authentik

Commit Graph

Author	SHA1	Message	Date
Jens L	47d79ac28c	security: fix CVE 2022 46172 (#4275 ) * fallback to current user in user_write, add flag to disable user creation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update api and web ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update default flows Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add cve post to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 14:16:26 +01:00
Jens L	9f846d94be	security: fix CVE 2022 23555 (#4274 ) * add flow to invitation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * show warning on invitation page Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add security advisory Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 14:13:49 +01:00
Jens L	84fbeb5721	security: fix CVE 2022 46172 (#4275 ) * fallback to current user in user_write, add flag to disable user creation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update api and web ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update default flows Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add cve post to website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 14:12:58 +01:00
Jens Langhammer	01da8e1792	providers/oauth2: optimise and cache signing key, prevent key being loaded multiple times Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 12:04:31 +01:00
Jens Langhammer	42c278b4f8	root: migrate to hosted sentry with rate-limited DSN Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-23 11:18:26 +01:00
Jens Langhammer	e52c964354	flows: fix redirect from plan context "redirect" not being wrapped in flow response Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-22 23:28:26 +01:00
Jens L	c635487210	blueprints: better OCI support in UI (#4263 ) use oci:// prefix to detect oci blueprint, add UI support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-22 18:49:25 +01:00
Jens Langhammer	fb09df26c9	core: fix lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-22 17:56:05 +01:00
Jens Langhammer	e4e7a112e3	web: use version family subdomain for in-app doc links Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-22 17:03:08 +01:00
Jens Langhammer	042865c606	blueprints: add conditions to blueprint schema Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-21 18:59:17 +01:00
sdimovv	7f662ac2f3	blueprints: Added conditional entry application (#4167 ) * blueprints: Added !AsBool tag * Renamed AsBool tag to Condition * Added conditions attributed to BlueprintEntry * Added docs for the conditions attribute of a blueprint entry * Website linting fix * add new tag to vscode settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-21 17:04:00 +00:00
Jens L	609f95ac97	providers: add preview for mappings (#4254 ) * preview Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: show provider page on application page Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use oauth2 end session url instead of direct interface Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * dont show provider page on application page for now Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add UI for preview Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * translate and release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * separate saml api files Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-21 12:13:11 +01:00
Jens Langhammer	027ca88d83	lib: enable sentry profiles_sample_rate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-19 12:51:22 +01:00
Jens L	ec925491b2	stages/captcha: customisable URLs (#3832 ) * make api and js url customisable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use recaptcha.net domains Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * regen locale Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-18 14:18:43 +01:00
Jens Langhammer	3418943949	root: allow custom settings via python module Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-15 10:59:14 +01:00
Jens Langhammer	8d169a8bd9	Merge branch 'version-2022.11'	2022-12-12 17:05:39 +00:00
Jens Langhammer	f47ce9a360	stages/user_login: prevent double success message when logging in via source Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 16:34:16 +00:00
Jens Langhammer	01a897dbc2	flows: set stage name and verbose_name for in_memory stages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 16:22:48 +00:00
Jens Langhammer	fddcb3a835	events: remove legacy logger declaration Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 15:32:06 +00:00
Jens Langhammer	5d51621278	stages/user_write: always ignore `component` field and prevent warning Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 15:31:56 +00:00
Jens Langhammer	9ffc720f48	policies: log correct cache state Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-12 15:31:41 +00:00
Jens Langhammer	4d8978ea90	bleuprints: fix flaky test Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-09 11:04:44 +00:00
sdimovv	8d13235b74	blueprints: fixed bug causing filtering with an empty query (#4106 ) * Fixed bug causing filtering with an empty query Fixed bug allowing blueprint import to filter for existing models using an empty query. The code only checks if the `identifiers` dict is empty, but `__query_from_identifier` skips identifier member values of type `dict` or keys == `pk`, so it is possible to produce an empty query if an `identifier` consists of just `dict` type members or "pk" key. Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Added test case * Added support for using dict fields as blueprint entry identifiers * Disabled pylint too-many-locals for _validate_single Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>	2022-12-06 12:06:25 +01:00
Jens Langhammer	44bf9a890e	release: 2022.11.3	2022-12-02 23:00:59 +02:00
Jens Langhammer	58cd6007b2	Merge branch 'version-2022.11'	2022-12-02 18:12:38 +02:00
Jens L	db95dfe38d	security: fix CVE 2022 46145 (#4140 ) * add flow authentication requirement Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add website for cve Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * flows: handle FlowNonApplicableException without policy result Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-02 16:14:25 +01:00
sdimovv	1f7d52c5ce	blueprints: Support nested custom tags in `!Find` and `!Format` tags (#4127 ) * Added support for nested tags to !Find and !Format * Added tests * Fix variable names * Added docs * Fixed small mistake in tests * Fixed variable names * Broke example into multiple lines	2022-12-01 16:10:26 +01:00
Jens Langhammer	3251bdc220	events: improve handling creation of events with non-pickleable objects Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-01 15:56:28 +02:00
Jens Langhammer	2a4daa5360	release: 2022.11.2	2022-12-01 10:41:29 +02:00
Jens Langhammer	e1a6dede54	*: backport CVE-2022-46145 fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-12-01 10:41:26 +02:00
Jens Langhammer	cf40e5047e	policies: don't log context when policy returns None Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-30 14:43:47 +02:00
Jens Langhammer	d5329432fe	lib: fix uploaded files not being saved correctly, add tests closes #4110 #4109 #4107 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-30 12:48:33 +02:00
sdimovv	5156aeee0f	policies/password: Always add generic message to failing zxcvbn check (#4100 ) * Always add generic message to failing zxcvbn password policy Depending on the settings, sometimes a password policy that checks a password with the zxcvbn tool can fail without any message. For example: ``` $ echo 'Awdccdw1234' \| zxcvbn \| jq \| grep "feedback" -A 5 -B 1 Password: "score": 3, "feedback": { "warning": "", "suggestions": [] } } ``` As seen above the tool does not produce any warnings or suggestions for the given password, but if the password policy is set to have a zxcvbn threshold of 3, the policy will silently fail without communicating the reason to the user. There are two ways to handle this: 1. Always add a generic "password is too weak" message when the policy fails. 2. Check if there are any suggestions or warnings from the zxcvbn tool and only add the generic message if not. I personally prefer 1. This way the generic message will be shown whenever the policy fails, and will get combined with extra "tips" whenever zxcvbn has some. Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Update authentik/policies/password/models.py Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> * Added test case * fix black formatting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens L. <jens@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-30 07:58:16 +00:00
Jens Langhammer	e22fce02f8	stages/authenticator_validate: improve validation for not_configured_action Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-28 10:52:51 +01:00
Jens Langhammer	e2bd96c5de	stages/authenticator_validate: fix validation to ensure configuration stage is set Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-25 21:37:52 +01:00
Jens Langhammer	f8ef2b666f	events: fix incorrect EventAction being used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-25 11:53:05 +01:00
Jens Langhammer	a9909fcf6d	providers/oauth2: set amr values based on login event closes #4070 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-25 11:21:59 +01:00
Jens Langhammer	1fa9b3a996	providers/saml: set AuthnContextClassRef based on login event Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #4070	2022-11-25 11:21:45 +01:00
Jens Langhammer	5019346ab6	events: save login event in session after login Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #4070	2022-11-25 11:21:00 +01:00
Jens Langhammer	f22f1ebcde	stages/authenticator_validate: save used mfa devices in login event Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-25 10:47:49 +01:00
Jens Langhammer	1c2cdfe06a	web/flows: improve error messages for failed duo push Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-24 13:42:13 +01:00
Jens Langhammer	d0308a8239	stages/authenticator_validate: log duo error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-24 11:36:43 +01:00
Jens Langhammer	6843c8389b	stages/authenticator_duo: fix imported duo devices not being confirmed Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-24 11:36:34 +01:00
Jens Langhammer	3a13d19695	release: 2022.11.1	2022-11-22 21:42:10 +01:00
Jens Langhammer	ed7bef9dbf	blueprints: open fixtures in read only mode Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-22 21:39:30 +01:00
Jens Langhammer	b9fdb63a57	core: fix lint Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-22 21:02:18 +01:00
Jens Langhammer	5262d89505	core: fix tab-complete in shell Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-22 20:30:00 +01:00
Jens L	ab3d47c437	blueprints: add desired state attribute to objects (#4061 ) * add state attribute to delete objects Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add tests, move yaml from block to files Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add state to docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * only try to format Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-22 14:27:20 +01:00
Jens Langhammer	14cd52686d	stages/email: add test for email translation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #3885	2022-11-22 14:14:42 +01:00
Jens Langhammer	1a39754fe9	*: don't return values in test suites Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-22 11:38:34 +01:00
Jens Langhammer	5b8223808e	Merge branch 'version-2022.11'	2022-11-21 22:14:33 +01:00
Jens Langhammer	14f341f504	web/admin: fix error when importing duo devices Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-21 21:36:10 +01:00
Jens Langhammer	20c1770ec4	release: 2022.11.0	2022-11-21 20:12:02 +01:00
Jens Langhammer	a2e512c36c	stages/authenticator_validate: add flag to configure user_verification for webauthn devices Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-21 17:52:37 +01:00
Jens Langhammer	3c2da8138d	stages/invitation: directly delete invitation now that flow plan is saved in email token Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-21 14:55:49 +01:00
Jens Langhammer	426f0bc9dd	events: deepcopy event kwargs to prevent objects being removed, remove workaround closes #4041 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-21 12:31:17 +01:00
Jens Langhammer	cc3ab141e5	policies: only cache policies for authenticated users closes #4033 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-18 21:06:53 +01:00
Jens Langhammer	c158ef80db	*: fix remaining old cache keys Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-18 16:18:32 +01:00
Jens L	9f5fb692ba	sources: add custom icon support (#4022 ) * add source icon Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add to oauth form Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add to other browser sources Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add migration, return icon in UI challenges Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * deduplicate file upload Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-16 14:10:10 +01:00
Jens Langhammer	d67ec1b62f	lib: fix complex objects being included in event context for ak_create_event Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 16:51:02 +01:00
Jens Langhammer	e5241ac574	core: fix error when propertymappings return complex value Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 16:28:15 +01:00
Jens L	276af8457d	root: make sentry DSN configurable (#4016 ) * make sentry DSN configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * make proxy smarter Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix typo in config struct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 16:05:29 +01:00
Jens L	55aa1897af	root: use single redis db (#4009 ) * use single redis db Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ensure __str__ always returns string Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix remaining old prefixes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release notes Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 14:31:29 +01:00
Jens Langhammer	9f269faf53	stages/authenticator_*: cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-15 13:46:00 +01:00
Jens Langhammer	9bde7ef59e	Revert "stages/authenticator_*: directly save devices into db instead of session to prevent race conditions" closes #4008 This reverts commit `538c2ca4d3`. Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> # Conflicts: # authentik/stages/authenticator_static/stage.py # authentik/stages/authenticator_totp/stage.py	2022-11-15 11:35:53 +01:00
Jens L	88594075b2	policies/password: merge hibp add zxcvbn (#4001 ) * initial zxcvbn Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api and port tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * more tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add ui Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update docs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add api diff Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-14 14:42:43 +01:00
Jens L	ffe6f65af5	outposts/kubernetes: ingress class (#4002 ) * add support for ingressClassName Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add option to disable ssl verification for k8s controller Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * update website Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-14 14:24:11 +01:00
dependabot[bot]	4095c422df	core: bump python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye (#3864 ) * core: bump python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye Bumps python from 3.10.7-slim-bullseye to 3.11.0-slim-bullseye. --- updated-dependencies: - dependency-name: python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * bump project Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * bump deps Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * bump ci to 3.11 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix formatting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-13 14:20:55 +01:00
sdimovv	5d8dd9cf3f	blueprints: Fixed bug causing blueprint instance context be discarded (#3990 ) Fixed bug causing blueprint instance context be discarded when applying a blueprint.	2022-11-12 13:23:33 +01:00
Jens Langhammer	3306003f0e	providers/oauth2: fix inconsistent expiry encoded in JWT - access token validity is used for JWTs issues in implicit flows - general cleanup of how times are set closes #2581 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-10 20:23:24 +01:00
Daniel	85c790728f	core: simplify group serializer for user API endpoint (#3899 ) * core/api: Adding simple group serializer to improve user retrieval performance Due to the exhaustive use of the user_obj the performance suffers greatly if the users are assigned to large groups. This simple fix adds a new serializer that does not expose the user_obj within a group. * core/api: Update schema Update to the schema based on the new SimpleGroupSerializer * core/api: Fix black and pylint * make naming consistent, remove unnecessary fields Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-09 11:19:40 +01:00
Jens Langhammer	47132faffb	root: relicense and launch blog post Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-11-03 16:00:00 +01:00
Jens Langhammer	cd0d898a4b	events: sanitize generator for json safety closes #3903 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-31 20:30:11 +01:00
Jens Langhammer	400751ed3c	api: fix missing scheme in securitySchemes closes #3883 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-29 18:50:34 +02:00
Jens Langhammer	f3a72761c0	release: 2022.10.1	2022-10-29 17:24:55 +02:00
Jens Langhammer	841c13ed77	core: set prehydrated locale based on active backend locale Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-28 19:43:24 +02:00
Jens L	30d708dd1f	core: explicitly enable locales (#3889 ) * activate locales Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * set locale for email templates Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-28 19:42:49 +02:00
Jens Langhammer	9d0a7578ec	flows: fix error due to not validating error challenge Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-27 20:04:00 +02:00
Jens Langhammer	f8fab14e1e	core: refactor MessageStage to not use dynamic class Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-26 20:01:42 +02:00
Jens Langhammer	6b35d0c70b	core: check if session is authenticated before showing linked message Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-26 00:30:42 +02:00
Jens Langhammer	dd65862bf2	core: show success message when authenticating/enrolling after flow is finished Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-25 22:46:15 +02:00
Jens Langhammer	6ea57921f2	sources/saml: set username field to name_id attribute Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-24 21:53:37 +02:00
Jens Langhammer	b0d4f035f1	blueprints: fix error when cleaning up unset attribute Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-21 22:12:59 +02:00
Jens Langhammer	661d2ec701	Merge branch 'version-2022.10'	2022-10-21 22:11:04 +02:00
Jens Langhammer	3f570bb96d	blueprints: improve error handling Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-21 20:18:02 +02:00
Jens Langhammer	89dc46a7ff	release: 2022.10.0	2022-10-21 19:42:38 +02:00
Jens Langhammer	a1ce8100e9	stages/identification: log invalid_login similar to event for easier log parsing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #3715	2022-10-20 19:31:22 +02:00
Jens Langhammer	13d975a258	flows: fix error when opening inspector with no history Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-20 19:30:56 +02:00
Jens Langhammer	782fec0eb9	flows: use stripped down flow serializer for flow_set to optimise loading time Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-20 09:56:08 +02:00
Jens L	cfad472e1b	flows: optimise queries (#3818 ) * flows: optimise flow queries Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * index source on slug and name Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * binding index Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add policy parent index Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * cleanup old migrations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * fix Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add release note to upgrade Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 22:53:07 +02:00
Jens Langhammer	6882445937	*: handle PermissionError when saving files, ensure permission bits are set correctly closes #3817 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 20:24:28 +02:00
Jens Langhammer	9e3bf94547	flows: optimise flow API loading speed Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 10:29:06 +02:00
Jens L	b06a3a8f9f	admin: add authorisations metric (#3811 ) add authorizations metric Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-19 00:06:45 +02:00
dependabot[bot]	167695d4b1	core: bump channels from 3.0.5 to 4.0.0 (#3799 ) * core: bump channels from 3.0.5 to 4.0.0 Bumps [channels](https://github.com/django/channels) from 3.0.5 to 4.0.0. - [Release notes](https://github.com/django/channels/releases) - [Changelog](https://github.com/django/channels/blob/main/CHANGELOG.txt) - [Commits](https://github.com/django/channels/compare/3.0.5...4.0.0) --- updated-dependencies: - dependency-name: channels dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * add daphne Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:34:27 +02:00
Jens Langhammer	3e1490dcac	providers/saml: don't attempt verification of SAML request when no verification certificate is configured Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:26:04 +02:00
Jens Langhammer	6bff6a2a1a	core: fallback to empty user object for PropertyMappingEvaluator Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:03:26 +02:00
Jens L	0efee2a660	flows: improved import (#3807 ) * return logs when importing flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * improve error handling, show logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:01:42 +02:00
Jens L	b85be12567	providers/oauth2: fix issues with es256 and add tests (#3808 ) fix issues with es256 and add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-18 22:01:29 +02:00
Jens Langhammer	96a30af0eb	sources/oauth: allow overriding of all scopes closes #3747 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-16 21:21:43 +02:00
Jens Langhammer	76531589dd	core: fix title in generic error template Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>	2022-10-16 13:55:22 +02:00

1 2 3 4 5 ...

2657 Commits