205hlab-mirrors/authentik
2
0
Fork 0
mirror of https://github.com/goauthentik/authentik.git synced 2026-06-17 19:09:11 +03:00
Code Issues Packages Projects Releases Wiki Activity
20,925 Commits 384 Branches 449 Tags
2feaeff5db0e64bfc56feab0c9fef14857d52b65
Commit Graph

20925 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
authentik-automation[bot] 2feaeff5db release: 2026.2.3-rc1 version/2026.2.3-rc1 2026-04-10 12:03:32 +00:00
authentik-automation[bot] 8fcc47e047 ci: always run apt update (cherry-pick #21516 to version-2026.2) (#21519) 
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2026-04-09 17:52:46 +02:00
authentik-automation[bot] 7a6408cc67 website/docs: Password stage docs, explain four checkboxes (cherry-pick #21013 to version-2026.2) (#21276) 
* Cherry-pick #21013 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #21013
Original commit: cdbfde840e

* removed the cspell file from the PR

---------

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
 2026-04-09 08:31:45 -05:00
authentik-automation[bot] 2da88028da core: fix policy binding objects not being nullable (cherry-pick #21421 to version-2026.2) (#21481) 
* Cherry-pick #21421 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #21421
Original commit: 2b8313ee91

* remove `packages` changes

* fix conflicts

---------

Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Simonyi Gergő <gergo@goauthentik.io>
 2026-04-08 18:05:18 +02:00
authentik-automation[bot] fa91404895 ci: cache apt install (cherry-pick #21480 to version-2026.2) (#21485) 
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-04-08 17:56:34 +02:00
authentik-automation[bot] 460fce7279 web: Fix duplicate Turnstile widgets after extended idle (cherry-pick #21380 to version-2026.2) (#21473) 
web: Fix duplicate Turnstile widgets after extended idle (#21380)

* Flesh out turnstile fixes.

* format



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-04-08 15:18:16 +02:00
authentik-automation[bot] 995128955c website/docs: fix typo (cherry-pick #21446 to version-2026.2) (#21447) 
Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
fix typo (#21446)
 2026-04-07 19:14:42 +00:00
authentik-automation[bot] 85536abbcf website/docs: add release notes for 2026.2.2 (cherry-pick #21442 to version-2026.2) (#21444) 
website/docs: add release notes for `2026.2.2` (#21442)

* add release notes for `2026.2.2`

* remove further items

thank you @rissson




---------

Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2026-04-07 18:16:04 +02:00
authentik-automation[bot] 5249546862 release: 2026.2.2 version/2026.2.2 2026-04-07 14:47:38 +00:00
authentik-automation[bot] bf91348c05 tasks: allow retry for rejected tasks only (cherry-pick #21433 to version-2026.2) (#21436) 
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2026-04-07 14:46:46 +02:00
authentik-automation[bot] 63136f0180 security: add item to intended behavior section of security policy (cherry-pick #21430 to version-2026.2) (#21432) 
security: add item to intended behavior section of security policy (#21430)

Add section

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-04-07 13:50:40 +02:00
Marc 'risson' Schmitt faffabf938 website/docs: fix merge conflict (#21435) 2026-04-07 13:42:58 +02:00
authentik-automation[bot] 0b180b15a2 website/docs: clarify file upload troubleshooting (cherry-pick #21361 to version-2026.2) (#21434) 
Co-authored-by: Dominic R <dominic@sdko.org>
 2026-04-07 13:41:41 +02:00
authentik-automation[bot] 07af6de74f release: 2026.2.2-rc3 version/2026.2.2-rc3 2026-04-07 03:58:16 +00:00
authentik-automation[bot] ddfef91ea5 internal: fix certificate fallback without SNI (cherry-pick #21417 to version-2026.2) (#21419) 
internal: fix certificate fallback without SNI (#21417)

21412: fix falls back to RSA instead of configured other TLS Certificates for a brand/domain

Honor the other certificates other than RSA

Co-authored-by: Bapuji Koraganti <34816445+bkoragan@users.noreply.github.com>
 2026-04-07 02:08:50 +02:00
authentik-automation[bot] cefbf5e6ae providers/ldap: inherit adjustable page size for LDAP searchers (cherry-pick #21377 to version-2026.2) (#21384) 
* Cherry-pick #21377 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #21377
Original commit: d5ee53feb2

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-04-04 23:55:01 +02:00
Ken Sternberg e53d3d2486 web/flow: be more aggressive about checking inspector hide/show status (#21358) 
## Fix Flow Inspector Display in 2026.2

## What

Update the hide/show logic for FlowInspector, making it much more aggressive about checking the state of the inspector when the FlowExecutor first runs and after the FlowInspector is loaded.

Specifically:

1.  Break out the “check if the inspector needs to be hidden or shown” code into its own method. (This was part of the componentization pass done later.)

2.  Call that method on the FlowInspectorChangeEvent as before.

3.  In updated(), *iff* `inspectorOpen` changed:

    - Unchanged: In updated(), if the inspector needs to be loaded then load it, then run the hide/show check.
    - Changed: if the inspector is already loaded, be sure to run the hide/show check; this was not happening in the current code.

## Why

I’m not sure where this happened; bisect shows the code breaking at 08b07979, but the diff that emerges from that with a prior commit affecting FlowExecutor doesn’t match the commit description at all (and it’s one of mine, darnit, and I’m usually good about that). That commit claims to be the one about removing PFBase universally because CSS custom properties don’t need duplication.
 2026-04-03 09:16:00 -07:00
authentik-automation[bot] 32a3eed521 root: fix compose generation for patch releases release candidates (cherry-pick #21353 to version-2026.2) (#21355) 
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
fix compose generation for patch releases release candidates (#21353)
 2026-04-02 19:12:46 +02:00
authentik-automation[bot] f05cc6e75a release: 2026.2.2-rc2 version/2026.2.2-rc2 2026-04-02 09:42:52 +00:00
Jens L. c68c36fdeb ci: include version family in release build cache (2026.2) (#21328) 
ci: include version family in release build cache

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2026-04-02 11:05:53 +02:00
Jens L. 888f969fc7 ci: allow setting working directory for setup action (2026.2) (#21330) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2026-04-02 00:33:36 +02:00
authentik-automation[bot] 82535e4671 security: update policy to include explicit intended functionality (cherry-pick #21308 to version-2026.2) (#21327) 
security: update policy to include explicit intended functionality (#21308)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-04-02 00:24:46 +02:00
authentik-automation[bot] ed2957e4e6 website/docs: entra scim: add note about validator (cherry-pick #21273 to version-2026.2) (#21310) 
website/docs: entra scim: add note about validator (#21273)

Add note

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-04-01 14:43:05 +00:00
authentik-automation[bot] a5abe85148 website/docs: add example recovery flow with MFA (cherry-pick #19497 to version-2026.2) (#21305) 
website/docs: add example recovery flow with MFA (#19497)

* website/docs: add example recovery flow with MFA



* Apply suggestion from @tanberry




---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Jens L. <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-04-01 14:50:40 +02:00
authentik-automation[bot] 8d2c31fa25 providers/saml: Fix redirect for saml slo (cherry-pick #21258 to version-2026.2) (#21284) 
* Cherry-pick #21258 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #21258
Original commit: a6064ec334

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Connor Peshek <connor@connorpeshek.me>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-04-01 14:35:22 +02:00
authentik-automation[bot] 2637ce2474 website/docs: format cache settings (cherry-pick #21289 to version-2026.2) (#21302) 
website/docs: format cache settings (#21289)

Co-authored-by: Dominic R <dominic@sdko.org>
 2026-04-01 11:26:25 +00:00
authentik-automation[bot] 319008dec8 release: 2026.2.2-rc1 version/2026.2.2-rc1 2026-04-01 09:15:29 +00:00
authentik-automation[bot] 8beb2fac18 core: fix provider not nullable (cherry-pick #21275 to version-2026.2) (#21282) 
Cherry-pick #21275 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #21275
Original commit: 06408cba59

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-31 19:01:57 +02:00
authentik-automation[bot] ac7b28d0b0 website/docs: ad source: add note about ldap signing (cherry-pick #21274 to version-2026.2) (#21279) 
website/docs: ad source: add note about ldap signing (#21274)

Add note

Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-03-31 15:42:26 +00:00
authentik-automation[bot] 073acf92c2 website/docs: document group_uuid as a property for group object (cherry-pick #20865 to version-2026.2) (#21271) 
website/docs: document group_uuid as a property for group object (#20865)

The application might need a unique id for a group to uniquely identify it. It can help in various cases like detecting group renames and more.
We should document `group_uuid` field of the group object to make users aware that it can be used in custom property mappings.

Signed-off-by: Shiv Tyagi <67995771+shiv-tyagi@users.noreply.github.com>
Co-authored-by: Shiv Tyagi <67995771+shiv-tyagi@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
 2026-03-31 11:19:14 +02:00
authentik-automation[bot] ad107c19af proviers/ldap: avoid concurrent header writes in API Client (cherry-pick #21223 to version-2026.2) (#21228) 
proviers/ldap: avoid concurrent header writes in API Client (#21223)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-29 20:12:22 +01:00
authentik-automation[bot] d285fcd8a7 sources/ldap: fix exception in ldap debug endpoint (cherry-pick #21219 to version-2026.2) (#21222) 
sources/ldap: fix exception in ldap debug endpoint (#21219)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-29 17:06:02 +02:00
authentik-automation[bot] 84066cab48 sources/oauth: Allow patching without provider type (cherry-pick #21211 to version-2026.2) (#21213) 
sources/oauth: Allow patching without provider type (#21211)

* sources/oauth: Allow patching without provider type

* fix, add test



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marcus Yanello <94466282+MYanello@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-03-28 15:16:58 +01:00
authentik-automation[bot] e623d93ff5 web/applications: add wsfed to app wizard (cherry-pick #20880 to version-2026.2) (#21184) 
* Cherry-pick #20880 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #20880
Original commit: 0a73322b0d

* fix conflicts

---------

Co-authored-by: Connor Peshek <connor@connorpeshek.me>
 2026-03-27 15:48:19 +01:00
authentik-automation[bot] 1d0628dfbe web/flow: reset stale authenticator selection between consecutive validate stages (cherry-pick #20802 to version-2026.2) (#21014) 
Cherry-pick #20802 to version-2026.2 (with conflicts)

This cherry-pick has conflicts that need manual resolution.

Original PR: #20802
Original commit: a10ec34aec

Co-authored-by: Oluwatobi Mustapha <oluwatobimustapha539@gmail.com>
 2026-03-27 14:24:48 +01:00
authentik-automation[bot] 996645105c endpoints/connectors: fix enabled flag not respected (cherry-pick #21144 to version-2026.2) (#21145) 
endpoints/connectors: fix enabled flag not respected (#21144)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-25 19:27:54 +01:00
authentik-automation[bot] 63d7ca6ef0 providers/proxy: Add a default maxResponseBodySize to Traefik Middleware (cherry-pick #21111 to version-2026.2) (#21140) 
providers/proxy: Add a default maxResponseBodySize to Traefik Middleware (#21111)

* Add default maxResponseBodySize to traefik middleware component

* Fix AttributeError when patching custom kubernetes objects

* format



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: William Howell <wiiam24@gmail.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
 2026-03-25 15:19:33 +01:00
authentik-automation[bot] 5b24f4ad80 core: bump cbor2 from 5.8.0 to 5.9.0 (cherry-pick #21094 to version-2026.2) (#21096) 
core: bump cbor2 from 5.8.0 to 5.9.0 (#21094)

Bumps [cbor2](https://github.com/agronholm/cbor2) from 5.8.0 to 5.9.0.
- [Release notes](https://github.com/agronholm/cbor2/releases)
- [Commits](https://github.com/agronholm/cbor2/compare/5.8.0...5.9.0)

---
updated-dependencies:
- dependency-name: cbor2
  dependency-version: 5.9.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 01:14:33 +01:00
authentik-automation[bot] ed2e6cfb9c website/docs: add missing dependencies for linux dev environment (cherry-pick #21020 to version-2026.2) (#21093) 
website/docs: add missing dependencies for linux dev environment (#21020)

Add missing dependencies for linux dev environment

Signed-off-by: chrisjsimpson <chris15leicester@gmail.com>
Co-authored-by: chrisjsimpson <chris15leicester@gmail.com>
 2026-03-23 19:47:04 +01:00
authentik-automation[bot] a1431ea48e flows: continous login debug (cherry-pick #21044 to version-2026.2) (#21090) 
flows: continous login debug 2025.12 (#21044)

* flows: continous login debug 2025.12



* no hardcoded prefix



---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-23 19:28:01 +01:00
Jens L. b30e77b363 ci: fix cherry-pick action generating empty title (#21091) (#21092) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2026-03-23 19:21:53 +01:00
Jens L. 2f50cdd9fe ci: rotate GH App private key (version-2026.2) (#21087) 2026-03-23 15:17:45 +01:00
Jens L. 494bdcaa09 ci: fix escaping in cherry-pick action (#21082) (#21083) 
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2026-03-23 14:51:38 +01:00
authentik-automation[bot] e36ce1789e events: prevent exception when events contains incompatible unicode (cherry-pick #21048 to version-2026.2) (#21053) 
events: prevent exception when events contains incompatible unicode (#21048)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-20 23:56:07 +01:00
authentik-automation[bot] 5a72ed83e0 events: avoid implicitly setting context from login_failed event (cherry-pick #21045 to version-2026.2) (#21050) 
events: avoid implicitly setting context from login_failed event (#21045)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-20 23:41:00 +01:00
authentik-automation[bot] f72d257e43 web/admin: handle non-string values in formatUUID to prevent Event Log crash (cherry-pick #20804 to version-2026.2) (#21052) 
web/admin: handle non-string values in formatUUID to prevent Event Log crash (#20804)

fix(web): handle non-string values in formatUUID to prevent Event Log crash

When event context contains a device with a non-string pk value,
formatUUID crashes with TypeError: s.substring is not a function,
preventing the entire Event Log page from loading.

Add a type guard to coerce non-string values to their string
representation instead of crashing.

Fixes #20803

Co-authored-by: Tyson Cung <45380903+tysoncung@users.noreply.github.com>
 2026-03-20 23:40:55 +01:00
authentik-automation[bot] cbedb16cc4 enterprise/endpoints/connectors/agent: add login_hint support for interactive auth (cherry-pick #20647 to version-2026.2) (#21047) 
enterprise/endpoints/connectors/agent: add login_hint support for interactive auth (#20647)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-20 18:48:20 +01:00
authentik-automation[bot] 6fc1b5ce90 sources/ldap: fix incorrect error response for invalid sync_users_password (cherry-pick #21016 to version-2026.2) (#21039) 
sources/ldap: fix incorrect error response for invalid sync_users_password (#21016)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-20 15:03:57 +01:00
authentik-automation[bot] 57b0fa48c1 website: switch docs analytics to gtag (cherry-pick #20993 to version-2026.2) (#21015) 
website: switch docs analytics to gtag (#20993)

Co-authored-by: Dominic R <dominic@sdko.org>
 2026-03-19 16:03:22 +00:00
authentik-automation[bot] 84a344ed87 website/docs: fix swapped sidebar label (cherry-pick #21011 to version-2026.2) (#21012) 
website/docs: fix swapped sidebar label (#21011)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
 2026-03-19 13:19:16 +01:00