Merge branch 'main' into version-2023.3

This commit is contained in:
Jens Langhammer 2023-03-15 20:20:51 +01:00
commit 01d2cce9ca
No known key found for this signature in database
58 changed files with 529 additions and 576 deletions

View File

@ -7,8 +7,8 @@ charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true
[html]
[*.html]
indent_size = 2
[yaml]
[*.{yaml,yml}]
indent_size = 2

View File

@ -6,9 +6,8 @@ Authentik takes security very seriously. We follow the rules of [responsible dis
| Version | Supported |
| --------- | ------------------ |
| 2022.12.x | :white_check_mark: |
| 2023.1.x | :white_check_mark: |
| 2023.2.x | :white_check_mark: |
| 2023.3.x | :white_check_mark: |
## Reporting a Vulnerability

View File

@ -55,11 +55,11 @@ class AuthentikBlueprintsConfig(ManagedAppConfig):
"""Load v1 tasks"""
self.import_module("authentik.blueprints.v1.tasks")
def reconcile_blueprints_discover(self):
def reconcile_blueprints_discovery(self):
"""Run blueprint discovery"""
from authentik.blueprints.v1.tasks import blueprints_discover, clear_failed_blueprints
from authentik.blueprints.v1.tasks import blueprints_discovery, clear_failed_blueprints
blueprints_discover.delay()
blueprints_discovery.delay()
clear_failed_blueprints.delay()
def import_models(self):

View File

@ -5,7 +5,7 @@ from authentik.lib.utils.time import fqdn_rand
CELERY_BEAT_SCHEDULE = {
"blueprints_v1_discover": {
"task": "authentik.blueprints.v1.tasks.blueprints_discover",
"task": "authentik.blueprints.v1.tasks.blueprints_discovery",
"schedule": crontab(minute=fqdn_rand("blueprints_v1_discover"), hour="*"),
"options": {"queue": "authentik_scheduled"},
},

View File

@ -1,6 +1,5 @@
"""Blueprint helpers"""
from functools import wraps
from pathlib import Path
from typing import Callable
from django.apps import apps
@ -45,13 +44,3 @@ def reconcile_app(app_name: str):
return wrapper
return wrapper_outer
def load_yaml_fixture(path: str, **kwargs) -> str:
"""Load yaml fixture, optionally formatting it with kwargs"""
with open(Path(__file__).resolve().parent / Path(path), "r", encoding="utf-8") as _fixture:
fixture = _fixture.read()
try:
return fixture % kwargs
except TypeError:
return fixture

View File

@ -3,12 +3,12 @@ from os import environ
from django.test import TransactionTestCase
from authentik.blueprints.tests import load_yaml_fixture
from authentik.blueprints.v1.exporter import FlowExporter
from authentik.blueprints.v1.importer import Importer, transaction_rollback
from authentik.core.models import Group
from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
from authentik.lib.generators import generate_id
from authentik.lib.tests.utils import load_fixture
from authentik.policies.expression.models import ExpressionPolicy
from authentik.policies.models import PolicyBinding
from authentik.sources.oauth.models import OAuthSource
@ -113,14 +113,14 @@ class TestBlueprintsV1(TransactionTestCase):
"""Test export and import it twice"""
count_initial = Prompt.objects.filter(field_key="username").count()
importer = Importer(load_yaml_fixture("fixtures/static_prompt_export.yaml"))
importer = Importer(load_fixture("fixtures/static_prompt_export.yaml"))
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
count_before = Prompt.objects.filter(field_key="username").count()
self.assertEqual(count_initial + 1, count_before)
importer = Importer(load_yaml_fixture("fixtures/static_prompt_export.yaml"))
importer = Importer(load_fixture("fixtures/static_prompt_export.yaml"))
self.assertTrue(importer.apply())
self.assertEqual(Prompt.objects.filter(field_key="username").count(), count_before)
@ -130,7 +130,7 @@ class TestBlueprintsV1(TransactionTestCase):
ExpressionPolicy.objects.filter(name="foo-bar-baz-qux").delete()
Group.objects.filter(name="test").delete()
environ["foo"] = generate_id()
importer = Importer(load_yaml_fixture("fixtures/tags.yaml"), {"bar": "baz"})
importer = Importer(load_fixture("fixtures/tags.yaml"), {"bar": "baz"})
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())
policy = ExpressionPolicy.objects.filter(name="foo-bar-baz-qux").first()

View File

@ -1,10 +1,10 @@
"""Test blueprints v1"""
from django.test import TransactionTestCase
from authentik.blueprints.tests import load_yaml_fixture
from authentik.blueprints.v1.importer import Importer
from authentik.flows.models import Flow
from authentik.lib.generators import generate_id
from authentik.lib.tests.utils import load_fixture
class TestBlueprintsV1Conditions(TransactionTestCase):
@ -14,7 +14,7 @@ class TestBlueprintsV1Conditions(TransactionTestCase):
"""Test conditions fulfilled"""
flow_slug1 = generate_id()
flow_slug2 = generate_id()
import_yaml = load_yaml_fixture(
import_yaml = load_fixture(
"fixtures/conditions_fulfilled.yaml", id1=flow_slug1, id2=flow_slug2
)
@ -31,7 +31,7 @@ class TestBlueprintsV1Conditions(TransactionTestCase):
"""Test conditions not fulfilled"""
flow_slug1 = generate_id()
flow_slug2 = generate_id()
import_yaml = load_yaml_fixture(
import_yaml = load_fixture(
"fixtures/conditions_not_fulfilled.yaml", id1=flow_slug1, id2=flow_slug2
)

View File

@ -1,10 +1,10 @@
"""Test blueprints v1"""
from django.test import TransactionTestCase
from authentik.blueprints.tests import load_yaml_fixture
from authentik.blueprints.v1.importer import Importer
from authentik.flows.models import Flow
from authentik.lib.generators import generate_id
from authentik.lib.tests.utils import load_fixture
class TestBlueprintsV1State(TransactionTestCase):
@ -13,7 +13,7 @@ class TestBlueprintsV1State(TransactionTestCase):
def test_state_present(self):
"""Test state present"""
flow_slug = generate_id()
import_yaml = load_yaml_fixture("fixtures/state_present.yaml", id=flow_slug)
import_yaml = load_fixture("fixtures/state_present.yaml", id=flow_slug)
importer = Importer(import_yaml)
self.assertTrue(importer.validate()[0])
@ -39,7 +39,7 @@ class TestBlueprintsV1State(TransactionTestCase):
def test_state_created(self):
"""Test state created"""
flow_slug = generate_id()
import_yaml = load_yaml_fixture("fixtures/state_created.yaml", id=flow_slug)
import_yaml = load_fixture("fixtures/state_created.yaml", id=flow_slug)
importer = Importer(import_yaml)
self.assertTrue(importer.validate()[0])
@ -65,7 +65,7 @@ class TestBlueprintsV1State(TransactionTestCase):
def test_state_absent(self):
"""Test state absent"""
flow_slug = generate_id()
import_yaml = load_yaml_fixture("fixtures/state_created.yaml", id=flow_slug)
import_yaml = load_fixture("fixtures/state_created.yaml", id=flow_slug)
importer = Importer(import_yaml)
self.assertTrue(importer.validate()[0])
@ -74,7 +74,7 @@ class TestBlueprintsV1State(TransactionTestCase):
flow: Flow = Flow.objects.filter(slug=flow_slug).first()
self.assertEqual(flow.slug, flow_slug)
import_yaml = load_yaml_fixture("fixtures/state_absent.yaml", id=flow_slug)
import_yaml = load_fixture("fixtures/state_absent.yaml", id=flow_slug)
importer = Importer(import_yaml)
self.assertTrue(importer.validate()[0])
self.assertTrue(importer.apply())

View File

@ -6,7 +6,7 @@ from django.test import TransactionTestCase
from yaml import dump
from authentik.blueprints.models import BlueprintInstance, BlueprintInstanceStatus
from authentik.blueprints.v1.tasks import apply_blueprint, blueprints_discover, blueprints_find
from authentik.blueprints.v1.tasks import apply_blueprint, blueprints_discovery, blueprints_find
from authentik.lib.config import CONFIG
from authentik.lib.generators import generate_id
@ -53,7 +53,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
file.seek(0)
file_hash = sha512(file.read().encode()).hexdigest()
file.flush()
blueprints_discover() # pylint: disable=no-value-for-parameter
blueprints_discovery() # pylint: disable=no-value-for-parameter
instance = BlueprintInstance.objects.filter(name=blueprint_id).first()
self.assertEqual(instance.last_applied_hash, file_hash)
self.assertEqual(
@ -81,7 +81,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
)
)
file.flush()
blueprints_discover() # pylint: disable=no-value-for-parameter
blueprints_discovery() # pylint: disable=no-value-for-parameter
blueprint = BlueprintInstance.objects.filter(name="foo").first()
self.assertEqual(
blueprint.last_applied_hash,
@ -106,7 +106,7 @@ class TestBlueprintsV1Tasks(TransactionTestCase):
)
)
file.flush()
blueprints_discover() # pylint: disable=no-value-for-parameter
blueprints_discovery() # pylint: disable=no-value-for-parameter
blueprint.refresh_from_db()
self.assertEqual(
blueprint.last_applied_hash,

View File

@ -76,7 +76,7 @@ class BlueprintEventHandler(FileSystemEventHandler):
return
if isinstance(event, FileCreatedEvent):
LOGGER.debug("new blueprint file created, starting discovery")
blueprints_discover.delay()
blueprints_discovery.delay()
if isinstance(event, FileModifiedEvent):
path = Path(event.src_path)
root = Path(CONFIG.y("blueprints_dir")).absolute()
@ -134,7 +134,7 @@ def blueprints_find():
throws=(DatabaseError, ProgrammingError, InternalError), base=MonitoredTask, bind=True
)
@prefill_task
def blueprints_discover(self: MonitoredTask):
def blueprints_discovery(self: MonitoredTask):
"""Find blueprints and check if they need to be created in the database"""
count = 0
for blueprint in blueprints_find():

View File

@ -43,14 +43,14 @@ class TestApplicationsAPI(APITestCase):
self.assertEqual(
self.client.patch(
reverse("authentik_api:application-detail", kwargs={"slug": self.allowed.slug}),
{"meta_launch_url": "https://%(username)s.test.goauthentik.io/%(username)s"},
{"meta_launch_url": "https://%(username)s-test.test.goauthentik.io/%(username)s"},
).status_code,
200,
)
self.allowed.refresh_from_db()
self.assertEqual(
self.allowed.get_launch_url(self.user),
f"https://{self.user.username}.test.goauthentik.io/{self.user.username}",
f"https://{self.user.username}-test.test.goauthentik.io/{self.user.username}",
)
def test_set_icon(self):

View File

@ -41,7 +41,7 @@ class TaskResult:
def with_error(self, exc: Exception) -> "TaskResult":
"""Since errors might not always be pickle-able, set the traceback"""
self.messages.append(str(exc))
self.messages.append(exception_to_string(exc))
return self

View File

@ -81,7 +81,8 @@ class DomainlessFormattedURLValidator(DomainlessURLValidator):
def __init__(self, *args, **kwargs) -> None:
super().__init__(*args, **kwargs)
self.host_re = r"([%\(\)a-zA-Z])+" + self.domain_re + self.domain_re
self.formatter_re = r"([%\(\)a-zA-Z])*"
self.host_re = "(" + self.formatter_re + self.hostname_re + self.domain_re + "|localhost)"
self.regex = _lazy_re_compile(
r"^(?:[a-z0-9.+-]*)://" # scheme is validated separately
r"(?:[^\s:@/]+(?::[^\s:@/]*)?@)?" # user:pass authentication

View File

@ -1,4 +1,7 @@
"""Test utils"""
from inspect import currentframe
from pathlib import Path
from django.contrib.messages.middleware import MessageMiddleware
from django.contrib.sessions.middleware import SessionMiddleware
from django.http import HttpRequest
@ -11,6 +14,21 @@ def dummy_get_response(request: HttpRequest): # pragma: no cover
return None
def load_fixture(path: str, **kwargs) -> str:
"""Load fixture, optionally formatting it with kwargs"""
current = currentframe()
parent = current.f_back
calling_file_path = parent.f_globals["__file__"]
with open(
Path(calling_file_path).resolve().parent / Path(path), "r", encoding="utf-8"
) as _fixture:
fixture = _fixture.read()
try:
return fixture % kwargs
except TypeError:
return fixture
def get_request(*args, user=None, **kwargs):
"""Get a request with usable session"""
request = RequestFactory().get(*args, **kwargs)

View File

@ -38,13 +38,17 @@ def _get_outpost_override_ip(request: HttpRequest) -> Optional[str]:
if OUTPOST_REMOTE_IP_HEADER not in request.META or OUTPOST_TOKEN_HEADER not in request.META:
return None
fake_ip = request.META[OUTPOST_REMOTE_IP_HEADER]
tokens = Token.filter_not_expired(
token = (
Token.filter_not_expired(
key=request.META.get(OUTPOST_TOKEN_HEADER), intent=TokenIntents.INTENT_API
)
if not tokens.exists():
.select_related("user")
.first()
)
if not token:
LOGGER.warning("Attempted remote-ip override without token", fake_ip=fake_ip)
return None
user = tokens.first().user
user = token.user
if not user.group_attributes(request).get(USER_ATTRIBUTE_CAN_OVERRIDE_IP, False):
LOGGER.warning(
"Remote-IP override: user doesn't have permission",

View File

@ -19,9 +19,9 @@ CELERY_BEAT_SCHEDULE = {
"schedule": crontab(minute=fqdn_rand("outpost_token_ensurer"), hour="*/8"),
"options": {"queue": "authentik_scheduled"},
},
"outpost_local_connection": {
"task": "authentik.outposts.tasks.outpost_local_connection",
"schedule": crontab(minute=fqdn_rand("outpost_local_connection"), hour="*/8"),
"outpost_connection_discovery": {
"task": "authentik.outposts.tasks.outpost_connection_discovery",
"schedule": crontab(minute=fqdn_rand("outpost_connection_discovery"), hour="*/8"),
"options": {"queue": "authentik_scheduled"},
},
}

View File

@ -236,28 +236,33 @@ def _outpost_single_update(outpost: Outpost):
async_to_sync(closing_send)(channel, {"type": "event.update"})
@CELERY_APP.task()
def outpost_local_connection():
@CELERY_APP.task(
base=MonitoredTask,
bind=True,
)
def outpost_connection_discovery(self: MonitoredTask):
"""Checks the local environment and create Service connections."""
status = TaskResult(TaskResultStatus.SUCCESSFUL)
if not CONFIG.y_bool("outposts.discover"):
LOGGER.info("Outpost integration discovery is disabled")
status.messages.append("Outpost integration discovery is disabled")
self.set_status(status)
return
# Explicitly check against token filename, as that's
# only present when the integration is enabled
if Path(SERVICE_TOKEN_FILENAME).exists():
LOGGER.info("Detected in-cluster Kubernetes Config")
status.messages.append("Detected in-cluster Kubernetes Config")
if not KubernetesServiceConnection.objects.filter(local=True).exists():
LOGGER.debug("Created Service Connection for in-cluster")
status.messages.append("Created Service Connection for in-cluster")
KubernetesServiceConnection.objects.create(
name="Local Kubernetes Cluster", local=True, kubeconfig={}
)
# For development, check for the existence of a kubeconfig file
kubeconfig_path = Path(KUBE_CONFIG_DEFAULT_LOCATION).expanduser()
if kubeconfig_path.exists():
LOGGER.info("Detected kubeconfig")
status.messages.append("Detected kubeconfig")
kubeconfig_local_name = f"k8s-{gethostname()}"
if not KubernetesServiceConnection.objects.filter(name=kubeconfig_local_name).exists():
LOGGER.debug("Creating kubeconfig Service Connection")
status.messages.append("Creating kubeconfig Service Connection")
with kubeconfig_path.open("r", encoding="utf8") as _kubeconfig:
KubernetesServiceConnection.objects.create(
name=kubeconfig_local_name,
@ -266,11 +271,12 @@ def outpost_local_connection():
unix_socket_path = urlparse(DEFAULT_UNIX_SOCKET).path
socket = Path(unix_socket_path)
if socket.exists() and access(socket, R_OK):
LOGGER.info("Detected local docker socket")
status.messages.append("Detected local docker socket")
if len(DockerServiceConnection.objects.filter(local=True)) == 0:
LOGGER.debug("Created Service Connection for docker")
status.messages.append("Created Service Connection for docker")
DockerServiceConnection.objects.create(
name="Local Docker connection",
local=True,
url=unix_socket_path,
)
self.set_status(status)

View File

@ -26,6 +26,7 @@ class LDAPProviderSerializer(ProviderSerializer):
"search_mode",
"bind_mode",
]
extra_kwargs = ProviderSerializer.Meta.extra_kwargs
class LDAPProviderViewSet(UsedByMixin, ModelViewSet):

View File

@ -39,6 +39,7 @@ class OAuth2ProviderSerializer(ProviderSerializer):
"issuer_mode",
"jwks_sources",
]
extra_kwargs = ProviderSerializer.Meta.extra_kwargs
class OAuth2ProviderSetupURLs(PassiveSerializer):

View File

@ -95,6 +95,7 @@ class ProxyProviderSerializer(ProviderSerializer):
"refresh_token_validity",
"outpost_set",
]
extra_kwargs = ProviderSerializer.Meta.extra_kwargs
class ProxyProviderViewSet(UsedByMixin, ModelViewSet):

View File

@ -154,6 +154,7 @@ class SAMLProviderSerializer(ProviderSerializer):
"url_slo_post",
"url_slo_redirect",
]
extra_kwargs = ProviderSerializer.Meta.extra_kwargs
class SAMLMetadataSerializer(PassiveSerializer):

View File

@ -10,8 +10,8 @@ from authentik.core.models import Application
from authentik.core.tests.utils import create_test_admin_user, create_test_flow
from authentik.flows.models import FlowDesignation
from authentik.lib.generators import generate_id
from authentik.lib.tests.utils import load_fixture
from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider
from authentik.providers.saml.tests.test_metadata import load_fixture
class TestSAMLProviderAPI(APITestCase):

View File

@ -1,6 +1,4 @@
"""Test Service-Provider Metadata Parser"""
from pathlib import Path
import xmlsec
from defusedxml.lxml import fromstring
from django.test import RequestFactory, TestCase
@ -9,6 +7,7 @@ from lxml import etree # nosec
from authentik.core.models import Application
from authentik.core.tests.utils import create_test_cert, create_test_flow
from authentik.lib.generators import generate_id
from authentik.lib.tests.utils import load_fixture
from authentik.lib.xml import lxml_from_string
from authentik.providers.saml.models import SAMLBindings, SAMLPropertyMapping, SAMLProvider
from authentik.providers.saml.processors.metadata import MetadataProcessor
@ -16,12 +15,6 @@ from authentik.providers.saml.processors.metadata_parser import ServiceProviderM
from authentik.sources.saml.processors.constants import NS_MAP
def load_fixture(path: str, **kwargs) -> str:
"""Load fixture"""
with open(Path(__file__).resolve().parent / Path(path), "r", encoding="utf-8") as _fixture:
return _fixture.read()
class TestServiceProviderMetadataParser(TestCase):
"""Test ServiceProviderMetadataParser parsing and creation of SAML Provider"""

View File

@ -73,12 +73,12 @@ def task_error_hook(task_id, exception: Exception, traceback, *args, **kwargs):
def _get_startup_tasks() -> list[Callable]:
"""Get all tasks to be run on startup"""
from authentik.admin.tasks import clear_update_notifications
from authentik.outposts.tasks import outpost_controller_all, outpost_local_connection
from authentik.outposts.tasks import outpost_connection_discovery, outpost_controller_all
from authentik.providers.proxy.tasks import proxy_set_defaults
return [
clear_update_notifications,
outpost_local_connection,
outpost_connection_discovery,
outpost_controller_all,
proxy_set_defaults,
]

View File

@ -0,0 +1,10 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://127.0.0.1:9443/source/saml/google/acs/" ID="_ee7a8865ac457e7b22cb4f16b39ceca9" IssueInstant="2022-10-14T13:52:04.479Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://accounts.google.com/o/saml2?idpid=</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester">
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:RequestDenied"></saml2p:StatusCode>
</saml2p:StatusCode>
<saml2p:StatusMessage>Invalid request, ACS Url in request http://localhost:9000/source/saml/google/acs/ doesn't match configured ACS Url https://127.0.0.1:9443/source/saml/google/acs/.</saml2p:StatusMessage>
</saml2p:Status>
</saml2p:Response>

View File

@ -0,0 +1,40 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://127.0.0.1:9443/source/saml/google/acs/" ID="_1e17063957f10819a5a8e147971fec22" InResponseTo="_157fb504b59f4ae3919f74896a6b8565" IssueInstant="2022-10-14T14:11:49.590Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://accounts.google.com/o/saml2?idpid=</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></saml2p:StatusCode>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_346001c5708ffd118c40edbc0c72fc60" IssueInstant="2022-10-14T14:11:49.590Z" Version="2.0">
<saml2:Issuer>https://accounts.google.com/o/saml2?idpid=</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">jens@goauthentik.io</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData InResponseTo="_157fb504b59f4ae3919f74896a6b8565" NotOnOrAfter="2022-10-14T14:16:49.590Z" Recipient="https://127.0.0.1:9443/source/saml/google/acs/"></saml2:SubjectConfirmationData>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2022-10-14T14:06:49.590Z" NotOnOrAfter="2022-10-14T14:16:49.590Z">
<saml2:AudienceRestriction>
<saml2:Audience>https://accounts.google.com/o/saml2?idpid=</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AttributeStatement>
<saml2:Attribute Name="name">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">foo</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="sn">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">bar</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="email">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">foo@bar.baz</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
<saml2:AuthnStatement AuthnInstant="2022-10-14T12:16:21.000Z" SessionIndex="_346001c5708ffd118c40edbc0c72fc60">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
</saml2p:Response>

View File

@ -6,64 +6,10 @@ from django.test import RequestFactory, TestCase
from authentik.core.tests.utils import create_test_flow
from authentik.lib.generators import generate_id
from authentik.lib.tests.utils import dummy_get_response
from authentik.lib.tests.utils import dummy_get_response, load_fixture
from authentik.sources.saml.models import SAMLSource
from authentik.sources.saml.processors.response import ResponseProcessor
RESPONSE_ERROR = """<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://127.0.0.1:9443/source/saml/google/acs/" ID="_ee7a8865ac457e7b22cb4f16b39ceca9" IssueInstant="2022-10-14T13:52:04.479Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://accounts.google.com/o/saml2?idpid=</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester">
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:RequestDenied"></saml2p:StatusCode>
</saml2p:StatusCode>
<saml2p:StatusMessage>Invalid request, ACS Url in request http://localhost:9000/source/saml/google/acs/ doesn't match configured ACS Url https://127.0.0.1:9443/source/saml/google/acs/.</saml2p:StatusMessage>
</saml2p:Status>
</saml2p:Response>
"""
RESPONSE_SUCCESS = """<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://127.0.0.1:9443/source/saml/google/acs/" ID="_1e17063957f10819a5a8e147971fec22" InResponseTo="_157fb504b59f4ae3919f74896a6b8565" IssueInstant="2022-10-14T14:11:49.590Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://accounts.google.com/o/saml2?idpid=</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"></saml2p:StatusCode>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_346001c5708ffd118c40edbc0c72fc60" IssueInstant="2022-10-14T14:11:49.590Z" Version="2.0">
<saml2:Issuer>https://accounts.google.com/o/saml2?idpid=</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">jens@goauthentik.io</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData InResponseTo="_157fb504b59f4ae3919f74896a6b8565" NotOnOrAfter="2022-10-14T14:16:49.590Z" Recipient="https://127.0.0.1:9443/source/saml/google/acs/"></saml2:SubjectConfirmationData>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2022-10-14T14:06:49.590Z" NotOnOrAfter="2022-10-14T14:16:49.590Z">
<saml2:AudienceRestriction>
<saml2:Audience>https://accounts.google.com/o/saml2?idpid=</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AttributeStatement>
<saml2:Attribute Name="name">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">foo</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="sn">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">bar</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="email">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">foo@bar.baz</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
<saml2:AuthnStatement AuthnInstant="2022-10-14T12:16:21.000Z" SessionIndex="_346001c5708ffd118c40edbc0c72fc60">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
</saml2p:Response>
"""
class TestResponseProcessor(TestCase):
"""Test ResponseProcessor"""
@ -80,7 +26,12 @@ class TestResponseProcessor(TestCase):
def test_status_error(self):
"""Test error status"""
request = self.factory.post(
"/", data={"SAMLResponse": b64encode(RESPONSE_ERROR.encode()).decode()}
"/",
data={
"SAMLResponse": b64encode(
load_fixture("fixtures/response_error.xml").encode()
).decode()
},
)
middleware = SessionMiddleware(dummy_get_response)
@ -99,7 +50,12 @@ class TestResponseProcessor(TestCase):
def test_success(self):
"""Test success"""
request = self.factory.post(
"/", data={"SAMLResponse": b64encode(RESPONSE_SUCCESS.encode()).decode()}
"/",
data={
"SAMLResponse": b64encode(
load_fixture("fixtures/response_success.xml").encode()
).decode()
},
)
middleware = SessionMiddleware(dummy_get_response)

View File

@ -0,0 +1,20 @@
# Generated by Django 4.1.7 on 2023-03-13 19:49
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
(
"authentik_stages_authenticator_webauthn",
"0007_rename_last_used_on_webauthndevice_last_t",
),
]
operations = [
migrations.AlterField(
model_name="webauthndevice",
name="credential_id",
field=models.TextField(unique=True),
),
]

View File

@ -119,7 +119,7 @@ class WebAuthnDevice(SerializerModel, Device):
user = models.ForeignKey(get_user_model(), on_delete=models.CASCADE)
name = models.TextField(max_length=200)
credential_id = models.CharField(max_length=300, unique=True)
credential_id = models.TextField(unique=True)
public_key = models.TextField()
sign_count = models.IntegerField(default=0)
rp_id = models.CharField(max_length=253)

4
go.mod
View File

@ -25,7 +25,7 @@ require (
github.com/prometheus/client_golang v1.14.0
github.com/sirupsen/logrus v1.9.0
github.com/stretchr/testify v1.8.2
goauthentik.io/api/v3 v3.2023022.15
goauthentik.io/api/v3 v3.2023030.3
golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
golang.org/x/oauth2 v0.6.0
golang.org/x/sync v0.1.0
@ -75,7 +75,7 @@ require (
golang.org/x/sys v0.6.0 // indirect
golang.org/x/text v0.8.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.29.0 // indirect
google.golang.org/protobuf v1.29.1 // indirect
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)

8
go.sum
View File

@ -384,8 +384,8 @@ go.opentelemetry.io/otel/sdk v1.11.1 h1:F7KmQgoHljhUuJyA+9BiU+EkJfyX5nVVF4wyzWZp
go.opentelemetry.io/otel/trace v1.11.1 h1:ofxdnzsNrGBYXbP7t7zpUK281+go5rF7dvdIZXF8gdQ=
go.opentelemetry.io/otel/trace v1.11.1/go.mod h1:f/Q9G7vzk5u91PhbmKbg1Qn0rzH1LJ4vbPHFGkTPtOk=
go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0=
goauthentik.io/api/v3 v3.2023022.15 h1:wIz6nxi06l1zhsSCPaMuoXiOoGvcaBCPGmkNOdq+CNc=
goauthentik.io/api/v3 v3.2023022.15/go.mod h1:XPPKEa2Snpu7Gd8hJPPB5o0n9FtOV4y0ISZMm09wQ4c=
goauthentik.io/api/v3 v3.2023030.3 h1:ZctGEzkmv1kgeJkK57m3KFBazkbpWzKG7SiUVfAsJjY=
goauthentik.io/api/v3 v3.2023030.3/go.mod h1:3uF9ZMVzMVljmsL3cnjaNGQ/lJM8FtcIWOySuK9CCYU=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
@ -689,8 +689,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
google.golang.org/protobuf v1.29.0 h1:44S3JjaKmLEE4YIkjzexaP+NzZsudE3Zin5Njn/pYX0=
google.golang.org/protobuf v1.29.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
google.golang.org/protobuf v1.29.1 h1:7QBf+IK2gx70Ap/hDsOmam3GE0v9HicjfEdAxE62UoM=
google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
gopkg.in/boj/redistore.v1 v1.0.0-20160128113310-fc113767cd6b h1:U/Uqd1232+wrnHOvWNaxrNqn/kFnr4yu4blgPtQt0N8=
gopkg.in/boj/redistore.v1 v1.0.0-20160128113310-fc113767cd6b/go.mod h1:fgfIZMlsafAHpspcks2Bul+MWUNw/2dyQmjC2faKjtg=

View File

@ -30195,7 +30195,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -30268,6 +30267,7 @@ components:
required:
- assigned_application_name
- assigned_application_slug
- authorization_flow
- component
- meta_model_name
- name
@ -30285,7 +30285,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -30328,6 +30327,7 @@ components:
bind_mode:
$ref: '#/components/schemas/LDAPAPIAccessMode'
required:
- authorization_flow
- name
LDAPSource:
type: object
@ -30927,7 +30927,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -31027,6 +31026,7 @@ components:
required:
- assigned_application_name
- assigned_application_slug
- authorization_flow
- component
- meta_model_name
- name
@ -31043,7 +31043,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -31121,6 +31120,7 @@ components:
authenticate.
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
required:
- authorization_flow
- name
OAuth2ProviderSetupURLs:
type: object
@ -35608,7 +35608,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -35838,7 +35837,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -36299,7 +36297,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -36426,7 +36423,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -37873,7 +37869,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -37981,6 +37976,7 @@ components:
required:
- assigned_application_name
- assigned_application_slug
- authorization_flow
- client_id
- component
- external_host
@ -38001,7 +37997,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -38075,6 +38070,7 @@ components:
description: 'Tokens not valid on or after current time + this value (Format:
hours=1;minutes=2;seconds=3).'
required:
- authorization_flow
- external_host
- name
RedirectChallenge:
@ -38315,7 +38311,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -38431,6 +38426,7 @@ components:
- acs_url
- assigned_application_name
- assigned_application_slug
- authorization_flow
- component
- meta_model_name
- name
@ -38471,7 +38467,6 @@ components:
authorization_flow:
type: string
format: uuid
nullable: true
description: Flow used when authorizing this provider.
property_mappings:
type: array
@ -38542,6 +38537,7 @@ components:
* `post` - Post
required:
- acs_url
- authorization_flow
- name
SAMLSource:
type: object

View File

@ -17,7 +17,7 @@ from authentik.core.models import Application
from authentik.flows.models import Flow
from authentik.lib.generators import generate_id
from authentik.outposts.models import DockerServiceConnection, Outpost, OutpostConfig, OutpostType
from authentik.outposts.tasks import outpost_local_connection
from authentik.outposts.tasks import outpost_connection_discovery
from authentik.providers.proxy.models import ProxyProvider
from tests.e2e.utils import SeleniumTestCase, retry
@ -210,7 +210,7 @@ class TestProviderProxyConnect(ChannelsLiveServerTestCase):
@reconcile_app("authentik_crypto")
def test_proxy_connectivity(self):
"""Test proxy connectivity over websocket"""
outpost_local_connection()
outpost_connection_discovery() # pylint: disable=no-value-for-parameter
proxy: ProxyProvider = ProxyProvider.objects.create(
name="proxy_provider",
authorization_flow=Flow.objects.get(

View File

@ -19,7 +19,7 @@ from authentik.outposts.models import (
OutpostType,
default_outpost_config,
)
from authentik.outposts.tasks import outpost_local_connection
from authentik.outposts.tasks import outpost_connection_discovery
from authentik.providers.proxy.models import ProxyProvider
from tests.e2e.utils import get_docker_tag
@ -58,7 +58,7 @@ class OutpostDockerTests(ChannelsLiveServerTestCase):
self.ssl_folder = mkdtemp()
self.container = self._start_container(self.ssl_folder)
# Ensure that local connection have been created
outpost_local_connection()
outpost_connection_discovery() # pylint: disable=no-value-for-parameter
self.provider: ProxyProvider = ProxyProvider.objects.create(
name="test",
internal_host="http://localhost",

View File

@ -10,7 +10,7 @@ from authentik.lib.config import CONFIG
from authentik.outposts.controllers.k8s.deployment import DeploymentReconciler
from authentik.outposts.controllers.k8s.triggers import NeedsUpdate
from authentik.outposts.models import KubernetesServiceConnection, Outpost, OutpostType
from authentik.outposts.tasks import outpost_local_connection
from authentik.outposts.tasks import outpost_connection_discovery
from authentik.providers.proxy.controllers.kubernetes import ProxyKubernetesController
from authentik.providers.proxy.models import ProxyProvider
@ -21,7 +21,7 @@ class OutpostKubernetesTests(TestCase):
def setUp(self):
super().setUp()
# Ensure that local connection have been created
outpost_local_connection()
outpost_connection_discovery() # pylint: disable=no-value-for-parameter
self.provider: ProxyProvider = ProxyProvider.objects.create(
name="test",
internal_host="http://localhost",

View File

@ -18,7 +18,7 @@ from authentik.outposts.models import (
OutpostType,
default_outpost_config,
)
from authentik.outposts.tasks import outpost_local_connection
from authentik.outposts.tasks import outpost_connection_discovery
from authentik.providers.proxy.controllers.docker import DockerController
from authentik.providers.proxy.models import ProxyProvider
from tests.e2e.utils import get_docker_tag
@ -58,7 +58,7 @@ class TestProxyDocker(ChannelsLiveServerTestCase):
self.ssl_folder = mkdtemp()
self.container = self._start_container(self.ssl_folder)
# Ensure that local connection have been created
outpost_local_connection()
outpost_connection_discovery() # pylint: disable=no-value-for-parameter
self.provider: ProxyProvider = ProxyProvider.objects.create(
name="test",
internal_host="http://localhost",

View File

@ -8,7 +8,7 @@ from structlog.stdlib import get_logger
from authentik.core.tests.utils import create_test_flow
from authentik.outposts.controllers.kubernetes import KubernetesController
from authentik.outposts.models import KubernetesServiceConnection, Outpost, OutpostType
from authentik.outposts.tasks import outpost_local_connection
from authentik.outposts.tasks import outpost_connection_discovery
from authentik.providers.proxy.controllers.k8s.ingress import IngressReconciler
from authentik.providers.proxy.controllers.kubernetes import ProxyKubernetesController
from authentik.providers.proxy.models import ProxyMode, ProxyProvider
@ -23,7 +23,7 @@ class TestProxyKubernetes(TestCase):
def setUp(self):
# Ensure that local connection have been created
outpost_local_connection()
outpost_connection_discovery() # pylint: disable=no-value-for-parameter
self.controller = None
def tearDown(self) -> None:

559
web/package-lock.json generated
View File

@ -9,7 +9,7 @@
"version": "0.0.0",
"license": "MIT",
"dependencies": {
"@babel/core": "^7.21.0",
"@babel/core": "^7.21.3",
"@babel/plugin-proposal-decorators": "^7.21.0",
"@babel/plugin-transform-runtime": "^7.21.0",
"@babel/preset-env": "^7.20.2",
@ -22,7 +22,7 @@
"@codemirror/theme-one-dark": "^6.1.1",
"@formatjs/intl-listformat": "^7.1.9",
"@fortawesome/fontawesome-free": "^6.3.0",
"@goauthentik/api": "^2023.2.2-1678400303",
"@goauthentik/api": "^2023.3.0-1678747008",
"@hcaptcha/types": "^1.0.3",
"@jackfranklin/rollup-plugin-markdown": "^0.4.0",
"@lingui/cli": "^3.17.2",
@ -37,15 +37,15 @@
"@rollup/plugin-node-resolve": "^15.0.1",
"@rollup/plugin-replace": "^5.0.2",
"@rollup/plugin-typescript": "^11.0.0",
"@sentry/browser": "^7.42.0",
"@sentry/tracing": "^7.42.0",
"@sentry/browser": "^7.43.0",
"@sentry/tracing": "^7.43.0",
"@squoosh/cli": "^0.7.3",
"@trivago/prettier-plugin-sort-imports": "^4.1.1",
"@types/chart.js": "^2.9.37",
"@types/codemirror": "5.60.7",
"@types/grecaptcha": "^3.0.4",
"@typescript-eslint/eslint-plugin": "^5.54.1",
"@typescript-eslint/parser": "^5.54.1",
"@typescript-eslint/eslint-plugin": "^5.55.0",
"@typescript-eslint/parser": "^5.55.0",
"@webcomponents/webcomponentsjs": "^2.7.0",
"babel-plugin-macros": "^3.1.0",
"babel-plugin-tsconfig-paths": "^1.0.3",
@ -54,7 +54,7 @@
"chartjs-adapter-moment": "^1.0.1",
"codemirror": "^6.0.1",
"construct-style-sheets-polyfill": "^3.1.0",
"core-js": "^3.29.0",
"core-js": "^3.29.1",
"country-flag-icons": "^1.5.5",
"eslint": "^8.36.0",
"eslint-config-google": "^0.14.0",
@ -132,20 +132,20 @@
}
},
"node_modules/@babel/core": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/core/-/core-7.21.0.tgz",
"integrity": "sha512-PuxUbxcW6ZYe656yL3EAhpy7qXKq0DmYsrJLpbB8XrsCP9Nm+XCg9XFMb5vIDliPD7+U/+M+QJlH17XOcB7eXA==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/core/-/core-7.21.3.tgz",
"integrity": "sha512-qIJONzoa/qiHghnm0l1n4i/6IIziDpzqc36FBs4pzMhDUraHqponwJLiAKm1hGLP3OSB/TVNz6rMwVGpwxxySw==",
"dependencies": {
"@ampproject/remapping": "^2.2.0",
"@babel/code-frame": "^7.18.6",
"@babel/generator": "^7.21.0",
"@babel/generator": "^7.21.3",
"@babel/helper-compilation-targets": "^7.20.7",
"@babel/helper-module-transforms": "^7.21.0",
"@babel/helper-module-transforms": "^7.21.2",
"@babel/helpers": "^7.21.0",
"@babel/parser": "^7.21.0",
"@babel/parser": "^7.21.3",
"@babel/template": "^7.20.7",
"@babel/traverse": "^7.21.0",
"@babel/types": "^7.21.0",
"@babel/traverse": "^7.21.3",
"@babel/types": "^7.21.3",
"convert-source-map": "^1.7.0",
"debug": "^4.1.0",
"gensync": "^1.0.0-beta.2",
@ -161,11 +161,11 @@
}
},
"node_modules/@babel/generator": {
"version": "7.21.1",
"resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.21.1.tgz",
"integrity": "sha512-1lT45bAYlQhFn/BHivJs43AiW2rg3/UbLyShGfF3C0KmHvO5fSghWd5kBJy30kpRRucGzXStvnnCFniCR2kXAA==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.21.3.tgz",
"integrity": "sha512-QS3iR1GYC/YGUnW7IdggFeN5c1poPUurnGttOV/bZgPGV+izC/D8HnD6DLwod0fsatNyVn1G3EVWMYIF0nHbeA==",
"dependencies": {
"@babel/types": "^7.21.0",
"@babel/types": "^7.21.3",
"@jridgewell/gen-mapping": "^0.3.2",
"@jridgewell/trace-mapping": "^0.3.17",
"jsesc": "^2.5.1"
@ -345,9 +345,9 @@
}
},
"node_modules/@babel/helper-module-transforms": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.21.0.tgz",
"integrity": "sha512-eD/JQ21IG2i1FraJnTMbUarAUkA7G988ofehG5MDCRXaUU91rEBJuCeSoou2Sk1y4RbLYXzqEg1QLwEmRU4qcQ==",
"version": "7.21.2",
"resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.21.2.tgz",
"integrity": "sha512-79yj2AR4U/Oqq/WOV7Lx6hUjau1Zfo4cI+JLAVYeMV5XIlbOhmjEk5ulbTc9fMpmlojzZHkUUxAiK+UKn+hNQQ==",
"dependencies": {
"@babel/helper-environment-visitor": "^7.18.9",
"@babel/helper-module-imports": "^7.18.6",
@ -355,8 +355,8 @@
"@babel/helper-split-export-declaration": "^7.18.6",
"@babel/helper-validator-identifier": "^7.19.1",
"@babel/template": "^7.20.7",
"@babel/traverse": "^7.21.0",
"@babel/types": "^7.21.0"
"@babel/traverse": "^7.21.2",
"@babel/types": "^7.21.2"
},
"engines": {
"node": ">=6.9.0"
@ -512,9 +512,9 @@
}
},
"node_modules/@babel/parser": {
"version": "7.21.1",
"resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.21.1.tgz",
"integrity": "sha512-JzhBFpkuhBNYUY7qs+wTzNmyCWUHEaAFpQQD2YfU1rPL38/L43Wvid0fFkiOCnHvsGncRZgEPyGnltABLcVDTg==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.21.3.tgz",
"integrity": "sha512-lobG0d7aOfQRXh8AyklEAgZGvA4FShxo6xQbUrrT/cNBPUdIDojlokwJsQyCC/eKia7ifqM0yP+2DRZ4WKw2RQ==",
"bin": {
"parser": "bin/babel-parser.js"
},
@ -1688,18 +1688,18 @@
}
},
"node_modules/@babel/traverse": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.21.0.tgz",
"integrity": "sha512-Xdt2P1H4LKTO8ApPfnO1KmzYMFpp7D/EinoXzLYN/cHcBNrVCAkAtGUcXnHXrl/VGktureU6fkQrHSBE2URfoA==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.21.3.tgz",
"integrity": "sha512-XLyopNeaTancVitYZe2MlUEvgKb6YVVPXzofHgqHijCImG33b/uTurMS488ht/Hbsb2XK3U2BnSTxKVNGV3nGQ==",
"dependencies": {
"@babel/code-frame": "^7.18.6",
"@babel/generator": "^7.21.0",
"@babel/generator": "^7.21.3",
"@babel/helper-environment-visitor": "^7.18.9",
"@babel/helper-function-name": "^7.21.0",
"@babel/helper-hoist-variables": "^7.18.6",
"@babel/helper-split-export-declaration": "^7.18.6",
"@babel/parser": "^7.21.0",
"@babel/types": "^7.21.0",
"@babel/parser": "^7.21.3",
"@babel/types": "^7.21.3",
"debug": "^4.1.0",
"globals": "^11.1.0"
},
@ -1708,9 +1708,9 @@
}
},
"node_modules/@babel/types": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.21.0.tgz",
"integrity": "sha512-uR7NWq2VNFnDi7EYqiRz2Jv/VQIu38tu64Zy8TX2nQFQ6etJ9V/Rr2msW8BS132mum2rL645qpDrLtAJtVpuow==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.21.3.tgz",
"integrity": "sha512-sBGdETxC+/M4o/zKC0sl6sjWv62WFR/uzxrJ6uYyMLZOUlPnwzw0tKgVHOXxaAd5l2g8pEDM5RZ495GPQI77kg==",
"dependencies": {
"@babel/helper-string-parser": "^7.19.4",
"@babel/helper-validator-identifier": "^7.19.1",
@ -1919,14 +1919,6 @@
"eslint": "^6.0.0 || ^7.0.0 || >=8.0.0"
}
},
"node_modules/@eslint-community/eslint-utils/node_modules/eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==",
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
}
},
"node_modules/@eslint-community/regexpp": {
"version": "4.4.0",
"resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.4.0.tgz",
@ -2027,9 +2019,9 @@
}
},
"node_modules/@goauthentik/api": {
"version": "2023.2.2-1678400303",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.2.2-1678400303.tgz",
"integrity": "sha512-Sm21FGVJUmvl1cdG9xX8X4L4DN4DAuLl7qVMHgEqhLdwWDAyzaB0VgYv0JloEoJBPy2NB8ATZvgkmB+CRU8Vkg=="
"version": "2023.3.0-1678747008",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.3.0-1678747008.tgz",
"integrity": "sha512-8c2FM2mcqcVV50O20DMZ2J0FAgFVgq2TmfzOF4ykI2GkuQbTXNW3+sYfX9+GbK+DkiF+yxT7TUZay9ofv1Vm4A=="
},
"node_modules/@hcaptcha/types": {
"version": "1.0.3",
@ -3071,14 +3063,14 @@
}
},
"node_modules/@sentry/browser": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.42.0.tgz",
"integrity": "sha512-xTwfvrQPmYTkAvGivoJFadPLKLDS2N57D/18NA1gcrnF8NwR+I28x3I9ziVUiMCYX+6nJuqBNlMALAEPbb2G5A==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.43.0.tgz",
"integrity": "sha512-NlRkBYKb9o5IQdGY8Ktps19Hz9RdSuqS1tlLC7Sjr+MqZqSHmhKq8MWJKciRynxBeMbeGt0smExi9BqpVQdCEg==",
"dependencies": {
"@sentry/core": "7.42.0",
"@sentry/replay": "7.42.0",
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0",
"@sentry/core": "7.43.0",
"@sentry/replay": "7.43.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0",
"tslib": "^1.9.3"
},
"engines": {
@ -3091,12 +3083,12 @@
"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
},
"node_modules/@sentry/core": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.42.0.tgz",
"integrity": "sha512-vNcTyoQz5kUXo5vMGDyc5BJMO0UugPvMfYMQVxqt/BuDNR30LVhY+DL2tW1DFZDvRvyn5At+H7kSTj6GFrANXQ==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.43.0.tgz",
"integrity": "sha512-zvMZgEi7ptLBwDnd+xR/u4zdSe5UzS4S3ZhoemdQrn1PxsaVySD/ptyzLoGSZEABqlRxGHnQrZ78MU1hUDvKuQ==",
"dependencies": {
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0",
"tslib": "^1.9.3"
},
"engines": {
@ -3109,26 +3101,26 @@
"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
},
"node_modules/@sentry/replay": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.42.0.tgz",
"integrity": "sha512-81HQm20hrW0+0eZ5sZf8KsSekkAlI0/u/M+9ZmOn2bHpGihqAM/O/lrXhTzaRXdpX/9NSwSCGY9k7LIRNMKaEQ==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.43.0.tgz",
"integrity": "sha512-2dGJS6p8uG1JZ7x/A3FyqnILTkXarbvfR+o1lC7z9lu34Wx0ZBeU2in/S2YHNGAE6XvfsePq3ya/s7LaNkk4qQ==",
"dependencies": {
"@sentry/core": "7.42.0",
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0"
"@sentry/core": "7.43.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0"
},
"engines": {
"node": ">=12"
}
},
"node_modules/@sentry/tracing": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.42.0.tgz",
"integrity": "sha512-0veGu3Ntweuj1pwWrJIFHmVdow4yufCreGIhsNDyrclwOjaTY3uI8iA6N62+hhtxOvqv+xueB98K1DvT5liPCQ==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.43.0.tgz",
"integrity": "sha512-Mld2AyV8xYnRLYbDWvDy8PlGcln3h5JsUx6ScQGOxnFTmCQR50Tldtzq50VDs2fv6xH0+YrL/UIyjxCDc7EXzQ==",
"dependencies": {
"@sentry/core": "7.42.0",
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0",
"@sentry/core": "7.43.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0",
"tslib": "^1.9.3"
},
"engines": {
@ -3141,19 +3133,19 @@
"integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg=="
},
"node_modules/@sentry/types": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.42.0.tgz",
"integrity": "sha512-Ga0xaBIR/peuXQ88hI9a5TNY3GLNoH8jpsgPaAjAtRHkLsTx0y3AR+PrD7pUysza9QjvG+Qux01DRvLgaNKOHA==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.43.0.tgz",
"integrity": "sha512-5XxCWqYWJNoS+P6Ie2ZpUDxLRCt7FTEzmlQkCdjW6MFWOX26hAbF/wEuOTYAFKZXMIXOz0Egofik1e8v1Cg6/A==",
"engines": {
"node": ">=8"
}
},
"node_modules/@sentry/utils": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.42.0.tgz",
"integrity": "sha512-cBiDZVipC+is+IVgsTQLJyZWUZQxlLZ9GarNT+XZOZ5BFh0acFtz88hO6+S7vGmhcx2aCvsdC9yb2Yf+BphK6Q==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.43.0.tgz",
"integrity": "sha512-f78YfMLcgNU7+suyWFCuQhQlneXXMS+egb0EFZh7iU7kANUPRX5T4b+0C+fwaPm5gA6XfGYskr4ZnzQJLOlSqg==",
"dependencies": {
"@sentry/types": "7.42.0",
"@sentry/types": "7.43.0",
"tslib": "^1.9.3"
},
"engines": {
@ -3469,18 +3461,18 @@
"integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw=="
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.54.1.tgz",
"integrity": "sha512-a2RQAkosH3d3ZIV08s3DcL/mcGc2M/UC528VkPULFxR9VnVPT8pBu0IyBAJJmVsCmhVfwQX1v6q+QGnmSe1bew==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.55.0.tgz",
"integrity": "sha512-IZGc50rtbjk+xp5YQoJvmMPmJEYoC53SiKPXyqWfv15XoD2Y5Kju6zN0DwlmaGJp1Iw33JsWJcQ7nw0lGCGjVg==",
"dependencies": {
"@typescript-eslint/scope-manager": "5.54.1",
"@typescript-eslint/type-utils": "5.54.1",
"@typescript-eslint/utils": "5.54.1",
"@eslint-community/regexpp": "^4.4.0",
"@typescript-eslint/scope-manager": "5.55.0",
"@typescript-eslint/type-utils": "5.55.0",
"@typescript-eslint/utils": "5.55.0",
"debug": "^4.3.4",
"grapheme-splitter": "^1.0.4",
"ignore": "^5.2.0",
"natural-compare-lite": "^1.4.0",
"regexpp": "^3.2.0",
"semver": "^7.3.7",
"tsutils": "^3.21.0"
},
@ -3516,13 +3508,13 @@
}
},
"node_modules/@typescript-eslint/parser": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.54.1.tgz",
"integrity": "sha512-8zaIXJp/nG9Ff9vQNh7TI+C3nA6q6iIsGJ4B4L6MhZ7mHnTMR4YP5vp2xydmFXIy8rpyIVbNAG44871LMt6ujg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.55.0.tgz",
"integrity": "sha512-ppvmeF7hvdhUUZWSd2EEWfzcFkjJzgNQzVST22nzg958CR+sphy8A6K7LXQZd6V75m1VKjp+J4g/PCEfSCmzhw==",
"dependencies": {
"@typescript-eslint/scope-manager": "5.54.1",
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/typescript-estree": "5.54.1",
"@typescript-eslint/scope-manager": "5.55.0",
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/typescript-estree": "5.55.0",
"debug": "^4.3.4"
},
"engines": {
@ -3542,12 +3534,12 @@
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.54.1.tgz",
"integrity": "sha512-zWKuGliXxvuxyM71UA/EcPxaviw39dB2504LqAmFDjmkpO8qNLHcmzlh6pbHs1h/7YQ9bnsO8CCcYCSA8sykUg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.55.0.tgz",
"integrity": "sha512-OK+cIO1ZGhJYNCL//a3ROpsd83psf4dUJ4j7pdNVzd5DmIk+ffkuUIX2vcZQbEW/IR41DYsfJTB19tpCboxQuw==",
"dependencies": {
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/visitor-keys": "5.54.1"
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/visitor-keys": "5.55.0"
},
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@ -3558,12 +3550,12 @@
}
},
"node_modules/@typescript-eslint/type-utils": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.54.1.tgz",
"integrity": "sha512-WREHsTz0GqVYLIbzIZYbmUUr95DKEKIXZNH57W3s+4bVnuF1TKe2jH8ZNH8rO1CeMY3U4j4UQeqPNkHMiGem3g==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.55.0.tgz",
"integrity": "sha512-ObqxBgHIXj8rBNm0yh8oORFrICcJuZPZTqtAFh0oZQyr5DnAHZWfyw54RwpEEH+fD8suZaI0YxvWu5tYE/WswA==",
"dependencies": {
"@typescript-eslint/typescript-estree": "5.54.1",
"@typescript-eslint/utils": "5.54.1",
"@typescript-eslint/typescript-estree": "5.55.0",
"@typescript-eslint/utils": "5.55.0",
"debug": "^4.3.4",
"tsutils": "^3.21.0"
},
@ -3584,9 +3576,9 @@
}
},
"node_modules/@typescript-eslint/types": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.54.1.tgz",
"integrity": "sha512-G9+1vVazrfAfbtmCapJX8jRo2E4MDXxgm/IMOF4oGh3kq7XuK3JRkOg6y2Qu1VsTRmWETyTkWt1wxy7X7/yLkw==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.55.0.tgz",
"integrity": "sha512-M4iRh4AG1ChrOL6Y+mETEKGeDnT7Sparn6fhZ5LtVJF1909D5O4uqK+C5NPbLmpfZ0XIIxCdwzKiijpZUOvOug==",
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
},
@ -3596,12 +3588,12 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.54.1.tgz",
"integrity": "sha512-bjK5t+S6ffHnVwA0qRPTZrxKSaFYocwFIkZx5k7pvWfsB1I57pO/0M0Skatzzw1sCkjJ83AfGTL0oFIFiDX3bg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.55.0.tgz",
"integrity": "sha512-I7X4A9ovA8gdpWMpr7b1BN9eEbvlEtWhQvpxp/yogt48fy9Lj3iE3ild/1H3jKBBIYj5YYJmS2+9ystVhC7eaQ==",
"dependencies": {
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/visitor-keys": "5.54.1",
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/visitor-keys": "5.55.0",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@ -3636,17 +3628,17 @@
}
},
"node_modules/@typescript-eslint/utils": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.54.1.tgz",
"integrity": "sha512-IY5dyQM8XD1zfDe5X8jegX6r2EVU5o/WJnLu/znLPWCBF7KNGC+adacXnt5jEYS9JixDcoccI6CvE4RCjHMzCQ==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.55.0.tgz",
"integrity": "sha512-FkW+i2pQKcpDC3AY6DU54yl8Lfl14FVGYDgBTyGKB75cCwV3KpkpTMFi9d9j2WAJ4271LR2HeC5SEWF/CZmmfw==",
"dependencies": {
"@eslint-community/eslint-utils": "^4.2.0",
"@types/json-schema": "^7.0.9",
"@types/semver": "^7.3.12",
"@typescript-eslint/scope-manager": "5.54.1",
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/typescript-estree": "5.54.1",
"@typescript-eslint/scope-manager": "5.55.0",
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/typescript-estree": "5.55.0",
"eslint-scope": "^5.1.1",
"eslint-utils": "^3.0.0",
"semver": "^7.3.7"
},
"engines": {
@ -3675,11 +3667,11 @@
}
},
"node_modules/@typescript-eslint/visitor-keys": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.54.1.tgz",
"integrity": "sha512-q8iSoHTgwCfgcRJ2l2x+xCbu8nBlRAlsQ33k24Adj8eoVBE0f8dUeI+bAa8F84Mv05UGbAx57g2zrRsYIooqQg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.55.0.tgz",
"integrity": "sha512-q2dlHHwWgirKh1D3acnuApXG+VNXpEY5/AwRxDVuEQpxWaB0jCDe0jFMVMALJ3ebSfuOVE8/rMS+9ZOYGg1GWw==",
"dependencies": {
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/types": "5.55.0",
"eslint-visitor-keys": "^3.3.0"
},
"engines": {
@ -3690,14 +3682,6 @@
"url": "https://opencollective.com/typescript-eslint"
}
},
"node_modules/@typescript-eslint/visitor-keys/node_modules/eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==",
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
}
},
"node_modules/@vue/compiler-core": {
"version": "3.2.41",
"resolved": "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.2.41.tgz",
@ -4615,9 +4599,9 @@
}
},
"node_modules/core-js": {
"version": "3.29.0",
"resolved": "https://registry.npmjs.org/core-js/-/core-js-3.29.0.tgz",
"integrity": "sha512-VG23vuEisJNkGl6XQmFJd3rEG/so/CNatqeE+7uZAwTSwFeB/qaO0be8xZYUNWprJ/GIwL8aMt9cj1kvbpTZhg==",
"version": "3.29.1",
"resolved": "https://registry.npmjs.org/core-js/-/core-js-3.29.1.tgz",
"integrity": "sha512-+jwgnhg6cQxKYIIjGtAHq2nwUOolo9eoFZ4sHfUH09BLXBgxnH4gA0zEd+t+BO2cNB8idaBtZFcFTRjQJRJmAw==",
"hasInstallScript": true,
"funding": {
"type": "opencollective",
@ -5455,29 +5439,12 @@
"node": ">=8.0.0"
}
},
"node_modules/eslint-utils": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz",
"integrity": "sha512-uuQC43IGctw68pJA1RgbQS8/NP7rch6Cwd4j3ZBtgo4/8Flj4eGE7ZYSZRN3iq5pVUv6GPdW5Z1RFleo84uLDA==",
"dependencies": {
"eslint-visitor-keys": "^2.0.0"
},
"engines": {
"node": "^10.0.0 || ^12.0.0 || >= 14.0.0"
},
"funding": {
"url": "https://github.com/sponsors/mysticatea"
},
"peerDependencies": {
"eslint": ">=5"
}
},
"node_modules/eslint-visitor-keys": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz",
"integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw==",
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==",
"engines": {
"node": ">=10"
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
}
},
"node_modules/eslint/node_modules/ansi-styles": {
@ -5548,14 +5515,6 @@
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
}
},
"node_modules/eslint/node_modules/eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==",
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
}
},
"node_modules/eslint/node_modules/estraverse": {
"version": "5.3.0",
"resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz",
@ -5700,14 +5659,6 @@
"url": "https://opencollective.com/eslint"
}
},
"node_modules/espree/node_modules/eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==",
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
}
},
"node_modules/esprima": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz",
@ -8519,17 +8470,6 @@
"node": ">=0.10.0"
}
},
"node_modules/regexpp": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz",
"integrity": "sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg==",
"engines": {
"node": ">=8"
},
"funding": {
"url": "https://github.com/sponsors/mysticatea"
}
},
"node_modules/regexpu-core": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/regexpu-core/-/regexpu-core-5.1.0.tgz",
@ -10326,20 +10266,20 @@
"integrity": "sha512-KZXo2t10+/jxmkhNXc7pZTqRvSOIvVv/+lJwHS+B2rErwOyjuVRh60yVpb7liQ1U5t7lLJ1bz+t8tSypUZdm0g=="
},
"@babel/core": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/core/-/core-7.21.0.tgz",
"integrity": "sha512-PuxUbxcW6ZYe656yL3EAhpy7qXKq0DmYsrJLpbB8XrsCP9Nm+XCg9XFMb5vIDliPD7+U/+M+QJlH17XOcB7eXA==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/core/-/core-7.21.3.tgz",
"integrity": "sha512-qIJONzoa/qiHghnm0l1n4i/6IIziDpzqc36FBs4pzMhDUraHqponwJLiAKm1hGLP3OSB/TVNz6rMwVGpwxxySw==",
"requires": {
"@ampproject/remapping": "^2.2.0",
"@babel/code-frame": "^7.18.6",
"@babel/generator": "^7.21.0",
"@babel/generator": "^7.21.3",
"@babel/helper-compilation-targets": "^7.20.7",
"@babel/helper-module-transforms": "^7.21.0",
"@babel/helper-module-transforms": "^7.21.2",
"@babel/helpers": "^7.21.0",
"@babel/parser": "^7.21.0",
"@babel/parser": "^7.21.3",
"@babel/template": "^7.20.7",
"@babel/traverse": "^7.21.0",
"@babel/types": "^7.21.0",
"@babel/traverse": "^7.21.3",
"@babel/types": "^7.21.3",
"convert-source-map": "^1.7.0",
"debug": "^4.1.0",
"gensync": "^1.0.0-beta.2",
@ -10348,11 +10288,11 @@
}
},
"@babel/generator": {
"version": "7.21.1",
"resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.21.1.tgz",
"integrity": "sha512-1lT45bAYlQhFn/BHivJs43AiW2rg3/UbLyShGfF3C0KmHvO5fSghWd5kBJy30kpRRucGzXStvnnCFniCR2kXAA==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.21.3.tgz",
"integrity": "sha512-QS3iR1GYC/YGUnW7IdggFeN5c1poPUurnGttOV/bZgPGV+izC/D8HnD6DLwod0fsatNyVn1G3EVWMYIF0nHbeA==",
"requires": {
"@babel/types": "^7.21.0",
"@babel/types": "^7.21.3",
"@jridgewell/gen-mapping": "^0.3.2",
"@jridgewell/trace-mapping": "^0.3.17",
"jsesc": "^2.5.1"
@ -10486,9 +10426,9 @@
}
},
"@babel/helper-module-transforms": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.21.0.tgz",
"integrity": "sha512-eD/JQ21IG2i1FraJnTMbUarAUkA7G988ofehG5MDCRXaUU91rEBJuCeSoou2Sk1y4RbLYXzqEg1QLwEmRU4qcQ==",
"version": "7.21.2",
"resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.21.2.tgz",
"integrity": "sha512-79yj2AR4U/Oqq/WOV7Lx6hUjau1Zfo4cI+JLAVYeMV5XIlbOhmjEk5ulbTc9fMpmlojzZHkUUxAiK+UKn+hNQQ==",
"requires": {
"@babel/helper-environment-visitor": "^7.18.9",
"@babel/helper-module-imports": "^7.18.6",
@ -10496,8 +10436,8 @@
"@babel/helper-split-export-declaration": "^7.18.6",
"@babel/helper-validator-identifier": "^7.19.1",
"@babel/template": "^7.20.7",
"@babel/traverse": "^7.21.0",
"@babel/types": "^7.21.0"
"@babel/traverse": "^7.21.2",
"@babel/types": "^7.21.2"
}
},
"@babel/helper-optimise-call-expression": {
@ -10608,9 +10548,9 @@
}
},
"@babel/parser": {
"version": "7.21.1",
"resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.21.1.tgz",
"integrity": "sha512-JzhBFpkuhBNYUY7qs+wTzNmyCWUHEaAFpQQD2YfU1rPL38/L43Wvid0fFkiOCnHvsGncRZgEPyGnltABLcVDTg=="
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.21.3.tgz",
"integrity": "sha512-lobG0d7aOfQRXh8AyklEAgZGvA4FShxo6xQbUrrT/cNBPUdIDojlokwJsQyCC/eKia7ifqM0yP+2DRZ4WKw2RQ=="
},
"@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": {
"version": "7.18.6",
@ -11367,26 +11307,26 @@
}
},
"@babel/traverse": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.21.0.tgz",
"integrity": "sha512-Xdt2P1H4LKTO8ApPfnO1KmzYMFpp7D/EinoXzLYN/cHcBNrVCAkAtGUcXnHXrl/VGktureU6fkQrHSBE2URfoA==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.21.3.tgz",
"integrity": "sha512-XLyopNeaTancVitYZe2MlUEvgKb6YVVPXzofHgqHijCImG33b/uTurMS488ht/Hbsb2XK3U2BnSTxKVNGV3nGQ==",
"requires": {
"@babel/code-frame": "^7.18.6",
"@babel/generator": "^7.21.0",
"@babel/generator": "^7.21.3",
"@babel/helper-environment-visitor": "^7.18.9",
"@babel/helper-function-name": "^7.21.0",
"@babel/helper-hoist-variables": "^7.18.6",
"@babel/helper-split-export-declaration": "^7.18.6",
"@babel/parser": "^7.21.0",
"@babel/types": "^7.21.0",
"@babel/parser": "^7.21.3",
"@babel/types": "^7.21.3",
"debug": "^4.1.0",
"globals": "^11.1.0"
}
},
"@babel/types": {
"version": "7.21.0",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.21.0.tgz",
"integrity": "sha512-uR7NWq2VNFnDi7EYqiRz2Jv/VQIu38tu64Zy8TX2nQFQ6etJ9V/Rr2msW8BS132mum2rL645qpDrLtAJtVpuow==",
"version": "7.21.3",
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.21.3.tgz",
"integrity": "sha512-sBGdETxC+/M4o/zKC0sl6sjWv62WFR/uzxrJ6uYyMLZOUlPnwzw0tKgVHOXxaAd5l2g8pEDM5RZ495GPQI77kg==",
"requires": {
"@babel/helper-string-parser": "^7.19.4",
"@babel/helper-validator-identifier": "^7.19.1",
@ -11577,13 +11517,6 @@
"integrity": "sha512-gB8T4H4DEfX2IV9zGDJPOBgP1e/DbfCPDTtEqUMckpvzS1OYtva8JdFYBqMwYk7xAQ429WGF/UPqn8uQ//h2vQ==",
"requires": {
"eslint-visitor-keys": "^3.3.0"
},
"dependencies": {
"eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA=="
}
}
},
"@eslint-community/regexpp": {
@ -11660,9 +11593,9 @@
"integrity": "sha512-qVtd5i1Cc7cdrqnTWqTObKQHjPWAiRwjUPaXObaeNPcy7+WKxJumGBx66rfSFgK6LNpIasVKkEgW8oyf0tmPLA=="
},
"@goauthentik/api": {
"version": "2023.2.2-1678400303",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.2.2-1678400303.tgz",
"integrity": "sha512-Sm21FGVJUmvl1cdG9xX8X4L4DN4DAuLl7qVMHgEqhLdwWDAyzaB0VgYv0JloEoJBPy2NB8ATZvgkmB+CRU8Vkg=="
"version": "2023.3.0-1678747008",
"resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.3.0-1678747008.tgz",
"integrity": "sha512-8c2FM2mcqcVV50O20DMZ2J0FAgFVgq2TmfzOF4ykI2GkuQbTXNW3+sYfX9+GbK+DkiF+yxT7TUZay9ofv1Vm4A=="
},
"@hcaptcha/types": {
"version": "1.0.3",
@ -12430,14 +12363,14 @@
}
},
"@sentry/browser": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.42.0.tgz",
"integrity": "sha512-xTwfvrQPmYTkAvGivoJFadPLKLDS2N57D/18NA1gcrnF8NwR+I28x3I9ziVUiMCYX+6nJuqBNlMALAEPbb2G5A==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-7.43.0.tgz",
"integrity": "sha512-NlRkBYKb9o5IQdGY8Ktps19Hz9RdSuqS1tlLC7Sjr+MqZqSHmhKq8MWJKciRynxBeMbeGt0smExi9BqpVQdCEg==",
"requires": {
"@sentry/core": "7.42.0",
"@sentry/replay": "7.42.0",
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0",
"@sentry/core": "7.43.0",
"@sentry/replay": "7.43.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0",
"tslib": "^1.9.3"
},
"dependencies": {
@ -12449,12 +12382,12 @@
}
},
"@sentry/core": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.42.0.tgz",
"integrity": "sha512-vNcTyoQz5kUXo5vMGDyc5BJMO0UugPvMfYMQVxqt/BuDNR30LVhY+DL2tW1DFZDvRvyn5At+H7kSTj6GFrANXQ==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.43.0.tgz",
"integrity": "sha512-zvMZgEi7ptLBwDnd+xR/u4zdSe5UzS4S3ZhoemdQrn1PxsaVySD/ptyzLoGSZEABqlRxGHnQrZ78MU1hUDvKuQ==",
"requires": {
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0",
"tslib": "^1.9.3"
},
"dependencies": {
@ -12466,23 +12399,23 @@
}
},
"@sentry/replay": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.42.0.tgz",
"integrity": "sha512-81HQm20hrW0+0eZ5sZf8KsSekkAlI0/u/M+9ZmOn2bHpGihqAM/O/lrXhTzaRXdpX/9NSwSCGY9k7LIRNMKaEQ==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-7.43.0.tgz",
"integrity": "sha512-2dGJS6p8uG1JZ7x/A3FyqnILTkXarbvfR+o1lC7z9lu34Wx0ZBeU2in/S2YHNGAE6XvfsePq3ya/s7LaNkk4qQ==",
"requires": {
"@sentry/core": "7.42.0",
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0"
"@sentry/core": "7.43.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0"
}
},
"@sentry/tracing": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.42.0.tgz",
"integrity": "sha512-0veGu3Ntweuj1pwWrJIFHmVdow4yufCreGIhsNDyrclwOjaTY3uI8iA6N62+hhtxOvqv+xueB98K1DvT5liPCQ==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/tracing/-/tracing-7.43.0.tgz",
"integrity": "sha512-Mld2AyV8xYnRLYbDWvDy8PlGcln3h5JsUx6ScQGOxnFTmCQR50Tldtzq50VDs2fv6xH0+YrL/UIyjxCDc7EXzQ==",
"requires": {
"@sentry/core": "7.42.0",
"@sentry/types": "7.42.0",
"@sentry/utils": "7.42.0",
"@sentry/core": "7.43.0",
"@sentry/types": "7.43.0",
"@sentry/utils": "7.43.0",
"tslib": "^1.9.3"
},
"dependencies": {
@ -12494,16 +12427,16 @@
}
},
"@sentry/types": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.42.0.tgz",
"integrity": "sha512-Ga0xaBIR/peuXQ88hI9a5TNY3GLNoH8jpsgPaAjAtRHkLsTx0y3AR+PrD7pUysza9QjvG+Qux01DRvLgaNKOHA=="
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.43.0.tgz",
"integrity": "sha512-5XxCWqYWJNoS+P6Ie2ZpUDxLRCt7FTEzmlQkCdjW6MFWOX26hAbF/wEuOTYAFKZXMIXOz0Egofik1e8v1Cg6/A=="
},
"@sentry/utils": {
"version": "7.42.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.42.0.tgz",
"integrity": "sha512-cBiDZVipC+is+IVgsTQLJyZWUZQxlLZ9GarNT+XZOZ5BFh0acFtz88hO6+S7vGmhcx2aCvsdC9yb2Yf+BphK6Q==",
"version": "7.43.0",
"resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.43.0.tgz",
"integrity": "sha512-f78YfMLcgNU7+suyWFCuQhQlneXXMS+egb0EFZh7iU7kANUPRX5T4b+0C+fwaPm5gA6XfGYskr4ZnzQJLOlSqg==",
"requires": {
"@sentry/types": "7.42.0",
"@sentry/types": "7.43.0",
"tslib": "^1.9.3"
},
"dependencies": {
@ -12789,18 +12722,18 @@
"integrity": "sha512-7tFImggNeNBVMsn0vLrpn1H1uPrUBdnARPTpZoitY37ZrdJREzf7I16tMrlK3hen349gr1NYh8CmZQa7CTG6Aw=="
},
"@typescript-eslint/eslint-plugin": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.54.1.tgz",
"integrity": "sha512-a2RQAkosH3d3ZIV08s3DcL/mcGc2M/UC528VkPULFxR9VnVPT8pBu0IyBAJJmVsCmhVfwQX1v6q+QGnmSe1bew==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.55.0.tgz",
"integrity": "sha512-IZGc50rtbjk+xp5YQoJvmMPmJEYoC53SiKPXyqWfv15XoD2Y5Kju6zN0DwlmaGJp1Iw33JsWJcQ7nw0lGCGjVg==",
"requires": {
"@typescript-eslint/scope-manager": "5.54.1",
"@typescript-eslint/type-utils": "5.54.1",
"@typescript-eslint/utils": "5.54.1",
"@eslint-community/regexpp": "^4.4.0",
"@typescript-eslint/scope-manager": "5.55.0",
"@typescript-eslint/type-utils": "5.55.0",
"@typescript-eslint/utils": "5.55.0",
"debug": "^4.3.4",
"grapheme-splitter": "^1.0.4",
"ignore": "^5.2.0",
"natural-compare-lite": "^1.4.0",
"regexpp": "^3.2.0",
"semver": "^7.3.7",
"tsutils": "^3.21.0"
},
@ -12816,48 +12749,48 @@
}
},
"@typescript-eslint/parser": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.54.1.tgz",
"integrity": "sha512-8zaIXJp/nG9Ff9vQNh7TI+C3nA6q6iIsGJ4B4L6MhZ7mHnTMR4YP5vp2xydmFXIy8rpyIVbNAG44871LMt6ujg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-5.55.0.tgz",
"integrity": "sha512-ppvmeF7hvdhUUZWSd2EEWfzcFkjJzgNQzVST22nzg958CR+sphy8A6K7LXQZd6V75m1VKjp+J4g/PCEfSCmzhw==",
"requires": {
"@typescript-eslint/scope-manager": "5.54.1",
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/typescript-estree": "5.54.1",
"@typescript-eslint/scope-manager": "5.55.0",
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/typescript-estree": "5.55.0",
"debug": "^4.3.4"
}
},
"@typescript-eslint/scope-manager": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.54.1.tgz",
"integrity": "sha512-zWKuGliXxvuxyM71UA/EcPxaviw39dB2504LqAmFDjmkpO8qNLHcmzlh6pbHs1h/7YQ9bnsO8CCcYCSA8sykUg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-5.55.0.tgz",
"integrity": "sha512-OK+cIO1ZGhJYNCL//a3ROpsd83psf4dUJ4j7pdNVzd5DmIk+ffkuUIX2vcZQbEW/IR41DYsfJTB19tpCboxQuw==",
"requires": {
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/visitor-keys": "5.54.1"
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/visitor-keys": "5.55.0"
}
},
"@typescript-eslint/type-utils": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.54.1.tgz",
"integrity": "sha512-WREHsTz0GqVYLIbzIZYbmUUr95DKEKIXZNH57W3s+4bVnuF1TKe2jH8ZNH8rO1CeMY3U4j4UQeqPNkHMiGem3g==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-5.55.0.tgz",
"integrity": "sha512-ObqxBgHIXj8rBNm0yh8oORFrICcJuZPZTqtAFh0oZQyr5DnAHZWfyw54RwpEEH+fD8suZaI0YxvWu5tYE/WswA==",
"requires": {
"@typescript-eslint/typescript-estree": "5.54.1",
"@typescript-eslint/utils": "5.54.1",
"@typescript-eslint/typescript-estree": "5.55.0",
"@typescript-eslint/utils": "5.55.0",
"debug": "^4.3.4",
"tsutils": "^3.21.0"
}
},
"@typescript-eslint/types": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.54.1.tgz",
"integrity": "sha512-G9+1vVazrfAfbtmCapJX8jRo2E4MDXxgm/IMOF4oGh3kq7XuK3JRkOg6y2Qu1VsTRmWETyTkWt1wxy7X7/yLkw=="
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-5.55.0.tgz",
"integrity": "sha512-M4iRh4AG1ChrOL6Y+mETEKGeDnT7Sparn6fhZ5LtVJF1909D5O4uqK+C5NPbLmpfZ0XIIxCdwzKiijpZUOvOug=="
},
"@typescript-eslint/typescript-estree": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.54.1.tgz",
"integrity": "sha512-bjK5t+S6ffHnVwA0qRPTZrxKSaFYocwFIkZx5k7pvWfsB1I57pO/0M0Skatzzw1sCkjJ83AfGTL0oFIFiDX3bg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-5.55.0.tgz",
"integrity": "sha512-I7X4A9ovA8gdpWMpr7b1BN9eEbvlEtWhQvpxp/yogt48fy9Lj3iE3ild/1H3jKBBIYj5YYJmS2+9ystVhC7eaQ==",
"requires": {
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/visitor-keys": "5.54.1",
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/visitor-keys": "5.55.0",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@ -12876,17 +12809,17 @@
}
},
"@typescript-eslint/utils": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.54.1.tgz",
"integrity": "sha512-IY5dyQM8XD1zfDe5X8jegX6r2EVU5o/WJnLu/znLPWCBF7KNGC+adacXnt5jEYS9JixDcoccI6CvE4RCjHMzCQ==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-5.55.0.tgz",
"integrity": "sha512-FkW+i2pQKcpDC3AY6DU54yl8Lfl14FVGYDgBTyGKB75cCwV3KpkpTMFi9d9j2WAJ4271LR2HeC5SEWF/CZmmfw==",
"requires": {
"@eslint-community/eslint-utils": "^4.2.0",
"@types/json-schema": "^7.0.9",
"@types/semver": "^7.3.12",
"@typescript-eslint/scope-manager": "5.54.1",
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/typescript-estree": "5.54.1",
"@typescript-eslint/scope-manager": "5.55.0",
"@typescript-eslint/types": "5.55.0",
"@typescript-eslint/typescript-estree": "5.55.0",
"eslint-scope": "^5.1.1",
"eslint-utils": "^3.0.0",
"semver": "^7.3.7"
},
"dependencies": {
@ -12901,19 +12834,12 @@
}
},
"@typescript-eslint/visitor-keys": {
"version": "5.54.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.54.1.tgz",
"integrity": "sha512-q8iSoHTgwCfgcRJ2l2x+xCbu8nBlRAlsQ33k24Adj8eoVBE0f8dUeI+bAa8F84Mv05UGbAx57g2zrRsYIooqQg==",
"version": "5.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-5.55.0.tgz",
"integrity": "sha512-q2dlHHwWgirKh1D3acnuApXG+VNXpEY5/AwRxDVuEQpxWaB0jCDe0jFMVMALJ3ebSfuOVE8/rMS+9ZOYGg1GWw==",
"requires": {
"@typescript-eslint/types": "5.54.1",
"@typescript-eslint/types": "5.55.0",
"eslint-visitor-keys": "^3.3.0"
},
"dependencies": {
"eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA=="
}
}
},
"@vue/compiler-core": {
@ -13598,9 +13524,9 @@
"integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40="
},
"core-js": {
"version": "3.29.0",
"resolved": "https://registry.npmjs.org/core-js/-/core-js-3.29.0.tgz",
"integrity": "sha512-VG23vuEisJNkGl6XQmFJd3rEG/so/CNatqeE+7uZAwTSwFeB/qaO0be8xZYUNWprJ/GIwL8aMt9cj1kvbpTZhg=="
"version": "3.29.1",
"resolved": "https://registry.npmjs.org/core-js/-/core-js-3.29.1.tgz",
"integrity": "sha512-+jwgnhg6cQxKYIIjGtAHq2nwUOolo9eoFZ4sHfUH09BLXBgxnH4gA0zEd+t+BO2cNB8idaBtZFcFTRjQJRJmAw=="
},
"core-js-compat": {
"version": "3.25.1",
@ -14233,11 +14159,6 @@
"estraverse": "^5.2.0"
}
},
"eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA=="
},
"estraverse": {
"version": "5.3.0",
"resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz",
@ -14348,18 +14269,10 @@
"estraverse": "^4.1.1"
}
},
"eslint-utils": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz",
"integrity": "sha512-uuQC43IGctw68pJA1RgbQS8/NP7rch6Cwd4j3ZBtgo4/8Flj4eGE7ZYSZRN3iq5pVUv6GPdW5Z1RFleo84uLDA==",
"requires": {
"eslint-visitor-keys": "^2.0.0"
}
},
"eslint-visitor-keys": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-2.1.0.tgz",
"integrity": "sha512-0rSmRBzXgDzIsD6mGdJgevzgezI534Cer5L/vyMX0kHzT/jiB43jRhd9YUlMGYLQy2zprNmoT8qasCGtY+QaKw=="
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA=="
},
"espree": {
"version": "9.5.0",
@ -14369,13 +14282,6 @@
"acorn": "^8.8.0",
"acorn-jsx": "^5.3.2",
"eslint-visitor-keys": "^3.3.0"
},
"dependencies": {
"eslint-visitor-keys": {
"version": "3.3.0",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz",
"integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA=="
}
}
},
"esprima": {
@ -16483,11 +16389,6 @@
"safe-regex": "^1.1.0"
}
},
"regexpp": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/regexpp/-/regexpp-3.2.0.tgz",
"integrity": "sha512-pq2bWo9mVD43nbts2wGv17XLiNLya+GklZ8kaDLV2Z08gDCsGpnKn9BFMepvWuHCbyVvY7J5o5+BVvoQbmlJLg=="
},
"regexpu-core": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/regexpu-core/-/regexpu-core-5.1.0.tgz",

View File

@ -53,7 +53,7 @@
]
},
"dependencies": {
"@babel/core": "^7.21.0",
"@babel/core": "^7.21.3",
"@babel/plugin-proposal-decorators": "^7.21.0",
"@babel/plugin-transform-runtime": "^7.21.0",
"@babel/preset-env": "^7.20.2",
@ -66,7 +66,7 @@
"@codemirror/theme-one-dark": "^6.1.1",
"@formatjs/intl-listformat": "^7.1.9",
"@fortawesome/fontawesome-free": "^6.3.0",
"@goauthentik/api": "^2023.2.2-1678400303",
"@goauthentik/api": "^2023.3.0-1678747008",
"@hcaptcha/types": "^1.0.3",
"@jackfranklin/rollup-plugin-markdown": "^0.4.0",
"@lingui/cli": "^3.17.2",
@ -81,15 +81,15 @@
"@rollup/plugin-node-resolve": "^15.0.1",
"@rollup/plugin-replace": "^5.0.2",
"@rollup/plugin-typescript": "^11.0.0",
"@sentry/browser": "^7.42.0",
"@sentry/tracing": "^7.42.0",
"@sentry/browser": "^7.43.0",
"@sentry/tracing": "^7.43.0",
"@squoosh/cli": "^0.7.3",
"@trivago/prettier-plugin-sort-imports": "^4.1.1",
"@types/chart.js": "^2.9.37",
"@types/codemirror": "5.60.7",
"@types/grecaptcha": "^3.0.4",
"@typescript-eslint/eslint-plugin": "^5.54.1",
"@typescript-eslint/parser": "^5.54.1",
"@typescript-eslint/eslint-plugin": "^5.55.0",
"@typescript-eslint/parser": "^5.55.0",
"@webcomponents/webcomponentsjs": "^2.7.0",
"babel-plugin-macros": "^3.1.0",
"babel-plugin-tsconfig-paths": "^1.0.3",
@ -98,7 +98,7 @@
"chartjs-adapter-moment": "^1.0.1",
"codemirror": "^6.0.1",
"construct-style-sheets-polyfill": "^3.1.0",
"core-js": "^3.29.0",
"core-js": "^3.29.1",
"country-flag-icons": "^1.5.5",
"eslint": "^8.36.0",
"eslint-config-google": "^0.14.0",

View File

@ -36,7 +36,7 @@ export class InitialServiceConnectionWizardPage extends WizardPage {
?.querySelectorAll<HTMLInputElement>("input[type=radio]")
.forEach((radio) => {
if (radio.checked) {
this.host.isValid = true;
radio.dispatchEvent(new CustomEvent("change"));
}
});
};

View File

@ -42,7 +42,7 @@ export class InitialPolicyWizardPage extends WizardPage {
?.querySelectorAll<HTMLInputElement>("input[type=radio]")
.forEach((radio) => {
if (radio.checked) {
this.host.isValid = true;
radio.dispatchEvent(new CustomEvent("change"));
}
});
};

View File

@ -39,7 +39,7 @@ export class InitialPropertyMappingWizardPage extends WizardPage {
?.querySelectorAll<HTMLInputElement>("input[type=radio]")
.forEach((radio) => {
if (radio.checked) {
this.host.isValid = true;
radio.dispatchEvent(new CustomEvent("change"));
}
});
};

View File

@ -41,7 +41,7 @@ export class InitialProviderWizardPage extends WizardPage {
?.querySelectorAll<HTMLInputElement>("input[type=radio]")
.forEach((radio) => {
if (radio.checked) {
this.host.isValid = true;
radio.dispatchEvent(new CustomEvent("change"));
}
});
};

View File

@ -38,7 +38,7 @@ export class InitialSourceWizardPage extends WizardPage {
?.querySelectorAll<HTMLInputElement>("input[type=radio]")
.forEach((radio) => {
if (radio.checked) {
this.host.isValid = true;
radio.dispatchEvent(new CustomEvent("change"));
}
});
};

View File

@ -55,7 +55,7 @@ export class InitialStageWizardPage extends WizardPage {
?.querySelectorAll<HTMLInputElement>("input[type=radio]")
.forEach((radio) => {
if (radio.checked) {
this.host.isValid = true;
radio.dispatchEvent(new CustomEvent("change"));
}
});
};

View File

@ -68,14 +68,6 @@ export class UserForm extends ModelForm<User, number> {
${t`User's primary identifier. 150 characters or fewer.`}
</p>
</ak-form-element-horizontal>
<ak-form-element-horizontal label=${t`Path`} ?required=${true} name="path">
<input
type="text"
value="${first(this.instance?.path, "users")}"
class="pf-c-form-control"
required
/>
</ak-form-element-horizontal>
<ak-form-element-horizontal label=${t`Name`} name="name">
<input
type="text"
@ -110,6 +102,14 @@ export class UserForm extends ModelForm<User, number> {
${t`Designates whether this user should be treated as active. Unselect this instead of deleting accounts.`}
</p>
</ak-form-element-horizontal>
<ak-form-element-horizontal label=${t`Path`} ?required=${true} name="path">
<input
type="text"
value="${first(this.instance?.path, "users")}"
class="pf-c-form-control"
required
/>
</ak-form-element-horizontal>
<ak-form-element-horizontal label=${t`Attributes`} ?required=${true} name="attributes">
<ak-codemirror
mode="yaml"

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.2 MiB

After

Width:  |  Height:  |  Size: 987 KiB

View File

@ -88,7 +88,10 @@ body {
border-color: transparent;
}
.pf-c-tabs__item.pf-m-current {
--pf-c-tabs__link--after--BorderColor: #fd4b2d;
--pf-c-tabs__link--after--BorderColor: var(--ak-accent);
}
.pf-c-tabs__link {
--pf-c-tabs__link--Color: var(--ak-dark-foreground);
}
.pf-c-tabs.pf-m-vertical .pf-c-tabs__link {
background-color: transparent;

View File

@ -553,7 +553,7 @@ export class FlowExecutor extends Interface implements StageHost {
? html`
<li>
<a
href="https://unsplash.com/@saishmenon"
href="https://unsplash.com/@aaronburden"
>${t`Background image`}</a
>
</li>

View File

@ -83,9 +83,6 @@ export class UserInterface extends Interface {
.pf-c-page {
background-color: transparent;
}
:host([theme="dark"]) .pf-c-page {
background-color: var(--ak-dark-background);
}
.background-wrapper {
background-color: var(--pf-c-page--BackgroundColor) !important;
}

View File

@ -27,6 +27,8 @@
- Update `website/sidebars.js` to include the new release notes, and move the oldest release into the `Previous versions` category.
If the release notes are created in advance without a fixed date for the release, only add them to the sidebar once the release is published.
- Run `make website`
#### For subsequent releases:

View File

@ -1,14 +1,14 @@
---
title: docker-compose installation
title: Docker Compose installation
---
This installation method is for test-setups and small-scale productive setups.
## Requirements
- A Linux host with at least 2 CPU cores and 2 GB of RAM.
- docker
- docker-compose
- A host with at least 2 CPU cores and 2 GB of RAM
- Docker
- Docker Compose
## Preparation
@ -31,7 +31,7 @@ echo "AUTHENTIK_ERROR_REPORTING__ENABLED=true" >> .env
It is also recommended to configure global email credentials. These are used by authentik to notify you about alerts and configuration issues. They can also be used by [Email stages](../flow/stages/email/) to send verification/recovery emails.
Append this block to your `.env` file
To configure email credentials, append this block to your `.env` file
```shell
# SMTP Host Emails are sent to
@ -49,55 +49,55 @@ AUTHENTIK_EMAIL__TIMEOUT=10
AUTHENTIK_EMAIL__FROM=authentik@localhost
```
## Running on Port 80/443
## Configure for port 80/443
By default, authentik listens on port 9000 for HTTP and 9443 for HTTPS. To change this, you can set the following variables in `.env`:
By default, authentik listens on port 9000 for HTTP and 9443 for HTTPS. To change the default and instead use ports 80 and 443, you can set the following variables in `.env`:
```shell
AUTHENTIK_PORT_HTTP=80
AUTHENTIK_PORT_HTTPS=443
```
Afterwards, make sure to run `docker-compose up -d`.
Be sure to run `docker-compose up -d` to rebuild with the new port numbers.
## Startup
Afterwards, run these commands to finish
Afterwards, run these commands to finish:
```shell
docker-compose pull
docker-compose up -d
```
The compose file statically references the latest version available at the time of downloading the compose file, which can be overridden with the `AUTHENTIK_TAG` environment variable.
The `docker-compose.yml` file statically references the latest version available at the time of downloading the compose file, which can be overridden with the `AUTHENTIK_TAG` environment variable.
authentik will then be reachable on port 9000 (HTTP) and port 9443 (HTTPS).
authentik is then reachable (by default) on port 9000 (HTTP) and port 9443 (HTTPS).
To start the initial setup, navigate to `https://<your server>/if/flow/initial-setup/`. There you will be prompted to set a password for the akadmin user.
To start the initial setup, navigate to `https://<your server's IP or hostname>:9000/if/flow/initial-setup/`.
There you will be prompted to set a password for the akadmin user (the default user).
## Explanation
:::warning
The server assumes to have local timezone as UTC.
All internals are handled in UTC, whenever a time is displayed to the user in UI it gets localized.
All internals are handled in UTC; whenever a time is displayed to the user in UI it gets localized.
Do not update or mount `/etc/timezone` or `/etc/localtime` in the authentik containers.
This will not give any advantages.
On the contrary, it will cause problems with OAuth and SAML authentication,
e.g. [see this GitHub issue](https://github.com/goauthentik/authentik/issues/3005).
:::
The docker-compose project contains the following containers:
The Docker-Compose project contains the following containers:
- server
This is the backend service, which does all the logic, runs the API and the actual SSO part. It also runs the frontend, hosts the JS/CSS files, and also serves the files you've uploaded for icons/etc.
This is the backend service, which does all the logic, plus runs the API and the SSO functionality. It also runs the frontend, hosts the JS/CSS files, and serves the files you've uploaded for icons/etc.
- worker
This container executes background tasks, everything you can see on the _System Tasks_ page in the frontend.
- redis & postgresql
- redis (for cache)
Cache and database respectively.
Additionally, if you've enabled GeoIP, there is a container running that regularly updates the GeoIP database.
- postgresql (default database)

View File

@ -2,7 +2,7 @@
title: Docker
---
The docker integration will automatically deploy and manage outpost containers using the Docker HTTP API.
The Docker integration automatically deploys and manages outpost containers using the Docker HTTP API.
This integration has the advantage over manual deployments of automatic updates (whenever authentik is updated, it updates the outposts), and authentik can (in a future version) automatically rotate the token that the outpost uses to communicate with the core authentik server.
@ -10,8 +10,8 @@ The following outpost settings are used:
- `object_naming_template`: Configures how the container is called
- `container_image`: Optionally overwrites the standard container image (see [Configuration](../../installation/configuration.md) to configure the global default)
- `docker_network`: The docker network the container should be added to. This needs to be modified if you plan to connect to authentik using the internal hostname.
- `docker_map_ports`: Enable/disable the mapping of ports. When using a proxy outpost with traefik for example, you might not want to bind ports as they are routed through traefik.
- `docker_network`: The Docker network the container should be added to. This needs to be modified if you plan to connect to authentik using the internal hostname.
- `docker_map_ports`: Enable/disable the mapping of ports. When using a proxy outpost with Traefik for example, you might not want to bind ports as they are routed through Traefik.
- `docker_labels`: Optional additional labels that can be applied to the container.
The container is created with the following hardcoded properties:
@ -20,7 +20,7 @@ The container is created with the following hardcoded properties:
- `io.goauthentik.outpost-uuid`: Used by authentik to identify the container, and to allow for name changes.
Additionally, the proxy outposts have the following extra labels to add themselves into traefik automatically.
Additionally, the proxy outposts have the following extra labels to add themselves into Traefik automatically.
- `traefik.enable`: "true"
- `traefik.http.routers.ak-outpost-<outpost-name>-router.rule`: `Host(...)`
@ -32,7 +32,7 @@ The container is created with the following hardcoded properties:
## Permissions
To minimise the potential risks of mapping the docker socket into a container/giving an application access to the docker API, many people use Projects like [docker-socket-proxy](https://github.com/Tecnativa/docker-socket-proxy). authentik requires these permissions from the docker API:
To minimise the potential risks of mapping the Docker socket into a container/giving an application access to the Docker API, many people use Projects like [docker-socket-proxy](https://github.com/Tecnativa/docker-socket-proxy). authentik requires these permissions from the Docker API:
- Images/Pull: authentik tries to pre-pull the custom image if one is configured, otherwise falling back to the default image.
- Containers/Read: Gather infos about currently running container
@ -42,18 +42,18 @@ To minimise the potential risks of mapping the docker socket into a container/gi
## Remote hosts (TLS)
To connect remote hosts, you can follow this Guide from Docker [Use TLS (HTTPS) to protect the Docker daemon socket](https://docs.docker.com/engine/security/protect-access/#use-tls-https-to-protect-the-docker-daemon-socket) to configure Docker.
To connect remote hosts, follow this guide from Docker [Use TLS (HTTPS) to protect the Docker daemon socket](https://docs.docker.com/engine/security/protect-access/#use-tls-https-to-protect-the-docker-daemon-socket) to configure Docker.
Afterwards, create two Certificate-keypairs in authentik:
Afterwards, create two certificate-keypairs in authentik:
- `Docker CA`, with the contents of `~/.docker/ca.pem` as Certificate
- `Docker Cert`, with the contents of `~/.docker/cert.pem` as Certificate and `~/.docker/key.pem` as Private key.
- `Docker Cert`, with the contents of `~/.docker/cert.pem` as the certificate and `~/.docker/key.pem` as the private key.
Create an integration with `Docker CA` as _TLS Verification Certificate_ and `Docker Cert` as _TLS Authentication Certificate_.
## Remote hosts (SSH)
Starting with authentik 2021.12.5, you can connect to remote docker hosts using SSH. To configure this, create a new SSH keypair using these commands:
Starting with authentik 2021.12.5, you can connect to remote Docker hosts using SSH. To configure this, create a new SSH keypair using these commands:
```
# Generate the keypair itself, using RSA keys in the PEM format

View File

@ -7,11 +7,19 @@ Using forward auth uses your existing reverse proxy to do the proxying, and only
To use forward auth instead of proxying, you have to change a couple of settings.
In the Proxy Provider, make sure to use one of the Forward auth modes.
## Single application
## Forward auth modes
The only configuration difference between single application mode and domain level mode is the host that you specify.
For single application, you'd use the domain that the application is running on, and only `/outpost.goauthentik.io` is redirected to the outpost.
For domain level, you'd use the same domain as authentik.
### Single application
Single application mode works for a single application hosted on its dedicated subdomain. This has the advantage that you can still do per-application access policies in authentik.
## Domain level
### Domain level
To use forward auth instead of proxying, you have to change a couple of settings.
In the Proxy Provider, make sure to use the _Forward auth (domain level)_ mode.
@ -21,10 +29,13 @@ This mode differs from the _Forward auth (single application)_ mode in the follo
- You don't have to configure an application in authentik for each domain
- Users don't have to authorize multiple times
There are however also some downsides, mainly the fact that you **can't** restrict individual applications to different users.
There are, however, also some downsides, mainly the fact that you **can't** restrict individual applications to different users.
The only configuration difference between single application and domain level is the host you specify.
## Configuration templates
For single application, you'd use the domain which the application is running on, and only `/outpost.goauthentik.io` is redirected to the outpost.
For configuration templates for each web server, refer to the following:
For domain level, you'd use the same domain as authentik.
import DocCardList from "@theme/DocCardList";
import { useCurrentSidebarCategory } from "@docusaurus/theme-common";
<DocCardList items={useCurrentSidebarCategory().items} />

View File

@ -11,7 +11,9 @@ slug: "/releases/2023.3"
This feature is still in technical preview, so please report any Bugs you run into on [GitHub](https://github.com/goauthentik/authentik/issues).
:::
authentik can now provision users from other IT systems via the SCIM (System for Cross-domain Identity Management) protocol. The provider synchronizes Users, Groups and the user membership. Objects are synced both when they are saved and based on a pre-defined schedule in the background.
authentik can now provision users into other IT systems via the SCIM (System for Cross-domain Identity Management) protocol. The provider synchronizes Users, Groups and the user membership. Objects are synced both when they are saved and based on a pre-defined schedule in the background.
Documentation: https://goauthentik.io/docs/providers/scim/
- Theming improvements

View File

@ -101,7 +101,7 @@ For more information on group/role mappings, see [Grafana's docs](https://grafan
### Grafana Configuration Considerations
Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accessible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company:3000`.
Make sure in your configuration that `root_url` is set correctly, otherwise your redirect url might get processed incorrectly. For example, if your grafana instance is running on the default configuration and is accessible behind a reverse proxy at `https://grafana.company`, your redirect url will end up looking like this, `https://grafana.company/`.
If you get `user does not belong to org` error when trying to log into grafana for the first time via OAuth, check if you have an organization with the ID of `1`, if not, then you have to add the following to your grafana config:
```ini

View File

@ -3723,9 +3723,9 @@
}
},
"node_modules/acorn": {
"version": "8.6.0",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.6.0.tgz",
"integrity": "sha512-U1riIR+lBSNi3IbxtaHOIKdH8sLFv3NYfNv8sg7ZsNhcfl4HF2++BfqqrNAxoCLQW1iiylOj76ecnaUxz+z9yw==",
"version": "8.8.2",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.8.2.tgz",
"integrity": "sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw==",
"bin": {
"acorn": "bin/acorn"
},
@ -6122,9 +6122,9 @@
}
},
"node_modules/enhanced-resolve": {
"version": "5.9.3",
"resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.9.3.tgz",
"integrity": "sha512-Bq9VSor+kjvW3f9/MiiR4eE3XYgOl7/rS8lnSxbRbF3kS0B2r+Y9w5krBWxZgDxASVZbdYrn5wT4j/Wb0J9qow==",
"version": "5.12.0",
"resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.12.0.tgz",
"integrity": "sha512-QHTXI/sZQmko1cbDoNAa3mJ5qhWUUNAq3vR0/YiD379fWQrcfuoX1+HW2S0MTt7XmoPLapdaDKUtelUSPic7hQ==",
"dependencies": {
"graceful-fs": "^4.2.4",
"tapable": "^2.2.0"
@ -12562,9 +12562,9 @@
}
},
"node_modules/watchpack": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.3.1.tgz",
"integrity": "sha512-x0t0JuydIo8qCNctdDrn1OzH/qDzk2+rdCOC3YzumZ42fiMqmQ7T3xQurykYMhYfHaPHTp4ZxAx2NfUo1K6QaA==",
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.0.tgz",
"integrity": "sha512-Lcvm7MGST/4fup+ifyKi2hjyIAwcdI4HRgtvTpIUxBRhB+RFtUh8XtDOxUfctVCnhVi+QQj49i91OyvzkJl6cg==",
"dependencies": {
"glob-to-regexp": "^0.4.1",
"graceful-fs": "^4.1.2"
@ -12604,20 +12604,20 @@
"integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
},
"node_modules/webpack": {
"version": "5.73.0",
"resolved": "https://registry.npmjs.org/webpack/-/webpack-5.73.0.tgz",
"integrity": "sha512-svjudQRPPa0YiOYa2lM/Gacw0r6PvxptHj4FuEKQ2kX05ZLkjbVc5MnPs6its5j7IZljnIqSVo/OsY2X0IpHGA==",
"version": "5.76.1",
"resolved": "https://registry.npmjs.org/webpack/-/webpack-5.76.1.tgz",
"integrity": "sha512-4+YIK4Abzv8172/SGqObnUjaIHjLEuUasz9EwQj/9xmPPkYJy2Mh03Q/lJfSD3YLzbxy5FeTq5Uw0323Oh6SJQ==",
"dependencies": {
"@types/eslint-scope": "^3.7.3",
"@types/estree": "^0.0.51",
"@webassemblyjs/ast": "1.11.1",
"@webassemblyjs/wasm-edit": "1.11.1",
"@webassemblyjs/wasm-parser": "1.11.1",
"acorn": "^8.4.1",
"acorn": "^8.7.1",
"acorn-import-assertions": "^1.7.6",
"browserslist": "^4.14.5",
"chrome-trace-event": "^1.0.2",
"enhanced-resolve": "^5.9.3",
"enhanced-resolve": "^5.10.0",
"es-module-lexer": "^0.9.0",
"eslint-scope": "5.1.1",
"events": "^3.2.0",
@ -12630,7 +12630,7 @@
"schema-utils": "^3.1.0",
"tapable": "^2.1.1",
"terser-webpack-plugin": "^5.1.3",
"watchpack": "^2.3.1",
"watchpack": "^2.4.0",
"webpack-sources": "^3.2.3"
},
"bin": {
@ -15862,9 +15862,9 @@
}
},
"acorn": {
"version": "8.6.0",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.6.0.tgz",
"integrity": "sha512-U1riIR+lBSNi3IbxtaHOIKdH8sLFv3NYfNv8sg7ZsNhcfl4HF2++BfqqrNAxoCLQW1iiylOj76ecnaUxz+z9yw=="
"version": "8.8.2",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.8.2.tgz",
"integrity": "sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw=="
},
"acorn-import-assertions": {
"version": "1.8.0",
@ -17567,9 +17567,9 @@
}
},
"enhanced-resolve": {
"version": "5.9.3",
"resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.9.3.tgz",
"integrity": "sha512-Bq9VSor+kjvW3f9/MiiR4eE3XYgOl7/rS8lnSxbRbF3kS0B2r+Y9w5krBWxZgDxASVZbdYrn5wT4j/Wb0J9qow==",
"version": "5.12.0",
"resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.12.0.tgz",
"integrity": "sha512-QHTXI/sZQmko1cbDoNAa3mJ5qhWUUNAq3vR0/YiD379fWQrcfuoX1+HW2S0MTt7XmoPLapdaDKUtelUSPic7hQ==",
"requires": {
"graceful-fs": "^4.2.4",
"tapable": "^2.2.0"
@ -22157,9 +22157,9 @@
}
},
"watchpack": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.3.1.tgz",
"integrity": "sha512-x0t0JuydIo8qCNctdDrn1OzH/qDzk2+rdCOC3YzumZ42fiMqmQ7T3xQurykYMhYfHaPHTp4ZxAx2NfUo1K6QaA==",
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.0.tgz",
"integrity": "sha512-Lcvm7MGST/4fup+ifyKi2hjyIAwcdI4HRgtvTpIUxBRhB+RFtUh8XtDOxUfctVCnhVi+QQj49i91OyvzkJl6cg==",
"requires": {
"glob-to-regexp": "^0.4.1",
"graceful-fs": "^4.1.2"
@ -22189,20 +22189,20 @@
"integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
},
"webpack": {
"version": "5.73.0",
"resolved": "https://registry.npmjs.org/webpack/-/webpack-5.73.0.tgz",
"integrity": "sha512-svjudQRPPa0YiOYa2lM/Gacw0r6PvxptHj4FuEKQ2kX05ZLkjbVc5MnPs6its5j7IZljnIqSVo/OsY2X0IpHGA==",
"version": "5.76.1",
"resolved": "https://registry.npmjs.org/webpack/-/webpack-5.76.1.tgz",
"integrity": "sha512-4+YIK4Abzv8172/SGqObnUjaIHjLEuUasz9EwQj/9xmPPkYJy2Mh03Q/lJfSD3YLzbxy5FeTq5Uw0323Oh6SJQ==",
"requires": {
"@types/eslint-scope": "^3.7.3",
"@types/estree": "^0.0.51",
"@webassemblyjs/ast": "1.11.1",
"@webassemblyjs/wasm-edit": "1.11.1",
"@webassemblyjs/wasm-parser": "1.11.1",
"acorn": "^8.4.1",
"acorn": "^8.7.1",
"acorn-import-assertions": "^1.7.6",
"browserslist": "^4.14.5",
"chrome-trace-event": "^1.0.2",
"enhanced-resolve": "^5.9.3",
"enhanced-resolve": "^5.10.0",
"es-module-lexer": "^0.9.0",
"eslint-scope": "5.1.1",
"events": "^3.2.0",
@ -22215,7 +22215,7 @@
"schema-utils": "^3.1.0",
"tapable": "^2.1.1",
"terser-webpack-plugin": "^5.1.3",
"watchpack": "^2.3.1",
"watchpack": "^2.4.0",
"webpack-sources": "^3.2.3"
},
"dependencies": {

View File

@ -239,13 +239,14 @@ module.exports = {
description: "Release notes for recent authentik versions",
},
items: [
"releases/2023/v2023.3",
"releases/2023/v2023.2",
"releases/2023/v2023.1",
"releases/2022/v2022.12",
{
type: "category",
label: "Previous versions",
items: [
"releases/2022/v2022.12",
"releases/2022/v2022.11",
"releases/2022/v2022.10",
"releases/2022/v2022.9",