e28babb0b8
core: Initial RBAC ( #6806 )
...
* rename consent permission
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* the user version
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
t
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial role
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* some minor table refactoring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix user, add assign
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add roles ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix backend
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add assign API for roles
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start adding toggle buttons
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start view page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* exclude add_ permission for per-object perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* small cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add permission list for roles
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make sidebar update
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix page header not re-rendering?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add search
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* show first category in table groupBy except when its empty
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make model and object PK optional but required together
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow for setting global perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* exclude non-authentik permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* exclude models which aren't allowed (base models etc)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ensure all models have verbose_name set, exclude some more internal objects
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* lint fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix role perm assign
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add unasign for global perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add meta changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clear modal state after submit
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add roles to our group
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix duplicate url names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make recursive group query more usable
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add name field to role itself and move group creation to signal
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* move rbac stuff to separate django app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint and such
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix go
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start API changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more API tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make admin interface not require superuser for now, improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace some IsAdminUser where applicable
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate flow inspector perms to actual permission
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix license not being a serializermodel
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add permission modal to models without view page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add additional permissions to assign/unassign permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add action to unassign user permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add permissions tab to remaining view pages
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flow inspector permission check
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix codecov config?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more API tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* ensure viewsets have an order set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* hopefully the last api name change
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make perm modal less confusing
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start user view permission page
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only make delete bulk form expandable if usedBy is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* expand permission tables
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add user global permission table
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests' url names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests for assign perms
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add unassign tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rebuild permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* prevent assigning/unassigning permissions to internal service accounts
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only enable default api browser in debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix role object permissions showing duplicate
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix role link on role object permissions table
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix object permission modal having duplicate close buttons
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* return error if user has no global perm and no object perms
also improve error display on table
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* small optimisation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* optimise even more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add system permission for non-object permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow access to admin interface based on perm
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clean
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't exclude base models
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-16 17:31:50 +02:00
25d4905d6c
outposts: use channel groups instead of saving channel names ( #7183 )
...
* outposts: use channel groups instead of saving channel names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use pubsub
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* support storing other args with state
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-16 17:01:44 +02:00
abab635a01
tests: fix potential infinite wait in tests spinning up a container ( #7153 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-12 13:57:29 +02:00
205d3d10e3
root: Support PyCharm's test runner ( #7074 )
...
* Initial commit.
* Use Django's test runner as basis
* Skip already correctly formatted test labels
2023-10-05 20:13:38 +02:00
e55e27d060
root: disable APPEND_SLASH ( #6928 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-26 18:59:28 +02:00
0e5952650b
root: make Celery worker concurrency configurable ( #6837 )
...
* root: made Celery worker concurrency configurable
* core: fixed Celery worker command to set autoscaling options to account for worker concurrency setting
* Update website/docs/installation/configuration.md
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@beryju.org>
2023-09-26 10:37:22 +00:00
a32755b6c8
root: Add setting to adjust database config for pgpool ( #6949 )
2023-09-21 12:54:18 +02:00
6612f729ec
stages/authenticator: vendor otp ( #6741 )
...
* initial import
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update imports
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove email and hotp for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove things we don't need and clean up
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial merge static
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial merge totp
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add system migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more cleanup, add doctests to test_runner
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixup more lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup last tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docstrings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* implement SerializerModel
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web format
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-04 11:45:14 +02:00
fd561ac802
root: connect to backend via socket ( #6720 )
...
* root: connect to gunicorn via socket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* put socket in temp folder
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use non-socket connection for debug
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't hardcode local url
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix dev_server missing websocket
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* dedupe logging config between gunicorn and main app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* slight refactor for proxy errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-02 17:58:37 +02:00
a39fef11b8
providers/saml: fix SAML metadata import API requiring flow slug inst… ( #6729 )
...
* providers/saml: fix SAML metadata import API requiring flow slug instead of pk
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace format_exc_info with dict_tracebacks, and only for json logger
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-09-01 12:59:25 +02:00
1c1c1cf5da
root: expand exception logging ( #6690 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-31 14:17:57 +02:00
9545857042
root/revert persistent connections ( #6677 )
...
Revert "root: always use persistent database connections (#6560 )"
This reverts commit 1d99ec95b5
2023-08-30 00:13:53 +02:00
1d99ec95b5
root: always use persistent database connections ( #6560 )
...
* root: always use persistent database connections
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* root: activate database connection health checks
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2023-08-17 19:38:39 +02:00
cc6824fd7c
core: bump django from 4.1.7 to 4.2 ( #5238 )
...
* core: bump django from 4.1.7 to 4.2 (#5151 )
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* initial postgres upgrade guide
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-08-01 19:30:28 +02:00
561e6956fe
root: add get_int to config loader instead of casting to int everywhere ( #6436 )
...
* root: add get_int to config loader instead of casting to int everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve error handling, add test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 19:34:59 +02:00
10b0c84d97
root: migrate bootstrap to blueprints ( #6433 )
...
* remove old bootstrap
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add meta model to set user password
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* ensure KeyOf works with objects in the state of created that already exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* migrate
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add support for shorter form !If tag
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow !Context to resolve other yaml tags
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't require serializer to be valid for deleting an object
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix check if a model is being created
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove duplicate way to set password
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate token
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* only change what is required with migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add description
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix admin status
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* expand tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't require bootstrap in events to fix ci?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-31 19:34:46 +02:00
b08f8d8e0c
api: re-fix url import logging ( #6400 )
...
* fix logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove lib from apps
lib doesn't declare any models, so it really doesn't need to be in there anyways?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove lib from schema too
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-27 12:56:51 +02:00
7be94df00c
root: set csrf cookie's secure flag same as session ( #6350 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-24 13:57:30 +02:00
2f469d2709
root: partial Live-updating config ( #5959 )
...
* stages/email: directly use email credentials from config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use custom database backend that supports dynamic credentials
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add crude config reloader
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make method names for CONFIG clearer
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* replace config.set with environ
Not sure if this is the cleanest way, but it persists through a config reload
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-add set for @patch
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* even more crudeness
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* clean up some old stuff?
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup old things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix flow e2e
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-19 23:13:22 +02:00
41af486006
enterprise: initial enterprise ( #5721 )
...
* initial
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add user type
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add external users
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ui, add more logic, add public JWT validation key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* revert to not use install_id as session jwt signing key
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* switch to PKI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add more licensing stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add install ID to form
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use x5c correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* license checks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use production CA
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more UI stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* rename to summary
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale, improve ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add direct button
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update link
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* format and such
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove old attributes from ldap
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove is_enterprise_licensed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix admin interface styling issue
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Update authentik/core/models.py
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* fix default case
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-07-17 17:57:08 +02:00
a987846c76
root: celery refactor ( #6095 )
...
* root: celery refactor
cleanup deprecation messages by configuring celery with a single object
run celery as django management command
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve debug experience
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add debugpy to dev dependencies
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix task_always_eager
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-28 16:44:50 +02:00
c45e92b17e
root: revert to use secret_key for JWT signing ( #5934 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-12 11:02:05 +02:00
5b0cc3672b
root: add method to get install_id without django being loaded ( #5755 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-25 18:52:21 +02:00
0d0bb1a559
root: add install ID ( #5717 )
...
* root: add install ID
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add fallback when no migrations table exists
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix lint
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-22 17:24:12 +02:00
6299fc7f81
root: migrate from os.path to Pathlib ( #5594 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-12 20:04:02 +02:00
eaa3d11df8
api: modular urls ( #5551 )
...
* api: make API urls modular
load API urls from app module's urls file instead of a single static file
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* refactor websocket url mounting
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-09 14:46:47 +02:00
8215ee19c6
events: include event user in webhook notification ( #5524 )
...
* events: include event user in webhook notification
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update other transports
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-08 15:34:21 +02:00
7acd0558f5
core: applications backchannel provider ( #5449 )
...
* backchannel applications
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add webui
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* include assigned app in provider
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve backchannel provider list display
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make ldap provider compatible
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* show backchannel providers in app view
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make backchannel required for SCIM
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup api
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens L. <jens@beryju.org>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2023-05-08 15:29:12 +02:00
5830781a5a
root: add websocket logging ( #5408 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 20:34:34 +03:00
54d508ae8c
ci: fix pyright errors ( #5392 )
...
* ci: fix pyright errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix error in oauth 1 source
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove redundant blueprint fixtures
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-27 17:33:47 +03:00
4671d4afb4
enterprise: initial license ( #5293 )
...
* enterprise: add enterprise license and app
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add license and terms
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* don't build enterprise into docker for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-19 16:13:45 +02:00
f84a10b59b
core: revert django update ( #5236 )
...
* Revert "core: bump django from 4.1.7 to 4.2 (#5151 )"
This reverts commit 18a4eac527
2023-04-13 14:10:12 +02:00
18a4eac527
core: bump django from 4.1.7 to 4.2 ( #5151 )
...
* core: bump django from 4.1.7 to 4.2
Bumps [django](https://github.com/django/django ) from 4.1.7 to 4.2.
- [Release notes](https://github.com/django/django/releases )
- [Commits](https://github.com/django/django/compare/4.1.7...4.2 )
---
updated-dependencies:
- dependency-name: django
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* upgrade to psycopg3, use custom engine for prometheus metrics
See https://github.com/korfuri/django-prometheus/issues/350
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scripts use pscopg3
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-11 15:00:27 +02:00
1ca8feb5fc
sources/ldap: make schema optional ( #5213 )
...
* sources/ldap: make schema optional
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* create one connection and re-use it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use magicmock
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-10 21:55:56 +02:00
02f75a92ce
lifecycle: don't use celery ping for worker healthcheck ( #5153 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-03 18:15:31 +02:00
adcd11b1f8
core: extend postgres configuration ( #5138 )
...
Add postgres configuration options to control
TLS verification and client certificates.
2023-04-02 17:39:36 +02:00
73bf6fd530
core: bump channels-redis from 4.0.0 to 4.1.0 ( #5115 )
...
* core: bump channels-redis from 4.0.0 to 4.1.0
Bumps [channels-redis](https://github.com/django/channels_redis ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/django/channels_redis/releases )
- [Changelog](https://github.com/django/channels_redis/blob/main/CHANGELOG.txt )
- [Commits](https://github.com/django/channels_redis/compare/4.0.0...4.1.0 )
---
updated-dependencies:
- dependency-name: channels-redis
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* remove channels <4.1 workaround
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-03-30 00:08:07 +02:00
54cacd784c
*: load websocket paths similarly to URLs ( #5018 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 23:39:25 +01:00
3f5effb1bc
providers/radius: simple radius outpost ( #1796 )
...
* initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* minor fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use search-select
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix ip with port being sent to delegated ip
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add radius tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 16:54:35 +01:00
9310d4cdc0
*: fix mismatched task names for discovery, make output service connection task monitored ( #4956 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-15 12:12:08 +01:00
94f22cffba
root: fix session middleware for websocket connections ( #4909 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-12 16:47:19 +01:00
28ddeb124f
providers: SCIM ( #4835 )
...
* basic user sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add group sync and some refactor
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* allow null authorization flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make task monitored
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add missing dependency
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make authorization_flow required for most providers via API
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make task result better readable, exclude anonymous user
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add task UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add scheduled task for all sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make scim errors more readable
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add mappings, migrate to mappings
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add mapping UI and more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add scim docs to web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start implementing membership
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate signals to tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate fully to tasks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* strip none keys, fix lint errors
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix saml
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add scim schemas and validate against it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add group put support, add group tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* send correct application/scim+json headers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* stop sync if no mappings are confiugred
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add test for task sync
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add membership tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use decorator for tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* make tests better
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-06 19:39:08 +01:00
d2cfb76a7c
root: don't trace websockets to sentry
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-20 21:32:35 +01:00
069e9c015b
events: fix m2m_change events not being logged
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-19 16:28:30 +01:00
f749027143
root: don't log django request warnings
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-17 18:08:18 +01:00
bff34cc5dc
root: use channel send workaround for sync sending of websocket messages
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 16:08:01 +01:00
627e8a250e
tests: run e2e tests in random order ( #4550 )
...
* run e2e tests randomly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix test_ldap_bind_search
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-27 23:57:53 +01:00
9568f4dbd6
root: improve code style ( #4436 )
...
* cleanup pylint comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix url name
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* *: use ExtractHour instead of ExtractDay
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-15 17:02:31 +01:00
e6b5810e03
polices/hibp: remove deprecated ( #4363 )
...
* remove hibp
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* don't save event matcher apps in migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* cleanup migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update docs, update some phrasing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2023-01-05 13:19:26 +01:00
bd56922a2f
blueprints: watch blueprints directory and trigger tasks ( #4309 )
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-30 11:30:18 +01:00
Jens L
Philipp Kolberg
Alissa Gerhard
boesr
risson
dependabot[bot]
Ongy
Jens L