diff --git a/Makefile b/Makefile index 9eccb9f785..0850d7cd23 100644 --- a/Makefile +++ b/Makefile @@ -206,24 +206,15 @@ gen-client-ts: gen-clean-ts ## Build and install the authentik API for Typescri gen-client-py: gen-clean-py ## Build and install the authentik API for Python mkdir -p ${PWD}/${GEN_API_PY} -ifeq ($(wildcard ${PWD}/${GEN_API_PY}/.*),) git clone --depth 1 https://github.com/goauthentik/client-python.git ${PWD}/${GEN_API_PY} -else - cd ${PWD}/${GEN_API_PY} && git pull -endif cp ${PWD}/schema.yml ${PWD}/${GEN_API_PY} make -C ${PWD}/${GEN_API_PY} build version=${NPM_VERSION} -gen-client-go: ## Build and install the authentik API for Golang +gen-client-go: gen-clean-go ## Build and install the authentik API for Golang mkdir -p ${PWD}/${GEN_API_GO} -ifeq ($(wildcard ${PWD}/${GEN_API_GO}/.*),) git clone --depth 1 https://github.com/goauthentik/client-go.git ${PWD}/${GEN_API_GO} -else - cd ${PWD}/${GEN_API_GO} && git reset --hard - cd ${PWD}/${GEN_API_GO} && git pull -endif cp ${PWD}/schema.yml ${PWD}/${GEN_API_GO} - make -C ${PWD}/${GEN_API_GO} build + make -C ${PWD}/${GEN_API_GO} build version=${NPM_VERSION} go mod edit -replace goauthentik.io/api/v3=./${GEN_API_GO} gen-dev-config: ## Generate a local development config file diff --git a/authentik/core/api/providers.py b/authentik/core/api/providers.py index 89e6f14e36..ea68a6915d 100644 --- a/authentik/core/api/providers.py +++ b/authentik/core/api/providers.py @@ -18,10 +18,14 @@ from authentik.core.models import Provider class ProviderSerializer(ModelSerializer, MetaNameSerializer): """Provider Serializer""" - assigned_application_slug = ReadOnlyField(source="application.slug") - assigned_application_name = ReadOnlyField(source="application.name") - assigned_backchannel_application_slug = ReadOnlyField(source="backchannel_application.slug") - assigned_backchannel_application_name = ReadOnlyField(source="backchannel_application.name") + assigned_application_slug = ReadOnlyField(source="application.slug", allow_null=True) + assigned_application_name = ReadOnlyField(source="application.name", allow_null=True) + assigned_backchannel_application_slug = ReadOnlyField( + source="backchannel_application.slug", allow_null=True + ) + assigned_backchannel_application_name = ReadOnlyField( + source="backchannel_application.name", allow_null=True + ) component = SerializerMethodField() diff --git a/authentik/core/tests/test_applications_api.py b/authentik/core/tests/test_applications_api.py index c0bc341e91..fea226b037 100644 --- a/authentik/core/tests/test_applications_api.py +++ b/authentik/core/tests/test_applications_api.py @@ -107,6 +107,8 @@ class TestApplicationsAPI(APITestCase): "provider_obj": { "assigned_application_name": "allowed", "assigned_application_slug": "allowed", + "assigned_backchannel_application_name": None, + "assigned_backchannel_application_slug": None, "authentication_flow": None, "invalidation_flow": None, "authorization_flow": str(self.provider.authorization_flow.pk), @@ -162,6 +164,8 @@ class TestApplicationsAPI(APITestCase): "provider_obj": { "assigned_application_name": "allowed", "assigned_application_slug": "allowed", + "assigned_backchannel_application_name": None, + "assigned_backchannel_application_slug": None, "authentication_flow": None, "invalidation_flow": None, "authorization_flow": str(self.provider.authorization_flow.pk), diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index 318c3e3ff4..1a3aa4e0f6 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -47,7 +47,9 @@ class OutpostSerializer(ModelSerializer): ) providers_obj = ProviderSerializer(source="providers", many=True, read_only=True) service_connection_obj = ServiceConnectionSerializer( - source="service_connection", read_only=True + source="service_connection", + read_only=True, + allow_null=True, ) refresh_interval_s = SerializerMethodField() diff --git a/authentik/providers/rac/tests/test_endpoints_api.py b/authentik/providers/rac/tests/test_endpoints_api.py index d4421192df..bda709a78a 100644 --- a/authentik/providers/rac/tests/test_endpoints_api.py +++ b/authentik/providers/rac/tests/test_endpoints_api.py @@ -75,6 +75,8 @@ class TestEndpointsAPI(APITestCase): "component": "ak-provider-rac-form", "assigned_application_slug": self.app.slug, "assigned_application_name": self.app.name, + "assigned_backchannel_application_name": None, + "assigned_backchannel_application_slug": None, "verbose_name": "RAC Provider", "verbose_name_plural": "RAC Providers", "meta_model_name": "authentik_providers_rac.racprovider", @@ -126,6 +128,8 @@ class TestEndpointsAPI(APITestCase): "component": "ak-provider-rac-form", "assigned_application_slug": self.app.slug, "assigned_application_name": self.app.name, + "assigned_backchannel_application_name": None, + "assigned_backchannel_application_slug": None, "connection_expiry": "hours=8", "delete_token_on_disconnect": False, "verbose_name": "RAC Provider", @@ -155,6 +159,8 @@ class TestEndpointsAPI(APITestCase): "component": "ak-provider-rac-form", "assigned_application_slug": self.app.slug, "assigned_application_name": self.app.name, + "assigned_backchannel_application_name": None, + "assigned_backchannel_application_slug": None, "connection_expiry": "hours=8", "delete_token_on_disconnect": False, "verbose_name": "RAC Provider", diff --git a/go.mod b/go.mod index bb93fda8fd..147c35f104 100644 --- a/go.mod +++ b/go.mod @@ -30,7 +30,7 @@ require ( github.com/spf13/cobra v1.10.2 github.com/stretchr/testify v1.11.1 github.com/wwt/guac v1.3.2 - goauthentik.io/api/v3 v3.2026020.15 + goauthentik.io/api/v3 v3.2026020.17-0.20260126165226-52b0b9497497 golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab golang.org/x/oauth2 v0.34.0 golang.org/x/sync v0.19.0 diff --git a/go.sum b/go.sum index df5ae6f19b..5951395c86 100644 --- a/go.sum +++ b/go.sum @@ -216,6 +216,10 @@ go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= goauthentik.io/api/v3 v3.2026020.15 h1:iy0HghQv55+tsoZMcIrdcjCxgTtY0Ah4zKQaIBsq3aY= goauthentik.io/api/v3 v3.2026020.15/go.mod h1:82lqAz4jxzl6Cg0YDbhNtvvTG2rm6605ZhdJFnbbsl8= +goauthentik.io/api/v3 v3.2026020.17-0.20260126150212-4f1447f77ee4 h1:hfGRFKVtlh9D0n6TVxkrO8j8gIv6SxacVHuyb86BuQ0= +goauthentik.io/api/v3 v3.2026020.17-0.20260126150212-4f1447f77ee4/go.mod h1:uYa+yGMglhJy8ymyUQ8KQiJjOb3UZTuPQ24Ot2s9BCo= +goauthentik.io/api/v3 v3.2026020.17-0.20260126165226-52b0b9497497 h1:uebnevXt0MnVIdmBPh39hCggT5Mz/DW8diDvv1n9W50= +goauthentik.io/api/v3 v3.2026020.17-0.20260126165226-52b0b9497497/go.mod h1:uYa+yGMglhJy8ymyUQ8KQiJjOb3UZTuPQ24Ot2s9BCo= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= diff --git a/internal/outpost/ak/api.go b/internal/outpost/ak/api.go index 76acbf7429..4aa37e4454 100644 --- a/internal/outpost/ak/api.go +++ b/internal/outpost/ak/api.go @@ -83,7 +83,7 @@ func NewAPIController(akURL url.URL, token string) *APIController { // The service account this token belongs to should only have access to a single outpost outposts, _ := retry.DoWithData[*api.PaginatedOutpostList]( func() (*api.PaginatedOutpostList, error) { - outposts, _, err := apiClient.OutpostsApi.OutpostsInstancesList(context.Background()).Execute() + outposts, _, err := apiClient.OutpostsAPI.OutpostsInstancesList(context.Background()).Execute() return outposts, err }, retry.Attempts(0), @@ -99,7 +99,7 @@ func NewAPIController(akURL url.URL, token string) *APIController { log.WithField("name", outpost.Name).Debug("Fetched outpost configuration") - akConfig, _, err := apiClient.RootApi.RootConfigRetrieve(context.Background()).Execute() + akConfig, _, err := apiClient.RootAPI.RootConfigRetrieve(context.Background()).Execute() if err != nil { log.WithError(err).Error("Failed to fetch global configuration") return nil @@ -188,7 +188,7 @@ func (a *APIController) Token() string { func (a *APIController) OnRefresh() error { // Because we don't know the outpost UUID, we simply do a list and pick the first // The service account this token belongs to should only have access to a single outpost - outposts, _, err := a.Client.OutpostsApi.OutpostsInstancesList(context.Background()).Execute() + outposts, _, err := a.Client.OutpostsAPI.OutpostsInstancesList(context.Background()).Execute() if err != nil { log.WithError(err).Error("Failed to fetch outpost configuration") return err diff --git a/internal/outpost/ak/crypto.go b/internal/outpost/ak/crypto.go index 9bf647384d..4649c505db 100644 --- a/internal/outpost/ak/crypto.go +++ b/internal/outpost/ak/crypto.go @@ -11,7 +11,7 @@ import ( ) type CryptoStore struct { - api *api.CryptoApiService + api *api.CryptoAPIService log *log.Entry @@ -19,7 +19,7 @@ type CryptoStore struct { certificates map[string]*tls.Certificate } -func NewCryptoStore(cryptoApi *api.CryptoApiService) *CryptoStore { +func NewCryptoStore(cryptoApi *api.CryptoAPIService) *CryptoStore { return &CryptoStore{ api: cryptoApi, log: log.WithField("logger", "authentik.outpost.cryptostore"), diff --git a/internal/outpost/flow/executor.go b/internal/outpost/flow/executor.go index b2ee5e0751..369cb8c08c 100644 --- a/internal/outpost/flow/executor.go +++ b/internal/outpost/flow/executor.go @@ -148,7 +148,7 @@ func (fe *FlowExecutor) SetSession(s *http.Cookie) { func (fe *FlowExecutor) WarmUp() error { gcsp := sentry.StartSpan(fe.Context, "authentik.outposts.flow_executor.get_challenge") defer gcsp.Finish() - req := fe.api.FlowsApi.FlowsExecutorGet(gcsp.Context(), fe.flowSlug).Query(fe.Params.Encode()) + req := fe.api.FlowsAPI.FlowsExecutorGet(gcsp.Context(), fe.flowSlug).Query(fe.Params.Encode()) _, _, err := req.Execute() return err } @@ -165,7 +165,7 @@ func (fe *FlowExecutor) Execute() (bool, error) { func (fe *FlowExecutor) getInitialChallenge() (*api.ChallengeTypes, error) { // Get challenge gcsp := sentry.StartSpan(fe.Context, "authentik.outposts.flow_executor.get_challenge") - req := fe.api.FlowsApi.FlowsExecutorGet(gcsp.Context(), fe.flowSlug).Query(fe.Params.Encode()) + req := fe.api.FlowsAPI.FlowsExecutorGet(gcsp.Context(), fe.flowSlug).Query(fe.Params.Encode()) challenge, _, err := req.Execute() if err != nil { return nil, err @@ -188,7 +188,7 @@ func (fe *FlowExecutor) getInitialChallenge() (*api.ChallengeTypes, error) { func (fe *FlowExecutor) solveFlowChallenge(challenge *api.ChallengeTypes, depth int) (bool, error) { // Resole challenge scsp := sentry.StartSpan(fe.Context, "authentik.outposts.flow_executor.solve_challenge") - responseReq := fe.api.FlowsApi.FlowsExecutorSolve(scsp.Context(), fe.flowSlug).Query(fe.Params.Encode()) + responseReq := fe.api.FlowsAPI.FlowsExecutorSolve(scsp.Context(), fe.flowSlug).Query(fe.Params.Encode()) i := challenge.GetActualInstance() if i == nil { return false, errors.New("response request instance was null") diff --git a/internal/outpost/ldap/bind/direct/bind.go b/internal/outpost/ldap/bind/direct/bind.go index cc72577716..fe794a5df1 100644 --- a/internal/outpost/ldap/bind/direct/bind.go +++ b/internal/outpost/ldap/bind/direct/bind.go @@ -59,7 +59,7 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul return ldap.LDAPResultInvalidCredentials, nil } - access, _, err := fe.ApiClient().OutpostsApi.OutpostsLdapAccessCheck( + access, _, err := fe.ApiClient().OutpostsAPI.OutpostsLdapAccessCheck( req.Context(), db.si.GetProviderID(), ).AppSlug(db.si.GetAppSlug()).Execute() if !access.Access.Passing { @@ -85,7 +85,7 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul req.Log().Info("User has access") uisp := sentry.StartSpan(req.Context(), "authentik.providers.ldap.bind.user_info") // Get user info to store in context - userInfo, _, err := fe.ApiClient().CoreApi.CoreUsersMeRetrieve(context.Background()).Execute() + userInfo, _, err := fe.ApiClient().CoreAPI.CoreUsersMeRetrieve(context.Background()).Execute() if err != nil { metrics.RequestsRejected.With(prometheus.Labels{ "outpost_name": db.si.GetOutpostName(), diff --git a/internal/outpost/ldap/ldap.go b/internal/outpost/ldap/ldap.go index 5bbdc0d167..4cf6611aa8 100644 --- a/internal/outpost/ldap/ldap.go +++ b/internal/outpost/ldap/ldap.go @@ -32,7 +32,7 @@ func NewServer(ac *ak.APIController) ak.Outpost { ls := &LDAPServer{ log: log.WithField("logger", "authentik.outpost.ldap"), ac: ac, - cs: ak.NewCryptoStore(ac.Client.CryptoApi), + cs: ak.NewCryptoStore(ac.Client.CryptoAPI), providers: []*ProviderInstance{}, connections: map[string]net.Conn{}, connectionsSync: sync.Mutex{}, diff --git a/internal/outpost/ldap/refresh.go b/internal/outpost/ldap/refresh.go index 2ad73ab661..f5832e1929 100644 --- a/internal/outpost/ldap/refresh.go +++ b/internal/outpost/ldap/refresh.go @@ -31,7 +31,7 @@ func (ls *LDAPServer) getCurrentProvider(pk int32) *ProviderInstance { } func (ls *LDAPServer) Refresh() error { - apiProviders, err := ak.Paginator(ls.ac.Client.OutpostsApi.OutpostsLdapList(context.Background()), ak.PaginatorOptions{ + apiProviders, err := ak.Paginator(ls.ac.Client.OutpostsAPI.OutpostsLdapList(context.Background()), ak.PaginatorOptions{ PageSize: 100, Logger: ls.log, }) diff --git a/internal/outpost/ldap/search/direct/direct.go b/internal/outpost/ldap/search/direct/direct.go index 3f104de95c..713f81aac3 100644 --- a/internal/outpost/ldap/search/direct/direct.go +++ b/internal/outpost/ldap/search/direct/direct.go @@ -113,7 +113,7 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult, errs.Go(func() error { if flags.CanSearch { uapisp := sentry.StartSpan(errCtx, "authentik.providers.ldap.search.api_user") - searchReq, skip := utils.ParseFilterForUser(c.CoreApi.CoreUsersList(uapisp.Context()).IncludeGroups(true), parsedFilter, false) + searchReq, skip := utils.ParseFilterForUser(c.CoreAPI.CoreUsersList(uapisp.Context()).IncludeGroups(true), parsedFilter, false) if skip { req.Log().Trace("Skip backend request") @@ -132,7 +132,7 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult, } else { if flags.UserInfo == nil { uapisp := sentry.StartSpan(errCtx, "authentik.providers.ldap.search.api_user") - u, _, err := c.CoreApi.CoreUsersRetrieve(uapisp.Context(), flags.UserPk).Execute() + u, _, err := c.CoreAPI.CoreUsersRetrieve(uapisp.Context(), flags.UserPk).Execute() uapisp.Finish() if err != nil { @@ -155,7 +155,7 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult, if needGroups { errs.Go(func() error { gapisp := sentry.StartSpan(errCtx, "authentik.providers.ldap.search.api_group") - searchReq, skip := utils.ParseFilterForGroup(c.CoreApi.CoreGroupsList(gapisp.Context()).IncludeUsers(true).IncludeChildren(true).IncludeParents(true), parsedFilter, false) + searchReq, skip := utils.ParseFilterForGroup(c.CoreAPI.CoreGroupsList(gapisp.Context()).IncludeUsers(true).IncludeChildren(true).IncludeParents(true), parsedFilter, false) if skip { req.Log().Trace("Skip backend request") return nil @@ -194,7 +194,6 @@ func (ds *DirectSearcher) Search(req *search.Request) (ldap.ServerSearchResult, } err = errs.Wait() - if err != nil { return ldap.ServerSearchResult{ResultCode: ldap.LDAPResultOperationsError}, err } diff --git a/internal/outpost/ldap/search/memory/memory.go b/internal/outpost/ldap/search/memory/memory.go index 25fdf36680..74f4fd3736 100644 --- a/internal/outpost/ldap/search/memory/memory.go +++ b/internal/outpost/ldap/search/memory/memory.go @@ -52,12 +52,12 @@ func NewMemorySearcher(si server.LDAPServerInstance, existing search.Searcher) * func (ms *MemorySearcher) fetch() { // Error is not handled here, we get an empty/truncated list and the error is logged - users, _ := ak.Paginator(ms.si.GetAPIClient().CoreApi.CoreUsersList(context.TODO()).IncludeGroups(true), ak.PaginatorOptions{ + users, _ := ak.Paginator(ms.si.GetAPIClient().CoreAPI.CoreUsersList(context.TODO()).IncludeGroups(true), ak.PaginatorOptions{ PageSize: 100, Logger: ms.log, }) ms.users = users - groups, _ := ak.Paginator(ms.si.GetAPIClient().CoreApi.CoreGroupsList(context.TODO()).IncludeUsers(true).IncludeChildren(true).IncludeParents(true), ak.PaginatorOptions{ + groups, _ := ak.Paginator(ms.si.GetAPIClient().CoreAPI.CoreGroupsList(context.TODO()).IncludeUsers(true).IncludeChildren(true).IncludeParents(true), ak.PaginatorOptions{ PageSize: 100, Logger: ms.log, }) diff --git a/internal/outpost/proxyv2/application/mode_common.go b/internal/outpost/proxyv2/application/mode_common.go index 59b6381ade..dbffca1678 100644 --- a/internal/outpost/proxyv2/application/mode_common.go +++ b/internal/outpost/proxyv2/application/mode_common.go @@ -143,7 +143,7 @@ func (a *Application) ReportMisconfiguration(r *http.Request, msg string, fields ClientIp: *api.NewNullableString(api.PtrString(r.RemoteAddr)), Context: fields, } - _, _, err := a.ak.Client.EventsApi.EventsEventsCreate(context.Background()).EventRequest(req).Execute() + _, _, err := a.ak.Client.EventsAPI.EventsEventsCreate(context.Background()).EventRequest(req).Execute() if err != nil { a.log.WithError(err).Warning("failed to report configuration error") } diff --git a/internal/outpost/proxyv2/proxyv2.go b/internal/outpost/proxyv2/proxyv2.go index af910e690e..598325c631 100644 --- a/internal/outpost/proxyv2/proxyv2.go +++ b/internal/outpost/proxyv2/proxyv2.go @@ -61,7 +61,7 @@ func NewProxyServer(ac *ak.APIController) ak.Outpost { l.Info("using filesystem session backend") } s := &ProxyServer{ - cryptoStore: ak.NewCryptoStore(ac.Client.CryptoApi), + cryptoStore: ak.NewCryptoStore(ac.Client.CryptoAPI), apps: make(map[string]*application.Application), log: l, mux: rootMux, diff --git a/internal/outpost/proxyv2/refresh.go b/internal/outpost/proxyv2/refresh.go index dbf79c6e55..3c990225f0 100644 --- a/internal/outpost/proxyv2/refresh.go +++ b/internal/outpost/proxyv2/refresh.go @@ -15,7 +15,7 @@ import ( ) func (ps *ProxyServer) Refresh() error { - req := ps.akAPI.Client.OutpostsApi.OutpostsProxyList(context.Background()) + req := ps.akAPI.Client.OutpostsAPI.OutpostsProxyList(context.Background()) ps.log.WithField("outpost_pk", ps.akAPI.Outpost.Pk).Debug("Requesting providers for outpost") providers, err := ak.Paginator(req, ak.PaginatorOptions{ PageSize: 100, diff --git a/internal/outpost/radius/api.go b/internal/outpost/radius/api.go index 022b11d96f..dab94d0d2e 100644 --- a/internal/outpost/radius/api.go +++ b/internal/outpost/radius/api.go @@ -32,7 +32,7 @@ func parseCIDRs(raw string) []*net.IPNet { } func (rs *RadiusServer) Refresh() error { - apiProviders, err := ak.Paginator(rs.ac.Client.OutpostsApi.OutpostsRadiusList(context.Background()), ak.PaginatorOptions{ + apiProviders, err := ak.Paginator(rs.ac.Client.OutpostsAPI.OutpostsRadiusList(context.Background()), ak.PaginatorOptions{ PageSize: 100, Logger: rs.log, }) diff --git a/internal/outpost/radius/handler_eap.go b/internal/outpost/radius/handler_eap.go index 2aaca051b3..f167a5c67f 100644 --- a/internal/outpost/radius/handler_eap.go +++ b/internal/outpost/radius/handler_eap.go @@ -97,7 +97,7 @@ func (pi *ProviderInstance) GetEAPSettings() protocol.Settings { if !passed { return protocol.StatusError } - access, _, err := fe.ApiClient().OutpostsApi.OutpostsRadiusAccessCheck(context.Background(), pi.providerId).AppSlug(pi.appSlug).Execute() + access, _, err := fe.ApiClient().OutpostsAPI.OutpostsRadiusAccessCheck(context.Background(), pi.providerId).AppSlug(pi.appSlug).Execute() if err != nil { ctx.Log().Warn("failed to check access: %v", err) return protocol.StatusError diff --git a/internal/outpost/radius/handler_pap.go b/internal/outpost/radius/handler_pap.go index 15caac5eef..a347ccf6be 100644 --- a/internal/outpost/radius/handler_pap.go +++ b/internal/outpost/radius/handler_pap.go @@ -32,7 +32,7 @@ func (rs *RadiusServer) Handle_AccessRequest_PAP_Auth(r *RadiusRequest, username if !passed { return nil, errors.New("invalid_credentials") } - access, _, err := fe.ApiClient().OutpostsApi.OutpostsRadiusAccessCheck( + access, _, err := fe.ApiClient().OutpostsAPI.OutpostsRadiusAccessCheck( r.Context(), r.pi.providerId, ).AppSlug(r.pi.appSlug).Execute() if err != nil { diff --git a/internal/outpost/radius/radius.go b/internal/outpost/radius/radius.go index 6815af89c7..fa25c9177d 100644 --- a/internal/outpost/radius/radius.go +++ b/internal/outpost/radius/radius.go @@ -43,7 +43,7 @@ func NewServer(ac *ak.APIController) ak.Outpost { log: log.WithField("logger", "authentik.outpost.radius"), ac: ac, providers: map[int32]*ProviderInstance{}, - cryptoStore: ak.NewCryptoStore(ac.Client.CryptoApi), + cryptoStore: ak.NewCryptoStore(ac.Client.CryptoAPI), } rs.s = radius.PacketServer{ Handler: rs, diff --git a/internal/web/brand_tls/brand_tls.go b/internal/web/brand_tls/brand_tls.go index 670fc3b305..adde7a2c03 100644 --- a/internal/web/brand_tls/brand_tls.go +++ b/internal/web/brand_tls/brand_tls.go @@ -23,7 +23,7 @@ type Watcher struct { } func NewWatcher(client *api.APIClient) *Watcher { - cs := ak.NewCryptoStore(client.CryptoApi) + cs := ak.NewCryptoStore(client.CryptoAPI) l := log.WithField("logger", "authentik.router.brand_tls") cert, err := crypto.GenerateSelfSignedCert() if err != nil { @@ -48,7 +48,7 @@ func (w *Watcher) Start() { func (w *Watcher) Check() { w.log.Info("updating brand certificates") - brands, err := ak.Paginator(w.client.CoreApi.CoreBrandsList(context.Background()), ak.PaginatorOptions{ + brands, err := ak.Paginator(w.client.CoreAPI.CoreBrandsList(context.Background()), ak.PaginatorOptions{ PageSize: 100, Logger: w.log, }) diff --git a/schema.yml b/schema.yml index 0717bcaa0e..663b9b4458 100644 --- a/schema.yml +++ b/schema.yml @@ -38824,10 +38824,12 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -40661,18 +40663,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -41455,10 +41461,12 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -42340,18 +42348,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -43113,6 +43125,7 @@ components: allOf: - $ref: '#/components/schemas/ServiceConnection' readOnly: true + nullable: true refresh_interval_s: type: integer readOnly: true @@ -50581,18 +50594,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -50795,18 +50812,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -51114,18 +51135,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -51287,18 +51312,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -51980,18 +52009,22 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_application_name: type: string description: Application's display Name. readOnly: true + nullable: true assigned_backchannel_application_slug: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name @@ -52762,10 +52795,12 @@ components: type: string description: Internal application name, used in URLs. readOnly: true + nullable: true assigned_backchannel_application_name: type: string description: Application's display Name. readOnly: true + nullable: true verbose_name: type: string description: Return object's verbose_name diff --git a/web/src/admin/outposts/OutpostForm.ts b/web/src/admin/outposts/OutpostForm.ts index 82e37015cd..93eeb670e9 100644 --- a/web/src/admin/outposts/OutpostForm.ts +++ b/web/src/admin/outposts/OutpostForm.ts @@ -36,8 +36,8 @@ import { map } from "lit/directives/map.js"; interface ProviderBase { pk: number; name: string; - assignedBackchannelApplicationName?: string; - assignedApplicationName?: string; + assignedBackchannelApplicationName?: string | null; + assignedApplicationName?: string | null; } const api = () => new ProvidersApi(DEFAULT_CONFIG); diff --git a/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts b/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts index 8fac074598..3fc8dcba16 100644 --- a/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts +++ b/web/src/admin/providers/oauth2/OAuth2ProviderViewPage.ts @@ -455,7 +455,8 @@ export class OAuth2ProviderViewPage extends AKElement { } return input.replaceAll( "", - this.provider.assignedApplicationSlug, + this.provider.assignedApplicationSlug ?? + "", ); }, ]} diff --git a/website/package.json b/website/package.json index e09148c543..5f95f7b0ce 100644 --- a/website/package.json +++ b/website/package.json @@ -99,7 +99,7 @@ }, "packageManager": { "name": "npm", - "onFail": "error", + "onFail": "warn", "version": ">=11.6.2" } }