918355e1c9
release: 2023.4.3
2023-07-06 18:15:11 +02:00
c07a48a3ec
security: fix CVE-2023-36456
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# website/sidebars.js
2023-07-06 18:13:19 +02:00
e1bae1240f
release: 2023.4.2
2023-06-22 22:21:53 +02:00
37bd62d291
ci: replace github bot account with github app ( #5819 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:21:48 +02:00
ac63db0136
bump web api client
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 21:27:30 +02:00
5cdf3a09a9
ATH-01-012: escape quotation marks
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:45:47 +02:00
3e17adf33f
ATH-01-014: save authenticator validation state in flow context
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:45:47 +02:00
8392916c84
ATH-01-010: rework
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:45:18 +02:00
7e75a48fd0
ATH-01-009: migrate impersonation to use API
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# authentik/core/urls.py
# web/src/admin/AdminInterface.ts
# web/src/admin/users/RelatedUserList.ts
# web/src/admin/users/UserListPage.ts
# web/src/admin/users/UserViewPage.ts
# web/src/user/UserInterface.ts
2023-06-19 13:45:07 +02:00
d69d84e48c
ATH-01-005: use hmac.compare_digest for secret_key authentication
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:43:09 +02:00
78cc8fa498
ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:43:07 +02:00
0fcdf5e968
ATH-01-004: remove env from admin system endpoint
...
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-19 13:43:03 +02:00
f05997740f
ATH-01-008: fix web forms not submitting correctly when pressing enter
...
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# web/src/admin/applications/ApplicationCheckAccessForm.ts
# web/src/admin/crypto/CertificateGenerateForm.ts
# web/src/admin/flows/FlowImportForm.ts
# web/src/admin/groups/RelatedGroupList.ts
# web/src/admin/policies/PolicyTestForm.ts
# web/src/admin/property-mappings/PropertyMappingTestForm.ts
# web/src/admin/providers/saml/SAMLProviderImportForm.ts
# web/src/admin/users/RelatedUserList.ts
# web/src/admin/users/ServiceAccountForm.ts
# web/src/admin/users/UserPasswordForm.ts
# web/src/admin/users/UserResetEmailForm.ts
2023-06-19 13:42:51 +02:00
1aff300171
ATH-01-010: fix missing user filter for webauthn device
...
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
2023-06-19 13:38:31 +02:00
ffb98eaa75
ATH-01-001: resolve path and check start before loading blueprints
...
This is even less of an issue since 411ef239f6
2023-06-19 13:38:19 +02:00
5c1db432f0
release: 2023.4.1
2023-04-18 10:50:44 +03:00
07fd4daa3e
Merge branch 'main' into version-2023.4
2023-04-17 22:46:09 +03:00
9faad8a055
web: bump @sentry/browser from 7.47.0 to 7.48.0 in /web ( #5268 )
...
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript ) from 7.47.0 to 7.48.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.47.0...7.48.0 )
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:16:44 +02:00
a94392808f
core: bump goauthentik.io/api/v3 from 3.2023031.17 to 3.2023040.1 ( #5269 )
...
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go ) from 3.2023031.17 to 3.2023040.1.
- [Release notes](https://github.com/goauthentik/client-go/releases )
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023031.17...v3.2023040.1 )
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:13:37 +02:00
c4998e7dd4
web: bump @sentry/tracing from 7.47.0 to 7.48.0 in /web ( #5266 )
...
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript ) from 7.47.0 to 7.48.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.47.0...7.48.0 )
---
updated-dependencies:
- dependency-name: "@sentry/tracing"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:12:32 +02:00
1ab587d80e
website: bump react-before-after-slider-component from 1.1.6 to 1.1.8 in /website ( #5267 )
...
website: bump react-before-after-slider-component in /website
Bumps [react-before-after-slider-component](https://github.com/smeleshkin/react-before-after-slider-component ) from 1.1.6 to 1.1.8.
- [Release notes](https://github.com/smeleshkin/react-before-after-slider-component/releases )
- [Commits](https://github.com/smeleshkin/react-before-after-slider-component/compare/v.1.1.6...v.1.1.8 )
---
updated-dependencies:
- dependency-name: react-before-after-slider-component
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:12:11 +02:00
5715ffd845
website: bump postcss from 8.4.21 to 8.4.22 in /website ( #5265 )
...
Bumps [postcss](https://github.com/postcss/postcss ) from 8.4.21 to 8.4.22.
- [Release notes](https://github.com/postcss/postcss/releases )
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md )
- [Commits](https://github.com/postcss/postcss/compare/8.4.21...8.4.22 )
---
updated-dependencies:
- dependency-name: postcss
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:11:53 +02:00
8c3834e6b2
core: bump pytest from 7.3.0 to 7.3.1 ( #5270 )
...
Bumps [pytest](https://github.com/pytest-dev/pytest ) from 7.3.0 to 7.3.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases )
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pytest-dev/pytest/compare/7.3.0...7.3.1 )
---
updated-dependencies:
- dependency-name: pytest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:11:29 +02:00
f841586153
core: bump importlib-metadata from 6.3.0 to 6.4.1 ( #5271 )
...
Bumps [importlib-metadata](https://github.com/python/importlib_metadata ) from 6.3.0 to 6.4.1.
- [Release notes](https://github.com/python/importlib_metadata/releases )
- [Changelog](https://github.com/python/importlib_metadata/blob/main/CHANGES.rst )
- [Commits](https://github.com/python/importlib_metadata/compare/v6.3.0...v6.4.1 )
---
updated-dependencies:
- dependency-name: importlib-metadata
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:11:11 +02:00
b8b681250f
core: bump drf-spectacular from 0.26.1 to 0.26.2 ( #5272 )
...
Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular ) from 0.26.1 to 0.26.2.
- [Release notes](https://github.com/tfranzel/drf-spectacular/releases )
- [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst )
- [Commits](https://github.com/tfranzel/drf-spectacular/compare/0.26.1...0.26.2 )
---
updated-dependencies:
- dependency-name: drf-spectacular
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-17 10:09:08 +02:00
3ab9ee5acc
website/docs: separate docker steps ( #5246 )
...
* separated steps for macs
* fixed formatting
* fixed formatting harder
* two passwords
* tweaks
* separated error logging step
* comments in wrong place
---------
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-04-14 17:04:09 -05:00
1a4c640835
lifecycle: fix worker healthcheck ( #5259 )
...
closes #5258
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 14:39:31 +02:00
38bf0ee740
lifecycle: re-add exec to ak wrapper ( #5253 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 13:52:11 +02:00
520fb2fac1
ci: fix tag lookup for previous stable version ( #5257 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 13:51:57 +02:00
95adc38ff4
web: bump API Client version ( #5256 )
...
Signed-off-by: GitHub <noreply@github.com>
2023-04-14 11:34:14 +00:00
55ad2d7eab
website/docs: add helm RBAC notice ( #5255 )
...
website/docs: add helm notice
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 13:21:05 +02:00
8160663214
release: 2023.4.0 ( #5254 )
2023-04-14 13:20:22 +02:00
aa80babfff
release: 2023.4.0
2023-04-14 13:28:57 +03:00
6a700cb376
core: fix user metrics for users which can't access events ( #5252 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 11:20:26 +02:00
e123afd9ee
web/admin: fix impersonate button layout ( #5251 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 11:20:07 +02:00
96e732e45b
web: bump @codemirror/lang-javascript from 6.1.5 to 6.1.6 in /web ( #5247 )
...
Bumps [@codemirror/lang-javascript](https://github.com/codemirror/lang-javascript ) from 6.1.5 to 6.1.6.
- [Release notes](https://github.com/codemirror/lang-javascript/releases )
- [Changelog](https://github.com/codemirror/lang-javascript/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-javascript/compare/6.1.5...6.1.6 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-javascript"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 10:35:25 +02:00
6349ab60e7
web: bump core-js from 3.30.0 to 3.30.1 in /web ( #5248 )
...
Bumps [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js ) from 3.30.0 to 3.30.1.
- [Release notes](https://github.com/zloirock/core-js/releases )
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md )
- [Commits](https://github.com/zloirock/core-js/commits/v3.30.1/packages/core-js )
---
updated-dependencies:
- dependency-name: core-js
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 10:35:12 +02:00
2b0749af6b
core: bump github.com/prometheus/client_golang from 1.14.0 to 1.15.0 ( #5249 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 10:34:56 +02:00
a5098364eb
events: unpack wrapped query from FlowExecutor ( #5244 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-14 00:07:41 +02:00
71820191a3
root: fix contributing List points ( #5245 )
2023-04-13 22:48:13 +02:00
c08c849fec
website: fix doc build ( #5242 )
...
* ci: run both builds
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 17:20:44 +02:00
6a74fa11c6
providers/oauth2: inconsistent client secret generation ( #5241 )
...
* use simpler char set for client secret
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* also adjust radius
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use similar logic in web to generate ids and secrets
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dont use math.random
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 15:06:28 +02:00
7841720acf
core: bump gitpython from 3.1.29 to 3.1.30 ( #5239 )
...
Bumps [gitpython](https://github.com/gitpython-developers/GitPython ) from 3.1.29 to 3.1.30.
- [Release notes](https://github.com/gitpython-developers/GitPython/releases )
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES )
- [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.29...3.1.30 )
---
updated-dependencies:
- dependency-name: gitpython
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 14:15:00 +02:00
67644ace87
website/docs: prepare 2023.4 release notes ( #5223 )
...
* website/docs: prepare 2023.4 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add prompt preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* Update website/docs/releases/2023/v2023.4.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* add new release to sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-04-13 14:11:46 +02:00
f84a10b59b
core: revert django update ( #5236 )
...
* Revert "core: bump django from 4.1.7 to 4.2 (#5151 )"
This reverts commit 18a4eac527
2023-04-13 14:10:12 +02:00
200d6d6adf
website: bump docusaurus ( #5235 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-13 13:45:51 +02:00
d0f1ebfad3
core: bump packaging from 23.0 to 23.1 ( #5234 )
...
Bumps [packaging](https://github.com/pypa/packaging ) from 23.0 to 23.1.
- [Release notes](https://github.com/pypa/packaging/releases )
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/packaging/compare/23.0...23.1 )
---
updated-dependencies:
- dependency-name: packaging
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 11:31:19 +02:00
7d849d7bd7
core: bump maxmindinc/geoipupdate from v4.11 to v5.0 ( #5233 )
...
Bumps maxmindinc/geoipupdate from v4.11 to v5.0.
---
updated-dependencies:
- dependency-name: maxmindinc/geoipupdate
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-13 11:30:57 +02:00
f1dfe04786
website/integrations: Addition of phpIPAM SAML integration documentation ( #5221 )
...
* website/integrations: Addition of phpIPAM SAML integration documentation
* website/integrations: Addition of phpIPAM SAML integration documentation
* website/integrations: Fix formatting to pass npm prettier checks of new phpIPAM documentation
* website/integrations: Fix typo in certificate for codespell linting.
* website/integrations: Change => to ->. Fix indentation on python expressions. Fix copy/paste error on modules SAML attribute.
---------
Co-authored-by: Aaron Naden <aaron@DESKTOP-H5LSEU8>
2023-04-12 17:28:58 -05:00
4d7d2b8d3a
web: bump pyright from 1.1.302 to 1.1.303 in /web ( #5229 )
...
Bumps [pyright](https://github.com/Microsoft/pyright/tree/HEAD/packages/pyright ) from 1.1.302 to 1.1.303.
- [Release notes](https://github.com/Microsoft/pyright/releases )
- [Commits](https://github.com/Microsoft/pyright/commits/1.1.303/packages/pyright )
---
updated-dependencies:
- dependency-name: pyright
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-12 11:21:39 +02:00
Jens Langhammer
risson
dependabot[bot]
Tana M Berry
authentik Bot
Lars Lehmann
Aaron