trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
7400 commits 95 branches 330 tags 336 MiB
Commit graph

304 commits

Author SHA1 Message Date
Jens Langhammer 31d2ea65fd provider/proxy: mark forward_auth flag as deprecated 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:39:25 +02:00
Jens Langhammer d878d2140e providers/saml: add metadata download link to api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 14:06:44 +02:00
Jens L 34ae9e6dab
API: add endpoint to show by what objects an object is used (#995) 
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-10 11:58:12 +02:00
Jens L dad24c03ff
outposts: set cookies for a domain to authenticate an entire domain (#971) 
* outposts: initial cookie domain implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add cookie domain setting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: replace forward_auth_mode with general mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: rebuild proxy provider form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: re-add forward_auth_mode for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix data.mode not being set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: always set log level to debug when testing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: use new mode attribute

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only ingress /akprox on forward_domain

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix error on ProxyProviderForm when not using proxy mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix default for outpost form's type missing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add additional desc for proxy modes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix service account permissions not always being updated

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: fix redirecting to incorrect host for domain mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: improve error handling for network errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: fix image naming not matching main imaeg

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: fix redirects for domain mode and traefik

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix colour for paragraphs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix consent stage not showing permissions correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add domain-level docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken links

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: remove dead code

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix missing id for #header-text

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 23:10:17 +02:00
Jens Langhammer 029d58191e sources/saml: include metadata download link in API response 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-08 17:22:03 +02:00
Jens Langhammer 9180d448df core: move end-session to core 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-06 13:56:38 +02:00
Jens Langhammer cec47c3cfc providers/oauth2: show id_token issues for refresh token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 22:05:04 +02:00
Jens Langhammer b50ac96605 providers/oauth2: remove size limit on Access code nonce 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-02 20:20:07 +02:00
Jens Langhammer 14f85ec980 tenants: migrate context_processor to tenants 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-29 18:01:48 +02:00
Jens Langhammer 58a4b20297 outposts: handle disconnects without outpost better 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-25 12:06:55 +02:00
Jens Langhammer c6bb6709fd flows: add default challenge response 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 20:27:50 +02:00
Jens Langhammer fb4e0723ee stages: fix stage unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 17:12:48 +02:00
Jens Langhammer 6f6ae7831e flows: make use of oneOf OpenAPI to annotate all challenge types 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-24 14:11:23 +02:00
Jens Langhammer 9b57f0b81d Merge branch 'version-2021.5' into next 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	web/src/locales/en.po
#	web/src/locales/pseudo-LOCALE.po
 2021-05-22 20:01:16 +02:00
Jens Langhammer 2c816e6162 providers/proxy: don't use https to communicate with outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-22 18:56:38 +02:00
Jens Langhammer bb89b9b572 Merge branch 'version-2021.5' into next 2021-05-21 23:50:43 +02:00
Jens Langhammer 6600da7d98 providers/oauth2: add missing kid header to JWT Tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-21 23:40:00 +02:00
Jens Langhammer 92f2a82c03 providers/oauth2: fix double login required when prompt=login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 01:10:08 +02:00
Jens Langhammer dcf074650e providers/proxy: fix redirect_uris not always being set on save 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-20 01:10:04 +02:00
Jens Langhammer acf1ad91d9 providers/oauth2: fix double login required when prompt=login 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-19 23:34:27 +02:00
Jens Langhammer a74419214c providers/proxy: fix redirect_uris not always being set on save 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-19 23:10:00 +02:00
Jens Langhammer 3cf0f07baf *: fix API Schema for file uploads 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-17 23:12:52 +02:00
Jens Langhammer ef9f08553c *: linting pass, rename from swagger to schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 15:22:57 +02:00
Jens Langhammer 4fb71a6bdd api: fix pagination schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 15:08:51 +02:00
Jens Langhammer 0bac738090 *: fix static response descriptions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-16 14:07:29 +02:00
Jens Langhammer 1324d03815 *: initial migration to openapi v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 23:57:28 +02:00
Jens Langhammer 6600d5bf69 providers/oauth2: use user.uid 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 14:08:49 +02:00
Jens Langhammer a4278833d8 providers/proxy: fix ingress not being created with full https 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-15 13:45:41 +02:00
Jens Langhammer 942905b9b1 providers/proxy: fix formatting issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-14 16:24:35 +02:00
Jens Langhammer 8d7bb7da17 providers/proxy: connect ingress to https instead of http 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#882
 2021-05-14 11:42:03 +02:00
Jens Langhammer 0620324702 root: bump version of psf black 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-12 00:42:46 +02:00
Jens Langhammer 84dfbcaaae providers/api: return redirect_uris for proxy provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 20:02:17 +02:00
Jens Langhammer 24f2932777 crypto: add ?download flag 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#861
 2021-05-11 14:21:35 +02:00
Jens Langhammer 932b19999e providers/proxy: missing @property for noop 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 01:26:01 +02:00
Jens Langhammer 788fd00390 outposts: use noop flag in each reconciler instead of raising Disabled and force use of get_referecen_object 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-11 00:27:29 +02:00
Jens Langhammer 1f1d322958 *: fix api results when non-superuser 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-10 00:01:35 +02:00
Jens Langhammer a6a8eddf7c providers/proxy: create ingress for forward_auth /akprox path 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 12:40:44 +02:00
Jens Langhammer 8c0a87b710 outposts: improve logging for outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 12:34:44 +02:00
Jens Langhammer 5cad59a9f8 providers/proxy: fix being able to set empty internal_host 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-09 00:07:34 +02:00
Jens Langhammer e6dfa8294e providers/proxy: use name.namespace for middleware service 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 10:07:30 +02:00
Jens Langhammer ea7f9f291f outposts: create traefikmiddleware if forwardAuth is enabled 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-07 00:01:35 +02:00
Jens Langhammer 4e9176ed2e outposts: support different port on container vs exposed port 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-06 19:59:49 +02:00
Jens Langhammer 701c140cfd providers/proxy: fix logic error for ingress lookup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 20:28:13 +02:00
Jens Langhammer be8b2bf6f6 providers/proxy: don't create ingress for domains which use forwardAuth, don't create ingress at all if all providers are forward auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 17:53:12 +02:00
Jens Langhammer 9a15a66d85 outposts: make k8s object naming configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-05 15:36:27 +02:00
Jens Langhammer e674f03064 */api: fix lookups per user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-04 21:58:20 +02:00
Jens Langhammer 99d161e212 Merge branch 'master' into outpost-ldap 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/policies/event_matcher/migrations/0013_alter_eventmatcherpolicy_app.py
 2021-05-04 21:02:20 +02:00
Jens Langhammer c529340d6c *: fix title not being set correctly for server-side rendered views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-05-02 12:22:50 +02:00
Jens Langhammer b55cb2b40c Merge branch 'master' into outpost-ldap 2021-04-29 20:13:47 +02:00
Jens L 2a409215d3
outpost: forwardAuth mode (#790) 2021-04-29 18:17:10 +02:00
Jens L c4e4e17f93
providers/oauth2: add access_code_validity (#795) 
closes #794

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-28 21:03:43 +02:00
Jens Langhammer 4d858c64e0 Merge branch 'master' into outpost-ldap 2021-04-27 17:08:26 +02:00
Jens Langhammer 48c0c0baca */api: simplify lookups for per-user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 14:53:01 +02:00
Jens Langhammer fe28d216fe providers/oauth2: always test JWT keys in tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-27 14:07:04 +02:00
Jens Langhammer 3ce8b836dc outposts: allow outposts to have non-object specific permissions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 23:28:26 +02:00
Jens Langhammer 1d5958a78f providers/ldap: add search_group to limit who can do search requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 23:25:03 +02:00
Jens Langhammer fae4d34131 Merge branch 'master' into outpost-ldap 2021-04-26 17:11:50 +02:00
Jens Langhammer 7ff7bfeb58 core: fix incorrect styling for bse_full template 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 16:44:13 +02:00
Jens Langhammer 29da7dd8d6 providers/ldap: fix lint error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 15:49:19 +02:00
Jens Langhammer b3c8ffb96c outposts/ldap: use authorization_flow instead of separate field 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 15:09:41 +02:00
Jens Langhammer 302b047f1a outposts/ldap: add controllers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 14:26:31 +02:00
Jens Langhammer d741ed430a web/admin: add UI for LDAP Provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 12:12:02 +02:00
Jens Langhammer f89479caf3 providers/ldap: add LDAP provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 11:52:42 +02:00
Jens Langhammer 9341787fe7 providers/oauth2: replace deprecated jwkest with pyjwt 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-26 00:02:13 +02:00
Jens Langhammer d616bdd5d6 providers/oauth2: add proper support for non-http schemes as redirect URIs 
closes #772

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-23 16:34:52 +02:00
Jens Langhammer 3282b34431 providers/oauth2: fix TokenView not having CORS headers set even with proper Origin 
and added tests. closes #771

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 23:48:28 +02:00
Jens Langhammer 392d9bb10b providers/oauth2: fix misleading name of cors_allow_any 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#771
 2021-04-22 23:29:49 +02:00
Jens Langhammer d75284a587 flows: fix errors which occur during flow execution being sent to sentry malformed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-22 20:14:37 +02:00
Jens Langhammer ce082ead5e providers/oauth2: add unittests for authorize and token views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-18 21:05:49 +02:00
Jens Langhammer f328b21e89 providers/oauth2: Set CORS Headers for token endpoint, check Origin header against redirect URLs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-18 14:20:50 +02:00
Jens Langhammer 32c5bf04b8 *: fix linting errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-17 20:08:49 +02:00
Jens Langhammer ab4569e5d6 web/admin: fix application form's provider selection not working 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:49:35 +02:00
Jens Langhammer cb048764f4 providers/proxy: make outpost API readonly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-11 13:31:15 +02:00
Jens Langhammer d76db3caba *: add missing error codes as swagger annotations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-10 23:55:43 +02:00
Jens Langhammer eeb9449c11 lib: remove templatetags 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 12:37:32 +02:00
Jens Langhammer c17eb00e3b providers/oauth2: fix component for Scope 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-03 12:08:21 +02:00
Jens Langhammer 70fc4c0d88 sources/ldap: migrate to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-02 12:12:14 +02:00
Jens Langhammer ed2e9b88e7 Merge branch 'master' into new-forms-part-3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 23:02:22 +02:00
Jens Langhammer 509f21a9b4 providers/oauth2: add validation and tests to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 20:43:18 +02:00
Jens Langhammer b299451cab providers/saml: fix metadata download not being unauthenticated 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 20:16:07 +02:00
Jens Langhammer 7e63a18d37 providers/saml: fix unittests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 20:05:50 +02:00
Jens Langhammer b4a6f8350b admin: remove provider views 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 19:28:30 +02:00
Jens Langhammer 5eb9b95ab5 providers/saml: migrate import to API, add API tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-04-01 19:28:12 +02:00
Jens Langhammer d3f2f987e0 providers/saml: migrate saml property mappings to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:38:40 +02:00
Jens Langhammer 221e6190c8 sources/ldap: migrate property mappings to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:08:40 +02:00
Jens Langhammer 6a69425688 providers/oauth2: migrate scope mapping to web 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-31 23:07:57 +02:00
Jens Langhammer 69ee18e13d Merge branch 'master' into new-forms 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
 2021-03-30 10:26:18 +02:00
dependabot[bot] c180a521ec
build(deps-dev): bump pylint from 2.7.2 to 2.7.3 (#674) 
* build(deps-dev): bump pylint from 2.7.2 to 2.7.3

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.7.2...pylint-2.7.3)

Signed-off-by: dependabot[bot] <support@github.com>

* sources/saml: fix linting for SAMLBindingTypes.Redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/oauth: Fix linting for RequestKind

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix linting for ChallengeTypes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-30 10:05:14 +02:00
Jens Langhammer 7d74e1d2c4 *: revert to drf-yasg upstream 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-29 21:04:54 +02:00
Jens Langhammer 4612cea970 sources/saml: replace server-side pre-auth views for pre_auth flow 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-24 09:22:15 +01:00
Jens Langhammer 33787d0685 web: remove pf-c-card-aggregate 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-23 16:05:37 +01:00
Jens Langhammer 3157bf63a6 root: upgrade to pylint 2.7 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 20:03:33 +01:00
Jens L fe7f23238c
Static SPA (#648) 
* core: initial migration to /if

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: move jsi18n to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix static URLs in tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add new html files to rollup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix rollup config and nginx config

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add Impersonation support to user API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add banner for impersonation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix test_user function for new User API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add background to API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: set background from flow API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: make root view login_required for redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: redirect to root-redirect instead of if-admin direct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add header to prevent Authorization Basic prompt in browser

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: redirect to root when user/me request fails

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-22 13:44:17 +01:00
Jens Langhammer 43f19f78bb providers/oauth2: fix error when redirecting from an authorization error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 22:06:45 +01:00
Jens Langhammer 3d45956f15 web: fix display of scopes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-20 19:05:10 +01:00
Jens Langhammer 9ad10863de providers/oauth2: add API for auth codes and refresh tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-03-18 15:59:38 +01:00
Jens L 2852fa3c5e
web: use generated API Client (#616) 
* api: fix types for config API

* api: remove broken swagger UI

* admin: re-fix system task enum

* events: make event optional

* events: fix Schema for notification transport test

* flows: use APIView for Flow Executor

* core: fix schema for Metrics APIs

* web: rewrite to use generated API client

* web: generate API Client in CI

* admin: use x_cord and y_cord to prevent yaml issues

* events: fix linting errors

* web: don't lint generated code

* core: fix fields not being required in TypeSerializer

* flows: fix missing permission_classes

* web: cleanup

* web: fix rendering of graph on Overview page

* web: cleanup imports

* core: fix missing background image filter

* flows: fix flows not advancing properly

* stages/*: fix warnings during get_challenge

* web: send Flow response as JSON instead of FormData

* web: fix styles for horizontal tabs

* web: add base chart class and custom chart for application view

* root: generate ts client for e2e tests

* web: don't attempt to connect to websocket in selenium tests

* web: fix UserTokenList not being included in the build

* web: fix styling for static token list

* web: fix CSRF Token missing

* stages/authenticator_static: fix error when disable static tokens

* core: fix display issue when updating user info

* web: fix Flow executor not showing spinner when redirecting
 2021-03-08 11:14:00 +01:00
Jens Langhammer c6de4e47d7 providers/oauth2: allow protected_resource_view when method is OPTIONS 2021-03-05 16:57:37 +01:00
Jens Langhammer de4b3d6290 providers/oauth2: always set CORS headers on provider info view 2021-03-05 14:27:16 +01:00
Jens Langhammer 792fa45dca providers/oauth2: add logout URL to Setup URLs API 2021-03-02 15:11:18 +01:00
Jens Langhammer a81f981471 lib: fix being unable to set authentik. options 2021-03-01 11:11:00 +01:00
Jens Langhammer d6fd2b0afa sources/saml: add Metadata API 2021-03-01 10:50:45 +01:00
Jens Langhammer 7f65ae3f92 Merge branch 'master' into stage-challenge 
# Conflicts:
#	web/package-lock.json
 2021-02-28 00:47:18 +01:00
Jens Langhammer 0958740b51 providers/saml: fix Autosubmit Challenge 2021-02-28 00:09:08 +01:00
Jens Langhammer d2dfc6d63b Merge branch 'master' into stage-challenge 2021-02-27 16:04:57 +01:00
Jens Langhammer a18240fcd7 providers/oauth2: fix error when no login event could be found 2021-02-27 16:02:07 +01:00
Jens Langhammer 890e0e9054 *: remove unused templates and code, move avatar to User model 2021-02-25 19:58:23 +01:00
Jens Langhammer ca223fa4df providers/saml: migrate to challenge for submit 2021-02-21 14:36:22 +01:00
Jens Langhammer b9f409d6d9 stages/consent: migrate to SPA 2021-02-21 13:15:45 +01:00
Jens Langhammer bdb86d7119 *: replace shortcuts.reverse with urls.reverse 2021-02-20 19:13:50 +01:00
Jens Langhammer e4f0613fab *: replace tuple and set from typing with normal 2021-02-18 13:53:57 +01:00
Jens Langhammer ecff810021 *: replace List from typing with normal list 2021-02-18 13:45:46 +01:00
Jens Langhammer fdde97cbbf *: replace Dict from typing with normal dict 2021-02-18 13:41:03 +01:00
Jens Langhammer 60c244c31d core: add User.uid for globally unique user ID 2021-02-16 23:04:48 +01:00
Jens Langhammer 68eefd083e web: fix linting errors 2021-02-16 22:35:55 +01:00
Jens Langhammer a647917074 providers/saml: use redirect binding first 2021-02-16 21:35:19 +01:00
Jens Langhammer 099197ba8c providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly 2021-02-16 21:30:15 +01:00
Jens Langhammer baa2ed5ecc web: fix download button for SAML Metadata download 2021-02-16 21:04:03 +01:00
Jens Langhammer 6bcdf36ca6 admin: add ?provider for ApplicationCreateView 2021-02-16 20:00:52 +01:00
Jens Langhammer 0b75a0028b providers/saml: fix error when getting metadata of provider with no application 2021-02-16 19:58:04 +01:00
Jens Langhammer 0901d7461e providers/saml: fix redirect error 2021-02-16 19:28:18 +01:00
Jens Langhammer 61772b75ff providers/saml: fix managed mappings not being set on import 2021-02-16 19:20:52 +01:00
Jens Langhammer 5ae030997a providers/saml: fix missing import 2021-02-15 09:25:22 +01:00
Jens Langhammer 35e8a0c374 admin: fix ?next for Flow list 2021-02-14 18:39:36 +01:00
Jens Langhammer bf754369d9 providers/proxy: fix certificates without key being selectable 2021-02-09 21:11:44 +01:00
Jens Langhammer efc46f52e6 outposts: move health to API 2021-02-08 19:01:10 +01:00
Jens Langhammer fe4b2d1a34 providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event 2021-02-08 11:51:38 +01:00
Jens Langhammer f8abe3e210 providers/oauth2: add unofficial groups attribute to default profile claim 2021-02-08 11:50:26 +01:00
Jens Langhammer bfc8e9200f providers/saml: split views into separate files 2021-02-07 13:39:33 +01:00
Jens Langhammer 6aa13a8666 providers/saml: force-set friendly_name to empty string for managed mappings 2021-02-06 20:52:52 +01:00
Jens Langhammer 91282c7bd8 web: add page for Proxy Provider 2021-02-06 18:57:25 +01:00
Jens Langhammer 830b8bcd5b web: add page for OAuth2 Provider 2021-02-06 18:39:15 +01:00
Jens Langhammer 0f5e6d0d8c api: add dark theme for API Browser 2021-02-06 18:09:24 +01:00
Jens Langhammer 6aa6615608 web: add view page for SAML Provider 2021-02-06 18:07:13 +01:00
Jens Langhammer 91d6a3c8c7 providers/*: simplify provider API 2021-02-06 17:31:29 +01:00
Jens L a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid (#533) 2021-02-06 15:56:21 +00:00
Jens Langhammer ef70e93bbd Merge branch 'master' into ldap-groupOfNames 2021-02-05 14:52:39 +01:00
Jens Langhammer de2d8b2d85 providers/oauth2: pass application to configuration error event 2021-02-04 20:35:37 +01:00
Jens Langhammer 14dc420747 sources/ldap: rewrite group membership syncing 2021-02-04 20:06:42 +01:00
Jens Langhammer add20de8de providers/*: fix api linting issues 2021-02-04 10:27:55 +01:00
Jens Langhammer c7c387eb38 providers/*: add assigned application name and slug 2021-02-04 10:09:19 +01:00
Jens L e25d03d8f4
Managed objects (#519) 
* managed: add base manager and Ops

* core: use ManagedModel for Token and PropertyMapping

* providers/saml: implement managed objects for SAML Provider

* sources/ldap: migrate to managed

* providers/oauth2: migrate to managed

* providers/proxy: migrate to managed

* *: load .managed in apps

* managed: add reconcile task, run on startup

* providers/oauth2: fix import path for managed

* providers/saml: don't set FriendlyName when mapping is none

* *: use ObjectManager in tests to ensure objects exist

* ci: use vmImage ubuntu-latest

* providers/saml: add new mapping for username and user id

* tests: remove docker proxy

* tests/e2e: use updated attribute names

* docs: update SAML docs

* tests/e2e: fix remaining saml cases

* outposts: make tokens as managed

* *: make PropertyMapping SerializerModel

* web: add page for property-mappings

* web: add codemirror to common_styles because codemirror

* docs: fix member-of in nextcloud

* docs: nextcloud add admin

* web: fix refresh reloading data two times

* web: add loading lock to table to prevent double loads

* web: add ability to use null in QueryArgs (value will be skipped)

* web: add hide option to property mappings

* web: fix linting
 2021-02-03 21:18:31 +01:00
Jens Langhammer d8ae56ed19 providers/saml: fix imported provider not saving properties correctly 2021-01-30 12:33:27 +01:00
Jens Langhammer 2f3a086f29 docs: update veeam docs for group mapping 2021-01-28 23:34:51 +01:00
Jens Langhammer 239af7048a providers/saml: import SAML Provider with all autogenerated mappings 2021-01-28 23:32:36 +01:00
Jens Langhammer 5ef4354723 providers/saml: make NameID configurable using a Property Mapping 2021-01-28 22:50:13 +01:00
Jens Langhammer 66a8b52c7c providers/saml: update default OIDs for default property mappings 2021-01-28 22:44:44 +01:00
Jens Langhammer f4bb22138c providers/saml: add support for WindowsDomainQualifiedName, add docs for NameID 2021-01-28 22:00:40 +01:00
Jens Langhammer 2d2a404028 providers/oauth2: improve error handling and event creation 2021-01-16 18:27:10 +01:00
Jens Langhammer 6ed78830a0 providers/proxy: check ingress annotations we manage 2021-01-02 01:48:39 +01:00