habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,943 Commits 205 Branches 395 Tags
80f4fccd35427434d0c67b18f9d4ad886938a50d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jens L 80f4fccd35 providers/oauth2: OpenID conformance (#4758) 
* don't open inspector by default when debug is enabled

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* encode error in fragment when using hybrid grant_type

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* require nonce for all response_types that get an id_token from the authorization endpoint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't set empty family_name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only set at_hash when response has token

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleaner way to get login time

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove authentication requirement from authentication flow

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use wrapper

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix auth_time not being handled correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* minor cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add test files

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove USER_LOGIN_AUTHENTICATED

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rework prompt=login handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* also set last login uid for max_age check to prevent double login when max_age and prompt=login is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-23 15:26:41 +01:00
.github
ci: bump snok/container-retention-policy from 1 to 2 (#4710)
2023-02-17 09:44:04 +01:00
.vscode
providers/proxy: outpost wide logout implementation (#4605)
2023-02-02 21:18:59 +01:00
authentik
providers/oauth2: OpenID conformance (#4758)
2023-02-23 15:26:41 +01:00
blueprints
providers/oauth2: OpenID conformance (#4758)
2023-02-23 15:26:41 +01:00
cmd
internal: fix race condition with config loading on startup, add index on debug server
2023-01-08 20:33:04 +01:00
internal
providers/ldap: making ldap compatible with synology (#4694)
2023-02-22 15:26:41 +01:00
lifecycle
core: bump black from 22.12.0 to 23.1.0 (#4584)
2023-02-01 11:31:32 +01:00
locale
core: fix inconsistent branding in end_session view
2023-02-01 19:40:59 +01:00
scripts
root: update options for generating TS API (#3833)
2022-10-21 09:08:25 +02:00
tests
providers/oauth2: OpenID conformance (#4758)
2023-02-23 15:26:41 +01:00
web
providers/oauth2: OpenID conformance (#4758)
2023-02-23 15:26:41 +01:00
website
website/integrations: Zammad instructions (#4644)
2023-02-22 16:55:32 +00:00
xml
*/saml: test against SAML Schema
2020-12-13 19:53:16 +01:00
.bumpversion.cfg
release: 2023.2.2
2023-02-15 19:53:42 +01:00
.dockerignore
core: bundle geoip (#4250)
2022-12-20 22:09:30 +01:00
.editorconfig
repo cleanup, switch to new docker registry
2019-04-29 17:05:39 +02:00
.gitignore
root: allow custom settings via python module
2022-12-15 10:59:14 +01:00
CODE_OF_CONDUCT.md
root: rework and expand security policy
2022-11-28 12:10:53 +01:00
CONTRIBUTING.md
polices/hibp: remove deprecated (#4363)
2023-01-05 13:19:26 +01:00
docker-compose.yml
release: 2023.2.2
2023-02-15 19:53:42 +01:00
Dockerfile
core: bump golang from 1.20.0-bullseye to 1.20.1-bullseye (#4691)
2023-02-15 10:46:02 +01:00
go.mod
core: bump goauthentik.io/api/v3 from 3.2023022.2 to 3.2023022.4 (#4762)
2023-02-23 10:35:33 +01:00
go.sum
core: bump goauthentik.io/api/v3 from 3.2023022.2 to 3.2023022.4 (#4762)
2023-02-23 10:35:33 +01:00
ldap.Dockerfile
core: bump golang from 1.20.0-bullseye to 1.20.1-bullseye (#4691)
2023-02-15 10:46:02 +01:00
LICENSE
root: relicense and launch blog post
2022-11-03 16:00:00 +01:00
Makefile
providers/saml: initial SLO implementation (#2346)
2023-01-04 19:45:31 +01:00
manage.py
root: update deprecation warnings
2022-11-25 11:47:28 +01:00
poetry.lock
core: bump twilio from 7.16.3 to 7.16.4 (#4763)
2023-02-23 10:34:28 +01:00
proxy.Dockerfile
core: bump golang from 1.20.0-bullseye to 1.20.1-bullseye (#4691)
2023-02-15 10:46:02 +01:00
pyproject.toml
release: 2023.2.2
2023-02-15 19:53:42 +01:00
README.md
root: add support/shoutout section to readme
2023-02-13 20:56:44 +01:00
schema.yml
stages/user_login: terminate others (#4754)
2023-02-22 14:09:28 +01:00
SECURITY.md
root: update supported versions
2023-01-20 14:23:21 +01:00

README.md

authentik logo

Join Discord GitHub Workflow Status GitHub Workflow Status GitHub Workflow Status Code Coverage Docker pulls Latest version

What is authentik?

authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it.

Installation

For small/test setups it is recommended to use docker-compose, see the documentation

For bigger setups, there is a Helm Chart here. This is documented here

Screenshots

Light Dark

Development

See Development Documentation

Security

See SECURITY.md

Support

Your organization uses authentik? We'd love to add your logo to the readme and our website! Email us @ hello@goauthentik.io or open a GitHub Issue/PR!

Sponsors

This project is proudly sponsored by:

DigitalOcean provides development and testing resources for authentik.

Description
The authentication glue you need.
authenticationauthentikauthorizationkubernetesoauth2oauth2-clientoauth2-serveroidcoidc-clientoidc-providerproxyreverse-proxysamlsaml-idpsaml-spsecuritysso
Readme MIT 664 MiB
Languages
Python 51.7%
TypeScript 36.4%
MDX 5.1%
Go 3.7%
JavaScript 1.6%
Other 1.4%