Commit Graph

335 Commits

Author SHA1 Message Date
Jens Langhammer 5c42dac5e2 web/user: include locale code in locale selection
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-02-01 19:19:37 +01:00
transifex-integration[bot] a6b0b14685
Translate /web/src/locales/en.po in pl (#2197)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-31 14:17:26 +01:00
Jens Langhammer acc4de2235 web: add pl locale 2022-01-31 11:50:05 +00:00
transifex-integration[bot] 7ee7f6bd6a
Translate /web/src/locales/en.po in pl (#2196)
translation completed for the source file '/web/src/locales/en.po'
on the 'pl' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-31 10:00:37 +01:00
Jens Langhammer 1415b68ff4 web: add es locale
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-30 21:43:55 +01:00
transifex-integration[bot] be6853ac52
Translate /web/src/locales/en.po in es (#2188)
translation completed for the source file '/web/src/locales/en.po'
on the 'es' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-30 21:38:30 +01:00
Jens Langhammer e758db5727 stages/authenticator_webauthn: make more WebAuthn options configurable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:57:49 +01:00
Jens Langhammer 4d7d700afa providers/oauth2: change default redirect uri behaviour; set first used url when blank and use star for wildcard
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-12 22:44:57 +01:00
Jens Langhammer 8ff8e1d5f7 web/admin: fix missing configure flow setting on webuahtn setup stage form
closes #2084

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 20:15:34 +01:00
Jens Langhammer ef564e5f1a web: fix double plural in label
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-10 18:58:56 +01:00
transifex-integration[bot] b76546de0c
Translate /web/src/locales/en.po in tr (#2074) 2022-01-07 09:16:02 +01:00
Jens Langhammer 6e53f1689d policies/reputation: rework reputation to use a single entry, include geo_ip data
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-05 21:02:33 +01:00
transifex-integration[bot] 4d9d7c5efb
Translate /web/src/locales/en.po in tr (#2063)
translation completed for the source file '/web/src/locales/en.po'
on the 'tr' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2022-01-04 22:17:02 +01:00
Jens Langhammer 41d5bff9d3 web/admin: fix delete form for tenants missing columns
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-04 18:54:56 +01:00
Jens Langhammer 212220554f sources/oauth: add additional scopes field to get additional data from provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2047
2022-01-03 16:43:52 +01:00
Jens Langhammer 3e22740eac core: add API endpoint to directly set user's password
closes #2040

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-03 13:31:58 +01:00
Jens Langhammer ab17a12184 web/user: fix auto-detected locale not being re-activated when switching to auto-detect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-02 20:01:51 +01:00
transifex-integration[bot] 301386fb4a
Translate /web/src/locales/en.po in tr (#2045) 2022-01-02 00:12:51 +01:00
Jens Langhammer 4f800c4758 web/flows: include user in access denied stage
closes #2039

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 20:25:49 +01:00
Jens Langhammer 0ef8edc9f1 web/user: add language selection
closes #2041

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-01-01 18:25:03 +01:00
Jens Langhammer 8ab5c04c2c web/admin: show flow title in list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 22:10:31 +01:00
Jens Langhammer 9154b9b85d web/user: rework user source connection UI
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 21:59:41 +01:00
Jens Langhammer e5d9c6537c web: add tr to locales
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-30 16:56:28 +01:00
transifex-integration[bot] ef4f9aa437
Translate /web/src/locales/en.po in tr (#2019)
translation completed updated for the source file '/web/src/locales/en.po'
on the 'tr' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-12-26 18:44:41 +01:00
transifex-integration[bot] 902dd83c67
Translate /web/src/locales/en.po in tr (#2016)
translation completed updated for the source file '/web/src/locales/en.po'
on the 'tr' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-12-26 18:39:20 +01:00
transifex-integration[bot] 1c4b78b5f4
Translate /web/src/locales/en.po in tr (#2005) 2021-12-26 18:37:10 +01:00
Jens Langhammer f93f7e635b web: fix styling for modals, ensure correct classes are used
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 20:30:35 +01:00
Jens Langhammer 6510b97c1e outposts: add remote docker integration via SSH
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-25 16:31:34 +01:00
Jens Langhammer 10110deae5 web/admin: add Admin in titlebar for admin interface
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-24 20:04:21 +01:00
Jens Langhammer 2520c92b78 website/docs: add additional docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:51:18 +01:00
Jens Langhammer 5c5634830f stages/identification: add field for passwordless flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-23 18:27:00 +01:00
Jens Langhammer 34b11524f1 tenants: add web certificate field, make authentik's core certificate configurable based on keypair
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-22 11:43:45 +01:00
Jens Langhammer 7f5fed2aea web/admin: add outpost type to list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-20 19:30:52 +01:00
Jens Langhammer 8599d9efe0 web/admin: auto set the embedded outpost's authentik_host on first view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-19 13:27:04 +01:00
Jens Langhammer 61097b9400 policies/password: add minimum digits
closes #1952

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 16:15:56 +01:00
Jens Langhammer 7a73ddfb60 outposts/proxy: match skipPathRegex against full URL on domain auth
closes #1955

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-18 15:50:42 +01:00
NeroPcStation 273f5211a0
providers/saml: Fix typo (#1950) 2021-12-17 11:00:20 +00:00
Jens Langhammer 7c71c52791 web/admin: add sidebar to applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-16 12:23:30 +01:00
Jens Langhammer 7b8cde17e6 web/admin: show warning when deleting currently logged in user
closes #1937

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-15 10:11:35 +01:00
Jens Langhammer 3740e65906 web/admin: add dashboard with user creation/login statistics
closes #1867

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 22:08:41 +01:00
Jens Langhammer 0b00768b84 events: add flow_execution event type
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:13:51 +01:00
Jens Langhammer 05db352a0f web: add link to open API Browser for API Drawer
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 16:03:42 +01:00
Jens Langhammer 1ae1cbebf4 web/admin: re-organise sidebar items
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 15:57:03 +01:00
Jens Langhammer 4e6714fffe stages/authenticator_webauthn: make user_verification configurable
closes #1921

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 09:58:20 +01:00
Jens Langhammer 2993f506a7 sources/oauth: implement apple native sign-in using the apple JS SDK
closes #1881

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-14 00:40:29 +01:00
Jens Langhammer caab396b56 web/admin: improve wording for froward_auth, don't show setup when using proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-13 15:36:05 +01:00
Jens Langhammer a91204e5b9 web/user: allow custom font-awesome icons for applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1189
2021-12-06 21:20:15 +01:00
Jens Langhammer e3e9178ccc web/admin: show outpost warning on application page too
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-06 10:10:44 +01:00
Jens Langhammer e44632f9a0 web/admin: fix wrong description for reputation policy
closes #1877

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-04 19:54:58 +01:00
Jens Langhammer 572f6d4ea0 crypto: add certificate discovery to automatically import certificates from lets encrypt
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1835
2021-12-03 18:27:36 +01:00
Jens Langhammer f1b9021e3e sources/ldap: add optional tls verification certificate
closes #1875

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-03 10:09:13 +01:00
Jens Langhammer 75051687e6 sources/ldap: allow multiple server URIs for loadbalancing and failover
closes #1874

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 20:15:11 +01:00
Jens Langhammer 5594ad0b36 web/admin: add spinner to table refresh to show progress
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-12-02 19:34:21 +01:00
Jeremy Willans fdd5211253
web/flows: Revise duo authenticator login prompt text (#1872) 2021-12-02 15:27:47 +01:00
Jens Langhammer ae161c1ba9 web/admin: fix actions column on ip reputation page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-28 21:14:52 +01:00
Jens Langhammer 03e0eecb1d web/admin: redesign provider pages to provide more info
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-26 14:08:45 +01:00
Jens Langhammer 0ee9b07172 web/admin: show changelog on user info page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 23:59:04 +01:00
Jens Langhammer 8d1fd48003 web/admin: allow flow edit on flow view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-19 10:20:31 +01:00
Jens Langhammer fe0d3a64c8 web/admin: fix typo in events action
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-18 20:32:59 +01:00
Jens Langhammer 357bd65028 web/flows: fix typo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-15 19:52:17 +01:00
Jens Langhammer 9ae69866bd web/admin: fix display issues with flow execute buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-11 13:51:33 +01:00
Jens Langhammer da74304221 stages/prompt: add text_read_only field
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-08 14:45:56 +01:00
Jens L 5a8c66d325
providers/ldap: memory Query (#1681)
* outposts/ldap: modularise ldap outpost, to allow different searchers and binders

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/ldap: add basic in-memory searcher

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/ldap: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add search mode field

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 10:37:30 +01:00
Jens Langhammer abcf515a69 web/admin: also show note for SAML provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:21:10 +01:00
Jens Langhammer 3005ca17bd web/admin: show warning on provider when not used with outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-05 01:15:33 +01:00
Jens Langhammer 2a21ebf7b0 web/flows: fix authenticator_validate not allowing alpha-numeric codes due to empty pattern
closes #1663

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:39:10 +01:00
Jens Langhammer e0e4bf6972 web/user: fix device type for static tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:28:55 +01:00
Jens Langhammer 337677ad12 web/flows: improve display of static tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:21:04 +01:00
Jens Langhammer 3712d5aee2 web/user: fix empty page when no sources to connect exist
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-04 15:16:08 +01:00
Jens Langhammer 5374352411 sources/plex: allow users to connect their plex account without login flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-03 21:09:02 +01:00
Jens Langhammer a92bce322d web/flows: fix sub_text not rendering for static fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-11-01 20:54:43 +01:00
Jens Langhammer 5646141fe2 stages/identification: add show_source_labels option, to show labels for sources
closes #1679

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-31 17:57:48 +01:00
Jens Langhammer 06766bdb25 web/user: update form to update mfa devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 15:19:17 +02:00
Jens Langhammer 40f8ce3c4c web/user: rework MFA Device UI to support multiple devices
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-30 14:56:14 +02:00
Jens Langhammer 8296d0c94c web/admin: fix SMS Authenticator stage not loading state correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-14 11:49:55 +02:00
Jens L aef9d27706
stages/authenticator_sms: Add SMS Authenticator Stage (#1577)
* stages/authenticator_sms: initial implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add initial stage UI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: clear invalid state when old input was invalid but new input is correct

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_sms: add more logic

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add basic SMS settings

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_sms: initial working version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_sms: add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: optimise totp password manager entry on authenticator_validation stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add grouping support for table

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: allow sms class in authenticator stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add grouping to more pages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/authenticator_validate: add SMS support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add throttling for flow executor based on session key and pending user

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix style issues

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: add workflow to compile backend translations

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
Jens Langhammer 57e5acaf2f stages/prompt: add sub_text field to add HTML below prompt fields
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-07 18:34:37 +02:00
Jens Langhammer 097a42bb7b web/admin: fix description for flow import
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-06 20:50:43 +02:00
Jens Langhammer 4f57dfda93 web/flows: adjust message for email stage
closes #1538

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:28:11 +02:00
Jens Langhammer 19247accd9 web: fix rendering of token copy button in dark mode
closes #1528

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-05 11:11:13 +02:00
transifex-integration[bot] 8da00585e3
Translate /web/src/locales/en.po in fr_FR (#1536)
translation completed for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-10-05 10:30:01 +02:00
Jens Langhammer 0692663537 stages/email: add activate_user_on_success flag, add for all example flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-04 18:47:51 +02:00
transifex-integration[bot] f3cc1be0f2
Translate /web/src/locales/en.po in fr_FR (#1509)
translation completed updated for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
2021-10-03 00:32:17 +02:00
transifex-integration[bot] 3493d35af9 web: Translate /web/src/locales/en.po in fr_FR (#1506)
translated updated for the source file '/web/src/locales/en.po'
on the 'fr_FR' language.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-01 14:02:18 +02:00
Jens Langhammer e9bb8c896b web/admin: fix LDAP Source form not exposing syncParentGroup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-30 18:10:56 +02:00
Jens Langhammer 94ae52b576 web/admin: don't require username nor name for activate/deactivate toggles
closes #1491

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-29 09:42:59 +02:00
Jens L f9ad102915
flows: inspector (#1469)
* flows: add initial inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: change naming a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flow: add inspector frame

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: don't use shadydom when inspecting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add current stage to api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* stages/*: fix imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: deep-copy plan instead of just adding

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: restrict inspector to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add buttons to launch flow with inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: don't automatically follow redirects when inspector is open

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: make current_plan optional, only require historry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: handle error messages in inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: improve UI when flow is done

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add is_completed flag to inspector

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix monkeypatches for tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: add inspector tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* ci: re-enable cache

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-28 09:36:48 +02:00
pemontto 674bd9e05c
web/admin: Fix typo 'username address' -> 'username' (#1473) 2021-09-26 12:53:37 +02:00
Jens Langhammer 05db9e5c40 web/admin: handle error correctly when creating user recovery link
closes #1472

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-26 11:49:40 +02:00
Jens Langhammer 79b92e764e *: fix typos in code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-25 00:01:11 +02:00
Jens Langhammer 73e3d19384 web/user: add auto-focus search for applications
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 21:07:18 +02:00
Jens Langhammer f6e0f0282d core: fix tokens not being viewable but superusers
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-19 16:11:20 +02:00
Jens Langhammer 06af306e8a sources/ldap: bump timeout, run each sync component in its own task
closes #1411

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 12:42:20 +02:00
Jens Langhammer 9257f3c919 web/user: add missing stop impersonation button
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-17 10:04:47 +02:00
Jens L 13e2eea72f
web/user: new end-user interface (#1404)
* web/user: migrate to top navbar

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: prepare config from server

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* re-sort

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove old interface

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update issue template

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use notification badge

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: re-add go-to-admin button

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix remaining redirects directly to admin

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* make settings better

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: ensure sources and stages are sorted

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/user: add sessions and consent

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/oauth2: add post wrapper to stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add new interface to release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-16 22:17:05 +02:00
Jens L 9441be1ee2
interface split (#943) 2021-09-16 17:30:16 +02:00
Jens Langhammer 916530f0d8 providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui
closes #1369

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-15 17:14:53 +02:00
Jens Langhammer ef341dd405 stages/user_write: add option to add newly created users to a group
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-14 21:45:34 +02:00
Jens Langhammer 9a7fa39de4 events: allow setting a mapping for webhook transport to customise request payloads
closes #1383

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-12 01:05:42 +02:00
Jens L 3c1b70c355
outposts/proxyv2 (#1365)
* outposts/proxyv2: initial commit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add rs256

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

more stuff

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add forward auth an sign_out

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

match cookie name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

re-add support for rs256 for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add error handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

ensure unique user-agent is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

set cookie duration based on id_token expiry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

build proxy v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add ssl

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add basic auth and custom header support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add application cert loading

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

implement whitelist

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add redis

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

migrate embedded outpost to v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

remove old proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

providers/proxy: make token expiration configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only allow one redirect URI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix docker build for proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove default port offset

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add AUTHENTIK_HOST_BROWSER

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix e2e/integration tests not using proper tags

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove references of old port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix user_attributes not being loaded correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-08 18:04:56 +00:00
Jens Langhammer 2db8b07578 events: add mark_all_seen
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 22:08:12 +02:00
Jens Langhammer 4fc8e61f8c stages/authenticator_validate: show single button for multiple webauthn authenticators
tested with browser + yubikey 5

closes #1096

The order of allowCredentials doesn't seem to matter, chrome seems to always choose the internal authenticator first.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-01 19:28:52 +02:00
Jens Langhammer 78578c6c9d web/admin: allow admins to create tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-25 21:23:32 +02:00
Jens Langhammer 16cfa8cae2 web/admin: add ServiceAccount creation form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-24 20:13:08 +02:00
Jens Langhammer a9af40f85c web/admin: improve delete modal for stage bindings and policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 17:46:51 +02:00
Jens Langhammer 00e9b91f56 web/admin: fix missing app passwords backend
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:47:38 +02:00
Jens Langhammer c4832206fa web/admin: display token's intents
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 16:33:12 +02:00
Jens Langhammer 33d5cd2973 web: add notice for Certificate for LDAP Provider
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-21 18:48:02 +02:00
Jens Langhammer d1403f6f7d web: implement bulk-delete form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 23:21:29 +02:00
Jens Langhammer 9430a2eea2 web/elements: add bulk delete form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-12 21:42:52 +02:00
Jens Langhammer 7db3be604c web/admin: allow modification of users groups from user view
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 21:27:41 +02:00
Jens Langhammer de9d483b9f admin: add API to show embedded outpost status, add notice when its not configured properly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 19:16:11 +02:00
Jens Langhammer 557724768a core: add API to directly send recovery link to user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-10 13:54:59 +02:00
Jens Langhammer c025d64ba3 outpost: revert managed config, make authentik_host field optional
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-08 16:58:01 +02:00
Jens Langhammer 1693118df7 web/admin: cleanup display of outpost health
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 21:11:28 +02:00
Jens Langhammer 6fe5175f21 core: add UserSelfSerializer and separate method for users to update themselves with limited fields
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 17:42:19 +02:00
Jens Langhammer 1a17ce24f9 web: use single delete button with checkbox and icon-based action buttons
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-05 12:30:43 +02:00
Jens Langhammer ac77291b6d web/admin: add re-authenticate button for plex
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1205
2021-08-01 11:47:39 +02:00
Jens Langhammer 5571aa32b6 web/admin: add UI to copy invitation link
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-01 11:47:22 +02:00
Jens Langhammer 8bb57a1283 web/admin: re-name service connection to integration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-31 13:48:26 +02:00
Jens Langhammer 577aa7ba79 web/admin: add status card for https and timedrift
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-26 19:58:26 +02:00
Jens Langhammer 5552e0ffa7 web/admin: add notice for event_retention
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-26 18:47:46 +02:00
Jens Langhammer 1972464a20 tenants: make event retention configurable on tenant level
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-24 20:07:12 +02:00
Jens Langhammer 464c27ef17 web: improve UI for event actions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-23 22:27:51 +02:00
Jens Langhammer ff64814f40 web/admin: improve UI for notification toggle
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-22 14:17:56 +02:00
Jens Langhammer 7c2decf5ec providers/ldap: squash migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-14 09:22:25 +02:00
Jens Langhammer 90fe1c2ce8 providers/oauth2: allow blank redirect_uris to allow any redirect_uri
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-08 19:28:35 +02:00
Jens Langhammer d07704fdf1 crypto: show both sha1 and sha256 fingerprints
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 19:25:27 +02:00
Jens Langhammer 91f7b289cc web/admin: show oauth2 token revoked status
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 16:04:24 +02:00
Jens Langhammer c19da839b1 stages/user_write: add create_users_as_inactive flag
close #1086

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-28 23:24:54 +02:00
Jens Langhammer 2b1356bb91 flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses
closes #1079

Default value of `retry` behaves like previous version.

`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-28 00:22:09 +02:00
Jens Langhammer 4ec5df6b12 web/admin: fix linting error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 22:30:33 +02:00
Jens Langhammer 0403f6d373 web/admin: add flow export button on flow view page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-26 22:03:19 +02:00
Jens Langhammer 74e578c2bf events: add tenant to event
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 18:43:29 +02:00
Jens Langhammer e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-14 17:22:58 +02:00
Jens Langhammer 31fc4d1cb9 web: migrate banner to sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-13 22:55:41 +02:00
Jens Langhammer 676b77aa7c stages/identification: add UPN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:48:39 +02:00
Jens L 34ae9e6dab
API: add endpoint to show by what objects an object is used (#995)
* core: add used_by API to show what objects are affected before deletion

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: add support for used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add authentik_used_by_shadows to shadow other models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: implement used_by API

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix duplicate imports

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add action field to used_by api

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add UI for used_by action

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: add notice to tenant form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix naming in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: check length for used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: fix used_by for non-pk models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: improve __str__ on models

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: add support for many to many in used_by

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 11:58:12 +02:00
Jens Langhammer 2210497569 events: add EMAIL_SENT event, show sent emails in event log
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 10:28:32 +02:00
Jens Langhammer 2addf71f37 outposts: add service connection to outpost API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-09 09:45:14 +02:00
Jens L dad24c03ff
outposts: set cookies for a domain to authenticate an entire domain (#971)
* outposts: initial cookie domain implementation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add cookie domain setting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: replace forward_auth_mode with general mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: rebuild proxy provider form

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: re-add forward_auth_mode for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix data.mode not being set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: always set log level to debug when testing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: use new mode attribute

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only ingress /akprox on forward_domain

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix error on ProxyProviderForm when not using proxy mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix default for outpost form's type missing

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: add additional desc for proxy modes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: fix service account permissions not always being updated

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: fix redirecting to incorrect host for domain mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: improve error handling for network errors

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: fix image naming not matching main imaeg

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: fix redirects for domain mode and traefik

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix colour for paragraphs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix consent stage not showing permissions correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: add domain-level docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* website/docs: fix broken links

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/proxy: remove dead code

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/flows: fix missing id for #header-text

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 23:10:17 +02:00
Jens Langhammer fb8d67a9d9 core: add configure_url to UserSettings for both stages and sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 19:21:27 +02:00
Jens Langhammer d9ffb23a80 web/admin: improve ldap form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-08 09:31:36 +02:00
Jens Langhammer bedf7fbcaa web/admin: don't show backup error when server can't backup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-06 12:51:23 +02:00
Jens Langhammer f5dbdbd48b *: add clear param to file upload API to delete stored file and reset field
closes #949

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 21:33:03 +02:00
Jens Langhammer 277c2f4aad core: make application.meta_icon nullable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#949
2021-06-05 21:06:52 +02:00
Jens Langhammer 86b450c6d1 flows: add compatibility_mode to toggle ShadyDOM
closes #894

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 20:04:30 +02:00
Jens Langhammer 24da24b5d5 stages/identification: allow setting of a password stage to check password and identity in a single step
closes #970

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-05 16:05:03 +02:00
Jens Langhammer cec47c3cfc providers/oauth2: show id_token issues for refresh token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 22:05:04 +02:00
Jens Langhammer 3ea2b16a12 tenants: add separate field for favicon url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 21:31:04 +02:00