c557b55e0e
crypto: Store details parsed from includeDetails in database instead ( #18013 )
...
* crypto: Store details parsed from includeDetails in database instead
* fix signal for tests
* Update authentik/crypto/signals.py
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
* Update authentik/crypto/apps.py
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
* Update authentik/crypto/signals.py
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
* Add feedback
* cleanup
* update
* cleanup
* simplify serializer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update KID for when updating certificates
* lint
---------
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local >
Co-authored-by: Jens L. <jens@goauthentik.io >
2025-12-15 13:50:16 -06:00
126310138d
web/admin: fix read-only provider selection for application form ( #18768 )
...
web/admin: Add read-only provider selection for application form
One of the ways to "bind" an application to a provider is to click "Create" under "Assigned to application" in the provider view. This PR fixes 2 issues:
* The value is now auto-filled, so the user doesn't need to do that anymore
* The value is now read-only, you don't need to change it since it's well for that provider. If that makes sense
2025-12-12 22:40:55 +00:00
62f1de5993
web/admin: make empty table message configurable ( #18763 )
...
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit dddde09be5
2025-12-12 19:33:42 +00:00
17489fa695
web: Fix background refreshing too frequently. ( #18764 )
2025-12-12 13:34:20 -05:00
94ae8b7b80
web: Fix switch labels ( #18741 )
...
* Fix switch alignment:
* Fix ARIA.
2025-12-12 18:25:17 +01:00
bba0aed68f
web/admin: fix typo in PolicyAccessView ( #18789 )
2025-12-12 16:08:57 +00:00
15b93a5e9d
stages/identification: Add WebAuthn conditional UI (passkey autofill) support ( #18377 )
...
* add passkey_login to identification stage
* handle passkey auth in identification stage
* Add passkey settings in identification stage in the admin UI
* Add UI changes for basic passkey conditional login
* Fix linting
* rework
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update tests
* update admin form
* allow passing stage to validate_challenge_webauthn
* update flows/tests/test_inspector.py
* update for new field
* Fix linting
* update go solvers for identification challenge
* Refactor tests
* Skip mfa validation if user already authenticated via passkey at identification stage
* Add skip_if_passkey_authenticated option to authenticator validate stage and UI
* Add e2e test for passkey login conditional ui
* add policy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Remove skip_if_passkey_authenticated
* fix blueprint
* Set backend so password stage policy knows user is already authenticated
* Set backend so password stage policy knows user is already authenticated
* fix linting
* slight tweaks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* simplify e2e test
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marcelo Elizeche Landó <marcelo@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-12-11 11:49:05 -03:00
196bce348f
api: allow configuring default page_size and max_page_size ( #18165 )
...
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-12-11 14:45:50 +00:00
2a2da34eab
web: Locale selector ( #18560 )
...
* web: Locale selector
* Fix label, hover state.
* Persist locale to session. Fix stale render. Update middleware.
* Fix background color.
2025-12-10 15:51:17 -05:00
572d965084
sources/telegram: implement connecting existing user to a Telegram account ( #18517 )
2025-12-10 18:20:40 +01:00
92c5efbac1
sources/sync: configuration for outgoing sync trigger mode ( #17669 )
...
* sources/sync: configuration for outgoing sync trigger mode
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* api and frontend
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* fix tests
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update migrations
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Wrap `msg` calls in function to fix translation. Update props to accept
callbacks.
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Teffen Ellis <teffen@goauthentik.io >
2025-12-10 12:40:32 -03:00
efdc11e413
web/admin: Add SAML metadata form to wizard ( #17690 )
...
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local >
2025-12-10 13:58:13 +01:00
cd09bff247
sources/oauth: add WeChat type ( #18086 )
...
* Add wechat.
* Refactor comments and formatting in wechat.py
Signed-off-by: Anduin Xue <anduin@aiursoft.com >
* Fix lint.
Signed-off-by: Anduin Xue <anduin@aiursoft.com >
* Fix lint.
* fix: Rename `WeChat` enum member to `Wechat` for consistency
* docs: Add WeChat social login integration guide.
* Docs updates
* Revise WeChat integration instructions
Updated instructions for creating a WeChat Website Application and added details about scopes and user attribute mappings.
Signed-off-by: Anduin Xue <anduin@aiursoft.com >
* Prettier
* Update wechat.py
Signed-off-by: Anduin Xue <anduin@aiursoft.com >
---------
Signed-off-by: Anduin Xue <anduin@aiursoft.com >
Co-authored-by: dewi-tik <dewi@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-12-10 12:48:12 +00:00
1f21d2e8e6
web: 2025.12 UI tidy ( #18650 )
...
* Fix box shadow, scrollbars.
* Fix contrast.
* Fix field alignment.
* Fix class ordering.
* Fix button colors while in nested table.
* Fix background color on light mode.
* Fix chip colors, spacing.
* Fix overlap of switch during transition.
2025-12-10 02:15:14 +01:00
379a9d09f1
endpoints: fix device access group missing from blueprint ( #18703 )
...
* endpoints: fix device access group missing from blueprint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also fix flow_set not being read_only
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix general blueprint schema issue of incorrect related PK fields having the wrong type some places
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-09 19:46:49 +01:00
7e9e0a87f7
enterprise/reports: add users and events export ( #18088 )
...
* enterprise: add users and events export (reports app)
* enterprise/reports: replace assert with AsertionError so that the assumption check is not lost when compiling to optimised byte code
* enterprise/reports: use ConditionalInheritance with ExportMixin to make reduce coupling of enterprise with the rest of authentik
* enterprise/reports: use custom iterative File to save data export instead of accessing default_storage directly, so all the FileField.save logic can run correctly (e.g. creating directories)
* enterprise/reports: change app label to simply "authentik_reports"
* wip
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update for new file api
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* lint
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* Apply suggestions from code review
Signed-off-by: Dominic R <dominic@sdko.org >
* wip
* sources/oauth: save returned oauth refresh tokens and add slack provider (#18501 )
* sources/oauth: save returned oauth refresh tokens
* Update authentik/sources/oauth/models.py
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
* lint
* add tests
* fix proper id setting
* update id test
---------
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
Co-authored-by: connor peshek <connorpeshek@unknown1641287c8f5d.attlocal.net >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local >
* core: custom avatar url improvements (#10525 )
Co-authored-by: Dominic R <dominic@sdko.org >
* website/integrations: add salesforce (#18516 )
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local >
Co-authored-by: dewi-tik <dewi@goauthentik.io >
Co-authored-by: Dominic R <dominic@sdko.org >
* endpoints: implement endpoint stage (#18468 )
* endpoints: implement endpoint stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix mismatched label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix url in mdm config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rephrase
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* and API & UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deprecated support and deprecate gdtc
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add stage mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework stage slightly, add frontend
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include jwks, add iat and exp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set kid
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include device details in event list
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement device summary
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add remaining tables
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* revert sanitize
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix uuid format issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* web/flows: update default background image (#18540 )
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* website/integrations: add hoop.dev (#17868 )
Co-authored-by: iops <iops@syneforge.com >
Co-authored-by: Dominic R <dominic@sdko.org >
* website: Docusaurus 3.9.2 (#18506 )
* endpoints/stage: v2, better error handling, more settings (#18545 )
* add options, idle fallback
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* delete other device tokens during enroll
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* website: Glossary (#16007 )
* website: Glossary
fix minor issues
wip
Apply suggestion from @dominic-r
Signed-off-by: Dominic R <dominic@sdko.org >
anchor to param
wip
wip
at least the lockfile changes now
sure
a-z first as tana asked
idk why i switched in the first place
wip
wip
lock
lockfiles are hard
wip
please work
no have?
Revert "no have?"
This reverts commit 743dbc1bc2900eedcc2c93af248e6afdec3688a3.
* changed to sentence-case capitalization
---------
Co-authored-by: Tana M Berry <tana@goauthentik.io >
* web/i18n: Locale Context Merge Branch (#18426 )
* web: Update fonts to Patternfly 5 variants.
* Fix order of heading override.
* web: Flesh out locale context.
* Fix Han pattern.
* Remove comment.
* Add additional regional codes.
* Clarify comment.
* Fix typos.
* web/i18n: Add locale-specific font overrides.
* Fix stale session in locale lifecycle.
* core, web: Fix Han language codes.
* Fix warnings about invalid BCP language code.
* Build translations.
* Add locale relative labels.
* Add locale translations for Finnish and Portuguese.
* Fix XLIFF errors.
* Clean up labels.
* Tidy regions.
* Match region comment.
* Update extracted values.
* Fix locale switch not triggering on source language.
* Split labels.
* Clean up labels.
* providers/scim: cache ServiceProviderConfig (#18047 )
* Update authentik/enterprise/reports/api/reports.py
Co-authored-by: Jens L. <jens@beryju.org >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* enterprise/reports: got rid of unnecessary method-level import
* enterprise/reports: celan up code duplication in data export generation (invoke viewset.filter_queryset directly instead of replicating it)
* enterprise/reports: add check for app label when switching on content types
* enterprise/reports: make hyperlink field on Notification larger so it can fit the security token in the export file URL
* enterprise/reports: add is_superuser back in users export
* enterprise/reports: split tests into multiple files
* Apply suggestions from code review
Signed-off-by: Dewi Roberts <dewi@goauthentik.io >
* Fixed prettier issue
* Update web/src/admin/events/DataExportListPage.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/admin/events/DataExportListPage.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/admin/events/EventListPage.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/admin/reports/ExportButton.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/admin/reports/ExportButton.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/admin/users/UserListPage.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/elements/notifications/NotificationDrawer.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* Update web/src/elements/sidebar/SidebarItem.css
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
* enterprise/reports: resolve code review merge errors
* enterprise/reports: remove the export button from the dom flow (by settings display:none) when there's no license
* enterprise/reports: improve docs
* include notification link in email
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* enterprise/reports: remove assignment assertion in ExportButton.ts
* cleanup tests after perm update
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Dominic R <dominic@sdko.org >
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Alexander Tereshkin <96586+atereshkin@users.noreply.github.com >
Signed-off-by: Dewi Roberts <dewi@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Dominic R <dominic@sdko.org >
Co-authored-by: Connor Peshek <connor@connorpeshek.me >
Co-authored-by: connor peshek <connorpeshek@unknown1641287c8f5d.attlocal.net >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local >
Co-authored-by: Konrad Mösch <konrad@moesch.org >
Co-authored-by: dewi-tik <dewi@goauthentik.io >
Co-authored-by: shcherbak <ju.shcherbak@gmail.com >
Co-authored-by: iops <iops@syneforge.com >
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Co-authored-by: Tana M Berry <tana@goauthentik.io >
Co-authored-by: Jens L. <jens@beryju.org >
2025-12-09 09:35:41 -05:00
27f89ffad6
web: Improved table selection behavior ( #18622 )
...
* Fix caching issues when selecting a row.
* Adjust scroll alignment.
* Fix typo.
2025-12-08 17:20:48 -05:00
9b1f53766b
web: Improved Timestamps ( #18300 )
...
* web: Fix issues which prevent timestamps from refreshing.
Clean up constants.
* web: Tidy types. Add timestamps.
* Fix `useDefault` with truthy value.
2025-12-08 16:42:36 -05:00
4df1345c01
web: Hide device picker when challenges are not present. ( #18611 )
2025-12-08 19:18:47 +00:00
ff91edd70d
root: skip current tab when refreshing others ( #18674 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-08 14:57:36 +01:00
f7e23295ed
core: add digraph group hierarchy ( #17050 )
...
* move imports
* core: add digraph group hierarchy
* move to permissions from Group or User to Role
* set group parents on frontend
* do not serialize `GroupParentageNode` directly
* core: enforce unique group name on database level
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use group parents in LDAP provider
* add user-role relationship control to frontend
* move materialized view to be more discoverable
* add guardian to mypy exceptions
* make `Role` a `ManagedModel`
* fixup! make `Role` a `ManagedModel`
* simplify `get_objects_for_user`
* fix flaky unit test
* rename `django-guardian` fork to `ak-guardian`
* add tests around users/groups/roles
* remove unused guardian config variable
* simplify guardian file structure
* clean up frontend
* initial docs
* remove `mode` from `InitialPermissions`
This is no longer needed, since users no longer directly have permissions.
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* clean up docs for managing permissions
* addendums from docs review
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* tweaks
* dewi and tana edits to docs
* tweak
* truly final tweaks, for now
* relabel Role Permissions table
* clarify button label
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* merge migrations
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tana@goauthentik.io >
2025-12-08 12:04:04 +01:00
475ab76a5e
endpoints: fix UI bugs, add user binding, etc ( #18609 )
...
* fix serializer for device user binding
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't expire enrollment tokens by default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* slightly better config modal error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ability to bind to device
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add text when authenticating to device
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* prevent error when no authz flow is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add device to token log
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* address comments
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix expiring default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* don't require page refresh for enrollment token to show up
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-08 01:13:29 +01:00
3548d5e30d
web/admin: fix event volume chart not updating with query ( #18649 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-07 14:34:40 +01:00
8e87585fce
web: Bump types, fix ESLint errors ( #17546 )
...
* Fix config.
* Fix linter.
* Fix ts ignore comments.
* Fix empty functions
* Fix unnamed functions.
* Fix unused parameters.
* Fix define before use.
* Remove unused.
* Replace esbuild-copy-plugin with `fs` module.
---------
Co-authored-by: Teffen Ellis <teffen@goauthentik.io >
2025-12-06 20:21:29 +00:00
31b0e73329
web: Fix row expansion on modal trigger buttons. ( #18412 )
...
web: Fix row expansion on modal triggers.
2025-12-06 12:10:17 -05:00
a07e820bce
wed/admin: change s to S in "Stage" ( #18632 )
...
change s to S in "Stage"
2025-12-05 16:11:52 +00:00
31186baf25
flows: refresh unauthenticated tabs ( #18621 )
...
* flows: implement signaling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add flag
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better flag configuration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update web/src/flow/FlowExecutor.ts
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Signed-off-by: Jens L. <jens@beryju.org >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
2025-12-05 16:03:16 +01:00
05c30af790
web: Codemirror fixes ( #18610 )
...
* web: Dynamic Loading of Codemirror
* Clarify error.
* Fix labels, links
* Fix key maps, tabbing
* Remove dupe.
* Update web/src/elements/codemirror/editor.ts
Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com >
Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
* Fix inversion of opacity.
* Format.
* Fix import.
* Fix imports.
* Fix static styles using getters.
- Seems to be a merge conflict from long ago.
* Fix typo.
* Fix capitalization.
---------
Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com >
2025-12-04 19:15:43 +00:00
6683d9943c
web: bump packages in /web ( #18604 )
...
* web: bump playwright from 1.56.1 to 1.57.0 in /web
Bumps [playwright](https://github.com/microsoft/playwright ) from 1.56.1 to 1.57.0.
- [Release notes](https://github.com/microsoft/playwright/releases )
- [Commits](https://github.com/microsoft/playwright/compare/v1.56.1...v1.57.0 )
---
updated-dependencies:
- dependency-name: playwright
dependency-version: 1.57.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
* Bump Playwright related.
* Fix package upgrade log jam.
* Format.
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Teffen Ellis <teffen@goauthentik.io >
2025-12-04 19:15:14 +00:00
6b22487406
web/elements: update AppIcon story with files change ( #18608 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-12-04 16:28:57 +00:00
29a9e31143
stages/captcha: Make stage more managed with provider-specific defaults ( #16129 )
2025-12-03 23:18:45 +00:00
e2df658d88
endpoints/stage: v2.1, fix asymmetric token exchange and missing form input ( #18547 )
...
* fix oauth federated providers not configurable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix federated auth not working with asymmetric keys
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-04 00:09:07 +01:00
18663bffa5
web: Adjust colors ( #18427 )
...
* Fix contrast in dark mode.
* Fix hover color.
* web: Fix danger button hover background color.
* web: Adjust colors, padding.
* web: Fix sidebar colors, padding.
* Normalize colors.
2025-12-03 16:27:56 +00:00
c1cfeaf4b5
providers/scim: cache ServiceProviderConfig ( #18047 )
2025-12-03 08:07:00 -05:00
fe7a8894d3
web/i18n: Locale Context Merge Branch ( #18426 )
...
* web: Update fonts to Patternfly 5 variants.
* Fix order of heading override.
* web: Flesh out locale context.
* Fix Han pattern.
* Remove comment.
* Add additional regional codes.
* Clarify comment.
* Fix typos.
* web/i18n: Add locale-specific font overrides.
* Fix stale session in locale lifecycle.
* core, web: Fix Han language codes.
* Fix warnings about invalid BCP language code.
* Build translations.
* Add locale relative labels.
* Add locale translations for Finnish and Portuguese.
* Fix XLIFF errors.
* Clean up labels.
* Tidy regions.
* Match region comment.
* Update extracted values.
* Fix locale switch not triggering on source language.
* Split labels.
* Clean up labels.
2025-12-03 06:30:07 +00:00
d0ef8a8b8e
endpoints/stage: v2, better error handling, more settings ( #18545 )
...
* add options, idle fallback
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* delete other device tokens during enroll
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-02 22:25:47 +01:00
bee733b484
web/flows: update default background image ( #18540 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-02 19:25:15 +01:00
5ccd66ddca
endpoints: implement endpoint stage ( #18468 )
...
* endpoints: implement endpoint stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix mismatched label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix url in mdm config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rephrase
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* and API & UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add deprecated support and deprecate gdtc
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add stage mode
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fixup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework stage slightly, add frontend
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include jwks, add iat and exp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set kid
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include device details in event list
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement device summary
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add remaining tables
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* revert sanitize
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix uuid format issues
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-02 19:19:14 +01:00
45ee4af451
sources/oauth: save returned oauth refresh tokens and add slack provider ( #18501 )
...
* sources/oauth: save returned oauth refresh tokens
* Update authentik/sources/oauth/models.py
Co-authored-by: Jens L. <jens@goauthentik.io >
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
* lint
* add tests
* fix proper id setting
* update id test
---------
Signed-off-by: Connor Peshek <connor@connorpeshek.me >
Co-authored-by: connor peshek <connorpeshek@unknown1641287c8f5d.attlocal.net >
Co-authored-by: Jens L. <jens@goauthentik.io >
Co-authored-by: connor peshek <connorpeshek@connors-MacBook-Pro.local >
2025-12-02 11:49:40 -06:00
c30d1a478d
files: rework ( #17535 )
...
Co-authored-by: Dominic R <dominic@sdko.org >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tana@goauthentik.io >
2025-12-02 18:01:51 +01:00
f914af70f1
web/admin: fix brands default switch label ( #18518 )
2025-12-02 15:21:10 +00:00
952a0f796d
translate: fix source locale not matching transifex ( #18503 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-12-01 19:08:58 +00:00
63119df516
core, web: unified locales ( #18502 )
...
Co-authored-by: Teffen Ellis <teffen@goauthentik.io >
2025-12-01 18:47:44 +01:00
1276d87d69
core, web: update translations ( #18380 )
...
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
2025-12-01 17:01:05 +01:00
874a20b908
enterprise: Apple Platform SSO ( #15318 )
...
* init
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* snap
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* it works
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* give session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix session
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add api
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* attempt endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor into endpoints system
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start reworking
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make it work more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add user data
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add rest of the endpoints
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix lookup
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix device group selection
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix incorrect device id
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix register
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* implement the thing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix issuer
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix fully
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test for apple JWE
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add token tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make auth session duration configurable, merge migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update api & ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix enterprise
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include platform sso in generated mdm config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-12-01 00:28:09 +01:00
f1a1f327cd
endpoints: rework perms ( #18422 )
...
* fix api being incorrect
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more lenient facts
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix authz flow not returning slug
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* different auth header for multi-auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-11-28 17:26:11 +01:00
1fb71371cb
endpoints: AuthN and AuthZ ( #18350 )
...
* start agent auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* also check windows system disk (hardcode C: for now)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add process table
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include jwks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* nonce
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* snap
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* missing exp and username (temp values)
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing meta
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework auth and migrations
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include system config in agent config
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a bunch of broken stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add device to login event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ssh
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start adding tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* policies
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove domain name
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix leftover
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add device to flow context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont allow access without policies
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* some ui changes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-invent the wheel again
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start updating tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* t
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Revert "t"
This reverts commit b74db5f5d4b2524c00b2c7cdf4c018jens@goauthentik.io >
* fix ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web build
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* f
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add device users and device groups
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* expand users
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-11-27 19:05:57 +01:00
46ef933d33
web/admin: fix wording in password stage ( #18393 )
...
Remove word
2025-11-26 18:14:49 +01:00
88dd0e84c0
web/admin: add entitlement search ( #18291 )
...
* web/admin: add entitlement search
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestion from @GirlBossRush
Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
2025-11-26 14:29:51 +01:00
171305ca47
web: Fix stale table rows ( #17940 )
...
web: Fix issues surrounding stale table rows.
2025-11-25 21:38:56 +00:00
Connor Peshek
Dominic R
Ken Sternberg
Teffen Ellis
Marc 'risson' Schmitt
Marcelo Elizeche Landó
Nuno Alves
Alexander Tereshkin
Anduin Xue
Jens L.
Simonyi Gergő
dependabot[bot]
Dewi Roberts
Marcin Koziuk
authentik-automation[bot]