Marc 'risson' Schmitt
3139774b66
release notes
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2024-01-16 05:44:29 +01:00
Marc 'risson' Schmitt
c2f5f993b2
Merge branch 'main' into multi-tenant-django-tenants
2024-01-10 17:57:40 +01:00
Jens Langhammer
c78bb979ec
website: update changelog for 2023.10.6 and 2023.8.6
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-09 19:02:19 +01:00
Marc 'risson' Schmitt
9c7600e1f2
Merge branch 'main' into multi-tenant-django-tenants
2024-01-09 16:38:09 +01:00
Jens L
509b502d3c
providers/oauth2: offline access ( #8026 )
...
* improve scope check (log when application requests non-configured scopes)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add offline_access special scope
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ensure scope is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update tests for refresh tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* special handling of scopes for github compat
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix spec
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* attempt to fix oidc tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove hardcoded slug
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* check scope from authorization code instead of request
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix injection for consent stage checking incorrectly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-04 19:57:11 +01:00
Marc 'risson' Schmitt
2af782c023
Merge branch 'main' into multi-tenant-django-tenants
2023-12-27 11:56:50 +01:00
Jens L
218d61648b
website/docs: prepare 2023.10.5 ( #7947 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-12-21 14:24:34 +01:00
Marc 'risson' Schmitt
9619c2433f
root: add support for storing media files in S3
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-12-20 09:44:02 +01:00
Jens Langhammer
2814a8e951
website/docs: add CVE-2023-48228 to release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-11-21 18:13:41 +01:00
Jens L
6a43721524
website/docs: prepare 2023.10.4 release notes ( #7641 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-11-21 18:01:55 +01:00
Jens L
44fc9ee80c
stages/identification: add option to pretend user exists ( #7610 )
...
* stages/identification: add option to pretend user exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* test CI permission fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-11-18 01:55:48 +01:00
Jens L
4080080acd
internal: remove deprecated metrics ( #7540 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-11-13 14:48:37 +01:00
Marc 'risson' Schmitt
d8b1a59dad
website/docs: update release notes for 2023.10.3
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-11-09 18:43:00 +01:00
Marc 'risson' Schmitt
d5871fef4e
website/docs: update release notes for 2023.10.3
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-11-09 18:24:02 +01:00
dependabot[bot]
823e7dbe1a
website: bump the docusaurus group in /website with 3 updates ( #7400 )
...
* website: bump the docusaurus group in /website with 3 updates
Bumps the docusaurus group in /website with 3 updates: [@docusaurus/plugin-client-redirects](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-client-redirects ), [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic ) and [@docusaurus/theme-mermaid](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-theme-mermaid ).
Updates `@docusaurus/plugin-client-redirects` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-plugin-client-redirects )
Updates `@docusaurus/preset-classic` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-preset-classic )
Updates `@docusaurus/theme-mermaid` from 2.4.3 to 3.0.0
- [Release notes](https://github.com/facebook/docusaurus/releases )
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/docusaurus/commits/v3.0.0/packages/docusaurus-theme-mermaid )
---
updated-dependencies:
- dependency-name: "@docusaurus/plugin-client-redirects"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
- dependency-name: "@docusaurus/preset-classic"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
- dependency-name: "@docusaurus/theme-mermaid"
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: docusaurus
...
Signed-off-by: dependabot[bot] <support@github.com>
* update
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate docusaurus config to ts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix docs-only build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-11-06 15:12:23 +01:00
Jens Langhammer
a43b2fb17c
website/docs: add 2023.8.4 release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-28 22:04:46 +02:00
Jens L
261879022d
security: fix oobe-flow reuse when akadmin is deleted ( #7361 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-28 21:24:06 +02:00
Jens L
2a47ff2977
website/docs: prepare 2023.10.2 release notes ( #7362 )
...
website/docs: prepare 2023.10.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-28 21:07:57 +02:00
Jens L
c3a81a1cce
website/docs: add missing breaking change due to APPEND_SLASH ( #7360 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-28 18:13:56 +02:00
risson
ac2bbd7e2f
website/docs: add warning about Helm breaking change in 2024.x ( #7351 )
...
Co-authored-by: Jens L. <jens@goauthentik.io>
2023-10-27 17:22:02 +00:00
Jens L
f22daca091
website/docs: add warning about upgrading to 2023.10 ( #7340 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-27 12:51:49 +02:00
Jens L
eb53c28352
website/docs: update release notes for 2023.10.1 ( #7316 )
...
website/docs: update for 2023.10.1
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-26 20:16:07 +02:00
Jens L
d9b3e307e3
website/docs: add 2023.10 release notes ( #7309 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-26 15:10:17 +02:00
Jens L
a0f607b5ac
web/flows: bottom-align about text on flows page ( #7051 )
...
* web/flows: bottom-align about text on flows page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of typos
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-03 14:10:10 +02:00
Tana M Berry
c79e90964a
website/docs: tweak Config page ( #6854 )
...
* used tabs to add k8s info
* tweaks
* changed to mdx
* wording tweaks and rearranged sections
* removed old md file renamed to mdx
* tweak
* added a redirect to toml file
* fix references
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-12 20:30:40 +00:00
Jens L
7dc2bf119b
website/docs: prepare 2023.8.3 release notes ( #6843 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:54:36 +02:00
Jens L
3d1bf85587
website/docs: prepare 2023.8.2 release ( #6731 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 16:09:42 +02:00
Jens L
6246537e17
website: bump 2023.8.1 release notes ( #6678 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 00:31:26 +02:00
Jens L
782341441a
website: update 2023.8 release notes ( #6666 )
...
* update main release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-29 19:57:14 +02:00
Jens L
aa874dd92a
security: fix CVE-2023-39522 ( #6665 )
...
* stages/email: don't disclose whether a user exists or not when recovering
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update website
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-29 19:07:49 +02:00
Jens L
e467a91f44
website/docs: update 2023.8 actually ( #6591 )
...
* add actual changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix source docs credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-22 14:19:37 +02:00
Jens L
d9f13e89c6
website: update release notes ( #6590 )
...
* move 2023.7 to 2023.8
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* move version dropdown from navbar to sidebar, and only have it on applicable sites
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove title instead of just hiding it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some styling for the mobile navbar sidebar
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add social image
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Optimised images with calibre/image-actions
* fix website tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2023-08-22 13:03:11 +02:00
Jens L
8bba3c0a9b
core: rework recursive group membership ( #6017 )
...
* rework checking group membership and add `user.all_groups` to get full list of groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor some more for better performance
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate things to use all_groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix for django 4.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-18 17:31:39 +02:00
Jens L
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 19:30:28 +02:00
Jens L
30d32022e5
website/docs: expand beta beta / install docs ( #6443 )
...
* website/docs: expand beta beta / install docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 18:02:31 +02:00
Jens L
57893e0125
website: update 2023.6.1 release notes ( #6204 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-10 12:55:35 +02:00
Jens Langhammer
e2bfcf8a6d
website: update release notes
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-06 18:47:24 +02:00
dependabot[bot]
d14a2906f5
website: bump prettier from 2.8.8 to 3.0.0 in /website ( #6155 )
...
* website: bump prettier from 2.8.8 to 3.0.0 in /website
Bumps [prettier](https://github.com/prettier/prettier ) from 2.8.8 to 3.0.0.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/2.8.8...3.0.0 )
---
updated-dependencies:
- dependency-name: prettier
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* prettier
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-06 12:00:54 +02:00
Jens L
fb8c4b97f4
website: update navbar, update 2023.6 changelog ( #6136 )
...
* website: update navbar, update 2023.6 changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-04 14:25:08 +02:00
Jens L
f7d21b3aba
website: update 2023.6 release notes ( #6053 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-23 15:32:49 +02:00
Jens L
b0fbd576fc
security: cure53 fix ( #6039 )
...
* ATH-01-001: resolve path and check start before loading blueprints
This is even less of an issue since 411ef239f6
, since with that commit we only allow files that the listing returns
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-010: fix missing user filter for webauthn device
This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.
* ATH-01-008: fix web forms not submitting correctly when pressing enter
When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly
This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.
* ATH-01-004: remove env from admin system endpoint
this endpoint already required admin access, but for debugging the env variables are used very little
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-005: use hmac.compare_digest for secret_key authentication
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-009: migrate impersonation to use API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-010: rework
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-014: save authenticator validation state in flow context
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
bugfixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ATH-01-012: escape quotation marks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add website
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release ntoes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update with all notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:25:04 +02:00
Jens L
0ce41a1b2d
providers/ldap: add StartTLS support ( #5861 )
...
* providers/ldap: add StartTLS support
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add starttls test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update form and docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add tls server name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-06 21:40:19 +02:00
Tana M Berry
b1de9f8d93
website/docs: add Note about wget command ( #5770 )
...
* add Note about wget
* added info about -) flag
* add review edits
---------
Co-authored-by: Tana Berry <tana@goauthentik.io>
2023-06-06 02:21:27 -05:00
Jens L
7daf89be05
website/docs: prepare 2023.5.3 ( #5824 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-01 19:34:56 +02:00
Jens L
e8c2aabad0
website/docs: prepare 2023.5.2 release notes ( #5777 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-28 12:45:50 +02:00
Jens L
873aaf85f9
website/docs: prepare 2023.5.1 release notes ( #5679 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-18 20:34:33 +02:00
Jens L
228197ea5e
website/docs: update 2023.5 release notes ( #5526 )
...
* website/docs: update 2023.5 release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-12 13:45:25 +02:00
Bojan Bogojevic
05b2fb5ec1
root: Change docker-compose HTTP and HTTPS port variables ( #5335 )
...
* Clarify that COMPOSE_PORT_ changes exposed ports
Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>
* Change AUTHENTIK_PORT to COMPOSE_PORT
Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>
* Change AUTHENTIK_PORT to COMPOSE_PORT
Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>
* Add hint to Configuration for internal ports
Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>
* dont use different env syntaxes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add changelog entry
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Bojan Bogojevic <20166636+Bojan023@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 14:54:40 +03:00
Jens L
bb92c4a967
providers/ldap: remove deprecated fields ( #5154 )
...
* providers/ldap: remove deprecated fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 14:10:24 +03:00
Jens L
edb2aa2db5
website/docs: 2023.4.1 release notes ( #5281 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-18 10:11:59 +02:00