Jens L
|
dad24c03ff
|
outposts: set cookies for a domain to authenticate an entire domain (#971)
* outposts: initial cookie domain implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add cookie domain setting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: replace forward_auth_mode with general mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: rebuild proxy provider form
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: re-add forward_auth_mode for backwards compat
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix data.mode not being set
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* root: always set log level to debug when testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: use new mode attribute
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: only ingress /akprox on forward_domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* providers/proxy: fix lint error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix error on ProxyProviderForm when not using proxy mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: fix default for outpost form's type missing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/admin: add additional desc for proxy modes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts: fix service account permissions not always being updated
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost/proxy: fix redirecting to incorrect host for domain mode
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: improve error handling for network errors
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outpost: fix image naming not matching main imaeg
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/proxy: fix redirects for domain mode and traefik
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix colour for paragraphs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix consent stage not showing permissions correctly
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: add domain-level docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* website/docs: fix broken links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* outposts/proxy: remove dead code
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web/flows: fix missing id for #header-text
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-08 23:10:17 +02:00 |
Jens Langhammer
|
fb8d67a9d9
|
core: add configure_url to UserSettings for both stages and sources
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-08 19:21:27 +02:00 |
Jens Langhammer
|
029d58191e
|
sources/saml: include metadata download link in API response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-08 17:22:03 +02:00 |
Jens Langhammer
|
75404f1345
|
web/admin: pass full configure flow URL instead of just boolean
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-08 17:14:54 +02:00 |
Jens Langhammer
|
ba1b23c879
|
flows: move flow relevant info into ContextualFlowInfo
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-08 16:53:28 +02:00 |
Jens Langhammer
|
1f35f73c66
|
api: add CAN_BACKUP capability
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-06 12:44:43 +02:00 |
Jens Langhammer
|
0032f535da
|
core: add minor tests for users api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-06 01:23:04 +02:00 |
Jens Langhammer
|
f5dbdbd48b
|
*: add clear param to file upload API to delete stored file and reset field
closes #949
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-05 21:33:03 +02:00 |
Jens Langhammer
|
86b450c6d1
|
flows: add compatibility_mode to toggle ShadyDOM
closes #894
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-05 20:04:30 +02:00 |
Jens Langhammer
|
0b90cfcec4
|
flows: set default background in code not model
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-05 19:38:13 +02:00 |
Jens Langhammer
|
24da24b5d5
|
stages/identification: allow setting of a password stage to check password and identity in a single step
closes #970
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-05 16:05:03 +02:00 |
Jens Langhammer
|
ed3859800c
|
core: improve API validation for Application's set_icon_url (fix JSON Syntax Error)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-03 00:39:56 +02:00 |
Jens Langhammer
|
cec47c3cfc
|
providers/oauth2: show id_token issues for refresh token
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-02 22:05:04 +02:00 |
Jens Langhammer
|
3ea2b16a12
|
tenants: add separate field for favicon url
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-02 21:31:04 +02:00 |
Jens Langhammer
|
6d0e0cbe5a
|
outposts: improve validation of providers (must match outpost type)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-06-02 16:04:41 +02:00 |
Jens Langhammer
|
e24a9e3119
|
policies: fix missing negate flag of policy bindings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-31 11:50:29 +02:00 |
Jens L
|
fb6242d2d3
|
Merge pull request #941 from goauthentik/authenticated-sessions
Session management
|
2021-05-30 15:12:49 +02:00 |
Jens Langhammer
|
0e8d9aa45d
|
api: add System info API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-30 14:01:20 +02:00 |
Jens Langhammer
|
66a04aeec5
|
api: add can_geo_ip capability
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-30 01:02:03 +02:00 |
Jens Langhammer
|
73338bdf32
|
core: add geo_ip to authenticated sessions if enabled
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-30 01:01:20 +02:00 |
Jens Langhammer
|
059da74d1c
|
core: add current attribute to authenticated_session API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-30 00:31:41 +02:00 |
Jens Langhammer
|
133fc38c05
|
core: initial authenticated sessions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-30 00:15:16 +02:00 |
Jens Langhammer
|
05b3c4ddb3
|
policies/reputation: save username instead of user object
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-29 22:49:58 +02:00 |
Jens Langhammer
|
8427fb87f6
|
tenants: add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-29 19:47:55 +02:00 |
Jens Langhammer
|
477ff85109
|
flows: migrate flow_unenrollment to tenant
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-29 18:44:02 +02:00 |
Jens Langhammer
|
9dd6b7d436
|
flows: remove default-enrollment
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-29 18:14:37 +02:00 |
Jens Langhammer
|
ff611f21cd
|
tenants: initial implementation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-29 17:47:25 +02:00 |
Jens Langhammer
|
523621daa2
|
core: make application's check_access API return a PolicyResult and accept for_user as superuser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-26 11:47:23 +02:00 |
Jens Langhammer
|
c4453f38a2
|
stages/identification: make shown sources configurable
closes #918
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-25 16:37:53 +02:00 |
Jens Langhammer
|
8ecac59eca
|
stages/prompt: annotate PromptChallengeResponse's additionalProperties
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-24 22:55:24 +02:00 |
Jens Langhammer
|
8183a51b72
|
stages/authenticator_duo: add missing duo device
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-24 22:16:29 +02:00 |
Jens Langhammer
|
127ebed5c6
|
flows: fix mismatched names
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-24 21:09:18 +02:00 |
Jens Langhammer
|
716923e17a
|
web/flows: update types
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-24 20:59:44 +02:00 |
Jens Langhammer
|
c6bb6709fd
|
flows: add default challenge response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-24 20:27:50 +02:00 |
Jens Langhammer
|
6f6ae7831e
|
flows: make use of oneOf OpenAPI to annotate all challenge types
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-24 14:11:23 +02:00 |
Jens Langhammer
|
3b41c662ed
|
stages/authenticator_validate: add Duo support
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-23 22:31:12 +02:00 |
Jens Langhammer
|
9f5a3c396d
|
stages/authenticator_duo: initial duo stage
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-23 21:10:39 +02:00 |
Jens Langhammer
|
1a0f72d0a8
|
Merge branch 'version-2021.5' into next
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
# Conflicts:
# authentik/stages/authenticator_static/api.py
# swagger.yaml
|
2021-05-21 21:33:18 +02:00 |
Jens Langhammer
|
b3390f0ab4
|
website/docs: update nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-20 22:06:55 +02:00 |
Jens Langhammer
|
be5a6c0310
|
api: add set_*_url method for Application and Flow to set icon/background to URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-20 17:18:40 +02:00 |
Jens Langhammer
|
92106ca4bf
|
api: add capabilities to API, add can_save_media
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-20 17:00:47 +02:00 |
Jens Langhammer
|
3cf0f07baf
|
*: fix API Schema for file uploads
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-17 23:12:52 +02:00 |
Jens Langhammer
|
9e7c9ae649
|
web: fix API Path
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-17 20:48:58 +02:00 |
Jens Langhammer
|
8b6292b3de
|
api: don't overwrite 400 and 403
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 20:54:58 +02:00 |
Jens Langhammer
|
cbed5a6522
|
api: fix missing error definitions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 19:53:04 +02:00 |
Jens Langhammer
|
589f806b7c
|
flows: fix schema for flow executor
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 19:13:31 +02:00 |
Jens Langhammer
|
41f6d3b6e7
|
stages/authenticator_static: add serializer for tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 18:55:47 +02:00 |
Jens Langhammer
|
d0f1daf025
|
admin: make tasks's retry api not ask for a body
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 18:43:47 +02:00 |
Jens Langhammer
|
d38fd603dd
|
web: fix more special API Calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 18:41:02 +02:00 |
Jens Langhammer
|
ba5374f6e1
|
web: mass update API calls
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2021-05-16 18:24:15 +02:00 |