trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,574 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

208 Commits

Author SHA1 Message Date
Jens L 2f469d2709
root: partial Live-updating config (#5959) 
* stages/email: directly use email credentials from config

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* use custom database backend that supports dynamic credentials

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add crude config reloader

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make method names for CONFIG clearer

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* replace config.set with environ

Not sure if this is the cleanest way, but it persists through a config reload

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-add set for @patch

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* even more crudeness

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* clean up some old stuff?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup old things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix flow e2e

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-07-19 23:13:22 +02:00
Jens L a987846c76
root: celery refactor (#6095) 
* root: celery refactor

cleanup deprecation messages by configuring celery with a single object

run celery as django management command

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve debug experience

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add debugpy to dev dependencies

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix task_always_eager

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-06-28 16:44:50 +02:00
Jens L b0fbd576fc
security: cure53 fix (#6039) 
* ATH-01-001: resolve path and check start before loading blueprints

This is even less of an issue since 411ef239f6, since with that commit we only allow files that the listing returns

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: fix missing user filter for webauthn device

This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.

* ATH-01-008: fix web forms not submitting correctly when pressing enter

When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly

This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.

* ATH-01-004: remove env from admin system endpoint

this endpoint already required admin access, but for debugging the env variables are used very little

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-005: use hmac.compare_digest for secret_key authentication

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-009: migrate impersonation to use API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-014: save authenticator validation state in flow context

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

bugfixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-012: escape quotation marks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add website

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release ntoes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update with all notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-06-22 22:25:04 +02:00
Jens L 05d73f688c
policies/event_matcher: add model filter (#5802) 
* policies/event_matcher: add model filter

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve logic

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove t``

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-06-12 22:11:11 +02:00
Jens L eaa3d11df8
api: modular urls (#5551) 
* api: make API urls modular

load API urls from app module's urls file instead of a single static file

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* refactor websocket url mounting

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-05-09 14:46:47 +02:00
Jens L 67f3db1e03
core: enforce unique on names where it makes sense (#4866) 
enforce unique on names where it makes sense

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-03-07 23:52:34 +01:00
Jens Langhammer cefc1a57ee
core: handle error when cleaning up sessions and cached session can't be loaded 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-13 13:22:34 +01:00
Jens Langhammer 53b25d61f7
events: use colon as separator for task name and task UID 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-13 12:06:29 +01:00
Jens Langhammer 8850446bc2
admin: fix schema generation warning 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-11 21:08:48 +01:00
Jens Langhammer f98b5b651b
admin: remove import 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-02 14:19:25 +01:00
Jens Langhammer 2113029a14
admin: allow post to system info api endpoint for debugging 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-02-02 11:09:03 +01:00
Jens L 9568f4dbd6
root: improve code style (#4436) 
* cleanup pylint comments

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix url name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* *: use ExtractHour instead of ExtractDay

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-15 17:02:31 +01:00
Jens L 36822c128c
admin: include task duration in API (#4428) 
include task duration in API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-13 13:21:49 +01:00
Jens L 67a6fa6399
events: rework metrics (#4407) 
* rework metrics

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* change graphs to be over last week

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix  Apps with most usage card

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-01-11 12:21:07 +01:00
Jens Langhammer fde848ee51
admin: remove unused import 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2023-01-02 00:12:14 +01:00
Jens Langhammer e9d52282b7
admin: use matching environment for system API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2023-01-01 23:58:12 +01:00
Jens L b06a3a8f9f
admin: add authorisations metric (#3811) 
add authorizations metric

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-10-19 00:06:45 +02:00
Jens Langhammer 7f8afad528 *: fix API Schema generation warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-11 23:08:31 +02:00
Jens Langhammer 0ff2ac7dc2 api: fix schema not referencing errors correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-09-11 23:01:26 +02:00
Jens L 54ba3e9616
blueprints: add meta model to apply blueprint within blueprint for dependencies (#3486) 
* add meta model to apply blueprint within blueprint for dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use custom registry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix again

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* move ManagedAppConfig to apps.py

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* rename manager to registry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: use full tag in comment

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-29 21:20:58 +02:00
Jens L d1004e3798
blueprints: webui (#3356) 2022-08-03 00:05:49 +02:00
Jens Langhammer 2bd29e2fdd *: improve error handling for startup tasks 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-01 23:31:47 +02:00
Jens L a023eee9bf
blueprints: migrate from managed (#3338) 
* test all bundled blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix empty title

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix default blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add script to generate dev config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate managed to blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more to blueprint instance

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrated away from ObjectManager

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate things

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix some tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix a bit more

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* whops

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *sigh*

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tasks

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* scheduled

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* run discovery on start

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* oops this test should stay

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-08-01 23:05:58 +02:00
Jens L 89c84f10d0
blueprints: v1 (#1573) 
* managed: move flowexporter to managed

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: implement SerializerModel in all models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* managed: add initial api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* managed: start blueprint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* managed: spec

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* version blueprint

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* yep

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove v2, improve v1

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* start custom tag, more rebrand

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* move blueprints out of website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* try new things

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add !lookup, fix web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update and cleanup default

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix tags in lists

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* don't save field if its set to default value

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* more flow cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* format web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix missing serializer for sms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ignore _set fields

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove custom file extension

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* migrate default flow to tenant

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* include blueprints

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-31 17:11:44 +02:00
Jens Langhammer 90e3ae9457 *: define prometheus metrics in apps to prevent re-import 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-07-01 16:49:24 +02:00
Jens L 0c591a50e3
*: don't dispatch tasks on startup of server (#3033) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-06-03 18:29:24 +02:00
Jens Langhammer 5080840ed9 admin: ensure disable_update_check is set to false for tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-05-17 10:00:26 +02:00
Jens Langhammer 0b4ac54363 *: default to max 60 for fqdn_rand 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-04-20 20:07:25 +02:00
Jens Langhammer 1a1434bfda *: decrease frequency of background tasks, smear tasks based on name and fqdn 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2159
 2022-04-20 18:43:40 +02:00
Jens Langhammer 21efee8f44 admin: add additional logging when restarting a task 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-02-12 18:40:21 +01:00
Jens Langhammer 111fbf119b *: refactor prometheus gauges to directly updating metrics view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-16 13:57:07 +01:00
Jens Langhammer fae6d83f27 *: simplify extracting current version info 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-13 17:47:31 +01:00
Jens Langhammer 6e53f1689d policies/reputation: rework reputation to use a single entry, include geo_ip data 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-01-05 21:02:33 +01:00
Jens Langhammer 30386cd899 events: add custom manager with helpers for metrics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-14 21:49:33 +01:00
Jens Langhammer a9bd34f3c5 events: revert to @prefill_task decorator since base class doesn't get executed until task runs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-09 10:18:00 +01:00
Jens Langhammer cf78c89830 events: replace @prefill_task with custom base class to prefill 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 13:47:35 +01:00
Jens Langhammer f0d7edb963 *: fix @prefill_task 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-12-02 10:05:51 +01:00
Jens Langhammer 638e8d741f *: fix multiple tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-16 10:38:21 +01:00
Jens Langhammer e4095dfffe admin: add more tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-15 20:10:09 +01:00
Jens Langhammer 12735cc14c admin: improve check to remove version notifications 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-11-07 18:03:06 +01:00
Jens Langhammer 8eddb4b95b admin: check for debug in worker count api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-14 12:32:30 +02:00
Jens Langhammer 4b7399f454 *: add @prefill_task() decorator to "pre-fill" tasks in cache, so they can be executed even before their schedule would do so 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-14 12:21:28 +02:00
Jens Langhammer fa6df84de2 admin: clear update notification when notification's version matches current version 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-10-05 20:36:38 +02:00
Jens Langhammer 79b92e764e *: fix typos in code 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-25 00:01:11 +02:00
Jens Langhammer c779ad2e3b *: use common user agent for all outgoing requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-11 21:08:26 +02:00
Jens Langhammer 7e7ef289ba admin: migrate to new update check, add option to disable update check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-11 20:35:23 +02:00
Jens Langhammer 9733caf3b7 admin: use copy for environ api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 11:39:49 +02:00
Jens Langhammer b0efab6d6d admin: add env to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:55:46 +02:00
Jens Langhammer de9d483b9f admin: add API to show embedded outpost status, add notice when its not configured properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:16:11 +02:00
Jens Langhammer 77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00