36c9929e1f
events: add option to send notifications to event user ( #15083 )
...
* events: add option to send notifications to event user
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-06-18 13:39:56 +02:00
f025d0d1d5
enterprise/search: ability to use more precise search queries ( #7698 )
...
* api: use DjangoQL for searches
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* expand search input and use textarea for multiline
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start implementing autocomplete
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only use ql for events
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make QL search opt in
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make pretend json relation work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix schema
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make autocomplete l1 work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* use forked js lib with types, separate QL
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* first attempt at making it fit our UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make dark theme somewhat work, fix search
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make more parts work
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make auto complete box be under cursor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: ripplefcl <github@ripple.contact >
* remove django autocomplete for now
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-add event filtering
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix search when no ql is enabled
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make meta+enter submit, fix colour
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make dark theme
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* formatting
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* enterprise
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Update authentik/enterprise/search/apps.py
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens L. <jens@beryju.org >
* add json element autocomplete
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: ripplefcl <github@ripple.contact >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix query
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix search reset
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix dark theme
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: ripplefcl <github@ripple.contact >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-06-18 12:23:00 +02:00
da6d4ede51
root: backport version bump 2025.6.2 ( #15078 )
...
release: 2025.6.2
2025-06-17 00:21:39 +02:00
260800c60b
blueprints: add section support for organisation ( #15045 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-06-15 20:49:21 +02:00
7aa6593760
blueprints: sort schema items ( #15022 )
2025-06-13 13:34:49 +00:00
c60a145f95
root: backport 2025.6.1 bump ( #14970 )
...
release: 2025.6.1
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-06-09 04:15:33 +02:00
7a8c2e7ad9
root: backport version bump 2025.6.0 ( #14904 )
...
* release: 2025.6.0-rc1
* release: 2025.6.0
2025-06-04 18:28:52 +02:00
59e686c8b9
sources/ldap: add user_membership_attribute ( #14784 )
2025-05-30 18:34:13 +02:00
c4bb19051d
sources/ldap: add forward deletion option ( #14718 )
...
* sources/ldap: add forward deletion option
* remove unnecessary `blank=True`
* clarify `validated_by` `help_text`
* add indices to `validated_by`
* factor out `get_identifier` everywhere and `get_attributes`
I don't know what that additional `in` check is for, but I'm not about
to find out.
* add tests for known good user and group
* fixup! add tests for known good user and group
* fixup! add tests for known good user and group
2025-05-28 13:22:59 +02:00
65517f3b7f
enterprise/stages: Add MTLS stage ( #14296 )
...
* prepare client auth with inbuilt server
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* introduce better IPC auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* init
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* only allow trusted proxies to set MTLS headers
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more stage progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont fail if ipc_key doesn't exist
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* actually install app
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update API
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix unquote
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix int serial number not jsonable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* init ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add UI
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* unrelated: fix git pull in makefile
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix parse helper
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add test for outpost
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more tests and improvements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* improve labels
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for multiple CAs on brand
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for multiple CAs to MTLS stage
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* dont log ipcuser secret views
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix go mod
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-05-19 22:48:17 +02:00
75a0ac9588
release: 2025.4.1 ( #14527 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
# Conflicts:
# package.json
2025-05-15 20:12:41 +02:00
e76d388ce4
release: 2025.4.0 ( #14299 )
...
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-04-30 13:15:38 +00:00
723dccdae3
enterprise/policies: Add Password Uniqueness History Policy ( #13453 )
...
Co-authored-by: David Gunter <david@davidgunter.ca >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-04-22 14:39:07 +02:00
5e6874cc1f
web: add remember me feature to IdentificationStage ( #10397 )
...
Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-04-17 10:37:49 +00:00
155a31fd70
sources/oauth: introduce authorization code auth method ( #14034 )
...
Co-authored-by: Rsgm <rsgm123@gmail.com >
2025-04-16 13:00:08 +00:00
03d5dad867
rbac: add InitialPermissions ( #13795 )
...
* add `InitialPermissions` model to RBAC
This is a powerful construct between Permission and Role to set initial
permissions for newly created objects.
* use safer `request.user`
* fixup! use safer `request.user`
* force all self-defined serializers to descend from our custom one
See https://github.com/goauthentik/authentik/pull/10139
* reorganize initial permission assignment
* fixup! reorganize initial permission assignment
2025-04-14 17:55:49 +02:00
7fd35b1dfc
sources/ldap: add source connections ( #13796 )
2025-04-11 12:07:18 +00:00
5d2685341d
sources/ldap: lookup group memberships from user attribute ( #12661 )
...
* sources/ldap: add support for group lookups from user
* sources/ldap: implement working membership lookups
* sources/ldap: add schema changes
* sources/ldap: add group membership toggle ui element
* sources/ldap: lint changed files
* website/docs: add note about lookups to AD docs
* Update website/docs/users-sources/sources/directory-sync/active-directory/index.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Amélie Krejčí <amelie@krejci.vip >
* website/docs: simplify wording of attribute documentation
Follows suggestions from @jorhett
* sources/ldap: add missing spaces in docstrings
Follows suggestions from @jorhett
* Add a test for memberof attribute
* sources/ldap: implement test
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* revert website changes in favor of #13966
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* update frontend help text
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
---------
Signed-off-by: Amélie Krejčí <amelie@krejci.vip >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Shawn Weeks <sweeks@weeksconsulting.us >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jo Rhett <geek@jorhett.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-04-10 14:37:38 +02:00
e4d2a53ccc
release: 2025.2.4 ( #13830 )
...
* release: 2025.2.4
* bump version in uv.lock
2025-04-08 19:16:00 +00:00
3ad7f4dc24
sources: move identifier to parent model ( #13797 )
...
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
2025-04-07 18:01:41 +02:00
46261a4f42
*/saml: allow for domainless SAML URLs ( #13737 )
2025-04-01 01:41:18 +02:00
bcfd6fefa7
release: 2025.2.3 ( #13705 )
...
* release: 2025.2.3
* fix uv lock not being bumped
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-28 17:08:57 +01:00
ce23209ae8
events: add configurable headers to webhooks ( #13602 )
...
* events: add configurable headers to webhooks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make it a full thing
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-21 19:37:15 +00:00
27856ec301
brands: add option to set global default flow background ( #13079 )
...
* brands: add option to set global default flow background
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-20 01:07:05 +00:00
f37e1ca642
brands: migrate custom CSS to brands ( #13172 )
...
* brands: migrate custom CSS to brands
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing default
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* simpler migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add css to brand form
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-19 22:52:38 +00:00
c93d85731c
providers/saml: configurable AuthnContextClassRef ( #13566 )
...
* providers/saml: make AuthnContextClassRef configurable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* providers/saml: fix incorrect AuthInstant
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-19 14:42:55 +00:00
2e3624ea82
release: 2025.2.2 ( #13554 )
2025-03-17 22:10:22 +01:00
c47fb2612a
providers/scim: add compatibility mode for AWS & Slack ( #13342 )
...
* providers/scim: override AWS patch support
AWS /ServiceProviderConfig query responds that it supports patch,
but they only support patching a single group property.
resolves #12321
* introduce compatibility mode for scim provider instead of hack
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
* add option for slack
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-03-12 16:56:30 +00:00
b0671e26c8
stages/email: token_expiry format ( #13394 )
...
* Change token_expiry type from integer to text in Email Stage to unify with timedelta_string_validator
* Add migration file for token_expiry format, change from number to text field in the UI
* Fix token_expiry new format in stage.py in Email Stage
* fix linting
* Update web/src/admin/stages/email/EmailStageForm.ts
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com >
* Use db_alias and using() for the queries
* Make valid_delta more readable
* use <ak-utils-time-delta-help> in the UI
* fix missing import
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-03-11 17:22:30 +01:00
cfe275a374
blueprints: Adjust title for MFA set up ( #13400 )
...
web/blueprints: Adjust copy.
2025-03-05 20:21:49 +01:00
b5a8957720
lib/sync/outgoing: add dry run ( #13244 )
...
* lib/sync/outgoing: add dry run
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add option to temporarily override dry run
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* web a
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* web b
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add some test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add more tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add dry run label
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add support for entra too
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add entra test and improve error handling
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-03-01 19:44:17 +00:00
989d39b154
release: 2025.2.1 ( #13278 )
2025-02-27 10:55:18 +00:00
2b39748c84
root: Backport version 2025.2 ( #13225 )
...
* release: 2025.2.0-rc1
* release: 2025.2.0-rc2
* release: 2025.2.0-rc3
* release: 2025.2.0
2025-02-24 18:35:13 +01:00
2128e7f45f
providers/rac: move to open source ( #13015 )
...
* move RAC to open source
* move web out of enterprise
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove enterprise license requirements from RAC
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-02-19 12:48:11 +01:00
ab8f5a2ac4
policies/geoip: distance + impossible travel ( #12541 )
...
* add history distance checks
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start impossible travel
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* optimise
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ui start
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix and add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix ui, fix missing api
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-17 18:47:25 +01:00
74e090239a
core: add additional RBAC permission to restrict setting the superuser status on groups ( #12900 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-17 16:57:21 +01:00
4ba360e7af
stages/authenticator_email: Email OTP ( #12630 )
...
* stages/authenticator_email: Add basic structure for stages/authenticator_email
* stages/authenticator_email: Add stages/authenticator_email django app to settings.py
* stages/authenticator_email: Fix imports due changes introduced in #12598
* stages/authenticator_email: fix linting
* stages/authenticator_email: Add tests for token verification
* Add UI structure for authenticator_email
* Add autheticator_email to AuthenticatorValidateStageForm.ts and create AuthenticatorEmailStageForm.ts
* Add serializer property to emaildevice
* Add DeviceClasses.EMAIL to DeviceClasses
* Add migration file for DeviceClasses change (added email)
* Add new schema.yml and blueprints/schema.json to refelct email authenticator
* Fix UI to show the Email Authenticator
* Add support for email templates for the email authenticator
* Add templates
* Add DeviceClasses.EMAIL option to authenticator_validate/stage.py
* Fix logic for sending emails in stage.py and use the proper class AuthenticatorEmailStage in tasks.py
* Fix token expiration display in the email templates
* Fix authenticator email stage set up
* Add template and email to api response for Authenticator Email stage
* Fix Authenticator Email stage set up form
* Use different flow if the user has an email configured or not for Authenticator Email stage UI
* Use the correct field for the token in AuthenticatorEmailStage.ts
* Fix linting and code style
* Use the correct assertions in tests
* Fix mask email helper
* Add missing cases for Email Authenticator in the UI
* Fix email sending, add _compose_email() method to EmailDevice
* Fix cosmetic changes
* Add support for email device challenge validation in validate_selected_challenge
* Fix tests
* Add from_address to email template
* Refactor tests
* Update API Schema
* Refactor AuthenticatorEmailStage UI for cleaner code
* Fix saving token_expiry in the stage configuration
* Remove debug statements
* Add email connection settings to the Email authenticator stage configuration UI
* Remove unused field activate_on_success from AuthenticatorEmailStage
* Add tests for duplicate email, token expiration and template error
* cosmetic/styling changes
* Use authentik's GroupMemberSerializer and ManagedAppConfig in api and apps for email authenticathor
* stages/authenticator_email: Fix typos, styling and unused fields
* stages/authenticator_email: remove unused field responseStatus
* stages/authenticator_email: regen migrations
* Fix linting issues
* Fix app label issue, typos, missing user field
* Add a trailing space in email_otp.txt RFC 3676 sec. 4.3
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com >
* Move mask_email method to a helper function in authentik.lib.utils.email
* Remove unused function
* Use authentik.stages.email.tasks instead of authentik.stages.authenticator_email.tasks, delete authentik.stages.authenticator_email.tasks
* Fix use global settings not using the global setting if there's a default
* Revert "Fix use global settings not using the global setting if there's a default"
This reverts commit 3825248bb4marce@melizeche.com >
* Change Email Authenticator Setup Stage name for consistency with other authenticators
* Add tests to test properties and methods of EmailDevice and AuthenticatorEmailStage, add test for email tasks
* Add tests for email challenge in authenticator_validate
* Update migration to reflect new verbose name for AuthenticatorEmailStage
* Update schema.yml to reflect new verbose name for AuthenticatorEmailStage
* Add default email subject in Email Authenticator Setup Stage configuration
* Remove from_address from email template to ensure global settings use if use global settings is on
* Add flow-default-authenticator-email-setup.yaml blueprint
* Move email authenticator blueprint to the examples folder
* Update authentik/stages/authenticator_email/models.py
Signed-off-by: Jens L. <jens@beryju.org >
* Change self.user_pk to self.user_id because user_pk doesn't exists here
* Remove unused logger import
* Remove more unused logger import
* Add error handling to authentik.lib.utils.email.mask_email
* fix linting
* don't catch Exception
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update icons
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Marcelo Elizeche Landó <marce@melizeche.com >
Signed-off-by: Jens L. <jens@beryju.org >
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space >
Co-authored-by: Jens L. <jens@beryju.org >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-02-17 15:16:58 +01:00
6549b303d5
enterprise/providers: SSF ( #12327 )
...
* init
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix some other stuff
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix missing format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make it work, send verification event
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more progress
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* save iss
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add signals for MFA devices
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor more
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-work auth
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add API to list ssf streams
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* start rbac
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add ssf icon
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix bugs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make events expire, rewrite sending logic
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add oidc token test
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add stream list
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add jwks tests and fixes
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update web ui
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix configuration endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* replace port number correctly
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* better log what went wrong
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* linter has opinions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix messages
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix set status
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* more debug logging
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix issuer here too
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove port :443...removal
apparently apple's HTTP logic is wrong and includes the port in the Host header even if the default port is used (80 or 443), which then fails as the URL doesn't exactly match what the admin configured...so instead of trying to add magic about this we'll add it in the docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix error when no request in context
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add signal for admin session revoke
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* set txn based on request id
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* validate method and endpoint url
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix request ID detection
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add timestamp
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* temp migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix signal
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add signal tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* the final commit
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ok actually the last commit
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2025-02-05 17:52:14 +01:00
8cad66536c
release: 2024.12.3 ( #12883 )
...
* release: 2024.12.3
* ci: fix permissions for release-publish pipeline
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* ci: fix missing dockerhub login
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2025-01-29 23:35:06 +01:00
6c0d462410
release: 2024.12.2 ( #12615 )
2025-01-09 20:38:27 +01:00
aa4f817856
admin: monitor worker version ( #12463 )
...
* root: include version in celery ping
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* check version in worker endpoint
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include worker version in prom metrics
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* format
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-23 22:13:38 +01:00
3eaaa35a4c
release: 2024.12.1 ( #12466 )
2024-12-23 20:51:05 +01:00
6b8782556c
blueprints: fix schema for meta models ( #12421 )
...
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-20 03:27:28 +01:00
3367ac0e08
root: backport version bump ( #12426 )
2024-12-19 21:27:13 +01:00
40a7135c0c
core: app entitlements ( #12090 )
...
* core: initial app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* base off of pbm
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests and oauth2
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add to proxy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rewrite to use bindings
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make policy bindings form and list more customizable
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* double fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refine permissions
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add missing rbac modal to app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* separate scope for app entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* include entitlements mapping in proxy
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add API validation to prevent policies from being bound to entitlements
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* make preview
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add initial docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* remove duplicate docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-18 14:32:44 +01:00
1a1d499833
sources/oauth: allow creation of user connection objects with parameters ( #12195 )
...
* sources/oauth: allow creation of user connection objects with parameters
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix web
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* tix tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add for all
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* align
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-18 13:28:22 +01:00
ff504a3b80
stages/redirect: create redirect stage ( #12275 )
...
* create redirect stage
* show "keep context" toggle in Flow mode only
* fix typos
* add docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
* simplify property pass
* simplify toggle
* remove `print` statements
whoops
* fix typo
* remove default from `RedirectStage.mode`
* remove migration
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* oops
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* adjust docs
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Co-authored-by: Jens Langhammer <jens@goauthentik.io >
2024-12-12 18:00:09 +01:00
deacc17832
sources/kerberos: add kadmin type setting, provide additional context to property mappings ( #12286 )
2024-12-12 13:25:43 +01:00
e5dd923333
release: 2024.10.5 ( #12319 )
...
* release: 2024.10.5
* manually bump aws version
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
2024-12-10 19:20:01 +01:00
19488b7b9e
providers/oauth2: Add provider federation between OAuth2 Providers ( #12083 )
...
* rename + add field
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* initial implementation
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* refactor
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* rework source cc tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* add tests
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* update docs
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* re-migrate
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* fix a
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
* Apply suggestions from code review
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
Signed-off-by: Jens L. <jens@beryju.org >
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io >
Signed-off-by: Jens L. <jens@beryju.org >
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com >
2024-12-03 11:57:10 +02:00
Jens L.
Simonyi Gergő
Marc 'risson' Schmitt
Marcelo Elizeche Landó
Ken Sternberg
Amélie Lilith Krejčí
Jo Rhett
Teffen Ellis
Marcelo Elizeche Landó