trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
3071 commits 95 branches 330 tags 336 MiB
Commit graph

229 commits

Author SHA1 Message Date
Jens Langhammer 1c686e19b5 policies: set message instead of error for Event 2021-01-14 20:17:21 +01:00
Jens Langhammer 3cc92f6c97 events: ensure created field is timestamp 2021-01-14 20:16:54 +01:00
Jens Langhammer 4447345345 policies: fix display of stacktrace in events 2021-01-14 18:07:41 +01:00
Jens Langhammer 42c6401ba7 events: add event context to slack webhook 2021-01-14 17:40:19 +01:00
Jens Langhammer eef111bcfd events: disable policy cache for trigger 2021-01-14 17:39:59 +01:00
Jens Langhammer 6192b2787f events: notifications: send entire event in API 2021-01-14 17:22:02 +01:00
Jens Langhammer c7d28f8ca9 events: attach default transport to default triggers 2021-01-14 17:22:02 +01:00
Jens Langhammer 1342266368 events: include full group in event notification 2021-01-14 17:22:02 +01:00
Jens Langhammer 7ff679b1a3 policies: fix error when error occurs during policy process with no target 2021-01-14 17:22:02 +01:00
Jens Langhammer 8beddcddb0 events: set severity for default triggers 2021-01-14 17:22:02 +01:00
Jens Langhammer 9fe8554f28 events: make notification read/update only 2021-01-14 17:22:02 +01:00
Jens Langhammer 308896719d docs: add docs for events and notifications 2021-01-13 00:26:33 +01:00
Jens Langhammer 95c1473dd2 events: assign default triggers to default admin group, create default transport 2021-01-12 23:28:17 +01:00
Jens Langhammer b14c5039ed events: set default admin group to receive default triggers 2021-01-12 23:06:42 +01:00
Jens Langhammer b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
Jens Langhammer 29e08e7477 stages/otp_*: fix app's verbose_name 2021-01-12 22:59:46 +01:00
Jens Langhammer 36bc1dc020 events: record source when user is using source to authenticate 2021-01-12 22:48:55 +01:00
Jens Langhammer 61d1407804 sources/*: Set PLAN_CONTEXT_SOURCE when logging in with a source 2021-01-12 22:37:33 +01:00
Jens Langhammer 47ddf0d7f2 web: add UI for notification triggers 2021-01-12 22:26:57 +01:00
Jens Langhammer cac94792fa admin: add event transport forms 2021-01-12 22:03:33 +01:00
Jens Langhammer 8369fa16ae events: add mode_verbose to transport, return string on send error 2021-01-12 21:51:55 +01:00
Jens Langhammer f30bdbecd6 events: catch errors during send and re-raise as custom type 2021-01-12 21:48:16 +01:00
Jens L c727c845df
policies: add and/or mode (#463) 
* policies: add mode to PolicyEngine for AND and OR modes

* events: use PolicyEngine in OR mode
 2021-01-12 18:22:25 +01:00
Jens L 1ccf6dcf6f
events: Notifications (#418) 
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
 2021-01-11 18:43:59 +01:00
Jens Langhammer 4743e72e18 policies: ensure binding has a target during unittests 2021-01-05 12:37:52 +01:00
Jens Langhammer 9fb5ce2a1a policies: add binding to policy_execution context 2021-01-05 11:51:05 +01:00
Jens L 82bb179bc2
root: global email settings (#448) 
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
 2021-01-05 00:41:10 +01:00
Jens Langhammer 6ed78830a0 providers/proxy: check ingress annotations we manage 2021-01-02 01:48:39 +01:00
Jens Langhammer 6fe323f1a7 outposts: by default only check labels 2021-01-02 01:08:05 +01:00
Jens Langhammer 85c2db018e outposts: ensure field_manager is also used for updates 2021-01-02 00:52:42 +01:00
dependabot[bot] bc9e7e8b93
build(deps): bump structlog from 20.1.0 to 20.2.0 (#445) 
* build(deps): bump structlog from 20.1.0 to 20.2.0

Bumps [structlog](https://github.com/hynek/structlog) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/hynek/structlog/releases)
- [Changelog](https://github.com/hynek/structlog/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/hynek/structlog/compare/20.1.0...20.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

* *: use structlog.stdlib instead of structlog for type-hints

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-01-01 15:39:43 +01:00
Jens Langhammer 2e69efe699 providers/saml: sign metadata when signing is enabled 2020-12-31 15:02:21 +01:00
Jens Langhammer a85b8a65c0 release: 0.14.2-stable 2020-12-31 12:00:31 +01:00
Jens Langhammer be54ba4fe2 policies: catch error in process to not hang requests 2020-12-31 11:16:17 +01:00
Jens Langhammer 68b9c34f78 policies: fix obj not being set 2020-12-31 11:16:01 +01:00
Jens Langhammer 3584bdf530 events: fix error when creating an even from policyrequests 2020-12-31 11:15:42 +01:00
Jens Langhammer e712719333 admin: fix reverse urls for application forms 2020-12-31 10:13:06 +01:00
Jens Langhammer 4fde1b7365 providers/saml: allow audience to be empty 2020-12-30 22:15:28 +01:00
Jens Langhammer 412f5b9210 providers/saml: fix signing and verification kp not being set correctly 2020-12-30 22:11:24 +01:00
Jens Langhammer a9e53cd52a providers/saml: fix string being passed to lxml 2020-12-30 22:03:01 +01:00
Jens Langhammer d0ee7908ab providers/saml: force user to select authz flow for import 2020-12-30 22:02:41 +01:00
Jens Langhammer e69834dec4 providers/saml: show error message why import failed 2020-12-30 22:02:28 +01:00
Jens Langhammer 16d5e1d9ff release: 0.14.1-stable 2020-12-29 21:25:49 +01:00
Jens Langhammer 765ae80698 providers/oauth2: fix error when creating RefreshToken 2020-12-29 21:22:49 +01:00
Jens Langhammer 540c22ce15 release: 0.14.0-stable 2020-12-28 17:49:45 +01:00
Jens Langhammer 8c3008abce release: 0.14.0-rc2 2020-12-28 17:49:39 +01:00
Jens Langhammer 8a22c86aaa release: 0.14.0-rc1 2020-12-28 17:49:35 +01:00
Jens Langhammer 22ce142cb8 outposts: include protocol in outpost deployment ports 2020-12-28 17:21:02 +01:00
Jens Langhammer 1a292feebb outposts: always check metadata on reconcile 2020-12-28 17:11:37 +01:00
Jens Langhammer 09f4d812b3 outposts: set field_manager 2020-12-28 17:11:33 +01:00
Jens Langhammer 2bab4ebfe8 core: fix library url pattern not matching SPA 2020-12-28 15:06:25 +01:00
Jens Langhammer 590597caf6 events: replace list view with SPA Page 2020-12-28 14:32:34 +01:00
Jens Langhammer 5f9c1e229c root: return API dates as timestamp 2020-12-28 13:07:49 +01:00
Jens Langhammer 0e1587bc1a providers/oauth2: don't write authorization code to event log 2020-12-28 01:07:18 +01:00
Jens Langhammer dc16a8a4c9 providers/proxy: set proxy-size for nginx for larger response 2020-12-28 00:45:58 +01:00
Jens L a6d0c8c26c
providers/saml: Metadata Import (#432) 
* providers/saml: add basic metadata parser

* providers/saml: add importer for Singing certificate, validate signature, add tests

* providers/saml: add provider name to form,

* web: don't use trailing slash for spa URLs

* providers/saml: formatting fixes

* sources/*: add verbose_name to source serializers

* admin: add button launch import modal
 2020-12-27 22:38:04 +01:00
Jens Langhammer e216efb6ec providers/oauth2: create access tokens as JWT 2020-12-27 19:36:17 +01:00
Jens Langhammer 378fe38b12 providers/oauth2: ensure response is URL fragment only when implicit or hybrid 2020-12-27 19:07:42 +01:00
Jens Langhammer ce9fb8801c providers/oauth2: ensure nonce is validated on all OIDC flows 2020-12-27 18:13:41 +01:00
Jens Langhammer 67ca83c228 providers/oauth2: add c_hash field 2020-12-27 18:13:13 +01:00
Jens Langhammer ee2e737782 providers/oauth2: remove response_type field as spec doesn't require validation 2020-12-27 18:12:47 +01:00
Jens Langhammer b04c9a2098 providers/oauth2: check redirect_uri before request object 2020-12-27 17:15:36 +01:00
Jens Langhammer e7c96eb70d providers/oauth2: Make AuthorizeError's state parameter requireed 2020-12-27 15:33:29 +01:00
Jens Langhammer e8debce9c8 providers/oauth2: fix infinite loops when prompt=login 2020-12-27 15:23:26 +01:00
Jens Langhammer bcd0686a33 providers/oauth2: redirect back correctly with state on AuthorizationError 2020-12-27 15:22:53 +01:00
Jens Langhammer 55322995a1 providers/oauth2: make iss field configurable 2020-12-27 15:02:12 +01:00
Jens Langhammer dff5eb69c8 providers/oauth2: fix token endpoint creating invalid token when no scopes are passed 2020-12-27 14:48:44 +01:00
Jens Langhammer b747022bc1 providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token 2020-12-27 14:33:51 +01:00
Jens Langhammer 885fcff495 providers/oauth2: add grant_types_supported to discovery endpoint 2020-12-27 14:17:40 +01:00
Jens Langhammer 5b18e28753 providers/oauth2: fix include_claims_in_id_token not being shown in form/API 2020-12-27 14:05:10 +01:00
Jens Langhammer 9848c5f3eb providers/oauth2: implement discovery's scopes_supported better 2020-12-27 13:36:14 +01:00
Jens Langhammer fc98c3934a providers/*: implement configuration_error 2020-12-27 13:15:31 +01:00
Jens Langhammer 7964061466 events: add configuration_error action 2020-12-27 13:11:38 +01:00
Jens Langhammer 5f90f54195 stages/invitation: ensure created_by is set when creating from API 2020-12-27 13:11:28 +01:00
Jens Langhammer 49eb568d3c stages/invitation: remove invitation_created signal as model_created functions the same 2020-12-27 13:00:52 +01:00
Jens Langhammer d17b2b0d1b providers/oauth2: add request_parameter_supported 2020-12-27 12:18:23 +01:00
Jens Langhammer f17d809219 providers/oauth2: add scopes_supported to discovery endpoint 2020-12-26 21:18:16 +01:00
Jens Langhammer 6c8e9fb553 providers/oauth2: add ACR support 2020-12-26 20:16:50 +01:00
Jens Langhammer 43bb29e16a providers/oauth2: implement max_age param 2020-12-26 20:05:31 +01:00
Jens Langhammer 29edbb0357 providers/oauth2: use auth_time from LOGIN event 2020-12-26 19:05:02 +01:00
Jens Langhammer 12ae867759 providers/oauth2: redirect back on prompt=none error instead of showing message 2020-12-26 18:58:18 +01:00
Jens Langhammer a20ca9136b providers/oauth2: use in for prompt check 2020-12-26 18:53:47 +01:00
Jens Langhammer 3759e96e7d providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in 2020-12-26 18:45:23 +01:00
Jens Langhammer 480d882a82 policies: add pre_permission_check to PolicyAccessView for request validity checks 2020-12-26 18:43:45 +01:00
Jens Langhammer e5e1e3737d providers/oauth2: fix query using user model not dict 2020-12-26 18:20:34 +01:00
Jens Langhammer 8dddcf891e providers/oauth2: fix "auth_time" being based on user.last_login 2020-12-26 18:11:29 +01:00
Jens Langhammer 319104c39b providers/oauth2: improve error handling, ensure correct message is shown to user 2020-12-26 17:50:16 +01:00
Jens L a9336f069c
flows: add diagrams (#415) 
* flows: initial diagram implementation

* web: install flowchart.js, add flow diagram page

* web: adjust diagram colours for dark mode

* flows: add permission checks for diagram

* flows: fix formatting

* web: fix formatting for web

* flows: add fix when last stage has policy

* flows: add test for diagram

* web: flows/diagram: add support for light mode

* flows: make Flows's Diagram API return json, add more tests and fix swagger response
 2020-12-26 17:05:11 +01:00
Jens Langhammer 33f5169f36 core: fix formatting 2020-12-26 15:28:29 +01:00
Jens Langhammer 4c690a20ef core: fix token update/delete not working 2020-12-26 01:23:34 +01:00
Jens Langhammer f68c8f7d90 core: fix User's token creation not working 2020-12-26 01:23:18 +01:00
Jens Langhammer 95b56a0005 release: 0.13.5-stable 2020-12-26 00:52:42 +01:00
Jens Langhammer 811c569b54 core: show multi-select notice for SelectMultiple Widgets 2020-12-26 00:43:40 +01:00
Jens Langhammer 3ac3a8eebe core: fix error during migrations 2020-12-25 23:51:40 +01:00
Jens Langhammer 6a5a243dac stages/invitation: fix optional field being required 2020-12-25 23:41:34 +01:00
Jens Langhammer ee916a68a4 stages/password: fix PasswordStageForm not showing backends 2020-12-25 23:34:26 +01:00
Jens Langhammer f192ee5052 core: fix anonymous user being included in User API 2020-12-25 22:42:53 +01:00
Jens Langhammer c95f8e8418 api: fix formatting 2020-12-24 16:26:01 +01:00
Jens Langhammer 4998ccbe41 root: update license 2020-12-24 16:01:55 +01:00
Jens Langhammer a56ddb2b8e release: 0.13.4-stable 2020-12-24 15:46:08 +01:00