25d4905d6c
outposts: use channel groups instead of saving channel names ( #7183 )
...
* outposts: use channel groups instead of saving channel names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use pubsub
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* support storing other args with state
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-16 17:01:44 +02:00
00b2a773b4
sources/ldap: made ldap_sync_single calls from ldap_sync_all asynchronous ( #6862 )
2023-10-16 13:11:34 +02:00
abab635a01
tests: fix potential infinite wait in tests spinning up a container ( #7153 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-12 13:57:29 +02:00
ab1b3b09d6
core/api: add uuid field to core api user http response ( #7110 )
...
* feat: Add uuid field to core api user response
* update schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: hor <hor@HOSRV>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-10-09 12:34:38 +02:00
4db365c947
providers/proxy: improve SLO by backchannel logging out sessions ( #7099 )
...
* outposts: add support for provider-specific websocket messages
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* providers/proxy: add custom signal on logout to logout in provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-09 01:06:52 +02:00
6f3fc22c9b
providers/saml: add default RelayState value for IDP-initiated requests ( #7100 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-09 00:08:16 +02:00
25ee6f8116
sources/ldap: fix attribute path resolution ( #7090 )
...
* lib: make set_path_in_dict reusable
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* sources/ldap: use set_path_in_dict to set attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* stages/user_write: also use set_path_in_dict
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-06 18:01:09 +02:00
205d3d10e3
root: Support PyCharm's test runner ( #7074 )
...
* Initial commit.
* Use Django's test runner as basis
* Skip already correctly formatted test labels
2023-10-05 20:13:38 +02:00
f28f301865
policies: fix cached policy metric ( #7068 )
2023-10-05 02:05:01 +02:00
83f9eae654
root: extended flow and policy metrics ( #7067 )
2023-10-05 01:04:55 +02:00
a0f607b5ac
web/flows: bottom-align about text on flows page ( #7051 )
...
* web/flows: bottom-align about text on flows page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of typos
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-03 14:10:10 +02:00
cb6dadbf94
stages/email: rework email templates ( #7029 )
...
rework email templates
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-02 16:04:40 +02:00
29de5d34d6
events: fix error when storing events with date/time/datetime/etc ( #7028 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-02 12:44:17 +02:00
8c891b04f2
stages/invitation: fix mis-matched serializer class for invitation ( #7018 )
...
* stages/invitation: fix mis-matched serializer class for invitation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix returning an instance
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-02 12:26:14 +02:00
b15002a992
flows: stage_invalid() makes flow restart depending on invalid_response_action setting ( #6780 )
...
* flows: stage_invalid() makes flow restart depending on invalid_response_action setting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-27 12:34:02 +02:00
e55e27d060
root: disable APPEND_SLASH ( #6928 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-26 18:59:28 +02:00
90aa5409cd
sources/ldap: add default property mapping to mirror directory structure ( #6990 )
...
* sources/ldap: add default property mapping to mirror directory structure
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* adjust name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-26 18:55:33 +02:00
0e5952650b
root: make Celery worker concurrency configurable ( #6837 )
...
* root: made Celery worker concurrency configurable
* core: fixed Celery worker command to set autoscaling options to account for worker concurrency setting
* Update website/docs/installation/configuration.md
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@beryju.org>
2023-09-26 10:37:22 +00:00
3e81824388
core: prevent self-impersonation ( #6885 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-26 12:04:40 +02:00
a32755b6c8
root: Add setting to adjust database config for pgpool ( #6949 )
2023-09-21 12:54:18 +02:00
000244e387
sources/ldap: add lock to sync ( #6930 )
2023-09-18 21:38:01 +02:00
7649a57495
core: create app transactional api ( #6446 )
...
* initial api and schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* separate blueprint importer from yaml parsing
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add new "must_created" state to blueprints to prevent overwriting objects
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rework validation and error response to make it actually usable
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add defaults
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rework transaction_rollback
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use static method for string imports of subclass
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* slight cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-17 23:55:21 +02:00
583c5e3ba7
sources/ldap: add warning when a property mapping returns None or bytes ( #6913 )
...
* sources/ldap: add warning when a property mapping returns None or bytes
closes #6889
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-16 00:37:20 +02:00
895c6a349c
policies: specify failure result ( #6887 )
2023-09-14 20:38:22 +02:00
58aa7ec623
sources/ldap: fix inverted interpretation of FreeIPA nsaccountlock ( #6877 )
...
sources/ldap: fix inverted interpretation of nsaccountlock
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-13 15:43:59 +02:00
c79e90964a
website/docs: tweak Config page ( #6854 )
...
* used tabs to add k8s info
* tweaks
* changed to mdx
* wording tweaks and rearranged sections
* removed old md file renamed to mdx
* tweak
* added a redirect to toml file
* fix references
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-12 20:30:40 +00:00
515ce94a85
root: add option to disable beat when running worker ( #6849 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-12 13:26:23 +02:00
4c823b7428
providers/saml: set WantAuthnRequestsSigned in metadata ( #6851 )
2023-09-12 09:10:06 +02:00
5b6fb4a05a
Merge branch 'version-2023.8'
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# Dockerfile
# poetry.lock
# proxy.Dockerfile
# web/src/admin/AdminInterface.ts
# web/xliff/zh-Hans.xlf
2023-09-11 22:04:23 +02:00
f885f8c039
release: 2023.8.3
2023-09-11 18:55:08 +02:00
ec5bd550c7
core: remove celery's duplicate max_tasks_per_child ( #6840 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:15:17 +02:00
fe02720f8d
providers/scim: check that a provider exists before starting scim task ( #6841 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:15:12 +02:00
0580f32fe6
core: remove celery's duplicate max_tasks_per_child ( #6840 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:12:18 +02:00
74ee97b472
providers/scim: check that a provider exists before starting scim task ( #6841 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 18:12:04 +02:00
dd18f9cd30
sources/ldap: dont prefetch useless items ( #6812 )
...
sources/ldap: Fixed fetching of useless data into redis
2023-09-11 12:44:49 +02:00
d36574fc1a
sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single ( #6809 )
...
* sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single
* ldap_sync_all runs tasks async so doesn't need longer timeouts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* bump time more as we run some tasks in serial and add more leeway
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-11 12:44:40 +02:00
e45b57071a
sources/ldap: dont prefetch useless items ( #6812 )
...
sources/ldap: Fixed fetching of useless data into redis
2023-09-11 12:43:10 +02:00
06850a2f57
sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single ( #6809 )
...
* sources/ldap: fix task timeout for ldap_sync_all and ldap_sync_single
* ldap_sync_all runs tasks async so doesn't need longer timeouts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* bump time more as we run some tasks in serial and add more leeway
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-09-08 20:37:54 +02:00
ae91689fd8
policies/reputation: require either check to be enabled ( #6764 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 14:00:29 +02:00
aa209efa90
stages/password: fix failed_attempts_before_cancel allowing one too m… ( #6763 )
...
* stages/password: fix failed_attempts_before_cancel allowing one too many tries
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 14:00:24 +02:00
4b20409a91
sources/ldap: fix FreeIPA nsaccountlock sync ( #6745 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-06 13:59:36 +02:00
bbdf8c054b
stages/password: move password validation to serializer ( #6766 )
...
* handle non-applicable when restarting flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* flows: add StageInvalidException error to be used in challenge/response serializer validation to return a stage_invalid error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rework password stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-05 22:55:33 +02:00
8c3f578187
policies/reputation: require either check to be enabled ( #6764 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-05 22:15:14 +02:00
e373bae189
flows: remove need for post() wrapper by using dispatch ( #6765 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-05 22:15:03 +02:00
7cbce1bb3d
stages/password: fix failed_attempts_before_cancel allowing one too m… ( #6763 )
...
* stages/password: fix failed_attempts_before_cancel allowing one too many tries
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-05 21:58:11 +02:00
6612f729ec
stages/authenticator: vendor otp ( #6741 )
...
* initial import
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update imports
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove email and hotp for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove things we don't need and clean up
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial merge static
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial merge totp
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add system migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more cleanup, add doctests to test_runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixup more lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup last tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docstrings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* implement SerializerModel
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-04 11:45:14 +02:00
3f12c7c013
sources/ldap: fix FreeIPA nsaccountlock sync ( #6745 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-04 08:44:00 +02:00
fd561ac802
root: connect to backend via socket ( #6720 )
...
* root: connect to gunicorn via socket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* put socket in temp folder
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use non-socket connection for debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't hardcode local url
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix dev_server missing websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dedupe logging config between gunicorn and main app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* slight refactor for proxy errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-02 17:58:37 +02:00
97e4c8d5e2
release: 2023.8.2
2023-09-01 17:27:16 +02:00
a39fef11b8
providers/saml: fix SAML metadata import API requiring flow slug inst… ( #6729 )
...
* providers/saml: fix SAML metadata import API requiring flow slug instead of pk
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace format_exc_info with dict_tracebacks, and only for json logger
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 12:59:25 +02:00
0772756eef
crypto: fix has_key filter ( #6727 )
...
* crypto: fix has_key certificate filter
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 11:51:41 +02:00
1c1c1cf5da
root: expand exception logging ( #6690 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 14:17:57 +02:00
f57b3efcaa
policies/reputation: fix reputation not expiring ( #6714 )
...
* policies/reputation: fix reputation not expiring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some verbose names for models
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 13:46:00 +02:00
3f3ca6fe82
core: make groups' parent_name nullable as it might not be set ( #6700 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 20:39:57 +02:00
3afff1bae9
providers/oauth2: fix incorrect scope permissions shown ( #6696 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 17:27:40 +02:00
b6a57ffd4f
events: fix missing application names from most used applications ( #6689 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 12:46:42 +02:00
be3cfaee56
release: 2023.8.1
2023-08-30 00:31:45 +02:00
9545857042
root/revert persistent connections ( #6677 )
...
Revert "root: always use persistent database connections (#6560 )"
This reverts commit 1d99ec95b5
2023-08-30 00:13:53 +02:00
bfa78afd54
release: 2023.8.0
2023-08-29 19:58:42 +02:00
aa874dd92a
security: fix CVE-2023-39522 ( #6665 )
...
* stages/email: don't disclose whether a user exists or not when recovering
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update website
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-29 19:07:49 +02:00
af200a6bf9
web: cleanup ( #6664 )
...
* web: remove <p> used for padding and do it properly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: remove .form-help-text as it didn't change anything
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* move data-list styling to correct scope
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove title from navbar for docs-only build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-29 18:24:11 +02:00
ccfd45774e
*: fix api errors raised in general validate() to specify a field ( #6663 )
...
* *: fix api errors raised in general validate() to specify a field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove required flag for tls server name for ldap provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* attempt to make timing test less flaky
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-29 14:41:48 +02:00
30cb38ac6d
blueprints: fix tag values not resolved correctly ( #6653 )
...
* blueprints: fix tag values not resolved correctly
this lead to `null` in an `!Env` tag being returned as `"null"`
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make blueprint user password optional
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ensure user doesn't have a usable password set when its an empty string
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-28 18:27:44 +02:00
85bc35eb41
providers/oauth2: fix id_token being saved incorrectly leading to lost claims ( #6645 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-28 00:51:48 +02:00
9e29789c09
root: fix config loading for outposts ( #6640 )
...
* root: fix config loading for outposts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve check to see if outpost is embedded or not
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* also fix oauth url fetching
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-26 19:40:48 +02:00
d29163e3ad
core: fix filtering users by type attribute ( #6638 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-26 17:26:50 +02:00
599f7e7c88
root: config: remove redundant default configs
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-08-26 02:41:37 +02:00
bc6706016b
core: bump pydantic from 1.10.12 to 2.3.0 ( #6613 )
...
* core: bump pydantic from 1.10.12 to 2.3.0
Bumps [pydantic](https://github.com/pydantic/pydantic ) from 1.10.12 to 2.3.0.
- [Release notes](https://github.com/pydantic/pydantic/releases )
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md )
- [Commits](https://github.com/pydantic/pydantic/compare/v1.10.12...v2.3.0 )
---
updated-dependencies:
- dependency-name: pydantic
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix webauthn stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix scim
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* "fix" lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-08-24 12:25:17 +02:00
739edba92d
enterprise: default user count to 0
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-08-23 17:10:50 +02:00
168423a54e
enterprise: licensing fixes ( #6601 )
...
* enterprise: fix unique index for key, fix field names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* enterprise: update UI to match
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-23 13:20:42 +02:00
0472ef583c
core: hotfix group membership check ( #6584 )
2023-08-20 23:47:13 +02:00
8bba3c0a9b
core: rework recursive group membership ( #6017 )
...
* rework checking group membership and add `user.all_groups` to get full list of groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor some more for better performance
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate things to use all_groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update release notes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix for django 4.2
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-18 17:31:39 +02:00
42c21da8b6
blueprints: fix blueprint importer logging potentially sensitive data ( #6567 )
2023-08-18 00:33:26 +01:00
7b3d1a229f
stages/authenticator_static: make static token size adjustable ( #6565 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-17 23:48:05 +02:00
1d99ec95b5
root: always use persistent database connections ( #6560 )
...
* root: always use persistent database connections
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* root: activate database connection health checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-08-17 19:38:39 +02:00
287cf6f0c7
web/admin: fix user sorting by active field ( #6485 )
...
* web/admin: fix user sorting by active field
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web/admin: fix hide service account toggle
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-05 22:07:17 +02:00
00fae2353c
api: optimise pagination in API schema ( #6478 )
2023-08-05 15:37:06 +02:00
e191cd6e7f
provider/oauth2: fix aud (Audience) field type which can be a list of… ( #6447 )
...
provider/oauth2: fix aud (Audience) field type which can be a list of strings
2023-08-01 23:16:26 +02:00
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 19:30:28 +02:00
561e6956fe
root: add get_int to config loader instead of casting to int everywhere ( #6436 )
...
* root: add get_int to config loader instead of casting to int everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve error handling, add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 19:34:59 +02:00
10b0c84d97
root: migrate bootstrap to blueprints ( #6433 )
...
* remove old bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add meta model to set user password
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure KeyOf works with objects in the state of created that already exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add support for shorter form !If tag
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow !Context to resolve other yaml tags
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't require serializer to be valid for deleting an object
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix check if a model is being created
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove duplicate way to set password
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate token
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only change what is required with migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add description
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix admin status
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* expand tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't require bootstrap in events to fix ci?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 19:34:46 +02:00
09907ecb6a
root: add generated Source docs ( #5323 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 11:59:20 +02:00
b08f8d8e0c
api: re-fix url import logging ( #6400 )
...
* fix logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove lib from apps
lib doesn't declare any models, so it really doesn't need to be in there anyways?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove lib from schema too
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-27 12:56:51 +02:00
94836a3ce7
api: log errors if app URLs import fail ( #6397 )
...
* api: log errors if app URLs import fail
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* bump level to warning
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-27 11:29:20 +02:00
f272d14fcf
events: fix monitored task not removing state ( #6386 )
...
when `save_on_success` is set, a task failure saves state. when it succeeds afterwards, that state should be removed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-26 16:00:50 +02:00
17fe595528
sources/ldap: fix syncing large LDAP directories ( #6384 )
...
* sources/ldap: fix syncing large LDAP directories
* add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-26 12:25:40 +02:00
18472c231a
enterprise: fix license check not using the proper JWT algorithm
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-07-25 12:10:15 +02:00
7be94df00c
root: set csrf cookie's secure flag same as session ( #6350 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 13:57:30 +02:00
346c6e6a85
outposts: Fix infinite self-recursion in traefik reconciler. ( #6336 )
...
Fix infinite self-recursion in traefik reconciler.
2023-07-24 10:25:29 +00:00
8d4b7ce8d3
outposts: fix patch processing ( #6338 )
...
* outposts: fix patch processing for custom object types
* outposts: correct parsing patch type
* small change
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 10:25:14 +00:00
4647fbacb0
enterprise: fix license check not using DER as spec specifies ( #6348 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 12:11:47 +02:00
d435a65cfd
outposts: support json patch for Kubernetes ( #6319 )
2023-07-22 02:29:28 +02:00
a728dad166
providers/oauth2: fix grant_type password raising an exception ( #6333 )
2023-07-22 01:36:55 +02:00
d50f92d8b4
enterprise: cleanup v2 ( #6330 )
...
* cleanup minor stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* change default user type to internal to be more consistent
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-21 18:23:51 +02:00
9b7c30d44c
sources/ldap: fix ldap_sync cli command not running in foreground ( #6325 )
...
closes #6317
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-21 13:03:06 +02:00
d12db62a6d
root: fix lint error
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-20 00:38:01 +02:00
546425acde
root: fix config env var resolution ( #6310 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-20 00:16:00 +02:00
2f469d2709
root: partial Live-updating config ( #5959 )
...
* stages/email: directly use email credentials from config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use custom database backend that supports dynamic credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add crude config reloader
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make method names for CONFIG clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace config.set with environ
Not sure if this is the cleanest way, but it persists through a config reload
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add set for @patch
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* even more crudeness
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clean up some old stuff?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup old things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flow e2e
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-19 23:13:22 +02:00
b6e8342466
enterprise: add more info to enterprise forecast ( #6292 )
...
* add more info to enterprise forecast
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix banner colour
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix some layout
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix layout for warning banner
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-18 23:24:44 +02:00
41af486006
enterprise: initial enterprise ( #5721 )
...
* initial
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add user type
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add external users
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ui, add more logic, add public JWT validation key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* revert to not use install_id as session jwt signing key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* switch to PKI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more licensing stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add install ID to form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use x5c correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* license checks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use production CA
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more UI stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to summary
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale, improve ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add direct button
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update link
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format and such
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove old attributes from ldap
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove is_enterprise_licensed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix admin interface styling issue
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update authentik/core/models.py
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* fix default case
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-17 17:57:08 +02:00
Jens L
Alissa Gerhard
horego
Philipp Kolberg
boesr
Tana M Berry
Alissa Gerhard
Marc 'risson' Schmitt
dependabot[bot]
risson
Jean-Michel DILLY
Timo Schwarzer
Yip Rui Fung
ChandonPierre