Jens Langhammer
7f47f93e4e
internal: cleanup log messages
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-19 19:01:24 +01:00
Jens Langhammer
14c7d8c4f4
internal: route traffic to proxy providers based on cookie domain when multiple domain-level providers exist
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#2079
2022-01-18 23:19:43 +01:00
Jens Langhammer
819af78e2b
internal: make internal go version match python version
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-14 10:45:37 +01:00
Jens Langhammer
c07b8d95d0
outposts/proxy: remove deprecated headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 17:01:23 +01:00
Jens Langhammer
bf347730b3
outposts/ldap: remove deprecated fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 09:52:19 +01:00
Jens Langhammer
ececfc3a30
internal: fix comment formatting for TODOs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-07 09:51:41 +01:00
Jens Langhammer
c15e4b24a1
release: 2021.12.5
2022-01-06 21:29:12 +01:00
Jens Langhammer
c741c13132
internal: fix listen attempt on shutdown
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 12:36:11 +01:00
Jens Langhammer
f246da6b73
outposts/proxy: fix error checking for type assertion
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:57:32 +01:00
Jens Langhammer
27e4c7027c
web: fix potential panic
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:24:44 +01:00
Jens Langhammer
410d1b97cd
outposts/proxy: add support for multiple states, when multiple requests are redirect at once
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-26 14:16:02 +01:00
Jens Langhammer
884c546f32
outposts: clean up flow executor
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 19:52:19 +01:00
Jens Langhammer
47356915b1
outposts: fix outpost's sentry not sending release
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 19:01:32 +01:00
Jens Langhammer
9c42b75567
release: 2021.12.4
2021-12-23 10:32:48 +01:00
Jens Langhammer
87e99625e6
internal: update tenant certificates on outpost refresh
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 00:38:49 +01:00
Jens Langhammer
34b11524f1
tenants: add web certificate field, make authentik's core certificate configurable based on keypair
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
Jens Langhammer
b3ba083ff0
internal: cleanup logging, remove duplicate code
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:33:21 +01:00
Jens Langhammer
22a8603892
internal: add custom proxy certificates support to embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 10:16:01 +01:00
Jens Langhammer
cf4b4030aa
release: 2021.12.3
2021-12-21 20:52:08 +01:00
Jens Langhammer
ba55538a34
outposts/proxy: cleanup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 19:16:06 +01:00
Jens Langhammer
f742c73e24
outposts/proxy: fix allowlist for forward_auth
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1970
2021-12-21 15:49:25 +01:00
Jens Langhammer
b932b6c963
website/docs: update log levels
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:15:17 +01:00
Jens Langhammer
3c048a1921
outposts/proxy: fix session not expiring correctly due to miscalculation
...
closes #1976
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 13:10:57 +01:00
Jens Langhammer
f10b57ba0b
outposts/proxy: handle redirect loop in start handler, show error message
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-21 10:07:08 +01:00
Jens Langhammer
92b4244e81
providers/proxy: update traefik regex
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
#1969
2021-12-20 22:43:58 +01:00
Jens Langhammer
eca2ef20d0
outposts/proxy: add initial redirect-loop prevention
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:21:53 +01:00
Jens Langhammer
cac5c7b3ea
outposts/proxy: make templates more re-usable
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:20:23 +01:00
Jens Langhammer
37ee555c8e
outposts/proxy: fix ping URI not being routed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 22:12:02 +01:00
Jens Langhammer
f910da0f8a
outposts: fix initial refresh not calling Server.Refresh()
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:47:32 +01:00
Jens Langhammer
fc9d270992
outposts/ldap: fix log formatter and level not being set correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:46:01 +01:00
Jens Langhammer
621773c1ea
internal: rework global logging settings, embedded outpost no longer overwrites core, clean up double init
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:23:19 +01:00
Jens Langhammer
052e465041
outpost: re-run globalSetup when updating config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:08:03 +01:00
Jens Langhammer
c843f18743
lib: add additional celery logger to sentry ignore
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 21:04:45 +01:00
Jens Langhammer
68637cf7cf
outposts: handle/ignore http Abort handler
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:42:45 +01:00
Jens Langhammer
82acba26af
internal: fix sentry sample rate not applying to proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:42:26 +01:00
Jens Langhammer
e9910732bc
release: 2021.12.2
2021-12-18 21:03:50 +01:00
Jens Langhammer
7a73ddfb60
outposts/proxy: match skipPathRegex against full URL on domain auth
...
closes #1955
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:50:42 +01:00
Jens L
95bce9c9e7
outposts: release binary outposts ( #1954 )
...
* outposts/proxy: always embed static assets, still check local
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add initial ci to build outpost as binary
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: fix typo, build web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: upload to release on publish, only run linux on ci
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: ensure latest go is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: split e2e tests into two halves
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-17 19:49:32 +00:00
Jens Langhammer
03da87991f
outposts: don't use custom environment
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 19:12:05 +01:00
Jens Langhammer
f33190caa5
release: 2021.12.1
2021-12-16 15:48:59 +01:00
Jens Langhammer
741822424a
Merge branch 'master' into version-2021.12
2021-12-16 15:48:53 +01:00
Jens Langhammer
7d6e88061f
outposts: check if hub from context is set and fallback
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 11:19:57 +01:00
Jens Langhammer
f8aab40e3e
internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 11:00:19 +01:00
Jens Langhammer
2a09fc0ae2
release: 2021.12.1-rc5
2021-12-15 10:21:29 +01:00
Jens Langhammer
fbb6756488
Merge branch 'master' into version-2021.12
2021-12-15 10:16:05 +01:00
Jens Langhammer
b5685ec072
outposts: set sentry-trace on API requests to match them to the outer transaction
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 11:50:31 +01:00
Jens Langhammer
cf5ff6e160
outposts: reset backoff after successful connect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:38:48 +01:00
Jens Langhammer
ac9cf590bc
*: use prefixed span names
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:18:42 +01:00
Jens Langhammer
10b16bc36a
outposts: add description to span
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 16:12:14 +01:00
Jens Langhammer
5f0f4284a2
web/admin: fix rendering for applications on view page
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:27:28 +01:00
Jens Langhammer
c11be2284d
outposts/proxy: also set max length for redis backend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:05:55 +01:00
Jens Langhammer
aa321196d7
outposts/proxy: fix securecookie: the value is too long again, since it can happen even with filesystem storage
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 13:33:20 +01:00
Jens Langhammer
09b02e1aec
release: 2021.12.1-rc4
2021-12-13 12:53:58 +01:00
Jens Langhammer
5914bbf173
Merge branch 'master' into version-2021.12
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
2021-12-13 10:54:21 +01:00
Jens Langhammer
4e2457560d
outposts/proxy: use filesystem storage for non-embedded outposts
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 17:59:31 +01:00
Jens Langhammer
2ddf122d27
Revert "outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long"
...
This reverts commit b3e40c6aed
.
2021-12-12 17:58:19 +01:00
Jens Langhammer
deebdf2bcc
outposts: fix unlabeled transaction
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 13:46:31 +01:00
Jens Langhammer
4982c4abcb
outpost: add additional checks for websocket connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-12 00:11:17 +01:00
Jens Langhammer
f4988bc45e
outpost: rewrite re-connect logic without recws
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:53:59 +01:00
Jens Langhammer
8abc9cc031
outposts: cleanup logs for failed binds
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:09:18 +01:00
Jens Langhammer
534689895c
lib: remove old load_local_files setting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-11 22:03:06 +01:00
Jens Langhammer
63a19a1381
outposts/ldap: fix searches with mixed casing
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-09 20:55:51 +01:00
Jens Langhammer
ffb0135f06
release: 2021.12.1-rc3
2021-12-09 13:23:41 +01:00
Jens Langhammer
ee0ddc3d17
Merge branch 'master' into version-2021.12
2021-12-09 13:23:28 +01:00
Ilya Kogan
bd2e453218
outposts/ldap: Fix search case sensitivity. ( #1897 )
2021-12-08 20:11:56 +01:00
Jens Langhammer
b3e40c6aed
outposts/proxy: don't save raw jwt in cookie to prevent securecookie: the value is too long
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 13:54:59 +01:00
Jens Langhammer
2b5504ff63
release: 2021.12.1-rc2
2021-12-04 20:06:41 +01:00
Jens Langhammer
639c2f5c2e
Merge branch 'master' into version-2021.12
2021-12-04 19:55:37 +01:00
Jens Langhammer
ea097afeae
outposts/proxy: fix path prefix in static handler
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:21:40 +01:00
Jens Langhammer
f8dc7f48f2
outposts/proxy: fix path for media
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 18:47:36 +01:00
Ilya Kogan
40404ff41d
outposts/ldap: Rework/improve LDAP search logic. ( #1687 )
...
* outposts/ldap: Refactor searching so we key primarily off base dn
* docs: Updating guides on sssd and the ldap outpost.
2021-12-02 15:28:58 +01:00
Jens Langhammer
85a417d22e
outposts/proxy: re-add rs256 support
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 15:17:32 +01:00
Jens Langhammer
347c3793fc
outposts/proxy: add additional headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 14:19:57 +01:00
Jens Langhammer
e42ad8db93
outposts/proxy: copy user-agent header from upstream request
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 10:01:54 +01:00
Jens Langhammer
e917e756cc
outposts/proxy: make logging fields more consistent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 09:58:50 +01:00
Jens Langhammer
d0ceafe79e
outposts/proxy: add X-authentik-meta-version
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:59:45 +01:00
Jens Langhammer
f2023a7af2
*: don't use go embed to make using custom files easier
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:35:28 +01:00
Jens Langhammer
60b95271eb
outposts/proxy: add additional headers
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:19:09 +01:00
Jens Langhammer
3b068610b9
outposts/proxy: clean up header setting (don't copy all headers)
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-01 20:05:56 +01:00
Jens Langhammer
e6818c1f6a
release: 2021.12.1-rc1
2021-12-01 13:08:13 +01:00
Jens Langhammer
9a393848b2
outpost: configure error reporting based off of main instance config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-29 14:42:19 +01:00
Jens Langhammer
8b7f698c7b
outposts/proxy: continue compiling additional regexes even when one fails
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 15:06:26 +01:00
Jens Langhammer
c7681dde32
outposts: reload on signal USR1, fix display of reload offset
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-24 22:45:27 +01:00
Jens Langhammer
d1bd8f333b
outposts/proxy: use disableIndex for static files
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:50:56 +01:00
Jens Langhammer
2ac9f5426d
outposts: don't panic when listening for metrics fails
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:37:13 +01:00
Jens Langhammer
ae9f1c1063
outpost/ldap: fix panic when attempting to update without locked users mutex
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 19:36:27 +01:00
Jens Langhammer
e08077c73a
root: replace asgi-based logger with middleware
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:32:56 +01:00
Jens Langhammer
7cf8a31057
internal: fix integrated docs not working
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 16:13:02 +01:00
Jens Langhammer
1a9ace6f9d
internal: use runserver when debug for code reload
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 14:04:10 +01:00
Jens Langhammer
97b814ab33
outpost/proxy: show better error when hostname isn't configured
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 22:45:37 +01:00
Jens Langhammer
f069cfb643
outposts/ldap: copy boundUsers map when running refresh instead of using blank map
...
closes #1651
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-13 00:26:01 +01:00
Jens Langhammer
2a3b049b01
release: 2021.10.4
2021-11-12 12:31:24 +01:00
Jens Langhammer
e7b4363d21
outposts/ldap: fix logic error in cached ldap searcher
...
closes #1779
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 23:18:32 +01:00
Jens Langhammer
00324f922d
outposts: send SelectedChallenge when using MFA with Go FlowExecutor
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 21:27:06 +01:00
Jens Langhammer
c98bdbacc5
providers/proxy: return list of configured scope names so outpost requests custom scopes
...
closes #1762
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 23:06:21 +01:00
Jens Langhammer
202b057ce9
outposts/proxy: fix static files not being served in proxy mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-10 17:16:13 +01:00
Jens Langhammer
ab2b13938e
release: 2021.10.3
2021-11-08 20:52:11 +01:00
Jens Langhammer
e6963c543d
outpost: remove analytics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 19:35:53 +01:00
Jens Langhammer
ed6659a46d
outpost/ldap: don't cleanup user info as it is overwritten on bind
...
closes #1651
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:41:38 +01:00
Jens Langhammer
4d36699b78
outpost/ldap: cleanup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 19:32:11 +01:00
Jens Langhammer
13fbac30a2
cmd/server: improve cleanup on shutdown
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-06 13:54:59 +01:00
Jens L
5a8c66d325
providers/ldap: memory Query ( #1681 )
...
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/ldap: add basic in-memory searcher
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/ldap: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add search mode field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:37:30 +01:00
Jens Langhammer
dd82d55725
outposts: also send outpost type
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:08:31 +01:00
Jens Langhammer
8d766efecb
root: don't set signal on start when running in ci or dev
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:32:21 +01:00
Jens Langhammer
9ac3b29418
outpost: add lightweight, anonymous metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 14:10:43 +01:00
Jens Langhammer
6deddd038f
internal: start embedded outpost directly after backend is healthy instead of waiting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 13:18:04 +01:00
Jens Langhammer
c87a9f9489
web: remove debug entry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 20:19:37 +01:00
Jens Langhammer
58c221e867
release: 2021.10.2
2021-11-03 10:07:28 +01:00
Jens Langhammer
0d02dbf55c
api: replace django sentry proxy with go proxy to prevent login issues
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-02 14:44:37 +01:00
Jens Langhammer
2788329880
release: 2021.10.1
2021-10-31 10:56:21 +01:00
Jens Langhammer
8d5460a132
outposts: separate websocket re-connection logic to decrease requests on reconnect
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 21:33:50 +02:00
Jens Langhammer
381010600f
release: 2021.10.1-rc3
2021-10-27 18:57:07 +02:00
Jens Langhammer
731f5d0199
release: 2021.10.1-rc2
2021-10-21 16:38:30 +02:00
Jens Langhammer
2e06786869
outpost/ldap: fix logging for mismatched provider
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 19:49:17 +02:00
Jens Langhammer
02b4173d30
root: add utm_source
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-20 16:34:39 +02:00
Jens Langhammer
5da7d9a573
release: 2021.10.1-rc1
2021-10-19 15:34:59 +02:00
Jens Langhammer
4d51ec906d
internal/proxyv2: improve error handling when configuring app
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-13 21:48:11 +02:00
Jens Langhammer
57e86582d1
Revert "root: handle liveness probe in router (also keep internal one)"
...
This reverts commit dd7cb45733
.
2021-10-12 18:44:08 +02:00
Jens Langhammer
dd7cb45733
root: handle liveness probe in router (also keep internal one)
...
This reverts commit d39dbc7287
.
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 18:43:39 +02:00
Jens Langhammer
d39dbc7287
root: handle liveness probe in router
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 14:54:15 +02:00
Jens Langhammer
22a7c25526
internal: call GetStore on application to improve logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-12 13:33:20 +02:00
Jens L
aef9d27706
stages/authenticator_sms: Add SMS Authenticator Stage ( #1577 )
...
* stages/authenticator_sms: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add initial stage UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: clear invalid state when old input was invalid but new input is correct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add more logic
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/user: add basic SMS settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: initial working version
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_sms: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: optimise totp password manager entry on authenticator_validation stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/elements: add grouping support for table
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: allow sms class in authenticator stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add grouping to more pages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* stages/authenticator_validate: add SMS support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add throttling for flow executor based on session key and pending user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix style issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ci: add workflow to compile backend translations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
Ilya Kogan
9ed236f7ab
outposts/ldap: Support hard coded `uidNumber` and `gidNumber`. ( #1582 )
2021-10-10 23:43:36 +02:00
Jens Langhammer
619203c177
release: 2021.9.8
2021-10-10 13:12:26 +02:00
Jens Langhammer
e444d0d640
release: 2021.9.7
2021-10-06 20:57:56 +02:00
Jens Langhammer
2b730dec54
release: 2021.9.6
2021-10-05 22:22:54 +02:00
Jens Langhammer
2aacb311bc
internal: add internal healthchecking to prevent websocket errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 22:22:38 +02:00
Jens Langhammer
bcf7e162a4
release: 2021.9.5
2021-10-04 20:08:46 +02:00
Jens Langhammer
d676cf6e3f
outposts/proxy: show full error message when user is authenticated
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:20:44 +02:00
Jens Langhammer
39d87841d0
outposts/proxy: add new headers with unified naming
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:20:44 +02:00
Jens Langhammer
fcd879034c
outpost/proxy: fix missing negation for internal host ssl verification
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-03 18:20:44 +02:00
Jens Langhammer
1a6ea72c09
release: 2021.9.4
2021-10-01 09:51:51 +02:00
Jens Langhammer
c19afa4f16
outposts/proxy: fix duplicate protocol in domain auth mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 10:02:01 +02:00
Jens Langhammer
941bc61b31
release: 2021.9.3
2021-09-27 17:31:50 +02:00
Jens Langhammer
75ef4ce596
tests/e2e: add new ldap object classes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:57:42 +02:00
Jens Langhammer
c2f3ce11b0
outposts/ldap: fix potential panic when converting attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:52:25 +02:00
Jens Langhammer
3c256fecc6
outposts/ldap: add groupofuniquenames
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:49:11 +02:00
Jens Langhammer
0285b84133
outposts/ldap: add query support for all supported object classes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:42:26 +02:00
Jens Langhammer
c7e6eb8896
outposts/ldap: add support for base scope and domain info
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 14:01:22 +02:00
Jens Langhammer
b248f450dd
outposts: make AUTHENTIK_HOST_BROWSER configurable from central config
...
closes #1471
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 12:00:51 +02:00
Jens Langhammer
234a5e2b66
outposts: fix outposts not correctly updating central state
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 11:40:21 +02:00
Jens Langhammer
9f4a4449f5
outposts/proxy: ensure cookies only last as long as tokens
...
closes #1462
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 16:12:59 +02:00
Jens Langhammer
27e04589c1
outposts/proxyv2: fix routing not working correctly for domain auth
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 23:32:16 +02:00
Jens Langhammer
8d72b3498d
internal: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-24 10:44:28 +02:00
Jens Langhammer
eddca478dc
release: 2021.9.2
2021-09-23 12:34:02 +02:00
Jens Langhammer
52bb774f73
internal: add asset paths for user interface
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-23 09:57:24 +02:00
Jens Langhammer
2fe6de0505
release: 2021.9.1
2021-09-22 19:11:20 +02:00
Jens Langhammer
ebc06f1abe
outposts/ldap: fix logic error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 13:19:50 +02:00
Jens Langhammer
0f8880ab0a
outposts: fix typo
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-22 13:14:28 +02:00
Jens Langhammer
1f97420207
outposts/ldap: allow custom attributes to shadow built-in attributes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 21:59:39 +02:00
Jens Langhammer
a92a0fb60a
web: migrate to lit 2
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-21 11:19:26 +02:00
Jens Langhammer
ac52667327
release: 2021.9.1-rc3
2021-09-19 21:52:49 +02:00
Jens Langhammer
28189bdddf
release: 2021.9.1-rc2
2021-09-16 23:23:36 +02:00
Jens Langhammer
f771383c4b
cmd: fix outpost metrics not being set in embedded mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 12:09:12 +02:00
Jens Langhammer
471f7d9c62
outposts: add consistent name and type to metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:14:51 +02:00
Jens Langhammer
a6a6b3bd06
outposts: add outpost_name label to metrics
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 10:04:17 +02:00
Jens Langhammer
48ad3dccda
outposts/proxy: remove deprecated rs256
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 09:57:47 +02:00
Jens Langhammer
bdd5e16db1
release: 2021.9.1-rc1
2021-09-15 20:20:54 +02:00
Jens Langhammer
95efd47f65
root: remove asgi error handler
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 12:23:14 +02:00
Jens Langhammer
198e5ce642
outpost: fix crash when common keys are not defined in config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 17:40:48 +02:00
Jens Langhammer
8e59b06611
lifecycle: migrate to gunicorn instead of runserver
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-13 17:54:23 +02:00
Jens Langhammer
223d9ad414
outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-11 19:30:21 +02:00
Jens Langhammer
bf771f8b6c
release: 2021.8.5
2021-09-11 19:20:13 +02:00
Jens Langhammer
9a79bab43d
outposts/proxy: fix redirect URL error due to callback url not being joined correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 16:19:29 +02:00
Jens Langhammer
3d042e708a
outposts/proxy: always redirect on forward_auth for traefik
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 12:43:57 +02:00
Jens Langhammer
2428d5f1c2
outpost: update global outpost config on refresh
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 12:18:19 +02:00
Jens L
7158c9d2ea
core: metrics v2 ( #1370 )
...
* outposts: add ldap metrics, move ping to 9100
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: add flow_executor metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* use port 9300 for metrics, add core metrics port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/controllers/k8s: add service monitor creation support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:52:24 +02:00
Jens Langhammer
e5944567e8
outposts/proxy: fix url not being substituted for sign_out
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 11:00:58 +02:00
Jens Langhammer
d296c12d01
outposts/proxy: fix redirect when using forward_auth mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 10:56:20 +02:00
Jens Langhammer
4c3a9e69f2
outposts/proxy: fix securecookie: no codecs provided error with redis
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 10:23:46 +02:00
Jens Langhammer
8ca29f6d49
Revert "outpost/proxy: set samesite none"
...
This reverts commit f7afb60c1f
.
2021-09-08 22:56:24 +02:00
Jens Langhammer
0a33d38adf
outpost/proxy: fix prometheus errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 22:41:41 +02:00
Jens Langhammer
f7afb60c1f
outpost/proxy: set samesite none
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 22:06:44 +02:00
Jens Langhammer
b9c605bf1a
outpost/proxy: fix double slash when trailing slash in authentik_host
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 22:03:41 +02:00
Jens Langhammer
2983adc719
outpost/proxyv2: fix redirect to localhost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 21:07:16 +02:00
Jens Langhammer
502393ee56
outpost/proxyv2: allow port offset via yaml
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 21:07:06 +02:00
Jens L
3c1b70c355
outposts/proxyv2 ( #1365 )
...
* outposts/proxyv2: initial commit
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
more stuff
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add forward auth an sign_out
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
match cookie name
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
re-add support for rs256 for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add error handler
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
ensure unique user-agent is used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
set cookie duration based on id_token expiry
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
build proxy v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add ssl
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add basic auth and custom header support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add application cert loading
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
implement whitelist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add redis
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
migrate embedded outpost to v2
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
remove old proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
providers/proxy: make token expiration configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
add metrics
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
fix tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only allow one redirect URI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix docker build for proxy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove default port offset
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add AUTHENTIK_HOST_BROWSER
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix e2e/integration tests not using proper tags
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* remove references of old port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* fix user_attributes not being loaded correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup dependencies
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
Jens Langhammer
631b0a1819
outpost/proxy: improve error logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 23:33:48 +02:00
Jens Langhammer
bc7d5042df
outpost/proxy: use common template for proxy error
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 16:44:15 +02:00
Jens Langhammer
70d0dd51a5
sources/oauth: cancel currently active flows before redirecting out
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 11:03:45 +02:00
Jens Langhammer
9ad4cf1db9
outposts/ldap: improve logging of client IPs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-05 19:47:30 +02:00
Jens Langhammer
75476217a0
internal: fix web requests not having a logger set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:52:47 +02:00
Jens Langhammer
7771c0b905
internal: fix font loading errors on safari
...
closes #1057
for some reason safari appends the relative font path to the document URL not to the stylesheet URL. Since I don't want to build a fully custom patternfly base css file, this mounts the static files where safari expects them
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:50:29 +02:00
Jens Langhammer
126e43dea4
internal: disable directory listing on static files
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:40:29 +02:00
Jens Langhammer
70d1e3a0cb
outpost: fix spans being sent without parent context
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-03 18:17:08 +02:00
Jens Langhammer
276d8fe5cf
release: 2021.8.4
2021-09-02 20:21:21 +02:00
Jens Langhammer
a15571bd3e
outposts/proxy: detect empty authentik_host
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 22:09:07 +02:00
Jens Langhammer
b1eec5a7d2
outposts/proxy: add more logging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-30 17:18:52 +02:00
Jens Langhammer
048467e97d
outpost/ldap: delay user information removal upon closing of connection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 21:13:46 +02:00
Jens Langhammer
cc2cd6919f
outpost/embedded: only send requests for non-akprox paths when we're doing proxy mode
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 21:13:28 +02:00
Jens Langhammer
45731d8069
cmd: add option to disable embedded outpost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-29 19:19:13 +02:00
Jens Langhammer
160139813d
release: 2021.8.3
2021-08-28 16:58:44 +02:00
Jens Langhammer
8acb15a7fd
outpost: fix flow executor not sending password for identification stage
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-27 09:43:07 +02:00
Jens Langhammer
c4f72c2bc1
release: 2021.8.2
2021-08-26 17:58:20 +02:00
Jens Langhammer
897f6f3473
release: 2021.8.1
2021-08-26 16:03:45 +02:00
Jens Langhammer
ffbab2cd68
outpost/ldap: set request_id in sentry
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 22:36:08 +02:00
Jens Langhammer
4d27694706
release: 2021.8.1-rc2
2021-08-24 21:29:29 +02:00
Jens Langhammer
58712047e1
root: add ASGI Error handler
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 15:15:12 +02:00
Jens Langhammer
7639cdad0a
release: 2021.8.1-rc1
2021-08-22 20:17:35 +02:00
Jens Langhammer
294d70ae4d
outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 17:53:09 +02:00
Jens Langhammer
23fd257624
outposts/ldap: fix nil pointer dereference when search self
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:51:47 +02:00
Jens Langhammer
3e909ae6bb
core: allow filtering users by the groups they are in
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:27:48 +02:00
Jens Langhammer
ff24bc8cb8
outpost/ldap: regularly pre-heat flow executor cache to increase bind performance
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 16:17:30 +02:00
Jens Langhammer
2015d91484
outpost: load global config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 14:14:18 +02:00
Jens Langhammer
54b7ef42f5
outpost/ldap: add sAMAccountName on groups for compatibility
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-15 15:59:24 +02:00
Jens Langhammer
7e62b82d56
outpost/embedded: fix login URL not being set correctly from outpost config
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-11 12:39:27 +02:00
Jens Langhammer
93de363c86
website/developer-docs: add notice for translation requirements
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 21:42:59 +02:00
Jens Langhammer
80df444067
outposts/ldap: add sAMAccountName field for compatibility
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-09 21:00:02 +02:00
Jens Langhammer
fe91bff854
outpost/embedded: fix schema
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 23:09:35 +02:00
Jens Langhammer
03958d170b
outpost/proxy: fix string substitution for internal
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 22:24:10 +02:00
Jens Langhammer
16f0f89a9d
outpost/embedded: fix embedded outpost redirecting to localhost
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 15:39:52 +02:00
Jens Langhammer
e02207f38d
outpost/embedded: use redis session backend
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 22:12:22 +02:00
Jens Langhammer
a43fb026a0
Merge branch 'version-2021.7'
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# authentik/core/api/users.py
# authentik/providers/saml/processors/metadata_parser.py
# web/src/pages/sources/oauth/OAuthSourceForm.ts
# web/src/pages/sources/plex/PlexSourceForm.ts
# web/src/pages/users/UserForm.ts
2021-08-05 20:23:32 +02:00
Jens Langhammer
18211a2033
release: 2021.7.3
2021-08-05 19:23:03 +02:00
Jens Langhammer
6af2c6a014
outpost/ldap: fix errors with new UserSelf serializer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 18:20:24 +02:00
Jens Langhammer
8e797fa76b
outpost/ldap: fix errors with new UserSelf serializer
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 18:16:06 +02:00
Jens Langhammer
9c9bcb7a01
Merge branch 'version-2021.7'
2021-08-01 19:23:22 +02:00
Jens Langhammer
add7a80fdc
release: 2021.7.2
2021-08-01 19:11:50 +02:00
Jens Langhammer
7ecd57ecff
outpost: bump timer for periodic config reloads
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 12:33:20 +02:00
Jens Langhammer
66c3535bcb
outpost: bump timer for periodic config reloads
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 21:57:33 +02:00
Jens L
f01bc20d44
Embedded outpost ( #1193 )
...
* api: allow API requests as managed outpost's account when using secret_key
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: load secret key from env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: make listener IP configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost/proxy: run outpost in background and pass requests conditionally
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: unify branding to embedded
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix embedded outpost not being editable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix mismatched host detection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix LDAP test not including user for embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests/e2e: fix user matching
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add tests for secret_key auth
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: load environment variables using github.com/Netflix/go-env
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-29 11:30:30 +02:00
Jens Langhammer
e6b515e3f7
release: 2021.7.1
2021-07-27 10:35:45 +02:00
Jens Langhammer
3041a30193
release: 2021.7.1-rc2
2021-07-24 18:32:05 +02:00
Jens Langhammer
5ff3e9b418
outposts/ldap: add support for member query
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 20:00:23 +02:00
Jens Langhammer
f6e1bfdfc8
outpost: fix 100% CPU Usage when not connected to websocket
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 18:57:26 +02:00
Jens Langhammer
aca3a5c458
outpost: add tracing for http client
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 17:37:06 +02:00
Jens Langhammer
6a8be0dc71
outposts/ldap: improve parsing of LDAP filters
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 15:41:09 +02:00
Jens Langhammer
34189fcc06
outposts/ldap: search users and group in parallel
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 22:55:23 +02:00
Jens Langhammer
0d0dcf8de0
outposts/ldap: optimise backend Search API requests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 20:38:30 +02:00
Jens Langhammer
1b4654bb1d
outposts/ldap: add tracing for LDAP bind and search
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 19:23:56 +02:00
Jens Langhammer
66bfa6879d
outposts/proxy: add X-Auth-Groups header to pass groups
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 10:47:58 +02:00
Jens Langhammer
253f345fc4
outposts: save certificate fingerprint and check before re-fetching to cleanup logs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-21 23:53:43 +02:00
Jens Langhammer
39ad9d7c9d
release: 2021.7.1-rc1
2021-07-21 10:44:40 +02:00
Jens Langhammer
d89266a9d2
outposts/ldap: fix order of Listeners
...
TCP -> PROXY -> TLS
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-20 15:25:11 +02:00
Jens Langhammer
d678d33756
root: add support for PROXY protocol on listeners
...
closes #1161
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-20 11:03:09 +02:00
Jens Langhammer
de4710ea71
outpost: minor cleanup
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 17:19:48 +02:00
Jens Langhammer
d55b31dd82
outposts/proxy: set server header
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 17:11:11 +02:00
Jens Langhammer
d87871f806
outposts/ldap: improve logging, add request ID
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 13:41:29 +02:00
Jens Langhammer
a2c587be43
outposts: don't authenticate as service user for flows to set remote-ip
...
set outpost token as additional header and check that token (user) if they can override remote-ip
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-19 13:17:13 +02:00
Jens Langhammer
4029e19b72
outposts/ldap: fix order of flow check
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 22:22:35 +02:00
Jens Langhammer
322a343c81
root: fix log level not being set to DEBUG for tests
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 21:45:08 +02:00
Jens Langhammer
6ddd6bfa72
root: fix linting errors
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 20:54:34 +02:00
Jens Langhammer
36de302250
outposts: separate CLI flow executor from ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-18 15:51:48 +02:00
Jens Langhammer
cffc6a1b88
outpost/ldap: fix import
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 20:02:36 +02:00
Jens Langhammer
a0b63f50bf
outposts: fix import for self-signed cert on ldap
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 19:38:04 +02:00
Jens Langhammer
05161db458
cmd: fix shutdown not being signaled properl
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 18:04:09 +02:00
Jens Langhammer
311ffa9f79
internal: don't send kill signal to child as we mange it
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 17:07:35 +02:00
Jens Langhammer
7cbe33d65d
internal: fix gunicorn not being restarted correctly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-17 16:59:31 +02:00
Jens Langhammer
b3159a74e5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# Dockerfile
# internal/outpost/ak/api.go
# internal/outpost/ak/api_uag.go
# internal/outpost/ak/global.go
# internal/outpost/ldap/api_tls.go
# internal/outpost/ldap/instance_bind.go
# internal/outpost/ldap/utils.go
# internal/outpost/proxy/api_bundle.go
# outpost/go.mod
# outpost/go.sum
# outpost/pkg/ak/cert.go
2021-07-17 12:49:38 +02:00
Jens Langhammer
bdb84b7a8f
root: build bundled docs into helo dir to fix path issue with packaged static files
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-13 19:09:16 +02:00
Jens Langhammer
be5c8341d2
root: add bundled docs
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-13 11:06:51 +02:00
Jens Langhammer
948db46406
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-07-05 19:11:26 +02:00
Jens Langhammer
adc4cd9c0d
release: 2021.6.4
2021-07-05 16:59:29 +02:00
Jens Langhammer
30033d1f90
g: fix static and media caching not working properly
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 21:43:37 +02:00
Jens Langhammer
3dc9e247d5
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-07-02 16:23:30 +02:00
Jens Langhammer
ff42663d3c
root: more code merging
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-29 16:21:00 +02:00
Jens Langhammer
8429dd19b2
Merge branch 'master' into inbuilt-proxy
2021-06-29 16:20:24 +02:00
Jens Langhammer
680b182d95
release: 2021.6.3
2021-06-29 16:19:07 +02:00
Jens Langhammer
1005f341e4
Merge branch 'master' into inbuilt-proxy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# internal/constants/constants.go
# outpost/pkg/version.go
2021-06-23 20:41:06 +02:00
Jens Langhammer
31a58e2c25
release: 2021.6.2
2021-06-22 23:35:10 +02:00
Jens Langhammer
f6026fdb13
root: allow loading local /static files without debug flag
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-21 21:21:35 +02:00
Jens Langhammer
fe6963c428
release: 2021.6.1
2021-06-17 22:14:52 +02:00
Jens Langhammer
b98895ac2c
root: add more common utils
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 17:29:01 +02:00
Jens Langhammer
6dc38b0132
root: start deduplicating code
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 12:41:34 +02:00
Jens Langhammer
690b7be1d8
root: initial merging of outpost and main project
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-16 12:02:02 +02:00
Jens Langhammer
e0f48a30b7
release: 2021.6.1-rc6
2021-06-15 21:18:33 +02:00
Jens Langhammer
d78fda990a
release: 2021.6.1-rc5
2021-06-12 15:19:24 +02:00
Jens Langhammer
e25f6aea8c
release: 2021.6.1-rc4
2021-06-10 18:59:00 +02:00
Jens Langhammer
2c15ab9995
release: 2021.6.1-rc3
2021-06-10 18:04:59 +02:00
Jens Langhammer
6c985acb36
release: 2021.6.1-rc2
2021-06-10 14:10:47 +02:00
Jens Langhammer
f4a53c89ef
release: 2021.6.1-rc1
2021-06-09 11:01:14 +02:00
Jens Langhammer
e43e42139a
web: migrate templates back to django
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 19:38:24 +02:00
Jens Langhammer
166b98fa34
web/admin: fix BoundPoliciesList's edit policy button not working
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 18:00:26 +02:00
Jens Langhammer
2d5c45543b
release: 2021.5.4
2021-05-22 20:15:23 +02:00
Jens Langhammer
9d476a42d1
web: don't set X-Forwarded-Proto when no request TLS Options are set
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-22 19:46:40 +02:00
Jens Langhammer
a9519a4a68
g: set x-forwarded-proto based on upstream TLS Status
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 09:41:39 +02:00
Jens Langhammer
bf4cbb25fe
release: 2021.5.3
2021-05-20 20:17:39 +02:00
Jens Langhammer
c58fe18b97
web: remove nginx config, add caching headers to g
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-20 19:11:55 +02:00
Jens Langhammer
5a465fbc36
release: 2021.5.2
2021-05-17 19:54:10 +02:00
Jens Langhammer
0b7ebf0e07
release: 2021.5.1
2021-05-13 20:50:31 +02:00
Jens Langhammer
8f99891a9d
release: 2021.5.1-rc10
2021-05-12 21:25:18 +02:00
Jens Langhammer
97a3c2d88b
release: 2021.5.1-rc9
2021-05-12 20:50:29 +02:00
Jens Langhammer
3665e2fefa
release: 2021.5.1-rc8
2021-05-12 14:52:34 +02:00
Jens Langhammer
80fae44f47
release: 2021.5.1-rc7
2021-05-10 12:13:10 +02:00
Jens Langhammer
73eb97ca6e
release: 2021.5.1-rc6
2021-05-10 11:44:23 +02:00
Jens Langhammer
a1a1b113b1
release: 2021.5.1-rc5
2021-05-10 11:34:00 +02:00
Jens Langhammer
f7fd31cc84
release: 2021.5.1-rc4
2021-05-09 21:43:38 +02:00
Jens Langhammer
cd3f02fd3b
release: 2021.5.1-rc3
2021-05-09 17:25:48 +02:00
Jens Langhammer
d3feab9463
release: 2021.5.1-rc2
2021-05-09 16:43:36 +02:00
Jens Langhammer
70c25692eb
release: 2021.5.1-rc1
2021-05-09 16:07:50 +02:00
Jens Langhammer
4acbda2b77
core: improve messaging on flow_manager, authenticate user when they linked their account after not having been authenticateed
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:49:27 +02:00
Jens Langhammer
0d370ef0a9
web/admin: filter out service accounts by default
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 18:23:13 +02:00
Jens Langhammer
5d26fa0403
gproxy: add sentry integration
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:28:48 +02:00
Jens Langhammer
42f9ba8efe
gproxy: load default config file for debug and listen statements
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-04 14:10:34 +02:00
Jens Langhammer
6725569ba8
gproxy: listen on tls
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 23:19:22 +02:00
Jens Langhammer
988cf15b71
root: initial go proxy, update compose and helm
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-03 09:39:09 +02:00