
Bumps [boto3](https://github.com/boto/boto3) from 1.14.31 to 1.14.33.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.31...1.14.33)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-01 18:10:27 +00:00
1a21012911 providers/app_gw: fix URL Validation not working for internal and external host 2020-08-01 20:02:43 +02:00
d4a5269bf1 *: Adjust forms to only show respective types of Flows and PropertyMappings 2020-08-01 20:02:23 +02:00
fcf70a3cd4 providers/app_gw: Fix K8s template labels, add missing ISSUER_URL 2020-08-01 19:47:40 +02:00
e9411d856c docs: add notice that AWS requires POST binding 2020-08-01 19:42:33 +02:00
1a6dd00681 providers/saml: fix X509Data container linebreaks 2020-08-01 19:38:59 +02:00
330bd0932b providers/saml: fix NotOnOrAfter using incorrect timestamp 2020-08-01 19:38:41 +02:00
250e77f40f Merge pull request #147 from BeryJu/dependabot/pip/boto3-1.14.31
build(deps): bump boto3 from 1.14.30 to 1.14.31
2020-07-30 09:18:52 +02:00
ef71aba544 build(deps): bump boto3 from 1.14.30 to 1.14.31
Bumps [boto3](https://github.com/boto/boto3) from 1.14.30 to 1.14.31.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.30...1.14.31)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-30 05:18:20 +00:00
567a8f53da ci: add codeql analysis 2020-07-29 09:14:17 +02:00
88c87aa205 Merge pull request #146 from BeryJu/dependabot/pip/boto3-1.14.30
build(deps): bump boto3 from 1.14.28 to 1.14.30
2020-07-29 09:12:33 +02:00
90ac3d56ca build(deps): bump boto3 from 1.14.28 to 1.14.30
Bumps [boto3](https://github.com/boto/boto3) from 1.14.28 to 1.14.30.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.28...1.14.30)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-29 05:20:31 +00:00
a298e9e2ca Merge pull request #144 from BeryJu/dependabot/pip/coverage-5.2.1
build(deps-dev): bump coverage from 5.2 to 5.2.1
2020-07-27 08:59:32 +02:00
abdf86d9c9 build(deps-dev): bump coverage from 5.2 to 5.2.1
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.2 to 5.2.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.2...coverage-5.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 05:23:03 +00:00
c58658d820 new release: 0.9.0-rc2 2020-07-26 23:34:36 +02:00
a9b5e6ea13 flows: fix shell not showing spinner after submit 2020-07-26 22:15:50 +02:00
ddb0fdee98 providers/app_gw: generate docker-compose in code 2020-07-26 22:01:37 +02:00
83205f1b49 providers/app_gw: use full URL with protocol for internal/external_host 2020-07-26 22:01:20 +02:00
7221800a16 Merge pull request #143 from BeryJu/dependabot/pip/boto3-1.14.28
build(deps): bump boto3 from 1.14.26 to 1.14.28
2020-07-26 00:10:20 +02:00
4515cb6bbe build(deps): bump boto3 from 1.14.26 to 1.14.28
Bumps [boto3](https://github.com/boto/boto3) from 1.14.26 to 1.14.28.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.26...1.14.28)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-25 21:00:05 +00:00
7f9da11eba Merge pull request #139 from BeryJu/dependabot/pip/pylint-django-2.2.0
build(deps-dev): bump pylint-django from 2.1.0 to 2.2.0
2020-07-25 22:53:05 +02:00
da69d2611d build(deps-dev): bump pylint-django from 2.1.0 to 2.2.0
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.1.0...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-25 20:20:48 +00:00
3b4be5695a gatekeeper: fix non-existent templates being copied 2020-07-25 22:13:15 +02:00
9d68c9550b gatekeeper: automatically redirect to passbook 2020-07-25 21:45:36 +02:00
3b2d469780 e2e: ensure that PasswordStage's change_flow is set correctly 2020-07-25 21:37:22 +02:00
ae629d1159 providers/oauth: remove LoginRequired from AuthorizationFlowInitView as user is redirected within 2020-07-25 21:36:50 +02:00
72a6f9cbe0 providers/saml: remove LoginRequired from SAMLSSOView as user is redirected within 2020-07-25 21:36:28 +02:00
9793b7461b providers/oidc: remove LoginRequired from AuthorizationFlowInitView as user is redirected within 2020-07-25 21:35:38 +02:00
9c1a824dc4 providers/app_gw: fix Issuer URL being incorrect, fix incorrect length cookie secret 2020-07-25 21:34:14 +02:00
738ced3327 e2e: CI -> TF_BUILD 2020-07-23 20:03:35 +02:00
ed1ee1fa55 Merge pull request #138 from BeryJu/dependabot/pip/boto3-1.14.26
build(deps): bump boto3 from 1.14.25 to 1.14.26
2020-07-23 19:49:54 +02:00
95776bbc56 build(deps): bump boto3 from 1.14.25 to 1.14.26
Bumps [boto3](https://github.com/boto/boto3) from 1.14.25 to 1.14.26.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.25...1.14.26)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-23 17:48:38 +00:00
62a4beb3d6 Merge pull request #140 from BeryJu/dependabot/pip/sentry-sdk-0.16.2
build(deps): bump sentry-sdk from 0.16.1 to 0.16.2
2020-07-23 19:45:08 +02:00
466a825f5b Merge pull request #141 from BeryJu/dependabot/pip/urllib3-1.25.10
build(deps): bump urllib3 from 1.25.9 to 1.25.10
2020-07-23 19:44:52 +02:00
3ffed279d7 e2e: fix flow setup stage test not finding link 2020-07-23 11:04:59 +02:00
4b6b36b2d2 build(deps): bump urllib3 from 1.25.9 to 1.25.10
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.9 to 1.25.10.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/1.25.10/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.9...1.25.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-23 05:18:49 +00:00
2a8f63bf86 build(deps): bump sentry-sdk from 0.16.1 to 0.16.2
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.16.1 to 0.16.2.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.16.1...0.16.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-23 05:17:21 +00:00
3c12cf96a9 Merge pull request #137 from BeryJu/dependabot/pip/boto3-1.14.25
build(deps): bump boto3 from 1.14.24 to 1.14.25
2020-07-22 13:01:35 +02:00
d787caf0e4 build(deps): bump boto3 from 1.14.24 to 1.14.25
Bumps [boto3](https://github.com/boto/boto3) from 1.14.24 to 1.14.25.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.24...1.14.25)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-22 05:14:06 +00:00
0fc2f32d3d Merge pull request #135 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/codemirror-5.56.0
build(deps): bump codemirror from 5.55.0 to 5.56.0 in /passbook/static/static
2020-07-21 10:30:50 +02:00
894d5da1d8 Merge pull request #136 from BeryJu/dependabot/pip/boto3-1.14.24
build(deps): bump boto3 from 1.14.23 to 1.14.24
2020-07-21 10:30:35 +02:00
985d20d025 build(deps): bump boto3 from 1.14.23 to 1.14.24
Bumps [boto3](https://github.com/boto/boto3) from 1.14.23 to 1.14.24.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.23...1.14.24)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-21 05:19:53 +00:00
94f3e6d0c5 build(deps): bump codemirror in /passbook/static/static
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.55.0 to 5.56.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.55.0...5.56.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-21 05:16:34 +00:00
0a196608c7 Merge pull request #134 from BeryJu/consent-mode
Add different Modes to Consent Stage
2020-07-20 19:14:33 +02:00
d33f0fb2cf Merge branch 'master' into consent-mode
# Conflicts:
#	passbook/stages/consent/models.py
2020-07-20 18:56:38 +02:00
ffff69ada0 stages/consent: add unittests for new modes 2020-07-20 18:47:52 +02:00
37a432267d Squashed commit of the following:
commit 88029a4335
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:55:55 2020 +0200

    admin: update to work with new form

commit 4040eb9619
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:43:30 2020 +0200

    *: remove path-based import from all PropertyMappings

commit c9663a08da
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:33:34 2020 +0200

    flows: update work with new stages

commit a3d92ebc0a
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:23:30 2020 +0200

    stages/*: remove path-based import from all stages

commit 6fa825e372
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:03:55 2020 +0200

    providers/*: remove path-based import from all providers

commit 6aefd072c8
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 15:58:48 2020 +0200

    policies/*: remove path-based import from all policies

commit ac2dd3611f
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 15:11:27 2020 +0200

    sources/*: remove path-based import from all sources

commit 74e628ce9c
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 14:43:38 2020 +0200

    ui: allow overriding of verbose_name

commit d4ee18ee32
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 14:08:27 2020 +0200

    sources/oauth: migrate from discordapp.com to discord.com
2020-07-20 18:17:14 +02:00
88029a4335 admin: update to work with new form 2020-07-20 17:57:06 +02:00
4040eb9619 *: remove path-based import from all PropertyMappings 2020-07-20 16:54:23 +02:00
c9663a08da flows: update work with new stages 2020-07-20 16:33:34 +02:00
a3d92ebc0a stages/*: remove path-based import from all stages 2020-07-20 16:28:45 +02:00
6fa825e372 providers/*: remove path-based import from all providers 2020-07-20 16:05:09 +02:00
6aefd072c8 policies/*: remove path-based import from all policies 2020-07-20 16:05:09 +02:00
ac2dd3611f sources/*: remove path-based import from all sources 2020-07-20 16:05:09 +02:00
74e628ce9c ui: allow overriding of verbose_name 2020-07-20 14:43:38 +02:00
d4ee18ee32 sources/oauth: migrate from discordapp.com to discord.com 2020-07-20 14:08:27 +02:00
9ff3ee7c0c Merge branch 'master' into consent-mode 2020-07-20 13:59:09 +02:00
418b94a45a e2e: fix grafana docker image tag 2020-07-20 13:58:50 +02:00
1393078fe6 e2e: fix oauth/oidc tests not working with current grafana 2020-07-20 13:49:07 +02:00
50612991fa stages/consent: start implementing user consent 2020-07-20 13:19:58 +02:00
37b2400cdb lib: move SAML timestring utils into lib 2020-07-20 11:35:16 +02:00
05c3393669 Merge pull request #133 from BeryJu/expiring-models
core: separate expiry logic from tokens and make re-usable
2020-07-20 11:17:37 +02:00
c60d1e1f9a core: separate expiry logic from tokens and make re-usable 2020-07-20 10:57:12 +02:00
2be7d3191f Merge pull request #132 from BeryJu/dependabot/pip/boto3-1.14.23
build(deps): bump boto3 from 1.14.22 to 1.14.23
2020-07-20 09:10:14 +02:00
aa692fdacb Merge pull request #131 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/patternfly/patternfly-4.23.3
build(deps): bump @patternfly/patternfly from 4.16.7 to 4.23.3 in /passbook/static/static
2020-07-20 09:09:58 +02:00
c163637bfd build(deps): bump boto3 from 1.14.22 to 1.14.23
Bumps [boto3](https://github.com/boto/boto3) from 1.14.22 to 1.14.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.22...1.14.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 05:20:24 +00:00
5552aca079 build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.16.7 to 4.23.3.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.16.7...prerelease-v4.23.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 05:14:37 +00:00
ff2456dcfa root: clean log output, always show logger 2020-07-19 22:48:52 +02:00
539264c396 Merge pull request #130 from BeryJu/dependabot/pip/boto3-1.14.22
build(deps): bump boto3 from 1.14.21 to 1.14.22
2020-07-17 10:48:26 +02:00
1acfaf1562 build(deps): bump boto3 from 1.14.21 to 1.14.22
Bumps [boto3](https://github.com/boto/boto3) from 1.14.21 to 1.14.22.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.21...1.14.22)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-17 05:20:16 +00:00
a81e277cfa Merge pull request #128 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/fortawesome/fontawesome-free-5.14.0
build(deps): bump @fortawesome/fontawesome-free from 5.13.1 to 5.14.0 in /passbook/static/static
2020-07-16 16:01:42 +02:00
b4cb78f33f Merge pull request #129 from BeryJu/dependabot/pip/boto3-1.14.21
build(deps): bump boto3 from 1.14.20 to 1.14.21
2020-07-16 16:01:20 +02:00
35c0a9532f build(deps): bump boto3 from 1.14.20 to 1.14.21
Bumps [boto3](https://github.com/boto/boto3) from 1.14.20 to 1.14.21.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.20...1.14.21)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-16 05:18:26 +00:00
aff074420b build(deps): bump @fortawesome/fontawesome-free
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.13.1 to 5.14.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.13.1...5.14.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-16 05:15:24 +00:00
edbea9ccff audit: fix list not having loginrequired
closes #127
2020-07-15 18:34:53 +02:00
6b26e10ea2 new release: 0.9.0-rc1 2020-07-15 12:00:47 +02:00
a737335fdd ci: fix database connections failing 2020-07-14 22:55:30 +02:00
e15f7d7f28 flows: fix potential open redirect vuln 2020-07-14 21:57:28 +02:00
fbf9554a9e flows: fix SESSION_KEY_GET being deleted too early 2020-07-14 21:42:47 +02:00
5f34b08433 ci: fix failed tests not failing CI pipeline 2020-07-14 21:36:40 +02:00
f67a03ad66 Merge pull request #126 from BeryJu/dependabot/pip/elastic-apm-5.8.1
build(deps): bump elastic-apm from 5.8.0 to 5.8.1
2020-07-14 09:19:07 +02:00
6095301337 build(deps): bump elastic-apm from 5.8.0 to 5.8.1
Bumps [elastic-apm](https://github.com/elastic/apm-agent-python) from 5.8.0 to 5.8.1.
- [Release notes](https://github.com/elastic/apm-agent-python/releases)
- [Changelog](https://github.com/elastic/apm-agent-python/blob/master/CHANGELOG.asciidoc)
- [Commits](https://github.com/elastic/apm-agent-python/compare/v5.8.0...v5.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-14 05:20:24 +00:00
4a774b5885 Merge pull request #123 from BeryJu/dependabot/pip/pylint-django-2.1.0
build(deps-dev): bump pylint-django from 2.0.15 to 2.1.0
2020-07-13 16:49:33 +02:00
aa8fac3a06 Merge pull request #124 from BeryJu/dependabot/pip/django-prometheus-2.1.0.dev52
build(deps): bump django-prometheus from 2.1.0.dev46 to 2.1.0.dev52
2020-07-13 16:49:12 +02:00
b8407f5bf6 Merge pull request #125 from BeryJu/dependabot/pip/sentry-sdk-0.16.1
build(deps): bump sentry-sdk from 0.16.0 to 0.16.1
2020-07-13 16:49:02 +02:00
989c426211 Merge branch 'master' into dependabot/pip/pylint-django-2.1.0 2020-07-13 16:16:16 +02:00
9a888cfcf1 Merge branch 'master' into dependabot/pip/django-prometheus-2.1.0.dev52 2020-07-13 16:16:08 +02:00
72ec871729 Merge branch 'master' into dependabot/pip/sentry-sdk-0.16.1 2020-07-13 16:15:58 +02:00
8d58842c9b e2e: decrease timeouts to fix failed tests 2020-07-13 08:54:56 +02:00
a90aa5e069 build(deps): bump sentry-sdk from 0.16.0 to 0.16.1
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.16.0 to 0.16.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.16.0...0.16.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 05:20:41 +00:00
639020a2e1 build(deps): bump django-prometheus from 2.1.0.dev46 to 2.1.0.dev52
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev46 to 2.1.0.dev52.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 05:18:58 +00:00
8e6f915ec6 build(deps-dev): bump pylint-django from 2.0.15 to 2.1.0
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.0.15 to 2.1.0.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.0.15...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 05:17:14 +00:00
6631471566 root: update version in readme 2020-07-12 22:53:25 +02:00
b452e751ea flows: add SESSION_KEY_APPLICATION_PRE
whenever a user tries to access an application without being authenticated to passbook, we now show notice which application they are going to continue to.
2020-07-12 22:47:46 +02:00
a3baa100d4 sources/saml: remove unused import 2020-07-12 18:55:26 +02:00
f7b9de1261 */saml: fix MetadataProcessor having generic namespace prefixes 2020-07-12 18:40:43 +02:00
47ca566d06 sources/saml: fix MetadataProcessor not working, add unittests 2020-07-12 18:40:18 +02:00
a943d060d2 core: add separate autosubmit form for use without flows 2020-07-12 18:24:36 +02:00
1675dab314 providers/saml: fix encoding for POST bindings 2020-07-12 17:58:38 +02:00
996aa367d3 core: fix autosubmit_form loading full template 2020-07-12 17:45:03 +02:00
be6f342e58 providers/saml: fix RelayState being included when None given 2020-07-12 17:22:14 +02:00
464b558a02 */saml: fix typo 2020-07-12 17:20:41 +02:00
d1151091cd providers/saml: Generate NameID Value based on NameID Policy received 2020-07-12 17:06:35 +02:00
f8e5383ba2 providers/saml: parse NameID Policy from AuthnRequest 2020-07-12 17:05:48 +02:00
06f73512df lib/evaluator: add support for IP Address comparison 2020-07-12 16:36:49 +02:00
0ff4545bab providers/saml: fix AuthnRequest Signature validation, add unittests 2020-07-12 16:17:53 +02:00
ff6e270886 sources/saml: fix AuthnRequest Singing for redirect bindings 2020-07-12 16:17:35 +02:00
8aa0b72b67 e2e: only save screenshots in CI 2020-07-12 16:17:04 +02:00
91766a2162 sources/saml: automatically add RelayState to build_auth_n_detached 2020-07-12 01:46:46 +02:00
a393097504 */saml: start implementing unittests, fix signing 2020-07-12 01:44:34 +02:00
2056b86ce7 providers/saml: rewrite SAML AuthNRequest Parser and Response Processor 2020-07-11 14:06:42 +02:00
1b0c013d8e providers/saml: remove processor_path field 2020-07-11 13:28:10 +02:00
92a09be8c0 sources/saml: rewrite Processors and Views to directly build XML without templates 2020-07-11 01:02:55 +02:00
1e31cd03ed build(deps): bump lxml from 4.5.1 to 4.5.2 (#121)
Bumps [lxml](https://github.com/lxml/lxml) from 4.5.1 to 4.5.2.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.5.1...lxml-4.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-07-10 23:31:13 +02:00
dc863a6e87 build(deps): bump boto3 from 1.14.19 to 1.14.20 (#122)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.19 to 1.14.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.19...1.14.20)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Jens L <jens@beryju.org>
2020-07-10 22:44:17 +02:00
d74366f413 policies/hibp: update for flows, add unittests 2020-07-10 20:57:15 +02:00
5bcf2aef8c policies/password: Add Password Policy tests, update password policy for flows 2020-07-10 20:53:08 +02:00
8de3c4fbd6 sources/ldap: improve unittests 2020-07-10 20:21:51 +02:00
c191b62245 ci: attempt to fix Coverage not being registered 2020-07-10 19:35:19 +02:00
0babbde00e ci: fix test results not being merged correctly 2020-07-10 19:11:36 +02:00
b8af312ab1 ci: fix artifacts being downloaded into wrong directory 2020-07-10 18:39:16 +02:00
38cabfb325 ci: fix wrong coverage command being executed 2020-07-10 18:07:18 +02:00
0a3528b5f4 ci: fix targetPath and artifact being swapped 2020-07-10 17:43:16 +02:00
30a672758a ci: fix Stage names 2020-07-10 17:25:19 +02:00
723a825085 ci: separate unittests and e2e into separate runs, combine afterwards 2020-07-10 17:12:37 +02:00
40e794099a e2e: only initialise selenium after setting up container 2020-07-10 16:49:25 +02:00
111b037512 e2e: use non-debug selenium docker image for CI 2020-07-10 15:37:10 +02:00
52f66717d3 e2e: print screenshot filename after test 2020-07-10 15:28:01 +02:00
7ac4242a38 e2e: add test for OAuth Enrollment -> OAuth Authentication 2020-07-10 00:14:48 +02:00
4caa4be476 sources/oauth: fix UserOAuthSourceConnection not being assigned to user after enrollment
sources/oauth: separate handle_new_connection into handle_existing_user_link and handle_enroll
2020-07-10 00:07:59 +02:00
c6d8bae147 e2e: generate dex config dynamically 2020-07-09 23:15:22 +02:00
c70310730a sources/oauth: split up single large "core" views 2020-07-09 23:09:32 +02:00
2d2b2d08f4 core: fix source slug not being unique 2020-07-09 23:05:46 +02:00
8fe6a5b62d stages/prompt: fix checkbox not working, fix date and datetime not using HTML5 input types 2020-07-09 22:55:44 +02:00
5e6221deb8 Merge pull request #120 from BeryJu/dependabot/pip/boto3-1.14.19
build(deps): bump boto3 from 1.14.18 to 1.14.19
2020-07-09 22:55:21 +02:00
c3b493f7d4 Merge branch 'master' into dependabot/pip/boto3-1.14.19 2020-07-09 16:55:22 +02:00
dbcb5b4f63 e2e: remove static oauth secret 2020-07-09 14:59:25 +02:00
f0640fcea9 build(deps): bump boto3 from 1.14.18 to 1.14.19
Bumps [boto3](https://github.com/boto/boto3) from 1.14.18 to 1.14.19.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.18...1.14.19)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-09 05:19:44 +00:00
64c47a59f8 e2e: add tests for OAuth Source, update tests for new base templates 2020-07-09 00:53:18 +02:00
3450b8f1fe docs: update screenshots 2020-07-09 00:26:18 +02:00
9518cefdd7 flows: fix default-source-enrollment-if-username expression 2020-07-09 00:20:42 +02:00
32d5c26577 core: fix base_full template missing messages 2020-07-09 00:18:45 +02:00
ef2cdf27b3 stages/prompt: add static and separator elements 2020-07-09 00:00:15 +02:00
e58ac7ae90 polices: add helper to remove None-value keys from dict for policies 2020-07-08 23:07:16 +02:00
d786fa4b7c sources/oauth: rewrite to not directly create user, pre-seed data into flow 2020-07-08 20:39:20 +02:00
0e3e73989d sources/saml: Add NameID Policy field, sent with AuthnRequest 2020-07-08 16:18:09 +02:00
d831599608 core: make autosubmit_form generic template 2020-07-08 14:27:58 +02:00
1e57926603 sources/saml: add POST_AUTO binding which auto redirects to IdP 2020-07-08 14:18:08 +02:00
1524880eec core: add generic login/base_full template for static login views 2020-07-08 14:17:29 +02:00
0bfb623f97 providers/saml: fix autosubmit_form using wrong template 2020-07-08 14:12:44 +02:00
429627494c root: fix passbook.footer_links not being rendered 2020-07-08 13:18:33 +02:00
9feea155fe root: fix /favicon being routed to application server 2020-07-08 13:18:08 +02:00
2717e02d93 Merge pull request #119 from BeryJu/dependabot/pip/boto3-1.14.18
build(deps): bump boto3 from 1.14.17 to 1.14.18
2020-07-08 12:57:40 +02:00
18bd803b0d build(deps): bump boto3 from 1.14.17 to 1.14.18
Bumps [boto3](https://github.com/boto/boto3) from 1.14.17 to 1.14.18.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.17...1.14.18)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-08 05:16:20 +00:00
c7f078ffcc new release: 0.9.0-pre7 2020-07-07 22:34:44 +02:00
571cb3d65f sources/oauth: disable twitter source while its broken 2020-07-07 22:25:50 +02:00
8c500c38b1 policies/reputation: only change score when credentials contain username 2020-07-07 22:25:37 +02:00
5644e57e6a sources/oauth: directly call AuthorizedServiceBackend instead of authenticate() 2020-07-07 22:23:45 +02:00
cfc181eed1 sources/oauth: fix wrong comparions
closes #118
2020-07-07 21:46:16 +02:00
91bea38b8e lib: ignore APM errors 2020-07-07 21:45:36 +02:00
d95c5aa739 root: allow changing of APM verify_server_cert setting 2020-07-07 19:59:32 +02:00
0b250b897e new release: 0.9.0-pre6 2020-07-07 19:14:29 +02:00
c6880a0f16 Merge pull request #117 from BeryJu/apm
Support for Elastic APM
2020-07-07 18:48:40 +02:00
beb5ffcbdd ci: fix gatekeeper dockerfile path 2020-07-07 18:48:24 +02:00
0715cac39b root: remove psutil as we have external monitoring for CPU 2020-07-07 18:24:24 +02:00
41117d873d ci: fix gatekeeper building the wrong image 2020-07-07 18:23:15 +02:00
231e448b1a lib/eval: fix import order 2020-07-07 18:05:38 +02:00
b3b8cd807d root: expose APM settings in helm chart 2020-07-07 17:54:07 +02:00
9021bbd5de root: implement APM support 2020-07-07 17:43:10 +02:00
169475ab39 crypto: add colon seperator for fingerprint 2020-07-07 17:05:31 +02:00
c00e01626e sources/ldap: adjust task schedule name 2020-07-07 17:04:07 +02:00
05d4a9ef62 policies/reputation: rewrite to save score into cache and save into DB via worker 2020-07-07 17:03:57 +02:00
17a2ac73e7 stages/user_write: add signals 2020-07-07 15:49:02 +02:00
6bc6f947dd stages/invitation: move invite signals from core to app 2020-07-07 15:46:13 +02:00
b048a1fb4f ci: notify sentry of new releases 2020-07-07 14:09:28 +02:00
363940ee8d root: fix API requests erroring 2020-07-07 14:02:20 +02:00
a64e53479c Merge pull request #115 from BeryJu/dependabot/pip/boto3-1.14.17
build(deps): bump boto3 from 1.14.16 to 1.14.17
2020-07-07 13:34:53 +02:00
14fdbe7720 Merge pull request #116 from BeryJu/dependabot/pip/coverage-5.2
build(deps-dev): bump coverage from 5.1 to 5.2
2020-07-07 13:34:41 +02:00
f56332c954 Merge branch 'master' into dependabot/pip/boto3-1.14.17 2020-07-07 13:14:07 +02:00
21c53c748f Merge branch 'master' into dependabot/pip/coverage-5.2 2020-07-07 13:13:55 +02:00
b12182c1d1 admin: improve overview layout 2020-07-07 13:13:15 +02:00
d8f27f595a admin: use django cache for admin version (expiry) 2020-07-07 13:12:54 +02:00
b25dc2aaa3 build(deps-dev): bump coverage from 5.1 to 5.2
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.1 to 5.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.1...coverage-5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-07 05:24:51 +00:00
3ec3849e72 build(deps): bump boto3 from 1.14.16 to 1.14.17
Bumps [boto3](https://github.com/boto/boto3) from 1.14.16 to 1.14.17.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.16...1.14.17)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-07 05:23:18 +00:00
2dc1b65718 ui: fix modal layout 2020-07-06 20:50:14 +02:00
af22f507f4 sources/oauth: fix template for user settings 2020-07-06 17:48:53 +02:00
9958019bf3 core: fix user's sidebar links for sources 2020-07-06 17:46:41 +02:00
02d65972cb admin: fix submit button on update form 2020-07-06 17:46:30 +02:00
24ad893350 admin: fix token_list template 2020-07-06 17:43:20 +02:00
9c5792b1e1 docs: migrate TOTP and Static OTP devices 2020-07-06 17:42:46 +02:00
094d191bff new release: 0.9.0-pre5 2020-07-06 12:52:34 +02:00
49fb9f688b Merge pull request #114 from BeryJu/dependabot/pip/sentry-sdk-0.16.0
build(deps): bump sentry-sdk from 0.15.1 to 0.16.0
2020-07-06 11:51:21 +02:00
7d161e5aa1 build(deps): bump sentry-sdk from 0.15.1 to 0.16.0
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.15.1 to 0.16.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.15.1...0.16.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 05:18:21 +00:00
78e5d471e3 core: fix type annotation for user settings 2020-07-05 23:49:33 +02:00
2e2c9f5287 api: add token authentication 2020-07-05 23:37:58 +02:00
d5a3e09a98 core: add token Intents 2020-07-05 23:14:57 +02:00
2402cfe29d providers/* use name for __str__ 2020-07-05 23:00:40 +02:00
26613b6ea9 core: fix application overview 2020-07-05 22:58:52 +02:00
e5165abf04 stages/user_login: Allow changing of session duration 2020-07-04 15:20:45 +02:00
b26882a450 flows: FlowStageBinding group Stage by type 2020-07-04 15:02:21 +02:00
94281bee88 admin: improve policy binding listing by showing Target object type 2020-07-04 00:18:19 +02:00
16b966c16e policies: Show grouped Dropdown for Target 2020-07-04 00:16:16 +02:00
d3b0992456 flows: FlowStageBinding: rename .flow to .target to fix select_subclasses() 2020-07-04 00:14:21 +02:00
dd74b73b4f Merge pull request #40 from BeryJu/azure-pipelines
Set up CI with Azure Pipelines
2020-07-03 10:47:29 +02:00
0bdfccc1f3 ci: final cleanup 2020-07-03 10:17:24 +02:00
ceb0793bc9 ci: publish unittest results and coverage 2020-07-03 09:54:25 +02:00
abea85b635 ci: fix incorrect node version for pyright 2020-07-03 09:39:23 +02:00
01c83f6f4a Merge branch 'master' into azure-pipelines
# Conflicts:
#	.github/workflows/ci.yml
#	README.md
2020-07-03 09:33:04 +02:00
9167c9c3ba Merge pull request #112 from BeryJu/dependabot/pip/django-prometheus-2.1.0.dev46
build(deps): bump django-prometheus from 2.1.0.dev42 to 2.1.0.dev46
2020-07-03 09:09:16 +02:00
04add2e52d build(deps): bump django-prometheus from 2.1.0.dev42 to 2.1.0.dev46
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev42 to 2.1.0.dev46.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-03 06:53:47 +00:00
1e9241d45b Merge pull request #111 from BeryJu/dependabot/pip/boto3-1.14.16
build(deps): bump boto3 from 1.14.15 to 1.14.16
2020-07-03 08:49:41 +02:00
22ee198a31 build(deps): bump boto3 from 1.14.15 to 1.14.16
Bumps [boto3](https://github.com/boto/boto3) from 1.14.15 to 1.14.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.15...1.14.16)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-03 05:20:53 +00:00
1d9c92d548 admin: add generic form tests 2020-07-02 22:29:30 +02:00
b30b58924f e2e: Add denied tests for oauth and oidc provider 2020-07-02 21:55:02 +02:00
bead19c64c flows: cleanup denied view, use everywhere 2020-07-02 13:48:42 +02:00
76e2ba4764 e2e/provider/saml: add negative case 2020-07-02 13:48:21 +02:00
8d095d7436 Merge pull request #109 from BeryJu/dependabot/pip/django-prometheus-2.1.0.dev42
build(deps): bump django-prometheus from 2.1.0.dev40 to 2.1.0.dev42
2020-07-02 11:59:11 +02:00
d3a7fd5818 build(deps): bump django-prometheus from 2.1.0.dev40 to 2.1.0.dev42
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev40 to 2.1.0.dev42.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-02 09:56:06 +00:00
247a8dbc8f Merge pull request #110 from BeryJu/dependabot/pip/boto3-1.14.15
build(deps): bump boto3 from 1.14.14 to 1.14.15
2020-07-02 11:52:16 +02:00
9241adfc68 build(deps): bump boto3 from 1.14.14 to 1.14.15
Bumps [boto3](https://github.com/boto/boto3) from 1.14.14 to 1.14.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.14...1.14.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-02 05:21:07 +00:00
ae83ee6d31 providers/saml: fix access result not being checked properly 2020-07-02 00:23:52 +02:00
4701374021 admin: remove duplicate code into new base classes 2020-07-02 00:13:33 +02:00
bd40585247 providers/samlv2: remove SAMLv2 from master 2020-07-01 23:21:58 +02:00
cc0b8164b0 providers/*: use PolicyAccessMixin to simplify 2020-07-01 23:18:10 +02:00
310b31a8b7 core: fix linting 2020-07-01 22:35:38 +02:00
13900bc603 lib: cleanup unused widgets 2020-07-01 22:27:58 +02:00
6634cc2edf root: add group_membership policy 2020-07-01 21:18:05 +02:00
3478a2cf6d admin: add filter to hide classes with __debug_only__ when Debug is disabled 2020-07-01 18:53:13 +02:00
3b70d12a5f *: rephrase strings 2020-07-01 18:40:52 +02:00
219acf76d5 core: fix forms for radio buttons 2020-07-01 12:47:27 +02:00
ec6f467fa2 ui: Make Checkbox label click trigger checkbox toggle 2020-07-01 12:37:13 +02:00
0e6561987e admin: fix user and group create not triggering sidebar 2020-07-01 12:36:44 +02:00
62c20b6e67 admin: add list of all tokens 2020-07-01 12:27:30 +02:00
13084562c5 admin: fix Password Recovery function not working 2020-07-01 12:10:12 +02:00
02c1c434a2 core: update styling of impersonate banner 2020-07-01 12:01:58 +02:00
5f04a75878 new release: 0.9.0-pre4 2020-07-01 09:50:21 +02:00
3556c76674 Merge pull request #107 from BeryJu/dependabot/pip/django-3.0.8
build(deps): bump django from 3.0.7 to 3.0.8
2020-07-01 09:21:15 +02:00
c7d638de2f build(deps): bump django from 3.0.7 to 3.0.8
Bumps [django](https://github.com/django/django) from 3.0.7 to 3.0.8.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.0.7...3.0.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-01 07:07:06 +00:00
143733499f Merge pull request #108 from BeryJu/dependabot/pip/docker-4.2.2
build(deps-dev): bump docker from 4.2.1 to 4.2.2
2020-07-01 09:03:38 +02:00
0d6a0ffe14 build(deps-dev): bump docker from 4.2.1 to 4.2.2
Bumps [docker](https://github.com/docker/docker-py) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/docker/docker-py/releases)
- [Commits](https://github.com/docker/docker-py/compare/4.2.1...4.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-01 06:41:52 +00:00
6d4c7312d8 Merge pull request #106 from BeryJu/dependabot/pip/boto3-1.14.14
build(deps): bump boto3 from 1.14.13 to 1.14.14
2020-07-01 08:37:37 +02:00
2cb6a179e8 build(deps): bump boto3 from 1.14.13 to 1.14.14
Bumps [boto3](https://github.com/boto/boto3) from 1.14.13 to 1.14.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.13...1.14.14)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-01 05:21:37 +00:00
7de2ad77b5 Merge pull request #101 from BeryJu/otp-rework
OTP Stage Rework
2020-06-30 22:03:28 +02:00
89c33060d4 core: fix user settings sidebar buttons not being enabled 2020-06-30 21:26:43 +02:00
b61f595562 core: ensure user settings are sorted by name 2020-06-30 21:24:58 +02:00
ce2230f774 stages/otp_*: update user setting design 2020-06-30 21:23:37 +02:00
d18a78d04d Merge branch 'master' into otp-rework 2020-06-30 20:44:39 +02:00
c59c6aa728 stages/*: minor UI updates, cleanup 2020-06-30 19:06:41 +02:00
729910c383 stages/*: minor string updates 2020-06-30 18:52:18 +02:00
37fe637422 stages/password: make template inherit form_with_user 2020-06-30 18:50:24 +02:00
3114d064ed e2e: improve error message when using wait_for_url 2020-06-30 16:36:30 +02:00
2ca5e1eedb stages/otp_*: fix linting 2020-06-30 16:12:19 +02:00
d2bf579ff6 stages/otp_static: start implementing static stage 2020-06-30 15:44:34 +02:00
3716bda76e stages/otp_time: fix linting 2020-06-30 13:44:09 +02:00
a76eb4d30f stages/otp_time: Cleanup, use django_otp's URL generator 2020-06-30 12:42:39 +02:00
7c191b0984 stages/otp_validate: Implement OTP Validation stage 2020-06-30 12:42:12 +02:00
9613fcde89 Squashed commit of the following:
commit 885a2ed057
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Tue Jun 30 12:17:23 2020 +0200

    flows: fix linting error
2020-06-30 12:18:01 +02:00
885a2ed057 flows: fix linting error 2020-06-30 12:17:23 +02:00
b270fb0742 stages/otp_time: implement TOTP Setup stage 2020-06-30 12:14:40 +02:00
285a69d91f Merge branch 'master' into otp-rework 2020-06-30 11:23:09 +02:00
de3b753a26 flows: show error message in flow when stage raises 2020-06-30 11:18:39 +02:00
34be1dd9f4 admin: add execute button to flow which executes flow without cache 2020-06-30 11:18:20 +02:00
a4c0fb9e75 otp_time: fix linting 2020-06-30 10:42:27 +02:00
f040223646 audit: move events list from admin to audit app 2020-06-30 10:23:54 +02:00
bf297b8593 admin: add info about latest version 2020-06-30 10:23:39 +02:00
43eea9e99c Merge pull request #105 from BeryJu/dependabot/pip/boto3-1.14.13
build(deps): bump boto3 from 1.14.12 to 1.14.13
2020-06-30 09:42:08 +02:00
8e38bc87bc build(deps): bump boto3 from 1.14.12 to 1.14.13
Bumps [boto3](https://github.com/boto/boto3) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.12...1.14.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-30 05:16:31 +00:00
50a57fb3dd Merge pull request #104 from BeryJu/flows-cancel
flows: add CancelView to cancel current flow execution
2020-06-30 01:27:12 +02:00
38b8bc182f Merge branch 'master' into flows-cancel 2020-06-30 00:47:18 +02:00
9743ad33d6 ci: add snyk 2020-06-30 00:45:04 +02:00
b746ce97ba Merge branch 'master' into flows-cancel 2020-06-30 00:20:33 +02:00
dbee714dac api: fix consent stage missing from API 2020-06-30 00:19:06 +02:00
d33f632203 flows: add CancelView to cancel current flow execution 2020-06-30 00:11:01 +02:00
812aa4ced5 Merge branch 'master' into otp-rework 2020-06-29 23:32:36 +02:00
63466e3384 e2e: wait for grafana URL 2020-06-29 23:04:05 +02:00
920858ff72 Merge branch 'master' into otp-rework
# Conflicts:
#	passbook/flows/models.py
#	passbook/stages/otp/models.py
#	swagger.yaml
2020-06-29 22:54:18 +02:00
56f599e4aa Merge pull request #103 from BeryJu/stage-password-change
stages/password: Password Change
2020-06-29 22:29:20 +02:00
05183ed937 e2e: saml provider: wait for URL 2020-06-29 22:11:50 +02:00
8d31eef47d stages/password: assign default password change flow to password stage
add e2e tests for password change flow
2020-06-29 21:47:20 +02:00
96a6ac85df audit: add cleanse_dict function to ensure no passwords end in logs 2020-06-29 19:13:07 +02:00
5a60341a6e build(deps): bump boto3 from 1.14.11 to 1.14.12
Bumps [boto3](https://github.com/boto/boto3) from 1.14.11 to 1.14.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.11...1.14.12)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-29 16:26:53 +02:00
21ba969072 stages/password: create default password change flow 2020-06-29 16:26:21 +02:00
d6a8d8292d core: UIUserSettings: remove icon, rename view_name to URL for complete URL 2020-06-29 16:20:33 +02:00
693a92ada5 audit: fix sanitize_dict updating source dict 2020-06-29 16:19:56 +02:00
ec823aebed flows: update migrations to use update_or_create 2020-06-29 16:19:39 +02:00
b8654c06bf flows: remove generic "password change" designation and add setup_stage 2020-06-29 11:12:51 +02:00
9d03c4c7d2 flows: Stage ui_user_settings -> staticmethod with context as argument 2020-06-28 10:31:26 +02:00
8c36ab89e8 stages/otp: start separation into 3 stages, otp_time, otp_static and otp_validate 2020-06-28 10:30:35 +02:00
e75e71a5ce build(deps): bump swagger-spec-validator from 2.7.2 to 2.7.3 (#100)
Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/Yelp/swagger_spec_validator/releases)
- [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/Yelp/swagger_spec_validator/compare/v2.7.2...v2.7.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-27 10:26:08 +02:00
bf008e368e build(deps): bump boto3 from 1.14.10 to 1.14.11 (#99)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.10 to 1.14.11.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.10...1.14.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-27 10:25:47 +02:00
3c1d02bfc4 e2e: bump selenium waits even more 2020-06-26 23:38:00 +02:00
c1b2093cf7 e2e: add utility to wait for URL 2020-06-26 16:21:59 +02:00
cc7e4ad0e2 e2e: show browser logs to debug CI issues 2020-06-26 15:06:46 +02:00
c07bd6e733 ci: up node version for pyright 2020-06-26 10:31:06 +02:00
768464dc6a new release: 0.9.0-pre3 2020-06-25 20:39:50 +02:00
a2ed53c312 Merge pull request #42 from BeryJu/e2e
e2e tests
2020-06-25 18:35:59 +02:00
5a11206fe9 Merge branch 'master' into e2e 2020-06-25 17:58:51 +02:00
9675fbb07d e2e: add tests for enrollment with email 2020-06-25 17:45:06 +02:00
57a7bed99d sources/oauth: fix facebook provider 2020-06-25 10:24:53 +02:00
2dfec43750 build(deps): bump boto3 from 1.14.9 to 1.14.10
Bumps [boto3](https://github.com/boto/boto3) from 1.14.9 to 1.14.10.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.9...1.14.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:54:17 +02:00
ab9f6531c2 build(deps): bump celery from 4.4.5 to 4.4.6
Bumps [celery](https://github.com/celery/celery) from 4.4.5 to 4.4.6.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v4.4.5...v4.4.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:53:49 +02:00
b8b5069df1 build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.10.31 to 4.16.7.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.10.31...prerelease-v4.16.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:21:20 +02:00
7045305aa8 build(deps): bump pycryptodome from 3.9.7 to 3.9.8
Bumps [pycryptodome](https://github.com/Legrandin/pycryptodome) from 3.9.7 to 3.9.8.
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.9.7...v3.9.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:20:44 +02:00
49c706fde8 build(deps): bump kombu from 4.6.10 to 4.6.11
Bumps [kombu](https://kombu.readthedocs.io) from 4.6.10 to 4.6.11.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:20:22 +02:00
9eaceb9ec6 e2e: add tests for SAML source 2020-06-24 23:24:45 +02:00
05778d8065 sources/saml: minor formatting fixes 2020-06-24 22:46:20 +02:00
831e228f80 api: fix SAMLSource missing from API 2020-06-24 22:28:40 +02:00
31e0d74495 sources/saml: correctly cleanup transient users, update forms 2020-06-24 22:27:14 +02:00
05999cb8c7 sources/saml: start implementing transient NameID format 2020-06-24 21:50:30 +02:00
6cb4773916 build(deps): bump django-otp from 0.9.2 to 0.9.3 (#91)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 0.9.2 to 0.9.3.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v0.9.2...v0.9.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 14:30:20 +02:00
ec9b0600e4 build(deps): bump django-prometheus from 2.1.0.dev38 to 2.1.0.dev40 (#92)
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev38 to 2.1.0.dev40.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 13:24:51 +02:00
c0d8aa2303 sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings 2020-06-24 13:12:34 +02:00
599fdf193e build(deps): bump boto3 from 1.14.8 to 1.14.9 (#93)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.8...1.14.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-24 11:27:36 +02:00
db6cb5ad51 core: make generic error template work with shell executor 2020-06-23 21:49:43 +02:00
52f138d402 sources/saml: improve error handing of invalid signatures 2020-06-23 21:49:27 +02:00
bc37727758 build(deps): bump boto3 from 1.14.7 to 1.14.8 (#90)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.7 to 1.14.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.7...1.14.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-23 10:09:51 +02:00
547a728130 build(deps): bump django-prometheus from 2.1.0.dev36 to 2.1.0.dev38 (#88)
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev36 to 2.1.0.dev38.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 10:56:08 +02:00
178c2b6927 build(deps): bump boto3 from 1.14.6 to 1.14.7 (#89)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.6...1.14.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 10:55:38 +02:00
59b8b1e92a build(deps): bump codemirror in /passbook/static/static (#86)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.54.0 to 5.55.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.54.0...5.55.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 10:55:16 +02:00
0210cdadfb build(deps): bump signxml from 2.7.3 to 2.8.0 (#87)
Bumps [signxml](https://github.com/kislyuk/signxml) from 2.7.3 to 2.8.0.
- [Release notes](https://github.com/kislyuk/signxml/releases)
- [Changelog](https://github.com/XML-Security/signxml/blob/master/Changes.rst)
- [Commits](https://github.com/kislyuk/signxml/compare/v2.7.3...v2.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 10:54:37 +02:00
491e507d49 stages/email: check saved get params for token 2020-06-21 20:46:48 +02:00
de1be2df88 flows: save entire GET params from shell executor 2020-06-21 20:46:38 +02:00
39f51ec33d stages/email: fix email account confirmation email template 2020-06-21 20:13:59 +02:00
f69e20886b e2e: use class name and timestamp for screenshots 2020-06-21 19:22:30 +02:00
fd0f0c65e9 e2e: add more failsafe 2020-06-21 19:03:13 +02:00
ed4daa64fe e2e: save screenshots with timestamp instead of class name 2020-06-21 18:44:08 +02:00
887163c45c e2e: add more failsafe 2020-06-21 18:36:43 +02:00
1b3c0adf75 e2e: cleanup, always take screenshots on teardown 2020-06-21 15:09:01 +02:00
0838f518d4 e2e: save screenshot on failure, upload to github actions 2020-06-21 14:43:48 +02:00
5c49cda884 e2e: add more safety checks 2020-06-21 13:40:53 +02:00
6643cce841 ci: install node and run yarn for e2e tests 2020-06-21 13:18:06 +02:00
3eb2cda37d e2e: add wait for codemirror 2020-06-21 12:59:18 +02:00
6fdaac9a7d e2e: rewrite enroll test to use admin interface for setup 2020-06-21 12:42:24 +02:00
6122dcacc7 flows: fix flow cache not being cleared correctly when stages are saved 2020-06-21 12:40:01 +02:00
246d00bdde e2e: fix lint error 2020-06-21 00:26:29 +02:00
7e47b64b05 e2e: SeleniumTestCase: add url() to reverse into full URL 2020-06-20 23:56:35 +02:00
4285175bba e2e: add tests for oauth and saml provider 2020-06-20 23:53:05 +02:00
e4a9a84646 e2e: cleanup, use USER function instead of typing static strings 2020-06-20 23:52:53 +02:00
4d81172a48 providers/oauth: add support for consent stage, cleanup 2020-06-20 23:30:53 +02:00
c97b946a00 providers/saml: make SAML provider compatible with consent 2020-06-20 22:30:45 +02:00
3753275453 providers/saml: make metadata accessible without authentication 2020-06-20 21:51:52 +02:00
e4cb9b7ff9 providers/saml: fix provider has no attribute sp_binding 2020-06-20 21:49:48 +02:00
a0f05caf8e providers/saml: move templates into correct folder 2020-06-20 21:49:16 +02:00
42e9ce4f72 providers/*: fix plan stages not being injected properly 2020-06-20 19:40:25 +02:00
331faa53bc providers/saml: fix metadata template using wrong templates 2020-06-20 19:35:48 +02:00
17424ccc3b e2e: use reverse instead of static URLs 2020-06-20 17:21:16 +02:00
68efcc7bf2 e2e: add custom testcase class to simplify code 2020-06-20 17:06:00 +02:00
7b7305607c root: enable debug logging when testing 2020-06-20 15:48:54 +02:00
f1e6d91289 e2e: fix linting error 2020-06-19 22:37:48 +02:00
0310d46314 e2e: improve race-condition 2020-06-19 22:27:44 +02:00
14fd137f89 root: improve test detection 2020-06-19 22:27:20 +02:00
e91a8f88a0 ci: run full coverage including e2e 2020-06-19 20:57:42 +02:00
af8cdb34ee *: fix not all migrations using db_alias 2020-06-19 20:43:27 +02:00
03b1a67b44 flows: change wording of consent on flows 2020-06-19 20:33:41 +02:00
12525051b6 e2e: add test for providers/oidc with consent 2020-06-19 20:26:04 +02:00
01f004cec6 root: move all e2e dependencies into pipfile 2020-06-19 20:25:45 +02:00
3a40e50fa0 providers/oidc: add template for consent 2020-06-19 20:19:31 +02:00
fa5c2bd85c stages/consent: add FlowPlan context variable for template name 2020-06-19 20:19:18 +02:00
b83aa44c4f ci: run full coverage with e2e in one step so we get full coverage percentage 2020-06-19 19:45:46 +02:00
73e7158178 e2e: add OIDC Provider test against grafana, more formatting, minor bug fixes 2020-06-19 19:45:27 +02:00
8c6a4a4968 e2e: test against standalone chrome instance, start implementing oidc provider test 2020-06-19 18:19:20 +02:00
d12462fe0d build(deps): bump django-prometheus from 2.1.0.dev32 to 2.1.0.dev36 (#81)
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev32 to 2.1.0.dev36.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 15:21:29 +02:00
c83216ece0 Merge branch 'master' into e2e
# Conflicts:
#	Pipfile.lock
#	docs/installation/docker-compose.md
2020-06-19 09:00:46 +02:00
133486f07f build(deps): bump boto3 from 1.14.5 to 1.14.6 (#83)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.5 to 1.14.6.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.5...1.14.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:53:47 +02:00
b0fec4f3e2 build(deps): bump @fortawesome/fontawesome-free (#80)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.13.0 to 5.13.1.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.13.0...5.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:53:29 +02:00
739a99f16e build(deps): bump django-otp from 0.9.1 to 0.9.2 (#82)
Bumps [django-otp](https://github.com/django-otp/django-otp) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v0.9.1...v0.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:53:12 +02:00
f54a1b627c build(deps): bump sentry-sdk from 0.15.0 to 0.15.1 (#85)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.15.0...0.15.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:52:57 +02:00
242d8c2b91 build(deps): bump pyuwsgi from 2.0.18.post0 to 2.0.19.1 (#84)
Bumps [pyuwsgi](https://uwsgi-docs.readthedocs.io/en/latest/) from 2.0.18.post0 to 2.0.19.1.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:52:38 +02:00
77065794da docs: clarify post-installation login 2020-06-18 23:26:15 +02:00
dab53cfd03 flows/executor: call plan.next before pop so we can save plan
ReevaluateMarker: use PolicyEngine without cache
2020-06-18 22:54:09 +02:00
6a4086c490 flows: introduce FlowPlan markers, which indicate when a stage needs … (#79)
* flows: introduce FlowPlan markers, which indicate when a stage needs re-evaluation

Implement re_evaluate_policies
add unittests for several different scenarios
closes #78

* flows: move markers to separate files, cleanup formatting

* flows: fix self.next is not callable
2020-06-18 22:43:51 +02:00
5b8bdac84b Merge branch 'pr/77'
# Conflicts:
#	docs/flow/flows.md
#	docs/installation/docker-compose.md
#	docs/providers.md
2020-06-18 22:10:03 +02:00
c71b150025 docs(upgrading-from-0.8.x.md): formatting 2020-06-18 20:19:58 +01:00
647d56e90c docs(index.md): capitalisation & formatting 2020-06-18 20:15:15 +01:00
e85236959b docs(index.md): capitalisation & punctuation 2020-06-18 19:57:58 +01:00
afe3259e96 docs(index.md): capitalisation & punctuation 2020-06-18 19:55:55 +01:00
4be2c66cdf docs(index.md): capitalisation & punctuation 2020-06-18 19:54:39 +01:00
dc8c1ad297 docs(index.md): capitalisation 2020-06-18 19:53:02 +01:00
9dc3b1dca0 docs(index.md): punctuation 2020-06-18 19:44:25 +01:00
cbfb509ca9 docs(expression.md): clarity & punctuation 2020-06-18 19:34:26 +01:00
047361600d docs(terminology.md): clarity & capitalisation 2020-06-18 19:27:20 +01:00
a5b8c91c04 docs(expression.md): clarity 2020-06-18 19:06:30 +01:00
4d317a21ce docs(index.md): capitalisation and clarity 2020-06-18 19:02:58 +01:00
e07b65401e docs(user-object.md): punctuation & capitalisation 2020-06-18 18:59:03 +01:00
71df9ea74d docs(index.md): punctuation & capitalisation 2020-06-18 18:57:25 +01:00
1cbaf865d8 docs(providers.md): grammar and clarity 2020-06-18 18:55:01 +01:00
cf9023269e docs(sources.md): grammar and clarity 2020-06-18 18:47:45 +01:00
5f9e8ac89b root: update funding 2020-06-18 19:41:19 +02:00
bdf0e74af3 docs: add supported scopes of oauth provider 2020-06-18 19:39:58 +02:00
6dedb17029 docs(validation.md): grammar and typo fix 2020-06-18 18:35:59 +01:00
5e8a1e3c0d *: make email naming consistent 2020-06-18 19:35:59 +02:00
703e67a060 docs(prompt.md): grammar and clarity 2020-06-18 18:34:40 +01:00
de00f9f41a docs(password.md): clarity and punctuation 2020-06-18 18:28:56 +01:00
a05f841bed docs(invitation.md): new words 2020-06-18 18:19:24 +01:00
c23646e6f3 docs(identification.md): punctuation 2020-06-18 18:16:28 +01:00
f0600b5482 docs(email.md): grammar and clarity 2020-06-18 18:14:56 +01:00
afc8baff5f flows/shell: check for elements with autofocus attribute and call .focus();
closes #76
2020-06-18 19:09:12 +02:00
8a0b3bd299 docs(dummy.md): punctuation and grammar 2020-06-18 18:07:11 +01:00
3713d111a4 core: fix integrity error for default user
closes #75
2020-06-18 19:04:13 +02:00
111459dc25 docs(captcha.md): grammar and clarity 2020-06-18 18:02:58 +01:00
cdad8bb0c3 docs(flows.md): grammar and clarity 2020-06-18 18:00:05 +01:00
96c41f399e docs(kubernetes.md): grammar 2020-06-18 17:37:52 +01:00
c4d7d0213f docs(docker-compose.md): grammar and clarity
Improved grammar and clarified some points.
2020-06-18 16:59:01 +01:00
2a5ee9b185 build(deps): bump swagger-spec-validator from 2.7.1 to 2.7.2 (#70)
Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 2.7.1 to 2.7.2.
- [Release notes](https://github.com/Yelp/swagger_spec_validator/releases)
- [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/Yelp/swagger_spec_validator/compare/v2.7.1...v2.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-18 15:38:29 +02:00
9aa3b16c92 build(deps): bump boto3 from 1.14.3 to 1.14.5 (#72)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.3 to 1.14.5.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.3...1.14.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-18 15:28:11 +02:00
4c3de09f6a build(deps): bump django-prometheus from 2.1.0.dev30 to 2.1.0.dev32 (#73)
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev30 to 2.1.0.dev32.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-18 15:27:39 +02:00
f4650ead40 build(deps): bump sentry-sdk from 0.14.4 to 0.15.0 (#74)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.14.4 to 0.15.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.14.4...0.15.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-18 15:26:49 +02:00
1d59af7491 root: fix docker-compose not correctly redirecting to https 2020-06-16 21:34:48 +02:00
8605e62503 build(deps): bump boto3 from 1.14.2 to 1.14.3 (#69)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.2 to 1.14.3.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.2...1.14.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-16 10:21:36 +02:00
3f779fe766 ci: use gh- prefix for auto-build docker images for easier cleanup 2020-06-15 19:27:44 +02:00
1d3460b670 new release: 0.9.0-pre2 2020-06-15 19:08:17 +02:00
feba3e2430 stages/prompt: Add username type field
add autocomplete attributes for username and password
2020-06-15 19:05:18 +02:00
b49d39a685 stages/identification: improve support for password managers 2020-06-15 18:38:09 +02:00
34c1b3b68b stages/password: Improve support for password managers 2020-06-15 18:37:59 +02:00
e3d6ca6ab4 root: revert to non-prometheus db backend 2020-06-15 12:12:32 +02:00
6f0e292c43 root: add lgtm 2020-06-15 11:56:20 +02:00
9df1e7900d stages/email: add noopener noreferrer 2020-06-15 11:56:14 +02:00
9920d121e5 build(deps): bump django-prometheus from 2.1.0.dev14 to 2.1.0.dev30 (#67)
Bumps [django-prometheus](https://github.com/korfuri/django-prometheus) from 2.1.0.dev14 to 2.1.0.dev30.
- [Release notes](https://github.com/korfuri/django-prometheus/releases)
- [Changelog](https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/korfuri/django-prometheus/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 11:47:03 +02:00
7e77c88407 build(deps): bump boto3 from 1.14.1 to 1.14.2 (#68)
Bumps [boto3](https://github.com/boto/boto3) from 1.14.1 to 1.14.2.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.1...1.14.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-15 09:05:30 +02:00
3fa982cb2a build(deps): bump boto3 from 1.13.26 to 1.14.1 (#66)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.26 to 1.14.1.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.26...1.14.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-12 22:49:58 +02:00
4f1e767488 build(deps): bump swagger-spec-validator from 2.7.0 to 2.7.1 (#64)
Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/Yelp/swagger_spec_validator/releases)
- [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/Yelp/swagger_spec_validator/compare/v2.7.0...v2.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-11 12:47:55 +02:00
8e6b503c0d build(deps): bump signxml from 2.7.2 to 2.7.3 (#65)
Bumps [signxml](https://github.com/kislyuk/signxml) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/kislyuk/signxml/releases)
- [Changelog](https://github.com/XML-Security/signxml/blob/master/Changes.rst)
- [Commits](https://github.com/kislyuk/signxml/compare/v2.7.2...v2.7.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-11 12:44:23 +02:00
17f1cad468 build(deps): bump boto3 from 1.13.25 to 1.13.26 (#62)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.25 to 1.13.26.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.25...1.13.26)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-10 13:56:40 +02:00
0b8eaff874 build(deps): bump celery from 4.4.4 to 4.4.5 (#60)
Bumps [celery](https://github.com/celery/celery) from 4.4.4 to 4.4.5.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/v4.4.4...v4.4.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-09 13:48:25 +02:00
33a6d4cdeb build(deps-dev): bump pylint from 2.5.2 to 2.5.3 (#59)
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.5.2...pylint-2.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-09 13:42:34 +02:00
d3224f4ee8 build(deps): bump boto3 from 1.13.24 to 1.13.25 (#61)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.24 to 1.13.25.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.24...1.13.25)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-09 13:42:14 +02:00
2a3166bf7e ui: (pf4) Update pagination and toolbar 2020-06-09 13:40:03 +02:00
62fe4d617b ui: (pf4) update admin overview 2020-06-09 13:39:44 +02:00
b86b36f947 ui: (pf4) update forms 2020-06-09 13:39:35 +02:00
d6b9e67e78 ui: (pf4) fix navbar 2020-06-09 13:11:54 +02:00
f589da4e72 ui: (pf4) fix empty state 2020-06-09 09:52:25 +02:00
2e5170f631 build(deps): bump @patternfly/patternfly in /passbook/static/static (#58)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 2.71.6 to 4.10.31.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/v2.71.6...prerelease-v4.10.31)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-09 09:32:56 +02:00
bd312b60fc gatekeeper: update upstream docker image 2020-06-09 09:26:03 +02:00
26aa7e1fef sources/ldap: fix 'LDAPSource' object has no attribute '_connection' 2020-06-09 01:17:17 +02:00
9495956fae docs: add login credentials to kubernetes install 2020-06-08 22:13:38 +02:00
089ee86d43 docs: add initial login instructions 2020-06-08 22:11:01 +02:00
d321e2f52c docs: update docker-compose install form README 2020-06-08 22:09:04 +02:00
5265064b10 new release: 0.9.0-pre1 2020-06-08 15:47:22 +02:00
ee8313142f Merge branch 'docs-flows'
# Conflicts:
#	passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
0963b68f4e e2e: use separate network 2020-06-08 11:23:18 +02:00
a4a7ecd493 e2e: use normal selenium grid 2020-06-08 11:21:14 +02:00
3b6e414d0f ci: use docker-compose pull -q 2020-06-08 10:58:44 +02:00
8859806d64 ci: fix missing selenium 2020-06-08 10:57:48 +02:00
56198e503b ci: Run e2e tests in one stage 2020-06-08 10:50:31 +02:00
b1b3a23d1e ci: docker-compose without TTY 2020-06-08 10:21:22 +02:00
45dd004d00 build(deps): bump boto3 from 1.13.23 to 1.13.24 (#55)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.23 to 1.13.24.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.23...1.13.24)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-08 10:16:49 +02:00
c4ebc5c085 build(deps): bump swagger-spec-validator from 2.6.0 to 2.7.0 (#56)
Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/Yelp/swagger_spec_validator/releases)
- [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/Yelp/swagger_spec_validator/compare/v2.6.0...v2.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-08 10:04:42 +02:00
31c42f1104 build(deps): bump django-filter from 2.2.0 to 2.3.0 (#54)
Bumps [django-filter](https://github.com/carltongibson/django-filter) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/carltongibson/django-filter/releases)
- [Changelog](https://github.com/carltongibson/django-filter/blob/master/CHANGES.rst)
- [Commits](https://github.com/carltongibson/django-filter/compare/2.2.0...2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-08 09:02:34 +02:00
8b7f665c82 build(deps): bump django-guardian from 2.2.0 to 2.3.0 (#57)
Bumps [django-guardian](https://github.com/django-guardian/django-guardian) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/django-guardian/django-guardian/releases)
- [Changelog](https://github.com/django-guardian/django-guardian/blob/devel/CHANGES)
- [Commits](https://github.com/django-guardian/django-guardian/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-08 09:01:33 +02:00
0ca7579d19 ci: attempt to fix e2e not a tty error 2020-06-07 19:57:01 +02:00
2291ae98c3 e2e: fix lint error 2020-06-07 19:50:01 +02:00
16c6e29801 root: add missing selenium 2020-06-07 19:44:28 +02:00
fc2eb003ea e2e: add apply_default_data to load data from migrations after tables have been truncated 2020-06-07 19:31:16 +02:00
aa440c17b7 Merge branch 'master' into e2e 2020-06-07 17:52:51 +02:00
4915205678 WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
07da5f7122 Merge branch 'master' into docs-flows 2020-06-05 20:30:59 +02:00
f91e02a0ec flows: allow username for default flow 2020-06-05 20:30:47 +02:00
c62794c738 admin: fix PropertyMapping widget not rendering properly 2020-06-05 20:27:18 +02:00
7664b428e7 sources/ldap: fix expression field not being CodeMirror 2020-06-05 20:18:45 +02:00
9f3f34389e root: update docs URL 2020-06-05 20:18:26 +02:00
30ca926b38 docs: remove last occurrences to jinja2 2020-06-05 20:18:11 +02:00
eeb62f543f docs: fix wrong paths in nav section 2020-06-05 17:31:41 +02:00
6a7ffa855e docs: add example for login flow 2020-06-05 17:29:08 +02:00
0c5aff21bc stages/identification: minor UI fixes 2020-06-05 17:02:50 +02:00
b0f426e51a core: fix help_text not always being shown on horizontal form 2020-06-05 17:01:46 +02:00
57b91eb128 docs(terminology.md): grammar and clarity
Improved grammar and clarified some points.
2020-06-05 15:51:21 +01:00
ed0094eba2 docs: add runtime 2020-06-05 15:58:10 +02:00
4c1b6d5f48 docs: add requirements for docs 2020-06-05 15:54:59 +02:00
41a7e1ef07 docs: simplify index, update, add screenshots 2020-06-05 12:51:28 +02:00
4ff41be74a Merge branch 'master' into docs-flows
# Conflicts:
#	mkdocs.yml
2020-06-05 12:51:10 +02:00
7067d1f236 docs: fix typo'd URL 2020-06-05 12:10:28 +02:00
73116b9d1a policies/expression: migrate to raw python instead of jinja2 (#49)
* policies/expression: migrate to raw python instead of jinja2

* lib/expression: create base evaluator, custom subclass for policies

* core: rewrite propertymappings to use python

* providers/saml: update to new PropertyMappings

* sources/ldap: update to new PropertyMappings

* docs: update docs for new propertymappings

* root: remove jinja2

* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
147212a5f9 build(deps): bump boto3 from 1.13.22 to 1.13.23 (#53)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.22 to 1.13.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.22...1.13.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-05 10:27:07 +02:00
5502c319d4 build(deps): bump celery from 4.4.2 to 4.4.4 (#50)
Bumps [celery](https://github.com/celery/celery) from 4.4.2 to 4.4.4.
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/master/Changelog.rst)
- [Commits](https://github.com/celery/celery/compare/4.4.2...v4.4.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-04 09:15:42 +02:00
d18b76a47d build(deps): bump boto3 from 1.13.21 to 1.13.22 (#51)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.21 to 1.13.22.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.21...1.13.22)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-04 09:15:31 +02:00
90ce704def build(deps): bump django from 3.0.6 to 3.0.7 (#52)
Bumps [django](https://github.com/django/django) from 3.0.6 to 3.0.7.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.0.6...3.0.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-04 09:15:11 +02:00
790139f8bc stages/email: Add test to check if user is pending 2020-06-03 21:00:04 +02:00
f4be007803 build(deps): bump boto3 from 1.13.20 to 1.13.21 (#47)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.20 to 1.13.21.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.20...1.13.21)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-03 08:56:13 +02:00
448ca62661 build(deps): bump kombu from 4.6.9 to 4.6.10 (#48)
Bumps [kombu](https://kombu.readthedocs.io) from 4.6.9 to 4.6.10.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-03 08:55:23 +02:00
4824e5c8ba docs: add docs for flows and all stages 2020-06-02 23:52:02 +02:00
9882342ed1 Merge branch 'master' into azure-pipelines
# Conflicts:
#	.github/workflows/ci.yml
2020-06-02 20:40:04 +02:00
c4facd53b4 Merge branch 'master' into docs-flows 2020-06-02 20:25:43 +02:00
ef913abc7a sources/ldap: add option to disable user sync, move connection init to model 2020-06-02 17:15:59 +02:00
55fc5a6068 policies: rewrite cache_key to prevent wrong cache
# Conflicts:
#	passbook/core/signals.py
#	passbook/policies/engine.py
#	passbook/policies/process.py
2020-06-02 17:06:18 +02:00
f22c89c998 crypto: re-add default self-signed keypair 2020-06-02 17:01:15 +02:00
2a78d2d0a0 crypto: fix being unable to save with private key 2020-06-02 17:01:15 +02:00
b0ddc6a8c0 admin: fix missing stage count 2020-06-02 17:00:26 +02:00
8080b0380e providers/saml: re-add default PropertyMappings 2020-06-02 17:00:03 +02:00
ddfa2abbaa sources/ldap: re-add default PropertyMappings 2020-06-02 17:00:03 +02:00
5fc5e54f47 sources/oauth: fix typing errors
# Conflicts:
#	passbook/sources/oauth/clients.py
2020-06-02 16:57:38 +02:00
7462d56182 policies/engine: add more verbosity 2020-06-02 16:56:58 +02:00
3f92d1c420 flows: Correctly check initial policies on flow with context
# Conflicts:
#	passbook/flows/planner.py
#	passbook/flows/tests/test_planner.py
#	passbook/flows/tests/test_views.py
#	passbook/flows/views.py
2020-06-02 16:53:40 +02:00
d4fa60f509 core: only show user delete button if an unenrollment flow exists 2020-06-02 16:44:29 +02:00
052bf88c3d core: create default user
# Conflicts:
#	README.md
2020-06-02 16:42:44 +02:00
07d047c887 stages/identification: fix *_flows missing in edit form 2020-06-02 16:39:55 +02:00
23193314f1 Merge branch 'master' into docs-flows 2020-06-02 15:20:24 +02:00
1912b29dc5 policies/expression: fix lint error 2020-06-02 15:20:02 +02:00
46410428d9 build(deps): bump boto3 from 1.13.19 to 1.13.20 (#45)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.19 to 1.13.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.19...1.13.20)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 09:38:17 +02:00
1774e33c24 build(deps): bump kombu from 4.6.8 to 4.6.9 (#46)
Bumps [kombu](https://kombu.readthedocs.io) from 4.6.8 to 4.6.9.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 09:37:53 +02:00
c961327d27 stages/identification: fix recovery template 2020-06-01 19:08:14 +02:00
fe1ff7fc76 core: fix form not showing general errors 2020-06-01 19:08:01 +02:00
82d12ecfdf policies/expression: use pb_message() for messages instead of returning a tuple 2020-06-01 15:25:38 +02:00
6ed822fa38 build(deps-dev): bump autopep8 from 1.5.2 to 1.5.3 (#44)
Bumps [autopep8](https://github.com/hhatto/autopep8) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/hhatto/autopep8/releases)
- [Commits](https://github.com/hhatto/autopep8/compare/v1.5.2...v1.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-01 12:40:08 +02:00
4d1658b35e stages/identification: explicitly define enrollment and recovery 2020-05-31 23:01:08 +02:00
08302a04bf docs: add docs for flows, start docs for stages 2020-05-30 22:36:01 +02:00
1c906b12be ci: set static network for static build 2020-05-29 10:04:23 +02:00
4d835b18cc ci: fix network for static build 2020-05-29 09:43:00 +02:00
e02ff7ec30 ci: fix codecov token not being set correctly 2020-05-29 09:18:17 +02:00
2e67b0194b Update azure-pipelines.yml for Azure Pipelines 2020-05-29 09:15:57 +02:00
8b4558fcd0 build(deps): bump boto3 from 1.13.18 to 1.13.19 (#41)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.18 to 1.13.19.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.18...1.13.19)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-29 08:53:41 +02:00
27728abe99 e2e: start implementing e2e tests 2020-05-29 00:45:56 +02:00
467b95cf02 Merge branch 'master' into e2e 2020-05-29 00:23:47 +02:00
80a36a3441 stages/user_write: don't use create_user, create empty object and set attributes 2020-05-28 23:22:15 +02:00
b1b63fbb7f stages/prompt: add prompt order field 2020-05-28 23:21:43 +02:00
0302a95dd7 Squashed commit of the following:
commit fe6bfb1620
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Thu May 28 22:44:42 2020 +0200

    stages/identification: fix wrong link
2020-05-28 22:44:59 +02:00
fe6bfb1620 stages/identification: fix wrong link 2020-05-28 22:44:42 +02:00
3cad746407 Merge branch 'master' into e2e 2020-05-28 22:43:56 +02:00
e6d64bf5b3 stages/identification: fix sources and recovery/enrollment not being shown 2020-05-28 22:43:44 +02:00
8dd05d5431 Squashed commit of the following:
commit 270739a45a
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Thu May 28 21:50:43 2020 +0200

    admin: fix policy testing form not showing the correct result

commit df8995deed
Author: Jens L <jens@beryju.org>
Date:   Thu May 28 21:45:54 2020 +0200

    policies/*: remove Policy.negate, order, timeout (#39)

    policies: rewrite engine to use PolicyBinding for order/negate/timeout
    policies: rewrite engine to use PolicyResult instead of tuple

commit fdfc6472d2
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Thu May 28 10:36:10 2020 +0200

    admin: fixup some urls

commit bc495828e7
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date:   Thu May 28 09:39:28 2020 +0200

    build(deps): bump django-redis from 4.11.0 to 4.12.1 (#38)

    Bumps [django-redis](https://github.com/jazzband/django-redis) from 4.11.0 to 4.12.1.
    - [Release notes](https://github.com/jazzband/django-redis/releases)
    - [Changelog](https://github.com/jazzband/django-redis/blob/master/CHANGES.rst)
    - [Commits](https://github.com/jazzband/django-redis/compare/4.11.0...4.12.1)

    Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

    Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

commit fa138a273f
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date:   Thu May 28 08:59:19 2020 +0200

    build(deps): bump boto3 from 1.13.17 to 1.13.18 (#37)

    Bumps [boto3](https://github.com/boto/boto3) from 1.13.17 to 1.13.18.
    - [Release notes](https://github.com/boto/boto3/releases)
    - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
    - [Commits](https://github.com/boto/boto3/compare/1.13.17...1.13.18)

    Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

    Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 21:56:18 +02:00
270739a45a admin: fix policy testing form not showing the correct result 2020-05-28 21:50:43 +02:00
df8995deed policies/*: remove Policy.negate, order, timeout (#39)
policies: rewrite engine to use PolicyBinding for order/negate/timeout
policies: rewrite engine to use PolicyResult instead of tuple
2020-05-28 21:45:54 +02:00
02f0712934 ci: fix static being built on wrong docker image 2020-05-28 21:19:06 +02:00
7e7ea47f39 ci: fix level of stages on build jobs 2020-05-28 21:00:30 +02:00
7e52711e3a ci: fix names of build jobs 2020-05-28 19:46:10 +02:00
40fd1c9c1f ci: fix duplicate key 2020-05-28 19:45:25 +02:00
4037a444eb ci: migrate building 2020-05-28 19:44:25 +02:00
1ed7e900f2 ci: migrate unittests and coverage 2020-05-28 19:29:28 +02:00
cfc8d0a0f7 ci: migrate lint to az 2020-05-28 19:15:18 +02:00
df33616544 Set up CI with Azure Pipelines
[skip ci]
2020-05-28 18:57:48 +02:00
fdfc6472d2 admin: fixup some urls 2020-05-28 10:36:27 +02:00
bc495828e7 build(deps): bump django-redis from 4.11.0 to 4.12.1 (#38)
Bumps [django-redis](https://github.com/jazzband/django-redis) from 4.11.0 to 4.12.1.
- [Release notes](https://github.com/jazzband/django-redis/releases)
- [Changelog](https://github.com/jazzband/django-redis/blob/master/CHANGES.rst)
- [Commits](https://github.com/jazzband/django-redis/compare/4.11.0...4.12.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 09:39:28 +02:00
fa138a273f build(deps): bump boto3 from 1.13.17 to 1.13.18 (#37)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.17 to 1.13.18.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.17...1.13.18)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 08:59:19 +02:00
5555dd4dde root: update readme 2020-05-27 17:57:43 +02:00
084ff2994f ci: add cleanup to CI to remove old tags 2020-05-27 17:33:27 +02:00
ee8a61d164 root: update readme 2020-05-27 17:26:35 +02:00
60a363e4bf build(deps): bump boto3 from 1.13.15 to 1.13.17 (#35)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.15 to 1.13.17.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.15...1.13.17)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-27 11:53:59 +02:00
e2804b9755 root: fix linting errors 2020-05-27 11:26:48 +02:00
9330a03273 root: fix pylint not correctly ignoring migrations 2020-05-27 11:15:10 +02:00
beabba2890 flows: Load Stages without refreshing the whole page (#33)
* flows: initial implementation of FlowExecutorShell

* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
eeeb14a045 admin: fix urls for applications 2020-05-22 23:22:40 +02:00
ff3f126832 build(deps): bump boto3 from 1.13.14 to 1.13.15 (#31)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.14 to 1.13.15.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.14...1.13.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-22 09:55:25 +02:00
73225917cd build(deps): bump codemirror in /passbook/static/static (#29)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.53.2 to 5.54.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.53.2...5.54.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-21 19:12:14 +02:00
8b7a285f4a build(deps): bump swagger-spec-validator from 2.5.0 to 2.6.0 (#28)
Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/Yelp/swagger_spec_validator/releases)
- [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/Yelp/swagger_spec_validator/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-21 19:11:27 +02:00
3a4c6a5d67 build(deps): bump boto3 from 1.13.13 to 1.13.14 (#30)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.13 to 1.13.14.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.13...1.13.14)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-21 14:20:51 +02:00
0664f0b6b2 flows: add support for default_context, etc
default_context can be used to influence policies during the planning. This should be used when the Planner is called from other views to correctly preseed the plan.
This also checks if there is a PENDING_USER set, and uses that user for the cache key instead
2020-05-20 16:15:16 +02:00
fab9f1cb1b root: clear cache on debug startup 2020-05-20 16:13:48 +02:00
b3c54308b7 policies/expression: validate syntax on form clean 2020-05-20 16:13:36 +02:00
c1a72a0474 crypto: fix clean_ methods not returning values 2020-05-20 16:10:12 +02:00
4377d1e86e admin: fix flow ordering, fix source URLs 2020-05-20 16:09:53 +02:00
cafe2f1e1f admin: fix linting 2020-05-20 13:59:56 +02:00
c329a724e8 admin: fix wrong name in template 2020-05-20 13:55:17 +02:00
969da05437 admin: show object's docstring on inheritance based lists 2020-05-20 13:47:58 +02:00
c61c84e9f3 admin: remove inline JS, add CodeMirror widget for jinja and yaml 2020-05-20 13:00:45 +02:00
e08c5ff875 helm: fully remove domain, add log_level 2020-05-20 12:16:56 +02:00
d1fd616b8d build(deps): bump packaging from 20.3 to 20.4 (#25)
Bumps [packaging](https://github.com/pypa/packaging) from 20.3 to 20.4.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pypa/packaging/compare/20.3...20.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-20 09:41:31 +02:00
cc4bbc049b build(deps): bump boto3 from 1.13.12 to 1.13.13 (#27)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.12 to 1.13.13.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.12...1.13.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-20 09:38:04 +02:00
24a3e787dd migrate to per-model UUID Primary key, remove UUIDModel (#26)
* *: migrate to per-model UUID Primary key, remove UUIDModel

* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
13a20478fd sources/oauth: add OIDC client 2020-05-19 21:53:46 +02:00
f58ee7fb52 sources/oauth: fix handling of sources with spaces in their name 2020-05-19 21:53:36 +02:00
4d45dc31a9 helm: limit deployments to their respective components 2020-05-19 21:25:56 +02:00
f6b5fbc2cf admin: fix sidebar 2020-05-19 21:02:10 +02:00
db69c3e38d admin: add generic tests 2020-05-19 20:59:43 +02:00
5ba55356a9 admin: cleanup templates, cleanup templatetags 2020-05-19 20:29:02 +02:00
6104b7c9ba build(deps): bump lxml from 4.5.0 to 4.5.1 (#24)
Bumps [lxml](https://github.com/lxml/lxml) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](https://github.com/lxml/lxml/compare/lxml-4.5.0...lxml-4.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-19 15:58:30 +02:00
bcef8369ff build(deps): bump boto3 from 1.13.11 to 1.13.12 (#23)
Bumps [boto3](https://github.com/boto/boto3) from 1.13.11 to 1.13.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.11...1.13.12)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-19 07:40:00 +02:00
0fe555a76e Merge pull request #17 from BeryJu/dependabot/pip/pylint-2.5.2
build(deps-dev): bump pylint from 2.4.4 to 2.5.2
2020-05-19 07:33:17 +02:00
c903c81bd5 root: update pylint ignore list 2020-05-18 18:15:39 +02:00
2c43bfb13f Merge pull request #22 from BeryJu/dependabot/pip/urllib3-1.25.9
build(deps): bump urllib3 from 1.25.8 to 1.25.9
2020-05-18 16:04:40 +02:00
24ecab0878 Merge pull request #21 from BeryJu/dependabot/pip/sentry-sdk-0.14.4
build(deps): bump sentry-sdk from 0.14.3 to 0.14.4
2020-05-18 15:53:32 +02:00
6285c79341 Merge pull request #20 from BeryJu/dependabot/pip/django-otp-0.9.1
build(deps): bump django-otp from 0.8.1 to 0.9.1
2020-05-18 15:35:23 +02:00
5f7c56fab4 Merge pull request #19 from BeryJu/dependabot/pip/coverage-5.1
build(deps-dev): bump coverage from 5.0.4 to 5.1
2020-05-18 15:01:29 +02:00
6338b14a5b Merge pull request #18 from BeryJu/dependabot/pip/django-3.0.6
build(deps): bump django from 3.0.5 to 3.0.6
2020-05-18 14:51:44 +02:00
62ff3667f9 build(deps): bump urllib3 from 1.25.8 to 1.25.9
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.8 to 1.25.9.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.8...1.25.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 12:29:33 +00:00
3b97eef641 build(deps): bump sentry-sdk from 0.14.3 to 0.14.4
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 0.14.3 to 0.14.4.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGES.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/0.14.3...0.14.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 12:28:09 +00:00
b05d66466b build(deps): bump django-otp from 0.8.1 to 0.9.1
Bumps [django-otp](https://github.com/django-otp/django-otp) from 0.8.1 to 0.9.1.
- [Release notes](https://github.com/django-otp/django-otp/releases)
- [Changelog](https://github.com/django-otp/django-otp/blob/master/CHANGES.rst)
- [Commits](https://github.com/django-otp/django-otp/compare/v0.8.1...v0.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 12:26:41 +00:00
220144c919 build(deps-dev): bump coverage from 5.0.4 to 5.1
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.0.4 to 5.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.0.4...coverage-5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 12:25:16 +00:00
3b9402420d build(deps): bump django from 3.0.5 to 3.0.6
Bumps [django](https://github.com/django/django) from 3.0.5 to 3.0.6.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.0.5...3.0.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 12:23:42 +00:00
1324143146 Merge pull request #13 from BeryJu/dependabot/pip/autopep8-1.5.2
build(deps-dev): bump autopep8 from 1.5.1 to 1.5.2
2020-05-18 14:20:01 +02:00
595144cdd9 build(deps-dev): bump pylint from 2.4.4 to 2.5.2
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.4.4 to 2.5.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.4.4...pylint-2.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 12:19:16 +00:00
b3e714a741 Merge pull request #12 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/codemirror-5.53.2
build(deps): bump codemirror from 5.52.0 to 5.53.2 in /passbook/static/static
2020-05-18 14:15:29 +02:00
2b3ae1e2d5 Merge pull request #10 from BeryJu/dependabot/pip/pylint-django-2.0.15
build(deps-dev): bump pylint-django from 2.0.14 to 2.0.15
2020-05-18 14:15:18 +02:00
886845306a build(deps): bump codemirror in /passbook/static/static
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.52.0 to 5.53.2.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.52.0...5.53.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 11:50:33 +00:00
de6aaec088 Merge pull request #11 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/fortawesome/fontawesome-free-5.13.0
build(deps): bump @fortawesome/fontawesome-free from 5.12.1 to 5.13.0 in /passbook/static/static
2020-05-18 13:49:21 +02:00
137e0854ab Merge pull request #15 from BeryJu/dependabot/pip/bumpversion-0.6.0
build(deps-dev): bump bumpversion from 0.5.3 to 0.6.0
2020-05-18 13:48:52 +02:00
b6a0e895bc build(deps): bump @fortawesome/fontawesome-free
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.12.1 to 5.13.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.12.1...5.13.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 11:03:22 +00:00
05c791b1c0 build(deps-dev): bump bumpversion from 0.5.3 to 0.6.0
Bumps [bumpversion](https://github.com/peritus/bumpversion) from 0.5.3 to 0.6.0.
- [Release notes](https://github.com/peritus/bumpversion/releases)
- [Commits](https://github.com/peritus/bumpversion/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 11:02:36 +00:00
669f3051e8 build(deps-dev): bump pylint-django from 2.0.14 to 2.0.15
Bumps [pylint-django](https://github.com/PyCQA/pylint-django) from 2.0.14 to 2.0.15.
- [Release notes](https://github.com/PyCQA/pylint-django/releases)
- [Changelog](https://github.com/PyCQA/pylint-django/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/PyCQA/pylint-django/compare/v2.0.14...v2.0.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 11:02:17 +00:00
d945b56561 Merge pull request #14 from BeryJu/dependabot/npm_and_yarn/passbook/static/static/patternfly/patternfly-2.71.6
build(deps): bump @patternfly/patternfly from 2.65.3 to 2.71.6 in /passbook/static/static
2020-05-18 13:02:08 +02:00
27333bbff1 build(deps-dev): bump autopep8 from 1.5.1 to 1.5.2
Bumps [autopep8](https://github.com/hhatto/autopep8) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/hhatto/autopep8/releases)
- [Commits](https://github.com/hhatto/autopep8/compare/v1.5.1...v1.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 11:02:07 +00:00
80c800f233 Merge pull request #16 from BeryJu/dependabot/pip/boto3-1.13.11
build(deps): bump boto3 from 1.12.39 to 1.13.11
2020-05-18 12:58:40 +02:00
5d17d3dd31 build(deps): bump boto3 from 1.12.39 to 1.13.11
Bumps [boto3](https://github.com/boto/boto3) from 1.12.39 to 1.13.11.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.12.39...1.13.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 09:51:42 +00:00
8c64fcd17f build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 2.65.3 to 2.71.6.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/v2.65.3...v2.71.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-05-18 09:49:27 +00:00
753110583e admin: fix incorrect URL 2020-05-17 23:55:42 +02:00
4206a8c43e stages/password: fix button without labeling 2020-05-17 23:55:25 +02:00
7cc9ae45bc static: fix any click on menu triggering collapse 2020-05-17 23:55:13 +02:00
09ef58350c flows: rename AuthenticationStage to StageView as its a general base view 2020-05-17 00:03:06 +02:00
0b70007926 docs: add upgrade page 2020-05-16 23:46:25 +02:00
2c5d6e8187 docker: fix import order on wait_for_db 2020-05-16 22:56:14 +02:00
10d3f9ac2f root: rewrite bootstrap in python, remove management command 2020-05-16 22:46:17 +02:00
a6301055f0 root: remove need for PASSBOOK_DOMAIN 2020-05-16 21:47:51 +02:00
9a1b8eb7c8 admin: add empty views to all lists, move invitation to stage-invitations 2020-05-16 21:43:48 +02:00
2ee45f388c crypto: validate PEM data before saving 2020-05-16 21:25:10 +02:00
9a9feea5ff static: make hamburger menu work 2020-05-16 21:11:48 +02:00
8540e787d3 admin: fix create buttons disappearing on small screens 2020-05-16 21:11:38 +02:00
db26ce808e core: remove policies from application form 2020-05-16 20:48:45 +02:00
802d568273 admin: fix urls applications and sources 2020-05-16 20:48:30 +02:00
7b6524357f stages/user_logout: fix dependency on PENDING_USER 2020-05-16 20:46:21 +02:00
83013f063d core: remove stub data from user settings 2020-05-16 20:45:43 +02:00
333ee3eed4 dc: fix compose, remove SESSION_COOKIE_DOMAIN 2020-05-16 20:39:38 +02:00
e68352b09c admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 19:55:59 +02:00
df1cb88abc admin: fix slow load for templates using get_links 2020-05-16 19:00:43 +02:00
5596caedbc Merge pull request #9 from BeryJu/db-reset
DB Reset
2020-05-16 18:20:03 +02:00
7bd65120b9 *: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies 2020-05-16 18:07:00 +02:00
227966e727 core: rename nonce to token 2020-05-16 16:11:53 +02:00
406f69080b Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
This reverts commit 7ed3ceb960.
2020-05-16 16:02:42 +02:00
2ce31dfaa5 root: upgrade django-dbbackup 2020-05-16 14:54:18 +02:00
b23afcfc3b helm: expose backup settings through helm chart 2020-05-16 14:17:43 +02:00
7ed3ceb960 *: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through 2020-05-16 14:03:57 +02:00
615cd7870d stages/email: add field to select E-Mail and subject 2020-05-15 14:50:23 +02:00
b907105f4a policies/expression: expose python requests via expression, remove webhook policy 2020-05-15 12:02:41 +02:00
023423c6e7 stages/password: show password forgotten prompt when recovery flow configured 2020-05-15 11:01:02 +02:00
a5319fc2fe *: rename templatetags to clearly identify 2020-05-15 10:54:31 +02:00
8cfd3f9a2b Merge pull request #8 from BeryJu/flows-stage1
Flows Stage 1
2020-05-14 16:07:22 +02:00
814c797c64 stages/prompt: add policy verification logic 2020-05-14 15:48:23 +02:00
776ad3cfbf policies/expression: add pb_log function to debug 2020-05-14 15:48:08 +02:00
74ddf70cb7 policy: add context to PolicyRequest 2020-05-14 15:47:56 +02:00
a7a839a29c stages/prompt: promptstage based on PolicyBindingModel 2020-05-14 13:51:35 +02:00
9859c5db0a policies: add API for policybindings 2020-05-14 13:51:05 +02:00
fe503c8de0 root: add swagger to repository 2020-05-14 13:45:46 +02:00
43a583e2d2 stages/invitation: add unittests 2020-05-13 23:20:27 +02:00
f289025d8e stages/user_delete: fix missing API, fix missing tests 2020-05-13 23:20:07 +02:00
19cb310446 gh/actions: run coverage xml before codecov 2020-05-13 22:40:09 +02:00
47f6d0ac59 gh/actions: fix invalid path for codecov 2020-05-13 22:27:18 +02:00
922cbf932d : update readme 2020-05-13 19:05:01 +02:00
c104eeebe6 gh/actions: add codecov 2020-05-13 18:52:37 +02:00
80c3246333 policies/expression: add pb_flow_plan variable 2020-05-13 18:44:36 +02:00
461fed5567 admin: remove more duplicate code 2020-05-13 13:45:57 +02:00
d5f6714ed7 admin: remove redundant code 2020-05-13 11:57:19 +02:00
c42ed6bc99 admin: sort types, minor fixups 2020-05-13 11:57:10 +02:00
57fed2b92b stages/user_delete: fix formatting 2020-05-12 15:23:17 +02:00
e45b33c6c2 stages/user_delete: add user delete stage, remove view from core 2020-05-12 14:50:00 +02:00
137e90355b flows: default-auth -> default-authentication 2020-05-12 14:49:47 +02:00
7500e622f6 stages/invitation: start extracting invitation from core 2020-05-11 21:58:02 +02:00
d49c58f326 flows: fix linting 2020-05-11 21:27:46 +02:00
9814d3be03 flows: add Planner and Executor unittests 2020-05-11 15:01:14 +02:00
fc9f86cccc lib: use TemplateResponse for bad_request_message 2020-05-11 14:08:04 +02:00
6fd19c0a37 flows: add caching of plan, add planner unittests 2020-05-11 11:39:58 +02:00
10cb412532 flows: fix linting of migrations 2020-05-11 09:08:15 +02:00
e12780f78f flows: add invalidation designation, use as default logout action 2020-05-11 01:12:57 +02:00
9dec13c225 stages/user_logout: add logout stage 2020-05-11 01:12:14 +02:00
69120da45c core: remove redundant views/forms 2020-05-11 00:49:48 +02:00
5b2bf7519a stages/user_create -> user_write: Stage can create and update existing users 2020-05-10 23:38:15 +02:00
631cf77f89 stages/captcha: add tests 2020-05-10 21:43:30 +02:00
6676e95011 stages/email: add tests, cleanup 2020-05-10 21:43:22 +02:00
3219cffb52 stages/email: add logic to verify token 2020-05-10 21:00:04 +02:00
d4f149bc02 stages/email: add form for sending email to prevent spam
stages/email: make token validity configurable
2020-05-10 20:50:27 +02:00
206cf4967d stages/identification: add more templates 2020-05-10 20:24:47 +02:00
a67c53f46a stages/email: start rewriting templates, add template tags to embed CSS and images 2020-05-10 20:16:58 +02:00
e989c61793 core: reduce default nonce time to 30 minutes 2020-05-10 20:15:56 +02:00
99bab03cce flows: add check if current plan matches current flow 2020-05-10 20:15:24 +02:00
a7567ad8c6 stages/identification: add recovery support 2020-05-10 18:45:16 +02:00
2ffa2fc6b8 admin: update templates and stage views 2020-05-10 18:44:58 +02:00
8de87d9acb stages/identification: test signup notice 2020-05-10 18:17:24 +02:00
1d03b36750 stages/identification: show sign up url when related flow exists 2020-05-10 18:14:10 +02:00
8dc3c49a2f stages/user_create: add stage to create user after prompts 2020-05-10 18:04:23 +02:00
f6461b08d7 stages/prompt: add unittests 2020-05-10 17:52:26 +02:00
a3a3dde1c8 stages/dummy: add unittests
stages/password: improve coverage
stages/user_login: improve coverage
2020-05-10 17:02:01 +02:00
f111604b70 stages/login: -> stages/user_login: rename login to user_login for user_create stage 2020-05-10 16:20:44 +02:00
4315d1a03c stages/prompt: add prompt stage: dynamically created forms based on database 2020-05-10 16:20:17 +02:00
9def45c8d7 stages/identification: fix label for inputs 2020-05-10 15:29:27 +02:00
358922b09b lib/ui: fix human_list for lists with one item 2020-05-10 15:29:10 +02:00
fbc3ac6b30 flows: make FlowExecutor fully working without pending user 2020-05-10 15:28:52 +02:00
4f785da452 root: fix migrations for CI 2020-05-10 13:06:38 +02:00
ff4bd1c91f root: increase testing verbosity to debug CI 2020-05-10 12:50:58 +02:00
7a96f9e894 policies/dummy: fix migrations 2020-05-10 12:27:10 +02:00
c27d257146 core: fix migrations 2020-05-10 12:07:40 +02:00
9bccf9bb0a policies/dummy: separate dummy policy from core into app 2020-05-10 02:14:55 +02:00
c0b05a62f4 stages/password: add unittests 2020-05-10 02:00:38 +02:00
c140c39d07 stages/login: add unittests 2020-05-10 01:02:04 +02:00
9a700e506b stages/identification: simplify unittests 2020-05-10 01:01:58 +02:00
8e488670ad stages/identification: load uid_fields from stage in form, add more unit tests 2020-05-10 00:05:36 +02:00
fd5b2298e5 flows: fix unittests and migrations 2020-05-09 23:31:35 +02:00
caeaf8d5a9 stages/identification: optimise User lookup query 2020-05-09 23:20:20 +02:00
c46f0781fc flows: separate final login step from flow executor 2020-05-09 23:19:36 +02:00
0aad0604d8 stages/identification: migrate from core to separate stage 2020-05-09 21:31:29 +02:00
131c3fdb32 stages/password: fix broken authentication 2020-05-09 21:30:12 +02:00
8a6009c278 flows: enum to django TextChoices 2020-05-09 20:54:56 +02:00
3456527f10 providers/saml: fix minor typing issue 2020-05-09 20:54:11 +02:00
28b913136d root: set log level based on DEBUG flag 2020-05-09 20:53:47 +02:00
f700899640 stages/password: fix possibility of password in logs 2020-05-09 20:53:32 +02:00
5ba45d3037 root: add fossa 2020-05-08 21:08:36 +02:00
212e966dd4 factors: -> stage 2020-05-08 20:59:51 +02:00
08c0eb2ec6 admin: add flows 2020-05-08 18:45:53 +02:00
872ecd93a6 flows: add to api and add forms 2020-05-08 18:29:18 +02:00
f8af9d6ce0 flows: make sure flow_slug is logged consistently 2020-05-08 17:18:43 +02:00
c3e43a7c2f flows: fix denied view not being registered 2020-05-08 16:50:50 +02:00
273af0f1cb core/auth: fix unittests for flows 2020-05-08 16:43:22 +02:00
2a85e5ae87 flows: complete migration to FlowExecutorView, fully use context 2020-05-08 16:10:27 +02:00
114bb1b0bd flows: implement planner, start new executor 2020-05-08 14:33:14 +02:00
97b5d120f8 providers/oauth: fix default cors settings 2020-05-08 11:26:26 +02:00
e1f0fe45cb static: fix dashes being removed from slugs 2020-05-08 11:26:12 +02:00
bc0f4973d8 helm: fix bootstrap not being used correctly 2020-05-08 09:42:21 +02:00
5400882d78 flows/: more migration progress, consolidate views 2020-05-07 21:30:52 +02:00
8de66b27ad flows/*: Initial flows stage1 implementation 2020-05-07 20:51:06 +02:00
179f0097c0 provider/samlv2: more samlv2 progres 2020-05-07 19:25:15 +02:00
b40bffdf38 providers/samlv2: start implementing new SAML Provider 2020-05-07 01:20:08 +02:00
2e9496bb74 gh/ci: run pyright in python venv 2020-05-07 00:38:41 +02:00
d9d765c6cd gh/ci: fix ci syntax 2020-05-07 00:36:13 +02:00
10cc6856a4 gh/ci: fix pyright not being installed 2020-05-07 00:33:42 +02:00
813dd2894f *: add pyright type checking 2020-05-07 00:32:03 +02:00
80d90b91e8 core: add general admin.py loader, remove individual files 2020-05-07 00:05:10 +02:00
fff05e35ac providers/saml: optionally verify SAML Signature 2020-05-06 18:03:12 +02:00
75bb59a22a ui: fix help text not being shown for checkboxes 2020-05-06 17:59:19 +02:00
3ce69bb391 compose: remove explicit bootstrapping 2020-04-22 11:45:43 +02:00
4eb7c5f94b helm: remove explicit bootstrapping 2020-04-22 11:45:36 +02:00
aac7e6be90 lib: fix ram usage due to bootstrap
bootstrap now exits (0) when all services are up, instead continuously running. This is combined with a simple bash script, which does this job instead.

This also adds /bootstrap.sh as docker ENTRYPOINT
2020-04-22 11:45:11 +02:00
c77f4204c0 new release: 0.8.15-beta 2020-04-10 21:57:20 +02:00
5f4452470b providers/saml: fix metadata rendering when no singing keypair is selected
closes PASSBOOK-44
2020-04-10 21:54:23 +02:00
9a1270c693 providers/saml: fix wrong signing property being checked
closes PASSBOOK-45
2020-04-10 21:52:03 +02:00
7b9d1a1159 new release: 0.8.14-beta 2020-04-10 21:23:55 +02:00
cdbe1f6161 bump dependencies 2020-04-10 21:17:31 +02:00
e43db2e065 new release: 0.8.13-beta 2020-04-10 21:11:24 +02:00
d1c74d2160 lib: fix imports being changed every time 2020-03-05 17:28:03 +01:00
f2119ce567 providers/saml: fix signing_kp typo 2020-03-05 17:09:08 +01:00
2c4dcb9cf0 actions: remove cache 2020-03-04 21:15:44 +01:00
93b8266821 actions: install pipenv as root 2020-03-04 21:13:40 +01:00
443797d9b0 actions: install wheel package 2020-03-04 21:11:26 +01:00
a4365ca02c actions: don't update system pip 2020-03-04 21:09:46 +01:00
3750083667 actions: don't setup custom python, use system pip 2020-03-04 21:08:24 +01:00
66ef067ecf actions: don't update pip to fix CI 2020-03-04 20:10:46 +01:00
b489b0e691 Merge pull request #7 from BeryJu/crypto
generic cert management
2020-03-04 19:43:52 +01:00
f2154d9875 crypto: add property for private_key 2020-03-04 19:43:18 +01:00
80a50f9bdb providers/saml: switch to new crypto 2020-03-03 23:35:50 +01:00
dc8b89a6b9 sources/saml: switch to new crypto 2020-03-03 23:35:38 +01:00
8df55f22aa crypto: implement simple certificate-key pair for easier management 2020-03-03 23:35:25 +01:00
f6c322be27 providers/oidc: fix skip_authorization not being synced to oidc_client 2020-03-02 17:40:38 +01:00
a144552059 providers/oidc: fill claims with userinfo 2020-03-01 22:55:56 +01:00
535d529193 ui: fix title, fix navigation on user settings 2020-02-29 14:46:58 +01:00
6ed2e137a2 new release: 0.8.12-beta 2020-02-28 11:54:03 +01:00
45bd63c720 api: update old field names 2020-02-28 11:48:55 +01:00
736e13fc35 ui: add template for csrf errors 2020-02-28 11:41:28 +01:00
966fff008c ui: re-enable branding on navbar 2020-02-28 11:37:07 +01:00
64f15eadbd providers/saml: fix CSRF errors with POST binding 2020-02-28 10:50:16 +01:00
81b66ecdcd core: remove some more dead code, add more help texts for factors 2020-02-27 16:39:30 +01:00
53e5cf7826 admin: fix some models not being paginated 2020-02-27 15:30:28 +01:00
82654b3fd9 ui: re-organize some of the navigation to make it cleaner for end-users 2020-02-27 14:59:34 +01:00
9b72c604dd docs: fix some typos 2020-02-27 13:00:55 +01:00
5fb1b8044c new release: 0.8.11-beta 2020-02-25 11:38:50 +01:00
b8daab4377 providers/saml: fix AccessRequiredView.dispatch not being called 2020-02-25 11:38:26 +01:00
c5b91bdae8 providers/saml: fix CannotHandleAssertion Error still being sent to sentry 2020-02-24 19:14:43 +01:00
39a208c55f providers/saml: fix wrong key being used for params 2020-02-24 17:48:03 +01:00
a5bfef9b6b providers/saml: fix leftover data in session, fix IdP initiated login
move can_handle calls to binding endpoints (/login/ and /login/initiate/), so that /login/authorize/ works either way, can clean up the session and audit
2020-02-24 17:34:52 +01:00
f1f4cbef9b lib/sentry: fix SentryIgnoredException not being ignored correctly 2020-02-24 17:01:31 +01:00
8388120b06 new release: 0.8.10-beta 2020-02-24 15:30:57 +01:00
2bf96828f1 root: fix logging.basicConfig being called by pyjwkest 2020-02-24 15:30:28 +01:00
22838e66fe providers/saml: fix users being able to authenticate without audit logs being created 2020-02-24 14:40:12 +01:00
484dd6de09 providers/oidc: add error template 2020-02-24 14:19:02 +01:00
b743736c26 lib/logging: fix typo 2020-02-24 14:10:58 +01:00
af91e2079b core: sort provider by pk when selection application provider 2020-02-24 14:10:51 +01:00
cad1c17f14 helm: fix inconsistent labels 2020-02-24 13:49:42 +01:00
120d32e4dc new release: 0.8.9-beta 2020-02-24 13:23:20 +01:00
238b489e07 root: add process ID to logging output 2020-02-24 13:20:32 +01:00
4daa70c894 core: fix saving of policy not correctly clearing it's cache 2020-02-24 13:15:52 +01:00
f8599438df ui: fix lists not being rendered correctly 2020-02-24 13:13:42 +01:00
155c9a4c3f ui: update remaining forms, completely remove jQuery 2020-02-24 13:13:28 +01:00
8433b5e583 ui: fix automatic slug generation 2020-02-24 12:40:16 +01:00
dc5ba144f1 ui: fix height of multiple select input 2020-02-24 12:40:06 +01:00
521a8b5356 ui: update more remaining templates 2020-02-23 22:49:56 +01:00
3453077d7b root: set SameSite to None when debugging 2020-02-23 22:49:33 +01:00
70ede8581a core: sort sources on login view 2020-02-23 20:19:01 +01:00
6e9d297f02 deploy: use new bootstrap command 2020-02-23 20:12:48 +01:00
6a7545fd43 lib: add bootstrap command 2020-02-23 19:52:41 +01:00
a8926cbd07 lib: add more errors to sentry ignore 2020-02-23 19:48:14 +01:00
64d7b009ab sources/oauth: fix invalid headers, fix invalid function signature 2020-02-23 19:42:57 +01:00
2b5fddb7bf policies: add unittests for evaluator 2020-02-23 15:54:26 +01:00
b99d23c119 all: remove dead code 2020-02-23 15:32:20 +01:00
03905b74ff admin: exclude anonymous user from listing 2020-02-23 15:27:28 +01:00
6b8a59cfbd admin: show prettified yaml 2020-02-23 15:27:11 +01:00
d6fdcd3ef9 ui: re-add automatic slug generation 2020-02-23 15:20:41 +01:00
53ebc551d2 ui: fix icon sizing on login 2020-02-23 15:13:18 +01:00
3d4f43d6e3 ui: show default icon for source without icon 2020-02-23 15:09:58 +01:00
074cde7cd5 audit: save model's name or string representation 2020-02-23 15:04:30 +01:00
382e563590 new release: 0.8.8-beta 2020-02-23 14:45:45 +01:00
ca61a7cc21 audit: don't pop password as its censored already 2020-02-23 14:43:33 +01:00
fa2870afe0 sources: remove policies as they are not used currently 2020-02-23 14:40:06 +01:00
0f46207ea4 admin: fix provider list not having pagination 2020-02-23 14:29:21 +01:00
1e7d912144 actions: build :<branch-name> on push 2020-02-23 13:54:19 +01:00
f4a676e2fb sources/oauth: slugify provider type instead of just lowercase 2020-02-23 13:53:16 +01:00
b2c10e2387 ui: add missing discord and twitter icons 2020-02-23 13:47:21 +01:00
8c329dca7d core: add migration to fix null fields in core.application 2020-02-22 19:26:34 +01:00
83da175749 policies/expression: add pb_client_ip field 2020-02-22 19:26:16 +01:00
995c87938f core: fix default Null causing issues in translation 2020-02-21 23:10:00 +01:00
40678b2f84 new release: 0.8.7-beta 2020-02-21 22:17:11 +01:00
8dbbe9102b ui: fix application grid icons, fix SAML Authorize 2020-02-21 22:16:58 +01:00
2f51f354de ui: fix app icon not showing 2020-02-21 22:02:44 +01:00
04b815a33e admin: show object usage count instead of list 2020-02-21 22:02:03 +01:00
2a4d68911b helm: change static healthcheck and port 2020-02-21 21:50:16 +01:00
4d5a2d61ff new release: 0.8.6-beta 2020-02-21 21:36:04 +01:00
efd88c27ad audit: *crit* fix audit log not being protected correctly 2020-02-21 21:33:42 +01:00
80d361ccd2 audit: fix failed login events not being logged 2020-02-21 21:27:25 +01:00
6ed4501615 ui: fix branding viewport 2020-02-21 21:18:55 +01:00
8d34faa28e Merge pull request #5 from BeryJu/pf4
PatternFly v4
2020-02-21 21:03:48 +01:00
a3ae827839 ui: centrally load CodeMirror and init via data tag 2020-02-21 21:02:03 +01:00
88c1ad4c1c providers/saml: fix 500 when SAML Provider not assigned to application 2020-02-21 20:54:00 +01:00
1147c4901b ui: clean up some more remaining templates 2020-02-21 20:40:40 +01:00
063181d7a7 ui: use compact templates 2020-02-21 20:24:02 +01:00
1285ba6fbb ui: include font-awesome 2020-02-21 18:00:09 +01:00
a09a1793ec ui: update templates for jinja2-related fields 2020-02-21 15:36:37 +01:00
50caa3ac3e ui: update static docker image to download NPM modules 2020-02-21 15:33:54 +01:00
9440d24358 static: use codemirror from npm 2020-02-21 15:18:13 +01:00
26bf6fd22f all: add more helpful help_text to models 2020-02-21 15:12:16 +01:00
e2f836feae all: fix left over references to error templates 2020-02-21 15:05:32 +01:00
b6326f399c ui: clean up more generic forms, remove is_login everywhere 2020-02-21 15:00:45 +01:00
ea6a1422f7 ui: rewrite admin templates to pf4, add some helper scripts 2020-02-21 14:20:16 +01:00
8fd86a28ff ui: fixup minor issues, add static app 2020-02-21 11:20:55 +01:00
d88283a7a9 Merge branch 'master' into pf4
# Conflicts:
#	passbook/core/static/img/logos/discord.svg
#	passbook/core/static/js/passbook.js
#	passbook/core/templates/login/with_sources.html
#	passbook/core/templates/overview/index.html
#	passbook/core/views/authentication.py
2020-02-21 09:05:40 +01:00
32a15f84c0 root: run bandit as part of pre-commit 2020-02-21 09:03:59 +01:00
93ba4b7f62 root: use defusedxml's defuse_stdlib globally 2020-02-21 09:00:28 +01:00
187780dab2 new release: 0.8.5-beta 2020-02-20 21:39:13 +01:00
d988f37afc lib: add SentryIgnoredException, to easily ignore exceptions from sentry 2020-02-20 21:38:53 +01:00
295c0bae3f sources/saml: validate SAMLResponse signature 2020-02-20 21:34:25 +01:00
38a22ddf13 providers/saml: cleanup encoding 2020-02-20 21:33:10 +01:00
d06f1abb89 providers/saml: add POST binding support to Metadata 2020-02-20 17:38:42 +01:00
027a64fad2 providers/saml: change default NameID Format to emailAddress 2020-02-20 17:37:09 +01:00
84fc54ddaa sources/saml: entity_id -> issuer 2020-02-20 17:23:27 +01:00
0b5caa85f5 all: sort imports and cleanup 2020-02-20 17:23:05 +01:00
14e0a17dbc ui: don't remove dashes when auto generating slug 2020-02-20 17:13:50 +01:00
3c04afa31f root: use different cookie names for dev instance 2020-02-20 17:08:11 +01:00
40a2a26904 sources/saml: fix Metadata cert including PEM header 2020-02-20 17:05:11 +01:00
c8b3c6e51a sources/saml: fix build_full_url using incorrect URL parameter 2020-02-20 17:04:54 +01:00
e0272a6422 providers/saml: Show error message when trying to get metadata without assigning application 2020-02-20 17:04:20 +01:00
b290bbf6d7 new release: 0.8.4-beta 2020-02-20 16:17:23 +01:00
8d875cb01d providers/saml: fix /login/ pointing to wrong view 2020-02-20 16:13:55 +01:00
36b1f8ba36 new release: 0.8.3-beta 2020-02-20 15:14:49 +01:00
6c889eff27 core: fix application icons not loading, fix with_sources being broken 2020-02-20 14:30:06 +01:00
9d8675e54b new release: 0.8.2-beta 2020-02-20 13:57:46 +01:00
22ae986c0b root: add logger name to log output 2020-02-20 13:52:14 +01:00
2bef5f3911 policies: struct -> types to match core 2020-02-20 13:52:05 +01:00
3c2b8e5ee1 all: prefix all UI related methods with ui_, switch to property and return dataclass 2020-02-20 13:51:41 +01:00
c96571bdba core: fix discord logo being hard to see 2020-02-20 13:50:05 +01:00
2dfd93afb1 core: add more fields for metadata of applications 2020-02-20 13:45:22 +01:00
f1d77d475c ui: start patternfly v4 migration 2020-02-19 21:03:39 +01:00
1d22e30c70 lib: sentry ignore Redis and OSError 2020-02-19 17:13:44 +01:00
07b7951390 sources/ldap: handle user_sync errors better, show warning when user exists already 2020-02-19 16:20:33 +01:00
995615d0a0 policies/expression: Return False if Policy returns Undefined and log warning 2020-02-19 16:19:02 +01:00
ac273aab75 core: raise PropertyMappingExpressionException when PropertyMapping returns Undefined 2020-02-19 16:18:31 +01:00
44cd03654d core: base set maximum-scale to 1 2020-02-19 15:11:25 +01:00
3e2375f970 new release: 0.8.1-beta 2020-02-19 11:31:05 +01:00
38ad8e5fd3 policies/expression: fix pb_is_sso_flow 2020-02-19 11:01:20 +01:00
c481558a46 helm: fix error that FLUSHDB Command is not available 2020-02-19 10:57:57 +01:00
e27a05a7fc lib/sentry: ignore django validation error 2020-02-19 10:54:29 +01:00
e4886f0c6f new release: 0.8.0-beta 2020-02-19 10:29:52 +01:00
8b2ce5476a policies/expression: add annotation to update docs, name jinja filters/funcs more clearly 2020-02-19 10:23:42 +01:00
1b82283a20 docs: update policy types, add docs for expression policies 2020-02-19 10:21:28 +01:00
7f3d0113c2 policies: remove redundant policies which can be easily implemented with expressions 2020-02-19 09:51:15 +01:00
0f6dd33a6b api: add expression policy to API URLs 2020-02-19 09:49:57 +01:00
5b79b3fd22 policies/expression: move evaluation code into separate class 2020-02-19 09:49:38 +01:00
d68c72f1fa lib: remove method_decorator Mixins 2020-02-18 22:28:47 +01:00
9267d0c1dd all: general maintenance, prepare for pyright 2020-02-18 22:12:51 +01:00
865abc005a sources/oauth: remove leading spaces in default URLs 2020-02-18 21:49:53 +01:00
a2725d5b82 sources/oauth: remove redundant OAuth2Clients 2020-02-18 21:49:40 +01:00
4a05bc6e02 sources/oauth: improve default OAuth2 Client, send access_token as Bearer Authz 2020-02-18 21:49:23 +01:00
4e8238603a all: cleanup logging to be structured 2020-02-18 21:35:58 +01:00
ff25c1c057 admin: load custom policy templates 2020-02-18 21:35:21 +01:00
78cddca0d7 admin: fix user object being overwritten when deleting a user 2020-02-18 21:35:06 +01:00
4742ee1d93 docs: add aws integration 2020-02-18 20:14:54 +01:00
0c2dc309e7 providers/saml: fix metadata URLs using incorrect params 2020-02-18 20:14:28 +01:00
144935d10f docs: add ansible tower/awx integration guide 2020-02-18 17:33:31 +01:00
74ad1b6759 factors: strip port for domain check 2020-02-18 17:05:30 +01:00
591d2f89a1 audit: log event creation on save 2020-02-18 17:05:11 +01:00
7c353f9297 sources/oauth: remove supervisr 2020-02-18 17:01:08 +01:00
cd1af15c56 core: sort applications by name 2020-02-18 17:00:56 +01:00
878169ea2e core: only show icon on login page if defined 2020-02-18 17:00:26 +01:00
38dfb03668 new release: 0.7.17-beta 2020-02-18 16:29:23 +01:00
e2631cec0e factors/view: show concise error message when domain is mis-configured 2020-02-18 16:29:04 +01:00
5dad853f8a docs: use note blocks instead of code blocks for product description 2020-02-18 15:34:41 +01:00
9f00843441 policies/expression: add Expression based policy 2020-02-18 15:12:50 +01:00
f31cd7dec6 core: check PropertyMapping's expression syntax before save 2020-02-18 15:12:05 +01:00
1c1afca31f providers/saml: fix linting error 2020-02-18 11:34:04 +01:00
fbd4bdef33 providers/saml: add modal to show metadata without download 2020-02-18 10:57:43 +01:00
5b22f9b6c3 providers/saml: transition to dataclass from dict, cleanup unused templates, add missing autosubmit_form 2020-02-18 10:57:30 +01:00
083e317028 lib: add helper method for 400 response with message 2020-02-18 10:13:53 +01:00
95416623b3 sources/ldap: better handle property mapping evaluation errors 2020-02-18 10:13:05 +01:00
813b2676de providers/saml: better handle PropertyMapping evaluation errors 2020-02-18 10:12:42 +01:00
aeca66a288 providers/saml: change assertion_valid_not_before default to -5 minutes 2020-02-17 21:32:23 +01:00
04a5428148 new release: 0.7.16-beta 2020-02-17 21:02:54 +01:00
73b173b92a admin: fix form missing on update pages 2020-02-17 21:02:47 +01:00
7cbf20a71c admin: fix CodeMirror field not loading correctly 2020-02-17 21:02:35 +01:00
7a98e6d92b new release: 0.7.15-beta 2020-02-17 20:45:56 +01:00
49e915f98b Merge pull request #4 from BeryJu/propertymapping-jinja
PropertyMappings using Jinja
2020-02-17 20:45:04 +01:00
3aa2f1e892 *: propertymapping template -> expression 2020-02-17 20:38:14 +01:00
bc4b7ef44d providers/saml: add custom help text for templates, add docs for User Object reference 2020-02-17 20:30:14 +01:00
9400b01a55 admin: parameterise generic from's base template 2020-02-17 20:29:41 +01:00
e57da71dcf sources/ldap: update LDAP source to use new property mappings 2020-02-17 17:55:48 +01:00
7268afaaf9 providers/saml: update to new PropertyMappings 2020-02-17 17:50:11 +01:00
205183445c admin: add support for template field and Jinja2 highlighting 2020-02-17 17:48:53 +01:00
a08bdfdbcd root: remove prospector from Pipfile as it causes lock issues, install in CI 2020-02-17 17:48:18 +01:00
e6c47fee26 core: add template field to PropertyMapping 2020-02-17 17:47:51 +01:00
a5629c5155 providers/saml: add changeable signature and digest algorithm 2020-02-17 16:28:18 +01:00
41689fe3ce sources/* add missing migrations 2020-02-17 16:27:35 +01:00
8e84208e2c new release: 0.7.14-beta 2020-02-17 15:42:14 +01:00
32a48fa07a providers/saml: more typehints 2020-02-17 15:40:49 +01:00
773a9c0692 policies/engine: fix cached policy results being ignored 2020-02-17 15:37:51 +01:00
8808e3afe0 policies/engine: set mp start method to fork to fix issues under macOS 2020-02-17 15:20:30 +01:00
ecea85f8ca lib/config: remove autoreload handler as this API is gone in django 3 2020-02-17 15:20:11 +01:00
5dfa141e35 root/wsgi: log requests with event name of request 2020-02-16 14:36:31 +01:00
447e81d0b8 providers/saml: handle uncompressed SAML AuthNRequest 2020-02-16 14:08:35 +01:00
e138076e1d sources/saml: move labels from forms to models 2020-02-16 12:34:46 +01:00
721d133dc3 sources/oauth: move labels from form to models 2020-02-16 12:34:33 +01:00
75b687ecbe sources/ldap: move labels from form to models 2020-02-16 12:30:45 +01:00
bdd1863177 providers/saml: move field labels from Form into models 2020-02-16 12:30:26 +01:00
e5b85e8e6a providers/saml: move default saml properties to DB 2020-02-16 12:29:53 +01:00
d7481c9de7 new release: 0.7.13-beta 2020-02-14 15:35:05 +01:00
571373866e providers/saml: some more cleanup, fix get_time_string when called without argument 2020-02-14 15:34:24 +01:00
e36d7928e4 providers/saml: big cleanup, simplify base processor
add New fields for
 - assertion_valid_not_before
 - assertion_valid_not_on_or_after
 - session_valid_not_on_or_after
allow flexible time durations for these fields
fall back to Provider's ACS if none is specified in AuthNRequest
2020-02-14 15:19:48 +01:00
2be026dd44 global: fix import order 2020-02-14 15:17:40 +01:00
d5b9de3569 Merge pull request #3 from BeryJu/dependabot/pip/django-2.2.10
build(deps): bump django from 2.2.9 to 2.2.10
2020-02-12 09:31:13 +01:00
e22620b0ec build(deps): bump django from 2.2.9 to 2.2.10
Bumps [django](https://github.com/django/django) from 2.2.9 to 2.2.10.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/2.2.9...2.2.10)

Signed-off-by: dependabot[bot] <support@github.com>
2020-02-12 03:20:09 +00:00
ba74a3213d *: upgrade python 3.7 to 3.8 2020-01-19 21:03:01 +01:00
d9ecb7070d core: add more prometheus metrics 2020-01-19 21:01:26 +01:00
fc4a46bd9c root: fix credential variables overwriting each other 2020-01-17 11:16:23 +01:00
78301b7bab docs: fix site_url 2020-01-17 10:55:20 +01:00
7bf7bde856 root: fix prometheus path in ServiceMonitor, return WWW-Authenticate header so basic auth is sent 2020-01-17 10:55:11 +01:00
9bdff14403 providers/app_gw: fix wrong UPSTREAM parameter 2020-01-03 09:15:07 +01:00
f124314eab new release: 0.7.12-beta 2020-01-02 20:22:44 +01:00
684e4ffdcf providers/app_gw: fix formatting 2020-01-02 20:22:36 +01:00
d9ff5c69c8 providers/app_gw: fix assignment of response_types 2020-01-02 20:20:10 +01:00
8142e3df45 providers/oidc: fix application property of wrong object being used 2020-01-02 20:19:53 +01:00
73920899de static: use current pixie image 2020-01-02 20:09:30 +01:00
13666965a7 actions: fix build over gatekeeper 2020-01-02 16:55:30 +01:00
86f16e2781 providers/oidc: fix incorrectly sorted imports 2020-01-02 16:42:52 +01:00
2ed8e72c62 new release: 0.7.11-beta 2020-01-02 16:38:11 +01:00
edeed18ae8 providers/oidc: fix error when using with app_gw 2020-01-02 16:38:01 +01:00
d24133d8a2 core: fix _redirect_with_qs appending an array to the URL 2020-01-02 16:14:56 +01:00
b9733e56aa providers/app_gw: fix passbook domain being empty 2020-01-02 16:09:17 +01:00
cd34413914 providers/app_gw: separate host field into external_ and internal_ 2020-01-02 16:09:04 +01:00
c3a4a76d43 providers/app_gw: fix Client's response_type not being set 2020-01-02 16:06:32 +01:00
a59a29b256 actions: also build gatekeeper on release 2020-01-02 15:55:39 +01:00
dce1edbe53 new release: 0.7.10-beta 2020-01-02 14:54:52 +01:00
264d43827a actions: create release based on version number, not tag name 2020-01-02 14:46:44 +01:00
6207226bdf new release: 0.7.9-beta 2020-01-02 14:09:58 +01:00
ebf33f39c9 actions: fix missing backslash for dockerbuild 2020-01-02 14:09:42 +01:00
696cd1f247 new release: 0.7.8-beta 2020-01-02 14:03:36 +01:00
b7b3abc462 actions: automatically create release when version/* tag is created, run tests before creating release 2020-01-02 13:49:24 +01:00
575739d07c ci: add bandit for static security checks 2020-01-02 13:41:49 +01:00
2d7e70eebf audit: fix import order 2020-01-02 13:20:41 +01:00
387f3c981f audit: fix error when trying to save models with UUID as PK 2020-01-02 13:12:23 +01:00
865435fb25 actions: fix path to helm chart 2020-01-02 11:38:54 +01:00
b10c5306b9 actions: ensure release gets only executed on release creation 2020-01-02 11:37:46 +01:00
7c706369cd new release: 0.7.7-beta 2020-01-02 11:22:08 +01:00
20dd6355c1 actions: run unittests in final docker images after build 2020-01-02 11:20:32 +01:00
ba8d5d6e27 actions: push both versioned and :latest tags 2020-01-02 11:19:55 +01:00
c448f87027 new release: 0.7.6-beta 2020-01-02 10:34:34 +01:00
2b8c70a61f actions: separate actions files for ci and release 2020-01-02 10:33:04 +01:00
9d7ed9a0ed new release: 0.7.7-beta 2019-12-31 14:02:01 +01:00
ff69b4affe actions: fix build not running correctly 2019-12-31 14:01:58 +01:00
d77afd1ded new release: 0.7.6-beta 2019-12-31 13:47:39 +01:00
c3909f9196 actions: run build only on release 2019-12-31 13:44:27 +01:00
fa55ba5ef0 actions: since actions has no easy way to get tags, hardcode version in ci and bump with bumpversion 2019-12-31 13:40:24 +01:00
766518ee0e audit: sanitize kwargs when creating audit event 2019-12-31 13:33:07 +01:00
74b2b26a20 ci: disable pylint's bad-continuation to please black 2019-12-31 13:17:35 +01:00
4ebbc6f065 gh-actions: fix dependencies on isort 2019-12-31 12:52:15 +01:00
3bd1eadd51 all: implement black as code formatter 2019-12-31 12:51:16 +01:00
8eb3f0f708 ci: upgrade pylint to latest version
core: also upgrade kombu as https://github.com/celery/kombu/issues/1101 is fixed now
2019-12-31 12:45:29 +01:00
31ea2e7139 audit: fix internal server error from passing models 2019-12-31 11:40:03 +01:00
323b4b4a5d actions: fix helm using wrong path for chart 2019-12-30 10:42:46 +01:00
7b8e1bea92 docker: fix old dockerfiles being used, remove all gitlab references 2019-12-30 10:34:31 +01:00
f986dc89ad all: migrate to github 2019-12-30 10:25:35 +01:00
b21fd10093 new release: 0.7.5-beta 2019-12-16 22:05:22 +01:00
6f9c19b142 misc: update bumpversion config 2019-12-16 22:05:16 +01:00
f45643ca87 Merge branch '45-helm-3' into 'master'
Resolve "Upgrade to helm 3 for packaging"

Closes #45

See merge request BeryJu.org/passbook!35
2019-12-16 20:49:34 +00:00
85f8bea784 ci: replace helm with helm3 2019-12-14 14:34:34 +01:00
b428ec5237 providers/oidc: remove duplicate fields 2019-12-14 14:28:36 +01:00
92428529ad docs: add sentry 2019-12-14 14:28:14 +01:00
f6761b5b0b docs: fix harbor site not being included 2019-12-13 15:45:50 +01:00
307b04f4ca docs: add harbor integration, cleanup 2019-12-13 15:36:09 +01:00
6a520a5697 docs: add rancher integration 2019-12-13 13:53:30 +01:00
f22dbba931 providers/saml: add UID field 2019-12-13 13:45:10 +01:00
82cf482fba Merge branch 'docs' into 'master'
Docs

See merge request BeryJu.org/passbook!33
2019-12-12 22:06:20 +00:00
a6afb99edd docs: build docs on new version 2019-12-12 18:13:38 +01:00
ac5f8465b9 docs: add GitLab integration docs 2019-12-12 18:12:14 +01:00
218acb9e38 docs: add providers and sources 2019-12-12 18:00:23 +01:00
927c718fdd docs: add some more info to mkdocs 2019-12-12 09:55:10 +01:00
b7a6d6e739 docs: add docs for property mappings, switch to material theme 2019-12-10 11:25:34 +01:00
0946d6a25d docs: add initial structure, add docs for policies and factors 2019-12-09 21:00:45 +01:00
c1e98e2f0c Merge branch 'master' into docs 2019-12-09 16:49:05 +01:00
807cbbeaaf audit: rewrite to be independent of django http requests, allow custom actions 2019-12-05 16:14:08 +01:00
6c358c4e0a misc: run coverage before other tasks to find bugs easier 2019-12-05 16:03:31 +01:00
74cd0bc08f all(minor): remove old, unused code 2019-12-05 15:07:37 +01:00
b08ec0477e all(minor): replace django-ipware with custom implementation 2019-12-05 14:33:55 +01:00
328c999cb9 ci(minor): reenable prospector 2019-12-05 14:31:51 +01:00
c37e382c15 root(minor): fix incorrect user IP being shown 2019-12-02 18:05:06 +01:00
784dd0fdd6 root(minor): fix unnecessary redirect for prometheus 2019-12-02 18:04:55 +01:00
e6256cb9c8 root(minor): add script to run coverage 2019-12-02 16:43:50 +01:00
4520e3f8b8 deploy(minor): fix wrong health-check for static deployment 2019-11-20 15:55:39 +01:00
23146de2bf new release: 0.7.4-beta 2019-11-20 13:15:46 +01:00
e24f4fe3a8 compose(minor): add error_reporting flag 2019-11-20 13:13:10 +01:00
8e6b69f96f ci(minor): disable gatekeeper build due to quay issue 2019-11-20 13:12:51 +01:00
979bea17ed root(minor): disable error reporting by default 2019-11-20 13:12:37 +01:00
30dba285d9 root(minor): remove build stanza from docker-compose as it causes issues 2019-11-20 13:08:32 +01:00
99fadf2e55 new release: 0.7.3-beta 2019-11-19 18:14:06 +01:00
b606e3d0cb static(minor): remove nginx config from bumpversion 2019-11-19 18:14:03 +01:00
be642bc874 root(major): fix dbbackup not working with prometheus 2019-11-19 18:08:25 +01:00
49a347b32f static(major): switch to pixie for static files 2019-11-19 18:00:29 +01:00
089b48aad1 Merge branch 'agw' 2019-11-11 18:14:03 +01:00
2997cb83b1 providers/appgw(major): rewrite to use oauth2_proxy 2019-11-11 18:13:46 +01:00
08f0aca894 provider/oidc(minor): include claims in id_token 2019-11-11 13:19:54 +01:00
80ea7c40b7 helm(minor): fix monitoring username not being in b64 2019-11-08 15:00:08 +01:00
019a0cb14d new release: 0.7.2-beta 2019-11-08 14:26:52 +01:00
97290755e7 root(major): re-add missing dependencies 2019-11-08 14:26:49 +01:00
7f150c96b4 new release: 0.7.1-beta 2019-11-08 14:04:59 +01:00
73558f30d1 root(minor): revert to django_redis cache 2019-11-08 13:58:10 +01:00
dfcfd87644 root(minor): remove old deps from pipfile 2019-11-08 13:55:58 +01:00
2c0f0a68a8 helm(major): add prometheus rules, add switch to enable/disable monitoring 2019-11-08 13:49:28 +01:00
3d73aac3ab helm(minor): add service monitors 2019-11-08 12:24:42 +01:00
e4fbcd3735 root(major): add prometheus 2019-11-08 12:23:51 +01:00
44c0eb37cf sources/saml(minor): fix lint issue 2019-11-07 18:02:59 +01:00
adc3dcc2c4 sources/saml(minor): disallow login if source is not enabled 2019-11-07 17:35:25 +01:00
bac8227371 sources/saml(minor): fix fields not being shown 2019-11-07 17:28:59 +01:00
73d4d9dfe0 admin(major): fix incorrect permissions being set 2019-11-07 17:25:36 +01:00
afdac5f3f8 Merge branch '10-saml-sp' into 'master'
Resolve "Add SAML SP"

Closes #10

See merge request BeryJu.org/passbook!31
2019-11-07 16:05:28 +00:00
dabce36667 sources/saml(major): add saml SP 2019-11-07 17:02:56 +01:00
3bd56ce522 api(minor): fix invalid fieldls being selected 2019-11-07 10:30:22 +01:00
540419d5c1 helm(minor): update chart to use apps/v1, remove deps from git 2019-11-07 10:24:27 +01:00
ed1fcc3930 new release: 0.7.0-beta 2019-11-02 16:31:23 +00:00
c22ddc5394 root(minor): catch keyboardinput and s3 error from sentry 2019-11-02 16:27:28 +00:00
0544864a3f Merge branch '42-attributeerror-nonetype-object-has-no-attribute-startswith' into 'master'
Resolve "AttributeError: 'NoneType' object has no attribute 'startswith'"

Closes #42

See merge request BeryJu.org/passbook!32
2019-11-01 12:53:43 +00:00
0b9fc9e444 root(minor): fallback to empty string if no Host header ise set 2019-11-01 12:50:38 +00:00
e862b97005 all(major): add API for all objects 2019-10-28 17:55:36 +01:00
cffe09b02e all(major): add most models to API 2019-10-28 17:40:57 +01:00
846a86fb62 fix lint 2019-10-28 14:44:46 +01:00
463c130351 core(major): add api for most simple objects 2019-10-28 14:27:43 +01:00
ffca957838 audit(major): AuditEntry -> Event 2019-10-28 14:26:34 +01:00
543e949a48 api(minor): start with api v2 2019-10-28 14:26:07 +01:00
feb80049aa Merge branch 'master' into guardian 2019-10-25 22:18:13 +02:00
5c59c8ccb6 new release: 0.6.11-beta 2019-10-15 16:56:24 +02:00
1fadd82c65 Merge branch '41-commandconnectorerror-error-running-pg_dump-passbook-host-passbook-postgresql-username-pos' into 'master'
Resolve "CommandConnectorError: Error running:  pg_dump passbook --host=passbook-postgresql --username=pos..."

Closes #41

See merge request BeryJu.org/passbook!30
2019-10-15 14:53:59 +00:00
7e7736126d docker(minor): install pg client for pg_dump 2019-10-15 16:51:42 +02:00
5e0915afce helm(major): update postgresql to 11 2019-10-15 16:51:21 +02:00
bf6c9e8c4a new release: 0.6.10-beta 2019-10-15 16:05:51 +02:00
3353aa0298 root(minor): disable uwsgi request loggin and use custom logging instead 2019-10-15 15:57:37 +02:00
d4cb1a98c7 policy(major): simplify PolicyEngine API, add flag to ignore cache for debug purposes 2019-10-15 15:44:59 +02:00
13f4ea0b8b root(minor): sort keys in log output 2019-10-15 15:40:38 +02:00
261d57ad7b Merge branch 'master' into guardian
# Conflicts:
#	Pipfile
#	Pipfile.lock
#	passbook/admin/views/invitations.py
#	passbook/admin/views/policy.py
#	passbook/admin/views/providers.py
#	passbook/admin/views/sources.py
#	passbook/admin/views/users.py
2019-10-15 15:09:11 +02:00
4086252979 core(major): add integrated database backup 2019-10-15 13:52:33 +02:00
8bdf12cff1 recovery(minor): add unittests 2019-10-14 17:12:56 +02:00
65a065c4ee policy(minor): add unittests for policy engine 2019-10-14 16:08:24 +02:00
a691ee529c new release: 0.6.9-beta 2019-10-14 15:00:30 +02:00
f1c4a62612 policy(major): fix error when policy.negate is enabled 2019-10-14 15:00:20 +02:00
358e39ced0 core(major): remove action field from policy 2019-10-14 13:57:38 +02:00
48c3f68cfc deploy(minor): fix helm syntax for configmap 2019-10-14 13:45:27 +02:00
1849a7c383 ci(minor): use getsentry/sentry-cli for sentry notification, use set-commits 2019-10-14 13:42:43 +02:00
82d14f37c3 new release: 0.6.8-beta 2019-10-14 13:18:51 +02:00
a0261eafa3 ci(minor): notify sentry about new releases 2019-10-14 13:16:36 +02:00
2a27325dfd admin(major): add pagination to all listviews 2019-10-14 13:15:42 +02:00
a6dee2e8ed admin(minor): fix sidebar disappearing when editing user 2019-10-14 13:14:54 +02:00
2ff1635696 core/sources(minor): refactor Source's property 2019-10-13 16:47:13 +02:00
37111fd07b core(minor): merge migrations 2019-10-10 17:41:22 +02:00
143a575369 Merge branch 'master' into guardian
# Conflicts:
#	Pipfile
#	Pipfile.lock
#	passbook/core/models.py
2019-10-10 17:29:34 +02:00
344a8817c3 admin(minor): fix linting 2019-10-10 13:05:03 +02:00
3afb0d4f6d admin(minor): remove partial API 2019-10-10 13:04:20 +02:00
c9714893bb admin(major): rewrite all views to use guardian mixins 2019-10-10 13:01:49 +02:00
3185a86b22 core(minor): add separate permission to reset user's password 2019-10-10 13:01:36 +02:00
a53f7a49ac root(minor): start implementing guardian 2019-10-10 10:45:51 +02:00
2210 changed files with 154198 additions and 286100 deletions

View File

@ -1,10 +1,12 @@
[bumpversion] [bumpversion]
current_version = 0.6.7-beta current_version = 2021.5.3
tag = True tag = True
commit = True commit = True
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*) parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-?(?P<release>.*)
serialize = {major}.{minor}.{patch}-{release} serialize =
message = new release: {new_version} {major}.{minor}.{patch}-{release}
{major}.{minor}.{patch}
message = release: {new_version}
tag_name = version/{new_version} tag_name = version/{new_version}
[bumpversion:part:release] [bumpversion:part:release]
@ -15,13 +17,20 @@ values =
beta beta
stable stable
[bumpversion:file:helm/passbook/values.yaml] [bumpversion:file:website/docs/installation/docker-compose.md]
[bumpversion:file:helm/passbook/Chart.yaml] [bumpversion:file:docker-compose.yml]
[bumpversion:file:.gitlab-ci.yml] [bumpversion:file:.github/workflows/release.yml]
[bumpversion:file:passbook/__init__.py] [bumpversion:file:authentik/__init__.py]
[bumpversion:file:docker/nginx.conf] [bumpversion:file:internal/constants/constants.go]
[bumpversion:file:outpost/pkg/version.go]
[bumpversion:file:web/src/constants.ts]
[bumpversion:file:website/docs/outposts/manual-deploy-docker-compose.md]
[bumpversion:file:website/docs/outposts/manual-deploy-kubernetes.md]

View File

@ -1,33 +0,0 @@
[run]
source = passbook
omit =
*/wsgi.py
manage.py
*/migrations/*
*/apps.py
passbook/management/commands/web.py
passbook/management/commands/worker.py
docs/
[report]
sort = Cover
skip_covered = True
precision = 2
exclude_lines =
pragma: no cover
# Don't complain about missing debug-only code:
def __unicode__
def __str__
def __repr__
if self\.debug
# Don't complain if tests don't hit defensive assertion code:
raise AssertionError
raise NotImplementedError
# Don't complain if non-runnable code isn't run:
if 0:
if __name__ == .__main__.:
show_missing = True

View File

@ -1,5 +1,6 @@
env env
helm helm
passbook-ui
static static
htmlcov
*.env.yml *.env.yml
**/node_modules

1
.github/FUNDING.yml vendored Normal file
View File

@ -0,0 +1 @@
github: [BeryJu]

34
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View File

@ -0,0 +1,34 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: bug
assignees: ''
---
**Describe the bug**
A clear and concise description of what the bug is.
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Expected behavior**
A clear and concise description of what you expected to happen.
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Logs**
Output of docker-compose logs or kubectl logs respectively
**Version and Deployment (please complete the following information):**
- authentik version: [e.g. 0.10.0-stable]
- Deployment: [e.g. docker-compose, helm]
**Additional context**
Add any other context about the problem here.

View File

@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: enhancement
assignees: ''
---
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.

3
.github/codecov.yml vendored Normal file
View File

@ -0,0 +1,3 @@
coverage:
precision: 2
round: up

58
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,58 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: gomod
directory: "/outpost"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: npm
directory: "/web"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: npm
directory: "/website"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: pip
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: docker
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu
- package-ecosystem: docker
directory: "/outpost"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10
assignees:
- BeryJu

159
.github/workflows/release.yml vendored Normal file
View File

@ -0,0 +1,159 @@
name: authentik-on-release
on:
release:
types: [published, created]
push:
branches:
- version-*
jobs:
# Build
build-server:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.1.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: prepare ts api client
run: |
docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik:2021.5.3,
beryju/authentik:latest,
ghcr.io/goauthentik/server:2021.5.3,
ghcr.io/goauthentik/server:latest
platforms: linux/amd64,linux/arm64
context: .
build-proxy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.15"
- name: prepare go api client
run: |
cd outpost
go get -u github.com/go-swagger/go-swagger/cmd/swagger
swagger generate client -f ../swagger.yaml -A authentik -t pkg/
go build -v ./cmd/proxy/server.go
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.1.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-proxy:2021.5.3,
beryju/authentik-proxy:latest,
ghcr.io/goauthentik/proxy:2021.5.3,
ghcr.io/goauthentik/proxy:latest
context: outpost/
file: outpost/proxy.Dockerfile
platforms: linux/amd64,linux/arm64
build-ldap:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "^1.15"
- name: prepare go api client
run: |
cd outpost
go get -u github.com/go-swagger/go-swagger/cmd/swagger
swagger generate client -f ../swagger.yaml -A authentik -t pkg/
go build -v ./cmd/ldap/server.go
- name: Set up QEMU
uses: docker/setup-qemu-action@v1.1.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Docker Login Registry
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Building Docker Image
uses: docker/build-push-action@v2
with:
push: ${{ github.event_name == 'release' }}
tags: |
beryju/authentik-ldap:2021.5.3,
beryju/authentik-ldap:latest,
ghcr.io/goauthentik/ldap:2021.5.3,
ghcr.io/goauthentik/ldap:latest
context: outpost/
file: outpost/ldap.Dockerfile
platforms: linux/amd64,linux/arm64
test-release:
if: ${{ github.event_name == 'release' }}
needs:
- build-server
- build-proxy
- build-ldap
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run test suite in final docker images
run: |
sudo apt-get install -y pwgen
echo "PG_PASS=$(pwgen 40 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
docker-compose pull -q
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root --entrypoint /bin/bash server -c "apt-get update && apt-get install -y --no-install-recommends git && pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik"
sentry-release:
if: ${{ github.event_name == 'release' }}
needs:
- test-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Create a Sentry.io release
uses: getsentry/action-release@v1
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: beryjuorg
SENTRY_PROJECT: authentik
SENTRY_URL: https://sentry.beryju.org
with:
version: authentik@2021.5.3
environment: beryjuorg-prod

47
.github/workflows/tag.yml vendored Normal file
View File

@ -0,0 +1,47 @@
name: authentik-on-tag
on:
push:
tags:
- 'version/*'
jobs:
build:
name: Create Release from Tag
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: prepare ts api client
run: |
docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
- name: Pre-release test
run: |
sudo apt-get install -y pwgen
echo "AUTHENTIK_TAG=latest" >> .env
echo "PG_PASS=$(pwgen 40 1)" >> .env
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
docker-compose pull -q
docker build \
--no-cache \
-t beryju/authentik:latest \
-f Dockerfile .
docker-compose up --no-start
docker-compose start postgresql redis
docker-compose run -u root --entrypoint /bin/bash server -c "apt-get update && apt-get install -y --no-install-recommends git && pip install --no-cache -r requirements-dev.txt && ./manage.py test authentik"
- name: Extract version number
id: get_version
uses: actions/github-script@v4.0.2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
return context.payload.ref.replace(/\/refs\/tags\/version\//, '');
- name: Create Release
id: create_release
uses: actions/create-release@v1.1.4
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ steps.get_version.outputs.result }}
draft: true
prerelease: false

16
.gitignore vendored
View File

@ -27,12 +27,12 @@ media
.Python .Python
build/ build/
develop-eggs/ develop-eggs/
dist/
downloads/ downloads/
eggs/ eggs/
.eggs/ .eggs/
lib64/ lib64/
parts/ parts/
dist/
sdist/ sdist/
var/ var/
wheels/ wheels/
@ -63,6 +63,7 @@ coverage.xml
*.cover *.cover
.hypothesis/ .hypothesis/
.pytest_cache/ .pytest_cache/
unittest.xml
# Translations # Translations
*.mo *.mo
@ -184,7 +185,6 @@ dmypy.json
[Ii]nclude [Ii]nclude
[Ll]ib64 [Ll]ib64
[Ll]ocal [Ll]ocal
[Ss]cripts
pyvenv.cfg pyvenv.cfg
pip-selfcheck.json pip-selfcheck.json
@ -192,3 +192,15 @@ pip-selfcheck.json
/static/ /static/
local.env.yml local.env.yml
.vscode/ .vscode/
### Helm ###
# Chart dependencies
**/charts/*.tgz
# Selenium Screenshots
selenium_screenshots/
backups/
media/
*mmdb
.idea/

View File

@ -1,135 +0,0 @@
# Global Variables
stages:
- build-base-image
- build-dev-image
- test
- build
- package
image: docker.beryju.org/passbook/dev:latest
variables:
POSTGRES_DB: passbook
POSTGRES_USER: passbook
POSTGRES_PASSWORD: "EK-5jnKfjrGRm<77"
before_script:
- pip install pipenv
# Ensure all dependencies are installed, even those not included in passbook/dev
# According to pipenv docs, -d outputs all packages, however it actually does not
- pipenv lock -r > requirements-all.txt
- pipenv lock -rd >> requirements-all.txt
- pip install -r requirements-all.txt
create-base-image:
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/base.Dockerfile --destination docker.beryju.org/passbook/base:latest
stage: build-base-image
only:
refs:
- tags
- /^version/.*$/
build-dev-image:
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/dev.Dockerfile --destination docker.beryju.org/passbook/dev:latest
stage: build-dev-image
only:
refs:
- tags
- /^version/.*$/
isort:
script:
- isort -c -sg env
stage: test
services:
- postgres:latest
- redis:latest
migrations:
script:
- python manage.py migrate
stage: test
services:
- postgres:latest
- redis:latest
# prospector:
# script:
# - prospector
# stage: test
# services:
# - postgres:latest
# - redis:latest
pylint:
script:
- pylint passbook
stage: test
services:
- postgres:latest
- redis:latest
coverage:
script:
- coverage run manage.py test
- coverage report
- coverage html
stage: test
services:
- postgres:latest
- redis:latest
build-passbook-server:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.beryju.org/passbook/server:latest --destination docker.beryju.org/passbook/server:0.6.7-beta
only:
- tags
- /^version/.*$/
build-passbook-static:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/static.Dockerfile --destination docker.beryju.org/passbook/static:latest --destination docker.beryju.org/passbook/static:0.6.7-beta
only:
- tags
- /^version/.*$/
# running collectstatic fully initialises django, hence we need that databases
services:
- postgres:latest
- redis:latest
package-helm:
image: debian:stretch-slim
stage: package
before_script:
- apt update && apt install -y curl
- curl https://raw.githubusercontent.com/helm/helm/master/scripts/get | bash
script:
- helm init --client-only
- helm dependency update helm/passbook
- helm package helm/passbook
artifacts:
paths:
- passbook-*.tgz
expire_in: 1 week
only:
- tags
- /^version/.*$/

View File

@ -1,11 +0,0 @@
strictness: medium
test-warnings: true
doc-warnings: false
ignore-paths:
- migrations
- docs
- node_modules
uses:
- django

View File

@ -1,13 +0,0 @@
[MASTER]
disable=redefined-outer-name,arguments-differ,no-self-use,cyclic-import,fixme,locally-disabled,unpacking-non-sequence,too-many-ancestors,too-many-branches,too-few-public-methods
load-plugins=pylint_django,pylint.extensions.bad_builtin
extension-pkg-whitelist=lxml
const-rgx=[a-zA-Z0-9_]{1,40}$
ignored-modules=django-otp
jobs=4
[SIMILARITIES]
# Minimum lines number of a similarity.
min-similarity-lines=20

View File

@ -1,9 +1,75 @@
FROM docker.beryju.org/passbook/base:latest # Stage 1: Lock python dependencies
FROM python:3.9-slim-buster as locker
COPY ./passbook/ /app/passbook COPY ./Pipfile /app/
COPY ./manage.py /app/ COPY ./Pipfile.lock /app/
COPY ./docker/uwsgi.ini /app/
WORKDIR /app/ WORKDIR /app/
USER passbook RUN pip install pipenv && \
pipenv lock -r > requirements.txt && \
pipenv lock -rd > requirements-dev.txt
# Stage 2: Build webui
FROM node as npm-builder
COPY ./web /static/
ENV NODE_ENV=production
RUN cd /static && npm i --production=false && npm run build
# Stage 3: Build go proxy
FROM golang:1.16.4 AS builder
WORKDIR /work
COPY --from=npm-builder /static/robots.txt /work/web/robots.txt
COPY --from=npm-builder /static/security.txt /work/web/security.txt
COPY --from=npm-builder /static/dist/ /work/web/dist/
COPY --from=npm-builder /static/authentik/ /work/web/authentik/
# RUN ls /work/web/static/authentik/ && exit 1
COPY ./cmd /work/cmd
COPY ./web/static.go /work/web/static.go
COPY ./internal /work/internal
COPY ./go.mod /work/go.mod
COPY ./go.sum /work/go.sum
RUN go build -o /work/authentik ./cmd/server/main.go
# Stage 4: Run
FROM python:3.9-slim-buster
WORKDIR /
COPY --from=locker /app/requirements.txt /
COPY --from=locker /app/requirements-dev.txt /
ARG GIT_BUILD_HASH
ENV GIT_BUILD_HASH=$GIT_BUILD_HASH
RUN apt-get update && \
apt-get install -y --no-install-recommends curl ca-certificates gnupg git runit && \
curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - && \
echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list && \
apt-get update && \
apt-get install -y --no-install-recommends libpq-dev postgresql-client build-essential libxmlsec1-dev pkg-config libmaxminddb0 && \
pip install -r /requirements.txt --no-cache-dir && \
apt-get remove --purge -y build-essential git && \
apt-get autoremove --purge -y && \
apt-get clean && \
rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/ && \
adduser --system --no-create-home --uid 1000 --group --home /authentik authentik && \
mkdir /backups && \
chown authentik:authentik /backups
COPY ./authentik/ /authentik
COPY ./pyproject.toml /
COPY ./xml /xml
COPY ./manage.py /
COPY ./lifecycle/ /lifecycle
COPY --from=builder /work/authentik /authentik-proxy
USER authentik
ENV TMPDIR /dev/shm/
ENV PYTHONUBUFFERED 1
ENTRYPOINT [ "/lifecycle/bootstrap.sh" ]

687
LICENSE
View File

@ -1,21 +1,674 @@
MIT License GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (c) 2019 BeryJu.org Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Permission is hereby granted, free of charge, to any person obtaining a copy Preamble
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all The GNU General Public License is a free, copyleft license for
copies or substantial portions of the Software. software and other kinds of works.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR The licenses for most software and other practical works are designed
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, to take away your freedom to share and change the works. By contrast,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE the GNU General Public License is intended to guarantee your freedom to
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER share and change all versions of a program--to make sure it remains free
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, software for all its users. We, the Free Software Foundation, use the
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE GNU General Public License for most of our software; it applies also to
SOFTWARE. any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.

40
Makefile Normal file
View File

@ -0,0 +1,40 @@
.SHELLFLAGS += -x -e
PWD = $(shell pwd)
all: lint-fix lint test gen
test-integration:
k3d cluster create || exit 0
k3d kubeconfig write -o ~/.kube/config --overwrite
coverage run manage.py test -v 3 tests/integration
test-e2e:
coverage run manage.py test --failfast -v 3 tests/e2e
test:
coverage run manage.py test -v 3 authentik
coverage html
coverage report
lint-fix:
isort authentik tests lifecycle
black authentik tests lifecycle
lint:
pyright authentik tests lifecycle
bandit -r authentik tests lifecycle -x node_modules
pylint authentik tests lifecycle
gen:
./manage.py generate_swagger -o swagger.yaml -f yaml
docker run \
--rm -v ${PWD}:/local \
openapitools/openapi-generator-cli generate \
-i /local/swagger.yaml \
-g typescript-fetch \
-o /local/web/api \
--additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0
cd web/api && npx tsc
run:
go run -v cmd/server/main.go

62
Pipfile
View File

@ -4,51 +4,59 @@ url = "https://pypi.org/simple"
verify_ssl = true verify_ssl = true
[packages] [packages]
boto3 = "*"
celery = "*" celery = "*"
cherrypy = "*" channels = "*"
channels-redis = "*"
dacite = "*"
defusedxml = "*" defusedxml = "*"
django = "*" django = "*"
kombu = "==4.5.0" django-dbbackup = { git = 'https://github.com/django-dbbackup/django-dbbackup.git', ref = '9d1909c30a3271c8c9c8450add30d6e0b996e145' }
django-cors-middleware = "*" django-filter = "*"
django-filters = "*" django-guardian = "*"
django-ipware = "*"
django-model-utils = "*" django-model-utils = "*"
django-oauth-toolkit = "*"
django-oidc-provider = "*"
django-otp = "*" django-otp = "*"
django-recaptcha = "*" django-prometheus = "*"
django-redis = "*" django-redis = "*"
django-rest-framework = "*" django-storages = "*"
drf-yasg = "*" djangorestframework = "*"
djangorestframework-guardian = "*"
docker = "*"
drf_yasg = "*"
facebook-sdk = "*"
geoip2 = "*"
gunicorn = "*"
kubernetes = "*"
ldap3 = "*" ldap3 = "*"
lxml = "*" lxml = ">=4.6.3"
markdown = "*"
oauthlib = "*"
packaging = "*" packaging = "*"
psycopg2-binary = "*" psycopg2-binary = "*"
pycryptodome = "*" pycryptodome = "*"
pyjwt = "*"
pyyaml = "*" pyyaml = "*"
qrcode = "*"
requests-oauthlib = "*" requests-oauthlib = "*"
sentry-sdk = "*" sentry-sdk = "*"
service_identity = "*" service_identity = "*"
signxml = "*"
urllib3 = {extras = ["secure"],version = "*"}
structlog = "*" structlog = "*"
pyuwsgi = "*" swagger-spec-validator = "*"
twisted = "==20.3.0"
urllib3 = {extras = ["secure"],version = "*"}
uvicorn = {extras = ["standard"],version = "*"}
webauthn = "*"
xmlsec = "*"
[requires] [requires]
python_version = "3.7" python_version = "3.9"
[dev-packages] [dev-packages]
coverage = "*"
isort = "*"
pylint = "==2.3.1"
pylint-django = "*"
prospector = "*"
django-debug-toolbar = "*"
bumpversion = "*"
unittest-xml-reporting = "*"
autopep8 = "*"
bandit = "*" bandit = "*"
black = "==21.5b1"
bump2version = "*"
colorama = "*" colorama = "*"
coverage = "*"
pylint = "*"
pylint-django = "*"
pytest = "*"
pytest-django = "*"
selenium = "*"
requests-mock = "*"

2121
Pipfile.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -1,11 +1,39 @@
# passbook <p align="center">
<img src="https://goauthentik.io/img/icon_top_brand_colour.svg" height="150" alt="authentik logo">
</p>
## Quick instance ---
``` [![](https://img.shields.io/discord/809154715984199690?label=Discord&style=flat-square)](https://discord.gg/jg33eMhnj6)
export PASSBOOK_DOMAIN=domain.tld [![CI Build status](https://img.shields.io/azure-devops/build/beryjuorg/authentik/6?style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=6)
docker-compose pull [![Tests](https://img.shields.io/azure-devops/tests/beryjuorg/authentik/6?compact_message&style=flat-square)](https://dev.azure.com/beryjuorg/authentik/_build?definitionId=6)
docker-compose up -d [![Code Coverage](https://img.shields.io/codecov/c/gh/goauthentik/authentik?style=flat-square)](https://codecov.io/gh/goauthentik/authentik)
docker-compose exec server ./manage.py migrate ![Docker pulls](https://img.shields.io/docker/pulls/beryju/authentik.svg?style=flat-square)
docker-compose exec server ./manage.py createsuperuser ![Latest version](https://img.shields.io/docker/v/beryju/authentik?sort=semver&style=flat-square)
``` ![LGTM Grade](https://img.shields.io/lgtm/grade/python/github/goauthentik/authentik?style=flat-square)
[Transifex](https://www.transifex.com/beryjuorg/authentik/)
## What is authentik?
authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.
## Installation
For small/test setups it is recommended to use docker-compose, see the [documentation](https://goauthentik.io/docs/installation/docker-compose/)
For bigger setups, there is a Helm Chart in the `helm/` directory. This is documented [here](https://goauthentik.io/docs/installation/kubernetes/)
## Screenshots
Light | Dark
--- | ---
![](https://goauthentik.io/img/screen_apps_light.jpg) | ![](https://goauthentik.io/img/screen_apps_dark.jpg)
![](https://goauthentik.io/img/screen_admin_light.jpg) | ![](https://goauthentik.io/img/screen_admin_dark.jpg)
## Development
See [Development Documentation](https://goauthentik.io/developer-docs/)
## Security
See [SECURITY.md](SECURITY.md)

12
SECURITY.md Normal file
View File

@ -0,0 +1,12 @@
# Security Policy
## Supported Versions
| Version | Supported |
| ---------- | ------------------ |
| 2021.4.x | :white_check_mark: |
| 2021.5.x | :white_check_mark: |
## Reporting a Vulnerability
To report a vulnerability, send an email to [security@beryju.org](mailto:security@beryju.org)

3
authentik/__init__.py Normal file
View File

@ -0,0 +1,3 @@
"""authentik"""
__version__ = "2021.5.3"
ENV_GIT_HASH_KEY = "GIT_BUILD_HASH"

View File

@ -0,0 +1,31 @@
"""Meta API"""
from drf_yasg.utils import swagger_auto_schema
from rest_framework.fields import CharField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import PassiveSerializer
from authentik.lib.utils.reflection import get_apps
class AppSerializer(PassiveSerializer):
"""Serialize Application info"""
name = CharField()
label = CharField()
class AppsViewSet(ViewSet):
"""Read-only view set list all installed apps"""
permission_classes = [IsAdminUser]
@swagger_auto_schema(responses={200: AppSerializer(many=True)})
def list(self, request: Request) -> Response:
"""List current messages and pass into Serializer"""
data = []
for app in sorted(get_apps(), key=lambda app: app.name):
data.append({"name": app.name, "label": app.verbose_name})
return Response(AppSerializer(data, many=True).data)

View File

@ -0,0 +1,81 @@
"""authentik administration metrics"""
import time
from collections import Counter
from datetime import timedelta
from django.db.models import Count, ExpressionWrapper, F
from django.db.models.fields import DurationField
from django.db.models.functions import ExtractHour
from django.utils.timezone import now
from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method
from rest_framework.fields import IntegerField, SerializerMethodField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import PassiveSerializer
from authentik.events.models import Event, EventAction
def get_events_per_1h(**filter_kwargs) -> list[dict[str, int]]:
"""Get event count by hour in the last day, fill with zeros"""
date_from = now() - timedelta(days=1)
result = (
Event.objects.filter(created__gte=date_from, **filter_kwargs)
.annotate(
age=ExpressionWrapper(now() - F("created"), output_field=DurationField())
)
.annotate(age_hours=ExtractHour("age"))
.values("age_hours")
.annotate(count=Count("pk"))
.order_by("age_hours")
)
data = Counter({int(d["age_hours"]): d["count"] for d in result})
results = []
_now = now()
for hour in range(0, -24, -1):
results.append(
{
"x_cord": time.mktime((_now + timedelta(hours=hour)).timetuple())
* 1000,
"y_cord": data[hour * -1],
}
)
return results
class CoordinateSerializer(PassiveSerializer):
"""Coordinates for diagrams"""
x_cord = IntegerField(read_only=True)
y_cord = IntegerField(read_only=True)
class LoginMetricsSerializer(PassiveSerializer):
"""Login Metrics per 1h"""
logins_per_1h = SerializerMethodField()
logins_failed_per_1h = SerializerMethodField()
@swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True))
def get_logins_per_1h(self, _):
"""Get successful logins per hour for the last 24 hours"""
return get_events_per_1h(action=EventAction.LOGIN)
@swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True))
def get_logins_failed_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
return get_events_per_1h(action=EventAction.LOGIN_FAILED)
class AdministrationMetricsViewSet(ViewSet):
"""Login Metrics per 1h"""
permission_classes = [IsAdminUser]
@swagger_auto_schema(responses={200: LoginMetricsSerializer(many=False)})
def list(self, request: Request) -> Response:
"""Login Metrics per 1h"""
serializer = LoginMetricsSerializer(True)
return Response(serializer.data)

View File

@ -0,0 +1,84 @@
"""Tasks API"""
from importlib import import_module
from django.contrib import messages
from django.http.response import Http404
from django.utils.translation import gettext_lazy as _
from drf_yasg.utils import swagger_auto_schema
from rest_framework.decorators import action
from rest_framework.fields import CharField, ChoiceField, DateTimeField, ListField
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import PassiveSerializer
from authentik.events.monitored_tasks import TaskInfo, TaskResultStatus
class TaskSerializer(PassiveSerializer):
"""Serialize TaskInfo and TaskResult"""
task_name = CharField()
task_description = CharField()
task_finish_timestamp = DateTimeField(source="finish_timestamp")
status = ChoiceField(
source="result.status.name",
choices=[(x.name, x.name) for x in TaskResultStatus],
)
messages = ListField(source="result.messages")
class TaskViewSet(ViewSet):
"""Read-only view set that returns all background tasks"""
permission_classes = [IsAdminUser]
@swagger_auto_schema(
responses={200: TaskSerializer(many=False), 404: "Task not found"}
)
# pylint: disable=invalid-name
def retrieve(self, request: Request, pk=None) -> Response:
"""Get a single system task"""
task = TaskInfo.by_name(pk)
if not task:
raise Http404
return Response(TaskSerializer(task, many=False).data)
@swagger_auto_schema(responses={200: TaskSerializer(many=True)})
def list(self, request: Request) -> Response:
"""List system tasks"""
tasks = sorted(TaskInfo.all().values(), key=lambda task: task.task_name)
return Response(TaskSerializer(tasks, many=True).data)
@swagger_auto_schema(
responses={
204: "Task retried successfully",
404: "Task not found",
500: "Failed to retry task",
}
)
@action(detail=True, methods=["post"])
# pylint: disable=invalid-name
def retry(self, request: Request, pk=None) -> Response:
"""Retry task"""
task = TaskInfo.by_name(pk)
if not task:
raise Http404
try:
task_module = import_module(task.task_call_module)
task_func = getattr(task_module, task.task_call_func)
task_func.delay(*task.task_call_args, **task.task_call_kwargs)
messages.success(
self.request,
_(
"Successfully re-scheduled Task %(name)s!"
% {"name": task.task_name}
),
)
return Response(status=204)
except ImportError: # pragma: no cover
# if we get an import error, the module path has probably changed
task.delete()
return Response(status=500)

View File

@ -0,0 +1,63 @@
"""authentik administration overview"""
from os import environ
from django.core.cache import cache
from drf_yasg.utils import swagger_auto_schema
from packaging.version import parse
from rest_framework.fields import SerializerMethodField
from rest_framework.mixins import ListModelMixin
from rest_framework.permissions import IsAuthenticated
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import GenericViewSet
from authentik import ENV_GIT_HASH_KEY, __version__
from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
from authentik.core.api.utils import PassiveSerializer
class VersionSerializer(PassiveSerializer):
"""Get running and latest version."""
version_current = SerializerMethodField()
version_latest = SerializerMethodField()
build_hash = SerializerMethodField()
outdated = SerializerMethodField()
def get_build_hash(self, _) -> str:
"""Get build hash, if version is not latest or released"""
return environ.get(ENV_GIT_HASH_KEY, "")
def get_version_current(self, _) -> str:
"""Get current version"""
return __version__
def get_version_latest(self, _) -> str:
"""Get latest version from cache"""
version_in_cache = cache.get(VERSION_CACHE_KEY)
if not version_in_cache: # pragma: no cover
update_latest_version.delay()
return __version__
return version_in_cache
def get_outdated(self, instance) -> bool:
"""Check if we're running the latest version"""
return parse(self.get_version_current(instance)) < parse(
self.get_version_latest(instance)
)
class VersionViewSet(ListModelMixin, GenericViewSet):
"""Get running and latest version."""
permission_classes = [IsAuthenticated]
pagination_class = None
filter_backends = []
def get_queryset(self): # pragma: no cover
return None
@swagger_auto_schema(responses={200: VersionSerializer(many=False)})
def list(self, request: Request) -> Response:
"""Get running and latest version."""
return Response(VersionSerializer(True).data)

View File

@ -0,0 +1,25 @@
"""authentik administration overview"""
from rest_framework.mixins import ListModelMixin
from rest_framework.permissions import IsAdminUser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import Serializer
from rest_framework.viewsets import GenericViewSet
from authentik.root.celery import CELERY_APP
class WorkerViewSet(ListModelMixin, GenericViewSet):
"""Get currently connected worker count."""
serializer_class = Serializer
permission_classes = [IsAdminUser]
def get_queryset(self): # pragma: no cover
return None
def list(self, request: Request) -> Response:
"""Get currently connected worker count."""
return Response(
{"pagination": {"count": len(CELERY_APP.control.ping(timeout=0.5))}}
)

10
authentik/admin/apps.py Normal file
View File

@ -0,0 +1,10 @@
"""authentik admin app config"""
from django.apps import AppConfig
class AuthentikAdminConfig(AppConfig):
"""authentik admin app config"""
name = "authentik.admin"
label = "authentik_admin"
verbose_name = "authentik Admin"

View File

@ -0,0 +1,10 @@
"""authentik admin settings"""
from celery.schedules import crontab
CELERY_BEAT_SCHEDULE = {
"admin_latest_version": {
"task": "authentik.admin.tasks.update_latest_version",
"schedule": crontab(minute="*/60"), # Run every hour
"options": {"queue": "authentik_scheduled"},
}
}

55
authentik/admin/tasks.py Normal file
View File

@ -0,0 +1,55 @@
"""authentik admin tasks"""
import re
from django.core.cache import cache
from django.core.validators import URLValidator
from packaging.version import parse
from requests import RequestException, get
from structlog.stdlib import get_logger
from authentik import __version__
from authentik.events.models import Event, EventAction
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
from authentik.root.celery import CELERY_APP
LOGGER = get_logger()
VERSION_CACHE_KEY = "authentik_latest_version"
VERSION_CACHE_TIMEOUT = 8 * 60 * 60 # 8 hours
# Chop of the first ^ because we want to search the entire string
URL_FINDER = URLValidator.regex.pattern[1:]
@CELERY_APP.task(bind=True, base=MonitoredTask)
def update_latest_version(self: MonitoredTask):
"""Update latest version info"""
try:
response = get(
"https://api.github.com/repos/goauthentik/authentik/releases/latest"
)
response.raise_for_status()
data = response.json()
tag_name = data.get("tag_name")
upstream_version = tag_name.split("/")[1]
cache.set(VERSION_CACHE_KEY, upstream_version, VERSION_CACHE_TIMEOUT)
self.set_status(
TaskResult(
TaskResultStatus.SUCCESSFUL, ["Successfully updated latest Version"]
)
)
# Check if upstream version is newer than what we're running,
# and if no event exists yet, create one.
local_version = parse(__version__)
if local_version < parse(upstream_version):
# Event has already been created, don't create duplicate
if Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
context__new_version=upstream_version,
).exists():
return
event_dict = {"new_version": upstream_version}
if match := re.search(URL_FINDER, data.get("body", "")):
event_dict["message"] = f"Changelog: {match.group()}"
Event.new(EventAction.UPDATE_AVAILABLE, **event_dict).save()
except (RequestException, IndexError) as exc:
cache.set(VERSION_CACHE_KEY, "0.0.0", VERSION_CACHE_TIMEOUT)
self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc))

View File

@ -0,0 +1,97 @@
"""test admin api"""
from json import loads
from django.test import TestCase
from django.urls import reverse
from authentik import __version__
from authentik.core.models import Group, User
from authentik.core.tasks import clean_expired_models
from authentik.events.monitored_tasks import TaskResultStatus
class TestAdminAPI(TestCase):
"""test admin api"""
def setUp(self) -> None:
super().setUp()
self.user = User.objects.create(username="test-user")
self.group = Group.objects.create(name="superusers", is_superuser=True)
self.group.users.add(self.user)
self.group.save()
self.client.force_login(self.user)
def test_tasks(self):
"""Test Task API"""
clean_expired_models.delay()
response = self.client.get(reverse("authentik_api:admin_system_tasks-list"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertTrue(
any(task["task_name"] == "clean_expired_models" for task in body)
)
def test_tasks_single(self):
"""Test Task API (read single)"""
clean_expired_models.delay()
response = self.client.get(
reverse(
"authentik_api:admin_system_tasks-detail",
kwargs={"pk": "clean_expired_models"},
)
)
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertEqual(body["status"], TaskResultStatus.SUCCESSFUL.name)
self.assertEqual(body["task_name"], "clean_expired_models")
response = self.client.get(
reverse(
"authentik_api:admin_system_tasks-detail", kwargs={"pk": "qwerqwer"}
)
)
self.assertEqual(response.status_code, 404)
def test_tasks_retry(self):
"""Test Task API (retry)"""
clean_expired_models.delay()
response = self.client.post(
reverse(
"authentik_api:admin_system_tasks-retry",
kwargs={"pk": "clean_expired_models"},
)
)
self.assertEqual(response.status_code, 204)
def test_tasks_retry_404(self):
"""Test Task API (retry, 404)"""
response = self.client.post(
reverse(
"authentik_api:admin_system_tasks-retry",
kwargs={"pk": "qwerqewrqrqewrqewr"},
)
)
self.assertEqual(response.status_code, 404)
def test_version(self):
"""Test Version API"""
response = self.client.get(reverse("authentik_api:admin_version-list"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertEqual(body["version_current"], __version__)
def test_workers(self):
"""Test Workers API"""
response = self.client.get(reverse("authentik_api:admin_workers-list"))
self.assertEqual(response.status_code, 200)
body = loads(response.content)
self.assertEqual(body["pagination"]["count"], 0)
def test_metrics(self):
"""Test metrics API"""
response = self.client.get(reverse("authentik_api:admin_metrics-list"))
self.assertEqual(response.status_code, 200)
def test_apps(self):
"""Test apps API"""
response = self.client.get(reverse("authentik_api:apps-list"))
self.assertEqual(response.status_code, 200)

View File

@ -0,0 +1,81 @@
"""test admin tasks"""
import json
from dataclasses import dataclass
from unittest.mock import Mock, patch
from django.core.cache import cache
from django.test import TestCase
from requests.exceptions import RequestException
from authentik.admin.tasks import VERSION_CACHE_KEY, update_latest_version
from authentik.events.models import Event, EventAction
@dataclass
class MockResponse:
"""Mock class to emulate the methods of requests's Response we need"""
status_code: int
response: str
def json(self) -> dict:
"""Get json parsed response"""
return json.loads(self.response)
def raise_for_status(self):
"""raise RequestException if status code is 400 or more"""
if self.status_code >= 400:
raise RequestException
REQUEST_MOCK_VALID = Mock(
return_value=MockResponse(
200,
"""{
"tag_name": "version/99999999.9999999",
"body": "https://goauthentik.io/test"
}""",
)
)
REQUEST_MOCK_INVALID = Mock(return_value=MockResponse(400, "{}"))
class TestAdminTasks(TestCase):
"""test admin tasks"""
@patch("authentik.admin.tasks.get", REQUEST_MOCK_VALID)
def test_version_valid_response(self):
"""Test Update checker with valid response"""
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "99999999.9999999")
self.assertTrue(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
context__new_version="99999999.9999999",
context__message="Changelog: https://goauthentik.io/test",
).exists()
)
# test that a consecutive check doesn't create a duplicate event
update_latest_version.delay().get()
self.assertEqual(
len(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE,
context__new_version="99999999.9999999",
context__message="Changelog: https://goauthentik.io/test",
)
),
1,
)
@patch("authentik.admin.tasks.get", REQUEST_MOCK_INVALID)
def test_version_error(self):
"""Test Update checker with invalid response"""
update_latest_version.delay().get()
self.assertEqual(cache.get(VERSION_CACHE_KEY), "0.0.0")
self.assertFalse(
Event.objects.filter(
action=EventAction.UPDATE_AVAILABLE, context__new_version="0.0.0"
).exists()
)

12
authentik/api/apps.py Normal file
View File

@ -0,0 +1,12 @@
"""authentik API AppConfig"""
from django.apps import AppConfig
class AuthentikAPIConfig(AppConfig):
"""authentik API Config"""
name = "authentik.api"
label = "authentik_api"
mountpoint = "api/"
verbose_name = "authentik API"

57
authentik/api/auth.py Normal file
View File

@ -0,0 +1,57 @@
"""API Authentication"""
from base64 import b64decode
from binascii import Error
from typing import Any, Optional, Union
from rest_framework.authentication import BaseAuthentication, get_authorization_header
from rest_framework.exceptions import AuthenticationFailed
from rest_framework.request import Request
from structlog.stdlib import get_logger
from authentik.core.models import Token, TokenIntents, User
LOGGER = get_logger()
# pylint: disable=too-many-return-statements
def token_from_header(raw_header: bytes) -> Optional[Token]:
"""raw_header in the Format of `Bearer dGVzdDp0ZXN0`"""
auth_credentials = raw_header.decode()
if auth_credentials == "":
return None
auth_type, auth_credentials = auth_credentials.split()
if auth_type.lower() not in ["basic", "bearer"]:
LOGGER.debug("Unsupported authentication type, denying", type=auth_type.lower())
raise AuthenticationFailed("Unsupported authentication type")
password = auth_credentials
if auth_type.lower() == "basic":
try:
auth_credentials = b64decode(auth_credentials.encode()).decode()
except (UnicodeDecodeError, Error):
raise AuthenticationFailed("Malformed header")
# Accept credentials with username and without
if ":" in auth_credentials:
_, password = auth_credentials.split(":")
else:
password = auth_credentials
if password == "": # nosec
raise AuthenticationFailed("Malformed header")
tokens = Token.filter_not_expired(key=password, intent=TokenIntents.INTENT_API)
if not tokens.exists():
raise AuthenticationFailed("Token invalid/expired")
return tokens.first()
class AuthentikTokenAuthentication(BaseAuthentication):
"""Token-based authentication using HTTP Bearer authentication"""
def authenticate(self, request: Request) -> Union[tuple[User, Any], None]:
"""Token-based authentication using HTTP Bearer authentication"""
auth = get_authorization_header(request)
token = token_from_header(auth)
# None is only returned when the header isn't set.
if not token:
return None
return (token.user, None) # pragma: no cover

View File

@ -0,0 +1,32 @@
"""API Decorators"""
from functools import wraps
from typing import Callable, Optional
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ModelViewSet
def permission_required(
perm: Optional[str] = None, other_perms: Optional[list[str]] = None
):
"""Check permissions for a single custom action"""
def wrapper_outter(func: Callable):
"""Check permissions for a single custom action"""
@wraps(func)
def wrapper(self: ModelViewSet, request: Request, *args, **kwargs) -> Response:
if perm:
obj = self.get_object()
if not request.user.has_perm(perm, obj):
return self.permission_denied(request)
if other_perms:
for other_perm in other_perms:
if not request.user.has_perm(other_perm):
return self.permission_denied(request)
return func(self, request, *args, **kwargs)
return wrapper
return wrapper_outter

View File

@ -0,0 +1,32 @@
"""Pagination which includes total pages and current page"""
from rest_framework import pagination
from rest_framework.response import Response
class Pagination(pagination.PageNumberPagination):
"""Pagination which includes total pages and current page"""
page_query_param = "page"
page_size_query_param = "page_size"
def get_paginated_response(self, data):
previous_page_number = 0
if self.page.has_previous():
previous_page_number = self.page.previous_page_number()
next_page_number = 0
if self.page.has_next():
next_page_number = self.page.next_page_number()
return Response(
{
"pagination": {
"next": next_page_number,
"previous": previous_page_number,
"count": self.page.paginator.count,
"current": self.page.number,
"total_pages": self.page.paginator.num_pages,
"start_index": self.page.start_index(),
"end_index": self.page.end_index(),
},
"results": data,
}
)

View File

@ -0,0 +1,97 @@
"""Swagger Pagination Schema class"""
from typing import OrderedDict
from drf_yasg import openapi
from drf_yasg.inspectors import PaginatorInspector
class PaginationInspector(PaginatorInspector):
"""Swagger Pagination Schema class"""
def get_paginated_response(self, paginator, response_schema):
"""
:param BasePagination paginator: the paginator
:param openapi.Schema response_schema: the response schema that must be paged.
:rtype: openapi.Schema
"""
return openapi.Schema(
type=openapi.TYPE_OBJECT,
properties=OrderedDict(
(
(
"pagination",
openapi.Schema(
type=openapi.TYPE_OBJECT,
properties=OrderedDict(
(
("next", openapi.Schema(type=openapi.TYPE_NUMBER)),
(
"previous",
openapi.Schema(type=openapi.TYPE_NUMBER),
),
("count", openapi.Schema(type=openapi.TYPE_NUMBER)),
(
"current",
openapi.Schema(type=openapi.TYPE_NUMBER),
),
(
"total_pages",
openapi.Schema(type=openapi.TYPE_NUMBER),
),
(
"start_index",
openapi.Schema(type=openapi.TYPE_NUMBER),
),
(
"end_index",
openapi.Schema(type=openapi.TYPE_NUMBER),
),
)
),
required=[
"next",
"previous",
"count",
"current",
"total_pages",
"start_index",
"end_index",
],
),
),
("results", response_schema),
)
),
required=["results", "pagination"],
)
def get_paginator_parameters(self, paginator):
"""
Get the pagination parameters for a single paginator **instance**.
Should return :data:`.NotHandled` if this inspector
does not know how to handle the given `paginator`.
:param BasePagination paginator: the paginator
:rtype: list[openapi.Parameter]
"""
return [
openapi.Parameter(
"page",
openapi.IN_QUERY,
"Page Index",
False,
None,
openapi.TYPE_INTEGER,
),
openapi.Parameter(
"page_size",
openapi.IN_QUERY,
"Page Size",
False,
None,
openapi.TYPE_INTEGER,
),
]

102
authentik/api/schema.py Normal file
View File

@ -0,0 +1,102 @@
"""Error Response schema, from https://github.com/axnsan12/drf-yasg/issues/224"""
from drf_yasg import openapi
from drf_yasg.inspectors.view import SwaggerAutoSchema
from drf_yasg.utils import force_real_str, is_list_view
from rest_framework import exceptions, status
from rest_framework.settings import api_settings
class ErrorResponseAutoSchema(SwaggerAutoSchema):
"""Inspector which includes an error schema"""
def get_generic_error_schema(self):
"""Get a generic error schema"""
return openapi.Schema(
"Generic API Error",
type=openapi.TYPE_OBJECT,
properties={
"detail": openapi.Schema(
type=openapi.TYPE_STRING, description="Error details"
),
"code": openapi.Schema(
type=openapi.TYPE_STRING, description="Error code"
),
},
required=["detail"],
)
def get_validation_error_schema(self):
"""Get a generic validation error schema"""
return openapi.Schema(
"Validation Error",
type=openapi.TYPE_OBJECT,
properties={
api_settings.NON_FIELD_ERRORS_KEY: openapi.Schema(
description="List of validation errors not related to any field",
type=openapi.TYPE_ARRAY,
items=openapi.Schema(type=openapi.TYPE_STRING),
),
},
additional_properties=openapi.Schema(
description=(
"A list of error messages for each "
"field that triggered a validation error"
),
type=openapi.TYPE_ARRAY,
items=openapi.Schema(type=openapi.TYPE_STRING),
),
)
def get_response_serializers(self):
responses = super().get_response_serializers()
definitions = self.components.with_scope(
openapi.SCHEMA_DEFINITIONS
) # type: openapi.ReferenceResolver
definitions.setdefault("GenericError", self.get_generic_error_schema)
definitions.setdefault("ValidationError", self.get_validation_error_schema)
definitions.setdefault("APIException", self.get_generic_error_schema)
if self.get_request_serializer() or self.get_query_serializer():
responses.setdefault(
exceptions.ValidationError.status_code,
openapi.Response(
description=force_real_str(
exceptions.ValidationError.default_detail
),
schema=openapi.SchemaRef(definitions, "ValidationError"),
),
)
security = self.get_security()
if security is None or len(security) > 0:
# Note: 401 error codes are coerced into 403 see
# rest_framework/views.py:433:handle_exception
# This is b/c the API uses token auth which doesn't have WWW-Authenticate header
responses.setdefault(
status.HTTP_403_FORBIDDEN,
openapi.Response(
description="Authentication credentials were invalid, absent or insufficient.",
schema=openapi.SchemaRef(definitions, "GenericError"),
),
)
if not is_list_view(self.path, self.method, self.view):
responses.setdefault(
exceptions.PermissionDenied.status_code,
openapi.Response(
description="Permission denied.",
schema=openapi.SchemaRef(definitions, "APIException"),
),
)
responses.setdefault(
exceptions.NotFound.status_code,
openapi.Response(
description=(
"Object does not exist or caller "
"has insufficient permissions to access it."
),
schema=openapi.SchemaRef(definitions, "APIException"),
),
)
return responses

View File

@ -0,0 +1,49 @@
{% extends "base/skeleton.html" %}
{% load static %}
{% block title %}
API Browser - {{ config.authentik.branding.title }}
{% endblock %}
{% block head %}
<script type="module" src="{% static 'dist/rapidoc-min.js' %}"></script>
{% endblock %}
{% block body %}
<script>
function getCookie(name) {
let cookieValue = "";
if (document.cookie && document.cookie !== "") {
const cookies = document.cookie.split(";");
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i].trim();
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) === name + "=") {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
window.addEventListener('DOMContentLoaded', (event) => {
const rapidocEl = document.querySelector('rapi-doc');
rapidocEl.addEventListener('before-try', (e) => {
e.detail.request.headers.append('X-CSRFToken', getCookie("authentik_csrf"));
});
});
</script>
<rapi-doc
spec-url="{{ path }}"
heading-text="authentik"
theme="dark"
render-style="view"
primary-color="#fd4b2d"
allow-spec-url-load="false"
allow-spec-file-load="false">
<div slot="logo">
<img src="{% static 'dist/assets/icons/icon.png' %}" style="width:50px; height:50px" />
</div>
</rapi-doc>
{% endblock %}

View File

@ -0,0 +1,49 @@
"""Test API Authentication"""
from base64 import b64encode
from django.test import TestCase
from guardian.shortcuts import get_anonymous_user
from rest_framework.exceptions import AuthenticationFailed
from authentik.api.auth import token_from_header
from authentik.core.models import Token, TokenIntents
class TestAPIAuth(TestCase):
"""Test API Authentication"""
def test_valid_basic(self):
"""Test valid token"""
token = Token.objects.create(
intent=TokenIntents.INTENT_API, user=get_anonymous_user()
)
auth = b64encode(f":{token.key}".encode()).decode()
self.assertEqual(token_from_header(f"Basic {auth}".encode()), token)
def test_valid_bearer(self):
"""Test valid token"""
token = Token.objects.create(
intent=TokenIntents.INTENT_API, user=get_anonymous_user()
)
self.assertEqual(token_from_header(f"Bearer {token.key}".encode()), token)
def test_invalid_type(self):
"""Test invalid type"""
with self.assertRaises(AuthenticationFailed):
token_from_header("foo bar".encode())
def test_invalid_decode(self):
"""Test invalid bas64"""
with self.assertRaises(AuthenticationFailed):
token_from_header("Basic bar".encode())
def test_invalid_empty_password(self):
"""Test invalid with empty password"""
with self.assertRaises(AuthenticationFailed):
token_from_header("Basic :".encode())
def test_invalid_no_token(self):
"""Test invalid with no token"""
with self.assertRaises(AuthenticationFailed):
auth = b64encode(":abc".encode()).decode()
self.assertIsNone(token_from_header(f"Basic :{auth}".encode()))

View File

@ -0,0 +1,16 @@
"""Test config API"""
from json import loads
from django.urls import reverse
from rest_framework.test import APITestCase
class TestConfig(APITestCase):
"""Test config API"""
def test_config(self):
"""Test YAML generation"""
response = self.client.get(
reverse("authentik_api:configs-list"),
)
self.assertTrue(loads(response.content.decode()))

View File

@ -0,0 +1,33 @@
"""test decorators api"""
from django.urls import reverse
from guardian.shortcuts import assign_perm
from rest_framework.test import APITestCase
from authentik.core.models import Application, User
class TestAPIDecorators(APITestCase):
"""test decorators api"""
def setUp(self) -> None:
super().setUp()
self.user = User.objects.create(username="test-user")
def test_obj_perm_denied(self):
"""Test object perm denied"""
self.client.force_login(self.user)
app = Application.objects.create(name="denied", slug="denied")
response = self.client.get(
reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
)
self.assertEqual(response.status_code, 403)
def test_other_perm_denied(self):
"""Test other perm denied"""
self.client.force_login(self.user)
app = Application.objects.create(name="denied", slug="denied")
assign_perm("authentik_core.view_application", self.user, app)
response = self.client.get(
reverse("authentik_api:application-metrics", kwargs={"slug": app.slug})
)
self.assertEqual(response.status_code, 403)

View File

@ -0,0 +1,31 @@
"""Swagger generation tests"""
from json import loads
from django.urls import reverse
from rest_framework.test import APITestCase
from yaml import safe_load
class TestSwaggerGeneration(APITestCase):
"""Generic admin tests"""
def test_yaml(self):
"""Test YAML generation"""
response = self.client.get(
reverse("authentik_api:schema-json", kwargs={"format": ".yaml"}),
)
self.assertTrue(safe_load(response.content.decode()))
def test_json(self):
"""Test JSON generation"""
response = self.client.get(
reverse("authentik_api:schema-json", kwargs={"format": ".json"}),
)
self.assertTrue(loads(response.content.decode()))
def test_browser(self):
"""Test API Browser"""
response = self.client.get(
reverse("authentik_api:swagger"),
)
self.assertEqual(response.status_code, 200)

8
authentik/api/urls.py Normal file
View File

@ -0,0 +1,8 @@
"""authentik api urls"""
from django.urls import include, path
from authentik.api.v2.urls import urlpatterns as v2_urls
urlpatterns = [
path("v2beta/", include(v2_urls)),
]

View File

@ -0,0 +1,50 @@
"""core Configs API"""
from drf_yasg.utils import swagger_auto_schema
from rest_framework.fields import BooleanField, CharField, ListField
from rest_framework.permissions import AllowAny
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.viewsets import ViewSet
from authentik.core.api.utils import PassiveSerializer
from authentik.lib.config import CONFIG
class FooterLinkSerializer(PassiveSerializer):
"""Links returned in Config API"""
href = CharField(read_only=True)
name = CharField(read_only=True)
class ConfigSerializer(PassiveSerializer):
"""Serialize authentik Config into DRF Object"""
branding_logo = CharField(read_only=True)
branding_title = CharField(read_only=True)
ui_footer_links = ListField(child=FooterLinkSerializer(), read_only=True)
error_reporting_enabled = BooleanField(read_only=True)
error_reporting_environment = CharField(read_only=True)
error_reporting_send_pii = BooleanField(read_only=True)
class ConfigsViewSet(ViewSet):
"""Read-only view set that returns the current session's Configs"""
permission_classes = [AllowAny]
@swagger_auto_schema(responses={200: ConfigSerializer(many=False)})
def list(self, request: Request) -> Response:
"""Retrive public configuration options"""
config = ConfigSerializer(
{
"branding_logo": CONFIG.y("authentik.branding.logo"),
"branding_title": CONFIG.y("authentik.branding.title"),
"error_reporting_enabled": CONFIG.y("error_reporting.enabled"),
"error_reporting_environment": CONFIG.y("error_reporting.environment"),
"error_reporting_send_pii": CONFIG.y("error_reporting.send_pii"),
"ui_footer_links": CONFIG.y("authentik.footer_links"),
}
)
return Response(config.data)

227
authentik/api/v2/urls.py Normal file
View File

@ -0,0 +1,227 @@
"""api v2 urls"""
from django.urls import path, re_path
from drf_yasg import openapi
from drf_yasg.views import get_schema_view
from rest_framework import routers
from rest_framework.permissions import AllowAny
from authentik.admin.api.meta import AppsViewSet
from authentik.admin.api.metrics import AdministrationMetricsViewSet
from authentik.admin.api.tasks import TaskViewSet
from authentik.admin.api.version import VersionViewSet
from authentik.admin.api.workers import WorkerViewSet
from authentik.api.v2.config import ConfigsViewSet
from authentik.api.views import SwaggerView
from authentik.core.api.applications import ApplicationViewSet
from authentik.core.api.groups import GroupViewSet
from authentik.core.api.propertymappings import PropertyMappingViewSet
from authentik.core.api.providers import ProviderViewSet
from authentik.core.api.sources import SourceViewSet
from authentik.core.api.tokens import TokenViewSet
from authentik.core.api.users import UserViewSet
from authentik.crypto.api import CertificateKeyPairViewSet
from authentik.events.api.event import EventViewSet
from authentik.events.api.notification import NotificationViewSet
from authentik.events.api.notification_rule import NotificationRuleViewSet
from authentik.events.api.notification_transport import NotificationTransportViewSet
from authentik.flows.api.bindings import FlowStageBindingViewSet
from authentik.flows.api.flows import FlowViewSet
from authentik.flows.api.stages import StageViewSet
from authentik.flows.views import FlowExecutorView
from authentik.outposts.api.outpost_service_connections import (
DockerServiceConnectionViewSet,
KubernetesServiceConnectionViewSet,
ServiceConnectionViewSet,
)
from authentik.outposts.api.outposts import OutpostViewSet
from authentik.policies.api.bindings import PolicyBindingViewSet
from authentik.policies.api.policies import PolicyViewSet
from authentik.policies.dummy.api import DummyPolicyViewSet
from authentik.policies.event_matcher.api import EventMatcherPolicyViewSet
from authentik.policies.expiry.api import PasswordExpiryPolicyViewSet
from authentik.policies.expression.api import ExpressionPolicyViewSet
from authentik.policies.hibp.api import HaveIBeenPwendPolicyViewSet
from authentik.policies.password.api import PasswordPolicyViewSet
from authentik.policies.reputation.api import (
IPReputationViewSet,
ReputationPolicyViewSet,
UserReputationViewSet,
)
from authentik.providers.ldap.api import LDAPOutpostConfigViewSet, LDAPProviderViewSet
from authentik.providers.oauth2.api.provider import OAuth2ProviderViewSet
from authentik.providers.oauth2.api.scope import ScopeMappingViewSet
from authentik.providers.oauth2.api.tokens import (
AuthorizationCodeViewSet,
RefreshTokenViewSet,
)
from authentik.providers.proxy.api import (
ProxyOutpostConfigViewSet,
ProxyProviderViewSet,
)
from authentik.providers.saml.api import SAMLPropertyMappingViewSet, SAMLProviderViewSet
from authentik.sources.ldap.api import LDAPPropertyMappingViewSet, LDAPSourceViewSet
from authentik.sources.oauth.api.source import OAuthSourceViewSet
from authentik.sources.oauth.api.source_connection import (
UserOAuthSourceConnectionViewSet,
)
from authentik.sources.plex.api import PlexSourceViewSet
from authentik.sources.saml.api import SAMLSourceViewSet
from authentik.stages.authenticator_static.api import (
AuthenticatorStaticStageViewSet,
StaticAdminDeviceViewSet,
StaticDeviceViewSet,
)
from authentik.stages.authenticator_totp.api import (
AuthenticatorTOTPStageViewSet,
TOTPAdminDeviceViewSet,
TOTPDeviceViewSet,
)
from authentik.stages.authenticator_validate.api import (
AuthenticatorValidateStageViewSet,
)
from authentik.stages.authenticator_webauthn.api import (
AuthenticateWebAuthnStageViewSet,
WebAuthnAdminDeviceViewSet,
WebAuthnDeviceViewSet,
)
from authentik.stages.captcha.api import CaptchaStageViewSet
from authentik.stages.consent.api import ConsentStageViewSet, UserConsentViewSet
from authentik.stages.deny.api import DenyStageViewSet
from authentik.stages.dummy.api import DummyStageViewSet
from authentik.stages.email.api import EmailStageViewSet
from authentik.stages.identification.api import IdentificationStageViewSet
from authentik.stages.invitation.api import InvitationStageViewSet, InvitationViewSet
from authentik.stages.password.api import PasswordStageViewSet
from authentik.stages.prompt.api import PromptStageViewSet, PromptViewSet
from authentik.stages.user_delete.api import UserDeleteStageViewSet
from authentik.stages.user_login.api import UserLoginStageViewSet
from authentik.stages.user_logout.api import UserLogoutStageViewSet
from authentik.stages.user_write.api import UserWriteStageViewSet
router = routers.DefaultRouter()
router.register("root/config", ConfigsViewSet, basename="configs")
router.register("admin/version", VersionViewSet, basename="admin_version")
router.register("admin/workers", WorkerViewSet, basename="admin_workers")
router.register("admin/metrics", AdministrationMetricsViewSet, basename="admin_metrics")
router.register("admin/system_tasks", TaskViewSet, basename="admin_system_tasks")
router.register("admin/apps", AppsViewSet, basename="apps")
router.register("core/applications", ApplicationViewSet)
router.register("core/groups", GroupViewSet)
router.register("core/users", UserViewSet)
router.register("core/user_consent", UserConsentViewSet)
router.register("core/tokens", TokenViewSet)
router.register("outposts/outposts", OutpostViewSet)
router.register("outposts/instances", OutpostViewSet)
router.register("outposts/service_connections/all", ServiceConnectionViewSet)
router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet)
router.register(
"outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet
)
router.register("outposts/proxy", ProxyOutpostConfigViewSet)
router.register("outposts/ldap", LDAPOutpostConfigViewSet)
router.register("flows/instances", FlowViewSet)
router.register("flows/bindings", FlowStageBindingViewSet)
router.register("crypto/certificatekeypairs", CertificateKeyPairViewSet)
router.register("events/events", EventViewSet)
router.register("events/notifications", NotificationViewSet)
router.register("events/transports", NotificationTransportViewSet)
router.register("events/rules", NotificationRuleViewSet)
router.register("sources/all", SourceViewSet)
router.register("sources/oauth_user_connections", UserOAuthSourceConnectionViewSet)
router.register("sources/ldap", LDAPSourceViewSet)
router.register("sources/saml", SAMLSourceViewSet)
router.register("sources/oauth", OAuthSourceViewSet)
router.register("sources/plex", PlexSourceViewSet)
router.register("policies/all", PolicyViewSet)
router.register("policies/bindings", PolicyBindingViewSet)
router.register("policies/expression", ExpressionPolicyViewSet)
router.register("policies/event_matcher", EventMatcherPolicyViewSet)
router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet)
router.register("policies/password_expiry", PasswordExpiryPolicyViewSet)
router.register("policies/password", PasswordPolicyViewSet)
router.register("policies/reputation/users", UserReputationViewSet)
router.register("policies/reputation/ips", IPReputationViewSet)
router.register("policies/reputation", ReputationPolicyViewSet)
router.register("providers/all", ProviderViewSet)
router.register("providers/ldap", LDAPProviderViewSet)
router.register("providers/proxy", ProxyProviderViewSet)
router.register("providers/oauth2", OAuth2ProviderViewSet)
router.register("providers/saml", SAMLProviderViewSet)
router.register("oauth2/authorization_codes", AuthorizationCodeViewSet)
router.register("oauth2/refresh_tokens", RefreshTokenViewSet)
router.register("propertymappings/all", PropertyMappingViewSet)
router.register("propertymappings/ldap", LDAPPropertyMappingViewSet)
router.register("propertymappings/saml", SAMLPropertyMappingViewSet)
router.register("propertymappings/scope", ScopeMappingViewSet)
router.register("authenticators/static", StaticDeviceViewSet)
router.register("authenticators/totp", TOTPDeviceViewSet)
router.register("authenticators/webauthn", WebAuthnDeviceViewSet)
router.register("authenticators/admin/static", StaticAdminDeviceViewSet)
router.register("authenticators/admin/totp", TOTPAdminDeviceViewSet)
router.register("authenticators/admin/webauthn", WebAuthnAdminDeviceViewSet)
router.register("stages/all", StageViewSet)
router.register("stages/authenticator/static", AuthenticatorStaticStageViewSet)
router.register("stages/authenticator/totp", AuthenticatorTOTPStageViewSet)
router.register("stages/authenticator/validate", AuthenticatorValidateStageViewSet)
router.register("stages/authenticator/webauthn", AuthenticateWebAuthnStageViewSet)
router.register("stages/captcha", CaptchaStageViewSet)
router.register("stages/consent", ConsentStageViewSet)
router.register("stages/deny", DenyStageViewSet)
router.register("stages/email", EmailStageViewSet)
router.register("stages/identification", IdentificationStageViewSet)
router.register("stages/invitation/invitations", InvitationViewSet)
router.register("stages/invitation/stages", InvitationStageViewSet)
router.register("stages/password", PasswordStageViewSet)
router.register("stages/prompt/prompts", PromptViewSet)
router.register("stages/prompt/stages", PromptStageViewSet)
router.register("stages/user_delete", UserDeleteStageViewSet)
router.register("stages/user_login", UserLoginStageViewSet)
router.register("stages/user_logout", UserLogoutStageViewSet)
router.register("stages/user_write", UserWriteStageViewSet)
router.register("stages/dummy", DummyStageViewSet)
router.register("policies/dummy", DummyPolicyViewSet)
info = openapi.Info(
title="authentik API",
default_version="v2beta",
contact=openapi.Contact(email="hello@beryju.org"),
license=openapi.License(
name="GNU GPLv3",
url="https://github.com/goauthentik/authentik/blob/master/LICENSE",
),
)
SchemaView = get_schema_view(info, public=True, permission_classes=(AllowAny,))
urlpatterns = (
[
path("", SwaggerView.as_view(), name="swagger"),
]
+ router.urls
+ [
path(
"flows/executor/<slug:flow_slug>/",
FlowExecutorView.as_view(),
name="flow-executor",
),
re_path(
r"^swagger(?P<format>\.json|\.yaml)$",
SchemaView.without_ui(cache_timeout=0),
name="schema-json",
),
]
)

22
authentik/api/views.py Normal file
View File

@ -0,0 +1,22 @@
"""General API Views"""
from typing import Any
from django.urls import reverse
from django.views.generic import TemplateView
class SwaggerView(TemplateView):
"""Show swagger view based on rapi-doc"""
template_name = "api/swagger.html"
def get_context_data(self, **kwargs: Any) -> dict[str, Any]:
path = self.request.build_absolute_uri(
reverse(
"authentik_api:schema-json",
kwargs={
"format": ".json",
},
)
)
return super().get_context_data(path=path, **kwargs)

View File

@ -0,0 +1,200 @@
"""Application API Views"""
from typing import Optional
from django.core.cache import cache
from django.db.models import QuerySet
from django.http.response import HttpResponseBadRequest
from django.shortcuts import get_object_or_404
from drf_yasg import openapi
from drf_yasg.utils import no_body, swagger_auto_schema
from rest_framework.decorators import action
from rest_framework.fields import SerializerMethodField
from rest_framework.parsers import MultiPartParser
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from structlog.stdlib import get_logger
from authentik.admin.api.metrics import CoordinateSerializer, get_events_per_1h
from authentik.api.decorators import permission_required
from authentik.core.api.providers import ProviderSerializer
from authentik.core.models import Application
from authentik.events.models import EventAction
from authentik.policies.engine import PolicyEngine
from authentik.stages.user_login.stage import USER_LOGIN_AUTHENTICATED
LOGGER = get_logger()
def user_app_cache_key(user_pk: str) -> str:
"""Cache key where application list for user is saved"""
return f"user_app_cache_{user_pk}"
class ApplicationSerializer(ModelSerializer):
"""Application Serializer"""
launch_url = SerializerMethodField()
provider_obj = ProviderSerializer(source="get_provider", required=False)
def get_launch_url(self, instance: Application) -> Optional[str]:
"""Get generated launch URL"""
return instance.get_launch_url()
class Meta:
model = Application
fields = [
"pk",
"name",
"slug",
"provider",
"provider_obj",
"launch_url",
"meta_launch_url",
"meta_icon",
"meta_description",
"meta_publisher",
"policy_engine_mode",
]
class ApplicationViewSet(ModelViewSet):
"""Application Viewset"""
queryset = Application.objects.all()
serializer_class = ApplicationSerializer
search_fields = [
"name",
"slug",
"meta_launch_url",
"meta_description",
"meta_publisher",
]
lookup_field = "slug"
ordering = ["name"]
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
if backend == ObjectPermissionsFilter:
continue
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def _get_allowed_applications(self, queryset: QuerySet) -> list[Application]:
applications = []
for application in queryset:
engine = PolicyEngine(application, self.request.user, self.request)
engine.build()
if engine.passing:
applications.append(application)
return applications
@swagger_auto_schema(
responses={
204: "Access granted",
403: "Access denied",
}
)
@action(detail=True, methods=["GET"])
# pylint: disable=unused-argument
def check_access(self, request: Request, slug: str) -> Response:
"""Check access to a single application by slug"""
# Don't use self.get_object as that checks for view_application permission
# which the user might not have, even if they have access
application = get_object_or_404(Application, slug=slug)
engine = PolicyEngine(application, self.request.user, self.request)
engine.build()
if engine.passing:
return Response(status=204)
return Response(status=403)
@swagger_auto_schema(
manual_parameters=[
openapi.Parameter(
name="superuser_full_list",
in_=openapi.IN_QUERY,
type=openapi.TYPE_BOOLEAN,
)
]
)
def list(self, request: Request) -> Response:
"""Custom list method that checks Policy based access instead of guardian"""
self.request.session.pop(USER_LOGIN_AUTHENTICATED, None)
queryset = self._filter_queryset_for_list(self.get_queryset())
self.paginate_queryset(queryset)
should_cache = request.GET.get("search", "") == ""
superuser_full_list = (
str(request.GET.get("superuser_full_list", "false")).lower() == "true"
)
if superuser_full_list and request.user.is_superuser:
serializer = self.get_serializer(queryset, many=True)
return self.get_paginated_response(serializer.data)
allowed_applications = []
if not should_cache:
allowed_applications = self._get_allowed_applications(queryset)
if should_cache:
LOGGER.debug("Caching allowed application list")
allowed_applications = cache.get(user_app_cache_key(self.request.user.pk))
if not allowed_applications:
allowed_applications = self._get_allowed_applications(queryset)
cache.set(
user_app_cache_key(self.request.user.pk),
allowed_applications,
timeout=86400,
)
serializer = self.get_serializer(allowed_applications, many=True)
return self.get_paginated_response(serializer.data)
@permission_required("authentik_core.change_application")
@swagger_auto_schema(
request_body=no_body,
manual_parameters=[
openapi.Parameter(
name="file",
in_=openapi.IN_FORM,
type=openapi.TYPE_FILE,
required=True,
)
],
responses={200: "Success", 400: "Bad request"},
)
@action(
detail=True,
pagination_class=None,
filter_backends=[],
methods=["POST"],
parser_classes=(MultiPartParser,),
)
# pylint: disable=unused-argument
def set_icon(self, request: Request, slug: str):
"""Set application icon"""
app: Application = self.get_object()
icon = request.FILES.get("file", None)
if not icon:
return HttpResponseBadRequest()
app.meta_icon = icon
app.save()
return Response({})
@permission_required(
"authentik_core.view_application", ["authentik_events.view_event"]
)
@swagger_auto_schema(responses={200: CoordinateSerializer(many=True)})
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=unused-argument
def metrics(self, request: Request, slug: str):
"""Metrics for application logins"""
app = self.get_object()
return Response(
get_events_per_1h(
action=EventAction.AUTHORIZE_APPLICATION,
context__authorized_application__pk=app.pk.hex,
)
)

View File

@ -0,0 +1,43 @@
"""Groups API Viewset"""
from django.db.models.query import QuerySet
from rest_framework.fields import JSONField
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from authentik.core.api.utils import is_dict
from authentik.core.models import Group
class GroupSerializer(ModelSerializer):
"""Group Serializer"""
attributes = JSONField(validators=[is_dict], required=False)
class Meta:
model = Group
fields = ["pk", "name", "is_superuser", "parent", "users", "attributes"]
class GroupViewSet(ModelViewSet):
"""Group Viewset"""
queryset = Group.objects.all()
serializer_class = GroupSerializer
search_fields = ["name", "is_superuser"]
filterset_fields = ["name", "is_superuser"]
ordering = ["name"]
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
if backend == ObjectPermissionsFilter:
continue
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def filter_queryset(self, queryset):
if self.request.user.has_perm("authentik_core.view_group"):
return self._filter_queryset_for_list(queryset)
return super().filter_queryset(queryset)

View File

@ -0,0 +1,146 @@
"""PropertyMapping API Views"""
from json import dumps
from drf_yasg import openapi
from drf_yasg.utils import swagger_auto_schema
from guardian.shortcuts import get_objects_for_user
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.exceptions import PermissionDenied
from rest_framework.fields import BooleanField, CharField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from authentik.api.decorators import permission_required
from authentik.core.api.utils import (
MetaNameSerializer,
PassiveSerializer,
TypeCreateSerializer,
)
from authentik.core.expression import PropertyMappingEvaluator
from authentik.core.models import PropertyMapping
from authentik.lib.utils.reflection import all_subclasses
from authentik.managed.api import ManagedSerializer
from authentik.policies.api.exec import PolicyTestSerializer
class PropertyMappingTestResultSerializer(PassiveSerializer):
"""Result of a Property-mapping test"""
result = CharField(read_only=True)
successful = BooleanField(read_only=True)
class PropertyMappingSerializer(ManagedSerializer, ModelSerializer, MetaNameSerializer):
"""PropertyMapping Serializer"""
component = SerializerMethodField()
def get_component(self, obj: PropertyMapping) -> str:
"""Get object's component so that we know how to edit the object"""
return obj.component
def validate_expression(self, expression: str) -> str:
"""Test Syntax"""
evaluator = PropertyMappingEvaluator()
evaluator.validate(expression)
return expression
class Meta:
model = PropertyMapping
fields = [
"pk",
"managed",
"name",
"expression",
"component",
"verbose_name",
"verbose_name_plural",
]
class PropertyMappingViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""PropertyMapping Viewset"""
queryset = PropertyMapping.objects.none()
serializer_class = PropertyMappingSerializer
search_fields = [
"name",
]
filterset_fields = {"managed": ["isnull"]}
ordering = ["name"]
def get_queryset(self):
return PropertyMapping.objects.select_subclasses()
@swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def types(self, request: Request) -> Response:
"""Get all creatable property-mapping types"""
data = []
for subclass in all_subclasses(self.queryset.model):
subclass: PropertyMapping
data.append(
{
"name": subclass._meta.verbose_name,
"description": subclass.__doc__,
# pyright: reportGeneralTypeIssues=false
"component": subclass().component,
"model_name": subclass._meta.model_name,
}
)
return Response(TypeCreateSerializer(data, many=True).data)
@permission_required("authentik_core.view_propertymapping")
@swagger_auto_schema(
request_body=PolicyTestSerializer(),
responses={200: PropertyMappingTestResultSerializer, 400: "Invalid parameters"},
manual_parameters=[
openapi.Parameter(
name="format_result",
in_=openapi.IN_QUERY,
type=openapi.TYPE_BOOLEAN,
)
],
)
@action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"])
# pylint: disable=unused-argument, invalid-name
def test(self, request: Request, pk: str) -> Response:
"""Test Property Mapping"""
mapping: PropertyMapping = self.get_object()
test_params = PolicyTestSerializer(data=request.data)
if not test_params.is_valid():
return Response(test_params.errors, status=400)
format_result = str(request.GET.get("format_result", "false")).lower() == "true"
# User permission check, only allow mapping testing for users that are readable
users = get_objects_for_user(request.user, "authentik_core.view_user").filter(
pk=test_params.validated_data["user"].pk
)
if not users.exists():
raise PermissionDenied()
response_data = {"successful": True, "result": ""}
try:
result = mapping.evaluate(
users.first(),
self.request,
**test_params.validated_data.get("context", {}),
)
response_data["result"] = dumps(
result, indent=(4 if format_result else None)
)
except Exception as exc: # pylint: disable=broad-except
response_data["result"] = str(exc)
response_data["successful"] = False
response = PropertyMappingTestResultSerializer(response_data)
return Response(response.data)

View File

@ -0,0 +1,92 @@
"""Provider API Views"""
from django.utils.translation import gettext_lazy as _
from drf_yasg.utils import swagger_auto_schema
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.fields import ReadOnlyField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Provider
from authentik.lib.utils.reflection import all_subclasses
class ProviderSerializer(ModelSerializer, MetaNameSerializer):
"""Provider Serializer"""
assigned_application_slug = ReadOnlyField(source="application.slug")
assigned_application_name = ReadOnlyField(source="application.name")
component = SerializerMethodField()
def get_component(self, obj: Provider): # pragma: no cover
"""Get object component so that we know how to edit the object"""
# pyright: reportGeneralTypeIssues=false
if obj.__class__ == Provider:
return ""
return obj.component
class Meta:
model = Provider
fields = [
"pk",
"name",
"authorization_flow",
"property_mappings",
"component",
"assigned_application_slug",
"assigned_application_name",
"verbose_name",
"verbose_name_plural",
]
class ProviderViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""Provider Viewset"""
queryset = Provider.objects.none()
serializer_class = ProviderSerializer
filterset_fields = {
"application": ["isnull"],
}
search_fields = [
"name",
"application__name",
]
def get_queryset(self):
return Provider.objects.select_subclasses()
@swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def types(self, request: Request) -> Response:
"""Get all creatable provider types"""
data = []
for subclass in all_subclasses(self.queryset.model):
subclass: Provider
data.append(
{
"name": subclass._meta.verbose_name,
"description": subclass.__doc__,
"component": subclass().component,
"model_name": subclass._meta.model_name,
}
)
data.append(
{
"name": _("SAML Provider from Metadata"),
"description": _("Create a SAML Provider by importing its Metadata."),
"component": "ak-provider-saml-import-form",
"model_name": "",
}
)
return Response(TypeCreateSerializer(data, many=True).data)

View File

@ -0,0 +1,111 @@
"""Source API Views"""
from typing import Iterable
from drf_yasg.utils import swagger_auto_schema
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from structlog.stdlib import get_logger
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Source
from authentik.core.types import UserSettingSerializer
from authentik.lib.utils.reflection import all_subclasses
from authentik.policies.engine import PolicyEngine
LOGGER = get_logger()
class SourceSerializer(ModelSerializer, MetaNameSerializer):
"""Source Serializer"""
component = SerializerMethodField()
def get_component(self, obj: Source):
"""Get object component so that we know how to edit the object"""
# pyright: reportGeneralTypeIssues=false
if obj.__class__ == Source:
return ""
return obj.component
class Meta:
model = Source
fields = [
"pk",
"name",
"slug",
"enabled",
"authentication_flow",
"enrollment_flow",
"component",
"verbose_name",
"verbose_name_plural",
"policy_engine_mode",
"user_matching_mode",
]
class SourceViewSet(
mixins.RetrieveModelMixin,
mixins.DestroyModelMixin,
mixins.ListModelMixin,
GenericViewSet,
):
"""Source Viewset"""
queryset = Source.objects.none()
serializer_class = SourceSerializer
lookup_field = "slug"
def get_queryset(self):
return Source.objects.select_subclasses()
@swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def types(self, request: Request) -> Response:
"""Get all creatable source types"""
data = []
for subclass in all_subclasses(self.queryset.model):
subclass: Source
component = ""
if subclass._meta.abstract:
component = subclass.__bases__[0]().component
else:
component = subclass().component
# pyright: reportGeneralTypeIssues=false
data.append(
{
"name": subclass._meta.verbose_name,
"description": subclass.__doc__,
"component": component,
"model_name": subclass._meta.model_name,
}
)
return Response(TypeCreateSerializer(data, many=True).data)
@swagger_auto_schema(responses={200: UserSettingSerializer(many=True)})
@action(detail=False, pagination_class=None, filter_backends=[])
def user_settings(self, request: Request) -> Response:
"""Get all sources the user can configure"""
_all_sources: Iterable[Source] = Source.objects.filter(
enabled=True
).select_subclasses()
matching_sources: list[UserSettingSerializer] = []
for source in _all_sources:
user_settings = source.ui_user_settings
if not user_settings:
continue
policy_engine = PolicyEngine(source, request.user, request)
policy_engine.build()
if not policy_engine.passing:
continue
source_settings = source.ui_user_settings
source_settings.initial_data["object_uid"] = source.slug
if not source_settings.is_valid():
LOGGER.warning(source_settings.errors)
matching_sources.append(source_settings.validated_data)
return Response(matching_sources)

View File

@ -0,0 +1,86 @@
"""Tokens API Viewset"""
from django.http.response import Http404
from drf_yasg.utils import swagger_auto_schema
from rest_framework.decorators import action
from rest_framework.fields import CharField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet
from authentik.api.decorators import permission_required
from authentik.core.api.users import UserSerializer
from authentik.core.api.utils import PassiveSerializer
from authentik.core.models import Token, TokenIntents
from authentik.events.models import Event, EventAction
from authentik.managed.api import ManagedSerializer
class TokenSerializer(ManagedSerializer, ModelSerializer):
"""Token Serializer"""
user = UserSerializer(required=False)
class Meta:
model = Token
fields = [
"pk",
"managed",
"identifier",
"intent",
"user",
"description",
"expires",
"expiring",
]
depth = 2
class TokenViewSerializer(PassiveSerializer):
"""Show token's current key"""
key = CharField(read_only=True)
class TokenViewSet(ModelViewSet):
"""Token Viewset"""
lookup_field = "identifier"
queryset = Token.filter_not_expired()
serializer_class = TokenSerializer
search_fields = [
"identifier",
"intent",
"user__username",
"description",
]
filterset_fields = [
"identifier",
"intent",
"user__username",
"description",
]
ordering = ["expires"]
def perform_create(self, serializer: TokenSerializer):
serializer.save(user=self.request.user, intent=TokenIntents.INTENT_API)
@permission_required("authentik_core.view_token_key")
@swagger_auto_schema(
responses={
200: TokenViewSerializer(many=False),
404: "Token not found or expired",
}
)
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=unused-argument
def view_key(self, request: Request, identifier: str) -> Response:
"""Return token key and log access"""
token: Token = self.get_object()
if token.is_expired:
raise Http404
Event.new(EventAction.SECRET_VIEW, secret=token).from_http( # noqa # nosec
request
)
return Response(TokenViewSerializer({"key": token.key}).data)

206
authentik/core/api/users.py Normal file
View File

@ -0,0 +1,206 @@
"""User API Views"""
from json import loads
from django.db.models.query import QuerySet
from django.http.response import Http404
from django.urls import reverse_lazy
from django.utils.http import urlencode
from django_filters.filters import BooleanFilter, CharFilter
from django_filters.filterset import FilterSet
from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method
from guardian.utils import get_anonymous_user
from rest_framework.decorators import action
from rest_framework.fields import CharField, JSONField, SerializerMethodField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import (
BooleanField,
ListSerializer,
ModelSerializer,
ValidationError,
)
from rest_framework.viewsets import ModelViewSet
from rest_framework_guardian.filters import ObjectPermissionsFilter
from authentik.admin.api.metrics import CoordinateSerializer, get_events_per_1h
from authentik.api.decorators import permission_required
from authentik.core.api.groups import GroupSerializer
from authentik.core.api.utils import LinkSerializer, PassiveSerializer, is_dict
from authentik.core.middleware import (
SESSION_IMPERSONATE_ORIGINAL_USER,
SESSION_IMPERSONATE_USER,
)
from authentik.core.models import Token, TokenIntents, User
from authentik.events.models import EventAction
from authentik.flows.models import Flow, FlowDesignation
class UserSerializer(ModelSerializer):
"""User Serializer"""
is_superuser = BooleanField(read_only=True)
avatar = CharField(read_only=True)
attributes = JSONField(validators=[is_dict], required=False)
groups = ListSerializer(child=GroupSerializer(), read_only=True, source="ak_groups")
uid = CharField(read_only=True)
class Meta:
model = User
fields = [
"pk",
"username",
"name",
"is_active",
"last_login",
"is_superuser",
"groups",
"email",
"avatar",
"attributes",
"uid",
]
class SessionUserSerializer(PassiveSerializer):
"""Response for the /user/me endpoint, returns the currently active user (as `user` property)
and, if this user is being impersonated, the original user in the `original` property."""
user = UserSerializer()
original = UserSerializer(required=False)
class UserMetricsSerializer(PassiveSerializer):
"""User Metrics"""
logins_per_1h = SerializerMethodField()
logins_failed_per_1h = SerializerMethodField()
authorizations_per_1h = SerializerMethodField()
@swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True))
def get_logins_per_1h(self, _):
"""Get successful logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(action=EventAction.LOGIN, user__pk=user.pk)
@swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True))
def get_logins_failed_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(
action=EventAction.LOGIN_FAILED, context__username=user.username
)
@swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True))
def get_authorizations_per_1h(self, _):
"""Get failed logins per hour for the last 24 hours"""
user = self.context["user"]
return get_events_per_1h(
action=EventAction.AUTHORIZE_APPLICATION, user__pk=user.pk
)
class UsersFilter(FilterSet):
"""Filter for users"""
attributes = CharFilter(
field_name="attributes",
lookup_expr="",
label="Attributes",
method="filter_attributes",
)
is_superuser = BooleanFilter(field_name="ak_groups", lookup_expr="is_superuser")
# pylint: disable=unused-argument
def filter_attributes(self, queryset, name, value):
"""Filter attributes by query args"""
try:
value = loads(value)
except ValueError:
raise ValidationError(detail="filter: failed to parse JSON")
if not isinstance(value, dict):
raise ValidationError(detail="filter: value must be key:value mapping")
qs = {}
for key, _value in value.items():
qs[f"attributes__{key}"] = _value
return queryset.filter(**qs)
class Meta:
model = User
fields = ["username", "name", "is_active", "is_superuser", "attributes"]
class UserViewSet(ModelViewSet):
"""User Viewset"""
queryset = User.objects.none()
serializer_class = UserSerializer
search_fields = ["username", "name", "is_active"]
filterset_class = UsersFilter
def get_queryset(self):
return User.objects.all().exclude(pk=get_anonymous_user().pk)
@swagger_auto_schema(responses={200: SessionUserSerializer(many=False)})
@action(detail=False, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name
def me(self, request: Request) -> Response:
"""Get information about current user"""
serializer = SessionUserSerializer(
data={"user": UserSerializer(request.user).data}
)
if SESSION_IMPERSONATE_USER in request._request.session:
serializer.initial_data["original"] = UserSerializer(
request._request.session[SESSION_IMPERSONATE_ORIGINAL_USER]
).data
serializer.is_valid()
return Response(serializer.data)
@permission_required("authentik_core.view_user", ["authentik_events.view_event"])
@swagger_auto_schema(responses={200: UserMetricsSerializer(many=False)})
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name, unused-argument
def metrics(self, request: Request, pk: int) -> Response:
"""User metrics per 1h"""
user: User = self.get_object()
serializer = UserMetricsSerializer(True)
serializer.context["user"] = user
return Response(serializer.data)
@permission_required("authentik_core.reset_user_password")
@swagger_auto_schema(
responses={"200": LinkSerializer(many=False), "404": "No recovery flow found."},
)
@action(detail=True, pagination_class=None, filter_backends=[])
# pylint: disable=invalid-name, unused-argument
def recovery(self, request: Request, pk: int) -> Response:
"""Create a temporary link that a user can use to recover their accounts"""
# Check that there is a recovery flow, if not return an error
flow = Flow.with_policy(request, designation=FlowDesignation.RECOVERY)
if not flow:
raise Http404
user: User = self.get_object()
token, __ = Token.objects.get_or_create(
identifier=f"{user.uid}-password-reset",
user=user,
intent=TokenIntents.INTENT_RECOVERY,
)
querystring = urlencode({"token": token.key})
link = request.build_absolute_uri(
reverse_lazy("authentik_flows:default-recovery") + f"?{querystring}"
)
return Response({"link": link})
def _filter_queryset_for_list(self, queryset: QuerySet) -> QuerySet:
"""Custom filter_queryset method which ignores guardian, but still supports sorting"""
for backend in list(self.filter_backends):
if backend == ObjectPermissionsFilter:
continue
queryset = backend().filter_queryset(self.request, queryset, self)
return queryset
def filter_queryset(self, queryset):
if self.request.user.has_perm("authentik_core.view_group"):
return self._filter_queryset_for_list(queryset)
return super().filter_queryset(queryset)

View File

@ -0,0 +1,65 @@
"""API Utilities"""
from typing import Any
from django.db.models import Model
from rest_framework.fields import CharField, IntegerField
from rest_framework.serializers import (
Serializer,
SerializerMethodField,
ValidationError,
)
def is_dict(value: Any):
"""Ensure a value is a dictionary, useful for JSONFields"""
if isinstance(value, dict):
return
raise ValidationError("Value must be a dictionary.")
class PassiveSerializer(Serializer):
"""Base serializer class which doesn't implement create/update methods"""
def create(self, validated_data: dict) -> Model: # pragma: no cover
return Model()
def update(
self, instance: Model, validated_data: dict
) -> Model: # pragma: no cover
return Model()
class MetaNameSerializer(PassiveSerializer):
"""Add verbose names to response"""
verbose_name = SerializerMethodField()
verbose_name_plural = SerializerMethodField()
def get_verbose_name(self, obj: Model) -> str:
"""Return object's verbose_name"""
return obj._meta.verbose_name
def get_verbose_name_plural(self, obj: Model) -> str:
"""Return object's plural verbose_name"""
return obj._meta.verbose_name_plural
class TypeCreateSerializer(PassiveSerializer):
"""Types of an object that can be created"""
name = CharField(required=True)
description = CharField(required=True)
component = CharField(required=True)
model_name = CharField(required=True)
class CacheSerializer(PassiveSerializer):
"""Generic cache stats for an object"""
count = IntegerField(read_only=True)
class LinkSerializer(PassiveSerializer):
"""Returns a single link"""
link = CharField()

17
authentik/core/apps.py Normal file
View File

@ -0,0 +1,17 @@
"""authentik core app config"""
from importlib import import_module
from django.apps import AppConfig
class AuthentikCoreConfig(AppConfig):
"""authentik core app config"""
name = "authentik.core"
label = "authentik_core"
verbose_name = "authentik Core"
mountpoint = ""
def ready(self):
import_module("authentik.core.signals")
import_module("authentik.core.managed")

View File

@ -0,0 +1,35 @@
"""Channels base classes"""
from channels.exceptions import DenyConnection
from channels.generic.websocket import JsonWebsocketConsumer
from rest_framework.exceptions import AuthenticationFailed
from structlog.stdlib import get_logger
from authentik.api.auth import token_from_header
from authentik.core.models import User
LOGGER = get_logger()
class AuthJsonConsumer(JsonWebsocketConsumer):
"""Authorize a client with a token"""
user: User
def connect(self):
headers = dict(self.scope["headers"])
if b"authorization" not in headers:
LOGGER.warning("WS Request without authorization header")
raise DenyConnection()
raw_header = headers[b"authorization"]
try:
token = token_from_header(raw_header)
# token is only None when no header was given, in which case we deny too
if not token:
raise DenyConnection()
except AuthenticationFailed as exc:
LOGGER.warning("Failed to authenticate", exc=exc)
raise DenyConnection()
self.user = token.user

View File

@ -0,0 +1,6 @@
"""authentik core exceptions"""
from authentik.lib.sentry import SentryIgnoredException
class PropertyMappingExpressionException(SentryIgnoredException):
"""Error when a PropertyMapping Exception expression could not be parsed or evaluated."""

View File

@ -0,0 +1,38 @@
"""Property Mapping Evaluator"""
from traceback import format_tb
from typing import Optional
from django.http import HttpRequest
from authentik.core.models import User
from authentik.events.models import Event, EventAction
from authentik.lib.expression.evaluator import BaseEvaluator
class PropertyMappingEvaluator(BaseEvaluator):
"""Custom Evalautor that adds some different context variables."""
def set_context(
self, user: Optional[User], request: Optional[HttpRequest], **kwargs
):
"""Update context with context from PropertyMapping's evaluate"""
if user:
self._context["user"] = user
if request:
self._context["request"] = request
self._context.update(**kwargs)
def handle_error(self, exc: Exception, expression_source: str):
"""Exception Handler"""
error_string = "\n".join(format_tb(exc.__traceback__) + [str(exc)])
event = Event.new(
EventAction.PROPERTY_MAPPING_EXCEPTION,
expression=expression_source,
message=error_string,
)
if "user" in self._context:
event.set_user(self._context["user"])
if "request" in self._context:
event.from_http(self._context["request"])
return
event.save()

16
authentik/core/managed.py Normal file
View File

@ -0,0 +1,16 @@
"""Core managed objects"""
from authentik.core.models import Source
from authentik.managed.manager import EnsureExists, ObjectManager
class CoreManager(ObjectManager):
"""Core managed objects"""
def reconcile(self):
return [
EnsureExists(
Source,
"goauthentik.io/sources/inbuilt",
name="authentik Built-in",
),
]

View File

@ -0,0 +1,57 @@
"""authentik admin Middleware to impersonate users"""
from logging import Logger
from threading import local
from typing import Callable
from uuid import uuid4
from django.http import HttpRequest, HttpResponse
SESSION_IMPERSONATE_USER = "authentik_impersonate_user"
SESSION_IMPERSONATE_ORIGINAL_USER = "authentik_impersonate_original_user"
LOCAL = local()
RESPONSE_HEADER_ID = "X-authentik-id"
class ImpersonateMiddleware:
"""Middleware to impersonate users"""
get_response: Callable[[HttpRequest], HttpResponse]
def __init__(self, get_response: Callable[[HttpRequest], HttpResponse]):
self.get_response = get_response
def __call__(self, request: HttpRequest) -> HttpResponse:
# No permission checks are done here, they need to be checked before
# SESSION_IMPERSONATE_USER is set.
if SESSION_IMPERSONATE_USER in request.session:
request.user = request.session[SESSION_IMPERSONATE_USER]
return self.get_response(request)
class RequestIDMiddleware:
"""Add a unique ID to every request"""
get_response: Callable[[HttpRequest], HttpResponse]
def __init__(self, get_response: Callable[[HttpRequest], HttpResponse]):
self.get_response = get_response
def __call__(self, request: HttpRequest) -> HttpResponse:
if not hasattr(request, "request_id"):
request_id = uuid4().hex
setattr(request, "request_id", request_id)
LOCAL.authentik = {"request_id": request_id}
response = self.get_response(request)
response[RESPONSE_HEADER_ID] = request.request_id
del LOCAL.authentik["request_id"]
return response
# pylint: disable=unused-argument
def structlog_add_request_id(logger: Logger, method_name: str, event_dict):
"""If threadlocal has authentik defined, add request_id to log"""
if hasattr(LOCAL, "authentik"):
event_dict["request_id"] = LOCAL.authentik.get("request_id", "")
return event_dict

View File

@ -0,0 +1,356 @@
# Generated by Django 3.0.6 on 2020-05-19 22:07
import uuid
import django.contrib.auth.models
import django.contrib.auth.validators
import django.db.models.deletion
import django.utils.timezone
import guardian.mixins
from django.conf import settings
from django.db import migrations, models
import authentik.core.models
class Migration(migrations.Migration):
initial = True
dependencies = [
("authentik_policies", "0001_initial"),
("auth", "0011_update_proxy_permissions"),
]
operations = [
migrations.CreateModel(
name="User",
fields=[
(
"id",
models.AutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
("password", models.CharField(max_length=128, verbose_name="password")),
(
"last_login",
models.DateTimeField(
blank=True, null=True, verbose_name="last login"
),
),
(
"is_superuser",
models.BooleanField(
default=False,
help_text="Designates that this user has all permissions without explicitly assigning them.",
verbose_name="superuser status",
),
),
(
"username",
models.CharField(
error_messages={
"unique": "A user with that username already exists."
},
help_text="Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.",
max_length=150,
unique=True,
validators=[
django.contrib.auth.validators.UnicodeUsernameValidator()
],
verbose_name="username",
),
),
(
"first_name",
models.CharField(
blank=True, max_length=30, verbose_name="first name"
),
),
(
"last_name",
models.CharField(
blank=True, max_length=150, verbose_name="last name"
),
),
(
"email",
models.EmailField(
blank=True, max_length=254, verbose_name="email address"
),
),
(
"is_staff",
models.BooleanField(
default=False,
help_text="Designates whether the user can log into this admin site.",
verbose_name="staff status",
),
),
(
"is_active",
models.BooleanField(
default=True,
help_text="Designates whether this user should be treated as active. Unselect this instead of deleting accounts.",
verbose_name="active",
),
),
(
"date_joined",
models.DateTimeField(
default=django.utils.timezone.now, verbose_name="date joined"
),
),
("uuid", models.UUIDField(default=uuid.uuid4, editable=False)),
("name", models.TextField(help_text="User's display name.")),
("password_change_date", models.DateTimeField(auto_now_add=True)),
(
"attributes",
models.JSONField(blank=True, default=dict),
),
],
options={
"permissions": (("reset_user_password", "Reset Password"),),
},
bases=(guardian.mixins.GuardianUserMixin, models.Model),
managers=[
("objects", django.contrib.auth.models.UserManager()),
],
),
migrations.CreateModel(
name="PropertyMapping",
fields=[
(
"pm_uuid",
models.UUIDField(
default=uuid.uuid4,
editable=False,
primary_key=True,
serialize=False,
),
),
("name", models.TextField()),
("expression", models.TextField()),
],
options={
"verbose_name": "Property Mapping",
"verbose_name_plural": "Property Mappings",
},
),
migrations.CreateModel(
name="Source",
fields=[
(
"policybindingmodel_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="authentik_policies.PolicyBindingModel",
),
),
("name", models.TextField(help_text="Source's display Name.")),
(
"slug",
models.SlugField(help_text="Internal source name, used in URLs."),
),
("enabled", models.BooleanField(default=True)),
(
"property_mappings",
models.ManyToManyField(
blank=True, default=None, to="authentik_core.PropertyMapping"
),
),
],
bases=("authentik_policies.policybindingmodel",),
),
migrations.CreateModel(
name="UserSourceConnection",
fields=[
(
"id",
models.AutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
("created", models.DateTimeField(auto_now_add=True)),
("last_updated", models.DateTimeField(auto_now=True)),
(
"source",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to="authentik_core.Source",
),
),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
to=settings.AUTH_USER_MODEL,
),
),
],
options={
"unique_together": {("user", "source")},
},
),
migrations.CreateModel(
name="Token",
fields=[
(
"token_uuid",
models.UUIDField(
default=uuid.uuid4,
editable=False,
primary_key=True,
serialize=False,
),
),
(
"expires",
models.DateTimeField(
default=authentik.core.models.default_token_duration
),
),
("expiring", models.BooleanField(default=True)),
("description", models.TextField(blank=True, default="")),
(
"user",
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="+",
to=settings.AUTH_USER_MODEL,
),
),
],
options={
"verbose_name": "Token",
"verbose_name_plural": "Tokens",
},
),
migrations.CreateModel(
name="Provider",
fields=[
(
"id",
models.AutoField(
auto_created=True,
primary_key=True,
serialize=False,
verbose_name="ID",
),
),
(
"property_mappings",
models.ManyToManyField(
blank=True, default=None, to="authentik_core.PropertyMapping"
),
),
],
),
migrations.CreateModel(
name="Group",
fields=[
(
"group_uuid",
models.UUIDField(
default=uuid.uuid4,
editable=False,
primary_key=True,
serialize=False,
),
),
("name", models.CharField(max_length=80, verbose_name="name")),
(
"attributes",
models.JSONField(blank=True, default=dict),
),
(
"parent",
models.ForeignKey(
blank=True,
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="children",
to="authentik_core.Group",
),
),
],
options={
"unique_together": {("name", "parent")},
},
),
migrations.CreateModel(
name="Application",
fields=[
(
"policybindingmodel_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="authentik_policies.PolicyBindingModel",
),
),
("name", models.TextField(help_text="Application's display Name.")),
(
"slug",
models.SlugField(
help_text="Internal application name, used in URLs."
),
),
("skip_authorization", models.BooleanField(default=False)),
("meta_launch_url", models.URLField(blank=True, default="")),
("meta_icon_url", models.TextField(blank=True, default="")),
("meta_description", models.TextField(blank=True, default="")),
("meta_publisher", models.TextField(blank=True, default="")),
(
"provider",
models.OneToOneField(
blank=True,
default=None,
null=True,
on_delete=django.db.models.deletion.SET_DEFAULT,
to="authentik_core.Provider",
),
),
],
bases=("authentik_policies.policybindingmodel",),
),
migrations.AddField(
model_name="user",
name="groups",
field=models.ManyToManyField(to="authentik_core.Group"),
),
migrations.AddField(
model_name="user",
name="sources",
field=models.ManyToManyField(
through="authentik_core.UserSourceConnection",
to="authentik_core.Source",
),
),
migrations.AddField(
model_name="user",
name="user_permissions",
field=models.ManyToManyField(
blank=True,
help_text="Specific permissions for this user.",
related_name="user_set",
related_query_name="user",
to="auth.Permission",
verbose_name="user permissions",
),
),
]

View File

@ -0,0 +1,55 @@
# Generated by Django 3.0.6 on 2020-05-23 11:33
import django.db.models.deletion
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_flows", "0003_auto_20200523_1133"),
("authentik_core", "0001_initial"),
]
operations = [
migrations.RemoveField(
model_name="application",
name="skip_authorization",
),
migrations.AddField(
model_name="source",
name="authentication_flow",
field=models.ForeignKey(
blank=True,
default=None,
help_text="Flow to use when authenticating existing users.",
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="source_authentication",
to="authentik_flows.Flow",
),
),
migrations.AddField(
model_name="source",
name="enrollment_flow",
field=models.ForeignKey(
blank=True,
default=None,
help_text="Flow to use when enrolling new users.",
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="source_enrollment",
to="authentik_flows.Flow",
),
),
migrations.AddField(
model_name="provider",
name="authorization_flow",
field=models.ForeignKey(
help_text="Flow used when authorizing this provider.",
on_delete=django.db.models.deletion.CASCADE,
related_name="provider_authorization",
to="authentik_flows.Flow",
),
),
]

View File

@ -0,0 +1,52 @@
# Generated by Django 3.0.6 on 2020-05-23 16:40
from os import environ
from django.apps.registry import Apps
from django.conf import settings
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
def create_default_user(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
# We have to use a direct import here, otherwise we get an object manager error
from authentik.core.models import User
db_alias = schema_editor.connection.alias
akadmin, _ = User.objects.using(db_alias).get_or_create(
username="akadmin", email="root@localhost", name="authentik Default Admin"
)
if "TF_BUILD" in environ or "AK_ADMIN_PASS" in environ or settings.TEST:
akadmin.set_password(
environ.get("AK_ADMIN_PASS", "akadmin"), signal=False
) # noqa # nosec
else:
akadmin.set_unusable_password()
akadmin.save()
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0002_auto_20200523_1133"),
]
operations = [
migrations.RemoveField(
model_name="user",
name="is_superuser",
),
migrations.RemoveField(
model_name="user",
name="is_staff",
),
migrations.RunPython(create_default_user),
migrations.AddField(
model_name="user",
name="is_superuser",
field=models.BooleanField(default=False),
),
migrations.AddField(
model_name="user", name="is_staff", field=models.BooleanField(default=False)
),
]

View File

@ -0,0 +1,28 @@
# Generated by Django 3.0.7 on 2020-07-03 22:13
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0003_default_user"),
]
operations = [
migrations.AlterModelOptions(
name="application",
options={
"verbose_name": "Application",
"verbose_name_plural": "Applications",
},
),
migrations.AlterModelOptions(
name="user",
options={
"permissions": (("reset_user_password", "Reset Password"),),
"verbose_name": "User",
"verbose_name_plural": "Users",
},
),
]

View File

@ -0,0 +1,24 @@
# Generated by Django 3.0.7 on 2020-07-05 21:11
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0004_auto_20200703_2213"),
]
operations = [
migrations.AddField(
model_name="token",
name="intent",
field=models.TextField(
choices=[
("verification", "Intent Verification"),
("api", "Intent Api"),
],
default="verification",
),
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.0.8 on 2020-07-09 16:08
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0005_token_intent"),
]
operations = [
migrations.AlterField(
model_name="source",
name="slug",
field=models.SlugField(
help_text="Internal source name, used in URLs.", unique=True
),
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.1 on 2020-08-15 18:41
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0006_auto_20200709_1608"),
]
operations = [
migrations.AlterField(
model_name="user",
name="first_name",
field=models.CharField(
blank=True, max_length=150, verbose_name="first name"
),
),
]

View File

@ -0,0 +1,36 @@
# Generated by Django 3.1 on 2020-08-24 15:32
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("auth", "0012_alter_user_first_name_max_length"),
("authentik_core", "0007_auto_20200815_1841"),
]
operations = [
migrations.RemoveField(
model_name="user",
name="groups",
field=models.ManyToManyField(to="authentik_core.Group"),
),
migrations.AddField(
model_name="user",
name="groups",
field=models.ManyToManyField(
blank=True,
help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
related_name="user_set",
related_query_name="user",
to="auth.Group",
verbose_name="groups",
),
),
migrations.AddField(
model_name="user",
name="pb_groups",
field=models.ManyToManyField(to="authentik_core.Group"),
),
]

View File

@ -0,0 +1,61 @@
# Generated by Django 3.1.1 on 2020-09-15 19:53
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import authentik.core.models
def create_default_admin_group(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Group = apps.get_model("authentik_core", "Group")
User = apps.get_model("authentik_core", "User")
# Creates a default admin group
group, _ = Group.objects.using(db_alias).get_or_create(
is_superuser=True,
defaults={
"name": "authentik Admins",
},
)
group.users.set(User.objects.filter(username="akadmin"))
group.save()
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0008_auto_20200824_1532"),
]
operations = [
migrations.RemoveField(
model_name="user",
name="is_superuser",
),
migrations.RemoveField(
model_name="user",
name="is_staff",
),
migrations.AlterField(
model_name="user",
name="pb_groups",
field=models.ManyToManyField(
related_name="users", to="authentik_core.Group"
),
),
migrations.AddField(
model_name="group",
name="is_superuser",
field=models.BooleanField(
default=False, help_text="Users added to this group will be superusers."
),
),
migrations.RunPython(create_default_admin_group),
migrations.AlterModelManagers(
name="user",
managers=[
("objects", authentik.core.models.UserManager()),
],
),
]

View File

@ -0,0 +1,24 @@
# Generated by Django 3.1.1 on 2020-09-17 10:21
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0009_group_is_superuser"),
]
operations = [
migrations.AlterModelOptions(
name="user",
options={
"permissions": (
("reset_user_password", "Reset Password"),
("impersonate", "Can impersonate other users"),
),
"verbose_name": "User",
"verbose_name_plural": "Users",
},
),
]

View File

@ -0,0 +1,19 @@
# Generated by Django 3.1.2 on 2020-10-03 17:34
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0010_auto_20200917_1021"),
]
operations = [
migrations.AddField(
model_name="provider",
name="name_temp",
field=models.TextField(default=""),
preserve_default=False,
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.1.2 on 2020-10-03 17:37
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0011_provider_name_temp"),
("authentik_providers_oauth2", "0006_remove_oauth2provider_name"),
("authentik_providers_saml", "0006_remove_samlprovider_name"),
]
operations = [
migrations.RenameField(
model_name="provider",
old_name="name_temp",
new_name="name",
),
]

View File

@ -0,0 +1,35 @@
# Generated by Django 3.1.2 on 2020-10-03 21:32
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0012_auto_20201003_1737"),
]
operations = [
migrations.AddField(
model_name="token",
name="identifier",
field=models.TextField(default=""),
preserve_default=False,
),
migrations.AlterField(
model_name="token",
name="intent",
field=models.TextField(
choices=[
("verification", "Intent Verification"),
("api", "Intent Api"),
("recovery", "Intent Recovery"),
],
default="verification",
),
),
migrations.AlterUniqueTogether(
name="token",
unique_together={("identifier", "user")},
),
]

View File

@ -0,0 +1,50 @@
# Generated by Django 3.1.2 on 2020-10-18 11:58
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import authentik.core.models
def set_default_token_key(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Token = apps.get_model("authentik_core", "Token")
for token in Token.objects.using(db_alias).all():
token.key = token.pk.hex
token.save()
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0013_auto_20201003_2132"),
]
operations = [
migrations.AddField(
model_name="token",
name="key",
field=models.TextField(default=authentik.core.models.default_token_key),
),
migrations.AlterUniqueTogether(
name="token",
unique_together=set(),
),
migrations.AlterField(
model_name="token",
name="identifier",
field=models.SlugField(max_length=255),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_co_key_e45007_idx"),
),
migrations.AddIndex(
model_name="token",
index=models.Index(
fields=["identifier"], name="authentik_co_identif_1a34a8_idx"
),
),
migrations.RunPython(set_default_token_key),
]

View File

@ -0,0 +1,24 @@
# Generated by Django 3.1.3 on 2020-11-23 17:19
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0014_auto_20201018_1158"),
]
operations = [
migrations.RemoveField(
model_name="application",
name="meta_icon_url",
),
migrations.AddField(
model_name="application",
name="meta_icon",
field=models.FileField(
blank=True, default="", upload_to="application-icons/"
),
),
]

View File

@ -0,0 +1,36 @@
# Generated by Django 3.1.3 on 2020-12-02 22:34
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0015_application_icon"),
]
operations = [
migrations.RemoveIndex(
model_name="token",
name="authentik_co_key_e45007_idx",
),
migrations.RemoveIndex(
model_name="token",
name="authentik_co_identif_1a34a8_idx",
),
migrations.RenameField(
model_name="user",
old_name="pb_groups",
new_name="ak_groups",
),
migrations.AddIndex(
model_name="token",
index=models.Index(
fields=["identifier"], name="authentik_c_identif_d9d032_idx"
),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_c_key_f71355_idx"),
),
]

View File

@ -0,0 +1,35 @@
# Generated by Django 3.1.4 on 2021-01-30 18:28
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0016_auto_20201202_2234"),
]
operations = [
migrations.AddField(
model_name="propertymapping",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
verbose_name="Managed by authentik",
unique=True,
),
),
migrations.AddField(
model_name="token",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
verbose_name="Managed by authentik",
unique=True,
),
),
]

View File

@ -0,0 +1,21 @@
# Generated by Django 3.1.7 on 2021-03-30 13:45
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0017_managed"),
]
operations = [
migrations.AlterModelOptions(
name="token",
options={
"permissions": (("view_token_key", "View token's key"),),
"verbose_name": "Token",
"verbose_name_plural": "Tokens",
},
),
]

View File

@ -0,0 +1,24 @@
# Generated by Django 3.2 on 2021-04-09 14:06
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0018_auto_20210330_1345"),
]
operations = [
migrations.AddField(
model_name="source",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
unique=True,
verbose_name="Managed by authentik",
),
),
]

View File

@ -0,0 +1,40 @@
# Generated by Django 3.2 on 2021-05-03 17:06
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0019_source_managed"),
]
operations = [
migrations.AddField(
model_name="source",
name="user_matching_mode",
field=models.TextField(
choices=[
("identifier", "Use the source-specific identifier"),
(
"email_link",
"Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.",
),
(
"email_deny",
"Use the user's email address, but deny enrollment when the email address already exists.",
),
(
"username_link",
"Link to a user with identical username address. Can have security implications when a username is used with another source.",
),
(
"username_deny",
"Use the user's username, but deny enrollment when the username already exists.",
),
],
default="identifier",
help_text="How the source determines if an existing user should be authenticated or a new user enrolled.",
),
),
]

View File

@ -0,0 +1,20 @@
# Generated by Django 3.2.3 on 2021-05-14 08:48
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0020_source_user_matching_mode"),
]
operations = [
migrations.AlterField(
model_name="application",
name="slug",
field=models.SlugField(
help_text="Internal application name, used in URLs.", unique=True
),
),
]

454
authentik/core/models.py Normal file
View File

@ -0,0 +1,454 @@
"""authentik core models"""
from datetime import timedelta
from hashlib import md5, sha256
from typing import Any, Optional, Type
from urllib.parse import urlencode
from uuid import uuid4
from django.conf import settings
from django.contrib.auth.models import AbstractUser
from django.contrib.auth.models import UserManager as DjangoUserManager
from django.db import models
from django.db.models import Q, QuerySet
from django.http import HttpRequest
from django.templatetags.static import static
from django.utils.functional import cached_property
from django.utils.html import escape
from django.utils.timezone import now
from django.utils.translation import gettext_lazy as _
from guardian.mixins import GuardianUserMixin
from model_utils.managers import InheritanceManager
from rest_framework.serializers import Serializer
from structlog.stdlib import get_logger
from authentik.core.exceptions import PropertyMappingExpressionException
from authentik.core.signals import password_changed
from authentik.core.types import UILoginButton
from authentik.flows.challenge import Challenge
from authentik.flows.models import Flow
from authentik.lib.config import CONFIG
from authentik.lib.models import CreatedUpdatedModel, SerializerModel
from authentik.managed.models import ManagedModel
from authentik.policies.models import PolicyBindingModel
LOGGER = get_logger()
USER_ATTRIBUTE_DEBUG = "goauthentik.io/user/debug"
USER_ATTRIBUTE_SA = "goauthentik.io/user/service-account"
USER_ATTRIBUTE_SOURCES = "goauthentik.io/user/sources"
GRAVATAR_URL = "https://secure.gravatar.com"
DEFAULT_AVATAR = static("dist/assets/images/user_default.png")
def default_token_duration():
"""Default duration a Token is valid"""
return now() + timedelta(minutes=30)
def default_token_key():
"""Default token key"""
return uuid4().hex
class Group(models.Model):
"""Custom Group model which supports a basic hierarchy"""
group_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)
name = models.CharField(_("name"), max_length=80)
is_superuser = models.BooleanField(
default=False, help_text=_("Users added to this group will be superusers.")
)
parent = models.ForeignKey(
"Group",
blank=True,
null=True,
on_delete=models.SET_NULL,
related_name="children",
)
attributes = models.JSONField(default=dict, blank=True)
def __str__(self):
return f"Group {self.name}"
class Meta:
unique_together = (
(
"name",
"parent",
),
)
class UserManager(DjangoUserManager):
"""Custom user manager that doesn't assign is_superuser and is_staff"""
def create_user(self, username, email=None, password=None, **extra_fields):
"""Custom user manager that doesn't assign is_superuser and is_staff"""
return self._create_user(username, email, password, **extra_fields)
class User(GuardianUserMixin, AbstractUser):
"""Custom User model to allow easier adding of user-based settings"""
uuid = models.UUIDField(default=uuid4, editable=False)
name = models.TextField(help_text=_("User's display name."))
sources = models.ManyToManyField("Source", through="UserSourceConnection")
ak_groups = models.ManyToManyField("Group", related_name="users")
password_change_date = models.DateTimeField(auto_now_add=True)
attributes = models.JSONField(default=dict, blank=True)
objects = UserManager()
def group_attributes(self) -> dict[str, Any]:
"""Get a dictionary containing the attributes from all groups the user belongs to,
including the users attributes"""
final_attributes = {}
for group in self.ak_groups.all().order_by("name"):
final_attributes.update(group.attributes)
final_attributes.update(self.attributes)
return final_attributes
@cached_property
def is_superuser(self) -> bool:
"""Get supseruser status based on membership in a group with superuser status"""
return self.ak_groups.filter(is_superuser=True).exists()
@property
def is_staff(self) -> bool:
"""superuser == staff user"""
return self.is_superuser # type: ignore
def set_password(self, password, signal=True):
if self.pk and signal:
password_changed.send(sender=self, user=self, password=password)
self.password_change_date = now()
return super().set_password(password)
@property
def uid(self) -> str:
"""Generate a globall unique UID, based on the user ID and the hashed secret key"""
return sha256(f"{self.id}-{settings.SECRET_KEY}".encode("ascii")).hexdigest()
@property
def avatar(self) -> str:
"""Get avatar, depending on authentik.avatar setting"""
mode = CONFIG.raw.get("authentik").get("avatars")
if mode == "none":
return DEFAULT_AVATAR
if mode == "gravatar":
parameters = [
("s", "158"),
("r", "g"),
]
# gravatar uses md5 for their URLs, so md5 can't be avoided
mail_hash = md5(self.email.encode("utf-8")).hexdigest() # nosec
gravatar_url = (
f"{GRAVATAR_URL}/avatar/{mail_hash}?{urlencode(parameters, doseq=True)}"
)
return escape(gravatar_url)
raise ValueError(f"Invalid avatar mode {mode}")
class Meta:
permissions = (
("reset_user_password", "Reset Password"),
("impersonate", "Can impersonate other users"),
)
verbose_name = _("User")
verbose_name_plural = _("Users")
class Provider(SerializerModel):
"""Application-independent Provider instance. For example SAML2 Remote, OAuth2 Application"""
name = models.TextField()
authorization_flow = models.ForeignKey(
Flow,
on_delete=models.CASCADE,
help_text=_("Flow used when authorizing this provider."),
related_name="provider_authorization",
)
property_mappings = models.ManyToManyField(
"PropertyMapping", default=None, blank=True
)
objects = InheritanceManager()
@property
def launch_url(self) -> Optional[str]:
"""URL to this provider and initiate authorization for the user.
Can return None for providers that are not URL-based"""
return None
@property
def component(self) -> str:
"""Return component used to edit this object"""
raise NotImplementedError
@property
def serializer(self) -> Type[Serializer]:
"""Get serializer for this model"""
raise NotImplementedError
def __str__(self):
return self.name
class Application(PolicyBindingModel):
"""Every Application which uses authentik for authentication/identification/authorization
needs an Application record. Other authentication types can subclass this Model to
add custom fields and other properties"""
name = models.TextField(help_text=_("Application's display Name."))
slug = models.SlugField(
help_text=_("Internal application name, used in URLs."), unique=True
)
provider = models.OneToOneField(
"Provider", null=True, blank=True, default=None, on_delete=models.SET_DEFAULT
)
meta_launch_url = models.URLField(default="", blank=True)
# For template applications, this can be set to /static/authentik/applications/*
meta_icon = models.FileField(upload_to="application-icons/", default="", blank=True)
meta_description = models.TextField(default="", blank=True)
meta_publisher = models.TextField(default="", blank=True)
def get_launch_url(self) -> Optional[str]:
"""Get launch URL if set, otherwise attempt to get launch URL based on provider."""
if self.meta_launch_url:
return self.meta_launch_url
if self.provider:
return self.get_provider().launch_url
return None
def get_provider(self) -> Optional[Provider]:
"""Get casted provider instance"""
if not self.provider:
return None
return Provider.objects.get_subclass(pk=self.provider.pk)
def __str__(self):
return self.name
class Meta:
verbose_name = _("Application")
verbose_name_plural = _("Applications")
class SourceUserMatchingModes(models.TextChoices):
"""Different modes a source can handle new/returning users"""
IDENTIFIER = "identifier", _("Use the source-specific identifier")
EMAIL_LINK = "email_link", _(
(
"Link to a user with identical email address. Can have security implications "
"when a source doesn't validate email addresses."
)
)
EMAIL_DENY = "email_deny", _(
"Use the user's email address, but deny enrollment when the email address already exists."
)
USERNAME_LINK = "username_link", _(
(
"Link to a user with identical username address. Can have security implications "
"when a username is used with another source."
)
)
USERNAME_DENY = "username_deny", _(
"Use the user's username, but deny enrollment when the username already exists."
)
class Source(ManagedModel, SerializerModel, PolicyBindingModel):
"""Base Authentication source, i.e. an OAuth Provider, SAML Remote or LDAP Server"""
name = models.TextField(help_text=_("Source's display Name."))
slug = models.SlugField(
help_text=_("Internal source name, used in URLs."), unique=True
)
enabled = models.BooleanField(default=True)
property_mappings = models.ManyToManyField(
"PropertyMapping", default=None, blank=True
)
authentication_flow = models.ForeignKey(
Flow,
blank=True,
null=True,
default=None,
on_delete=models.SET_NULL,
help_text=_("Flow to use when authenticating existing users."),
related_name="source_authentication",
)
enrollment_flow = models.ForeignKey(
Flow,
blank=True,
null=True,
default=None,
on_delete=models.SET_NULL,
help_text=_("Flow to use when enrolling new users."),
related_name="source_enrollment",
)
user_matching_mode = models.TextField(
choices=SourceUserMatchingModes.choices,
default=SourceUserMatchingModes.IDENTIFIER,
help_text=_(
(
"How the source determines if an existing user should be authenticated or "
"a new user enrolled."
)
),
)
objects = InheritanceManager()
@property
def component(self) -> str:
"""Return component used to edit this object"""
raise NotImplementedError
@property
def ui_login_button(self) -> Optional[UILoginButton]:
"""If source uses a http-based flow, return UI Information about the login
button. If source doesn't use http-based flow, return None."""
return None
@property
def ui_user_settings(self) -> Optional[Challenge]:
"""Entrypoint to integrate with User settings. Can either return None if no
user settings are available, or a challenge."""
return None
def __str__(self):
return self.name
class UserSourceConnection(CreatedUpdatedModel):
"""Connection between User and Source."""
user = models.ForeignKey(User, on_delete=models.CASCADE)
source = models.ForeignKey(Source, on_delete=models.CASCADE)
objects = InheritanceManager()
class Meta:
unique_together = (("user", "source"),)
class ExpiringModel(models.Model):
"""Base Model which can expire, and is automatically cleaned up."""
expires = models.DateTimeField(default=default_token_duration)
expiring = models.BooleanField(default=True)
@classmethod
def filter_not_expired(cls, **kwargs) -> QuerySet:
"""Filer for tokens which are not expired yet or are not expiring,
and match filters in `kwargs`"""
expired = Q(expires__lt=now(), expiring=True)
return cls.objects.exclude(expired).filter(**kwargs)
@property
def is_expired(self) -> bool:
"""Check if token is expired yet."""
if not self.expiring:
return False
return now() > self.expires
class Meta:
abstract = True
class TokenIntents(models.TextChoices):
"""Intents a Token can be created for."""
# Single use token
INTENT_VERIFICATION = "verification"
# Allow access to API
INTENT_API = "api"
# Recovery use for the recovery app
INTENT_RECOVERY = "recovery"
class Token(ManagedModel, ExpiringModel):
"""Token used to authenticate the User for API Access or confirm another Stage like Email."""
token_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)
identifier = models.SlugField(max_length=255)
key = models.TextField(default=default_token_key)
intent = models.TextField(
choices=TokenIntents.choices, default=TokenIntents.INTENT_VERIFICATION
)
user = models.ForeignKey("User", on_delete=models.CASCADE, related_name="+")
description = models.TextField(default="", blank=True)
def __str__(self):
description = f"{self.identifier}"
if self.expiring:
description += f" (expires={self.expires})"
return description
class Meta:
verbose_name = _("Token")
verbose_name_plural = _("Tokens")
indexes = [
models.Index(fields=["identifier"]),
models.Index(fields=["key"]),
]
permissions = (("view_token_key", "View token's key"),)
class PropertyMapping(SerializerModel, ManagedModel):
"""User-defined key -> x mapping which can be used by providers to expose extra data."""
pm_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)
name = models.TextField()
expression = models.TextField()
objects = InheritanceManager()
@property
def component(self) -> str:
"""Return component used to edit this object"""
raise NotImplementedError
@property
def serializer(self) -> Type[Serializer]:
"""Get serializer for this model"""
raise NotImplementedError
def evaluate(
self, user: Optional[User], request: Optional[HttpRequest], **kwargs
) -> Any:
"""Evaluate `self.expression` using `**kwargs` as Context."""
from authentik.core.expression import PropertyMappingEvaluator
evaluator = PropertyMappingEvaluator()
evaluator.set_context(user, request, **kwargs)
try:
return evaluator.evaluate(self.expression)
except (ValueError, SyntaxError) as exc:
raise PropertyMappingExpressionException from exc
def __str__(self):
return f"Property Mapping {self.name}"
class Meta:
verbose_name = _("Property Mapping")
verbose_name_plural = _("Property Mappings")

24
authentik/core/signals.py Normal file
View File

@ -0,0 +1,24 @@
"""authentik core signals"""
from django.core.cache import cache
from django.core.signals import Signal
from django.db.models.signals import post_save
from django.dispatch import receiver
# Arguments: user: User, password: str
password_changed = Signal()
@receiver(post_save)
# pylint: disable=unused-argument
def post_save_application(sender, instance, created: bool, **_):
"""Clear user's application cache upon application creation"""
from authentik.core.api.applications import user_app_cache_key
from authentik.core.models import Application
if sender != Application:
return
if not created: # pragma: no cover
return
# Also delete user application cache
keys = cache.keys(user_app_cache_key("*"))
cache.delete_many(keys)

View File

@ -0,0 +1,286 @@
"""Source decision helper"""
from enum import Enum
from typing import Any, Optional, Type
from django.contrib import messages
from django.db import IntegrityError
from django.db.models.query_utils import Q
from django.http import HttpRequest, HttpResponse, HttpResponseBadRequest
from django.shortcuts import redirect
from django.urls import reverse
from django.utils.translation import gettext as _
from structlog.stdlib import get_logger
from authentik.core.models import (
Source,
SourceUserMatchingModes,
User,
UserSourceConnection,
)
from authentik.core.sources.stage import (
PLAN_CONTEXT_SOURCES_CONNECTION,
PostUserEnrollmentStage,
)
from authentik.events.models import Event, EventAction
from authentik.flows.models import Flow, Stage, in_memory_stage
from authentik.flows.planner import (
PLAN_CONTEXT_PENDING_USER,
PLAN_CONTEXT_REDIRECT,
PLAN_CONTEXT_SOURCE,
PLAN_CONTEXT_SSO,
FlowPlanner,
)
from authentik.flows.views import NEXT_ARG_NAME, SESSION_KEY_GET, SESSION_KEY_PLAN
from authentik.lib.utils.urls import redirect_with_qs
from authentik.policies.utils import delete_none_keys
from authentik.stages.password.stage import PLAN_CONTEXT_AUTHENTICATION_BACKEND
from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT
class Action(Enum):
"""Actions that can be decided based on the request
and source settings"""
LINK = "link"
AUTH = "auth"
ENROLL = "enroll"
DENY = "deny"
class SourceFlowManager:
"""Help sources decide what they should do after authorization. Based on source settings and
previous connections, authenticate the user, enroll a new user, link to an existing user
or deny the request."""
source: Source
request: HttpRequest
identifier: str
connection_type: Type[UserSourceConnection] = UserSourceConnection
def __init__(
self,
source: Source,
request: HttpRequest,
identifier: str,
enroll_info: dict[str, Any],
) -> None:
self.source = source
self.request = request
self.identifier = identifier
self.enroll_info = enroll_info
self._logger = get_logger().bind(source=source, identifier=identifier)
# pylint: disable=too-many-return-statements
def get_action(self, **kwargs) -> tuple[Action, Optional[UserSourceConnection]]:
"""decide which action should be taken"""
new_connection = self.connection_type(
source=self.source, identifier=self.identifier
)
# When request is authenticated, always link
if self.request.user.is_authenticated:
new_connection.user = self.request.user
new_connection = self.update_connection(new_connection, **kwargs)
new_connection.save()
return Action.LINK, new_connection
existing_connections = self.connection_type.objects.filter(
source=self.source, identifier=self.identifier
)
if existing_connections.exists():
connection = existing_connections.first()
return Action.AUTH, self.update_connection(connection, **kwargs)
# No connection exists, but we match on identifier, so enroll
if self.source.user_matching_mode == SourceUserMatchingModes.IDENTIFIER:
# We don't save the connection here cause it doesn't have a user assigned yet
return Action.ENROLL, self.update_connection(new_connection, **kwargs)
# Check for existing users with matching attributes
query = Q()
# Either query existing user based on email or username
if self.source.user_matching_mode in [
SourceUserMatchingModes.EMAIL_LINK,
SourceUserMatchingModes.EMAIL_DENY,
]:
if not self.enroll_info.get("email", None):
self._logger.warning("Refusing to use none email", source=self.source)
return Action.DENY, None
query = Q(email__exact=self.enroll_info.get("email", None))
if self.source.user_matching_mode in [
SourceUserMatchingModes.USERNAME_LINK,
SourceUserMatchingModes.USERNAME_DENY,
]:
if not self.enroll_info.get("username", None):
self._logger.warning(
"Refusing to use none username", source=self.source
)
return Action.DENY, None
query = Q(username__exact=self.enroll_info.get("username", None))
self._logger.debug("trying to link with existing user", query=query)
matching_users = User.objects.filter(query)
# No matching users, always enroll
if not matching_users.exists():
self._logger.debug("no matching users found, enrolling")
return Action.ENROLL, self.update_connection(new_connection, **kwargs)
user = matching_users.first()
if self.source.user_matching_mode in [
SourceUserMatchingModes.EMAIL_LINK,
SourceUserMatchingModes.USERNAME_LINK,
]:
new_connection.user = user
new_connection = self.update_connection(new_connection, **kwargs)
new_connection.save()
return Action.LINK, new_connection
if self.source.user_matching_mode in [
SourceUserMatchingModes.EMAIL_DENY,
SourceUserMatchingModes.USERNAME_DENY,
]:
self._logger.info("denying source because user exists", user=user)
return Action.DENY, None
# Should never get here as default enroll case is returned above.
return Action.DENY, None
def update_connection(
self, connection: UserSourceConnection, **kwargs
) -> UserSourceConnection:
"""Optionally make changes to the connection after it is looked up/created."""
return connection
def get_flow(self, **kwargs) -> HttpResponse:
"""Get the flow response based on user_matching_mode"""
try:
action, connection = self.get_action(**kwargs)
except IntegrityError as exc:
self._logger.warning("failed to get action", exc=exc)
return redirect("/")
self._logger.debug("get_action() says", action=action, connection=connection)
if connection:
if action == Action.LINK:
self._logger.debug("Linking existing user")
return self.handle_existing_user_link(connection)
if action == Action.AUTH:
self._logger.debug("Handling auth user")
return self.handle_auth_user(connection)
if action == Action.ENROLL:
self._logger.debug("Handling enrollment of new user")
return self.handle_enroll(connection)
# Default case, assume deny
messages.error(
self.request,
_(
(
"Request to authenticate with %(source)s has been denied. Please authenticate "
"with the source you've previously signed up with."
)
% {"source": self.source.name}
),
)
return redirect("/")
# pylint: disable=unused-argument
def get_stages_to_append(self, flow: Flow) -> list[Stage]:
"""Hook to override stages which are appended to the flow"""
if flow.slug == self.source.enrollment_flow.slug:
return [
in_memory_stage(PostUserEnrollmentStage),
]
return []
def _handle_login_flow(self, flow: Flow, **kwargs) -> HttpResponse:
"""Prepare Authentication Plan, redirect user FlowExecutor"""
# Ensure redirect is carried through when user was trying to
# authorize application
final_redirect = self.request.session.get(SESSION_KEY_GET, {}).get(
NEXT_ARG_NAME, "authentik_core:if-admin"
)
kwargs.update(
{
# Since we authenticate the user by their token, they have no backend set
PLAN_CONTEXT_AUTHENTICATION_BACKEND: "django.contrib.auth.backends.ModelBackend",
PLAN_CONTEXT_SSO: True,
PLAN_CONTEXT_SOURCE: self.source,
PLAN_CONTEXT_REDIRECT: final_redirect,
}
)
if not flow:
return HttpResponseBadRequest()
# We run the Flow planner here so we can pass the Pending user in the context
planner = FlowPlanner(flow)
plan = planner.plan(self.request, kwargs)
for stage in self.get_stages_to_append(flow):
plan.append(stage)
self.request.session[SESSION_KEY_PLAN] = plan
return redirect_with_qs(
"authentik_core:if-flow",
self.request.GET,
flow_slug=flow.slug,
)
# pylint: disable=unused-argument
def handle_auth_user(
self,
connection: UserSourceConnection,
) -> HttpResponse:
"""Login user and redirect."""
messages.success(
self.request,
_(
"Successfully authenticated with %(source)s!"
% {"source": self.source.name}
),
)
flow_kwargs = {PLAN_CONTEXT_PENDING_USER: connection.user}
return self._handle_login_flow(self.source.authentication_flow, **flow_kwargs)
def handle_existing_user_link(
self,
connection: UserSourceConnection,
) -> HttpResponse:
"""Handler when the user was already authenticated and linked an external source
to their account."""
# Connection has already been saved
Event.new(
EventAction.SOURCE_LINKED,
message="Linked Source",
source=self.source,
).from_http(self.request)
messages.success(
self.request,
_("Successfully linked %(source)s!" % {"source": self.source.name}),
)
# When request isn't authenticated we jump straight to auth
if not self.request.user.is_authenticated:
return self.handle_auth_user(connection)
return redirect(
reverse(
"authentik_core:if-admin",
)
+ f"#/user;page-{self.source.slug}"
)
def handle_enroll(
self,
connection: UserSourceConnection,
) -> HttpResponse:
"""User was not authenticated and previous request was not authenticated."""
messages.success(
self.request,
_(
"Successfully authenticated with %(source)s!"
% {"source": self.source.name}
),
)
# We run the Flow planner here so we can pass the Pending user in the context
if not self.source.enrollment_flow:
self._logger.warning("source has no enrollment flow")
return HttpResponseBadRequest()
return self._handle_login_flow(
self.source.enrollment_flow,
**{
PLAN_CONTEXT_PROMPT: delete_none_keys(self.enroll_info),
PLAN_CONTEXT_SOURCES_CONNECTION: connection,
},
)

View File

@ -0,0 +1,30 @@
"""Source flow manager stages"""
from django.http import HttpRequest, HttpResponse
from authentik.core.models import User, UserSourceConnection
from authentik.events.models import Event, EventAction
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
from authentik.flows.stage import StageView
PLAN_CONTEXT_SOURCES_CONNECTION = "goauthentik.io/sources/connection"
class PostUserEnrollmentStage(StageView):
"""Dynamically injected stage which saves the Connection after
the user has been enrolled."""
# pylint: disable=unused-argument
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
"""Stage used after the user has been enrolled"""
connection: UserSourceConnection = self.executor.plan.context[
PLAN_CONTEXT_SOURCES_CONNECTION
]
user: User = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
connection.user = user
connection.save()
Event.new(
EventAction.SOURCE_LINKED,
message="Linked Source",
source=connection.source,
).from_http(self.request)
return self.executor.stage_ok()

80
authentik/core/tasks.py Normal file
View File

@ -0,0 +1,80 @@
"""authentik core tasks"""
from datetime import datetime
from io import StringIO
from os import environ
from boto3.exceptions import Boto3Error
from botocore.exceptions import BotoCoreError, ClientError
from dbbackup.db.exceptions import CommandConnectorError
from django.contrib.humanize.templatetags.humanize import naturaltime
from django.core import management
from django.utils.timezone import now
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
from structlog.stdlib import get_logger
from authentik.core.models import ExpiringModel
from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus
from authentik.lib.config import CONFIG
from authentik.root.celery import CELERY_APP
LOGGER = get_logger()
@CELERY_APP.task(bind=True, base=MonitoredTask)
def clean_expired_models(self: MonitoredTask):
"""Remove expired objects"""
messages = []
for cls in ExpiringModel.__subclasses__():
cls: ExpiringModel
amount, _ = (
cls.objects.all()
.exclude(expiring=False)
.exclude(expiring=True, expires__gt=now())
.delete()
)
LOGGER.debug("Deleted expired models", model=cls, amount=amount)
messages.append(f"Deleted {amount} expired {cls._meta.verbose_name_plural}")
self.set_status(TaskResult(TaskResultStatus.SUCCESSFUL, messages))
@CELERY_APP.task(bind=True, base=MonitoredTask)
def backup_database(self: MonitoredTask): # pragma: no cover
"""Database backup"""
self.result_timeout_hours = 25
if SERVICE_HOST_ENV_NAME in environ and not CONFIG.y("postgresql.s3_backup"):
LOGGER.info("Running in k8s and s3 backups are not configured, skipping")
self.set_status(
TaskResult(
TaskResultStatus.WARNING,
[
(
"Skipping backup as authentik is running in Kubernetes "
"without S3 backups configured."
),
],
)
)
return
try:
start = datetime.now()
out = StringIO()
management.call_command("dbbackup", quiet=True, stdout=out)
self.set_status(
TaskResult(
TaskResultStatus.SUCCESSFUL,
[
f"Successfully finished database backup {naturaltime(start)} {out.getvalue()}",
],
)
)
LOGGER.info("Successfully backed up database.")
except (
IOError,
BotoCoreError,
ClientError,
Boto3Error,
PermissionError,
CommandConnectorError,
ValueError,
) as exc:
self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc))

View File

@ -0,0 +1,31 @@
{% load static %}
{% load i18n %}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title>{% block title %}{% trans title|default:config.authentik.branding.title %}{% endblock %}</title>
<link rel="icon" type="image/png" href="{% static 'dist/assets/icons/icon.png' %}?v={{ ak_version }}">
<link rel="shortcut icon" type="image/png" href="{% static 'dist/assets/icons/icon.png' %}?v={{ ak_version }}">
<link rel="stylesheet" type="text/css" href="{% static 'dist/patternfly-base.css' %}?v={{ ak_version }}">
<link rel="stylesheet" type="text/css" href="{% static 'dist/page.css' %}?v={{ ak_version }}">
<link rel="stylesheet" type="text/css" href="{% static 'dist/empty-state.css' %}?v={{ ak_version }}">
<link rel="stylesheet" type="text/css" href="{% static 'dist/spinner.css' %}?v={{ ak_version }}">
{% block head_before %}
{% endblock %}
<link rel="stylesheet" type="text/css" href="{% static 'dist/authentik.css' %}?v={{ ak_version }}">
<script src="{% static 'dist/poly.js' %}?v={{ ak_version }}" type="module"></script>
<script>window["polymerSkipLoadingFontRoboto"] = true;</script>
{% block head %}
{% endblock %}
</head>
<body>
{% block body %}
{% endblock %}
{% block scripts %}
{% endblock %}
</body>
</html>

View File

@ -0,0 +1,31 @@
{% extends 'base/skeleton.html' %}
{% load i18n %}
{% block head %}
{{ block.super }}
<style>
.pf-c-empty-state {
height: 100vh;
}
</style>
{% endblock %}
{% block body %}
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
<div class="pf-c-empty-state">
<div class="pf-c-empty-state__content">
<i class="fas fa-exclamation-circle pf-c-empty-state__icon" aria-hidden="true"></i>
<h1 class="pf-c-title pf-m-lg">
{% trans title %}
</h1>
<div class="pf-c-empty-state__body">
{% if message %}
<h3>{% trans message %}</h3>
{% endif %}
</div>
<a href="/" class="pf-c-button pf-m-primary pf-m-block">{% trans 'Go to home' %}</a>
</div>
</div>
</section>
{% endblock %}

View File

@ -0,0 +1,28 @@
{% extends "base/skeleton.html" %}
{% load static %}
{% load i18n %}
{% block head %}
<script src="{% static 'dist/AdminInterface.js' %}?v={{ ak_version }}" type="module"></script>
{% endblock %}
{% block body %}
<ak-message-container></ak-message-container>
<ak-interface-admin>
<section class="ak-static-page pf-c-page__main-section pf-m-no-padding-mobile pf-m-xl">
<div class="pf-c-empty-state" style="height: 100vh;">
<div class="pf-c-empty-state__content">
<span class="pf-c-spinner pf-m-xl pf-c-empty-state__icon" role="progressbar" aria-valuetext="{% trans 'Loading...' %}">
<span class="pf-c-spinner__clipper"></span>
<span class="pf-c-spinner__lead-ball"></span>
<span class="pf-c-spinner__tail-ball"></span>
</span>
<h1 class="pf-c-title pf-m-lg">
{% trans "Loading..." %}
</h1>
</div>
</div>
</section>
</ak-interface-admin>
{% endblock %}

Some files were not shown because too many files have changed in this diff Show More