b9f409d6d9
stages/consent: migrate to SPA
2021-02-21 13:15:45 +01:00
a8681ac88f
root: fix typo
2021-02-21 00:22:14 +01:00
c1e6786ea1
stages/password: Migrate to SPA
2021-02-21 00:14:42 +01:00
1c8d101fc3
stages/identification: remove templates
2021-02-20 23:47:18 +01:00
7a9140bdcd
core: move UILoginButtonSerializer into core
2021-02-20 23:42:35 +01:00
511f94fc7f
*: cleanup code, return errors in challenge_invalid, fixup rendering
2021-02-20 23:34:10 +01:00
548b1ead2f
flows: challenge error response in challenge format
2021-02-20 20:28:57 +01:00
33f67140f2
stages/identification: move user validation to serializer
2021-02-20 20:16:20 +01:00
e0ae92ccc7
stages/*: update tests for new response
2021-02-20 19:41:48 +01:00
bdb86d7119
*: replace shortcuts.reverse with urls.reverse
2021-02-20 19:13:50 +01:00
a1a3d316e3
stages/identification: implement challenge
2021-02-20 18:28:11 +01:00
0e975757b8
core: remove UILoginButton's icon_path
2021-02-20 18:26:43 +01:00
391ee10cb8
Merge branch 'master' into stage-challenge
...
# Conflicts:
# authentik/api/v2/urls.py
2021-02-20 12:51:10 +01:00
dde303f13a
admin: remove dead code
2021-02-20 00:27:22 +01:00
264c678eaa
web: migrate user token list to web
2021-02-20 00:20:01 +01:00
854d94056e
web: migrate remaining list views to web
2021-02-20 00:19:53 +01:00
9d4c22c706
web: show header while loading application info
2021-02-19 23:34:06 +01:00
9b12895fab
admin: remove unneeded code
2021-02-19 19:32:46 +01:00
93478a55d7
web: migrate Stage List to web
2021-02-19 19:29:17 +01:00
a76cbf8b70
flows: separate flows api into smaller files
2021-02-19 19:14:16 +01:00
6597d5bd28
web: migrate Token List to web
2021-02-19 19:09:30 +01:00
fd28f37c0d
web: migrate User list to web
2021-02-19 18:43:57 +01:00
d219f65e7a
web: migrate System Task list to web
2021-02-19 18:12:23 +01:00
865f652476
web: migrate Outpost Service Connection to web
2021-02-19 17:49:34 +01:00
8008918d8b
admin: remove PolicyBinding list
2021-02-19 17:37:19 +01:00
75d0bd01c2
admin: remove StageBinding list
2021-02-19 17:19:48 +01:00
029c6cd182
web: migrate Group list to web
2021-02-19 17:18:09 +01:00
71f771c22c
core: add types API to propertymapping
2021-02-19 17:10:30 +01:00
38bd05867d
web: migrate Policy list to web
2021-02-19 17:05:02 +01:00
79089d8981
policies: add bound count to api
2021-02-19 16:53:30 +01:00
47bde052ca
policies: add types action to policy API, use MetaNameSerializer
2021-02-19 16:34:33 +01:00
bd6a473d4f
flows: add cached as action to flow API
2021-02-19 16:34:12 +01:00
277b4336d3
stages/authenticator_validate: update autocomplete for code input
2021-02-19 16:00:59 +01:00
b229b2f40d
Merge branch 'master' into stage-challenge
...
# Conflicts:
# authentik/stages/authenticator_validate/stage.py
# authentik/stages/identification/stage.py
2021-02-18 14:04:35 +01:00
e4f0613fab
*: replace tuple and set from typing with normal
2021-02-18 13:53:57 +01:00
ecff810021
*: replace List from typing with normal list
2021-02-18 13:45:46 +01:00
fdde97cbbf
*: replace Dict from typing with normal dict
2021-02-18 13:41:03 +01:00
eb01b42425
flows: mount executor under api, implement initial challenge design
2021-02-17 23:52:49 +01:00
8708e487ae
stages: add WebAuthn stage ( #550 )
...
* core: add User.uid for globally unique user ID
* admin: fix ?next for Flow list
* stages: add initial webauthn implementation
* web: add ak-flow-submit event to submit flow stage
* web: show error message for webauthn registration
* admin: fix next param not redirecting correctly
* stages/webauthn: remove form
* stages/webauthn: add API
* web: update flow diagram on ak-refresh
* stages/webauthn: add initial authentication
* stages/webauthn: initial authentication implementation
* web: cleanup webauthn utils
* stages: rename otp_* to authenticator and move webauthn to authenticator
* docs: fix broken links
* stages/authenticator_*: fix template paths
* stages/authenticator_validate: add device classes
* stages/authenticator_webauthn: implement django_otp.devices
* stages/authenticator_*: update default stage names
* web: add button to create stage on flow page
* web: don't minify HTML, remove nbsp
* admin: fix typo in stage list
* stages/*: use common base class for stage serializer
* stages/authenticator_*: create default objects after rename
* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
4cfcc48b23
admin: migrate certificate-keypair list to web
2021-02-16 23:16:52 +01:00
60c244c31d
core: add User.uid for globally unique user ID
2021-02-16 23:04:48 +01:00
69e6221906
web: port flow list
2021-02-16 22:52:54 +01:00
68eefd083e
web: fix linting errors
2021-02-16 22:35:55 +01:00
a647917074
providers/saml: use redirect binding first
2021-02-16 21:35:19 +01:00
099197ba8c
providers/saml: fix AuthnRequestsSigned and WantAssertionsSigned not loaded correctly
2021-02-16 21:30:15 +01:00
baa2ed5ecc
web: fix download button for SAML Metadata download
2021-02-16 21:04:03 +01:00
f8ba623fc1
web: add more related links, add policy/user/group support for bindings
2021-02-16 20:52:59 +01:00
6bcdf36ca6
admin: add ?provider for ApplicationCreateView
2021-02-16 20:00:52 +01:00
0b75a0028b
providers/saml: fix error when getting metadata of provider with no application
2021-02-16 19:58:04 +01:00
0901d7461e
providers/saml: fix redirect error
2021-02-16 19:28:18 +01:00
61772b75ff
providers/saml: fix managed mappings not being set on import
2021-02-16 19:20:52 +01:00
61604adf9a
root: fix request_id not being logged for actual asgi requests
2021-02-16 19:14:08 +01:00
5ae030997a
providers/saml: fix missing import
2021-02-15 09:25:22 +01:00
35e8a0c374
admin: fix ?next for Flow list
2021-02-14 18:39:36 +01:00
bbd088a957
events: fix geoip case when not configured
2021-02-12 10:43:00 +01:00
5417d0a90c
*: bump pyright version
2021-02-12 10:19:38 +01:00
417b5d61a4
root: add initial geoip implementation
2021-02-12 09:52:14 +01:00
e550216f85
events: fix user QuerySet being passed
2021-02-11 23:36:22 +01:00
1afb4a7a76
policies: add ability to directly assign groups in bindings
2021-02-11 20:36:48 +01:00
391eb9d469
admin: fix policy list not having a refresh button
2021-02-11 20:17:45 +01:00
494f094fa1
events: pass Event's user to Notification policy engine when present
2021-02-11 19:56:39 +01:00
aa0f5df218
policies/*: cleanup api and forms, use correct inheritance
2021-02-11 19:50:02 +01:00
7da90ff7e4
release: 2021.2.3-stable
2021-02-10 20:47:33 +01:00
61b5714652
docs: update release notes
2021-02-10 20:47:06 +01:00
d2df426489
core: fix tokens using wrong lookup
2021-02-10 20:32:54 +01:00
a367d8515f
core: add source endpoint
2021-02-10 20:12:07 +01:00
2b7a22a29a
core: add providers/types endpoint
2021-02-10 20:11:54 +01:00
c621f62d92
release: 2021.2.2-stable
2021-02-10 13:33:23 +01:00
d15e50025c
root: log runtime in milliseconds
2021-02-09 23:33:25 +01:00
0af66a26ab
crypto: move certificate and key data to separate api calls to create events
2021-02-09 21:47:00 +01:00
bf754369d9
providers/proxy: fix certificates without key being selectable
2021-02-09 21:11:44 +01:00
02dc112f8f
outposts: fix ProxyProvider update not triggering outpost update
2021-02-09 20:59:39 +01:00
2d4e7ebab5
admin: remove unnecessary success_urls
2021-02-09 20:58:46 +01:00
a7d0a50859
events: rename context.token to context.secret
2021-02-09 20:10:43 +01:00
71c9108f89
events: rename token_view to secret_view
2021-02-09 18:20:28 +01:00
45f1d95bf9
sources/oauth: add callback URL to api
2021-02-09 16:58:19 +01:00
5dab198c47
web: add new sources view
2021-02-09 16:24:27 +01:00
ad91abe9de
admin: remove old sources view
2021-02-09 16:17:48 +01:00
fa30755241
web: make ActionButton's method configurable
2021-02-09 16:14:51 +01:00
552f8c6a9a
sources/*: switch API to use slug in URL
2021-02-09 16:08:30 +01:00
2acdcf74e1
sources/ldap: add API for sync status
2021-02-09 10:21:59 +01:00
52016e0806
policies: skip cache on debug request
2021-02-08 22:14:23 +01:00
e555bdd42b
lib: fix stacktrace for general expressions
2021-02-08 22:14:13 +01:00
b3bd979ecd
release: 2021.2.1-stable
2021-02-08 21:34:05 +01:00
db113c5e8f
Merge branch 'master' into version-2021.2
2021-02-08 21:33:58 +01:00
78bcb90a1e
outposts: ensure Outpost API is backwards compatible
2021-02-08 19:51:46 +01:00
43bab840ec
web: fix sidebar being active when stage prompts is selected
2021-02-08 19:08:39 +01:00
f020b79384
admin: remove old code
2021-02-08 19:07:25 +01:00
820f658b49
web: add outpost list page
2021-02-08 19:04:19 +01:00
5d460a2537
admin: remove outposts list
2021-02-08 19:02:39 +01:00
efc46f52e6
outposts: move health to API
2021-02-08 19:01:10 +01:00
fe4b2d1a34
providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event
2021-02-08 11:51:38 +01:00
f8abe3e210
providers/oauth2: add unofficial groups attribute to default profile claim
2021-02-08 11:50:26 +01:00
3ced67b151
sources/*: simplify source api
2021-02-08 10:25:59 +01:00
cd5631ec76
admin: fix link in source list
2021-02-08 10:25:59 +01:00
1e934aa5d5
release: 2021.2.1-rc2
2021-02-07 19:04:43 +01:00
d93927755a
Merge branch 'master' into version-2021.2
2021-02-07 19:04:37 +01:00
bf9826873e
web: fix outpost item in sidebar being active on service connection views
2021-02-07 18:21:13 +01:00
6869b3c16a
admin: add button to generate certificate-key pair
2021-02-07 16:15:55 +01:00
bfc8e9200f
providers/saml: split views into separate files
2021-02-07 13:39:33 +01:00
c4311abc9f
web: fix link to provider list on overview page
2021-02-06 22:46:09 +01:00
ec42869e00
policies: add debug flag to PolicyRequest to prevent alerts from testing policies
2021-02-06 21:45:38 +01:00
45963c2ffc
admin: improve layout for policy testing
2021-02-06 21:43:14 +01:00
7af883d80c
root: add dedicated live and readiness views
2021-02-06 21:07:05 +01:00
4a5374d03f
admin: remove provider list view
2021-02-06 20:54:50 +01:00
3b536f6e55
admin: fix property-mapping views redirecting to invalid URL
2021-02-06 20:54:12 +01:00
6aa13a8666
providers/saml: force-set friendly_name to empty string for managed mappings
2021-02-06 20:52:52 +01:00
33cdbd7776
release: 2021.2.1-rc1
2021-02-06 20:10:50 +01:00
db7e9f9b95
sources/ldap: set default group property mapping
2021-02-06 19:17:39 +01:00
91282c7bd8
web: add page for Proxy Provider
2021-02-06 18:57:25 +01:00
830b8bcd5b
web: add page for OAuth2 Provider
2021-02-06 18:39:15 +01:00
0f5e6d0d8c
api: add dark theme for API Browser
2021-02-06 18:09:24 +01:00
6aa6615608
web: add view page for SAML Provider
2021-02-06 18:07:13 +01:00
91d6a3c8c7
providers/*: simplify provider API
2021-02-06 17:31:29 +01:00
a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid ( #533 )
2021-02-06 15:56:21 +00:00
32cf960053
sources/ldap: add property_mappings_group to make group mapping more customisable
2021-02-06 15:27:07 +01:00
83bf639926
sources/ldap: use both entryDN and dn (for active-directory)
2021-02-05 15:17:57 +01:00
2717742bd2
sources/ldap: don't remove users from group which were not synced from AD
2021-02-05 15:17:20 +01:00
ef70e93bbd
Merge branch 'master' into ldap-groupOfNames
2021-02-05 14:52:39 +01:00
478d3430eb
sources/ldap: use openldap tests for entire sync
2021-02-05 14:29:22 +01:00
9c1ade59e9
sources/ldap: add more flatten to user sync, start adding tests for OpenLDAP
2021-02-05 13:36:27 +01:00
fadf746234
managed: allow for matching on multiple interfaces
2021-02-05 13:18:44 +01:00
397dfc29f1
sources/ldap: change default object filters to use objectClass= instead of objectCategory
2021-02-05 11:43:39 +01:00
b0e3b8b39d
sources/ldap: use entryDN attribute from ldap3 as opposed to implicit DN attribute
2021-02-05 11:43:13 +01:00
1f8130e685
events: improve information sent in notification emails
2021-02-04 21:44:59 +01:00
e639d8ab56
sources/ldap: add case when group does not have uniqueness attribute
2021-02-04 21:18:49 +01:00
005b4d8dda
sources/ldap: fix linting issues
2021-02-04 20:36:05 +01:00
de2d8b2d85
providers/oauth2: pass application to configuration error event
2021-02-04 20:35:37 +01:00
7d107991a2
sources/ldap: fix count for membership, fix wrong attribute being searched
2021-02-04 20:22:28 +01:00
14dc420747
sources/ldap: rewrite group membership syncing
2021-02-04 20:06:42 +01:00
89dc4db30b
sources/ldap: load operational attributes ( #526 )
2021-02-04 12:37:55 +01:00
cc3fccb27e
sources/ldap: use dn attribute for distinguishedName, ignore users with no distinguishedName
...
closes #527
2021-02-04 12:10:57 +01:00
add20de8de
providers/*: fix api linting issues
2021-02-04 10:27:55 +01:00
53f002a123
events: allow searching by event id
2021-02-04 10:09:19 +01:00
c7c387eb38
providers/*: add assigned application name and slug
2021-02-04 10:09:19 +01:00
1b3760a4b7
events: don't log successful system tasks
2021-02-04 10:09:18 +01:00
1101810fea
admin: show more details for policy testing
2021-02-03 22:09:46 +01:00
1ab5289e2e
admin: add test view for property mappings
2021-02-03 21:58:56 +01:00
4b24b185f2
admin: fix context not being passed correctly to policy test view
2021-02-03 21:40:03 +01:00
ea0ba5ae30
stages/password: use form.add_error
2021-02-03 21:39:03 +01:00
b74c08620a
admin: add link to changelog to update events
2021-02-03 21:19:51 +01:00
e25d03d8f4
Managed objects ( #519 )
...
* managed: add base manager and Ops
* core: use ManagedModel for Token and PropertyMapping
* providers/saml: implement managed objects for SAML Provider
* sources/ldap: migrate to managed
* providers/oauth2: migrate to managed
* providers/proxy: migrate to managed
* *: load .managed in apps
* managed: add reconcile task, run on startup
* providers/oauth2: fix import path for managed
* providers/saml: don't set FriendlyName when mapping is none
* *: use ObjectManager in tests to ensure objects exist
* ci: use vmImage ubuntu-latest
* providers/saml: add new mapping for username and user id
* tests: remove docker proxy
* tests/e2e: use updated attribute names
* docs: update SAML docs
* tests/e2e: fix remaining saml cases
* outposts: make tokens as managed
* *: make PropertyMapping SerializerModel
* web: add page for property-mappings
* web: add codemirror to common_styles because codemirror
* docs: fix member-of in nextcloud
* docs: nextcloud add admin
* web: fix refresh reloading data two times
* web: add loading lock to table to prevent double loads
* web: add ability to use null in QueryArgs (value will be skipped)
* web: add hide option to property mappings
* web: fix linting
2021-02-03 21:18:31 +01:00
cfed41439e
events: add send_once flag to send webhooks only once
2021-02-02 19:34:55 +01:00
3ac148d01c
events: only title for slack webhook
2021-02-02 19:18:51 +01:00
3e696d6ac8
flows: use global logger for stored plans
2021-02-02 17:29:03 +01:00
0114bc0d6a
flows: fix lint errors
2021-02-02 17:02:02 +01:00
c60934f9b1
flows: fix benchmark using wrong context
2021-02-02 16:27:21 +01:00
09bdcfaab0
flows: optimise logging
2021-02-02 16:27:03 +01:00
624206281e
policies: optimise logging
2021-02-02 16:12:41 +01:00
3d112e7688
root: use filtering_bound_logger for speed improvements
2021-02-02 15:43:44 +01:00
Jens Langhammer
Jens L