diff --git a/.bumpversion.cfg b/.bumpversion.cfg index f78e67f49..d679517c7 100644 --- a/.bumpversion.cfg +++ b/.bumpversion.cfg @@ -1,5 +1,5 @@ [bumpversion] -current_version = 2023.10.4 +current_version = 2023.10.5 tag = True commit = True parse = (?P\d+)\.(?P\d+)\.(?P\d+) diff --git a/Dockerfile b/Dockerfile index 629d3258b..114be6253 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,7 +71,7 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \ # Stage 4: MaxMind GeoIP FROM --platform=${BUILDPLATFORM} ghcr.io/maxmind/geoipupdate:v6.0 as geoip -ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City" +ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN" ENV GEOIPUPDATE_VERBOSE="true" ENV GEOIPUPDATE_ACCOUNT_ID_FILE="/run/secrets/GEOIPUPDATE_ACCOUNT_ID" ENV GEOIPUPDATE_LICENSE_KEY_FILE="/run/secrets/GEOIPUPDATE_LICENSE_KEY" diff --git a/authentik/__init__.py b/authentik/__init__.py index fc368ceeb..0c651c834 100644 --- a/authentik/__init__.py +++ b/authentik/__init__.py @@ -2,7 +2,7 @@ from os import environ from typing import Optional -__version__ = "2023.10.4" +__version__ = "2023.10.5" ENV_GIT_HASH_KEY = "GIT_BUILD_HASH" diff --git a/authentik/api/v3/config.py b/authentik/api/v3/config.py index 0defd1a5b..93b783629 100644 --- a/authentik/api/v3/config.py +++ b/authentik/api/v3/config.py @@ -19,7 +19,7 @@ from rest_framework.response import Response from rest_framework.views import APIView from authentik.core.api.utils import PassiveSerializer -from authentik.events.geo import GEOIP_READER +from authentik.events.context_processors.base import get_context_processors from authentik.lib.config import CONFIG capabilities = Signal() @@ -30,6 +30,7 @@ class Capabilities(models.TextChoices): CAN_SAVE_MEDIA = "can_save_media" CAN_GEO_IP = "can_geo_ip" + CAN_ASN = "can_asn" CAN_IMPERSONATE = "can_impersonate" CAN_DEBUG = "can_debug" IS_ENTERPRISE = "is_enterprise" @@ -68,8 +69,9 @@ class ConfigView(APIView): deb_test = settings.DEBUG or settings.TEST if Path(settings.MEDIA_ROOT).is_mount() or deb_test: caps.append(Capabilities.CAN_SAVE_MEDIA) - if GEOIP_READER.enabled: - caps.append(Capabilities.CAN_GEO_IP) + for processor in get_context_processors(): + if cap := processor.capability(): + caps.append(cap) if CONFIG.get_bool("impersonation"): caps.append(Capabilities.CAN_IMPERSONATE) if settings.DEBUG: # pragma: no cover diff --git a/authentik/core/api/authenticated_sessions.py b/authentik/core/api/authenticated_sessions.py index 03c1aeaf3..2d77937be 100644 --- a/authentik/core/api/authenticated_sessions.py +++ b/authentik/core/api/authenticated_sessions.py @@ -14,7 +14,8 @@ from ua_parser import user_agent_parser from authentik.api.authorization import OwnerSuperuserPermissions from authentik.core.api.used_by import UsedByMixin from authentik.core.models import AuthenticatedSession -from authentik.events.geo import GEOIP_READER, GeoIPDict +from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR, ASNDict +from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR, GeoIPDict class UserAgentDeviceDict(TypedDict): @@ -59,6 +60,7 @@ class AuthenticatedSessionSerializer(ModelSerializer): current = SerializerMethodField() user_agent = SerializerMethodField() geo_ip = SerializerMethodField() + asn = SerializerMethodField() def get_current(self, instance: AuthenticatedSession) -> bool: """Check if session is currently active session""" @@ -70,8 +72,12 @@ class AuthenticatedSessionSerializer(ModelSerializer): return user_agent_parser.Parse(instance.last_user_agent) def get_geo_ip(self, instance: AuthenticatedSession) -> Optional[GeoIPDict]: # pragma: no cover - """Get parsed user agent""" - return GEOIP_READER.city_dict(instance.last_ip) + """Get GeoIP Data""" + return GEOIP_CONTEXT_PROCESSOR.city_dict(instance.last_ip) + + def get_asn(self, instance: AuthenticatedSession) -> Optional[ASNDict]: # pragma: no cover + """Get ASN Data""" + return ASN_CONTEXT_PROCESSOR.asn_dict(instance.last_ip) class Meta: model = AuthenticatedSession @@ -80,6 +86,7 @@ class AuthenticatedSessionSerializer(ModelSerializer): "current", "user_agent", "geo_ip", + "asn", "user", "last_ip", "last_user_agent", diff --git a/authentik/events/context_processors/__init__.py b/authentik/events/context_processors/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/authentik/events/context_processors/asn.py b/authentik/events/context_processors/asn.py new file mode 100644 index 000000000..afefbcbc6 --- /dev/null +++ b/authentik/events/context_processors/asn.py @@ -0,0 +1,79 @@ +"""ASN Enricher""" +from typing import TYPE_CHECKING, Optional, TypedDict + +from django.http import HttpRequest +from geoip2.errors import GeoIP2Error +from geoip2.models import ASN +from sentry_sdk import Hub + +from authentik.events.context_processors.mmdb import MMDBContextProcessor +from authentik.lib.config import CONFIG +from authentik.root.middleware import ClientIPMiddleware + +if TYPE_CHECKING: + from authentik.api.v3.config import Capabilities + from authentik.events.models import Event + + +class ASNDict(TypedDict): + """ASN Details""" + + asn: int + as_org: str | None + network: str | None + + +class ASNContextProcessor(MMDBContextProcessor): + """ASN Database reader wrapper""" + + def capability(self) -> Optional["Capabilities"]: + from authentik.api.v3.config import Capabilities + + return Capabilities.CAN_ASN + + def path(self) -> str | None: + return CONFIG.get("events.context_processors.asn") + + def enrich_event(self, event: "Event"): + asn = self.asn_dict(event.client_ip) + if not asn: + return + event.context["asn"] = asn + + def enrich_context(self, request: HttpRequest) -> dict: + return { + "asn": self.asn_dict(ClientIPMiddleware.get_client_ip(request)), + } + + def asn(self, ip_address: str) -> Optional[ASN]: + """Wrapper for Reader.asn""" + with Hub.current.start_span( + op="authentik.events.asn.asn", + description=ip_address, + ): + if not self.enabled: + return None + self.check_expired() + try: + return self.reader.asn(ip_address) + except (GeoIP2Error, ValueError): + return None + + def asn_to_dict(self, asn: ASN) -> ASNDict: + """Convert ASN to dict""" + asn_dict: ASNDict = { + "asn": asn.autonomous_system_number, + "as_org": asn.autonomous_system_organization, + "network": str(asn.network) if asn.network else None, + } + return asn_dict + + def asn_dict(self, ip_address: str) -> Optional[ASNDict]: + """Wrapper for self.asn that returns a dict""" + asn = self.asn(ip_address) + if not asn: + return None + return self.asn_to_dict(asn) + + +ASN_CONTEXT_PROCESSOR = ASNContextProcessor() diff --git a/authentik/events/context_processors/base.py b/authentik/events/context_processors/base.py new file mode 100644 index 000000000..96a46a65a --- /dev/null +++ b/authentik/events/context_processors/base.py @@ -0,0 +1,43 @@ +"""Base event enricher""" +from functools import cache +from typing import TYPE_CHECKING, Optional + +from django.http import HttpRequest + +if TYPE_CHECKING: + from authentik.api.v3.config import Capabilities + from authentik.events.models import Event + + +class EventContextProcessor: + """Base event enricher""" + + def capability(self) -> Optional["Capabilities"]: + """Return the capability this context processor provides""" + return None + + def configured(self) -> bool: + """Return true if this context processor is configured""" + return False + + def enrich_event(self, event: "Event"): + """Modify event""" + raise NotImplementedError + + def enrich_context(self, request: HttpRequest) -> dict: + """Modify context""" + raise NotImplementedError + + +@cache +def get_context_processors() -> list[EventContextProcessor]: + """Get a list of all configured context processors""" + from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR + from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR + + processors_types = [ASN_CONTEXT_PROCESSOR, GEOIP_CONTEXT_PROCESSOR] + processors = [] + for _type in processors_types: + if _type.configured(): + processors.append(_type) + return processors diff --git a/authentik/events/context_processors/geoip.py b/authentik/events/context_processors/geoip.py new file mode 100644 index 000000000..ca00a4c54 --- /dev/null +++ b/authentik/events/context_processors/geoip.py @@ -0,0 +1,84 @@ +"""events GeoIP Reader""" +from typing import TYPE_CHECKING, Optional, TypedDict + +from django.http import HttpRequest +from geoip2.errors import GeoIP2Error +from geoip2.models import City +from sentry_sdk.hub import Hub + +from authentik.events.context_processors.mmdb import MMDBContextProcessor +from authentik.lib.config import CONFIG +from authentik.root.middleware import ClientIPMiddleware + +if TYPE_CHECKING: + from authentik.api.v3.config import Capabilities + from authentik.events.models import Event + + +class GeoIPDict(TypedDict): + """GeoIP Details""" + + continent: str + country: str + lat: float + long: float + city: str + + +class GeoIPContextProcessor(MMDBContextProcessor): + """Slim wrapper around GeoIP API""" + + def capability(self) -> Optional["Capabilities"]: + from authentik.api.v3.config import Capabilities + + return Capabilities.CAN_GEO_IP + + def path(self) -> str | None: + return CONFIG.get("events.context_processors.geoip") + + def enrich_event(self, event: "Event"): + city = self.city_dict(event.client_ip) + if not city: + return + event.context["geo"] = city + + def enrich_context(self, request: HttpRequest) -> dict: + # Different key `geoip` vs `geo` for legacy reasons + return {"geoip": self.city(ClientIPMiddleware.get_client_ip(request))} + + def city(self, ip_address: str) -> Optional[City]: + """Wrapper for Reader.city""" + with Hub.current.start_span( + op="authentik.events.geo.city", + description=ip_address, + ): + if not self.enabled: + return None + self.check_expired() + try: + return self.reader.city(ip_address) + except (GeoIP2Error, ValueError): + return None + + def city_to_dict(self, city: City) -> GeoIPDict: + """Convert City to dict""" + city_dict: GeoIPDict = { + "continent": city.continent.code, + "country": city.country.iso_code, + "lat": city.location.latitude, + "long": city.location.longitude, + "city": "", + } + if city.city.name: + city_dict["city"] = city.city.name + return city_dict + + def city_dict(self, ip_address: str) -> Optional[GeoIPDict]: + """Wrapper for self.city that returns a dict""" + city = self.city(ip_address) + if not city: + return None + return self.city_to_dict(city) + + +GEOIP_CONTEXT_PROCESSOR = GeoIPContextProcessor() diff --git a/authentik/events/context_processors/mmdb.py b/authentik/events/context_processors/mmdb.py new file mode 100644 index 000000000..09c17f91f --- /dev/null +++ b/authentik/events/context_processors/mmdb.py @@ -0,0 +1,54 @@ +"""Common logic for reading MMDB files""" +from pathlib import Path +from typing import Optional + +from geoip2.database import Reader +from structlog.stdlib import get_logger + +from authentik.events.context_processors.base import EventContextProcessor + + +class MMDBContextProcessor(EventContextProcessor): + """Common logic for reading MaxMind DB files, including re-loading if the file has changed""" + + def __init__(self): + self.reader: Optional[Reader] = None + self._last_mtime: float = 0.0 + self.logger = get_logger() + self.open() + + def path(self) -> str | None: + """Get the path to the MMDB file to load""" + raise NotImplementedError + + def open(self): + """Get GeoIP Reader, if configured, otherwise none""" + path = self.path() + if path == "" or not path: + return + try: + self.reader = Reader(path) + self._last_mtime = Path(path).stat().st_mtime + self.logger.info("Loaded MMDB database", last_write=self._last_mtime, file=path) + except OSError as exc: + self.logger.warning("Failed to load MMDB database", exc=exc) + + def check_expired(self): + """Check if the modification date of the MMDB database has + changed, and reload it if so""" + path = self.path() + if path == "" or not path: + return + try: + mtime = Path(path).stat().st_mtime + diff = self._last_mtime < mtime + if diff > 0: + self.logger.info("Found new MMDB Database, reopening", diff=diff, path=path) + self.open() + except OSError as exc: + self.logger.warning("Failed to check MMDB age", exc=exc) + + @property + def enabled(self) -> bool: + """Check if MMDB is enabled""" + return bool(self.reader) diff --git a/authentik/events/geo.py b/authentik/events/geo.py deleted file mode 100644 index 95a28539c..000000000 --- a/authentik/events/geo.py +++ /dev/null @@ -1,100 +0,0 @@ -"""events GeoIP Reader""" -from os import stat -from typing import Optional, TypedDict - -from geoip2.database import Reader -from geoip2.errors import GeoIP2Error -from geoip2.models import City -from sentry_sdk.hub import Hub -from structlog.stdlib import get_logger - -from authentik.lib.config import CONFIG - -LOGGER = get_logger() - - -class GeoIPDict(TypedDict): - """GeoIP Details""" - - continent: str - country: str - lat: float - long: float - city: str - - -class GeoIPReader: - """Slim wrapper around GeoIP API""" - - def __init__(self): - self.__reader: Optional[Reader] = None - self.__last_mtime: float = 0.0 - self.__open() - - def __open(self): - """Get GeoIP Reader, if configured, otherwise none""" - path = CONFIG.get("geoip") - if path == "" or not path: - return - try: - self.__reader = Reader(path) - self.__last_mtime = stat(path).st_mtime - LOGGER.info("Loaded GeoIP database", last_write=self.__last_mtime) - except OSError as exc: - LOGGER.warning("Failed to load GeoIP database", exc=exc) - - def __check_expired(self): - """Check if the modification date of the GeoIP database has - changed, and reload it if so""" - path = CONFIG.get("geoip") - try: - mtime = stat(path).st_mtime - diff = self.__last_mtime < mtime - if diff > 0: - LOGGER.info("Found new GeoIP Database, reopening", diff=diff) - self.__open() - except OSError as exc: - LOGGER.warning("Failed to check GeoIP age", exc=exc) - return - - @property - def enabled(self) -> bool: - """Check if GeoIP is enabled""" - return bool(self.__reader) - - def city(self, ip_address: str) -> Optional[City]: - """Wrapper for Reader.city""" - with Hub.current.start_span( - op="authentik.events.geo.city", - description=ip_address, - ): - if not self.enabled: - return None - self.__check_expired() - try: - return self.__reader.city(ip_address) - except (GeoIP2Error, ValueError): - return None - - def city_to_dict(self, city: City) -> GeoIPDict: - """Convert City to dict""" - city_dict: GeoIPDict = { - "continent": city.continent.code, - "country": city.country.iso_code, - "lat": city.location.latitude, - "long": city.location.longitude, - "city": "", - } - if city.city.name: - city_dict["city"] = city.city.name - return city_dict - - def city_dict(self, ip_address: str) -> Optional[GeoIPDict]: - """Wrapper for self.city that returns a dict""" - city = self.city(ip_address) - if not city: - return None - return self.city_to_dict(city) - - -GEOIP_READER = GeoIPReader() diff --git a/authentik/events/models.py b/authentik/events/models.py index 03e9a939c..240ba11de 100644 --- a/authentik/events/models.py +++ b/authentik/events/models.py @@ -26,7 +26,7 @@ from authentik.core.middleware import ( SESSION_KEY_IMPERSONATE_USER, ) from authentik.core.models import ExpiringModel, Group, PropertyMapping, User -from authentik.events.geo import GEOIP_READER +from authentik.events.context_processors.base import get_context_processors from authentik.events.utils import ( cleanse_dict, get_user, @@ -246,21 +246,15 @@ class Event(SerializerModel, ExpiringModel): self.user["on_behalf_of"] = get_user(request.session[SESSION_KEY_IMPERSONATE_USER]) # User 255.255.255.255 as fallback if IP cannot be determined self.client_ip = ClientIPMiddleware.get_client_ip(request) - # Apply GeoIP Data, when enabled - self.with_geoip() + # Enrich event data + for processor in get_context_processors(): + processor.enrich_event(self) # If there's no app set, we get it from the requests too if not self.app: self.app = Event._get_app_from_request(request) self.save() return self - def with_geoip(self): # pragma: no cover - """Apply GeoIP Data, when enabled""" - city = GEOIP_READER.city_dict(self.client_ip) - if not city: - return - self.context["geo"] = city - def save(self, *args, **kwargs): if self._state.adding: LOGGER.info( @@ -467,7 +461,7 @@ class NotificationTransport(SerializerModel): } mail = TemplateEmailMessage( subject=subject_prefix + context["title"], - to=[notification.user.email], + to=[f"{notification.user.name} <{notification.user.email}>"], language=notification.user.locale(), template_name="email/event_notification.html", template_context=context, diff --git a/authentik/events/tests/test_enrich_asn.py b/authentik/events/tests/test_enrich_asn.py new file mode 100644 index 000000000..2844c4591 --- /dev/null +++ b/authentik/events/tests/test_enrich_asn.py @@ -0,0 +1,24 @@ +"""Test ASN Wrapper""" +from django.test import TestCase + +from authentik.events.context_processors.asn import ASNContextProcessor + + +class TestASN(TestCase): + """Test ASN Wrapper""" + + def setUp(self) -> None: + self.reader = ASNContextProcessor() + + def test_simple(self): + """Test simple asn wrapper""" + # IPs from + # https://github.com/maxmind/MaxMind-DB/blob/main/source-data/GeoLite2-ASN-Test.json + self.assertEqual( + self.reader.asn_dict("1.0.0.1"), + { + "asn": 15169, + "as_org": "Google Inc.", + "network": "1.0.0.0/24", + }, + ) diff --git a/authentik/events/tests/test_geoip.py b/authentik/events/tests/test_enrich_geoip.py similarity index 83% rename from authentik/events/tests/test_geoip.py rename to authentik/events/tests/test_enrich_geoip.py index 3120dacae..5317901a4 100644 --- a/authentik/events/tests/test_geoip.py +++ b/authentik/events/tests/test_enrich_geoip.py @@ -1,14 +1,14 @@ """Test GeoIP Wrapper""" from django.test import TestCase -from authentik.events.geo import GeoIPReader +from authentik.events.context_processors.geoip import GeoIPContextProcessor class TestGeoIP(TestCase): """Test GeoIP Wrapper""" def setUp(self) -> None: - self.reader = GeoIPReader() + self.reader = GeoIPContextProcessor() def test_simple(self): """Test simple city wrapper""" diff --git a/authentik/events/utils.py b/authentik/events/utils.py index a7c3bdf3e..cf1b1b78b 100644 --- a/authentik/events/utils.py +++ b/authentik/events/utils.py @@ -17,12 +17,13 @@ from django.db.models.base import Model from django.http.request import HttpRequest from django.utils import timezone from django.views.debug import SafeExceptionReporterFilter -from geoip2.models import City +from geoip2.models import ASN, City from guardian.utils import get_anonymous_user from authentik.blueprints.v1.common import YAMLTag from authentik.core.models import User -from authentik.events.geo import GEOIP_READER +from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR +from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR from authentik.policies.types import PolicyRequest # Special keys which are *not* cleaned, even when the default filter @@ -123,7 +124,9 @@ def sanitize_item(value: Any) -> Any: if isinstance(value, (HttpRequest, WSGIRequest)): return ... if isinstance(value, City): - return GEOIP_READER.city_to_dict(value) + return GEOIP_CONTEXT_PROCESSOR.city_to_dict(value) + if isinstance(value, ASN): + return ASN_CONTEXT_PROCESSOR.asn_to_dict(value) if isinstance(value, Path): return str(value) if isinstance(value, Exception): diff --git a/authentik/lib/config.py b/authentik/lib/config.py index dd5500f8e..3b977e8a2 100644 --- a/authentik/lib/config.py +++ b/authentik/lib/config.py @@ -35,6 +35,7 @@ REDIS_ENV_KEYS = [ ] DEPRECATIONS = { + "geoip": "events.context_processors.geoip", "redis.broker_url": "broker.url", "redis.broker_transport_options": "broker.transport_options", "redis.cache_timeout": "cache.timeout", diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml index 7573888ae..afb775c44 100644 --- a/authentik/lib/default.yml +++ b/authentik/lib/default.yml @@ -108,7 +108,10 @@ cookie_domain: null disable_update_check: false disable_startup_analytics: false avatars: env://AUTHENTIK_AUTHENTIK__AVATARS?gravatar,initials -geoip: "/geoip/GeoLite2-City.mmdb" +events: + context_processors: + geoip: "/geoip/GeoLite2-City.mmdb" + asn: "/geoip/GeoLite2-ASN.mmdb" footer_links: [] diff --git a/authentik/policies/reputation/api.py b/authentik/policies/reputation/api.py index 9e9d95e13..885f6c162 100644 --- a/authentik/policies/reputation/api.py +++ b/authentik/policies/reputation/api.py @@ -47,6 +47,7 @@ class ReputationSerializer(ModelSerializer): "identifier", "ip", "ip_geo_data", + "ip_asn_data", "score", "updated", ] diff --git a/authentik/policies/reputation/migrations/0006_reputation_ip_asn_data.py b/authentik/policies/reputation/migrations/0006_reputation_ip_asn_data.py new file mode 100644 index 000000000..05557392e --- /dev/null +++ b/authentik/policies/reputation/migrations/0006_reputation_ip_asn_data.py @@ -0,0 +1,17 @@ +# Generated by Django 4.2.7 on 2023-12-05 22:20 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + dependencies = [ + ("authentik_policies_reputation", "0005_reputation_expires_reputation_expiring"), + ] + + operations = [ + migrations.AddField( + model_name="reputation", + name="ip_asn_data", + field=models.JSONField(default=dict), + ), + ] diff --git a/authentik/policies/reputation/models.py b/authentik/policies/reputation/models.py index 7fccfa11a..ea8ac2bd6 100644 --- a/authentik/policies/reputation/models.py +++ b/authentik/policies/reputation/models.py @@ -76,6 +76,7 @@ class Reputation(ExpiringModel, SerializerModel): identifier = models.TextField() ip = models.GenericIPAddressField() ip_geo_data = models.JSONField(default=dict) + ip_asn_data = models.JSONField(default=dict) score = models.BigIntegerField(default=0) expires = models.DateTimeField(default=reputation_expiry) diff --git a/authentik/policies/reputation/tasks.py b/authentik/policies/reputation/tasks.py index 7fd7b775f..ac65d1748 100644 --- a/authentik/policies/reputation/tasks.py +++ b/authentik/policies/reputation/tasks.py @@ -2,7 +2,8 @@ from django.core.cache import cache from structlog.stdlib import get_logger -from authentik.events.geo import GEOIP_READER +from authentik.events.context_processors.asn import ASN_CONTEXT_PROCESSOR +from authentik.events.context_processors.geoip import GEOIP_CONTEXT_PROCESSOR from authentik.events.monitored_tasks import ( MonitoredTask, TaskResult, @@ -26,7 +27,8 @@ def save_reputation(self: MonitoredTask): ip=score["ip"], identifier=score["identifier"], ) - rep.ip_geo_data = GEOIP_READER.city_dict(score["ip"]) or {} + rep.ip_geo_data = GEOIP_CONTEXT_PROCESSOR.city_dict(score["ip"]) or {} + rep.ip_asn_data = ASN_CONTEXT_PROCESSOR.asn_dict(score["ip"]) or {} rep.score = score["score"] objects_to_update.append(rep) Reputation.objects.bulk_update(objects_to_update, ["score", "ip_geo_data"]) diff --git a/authentik/policies/types.py b/authentik/policies/types.py index 5e59dbbf0..c9e2e8d86 100644 --- a/authentik/policies/types.py +++ b/authentik/policies/types.py @@ -8,7 +8,7 @@ from django.db.models import Model from django.http import HttpRequest from structlog.stdlib import get_logger -from authentik.events.geo import GEOIP_READER +from authentik.events.context_processors.base import get_context_processors if TYPE_CHECKING: from authentik.core.models import User @@ -37,15 +37,9 @@ class PolicyRequest: def set_http_request(self, request: HttpRequest): # pragma: no cover """Load data from HTTP request, including geoip when enabled""" - from authentik.root.middleware import ClientIPMiddleware - self.http_request = request - if not GEOIP_READER.enabled: - return - client_ip = ClientIPMiddleware.get_client_ip(request) - if not client_ip: - return - self.context["geoip"] = GEOIP_READER.city(client_ip) + for processor in get_context_processors(): + self.context.update(processor.enrich_context(request)) @property def should_cache(self) -> bool: diff --git a/authentik/providers/scim/api/providers.py b/authentik/providers/scim/api/providers.py index 546e62e65..ddca8cfef 100644 --- a/authentik/providers/scim/api/providers.py +++ b/authentik/providers/scim/api/providers.py @@ -2,6 +2,7 @@ from django.utils.text import slugify from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action +from rest_framework.fields import BooleanField from rest_framework.request import Request from rest_framework.response import Response from rest_framework.viewsets import ModelViewSet @@ -9,6 +10,7 @@ from rest_framework.viewsets import ModelViewSet from authentik.admin.api.tasks import TaskSerializer from authentik.core.api.providers import ProviderSerializer from authentik.core.api.used_by import UsedByMixin +from authentik.core.api.utils import PassiveSerializer from authentik.events.monitored_tasks import TaskInfo from authentik.providers.scim.models import SCIMProvider @@ -37,6 +39,13 @@ class SCIMProviderSerializer(ProviderSerializer): extra_kwargs = {} +class SCIMSyncStatusSerializer(PassiveSerializer): + """SCIM Provider sync status""" + + is_running = BooleanField(read_only=True) + tasks = TaskSerializer(many=True, read_only=True) + + class SCIMProviderViewSet(UsedByMixin, ModelViewSet): """SCIMProvider Viewset""" @@ -48,15 +57,18 @@ class SCIMProviderViewSet(UsedByMixin, ModelViewSet): @extend_schema( responses={ - 200: TaskSerializer(), + 200: SCIMSyncStatusSerializer(), 404: OpenApiResponse(description="Task not found"), } ) @action(methods=["GET"], detail=True, pagination_class=None, filter_backends=[]) def sync_status(self, request: Request, pk: int) -> Response: """Get provider's sync status""" - provider = self.get_object() + provider: SCIMProvider = self.get_object() task = TaskInfo.by_name(f"scim_sync:{slugify(provider.name)}") - if not task: - return Response(status=404) - return Response(TaskSerializer(task).data) + tasks = [task] if task else [] + status = { + "tasks": tasks, + "is_running": provider.sync_lock.locked(), + } + return Response(SCIMSyncStatusSerializer(status).data) diff --git a/authentik/providers/scim/clients/__init__.py b/authentik/providers/scim/clients/__init__.py index a57539f67..0e2e573b5 100644 --- a/authentik/providers/scim/clients/__init__.py +++ b/authentik/providers/scim/clients/__init__.py @@ -1,2 +1,3 @@ """SCIM constants""" PAGE_SIZE = 100 +PAGE_TIMEOUT = 60 * 60 * 0.5 # Half an hour diff --git a/authentik/providers/scim/models.py b/authentik/providers/scim/models.py index ac27288f3..b43a59375 100644 --- a/authentik/providers/scim/models.py +++ b/authentik/providers/scim/models.py @@ -1,11 +1,14 @@ """SCIM Provider models""" +from django.core.cache import cache from django.db import models from django.db.models import QuerySet from django.utils.translation import gettext_lazy as _ from guardian.shortcuts import get_anonymous_user +from redis.lock import Lock from rest_framework.serializers import Serializer from authentik.core.models import BackchannelProvider, Group, PropertyMapping, User, UserTypes +from authentik.providers.scim.clients import PAGE_TIMEOUT class SCIMProvider(BackchannelProvider): @@ -27,6 +30,15 @@ class SCIMProvider(BackchannelProvider): help_text=_("Property mappings used for group creation/updating."), ) + @property + def sync_lock(self) -> Lock: + """Redis lock for syncing SCIM to prevent multiple parallel syncs happening""" + return Lock( + cache.client.get_client(), + name=f"goauthentik.io/providers/scim/sync-{str(self.pk)}", + timeout=(60 * 60 * PAGE_TIMEOUT) * 3, + ) + def get_user_qs(self) -> QuerySet[User]: """Get queryset of all users with consistent ordering according to the provider's settings""" diff --git a/authentik/providers/scim/tasks.py b/authentik/providers/scim/tasks.py index f7639c89f..7b16b293e 100644 --- a/authentik/providers/scim/tasks.py +++ b/authentik/providers/scim/tasks.py @@ -12,7 +12,7 @@ from structlog.stdlib import get_logger from authentik.core.models import Group, User from authentik.events.monitored_tasks import MonitoredTask, TaskResult, TaskResultStatus from authentik.lib.utils.reflection import path_to_class -from authentik.providers.scim.clients import PAGE_SIZE +from authentik.providers.scim.clients import PAGE_SIZE, PAGE_TIMEOUT from authentik.providers.scim.clients.base import SCIMClient from authentik.providers.scim.clients.exceptions import SCIMRequestException, StopSync from authentik.providers.scim.clients.group import SCIMGroupClient @@ -47,12 +47,19 @@ def scim_sync(self: MonitoredTask, provider_pk: int) -> None: ).first() if not provider: return + lock = provider.sync_lock + if lock.locked(): + LOGGER.debug("SCIM sync locked, skipping task", source=provider.name) + return self.set_uid(slugify(provider.name)) result = TaskResult(TaskResultStatus.SUCCESSFUL, []) result.messages.append(_("Starting full SCIM sync")) LOGGER.debug("Starting SCIM sync") users_paginator = Paginator(provider.get_user_qs(), PAGE_SIZE) groups_paginator = Paginator(provider.get_group_qs(), PAGE_SIZE) + self.soft_time_limit = self.time_limit = ( + users_paginator.count + groups_paginator.count + ) * PAGE_TIMEOUT with allow_join_result(): try: for page in users_paginator.page_range: @@ -69,7 +76,10 @@ def scim_sync(self: MonitoredTask, provider_pk: int) -> None: self.set_status(result) -@CELERY_APP.task() +@CELERY_APP.task( + soft_time_limit=PAGE_TIMEOUT, + task_time_limit=PAGE_TIMEOUT, +) def scim_sync_users(page: int, provider_pk: int): """Sync single or multiple users to SCIM""" messages = [] diff --git a/authentik/root/test_runner.py b/authentik/root/test_runner.py index b2bf7a3d7..bc3b3b968 100644 --- a/authentik/root/test_runner.py +++ b/authentik/root/test_runner.py @@ -32,7 +32,8 @@ class PytestTestRunner(DiscoverRunner): # pragma: no cover settings.TEST = True settings.CELERY["task_always_eager"] = True CONFIG.set("avatars", "none") - CONFIG.set("geoip", "tests/GeoLite2-City-Test.mmdb") + CONFIG.set("events.context_processors.geoip", "tests/GeoLite2-City-Test.mmdb") + CONFIG.set("events.context_processors.asn", "tests/GeoLite2-ASN-Test.mmdb") CONFIG.set("blueprints_dir", "./blueprints") CONFIG.set( "outposts.container_image_base", diff --git a/authentik/stages/email/stage.py b/authentik/stages/email/stage.py index 0fa36bfbe..160a68e92 100644 --- a/authentik/stages/email/stage.py +++ b/authentik/stages/email/stage.py @@ -110,7 +110,7 @@ class EmailStageView(ChallengeStageView): try: message = TemplateEmailMessage( subject=_(current_stage.subject), - to=[email], + to=[f"{pending_user.name} <{email}>"], language=pending_user.locale(self.request), template_name=current_stage.template, template_context={ diff --git a/authentik/stages/email/templates/email/account_confirmation.txt b/authentik/stages/email/templates/email/account_confirmation.txt new file mode 100644 index 000000000..0a1fc70d1 --- /dev/null +++ b/authentik/stages/email/templates/email/account_confirmation.txt @@ -0,0 +1,8 @@ +{% load i18n %}{% translate "Welcome!" %} + +{% translate "We're excited to have you get started. First, you need to confirm your account. Just open the link below." %} + +{{ url }} + +-- +Powered by goauthentik.io. diff --git a/authentik/stages/email/templates/email/event_notification.html b/authentik/stages/email/templates/email/event_notification.html index e34563404..7ca78fc64 100644 --- a/authentik/stages/email/templates/email/event_notification.html +++ b/authentik/stages/email/templates/email/event_notification.html @@ -44,7 +44,7 @@ {% blocktranslate with name=source.from %} - This email was sent from the notification transport {{name}}. + This email was sent from the notification transport {{ name }}. {% endblocktranslate %} diff --git a/authentik/stages/email/templates/email/event_notification.txt b/authentik/stages/email/templates/email/event_notification.txt new file mode 100644 index 000000000..bd7d92896 --- /dev/null +++ b/authentik/stages/email/templates/email/event_notification.txt @@ -0,0 +1,18 @@ +{% load authentik_stages_email %}{% load i18n %}{% translate "Dear authentik user," %} + +{% translate "The following notification was created:" %} + + {{ body|indent }} + +{% if key_value %} +{% translate "Additional attributes:" %} +{% for key, value in key_value.items %} + {{ key }}: {{ value|indent }}{% endfor %} +{% endif %} + +{% if source %}{% blocktranslate with name=source.from %} +This email was sent from the notification transport {{ name }}. +{% endblocktranslate %}{% endif %} + +-- +Powered by goauthentik.io. diff --git a/authentik/stages/email/templates/email/password_reset.txt b/authentik/stages/email/templates/email/password_reset.txt new file mode 100644 index 000000000..0c13ad2f8 --- /dev/null +++ b/authentik/stages/email/templates/email/password_reset.txt @@ -0,0 +1,12 @@ +{% load i18n %}{% load humanize %}{% blocktrans with username=user.username %}Hi {{ username }},{% endblocktrans %} + +{% blocktrans %} +You recently requested to change your password for your authentik account. Use the link below to set a new password. +{% endblocktrans %} +{{ url }} +{% blocktrans with expires=expires|naturaltime %} +If you did not request a password change, please ignore this Email. The link above is valid for {{ expires }}. +{% endblocktrans %} + +-- +Powered by goauthentik.io. diff --git a/authentik/stages/email/templates/email/setup.txt b/authentik/stages/email/templates/email/setup.txt new file mode 100644 index 000000000..6d0eb0ce0 --- /dev/null +++ b/authentik/stages/email/templates/email/setup.txt @@ -0,0 +1,7 @@ +{% load i18n %}authentik Test-Email +{% blocktrans %} +This is a test email to inform you, that you've successfully configured authentik emails. +{% endblocktrans %} + +-- +Powered by goauthentik.io. diff --git a/authentik/stages/email/templatetags/authentik_stages_email.py b/authentik/stages/email/templatetags/authentik_stages_email.py index 7623c6c71..9b3dfb194 100644 --- a/authentik/stages/email/templatetags/authentik_stages_email.py +++ b/authentik/stages/email/templatetags/authentik_stages_email.py @@ -29,3 +29,9 @@ def inline_static_binary(path: str) -> str: b64content = b64encode(_file.read().encode()) return f"data:image/{result.suffix};base64,{b64content.decode('utf-8')}" return path + + +@register.filter(name="indent") +def indent_string(val, num_spaces=4): + """Intent text by a given amount of spaces""" + return val.replace("\n", "\n" + " " * num_spaces) diff --git a/authentik/stages/email/tests/test_sending.py b/authentik/stages/email/tests/test_sending.py index 424d474ce..5c67c8842 100644 --- a/authentik/stages/email/tests/test_sending.py +++ b/authentik/stages/email/tests/test_sending.py @@ -58,9 +58,11 @@ class TestEmailStageSending(FlowTestCase): events = Event.objects.filter(action=EventAction.EMAIL_SENT) self.assertEqual(len(events), 1) event = events.first() - self.assertEqual(event.context["message"], f"Email to {self.user.email} sent") + self.assertEqual( + event.context["message"], f"Email to {self.user.name} <{self.user.email}> sent" + ) self.assertEqual(event.context["subject"], "authentik") - self.assertEqual(event.context["to_email"], [self.user.email]) + self.assertEqual(event.context["to_email"], [f"{self.user.name} <{self.user.email}>"]) self.assertEqual(event.context["from_email"], "system@authentik.local") def test_pending_fake_user(self): diff --git a/authentik/stages/email/tests/test_stage.py b/authentik/stages/email/tests/test_stage.py index 853bc2a77..277549937 100644 --- a/authentik/stages/email/tests/test_stage.py +++ b/authentik/stages/email/tests/test_stage.py @@ -94,7 +94,7 @@ class TestEmailStage(FlowTestCase): self.assertEqual(response.status_code, 200) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].subject, "authentik") - self.assertEqual(mail.outbox[0].to, [self.user.email]) + self.assertEqual(mail.outbox[0].to, [f"{self.user.name} <{self.user.email}>"]) @patch( "authentik.stages.email.models.EmailStage.backend_class", @@ -114,7 +114,7 @@ class TestEmailStage(FlowTestCase): self.assertEqual(response.status_code, 200) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].subject, "authentik") - self.assertEqual(mail.outbox[0].to, ["foo@bar.baz"]) + self.assertEqual(mail.outbox[0].to, [f"{self.user.name} "]) @patch( "authentik.stages.email.models.EmailStage.backend_class", diff --git a/authentik/stages/email/utils.py b/authentik/stages/email/utils.py index a6edd4609..8f7f702ce 100644 --- a/authentik/stages/email/utils.py +++ b/authentik/stages/email/utils.py @@ -4,6 +4,7 @@ from functools import lru_cache from pathlib import Path from django.core.mail import EmailMultiAlternatives +from django.template.exceptions import TemplateDoesNotExist from django.template.loader import render_to_string from django.utils import translation @@ -24,9 +25,15 @@ class TemplateEmailMessage(EmailMultiAlternatives): """Wrapper around EmailMultiAlternatives with integrated template rendering""" def __init__(self, template_name=None, template_context=None, language="", **kwargs): + super().__init__(**kwargs) with translation.override(language): html_content = render_to_string(template_name, template_context) - super().__init__(**kwargs) - self.content_subtype = "html" + try: + text_content = render_to_string( + template_name.replace("html", "txt"), template_context + ) + self.body = text_content + except TemplateDoesNotExist: + pass self.mixed_subtype = "related" self.attach_alternative(html_content, "text/html") diff --git a/blueprints/schema.json b/blueprints/schema.json index bf66c94ed..e69de29bb 100644 --- a/blueprints/schema.json +++ b/blueprints/schema.json @@ -1,8750 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema", - "$id": "https://goauthentik.io/blueprints/schema.json", - "type": "object", - "title": "authentik Blueprint schema", - "required": [ - "version", - "entries" - ], - "properties": { - "version": { - "$id": "#/properties/version", - "type": "integer", - "title": "Blueprint version", - "default": 1 - }, - "metadata": { - "$id": "#/properties/metadata", - "type": "object", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string" - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - } - } - }, - "context": { - "$id": "#/properties/context", - "type": "object", - "additionalProperties": true - }, - "entries": { - "type": "array", - "items": { - "oneOf": [ - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_crypto.certificatekeypair" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_crypto.certificatekeypair" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_crypto.certificatekeypair" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_events.event" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_events.event" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_events.event" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_events.notificationtransport" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_events.notificationtransport" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_events.notificationtransport" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_events.notification" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_events.notification" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_events.notification" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_events.notificationrule" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_events.notificationrule" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_events.notificationrule" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_events.notificationwebhookmapping" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_events.notificationwebhookmapping" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_events.notificationwebhookmapping" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_flows.flow" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_flows.flow" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_flows.flow" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_flows.flowstagebinding" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_flows.flowstagebinding" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_flows.flowstagebinding" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_outposts.dockerserviceconnection" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_outposts.dockerserviceconnection" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_outposts.dockerserviceconnection" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_outposts.kubernetesserviceconnection" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_outposts.kubernetesserviceconnection" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_outposts.kubernetesserviceconnection" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_outposts.outpost" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_outposts.outpost" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_outposts.outpost" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_dummy.dummypolicy" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_dummy.dummypolicy" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_dummy.dummypolicy" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_event_matcher.eventmatcherpolicy" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_event_matcher.eventmatcherpolicy" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_event_matcher.eventmatcherpolicy" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_expiry.passwordexpirypolicy" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_expiry.passwordexpirypolicy" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_expiry.passwordexpirypolicy" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_expression.expressionpolicy" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_expression.expressionpolicy" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_expression.expressionpolicy" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_password.passwordpolicy" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_password.passwordpolicy" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_password.passwordpolicy" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_reputation.reputationpolicy" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_reputation.reputationpolicy" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_reputation.reputationpolicy" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies_reputation.reputation" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies_reputation.reputation" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies_reputation.reputation" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_policies.policybinding" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_policies.policybinding" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_policies.policybinding" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_ldap.ldapprovider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_ldap.ldapprovider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_ldap.ldapprovider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_oauth2.scopemapping" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_oauth2.scopemapping" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_oauth2.scopemapping" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_oauth2.oauth2provider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_oauth2.oauth2provider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_oauth2.oauth2provider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_oauth2.authorizationcode" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_oauth2.authorizationcode" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_oauth2.authorizationcode" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_oauth2.accesstoken" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_oauth2.accesstoken" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_oauth2.accesstoken" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_oauth2.refreshtoken" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_oauth2.refreshtoken" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_oauth2.refreshtoken" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_proxy.proxyprovider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_proxy.proxyprovider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_proxy.proxyprovider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_radius.radiusprovider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_radius.radiusprovider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_radius.radiusprovider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_saml.samlprovider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_saml.samlprovider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_saml.samlprovider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_saml.samlpropertymapping" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_saml.samlpropertymapping" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_saml.samlpropertymapping" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_scim.scimprovider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_scim.scimprovider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_scim.scimprovider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_scim.scimmapping" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_scim.scimmapping" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_scim.scimmapping" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_rbac.role" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_rbac.role" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_rbac.role" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_ldap.ldapsource" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_ldap.ldapsource" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_ldap.ldapsource" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_ldap.ldappropertymapping" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_ldap.ldappropertymapping" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_ldap.ldappropertymapping" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_oauth.oauthsource" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_oauth.oauthsource" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_oauth.oauthsource" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_oauth.useroauthsourceconnection" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_oauth.useroauthsourceconnection" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_oauth.useroauthsourceconnection" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_plex.plexsource" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_plex.plexsource" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_plex.plexsource" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_plex.plexsourceconnection" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_plex.plexsourceconnection" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_plex.plexsourceconnection" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_saml.samlsource" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_saml.samlsource" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_saml.samlsource" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_sources_saml.usersamlsourceconnection" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_sources_saml.usersamlsourceconnection" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_sources_saml.usersamlsourceconnection" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_duo.authenticatorduostage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_duo.authenticatorduostage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_duo.authenticatorduostage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_duo.duodevice" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_duo.duodevice" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_duo.duodevice" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_sms.authenticatorsmsstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_sms.authenticatorsmsstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_sms.authenticatorsmsstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_sms.smsdevice" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_sms.smsdevice" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_sms.smsdevice" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_static.authenticatorstaticstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_static.authenticatorstaticstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_static.authenticatorstaticstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_static.staticdevice" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_static.staticdevice" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_static.staticdevice" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_totp.authenticatortotpstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_totp.authenticatortotpstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_totp.authenticatortotpstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_totp.totpdevice" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_totp.totpdevice" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_totp.totpdevice" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_validate.authenticatorvalidatestage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_validate.authenticatorvalidatestage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_validate.authenticatorvalidatestage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_webauthn.authenticatewebauthnstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_webauthn.authenticatewebauthnstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_webauthn.authenticatewebauthnstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_authenticator_webauthn.webauthndevice" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_authenticator_webauthn.webauthndevice" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_authenticator_webauthn.webauthndevice" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_captcha.captchastage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_captcha.captchastage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_captcha.captchastage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_consent.consentstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_consent.consentstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_consent.consentstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_consent.userconsent" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_consent.userconsent" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_consent.userconsent" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_deny.denystage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_deny.denystage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_deny.denystage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_dummy.dummystage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_dummy.dummystage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_dummy.dummystage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_email.emailstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_email.emailstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_email.emailstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_identification.identificationstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_identification.identificationstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_identification.identificationstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_invitation.invitationstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_invitation.invitationstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_invitation.invitationstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_invitation.invitation" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_invitation.invitation" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_invitation.invitation" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_password.passwordstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_password.passwordstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_password.passwordstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_prompt.prompt" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_prompt.prompt" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_prompt.prompt" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_prompt.promptstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_prompt.promptstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_prompt.promptstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_user_delete.userdeletestage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_user_delete.userdeletestage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_user_delete.userdeletestage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_user_login.userloginstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_user_login.userloginstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_user_login.userloginstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_user_logout.userlogoutstage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_user_logout.userlogoutstage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_user_logout.userlogoutstage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_stages_user_write.userwritestage" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_stages_user_write.userwritestage" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_stages_user_write.userwritestage" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_tenants.tenant" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_tenants.tenant" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_tenants.tenant" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_blueprints.blueprintinstance" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_blueprints.blueprintinstance" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_blueprints.blueprintinstance" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_core.group" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_core.group" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_core.group" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_core.user" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_core.user" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_core.user" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_core.application" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_core.application" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_core.application" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_core.token" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_core.token" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_core.token" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_enterprise.license" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_enterprise.license" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_enterprise.license" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_blueprints.metaapplyblueprint" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "attrs": { - "$ref": "#/$defs/model_authentik_blueprints.metaapplyblueprint" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_blueprints.metaapplyblueprint" - } - } - } - ] - } - } - }, - "$defs": { - "model_authentik_crypto.certificatekeypair": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "certificate_data": { - "type": "string", - "minLength": 1, - "title": "Certificate data", - "description": "PEM-encoded Certificate data" - }, - "key_data": { - "type": "string", - "title": "Key data", - "description": "Optional Private Key. If this is set, you can use this keypair for encryption." - } - }, - "required": [] - }, - "model_authentik_events.event": { - "type": "object", - "properties": { - "user": { - "type": "object", - "additionalProperties": true, - "title": "User" - }, - "action": { - "type": "string", - "enum": [ - "login", - "login_failed", - "logout", - "user_write", - "suspicious_request", - "password_set", - "secret_view", - "secret_rotate", - "invitation_used", - "authorize_application", - "source_linked", - "impersonation_started", - "impersonation_ended", - "flow_execution", - "policy_execution", - "policy_exception", - "property_mapping_exception", - "system_task_execution", - "system_task_exception", - "system_exception", - "configuration_error", - "model_created", - "model_updated", - "model_deleted", - "email_sent", - "update_available", - "custom_" - ], - "title": "Action" - }, - "app": { - "type": "string", - "minLength": 1, - "title": "App" - }, - "context": { - "type": "object", - "additionalProperties": true, - "title": "Context" - }, - "client_ip": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Client ip" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "tenant": { - "type": "object", - "additionalProperties": true, - "title": "Tenant" - } - }, - "required": [] - }, - "model_authentik_events.notificationtransport": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "mode": { - "type": "string", - "enum": [ - "local", - "webhook", - "webhook_slack", - "email" - ], - "title": "Mode" - }, - "webhook_url": { - "type": "string", - "title": "Webhook url" - }, - "webhook_mapping": { - "type": "integer", - "title": "Webhook mapping" - }, - "send_once": { - "type": "boolean", - "title": "Send once", - "description": "Only send notification once, for example when sending a webhook into a chat channel." - } - }, - "required": [] - }, - "model_authentik_events.notification": { - "type": "object", - "properties": { - "event": { - "type": "object", - "properties": { - "user": { - "type": "object", - "additionalProperties": true, - "title": "User" - }, - "action": { - "type": "string", - "enum": [ - "login", - "login_failed", - "logout", - "user_write", - "suspicious_request", - "password_set", - "secret_view", - "secret_rotate", - "invitation_used", - "authorize_application", - "source_linked", - "impersonation_started", - "impersonation_ended", - "flow_execution", - "policy_execution", - "policy_exception", - "property_mapping_exception", - "system_task_execution", - "system_task_exception", - "system_exception", - "configuration_error", - "model_created", - "model_updated", - "model_deleted", - "email_sent", - "update_available", - "custom_" - ], - "title": "Action" - }, - "app": { - "type": "string", - "minLength": 1, - "title": "App" - }, - "context": { - "type": "object", - "additionalProperties": true, - "title": "Context" - }, - "client_ip": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Client ip" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "tenant": { - "type": "object", - "additionalProperties": true, - "title": "Tenant" - } - }, - "required": [ - "action", - "app" - ], - "title": "Event" - }, - "seen": { - "type": "boolean", - "title": "Seen" - } - }, - "required": [] - }, - "model_authentik_events.notificationrule": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "transports": { - "type": "array", - "items": { - "type": "integer", - "description": "Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI." - }, - "title": "Transports", - "description": "Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI." - }, - "severity": { - "type": "string", - "enum": [ - "notice", - "warning", - "alert" - ], - "title": "Severity", - "description": "Controls which severity level the created notifications will have." - }, - "group": { - "type": "integer", - "title": "Group", - "description": "Define which group of users this notification should be sent and shown to. If left empty, Notification won't ben sent." - } - }, - "required": [] - }, - "model_authentik_events.notificationwebhookmapping": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "expression": { - "type": "string", - "minLength": 1, - "title": "Expression" - } - }, - "required": [] - }, - "model_authentik_flows.flow": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "background": { - "type": "string", - "minLength": 1, - "title": "Background" - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - }, - "authentication": { - "type": "string", - "enum": [ - "none", - "require_authenticated", - "require_unauthenticated", - "require_superuser", - "require_outpost" - ], - "title": "Authentication", - "description": "Required level of authentication and authorization to access a flow." - } - }, - "required": [] - }, - "model_authentik_flows.flowstagebinding": { - "type": "object", - "properties": { - "target": { - "type": "integer", - "title": "Target" - }, - "stage": { - "type": "integer", - "title": "Stage" - }, - "evaluate_on_plan": { - "type": "boolean", - "title": "Evaluate on plan", - "description": "Evaluate policies during the Flow planning process." - }, - "re_evaluate_policies": { - "type": "boolean", - "title": "Re evaluate policies", - "description": "Evaluate policies when the Stage is present to the user." - }, - "order": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Order" - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "invalid_response_action": { - "type": "string", - "enum": [ - "retry", - "restart", - "restart_with_context" - ], - "title": "Invalid response action", - "description": "Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context." - } - }, - "required": [] - }, - "model_authentik_outposts.dockerserviceconnection": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "local": { - "type": "boolean", - "title": "Local", - "description": "If enabled, use the local connection. Required Docker socket/Kubernetes Integration" - }, - "url": { - "type": "string", - "minLength": 1, - "title": "Url", - "description": "Can be in the format of 'unix://' when connecting to a local docker daemon, or 'https://:2376' when connecting to a remote system." - }, - "tls_verification": { - "type": "integer", - "title": "Tls verification", - "description": "CA which the endpoint's Certificate is verified against. Can be left empty for no validation." - }, - "tls_authentication": { - "type": "integer", - "title": "Tls authentication", - "description": "Certificate/Key used for authentication. Can be left empty for no authentication." - } - }, - "required": [] - }, - "model_authentik_outposts.kubernetesserviceconnection": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "local": { - "type": "boolean", - "title": "Local", - "description": "If enabled, use the local connection. Required Docker socket/Kubernetes Integration" - }, - "kubeconfig": { - "type": "object", - "additionalProperties": true, - "title": "Kubeconfig", - "description": "Paste your kubeconfig here. authentik will automatically use the currently selected context." - }, - "verify_ssl": { - "type": "boolean", - "title": "Verify ssl", - "description": "Verify SSL Certificates of the Kubernetes API endpoint" - } - }, - "required": [] - }, - "model_authentik_outposts.outpost": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "type": { - "type": "string", - "enum": [ - "proxy", - "ldap", - "radius" - ], - "title": "Type" - }, - "providers": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Providers" - }, - "service_connection": { - "type": "integer", - "title": "Service connection", - "description": "Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment." - }, - "config": { - "type": "object", - "additionalProperties": true, - "title": "Config" - }, - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - } - }, - "required": [] - }, - "model_authentik_policies_dummy.dummypolicy": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "execution_logging": { - "type": "boolean", - "title": "Execution logging", - "description": "When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged." - }, - "result": { - "type": "boolean", - "title": "Result" - }, - "wait_min": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Wait min" - }, - "wait_max": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Wait max" - } - }, - "required": [] - }, - "model_authentik_policies_event_matcher.eventmatcherpolicy": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "execution_logging": { - "type": "boolean", - "title": "Execution logging", - "description": "When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged." - }, - "action": { - "type": [ - "null", - "string" - ], - "enum": [ - null, - "login", - "login_failed", - "logout", - "user_write", - "suspicious_request", - "password_set", - "secret_view", - "secret_rotate", - "invitation_used", - "authorize_application", - "source_linked", - "impersonation_started", - "impersonation_ended", - "flow_execution", - "policy_execution", - "policy_exception", - "property_mapping_exception", - "system_task_execution", - "system_task_exception", - "system_exception", - "configuration_error", - "model_created", - "model_updated", - "model_deleted", - "email_sent", - "update_available", - "custom_" - ], - "title": "Action", - "description": "Match created events with this action type. When left empty, all action types will be matched." - }, - "client_ip": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Client ip", - "description": "Matches Event's Client IP (strict matching, for network matching use an Expression Policy)" - }, - "app": { - "type": [ - "null", - "string" - ], - "enum": [ - null, - "authentik.admin", - "authentik.api", - "authentik.crypto", - "authentik.events", - "authentik.flows", - "authentik.outposts", - "authentik.policies.dummy", - "authentik.policies.event_matcher", - "authentik.policies.expiry", - "authentik.policies.expression", - "authentik.policies.password", - "authentik.policies.reputation", - "authentik.policies", - "authentik.providers.ldap", - "authentik.providers.oauth2", - "authentik.providers.proxy", - "authentik.providers.radius", - "authentik.providers.saml", - "authentik.providers.scim", - "authentik.rbac", - "authentik.recovery", - "authentik.sources.ldap", - "authentik.sources.oauth", - "authentik.sources.plex", - "authentik.sources.saml", - "authentik.stages.authenticator", - "authentik.stages.authenticator_duo", - "authentik.stages.authenticator_sms", - "authentik.stages.authenticator_static", - "authentik.stages.authenticator_totp", - "authentik.stages.authenticator_validate", - "authentik.stages.authenticator_webauthn", - "authentik.stages.captcha", - "authentik.stages.consent", - "authentik.stages.deny", - "authentik.stages.dummy", - "authentik.stages.email", - "authentik.stages.identification", - "authentik.stages.invitation", - "authentik.stages.password", - "authentik.stages.prompt", - "authentik.stages.user_delete", - "authentik.stages.user_login", - "authentik.stages.user_logout", - "authentik.stages.user_write", - "authentik.tenants", - "authentik.blueprints", - "authentik.core", - "authentik.enterprise" - ], - "title": "App", - "description": "Match events created by selected application. When left empty, all applications are matched." - }, - "model": { - "type": [ - "null", - "string" - ], - "enum": [ - null, - "authentik_crypto.certificatekeypair", - "authentik_events.event", - "authentik_events.notificationtransport", - "authentik_events.notification", - "authentik_events.notificationrule", - "authentik_events.notificationwebhookmapping", - "authentik_flows.flow", - "authentik_flows.flowstagebinding", - "authentik_outposts.dockerserviceconnection", - "authentik_outposts.kubernetesserviceconnection", - "authentik_outposts.outpost", - "authentik_policies_dummy.dummypolicy", - "authentik_policies_event_matcher.eventmatcherpolicy", - "authentik_policies_expiry.passwordexpirypolicy", - "authentik_policies_expression.expressionpolicy", - "authentik_policies_password.passwordpolicy", - "authentik_policies_reputation.reputationpolicy", - "authentik_policies_reputation.reputation", - "authentik_policies.policybinding", - "authentik_providers_ldap.ldapprovider", - "authentik_providers_oauth2.scopemapping", - "authentik_providers_oauth2.oauth2provider", - "authentik_providers_oauth2.authorizationcode", - "authentik_providers_oauth2.accesstoken", - "authentik_providers_oauth2.refreshtoken", - "authentik_providers_proxy.proxyprovider", - "authentik_providers_radius.radiusprovider", - "authentik_providers_saml.samlprovider", - "authentik_providers_saml.samlpropertymapping", - "authentik_providers_scim.scimprovider", - "authentik_providers_scim.scimmapping", - "authentik_rbac.role", - "authentik_sources_ldap.ldapsource", - "authentik_sources_ldap.ldappropertymapping", - "authentik_sources_oauth.oauthsource", - "authentik_sources_oauth.useroauthsourceconnection", - "authentik_sources_plex.plexsource", - "authentik_sources_plex.plexsourceconnection", - "authentik_sources_saml.samlsource", - "authentik_sources_saml.usersamlsourceconnection", - "authentik_stages_authenticator_duo.authenticatorduostage", - "authentik_stages_authenticator_duo.duodevice", - "authentik_stages_authenticator_sms.authenticatorsmsstage", - "authentik_stages_authenticator_sms.smsdevice", - "authentik_stages_authenticator_static.authenticatorstaticstage", - "authentik_stages_authenticator_static.staticdevice", - "authentik_stages_authenticator_totp.authenticatortotpstage", - "authentik_stages_authenticator_totp.totpdevice", - "authentik_stages_authenticator_validate.authenticatorvalidatestage", - "authentik_stages_authenticator_webauthn.authenticatewebauthnstage", - "authentik_stages_authenticator_webauthn.webauthndevice", - "authentik_stages_captcha.captchastage", - "authentik_stages_consent.consentstage", - "authentik_stages_consent.userconsent", - "authentik_stages_deny.denystage", - "authentik_stages_dummy.dummystage", - "authentik_stages_email.emailstage", - "authentik_stages_identification.identificationstage", - "authentik_stages_invitation.invitationstage", - "authentik_stages_invitation.invitation", - "authentik_stages_password.passwordstage", - "authentik_stages_prompt.prompt", - "authentik_stages_prompt.promptstage", - "authentik_stages_user_delete.userdeletestage", - "authentik_stages_user_login.userloginstage", - "authentik_stages_user_logout.userlogoutstage", - "authentik_stages_user_write.userwritestage", - "authentik_tenants.tenant", - "authentik_blueprints.blueprintinstance", - "authentik_core.group", - "authentik_core.user", - "authentik_core.application", - "authentik_core.token", - "authentik_enterprise.license" - ], - "title": "Model", - "description": "Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched." - } - }, - "required": [] - }, - "model_authentik_policies_expiry.passwordexpirypolicy": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "execution_logging": { - "type": "boolean", - "title": "Execution logging", - "description": "When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged." - }, - "days": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Days" - }, - "deny_only": { - "type": "boolean", - "title": "Deny only" - } - }, - "required": [] - }, - "model_authentik_policies_expression.expressionpolicy": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "execution_logging": { - "type": "boolean", - "title": "Execution logging", - "description": "When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged." - }, - "expression": { - "type": "string", - "minLength": 1, - "title": "Expression" - } - }, - "required": [] - }, - "model_authentik_policies_password.passwordpolicy": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "execution_logging": { - "type": "boolean", - "title": "Execution logging", - "description": "When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged." - }, - "password_field": { - "type": "string", - "minLength": 1, - "title": "Password field", - "description": "Field key to check, field keys defined in Prompt stages are available." - }, - "amount_digits": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Amount digits" - }, - "amount_uppercase": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Amount uppercase" - }, - "amount_lowercase": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Amount lowercase" - }, - "amount_symbols": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Amount symbols" - }, - "length_min": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Length min" - }, - "symbol_charset": { - "type": "string", - "minLength": 1, - "title": "Symbol charset" - }, - "error_message": { - "type": "string", - "title": "Error message" - }, - "check_static_rules": { - "type": "boolean", - "title": "Check static rules" - }, - "check_have_i_been_pwned": { - "type": "boolean", - "title": "Check have i been pwned" - }, - "check_zxcvbn": { - "type": "boolean", - "title": "Check zxcvbn" - }, - "hibp_allowed_count": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Hibp allowed count", - "description": "How many times the password hash is allowed to be on haveibeenpwned" - }, - "zxcvbn_score_threshold": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Zxcvbn score threshold", - "description": "If the zxcvbn score is equal or less than this value, the policy will fail." - } - }, - "required": [] - }, - "model_authentik_policies_reputation.reputationpolicy": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "execution_logging": { - "type": "boolean", - "title": "Execution logging", - "description": "When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged." - }, - "check_ip": { - "type": "boolean", - "title": "Check ip" - }, - "check_username": { - "type": "boolean", - "title": "Check username" - }, - "threshold": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Threshold" - } - }, - "required": [] - }, - "model_authentik_policies_reputation.reputation": { - "type": "object", - "properties": { - "pk": { - "type": "string", - "format": "uuid", - "title": "Reputation uuid" - }, - "identifier": { - "type": "string", - "minLength": 1, - "title": "Identifier" - }, - "ip": { - "type": "string", - "minLength": 1, - "title": "Ip" - }, - "ip_geo_data": { - "type": "object", - "additionalProperties": true, - "title": "Ip geo data" - }, - "score": { - "type": "integer", - "minimum": -9223372036854775808, - "maximum": 9223372036854775807, - "title": "Score" - } - }, - "required": [] - }, - "model_authentik_policies.policybinding": { - "type": "object", - "properties": { - "policy": { - "type": "integer", - "title": "Policy" - }, - "group": { - "type": "integer", - "title": "Group" - }, - "user": { - "type": "integer", - "title": "User" - }, - "target": { - "type": "integer", - "title": "Target" - }, - "negate": { - "type": "boolean", - "title": "Negate", - "description": "Negates the outcome of the policy. Messages are unaffected." - }, - "enabled": { - "type": "boolean", - "title": "Enabled" - }, - "order": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Order" - }, - "timeout": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Timeout", - "description": "Timeout after which Policy execution is terminated." - }, - "failure_result": { - "type": "boolean", - "title": "Failure result", - "description": "Result if the Policy execution fails." - } - }, - "required": [] - }, - "model_authentik_providers_ldap.ldapprovider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "base_dn": { - "type": "string", - "minLength": 1, - "title": "Base dn", - "description": "DN under which objects are accessible." - }, - "search_group": { - "type": "integer", - "title": "Search group", - "description": "Users in this group can do search queries. If not set, every user can execute search queries." - }, - "certificate": { - "type": "integer", - "title": "Certificate" - }, - "tls_server_name": { - "type": "string", - "title": "Tls server name" - }, - "uid_start_number": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Uid start number", - "description": "The start for uidNumbers, this number is added to the user.pk to make sure that the numbers aren't too low for POSIX users. Default is 2000 to ensure that we don't collide with local users uidNumber" - }, - "gid_start_number": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Gid start number", - "description": "The start for gidNumbers, this number is added to a number generated from the group.pk to make sure that the numbers aren't too low for POSIX groups. Default is 4000 to ensure that we don't collide with local groups or users primary groups gidNumber" - }, - "search_mode": { - "type": "string", - "enum": [ - "direct", - "cached" - ], - "title": "Search mode" - }, - "bind_mode": { - "type": "string", - "enum": [ - "direct", - "cached" - ], - "title": "Bind mode" - }, - "mfa_support": { - "type": "boolean", - "title": "MFA Support", - "description": "When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon." - } - }, - "required": [] - }, - "model_authentik_providers_oauth2.scopemapping": { - "type": "object", - "properties": { - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - }, - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "expression": { - "type": "string", - "minLength": 1, - "title": "Expression" - }, - "scope_name": { - "type": "string", - "minLength": 1, - "title": "Scope name", - "description": "Scope name requested by the client" - }, - "description": { - "type": "string", - "title": "Description", - "description": "Description shown to the user when consenting. If left empty, the user won't be informed." - } - }, - "required": [] - }, - "model_authentik_providers_oauth2.oauth2provider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "client_type": { - "type": "string", - "enum": [ - "confidential", - "public" - ], - "title": "Client Type", - "description": "Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable" - }, - "client_id": { - "type": "string", - "maxLength": 255, - "minLength": 1, - "title": "Client ID" - }, - "client_secret": { - "type": "string", - "maxLength": 255, - "title": "Client Secret" - }, - "access_code_validity": { - "type": "string", - "minLength": 1, - "title": "Access code validity", - "description": "Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "access_token_validity": { - "type": "string", - "minLength": 1, - "title": "Access token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "refresh_token_validity": { - "type": "string", - "minLength": 1, - "title": "Refresh token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "include_claims_in_id_token": { - "type": "boolean", - "title": "Include claims in id_token", - "description": "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint." - }, - "signing_key": { - "type": "integer", - "title": "Signing Key", - "description": "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256." - }, - "redirect_uris": { - "type": "string", - "title": "Redirect URIs", - "description": "Enter each URI on a new line." - }, - "sub_mode": { - "type": "string", - "enum": [ - "hashed_user_id", - "user_id", - "user_uuid", - "user_username", - "user_email", - "user_upn" - ], - "title": "Sub mode", - "description": "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." - }, - "issuer_mode": { - "type": "string", - "enum": [ - "global", - "per_provider" - ], - "title": "Issuer mode", - "description": "Configure how the issuer field of the ID Token should be filled." - }, - "jwks_sources": { - "type": "array", - "items": { - "type": "integer", - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - }, - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - } - }, - "required": [] - }, - "model_authentik_providers_oauth2.authorizationcode": { - "type": "object", - "properties": { - "provider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "client_type": { - "type": "string", - "enum": [ - "confidential", - "public" - ], - "title": "Client Type", - "description": "Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable" - }, - "client_id": { - "type": "string", - "maxLength": 255, - "minLength": 1, - "title": "Client ID" - }, - "client_secret": { - "type": "string", - "maxLength": 255, - "title": "Client Secret" - }, - "access_code_validity": { - "type": "string", - "minLength": 1, - "title": "Access code validity", - "description": "Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "access_token_validity": { - "type": "string", - "minLength": 1, - "title": "Access token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "refresh_token_validity": { - "type": "string", - "minLength": 1, - "title": "Refresh token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "include_claims_in_id_token": { - "type": "boolean", - "title": "Include claims in id_token", - "description": "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint." - }, - "signing_key": { - "type": "integer", - "title": "Signing Key", - "description": "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256." - }, - "redirect_uris": { - "type": "string", - "title": "Redirect URIs", - "description": "Enter each URI on a new line." - }, - "sub_mode": { - "type": "string", - "enum": [ - "hashed_user_id", - "user_id", - "user_uuid", - "user_username", - "user_email", - "user_upn" - ], - "title": "Sub mode", - "description": "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." - }, - "issuer_mode": { - "type": "string", - "enum": [ - "global", - "per_provider" - ], - "title": "Issuer mode", - "description": "Configure how the issuer field of the ID Token should be filled." - }, - "jwks_sources": { - "type": "array", - "items": { - "type": "integer", - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - }, - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - } - }, - "required": [ - "name", - "authorization_flow" - ], - "title": "Provider" - }, - "user": { - "type": "object", - "properties": { - "username": { - "type": "string", - "maxLength": 150, - "minLength": 1, - "title": "Username" - }, - "name": { - "type": "string", - "title": "Name", - "description": "User's display name." - }, - "is_active": { - "type": "boolean", - "title": "Active", - "description": "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." - }, - "last_login": { - "type": [ - "string", - "null" - ], - "format": "date-time", - "title": "Last login" - }, - "groups": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Groups" - }, - "email": { - "type": "string", - "format": "email", - "maxLength": 254, - "title": "Email address" - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - }, - "path": { - "type": "string", - "minLength": 1, - "title": "Path" - }, - "type": { - "type": "string", - "enum": [ - "internal", - "external", - "service_account", - "internal_service_account" - ], - "title": "Type" - } - }, - "required": [ - "username", - "name" - ], - "title": "User" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "scope": { - "type": "array", - "items": { - "type": "string", - "minLength": 1 - }, - "title": "Scope" - } - }, - "required": [] - }, - "model_authentik_providers_oauth2.accesstoken": { - "type": "object", - "properties": { - "provider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "client_type": { - "type": "string", - "enum": [ - "confidential", - "public" - ], - "title": "Client Type", - "description": "Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable" - }, - "client_id": { - "type": "string", - "maxLength": 255, - "minLength": 1, - "title": "Client ID" - }, - "client_secret": { - "type": "string", - "maxLength": 255, - "title": "Client Secret" - }, - "access_code_validity": { - "type": "string", - "minLength": 1, - "title": "Access code validity", - "description": "Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "access_token_validity": { - "type": "string", - "minLength": 1, - "title": "Access token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "refresh_token_validity": { - "type": "string", - "minLength": 1, - "title": "Refresh token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "include_claims_in_id_token": { - "type": "boolean", - "title": "Include claims in id_token", - "description": "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint." - }, - "signing_key": { - "type": "integer", - "title": "Signing Key", - "description": "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256." - }, - "redirect_uris": { - "type": "string", - "title": "Redirect URIs", - "description": "Enter each URI on a new line." - }, - "sub_mode": { - "type": "string", - "enum": [ - "hashed_user_id", - "user_id", - "user_uuid", - "user_username", - "user_email", - "user_upn" - ], - "title": "Sub mode", - "description": "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." - }, - "issuer_mode": { - "type": "string", - "enum": [ - "global", - "per_provider" - ], - "title": "Issuer mode", - "description": "Configure how the issuer field of the ID Token should be filled." - }, - "jwks_sources": { - "type": "array", - "items": { - "type": "integer", - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - }, - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - } - }, - "required": [ - "name", - "authorization_flow" - ], - "title": "Provider" - }, - "user": { - "type": "object", - "properties": { - "username": { - "type": "string", - "maxLength": 150, - "minLength": 1, - "title": "Username" - }, - "name": { - "type": "string", - "title": "Name", - "description": "User's display name." - }, - "is_active": { - "type": "boolean", - "title": "Active", - "description": "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." - }, - "last_login": { - "type": [ - "string", - "null" - ], - "format": "date-time", - "title": "Last login" - }, - "groups": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Groups" - }, - "email": { - "type": "string", - "format": "email", - "maxLength": 254, - "title": "Email address" - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - }, - "path": { - "type": "string", - "minLength": 1, - "title": "Path" - }, - "type": { - "type": "string", - "enum": [ - "internal", - "external", - "service_account", - "internal_service_account" - ], - "title": "Type" - } - }, - "required": [ - "username", - "name" - ], - "title": "User" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "scope": { - "type": "array", - "items": { - "type": "string", - "minLength": 1 - }, - "title": "Scope" - }, - "revoked": { - "type": "boolean", - "title": "Revoked" - } - }, - "required": [] - }, - "model_authentik_providers_oauth2.refreshtoken": { - "type": "object", - "properties": { - "provider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "client_type": { - "type": "string", - "enum": [ - "confidential", - "public" - ], - "title": "Client Type", - "description": "Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable" - }, - "client_id": { - "type": "string", - "maxLength": 255, - "minLength": 1, - "title": "Client ID" - }, - "client_secret": { - "type": "string", - "maxLength": 255, - "title": "Client Secret" - }, - "access_code_validity": { - "type": "string", - "minLength": 1, - "title": "Access code validity", - "description": "Access codes not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "access_token_validity": { - "type": "string", - "minLength": 1, - "title": "Access token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "refresh_token_validity": { - "type": "string", - "minLength": 1, - "title": "Refresh token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "include_claims_in_id_token": { - "type": "boolean", - "title": "Include claims in id_token", - "description": "Include User claims from scopes in the id_token, for applications that don't access the userinfo endpoint." - }, - "signing_key": { - "type": "integer", - "title": "Signing Key", - "description": "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256." - }, - "redirect_uris": { - "type": "string", - "title": "Redirect URIs", - "description": "Enter each URI on a new line." - }, - "sub_mode": { - "type": "string", - "enum": [ - "hashed_user_id", - "user_id", - "user_uuid", - "user_username", - "user_email", - "user_upn" - ], - "title": "Sub mode", - "description": "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." - }, - "issuer_mode": { - "type": "string", - "enum": [ - "global", - "per_provider" - ], - "title": "Issuer mode", - "description": "Configure how the issuer field of the ID Token should be filled." - }, - "jwks_sources": { - "type": "array", - "items": { - "type": "integer", - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - }, - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - } - }, - "required": [ - "name", - "authorization_flow" - ], - "title": "Provider" - }, - "user": { - "type": "object", - "properties": { - "username": { - "type": "string", - "maxLength": 150, - "minLength": 1, - "title": "Username" - }, - "name": { - "type": "string", - "title": "Name", - "description": "User's display name." - }, - "is_active": { - "type": "boolean", - "title": "Active", - "description": "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." - }, - "last_login": { - "type": [ - "string", - "null" - ], - "format": "date-time", - "title": "Last login" - }, - "groups": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Groups" - }, - "email": { - "type": "string", - "format": "email", - "maxLength": 254, - "title": "Email address" - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - }, - "path": { - "type": "string", - "minLength": 1, - "title": "Path" - }, - "type": { - "type": "string", - "enum": [ - "internal", - "external", - "service_account", - "internal_service_account" - ], - "title": "Type" - } - }, - "required": [ - "username", - "name" - ], - "title": "User" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "scope": { - "type": "array", - "items": { - "type": "string", - "minLength": 1 - }, - "title": "Scope" - }, - "revoked": { - "type": "boolean", - "title": "Revoked" - } - }, - "required": [] - }, - "model_authentik_providers_proxy.proxyprovider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "internal_host": { - "type": "string", - "title": "Internal host" - }, - "external_host": { - "type": "string", - "minLength": 1, - "title": "External host" - }, - "internal_host_ssl_validation": { - "type": "boolean", - "title": "Internal host SSL Validation", - "description": "Validate SSL Certificates of upstream servers" - }, - "certificate": { - "type": "integer", - "title": "Certificate" - }, - "skip_path_regex": { - "type": "string", - "title": "Skip path regex", - "description": "Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression." - }, - "basic_auth_enabled": { - "type": "boolean", - "title": "Set HTTP-Basic Authentication", - "description": "Set a custom HTTP-Basic Authentication header based on values from authentik." - }, - "basic_auth_password_attribute": { - "type": "string", - "title": "HTTP-Basic Password Key", - "description": "User/Group Attribute used for the password part of the HTTP-Basic Header." - }, - "basic_auth_user_attribute": { - "type": "string", - "title": "HTTP-Basic Username Key", - "description": "User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used." - }, - "mode": { - "type": "string", - "enum": [ - "proxy", - "forward_single", - "forward_domain" - ], - "title": "Mode", - "description": "Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host." - }, - "intercept_header_auth": { - "type": "boolean", - "title": "Intercept header auth", - "description": "When enabled, this provider will intercept the authorization header and authenticate requests based on its value." - }, - "cookie_domain": { - "type": "string", - "title": "Cookie domain" - }, - "jwks_sources": { - "type": "array", - "items": { - "type": "integer", - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - }, - "title": "Any JWT signed by the JWK of the selected source can be used to authenticate." - }, - "access_token_validity": { - "type": "string", - "minLength": 1, - "title": "Access token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "refresh_token_validity": { - "type": "string", - "minLength": 1, - "title": "Refresh token validity", - "description": "Tokens not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - } - }, - "required": [] - }, - "model_authentik_providers_radius.radiusprovider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "client_networks": { - "type": "string", - "minLength": 1, - "title": "Client networks", - "description": "List of CIDRs (comma-separated) that clients can connect from. A more specific CIDR will match before a looser one. Clients connecting from a non-specified CIDR will be dropped." - }, - "shared_secret": { - "type": "string", - "minLength": 1, - "title": "Shared secret", - "description": "Shared secret between clients and server to hash packets." - }, - "mfa_support": { - "type": "boolean", - "title": "MFA Support", - "description": "When enabled, code-based multi-factor authentication can be used by appending a semicolon and the TOTP code to the password. This should only be enabled if all users that will bind to this provider have a TOTP device configured, as otherwise a password may incorrectly be rejected if it contains a semicolon." - } - }, - "required": [] - }, - "model_authentik_providers_saml.samlprovider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "integer", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "acs_url": { - "type": "string", - "format": "uri", - "maxLength": 200, - "minLength": 1, - "title": "ACS URL" - }, - "audience": { - "type": "string", - "title": "Audience", - "description": "Value of the audience restriction field of the assertion. When left empty, no audience restriction will be added." - }, - "issuer": { - "type": "string", - "minLength": 1, - "title": "Issuer", - "description": "Also known as EntityID" - }, - "assertion_valid_not_before": { - "type": "string", - "minLength": 1, - "title": "Assertion valid not before", - "description": "Assertion valid not before current time + this value (Format: hours=-1;minutes=-2;seconds=-3)." - }, - "assertion_valid_not_on_or_after": { - "type": "string", - "minLength": 1, - "title": "Assertion valid not on or after", - "description": "Assertion not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "session_valid_not_on_or_after": { - "type": "string", - "minLength": 1, - "title": "Session valid not on or after", - "description": "Session not valid on or after current time + this value (Format: hours=1;minutes=2;seconds=3)." - }, - "name_id_mapping": { - "type": "integer", - "title": "NameID Property Mapping", - "description": "Configure how the NameID value will be created. When left empty, the NameIDPolicy of the incoming request will be considered" - }, - "digest_algorithm": { - "type": "string", - "enum": [ - "http://www.w3.org/2000/09/xmldsig#sha1", - "http://www.w3.org/2001/04/xmlenc#sha256", - "http://www.w3.org/2001/04/xmldsig-more#sha384", - "http://www.w3.org/2001/04/xmlenc#sha512" - ], - "title": "Digest algorithm" - }, - "signature_algorithm": { - "type": "string", - "enum": [ - "http://www.w3.org/2000/09/xmldsig#rsa-sha1", - "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", - "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384", - "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512", - "http://www.w3.org/2000/09/xmldsig#dsa-sha1" - ], - "title": "Signature algorithm" - }, - "signing_kp": { - "type": "integer", - "title": "Signing Keypair", - "description": "Keypair used to sign outgoing Responses going to the Service Provider." - }, - "verification_kp": { - "type": "integer", - "title": "Verification Certificate", - "description": "When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default." - }, - "sp_binding": { - "type": "string", - "enum": [ - "redirect", - "post" - ], - "title": "Service Provider Binding", - "description": "This determines how authentik sends the response back to the Service Provider." - }, - "default_relay_state": { - "type": "string", - "title": "Default relay state", - "description": "Default relay_state value for IDP-initiated logins" - } - }, - "required": [] - }, - "model_authentik_providers_saml.samlpropertymapping": { - "type": "object", - "properties": { - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - }, - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "expression": { - "type": "string", - "minLength": 1, - "title": "Expression" - }, - "saml_name": { - "type": "string", - "minLength": 1, - "title": "SAML Name" - }, - "friendly_name": { - "type": [ - "string", - "null" - ], - "title": "Friendly name" - } - }, - "required": [] - }, - "model_authentik_providers_scim.scimprovider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "property_mappings_group": { - "type": "array", - "items": { - "type": "integer", - "description": "Property mappings used for group creation/updating." - }, - "title": "Property mappings group", - "description": "Property mappings used for group creation/updating." - }, - "url": { - "type": "string", - "minLength": 1, - "title": "Url", - "description": "Base URL to SCIM requests, usually ends in /v2" - }, - "token": { - "type": "string", - "minLength": 1, - "title": "Token", - "description": "Authentication token" - }, - "exclude_users_service_account": { - "type": "boolean", - "title": "Exclude users service account" - }, - "filter_group": { - "type": "integer", - "title": "Filter group" - } - }, - "required": [] - }, - "model_authentik_providers_scim.scimmapping": { - "type": "object", - "properties": { - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - }, - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "expression": { - "type": "string", - "minLength": 1, - "title": "Expression" - } - }, - "required": [] - }, - "model_authentik_rbac.role": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 150, - "minLength": 1, - "title": "Name" - } - }, - "required": [] - }, - "model_authentik_sources_ldap.ldapsource": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name", - "description": "Source's display Name." - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Internal source name, used in URLs." - }, - "enabled": { - "type": "boolean", - "title": "Enabled" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow to use when authenticating existing users." - }, - "enrollment_flow": { - "type": "integer", - "title": "Enrollment flow", - "description": "Flow to use when enrolling new users." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "user_matching_mode": { - "type": "string", - "enum": [ - "identifier", - "email_link", - "email_deny", - "username_link", - "username_deny" - ], - "title": "User matching mode", - "description": "How the source determines if an existing user should be authenticated or a new user enrolled." - }, - "user_path_template": { - "type": "string", - "minLength": 1, - "title": "User path template" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - }, - "server_uri": { - "type": "string", - "minLength": 1, - "title": "Server URI" - }, - "peer_certificate": { - "type": "integer", - "title": "Peer certificate", - "description": "Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair." - }, - "client_certificate": { - "type": "integer", - "title": "Client certificate", - "description": "Client certificate to authenticate against the LDAP Server's Certificate." - }, - "bind_cn": { - "type": "string", - "title": "Bind CN" - }, - "bind_password": { - "type": "string", - "title": "Bind password" - }, - "start_tls": { - "type": "boolean", - "title": "Enable Start TLS" - }, - "sni": { - "type": "boolean", - "title": "Use Server URI for SNI verification" - }, - "base_dn": { - "type": "string", - "minLength": 1, - "title": "Base DN" - }, - "additional_user_dn": { - "type": "string", - "title": "Addition User DN", - "description": "Prepended to Base DN for User-queries." - }, - "additional_group_dn": { - "type": "string", - "title": "Addition Group DN", - "description": "Prepended to Base DN for Group-queries." - }, - "user_object_filter": { - "type": "string", - "minLength": 1, - "title": "User object filter", - "description": "Consider Objects matching this filter to be Users." - }, - "group_object_filter": { - "type": "string", - "minLength": 1, - "title": "Group object filter", - "description": "Consider Objects matching this filter to be Groups." - }, - "group_membership_field": { - "type": "string", - "minLength": 1, - "title": "Group membership field", - "description": "Field which contains members of a group." - }, - "object_uniqueness_field": { - "type": "string", - "minLength": 1, - "title": "Object uniqueness field", - "description": "Field which contains a unique Identifier." - }, - "sync_users": { - "type": "boolean", - "title": "Sync users" - }, - "sync_users_password": { - "type": "boolean", - "title": "Sync users password", - "description": "When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source." - }, - "sync_groups": { - "type": "boolean", - "title": "Sync groups" - }, - "sync_parent_group": { - "type": "integer", - "title": "Sync parent group" - }, - "property_mappings": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Property mappings" - }, - "property_mappings_group": { - "type": "array", - "items": { - "type": "integer", - "description": "Property mappings used for group creation/updating." - }, - "title": "Property mappings group", - "description": "Property mappings used for group creation/updating." - } - }, - "required": [] - }, - "model_authentik_sources_ldap.ldappropertymapping": { - "type": "object", - "properties": { - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - }, - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "expression": { - "type": "string", - "minLength": 1, - "title": "Expression" - }, - "object_field": { - "type": "string", - "minLength": 1, - "title": "Object field" - } - }, - "required": [] - }, - "model_authentik_sources_oauth.oauthsource": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name", - "description": "Source's display Name." - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Internal source name, used in URLs." - }, - "enabled": { - "type": "boolean", - "title": "Enabled" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow to use when authenticating existing users." - }, - "enrollment_flow": { - "type": "integer", - "title": "Enrollment flow", - "description": "Flow to use when enrolling new users." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "user_matching_mode": { - "type": "string", - "enum": [ - "identifier", - "email_link", - "email_deny", - "username_link", - "username_deny" - ], - "title": "User matching mode", - "description": "How the source determines if an existing user should be authenticated or a new user enrolled." - }, - "user_path_template": { - "type": "string", - "minLength": 1, - "title": "User path template" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - }, - "provider_type": { - "type": "string", - "enum": [ - "apple", - "azuread", - "discord", - "facebook", - "github", - "google", - "mailcow", - "openidconnect", - "okta", - "patreon", - "reddit", - "twitch", - "twitter" - ], - "title": "Provider type" - }, - "request_token_url": { - "type": [ - "string", - "null" - ], - "maxLength": 255, - "minLength": 1, - "title": "Request Token URL", - "description": "URL used to request the initial token. This URL is only required for OAuth 1." - }, - "authorization_url": { - "type": [ - "string", - "null" - ], - "maxLength": 255, - "minLength": 1, - "title": "Authorization URL", - "description": "URL the user is redirect to to conest the flow." - }, - "access_token_url": { - "type": [ - "string", - "null" - ], - "maxLength": 255, - "minLength": 1, - "title": "Access Token URL", - "description": "URL used by authentik to retrieve tokens." - }, - "profile_url": { - "type": [ - "string", - "null" - ], - "maxLength": 255, - "minLength": 1, - "title": "Profile URL", - "description": "URL used by authentik to get user information." - }, - "consumer_key": { - "type": "string", - "minLength": 1, - "title": "Consumer key" - }, - "consumer_secret": { - "type": "string", - "minLength": 1, - "title": "Consumer secret" - }, - "additional_scopes": { - "type": "string", - "title": "Additional Scopes" - }, - "oidc_well_known_url": { - "type": "string", - "title": "Oidc well known url" - }, - "oidc_jwks_url": { - "type": "string", - "title": "Oidc jwks url" - }, - "oidc_jwks": { - "type": "object", - "additionalProperties": true, - "title": "Oidc jwks" - } - }, - "required": [] - }, - "model_authentik_sources_oauth.useroauthsourceconnection": { - "type": "object", - "properties": { - "user": { - "type": "integer", - "title": "User" - }, - "identifier": { - "type": "string", - "maxLength": 255, - "minLength": 1, - "title": "Identifier" - }, - "access_token": { - "type": [ - "string", - "null" - ], - "title": "Access token" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - } - }, - "required": [] - }, - "model_authentik_sources_plex.plexsource": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name", - "description": "Source's display Name." - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Internal source name, used in URLs." - }, - "enabled": { - "type": "boolean", - "title": "Enabled" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow to use when authenticating existing users." - }, - "enrollment_flow": { - "type": "integer", - "title": "Enrollment flow", - "description": "Flow to use when enrolling new users." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "user_matching_mode": { - "type": "string", - "enum": [ - "identifier", - "email_link", - "email_deny", - "username_link", - "username_deny" - ], - "title": "User matching mode", - "description": "How the source determines if an existing user should be authenticated or a new user enrolled." - }, - "user_path_template": { - "type": "string", - "minLength": 1, - "title": "User path template" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - }, - "client_id": { - "type": "string", - "minLength": 1, - "title": "Client id", - "description": "Client identifier used to talk to Plex." - }, - "allowed_servers": { - "type": "array", - "items": { - "type": "string", - "minLength": 1, - "title": "Allowed servers" - }, - "title": "Allowed servers", - "description": "Which servers a user has to be a member of to be granted access. Empty list allows every server." - }, - "allow_friends": { - "type": "boolean", - "title": "Allow friends", - "description": "Allow friends to authenticate, even if you don't share a server." - }, - "plex_token": { - "type": "string", - "minLength": 1, - "title": "Plex token", - "description": "Plex token used to check friends" - } - }, - "required": [] - }, - "model_authentik_sources_plex.plexsourceconnection": { - "type": "object", - "properties": { - "identifier": { - "type": "string", - "minLength": 1, - "title": "Identifier" - }, - "plex_token": { - "type": "string", - "minLength": 1, - "title": "Plex token" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - } - }, - "required": [] - }, - "model_authentik_sources_saml.samlsource": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name", - "description": "Source's display Name." - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Internal source name, used in URLs." - }, - "enabled": { - "type": "boolean", - "title": "Enabled" - }, - "authentication_flow": { - "type": "integer", - "title": "Authentication flow", - "description": "Flow to use when authenticating existing users." - }, - "enrollment_flow": { - "type": "integer", - "title": "Enrollment flow", - "description": "Flow to use when enrolling new users." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "user_matching_mode": { - "type": "string", - "enum": [ - "identifier", - "email_link", - "email_deny", - "username_link", - "username_deny" - ], - "title": "User matching mode", - "description": "How the source determines if an existing user should be authenticated or a new user enrolled." - }, - "user_path_template": { - "type": "string", - "minLength": 1, - "title": "User path template" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - }, - "pre_authentication_flow": { - "type": "integer", - "title": "Pre authentication flow", - "description": "Flow used before authentication." - }, - "issuer": { - "type": "string", - "title": "Issuer", - "description": "Also known as Entity ID. Defaults the Metadata URL." - }, - "sso_url": { - "type": "string", - "format": "uri", - "maxLength": 200, - "minLength": 1, - "title": "SSO URL", - "description": "URL that the initial Login request is sent to." - }, - "slo_url": { - "type": [ - "string", - "null" - ], - "format": "uri", - "maxLength": 200, - "title": "SLO URL", - "description": "Optional URL if your IDP supports Single-Logout." - }, - "allow_idp_initiated": { - "type": "boolean", - "title": "Allow idp initiated", - "description": "Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done." - }, - "name_id_policy": { - "type": "string", - "enum": [ - "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", - "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", - "urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName", - "urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName", - "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" - ], - "title": "Name id policy", - "description": "NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent." - }, - "binding_type": { - "type": "string", - "enum": [ - "REDIRECT", - "POST", - "POST_AUTO" - ], - "title": "Binding type" - }, - "verification_kp": { - "type": "integer", - "title": "Verification Certificate", - "description": "When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default." - }, - "signing_kp": { - "type": "integer", - "title": "Signing Keypair", - "description": "Keypair used to sign outgoing Responses going to the Identity Provider." - }, - "digest_algorithm": { - "type": "string", - "enum": [ - "http://www.w3.org/2000/09/xmldsig#sha1", - "http://www.w3.org/2001/04/xmlenc#sha256", - "http://www.w3.org/2001/04/xmldsig-more#sha384", - "http://www.w3.org/2001/04/xmlenc#sha512" - ], - "title": "Digest algorithm" - }, - "signature_algorithm": { - "type": "string", - "enum": [ - "http://www.w3.org/2000/09/xmldsig#rsa-sha1", - "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", - "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384", - "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512", - "http://www.w3.org/2000/09/xmldsig#dsa-sha1" - ], - "title": "Signature algorithm" - }, - "temporary_user_delete_after": { - "type": "string", - "minLength": 1, - "title": "Delete temporary users after", - "description": "Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. (Format: hours=1;minutes=2;seconds=3)." - } - }, - "required": [] - }, - "model_authentik_sources_saml.usersamlsourceconnection": { - "type": "object", - "properties": { - "user": { - "type": "integer", - "title": "User" - }, - "identifier": { - "type": "string", - "minLength": 1, - "title": "Identifier" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_duo.authenticatorduostage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "configure_flow": { - "type": "integer", - "title": "Configure flow", - "description": "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage." - }, - "friendly_name": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Friendly name" - }, - "client_id": { - "type": "string", - "minLength": 1, - "title": "Client id" - }, - "client_secret": { - "type": "string", - "minLength": 1, - "title": "Client secret" - }, - "api_hostname": { - "type": "string", - "minLength": 1, - "title": "Api hostname" - }, - "admin_integration_key": { - "type": "string", - "title": "Admin integration key" - }, - "admin_secret_key": { - "type": "string", - "title": "Admin secret key" - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_duo.duodevice": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 64, - "minLength": 1, - "title": "Name", - "description": "The human-readable name of this device." - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_sms.authenticatorsmsstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "configure_flow": { - "type": "integer", - "title": "Configure flow", - "description": "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage." - }, - "friendly_name": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Friendly name" - }, - "provider": { - "type": "string", - "enum": [ - "twilio", - "generic" - ], - "title": "Provider" - }, - "from_number": { - "type": "string", - "minLength": 1, - "title": "From number" - }, - "account_sid": { - "type": "string", - "minLength": 1, - "title": "Account sid" - }, - "auth": { - "type": "string", - "minLength": 1, - "title": "Auth" - }, - "auth_password": { - "type": "string", - "title": "Auth password" - }, - "auth_type": { - "type": "string", - "enum": [ - "basic", - "bearer" - ], - "title": "Auth type" - }, - "verify_only": { - "type": "boolean", - "title": "Verify only", - "description": "When enabled, the Phone number is only used during enrollment to verify the users authenticity. Only a hash of the phone number is saved to ensure it is not reused in the future." - }, - "mapping": { - "type": "integer", - "title": "Mapping", - "description": "Optionally modify the payload being sent to custom providers." - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_sms.smsdevice": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 64, - "minLength": 1, - "title": "Name", - "description": "The human-readable name of this device." - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_static.authenticatorstaticstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "configure_flow": { - "type": "integer", - "title": "Configure flow", - "description": "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage." - }, - "friendly_name": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Friendly name" - }, - "token_count": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Token count" - }, - "token_length": { - "type": "integer", - "minimum": 0, - "maximum": 2147483647, - "title": "Token length" - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_static.staticdevice": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 64, - "minLength": 1, - "title": "Name", - "description": "The human-readable name of this device." - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_totp.authenticatortotpstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "configure_flow": { - "type": "integer", - "title": "Configure flow", - "description": "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage." - }, - "friendly_name": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Friendly name" - }, - "digits": { - "type": "string", - "enum": [ - "6", - "8" - ], - "title": "Digits" - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_totp.totpdevice": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 64, - "minLength": 1, - "title": "Name", - "description": "The human-readable name of this device." - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_validate.authenticatorvalidatestage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "not_configured_action": { - "type": "string", - "enum": [ - "skip", - "deny", - "configure" - ], - "title": "Not configured action" - }, - "device_classes": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "static", - "totp", - "webauthn", - "duo", - "sms" - ], - "title": "Device classes" - }, - "title": "Device classes", - "description": "Device classes which can be used to authenticate" - }, - "configuration_stages": { - "type": "array", - "items": { - "type": "integer", - "description": "Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again." - }, - "title": "Configuration stages", - "description": "Stages used to configure Authenticator when user doesn't have any compatible devices. After this configuration Stage passes, the user is not prompted again." - }, - "last_auth_threshold": { - "type": "string", - "minLength": 1, - "title": "Last auth threshold", - "description": "If any of the user's device has been used within this threshold, this stage will be skipped" - }, - "webauthn_user_verification": { - "type": "string", - "enum": [ - "required", - "preferred", - "discouraged" - ], - "title": "Webauthn user verification", - "description": "Enforce user verification for WebAuthn devices." - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_webauthn.authenticatewebauthnstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "configure_flow": { - "type": "integer", - "title": "Configure flow", - "description": "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage." - }, - "friendly_name": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Friendly name" - }, - "user_verification": { - "type": "string", - "enum": [ - "required", - "preferred", - "discouraged" - ], - "title": "User verification" - }, - "authenticator_attachment": { - "type": [ - "null", - "string" - ], - "enum": [ - null, - "platform", - "cross-platform" - ], - "title": "Authenticator attachment" - }, - "resident_key_requirement": { - "type": "string", - "enum": [ - "discouraged", - "preferred", - "required" - ], - "title": "Resident key requirement" - } - }, - "required": [] - }, - "model_authentik_stages_authenticator_webauthn.webauthndevice": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 200, - "minLength": 1, - "title": "Name" - } - }, - "required": [] - }, - "model_authentik_stages_captcha.captchastage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "public_key": { - "type": "string", - "minLength": 1, - "title": "Public key", - "description": "Public key, acquired your captcha Provider." - }, - "private_key": { - "type": "string", - "minLength": 1, - "title": "Private key", - "description": "Private key, acquired your captcha Provider." - }, - "js_url": { - "type": "string", - "minLength": 1, - "title": "Js url" - }, - "api_url": { - "type": "string", - "minLength": 1, - "title": "Api url" - } - }, - "required": [] - }, - "model_authentik_stages_consent.consentstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "mode": { - "type": "string", - "enum": [ - "always_require", - "permanent", - "expiring" - ], - "title": "Mode" - }, - "consent_expire_in": { - "type": "string", - "minLength": 1, - "title": "Consent expires in", - "description": "Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3)." - } - }, - "required": [] - }, - "model_authentik_stages_consent.userconsent": { - "type": "object", - "properties": { - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "user": { - "type": "object", - "properties": { - "username": { - "type": "string", - "maxLength": 150, - "minLength": 1, - "title": "Username" - }, - "name": { - "type": "string", - "title": "Name", - "description": "User's display name." - }, - "is_active": { - "type": "boolean", - "title": "Active", - "description": "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." - }, - "last_login": { - "type": [ - "string", - "null" - ], - "format": "date-time", - "title": "Last login" - }, - "groups": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Groups" - }, - "email": { - "type": "string", - "format": "email", - "maxLength": 254, - "title": "Email address" - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - }, - "path": { - "type": "string", - "minLength": 1, - "title": "Path" - }, - "type": { - "type": "string", - "enum": [ - "internal", - "external", - "service_account", - "internal_service_account" - ], - "title": "Type" - } - }, - "required": [ - "username", - "name" - ], - "title": "User" - }, - "application": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name", - "description": "Application's display Name." - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Internal application name, used in URLs." - }, - "provider": { - "type": "integer", - "title": "Provider" - }, - "backchannel_providers": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Backchannel providers" - }, - "open_in_new_tab": { - "type": "boolean", - "title": "Open in new tab", - "description": "Open launch URL in a new browser tab or window." - }, - "meta_launch_url": { - "type": "string", - "title": "Meta launch url" - }, - "meta_description": { - "type": "string", - "title": "Meta description" - }, - "meta_publisher": { - "type": "string", - "title": "Meta publisher" - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "group": { - "type": "string", - "title": "Group" - } - }, - "required": [ - "name", - "slug" - ], - "title": "Application" - }, - "permissions": { - "type": "string", - "minLength": 1, - "title": "Permissions" - } - }, - "required": [] - }, - "model_authentik_stages_deny.denystage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "deny_message": { - "type": "string", - "title": "Deny message" - } - }, - "required": [] - }, - "model_authentik_stages_dummy.dummystage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "throw_error": { - "type": "boolean", - "title": "Throw error" - } - }, - "required": [] - }, - "model_authentik_stages_email.emailstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "use_global_settings": { - "type": "boolean", - "title": "Use global settings", - "description": "When enabled, global Email connection settings will be used and connection settings below will be ignored." - }, - "host": { - "type": "string", - "minLength": 1, - "title": "Host" - }, - "port": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Port" - }, - "username": { - "type": "string", - "title": "Username" - }, - "password": { - "type": "string", - "title": "Password" - }, - "use_tls": { - "type": "boolean", - "title": "Use tls" - }, - "use_ssl": { - "type": "boolean", - "title": "Use ssl" - }, - "timeout": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Timeout" - }, - "from_address": { - "type": "string", - "format": "email", - "maxLength": 254, - "minLength": 1, - "title": "From address" - }, - "token_expiry": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Token expiry", - "description": "Time in minutes the token sent is valid." - }, - "subject": { - "type": "string", - "minLength": 1, - "title": "Subject" - }, - "template": { - "type": "string", - "minLength": 1, - "title": "Template" - }, - "activate_user_on_success": { - "type": "boolean", - "title": "Activate user on success", - "description": "Activate users upon completion of stage." - } - }, - "required": [] - }, - "model_authentik_stages_identification.identificationstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "user_fields": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "email", - "username", - "upn" - ], - "title": "User fields" - }, - "title": "User fields", - "description": "Fields of the user object to match against. (Hold shift to select multiple options)" - }, - "password_stage": { - "type": "integer", - "title": "Password stage", - "description": "When set, shows a password field, instead of showing the password field as seaprate step." - }, - "case_insensitive_matching": { - "type": "boolean", - "title": "Case insensitive matching", - "description": "When enabled, user fields are matched regardless of their casing." - }, - "show_matched_user": { - "type": "boolean", - "title": "Show matched user", - "description": "When a valid username/email has been entered, and this option is enabled, the user's username and avatar will be shown. Otherwise, the text that the user entered will be shown" - }, - "enrollment_flow": { - "type": "integer", - "title": "Enrollment flow", - "description": "Optional enrollment flow, which is linked at the bottom of the page." - }, - "recovery_flow": { - "type": "integer", - "title": "Recovery flow", - "description": "Optional recovery flow, which is linked at the bottom of the page." - }, - "passwordless_flow": { - "type": "integer", - "title": "Passwordless flow", - "description": "Optional passwordless flow, which is linked at the bottom of the page." - }, - "sources": { - "type": "array", - "items": { - "type": "integer", - "description": "Specify which sources should be shown." - }, - "title": "Sources", - "description": "Specify which sources should be shown." - }, - "show_source_labels": { - "type": "boolean", - "title": "Show source labels" - }, - "pretend_user_exists": { - "type": "boolean", - "title": "Pretend user exists", - "description": "When enabled, the stage will succeed and continue even when incorrect user info is entered." - } - }, - "required": [] - }, - "model_authentik_stages_invitation.invitationstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "continue_flow_without_invitation": { - "type": "boolean", - "title": "Continue flow without invitation", - "description": "If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given." - } - }, - "required": [] - }, - "model_authentik_stages_invitation.invitation": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Name" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "fixed_data": { - "type": "object", - "additionalProperties": true, - "title": "Fixed data" - }, - "single_use": { - "type": "boolean", - "title": "Single use", - "description": "When enabled, the invitation will be deleted after usage." - }, - "flow": { - "type": "integer", - "title": "Flow", - "description": "When set, only the configured flow can use this invitation." - } - }, - "required": [] - }, - "model_authentik_stages_password.passwordstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "backends": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "authentik.core.auth.InbuiltBackend", - "authentik.core.auth.TokenBackend", - "authentik.sources.ldap.auth.LDAPBackend" - ], - "title": "Backends" - }, - "title": "Backends", - "description": "Selection of backends to test the password against." - }, - "configure_flow": { - "type": "integer", - "title": "Configure flow", - "description": "Flow used by an authenticated user to configure this Stage. If empty, user will not be able to configure this stage." - }, - "failed_attempts_before_cancel": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Failed attempts before cancel", - "description": "How many attempts a user has before the flow is canceled. To lock the user out, use a reputation policy and a user_write stage." - } - }, - "required": [] - }, - "model_authentik_stages_prompt.prompt": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "field_key": { - "type": "string", - "minLength": 1, - "title": "Field key", - "description": "Name of the form field, also used to store the value" - }, - "label": { - "type": "string", - "minLength": 1, - "title": "Label" - }, - "type": { - "type": "string", - "enum": [ - "text", - "text_area", - "text_read_only", - "text_area_read_only", - "username", - "email", - "password", - "number", - "checkbox", - "radio-button-group", - "dropdown", - "date", - "date-time", - "file", - "separator", - "hidden", - "static", - "ak-locale" - ], - "title": "Type" - }, - "required": { - "type": "boolean", - "title": "Required" - }, - "placeholder": { - "type": "string", - "title": "Placeholder", - "description": "Optionally provide a short hint that describes the expected input value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple choices." - }, - "initial_value": { - "type": "string", - "title": "Initial value", - "description": "Optionally pre-fill the input with an initial value. When creating a fixed choice field, enable interpreting as expression and return a list to return multiple default choices." - }, - "order": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Order" - }, - "promptstage_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - } - }, - "required": [ - "name" - ] - }, - "title": "Promptstage set" - }, - "sub_text": { - "type": "string", - "title": "Sub text" - }, - "placeholder_expression": { - "type": "boolean", - "title": "Placeholder expression" - }, - "initial_value_expression": { - "type": "boolean", - "title": "Initial value expression" - } - }, - "required": [] - }, - "model_authentik_stages_prompt.promptstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "fields": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Fields" - }, - "validation_policies": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Validation policies" - } - }, - "required": [] - }, - "model_authentik_stages_user_delete.userdeletestage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - } - }, - "required": [] - }, - "model_authentik_stages_user_login.userloginstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "session_duration": { - "type": "string", - "minLength": 1, - "title": "Session duration", - "description": "Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)" - }, - "terminate_other_sessions": { - "type": "boolean", - "title": "Terminate other sessions", - "description": "Terminate all other sessions of the user logging in." - }, - "remember_me_offset": { - "type": "string", - "minLength": 1, - "title": "Remember me offset", - "description": "Offset the session will be extended by when the user picks the remember me option. Default of 0 means that the remember me option will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)" - } - }, - "required": [] - }, - "model_authentik_stages_user_logout.userlogoutstage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - } - }, - "required": [] - }, - "model_authentik_stages_user_write.userwritestage": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "flow_set": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Visible in the URL." - }, - "title": { - "type": "string", - "minLength": 1, - "title": "Title", - "description": "Shown as the Title in Flow pages." - }, - "designation": { - "type": "string", - "enum": [ - "authentication", - "authorization", - "invalidation", - "enrollment", - "unenrollment", - "recovery", - "stage_configuration" - ], - "title": "Designation", - "description": "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "compatibility_mode": { - "type": "boolean", - "title": "Compatibility mode", - "description": "Enable compatibility mode, increases compatibility with password managers on mobile devices." - }, - "layout": { - "type": "string", - "enum": [ - "stacked", - "content_left", - "content_right", - "sidebar_left", - "sidebar_right" - ], - "title": "Layout" - }, - "denied_action": { - "type": "string", - "enum": [ - "message_continue", - "message", - "continue" - ], - "title": "Denied action", - "description": "Configure what should happen when a flow denies access to a user." - } - }, - "required": [ - "name", - "slug", - "title", - "designation" - ] - }, - "title": "Flow set" - }, - "user_creation_mode": { - "type": "string", - "enum": [ - "never_create", - "create_when_required", - "always_create" - ], - "title": "User creation mode" - }, - "create_users_as_inactive": { - "type": "boolean", - "title": "Create users as inactive", - "description": "When set, newly created users are inactive and cannot login." - }, - "create_users_group": { - "type": "integer", - "title": "Create users group", - "description": "Optionally add newly created users to this group." - }, - "user_type": { - "type": "string", - "enum": [ - "internal", - "external", - "service_account", - "internal_service_account" - ], - "title": "User type" - }, - "user_path_template": { - "type": "string", - "title": "User path template" - } - }, - "required": [] - }, - "model_authentik_tenants.tenant": { - "type": "object", - "properties": { - "domain": { - "type": "string", - "minLength": 1, - "title": "Domain", - "description": "Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`" - }, - "default": { - "type": "boolean", - "title": "Default" - }, - "branding_title": { - "type": "string", - "minLength": 1, - "title": "Branding title" - }, - "branding_logo": { - "type": "string", - "minLength": 1, - "title": "Branding logo" - }, - "branding_favicon": { - "type": "string", - "minLength": 1, - "title": "Branding favicon" - }, - "flow_authentication": { - "type": "integer", - "title": "Flow authentication" - }, - "flow_invalidation": { - "type": "integer", - "title": "Flow invalidation" - }, - "flow_recovery": { - "type": "integer", - "title": "Flow recovery" - }, - "flow_unenrollment": { - "type": "integer", - "title": "Flow unenrollment" - }, - "flow_user_settings": { - "type": "integer", - "title": "Flow user settings" - }, - "flow_device_code": { - "type": "integer", - "title": "Flow device code" - }, - "event_retention": { - "type": "string", - "minLength": 1, - "title": "Event retention", - "description": "Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2)." - }, - "web_certificate": { - "type": "integer", - "title": "Web certificate", - "description": "Web Certificate used by the authentik Core webserver." - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - } - }, - "required": [] - }, - "model_authentik_blueprints.blueprintinstance": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "path": { - "type": "string", - "title": "Path" - }, - "context": { - "type": "object", - "additionalProperties": true, - "title": "Context" - }, - "enabled": { - "type": "boolean", - "title": "Enabled" - }, - "content": { - "type": "string", - "title": "Content" - } - }, - "required": [] - }, - "model_authentik_core.group": { - "type": "object", - "properties": { - "name": { - "type": "string", - "maxLength": 80, - "minLength": 1, - "title": "Name" - }, - "is_superuser": { - "type": "boolean", - "title": "Is superuser", - "description": "Users added to this group will be superusers." - }, - "parent": { - "type": "integer", - "title": "Parent" - }, - "users": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Users" - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - }, - "roles": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Roles" - } - }, - "required": [] - }, - "model_authentik_core.user": { - "type": "object", - "properties": { - "username": { - "type": "string", - "maxLength": 150, - "minLength": 1, - "title": "Username" - }, - "name": { - "type": "string", - "title": "Name", - "description": "User's display name." - }, - "is_active": { - "type": "boolean", - "title": "Active", - "description": "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." - }, - "last_login": { - "type": [ - "string", - "null" - ], - "format": "date-time", - "title": "Last login" - }, - "groups": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Groups" - }, - "email": { - "type": "string", - "format": "email", - "maxLength": 254, - "title": "Email address" - }, - "attributes": { - "type": "object", - "additionalProperties": true, - "title": "Attributes" - }, - "path": { - "type": "string", - "minLength": 1, - "title": "Path" - }, - "type": { - "type": "string", - "enum": [ - "internal", - "external", - "service_account", - "internal_service_account" - ], - "title": "Type" - }, - "password": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Password" - } - }, - "required": [] - }, - "model_authentik_core.application": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name", - "description": "Application's display Name." - }, - "slug": { - "type": "string", - "maxLength": 50, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Slug", - "description": "Internal application name, used in URLs." - }, - "provider": { - "type": "integer", - "title": "Provider" - }, - "backchannel_providers": { - "type": "array", - "items": { - "type": "integer" - }, - "title": "Backchannel providers" - }, - "open_in_new_tab": { - "type": "boolean", - "title": "Open in new tab", - "description": "Open launch URL in a new browser tab or window." - }, - "meta_launch_url": { - "type": "string", - "title": "Meta launch url" - }, - "meta_description": { - "type": "string", - "title": "Meta description" - }, - "meta_publisher": { - "type": "string", - "title": "Meta publisher" - }, - "policy_engine_mode": { - "type": "string", - "enum": [ - "all", - "any" - ], - "title": "Policy engine mode" - }, - "group": { - "type": "string", - "title": "Group" - }, - "icon": { - "type": "string", - "minLength": 1, - "title": "Icon" - } - }, - "required": [] - }, - "model_authentik_core.token": { - "type": "object", - "properties": { - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - }, - "identifier": { - "type": "string", - "maxLength": 255, - "minLength": 1, - "pattern": "^[-a-zA-Z0-9_]+$", - "title": "Identifier" - }, - "intent": { - "type": "string", - "enum": [ - "verification", - "api", - "recovery", - "app_password" - ], - "title": "Intent" - }, - "user": { - "type": "integer", - "title": "User" - }, - "description": { - "type": "string", - "title": "Description" - }, - "expires": { - "type": "string", - "format": "date-time", - "title": "Expires" - }, - "expiring": { - "type": "boolean", - "title": "Expiring" - }, - "key": { - "type": "string", - "minLength": 1, - "title": "Key" - } - }, - "required": [] - }, - "model_authentik_enterprise.license": { - "type": "object", - "properties": { - "key": { - "type": "string", - "minLength": 1, - "title": "Key" - } - }, - "required": [] - }, - "model_authentik_blueprints.metaapplyblueprint": { - "type": "object", - "properties": { - "identifiers": { - "type": "object", - "additionalProperties": true, - "title": "Identifiers" - }, - "required": { - "type": "boolean", - "title": "Required" - } - }, - "required": [] - } - } -} diff --git a/docker-compose.yml b/docker-compose.yml index 68e7530e7..a7491656d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -32,7 +32,7 @@ services: volumes: - redis:/data server: - image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.4} + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.5} restart: unless-stopped command: server environment: @@ -53,7 +53,7 @@ services: - postgresql - redis worker: - image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.4} + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.10.5} restart: unless-stopped command: worker environment: diff --git a/go.mod b/go.mod index 8823d467a..ceae598ca 100644 --- a/go.mod +++ b/go.mod @@ -23,11 +23,11 @@ require ( github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484 github.com/pires/go-proxyproto v0.7.0 github.com/prometheus/client_golang v1.17.0 - github.com/redis/go-redis/v9 v9.3.0 + github.com/redis/go-redis/v9 v9.3.1 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.0 github.com/stretchr/testify v1.8.4 - goauthentik.io/api/v3 v3.2023104.3 + goauthentik.io/api/v3 v3.2023104.5 golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab golang.org/x/oauth2 v0.15.0 golang.org/x/sync v0.5.0 diff --git a/go.sum b/go.sum index a94e23a58..36d0b8c57 100644 --- a/go.sum +++ b/go.sum @@ -256,8 +256,8 @@ github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdO github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI= github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY= -github.com/redis/go-redis/v9 v9.3.0 h1:RiVDjmig62jIWp7Kk4XVLs0hzV6pI3PyTnnL0cnn0u0= -github.com/redis/go-redis/v9 v9.3.0/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= +github.com/redis/go-redis/v9 v9.3.1 h1:KqdY8U+3X6z+iACvumCNxnoluToB+9Me+TvyFa21Mds= +github.com/redis/go-redis/v9 v9.3.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= @@ -309,8 +309,8 @@ go.opentelemetry.io/otel/trace v1.17.0 h1:/SWhSRHmDPOImIAetP1QAeMnZYiQXrTy4fMMYO go.opentelemetry.io/otel/trace v1.17.0/go.mod h1:I/4vKTgFclIsXRVucpH25X0mpFSczM7aHeaz0ZBLWjY= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= -goauthentik.io/api/v3 v3.2023104.3 h1:MzwdB21Q+G+wACEZiX0T1iVV4l7PjopjaVv6muqJE1M= -goauthentik.io/api/v3 v3.2023104.3/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw= +goauthentik.io/api/v3 v3.2023104.5 h1:CWaQq44DxElyqMvZVjqMhWIr1vXzobf4eqFUas0lMgs= +goauthentik.io/api/v3 v3.2023104.5/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= diff --git a/internal/constants/constants.go b/internal/constants/constants.go index fb12db690..806dc131c 100644 --- a/internal/constants/constants.go +++ b/internal/constants/constants.go @@ -29,4 +29,4 @@ func UserAgent() string { return fmt.Sprintf("authentik@%s", FullVersion()) } -const VERSION = "2023.10.4" +const VERSION = "2023.10.5" diff --git a/pyproject.toml b/pyproject.toml index 519dfee67..7c1af2c59 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -113,7 +113,7 @@ filterwarnings = [ [tool.poetry] name = "authentik" -version = "2023.10.4" +version = "2023.10.5" description = "" authors = ["authentik Team "] diff --git a/schema.yml b/schema.yml index da1a90a18..72d68e5f8 100644 --- a/schema.yml +++ b/schema.yml @@ -1,7 +1,7 @@ openapi: 3.0.3 info: title: authentik - version: 2023.10.4 + version: 2023.10.5 description: Making authentication simple. contact: email: hello@goauthentik.io @@ -17079,7 +17079,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Task' + $ref: '#/components/schemas/SCIMSyncStatus' description: '' '404': description: Task not found @@ -28280,7 +28280,7 @@ components: readOnly: true geo_ip: type: object - description: Get parsed user agent + description: Get GeoIP Data properties: continent: type: string @@ -28302,6 +28302,24 @@ components: - long nullable: true readOnly: true + asn: + type: object + description: Get ASN Data + properties: + asn: + type: integer + as_org: + type: string + nullable: true + network: + type: string + nullable: true + required: + - as_org + - asn + - network + nullable: true + readOnly: true user: type: integer last_ip: @@ -28316,6 +28334,7 @@ components: type: string format: date-time required: + - asn - current - geo_ip - last_ip @@ -29283,6 +29302,7 @@ components: enum: - can_save_media - can_geo_ip + - can_asn - can_impersonate - can_debug - is_enterprise @@ -29290,6 +29310,7 @@ components: description: |- * `can_save_media` - Can Save Media * `can_geo_ip` - Can Geo Ip + * `can_asn` - Can Asn * `can_impersonate` - Can Impersonate * `can_debug` - Can Debug * `is_enterprise` - Is Enterprise @@ -39667,6 +39688,7 @@ components: ip: type: string ip_geo_data: {} + ip_asn_data: {} score: type: integer maximum: 9223372036854775807 @@ -40623,6 +40645,21 @@ components: - name - token - url + SCIMSyncStatus: + type: object + description: SCIM Provider sync status + properties: + is_running: + type: boolean + readOnly: true + tasks: + type: array + items: + $ref: '#/components/schemas/Task' + readOnly: true + required: + - is_running + - tasks SMSDevice: type: object description: Serializer for sms authenticator devices diff --git a/scripts/generate_config.py b/scripts/generate_config.py index 187eb3ba5..965e3e15e 100644 --- a/scripts/generate_config.py +++ b/scripts/generate_config.py @@ -17,7 +17,12 @@ with open("local.env.yml", "w", encoding="utf-8") as _config: }, "blueprints_dir": "./blueprints", "cert_discovery_dir": "./certs", - "geoip": "tests/GeoLite2-City-Test.mmdb", + "events": { + "processors": { + "geoip": "tests/GeoLite2-City-Test.mmdb", + "asn": "tests/GeoLite2-ASN-Test.mmdb", + } + }, }, _config, default_flow_style=False, diff --git a/tests/GeoLite2-ASN-Test.mmdb b/tests/GeoLite2-ASN-Test.mmdb new file mode 100644 index 000000000..3e5033144 Binary files /dev/null and b/tests/GeoLite2-ASN-Test.mmdb differ diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json index 11905de2f..837632bb5 100644 --- a/tests/wdio/package-lock.json +++ b/tests/wdio/package-lock.json @@ -9,10 +9,10 @@ "@trivago/prettier-plugin-sort-imports": "^4.3.0", "@typescript-eslint/eslint-plugin": "^6.15.0", "@typescript-eslint/parser": "^6.15.0", - "@wdio/cli": "^8.26.3", - "@wdio/local-runner": "^8.26.3", - "@wdio/mocha-framework": "^8.26.3", - "@wdio/spec-reporter": "^8.26.3", + "@wdio/cli": "^8.27.0", + "@wdio/local-runner": "^8.27.0", + "@wdio/mocha-framework": "^8.27.0", + "@wdio/spec-reporter": "^8.27.0", "eslint": "^8.56.0", "eslint-config-google": "^0.14.0", "eslint-plugin-sonarjs": "^0.23.0", @@ -1141,18 +1141,18 @@ "dev": true }, "node_modules/@wdio/cli": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-8.26.3.tgz", - "integrity": "sha512-wrq145sNBw4DrsF5GEK8TBxqVWln7GZpNpM5QeDqCcZzVHIqDud4f7nADgZGbR8dJ96NVfC3rby6wbeRQUA+eg==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-8.27.0.tgz", + "integrity": "sha512-wdNYNvu52XxOqNHqDMGAtexBz+MM0RE2Z5U5ljyllbP3ed5vcvvK9vswURtI4cFGoqobVeoC7wif3VeD3aN+aQ==", "dev": true, "dependencies": { "@types/node": "^20.1.1", - "@wdio/config": "8.26.3", - "@wdio/globals": "8.26.3", + "@wdio/config": "8.27.0", + "@wdio/globals": "8.27.0", "@wdio/logger": "8.24.12", "@wdio/protocols": "8.24.12", - "@wdio/types": "8.26.3", - "@wdio/utils": "8.26.3", + "@wdio/types": "8.27.0", + "@wdio/utils": "8.27.0", "async-exit-hook": "^2.0.1", "chalk": "^5.2.0", "chokidar": "^3.5.3", @@ -1167,7 +1167,7 @@ "lodash.union": "^4.6.0", "read-pkg-up": "^10.0.0", "recursive-readdir": "^2.2.3", - "webdriverio": "8.26.3", + "webdriverio": "8.27.0", "yargs": "^17.7.2" }, "bin": { @@ -1190,14 +1190,14 @@ } }, "node_modules/@wdio/config": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/config/-/config-8.26.3.tgz", - "integrity": "sha512-NWh2JXRSyP4gY+jeC79u0L3hSXW/s3rOWez4M6qAglT91fZTXFbIl1GM8lnZlCq03ye2qFPqYrZ+4tGNQj7YxQ==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/config/-/config-8.27.0.tgz", + "integrity": "sha512-zYM5daeiBVVAbQj0ASymAt0RUsocLVIwKiUHNa8gg/1GsZnztGjetXExSp1gXlxtMVM5xWUSKjh6ceFK79gWDQ==", "dev": true, "dependencies": { "@wdio/logger": "8.24.12", - "@wdio/types": "8.26.3", - "@wdio/utils": "8.26.3", + "@wdio/types": "8.27.0", + "@wdio/utils": "8.27.0", "decamelize": "^6.0.0", "deepmerge-ts": "^5.0.0", "glob": "^10.2.2", @@ -1208,29 +1208,29 @@ } }, "node_modules/@wdio/globals": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/globals/-/globals-8.26.3.tgz", - "integrity": "sha512-RW3UsvnUb4DjxVOqIngXQMcDJlbH+QL/LeChznUF0FW+Mqg/mZWukBld5/dDwgQHk9F2TOzc8ctk5FM3s1AoWQ==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/globals/-/globals-8.27.0.tgz", + "integrity": "sha512-HUPOIsrmxfF0LhU68lVsNGQGZkW/bWOvcCd8WxeaggTAH9JyxasxxfwzeCceAuhAvwtlwoMXITOpjAXO2mj38Q==", "dev": true, "engines": { "node": "^16.13 || >=18" }, "optionalDependencies": { "expect-webdriverio": "^4.6.1", - "webdriverio": "8.26.3" + "webdriverio": "8.27.0" } }, "node_modules/@wdio/local-runner": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/local-runner/-/local-runner-8.26.3.tgz", - "integrity": "sha512-YWxTBp6tc8Dlz09rnRhV2GXV4b3w5G0WyYEf81D+kXDI3QxDvYn6QujByr6Q7fQ9yLwJU4ptnT2uL5IbAwVo2A==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/local-runner/-/local-runner-8.27.0.tgz", + "integrity": "sha512-nxS17mhoLkXP20eoPMkz7tbMFMOQejSw0hZfkEvuDCNhJokr8ugp6IjYXL9f7yV9IB9UDGHox8WGY4ArSrOeBA==", "dev": true, "dependencies": { "@types/node": "^20.1.0", "@wdio/logger": "8.24.12", "@wdio/repl": "8.24.12", - "@wdio/runner": "8.26.3", - "@wdio/types": "8.26.3", + "@wdio/runner": "8.27.0", + "@wdio/types": "8.27.0", "async-exit-hook": "^2.0.1", "split2": "^4.1.0", "stream-buffers": "^3.0.2" @@ -1267,16 +1267,16 @@ } }, "node_modules/@wdio/mocha-framework": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-8.26.3.tgz", - "integrity": "sha512-r9uHUcXhh6TKFqTBCacnbtQx0nZjFsnV9Pony8CY9qcNCn2q666ucQbrtMfZdjuevhn5N0E710+El4eAvK3jyw==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-8.27.0.tgz", + "integrity": "sha512-NaFUPv90ks1XlZy0qdUaJ5/ilBtiCCgTIxaPexshJiaVDT5cV+Igjag/O80HIcvqknOZpdKAR0I1ArQzhJrmcA==", "dev": true, "dependencies": { "@types/mocha": "^10.0.0", "@types/node": "^20.1.0", "@wdio/logger": "8.24.12", - "@wdio/types": "8.26.3", - "@wdio/utils": "8.26.3", + "@wdio/types": "8.27.0", + "@wdio/utils": "8.27.0", "mocha": "^10.0.0" }, "engines": { @@ -1302,14 +1302,14 @@ } }, "node_modules/@wdio/reporter": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/reporter/-/reporter-8.26.3.tgz", - "integrity": "sha512-F/sF1Hwxp1osM2wto4JydONQGxqkbOhwbLM0o4Y8eHPgK7/m+Kn9uygBDqPVpgQnpf0kUfhpICe9gaZzG4Jt+g==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/reporter/-/reporter-8.27.0.tgz", + "integrity": "sha512-kBwsrHbsblmXfHSWlaOKXjPRPeT29WSKTUoCmzuTcCkhvbjY4TrEB0p04cpaM7uNqdIZTxHng54gZVaG/nZPiw==", "dev": true, "dependencies": { "@types/node": "^20.1.0", "@wdio/logger": "8.24.12", - "@wdio/types": "8.26.3", + "@wdio/types": "8.27.0", "diff": "^5.0.0", "object-inspect": "^1.12.0" }, @@ -1318,35 +1318,35 @@ } }, "node_modules/@wdio/runner": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/runner/-/runner-8.26.3.tgz", - "integrity": "sha512-mbZGkBbXTRtj1hL5QUbNxpJvhE4rkXvYlUuea1uOVk3e2/+k2dZeGeKPgh1Q7Dt07118dfujCB7pQCYldE/dGg==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/runner/-/runner-8.27.0.tgz", + "integrity": "sha512-da332r2d1QXdRhMhsDxMObcqLZS0l/u14pHICNTvEHp+72gOttbjUDvdMHPQY6Ae5ul7AVVQ05qpmz9CX7TzOg==", "dev": true, "dependencies": { "@types/node": "^20.1.0", - "@wdio/config": "8.26.3", - "@wdio/globals": "8.26.3", + "@wdio/config": "8.27.0", + "@wdio/globals": "8.27.0", "@wdio/logger": "8.24.12", - "@wdio/types": "8.26.3", - "@wdio/utils": "8.26.3", + "@wdio/types": "8.27.0", + "@wdio/utils": "8.27.0", "deepmerge-ts": "^5.0.0", "expect-webdriverio": "^4.6.1", "gaze": "^1.1.2", - "webdriver": "8.26.3", - "webdriverio": "8.26.3" + "webdriver": "8.27.0", + "webdriverio": "8.27.0" }, "engines": { "node": "^16.13 || >=18" } }, "node_modules/@wdio/spec-reporter": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/spec-reporter/-/spec-reporter-8.26.3.tgz", - "integrity": "sha512-YfKlBOmxGyJk08BpDnsjPsp85XyhG7Cu2qoAVxtJ8kkJOZaGfUg9TBV9DXDqvdZcxCMnPfDfQIda6LzfkZf58Q==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/spec-reporter/-/spec-reporter-8.27.0.tgz", + "integrity": "sha512-EOXLBIr4oLzSDp/BQ86IqCulSF0jwEAj2EiMeY6dh9WXzBBtoR8WnoX/27xFoZ8GU2zetWC3EVnLJ0Ex8Up1mA==", "dev": true, "dependencies": { - "@wdio/reporter": "8.26.3", - "@wdio/types": "8.26.3", + "@wdio/reporter": "8.27.0", + "@wdio/types": "8.27.0", "chalk": "^5.1.2", "easy-table": "^1.2.0", "pretty-ms": "^7.0.0" @@ -1368,9 +1368,9 @@ } }, "node_modules/@wdio/types": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/types/-/types-8.26.3.tgz", - "integrity": "sha512-WOxvSV4sKJ5QCRNTJHeKCzgO2TZmcK1eDlJ+FObt9Pnt+4pCRy/881eVY/Aj2bozn2hhzq0AK/h6oPAUV/gjCg==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/types/-/types-8.27.0.tgz", + "integrity": "sha512-LbP9FKh8r0uW9/dKhTIUCC1Su8PsP9TmzGKXkWt6/IMacgJiB/zW3u1CgyaLw9lG0UiQORHGoeJX9zB2HZAh4w==", "dev": true, "dependencies": { "@types/node": "^20.1.0" @@ -1380,14 +1380,14 @@ } }, "node_modules/@wdio/utils": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-8.26.3.tgz", - "integrity": "sha512-LA/iCKgJQemAAXoN6vHyKBtngdkFUWEnjB8Yd1Xm3gUQTvY4GVlvcqOxC2RF5Th7/L2LNxc6TWuErYv/mm5H+w==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-8.27.0.tgz", + "integrity": "sha512-4BY+JBQssVn003P5lA289uDMie3LtGinHze5btkcW9timB6VaU+EeZS4eKTPC0pziizLhteVvXYxv3YTpeeRfA==", "dev": true, "dependencies": { "@puppeteer/browsers": "^1.6.0", "@wdio/logger": "8.24.12", - "@wdio/types": "8.26.3", + "@wdio/types": "8.27.0", "decamelize": "^6.0.0", "deepmerge-ts": "^5.1.0", "edgedriver": "^5.3.5", @@ -8495,18 +8495,18 @@ } }, "node_modules/webdriver": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/webdriver/-/webdriver-8.26.3.tgz", - "integrity": "sha512-vHbMj0BFXPMtKVmJsVIkFVbdOT8eXkjFeJ7LmJL8cMMe1S5Lt44DqRjSBBoGsqYoYgIBmKpqAQcDrHrv9m7smQ==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/webdriver/-/webdriver-8.27.0.tgz", + "integrity": "sha512-n1IA+rR3u84XxU9swiKUM06BkEC0GDimfZkBML57cny+utQOUbdM/mBpqCUnkWX/RBz/p2EfHdKNyOs3/REaog==", "dev": true, "dependencies": { "@types/node": "^20.1.0", "@types/ws": "^8.5.3", - "@wdio/config": "8.26.3", + "@wdio/config": "8.27.0", "@wdio/logger": "8.24.12", "@wdio/protocols": "8.24.12", - "@wdio/types": "8.26.3", - "@wdio/utils": "8.26.3", + "@wdio/types": "8.27.0", + "@wdio/utils": "8.27.0", "deepmerge-ts": "^5.1.0", "got": "^12.6.1", "ky": "^0.33.0", @@ -8517,18 +8517,18 @@ } }, "node_modules/webdriverio": { - "version": "8.26.3", - "resolved": "https://registry.npmjs.org/webdriverio/-/webdriverio-8.26.3.tgz", - "integrity": "sha512-5Ka8MOQoK866EI3whiCvzD1IiKFBq9niWF3lh92uMt6ZjbUZZoe5esWIHhFsHFxT6dOOU8uXR/Gr6qsBJFZReA==", + "version": "8.27.0", + "resolved": "https://registry.npmjs.org/webdriverio/-/webdriverio-8.27.0.tgz", + "integrity": "sha512-Qh5VCiBjEmxnmXcL1QEFoDzFqTtaWKrXriuU5G0yHKCModGAt2G7IHTkAok3CpmkVJfZpEvY630aP1MvgDtFhw==", "dev": true, "dependencies": { "@types/node": "^20.1.0", - "@wdio/config": "8.26.3", + "@wdio/config": "8.27.0", "@wdio/logger": "8.24.12", "@wdio/protocols": "8.24.12", "@wdio/repl": "8.24.12", - "@wdio/types": "8.26.3", - "@wdio/utils": "8.26.3", + "@wdio/types": "8.27.0", + "@wdio/utils": "8.27.0", "archiver": "^6.0.0", "aria-query": "^5.0.0", "css-shorthand-properties": "^1.1.1", @@ -8545,7 +8545,7 @@ "resq": "^1.9.1", "rgb2hex": "0.2.5", "serialize-error": "^11.0.1", - "webdriver": "8.26.3" + "webdriver": "8.27.0" }, "engines": { "node": "^16.13 || >=18" diff --git a/tests/wdio/package.json b/tests/wdio/package.json index 78b0928fc..badccc3f1 100644 --- a/tests/wdio/package.json +++ b/tests/wdio/package.json @@ -6,10 +6,10 @@ "@trivago/prettier-plugin-sort-imports": "^4.3.0", "@typescript-eslint/eslint-plugin": "^6.15.0", "@typescript-eslint/parser": "^6.15.0", - "@wdio/cli": "^8.26.3", - "@wdio/local-runner": "^8.26.3", - "@wdio/mocha-framework": "^8.26.3", - "@wdio/spec-reporter": "^8.26.3", + "@wdio/cli": "^8.27.0", + "@wdio/local-runner": "^8.27.0", + "@wdio/mocha-framework": "^8.27.0", + "@wdio/spec-reporter": "^8.27.0", "eslint": "^8.56.0", "eslint-config-google": "^0.14.0", "eslint-plugin-sonarjs": "^0.23.0", diff --git a/web/package-lock.json b/web/package-lock.json index bfac89e6e..366087beb 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -9,7 +9,7 @@ "version": "0.0.0", "license": "MIT", "workspaces": [ - "packages/web" + "packages/monolith" ], "dependencies": { "@manypkg/cli": "^0.21.1", @@ -2669,10 +2669,10 @@ } }, "node_modules/@goauthentik/api": { - "version": "2023.10.4-1703107357" + "version": "2023.10.5-1703167718" }, - "node_modules/@goauthentik/web": { - "resolved": "packages/web", + "node_modules/@goauthentik/monolith": { + "resolved": "packages/monolith", "link": true }, "node_modules/@hcaptcha/types": { @@ -4497,90 +4497,90 @@ ] }, "node_modules/@sentry-internal/feedback": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry/core": "7.88.0", - "@sentry/types": "7.88.0", - "@sentry/utils": "7.88.0" + "@sentry/core": "7.90.0", + "@sentry/types": "7.90.0", + "@sentry/utils": "7.90.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry-internal/tracing": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry/core": "7.88.0", - "@sentry/types": "7.88.0", - "@sentry/utils": "7.88.0" + "@sentry/core": "7.90.0", + "@sentry/types": "7.90.0", + "@sentry/utils": "7.90.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/browser": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry-internal/feedback": "7.88.0", - "@sentry-internal/tracing": "7.88.0", - "@sentry/core": "7.88.0", - "@sentry/replay": "7.88.0", - "@sentry/types": "7.88.0", - "@sentry/utils": "7.88.0" + "@sentry-internal/feedback": "7.90.0", + "@sentry-internal/tracing": "7.90.0", + "@sentry/core": "7.90.0", + "@sentry/replay": "7.90.0", + "@sentry/types": "7.90.0", + "@sentry/utils": "7.90.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/core": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry/types": "7.88.0", - "@sentry/utils": "7.88.0" + "@sentry/types": "7.90.0", + "@sentry/utils": "7.90.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/replay": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry-internal/tracing": "7.88.0", - "@sentry/core": "7.88.0", - "@sentry/types": "7.88.0", - "@sentry/utils": "7.88.0" + "@sentry-internal/tracing": "7.90.0", + "@sentry/core": "7.90.0", + "@sentry/types": "7.90.0", + "@sentry/utils": "7.90.0" }, "engines": { "node": ">=12" } }, "node_modules/@sentry/tracing": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry-internal/tracing": "7.88.0" + "@sentry-internal/tracing": "7.90.0" }, "engines": { "node": ">=8" } }, "node_modules/@sentry/types": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "engines": { "node": ">=8" } }, "node_modules/@sentry/utils": { - "version": "7.88.0", + "version": "7.90.0", "license": "MIT", "dependencies": { - "@sentry/types": "7.88.0" + "@sentry/types": "7.90.0" }, "engines": { "node": ">=8" @@ -4602,11 +4602,11 @@ } }, "node_modules/@storybook/addon-actions": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/core-events": "7.6.5", + "@storybook/core-events": "7.6.6", "@storybook/global": "^5.0.0", "@types/uuid": "^9.0.1", "dequal": "^2.0.2", @@ -4619,7 +4619,7 @@ } }, "node_modules/@storybook/addon-backgrounds": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -4633,11 +4633,11 @@ } }, "node_modules/@storybook/addon-controls": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/blocks": "7.6.5", + "@storybook/blocks": "7.6.6", "lodash": "^4.17.21", "ts-dedent": "^2.0.0" }, @@ -4647,25 +4647,25 @@ } }, "node_modules/@storybook/addon-docs": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { "@jest/transform": "^29.3.1", "@mdx-js/react": "^2.1.5", - "@storybook/blocks": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/components": "7.6.5", - "@storybook/csf-plugin": "7.6.5", - "@storybook/csf-tools": "7.6.5", + "@storybook/blocks": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/components": "7.6.6", + "@storybook/csf-plugin": "7.6.6", + "@storybook/csf-tools": "7.6.6", "@storybook/global": "^5.0.0", "@storybook/mdx2-csf": "^1.0.0", - "@storybook/node-logger": "7.6.5", - "@storybook/postinstall": "7.6.5", - "@storybook/preview-api": "7.6.5", - "@storybook/react-dom-shim": "7.6.5", - "@storybook/theming": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/node-logger": "7.6.6", + "@storybook/postinstall": "7.6.6", + "@storybook/preview-api": "7.6.6", + "@storybook/react-dom-shim": "7.6.6", + "@storybook/theming": "7.6.6", + "@storybook/types": "7.6.6", "fs-extra": "^11.1.0", "remark-external-links": "^8.0.0", "remark-slug": "^6.0.0", @@ -4681,16 +4681,16 @@ } }, "node_modules/@storybook/addon-docs/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -4719,23 +4719,23 @@ } }, "node_modules/@storybook/addon-essentials": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/addon-actions": "7.6.5", - "@storybook/addon-backgrounds": "7.6.5", - "@storybook/addon-controls": "7.6.5", - "@storybook/addon-docs": "7.6.5", - "@storybook/addon-highlight": "7.6.5", - "@storybook/addon-measure": "7.6.5", - "@storybook/addon-outline": "7.6.5", - "@storybook/addon-toolbars": "7.6.5", - "@storybook/addon-viewport": "7.6.5", - "@storybook/core-common": "7.6.5", - "@storybook/manager-api": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/preview-api": "7.6.5", + "@storybook/addon-actions": "7.6.6", + "@storybook/addon-backgrounds": "7.6.6", + "@storybook/addon-controls": "7.6.6", + "@storybook/addon-docs": "7.6.6", + "@storybook/addon-highlight": "7.6.6", + "@storybook/addon-measure": "7.6.6", + "@storybook/addon-outline": "7.6.6", + "@storybook/addon-toolbars": "7.6.6", + "@storybook/addon-viewport": "7.6.6", + "@storybook/core-common": "7.6.6", + "@storybook/manager-api": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/preview-api": "7.6.6", "ts-dedent": "^2.0.0" }, "funding": { @@ -4748,16 +4748,16 @@ } }, "node_modules/@storybook/addon-essentials/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -4773,7 +4773,7 @@ } }, "node_modules/@storybook/addon-highlight": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -4785,7 +4785,7 @@ } }, "node_modules/@storybook/addon-links": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -4807,7 +4807,7 @@ } }, "node_modules/@storybook/addon-measure": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -4820,7 +4820,7 @@ } }, "node_modules/@storybook/addon-outline": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -4833,7 +4833,7 @@ } }, "node_modules/@storybook/addon-toolbars": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "funding": { @@ -4842,7 +4842,7 @@ } }, "node_modules/@storybook/addon-viewport": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -5025,12 +5025,12 @@ "license": "ISC" }, "node_modules/@storybook/api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/client-logger": "7.6.5", - "@storybook/manager-api": "7.6.5" + "@storybook/client-logger": "7.6.6", + "@storybook/manager-api": "7.6.6" }, "funding": { "type": "opencollective", @@ -5038,21 +5038,21 @@ } }, "node_modules/@storybook/blocks": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/components": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/components": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", - "@storybook/docs-tools": "7.6.5", + "@storybook/docs-tools": "7.6.6", "@storybook/global": "^5.0.0", - "@storybook/manager-api": "7.6.5", - "@storybook/preview-api": "7.6.5", - "@storybook/theming": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/manager-api": "7.6.6", + "@storybook/preview-api": "7.6.6", + "@storybook/theming": "7.6.6", + "@storybook/types": "7.6.6", "@types/lodash": "^4.14.167", "color-convert": "^2.0.1", "dequal": "^2.0.2", @@ -5076,16 +5076,16 @@ } }, "node_modules/@storybook/blocks/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -5101,14 +5101,14 @@ } }, "node_modules/@storybook/builder-manager": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { "@fal-works/esbuild-plugin-global-externals": "^2.1.2", - "@storybook/core-common": "7.6.5", - "@storybook/manager": "7.6.5", - "@storybook/node-logger": "7.6.5", + "@storybook/core-common": "7.6.6", + "@storybook/manager": "7.6.6", + "@storybook/node-logger": "7.6.6", "@types/ejs": "^3.1.1", "@types/find-cache-dir": "^3.2.1", "@yarnpkg/esbuild-plugin-pnp": "^3.0.0-rc.10", @@ -5208,18 +5208,18 @@ } }, "node_modules/@storybook/builder-vite": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-common": "7.6.5", - "@storybook/csf-plugin": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/preview": "7.6.5", - "@storybook/preview-api": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-common": "7.6.6", + "@storybook/csf-plugin": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/preview": "7.6.6", + "@storybook/preview-api": "7.6.6", + "@storybook/types": "7.6.6", "@types/find-cache-dir": "^3.2.1", "browser-assert": "^1.2.1", "es-module-lexer": "^0.9.3", @@ -5252,16 +5252,16 @@ } }, "node_modules/@storybook/builder-vite/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -5305,12 +5305,12 @@ } }, "node_modules/@storybook/channels": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/global": "^5.0.0", "qs": "^6.10.0", "telejson": "^7.2.0", @@ -5322,7 +5322,7 @@ } }, "node_modules/@storybook/cli": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -5330,14 +5330,14 @@ "@babel/preset-env": "^7.23.2", "@babel/types": "^7.23.0", "@ndelangen/get-tarball": "^3.0.7", - "@storybook/codemod": "7.6.5", - "@storybook/core-common": "7.6.5", - "@storybook/core-events": "7.6.5", - "@storybook/core-server": "7.6.5", - "@storybook/csf-tools": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/telemetry": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/codemod": "7.6.6", + "@storybook/core-common": "7.6.6", + "@storybook/core-events": "7.6.6", + "@storybook/core-server": "7.6.6", + "@storybook/csf-tools": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/telemetry": "7.6.6", + "@storybook/types": "7.6.6", "@types/semver": "^7.3.4", "@yarnpkg/fslib": "2.10.3", "@yarnpkg/libzip": "2.3.0", @@ -5491,7 +5491,7 @@ "license": "ISC" }, "node_modules/@storybook/client-logger": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -5503,7 +5503,7 @@ } }, "node_modules/@storybook/codemod": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -5511,9 +5511,9 @@ "@babel/preset-env": "^7.23.2", "@babel/types": "^7.23.0", "@storybook/csf": "^0.1.2", - "@storybook/csf-tools": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/csf-tools": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/types": "7.6.6", "@types/cross-spawn": "^6.0.2", "cross-spawn": "^7.0.3", "globby": "^11.0.2", @@ -5542,17 +5542,17 @@ } }, "node_modules/@storybook/components": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { "@radix-ui/react-select": "^1.2.2", "@radix-ui/react-toolbar": "^1.0.4", - "@storybook/client-logger": "7.6.5", + "@storybook/client-logger": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/theming": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/theming": "7.6.6", + "@storybook/types": "7.6.6", "memoizerific": "^1.11.3", "use-resize-observer": "^9.1.0", "util-deprecate": "^1.0.2" @@ -5567,12 +5567,12 @@ } }, "node_modules/@storybook/core-client": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/client-logger": "7.6.5", - "@storybook/preview-api": "7.6.5" + "@storybook/client-logger": "7.6.6", + "@storybook/preview-api": "7.6.6" }, "funding": { "type": "opencollective", @@ -5580,16 +5580,16 @@ } }, "node_modules/@storybook/core-client/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -5605,13 +5605,13 @@ } }, "node_modules/@storybook/core-common": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/core-events": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/core-events": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/types": "7.6.6", "@types/find-cache-dir": "^3.2.1", "@types/node": "^18.0.0", "@types/node-fetch": "^2.6.4", @@ -5818,7 +5818,7 @@ } }, "node_modules/@storybook/core-events": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -5830,25 +5830,25 @@ } }, "node_modules/@storybook/core-server": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { "@aw-web-design/x-default-browser": "1.4.126", "@discoveryjs/json-ext": "^0.5.3", - "@storybook/builder-manager": "7.6.5", - "@storybook/channels": "7.6.5", - "@storybook/core-common": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/builder-manager": "7.6.6", + "@storybook/channels": "7.6.6", + "@storybook/core-common": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", - "@storybook/csf-tools": "7.6.5", + "@storybook/csf-tools": "7.6.6", "@storybook/docs-mdx": "^0.1.0", "@storybook/global": "^5.0.0", - "@storybook/manager": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/preview-api": "7.6.5", - "@storybook/telemetry": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/manager": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/preview-api": "7.6.6", + "@storybook/telemetry": "7.6.6", + "@storybook/types": "7.6.6", "@types/detect-port": "^1.3.0", "@types/node": "^18.0.0", "@types/pretty-hrtime": "^1.0.0", @@ -5882,16 +5882,16 @@ } }, "node_modules/@storybook/core-server/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -6014,11 +6014,11 @@ } }, "node_modules/@storybook/csf-plugin": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/csf-tools": "7.6.5", + "@storybook/csf-tools": "7.6.6", "unplugin": "^1.3.1" }, "funding": { @@ -6027,7 +6027,7 @@ } }, "node_modules/@storybook/csf-tools": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { @@ -6036,7 +6036,7 @@ "@babel/traverse": "^7.23.2", "@babel/types": "^7.23.0", "@storybook/csf": "^0.1.2", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "fs-extra": "^11.1.0", "recast": "^0.23.1", "ts-dedent": "^2.0.0" @@ -6065,13 +6065,13 @@ "license": "MIT" }, "node_modules/@storybook/docs-tools": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/core-common": "7.6.5", - "@storybook/preview-api": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/core-common": "7.6.6", + "@storybook/preview-api": "7.6.6", + "@storybook/types": "7.6.6", "@types/doctrine": "^0.0.3", "assert": "^2.1.0", "doctrine": "^3.0.0", @@ -6083,16 +6083,16 @@ } }, "node_modules/@storybook/docs-tools/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -6113,7 +6113,7 @@ "license": "MIT" }, "node_modules/@storybook/manager": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "funding": { @@ -6122,18 +6122,18 @@ } }, "node_modules/@storybook/manager-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/router": "7.6.5", - "@storybook/theming": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/router": "7.6.6", + "@storybook/theming": "7.6.6", + "@storybook/types": "7.6.6", "dequal": "^2.0.2", "lodash": "^4.17.21", "memoizerific": "^1.11.3", @@ -6183,7 +6183,7 @@ "license": "MIT" }, "node_modules/@storybook/node-logger": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "funding": { @@ -6192,7 +6192,7 @@ } }, "node_modules/@storybook/postinstall": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "funding": { @@ -6201,7 +6201,7 @@ } }, "node_modules/@storybook/preview": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "funding": { @@ -6291,7 +6291,7 @@ } }, "node_modules/@storybook/react-dom-shim": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "funding": { @@ -6304,11 +6304,11 @@ } }, "node_modules/@storybook/router": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/client-logger": "7.6.5", + "@storybook/client-logger": "7.6.6", "memoizerific": "^1.11.3", "qs": "^6.10.0" }, @@ -6318,13 +6318,13 @@ } }, "node_modules/@storybook/telemetry": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/client-logger": "7.6.5", - "@storybook/core-common": "7.6.5", - "@storybook/csf-tools": "7.6.5", + "@storybook/client-logger": "7.6.6", + "@storybook/core-common": "7.6.6", + "@storybook/csf-tools": "7.6.6", "chalk": "^4.1.0", "detect-package-manager": "^2.0.1", "fetch-retry": "^5.0.2", @@ -6398,12 +6398,12 @@ } }, "node_modules/@storybook/theming": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { "@emotion/use-insertion-effect-with-fallbacks": "^1.0.0", - "@storybook/client-logger": "7.6.5", + "@storybook/client-logger": "7.6.6", "@storybook/global": "^5.0.0", "memoizerific": "^1.11.3" }, @@ -6417,11 +6417,11 @@ } }, "node_modules/@storybook/types": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", + "@storybook/channels": "7.6.6", "@types/babel__core": "^7.0.0", "@types/express": "^4.7.0", "file-system-cache": "2.3.0" @@ -6432,17 +6432,17 @@ } }, "node_modules/@storybook/web-components": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/client-logger": "7.6.5", - "@storybook/core-client": "7.6.5", - "@storybook/docs-tools": "7.6.5", + "@storybook/client-logger": "7.6.6", + "@storybook/core-client": "7.6.6", + "@storybook/docs-tools": "7.6.6", "@storybook/global": "^5.0.0", - "@storybook/manager-api": "7.6.5", - "@storybook/preview-api": "7.6.5", - "@storybook/types": "7.6.5", + "@storybook/manager-api": "7.6.6", + "@storybook/preview-api": "7.6.6", + "@storybook/types": "7.6.6", "tiny-invariant": "^1.3.1", "ts-dedent": "^2.0.0" }, @@ -6458,14 +6458,14 @@ } }, "node_modules/@storybook/web-components-vite": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/builder-vite": "7.6.5", - "@storybook/core-server": "7.6.5", - "@storybook/node-logger": "7.6.5", - "@storybook/web-components": "7.6.5", + "@storybook/builder-vite": "7.6.6", + "@storybook/core-server": "7.6.6", + "@storybook/node-logger": "7.6.6", + "@storybook/web-components": "7.6.6", "magic-string": "^0.30.0" }, "engines": { @@ -6477,16 +6477,16 @@ } }, "node_modules/@storybook/web-components/node_modules/@storybook/preview-api": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/channels": "7.6.5", - "@storybook/client-logger": "7.6.5", - "@storybook/core-events": "7.6.5", + "@storybook/channels": "7.6.6", + "@storybook/client-logger": "7.6.6", + "@storybook/core-events": "7.6.6", "@storybook/csf": "^0.1.2", "@storybook/global": "^5.0.0", - "@storybook/types": "7.6.5", + "@storybook/types": "7.6.6", "@types/qs": "^6.9.5", "dequal": "^2.0.2", "lodash": "^4.17.21", @@ -7016,7 +7016,7 @@ } }, "node_modules/@types/detect-port": { - "version": "1.3.3", + "version": "1.3.5", "dev": true, "license": "MIT" }, @@ -7183,7 +7183,7 @@ } }, "node_modules/@types/normalize-package-data": { - "version": "2.4.1", + "version": "2.4.4", "dev": true, "license": "MIT" }, @@ -7656,7 +7656,7 @@ } }, "node_modules/acorn": { - "version": "8.10.0", + "version": "8.11.2", "dev": true, "license": "MIT", "bin": { @@ -8048,7 +8048,7 @@ } }, "node_modules/big-integer": { - "version": "1.6.51", + "version": "1.6.52", "dev": true, "license": "Unlicense", "engines": { @@ -11156,7 +11156,7 @@ "license": "ISC" }, "node_modules/flow-parser": { - "version": "0.224.0", + "version": "0.225.1", "dev": true, "license": "MIT", "engines": { @@ -16481,11 +16481,11 @@ "license": "(MIT OR GPL-3.0)" }, "node_modules/storybook": { - "version": "7.6.5", + "version": "7.6.6", "dev": true, "license": "MIT", "dependencies": { - "@storybook/cli": "7.6.5" + "@storybook/cli": "7.6.6" }, "bin": { "sb": "index.js", @@ -17484,14 +17484,14 @@ } }, "node_modules/unplugin": { - "version": "1.4.0", + "version": "1.5.1", "dev": true, "license": "MIT", "dependencies": { - "acorn": "^8.9.0", + "acorn": "^8.11.2", "chokidar": "^3.5.3", "webpack-sources": "^3.2.3", - "webpack-virtual-modules": "^0.5.0" + "webpack-virtual-modules": "^0.6.0" } }, "node_modules/unraw": { @@ -17897,7 +17897,7 @@ } }, "node_modules/webpack-virtual-modules": { - "version": "0.5.0", + "version": "0.6.1", "dev": true, "license": "MIT" }, @@ -18045,7 +18045,7 @@ } }, "node_modules/ws": { - "version": "8.14.1", + "version": "8.15.1", "dev": true, "license": "MIT", "engines": { @@ -18144,8 +18144,8 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "packages/web": { - "name": "@goauthentik/web", + "packages/monolith": { + "name": "@goauthentik/monolith", "version": "0.0.0", "license": "MIT", "dependencies": { @@ -18157,15 +18157,15 @@ "@codemirror/theme-one-dark": "^6.1.2", "@formatjs/intl-listformat": "^7.5.3", "@fortawesome/fontawesome-free": "^6.5.1", - "@goauthentik/api": "^2023.10.4-1702989148", + "@goauthentik/api": "^2023.10.5-1703167718", "@lit-labs/context": "^0.4.0", "@lit-labs/task": "^3.1.0", "@lit/localize": "^0.11.4", "@open-wc/lit-helpers": "^0.6.0", "@patternfly/elements": "^2.4.0", "@patternfly/patternfly": "^4.224.2", - "@sentry/browser": "^7.88.0", - "@sentry/tracing": "^7.88.0", + "@sentry/browser": "^7.90.0", + "@sentry/tracing": "^7.90.0", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", "chart.js": "^4.4.1", @@ -18201,13 +18201,13 @@ "@rollup/plugin-replace": "^5.0.5", "@rollup/plugin-terser": "^0.4.4", "@rollup/plugin-typescript": "^11.1.5", - "@storybook/addon-essentials": "^7.6.5", - "@storybook/addon-links": "^7.6.5", - "@storybook/api": "^7.6.5", + "@storybook/addon-essentials": "^7.6.6", + "@storybook/addon-links": "^7.6.6", + "@storybook/api": "^7.6.6", "@storybook/blocks": "^7.6.4", - "@storybook/manager-api": "^7.6.5", - "@storybook/web-components": "^7.6.5", - "@storybook/web-components-vite": "^7.6.5", + "@storybook/manager-api": "^7.6.6", + "@storybook/web-components": "^7.6.6", + "@storybook/web-components-vite": "^7.6.6", "@trivago/prettier-plugin-sort-imports": "^4.3.0", "@types/chart.js": "^2.9.41", "@types/codemirror": "5.60.15", @@ -18235,7 +18235,7 @@ "rollup-plugin-cssimport": "^1.0.3", "rollup-plugin-modify": "^3.0.0", "rollup-plugin-postcss-lit": "^2.1.0", - "storybook": "^7.6.5", + "storybook": "^7.6.6", "storybook-addon-mock": "^4.3.0", "ts-lit-plugin": "^2.0.1", "tslib": "^2.6.2", diff --git a/web/package.json b/web/package.json index eafe0b18b..fd23dc460 100644 --- a/web/package.json +++ b/web/package.json @@ -17,7 +17,7 @@ "lage": "^2.7.9" }, "workspaces": [ - "packages/web" + "packages/monolith" ], "engines": { "node": ">=20" diff --git a/web/packages/web/.babelrc b/web/packages/monolith/.babelrc similarity index 100% rename from web/packages/web/.babelrc rename to web/packages/monolith/.babelrc diff --git a/web/packages/web/.dockerignore b/web/packages/monolith/.dockerignore similarity index 100% rename from web/packages/web/.dockerignore rename to web/packages/monolith/.dockerignore diff --git a/web/packages/web/.eslintignore b/web/packages/monolith/.eslintignore similarity index 100% rename from web/packages/web/.eslintignore rename to web/packages/monolith/.eslintignore diff --git a/web/packages/web/.eslintrc.json b/web/packages/monolith/.eslintrc.json similarity index 100% rename from web/packages/web/.eslintrc.json rename to web/packages/monolith/.eslintrc.json diff --git a/web/packages/web/.eslintrc.precommit.json b/web/packages/monolith/.eslintrc.precommit.json similarity index 100% rename from web/packages/web/.eslintrc.precommit.json rename to web/packages/monolith/.eslintrc.precommit.json diff --git a/web/packages/web/.gitignore b/web/packages/monolith/.gitignore similarity index 100% rename from web/packages/web/.gitignore rename to web/packages/monolith/.gitignore diff --git a/web/packages/web/.prettierignore b/web/packages/monolith/.prettierignore similarity index 100% rename from web/packages/web/.prettierignore rename to web/packages/monolith/.prettierignore diff --git a/web/packages/web/.prettierrc.json b/web/packages/monolith/.prettierrc.json similarity index 100% rename from web/packages/web/.prettierrc.json rename to web/packages/monolith/.prettierrc.json diff --git a/web/packages/web/.storybook/authentikTheme.ts b/web/packages/monolith/.storybook/authentikTheme.ts similarity index 100% rename from web/packages/web/.storybook/authentikTheme.ts rename to web/packages/monolith/.storybook/authentikTheme.ts diff --git a/web/packages/web/.storybook/css-import-maps.ts b/web/packages/monolith/.storybook/css-import-maps.ts similarity index 100% rename from web/packages/web/.storybook/css-import-maps.ts rename to web/packages/monolith/.storybook/css-import-maps.ts diff --git a/web/packages/web/.storybook/main.ts b/web/packages/monolith/.storybook/main.ts similarity index 100% rename from web/packages/web/.storybook/main.ts rename to web/packages/monolith/.storybook/main.ts diff --git a/web/packages/web/.storybook/manager.ts b/web/packages/monolith/.storybook/manager.ts similarity index 100% rename from web/packages/web/.storybook/manager.ts rename to web/packages/monolith/.storybook/manager.ts diff --git a/web/packages/web/.storybook/preview.ts b/web/packages/monolith/.storybook/preview.ts similarity index 100% rename from web/packages/web/.storybook/preview.ts rename to web/packages/monolith/.storybook/preview.ts diff --git a/web/packages/web/README.md b/web/packages/monolith/README.md similarity index 100% rename from web/packages/web/README.md rename to web/packages/monolith/README.md diff --git a/web/packages/web/authentik/sources/apple.svg b/web/packages/monolith/authentik/sources/apple.svg similarity index 100% rename from web/packages/web/authentik/sources/apple.svg rename to web/packages/monolith/authentik/sources/apple.svg diff --git a/web/packages/web/authentik/sources/azuread.svg b/web/packages/monolith/authentik/sources/azuread.svg similarity index 100% rename from web/packages/web/authentik/sources/azuread.svg rename to web/packages/monolith/authentik/sources/azuread.svg diff --git a/web/packages/web/authentik/sources/discord.svg b/web/packages/monolith/authentik/sources/discord.svg similarity index 100% rename from web/packages/web/authentik/sources/discord.svg rename to web/packages/monolith/authentik/sources/discord.svg diff --git a/web/packages/web/authentik/sources/dropbox.svg b/web/packages/monolith/authentik/sources/dropbox.svg similarity index 100% rename from web/packages/web/authentik/sources/dropbox.svg rename to web/packages/monolith/authentik/sources/dropbox.svg diff --git a/web/packages/web/authentik/sources/facebook.svg b/web/packages/monolith/authentik/sources/facebook.svg similarity index 100% rename from web/packages/web/authentik/sources/facebook.svg rename to web/packages/monolith/authentik/sources/facebook.svg diff --git a/web/packages/web/authentik/sources/github.svg b/web/packages/monolith/authentik/sources/github.svg similarity index 100% rename from web/packages/web/authentik/sources/github.svg rename to web/packages/monolith/authentik/sources/github.svg diff --git a/web/packages/web/authentik/sources/gitlab.svg b/web/packages/monolith/authentik/sources/gitlab.svg similarity index 100% rename from web/packages/web/authentik/sources/gitlab.svg rename to web/packages/monolith/authentik/sources/gitlab.svg diff --git a/web/packages/web/authentik/sources/google.svg b/web/packages/monolith/authentik/sources/google.svg similarity index 100% rename from web/packages/web/authentik/sources/google.svg rename to web/packages/monolith/authentik/sources/google.svg diff --git a/web/packages/web/authentik/sources/mailcow.svg b/web/packages/monolith/authentik/sources/mailcow.svg similarity index 100% rename from web/packages/web/authentik/sources/mailcow.svg rename to web/packages/monolith/authentik/sources/mailcow.svg diff --git a/web/packages/web/authentik/sources/okta.svg b/web/packages/monolith/authentik/sources/okta.svg similarity index 100% rename from web/packages/web/authentik/sources/okta.svg rename to web/packages/monolith/authentik/sources/okta.svg diff --git a/web/packages/web/authentik/sources/openidconnect.svg b/web/packages/monolith/authentik/sources/openidconnect.svg similarity index 100% rename from web/packages/web/authentik/sources/openidconnect.svg rename to web/packages/monolith/authentik/sources/openidconnect.svg diff --git a/web/packages/web/authentik/sources/patreon.svg b/web/packages/monolith/authentik/sources/patreon.svg similarity index 100% rename from web/packages/web/authentik/sources/patreon.svg rename to web/packages/monolith/authentik/sources/patreon.svg diff --git a/web/packages/web/authentik/sources/plex.svg b/web/packages/monolith/authentik/sources/plex.svg similarity index 100% rename from web/packages/web/authentik/sources/plex.svg rename to web/packages/monolith/authentik/sources/plex.svg diff --git a/web/packages/web/authentik/sources/reddit.svg b/web/packages/monolith/authentik/sources/reddit.svg similarity index 100% rename from web/packages/web/authentik/sources/reddit.svg rename to web/packages/monolith/authentik/sources/reddit.svg diff --git a/web/packages/web/authentik/sources/twitch.svg b/web/packages/monolith/authentik/sources/twitch.svg similarity index 100% rename from web/packages/web/authentik/sources/twitch.svg rename to web/packages/monolith/authentik/sources/twitch.svg diff --git a/web/packages/web/authentik/sources/twitter.svg b/web/packages/monolith/authentik/sources/twitter.svg similarity index 100% rename from web/packages/web/authentik/sources/twitter.svg rename to web/packages/monolith/authentik/sources/twitter.svg diff --git a/web/packages/web/icons/brand.png b/web/packages/monolith/icons/brand.png similarity index 100% rename from web/packages/web/icons/brand.png rename to web/packages/monolith/icons/brand.png diff --git a/web/packages/web/icons/brand.svg b/web/packages/monolith/icons/brand.svg similarity index 100% rename from web/packages/web/icons/brand.svg rename to web/packages/monolith/icons/brand.svg diff --git a/web/packages/web/icons/icon.png b/web/packages/monolith/icons/icon.png similarity index 100% rename from web/packages/web/icons/icon.png rename to web/packages/monolith/icons/icon.png diff --git a/web/packages/web/icons/icon.svg b/web/packages/monolith/icons/icon.svg similarity index 100% rename from web/packages/web/icons/icon.svg rename to web/packages/monolith/icons/icon.svg diff --git a/web/packages/web/icons/icon_christmas.png b/web/packages/monolith/icons/icon_christmas.png similarity index 100% rename from web/packages/web/icons/icon_christmas.png rename to web/packages/monolith/icons/icon_christmas.png diff --git a/web/packages/web/icons/icon_discord.png b/web/packages/monolith/icons/icon_discord.png similarity index 100% rename from web/packages/web/icons/icon_discord.png rename to web/packages/monolith/icons/icon_discord.png diff --git a/web/packages/web/icons/icon_left_brand.png b/web/packages/monolith/icons/icon_left_brand.png similarity index 100% rename from web/packages/web/icons/icon_left_brand.png rename to web/packages/monolith/icons/icon_left_brand.png diff --git a/web/packages/web/icons/icon_left_brand.svg b/web/packages/monolith/icons/icon_left_brand.svg similarity index 100% rename from web/packages/web/icons/icon_left_brand.svg rename to web/packages/monolith/icons/icon_left_brand.svg diff --git a/web/packages/web/icons/icon_pride_lgbt.png b/web/packages/monolith/icons/icon_pride_lgbt.png similarity index 100% rename from web/packages/web/icons/icon_pride_lgbt.png rename to web/packages/monolith/icons/icon_pride_lgbt.png diff --git a/web/packages/web/icons/icon_pride_trans.png b/web/packages/monolith/icons/icon_pride_trans.png similarity index 100% rename from web/packages/web/icons/icon_pride_trans.png rename to web/packages/monolith/icons/icon_pride_trans.png diff --git a/web/packages/web/icons/icon_top_brand.png b/web/packages/monolith/icons/icon_top_brand.png similarity index 100% rename from web/packages/web/icons/icon_top_brand.png rename to web/packages/monolith/icons/icon_top_brand.png diff --git a/web/packages/web/icons/icon_top_brand.svg b/web/packages/monolith/icons/icon_top_brand.svg similarity index 100% rename from web/packages/web/icons/icon_top_brand.svg rename to web/packages/monolith/icons/icon_top_brand.svg diff --git a/web/packages/web/lit-localize.json b/web/packages/monolith/lit-localize.json similarity index 100% rename from web/packages/web/lit-localize.json rename to web/packages/monolith/lit-localize.json diff --git a/web/packages/web/package-lock.json b/web/packages/monolith/package-lock.json similarity index 100% rename from web/packages/web/package-lock.json rename to web/packages/monolith/package-lock.json diff --git a/web/packages/web/package.json b/web/packages/monolith/package.json similarity index 90% rename from web/packages/web/package.json rename to web/packages/monolith/package.json index 786580462..151921d2b 100644 --- a/web/packages/web/package.json +++ b/web/packages/monolith/package.json @@ -1,5 +1,5 @@ { - "name": "@goauthentik/web", + "name": "@goauthentik/monolith", "version": "0.0.0", "private": true, "license": "MIT", @@ -16,7 +16,7 @@ "watch": "run-s build-locales rollup:watch", "lint": "eslint . --max-warnings 0 --fix", "lint:precommit": "eslint --max-warnings 0 --config ./.eslintrc.precommit.json $(git status --porcelain . | grep '^[M?][M?]' | cut -c8- | grep -E '\\.(ts|js|tsx|jsx)$') ", - "lint:spelling": "codespell -D - -D ../.github/codespell-dictionary.txt -I ../.github/codespell-words.txt -S './src/locales/**' ./src -s", + "lint:spelling": "codespell -D - -D ../../../.github/codespell-dictionary.txt -I ../../../.github/codespell-words.txt -S './src/locales/**' ./src -s", "lit-analyse": "lit-analyzer src", "precommit": "run-s tsc lit-analyse lint:precommit lint:spelling prettier", "prequick": "run-s tsc:execute lit-analyse lint:precommit lint:spelling", @@ -42,15 +42,15 @@ "@codemirror/theme-one-dark": "^6.1.2", "@formatjs/intl-listformat": "^7.5.3", "@fortawesome/fontawesome-free": "^6.5.1", - "@goauthentik/api": "^2023.10.4-1702989148", + "@goauthentik/api": "^2023.10.5-1703167718", "@lit-labs/context": "^0.4.0", "@lit-labs/task": "^3.1.0", "@lit/localize": "^0.11.4", "@open-wc/lit-helpers": "^0.6.0", "@patternfly/elements": "^2.4.0", "@patternfly/patternfly": "^4.224.2", - "@sentry/browser": "^7.88.0", - "@sentry/tracing": "^7.88.0", + "@sentry/browser": "^7.90.0", + "@sentry/tracing": "^7.90.0", "@webcomponents/webcomponentsjs": "^2.8.0", "base64-js": "^1.5.1", "chart.js": "^4.4.1", @@ -86,13 +86,13 @@ "@rollup/plugin-replace": "^5.0.5", "@rollup/plugin-terser": "^0.4.4", "@rollup/plugin-typescript": "^11.1.5", - "@storybook/addon-essentials": "^7.6.5", - "@storybook/addon-links": "^7.6.5", - "@storybook/api": "^7.6.5", + "@storybook/addon-essentials": "^7.6.6", + "@storybook/addon-links": "^7.6.6", + "@storybook/api": "^7.6.6", "@storybook/blocks": "^7.6.4", - "@storybook/manager-api": "^7.6.5", - "@storybook/web-components": "^7.6.5", - "@storybook/web-components-vite": "^7.6.5", + "@storybook/manager-api": "^7.6.6", + "@storybook/web-components": "^7.6.6", + "@storybook/web-components-vite": "^7.6.6", "@trivago/prettier-plugin-sort-imports": "^4.3.0", "@types/chart.js": "^2.9.41", "@types/codemirror": "5.60.15", @@ -120,7 +120,7 @@ "rollup-plugin-cssimport": "^1.0.3", "rollup-plugin-modify": "^3.0.0", "rollup-plugin-postcss-lit": "^2.1.0", - "storybook": "^7.6.5", + "storybook": "^7.6.6", "storybook-addon-mock": "^4.3.0", "ts-lit-plugin": "^2.0.1", "tslib": "^2.6.2", diff --git a/web/packages/web/rollup.config.mjs b/web/packages/monolith/rollup.config.mjs similarity index 100% rename from web/packages/web/rollup.config.mjs rename to web/packages/monolith/rollup.config.mjs diff --git a/web/packages/web/rollup.proxy.mjs b/web/packages/monolith/rollup.proxy.mjs similarity index 100% rename from web/packages/web/rollup.proxy.mjs rename to web/packages/monolith/rollup.proxy.mjs diff --git a/web/packages/web/scripts/build-storybook-import-maps.js.map b/web/packages/monolith/scripts/build-storybook-import-maps.js.map similarity index 100% rename from web/packages/web/scripts/build-storybook-import-maps.js.map rename to web/packages/monolith/scripts/build-storybook-import-maps.js.map diff --git a/web/packages/web/scripts/build-storybook-import-maps.ts b/web/packages/monolith/scripts/build-storybook-import-maps.ts similarity index 100% rename from web/packages/web/scripts/build-storybook-import-maps.ts rename to web/packages/monolith/scripts/build-storybook-import-maps.ts diff --git a/web/packages/web/scripts/pseudolocalize.js.map b/web/packages/monolith/scripts/pseudolocalize.js.map similarity index 100% rename from web/packages/web/scripts/pseudolocalize.js.map rename to web/packages/monolith/scripts/pseudolocalize.js.map diff --git a/web/packages/web/scripts/pseudolocalize.ts b/web/packages/monolith/scripts/pseudolocalize.ts similarity index 100% rename from web/packages/web/scripts/pseudolocalize.ts rename to web/packages/monolith/scripts/pseudolocalize.ts diff --git a/web/packages/web/src/admin/AdminInterface/AdminInterface.ts b/web/packages/monolith/src/admin/AdminInterface/AdminInterface.ts similarity index 100% rename from web/packages/web/src/admin/AdminInterface/AdminInterface.ts rename to web/packages/monolith/src/admin/AdminInterface/AdminInterface.ts diff --git a/web/packages/web/src/admin/AdminInterface/AdminSidebar.ts b/web/packages/monolith/src/admin/AdminInterface/AdminSidebar.ts similarity index 100% rename from web/packages/web/src/admin/AdminInterface/AdminSidebar.ts rename to web/packages/monolith/src/admin/AdminInterface/AdminSidebar.ts diff --git a/web/packages/web/src/admin/AdminInterface/index.ts b/web/packages/monolith/src/admin/AdminInterface/index.ts similarity index 100% rename from web/packages/web/src/admin/AdminInterface/index.ts rename to web/packages/monolith/src/admin/AdminInterface/index.ts diff --git a/web/packages/web/src/admin/DebugPage.ts b/web/packages/monolith/src/admin/DebugPage.ts similarity index 100% rename from web/packages/web/src/admin/DebugPage.ts rename to web/packages/monolith/src/admin/DebugPage.ts diff --git a/web/packages/web/src/admin/Routes.ts b/web/packages/monolith/src/admin/Routes.ts similarity index 100% rename from web/packages/web/src/admin/Routes.ts rename to web/packages/monolith/src/admin/Routes.ts diff --git a/web/packages/web/src/admin/admin-overview/AdminOverviewPage.ts b/web/packages/monolith/src/admin/admin-overview/AdminOverviewPage.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/AdminOverviewPage.ts rename to web/packages/monolith/src/admin/admin-overview/AdminOverviewPage.ts diff --git a/web/packages/web/src/admin/admin-overview/DashboardUserPage.ts b/web/packages/monolith/src/admin/admin-overview/DashboardUserPage.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/DashboardUserPage.ts rename to web/packages/monolith/src/admin/admin-overview/DashboardUserPage.ts diff --git a/web/packages/web/src/admin/admin-overview/TopApplicationsTable.ts b/web/packages/monolith/src/admin/admin-overview/TopApplicationsTable.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/TopApplicationsTable.ts rename to web/packages/monolith/src/admin/admin-overview/TopApplicationsTable.ts diff --git a/web/packages/web/src/admin/admin-overview/cards/AdminStatusCard.ts b/web/packages/monolith/src/admin/admin-overview/cards/AdminStatusCard.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/cards/AdminStatusCard.ts rename to web/packages/monolith/src/admin/admin-overview/cards/AdminStatusCard.ts diff --git a/web/packages/web/src/admin/admin-overview/cards/RecentEventsCard.ts b/web/packages/monolith/src/admin/admin-overview/cards/RecentEventsCard.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/cards/RecentEventsCard.ts rename to web/packages/monolith/src/admin/admin-overview/cards/RecentEventsCard.ts diff --git a/web/packages/web/src/admin/admin-overview/cards/SystemStatusCard.ts b/web/packages/monolith/src/admin/admin-overview/cards/SystemStatusCard.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/cards/SystemStatusCard.ts rename to web/packages/monolith/src/admin/admin-overview/cards/SystemStatusCard.ts diff --git a/web/packages/web/src/admin/admin-overview/cards/VersionStatusCard.ts b/web/packages/monolith/src/admin/admin-overview/cards/VersionStatusCard.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/cards/VersionStatusCard.ts rename to web/packages/monolith/src/admin/admin-overview/cards/VersionStatusCard.ts diff --git a/web/packages/web/src/admin/admin-overview/cards/WorkerStatusCard.ts b/web/packages/monolith/src/admin/admin-overview/cards/WorkerStatusCard.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/cards/WorkerStatusCard.ts rename to web/packages/monolith/src/admin/admin-overview/cards/WorkerStatusCard.ts diff --git a/web/packages/web/src/admin/admin-overview/charts/AdminLoginAuthorizeChart.ts b/web/packages/monolith/src/admin/admin-overview/charts/AdminLoginAuthorizeChart.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/charts/AdminLoginAuthorizeChart.ts rename to web/packages/monolith/src/admin/admin-overview/charts/AdminLoginAuthorizeChart.ts diff --git a/web/packages/web/src/admin/admin-overview/charts/AdminModelPerDay.ts b/web/packages/monolith/src/admin/admin-overview/charts/AdminModelPerDay.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/charts/AdminModelPerDay.ts rename to web/packages/monolith/src/admin/admin-overview/charts/AdminModelPerDay.ts diff --git a/web/packages/web/src/admin/admin-overview/charts/OutpostStatusChart.ts b/web/packages/monolith/src/admin/admin-overview/charts/OutpostStatusChart.ts similarity index 100% rename from web/packages/web/src/admin/admin-overview/charts/OutpostStatusChart.ts rename to web/packages/monolith/src/admin/admin-overview/charts/OutpostStatusChart.ts diff --git a/web/packages/web/src/admin/admin-overview/charts/SyncStatusChart.ts b/web/packages/monolith/src/admin/admin-overview/charts/SyncStatusChart.ts similarity index 89% rename from web/packages/web/src/admin/admin-overview/charts/SyncStatusChart.ts rename to web/packages/monolith/src/admin/admin-overview/charts/SyncStatusChart.ts index 28747d682..d9a3cce6c 100644 --- a/web/packages/web/src/admin/admin-overview/charts/SyncStatusChart.ts +++ b/web/packages/monolith/src/admin/admin-overview/charts/SyncStatusChart.ts @@ -93,15 +93,16 @@ export class LDAPSyncStatusChart extends AKChart { const health = await api.providersScimSyncStatusRetrieve({ id: element.pk, }); - - if (health.status !== TaskStatusEnum.Successful) { - sourceKey = "failed"; - } - const now = new Date().getTime(); - const maxDelta = 3600000; // 1 hour - if (!health || now - health.taskFinishTimestamp.getTime() > maxDelta) { - sourceKey = "unsynced"; - } + health.tasks.forEach((task) => { + if (task.status !== TaskStatusEnum.Successful) { + sourceKey = "failed"; + } + const now = new Date().getTime(); + const maxDelta = 3600000; // 1 hour + if (!health || now - task.taskFinishTimestamp.getTime() > maxDelta) { + sourceKey = "unsynced"; + } + }); } catch { sourceKey = "unsynced"; } diff --git a/web/packages/web/src/admin/applications/ApplicationAuthorizeChart.ts b/web/packages/monolith/src/admin/applications/ApplicationAuthorizeChart.ts similarity index 100% rename from web/packages/web/src/admin/applications/ApplicationAuthorizeChart.ts rename to web/packages/monolith/src/admin/applications/ApplicationAuthorizeChart.ts diff --git a/web/packages/web/src/admin/applications/ApplicationCheckAccessForm.ts b/web/packages/monolith/src/admin/applications/ApplicationCheckAccessForm.ts similarity index 100% rename from web/packages/web/src/admin/applications/ApplicationCheckAccessForm.ts rename to web/packages/monolith/src/admin/applications/ApplicationCheckAccessForm.ts diff --git a/web/packages/web/src/admin/applications/ApplicationForm.ts b/web/packages/monolith/src/admin/applications/ApplicationForm.ts similarity index 100% rename from web/packages/web/src/admin/applications/ApplicationForm.ts rename to web/packages/monolith/src/admin/applications/ApplicationForm.ts diff --git a/web/packages/web/src/admin/applications/ApplicationListPage.ts b/web/packages/monolith/src/admin/applications/ApplicationListPage.ts similarity index 100% rename from web/packages/web/src/admin/applications/ApplicationListPage.ts rename to web/packages/monolith/src/admin/applications/ApplicationListPage.ts diff --git a/web/packages/web/src/admin/applications/ApplicationViewPage.ts b/web/packages/monolith/src/admin/applications/ApplicationViewPage.ts similarity index 100% rename from web/packages/web/src/admin/applications/ApplicationViewPage.ts rename to web/packages/monolith/src/admin/applications/ApplicationViewPage.ts diff --git a/web/packages/web/src/admin/applications/ApplicationWizardHint.ts b/web/packages/monolith/src/admin/applications/ApplicationWizardHint.ts similarity index 100% rename from web/packages/web/src/admin/applications/ApplicationWizardHint.ts rename to web/packages/monolith/src/admin/applications/ApplicationWizardHint.ts diff --git a/web/packages/web/src/admin/applications/ProviderSelectModal.ts b/web/packages/monolith/src/admin/applications/ProviderSelectModal.ts similarity index 100% rename from web/packages/web/src/admin/applications/ProviderSelectModal.ts rename to web/packages/monolith/src/admin/applications/ProviderSelectModal.ts diff --git a/web/packages/web/src/admin/applications/components/ak-backchannel-input.ts b/web/packages/monolith/src/admin/applications/components/ak-backchannel-input.ts similarity index 100% rename from web/packages/web/src/admin/applications/components/ak-backchannel-input.ts rename to web/packages/monolith/src/admin/applications/components/ak-backchannel-input.ts diff --git a/web/packages/web/src/admin/applications/components/ak-provider-search-input.ts b/web/packages/monolith/src/admin/applications/components/ak-provider-search-input.ts similarity index 100% rename from web/packages/web/src/admin/applications/components/ak-provider-search-input.ts rename to web/packages/monolith/src/admin/applications/components/ak-provider-search-input.ts diff --git a/web/packages/web/src/admin/applications/wizard/BasePanel.css.ts b/web/packages/monolith/src/admin/applications/wizard/BasePanel.css.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/BasePanel.css.ts rename to web/packages/monolith/src/admin/applications/wizard/BasePanel.css.ts diff --git a/web/packages/web/src/admin/applications/wizard/BasePanel.ts b/web/packages/monolith/src/admin/applications/wizard/BasePanel.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/BasePanel.ts rename to web/packages/monolith/src/admin/applications/wizard/BasePanel.ts diff --git a/web/packages/web/src/admin/applications/wizard/ContextIdentity.ts b/web/packages/monolith/src/admin/applications/wizard/ContextIdentity.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/ContextIdentity.ts rename to web/packages/monolith/src/admin/applications/wizard/ContextIdentity.ts diff --git a/web/packages/web/src/admin/applications/wizard/ak-application-wizard.ts b/web/packages/monolith/src/admin/applications/wizard/ak-application-wizard.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/ak-application-wizard.ts rename to web/packages/monolith/src/admin/applications/wizard/ak-application-wizard.ts diff --git a/web/packages/web/src/admin/applications/wizard/ak-wizard-title.ts b/web/packages/monolith/src/admin/applications/wizard/ak-wizard-title.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/ak-wizard-title.ts rename to web/packages/monolith/src/admin/applications/wizard/ak-wizard-title.ts diff --git a/web/packages/web/src/admin/applications/wizard/application/ak-application-wizard-application-details.ts b/web/packages/monolith/src/admin/applications/wizard/application/ak-application-wizard-application-details.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/application/ak-application-wizard-application-details.ts rename to web/packages/monolith/src/admin/applications/wizard/application/ak-application-wizard-application-details.ts diff --git a/web/packages/web/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.choices.ts b/web/packages/monolith/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.choices.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.choices.ts rename to web/packages/monolith/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.choices.ts diff --git a/web/packages/web/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.ts b/web/packages/monolith/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.ts rename to web/packages/monolith/src/admin/applications/wizard/auth-method-choice/ak-application-wizard-authentication-method-choice.ts diff --git a/web/packages/web/src/admin/applications/wizard/commit/ak-application-wizard-commit-application.ts b/web/packages/monolith/src/admin/applications/wizard/commit/ak-application-wizard-commit-application.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/commit/ak-application-wizard-commit-application.ts rename to web/packages/monolith/src/admin/applications/wizard/commit/ak-application-wizard-commit-application.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/BaseProviderPanel.ts b/web/packages/monolith/src/admin/applications/wizard/methods/BaseProviderPanel.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/BaseProviderPanel.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/BaseProviderPanel.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/ak-application-wizard-authentication-method.ts b/web/packages/monolith/src/admin/applications/wizard/methods/ak-application-wizard-authentication-method.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/ak-application-wizard-authentication-method.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/ak-application-wizard-authentication-method.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/ldap/LDAPOptionsAndHelp.ts b/web/packages/monolith/src/admin/applications/wizard/methods/ldap/LDAPOptionsAndHelp.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/ldap/LDAPOptionsAndHelp.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/ldap/LDAPOptionsAndHelp.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/ldap/ak-application-wizard-authentication-by-ldap.ts b/web/packages/monolith/src/admin/applications/wizard/methods/ldap/ak-application-wizard-authentication-by-ldap.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/ldap/ak-application-wizard-authentication-by-ldap.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/ldap/ak-application-wizard-authentication-by-ldap.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts b/web/packages/monolith/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/oauth/ak-application-wizard-authentication-by-oauth.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/proxy/AuthenticationByProxyPage.ts b/web/packages/monolith/src/admin/applications/wizard/methods/proxy/AuthenticationByProxyPage.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/proxy/AuthenticationByProxyPage.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/proxy/AuthenticationByProxyPage.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-forward-domain-proxy.ts b/web/packages/monolith/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-forward-domain-proxy.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-forward-domain-proxy.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-forward-domain-proxy.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-reverse-proxy.ts b/web/packages/monolith/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-reverse-proxy.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-reverse-proxy.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-reverse-proxy.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-single-forward-proxy.ts b/web/packages/monolith/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-single-forward-proxy.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-single-forward-proxy.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/proxy/ak-application-wizard-authentication-for-single-forward-proxy.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/radius/ak-application-wizard-authentication-by-radius.ts b/web/packages/monolith/src/admin/applications/wizard/methods/radius/ak-application-wizard-authentication-by-radius.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/radius/ak-application-wizard-authentication-by-radius.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/radius/ak-application-wizard-authentication-by-radius.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/saml/SamlProviderOptions.ts b/web/packages/monolith/src/admin/applications/wizard/methods/saml/SamlProviderOptions.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/saml/SamlProviderOptions.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/saml/SamlProviderOptions.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/saml/ak-application-wizard-authentication-by-saml-configuration.ts b/web/packages/monolith/src/admin/applications/wizard/methods/saml/ak-application-wizard-authentication-by-saml-configuration.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/saml/ak-application-wizard-authentication-by-saml-configuration.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/saml/ak-application-wizard-authentication-by-saml-configuration.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/saml/saml-property-mappings-search.ts b/web/packages/monolith/src/admin/applications/wizard/methods/saml/saml-property-mappings-search.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/saml/saml-property-mappings-search.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/saml/saml-property-mappings-search.ts diff --git a/web/packages/web/src/admin/applications/wizard/methods/scim/ak-application-wizard-authentication-by-scim.ts b/web/packages/monolith/src/admin/applications/wizard/methods/scim/ak-application-wizard-authentication-by-scim.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/methods/scim/ak-application-wizard-authentication-by-scim.ts rename to web/packages/monolith/src/admin/applications/wizard/methods/scim/ak-application-wizard-authentication-by-scim.ts diff --git a/web/packages/web/src/admin/applications/wizard/steps.ts b/web/packages/monolith/src/admin/applications/wizard/steps.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/steps.ts rename to web/packages/monolith/src/admin/applications/wizard/steps.ts diff --git a/web/packages/web/src/admin/applications/wizard/stories/ak-application-context-display-for-test.ts b/web/packages/monolith/src/admin/applications/wizard/stories/ak-application-context-display-for-test.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/stories/ak-application-context-display-for-test.ts rename to web/packages/monolith/src/admin/applications/wizard/stories/ak-application-context-display-for-test.ts diff --git a/web/packages/web/src/admin/applications/wizard/stories/ak-application-wizard-main.stories.ts b/web/packages/monolith/src/admin/applications/wizard/stories/ak-application-wizard-main.stories.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/stories/ak-application-wizard-main.stories.ts rename to web/packages/monolith/src/admin/applications/wizard/stories/ak-application-wizard-main.stories.ts diff --git a/web/packages/web/src/admin/applications/wizard/stories/mockData.ts b/web/packages/monolith/src/admin/applications/wizard/stories/mockData.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/stories/mockData.ts rename to web/packages/monolith/src/admin/applications/wizard/stories/mockData.ts diff --git a/web/packages/web/src/admin/applications/wizard/stories/samples.ts b/web/packages/monolith/src/admin/applications/wizard/stories/samples.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/stories/samples.ts rename to web/packages/monolith/src/admin/applications/wizard/stories/samples.ts diff --git a/web/packages/web/src/admin/applications/wizard/types.ts b/web/packages/monolith/src/admin/applications/wizard/types.ts similarity index 100% rename from web/packages/web/src/admin/applications/wizard/types.ts rename to web/packages/monolith/src/admin/applications/wizard/types.ts diff --git a/web/packages/web/src/admin/blueprints/BlueprintForm.ts b/web/packages/monolith/src/admin/blueprints/BlueprintForm.ts similarity index 100% rename from web/packages/web/src/admin/blueprints/BlueprintForm.ts rename to web/packages/monolith/src/admin/blueprints/BlueprintForm.ts diff --git a/web/packages/web/src/admin/blueprints/BlueprintListPage.ts b/web/packages/monolith/src/admin/blueprints/BlueprintListPage.ts similarity index 100% rename from web/packages/web/src/admin/blueprints/BlueprintListPage.ts rename to web/packages/monolith/src/admin/blueprints/BlueprintListPage.ts diff --git a/web/packages/web/src/admin/common/ak-core-group-search.ts b/web/packages/monolith/src/admin/common/ak-core-group-search.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-core-group-search.ts rename to web/packages/monolith/src/admin/common/ak-core-group-search.ts diff --git a/web/packages/web/src/admin/common/ak-crypto-certificate-search.ts b/web/packages/monolith/src/admin/common/ak-crypto-certificate-search.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-crypto-certificate-search.ts rename to web/packages/monolith/src/admin/common/ak-crypto-certificate-search.ts diff --git a/web/packages/web/src/admin/common/ak-flow-search/FlowSearch.ts b/web/packages/monolith/src/admin/common/ak-flow-search/FlowSearch.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-flow-search/FlowSearch.ts rename to web/packages/monolith/src/admin/common/ak-flow-search/FlowSearch.ts diff --git a/web/packages/web/src/admin/common/ak-flow-search/ak-flow-search-no-default.ts b/web/packages/monolith/src/admin/common/ak-flow-search/ak-flow-search-no-default.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-flow-search/ak-flow-search-no-default.ts rename to web/packages/monolith/src/admin/common/ak-flow-search/ak-flow-search-no-default.ts diff --git a/web/packages/web/src/admin/common/ak-flow-search/ak-flow-search.ts b/web/packages/monolith/src/admin/common/ak-flow-search/ak-flow-search.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-flow-search/ak-flow-search.ts rename to web/packages/monolith/src/admin/common/ak-flow-search/ak-flow-search.ts diff --git a/web/packages/web/src/admin/common/ak-flow-search/ak-source-flow-search.ts b/web/packages/monolith/src/admin/common/ak-flow-search/ak-source-flow-search.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-flow-search/ak-source-flow-search.ts rename to web/packages/monolith/src/admin/common/ak-flow-search/ak-source-flow-search.ts diff --git a/web/packages/web/src/admin/common/ak-flow-search/ak-tenanted-flow-search.ts b/web/packages/monolith/src/admin/common/ak-flow-search/ak-tenanted-flow-search.ts similarity index 100% rename from web/packages/web/src/admin/common/ak-flow-search/ak-tenanted-flow-search.ts rename to web/packages/monolith/src/admin/common/ak-flow-search/ak-tenanted-flow-search.ts diff --git a/web/packages/web/src/admin/common/stories/ak-crypto-certificate-search.stories.ts b/web/packages/monolith/src/admin/common/stories/ak-crypto-certificate-search.stories.ts similarity index 100% rename from web/packages/web/src/admin/common/stories/ak-crypto-certificate-search.stories.ts rename to web/packages/monolith/src/admin/common/stories/ak-crypto-certificate-search.stories.ts diff --git a/web/packages/web/src/admin/common/stories/samples.ts b/web/packages/monolith/src/admin/common/stories/samples.ts similarity index 100% rename from web/packages/web/src/admin/common/stories/samples.ts rename to web/packages/monolith/src/admin/common/stories/samples.ts diff --git a/web/packages/web/src/admin/crypto/CertificateGenerateForm.ts b/web/packages/monolith/src/admin/crypto/CertificateGenerateForm.ts similarity index 100% rename from web/packages/web/src/admin/crypto/CertificateGenerateForm.ts rename to web/packages/monolith/src/admin/crypto/CertificateGenerateForm.ts diff --git a/web/packages/web/src/admin/crypto/CertificateKeyPairForm.ts b/web/packages/monolith/src/admin/crypto/CertificateKeyPairForm.ts similarity index 100% rename from web/packages/web/src/admin/crypto/CertificateKeyPairForm.ts rename to web/packages/monolith/src/admin/crypto/CertificateKeyPairForm.ts diff --git a/web/packages/web/src/admin/crypto/CertificateKeyPairListPage.ts b/web/packages/monolith/src/admin/crypto/CertificateKeyPairListPage.ts similarity index 100% rename from web/packages/web/src/admin/crypto/CertificateKeyPairListPage.ts rename to web/packages/monolith/src/admin/crypto/CertificateKeyPairListPage.ts diff --git a/web/packages/web/src/admin/enterprise/EnterpriseLicenseForm.ts b/web/packages/monolith/src/admin/enterprise/EnterpriseLicenseForm.ts similarity index 100% rename from web/packages/web/src/admin/enterprise/EnterpriseLicenseForm.ts rename to web/packages/monolith/src/admin/enterprise/EnterpriseLicenseForm.ts diff --git a/web/packages/web/src/admin/enterprise/EnterpriseLicenseListPage.ts b/web/packages/monolith/src/admin/enterprise/EnterpriseLicenseListPage.ts similarity index 100% rename from web/packages/web/src/admin/enterprise/EnterpriseLicenseListPage.ts rename to web/packages/monolith/src/admin/enterprise/EnterpriseLicenseListPage.ts diff --git a/web/packages/web/src/admin/events/EventListPage.ts b/web/packages/monolith/src/admin/events/EventListPage.ts similarity index 100% rename from web/packages/web/src/admin/events/EventListPage.ts rename to web/packages/monolith/src/admin/events/EventListPage.ts diff --git a/web/packages/web/src/admin/events/EventViewPage.ts b/web/packages/monolith/src/admin/events/EventViewPage.ts similarity index 100% rename from web/packages/web/src/admin/events/EventViewPage.ts rename to web/packages/monolith/src/admin/events/EventViewPage.ts diff --git a/web/packages/web/src/admin/events/EventVolumeChart.ts b/web/packages/monolith/src/admin/events/EventVolumeChart.ts similarity index 100% rename from web/packages/web/src/admin/events/EventVolumeChart.ts rename to web/packages/monolith/src/admin/events/EventVolumeChart.ts diff --git a/web/packages/web/src/admin/events/RuleForm.ts b/web/packages/monolith/src/admin/events/RuleForm.ts similarity index 100% rename from web/packages/web/src/admin/events/RuleForm.ts rename to web/packages/monolith/src/admin/events/RuleForm.ts diff --git a/web/packages/web/src/admin/events/RuleListPage.ts b/web/packages/monolith/src/admin/events/RuleListPage.ts similarity index 100% rename from web/packages/web/src/admin/events/RuleListPage.ts rename to web/packages/monolith/src/admin/events/RuleListPage.ts diff --git a/web/packages/web/src/admin/events/TransportForm.ts b/web/packages/monolith/src/admin/events/TransportForm.ts similarity index 100% rename from web/packages/web/src/admin/events/TransportForm.ts rename to web/packages/monolith/src/admin/events/TransportForm.ts diff --git a/web/packages/web/src/admin/events/TransportListPage.ts b/web/packages/monolith/src/admin/events/TransportListPage.ts similarity index 100% rename from web/packages/web/src/admin/events/TransportListPage.ts rename to web/packages/monolith/src/admin/events/TransportListPage.ts diff --git a/web/packages/web/src/admin/events/utils.ts b/web/packages/monolith/src/admin/events/utils.ts similarity index 100% rename from web/packages/web/src/admin/events/utils.ts rename to web/packages/monolith/src/admin/events/utils.ts diff --git a/web/packages/web/src/admin/flows/BoundStagesList.ts b/web/packages/monolith/src/admin/flows/BoundStagesList.ts similarity index 100% rename from web/packages/web/src/admin/flows/BoundStagesList.ts rename to web/packages/monolith/src/admin/flows/BoundStagesList.ts diff --git a/web/packages/web/src/admin/flows/FlowDiagram.ts b/web/packages/monolith/src/admin/flows/FlowDiagram.ts similarity index 100% rename from web/packages/web/src/admin/flows/FlowDiagram.ts rename to web/packages/monolith/src/admin/flows/FlowDiagram.ts diff --git a/web/packages/web/src/admin/flows/FlowForm.ts b/web/packages/monolith/src/admin/flows/FlowForm.ts similarity index 100% rename from web/packages/web/src/admin/flows/FlowForm.ts rename to web/packages/monolith/src/admin/flows/FlowForm.ts diff --git a/web/packages/web/src/admin/flows/FlowImportForm.ts b/web/packages/monolith/src/admin/flows/FlowImportForm.ts similarity index 100% rename from web/packages/web/src/admin/flows/FlowImportForm.ts rename to web/packages/monolith/src/admin/flows/FlowImportForm.ts diff --git a/web/packages/web/src/admin/flows/FlowListPage.ts b/web/packages/monolith/src/admin/flows/FlowListPage.ts similarity index 100% rename from web/packages/web/src/admin/flows/FlowListPage.ts rename to web/packages/monolith/src/admin/flows/FlowListPage.ts diff --git a/web/packages/web/src/admin/flows/FlowViewPage.ts b/web/packages/monolith/src/admin/flows/FlowViewPage.ts similarity index 100% rename from web/packages/web/src/admin/flows/FlowViewPage.ts rename to web/packages/monolith/src/admin/flows/FlowViewPage.ts diff --git a/web/packages/web/src/admin/flows/StageBindingForm.ts b/web/packages/monolith/src/admin/flows/StageBindingForm.ts similarity index 100% rename from web/packages/web/src/admin/flows/StageBindingForm.ts rename to web/packages/monolith/src/admin/flows/StageBindingForm.ts diff --git a/web/packages/web/src/admin/flows/utils.ts b/web/packages/monolith/src/admin/flows/utils.ts similarity index 100% rename from web/packages/web/src/admin/flows/utils.ts rename to web/packages/monolith/src/admin/flows/utils.ts diff --git a/web/packages/web/src/admin/groups/GroupForm.ts b/web/packages/monolith/src/admin/groups/GroupForm.ts similarity index 100% rename from web/packages/web/src/admin/groups/GroupForm.ts rename to web/packages/monolith/src/admin/groups/GroupForm.ts diff --git a/web/packages/web/src/admin/groups/GroupListPage.ts b/web/packages/monolith/src/admin/groups/GroupListPage.ts similarity index 100% rename from web/packages/web/src/admin/groups/GroupListPage.ts rename to web/packages/monolith/src/admin/groups/GroupListPage.ts diff --git a/web/packages/web/src/admin/groups/GroupViewPage.ts b/web/packages/monolith/src/admin/groups/GroupViewPage.ts similarity index 100% rename from web/packages/web/src/admin/groups/GroupViewPage.ts rename to web/packages/monolith/src/admin/groups/GroupViewPage.ts diff --git a/web/packages/web/src/admin/groups/MemberSelectModal.ts b/web/packages/monolith/src/admin/groups/MemberSelectModal.ts similarity index 100% rename from web/packages/web/src/admin/groups/MemberSelectModal.ts rename to web/packages/monolith/src/admin/groups/MemberSelectModal.ts diff --git a/web/packages/web/src/admin/groups/RelatedGroupList.ts b/web/packages/monolith/src/admin/groups/RelatedGroupList.ts similarity index 100% rename from web/packages/web/src/admin/groups/RelatedGroupList.ts rename to web/packages/monolith/src/admin/groups/RelatedGroupList.ts diff --git a/web/packages/web/src/admin/groups/RelatedUserList.ts b/web/packages/monolith/src/admin/groups/RelatedUserList.ts similarity index 100% rename from web/packages/web/src/admin/groups/RelatedUserList.ts rename to web/packages/monolith/src/admin/groups/RelatedUserList.ts diff --git a/web/packages/web/src/admin/helperText.ts b/web/packages/monolith/src/admin/helperText.ts similarity index 100% rename from web/packages/web/src/admin/helperText.ts rename to web/packages/monolith/src/admin/helperText.ts diff --git a/web/packages/web/src/admin/outposts/OutpostDeploymentModal.ts b/web/packages/monolith/src/admin/outposts/OutpostDeploymentModal.ts similarity index 100% rename from web/packages/web/src/admin/outposts/OutpostDeploymentModal.ts rename to web/packages/monolith/src/admin/outposts/OutpostDeploymentModal.ts diff --git a/web/packages/web/src/admin/outposts/OutpostForm.ts b/web/packages/monolith/src/admin/outposts/OutpostForm.ts similarity index 100% rename from web/packages/web/src/admin/outposts/OutpostForm.ts rename to web/packages/monolith/src/admin/outposts/OutpostForm.ts diff --git a/web/packages/web/src/admin/outposts/OutpostHealth.ts b/web/packages/monolith/src/admin/outposts/OutpostHealth.ts similarity index 100% rename from web/packages/web/src/admin/outposts/OutpostHealth.ts rename to web/packages/monolith/src/admin/outposts/OutpostHealth.ts diff --git a/web/packages/web/src/admin/outposts/OutpostHealthSimple.ts b/web/packages/monolith/src/admin/outposts/OutpostHealthSimple.ts similarity index 100% rename from web/packages/web/src/admin/outposts/OutpostHealthSimple.ts rename to web/packages/monolith/src/admin/outposts/OutpostHealthSimple.ts diff --git a/web/packages/web/src/admin/outposts/OutpostListPage.ts b/web/packages/monolith/src/admin/outposts/OutpostListPage.ts similarity index 100% rename from web/packages/web/src/admin/outposts/OutpostListPage.ts rename to web/packages/monolith/src/admin/outposts/OutpostListPage.ts diff --git a/web/packages/web/src/admin/outposts/ServiceConnectionDockerForm.ts b/web/packages/monolith/src/admin/outposts/ServiceConnectionDockerForm.ts similarity index 100% rename from web/packages/web/src/admin/outposts/ServiceConnectionDockerForm.ts rename to web/packages/monolith/src/admin/outposts/ServiceConnectionDockerForm.ts diff --git a/web/packages/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts b/web/packages/monolith/src/admin/outposts/ServiceConnectionKubernetesForm.ts similarity index 100% rename from web/packages/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts rename to web/packages/monolith/src/admin/outposts/ServiceConnectionKubernetesForm.ts diff --git a/web/packages/web/src/admin/outposts/ServiceConnectionListPage.ts b/web/packages/monolith/src/admin/outposts/ServiceConnectionListPage.ts similarity index 100% rename from web/packages/web/src/admin/outposts/ServiceConnectionListPage.ts rename to web/packages/monolith/src/admin/outposts/ServiceConnectionListPage.ts diff --git a/web/packages/web/src/admin/outposts/ServiceConnectionWizard.ts b/web/packages/monolith/src/admin/outposts/ServiceConnectionWizard.ts similarity index 100% rename from web/packages/web/src/admin/outposts/ServiceConnectionWizard.ts rename to web/packages/monolith/src/admin/outposts/ServiceConnectionWizard.ts diff --git a/web/packages/web/src/admin/policies/BasePolicyForm.ts b/web/packages/monolith/src/admin/policies/BasePolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/BasePolicyForm.ts rename to web/packages/monolith/src/admin/policies/BasePolicyForm.ts diff --git a/web/packages/web/src/admin/policies/BoundPoliciesList.ts b/web/packages/monolith/src/admin/policies/BoundPoliciesList.ts similarity index 100% rename from web/packages/web/src/admin/policies/BoundPoliciesList.ts rename to web/packages/monolith/src/admin/policies/BoundPoliciesList.ts diff --git a/web/packages/web/src/admin/policies/PolicyBindingForm.ts b/web/packages/monolith/src/admin/policies/PolicyBindingForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/PolicyBindingForm.ts rename to web/packages/monolith/src/admin/policies/PolicyBindingForm.ts diff --git a/web/packages/web/src/admin/policies/PolicyListPage.ts b/web/packages/monolith/src/admin/policies/PolicyListPage.ts similarity index 100% rename from web/packages/web/src/admin/policies/PolicyListPage.ts rename to web/packages/monolith/src/admin/policies/PolicyListPage.ts diff --git a/web/packages/web/src/admin/policies/PolicyTestForm.ts b/web/packages/monolith/src/admin/policies/PolicyTestForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/PolicyTestForm.ts rename to web/packages/monolith/src/admin/policies/PolicyTestForm.ts diff --git a/web/packages/web/src/admin/policies/PolicyWizard.ts b/web/packages/monolith/src/admin/policies/PolicyWizard.ts similarity index 100% rename from web/packages/web/src/admin/policies/PolicyWizard.ts rename to web/packages/monolith/src/admin/policies/PolicyWizard.ts diff --git a/web/packages/web/src/admin/policies/dummy/DummyPolicyForm.ts b/web/packages/monolith/src/admin/policies/dummy/DummyPolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/dummy/DummyPolicyForm.ts rename to web/packages/monolith/src/admin/policies/dummy/DummyPolicyForm.ts diff --git a/web/packages/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts b/web/packages/monolith/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts rename to web/packages/monolith/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts diff --git a/web/packages/web/src/admin/policies/expiry/ExpiryPolicyForm.ts b/web/packages/monolith/src/admin/policies/expiry/ExpiryPolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/expiry/ExpiryPolicyForm.ts rename to web/packages/monolith/src/admin/policies/expiry/ExpiryPolicyForm.ts diff --git a/web/packages/web/src/admin/policies/expression/ExpressionPolicyForm.ts b/web/packages/monolith/src/admin/policies/expression/ExpressionPolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/expression/ExpressionPolicyForm.ts rename to web/packages/monolith/src/admin/policies/expression/ExpressionPolicyForm.ts diff --git a/web/packages/web/src/admin/policies/password/PasswordPolicyForm.ts b/web/packages/monolith/src/admin/policies/password/PasswordPolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/password/PasswordPolicyForm.ts rename to web/packages/monolith/src/admin/policies/password/PasswordPolicyForm.ts diff --git a/web/packages/web/src/admin/policies/reputation/ReputationListPage.ts b/web/packages/monolith/src/admin/policies/reputation/ReputationListPage.ts similarity index 100% rename from web/packages/web/src/admin/policies/reputation/ReputationListPage.ts rename to web/packages/monolith/src/admin/policies/reputation/ReputationListPage.ts diff --git a/web/packages/web/src/admin/policies/reputation/ReputationPolicyForm.ts b/web/packages/monolith/src/admin/policies/reputation/ReputationPolicyForm.ts similarity index 100% rename from web/packages/web/src/admin/policies/reputation/ReputationPolicyForm.ts rename to web/packages/monolith/src/admin/policies/reputation/ReputationPolicyForm.ts diff --git a/web/packages/web/src/admin/property-mappings/BasePropertyMappingForm.ts b/web/packages/monolith/src/admin/property-mappings/BasePropertyMappingForm.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/BasePropertyMappingForm.ts rename to web/packages/monolith/src/admin/property-mappings/BasePropertyMappingForm.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingLDAPForm.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingLDAPForm.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingListPage.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingListPage.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingListPage.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingListPage.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingNotification.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingNotification.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingNotification.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingNotification.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingSAMLForm.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingSAMLForm.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingSCIMForm.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingSCIMForm.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingScopeForm.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingScopeForm.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingScopeForm.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingScopeForm.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingTestForm.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingTestForm.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingTestForm.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingTestForm.ts diff --git a/web/packages/web/src/admin/property-mappings/PropertyMappingWizard.ts b/web/packages/monolith/src/admin/property-mappings/PropertyMappingWizard.ts similarity index 100% rename from web/packages/web/src/admin/property-mappings/PropertyMappingWizard.ts rename to web/packages/monolith/src/admin/property-mappings/PropertyMappingWizard.ts diff --git a/web/packages/web/src/admin/providers/BaseProviderForm.ts b/web/packages/monolith/src/admin/providers/BaseProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/BaseProviderForm.ts rename to web/packages/monolith/src/admin/providers/BaseProviderForm.ts diff --git a/web/packages/web/src/admin/providers/ProviderListPage.ts b/web/packages/monolith/src/admin/providers/ProviderListPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/ProviderListPage.ts rename to web/packages/monolith/src/admin/providers/ProviderListPage.ts diff --git a/web/packages/web/src/admin/providers/ProviderViewPage.ts b/web/packages/monolith/src/admin/providers/ProviderViewPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/ProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/ProviderViewPage.ts diff --git a/web/packages/web/src/admin/providers/ProviderWizard.ts b/web/packages/monolith/src/admin/providers/ProviderWizard.ts similarity index 100% rename from web/packages/web/src/admin/providers/ProviderWizard.ts rename to web/packages/monolith/src/admin/providers/ProviderWizard.ts diff --git a/web/packages/web/src/admin/providers/RelatedApplicationButton.ts b/web/packages/monolith/src/admin/providers/RelatedApplicationButton.ts similarity index 100% rename from web/packages/web/src/admin/providers/RelatedApplicationButton.ts rename to web/packages/monolith/src/admin/providers/RelatedApplicationButton.ts diff --git a/web/packages/web/src/admin/providers/ldap/LDAPProviderForm.ts b/web/packages/monolith/src/admin/providers/ldap/LDAPProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/ldap/LDAPProviderForm.ts rename to web/packages/monolith/src/admin/providers/ldap/LDAPProviderForm.ts diff --git a/web/packages/web/src/admin/providers/ldap/LDAPProviderViewPage.ts b/web/packages/monolith/src/admin/providers/ldap/LDAPProviderViewPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/ldap/LDAPProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/ldap/LDAPProviderViewPage.ts diff --git a/web/packages/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts b/web/packages/monolith/src/admin/providers/oauth2/OAuth2ProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts rename to web/packages/monolith/src/admin/providers/oauth2/OAuth2ProviderForm.ts diff --git a/web/packages/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts b/web/packages/monolith/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts diff --git a/web/packages/web/src/admin/providers/proxy/ProxyProviderForm.ts b/web/packages/monolith/src/admin/providers/proxy/ProxyProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/proxy/ProxyProviderForm.ts rename to web/packages/monolith/src/admin/providers/proxy/ProxyProviderForm.ts diff --git a/web/packages/web/src/admin/providers/proxy/ProxyProviderViewPage.ts b/web/packages/monolith/src/admin/providers/proxy/ProxyProviderViewPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/proxy/ProxyProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/proxy/ProxyProviderViewPage.ts diff --git a/web/packages/web/src/admin/providers/radius/RadiusProviderForm.ts b/web/packages/monolith/src/admin/providers/radius/RadiusProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/radius/RadiusProviderForm.ts rename to web/packages/monolith/src/admin/providers/radius/RadiusProviderForm.ts diff --git a/web/packages/web/src/admin/providers/radius/RadiusProviderViewPage.ts b/web/packages/monolith/src/admin/providers/radius/RadiusProviderViewPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/radius/RadiusProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/radius/RadiusProviderViewPage.ts diff --git a/web/packages/web/src/admin/providers/saml/SAMLProviderForm.ts b/web/packages/monolith/src/admin/providers/saml/SAMLProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/saml/SAMLProviderForm.ts rename to web/packages/monolith/src/admin/providers/saml/SAMLProviderForm.ts diff --git a/web/packages/web/src/admin/providers/saml/SAMLProviderImportForm.ts b/web/packages/monolith/src/admin/providers/saml/SAMLProviderImportForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/saml/SAMLProviderImportForm.ts rename to web/packages/monolith/src/admin/providers/saml/SAMLProviderImportForm.ts diff --git a/web/packages/web/src/admin/providers/saml/SAMLProviderViewPage.ts b/web/packages/monolith/src/admin/providers/saml/SAMLProviderViewPage.ts similarity index 100% rename from web/packages/web/src/admin/providers/saml/SAMLProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/saml/SAMLProviderViewPage.ts diff --git a/web/packages/web/src/admin/providers/scim/SCIMProviderForm.ts b/web/packages/monolith/src/admin/providers/scim/SCIMProviderForm.ts similarity index 100% rename from web/packages/web/src/admin/providers/scim/SCIMProviderForm.ts rename to web/packages/monolith/src/admin/providers/scim/SCIMProviderForm.ts diff --git a/web/packages/web/src/admin/providers/scim/SCIMProviderViewPage.ts b/web/packages/monolith/src/admin/providers/scim/SCIMProviderViewPage.ts similarity index 85% rename from web/packages/web/src/admin/providers/scim/SCIMProviderViewPage.ts rename to web/packages/monolith/src/admin/providers/scim/SCIMProviderViewPage.ts index 3998c7c81..d745ed55e 100644 --- a/web/packages/web/src/admin/providers/scim/SCIMProviderViewPage.ts +++ b/web/packages/monolith/src/admin/providers/scim/SCIMProviderViewPage.ts @@ -10,7 +10,7 @@ import "@goauthentik/elements/Tabs"; import "@goauthentik/elements/buttons/ActionButton"; import "@goauthentik/elements/buttons/ModalButton"; -import { msg } from "@lit/localize"; +import { msg, str } from "@lit/localize"; import { CSSResult, TemplateResult, html } from "lit"; import { customElement, property, state } from "lit/decorators.js"; @@ -31,7 +31,8 @@ import { ProvidersApi, RbacPermissionsAssignedByUsersListModelEnum, SCIMProvider, - Task, + SCIMSyncStatus, + TaskStatusEnum, } from "@goauthentik/api"; @customElement("ak-provider-scim-view") @@ -54,7 +55,7 @@ export class SCIMProviderViewPage extends AKElement { provider?: SCIMProvider; @state() - syncState?: Task; + syncState?: SCIMSyncStatus; static get styles(): CSSResult[] { return [ @@ -128,6 +129,41 @@ export class SCIMProviderViewPage extends AKElement { `; } + renderSyncStatus(): TemplateResult { + if (!this.syncState) { + return html`${msg("No sync status.")}`; + } + if (this.syncState.isRunning) { + return html`${msg("Sync currently running.")}`; + } + if (this.syncState.tasks.length < 1) { + return html`${msg("Not synced yet.")}`; + } + return html` +
    + ${this.syncState.tasks.map((task) => { + let header = ""; + if (task.status === TaskStatusEnum.Warning) { + header = msg("Task finished with warnings"); + } else if (task.status === TaskStatusEnum.Error) { + header = msg("Task finished with errors"); + } else { + header = msg(str`Last sync: ${task.taskFinishTimestamp.toLocaleString()}`); + } + return html`
  • +

    ${task.taskName}

    +
      +
    • ${header}
      • + ${task.messages.map((m) => { + return html`
    • ${m}
      • `; + })} +
    +
    • `; + })} +
+ `; + } + renderTabOverview(): TemplateResult { if (!this.provider) { return html``; @@ -186,16 +222,7 @@ export class SCIMProviderViewPage extends AKElement {

${msg("Sync status")}

-
- ${this.syncState - ? html`
    - ${this.syncState.messages.map((m) => { - return html`
  • ${m}
    • `; - })} -
` - : html` ${msg("Sync not run yet.")} `} -
- +
${this.renderSyncStatus()}
${msg("Email info:")}
${this.getEmailInfo(this.event.context)}
- + `; } diff --git a/web/packages/web/src/components/ak-file-input.ts b/web/packages/monolith/src/components/ak-file-input.ts similarity index 100% rename from web/packages/web/src/components/ak-file-input.ts rename to web/packages/monolith/src/components/ak-file-input.ts diff --git a/web/packages/web/src/components/ak-hint/ShowHintController.ts b/web/packages/monolith/src/components/ak-hint/ShowHintController.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ShowHintController.ts rename to web/packages/monolith/src/components/ak-hint/ShowHintController.ts diff --git a/web/packages/web/src/components/ak-hint/ak-hint-actions.ts b/web/packages/monolith/src/components/ak-hint/ak-hint-actions.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ak-hint-actions.ts rename to web/packages/monolith/src/components/ak-hint/ak-hint-actions.ts diff --git a/web/packages/web/src/components/ak-hint/ak-hint-body.ts b/web/packages/monolith/src/components/ak-hint/ak-hint-body.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ak-hint-body.ts rename to web/packages/monolith/src/components/ak-hint/ak-hint-body.ts diff --git a/web/packages/web/src/components/ak-hint/ak-hint-footer.ts b/web/packages/monolith/src/components/ak-hint/ak-hint-footer.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ak-hint-footer.ts rename to web/packages/monolith/src/components/ak-hint/ak-hint-footer.ts diff --git a/web/packages/web/src/components/ak-hint/ak-hint-title.ts b/web/packages/monolith/src/components/ak-hint/ak-hint-title.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ak-hint-title.ts rename to web/packages/monolith/src/components/ak-hint/ak-hint-title.ts diff --git a/web/packages/web/src/components/ak-hint/ak-hint.stories.ts b/web/packages/monolith/src/components/ak-hint/ak-hint.stories.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ak-hint.stories.ts rename to web/packages/monolith/src/components/ak-hint/ak-hint.stories.ts diff --git a/web/packages/web/src/components/ak-hint/ak-hint.ts b/web/packages/monolith/src/components/ak-hint/ak-hint.ts similarity index 100% rename from web/packages/web/src/components/ak-hint/ak-hint.ts rename to web/packages/monolith/src/components/ak-hint/ak-hint.ts diff --git a/web/packages/web/src/components/ak-multi-select.ts b/web/packages/monolith/src/components/ak-multi-select.ts similarity index 100% rename from web/packages/web/src/components/ak-multi-select.ts rename to web/packages/monolith/src/components/ak-multi-select.ts diff --git a/web/packages/web/src/components/ak-number-input.ts b/web/packages/monolith/src/components/ak-number-input.ts similarity index 100% rename from web/packages/web/src/components/ak-number-input.ts rename to web/packages/monolith/src/components/ak-number-input.ts diff --git a/web/packages/web/src/components/ak-radio-input.ts b/web/packages/monolith/src/components/ak-radio-input.ts similarity index 100% rename from web/packages/web/src/components/ak-radio-input.ts rename to web/packages/monolith/src/components/ak-radio-input.ts diff --git a/web/packages/web/src/components/ak-slug-input.ts b/web/packages/monolith/src/components/ak-slug-input.ts similarity index 100% rename from web/packages/web/src/components/ak-slug-input.ts rename to web/packages/monolith/src/components/ak-slug-input.ts diff --git a/web/packages/web/src/components/ak-status-label.ts b/web/packages/monolith/src/components/ak-status-label.ts similarity index 100% rename from web/packages/web/src/components/ak-status-label.ts rename to web/packages/monolith/src/components/ak-status-label.ts diff --git a/web/packages/web/src/components/ak-switch-input.ts b/web/packages/monolith/src/components/ak-switch-input.ts similarity index 100% rename from web/packages/web/src/components/ak-switch-input.ts rename to web/packages/monolith/src/components/ak-switch-input.ts diff --git a/web/packages/web/src/components/ak-text-input.ts b/web/packages/monolith/src/components/ak-text-input.ts similarity index 100% rename from web/packages/web/src/components/ak-text-input.ts rename to web/packages/monolith/src/components/ak-text-input.ts diff --git a/web/packages/web/src/components/ak-textarea-input.ts b/web/packages/monolith/src/components/ak-textarea-input.ts similarity index 100% rename from web/packages/web/src/components/ak-textarea-input.ts rename to web/packages/monolith/src/components/ak-textarea-input.ts diff --git a/web/packages/web/src/components/ak-toggle-group.ts b/web/packages/monolith/src/components/ak-toggle-group.ts similarity index 100% rename from web/packages/web/src/components/ak-toggle-group.ts rename to web/packages/monolith/src/components/ak-toggle-group.ts diff --git a/web/packages/web/src/components/ak-wizard-main/AkWizard.ts b/web/packages/monolith/src/components/ak-wizard-main/AkWizard.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/AkWizard.ts rename to web/packages/monolith/src/components/ak-wizard-main/AkWizard.ts diff --git a/web/packages/web/src/components/ak-wizard-main/AkWizardController.ts b/web/packages/monolith/src/components/ak-wizard-main/AkWizardController.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/AkWizardController.ts rename to web/packages/monolith/src/components/ak-wizard-main/AkWizardController.ts diff --git a/web/packages/web/src/components/ak-wizard-main/ak-wizard-frame.ts b/web/packages/monolith/src/components/ak-wizard-main/ak-wizard-frame.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/ak-wizard-frame.ts rename to web/packages/monolith/src/components/ak-wizard-main/ak-wizard-frame.ts diff --git a/web/packages/web/src/components/ak-wizard-main/commonWizardButtons.ts b/web/packages/monolith/src/components/ak-wizard-main/commonWizardButtons.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/commonWizardButtons.ts rename to web/packages/monolith/src/components/ak-wizard-main/commonWizardButtons.ts diff --git a/web/packages/web/src/components/ak-wizard-main/stories/ak-demo-wizard.ts b/web/packages/monolith/src/components/ak-wizard-main/stories/ak-demo-wizard.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/stories/ak-demo-wizard.ts rename to web/packages/monolith/src/components/ak-wizard-main/stories/ak-demo-wizard.ts diff --git a/web/packages/web/src/components/ak-wizard-main/stories/ak-wizard-main.stories.ts b/web/packages/monolith/src/components/ak-wizard-main/stories/ak-wizard-main.stories.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/stories/ak-wizard-main.stories.ts rename to web/packages/monolith/src/components/ak-wizard-main/stories/ak-wizard-main.stories.ts diff --git a/web/packages/web/src/components/ak-wizard-main/types.ts b/web/packages/monolith/src/components/ak-wizard-main/types.ts similarity index 100% rename from web/packages/web/src/components/ak-wizard-main/types.ts rename to web/packages/monolith/src/components/ak-wizard-main/types.ts diff --git a/web/packages/web/src/components/events/ObjectChangelog.ts b/web/packages/monolith/src/components/events/ObjectChangelog.ts similarity index 100% rename from web/packages/web/src/components/events/ObjectChangelog.ts rename to web/packages/monolith/src/components/events/ObjectChangelog.ts diff --git a/web/packages/web/src/components/events/UserEvents.ts b/web/packages/monolith/src/components/events/UserEvents.ts similarity index 100% rename from web/packages/web/src/components/events/UserEvents.ts rename to web/packages/monolith/src/components/events/UserEvents.ts diff --git a/web/packages/web/src/components/stories/ak-app-icon.stories.ts b/web/packages/monolith/src/components/stories/ak-app-icon.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-app-icon.stories.ts rename to web/packages/monolith/src/components/stories/ak-app-icon.stories.ts diff --git a/web/packages/web/src/components/stories/ak-multi-select.stories.ts b/web/packages/monolith/src/components/stories/ak-multi-select.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-multi-select.stories.ts rename to web/packages/monolith/src/components/stories/ak-multi-select.stories.ts diff --git a/web/packages/web/src/components/stories/ak-number-input.stories.ts b/web/packages/monolith/src/components/stories/ak-number-input.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-number-input.stories.ts rename to web/packages/monolith/src/components/stories/ak-number-input.stories.ts diff --git a/web/packages/web/src/components/stories/ak-radio-input.stories.ts b/web/packages/monolith/src/components/stories/ak-radio-input.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-radio-input.stories.ts rename to web/packages/monolith/src/components/stories/ak-radio-input.stories.ts diff --git a/web/packages/web/src/components/stories/ak-slug-input.stories.ts b/web/packages/monolith/src/components/stories/ak-slug-input.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-slug-input.stories.ts rename to web/packages/monolith/src/components/stories/ak-slug-input.stories.ts diff --git a/web/packages/web/src/components/stories/ak-status-label.stories.ts b/web/packages/monolith/src/components/stories/ak-status-label.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-status-label.stories.ts rename to web/packages/monolith/src/components/stories/ak-status-label.stories.ts diff --git a/web/packages/web/src/components/stories/ak-switch-input.stories.ts b/web/packages/monolith/src/components/stories/ak-switch-input.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-switch-input.stories.ts rename to web/packages/monolith/src/components/stories/ak-switch-input.stories.ts diff --git a/web/packages/web/src/components/stories/ak-text-input.stories.ts b/web/packages/monolith/src/components/stories/ak-text-input.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-text-input.stories.ts rename to web/packages/monolith/src/components/stories/ak-text-input.stories.ts diff --git a/web/packages/web/src/components/stories/ak-textarea-input.stories.ts b/web/packages/monolith/src/components/stories/ak-textarea-input.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-textarea-input.stories.ts rename to web/packages/monolith/src/components/stories/ak-textarea-input.stories.ts diff --git a/web/packages/web/src/components/stories/ak-toggle-group.stories.ts b/web/packages/monolith/src/components/stories/ak-toggle-group.stories.ts similarity index 100% rename from web/packages/web/src/components/stories/ak-toggle-group.stories.ts rename to web/packages/monolith/src/components/stories/ak-toggle-group.stories.ts diff --git a/web/packages/web/src/custom.css b/web/packages/monolith/src/custom.css similarity index 100% rename from web/packages/web/src/custom.css rename to web/packages/monolith/src/custom.css diff --git a/web/packages/web/src/elements/Alert.ts b/web/packages/monolith/src/elements/Alert.ts similarity index 100% rename from web/packages/web/src/elements/Alert.ts rename to web/packages/monolith/src/elements/Alert.ts diff --git a/web/packages/web/src/elements/AuthentikContexts.ts b/web/packages/monolith/src/elements/AuthentikContexts.ts similarity index 100% rename from web/packages/web/src/elements/AuthentikContexts.ts rename to web/packages/monolith/src/elements/AuthentikContexts.ts diff --git a/web/packages/web/src/elements/Base.ts b/web/packages/monolith/src/elements/Base.ts similarity index 100% rename from web/packages/web/src/elements/Base.ts rename to web/packages/monolith/src/elements/Base.ts diff --git a/web/packages/web/src/elements/CodeMirror.ts b/web/packages/monolith/src/elements/CodeMirror.ts similarity index 100% rename from web/packages/web/src/elements/CodeMirror.ts rename to web/packages/monolith/src/elements/CodeMirror.ts diff --git a/web/packages/web/src/elements/Diagram.ts b/web/packages/monolith/src/elements/Diagram.ts similarity index 100% rename from web/packages/web/src/elements/Diagram.ts rename to web/packages/monolith/src/elements/Diagram.ts diff --git a/web/packages/web/src/elements/Divider.ts b/web/packages/monolith/src/elements/Divider.ts similarity index 100% rename from web/packages/web/src/elements/Divider.ts rename to web/packages/monolith/src/elements/Divider.ts diff --git a/web/packages/web/src/elements/EmptyState.ts b/web/packages/monolith/src/elements/EmptyState.ts similarity index 100% rename from web/packages/web/src/elements/EmptyState.ts rename to web/packages/monolith/src/elements/EmptyState.ts diff --git a/web/packages/web/src/elements/Expand.ts b/web/packages/monolith/src/elements/Expand.ts similarity index 100% rename from web/packages/web/src/elements/Expand.ts rename to web/packages/monolith/src/elements/Expand.ts diff --git a/web/packages/web/src/elements/Label.ts b/web/packages/monolith/src/elements/Label.ts similarity index 100% rename from web/packages/web/src/elements/Label.ts rename to web/packages/monolith/src/elements/Label.ts diff --git a/web/packages/web/src/elements/LoadingOverlay.ts b/web/packages/monolith/src/elements/LoadingOverlay.ts similarity index 100% rename from web/packages/web/src/elements/LoadingOverlay.ts rename to web/packages/monolith/src/elements/LoadingOverlay.ts diff --git a/web/packages/web/src/elements/Markdown.ts b/web/packages/monolith/src/elements/Markdown.ts similarity index 100% rename from web/packages/web/src/elements/Markdown.ts rename to web/packages/monolith/src/elements/Markdown.ts diff --git a/web/packages/web/src/elements/PageHeader.ts b/web/packages/monolith/src/elements/PageHeader.ts similarity index 100% rename from web/packages/web/src/elements/PageHeader.ts rename to web/packages/monolith/src/elements/PageHeader.ts diff --git a/web/packages/web/src/elements/Spinner.ts b/web/packages/monolith/src/elements/Spinner.ts similarity index 100% rename from web/packages/web/src/elements/Spinner.ts rename to web/packages/monolith/src/elements/Spinner.ts diff --git a/web/packages/web/src/elements/Tabs.ts b/web/packages/monolith/src/elements/Tabs.ts similarity index 100% rename from web/packages/web/src/elements/Tabs.ts rename to web/packages/monolith/src/elements/Tabs.ts diff --git a/web/packages/web/src/elements/TreeView.ts b/web/packages/monolith/src/elements/TreeView.ts similarity index 100% rename from web/packages/web/src/elements/TreeView.ts rename to web/packages/monolith/src/elements/TreeView.ts diff --git a/web/packages/web/src/elements/ak-locale-context/ak-locale-context.stories.ts b/web/packages/monolith/src/elements/ak-locale-context/ak-locale-context.stories.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/ak-locale-context.stories.ts rename to web/packages/monolith/src/elements/ak-locale-context/ak-locale-context.stories.ts diff --git a/web/packages/web/src/elements/ak-locale-context/ak-locale-context.ts b/web/packages/monolith/src/elements/ak-locale-context/ak-locale-context.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/ak-locale-context.ts rename to web/packages/monolith/src/elements/ak-locale-context/ak-locale-context.ts diff --git a/web/packages/web/src/elements/ak-locale-context/configureLocale.ts b/web/packages/monolith/src/elements/ak-locale-context/configureLocale.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/configureLocale.ts rename to web/packages/monolith/src/elements/ak-locale-context/configureLocale.ts diff --git a/web/packages/web/src/elements/ak-locale-context/context.ts b/web/packages/monolith/src/elements/ak-locale-context/context.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/context.ts rename to web/packages/monolith/src/elements/ak-locale-context/context.ts diff --git a/web/packages/web/src/elements/ak-locale-context/definitions.ts b/web/packages/monolith/src/elements/ak-locale-context/definitions.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/definitions.ts rename to web/packages/monolith/src/elements/ak-locale-context/definitions.ts diff --git a/web/packages/web/src/elements/ak-locale-context/helpers.ts b/web/packages/monolith/src/elements/ak-locale-context/helpers.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/helpers.ts rename to web/packages/monolith/src/elements/ak-locale-context/helpers.ts diff --git a/web/packages/web/src/elements/ak-locale-context/index.ts b/web/packages/monolith/src/elements/ak-locale-context/index.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/index.ts rename to web/packages/monolith/src/elements/ak-locale-context/index.ts diff --git a/web/packages/web/src/elements/ak-locale-context/types.ts b/web/packages/monolith/src/elements/ak-locale-context/types.ts similarity index 100% rename from web/packages/web/src/elements/ak-locale-context/types.ts rename to web/packages/monolith/src/elements/ak-locale-context/types.ts diff --git a/web/packages/web/src/elements/buttons/ActionButton/ak-action-button.stories.ts b/web/packages/monolith/src/elements/buttons/ActionButton/ak-action-button.stories.ts similarity index 100% rename from web/packages/web/src/elements/buttons/ActionButton/ak-action-button.stories.ts rename to web/packages/monolith/src/elements/buttons/ActionButton/ak-action-button.stories.ts diff --git a/web/packages/web/src/elements/buttons/ActionButton/ak-action-button.ts b/web/packages/monolith/src/elements/buttons/ActionButton/ak-action-button.ts similarity index 100% rename from web/packages/web/src/elements/buttons/ActionButton/ak-action-button.ts rename to web/packages/monolith/src/elements/buttons/ActionButton/ak-action-button.ts diff --git a/web/packages/web/src/elements/buttons/ActionButton/index.ts b/web/packages/monolith/src/elements/buttons/ActionButton/index.ts similarity index 100% rename from web/packages/web/src/elements/buttons/ActionButton/index.ts rename to web/packages/monolith/src/elements/buttons/ActionButton/index.ts diff --git a/web/packages/web/src/elements/buttons/Dropdown.ts b/web/packages/monolith/src/elements/buttons/Dropdown.ts similarity index 100% rename from web/packages/web/src/elements/buttons/Dropdown.ts rename to web/packages/monolith/src/elements/buttons/Dropdown.ts diff --git a/web/packages/web/src/elements/buttons/ModalButton.ts b/web/packages/monolith/src/elements/buttons/ModalButton.ts similarity index 100% rename from web/packages/web/src/elements/buttons/ModalButton.ts rename to web/packages/monolith/src/elements/buttons/ModalButton.ts diff --git a/web/packages/web/src/elements/buttons/SpinnerButton/BaseTaskButton.ts b/web/packages/monolith/src/elements/buttons/SpinnerButton/BaseTaskButton.ts similarity index 100% rename from web/packages/web/src/elements/buttons/SpinnerButton/BaseTaskButton.ts rename to web/packages/monolith/src/elements/buttons/SpinnerButton/BaseTaskButton.ts diff --git a/web/packages/web/src/elements/buttons/SpinnerButton/ak-spinner-button.stories.ts b/web/packages/monolith/src/elements/buttons/SpinnerButton/ak-spinner-button.stories.ts similarity index 100% rename from web/packages/web/src/elements/buttons/SpinnerButton/ak-spinner-button.stories.ts rename to web/packages/monolith/src/elements/buttons/SpinnerButton/ak-spinner-button.stories.ts diff --git a/web/packages/web/src/elements/buttons/SpinnerButton/ak-spinner-button.ts b/web/packages/monolith/src/elements/buttons/SpinnerButton/ak-spinner-button.ts similarity index 100% rename from web/packages/web/src/elements/buttons/SpinnerButton/ak-spinner-button.ts rename to web/packages/monolith/src/elements/buttons/SpinnerButton/ak-spinner-button.ts diff --git a/web/packages/web/src/elements/buttons/SpinnerButton/index.ts b/web/packages/monolith/src/elements/buttons/SpinnerButton/index.ts similarity index 100% rename from web/packages/web/src/elements/buttons/SpinnerButton/index.ts rename to web/packages/monolith/src/elements/buttons/SpinnerButton/index.ts diff --git a/web/packages/web/src/elements/buttons/TokenCopyButton/ak-token-copy-button.stories.ts b/web/packages/monolith/src/elements/buttons/TokenCopyButton/ak-token-copy-button.stories.ts similarity index 100% rename from web/packages/web/src/elements/buttons/TokenCopyButton/ak-token-copy-button.stories.ts rename to web/packages/monolith/src/elements/buttons/TokenCopyButton/ak-token-copy-button.stories.ts diff --git a/web/packages/web/src/elements/buttons/TokenCopyButton/ak-token-copy-button.ts b/web/packages/monolith/src/elements/buttons/TokenCopyButton/ak-token-copy-button.ts similarity index 100% rename from web/packages/web/src/elements/buttons/TokenCopyButton/ak-token-copy-button.ts rename to web/packages/monolith/src/elements/buttons/TokenCopyButton/ak-token-copy-button.ts diff --git a/web/packages/web/src/elements/buttons/TokenCopyButton/index.ts b/web/packages/monolith/src/elements/buttons/TokenCopyButton/index.ts similarity index 100% rename from web/packages/web/src/elements/buttons/TokenCopyButton/index.ts rename to web/packages/monolith/src/elements/buttons/TokenCopyButton/index.ts diff --git a/web/packages/web/src/elements/cards/AggregateCard.ts b/web/packages/monolith/src/elements/cards/AggregateCard.ts similarity index 100% rename from web/packages/web/src/elements/cards/AggregateCard.ts rename to web/packages/monolith/src/elements/cards/AggregateCard.ts diff --git a/web/packages/web/src/elements/cards/AggregatePromiseCard.ts b/web/packages/monolith/src/elements/cards/AggregatePromiseCard.ts similarity index 100% rename from web/packages/web/src/elements/cards/AggregatePromiseCard.ts rename to web/packages/monolith/src/elements/cards/AggregatePromiseCard.ts diff --git a/web/packages/web/src/elements/charts/Chart.ts b/web/packages/monolith/src/elements/charts/Chart.ts similarity index 100% rename from web/packages/web/src/elements/charts/Chart.ts rename to web/packages/monolith/src/elements/charts/Chart.ts diff --git a/web/packages/web/src/elements/chips/Chip.ts b/web/packages/monolith/src/elements/chips/Chip.ts similarity index 100% rename from web/packages/web/src/elements/chips/Chip.ts rename to web/packages/monolith/src/elements/chips/Chip.ts diff --git a/web/packages/web/src/elements/chips/ChipGroup.ts b/web/packages/monolith/src/elements/chips/ChipGroup.ts similarity index 100% rename from web/packages/web/src/elements/chips/ChipGroup.ts rename to web/packages/monolith/src/elements/chips/ChipGroup.ts diff --git a/web/packages/web/src/elements/enterprise/EnterpriseStatusBanner.ts b/web/packages/monolith/src/elements/enterprise/EnterpriseStatusBanner.ts similarity index 100% rename from web/packages/web/src/elements/enterprise/EnterpriseStatusBanner.ts rename to web/packages/monolith/src/elements/enterprise/EnterpriseStatusBanner.ts diff --git a/web/packages/web/src/elements/forms/ConfirmationForm.ts b/web/packages/monolith/src/elements/forms/ConfirmationForm.ts similarity index 100% rename from web/packages/web/src/elements/forms/ConfirmationForm.ts rename to web/packages/monolith/src/elements/forms/ConfirmationForm.ts diff --git a/web/packages/web/src/elements/forms/DeleteBulkForm.ts b/web/packages/monolith/src/elements/forms/DeleteBulkForm.ts similarity index 100% rename from web/packages/web/src/elements/forms/DeleteBulkForm.ts rename to web/packages/monolith/src/elements/forms/DeleteBulkForm.ts diff --git a/web/packages/web/src/elements/forms/DeleteForm.ts b/web/packages/monolith/src/elements/forms/DeleteForm.ts similarity index 100% rename from web/packages/web/src/elements/forms/DeleteForm.ts rename to web/packages/monolith/src/elements/forms/DeleteForm.ts diff --git a/web/packages/web/src/elements/forms/Form.ts b/web/packages/monolith/src/elements/forms/Form.ts similarity index 100% rename from web/packages/web/src/elements/forms/Form.ts rename to web/packages/monolith/src/elements/forms/Form.ts diff --git a/web/packages/web/src/elements/forms/FormElement.ts b/web/packages/monolith/src/elements/forms/FormElement.ts similarity index 100% rename from web/packages/web/src/elements/forms/FormElement.ts rename to web/packages/monolith/src/elements/forms/FormElement.ts diff --git a/web/packages/web/src/elements/forms/FormGroup.ts b/web/packages/monolith/src/elements/forms/FormGroup.ts similarity index 100% rename from web/packages/web/src/elements/forms/FormGroup.ts rename to web/packages/monolith/src/elements/forms/FormGroup.ts diff --git a/web/packages/web/src/elements/forms/HorizontalFormElement.ts b/web/packages/monolith/src/elements/forms/HorizontalFormElement.ts similarity index 100% rename from web/packages/web/src/elements/forms/HorizontalFormElement.ts rename to web/packages/monolith/src/elements/forms/HorizontalFormElement.ts diff --git a/web/packages/web/src/elements/forms/ModalForm.ts b/web/packages/monolith/src/elements/forms/ModalForm.ts similarity index 100% rename from web/packages/web/src/elements/forms/ModalForm.ts rename to web/packages/monolith/src/elements/forms/ModalForm.ts diff --git a/web/packages/web/src/elements/forms/ModelForm.ts b/web/packages/monolith/src/elements/forms/ModelForm.ts similarity index 100% rename from web/packages/web/src/elements/forms/ModelForm.ts rename to web/packages/monolith/src/elements/forms/ModelForm.ts diff --git a/web/packages/web/src/elements/forms/ProxyForm.ts b/web/packages/monolith/src/elements/forms/ProxyForm.ts similarity index 100% rename from web/packages/web/src/elements/forms/ProxyForm.ts rename to web/packages/monolith/src/elements/forms/ProxyForm.ts diff --git a/web/packages/web/src/elements/forms/Radio.ts b/web/packages/monolith/src/elements/forms/Radio.ts similarity index 100% rename from web/packages/web/src/elements/forms/Radio.ts rename to web/packages/monolith/src/elements/forms/Radio.ts diff --git a/web/packages/web/src/elements/forms/SearchSelect.ts b/web/packages/monolith/src/elements/forms/SearchSelect.ts similarity index 100% rename from web/packages/web/src/elements/forms/SearchSelect.ts rename to web/packages/monolith/src/elements/forms/SearchSelect.ts diff --git a/web/packages/web/src/elements/forms/helpers.ts b/web/packages/monolith/src/elements/forms/helpers.ts similarity index 100% rename from web/packages/web/src/elements/forms/helpers.ts rename to web/packages/monolith/src/elements/forms/helpers.ts diff --git a/web/packages/web/src/elements/forms/stories/Radio.stories.ts b/web/packages/monolith/src/elements/forms/stories/Radio.stories.ts similarity index 100% rename from web/packages/web/src/elements/forms/stories/Radio.stories.ts rename to web/packages/monolith/src/elements/forms/stories/Radio.stories.ts diff --git a/web/packages/web/src/elements/messages/Message.ts b/web/packages/monolith/src/elements/messages/Message.ts similarity index 100% rename from web/packages/web/src/elements/messages/Message.ts rename to web/packages/monolith/src/elements/messages/Message.ts diff --git a/web/packages/web/src/elements/messages/MessageContainer.ts b/web/packages/monolith/src/elements/messages/MessageContainer.ts similarity index 100% rename from web/packages/web/src/elements/messages/MessageContainer.ts rename to web/packages/monolith/src/elements/messages/MessageContainer.ts diff --git a/web/packages/web/src/elements/messages/Middleware.ts b/web/packages/monolith/src/elements/messages/Middleware.ts similarity index 100% rename from web/packages/web/src/elements/messages/Middleware.ts rename to web/packages/monolith/src/elements/messages/Middleware.ts diff --git a/web/packages/web/src/elements/notifications/APIDrawer.ts b/web/packages/monolith/src/elements/notifications/APIDrawer.ts similarity index 100% rename from web/packages/web/src/elements/notifications/APIDrawer.ts rename to web/packages/monolith/src/elements/notifications/APIDrawer.ts diff --git a/web/packages/web/src/elements/notifications/NotificationDrawer.ts b/web/packages/monolith/src/elements/notifications/NotificationDrawer.ts similarity index 100% rename from web/packages/web/src/elements/notifications/NotificationDrawer.ts rename to web/packages/monolith/src/elements/notifications/NotificationDrawer.ts diff --git a/web/packages/web/src/elements/oauth/UserRefreshList.ts b/web/packages/monolith/src/elements/oauth/UserRefreshList.ts similarity index 100% rename from web/packages/web/src/elements/oauth/UserRefreshList.ts rename to web/packages/monolith/src/elements/oauth/UserRefreshList.ts diff --git a/web/packages/web/src/elements/rbac/ObjectPermissionModal.ts b/web/packages/monolith/src/elements/rbac/ObjectPermissionModal.ts similarity index 100% rename from web/packages/web/src/elements/rbac/ObjectPermissionModal.ts rename to web/packages/monolith/src/elements/rbac/ObjectPermissionModal.ts diff --git a/web/packages/web/src/elements/rbac/ObjectPermissionsPage.ts b/web/packages/monolith/src/elements/rbac/ObjectPermissionsPage.ts similarity index 100% rename from web/packages/web/src/elements/rbac/ObjectPermissionsPage.ts rename to web/packages/monolith/src/elements/rbac/ObjectPermissionsPage.ts diff --git a/web/packages/web/src/elements/rbac/PermissionSelectModal.ts b/web/packages/monolith/src/elements/rbac/PermissionSelectModal.ts similarity index 100% rename from web/packages/web/src/elements/rbac/PermissionSelectModal.ts rename to web/packages/monolith/src/elements/rbac/PermissionSelectModal.ts diff --git a/web/packages/web/src/elements/rbac/RoleObjectPermissionForm.ts b/web/packages/monolith/src/elements/rbac/RoleObjectPermissionForm.ts similarity index 100% rename from web/packages/web/src/elements/rbac/RoleObjectPermissionForm.ts rename to web/packages/monolith/src/elements/rbac/RoleObjectPermissionForm.ts diff --git a/web/packages/web/src/elements/rbac/RoleObjectPermissionTable.ts b/web/packages/monolith/src/elements/rbac/RoleObjectPermissionTable.ts similarity index 100% rename from web/packages/web/src/elements/rbac/RoleObjectPermissionTable.ts rename to web/packages/monolith/src/elements/rbac/RoleObjectPermissionTable.ts diff --git a/web/packages/web/src/elements/rbac/UserObjectPermissionForm.ts b/web/packages/monolith/src/elements/rbac/UserObjectPermissionForm.ts similarity index 100% rename from web/packages/web/src/elements/rbac/UserObjectPermissionForm.ts rename to web/packages/monolith/src/elements/rbac/UserObjectPermissionForm.ts diff --git a/web/packages/web/src/elements/rbac/UserObjectPermissionTable.ts b/web/packages/monolith/src/elements/rbac/UserObjectPermissionTable.ts similarity index 100% rename from web/packages/web/src/elements/rbac/UserObjectPermissionTable.ts rename to web/packages/monolith/src/elements/rbac/UserObjectPermissionTable.ts diff --git a/web/packages/web/src/elements/router/Route.ts b/web/packages/monolith/src/elements/router/Route.ts similarity index 100% rename from web/packages/web/src/elements/router/Route.ts rename to web/packages/monolith/src/elements/router/Route.ts diff --git a/web/packages/web/src/elements/router/RouteMatch.ts b/web/packages/monolith/src/elements/router/RouteMatch.ts similarity index 100% rename from web/packages/web/src/elements/router/RouteMatch.ts rename to web/packages/monolith/src/elements/router/RouteMatch.ts diff --git a/web/packages/web/src/elements/router/Router404.ts b/web/packages/monolith/src/elements/router/Router404.ts similarity index 100% rename from web/packages/web/src/elements/router/Router404.ts rename to web/packages/monolith/src/elements/router/Router404.ts diff --git a/web/packages/web/src/elements/router/RouterOutlet.ts b/web/packages/monolith/src/elements/router/RouterOutlet.ts similarity index 100% rename from web/packages/web/src/elements/router/RouterOutlet.ts rename to web/packages/monolith/src/elements/router/RouterOutlet.ts diff --git a/web/packages/web/src/elements/sidebar/Sidebar.ts b/web/packages/monolith/src/elements/sidebar/Sidebar.ts similarity index 100% rename from web/packages/web/src/elements/sidebar/Sidebar.ts rename to web/packages/monolith/src/elements/sidebar/Sidebar.ts diff --git a/web/packages/web/src/elements/sidebar/SidebarBrand.ts b/web/packages/monolith/src/elements/sidebar/SidebarBrand.ts similarity index 100% rename from web/packages/web/src/elements/sidebar/SidebarBrand.ts rename to web/packages/monolith/src/elements/sidebar/SidebarBrand.ts diff --git a/web/packages/web/src/elements/sidebar/SidebarItem.ts b/web/packages/monolith/src/elements/sidebar/SidebarItem.ts similarity index 100% rename from web/packages/web/src/elements/sidebar/SidebarItem.ts rename to web/packages/monolith/src/elements/sidebar/SidebarItem.ts diff --git a/web/packages/web/src/elements/sidebar/SidebarUser.ts b/web/packages/monolith/src/elements/sidebar/SidebarUser.ts similarity index 100% rename from web/packages/web/src/elements/sidebar/SidebarUser.ts rename to web/packages/monolith/src/elements/sidebar/SidebarUser.ts diff --git a/web/packages/web/src/elements/table/Table.ts b/web/packages/monolith/src/elements/table/Table.ts similarity index 100% rename from web/packages/web/src/elements/table/Table.ts rename to web/packages/monolith/src/elements/table/Table.ts diff --git a/web/packages/web/src/elements/table/TableModal.ts b/web/packages/monolith/src/elements/table/TableModal.ts similarity index 100% rename from web/packages/web/src/elements/table/TableModal.ts rename to web/packages/monolith/src/elements/table/TableModal.ts diff --git a/web/packages/web/src/elements/table/TablePage.ts b/web/packages/monolith/src/elements/table/TablePage.ts similarity index 100% rename from web/packages/web/src/elements/table/TablePage.ts rename to web/packages/monolith/src/elements/table/TablePage.ts diff --git a/web/packages/web/src/elements/table/TablePagination.ts b/web/packages/monolith/src/elements/table/TablePagination.ts similarity index 100% rename from web/packages/web/src/elements/table/TablePagination.ts rename to web/packages/monolith/src/elements/table/TablePagination.ts diff --git a/web/packages/web/src/elements/table/TableSearch.ts b/web/packages/monolith/src/elements/table/TableSearch.ts similarity index 100% rename from web/packages/web/src/elements/table/TableSearch.ts rename to web/packages/monolith/src/elements/table/TableSearch.ts diff --git a/web/packages/web/src/elements/user/SessionList.ts b/web/packages/monolith/src/elements/user/SessionList.ts similarity index 100% rename from web/packages/web/src/elements/user/SessionList.ts rename to web/packages/monolith/src/elements/user/SessionList.ts diff --git a/web/packages/web/src/elements/user/UserConsentList.ts b/web/packages/monolith/src/elements/user/UserConsentList.ts similarity index 100% rename from web/packages/web/src/elements/user/UserConsentList.ts rename to web/packages/monolith/src/elements/user/UserConsentList.ts diff --git a/web/packages/web/src/elements/user/utils.ts b/web/packages/monolith/src/elements/user/utils.ts similarity index 100% rename from web/packages/web/src/elements/user/utils.ts rename to web/packages/monolith/src/elements/user/utils.ts diff --git a/web/packages/web/src/elements/utils/TimeDeltaHelp.ts b/web/packages/monolith/src/elements/utils/TimeDeltaHelp.ts similarity index 100% rename from web/packages/web/src/elements/utils/TimeDeltaHelp.ts rename to web/packages/monolith/src/elements/utils/TimeDeltaHelp.ts diff --git a/web/packages/web/src/elements/utils/customEvents.ts b/web/packages/monolith/src/elements/utils/customEvents.ts similarity index 100% rename from web/packages/web/src/elements/utils/customEvents.ts rename to web/packages/monolith/src/elements/utils/customEvents.ts diff --git a/web/packages/web/src/elements/utils/eventEmitter.ts b/web/packages/monolith/src/elements/utils/eventEmitter.ts similarity index 100% rename from web/packages/web/src/elements/utils/eventEmitter.ts rename to web/packages/monolith/src/elements/utils/eventEmitter.ts diff --git a/web/packages/web/src/elements/utils/getRootStyle.ts b/web/packages/monolith/src/elements/utils/getRootStyle.ts similarity index 100% rename from web/packages/web/src/elements/utils/getRootStyle.ts rename to web/packages/monolith/src/elements/utils/getRootStyle.ts diff --git a/web/packages/web/src/elements/utils/isSafari.ts b/web/packages/monolith/src/elements/utils/isSafari.ts similarity index 100% rename from web/packages/web/src/elements/utils/isSafari.ts rename to web/packages/monolith/src/elements/utils/isSafari.ts diff --git a/web/packages/web/src/elements/utils/randomId.ts b/web/packages/monolith/src/elements/utils/randomId.ts similarity index 100% rename from web/packages/web/src/elements/utils/randomId.ts rename to web/packages/monolith/src/elements/utils/randomId.ts diff --git a/web/packages/web/src/elements/utils/writeToClipboard.ts b/web/packages/monolith/src/elements/utils/writeToClipboard.ts similarity index 100% rename from web/packages/web/src/elements/utils/writeToClipboard.ts rename to web/packages/monolith/src/elements/utils/writeToClipboard.ts diff --git a/web/packages/web/src/elements/wizard/ActionWizardPage.ts b/web/packages/monolith/src/elements/wizard/ActionWizardPage.ts similarity index 100% rename from web/packages/web/src/elements/wizard/ActionWizardPage.ts rename to web/packages/monolith/src/elements/wizard/ActionWizardPage.ts diff --git a/web/packages/web/src/elements/wizard/FormWizardPage.ts b/web/packages/monolith/src/elements/wizard/FormWizardPage.ts similarity index 100% rename from web/packages/web/src/elements/wizard/FormWizardPage.ts rename to web/packages/monolith/src/elements/wizard/FormWizardPage.ts diff --git a/web/packages/web/src/elements/wizard/Wizard.ts b/web/packages/monolith/src/elements/wizard/Wizard.ts similarity index 100% rename from web/packages/web/src/elements/wizard/Wizard.ts rename to web/packages/monolith/src/elements/wizard/Wizard.ts diff --git a/web/packages/web/src/elements/wizard/WizardFormPage.ts b/web/packages/monolith/src/elements/wizard/WizardFormPage.ts similarity index 100% rename from web/packages/web/src/elements/wizard/WizardFormPage.ts rename to web/packages/monolith/src/elements/wizard/WizardFormPage.ts diff --git a/web/packages/web/src/elements/wizard/WizardPage.ts b/web/packages/monolith/src/elements/wizard/WizardPage.ts similarity index 100% rename from web/packages/web/src/elements/wizard/WizardPage.ts rename to web/packages/monolith/src/elements/wizard/WizardPage.ts diff --git a/web/packages/web/src/flow/FlowExecutor.ts b/web/packages/monolith/src/flow/FlowExecutor.ts similarity index 100% rename from web/packages/web/src/flow/FlowExecutor.ts rename to web/packages/monolith/src/flow/FlowExecutor.ts diff --git a/web/packages/web/src/flow/FlowInspector.ts b/web/packages/monolith/src/flow/FlowInspector.ts similarity index 100% rename from web/packages/web/src/flow/FlowInspector.ts rename to web/packages/monolith/src/flow/FlowInspector.ts diff --git a/web/packages/web/src/flow/FlowInterface.ts b/web/packages/monolith/src/flow/FlowInterface.ts similarity index 100% rename from web/packages/web/src/flow/FlowInterface.ts rename to web/packages/monolith/src/flow/FlowInterface.ts diff --git a/web/packages/web/src/flow/FormStatic.ts b/web/packages/monolith/src/flow/FormStatic.ts similarity index 100% rename from web/packages/web/src/flow/FormStatic.ts rename to web/packages/monolith/src/flow/FormStatic.ts diff --git a/web/packages/web/src/flow/providers/oauth2/DeviceCode.ts b/web/packages/monolith/src/flow/providers/oauth2/DeviceCode.ts similarity index 100% rename from web/packages/web/src/flow/providers/oauth2/DeviceCode.ts rename to web/packages/monolith/src/flow/providers/oauth2/DeviceCode.ts diff --git a/web/packages/web/src/flow/providers/oauth2/DeviceCodeFinish.ts b/web/packages/monolith/src/flow/providers/oauth2/DeviceCodeFinish.ts similarity index 100% rename from web/packages/web/src/flow/providers/oauth2/DeviceCodeFinish.ts rename to web/packages/monolith/src/flow/providers/oauth2/DeviceCodeFinish.ts diff --git a/web/packages/web/src/flow/sources/apple/AppleLoginInit.ts b/web/packages/monolith/src/flow/sources/apple/AppleLoginInit.ts similarity index 100% rename from web/packages/web/src/flow/sources/apple/AppleLoginInit.ts rename to web/packages/monolith/src/flow/sources/apple/AppleLoginInit.ts diff --git a/web/packages/web/src/flow/sources/apple/apple.d.ts b/web/packages/monolith/src/flow/sources/apple/apple.d.ts similarity index 100% rename from web/packages/web/src/flow/sources/apple/apple.d.ts rename to web/packages/monolith/src/flow/sources/apple/apple.d.ts diff --git a/web/packages/web/src/flow/sources/plex/PlexLoginInit.ts b/web/packages/monolith/src/flow/sources/plex/PlexLoginInit.ts similarity index 100% rename from web/packages/web/src/flow/sources/plex/PlexLoginInit.ts rename to web/packages/monolith/src/flow/sources/plex/PlexLoginInit.ts diff --git a/web/packages/web/src/flow/stages/FlowErrorStage.ts b/web/packages/monolith/src/flow/stages/FlowErrorStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/FlowErrorStage.ts rename to web/packages/monolith/src/flow/stages/FlowErrorStage.ts diff --git a/web/packages/web/src/flow/stages/RedirectStage.ts b/web/packages/monolith/src/flow/stages/RedirectStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/RedirectStage.ts rename to web/packages/monolith/src/flow/stages/RedirectStage.ts diff --git a/web/packages/web/src/flow/stages/access_denied/AccessDeniedStage.stories.ts b/web/packages/monolith/src/flow/stages/access_denied/AccessDeniedStage.stories.ts similarity index 100% rename from web/packages/web/src/flow/stages/access_denied/AccessDeniedStage.stories.ts rename to web/packages/monolith/src/flow/stages/access_denied/AccessDeniedStage.stories.ts diff --git a/web/packages/web/src/flow/stages/access_denied/AccessDeniedStage.ts b/web/packages/monolith/src/flow/stages/access_denied/AccessDeniedStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/access_denied/AccessDeniedStage.ts rename to web/packages/monolith/src/flow/stages/access_denied/AccessDeniedStage.ts diff --git a/web/packages/web/src/flow/stages/authenticator_duo/AuthenticatorDuoStage.ts b/web/packages/monolith/src/flow/stages/authenticator_duo/AuthenticatorDuoStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_duo/AuthenticatorDuoStage.ts rename to web/packages/monolith/src/flow/stages/authenticator_duo/AuthenticatorDuoStage.ts diff --git a/web/packages/web/src/flow/stages/authenticator_sms/AuthenticatorSMSStage.ts b/web/packages/monolith/src/flow/stages/authenticator_sms/AuthenticatorSMSStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_sms/AuthenticatorSMSStage.ts rename to web/packages/monolith/src/flow/stages/authenticator_sms/AuthenticatorSMSStage.ts diff --git a/web/packages/web/src/flow/stages/authenticator_static/AuthenticatorStaticStage.ts b/web/packages/monolith/src/flow/stages/authenticator_static/AuthenticatorStaticStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_static/AuthenticatorStaticStage.ts rename to web/packages/monolith/src/flow/stages/authenticator_static/AuthenticatorStaticStage.ts diff --git a/web/packages/web/src/flow/stages/authenticator_totp/AuthenticatorTOTPStage.ts b/web/packages/monolith/src/flow/stages/authenticator_totp/AuthenticatorTOTPStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_totp/AuthenticatorTOTPStage.ts rename to web/packages/monolith/src/flow/stages/authenticator_totp/AuthenticatorTOTPStage.ts diff --git a/web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts b/web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts rename to web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStage.ts diff --git a/web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStageCode.ts b/web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStageCode.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStageCode.ts rename to web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStageCode.ts diff --git a/web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStageDuo.ts b/web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStageDuo.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStageDuo.ts rename to web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStageDuo.ts diff --git a/web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStageWebAuthn.ts b/web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStageWebAuthn.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_validate/AuthenticatorValidateStageWebAuthn.ts rename to web/packages/monolith/src/flow/stages/authenticator_validate/AuthenticatorValidateStageWebAuthn.ts diff --git a/web/packages/web/src/flow/stages/authenticator_webauthn/WebAuthnAuthenticatorRegisterStage.ts b/web/packages/monolith/src/flow/stages/authenticator_webauthn/WebAuthnAuthenticatorRegisterStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/authenticator_webauthn/WebAuthnAuthenticatorRegisterStage.ts rename to web/packages/monolith/src/flow/stages/authenticator_webauthn/WebAuthnAuthenticatorRegisterStage.ts diff --git a/web/packages/web/src/flow/stages/autosubmit/AutosubmitStage.ts b/web/packages/monolith/src/flow/stages/autosubmit/AutosubmitStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/autosubmit/AutosubmitStage.ts rename to web/packages/monolith/src/flow/stages/autosubmit/AutosubmitStage.ts diff --git a/web/packages/web/src/flow/stages/base.ts b/web/packages/monolith/src/flow/stages/base.ts similarity index 100% rename from web/packages/web/src/flow/stages/base.ts rename to web/packages/monolith/src/flow/stages/base.ts diff --git a/web/packages/web/src/flow/stages/captcha/CaptchaStage.ts b/web/packages/monolith/src/flow/stages/captcha/CaptchaStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/captcha/CaptchaStage.ts rename to web/packages/monolith/src/flow/stages/captcha/CaptchaStage.ts diff --git a/web/packages/web/src/flow/stages/consent/ConsentStage.ts b/web/packages/monolith/src/flow/stages/consent/ConsentStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/consent/ConsentStage.ts rename to web/packages/monolith/src/flow/stages/consent/ConsentStage.ts diff --git a/web/packages/web/src/flow/stages/dummy/DummyStage.ts b/web/packages/monolith/src/flow/stages/dummy/DummyStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/dummy/DummyStage.ts rename to web/packages/monolith/src/flow/stages/dummy/DummyStage.ts diff --git a/web/packages/web/src/flow/stages/email/EmailStage.ts b/web/packages/monolith/src/flow/stages/email/EmailStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/email/EmailStage.ts rename to web/packages/monolith/src/flow/stages/email/EmailStage.ts diff --git a/web/packages/web/src/flow/stages/identification/IdentificationStage.ts b/web/packages/monolith/src/flow/stages/identification/IdentificationStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/identification/IdentificationStage.ts rename to web/packages/monolith/src/flow/stages/identification/IdentificationStage.ts diff --git a/web/packages/web/src/flow/stages/password/PasswordStage.ts b/web/packages/monolith/src/flow/stages/password/PasswordStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/password/PasswordStage.ts rename to web/packages/monolith/src/flow/stages/password/PasswordStage.ts diff --git a/web/packages/web/src/flow/stages/prompt/PromptStage.ts b/web/packages/monolith/src/flow/stages/prompt/PromptStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/prompt/PromptStage.ts rename to web/packages/monolith/src/flow/stages/prompt/PromptStage.ts diff --git a/web/packages/web/src/flow/stages/user_login/UserLoginStage.ts b/web/packages/monolith/src/flow/stages/user_login/UserLoginStage.ts similarity index 100% rename from web/packages/web/src/flow/stages/user_login/UserLoginStage.ts rename to web/packages/monolith/src/flow/stages/user_login/UserLoginStage.ts diff --git a/web/packages/web/src/global.d.ts b/web/packages/monolith/src/global.d.ts similarity index 100% rename from web/packages/web/src/global.d.ts rename to web/packages/monolith/src/global.d.ts diff --git a/web/packages/web/src/locale-codes.ts b/web/packages/monolith/src/locale-codes.ts similarity index 100% rename from web/packages/web/src/locale-codes.ts rename to web/packages/monolith/src/locale-codes.ts diff --git a/web/packages/web/src/locales/.gitignore b/web/packages/monolith/src/locales/.gitignore similarity index 100% rename from web/packages/web/src/locales/.gitignore rename to web/packages/monolith/src/locales/.gitignore diff --git a/web/packages/web/src/polyfill/poly.ts b/web/packages/monolith/src/polyfill/poly.ts similarity index 100% rename from web/packages/web/src/polyfill/poly.ts rename to web/packages/monolith/src/polyfill/poly.ts diff --git a/web/packages/web/src/standalone/api-browser/index.ts b/web/packages/monolith/src/standalone/api-browser/index.ts similarity index 100% rename from web/packages/web/src/standalone/api-browser/index.ts rename to web/packages/monolith/src/standalone/api-browser/index.ts diff --git a/web/packages/web/src/standalone/loading/index.ts b/web/packages/monolith/src/standalone/loading/index.ts similarity index 100% rename from web/packages/web/src/standalone/loading/index.ts rename to web/packages/monolith/src/standalone/loading/index.ts diff --git a/web/packages/web/src/stories/flow-interface.ts b/web/packages/monolith/src/stories/flow-interface.ts similarity index 100% rename from web/packages/web/src/stories/flow-interface.ts rename to web/packages/monolith/src/stories/flow-interface.ts diff --git a/web/packages/web/src/stories/interface.ts b/web/packages/monolith/src/stories/interface.ts similarity index 100% rename from web/packages/web/src/stories/interface.ts rename to web/packages/monolith/src/stories/interface.ts diff --git a/web/packages/web/src/user/LibraryApplication/index.ts b/web/packages/monolith/src/user/LibraryApplication/index.ts similarity index 100% rename from web/packages/web/src/user/LibraryApplication/index.ts rename to web/packages/monolith/src/user/LibraryApplication/index.ts diff --git a/web/packages/web/src/user/LibraryPage/ApplicationEmptyState.stories.ts b/web/packages/monolith/src/user/LibraryPage/ApplicationEmptyState.stories.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/ApplicationEmptyState.stories.ts rename to web/packages/monolith/src/user/LibraryPage/ApplicationEmptyState.stories.ts diff --git a/web/packages/web/src/user/LibraryPage/ApplicationEmptyState.ts b/web/packages/monolith/src/user/LibraryPage/ApplicationEmptyState.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/ApplicationEmptyState.ts rename to web/packages/monolith/src/user/LibraryPage/ApplicationEmptyState.ts diff --git a/web/packages/web/src/user/LibraryPage/ApplicationList.ts b/web/packages/monolith/src/user/LibraryPage/ApplicationList.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/ApplicationList.ts rename to web/packages/monolith/src/user/LibraryPage/ApplicationList.ts diff --git a/web/packages/web/src/user/LibraryPage/ApplicationSearch.ts b/web/packages/monolith/src/user/LibraryPage/ApplicationSearch.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/ApplicationSearch.ts rename to web/packages/monolith/src/user/LibraryPage/ApplicationSearch.ts diff --git a/web/packages/web/src/user/LibraryPage/LibraryPage.ts b/web/packages/monolith/src/user/LibraryPage/LibraryPage.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/LibraryPage.ts rename to web/packages/monolith/src/user/LibraryPage/LibraryPage.ts diff --git a/web/packages/web/src/user/LibraryPage/LibraryPageImpl.css.ts b/web/packages/monolith/src/user/LibraryPage/LibraryPageImpl.css.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/LibraryPageImpl.css.ts rename to web/packages/monolith/src/user/LibraryPage/LibraryPageImpl.css.ts diff --git a/web/packages/web/src/user/LibraryPage/LibraryPageImpl.ts b/web/packages/monolith/src/user/LibraryPage/LibraryPageImpl.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/LibraryPageImpl.ts rename to web/packages/monolith/src/user/LibraryPage/LibraryPageImpl.ts diff --git a/web/packages/web/src/user/LibraryPage/LibraryPageImpl.utils.ts b/web/packages/monolith/src/user/LibraryPage/LibraryPageImpl.utils.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/LibraryPageImpl.utils.ts rename to web/packages/monolith/src/user/LibraryPage/LibraryPageImpl.utils.ts diff --git a/web/packages/web/src/user/LibraryPage/constants.ts b/web/packages/monolith/src/user/LibraryPage/constants.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/constants.ts rename to web/packages/monolith/src/user/LibraryPage/constants.ts diff --git a/web/packages/web/src/user/LibraryPage/helpers.ts b/web/packages/monolith/src/user/LibraryPage/helpers.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/helpers.ts rename to web/packages/monolith/src/user/LibraryPage/helpers.ts diff --git a/web/packages/web/src/user/LibraryPage/types.ts b/web/packages/monolith/src/user/LibraryPage/types.ts similarity index 100% rename from web/packages/web/src/user/LibraryPage/types.ts rename to web/packages/monolith/src/user/LibraryPage/types.ts diff --git a/web/packages/web/src/user/Routes.ts b/web/packages/monolith/src/user/Routes.ts similarity index 100% rename from web/packages/web/src/user/Routes.ts rename to web/packages/monolith/src/user/Routes.ts diff --git a/web/packages/web/src/user/UserInterface.ts b/web/packages/monolith/src/user/UserInterface.ts similarity index 100% rename from web/packages/web/src/user/UserInterface.ts rename to web/packages/monolith/src/user/UserInterface.ts diff --git a/web/packages/web/src/user/user-settings/BaseUserSettings.ts b/web/packages/monolith/src/user/user-settings/BaseUserSettings.ts similarity index 100% rename from web/packages/web/src/user/user-settings/BaseUserSettings.ts rename to web/packages/monolith/src/user/user-settings/BaseUserSettings.ts diff --git a/web/packages/web/src/user/user-settings/UserSettingsPage.ts b/web/packages/monolith/src/user/user-settings/UserSettingsPage.ts similarity index 100% rename from web/packages/web/src/user/user-settings/UserSettingsPage.ts rename to web/packages/monolith/src/user/user-settings/UserSettingsPage.ts diff --git a/web/packages/web/src/user/user-settings/details/UserPassword.ts b/web/packages/monolith/src/user/user-settings/details/UserPassword.ts similarity index 100% rename from web/packages/web/src/user/user-settings/details/UserPassword.ts rename to web/packages/monolith/src/user/user-settings/details/UserPassword.ts diff --git a/web/packages/web/src/user/user-settings/details/UserSettingsFlowExecutor.ts b/web/packages/monolith/src/user/user-settings/details/UserSettingsFlowExecutor.ts similarity index 100% rename from web/packages/web/src/user/user-settings/details/UserSettingsFlowExecutor.ts rename to web/packages/monolith/src/user/user-settings/details/UserSettingsFlowExecutor.ts diff --git a/web/packages/web/src/user/user-settings/details/stages/prompt/PromptStage.ts b/web/packages/monolith/src/user/user-settings/details/stages/prompt/PromptStage.ts similarity index 100% rename from web/packages/web/src/user/user-settings/details/stages/prompt/PromptStage.ts rename to web/packages/monolith/src/user/user-settings/details/stages/prompt/PromptStage.ts diff --git a/web/packages/web/src/user/user-settings/mfa/MFADeviceForm.ts b/web/packages/monolith/src/user/user-settings/mfa/MFADeviceForm.ts similarity index 100% rename from web/packages/web/src/user/user-settings/mfa/MFADeviceForm.ts rename to web/packages/monolith/src/user/user-settings/mfa/MFADeviceForm.ts diff --git a/web/packages/web/src/user/user-settings/mfa/MFADevicesPage.ts b/web/packages/monolith/src/user/user-settings/mfa/MFADevicesPage.ts similarity index 100% rename from web/packages/web/src/user/user-settings/mfa/MFADevicesPage.ts rename to web/packages/monolith/src/user/user-settings/mfa/MFADevicesPage.ts diff --git a/web/packages/web/src/user/user-settings/sources/SourceSettings.ts b/web/packages/monolith/src/user/user-settings/sources/SourceSettings.ts similarity index 100% rename from web/packages/web/src/user/user-settings/sources/SourceSettings.ts rename to web/packages/monolith/src/user/user-settings/sources/SourceSettings.ts diff --git a/web/packages/web/src/user/user-settings/sources/SourceSettingsOAuth.ts b/web/packages/monolith/src/user/user-settings/sources/SourceSettingsOAuth.ts similarity index 100% rename from web/packages/web/src/user/user-settings/sources/SourceSettingsOAuth.ts rename to web/packages/monolith/src/user/user-settings/sources/SourceSettingsOAuth.ts diff --git a/web/packages/web/src/user/user-settings/sources/SourceSettingsPlex.ts b/web/packages/monolith/src/user/user-settings/sources/SourceSettingsPlex.ts similarity index 100% rename from web/packages/web/src/user/user-settings/sources/SourceSettingsPlex.ts rename to web/packages/monolith/src/user/user-settings/sources/SourceSettingsPlex.ts diff --git a/web/packages/web/src/user/user-settings/sources/SourceSettingsSAML.ts b/web/packages/monolith/src/user/user-settings/sources/SourceSettingsSAML.ts similarity index 100% rename from web/packages/web/src/user/user-settings/sources/SourceSettingsSAML.ts rename to web/packages/monolith/src/user/user-settings/sources/SourceSettingsSAML.ts diff --git a/web/packages/web/src/user/user-settings/tokens/UserTokenForm.ts b/web/packages/monolith/src/user/user-settings/tokens/UserTokenForm.ts similarity index 100% rename from web/packages/web/src/user/user-settings/tokens/UserTokenForm.ts rename to web/packages/monolith/src/user/user-settings/tokens/UserTokenForm.ts diff --git a/web/packages/web/src/user/user-settings/tokens/UserTokenList.ts b/web/packages/monolith/src/user/user-settings/tokens/UserTokenList.ts similarity index 100% rename from web/packages/web/src/user/user-settings/tokens/UserTokenList.ts rename to web/packages/monolith/src/user/user-settings/tokens/UserTokenList.ts diff --git a/web/packages/web/tsconfig.json b/web/packages/monolith/tsconfig.json similarity index 100% rename from web/packages/web/tsconfig.json rename to web/packages/monolith/tsconfig.json diff --git a/web/packages/web/web-test-runner.config.mjs b/web/packages/monolith/web-test-runner.config.mjs similarity index 100% rename from web/packages/web/web-test-runner.config.mjs rename to web/packages/monolith/web-test-runner.config.mjs diff --git a/web/packages/web/xliff/de.xlf b/web/packages/monolith/xliff/de.xlf similarity index 99% rename from web/packages/web/xliff/de.xlf rename to web/packages/monolith/xliff/de.xlf index 1ec9b824e..ecca1e27a 100644 --- a/web/packages/web/xliff/de.xlf +++ b/web/packages/monolith/xliff/de.xlf @@ -1688,9 +1688,6 @@ Update SCIM Provider - - Sync not run yet. - Run sync again Synchronisation erneut ausführen diff --git a/web/packages/web/xliff/en.xlf b/web/packages/monolith/xliff/en.xlf similarity index 99% rename from web/packages/web/xliff/en.xlf rename to web/packages/monolith/xliff/en.xlf index b4b3a8cc6..d1b74c6ca 100644 --- a/web/packages/web/xliff/en.xlf +++ b/web/packages/monolith/xliff/en.xlf @@ -1779,10 +1779,6 @@ Update SCIM Provider Update SCIM Provider - - Sync not run yet. - Sync not run yet. - Run sync again Run sync again diff --git a/web/packages/web/xliff/es.xlf b/web/packages/monolith/xliff/es.xlf similarity index 99% rename from web/packages/web/xliff/es.xlf rename to web/packages/monolith/xliff/es.xlf index 2cb702cfb..c9555c8f4 100644 --- a/web/packages/web/xliff/es.xlf +++ b/web/packages/monolith/xliff/es.xlf @@ -1660,9 +1660,6 @@ Update SCIM Provider - - Sync not run yet. - Run sync again Vuelve a ejecutar la sincronización diff --git a/web/packages/web/xliff/fr.xlf b/web/packages/monolith/xliff/fr.xlf similarity index 98% rename from web/packages/web/xliff/fr.xlf rename to web/packages/monolith/xliff/fr.xlf index 4db6af5d2..aed3495db 100644 --- a/web/packages/web/xliff/fr.xlf +++ b/web/packages/monolith/xliff/fr.xlf @@ -1,4 +1,4 @@ - + @@ -613,9 +613,9 @@ Il y a jour(s) - The URL "" was not found. - L'URL " - " n'a pas été trouvée. + The URL "" was not found. + L'URL " + " n'a pas été trouvée. @@ -1057,8 +1057,8 @@ Il y a jour(s) - To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. - Pour permettre n'importe quelle URI de redirection, définissez cette valeur sur ".*". Soyez conscient des possibles implications de sécurité que cela peut avoir. + To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. + Pour permettre n'importe quelle URI de redirection, définissez cette valeur sur ".*". Soyez conscient des possibles implications de sécurité que cela peut avoir. @@ -1630,7 +1630,7 @@ Il y a jour(s) Token to authenticate with. Currently only bearer authentication is supported. - Jeton d'authentification à utiliser. Actuellement, seule l'authentification "bearer authentication" est prise en charge. + Jeton d'authentification à utiliser. Actuellement, seule l'authentification "bearer authentication" est prise en charge. @@ -1798,8 +1798,8 @@ Il y a jour(s) - Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". - Entrez une URL complète, un chemin relatif ou utilisez 'fa://fa-test' pour utiliser l'icône Font Awesome "fa-test". + Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". + Entrez une URL complète, un chemin relatif ou utilisez 'fa://fa-test' pour utiliser l'icône Font Awesome "fa-test". @@ -2216,11 +2216,6 @@ Il y a jour(s) Update SCIM Provider Mettre à jour le fournisseur SCIM - - - Sync not run yet. - La synchronisation n'a pas encore été lancée. - Run sync again @@ -2897,7 +2892,7 @@ doesn't pass when either or both of the selected options are equal or above the To use SSL instead, use 'ldaps://' and disable this option. - Pour utiliser SSL à la base, utilisez "ldaps://" et désactviez cette option. + Pour utiliser SSL à la base, utilisez "ldaps://" et désactviez cette option. @@ -2986,8 +2981,8 @@ doesn't pass when either or both of the selected options are equal or above the - Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' - Champ qui contient les membres d'un groupe. Si vous utilisez le champ "memberUid", la valeur est censée contenir un nom distinctif relatif, par exemple 'memberUid=un-utilisateur' au lieu de 'memberUid=cn=un-utilisateur,ou=groups,...' + Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' + Champ qui contient les membres d'un groupe. Si vous utilisez le champ "memberUid", la valeur est censée contenir un nom distinctif relatif, par exemple 'memberUid=un-utilisateur' au lieu de 'memberUid=cn=un-utilisateur,ou=groups,...' @@ -3282,7 +3277,7 @@ doesn't pass when either or both of the selected options are equal or above the Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. - Moment où les utilisateurs temporaires doivent être supprimés. Cela ne s'applique que si votre IDP utilise le format NameID "transient" et que l'utilisateur ne se déconnecte pas manuellement. + Moment où les utilisateurs temporaires doivent être supprimés. Cela ne s'applique que si votre IDP utilise le format NameID "transient" et que l'utilisateur ne se déconnecte pas manuellement. @@ -3450,7 +3445,7 @@ doesn't pass when either or both of the selected options are equal or above the Optionally set the 'FriendlyName' value of the Assertion attribute. - Indiquer la valeur "FriendlyName" de l'attribut d'assertion (optionnel) + Indiquer la valeur "FriendlyName" de l'attribut d'assertion (optionnel) @@ -3779,8 +3774,8 @@ doesn't pass when either or both of the selected options are equal or above the - When using an external logging solution for archiving, this can be set to "minutes=5". - En cas d'utilisation d'une solution de journalisation externe pour l'archivage, cette valeur peut être fixée à "minutes=5". + When using an external logging solution for archiving, this can be set to "minutes=5". + En cas d'utilisation d'une solution de journalisation externe pour l'archivage, cette valeur peut être fixée à "minutes=5". @@ -3789,8 +3784,8 @@ doesn't pass when either or both of the selected options are equal or above the - Format: "weeks=3;days=2;hours=3,seconds=2". - Format : "weeks=3;days=2;hours=3,seconds=2". + Format: "weeks=3;days=2;hours=3,seconds=2". + Format : "weeks=3;days=2;hours=3,seconds=2". @@ -3986,10 +3981,10 @@ doesn't pass when either or both of the selected options are equal or above the - Are you sure you want to update ""? + Are you sure you want to update ""? Êtes-vous sûr de vouloir mettre à jour - " - " ? + " + " ? @@ -5075,8 +5070,8 @@ doesn't pass when either or both of the selected options are equal or above the - A "roaming" authenticator, like a YubiKey - Un authentificateur "itinérant", comme une YubiKey + A "roaming" authenticator, like a YubiKey + Un authentificateur "itinérant", comme une YubiKey @@ -5401,7 +5396,7 @@ doesn't pass when either or both of the selected options are equal or above the Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable. - Afficher des champs de saisie arbitraires à l'utilisateur, par exemple pendant l'inscription. Les données sont enregistrées dans le contexte du flux sous la variable "prompt_data". + Afficher des champs de saisie arbitraires à l'utilisateur, par exemple pendant l'inscription. Les données sont enregistrées dans le contexte du flux sous la variable "prompt_data". @@ -5410,10 +5405,10 @@ doesn't pass when either or both of the selected options are equal or above the - ("", of type ) + ("", of type ) - (" - ", de type + (" + ", de type ) @@ -5462,8 +5457,8 @@ doesn't pass when either or both of the selected options are equal or above the - If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. - Si défini à une durée supérieure à 0, l'utilisateur aura la possibilité de choisir de "rester connecté", ce qui prolongera sa session jusqu'à la durée spécifiée ici. + If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. + Si défini à une durée supérieure à 0, l'utilisateur aura la possibilité de choisir de "rester connecté", ce qui prolongera sa session jusqu'à la durée spécifiée ici. @@ -6247,7 +6242,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system. - Peut être au format "unix://" pour une connexion à un service docker local, "ssh://" pour une connexion via SSH, ou "https://:2376" pour une connexion à un système distant. + Peut être au format "unix://" pour une connexion à un service docker local, "ssh://" pour une connexion via SSH, ou "https://:2376" pour une connexion à un système distant. @@ -7554,7 +7549,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Use this provider with nginx's auth_request or traefik's forwardAuth. Each application/domain needs its own provider. Additionally, on each domain, /outpost.goauthentik.io must be routed to the outpost (when using a managed outpost, this is done for you). - Utilisez ce fournisseur avec l'option "auth_request" de Nginx ou "forwardAuth" de Traefik. Chaque application/domaine a besoin de son propre fournisseur. De plus, sur chaque domaine, "/outpost.goauthentik.io" doit être routé vers le poste avancé (lorsque vous utilisez un poste avancé géré, cela est fait pour vous). + Utilisez ce fournisseur avec l'option "auth_request" de Nginx ou "forwardAuth" de Traefik. Chaque application/domaine a besoin de son propre fournisseur. De plus, sur chaque domaine, "/outpost.goauthentik.io" doit être routé vers le poste avancé (lorsque vous utilisez un poste avancé géré, cela est fait pour vous). Default relay state @@ -7968,7 +7963,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Utilisateur créé et ajouté au groupe avec succès - This user will be added to the group "". + This user will be added to the group "". Cet utilisateur sera ajouté au groupe &quot;&quot;. @@ -8045,7 +8040,8 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Require Outpost (flow can only be executed from an outpost). + Forcer l'utilisation d'un avant-poste (le flux ne pourrait être exécuter que depuis un outpost). - + \ No newline at end of file diff --git a/web/packages/web/xliff/nl.xlf b/web/packages/monolith/xliff/nl.xlf similarity index 100% rename from web/packages/web/xliff/nl.xlf rename to web/packages/monolith/xliff/nl.xlf diff --git a/web/packages/web/xliff/pl.xlf b/web/packages/monolith/xliff/pl.xlf similarity index 99% rename from web/packages/web/xliff/pl.xlf rename to web/packages/monolith/xliff/pl.xlf index 91a4176a4..30122175c 100644 --- a/web/packages/web/xliff/pl.xlf +++ b/web/packages/monolith/xliff/pl.xlf @@ -1714,9 +1714,6 @@ Update SCIM Provider - - Sync not run yet. - Run sync again Uruchom ponownie synchronizację diff --git a/web/packages/web/xliff/pseudo-LOCALE.xlf b/web/packages/monolith/xliff/pseudo-LOCALE.xlf similarity index 99% rename from web/packages/web/xliff/pseudo-LOCALE.xlf rename to web/packages/monolith/xliff/pseudo-LOCALE.xlf index 0d46ed8f2..b0a90753b 100644 --- a/web/packages/web/xliff/pseudo-LOCALE.xlf +++ b/web/packages/monolith/xliff/pseudo-LOCALE.xlf @@ -2196,11 +2196,6 @@ Update SCIM Provider Ũƥďàţē ŚĆĨM Ƥŕōvĩďēŕ - - - Sync not run yet. - Śŷńć ńōţ ŕũń ŷēţ. - Run sync again diff --git a/web/packages/web/xliff/tr.xlf b/web/packages/monolith/xliff/tr.xlf similarity index 99% rename from web/packages/web/xliff/tr.xlf rename to web/packages/monolith/xliff/tr.xlf index 349ce54da..8fd82c0af 100644 --- a/web/packages/web/xliff/tr.xlf +++ b/web/packages/monolith/xliff/tr.xlf @@ -1659,9 +1659,6 @@ Update SCIM Provider - - Sync not run yet. - Run sync again Eşzamanlamayı tekrar çalıştır diff --git a/web/packages/web/xliff/zh-Hans.xlf b/web/packages/monolith/xliff/zh-Hans.xlf similarity index 99% rename from web/packages/web/xliff/zh-Hans.xlf rename to web/packages/monolith/xliff/zh-Hans.xlf index 1f19faa2b..b42eb97a3 100644 --- a/web/packages/web/xliff/zh-Hans.xlf +++ b/web/packages/monolith/xliff/zh-Hans.xlf @@ -2217,11 +2217,6 @@ Update SCIM Provider 更新 SCIM 提供程序 - - - Sync not run yet. - 尚未同步过。 - Run sync again @@ -8047,6 +8042,7 @@ Bindings to groups/users are checked against the user of the event. Require Outpost (flow can only be executed from an outpost). + 需要前哨(流程只能从前哨执行)。 diff --git a/web/packages/web/xliff/zh-Hant.xlf b/web/packages/monolith/xliff/zh-Hant.xlf similarity index 99% rename from web/packages/web/xliff/zh-Hant.xlf rename to web/packages/monolith/xliff/zh-Hant.xlf index 158106a5e..3f8a63a67 100644 --- a/web/packages/web/xliff/zh-Hant.xlf +++ b/web/packages/monolith/xliff/zh-Hant.xlf @@ -1673,9 +1673,6 @@ Update SCIM Provider - - Sync not run yet. - Run sync again 再次运行同步 diff --git a/web/packages/web/xliff/zh_CN.xlf b/web/packages/monolith/xliff/zh_CN.xlf similarity index 99% rename from web/packages/web/xliff/zh_CN.xlf rename to web/packages/monolith/xliff/zh_CN.xlf index 9bf67b95b..15ba558f0 100644 --- a/web/packages/web/xliff/zh_CN.xlf +++ b/web/packages/monolith/xliff/zh_CN.xlf @@ -8044,6 +8044,10 @@ Bindings to groups/users are checked against the user of the event. Event volume 事件容量 + + + Require Outpost (flow can only be executed from an outpost). + 需要前哨(流程只能从前哨执行)。 diff --git a/web/packages/web/xliff/zh_TW.xlf b/web/packages/monolith/xliff/zh_TW.xlf similarity index 99% rename from web/packages/web/xliff/zh_TW.xlf rename to web/packages/monolith/xliff/zh_TW.xlf index c4784c925..aca167263 100644 --- a/web/packages/web/xliff/zh_TW.xlf +++ b/web/packages/monolith/xliff/zh_TW.xlf @@ -2198,11 +2198,6 @@ Update SCIM Provider 更新 SCIM 供應商 - - - Sync not run yet. - 尚未執行同步。 - Run sync again diff --git a/web/packages/web/robots.txt b/web/robots.txt similarity index 100% rename from web/packages/web/robots.txt rename to web/robots.txt diff --git a/web/packages/web/security.txt b/web/security.txt similarity index 100% rename from web/packages/web/security.txt rename to web/security.txt diff --git a/web/packages/web/static.go b/web/static.go similarity index 100% rename from web/packages/web/static.go rename to web/static.go diff --git a/web/packages/web/static_outpost.go b/web/static_outpost.go similarity index 100% rename from web/packages/web/static_outpost.go rename to web/static_outpost.go diff --git a/website/developer-docs/api/browser.mdx b/website/developer-docs/api/browser.mdx index 7aa35b209..4ea697cfe 100644 --- a/website/developer-docs/api/browser.mdx +++ b/website/developer-docs/api/browser.mdx @@ -1,38 +1,9 @@ +--- +hide_table_of_contents: true +--- + # API Browser -import useDocusaurusContext from "@docusaurus/useDocusaurusContext"; -import useBaseUrl from "@docusaurus/useBaseUrl"; -import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly"; -import { useColorMode } from "@docusaurus/theme-common"; - -export function APIBrowser() { - const context = useDocusaurusContext(); - const { siteConfig = {} } = context; - const { colorMode, setColorMode } = useColorMode(); - let bg = "#1b1b1d"; - if (colorMode === "light") { - bg = "#fff"; - } - return ( - - {() => { - import("rapidoc"); - return ( - - ); - }} - - ); -} +import APIBrowser from "../../src/components/APIBrowser"; diff --git a/website/docs/core/geoip.mdx b/website/docs/core/geoip.mdx index b3cedbe47..ff73e7a39 100644 --- a/website/docs/core/geoip.mdx +++ b/website/docs/core/geoip.mdx @@ -27,7 +27,8 @@ import TabItem from "@theme/TabItem"; Add the following block to your `.env` file: ```shell -AUTHENTIK_GEOIP=/tmp/non-existent-file +AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__GEOIP=/tmp/non-existent-file +AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__ASN=/tmp/non-existent-file ``` Afterwards, run the upgrade commands from the latest release notes. @@ -38,7 +39,10 @@ Add the following block to your `values.yml` file: ```yaml authentik: - geoip: /tmp/non-existent-file + events: + context_processors: + geoip: "/tmp/non-existent-file" + asn: "/tmp/non-existent-file" ``` Afterwards, run the upgrade commands from the latest release notes. @@ -74,7 +78,7 @@ services: volumes: - "geoip:/usr/share/GeoIP" environment: - GEOIPUPDATE_EDITION_IDS: "GeoLite2-City" + GEOIPUPDATE_EDITION_IDS: "GeoLite2-City GeoLite2-ASN" GEOIPUPDATE_FREQUENCY: "8" GEOIPUPDATE_ACCOUNT_ID: "*your account ID*" GEOIPUPDATE_LICENSE_KEY: "*your license key*" @@ -94,7 +98,7 @@ geoip: enabled: true accountId: "*your account ID*" licenseKey: "*your license key*" - editionIds: "GeoLite2-City" + editionIds: "GeoLite2-City GeoLite2-ASN" image: maxmindinc/geoipupdate:v4.8 updateInterval: 8 ``` diff --git a/website/docs/flow/stages/email/email_recovery.png b/website/docs/flow/stages/email/email_recovery.png index 1dc5dbbc4..0bc14bafd 100644 Binary files a/website/docs/flow/stages/email/email_recovery.png and b/website/docs/flow/stages/email/email_recovery.png differ diff --git a/website/docs/flow/stages/email/index.mdx b/website/docs/flow/stages/email/index.mdx index 1064d8f13..a7751e295 100644 --- a/website/docs/flow/stages/email/index.mdx +++ b/website/docs/flow/stages/email/index.mdx @@ -25,6 +25,10 @@ return True You can also use custom email templates, to use your own design or layout. +:::info +Starting with authentik 2024.1, it is possible to create `.txt` files with the same name as the `.html` template. If a matching `.txt` file exists, the email sent will be a multipart email with both the text and HTML template. +::: + import Tabs from "@theme/Tabs"; import TabItem from "@theme/TabItem"; @@ -81,13 +85,17 @@ Templates are rendered using Django's templating engine. The following variables - `user`: The pending user object. - `expires`: The timestamp when the token expires. + + ```html -{# This is how you can write comments which aren't rendered. #} {# Extend this -template from the base email template, which includes base layout and CSS. #} {% -extends "email/base.html" %} {# Load the internationalization module to -translate strings, and humanize to show date-time #} {% load i18n %} {% load -humanize %} {# The email/base.html template uses a single "content" block #} {% -block content %} +{# This is how you can write comments which aren't rendered. #} +{# Extend this template from the base email template, which includes base layout and CSS. #} +{% extends "email/base.html" %} +{# Load the internationalization module to translate strings, and humanize to show date-time #} +{% load i18n %} +{% load humanize %} +{# The email/base.html template uses a single "content" block #} +{% block content %} {% blocktrans with username=user.username %} Hi {{ username }}, {% @@ -99,9 +107,9 @@ block content %} @@ -130,8 +138,7 @@ block content %} href="{{ url }}" rel="noopener noreferrer" target="_blank" - >{% trans 'Reset - Password' %}{% trans 'Reset Password' %} @@ -145,9 +152,9 @@ block content %}
- {% blocktrans %} You recently requested to change your - password for you authentik account. Use the button below to - set a new password. {% endblocktrans %} + {% blocktrans %} + You recently requested to change your password for you authentik account. Use the button below to set a new password. + {% endblocktrans %}
- {% blocktrans with expires=expires|naturaltime %} If you did - not request a password change, please ignore this Email. The - link above is valid for {{ expires }}. {% endblocktrans %} + {% blocktrans with expires=expires|naturaltime %} + If you did not request a password change, please ignore this Email. The link above is valid for {{ expires }}. + {% endblocktrans %}
@@ -155,3 +162,5 @@ block content %} {% endblock %} ``` + + diff --git a/website/docs/installation/configuration.mdx b/website/docs/installation/configuration.mdx index 28d8e5f50..6201467f1 100644 --- a/website/docs/installation/configuration.mdx +++ b/website/docs/installation/configuration.mdx @@ -154,9 +154,13 @@ Defaults to `info`. Which domain the session cookie should be set to. By default, the cookie is set to the domain authentik is accessed under. -### `AUTHENTIK_GEOIP` +### `AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__GEOIP` -Path to the GeoIP database. Defaults to `/geoip/GeoLite2-City.mmdb`. If the file is not found, authentik will skip GeoIP support. +Path to the GeoIP City database. Defaults to `/geoip/GeoLite2-City.mmdb`. If the file is not found, authentik will skip GeoIP support. + +### `AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__ASN` + +Path to the GeoIP ASN database. Defaults to `/geoip/GeoLite2-ASN.mmdb`. If the file is not found, authentik will skip GeoIP support. ### `AUTHENTIK_DISABLE_UPDATE_CHECK` diff --git a/website/docs/policies/expression.mdx b/website/docs/policies/expression.mdx index 2200cc96f..aaf850608 100644 --- a/website/docs/policies/expression.mdx +++ b/website/docs/policies/expression.mdx @@ -54,6 +54,11 @@ import Objects from "../expressions/_objects.md"; - `request.context`: A dictionary with dynamic data. This depends on the origin of the execution. - `geoip`: GeoIP object, see [GeoIP](https://geoip2.readthedocs.io/en/latest/#geoip2.models.City) + + ```python + return context["geoip"].country.iso_code == "US" + ``` + - `ak_is_sso_flow`: Boolean which is true if request was initiated by authenticating through an external provider. - `ak_client_ip`: Client's IP Address or 255.255.255.255 if no IP Address could be extracted. Can be [compared](#comparing-ip-addresses), for example diff --git a/website/docs/releases/2023/v2023.10.md b/website/docs/releases/2023/v2023.10.md index a1f74470c..1034d0115 100644 --- a/website/docs/releases/2023/v2023.10.md +++ b/website/docs/releases/2023/v2023.10.md @@ -165,6 +165,22 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10 - stages/email: use uuid for email confirmation token instead of username (cherry-pick #7581) (#7584) - web/admin: fix admins not able to delete MFA devices (#7660) +## Fixed in 2023.10.5 + +- blueprints: improve file change handler (cherry-pick #7813) (#7934) +- events: add better fallback for sanitize_item to ensure everything can be saved as JSON (cherry-pick #7694) (#7937) +- events: fix lint (#7700) +- events: include user agent in events (cherry-pick #7693) (#7938) +- providers/scim: change familyName default (cherry-pick #7904) (#7930) +- root: don't show warning when app has no URLs to import (cherry-pick #7765) (#7935) +- root: Fix cache related image build issues (cherry-pick #7831) (#7932) +- stages/email: improve error handling for incorrect template syntax (cherry-pick #7758) (#7936) +- tests: fix flaky tests (cherry-pick #7676) (#7939) +- web: dark/light theme fixes (#7872) +- web: fix overflow glitch on ak-page-header (cherry-pick #7883) (#7931) +- web/admin: always show oidc well-known URL fields when they're set (#7560) +- web/user: fix search not updating app (cherry-pick #7825) (#7933) + ## API Changes #### What's New diff --git a/website/src/components/APIBrowser/index.tsx b/website/src/components/APIBrowser/index.tsx new file mode 100644 index 000000000..25c43b743 --- /dev/null +++ b/website/src/components/APIBrowser/index.tsx @@ -0,0 +1,40 @@ +import React from "react"; +import useDocusaurusContext from "@docusaurus/useDocusaurusContext"; +import useBaseUrl from "@docusaurus/useBaseUrl"; +import BrowserOnly from "@docusaurus/BrowserOnly"; +import { useColorMode } from "@docusaurus/theme-common"; + +export function APIBrowser() { + const context = useDocusaurusContext(); + const { siteConfig = {} } = context; + const { colorMode, setColorMode } = useColorMode(); + let bg = "#1b1b1d"; + if (colorMode === "light") { + bg = "#fff"; + } + return ( + + {() => { + require("rapidoc"); + return ( + + ); + }} + + ); +} + +export default APIBrowser; diff --git a/website/src/pages/api/index.jsx b/website/src/pages/api/index.jsx index 8e6647dc0..5ba633bdb 100644 --- a/website/src/pages/api/index.jsx +++ b/website/src/pages/api/index.jsx @@ -1,7 +1,7 @@ import React from "react"; import Layout from "@theme/Layout"; import Head from "@docusaurus/Head"; -import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly"; +import BrowserOnly from "@docusaurus/BrowserOnly"; function APIPage() { return ( diff --git a/website/src/pages/api/v3.jsx b/website/src/pages/api/v3.jsx index 7cdd45289..8ea704650 100644 --- a/website/src/pages/api/v3.jsx +++ b/website/src/pages/api/v3.jsx @@ -1,7 +1,7 @@ import React from "react"; import Layout from "@theme/Layout"; import Head from "@docusaurus/Head"; -import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly"; +import BrowserOnly from "@docusaurus/BrowserOnly"; function APIPage() { return ( diff --git a/website/src/pages/index.jsx b/website/src/pages/index.jsx index feea2b292..fcbf951fd 100644 --- a/website/src/pages/index.jsx +++ b/website/src/pages/index.jsx @@ -3,7 +3,7 @@ import clsx from "clsx"; import Layout from "@theme/Layout"; import Link from "@docusaurus/Link"; import Head from "@docusaurus/Head"; -import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly"; +import BrowserOnly from "@docusaurus/BrowserOnly"; import useDocusaurusContext from "@docusaurus/useDocusaurusContext"; import useBaseUrl from "@docusaurus/useBaseUrl"; import styles from "./styles.module.css"; diff --git a/website/src/pages/terraform-provider.jsx b/website/src/pages/terraform-provider.jsx index 47bfa52f1..e930a8a56 100644 --- a/website/src/pages/terraform-provider.jsx +++ b/website/src/pages/terraform-provider.jsx @@ -1,7 +1,7 @@ import React from "react"; import Layout from "@theme/Layout"; import Head from "@docusaurus/Head"; -import BrowserOnly from "@docusaurus/core/lib/client/exports/BrowserOnly"; +import BrowserOnly from "@docusaurus/BrowserOnly"; function TerraformProviderPage() { return (