trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,324 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

1856 Commits

Author SHA1 Message Date
Jens Langhammer a4b3519428 api: fix possible error in sentry proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-13 16:36:04 +02:00
Jens Langhammer 9a7fa39de4 events: allow setting a mapping for webhook transport to customise request payloads 
closes #1383

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-12 01:05:42 +02:00
Jens Langhammer c779ad2e3b *: use common user agent for all outgoing requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-11 21:08:26 +02:00
Jens Langhammer 7e7ef289ba admin: migrate to new update check, add option to disable update check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-11 20:35:23 +02:00
Jens Langhammer bf771f8b6c release: 2021.8.5 2021-09-11 19:20:13 +02:00
Jens Langhammer df4c8003b8 api: fix items of list fields having nullable set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 18:15:59 +02:00
Jens Langhammer 39b365c6ae sources/oauth: don't cancel flow when redirecting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 16:36:10 +02:00
Jens Langhammer e229eda96e outposts/controllers/kubernetes: don't create service monitor for embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 15:59:39 +02:00
Jens Langhammer 4448145aa9 providers/proxy: use auth/traefik subpath 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 13:53:04 +02:00
Jens Langhammer 7dfbcdbb81 stages/authenticator_duo: add API to "import" devices from duo 
closes #1371

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-10 11:35:09 +02:00
Jens Langhammer 2862b4ecfb core: remove ?v from static files 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 20:09:12 +02:00
Jens Langhammer 13d17dc729 lib: fix default listening port for metrics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:40:39 +02:00
Jens Langhammer 5cf3a13ca8 flows: fix invalid parameter in tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:36:51 +02:00
Jens Langhammer d0898a3869 flows: ensure all StageViews accept post, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 16:30:14 +02:00
Jens L 7158c9d2ea
core: metrics v2 (#1370) 
* outposts: add ldap metrics, move ping to 9100

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: add flow_executor metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* use port 9300 for metrics, add core metrics port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts/controllers/k8s: add service monitor creation support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 15:52:24 +02:00
Jens Langhammer da58796768 providers/proxy: fix defaults for old proxy providers (load providers directly) 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 13:54:24 +02:00
Jens Langhammer d98499a3fa providers/proxy: fix defaults for old proxy providers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-09 13:26:36 +02:00
Jens Langhammer f3ff398a44 providers/proxy: add metrics port to controllers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 23:01:22 +02:00
Jens Langhammer 533eb59a04 outposts/controllers: re-create service when mismatched ports to prevent errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 23:00:53 +02:00
Jens Langhammer 502393ee56 outpost/proxyv2: allow port offset via yaml 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 21:07:06 +02:00
Jens L 3c1b70c355
outposts/proxyv2 (#1365) 
* outposts/proxyv2: initial commit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add rs256

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

more stuff

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add forward auth an sign_out

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

match cookie name

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

re-add support for rs256 for backwards compat

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add error handler

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

ensure unique user-agent is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

set cookie duration based on id_token expiry

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

build proxy v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add ssl

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add basic auth and custom header support

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add application cert loading

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

implement whitelist

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add redis

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

migrate embedded outpost to v2

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

remove old proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

providers/proxy: make token expiration configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

add metrics

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

fix tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* providers/proxy: only allow one redirect URI

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix docker build for proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove default port offset

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add AUTHENTIK_HOST_BROWSER

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests: fix e2e/integration tests not using proper tags

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* remove references of old port

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix user_attributes not being loaded correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup dependencies

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* cleanup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-08 18:04:56 +00:00
Jens Langhammer de3e1c3dbc sources/oauth: fix FlowExecutor view call 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:39:03 +02:00
Jens Langhammer 3c6aac5435 sources/oauth: prevent potentially confidential data from being logged 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:05:18 +02:00
Jens Langhammer eeb755ab7d root: show location header in logs when redirecting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:04:00 +02:00
Jens Langhammer 70d0dd51a5 sources/oauth: cancel currently active flows before redirecting out 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-07 11:03:45 +02:00
Jens Langhammer 0bae550520 root: include authentik version in backup naming 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-05 20:25:02 +02:00
github-actions[bot] 9dbafaaea2 web: Update Web API Client version (#1348) 
Signed-off-by: GitHub <noreply@github.com>

Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 22:49:16 +02:00
Jens Langhammer 2db8b07578 events: add mark_all_seen 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 22:08:12 +02:00
Jens Langhammer b7ef076798 outposts: add expected outpost replica count to metrics 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 15:56:57 +02:00
Jens Langhammer 37c29a073e policies/password: fix symbols not being checked correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 15:21:48 +02:00
Jens Langhammer 6ec8432217 policies/password: don't use regex for symbol detection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 14:36:01 +02:00
Jens Langhammer 3ba84a8e8b stages/identification: fix empty user_fields query returning first user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 14:07:14 +02:00
Jens Langhammer 3378e82ec7 root: fix is_secure with safari on debug environments 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-04 13:45:50 +02:00
Jens Langhammer e09a27cf87 events: remove authentik_events gauge 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 18:04:26 +02:00
Jens Langhammer 200e409d91 core: minor query optimization 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 14:02:57 +02:00
Jens Langhammer d92d8e6dbb api: add additional filters for ldap and proxy providers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 10:43:09 +02:00
Jens Langhammer c2b9dc5c75 api: cache schema, fix server urls 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-03 10:23:14 +02:00
Jens Langhammer 276d8fe5cf release: 2021.8.4 2021-09-02 20:21:21 +02:00
Jens Langhammer 7fea20375f *: fix tests not using APITestCase 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 19:14:21 +02:00
Jens Langhammer f0db408699 api: add v3 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 17:40:02 +02:00
Jens Langhammer cc5cc43baa api: fix sentry endpoint not working due to mime-media 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 16:56:53 +02:00
Jens Langhammer e512f085db root: allow enabling s3 backup ssl verification 
closes #1332

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-02 09:41:55 +02:00
Jens Langhammer 26fd66d831 stages/authenticator_validate: fix variable shadowing, optimization 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-01 19:54:54 +02:00
Jens Langhammer 4fc8e61f8c stages/authenticator_validate: show single button for multiple webauthn authenticators 
tested with browser + yubikey 5

closes #1096

The order of allowCredentials doesn't seem to matter, chrome seems to always choose the internal authenticator first.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-01 19:28:52 +02:00
Jens Langhammer 17cb76c334 stages/invitation: fix invitation not inheriting ExpiringModel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-09-01 14:25:19 +02:00
Jens Langhammer 5745ffa0a8 ci: don't login to docker on forks 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-31 09:31:10 +02:00
Jens Langhammer 1b8271d767 flows: disable compatibility_mode by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 17:18:43 +02:00
Jens Langhammer 3e9f5ec5ef providers/proxy: improve error handling for non-tls ingresses 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 14:43:57 +02:00
Jens Langhammer 63f57b6a77 events: improve logging for task exceptions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 14:43:44 +02:00
Jens Langhammer a016f99450 core: fix user_obj being empty on token API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-30 12:51:17 +02:00
Jens Langhammer 0c6e781e5b providers/proxy: fix traefik middleware being generated with wrong ports for embedded outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-29 20:49:11 +02:00
Jens Langhammer 523b96a6d2 api: add basic rate limiting for sentry endpoint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-29 19:33:18 +02:00
Jens Langhammer b1ed2154ac policies/password: fix PasswordStage not being usable with prompt stages, rework validation logic 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-29 00:40:36 +02:00
Jens Langhammer 160139813d release: 2021.8.3 2021-08-28 16:58:44 +02:00
Jens Langhammer 582ad92c76 outposts/k8s: improve error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-28 14:58:26 +02:00
Jens Langhammer f61736e3d1 stages/identification: add error handling when password isn't set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-28 12:54:10 +02:00
Jens Langhammer 2d8b4f543b providers/proxy: fix url parsing for traefik labels on docker containers 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 22:21:16 +02:00
Jens Langhammer 8542dc10ab providers/proxy: fix docker container labels not being inherited correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 20:20:34 +02:00
Jens Langhammer 12ddee3bb6 outpost: add additional labels to docker container 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 19:26:27 +02:00
Jens Langhammer dc41d0af27 outposts: add configurable docker_network for outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-27 19:26:11 +02:00
Jens Langhammer c4f72c2bc1 release: 2021.8.2 2021-08-26 17:58:20 +02:00
Jens Langhammer e92f9836e3 root: allow django auth backend for upgrading users with cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-26 17:57:25 +02:00
Jens Langhammer 897f6f3473 release: 2021.8.1 2021-08-26 16:03:45 +02:00
Jens Langhammer 2ae164df78 *: cleanup api schema warnings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-26 09:36:41 +02:00
Jens Langhammer 0ccec96490 core: make user optional in token creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 21:21:51 +02:00
Jens Langhammer d79975c409 core: fix user object for token not be setable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 20:43:34 +02:00
Jens Langhammer 20d65035d5 core: fix error when user updates themselves 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 17:52:50 +02:00
Jens Langhammer 8d6227377f core: fix error for asgi error handler with websockets 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-25 10:24:01 +02:00
Jens Langhammer 4d27694706 release: 2021.8.1-rc2 2021-08-24 21:29:29 +02:00
Jens Langhammer d7ad5f6a16 core: add API to create service account with token for app password 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 20:09:22 +02:00
Jens Langhammer 5af9a3d3be sources/saml: fix error when getting metadata 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 16:51:08 +02:00
Jens Langhammer dec34bc948 stages/password: fix replace_inbuilt not being called 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 16:37:39 +02:00
Jens Langhammer cc6d5765f2 web/admin: fix inconsistent ordering for ldap property mappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 13:04:19 +02:00
Jens Langhammer 2ec1ff2ebb sources/ldap: fix error when modifying ldap source with password write-back 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 13:03:41 +02:00
Jens Langhammer 884c2bd0e9 root: fix missing ldap backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 13:03:19 +02:00
Jens Langhammer 2c938ec9dc stages/password: sort backends in migration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 12:44:45 +02:00
Jens Langhammer 9733caf3b7 admin: use copy for environ api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 11:39:49 +02:00
Jens Langhammer 10e50bc77f stages/user_login: improve logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:58:50 +02:00
Jens Langhammer 5be152e12d stages/password: fix migration error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:57:20 +02:00
Jens Langhammer b0efab6d6d admin: add env to API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-24 10:55:46 +02:00
Jens Langhammer c60ba91fee core: fix auth saving entire models into session 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 23:59:43 +02:00
Jens Langhammer cba255eaaa Merge branch 'master' into app-passwords 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/tests/test_source_flow_manager.py
#	authentik/stages/authenticator_validate/tests.py
#	authentik/stages/password/tests.py
#	scripts/generate_ci_config.py
 2021-08-23 21:21:12 +02:00
Jens L 859cf2bd8f
lib: move id and key generators to lib (#1286) 
* lib: move generators to lib

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* core: bump default token key size

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* *: fix split being used for http basic auth instead of partition

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/elements: don't rethrow error in ActionButton

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:27:38 +02:00
Jens Langhammer a2578ffaad core: add token tests for invalid intent and token auth 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 20:21:54 +02:00
Jens Langhammer 888526a2a7 stages/user_write: fix wrong fallback authentication backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 19:31:23 +02:00
Jens Langhammer 27cc5d7138 core: fix authentication error when no request is given 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 19:09:53 +02:00
Jens Langhammer 5face5410f web/admin: select all password stage backends by default 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 18:08:29 +02:00
Jens Langhammer e27a6fdeeb events: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:48:28 +02:00
Jens Langhammer 033c9a3bd3 core: fix token intent not defaulting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:33:35 +02:00
Jens Langhammer 0b280c0a47 website: fix example flows using incorrect backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:26:07 +02:00
Jens Langhammer 07a4f474f4 website/docs: add docs for `auth_method` and `auth_method_args` fields 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:23:55 +02:00
Jens Langhammer 244dc671db Merge branch 'master' into app-passwords 2021-08-23 17:12:17 +02:00
Jens Langhammer 4308136108 root: fix error_handler for websocket 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:12:11 +02:00
Jens Langhammer 69a0153619 core: use custom inbuilt backend, set backend login information in flow plan for events 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 17:09:53 +02:00
Jens Langhammer 00e9b91f56 web/admin: fix missing app passwords backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:47:38 +02:00
Jens Langhammer 4cf76fdcda stages/password: auto-enable app password backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:39:39 +02:00
Jens Langhammer f217d34a98 web/admin: allow users to create app password tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:27:39 +02:00
Jens Langhammer 9a6a3e66b8 root: update schema 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:14:33 +02:00
Jens Langhammer 20572c728d core: add new token intent and auth backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 16:05:29 +02:00
Jens Langhammer f6953296d8 outposts: add recursion limit for docker controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:25:28 +02:00
Jens Langhammer e4790f9060 core: handle error when ?for_user is not numberical 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:25:18 +02:00
Jens Langhammer 58712047e1 root: add ASGI Error handler 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:15:12 +02:00
Jens Langhammer 85915905dc web/flows: fix error during error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 15:11:30 +02:00
Jens Langhammer 12e2f7b945 outposts: add repair_permissions command 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 14:53:53 +02:00
Jens Langhammer 45d47f828a outpost: handle non-existant permission 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 14:39:47 +02:00
dependabot[bot] 7efec281be
build(deps-dev): bump pylint from 2.9.6 to 2.10.2 (#1280) 
* build(deps-dev): bump pylint from 2.9.6 to 2.10.2

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.9.6 to 2.10.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.9.6...v2.10.2)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: add missing encoding to open() calls

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-23 10:10:31 +02:00
Jens Langhammer 7639cdad0a release: 2021.8.1-rc1 2021-08-22 20:17:35 +02:00
Jens Langhammer b003e8e1e8 sources/oauth: fix openidconnect provider name 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 18:36:06 +02:00
Jens Langhammer 294d70ae4d outposts/ldap: move virtual groups to other OU for lookups, conditionally skip requests based on search filter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 17:53:09 +02:00
Jens Langhammer 3e909ae6bb core: allow filtering users by the groups they are in 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 16:27:48 +02:00
Jens Langhammer b4f738492d sources/oauth: improve UI with prefilled urls (when customizable) and hiding provider type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:52:41 +02:00
Jens Langhammer bff7addb55 stages/password: adjust name of default prompt stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:16:18 +02:00
Jens Langhammer 2a90c0b35e sources/oauth2: migrate to microsoft graph instead of azure graph 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 15:15:29 +02:00
Jens Langhammer 93e27d1959 web: improve failed request handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 14:40:45 +02:00
Jens Langhammer 02c736d784 lib: ignore installation specific errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 14:14:18 +02:00
Jens Langhammer 6433b5982e api: add cache timeouts to config API for outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-21 14:14:18 +02:00
Jens Langhammer 18eccd995d sources/plex: fix linting error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-17 13:44:54 +02:00
Jens Langhammer 495b068be5 web: add plex connection deletion support 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-17 13:02:40 +02:00
Jens Langhammer 84c4547005 sources/plex: add API for user connections 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-17 13:02:40 +02:00
Jens Langhammer 8fe38b528b outposts: fix managed check 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-16 09:36:01 +02:00
Jens Langhammer 0a6efab7cb outposts: fix syntax 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-15 20:59:37 +02:00
Jens Langhammer b35e62e5ae outposts: don't start docker container for embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-15 18:10:49 +02:00
Jens Langhammer 2592fc3826 sources/ldap: allow for anonymous binds, fix sync_users_password not working correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 19:09:29 +02:00
Jens Langhammer d9ece98bbc core: fix token expiration not being updated upon key rotation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:22:42 +02:00
Jens Langhammer 1524efcf51 core: fix expired tokens not being returned by API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 17:21:53 +02:00
Jens Langhammer c92c0102ca website/docs: add database port parameter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-12 02:24:36 +02:00
Jens Langhammer c6dddc97f0 core: fix error when migrating with AK_ADMIN_TOKEN set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 22:36:52 +02:00
Jens Langhammer 38292a588b website/docs: add docs for automated installs 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:57:58 +02:00
Jens Langhammer e90da9283e core: add support to bootstrap token on initial install using AK_ADMIN_TOKEN in environment 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 21:45:49 +02:00
Jens Langhammer e0e0f4fa6c core: fix users's group list not allowing blank values 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-11 20:16:45 +02:00
Jens Langhammer ec95a2bddc core: allow changing of groups a user is in from user api 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:31:30 +02:00
Jens Langhammer de9d483b9f admin: add API to show embedded outpost status, add notice when its not configured properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 19:16:11 +02:00
Jens Langhammer 557724768a core: add API to directly send recovery link to user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-10 13:54:59 +02:00
Jens Langhammer d18e829d80 providers/ldap: fix error in outpost when certificate is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 20:47:26 +02:00
Jens Langhammer 7a836e0d7e api: fix backup capability not being detected correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 00:32:29 +02:00
Jens Langhammer f496b8b5d7 providers/oauth2: add more test cases for token view 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-09 00:20:32 +02:00
Jens Langhammer 837fa23af0 outpost: only set embedded outpost config on creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 22:23:33 +02:00
Jens Langhammer 665c1aa81b providers/proxy: don't create ingress when no hosts are defined 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 21:46:05 +02:00
Jens Langhammer ebc6afe015 outpost: fix detection of embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 21:39:08 +02:00
Jens Langhammer 45bee4b4dc outposts: fix test for config validation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 17:14:05 +02:00
Jens Langhammer c025d64ba3 outpost: revert managed config, make authentik_host field optional 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:58:01 +02:00
Jens Langhammer 2a53bc4330 outpost: add fallback for authentik_host when its not set in config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:32:26 +02:00
Jens Langhammer 8180d6f9e8 outposts: don't override authentik_host for embedded outpost authentik_host 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:29:33 +02:00
Jens Langhammer ccfc1dbcc2 *: make all PropertyMappings filterable by multiple managed attributes 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 16:06:44 +02:00
Jens Langhammer 3367b83368 providers/saml: use idp-initiated sso flow as launch url 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 15:01:52 +02:00
Jens Langhammer f0a8c30ce9 outposts: create different service when using embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-08 14:01:39 +02:00
Jens Langhammer b36a3100e6 outposts: allow empty provider list for embedded provider 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 22:32:44 +02:00
Jens Langhammer e02207f38d outpost/embedded: use redis session backend 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 22:12:22 +02:00
Jens Langhammer 9a8240bdd1 proviers/saml: fix validation error not being raised 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 21:39:30 +02:00
Jens Langhammer f6ab241219 providers/oauth2: fix accessing undefined variable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 21:35:17 +02:00
Jens Langhammer b0f09eb2c4 web/admin: fix Table not updating selectedElements correctly after update 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 20:53:28 +02:00
Jens Langhammer 9c9addb0ce *: ensure all resources can be filtered 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-07 16:34:14 +02:00
Jens Langhammer 2d5094fdf7 root: fix formatting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-06 00:11:24 +02:00
Jens Langhammer 8044818a4d core: add additional cleanup for authenticated sessions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 23:25:40 +02:00
Jens Langhammer a43fb026a0 Merge branch 'version-2021.7' 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	authentik/providers/saml/processors/metadata_parser.py
#	web/src/pages/sources/oauth/OAuthSourceForm.ts
#	web/src/pages/sources/plex/PlexSourceForm.ts
#	web/src/pages/users/UserForm.ts
 2021-08-05 20:23:32 +02:00
Jens Langhammer 18211a2033 release: 2021.7.3 2021-08-05 19:23:03 +02:00
Jens Langhammer 1b91543add core: add UserSelfSerializer and separate method for users to update themselves with limited fields 
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/core/api/users.py
#	web/src/elements/forms/ModelForm.ts
#	web/src/pages/user-settings/UserDetailsPage.ts
#	web/src/pages/user-settings/UserSettingsPage.ts
 2021-08-05 17:47:45 +02:00
Jens Langhammer 6fe5175f21 core: add UserSelfSerializer and separate method for users to update themselves with limited fields 
rework user settings page to better use form
closes #1227

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-05 17:42:19 +02:00
Jens Langhammer aa4f7fb2b6 providers/saml: fix error when PropertyMapping return value isn't string 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-04 00:22:07 +02:00
Jens Langhammer 4f1c11c5ef providers/saml: add WantAssertionsSigned 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	authentik/providers/saml/processors/metadata_parser.py
 2021-08-04 00:21:54 +02:00
Jens Langhammer a449f9c69b providers/saml: fix error when PropertyMapping return value isn't string 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 22:40:56 +02:00
Jens Langhammer 36b346662c providers/saml: add WantAssertionsSigned 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 22:40:13 +02:00
Jens Langhammer 9d392931df root: fix lint errors from re-format 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 18:09:16 +02:00
Jens Langhammer 77ed25ae34 root: reformat to 100 line width 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-03 17:45:16 +02:00
Jens Langhammer 9c9bcb7a01 Merge branch 'version-2021.7' 2021-08-01 19:23:22 +02:00
Jens Langhammer add7a80fdc release: 2021.7.2 2021-08-01 19:11:50 +02:00
Jens Langhammer aac91c2e9d stages/email: handle OSError 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 18:25:53 +02:00
Jens Langhammer 85e86351cd flows: fix flows not redirecting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 18:25:53 +02:00
Jens Langhammer a939e224fc stages/email: handle OSError 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 17:53:13 +02:00
Jens Langhammer 1fc2bcf02b flows: fix flows not redirecting correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 17:50:43 +02:00
Jens Langhammer d767504474 flows: don't check redirect URL when set from flow plan (set from authentik or policy) 
closes #1203

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:23:46 +02:00
Jens Langhammer f84cd6208c flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:23:46 +02:00
Jens Langhammer 1ec540ea9a providers/saml: fix metadata being inaccessible without authentication 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:23:46 +02:00
Jens Langhammer 4e5dba1d0b flows: don't check redirect URL when set from flow plan (set from authentik or policy) 
closes #1203

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 15:10:45 +02:00
Jens Langhammer 92a448b677 flows: fix unhandled error in stage execution not being logged as SYSTEM_EXCEPTION event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 14:56:48 +02:00
Jens Langhammer f875149983 providers/saml: fix metadata being inaccessible without authentication 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 14:50:17 +02:00
Jens Langhammer 29fe731bbf providers/saml: fix Error when getting metadata for invalid ID 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 14:09:22 +02:00
Jens Langhammer d70b81fe43 providers/saml: fix Error when getting metadata for invalid ID 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:50:54 +02:00
Jens Langhammer 26e66969c9 stages/invitation: delete invite only after full enrollment flow is completed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:22:02 +02:00
Jens Langhammer b58c913618 stages/invitation: delete invite only after full enrollment flow is completed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 13:21:27 +02:00
Jens Langhammer 72b7642c5a outposts: catch invalid ServiceConnection error in outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:33:21 +02:00
Jens Langhammer a97f842112 sources/plex: add background task to monitor validity of plex token 
closes #1205

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:33:21 +02:00
Jens Langhammer 35c1476bbe outposts: catch invalid ServiceConnection error in outpost controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:25:11 +02:00
Jens Langhammer 18bb4fd0bf sources/plex: add background task to monitor validity of plex token 
closes #1205

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-08-01 12:24:52 +02:00
Jens Langhammer 293c479364 outposts: ensure embedded outpost is created with integration selected 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-31 21:09:38 +02:00
Jens Langhammer 0cb4d64b57 stages/email: fix error when re-requesting email after token has expired 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:39:42 +02:00
Jens Langhammer a4fd58a0db events: ensure fallback result is set for on_failure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:39:42 +02:00
Jens Langhammer 8ceef82c55 stages/email: fix error when re-requesting email after token has expired 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:39:24 +02:00
Jens Langhammer f933cd99ad events: ensure fallback result is set for on_failure 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-30 09:37:53 +02:00
Jens Langhammer fb6e8ca1eb events: remove default result for MonitoredTasks, only save when result was set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 22:43:29 +02:00
Jens Langhammer 7ac5091e5a events: remove default result for MonitoredTasks, only save when result was set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 22:42:56 +02:00
Jens Langhammer bc9ff792a8 outposts: manage config for embedded outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 22:29:38 +02:00
Jens Langhammer a5c8caf909 providers/oauth2: fix error when requesting jwks keys with no rs256 aet 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 21:22:59 +02:00
Jens Langhammer 8495ff9fc0 providers/oauth2: fix error when requesting jwks keys with no rs256 aet 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 21:22:31 +02:00
Jens Langhammer a3981dd3cd providers/proxy: fix hosts for ingress not being compared correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:35:50 +02:00
Jens Langhammer affafc31cf sources/ldap: improve ms-ad password complexity checking 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:35:47 +02:00
Jens L f01bc20d44
Embedded outpost (#1193) 
* api: allow API requests as managed outpost's account when using secret_key

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load secret key from env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outposts: make listener IP configurable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost/proxy: run outpost in background and pass requests conditionally

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* outpost: unify branding to embedded

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web/admin: fix embedded outpost not being editable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix mismatched host detection

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix LDAP test not including user for embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* tests/e2e: fix user matching

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* api: add tests for secret_key auth

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* root: load environment variables using github.com/Netflix/go-env

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-29 11:30:30 +02:00
Jens Langhammer 75ff2480e2 providers/proxy: fix hosts for ingress not being compared correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-28 16:08:06 +02:00
Jens Langhammer bc7f84fff4 sources/ldap: improve ms-ad password complexity checking 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-28 12:47:52 +02:00
Jens Langhammer e6b515e3f7 release: 2021.7.1 2021-07-27 10:35:45 +02:00
Jens Langhammer b752540800 core: fix pagination not working correctly with applications API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 19:12:23 +02:00
Jens Langhammer e7b7bfddd6 providers/oauth2: fix blank redirect_uri not working with TokenView 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-26 11:29:16 +02:00
Jens Langhammer f21ebf5488 core: add tests for flow_manager 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 23:20:38 +02:00
Jens Langhammer 5615613ed1 core: fix CheckApplication's for_user flag not being checked correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 22:29:15 +02:00
Jens Langhammer 669329e49c tenants: set tenant uuid in sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-25 22:28:09 +02:00
Jens Langhammer 3c9cc9d421 Merge branch 'version-2021.7' 2021-07-24 20:07:42 +02:00
Jens Langhammer 1972464a20 tenants: make event retention configurable on tenant level 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-24 20:07:12 +02:00
Jens Langhammer 3041a30193 release: 2021.7.1-rc2 2021-07-24 18:32:05 +02:00
Jens Langhammer 8ae7403abc core: add group filter by member username and pk 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 19:35:41 +02:00
Jens Langhammer f6e1bfdfc8 outpost: fix 100% CPU Usage when not connected to websocket 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-23 18:57:26 +02:00
Jens Langhammer 8cd1223081 core: add email filter for user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 20:10:42 +02:00
Jens Langhammer 0a3fade1fd providers/proxy: remove deprecated field 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 16:20:26 +02:00
Jens Langhammer ff64814f40 web/admin: improve UI for notification toggle 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 14:17:56 +02:00
Jens Langhammer 66bfa6879d outposts/proxy: add X-Auth-Groups header to pass groups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 10:47:58 +02:00
Jens Langhammer c05240afbf lib: fix outpost fake-ip not working, add tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 10:10:25 +02:00
Jens Langhammer 7370dd5f3f outposts: ensure outpost SAs always have permissions to fake IP 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 10:02:20 +02:00
Jens Langhammer 896e5adce2 sources/ldap: fix lint 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-22 00:40:55 +02:00
Jens Langhammer a3abbcec6a sources/ldap: improve error handling for property mappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 23:49:09 +02:00
Jens Langhammer 70e000d327 providers/saml: improve error handling for property mappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 23:14:03 +02:00
Jens Langhammer a7467e6740 providers/oauth2: handler PropertyMapping exceptions and create event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 22:51:39 +02:00
Jens Langhammer b3da94bbb8 core: broaden error catching for propertymappings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 22:50:39 +02:00
Jens Langhammer 39ad9d7c9d release: 2021.7.1-rc1 2021-07-21 10:44:40 +02:00
Jens Langhammer ba9a4efc9b providers/oauth2: fix nonce field not being optional 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:34:01 +02:00
Jens Langhammer 902378af53 providers/oauth2: fix redirect_uris not having blank set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:22:09 +02:00
Jens Langhammer 2352a7f4d6 providers/oauth2: nonce is only required for implicit flows, don't check or fallback for other flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-21 00:21:08 +02:00
Jens Langhammer a2c587be43 outposts: don't authenticate as service user for flows to set remote-ip 
set outpost token as additional header and check that token (user) if they can override remote-ip

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-19 13:17:13 +02:00
Jens Langhammer 538a466090 root: fix middleware exception for outpost 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-18 22:10:50 +02:00
Jens Langhammer 322a343c81 root: fix log level not being set to DEBUG for tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-18 21:45:08 +02:00
Jens Langhammer b3159a74e5 Merge branch 'master' into inbuilt-proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Dockerfile
#	internal/outpost/ak/api.go
#	internal/outpost/ak/api_uag.go
#	internal/outpost/ak/global.go
#	internal/outpost/ldap/api_tls.go
#	internal/outpost/ldap/instance_bind.go
#	internal/outpost/ldap/utils.go
#	internal/outpost/proxy/api_bundle.go
#	outpost/go.mod
#	outpost/go.sum
#	outpost/pkg/ak/cert.go
 2021-07-17 12:49:38 +02:00
Starz0r ae77c872a0
root: celery requires additional parameters when tls is enabled (#1148) 2021-07-16 08:51:09 +02:00
Starz0r a5bb583268
root: optional TLS support on redis connections (#1147) 
* root: optional TLS support on redis connections

* root: don't use f-strings when not interpolating variables

* root: use f-string in redis protocol prefix interpolation

* root: glaring typo

* formatting

* small formatting change I missed

* root: swap around default redis protocol prefixes
 2021-07-15 11:48:52 +02:00
Jens Langhammer 212ff11b6d api: fix Capabilities check for s3 backup 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-15 09:58:07 +02:00
Jens Langhammer aa701c5725 core: don't delete expired tokens, rotate their key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:47:32 +02:00
Jens Langhammer 6f98833150 core: allow users to create non-expiring tokens when flag is set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 21:15:14 +02:00
Jens Langhammer 7c2decf5ec providers/ldap: squash migrations 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-14 09:22:25 +02:00
Lukas Söder 7f39399c32
providers/ldap: Added auto-generated uidNumber and guidNumber generated attributes for use with SSSD and similar software. (#1138) 
* Added auto-generated uidNumber and guidNumber generated attributes for
use with SSSD and similar software.

The starting number for uid/gid can be configured iva environtment
variables and is by default 2000 which should work fine for most instances unless there are more than
999 local accounts on the server/computer.

The uidNumber is just the users Pk + the starting number.
The guidNumber is calculated by the last couple of bytes in the uuid of
the group + the starting number, this should have a low enough chance
for collisions that it's going to be fine for most use cases.

I have not added any interface stuff for configuring the environment variables as I couldn't really find my way around all the places I'd have to edit to add it and the default values should in my opinion be fine for 99% use cases.

* Add a 'fake' primary group for each user

* First attempt att adding config to interface

* Updated API to support new fields

* Refactor code, update documentation and remove obsolete comment

Simplify `GetRIDForGroup`, was a bit overcomplicated before.

Add an additional class/struct `LDAPGroup` which is the new argument
for `pi.GroupEntry` and util functions to create `LDAPGroup` from api.Group and api.User

Add proper support in the interface for changing gidNumber and uidNumber starting points

* make lint-fix for the migration files
 2021-07-14 09:17:01 +02:00
Jens Langhammer 84e9748340 policies/reputation: handle cache error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-13 18:47:32 +02:00
Jens L 7dfc621ae4
LDAP Provider: TLS support (#1137) 2021-07-13 18:24:18 +02:00
Jens Langhammer 2036827f04 api: add sentry tunnel 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-13 10:58:14 +02:00
Starz0r 5cfbb0993a
Allow for Configurable Redis Port (#1124) 
* root: make redis port configurable

* root: parse redis port from config as an integer

* code formatting

* lifecycle: truncate line under 100 chars

* lifecycle: incorrect indenting on newline
 2021-07-12 11:01:41 +02:00
Jens Langhammer 02f87032cc Merge branch 'master' into inbuilt-proxy 2021-07-11 12:41:16 +02:00
Jens Langhammer 3c0cc27ea1 events: fix error when slack notification request failed without a response 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:52:19 +02:00
Jens Langhammer ec254d5927 flows: allow variable substitution in flow titles 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:46:39 +02:00
Jens Langhammer 92ba77e9e5 core: fix error when setting icon/background to url longer than 100 chars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-09 19:31:32 +02:00
Jens Langhammer 90fe1c2ce8 providers/oauth2: allow blank redirect_uris to allow any redirect_uri 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-08 19:28:35 +02:00
Jens Langhammer 40428f5a82 providers/saml: fix parsing of POST bindings 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-06 16:54:58 +02:00
Jens Langhammer 007838fcf2 root: subclass SessionMiddleware to set Secure and SameSite flag depending on context 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-06 14:48:36 +02:00
Jens Langhammer 7c51afa36c root: set samesite to None for SAML POST flows 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-06 12:39:51 +02:00
Jens Langhammer 948db46406 Merge branch 'master' into inbuilt-proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	internal/constants/constants.go
#	outpost/pkg/version.go
 2021-07-05 19:11:26 +02:00
Jens Langhammer adc4cd9c0d release: 2021.6.4 2021-07-05 16:59:29 +02:00
Jens Langhammer df92111296 outposts: update outpost permissions on m2m change 
closes #1105

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 19:37:12 +02:00
Jens Langhammer 5afe88a605 outposts: fix empty message when docker outpost controller has changed nothing 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 13:48:43 +02:00
Jens Langhammer 320dab3425 core: only show `Reset password` link when recovery flow is configured 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:59:41 +02:00
Jens Langhammer 5fd408ca82 outposts: fix docker controller not checking ports correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-04 12:32:55 +02:00
Jens Langhammer becb9e34b5 outposts: fix docker controller not checking env correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 22:17:29 +02:00
Jens Langhammer 4917ab9985 outposts: fix container not being started after creation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 21:59:47 +02:00
Jens Langhammer bd92505bc2 core: add notice about duplicate keys 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 21:52:28 +02:00
Jens Langhammer bf0141acc6 crypto: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:57:25 +02:00
Jens Langhammer 0c8d513567 stages/user_write: add wrapper for post to user_write 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:25:37 +02:00
Jens Langhammer d07704fdf1 crypto: show both sha1 and sha256 fingerprints 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:25:27 +02:00
Jens Langhammer 086a8753c0 flows: handle old cached flow plans better 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 19:22:09 +02:00
Jens Langhammer 2c9b596f01 web/admin: run explicit update after loading instance 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:41:42 +02:00
Jens Langhammer 7257108091 sources/oauth: create configuration error event when profile can't be parsed as json 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 16:11:49 +02:00
Jens Langhammer 77a507d2f8 providers/oauth2: add revoked field, create suspicious event when previous token is used 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 15:59:01 +02:00
Jens Langhammer 3e60e956f4 providers/oauth2: fix CORS headers not being set for unsuccessful requests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 15:49:00 +02:00
Jens Langhammer 84ec70c2a2 providers/oauth2: use self.expires for exp field instead of calculating it again 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-03 15:32:58 +02:00
Jens Langhammer 3dc9e247d5 Merge branch 'master' into inbuilt-proxy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	internal/constants/constants.go
#	outpost/pkg/version.go
 2021-07-02 16:23:30 +02:00
Jens Langhammer 3e26170f4b providers/oauth2: deepmerge claims 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-07-01 17:33:46 +02:00
dependabot[bot] d102c59654
build(deps-dev): bump pylint from 2.8.3 to 2.9.0 (#1095) 
* build(deps-dev): bump pylint from 2.8.3 to 2.9.0

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.8.3...v2.9.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* *: update source for new pylint version

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-30 10:37:28 +02:00
Jens Langhammer 2a0bd50e23 outposts: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-29 17:08:12 +02:00
Jens Langhammer ce49d7ea5b outposts: make managed outposts 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-29 16:20:44 +02:00
Jens Langhammer 8429dd19b2 Merge branch 'master' into inbuilt-proxy 2021-06-29 16:20:24 +02:00
Jens Langhammer 680b182d95 release: 2021.6.3 2021-06-29 16:19:07 +02:00
Jens Langhammer 621843c60c flows: fix migration dependency issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 23:55:07 +02:00
Jens Langhammer c19da839b1 stages/user_write: add create_users_as_inactive flag 
close #1086

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 23:24:54 +02:00
Jens Langhammer fea1f3be6f stages/prompt: ensure hidden and static fields keep the value they had set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 22:29:36 +02:00
Jens Langhammer 6f5ec7838f events: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 20:57:28 +02:00
Jens Langhammer 5d3931c128 events: ignore notification non-existent in transport 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 20:15:00 +02:00
Jens Langhammer 262a8b5ae8 api: use partition instead of split for token 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 20:13:08 +02:00
Jens Langhammer 2b1356bb91 flows: add invalid_response_action to configure how the FlowExecutor should handle invalid responses 
closes #1079

Default value of `retry` behaves like previous version.

`restart` and `restart_with_context` restart the flow upon an invalid response. `restart_with_context` keeps the same context of the Flow, allowing users to bind policies that maybe aren't valid on the first execution, but are after a retry, like a reputation policy with a deny stage.

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-28 00:22:09 +02:00
Jens Langhammer ba9edd6c44 flows: handle possible errors with FlowPlans received from cache 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 22:03:48 +02:00
Jens Langhammer 3b2b3262d7 flows: add FlowStageBinding to flow plan instead of just stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 18:47:04 +02:00
Jens Langhammer 5431e7fe9d tenants: fix tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-27 15:12:47 +02:00
Jens Langhammer 7d9c74ce04 tenants: include all default flows in current_tenant 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 23:47:49 +02:00
Jens Langhammer 60c3cf890a events: add ability to create events via API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 23:37:03 +02:00
Jens Langhammer 0403f6d373 web/admin: add flow export button on flow view page 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 22:03:19 +02:00
Jens Langhammer 9bd613a31d stages/authenticator_duo: fix component not being set in API 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:49:58 +02:00
Jens Langhammer 3fe0483dbf core: fix flow background not correctly loading on initial draw 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-26 20:29:45 +02:00
Jens Langhammer b8bdf7a035 outposts: fix outpost being re-created when in host mode 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-25 15:15:18 +02:00
Jens Langhammer a3ff7cea23 providers/oauth2: fix usage of timedelta.seconds 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-25 11:55:00 +02:00
Jens Langhammer bb776c2710 outposts: check docker container ports match 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-25 11:54:35 +02:00
Jens Langhammer 6930c84425 events: only create SYSTEM_EXCEPTION event when error would've been sent to sentry 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-24 13:01:41 +02:00
Jens Langhammer 1554dc9feb outposts: make outpost managed 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-23 21:26:24 +02:00
Jens Langhammer 2b98637ca5 lib: fix regex_match result being inverted, add tests 
closes #1073

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-23 20:06:43 +02:00
Jens Langhammer d1198fc6c1 sources/ldap: improve error handling when checking for password complexity on non-ad setups 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1067
 2021-06-23 00:24:05 +02:00
Jens Langhammer 31a58e2c25 release: 2021.6.2 2021-06-22 23:35:10 +02:00
Jens Langhammer b69248dd55 stages/authenticator_validate: fix error when using not_configured_action=configure 
closes #1048

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 20:08:58 +02:00
Jens Langhammer 5ff5edf769 outposts: improve logging 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 18:51:02 +02:00
Jens Langhammer 939889e0ec tenants: fix footer_links for moved config 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 15:48:17 +02:00
Jens Langhammer 19ae6585dc lib: add tests for config loader 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 13:12:07 +02:00
Jens Langhammer c6ede78fba core: add support for custom urls for avatars 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-22 12:25:24 +02:00
Jens Langhammer 9b5e3921cb providers/saml: better handle decoding errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 22:48:34 +02:00
Jens Langhammer f6026fdb13 root: allow loading local /static files without debug flag 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 21:21:35 +02:00
Jens Langhammer a4856969f4 outposts: fix port and inner_port being mixed on docker controller 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 19:19:06 +02:00
Jens Langhammer 2aa7266688 crypto: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 16:24:03 +02:00
Jens Langhammer c0c246edab crypto: catch error when loading private key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 15:57:48 +02:00
Jens Langhammer 831b32c279 core: fix PropertyMapping's globals not matching Expression policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 15:54:43 +02:00
Jens Langhammer 70ccc63702 core: remove default flow background from default css, set static in base_full and dynamically in if/flow 
closes #1056

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:37:34 +02:00
Jens Langhammer de954250e5 root: make general cache timeouts configurable 
closes #974

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:18:49 +02:00
Jens Langhammer f268bd4c69 policies: make policy result cache timeout configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:17:58 +02:00
Jens Langhammer 57a48b6350 flows: make flow plan cache timeout configurable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 10:17:11 +02:00
Jens Langhammer 9aac114115 root: save temporary database dump in /tmp 
closes #1055

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-21 09:58:19 +02:00
Jens Langhammer 4327b35bc3 tenants: fix tenant not being queried correctly when using accessing over a child domain 
closes #1044

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-20 14:39:21 +02:00
Jens Langhammer f7047df40e policies: don't use policy cache when checking application access 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-20 13:30:07 +02:00
Jens Langhammer ede072889e core: deepmerge user.group_attributes, use group_attributes for user settings 
closes #1051

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 19:52:55 +02:00
Jens Langhammer 9cb7e6c606 root: set outposts.docker_image_base to gh-master for tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-19 15:49:49 +02:00
Jens Langhammer fe6963c428 release: 2021.6.1 2021-06-17 22:14:52 +02:00
Jens Langhammer 19cac4bf43 providers/saml: fix error when getting transient user identifier 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-17 13:52:10 +02:00
Jens Langhammer 4ca564490e providers/saml: add support for NameID type unspecified 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-17 12:45:53 +02:00
Jens Langhammer fcb795c273 providers/saml: fix NameIDPolicy not being parsed correctly, improve error handling 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-17 12:22:40 +02:00
Jens Langhammer cbea51ae5b stages/authenticator_duo: make Duo-admin viewset writeable 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 23:17:26 +02:00
Jens Langhammer e743f13f81 recovery: fix error when creating multiple keys for the same user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 23:04:35 +02:00
Jens Langhammer b20a8b7c17 stages/authenticator_duo: fix error when enrolling an existing user 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 23:04:24 +02:00
Jens Langhammer b53c94d76a flows: fix error when stage has incorrect type 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:52:00 +02:00
Jens Langhammer d4419d66c1 core: fix error when creating AuthenticatedSession without key 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:51:48 +02:00
Jens Langhammer 79044368d2 core: fix error getting stages when enrollment flow isn't set 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-16 22:45:42 +02:00
Jens Langhammer d9287d0c0e Merge branch 'next' 2021-06-15 23:43:44 +02:00
Jens Langhammer dec7a9cfb9 website/docs: add docs for flow executor 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-15 22:14:23 +02:00
Jens Langhammer e0f48a30b7 release: 2021.6.1-rc6 2021-06-15 21:18:33 +02:00
Jens Langhammer e8978adc1b outpost: fix syntax error when creating an outpost with connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-15 18:39:51 +02:00
Jens Langhammer 800df332b5 stages/authenticator_duo: don't create default duo stage 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:55:37 +02:00
Jens Langhammer 16c194d2dc core: fix upload api not checking clear properly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:34:47 +02:00
Jens Langhammer 53100a72fe stages/identification: fix challenges not being annotated correctly and API client not loading data correctly 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:28:11 +02:00
Jens Langhammer ec4c3f44cb events: don't create system exception event in debug 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 22:16:27 +02:00
Jens Langhammer f10bd432b3 policies/reputation: fix race condition in tests 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 20:40:40 +02:00
Jens Langhammer 74e578c2bf events: add tenant to event 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 18:43:29 +02:00
Jens Langhammer e584fd1344 events: catch unhandled exceptions from request as event, add button to open github issue 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 17:22:58 +02:00
Jens Langhammer 0e02925a3d stages/authenticator_validate: add tests for authenticator validation 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 16:32:36 +02:00
Jens Langhammer 5b837c3ccc providers/saml: improve error handling for signature errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 12:51:42 +02:00
Jens Langhammer 2580371f94 outposts: fix error when getting component for base service connection 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 12:38:29 +02:00
Jens Langhammer 4e9be85353 website/docs: add docs for outpost configuration 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-14 09:21:35 +02:00
Jens Langhammer 79508e1965 core: fix linting 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:41:50 +02:00
Jens Langhammer 3a88dde545 web: fix declaration of Intl 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 23:13:43 +02:00
Jens Langhammer cabbd18880 core: revert check_access API to get to prevent CSRF errors 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 21:47:49 +02:00
Jens Langhammer bb8559ee18 web: remove base interface 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 19:54:27 +02:00
Jens Langhammer afb84c7bc5 flows: fix error clearing flow background when no files have been uploaded 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 14:14:41 +02:00
Jens Langhammer fc8004db2b outposts: fix integrity error with tokens 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 13:36:54 +02:00
Jens Langhammer ddfc943bba root: fix build_hash being set incorrectly for tagged versions 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 13:32:18 +02:00
Jens Langhammer 572b8d87b5 api: fix import error 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:59:28 +02:00
Jens Langhammer 31d2ea65fd provider/proxy: mark forward_auth flag as deprecated 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2021-06-13 12:39:25 +02:00