Jens Langhammer
b99ac01228
release: 2023.5.5
2023-07-06 18:15:56 +02:00
Jens Langhammer
15026748d1
security: fix CVE-2023-36456
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
# Conflicts:
# website/sidebars.js
2023-07-06 18:15:46 +02:00
Jens Langhammer
2739376a2a
release: 2023.5.4
2023-06-22 21:45:33 +02:00
Jens Langhammer
be85eecac5
release: 2023.5.3
2023-06-01 19:35:13 +02:00
Jens Langhammer
5e5a74eebf
release: 2023.5.2
2023-05-26 23:54:12 +02:00
Jens Langhammer
6900ffffd8
release: 2023.5.1
2023-05-18 21:33:38 +02:00
Jens Langhammer
8faec99bd6
release: 2023.5.0
2023-05-16 14:00:48 +02:00
Jens L
906faf9cce
providers/proxy: fix panic when claims in session were nil ( #5569 )
...
* providers/proxy: fix panic when claims in session were nil
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add new options
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:58:44 +02:00
dependabot[bot]
4d58eba027
core: bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0 ( #5548 )
...
* core: bump github.com/getsentry/sentry-go from 0.20.0 to 0.21.0
Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/getsentry/sentry-go/releases )
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-go/compare/v0.20.0...v0.21.0 )
---
updated-dependencies:
- dependency-name: github.com/getsentry/sentry-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-09 11:22:57 +02:00
authentik-db-cooper
ab795e6642
internal: ignore insecure TLS certs ( #5483 )
...
* servers: ignore insecure TLS certs
* slight refactor to have a single place for tls config
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-05-05 15:57:52 +03:00
Jens L
b7b62ba089
providers/ldap: correctly use pagination in search results in both modes ( #5492 )
...
closes #4292
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-05 15:51:02 +03:00
Bardi Harborow
5c8f024d12
website: add documentation for AUTHENTIK_REDIS__TLS ( #5349 )
...
* website: add documentation for AUTHENTIK_REDIS__TLS
Signed-off-by: Bardi Harborow <bardi@bardiharborow.com>
* add tls reqs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Bardi Harborow <bardi@bardiharborow.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-04-23 11:37:53 +03:00
Jens L
bb92c4a967
providers/ldap: remove deprecated fields ( #5154 )
...
* providers/ldap: remove deprecated fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update changelog
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 14:10:24 +03:00
Jens L
367f86ecfb
root: optimise healthchecks ( #5337 )
...
* tests: remove redundant healthchecks
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* internal: do healthcheck within proxy instead of wget to use correct port
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tags
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-21 13:32:48 +03:00
Jens L
ce5f6d5d43
release: Version 2023.4 ( #5283 )
...
* release: 2023.4.0
* release: 2023.4.1
2023-04-18 10:45:17 +02:00
Jens L
8160663214
release: 2023.4.0 ( #5254 )
2023-04-14 13:20:22 +02:00
Jens L
fd2677af1f
root: bump api generator ( #5139 )
...
* root: bump api generator
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* bump api diff too
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* bump go api client
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* simplify go api generation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-01 18:10:52 +02:00
Jens L
32840d3909
web/admin: fix error adding users to groups ( #5016 )
...
* web/admin: fix error adding users to groups
and vice versa
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove seed
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 18:15:36 +01:00
Jens L
3f5effb1bc
providers/radius: simple radius outpost ( #1796 )
...
* initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* cleanup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* minor fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use search-select
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update locale
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix ip with port being sent to delegated ip
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add radius tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 16:54:35 +01:00
Jens L
ef028af7d1
providers/proxy: rework endpoints logic ( #4993 )
...
* providers/proxy: rework endpoints logic
again...this time with tests and better logic
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-18 18:51:20 +01:00
Jens L
8363016982
version: 2023.3 ( #4980 )
...
* release: 2023.3.0
* providers/ldap: fix duplicate attributes (#4972 )
closes #4971
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* providers/oauth2: fix response for response_type code and response_mode fragment (#4975 )
* web/flows: fix authenticator selector in dark mode (#4974 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* release: 2023.3.1
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-16 22:43:57 +01:00
Jens L
345fa1bed6
providers/ldap: fix duplicate attributes ( #4972 )
...
closes #4971
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-16 12:14:17 +01:00
Jens L
eaf56f4f3f
stages/user_login: stay logged in ( #4958 )
...
* add initial remember me offset
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add to go executor
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add ui for user login stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-15 20:21:05 +01:00
Jens L
6f6d22da13
release: 2023.3.0 ( #4925 )
2023-03-13 19:10:48 +01:00
Jens L
41d17dc543
internal: fix crash when port 9000 is in use ( #4863 )
...
fix crash when port 9000 is in use
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-07 13:27:46 +01:00
roche-quentin
cd99b6e48f
providers/ldap: making ldap compatible with synology ( #4694 )
...
* internal/outpost/ldap: making ldap compatible with synology
* fix duplicate attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add docs about homedirectory
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix duplicate attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add substitution to values
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 15:26:41 +01:00
sdimovv
51c6a14786
providers/ldap: Improve compatibility with LDAP clients ( #4750 )
...
* Fixed invalid LDAP attributes by replacing '.'s and '/'s with '-'
* Leave old fields for now for backward compatibility
* Add forgotten depreceated field
* Fix tests
* Fix tests
* use shorter attribute names
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* sanitize attributes
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* keep both sanitized and unsanitized user fields
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* add sanitized fields to test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2023-02-22 14:18:22 +01:00
Jens Langhammer
f70be86ddc
providers/proxy: strip scheme when comparing redirect URL
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-20 21:22:26 +01:00
Jens Langhammer
9f431396c0
providers/proxy: ensure issuer is correct when browser url override is set
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
#4715
2023-02-19 17:35:29 +01:00
Jens Langhammer
0874574e5c
*: add additional prometheus metrics, remove unusable high entropy metrics
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-19 17:08:40 +01:00
Jens Langhammer
d842fc4958
release: 2023.2.2
2023-02-15 19:53:42 +01:00
Jens Langhammer
acfa9c76d1
providers/ldap: check MFA password on password stage
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 16:27:08 +01:00
Jens Langhammer
d945d30cda
providers/proxy: fix value is too long with filesystem sessions
...
closes #4693
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 10:50:01 +01:00
Jens Langhammer
b6c120f555
providers/proxy: fix client credential flows not using http interceptor
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-15 00:22:56 +01:00
Jens Langhammer
80de3ee853
release: 2023.2.1
2023-02-14 18:52:36 +01:00
Jens Langhammer
58e001c3d5
internal: fix scheme not being forwarded correctly for host intercepted requests
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-14 14:31:04 +01:00
Jens Langhammer
81d70e5d41
release: 2023.2.0
2023-02-14 13:15:47 +01:00
Jens L
ec42b597ab
providers/proxy: send token request internally, with overwritten host header ( #4675 )
...
* send token request internally, with overwritten host header
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-13 16:34:47 +01:00
[information redacted]
d4dce5b250
root: fix config load order to include /etc/authentik/config.yml ( #4669 )
2023-02-12 23:52:13 +01:00
Jens Langhammer
8f70354e3c
internal: remove debug remnant from cookie testing
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-12 17:29:18 +01:00
Jens L
21e29744c2
providers/proxy: different cookie name based on hashed client id ( #4666 )
2023-02-12 16:34:57 +01:00
Jens L
af43330fd6
providers/oauth2: rework OAuth2 Provider ( #4652 )
...
* always treat flow as openid flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* improve issuer URL generation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refactoring
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update introspection
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more refinement
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate more
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix more things, update api
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* regen migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* start updating tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix implicit flow, auto set exp
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix timeozone not used correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix revoke
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* more timezone shenanigans
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix userinfo tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update web
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix proxy outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix api tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix missing at_hash for implicit flows
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* re-include at_hash in implicit auth flow
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use folder context for outpost build
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-09 20:19:48 +01:00
Jens Langhammer
5aa43eeb04
internal: better error message when outpost API controller couldn't fetch outposts
...
closes #4642
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-08 14:13:17 +01:00
Jens Langhammer
3170b2f92c
providers/proxy: add token support for basic auth
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-07 22:50:49 +01:00
Jens Langhammer
61b06eff06
providers/proxy: better log outpost token errors
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-06 20:26:43 +01:00
Jens Langhammer
146d54813c
providers/ldap: fix error not being checked correctly when fetching users
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 18:10:06 +01:00
Jens Langhammer
388367785d
*/saml: disable pretty_print, add signature tests
...
closes #4536
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-03 15:42:09 +01:00
Jens L
7d4ce41e12
providers/proxy: outpost wide logout implementation ( #4605 )
...
* initial outpost wide logout implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* handle deserialize error
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix file cleanup, add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-02-02 21:18:59 +01:00
Jens Langhammer
5ea9595c9c
internal: fix cache-control header
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
#4525
2023-01-25 21:18:20 +01:00
Jens L
a9b32e2f97
providers/ldap: add unbind flow execution ( #4484 )
...
add unbind flow execution
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-23 20:36:30 +01:00